Presentation on theme: "Dongkee LEE 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson."— Presentation transcript:
Dongkee LEE (firstname.lastname@example.org) 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson
Dongkee LEE (email@example.com)2Overview. Motivation Misconfigurations Impact of Misconfiguations Methodology Results
Dongkee LEE (firstname.lastname@example.org)3Motivation BGP instabilities have widespread impact. 200-1200 prefixes (0.2-1.0% of the BGP table size) suffering from misconfiguration each day. Close to 3 in 4 of all new prefix advertisements were results of misconfiguration.
Dongkee LEE (email@example.com)4Motivation Misconfigurations can be a leading cause of unreliability. BGP is complex to configure. How frequently do these misconfigurations occur? What is their impact on global connectivity and routing load? Why do the misconfigurations occur? What can be done to reduce their frequency and impact?
Dongkee LEE (firstname.lastname@example.org)5 Origin Misconfigurations Unintentional insertion of a route into the global BGP tables. Classification of origin misconfigurations.
Dongkee LEE (email@example.com)6 Export Misconfigurations The AS-path is in violatoin of the policies of one the ASes in the path. Violating the valley free condition or contain multiple peering edges as probable export misconfigurations.
Dongkee LEE (firstname.lastname@example.org)7 Impact of Misconfigurations Routing load. Unnecessary BGP updates. Connectivity disruption. Policy violation.
Dongkee LEE (email@example.com)8Methodology RouteViews data. (23 peers in 19 Ases) Identify short-lived (< 24hours) changes as potential misconfigurations. length of time a new route lasted in the BGP table. 45% of changes last less than 1 day. 30% of them lasted more than 7 days.
Dongkee LEE (firstname.lastname@example.org)9Methodology For origin misconfigurations Use historical BGP data from the previous day to determine how long a new route lasted. Classify the new routes into … self deaggregation, related origin, foreign origin. For export misconfigurations Based on the inferred AS relationships, identify AS-paths with short-lived subpaths that violate the valley free condition.
Dongkee LEE (email@example.com)10Methodology Email Survey It’s not necessary that all short-lived changes are misconfigurations. Testing Connectivity. Determine the extent of disruption due to misconfigurations. Download the current BGP table from RouteViews. For all the suspect route in the table, it checked if the prefix was reachable from various vantage points in the network.
Dongkee LEE (firstname.lastname@example.org)11Results Cause of Origin misconfiguration Faulty redistribution (32% prefixes, 5% incidents). Initialization bug (22%, 5%). Reliance on upstream filtering (14%, 46%). Announcing routes assuming upstream would filter them. Hijacks (1%, 6%) Announcing somebody else’s address space. Old configuration (1%, 4%)
Dongkee LEE (email@example.com)12Results Cause of Export misconfiguration Prefix based config (8% path, 22% incidents). Intended policy: Provide transit to C through A-C Configured policy: Export all routes originated by C to P1 and P2 Old configuration (2%, 4%) Initialization bug (1%, 4%). Forgotten filter (8% 7%). Bad ACL or route map (34%, 4%) Typo (12%, 6%).
Dongkee LEE (firstname.lastname@example.org)13Results Connectivity is surprisingly robust to most misconfigutaions. it was affected in only 4% of the misconfigured announcement. 13% of incidents) But routing load can be significant. It was more than 10% of the total update load, And it went higher than 60% of the total update load.
Dongkee LEE (email@example.com)14Fixes Improve User Interfaces. Configuration Checker. Automated verication. Consistent databases and updated registries.