Presentation is loading. Please wait.

Presentation is loading. Please wait.

An Analysis of BGP Multiple Origin AS (MOAS) Conflicts

Published byAugusta Roberts Modified over 6 years ago

Similar presentations

Presentation on theme: "An Analysis of BGP Multiple Origin AS (MOAS) Conflicts"— Presentation transcript:

1 An Analysis of BGP Multiple Origin AS (MOAS) Conflicts
Xiaoliang Zhao, NCSU S. Felix Wu, UC Davis Allison Mankin, Dan Massey, USC/ISI Dan Pei, Lan Wang, Lixia Zhang, UCLA IMW2001, November 1, 2001 Report another observed issue in BGP operation. Team work, Xiaoliang & Dan here addresses and AS numbers used in this presentation for illustration purpose

2 Outline Introduction of BGP
Multiple Origin AS (MOAS) conflicts analysis Summary and recent work 2/22/2019 IMW San Francisco

3 Border Gateway Protocol 4 (BGP-4)
To exchange inter-domain routing information Defined in RFC 1771, deployed since 1995 to support CIDR Path Vector Routing Protocol Includes the path information to the destination Loop detection Eliminates count-to-infinity problem, but still converge slowly [Labovitz97] More flexibility for local policy design 2/22/2019 IMW San Francisco

4 BGP operational environment
Autonomous System (AS): a set of routers under a single technical administration e.g., AS4: ISI, AS3561: Cable & Wireless, etc. Each AS, the originator, advertises its own networks to its neighboring ASs, the neighboring ASs will propagate those advertisements to the rest of the Internet “I tell you, you tell your friends, and so on” A BGP route lists a prefix (destination) and the path of ASs to reach that prefix e.g., R=(p, <AS1, AS2, AS3>), and AS3 is the origin AS for the prefix p, AS2 provides the transit service for p. 2/22/2019 IMW San Francisco

5 BGP route updates and MOAS conflicts
/16 nets AS 4 AS 226 /16 Path: 226 /16 Path: 4 MOAS conflict ! AS4 announcement goes away from time to time AS X AS Z AS Y /16 Path: Z, 226 /16 Path: X, 4 2/22/2019 IMW San Francisco

6 Motivation It is recommended [RFC 1930] that each prefix should be originated by a single AS with a few possible exceptions However recommendation not followed in practice We want to answer the question that “what are the reasons for MOAS conflicts and what are the impacts?” Data talks... 2/22/2019 IMW San Francisco

7 Measurement Data Collection
Data collected from the Oregon Route Views Peers with >50 routers from >40 different ASes. Our analysis uses data [11/08/9707/18/01] (1279 days total) At a randomly selected moment, The Route Views server observed 1364 MOAS conflicts The views from 3 individual ISPs showed 30, 12 and 228 MOAS conflicts More than MOAS conflicts observed during this time period. 2/22/2019 IMW San Francisco

8 Example MOAS Data Conflict# prefix start date end date days origin ASs
/8 01/28/ /01/ 02/03/ /14/ 04/16/ /26/ 05/12/ /12/ total lifetime for conflict #7 = 85 days ... /16 09/25/ /09/ 12/01/ /04/ 02/06/ /26/ 04/28/ /04/ 08/07/ /01/ 09/03/ /13/ 11/15/ /21/ 11/23/ /30/ 12/02/ /12/ 12/14/ /26/ 12/28/ /15/ 07/17/ total lifetime for conflict #234 = 901 days (total MOAS conflicts) 2/22/2019 IMW San Francisco

9 MOAS Conflicts Do Exist
Max: 11842 (11357 from a single AS) Max: 10226 (9177 from a single AS) For 04/07/1998, there are MOAS conflicts out of prefixes announced by AS 8584 (90.19%) For 04/07/2001, there are 9177 MOAS conflicts outof 9180 prefixes announced by AS (99.97%) 2/22/2019 IMW San Francisco

10 Histogram of MOAS Conflict Lifetime
# of MOAS conflicts Total # of days a prefix experienced MOAS conflict 2/22/2019 IMW San Francisco

11 Distribution of MOAS Conflicts over Prefix Lengths
ratio of # MOAS entries over total routing entries for the same prefix length 2/22/2019 IMW San Francisco

12 Classification of MOAS conflicts
PSI.net event Classified into three categories: OrginTranAS: xn=yj (j<m) SplitView: xi=yj (i<n, j<m) DistinctPaths: xiyj (1 i  n, 1 j  m) Given a MOAS conflict for prefix p and two associated AS paths: asp1=(x1,x2,…xn) and asp2=(y1,y2,…ym) 2/22/2019 IMW San Francisco

13 Valid Causes of MOAS Conflicts (1)
Exchange point addresses E.g.: /24 was originated by ASes 2914, 3561, 4006, 6079, 6453, 6461 and 7018. Few instances: 30 out of are identified as EP addresses Lifetime: 1226 days out of 1279 days for /24 AS sets typically only 12 prefixes out of 100K prefixes end with AS sets, and these AS sets were consistent with others Anycast addresses 2/22/2019 IMW San Francisco

14 Valid Causes of MOAS Conflicts (2)
Multi-homing without BGP Private AS number Substitution 128.9/16 Path: 226 128.9/16 Path: 11422,4 /16 Path: X /16 Path:Y AS 226 AS Y AS X AS 11422 /16 Path: 64512 Static route or IGP route 128.9/16 Path: 4 AS 64512 AS 4 128.9/16 /16 2/22/2019 IMW San Francisco

15 Invalid Causes of MOAS Conflicts
Operational faults led to large spikes of MOAS conflicts 04/07/1998: one AS originated prefixes, out of which were MOAS conflicts 04/10/2001: another AS originated 9180 prefixes, out of which 9177 were MOAS conflicts There are many smaller scale examples of falsely originated routes Errors Intentional traffic hijacking 2/22/2019 IMW San Francisco

16 For more info about FNIISC project:
Summary MOAS conflicts exist today Some due to operational need; some due to faults Blind acceptance of MOAS could be dangerous An open door for traffic hijacking A solution for determining MOAS validity is under development For more info about FNIISC project: 2/22/2019 IMW San Francisco

17 Recent Work: MOAS Solutions
Proposal 1: using BGP community attribute Proposal 2: DNS-based solution Solutions presented to NANOG 23 2/22/2019 IMW San Francisco

18 BGP-Based Solution Define a new community attribute
Listing all the ASes allowed to originate a prefix Attach this MOAS community-attribute to BGP route announcement Enable BGP routers to detect faults and attacks At least in most cases, we hope! 2/22/2019 IMW San Francisco

19 Comm. Attribute Implementation Example
18/8, PATH<58>, MOAS{58,59} 18/8, PATH<59>, MOAS{58,59} AS58 /8 AS52 18/8, PATH<4>, MOAS{4,58,59} 18/8, PATH<52>, MOAS{52, 58} AS59 Example configuration: router bgp 59 neighbor remote-as 52 neighbor send-community neighbor route-map setcommunity out route-map setcommunity match ip address /8 set community 59:MOAS 58:MOAS additive 2/22/2019 IMW San Francisco

20 Another Proposal: DNS-based Solution
Put the MOAS list in a new DNS Resource Record ftp://psg.com/pub/dnsind/draft-bates-bgp4-nlri-orig-verif-00.txt by Bates, Li, Rekhter, Bush, 1998 MOAS detected for 18/8, query DNS to verify Enhanced DNS service Query 18.bgp.in-addr.arpa: origin AS? Response 18.bgp.in-addr.arpa AS AS 59 8 $ORIGIN 18.bpg.in-addr.arpa. ... AS AS Example configuration (zone file for 18.bgp.in-addr.arpa): 2/22/2019 IMW San Francisco

Download ppt "An Analysis of BGP Multiple Origin AS (MOAS) Conflicts"

Similar presentations

CS 672 1 Summer 2003 CS672: MPLS Architecture, Applications and Fault-Tolerance.

CS Summer 2003 CS672: MPLS Architecture, Applications and Fault-Tolerance.
Border Gateway Protocol Ankit Agarwal Dashang Trivedi Kirti Tiwari.

Border Gateway Protocol Ankit Agarwal Dashang Trivedi Kirti Tiwari.
BGP Multiple Origin AS (MOAS) Conflict Analysis Xiaoliang Zhao, NCSU S. Felix Wu, UC Davis Allison Mankin, Dan Massey, USC/ISI Dan Pei, Lan Wang, Lixia.

BGP Multiple Origin AS (MOAS) Conflict Analysis Xiaoliang Zhao, NCSU S. Felix Wu, UC Davis Allison Mankin, Dan Massey, USC/ISI Dan Pei, Lan Wang, Lixia.
© J. Liebeherr, All rights reserved 1 Border Gateway Protocol This lecture is largely based on a BGP tutorial by T. Griffin from AT&T Research.

© J. Liebeherr, All rights reserved 1 Border Gateway Protocol This lecture is largely based on a BGP tutorial by T. Griffin from AT&T Research.
Dongkee LEE 1 An Analysis of BGP Multiple Origin AS (MOAS) Conflicts Xiaoliang Zhao, et al.

Dongkee LEE 1 An Analysis of BGP Multiple Origin AS (MOAS) Conflicts Xiaoliang Zhao, et al.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
Improving BGP Convergence Through Consistency Assertions Dan Pei, Lan Wang, Lixia Zhang UCLA Xiaoliang Zhao, Daniel Massey, Allison Mankin, USC/ISI S.

Improving BGP Convergence Through Consistency Assertions Dan Pei, Lan Wang, Lixia Zhang UCLA Xiaoliang Zhao, Daniel Massey, Allison Mankin, USC/ISI S.
10/21/2003DSOM'2003, Heidelberg, Germany1 Visual-based Anomaly Detection for BGP Origin AS Change (OASC) Soon-Tee Teoh 1, Kwan-Liu Ma 1, S. Felix Wu 1,

10/21/2003DSOM'2003, Heidelberg, Germany1 Visual-based Anomaly Detection for BGP Origin AS Change (OASC) Soon-Tee Teoh 1, Kwan-Liu Ma 1, S. Felix Wu 1,
10/17/2002RAID 2002, Zurich1 ELISHA: A Visual-Based Anomaly Detection System Soon-Tee Teoh, Kwan-Liu Ma S. Felix Wu University of California, Davis Dan.

10/17/2002RAID 2002, Zurich1 ELISHA: A Visual-Based Anomaly Detection System Soon-Tee Teoh, Kwan-Liu Ma S. Felix Wu University of California, Davis Dan.
Protecting the BGP Routes to Top Level DNS Servers NANOG-25, June 11, 2002 UCLA Lan Wang Dan Pei Lixia Zhang USC/ISI Xiaoliang Zhao Dan Massey Allison.

Protecting the BGP Routes to Top Level DNS Servers NANOG-25, June 11, 2002 UCLA Lan Wang Dan Pei Lixia Zhang USC/ISI Xiaoliang Zhao Dan Massey Allison.
02/06/2006ecs236 winter 20061 Intrusion Detection ecs236 Winter 2006: Intrusion Detection #4: Anomaly Detection for Internet Routing Dr. S. Felix Wu Computer.

02/06/2006ecs236 winter Intrusion Detection ecs236 Winter 2006: Intrusion Detection #4: Anomaly Detection for Internet Routing Dr. S. Felix Wu Computer.
March 22, 2002 Simple Protocols, Complex Behavior (Simple Components, Complex Systems) Lixia Zhang UCLA Computer Science Department.

March 22, 2002 Simple Protocols, Complex Behavior (Simple Components, Complex Systems) Lixia Zhang UCLA Computer Science Department.
04/05/20011 ecs298k: Routing in General... lecture #2 Dr. S. Felix Wu Computer Science Department University of California, Davis

04/05/20011 ecs298k: Routing in General... lecture #2 Dr. S. Felix Wu Computer Science Department University of California, Davis
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network Considering the Advantages of Using BGP.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network Considering the Advantages of Using BGP.
Lecture Week 3 Introduction to Dynamic Routing Protocol Routing Protocols and Concepts.

Lecture Week 3 Introduction to Dynamic Routing Protocol Routing Protocols and Concepts.
Fundamentals of Networking Discovery 2, Chapter 6 Routing.

Fundamentals of Networking Discovery 2, Chapter 6 Routing.
Computer Networks Layering and Routing Dina Katabi

Computer Networks Layering and Routing Dina Katabi
1 Chapter 27 Internetwork Routing (Static and automatic routing; route propagation; BGP, RIP, OSPF; multicast routing)

1 Chapter 27 Internetwork Routing (Static and automatic routing; route propagation; BGP, RIP, OSPF; multicast routing)
1 Computer Communication & Networks Lecture 22 Network Layer: Delivery, Forwarding, Routing (contd.)

1 Computer Communication & Networks Lecture 22 Network Layer: Delivery, Forwarding, Routing (contd.)

Similar presentations

Ads by Google