Presentation is loading. Please wait.

Presentation is loading. Please wait.

Improvement of Consistency among AS Policies on IRR Database

Published byErika Houston Modified over 5 years ago

Similar presentations

Presentation on theme: "Improvement of Consistency among AS Policies on IRR Database"— Presentation transcript:

1 Improvement of Consistency among AS Policies on IRR Database
Masasi Eto, Youki Kadobayashi, Suguru Yamaguchi Graduate School of Information Science Nara Institute of Science and Technology (NAIST) Japan

2 BGP is crucial to reliability of the Internet
Autonomous System (AS) Border Gateway Protocol (BGP) faults in BGP disrupt large regions of the Internet e.g. AS7007 (April, 1997) AS3561 (April, 2001) 2019/7/14 IPLab NAIST, Japan

3 Internet Routing Registry (IRR)
Global Internet resource database storing routing policy e.g. Route Object, Aut-num Object, Maintainer Object, etc.. Routing policies are written in “Routing Policy Specification Language (RPSL)” generate router configuration with “RtConfig” IRR Register Policy RtConfig AS 1 AS 2 2019/7/14 IPLab NAIST, Japan

4 Problem of IRR Usage IRR isn’t spreading due to lack of consistency.
inconsistency we defined is inconsistency between the peering contract and its RPSL description given to IRR (mistakes on interpretations) as a result When we generate the router configurations from IRR database, the connectivity between peering ASes will be lost. → to find out the inconsistency systematically, we check Inconsistency in routing information imported from other peers Inconsistency in routing information exported to its own peers 2019/7/14 IPLab NAIST, Japan

5 Inconsistency in routing information import
AS 3 import AS 2 AS 3 AS 4 AS 5 export AS 2 AS 3 AS 4 IX 3 AS 1 AS 2 AS 4 AS 5 2019/7/14 IPLab NAIST, Japan

6 Inconsistency in routing information export
AS 3 import AS 2 AS 3 AS 4 export AS 2 AS 3 AS 4 AS 5 IX 3 AS 1 AS 2 AS 4 AS 5 2019/7/14 IPLab NAIST, Japan

7 Our Approach We have examined how many inconsistencies exist on whole IRR databases in the world. We propose a system to prevent increase of inconsistency. Policy Check Server We evaluate this system. 2019/7/14 IPLab NAIST, Japan

8 Policy Check Server DBGenerator Database Checker Policy Checker
constructs a common database called “Unified IRR Database” which includes whole IRR databases in the world. Database Checker inspects how many inconsistencies exist on Unified IRR database. Policy Checker inspects whether the policy which the operator of AS is about to register is consistent with the policies of peering Ases. 2019/7/14 IPLab NAIST, Japan

9 Implementation - Environment
OS Vine Linux 2.5 DBMS PostgreSQL 7.2 Programming Language Java IDE J2SDK 1.4.1 WWW Server Apache Web Application Server Tomcat 2019/7/14 IPLab NAIST, Japan

10 Database Checker Database Checker investigates consistency of AS policies in the Unified IRR database. Then output the results as a log file. DBGenerator IRR IRR IRR Unified DB Database Checker log 2019/7/14 IPLab NAIST, Japan

11 Algorithm of inspection (1)
1. Specify peering AS extract import, export sentences from input AS object ; if (the peering AS (or AS-SET) exists on database) { create Autnum object as a peering AS ; } else { inconsistency ; } 2019/7/14 IPLab NAIST, Japan

12 Algorithm of inspection (2)
2. inspection of import sentence for (number of import sentence, repeat following processes) { for (number of export sentence, repeat following processes) { If (the export sentence specify input AS as a peer) { if (the sentence doesn’t export required routes) { inconsistency ; } } else { 3. inspection of export sentence: same as import sentence 2019/7/14 IPLab NAIST, Japan

13 Class Object Diagram Database Checker main( ) importCheck( )
exportCheck( ) Autnum Autnum Autnum Autnum log Inconsistency 2019/7/14 IPLab NAIST, Japan

14 Database (PostgreSQL)
Policy Checker Web Browser Tomcat Apache Policy Checker mod_jk Policy Check Server Database Checker Database (PostgreSQL) 2019/7/14 IPLab NAIST, Japan

15 Example - query 2019/7/14 IPLab NAIST, Japan

16 Example - result 2019/7/14 IPLab NAIST, Japan

17 Consistency Chain ○ ○ × × ○
import export export AS 3 × × AS 2 AS 2 AS 3 ------ AS 3 AS 1 AS 2 AS 3 By correcting the inconsistencies between peering ASes, it is possible to exchange route information between ASes that are not directly peering. → improve consistency of the whole IRR databases 2019/7/14 IPLab NAIST, Japan

18 Analysis of inspection result
55.8% of AS has at least one inconsistency 2019/7/14 IPLab NAIST, Japan

19 Specification of the inconsistency
2019/7/14 IPLab NAIST, Japan

20 Detail of inconsistencies
Classification Number Rate 1 Peering AS-SET doesn’t exist on IRR database 482 0.2 % 2 Peering AS doesn’t exist on IRR database 7,971 4.0 % 3 Peering AS doesn’t exist export any routes to the AS 36,333 18.6 % 4 Peering AS doesn’t import any routes from the AS 34,710 17.8 % 5 Peering AS doesn’t export route which the AS imports 11,436 5.8 % 6 Peering AS doesn’t import route which the AS exports 17,753 9.1 % Total 108,685 55.8 % Rate of each inconsistencies in all 194,820 import and export sentences 2019/7/14 IPLab NAIST, Japan

21 Operations JPNIC IRR (JPIRR) JPNIC IRR planning team Operating IRRd
We intend to apply Policy Check Server to JPIRR maintained by JPNIC and provide a service to inspect consistency. 2019/7/14 IPLab NAIST, Japan

22 Conclusion Policy Check Server Analysis of inspection result
Classification of the inconsistency proposed a system to investigate consistency proposed a system to prevent increasing inconsistency Analysis of inspection result 55.8% of AS has at least one inconsistency Future work Operation on IRR server 2019/7/14 IPLab NAIST, Japan

23 Question? in slow and easy English please .. 2019/7/14
IPLab NAIST, Japan

24 2019/7/14 IPLab NAIST, Japan

25 Classification of Inconsistencies
Inconsistencies in routing information import Peering AS-SET doesn’t exist on IRR database Peering AS doesn’t exist on IRR database Peering AS doesn’t export any routes to the AS Peering AS doesn’t export route which the AS imports Inconsistencies in routing information export Peering AS doesn’t import any routes from the AS Peering AS doesn’t import route which the AS exports 2019/7/14 IPLab NAIST, Japan

Download ppt "Improvement of Consistency among AS Policies on IRR Database"

Similar presentations

Copyright (c) 2002 Japan Network Information Center Introduction of JPNICs New Registry System Izumi Okutani IP Address Section Japan Network Information.

Copyright (c) 2002 Japan Network Information Center Introduction of JPNICs New Registry System Izumi Okutani IP Address Section Japan Network Information.
APNIC Internet Routing Registry Routing SIG APNIC-15, Taipei 26 February 2003.

APNIC Internet Routing Registry Routing SIG APNIC-15, Taipei 26 February 2003.
Technical Aspects of Peering Session 4. Overview Peering checklist/requirements Peering step by step Peering arrangements and options Exercises.

Technical Aspects of Peering Session 4. Overview Peering checklist/requirements Peering step by step Peering arrangements and options Exercises.
Proposal of Policy for Mirroring on IRR 2003/08/21 APNIC Junichi Matsumoto Japan Telecom Co., Ltd. JPNIC IRR-Planning Team.

Proposal of Policy for Mirroring on IRR 2003/08/21 APNIC Junichi Matsumoto Japan Telecom Co., Ltd. JPNIC IRR-Planning Team.
APNIC Internet Routing Registry An introduction to the IRR TWNIC Meeting, 3 December 2003 Nurani Nimpuno, APNIC.

APNIC Internet Routing Registry An introduction to the IRR TWNIC Meeting, 3 December 2003 Nurani Nimpuno, APNIC.
Bgpmon real-time collection and distribution of BGP updates Dave Matthews, Yan Chen, Dan Massey Department of Computer Science Colorado State University.

Bgpmon real-time collection and distribution of BGP updates Dave Matthews, Yan Chen, Dan Massey Department of Computer Science Colorado State University.
Andrei Robachevsky, Shane Kerr. APNIC/APRICOT2001, February 2001, Kuala Lumpur, Malaysia. 1 Routing Registry Consistency Check Presented.

Andrei Robachevsky, Shane Kerr. APNIC/APRICOT2001, February 2001, Kuala Lumpur, Malaysia. 1 Routing Registry Consistency Check Presented.
Router Configuration Management Tools

Router Configuration Management Tools
Network Abuse Handling in CNNIC and JPNIC Terence Zhang, CNNIC Izumi Okutani, JPNIC.

Network Abuse Handling in CNNIC and JPNIC Terence Zhang, CNNIC Izumi Okutani, JPNIC.
Scaling IXPs Scalable Infrastructure Workshop. Objectives  To explain scaling options within the IXP  To introduce the Internet Routing Registry at.

Scaling IXPs Scalable Infrastructure Workshop. Objectives  To explain scaling options within the IXP  To introduce the Internet Routing Registry at.
Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan.

Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan.
Users’ Authentication in the VRVS System David Collados California Institute of Technology November 20th, 2003TERENA - Authentication & Authorization.

Users’ Authentication in the VRVS System David Collados California Institute of Technology November 20th, 2003TERENA - Authentication & Authorization.
Avalanche Internet Data Management System. Presentation plan 1. The problem to be solved 2. Description of the software needed 3. The solution 4. Avalanche.

Avalanche Internet Data Management System. Presentation plan 1. The problem to be solved 2. Description of the software needed 3. The solution 4. Avalanche.
TriUlti Senior Project iFlowEdit HTML5 Canvas Workflow Diagram Editor Sponsored By iNNOVA IT Solution Inc.

TriUlti Senior Project iFlowEdit HTML5 Canvas Workflow Diagram Editor Sponsored By iNNOVA IT Solution Inc.
26 June 2008 DG REGIO Evaluation Network Meeting Ex-post Evaluation of Cohesion Policy Programmes 2000-2006 co-financed by the European Fund for Regional.

26 June 2008 DG REGIO Evaluation Network Meeting Ex-post Evaluation of Cohesion Policy Programmes co-financed by the European Fund for Regional.
APNIC Internet Routing Registry An introduction to the IRR TWNIC Meeting, 3 December 2003 Nurani Nimpuno, APNIC.

APNIC Internet Routing Registry An introduction to the IRR TWNIC Meeting, 3 December 2003 Nurani Nimpuno, APNIC.
MobileMAN Internal meetingHelsinki, June 8 th 2004 NETikos activity in MobileMAN project Veronica Vanni NETikos S.p.A.

MobileMAN Internal meetingHelsinki, June 8 th 2004 NETikos activity in MobileMAN project Veronica Vanni NETikos S.p.A.
A ISP free video conferencing application for mobile devices using wireless and VoIP Technology.

A ISP free video conferencing application for mobile devices using wireless and VoIP Technology.
By: Pramod Jagtap Aniket Bochare. Agenda Introduction to dataset Web service description Service architecture Project plan Intended clients.

By: Pramod Jagtap Aniket Bochare. Agenda Introduction to dataset Web service description Service architecture Project plan Intended clients.
ABSTRACT The JDBC (Java Database Connectivity) API is the industry standard for database- independent connectivity between the Java programming language.

ABSTRACT The JDBC (Java Database Connectivity) API is the industry standard for database- independent connectivity between the Java programming language.

Similar presentations

Ads by Google