Presentation is loading. Please wait.

Presentation is loading. Please wait.

Information-Centric Networks Section # 4.2: Routing Issues Instructor: George Xylomenos Department: Informatics.

Published byReginald Davis Modified over 8 years ago

Similar presentations

Presentation on theme: "Information-Centric Networks Section # 4.2: Routing Issues Instructor: George Xylomenos Department: Informatics."— Presentation transcript:

1 Information-Centric Networks Section # 4.2: Routing Issues Instructor: George Xylomenos Department: Informatics

2 Funding These educational materials have been developed as part of the instructors educational tasks. The “Athens University of Economics and Business Open Courses” project only funded the reformatting of these educational materials. The project is being implemented as part of the Operational Program “Instruction and Lifelong Learning” and is co- financed by the European Union (European Social Fund) and national funds.

3 Licencing These educational materials are subject to a Creative Commons License.

4 Information-Centric Networks04b-4 Week 4 / Paper 2 Understanding BGP Misconfiguration –Rahil Mahajan, David Wetherall, Tom Anderson –ACM SIGCOMM 2002 Main point –BGP misconfiguration can disrupt Internet connectivity –How often does it occur? Why does it occur? –Observation from multiple vantage points –200-1200 prefixes misconfigured each day –Users are affected by very few of them

5 Information-Centric Networks04b-5 Introduction Focus on two types of misconfiguration –Accidental injection of routes into BGP tables –Accidental export of routes in violation of policy Goals of the study –How often are misconfigurations? –What is their impact on connectivity and load? –Why do they occur? –How can they be reduced? Observation study –23 vantage points during 21 days –Use of simple heuristics to identify errors –Polling of operators to verify causes

6 Information-Centric Networks04b-6 Misconfiguration Focus on two types of BGP misconfiguration –Origin misconfiguration: erroneous injection in BGP tables Failure to summarize prefixes Announcing someone else’s address space Propagation of private prefixes –Export misconfiguration: advertisement of policy violating routes –There are many other types of misconfiguration These are externally visible and clearly against policy Adverse impacts of misconfiguration –Increase of routing load due to unnecessary updates –Partial or global connectivity disruption –Routing policy violations

7 Information-Centric Networks04b-7 Methodology Analysis of data from the RouteViews BGP listener –45% of new routes last for less than a day –30% of new routes last for more than 7 days –Inference: misconfigurations last for less than a day Requires verification by operator polling –Result: a lower bound on actual misconfigurations Origin misconfiguration analysis –Examination of new routes (not reappearing ones) Self deaggregation: possible aggregation error Related origin: possible backup route Foreign origin: possible address hijacking –Look for routes that disappear quickly More likely to be an error that was noticed

8 Information-Centric Networks04b-8 Methodology Export misconfiguration analysis –Paths are normally valley free Up to the core, through the core and down to the destination –We can only infer the AS relationships via BGP tables –Result: a lower bound on actual misconfigurations –Types of misconfiguration Provider->AS->Provider Provider->AS->Peer Peer->AS->Provider Peer->AS->Peer Verification: email to operator and connectivity testing –Emails often bounced due to erroneous data in registries –Test reachability of suspect AS’s from multiple vantage points

9 Information-Centric Networks04b-9 Results Origin misconfiguration –Short lived routes were clustered into incidents Sets of prefixes from the same AS that appear/disappear together –Up to 72% of new routes seen in a day are misconfigurations Extrapolation from the e-mail answers for incidents Connectivity tests matched well with e-mail responses –13% of the incidents impact connectivity Some of the connectivity problems were not noticed by operators! Extrapolation: 25 incidents per day disrupt connectivity –50% of misconfigurations last less than 10 minutes 80% less than an hour, 90% less than 10 hours Connectivity disruptions are fixed sooner

10 Information-Centric Networks04b-10 Results Export misconfiguration –Segments with policy violations were clustered into incidents –Most incidents do not affect connectivity, only load –Provider->AS->Provider is the most common violation Followed by Provider->AS->Peer –Impact on load is normally low But it can even double load in some incidents

11 Information-Centric Networks04b-11 Causes Classification of human errors –Slips: errors in executing a correct plan –Mistakes: correct execution of an erroneous plan Origin misconfigurations –Mistakes Initialization bugs: bug in a specific vendor’s product Reliance on upstream filtering: response to attacks of load balancing Old configuration: unsaved changes or backup routers –Slips Redistribution: of internal routes Community: incorrect scoping of routes Hijack: of addresses prefixes (attack or typing error) Forgotten filter: error in filtering Incorrect summary: larger or smaller address blocks

12 Information-Centric Networks04b-12 Causes Export misconfigurations –Mistakes Prefix based configuration: a backup path leads to transit violations Old configuration: as in origin misconfigurations Initialization bug: as in origin misconfigurations –Slips Bad ACL or route map: obvious Typo: obvious Forgotten filter: as in origin misconfigurations Community: as in origin misconfigurations

13 Information-Centric Networks04b-13 Discussion What can we do to reduce misconfigurations? User interface design –Many CLIs are problematic and should be improved –Often operators do not really understand the CLI High-level languages and checking –Router configuration is a very low level task –At least high level configuration checking would be good Database consistency and replication –Registries are very outdated, leading to errors Protocol extensions –Secure BGP guards against hijacks –Better error reporting would reveal many other errors

14 End of Section # 4.2 Course: Information-Centric Networks, Section # 4.2: Routing Issues Instructor: George Xylomenos, Department: Informatics

Download ppt "Information-Centric Networks Section # 4.2: Routing Issues Instructor: George Xylomenos Department: Informatics."

Similar presentations

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 6: Multiarea OSPF Scaling Networks.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 6: Multiarea OSPF Scaling Networks.
A Study of BGP Origin AS Changes and Partial Connectivity Ratul Mahajan David Wetherall Tom Anderson University of Washington Asta Networks † † ‡ † ‡ ‡

A Study of BGP Origin AS Changes and Partial Connectivity Ratul Mahajan David Wetherall Tom Anderson University of Washington Asta Networks † † ‡ † ‡ ‡
A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”

A Quick and Dirty Guide to BGP attacks Or “How to 0wn the Backbone in your Spare Time”
Dongkee LEE 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson.

Dongkee LEE 1 Understanding BGP Misconfiguration Ratul Mahajan, David Wetherall, Tom Anderson.
Information-Centric Networks04c-1 Week 4 / Paper 3 A Survey of BGP Security Issues and Solutions –Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer.

Information-Centric Networks04c-1 Week 4 / Paper 3 A Survey of BGP Security Issues and Solutions –Kevin Butler, Toni Farley, Patrick McDaniel, and Jennifer.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.

1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
Best Practices for ISPs

Best Practices for ISPs
Practical and Configuration issues of BGP and Policy routing Cameron Harvey Simon Fraser University.

Practical and Configuration issues of BGP and Policy routing Cameron Harvey Simon Fraser University.
1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background – Detection of Invalid Routing Announcement in the Internet –Open Discussions Thursday.

1 BGP Security -- Zhen Wu. 2 Schedule Tuesday –BGP Background –" Detection of Invalid Routing Announcement in the Internet" –Open Discussions Thursday.
BGP: Inter-Domain Routing Protocol Noah Treuhaft U.C. Berkeley.

BGP: Inter-Domain Routing Protocol Noah Treuhaft U.C. Berkeley.
Stable Internet Routing Without Global Coordination Jennifer Rexford Princeton University Joint work with Lixin Gao (UMass-Amherst)

Stable Internet Routing Without Global Coordination Jennifer Rexford Princeton University Joint work with Lixin Gao (UMass-Amherst)
Delayed Internet Routing Convergence Craig Labovitz, Abha Ahuja, Abhijit Bose, Farham Jahanian Presented By Harpal Singh Bassali.

Delayed Internet Routing Convergence Craig Labovitz, Abha Ahuja, Abhijit Bose, Farham Jahanian Presented By Harpal Singh Bassali.
Inherently Safe Backup Routing with BGP Lixin Gao (U. Mass Amherst) Timothy Griffin (AT&T Research) Jennifer Rexford (AT&T Research)

Inherently Safe Backup Routing with BGP Lixin Gao (U. Mass Amherst) Timothy Griffin (AT&T Research) Jennifer Rexford (AT&T Research)
Economic Incentives in Internet Routing Jennifer Rexford Princeton University

Economic Incentives in Internet Routing Jennifer Rexford Princeton University
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—5-1 Implementing Path Control Lab 5-1 Debrief.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—5-1 Implementing Path Control Lab 5-1 Debrief.
Stable Internet Routing Without Global Coordination Jennifer Rexford AT&T Labs--Research Joint work with Lixin Gao.

Stable Internet Routing Without Global Coordination Jennifer Rexford AT&T Labs--Research Joint work with Lixin Gao.
Measuring ISP topologies with Rocketfuel Ratul Mahajan Neil Spring David Wetherall University of Washington ACM SIGCOMM 2002.

Measuring ISP topologies with Rocketfuel Ratul Mahajan Neil Spring David Wetherall University of Washington ACM SIGCOMM 2002.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—3-1 Implementing a Scalable Multiarea Network OSPF- Based Solution Lab 3-3 Debrief.

© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—3-1 Implementing a Scalable Multiarea Network OSPF- Based Solution Lab 3-3 Debrief.
Information-Centric Networks07b-1 Week 7 / Paper 2 NIRA: A New Inter-Domain Routing Architecture –Xiaowei Yang, David Clark, Arthur W. Berger –IEEE/ACM.

Information-Centric Networks07b-1 Week 7 / Paper 2 NIRA: A New Inter-Domain Routing Architecture –Xiaowei Yang, David Clark, Arthur W. Berger –IEEE/ACM.
TCOM 515 Lecture 6.

TCOM 515 Lecture 6.

Similar presentations

Ads by Google