Presentation is loading. Please wait.

Presentation is loading. Please wait.

Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan.

Published byDouglas Simpson Modified over 9 years ago

Similar presentations

Presentation on theme: "Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan."— Presentation transcript:

1 Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan

2 Introduction Internet routing is a massive distributed computing task BGP4 is exceedingly complex Complexity arises due to wide variety of goals that must be met Complicated interactions and unintended side effects

3 Introduction (contd.) Propose routing logic – a set of rules Logic used to determine satisfaction of desired properties Demonstrate how this logic can be used to analyze and aid implementation

4 Motivation Complexity of BGP Fast convergence to correct loop-free paths Resilience to congestion Avoid packet loss and failures Connecting autonomous and mutually distrusting domains

5 Motivation (contd.) Complexity stems from dynamic behavior during operation Vast possibilities for configuration Prior work highlights many undesirable properties

6 Motivation (contd.) Poor Integrity DoS, integrity attacks, misconfiguration Slow Convergence Path instability, delayed convergence Congestion scenario not well-understood

7 Motivation (contd.) Unpredictability BGP is distributed and asynchronous Predicting effects of configuration change challenging Poor control of information flow BGP implementation may expose information not intended to be public knowledge

8 Motivation (contd.) Specific modifications have unintended side effects Need for something that reasons ‘correctness’ of the protocol Classify protocols in terms of desired properties

9 Desired Properties Validity Existence of route implies existence of path Visibility Existence of path implies existence of route Safety/Stability No participant should change its route in response to other routes

10 Desired Properties (contd.) Determinism Protocol should arrive at same predictable set of routes Information-flow Control Should not expose more information than necessary

11 Routing Logic Inputs Specification of how protocol behaves Specification of protocol configuration Policy configuration General configuration, e.g. which routers exchange routing information Current version has no notion of time

12 Hierarchical Routing Scopes Organize routing domains into hierarchical levels called scopes Protocol in scope ‘i’ forwards packets via scope ‘i’ next-hop in that path Scope ‘i’ routing uses scope ‘i+1’ path to reach scope ‘i’ next hop

13 Routing Domains are Organized Hierarchically

14 Validity Rules Reachability Route transports packets to intended destinations Policy conformance Conform to peering and transit agreements Progress Next-hop specified reduces total distance to the destination

15 The Validity Rule

16 Underlying IGP can result in forwarding loops

17 Information Flow Control Consists of objects, flow policy, partial ordering of security levels Policy defined in terms of partial ordering expressed as a lattice Flow model specifies Process causing information flow How flow should be controlled between parties

18 An example information flow lattice

19 Information Objects Policy Peering and transit agreements Router preferences Reachability Events affecting reachability Topology Internal network topology Inter-AS connectivity

20 Noninterference Rule Objects at higher security levels should not be visible to objects at lower levels Security level of message not higher than level of recipient

21 BGP implementations can result in information flow policy violations

22 Potential Applications Static analysis of existing network configuration Providing framework for design of high- level policy specification Aid designers of new protocols

23 Configuration Analysis Tool verifies properties of legacy router configuration Such tool under development Used to check whether configuration satisfies specified information flow policy

24 Configuration Synthesis Get rid of low-level configuration languages Remove complexity, frequent misconfiguration Synthesize low-level configuration by translating high-level specification

25 Protocol Design Implement set of protocol abstractions Relate to routing logic, determine satisfaction of properties Less susceptible to violating wide-area routing properties

26 Related Work Inspired by use of BAN logic for authentication protocol analysis Application of BAN logic to Taos Operating system Builds on BGP anomalies noted by various previous work

27 Conclusions Presented a routing logic Proving properties about protocol aspects Formally describe how fundamental properties of BGP lead to violations Evaluate future proposed modifications to BGP Help design new protocols

28 From 10,000 feet … Does not aim to fix all problems in BGP Lays importance to formalizing current approach of understanding things Is a tool to analyze effects of modifications to implementations Approach extendable to other complex protocols

Download ppt "Towards a Logic for Wide- Area Internet Routing Nick Feamster Hari Balakrishnan."

Similar presentations

Part IV: BGP Routing Instability. March 8, 20042 BGP routing updates  Route updates at prefix level  No activity in “steady state”  Routing messages.

Part IV: BGP Routing Instability. March 8, BGP routing updates  Route updates at prefix level  No activity in “steady state”  Routing messages.
Consensus Routing: The Internet as a Distributed System 2009. 2. 26 John P. John, Ethan Katz-Bassett, Arvind Krishnamurthy, and Thomas Anderson Presented.

Consensus Routing: The Internet as a Distributed System John P. John, Ethan Katz-Bassett, Arvind Krishnamurthy, and Thomas Anderson Presented.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Introduction to Dynamic Routing Protocol Routing Protocols and Concepts – Chapter.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Introduction to Dynamic Routing Protocol Routing Protocols and Concepts – Chapter.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 Routing Working at a Small-to-Medium Business or ISP – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 Routing Working at a Small-to-Medium Business or ISP – Chapter 6.
How to Construct a Correct and Scalable iBGP Configuration Mythili Vutukuru Joint work with Paul Valiant, Swastik Kopparty and Hari Balakrishnan.

How to Construct a Correct and Scalable iBGP Configuration Mythili Vutukuru Joint work with Paul Valiant, Swastik Kopparty and Hari Balakrishnan.
Towards a Logic for Wide-Area Internet Routing Nick Feamster and Hari Balakrishnan M.I.T. Computer Science and Artificial Intelligence Laboratory Kunal.

Towards a Logic for Wide-Area Internet Routing Nick Feamster and Hari Balakrishnan M.I.T. Computer Science and Artificial Intelligence Laboratory Kunal.
1 Route Control Platform – IEEE CCW 2004 Route Control Platform Making an AS look and act like one router Aman Shaikh AT&T Labs - Research IEEE CCW 2004.

1 Route Control Platform – IEEE CCW 2004 Route Control Platform Making an AS look and act like one router Aman Shaikh AT&T Labs - Research IEEE CCW 2004.
OASIS Reference Model for Service Oriented Architecture 1.0

OASIS Reference Model for Service Oriented Architecture 1.0
Dynamic routing Routing Algorithm (Dijkstra / Bellman-Ford) – idealization –All routers are identical –Network is flat. Not true in Practice Hierarchical.

Dynamic routing Routing Algorithm (Dijkstra / Bellman-Ford) – idealization –All routers are identical –Network is flat. Not true in Practice Hierarchical.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
MIRED: Managing IP Routing is Extremely Difficult Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ

MIRED: Managing IP Routing is Extremely Difficult Jennifer Rexford Internet and Networking Systems AT&T Labs - Research; Florham Park, NJ
Internet Routing Instability Labovitz et al. Sigcomm 1997 Largely adopted from Ion Stoica’s slide at UCB.

Internet Routing Instability Labovitz et al. Sigcomm 1997 Largely adopted from Ion Stoica’s slide at UCB.
1 Route Control Platform – IEEE CCW 2004 Route Control Platform Making an AS look and act like a router Aman Shaikh AT&T Labs - Research IEEE CCW 2004.

1 Route Control Platform – IEEE CCW 2004 Route Control Platform Making an AS look and act like a router Aman Shaikh AT&T Labs - Research IEEE CCW 2004.
RFC 2453 RIP 2 (Routing Information Protocol) Daher Kaiss.

RFC 2453 RIP 2 (Routing Information Protocol) Daher Kaiss.
1 Design and implementation of a Routing Control Platform Matthew Caesar, Donald Caldwell, Nick Feamster, Jennifer Rexford, Aman Shaikh, Jacobus van der.

1 Design and implementation of a Routing Control Platform Matthew Caesar, Donald Caldwell, Nick Feamster, Jennifer Rexford, Aman Shaikh, Jacobus van der.
Economic Incentives in Internet Routing Jennifer Rexford Princeton University

Economic Incentives in Internet Routing Jennifer Rexford Princeton University
Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932

Network Monitoring for Internet Traffic Engineering Jennifer Rexford AT&T Labs – Research Florham Park, NJ 07932
Stable Internet Routing Without Global Coordination Jennifer Rexford AT&T Labs--Research

Stable Internet Routing Without Global Coordination Jennifer Rexford AT&T Labs--Research
CprE 458/558: Real-Time Systems

CprE 458/558: Real-Time Systems

Similar presentations

Ads by Google