Presentation is loading. Please wait.

Presentation is loading. Please wait.

Measuring the Internet: Featuring Traceroute Based on slides by Yihua He (PhD UCR 2007) Yihua He (PhD UCR 2007)

PublishBrianna Heath Modified over 9 years ago

Similar presentations

Presentation on theme: "Measuring the Internet: Featuring Traceroute Based on slides by Yihua He (PhD UCR 2007) Yihua He (PhD UCR 2007)"— Presentation transcript:

1 Measuring the Internet: Featuring Traceroute Based on slides by Yihua He (PhD UCR 2007) Yihua He (PhD UCR 2007)

2 Roadmap Internet route: router and AS level Internet route: router and AS level Review of how traceroute works Review of how traceroute works Possible ways to do IP->AS Possible ways to do IP->AS Hands-on experience with BGP tables Hands-on experience with BGP tables What can traceroute tell us besides reachability? What can traceroute tell us besides reachability? Internet routes are not symmetric Internet routes are not symmetric

3 AS A AS B AS C AS D Autonomous System (AS) Autonomous System Forwarding Path Example: Pinpoint forwarding loop & responsible AS IP traffic Internet source destination

4 Border Gateway Protocol (BGP) BGP path may differ from forwarding AS path Routing loops and deflectionsRouting loops and deflections Route aggregation and filteringRoute aggregation and filtering BGP misconfigurationBGP misconfiguration AS A AS B AS C prefix d Signaling path: control traffic d: path=[C] Forwarding path: data traffic d: path=[BC] Origin AS d: path=[B C] d: path=[A B C]

5 5 Measurements in the Internet Difficulties in measuring Difficulties in measuring Measuring tools (traceroute) Measuring tools (traceroute) Misc issues Misc issues

6 6 Measuring and Modeling Is not Easy Constantly changing environment Constantly changing environment How much data is enough How much data is enough Recently: we need to measure more than 24h!Recently: we need to measure more than 24h! How frequently should I be measuring? How frequently should I be measuring? Are the measurements representative? Are the measurements representative?

7 7 Operation versus Measurements Operators do not care about Operators do not care about MeasurementsMeasurements Academic ResearchAcademic Research Why? Why? Takes away resourcesTakes away resources Can create problemsCan create problems Complicates their livesComplicates their lives Luckily, there are measurement centers Luckily, there are measurement centers CAIDA, NLANR, routeviews, RIPECAIDA, NLANR, routeviews, RIPE

8 8 Types of Measurement Tools Application level: Application level: Install application agents at two measuring entriesInstall application agents at two measuring entries More control over processMore control over process Network level: Network level: Use the Internet control functionality (ICMP)Use the Internet control functionality (ICMP) Trick the network to provide informationTrick the network to provide information

9 9 Ping: the tool Uses ICMP ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway Uses ICMP ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway Reports Reports Round trip timeRound trip time Packets lossPackets loss Many available options: packet type, size etc Many available options: packet type, size etc Limitation: >1sec measurement frequency Limitation: >1sec measurement frequency Read manual: man ping Read manual: man ping

10 Traceroute: the tool Traceroute measures Traceroute measures the path and the round trip timethe path and the round trip time Traceroute: ingenious (ab)use of the network layer by Van Jacobson Traceroute: ingenious (ab)use of the network layer by Van Jacobson Main ideas: Main ideas: send “bad” packets to receive ICMP: “packet died”send “bad” packets to receive ICMP: “packet died” Recursive probing to identify the pathRecursive probing to identify the path Send three packets at a timeSend three packets at a time Read manual: man traceroute Read manual: man traceroute 10

11 11 The ingenuity of traceroute Send a packet for every hop of the path Send a packet for every hop of the path Set TTL = 1, packet expires, ICMP returns Set TTL = 1, packet expires, ICMP returns Increase TTL by one, and repeat Increase TTL by one, and repeat At the destination, port number is wrong: return an ICMP packet, port not found At the destination, port number is wrong: return an ICMP packet, port not found source destination TTL=1 Time exceeded TTL=2 Send packets with TTL=1, 2, 3, … and record source of “time exceeded” message

12 12 Traceroute: Some Limitations In traceroute, you may be exploring multiple paths without knowing it In traceroute, you may be exploring multiple paths without knowing it Delays for each part of the path correspond to different measurements: ie they don’t sum up Delays for each part of the path correspond to different measurements: ie they don’t sum up

13 13 Identifying The Router Topology Several efforts rely on traceroute Several efforts rely on traceroute Govindan et al INFOCOM 2000Govindan et al INFOCOM 2000 Cheswick and Burch Internet Mapping ProjectCheswick and Burch Internet Mapping Project The Dimes projectThe Dimes project Main idea: Main idea: Do thousands of traceroutesDo thousands of traceroutes Collect all adjacent nodesCollect all adjacent nodes Generate a graphGenerate a graph

14 14 Router Graphs: A Complication Routers have multiple IP addresses Routers have multiple IP addresses One for each interfaceOne for each interface How do we resolve this? How do we resolve this? Only heuristics exist [Govindan] Only heuristics exist [Govindan] Heuristic: Send packets to one interface and hope that they will respond with the other interface Heuristic: Send packets to one interface and hope that they will respond with the other interface Typically, router responds with IP of interface the packet came onTypically, router responds with IP of interface the packet came on

15 Traceroute options -a Turn on AS# lookups for each hop encountered. -a Turn on AS# lookups for each hop encountered. -m max_ttl Set the max time-to-live (max number of hops) -m max_ttl Set the max time-to-live (max number of hops) -p port Protocol specific. For UDP and TCP, sets the base port number used in probes (default is 33434). -p port Protocol specific. For UDP and TCP, sets the base port number used in probes (default is 33434). -S Print a % of probes not answered for each hop. -S Print a % of probes not answered for each hop.

16 Traceroute gives IP-level forwarding path 1 169.229.62.1 2 169.229.59.225 3 128.32.255.169 4 128.32.0.249 5 128.32.0.66 6 209.247.159.109 7 * 8 64.159.1.46 9 209.247.9.170 10 66.185.138.33 11 * 12 66.185.136.17 13 64.236.16.52 Traceroute output: (hop number, IP address, DNS name) Traceroute from Berkeley to www.cnn.com (64.236.16.52) inr-daedalus-0.CS.Berkeley.EDU soda-cr-1-1-soda-br-6-2 vlan242.inr-202-doecev.Berkeley.EDU gigE6-0-0.inr-666-doecev.Berkeley.EDU qsv-juniper--ucb-gw.calren2.net POS1-0.hsipaccess1.SanJose1.Level3.net ? pos8-0.hsa2.Atlanta2.Level3.net pop2-atm-P0-2.atdn.net ? pop1-atl-P4-0.atdn.net www4.cnn.com

17 Map Traceroute Hops to ASes 1 169.229.62.1 2 169.229.59.225 3 128.32.255.169 4 128.32.0.249 5 128.32.0.66 6 209.247.159.109 7 * 8 64.159.1.46 9 209.247.9.170 10 66.185.138.33 11 * 12 66.185.136.17 13 64.236.16.52 Traceroute output: (hop number, IP) AS25 AS11423 AS3356 AS1668 AS5662 Berkeley CNN Calren Level3 AOL Need accurate IP-to-AS mappings (for network equipment).

18 Possible Ways to Get IP-to-AS Mapping(1) DNS names: DNS names: Inaccurate, and in a lot of times, Wrong!Inaccurate, and in a lot of times, Wrong! Anyone, with $5/year, can register a www.whateveryoulike.com and point it to any IP address! Anyone, with $5/year, can register a www.whateveryoulike.com and point it to any IP address! www.whateveryoulike.com Some of the IPs do not have any DNS name.Some of the IPs do not have any DNS name. Routing address registry (WHOIS) Routing address registry (WHOIS) That’s what you did in Lab1That’s what you did in Lab1 More accurate. However…More accurate. However… Voluntary public registry such as whois.radb.netVoluntary public registry such as whois.radb.net Prone to human input errorsProne to human input errors Incomplete and maybe out-of-dateIncomplete and maybe out-of-date Mergers, acquisitions, delegation to customers Mergers, acquisitions, delegation to customers

19 Possible Ways to Get IP-to-AS Mapping (2) Origin AS in BGP paths Origin AS in BGP paths Prefix=198.133.206.0/24, ASpath=[1239 2914 3130]Prefix=198.133.206.0/24, ASpath=[1239 2914 3130] Public BGP routing tables such as RouteViewsPublic BGP routing tables such as RouteViewsRouteViews Almost real time and avoiding most human input errorsAlmost real time and avoiding most human input errors It’s approximately 98% accurate,It’s approximately 98% accurate, Multiple Origin ASes (MOAS) Multiple Origin ASes (MOAS) due to merge in a lot of casesdue to merge in a lot of cases E.g., around 2002-2003, 148.231.0.0/16 had two ASes announced its address block: AS5677 and AS7132. That was PacBell and SBCE.g., around 2002-2003, 148.231.0.0/16 had two ASes announced its address block: AS5677 and AS7132. That was PacBell and SBC Now AS5677 does not exist anymoreNow AS5677 does not exist anymore No mapping No mapping Some ASes intentionally do not want to advertise the route/IPsSome ASes intentionally do not want to advertise the route/IPs Incomplete viewIncomplete view

20 Hands-on Experience with BGP Routing Tables Telnet://route-views.routeviews.org Telnet://route-views.routeviews.org Telnet://route-views.routeviews.org Show ip bgp summaryShow ip bgp summary Whose BGP feeds do the router take? Whose BGP feeds do the router take? Show ip bgpShow ip bgp Prefix Prefix Origin AS Origin AS AS Path AS Path Collected at http://archive.routeviews.org/ Collected at http://archive.routeviews.org/http://archive.routeviews.org/ Other BGP table collections are: Other BGP table collections are: http://www.ripe.net/projects/ris/rawdata.htmlhttp://www.ripe.net/projects/ris/rawdata.htmlhttp://www.ripe.net/projects/ris/rawdata.html http://www.cs.ucr.edu/bgp/http://www.cs.ucr.edu/bgp/http://www.cs.ucr.edu/bgp/

21 What can traceroute tell us? Where are those routers? Where are those routers? from DNSfrom DNS City name City name Airport name Airport name From roundtrip timeFrom roundtrip time Light travels approximately 2*10^8 meters/sec in fiber cables Light travels approximately 2*10^8 meters/sec in fiber cables When non-congested, the major delay is propagation delay When non-congested, the major delay is propagation delay If you see a host with roundtrip time of 10ms, you know it must be within 600 miles radius. If you see a host with roundtrip time of 10ms, you know it must be within 600 miles radius. Theoretically, with multiple vantage point, you can pinpoint where the routers are. Theoretically, with multiple vantage point, you can pinpoint where the routers are.

22 Internet routes are not symmetric! Try traceroute from both ends Try traceroute from both ends And we’ll find most routes are not symmetric! And we’ll find most routes are not symmetric! Why? Why? Hot potato routing --- try to use other guys’ network as much as possibleHot potato routing --- try to use other guys’ network as much as possible Policy routing --- when multihomedPolicy routing --- when multihomed

23 Traceroute from other places http://www.traceroute.org http://www.traceroute.org http://www.traceroute.org Remote traceroute serversRemote traceroute servers Hundreds of themHundreds of them Limited probe rateLimited probe rate Not always availableNot always available http://www.caida.org/tools/measurement/ skitter/ http://www.caida.org/tools/measurement/ skitter/ http://www.caida.org/tools/measurement/ skitter/ http://www.caida.org/tools/measurement/ skitter/ Dedicated remote traceroute monitorsDedicated remote traceroute monitors Almost unlimited probe rateAlmost unlimited probe rate Only a couple of dozens of themOnly a couple of dozens of them

24 Any questions?

Download ppt "Measuring the Internet: Featuring Traceroute Based on slides by Yihua He (PhD UCR 2007) Yihua He (PhD UCR 2007)"

Similar presentations

Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)

Precept 3 Host Configuration 1 Peng Sun. What TCP conn. running? Commands netstat [-n] [-p] [-c] (Linux) lsof -i -P (Mac) ss (newer version of netstat)
Advanced Networks 2002 1 Proposals Overall: decent Not enough motivation/background Not enough motivation/background All related papersAll related papers.

Advanced Networks Proposals Overall: decent Not enough motivation/background Not enough motivation/background All related papersAll related papers.
Lecture 9 Overview. Hierarchical Routing scale – with 200 million destinations – can’t store all dests in routing tables! – routing table exchange would.

Lecture 9 Overview. Hierarchical Routing scale – with 200 million destinations – can’t store all dests in routing tables! – routing table exchange would.
CSCI 4550/8556 Computer Networks Comer, Chapter 23: An Error Reporting Mechanism (ICMP)

CSCI 4550/8556 Computer Networks Comer, Chapter 23: An Error Reporting Mechanism (ICMP)
Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 22 Omar Meqdadi Department of Computer Science and Software Engineering University.

Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 22 Omar Meqdadi Department of Computer Science and Software Engineering University.
Network Diagnostic and Discovery with Traceroute Prepared and presented by PhD candidate,Yihua He.

Network Diagnostic and Discovery with Traceroute Prepared and presented by PhD candidate,Yihua He.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.

By Hitesh Ballani, Paul Francis, Xinyang Zhang Slides by Benson Luk for CS 217B.
Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What’s inside a router 4.4 IP: Internet Protocol –Datagram format.

Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What’s inside a router 4.4 IP: Internet Protocol –Datagram format.
Internet Control Message Protocol (ICMP)

Internet Control Message Protocol (ICMP)
1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.

1 A survey of Internet Topology Discovery. 2 Outline Motivations Internet topology IP Interface Level Router Level AS Level PoP Level.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
Measuring the Autonomous System Path Through the Internet Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ

Measuring the Autonomous System Path Through the Internet Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ
CSCI 4550/8556 Computer Networks Comer, Chapter 20: IP Datagrams and Datagram Forwarding.

CSCI 4550/8556 Computer Networks Comer, Chapter 20: IP Datagrams and Datagram Forwarding.
Internet Routing (COS 598A) Today: Root-Cause Analysis Jennifer Rexford Tuesdays/Thursdays 11:00am-12:20pm.

Internet Routing (COS 598A) Today: Root-Cause Analysis Jennifer Rexford Tuesdays/Thursdays 11:00am-12:20pm.
Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932

Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932
Heuristics for Internet Map Discovery R. Govindan, H. Tangmunarunkit Presented by Zach Schneirov.

Heuristics for Internet Map Discovery R. Govindan, H. Tangmunarunkit Presented by Zach Schneirov.
14 – Inter/Intra-AS Routing

14 – Inter/Intra-AS Routing
Measuring the Autonomous System Path Through the Internet Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ

Measuring the Autonomous System Path Through the Internet Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ
Internet Routing (COS 598A) Today: Intradomain Topology Jennifer Rexford Tuesdays/Thursdays 11:00am-12:20pm.

Internet Routing (COS 598A) Today: Intradomain Topology Jennifer Rexford Tuesdays/Thursdays 11:00am-12:20pm.

Similar presentations

Ads by Google