Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dongkee LEE 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson.

Published byHenry Powell Modified over 9 years ago

Similar presentations

Presentation on theme: "Dongkee LEE 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson."— Presentation transcript:

1 Dongkee LEE (dklee@an.kaist.ac.kr) 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson

2 Dongkee LEE (dklee@an.kaist.ac.kr)2Overview.  Motivation  Misconfigurations  Impact of Misconfiguations  Methodology  Results

3 Dongkee LEE (dklee@an.kaist.ac.kr)3Motivation  BGP instabilities have widespread impact. 200-1200 prefixes (0.2-1.0% of the BGP table size) suffering from misconfiguration each day. Close to 3 in 4 of all new prefix advertisements were results of misconfiguration.

4 Dongkee LEE (dklee@an.kaist.ac.kr)4Motivation  Misconfigurations can be a leading cause of unreliability.  BGP is complex to configure. How frequently do these misconfigurations occur? What is their impact on global connectivity and routing load? Why do the misconfigurations occur? What can be done to reduce their frequency and impact?

5 Dongkee LEE (dklee@an.kaist.ac.kr)5 Origin Misconfigurations  Unintentional insertion of a route into the global BGP tables.  Classification of origin misconfigurations.

6 Dongkee LEE (dklee@an.kaist.ac.kr)6 Export Misconfigurations  The AS-path is in violatoin of the policies of one the ASes in the path.  Violating the valley free condition or contain multiple peering edges as probable export misconfigurations.

7 Dongkee LEE (dklee@an.kaist.ac.kr)7 Impact of Misconfigurations  Routing load.  Unnecessary BGP updates.  Connectivity disruption.  Policy violation.

8 Dongkee LEE (dklee@an.kaist.ac.kr)8Methodology RouteViews data. (23 peers in 19 Ases) Identify short-lived (< 24hours) changes as potential misconfigurations. length of time a new route lasted in the BGP table. 45% of changes last less than 1 day. 30% of them lasted more than 7 days.

9 Dongkee LEE (dklee@an.kaist.ac.kr)9Methodology  For origin misconfigurations Use historical BGP data from the previous day to determine how long a new route lasted. Classify the new routes into … self deaggregation, related origin, foreign origin.  For export misconfigurations Based on the inferred AS relationships, identify AS-paths with short-lived subpaths that violate the valley free condition.

10 Dongkee LEE (dklee@an.kaist.ac.kr)10Methodology  Email Survey It’s not necessary that all short-lived changes are misconfigurations.  Testing Connectivity. Determine the extent of disruption due to misconfigurations. Download the current BGP table from RouteViews. For all the suspect route in the table, it checked if the prefix was reachable from various vantage points in the network.

11 Dongkee LEE (dklee@an.kaist.ac.kr)11Results  Cause of Origin misconfiguration  Faulty redistribution (32% prefixes, 5% incidents).  Initialization bug (22%, 5%).  Reliance on upstream filtering (14%, 46%).  Announcing routes assuming upstream would filter them.  Hijacks (1%, 6%)  Announcing somebody else’s address space.  Old configuration (1%, 4%)

12 Dongkee LEE (dklee@an.kaist.ac.kr)12Results  Cause of Export misconfiguration  Prefix based config (8% path, 22% incidents). Intended policy: Provide transit to C through A-C Configured policy: Export all routes originated by C to P1 and P2  Old configuration (2%, 4%)  Initialization bug (1%, 4%).  Forgotten filter (8% 7%).  Bad ACL or route map (34%, 4%)  Typo (12%, 6%).

13 Dongkee LEE (dklee@an.kaist.ac.kr)13Results  Connectivity is surprisingly robust to most misconfigutaions.  it was affected in only 4% of the misconfigured announcement. 13% of incidents)  But routing load can be significant.  It was more than 10% of the total update load,  And it went higher than 60% of the total update load.

14 Dongkee LEE (dklee@an.kaist.ac.kr)14Fixes  Improve User Interfaces.  Configuration Checker.  Automated verication.  Consistent databases and updated registries.

15 Dongkee LEE (dklee@an.kaist.ac.kr)15  The END

Download ppt "Dongkee LEE 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson."

Similar presentations

NOPEER Route Attribute Propose a well-known transitive advisory scope attribute Applied by originating AS to route prefixes Interpretable as advice to.

NOPEER Route Attribute Propose a well-known transitive advisory scope attribute Applied by originating AS to route prefixes Interpretable as advice to.
An Operational Perspective on BGP Security Geoff Huston February 2005.

An Operational Perspective on BGP Security Geoff Huston February 2005.
BGP route propagation between neighboring domains Renata Teixeira Laboratoire LIP6 – CNRS University Pierre et Marie Curie – Paris 6 with Steve Uhlig (Delft.

BGP route propagation between neighboring domains Renata Teixeira Laboratoire LIP6 – CNRS University Pierre et Marie Curie – Paris 6 with Steve Uhlig (Delft.
A Study of BGP Origin AS Changes and Partial Connectivity Ratul Mahajan David Wetherall Tom Anderson University of Washington Asta Networks † † ‡ † ‡ ‡

A Study of BGP Origin AS Changes and Partial Connectivity Ratul Mahajan David Wetherall Tom Anderson University of Washington Asta Networks † † ‡ † ‡ ‡
1 Copyright  1999, Cisco Systems, Inc. Module10.ppt10/7/1999 8:27 AM BGP — Border Gateway Protocol Routing Protocol used between AS’s Currently Version.

1 Copyright  1999, Cisco Systems, Inc. Module10.ppt10/7/1999 8:27 AM BGP — Border Gateway Protocol Routing Protocol used between AS’s Currently Version.
A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”

A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”
1 Experimental Study of Internet Stability and Wide-Area Backbone Failure Craig Labovitz, Abha Ahuja Merit Network, Inc. 1998. Presented by Changchun Zou.

1 Experimental Study of Internet Stability and Wide-Area Backbone Failure Craig Labovitz, Abha Ahuja Merit Network, Inc Presented by Changchun Zou.
Swinog-7, 22nd october 2003 BGP filtering André Chapuis,

Swinog-7, 22nd october 2003 BGP filtering André Chapuis,
Dongkee LEE 1 An Analysis of BGP Multiple Origin AS (MOAS) Conflicts Xiaoliang Zhao, et al.

Dongkee LEE 1 An Analysis of BGP Multiple Origin AS (MOAS) Conflicts Xiaoliang Zhao, et al.
2006 – (Almost another) BGP Year in Review A BRIEF update to the 2005 report 18 October 2006 IAB Routing Workshop Geoff Huston APNIC.

2006 – (Almost another) BGP Year in Review A BRIEF update to the 2005 report 18 October 2006 IAB Routing Workshop Geoff Huston APNIC.
1 BGP Anomaly Detection in an ISP Jian Wu (U. Michigan) Z. Morley Mao (U. Michigan) Jennifer Rexford (Princeton) Jia Wang (AT&T Labs)

1 BGP Anomaly Detection in an ISP Jian Wu (U. Michigan) Z. Morley Mao (U. Michigan) Jennifer Rexford (Princeton) Jia Wang (AT&T Labs)
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
Quantitative Analysis of BGP Route Leaks Benjamin Wijchers Benno Overeinder.

Quantitative Analysis of BGP Route Leaks Benjamin Wijchers Benno Overeinder.
1 Border Gateway Protocol (BGP). 2 Contents  Internet connectivity and BGP  connectivity services, AS relationships  BGP Basics  BGP sessions, BGP.

1 Border Gateway Protocol (BGP). 2 Contents  Internet connectivity and BGP  connectivity services, AS relationships  BGP Basics  BGP sessions, BGP.
Best Practices for ISPs

Best Practices for ISPs
Inferring Autonomous System Relationships in the Internet Lixin Gao.

Inferring Autonomous System Relationships in the Internet Lixin Gao.
1 Internet Path Inflation Xenofontas Dimitropoulos.

1 Internet Path Inflation Xenofontas Dimitropoulos.
Part II: Inter-domain Routing Policies. March 8, 20042 What is routing policy? ISP1 ISP4ISP3 Cust1Cust2 ISP2 traffic Connectivity DOES NOT imply reachability!

Part II: Inter-domain Routing Policies. March 8, What is routing policy? ISP1 ISP4ISP3 Cust1Cust2 ISP2 traffic Connectivity DOES NOT imply reachability!
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
Practical and Configuration issues of BGP and Policy routing Cameron Harvey Simon Fraser University.

Practical and Configuration issues of BGP and Policy routing Cameron Harvey Simon Fraser University.

Similar presentations

Ads by Google