Presentation is loading. Please wait.

Presentation is loading. Please wait.

Root cause analysis of BGP routing dynamics Matt Caesar, Lakshmi Subramanian, Randy H. Katz.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Root cause analysis of BGP routing dynamics Matt Caesar, Lakshmi Subramanian, Randy H. Katz."— Presentation transcript:

1 Root cause analysis of BGP routing dynamics Matt Caesar, Lakshmi Subramanian, Randy H. Katz

2 Motivation Interdomain routing suffers from many problems –Instability –Slow convergence after changes –Misconfigurations Poor visibility into dynamics –What is the spectrum of causes of route changes? –What are the primary causes of instability? –How does BGP respond to a routing change? Incomplete model  incomplete solutions

3 How can we improve routing? BGP Health monitoring system –Collect routes from routers –Infer properties of network elements –Redistribute information Achieves greater visibility Our focus: how to do inference

4 Inference problem Terminology: –Event: an activity that generates routing updates –Suspect location set: set of AS’s and links where event could have occurred –Suspect cause set: set of types of events that could have occurred Problem: Given route updates observed at multiple vantage points, determine the suspect set = suspect cause set, suspect location set} of routing events that trigger each update

5 Correlating Observations: Main idea Quiescent: Assume bursts of updates to a single prefix are correlated Turbulent: Assume updates to many prefixes are correlated Assuming correlated observations are independent worsens precision, but assuming independent observations are correlated worsens accuracy Activity  Time 

6 Our approach Refined suspect set for minor event Refinement across multiple views Inferences, updates from other views Correlate updates based on time Link analysis of topology Potential link/AS causing major event Detection Algorithm QuiescentTurbulent Split updates into groups Continuous updates Burst of updates for one prefix Inference rules from a single view Why continuous flaps occur? Suspect set Updates from a single view

7 Turbulent Inference: Example Scenario #1: –~1000 prefixes updated that used (A,C) –  (A,C) suspect Scenario #2: –~4000 prefixes updated that used (A,B), ~2000 that used (B,E) –  (A,B) suspect Scenario #3: –~2000 prefixes updated that used (A,B), ~2000 that used (B,E) –  (B,E) suspect 1000 4000 2000

8 TurbulentInfer: Issues Effects of simultaneously occurring independent events are overshadowed Two large events simultaneously occurring Transition from Quiescent to Turbulent periods

9 Quiescent Inference: Example REROUTE –Silence, route change, silence Potential causes (yellow): –Link/router repair –MED/LocalPref decrease –Hold-down expired Potential causes (blue): –Link/router failure –MED/LocalPref increase –Hold-down triggered Previous path Final path “worsened” “improved”

10 QuiescentInfer: Inference across views Event did not occur here

11 QuiescentInfer: Issues Simultaneous events: –Eg. Flap in one view, Reroute in another –Eg 2. Advertisement in one view, Withdrawal in another Community attribute changes –Community change can trigger reroute several hops away Multiple peering links

12 Validation Well-known historical events –UUNET (10/3/02), AT&T (8/28/02) routing difficulties –Internet worms BGP beacons View at the origin View at the origin results BGP Beacon results

13 Results 70% of updates can be pinpointed to a single inter-AS link (pair of AS’s) –More precise inference for more major events Few AS’s, links causing majority of updates

14 Future work Investigate continuously flapping prefixes Apply statistical inference techniques Placement of views Alarms/Triggers to detect unhealthy behavior Real time analysis –http://www.cs.berkeley.edu/~mccaesar/hmon.html

Download ppt "Root cause analysis of BGP routing dynamics Matt Caesar, Lakshmi Subramanian, Randy H. Katz."

Similar presentations

ABSTRACT Due to the Internets sheer size, complexity, and various routing policies, it is difficult if not impossible to locate the causes of large volumes.

ABSTRACT Due to the Internets sheer size, complexity, and various routing policies, it is difficult if not impossible to locate the causes of large volumes.
Multihoming and Multi-path Routing

Multihoming and Multi-path Routing
EIGRP Explanation & Configuration By Bill Reed. We Will Examine the features of EIGRP Discuss why EIGRP is known as a Hybrid Routing Protocol Identify.

EIGRP Explanation & Configuration By Bill Reed. We Will Examine the features of EIGRP Discuss why EIGRP is known as a Hybrid Routing Protocol Identify.
Comparing IPv4 and IPv6 from the perspective of BGP dynamic activity Geoff Huston APNIC February 2012.

Comparing IPv4 and IPv6 from the perspective of BGP dynamic activity Geoff Huston APNIC February 2012.
Delayed Internet Routing Convergence due to Flap Dampening Z. Morley Mao Ramesh Govindan, Randy Katz, George Varghese

Delayed Internet Routing Convergence due to Flap Dampening Z. Morley Mao Ramesh Govindan, Randy Katz, George Varghese
Part IV: BGP Routing Instability. March 8, 20042 BGP routing updates  Route updates at prefix level  No activity in “steady state”  Routing messages.

Part IV: BGP Routing Instability. March 8, BGP routing updates  Route updates at prefix level  No activity in “steady state”  Routing messages.
Network Layer: Internet-Wide Routing & BGP Dina Katabi & Sam Madden.

Network Layer: Internet-Wide Routing & BGP Dina Katabi & Sam Madden.
Dongkee LEE 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson.

Dongkee LEE 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson.
Consensus Routing: The Internet as a Distributed System 2009. 2. 26 John P. John, Ethan Katz-Bassett, Arvind Krishnamurthy, and Thomas Anderson Presented.

Consensus Routing: The Internet as a Distributed System John P. John, Ethan Katz-Bassett, Arvind Krishnamurthy, and Thomas Anderson Presented.
1 BGP Anomaly Detection in an ISP Jian Wu (U. Michigan) Z. Morley Mao (U. Michigan) Jennifer Rexford (Princeton) Jia Wang (AT&T Labs)

1 BGP Anomaly Detection in an ISP Jian Wu (U. Michigan) Z. Morley Mao (U. Michigan) Jennifer Rexford (Princeton) Jia Wang (AT&T Labs)
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
1 Measurement of Highly Active Prefixes in BGP Ricardo V. Oliveira, Rafit Izhak-Ratzin, Beichuan Zhang, Lixia Zhang GLOBECOM’05.

1 Measurement of Highly Active Prefixes in BGP Ricardo V. Oliveira, Rafit Izhak-Ratzin, Beichuan Zhang, Lixia Zhang GLOBECOM’05.
Part II: Inter-domain Routing Policies. March 8, 20042 What is routing policy? ISP1 ISP4ISP3 Cust1Cust2 ISP2 traffic Connectivity DOES NOT imply reachability!

Part II: Inter-domain Routing Policies. March 8, What is routing policy? ISP1 ISP4ISP3 Cust1Cust2 ISP2 traffic Connectivity DOES NOT imply reachability!
BGP update profiles and the implications for secure BGP update validation processing Geoff Huston Swinburne University of Technology PAM2007 5 April 2007.

BGP update profiles and the implications for secure BGP update validation processing Geoff Huston Swinburne University of Technology PAM April 2007.
A Study of Multiple IP Link Failure Fang Yu

A Study of Multiple IP Link Failure Fang Yu
HLP: A Next Generation Interdomain Routing Protocol Lakshminarayanan Subramanian* Matthew Caesar* Cheng Tien Ee*, Mark Handley° Morley Maoª, Scott Shenker*

HLP: A Next Generation Interdomain Routing Protocol Lakshminarayanan Subramanian* Matthew Caesar* Cheng Tien Ee*, Mark Handley° Morley Maoª, Scott Shenker*
1 Finding a Needle in a Haystack: Pinpointing Significant BGP Routing Changes in an IP Network Jian Wu (University of Michigan) Z. Morley Mao (University.

1 Finding a Needle in a Haystack: Pinpointing Significant BGP Routing Changes in an IP Network Jian Wu (University of Michigan) Z. Morley Mao (University.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
CS 672 1 Summer 2003 Quiz 1 Q1) Answer the following: List one protocol that is commonly used for intra AS routing? List one protocol that is used for.

CS Summer 2003 Quiz 1 Q1) Answer the following: List one protocol that is commonly used for intra AS routing? List one protocol that is used for.
Improving BGP Convergence Through Consistency Assertions Dan Pei, Lan Wang, Lixia Zhang UCLA Xiaoliang Zhao, Daniel Massey, Allison Mankin, USC/ISI S.

Improving BGP Convergence Through Consistency Assertions Dan Pei, Lan Wang, Lixia Zhang UCLA Xiaoliang Zhao, Daniel Massey, Allison Mankin, USC/ISI S.

Similar presentations

Ads by Google