Presentation is loading. Please wait.

Presentation is loading. Please wait.

How DNS Misnaming Distorts Internet Topology Mapping Ming Zhang, Microsoft Research Yaoping Ruan, IBM Research Vivek Pai, Jennifer Rexford, Princeton University.

Similar presentations


Presentation on theme: "How DNS Misnaming Distorts Internet Topology Mapping Ming Zhang, Microsoft Research Yaoping Ruan, IBM Research Vivek Pai, Jennifer Rexford, Princeton University."— Presentation transcript:

1 How DNS Misnaming Distorts Internet Topology Mapping Ming Zhang, Microsoft Research Yaoping Ruan, IBM Research Vivek Pai, Jennifer Rexford, Princeton University

2 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC2 June 3, 2006 Basic Traceroute % traceroute -n www.usenix.org 1 128.112.155.129 0.586 ms 0.408 ms 0.401 ms 2 128.112.138.2 0.627 ms 0.454 ms 0.645 ms 3 128.112.139.193 2.833 ms 1.412 ms 1.618 ms 4 128.112.12.57 1.505 ms 1.115 ms 1.548 ms 5 128.112.12.22 2.073 ms 1.237 ms 1.054 ms 6 204.153.48.9 3.275 ms 3.041 ms 2.459 ms 7 12.119.12.109 7.863 ms 8.513 ms 5.343 ms 8 12.123.219.133 10.458 ms 8.224 ms 8.770 ms 9 12.123.0.101 6.547 ms 8.504 ms 5.736 ms 10 204.255.168.1 8.536 ms 7.328 ms 6.912 ms 11 152.63.21.78 6.229 ms 6.215 ms 5.906 ms 12 152.63.145.241 71.186 ms 70.831 ms 71.415 ms 13 152.63.55.58 71.049 ms 71.716 ms 70.714 ms 14 152.63.48.73 73.591 ms 73.618 ms 73.887 ms 15 157.130.192.6 97.473 ms 94.833 ms 111.342 ms

3 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC3 June 3, 2006 Reverse DNS Lookups % traceroute www.usenix.org 1 ignition (128.112.155.129) 0.542 ms 2 targe (128.112.138.2) 0.894 ms 3 csgate (128.112.139.193) 1.592 ms 4 gigagate1.Princeton.EDU (128.112.12.57) 1.768 ms 5 vgate1.Princeton.EDU (128.112.12.22) 1.240 ms 6 tcggate.Princeton.EDU (204.153.48.9) 2.524 ms 7 12.119.12.109 (12.119.12.109) 9.014 ms 8 tbr2-p012402.n54ny.ip.att.net (12.123.219.133) 6.708 ms 9 ggr3-g90.n54ny.ip.att.net (12.123.0.101) 6.510 ms 10 0.so-2-1-0.BR1.NYC4.ALTER.NET (204.255.168.1) 6.806 ms 11 0.so-6-0-0.XL1.NYC4.ALTER.NET (152.63.21.78) 7.242 ms 12 0.so-7-0-0.XL1.SFO4.ALTER.NET (152.63.145.241) 70.959 ms 13 POS4-0.XR1.SFO4.ALTER.NET (152.63.55.58) 72.075 ms 14 191.ATM7-0.GW4.SFO4.ALTER.NET (152.63.48.73) 76.387 ms 15 usenix-gw.customer.alter.net (157.130.192.6) 95.806 ms n54ny.ip.att XL1.SFO4.ALTER tbr2-p012402.n54ny.ip.att.net ggr3-g90.n54ny.ip.att.net 0.so-2-1-0.BR1.NYC4.ALTER.NET 0.so-6-0-0.XL1.NYC4.ALTER.NET 0.so-7-0-0.XL1.SFO4.ALTER.NET POS4-0.XR1.SFO4.ALTER.NET 191.ATM7-0.GW4.SFO4.ALTER.NET

4 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC4 June 3, 2006 Network Debugging & Research DNS now a critical tool, errors problematic For humans  annoying  Assuming you can detect it For mapping  small problems  Relatively contained For derived data  magnified problems  “Worst” problems can be fictional

5 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC5 June 3, 2006 Automating the Process Generate large number of traceroutes  e.g., use PlanetLab and/or ScriptRoute Extract geography from names  undns tool from RocketFuel  Understands conventions for tons of ISPs Merge cities into POPs Now, reverse-engineer paths, peering decisions, routing, etc.

6 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC6 June 3, 2006 DNS Misnaming Problems Reverse DNS names not critical for ISP  Especially in routers – debugging tool  Often no forward DNS mapping Reasons for misnaming  Router gets moved  Linecards swapped (IP per linecard)  Reuse old IP addresses  Peering ISPs share IP addresses

7 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC7 June 3, 2006 POP Loops & False Edges

8 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC8 June 3, 2006 Extra Inter-POP Links

9 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC9 June 3, 2006 Data Collection In-house version of traceroute 132 nodes on PlanetLab 259,343 routable address blocks  From all prefixes in current BGP tables 20 hours on March 30, 2005 Data parsing: IP address DNS lookup DNS names POP names Geo location undns rules Yahoo maps

10 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC10 June 3, 2006 Resolving POP-level loop Greedy algorithm:  Get all fishy IPs  Pick IP that Resolves most loops Rarely appears good  Remove IP’s loops, report IP  Repeat The correct location of a misnamed IP is decided by voting based on its neighbors

11 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC11 June 3, 2006 Heuristics: 01/10 Rule IP1 Boston IP3 x.x.x.149 St Louis IP2 SF IP4 x.x.x.150 New York IP5 New York IP6 New York Given IP1, IP2, and IP3 Infer IP4 from IP3 If POPs for IP4, IP2 disagree: Vote among interfaces on same router (IP4, IP5, and IP6)

12 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC12 June 3, 2006 Case Study Results Large ISP, 100+ POPs 1,957 POP-level loops  IP1, 2, 3, 4 Router level discrepancy  IP5, 6 Missed  IP7, 8 9  Small POPs with 1 neighbor

13 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC13 June 3, 2006 Impact on Previous Work Impact on topology mapping  11% of inferred edges are false edges  More reliable than speed-of-light only approach Impact on path inflation studies

14 Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC14 June 3, 2006 Conclusion DNS misnaming can be serious for network researchers We study two heuristics to identify and fix the wrong names Case study confirms the effectiveness of our approach


Download ppt "How DNS Misnaming Distorts Internet Topology Mapping Ming Zhang, Microsoft Research Yaoping Ruan, IBM Research Vivek Pai, Jennifer Rexford, Princeton University."

Similar presentations


Ads by Google