bgp scanner
play

BGP Scanner Isolario BGP-MRT Data Reader: C library & tool - PowerPoint PPT Presentation

Apr 05, 2023 •161 likes •392 views

BGP Scanner Isolario BGP-MRT Data Reader: C library & tool Lorenzo Cogotti Luca Sani lorenzo.cogotti < at > alphacogs.com luca.sani < at > isolario.it Isolario Project What is a BGP route collector? Route collectors (RCs) are

  1. BGP Scanner Isolario BGP-MRT Data Reader: C library & tool Lorenzo Cogotti Luca Sani lorenzo.cogotti < at > alphacogs.com luca.sani < at > isolario.it Isolario Project

  2. What is a BGP route collector? Route collectors (RCs) are devices which collects BGP routing data from co-operating ASes Multi-Threaded Routing Toolkit format (RFC 6396) Maintains a routing table (RIB) with the best routes received Dumps the content of the RIB and received UPDATEs periodically 2/17

  3. Route collecting projects University of Oregon Route Views Project Route Views was conceived as a tool for Internet operators to obtain real-time information about the global routing system from the perspectives of several different backbones and locations around the Internet. It collects BGP packets in MRT format since 2001 http://www.routeviews.org RIPE NCC Routing Information Service (RIS) The RIPE NCC collects and stores Internet routing data from several locations around the globe, using RIS. It collects BGP packets in MRT format since 1999 https://www.ripe.net/analyse/internet-measurements/routing-information-service-ris Packet Clearing House (PCH) PCH is the international organization responsible for providing operational support and security to critical Internet infrastructure, including Internet exchange points and the core of the domain name system. It operates route collectors at more than 100 IXPs around the world and its data is made available in MRT format since 2011 https://www.pch.net/resources/Raw Routing Data Isolario Isolario Isolario is a route collecting project which provides inter-domain real-time monitoring Project services to its participants. It collects BGP packets in MRT format since 2013, and supports ADDPATH (RFC 7911) since 2018 https://www.isolario.it 3/17

  4. MRT data is getting bigger and bigger... What is the problem? Tools available are either slow, outdated or miss ADD-PATH handling Usually no way to filter packets 4/17

  5. Tools available to parse MRT data Several languages: C, C++, Python, Perl, Java, OCaml Tool Lang RIB updates IPv6 ADD Last PATH updated bgpdump C 2018-03-02 bgpdump2 C x x 2016-08-10 bgpparser C++ x 2015-04-11 bgpreader C x 2018-07-13 gobgp (MRT) Go - - - - 2015-02-21 mabo OCaml x 2017-06-26 mrtparse Python x 2018-06-27 PyBGPdump Python x x 2007-01-15 Java-MRT Java x 2013-02-09 zebra-dump-parser Perl x 2016-11-07 5/17

  6. Solution: goto c The fact is, that is exactly the kinds of things that C excels at. Not just as a language, but as a required mentality . One of the great strengths of C is that it doesn’t make you think of your program as anything high-level. Linus C language benefits May be easily wrapped (C++, Python, Lua) Close to “metal” Not only ANSI C: C99 Allows dynamic allocation on stack ( → zero-copy ) Improves code readability 6/17

  7. Solution: goto c The fact is, that is exactly the kinds of things that C excels at. Not just as a language, but as a required mentality . One of the great strengths of C is that it doesn’t make you think of your program as anything high-level. Linus C language benefits May be easily wrapped (C++, Python, Lua) Close to “metal” Not only ANSI C: C99 Allows dynamic allocation on stack ( → zero-copy ) Improves code readability 6/17

  8. Solution: goto c The fact is, that is exactly the kinds of things that C excels at. Not just as a language, but as a required mentality . One of the great strengths of C is that it doesn’t make you think of your program as anything high-level. Linus C language benefits May be easily wrapped (C++, Python, Lua) Close to “metal” Not only ANSI C: C11 Allows optimization for multithreading Thread local/atomic variables 6/17

  9. BGP Scanner: Isolario MRT-BGP data reader Don’t worry! You do not have to use C MRT-BGP library A highly optimized low-level reusable library Optimized to achieve high throughput Multi-thread friendly Memory friendly The real star of the show: BGP Scanner tool Comes with all the benefits of the low-level C library Good old grep friendly output Can be piped to other tools Supports gz , bz2 , xz and raw Powerful filtering features 7/17

  10. Wait... what? Filtering Peer IP, Peer AS Subnets, supernets, related, exacts Peer Index AS path regexp and loop detection Can be configured with template files and/or directly by command line Example bgpscanner -s 192.65.0.0/16 -p "174 137" rib.20180701.1400.bz2 =|192.65.131.0/24|7018 174 137 137 137 2598|12.0.1.63|i|||7018:5000 7018:37232|12.0.1.63 7018|1530186440|1 =|192.65.131.0/24|6539 577 174 137 137 137 2598|216.18.31.102|i||||216.18.31.102 6539|1529912797|1 =|192.65.131.0/24|701 174 137 137 137 2598|137.39.3.55|i||||137.39.3.55 701|1529397335|1 =|192.65.131.0/24|3741 174 137 137 137 2598|168.209.255.56|i||||168.209.255.56 3741|1529593095|1 =|192.65.131.0/24|11686 174 137 137 137 2598|96.4.0.55|i||||96.4.0.55 11686|1530338943|1 · · · Subnets of 192.65.0.0/16 crossing 174 137 link 8/17

  11. It can do a lot more... Available options: -a <feeder AS> Print only entries coming from the given feeder AS -A <file> Print only entries coming from the feeder ASes contained in file -d Dump packet filter bytecode to stderr (debug option) -e <subnet> Print only entries containing the exact given subnet of interest -E <file> Print only entries containing the exact subnets of interest contained in file -f Print only every feeder IP in the RIB provided -i <feeder IP> Print only entries coming from a given feeder IP -I <file> Print only entries coming from the feeder IP contained in file -l Print only entries with a loop in its AS PATH -L Print only entries without a loop in its AS PATH -o <file> Define the output file to store information (defaults to stdout) -p <path expression> Print only entries which AS PATH matches the expression -P <path expression> Print only entries which AS PATH does not match the expression -r <subnet> Print only entries containing subnets related to the given subnet of interest -R <file> Print only entries containing subnets related to the subnets of interest contained in file -s <subnet> Print only entries containing subnets included to the given subnet of interest 9/17 -S <file>

  12. Benchmarks: BGP data evolution scenario Test machine Data sources Intel(R) Core(TM) i7-4790K 4.00GHz Route Views route-views6 RAM 16GB RIS rrc00 Samsung SSD 850 EVO 500GB Isolario Korriban Debian Stretch Benchmark phases ( ∀ collectors) 1 Download first RIB of July, 2018 2 Download all updates of July, 2018 3 Decompress 4 Run 10 times each MRT tool 5 Compute average results of runs for each metric Data is decompressed to eliminate decompression algorithm overhead 10/17

  13. Route Views route-views6 collector � UPDATE size RIB size µ UPDATE size # files 99MB 25.65GB 8.82MB 2977 Time elapsed Memory consumption bgpscanner bgpscanner Peak Avg bgpreader bgpdump zebra-dump bgpdump parser mabo mabo bgpparser bgpparser java-mrt mrtparse zebra-dump bgpreader parser mrtparse java-mrt 100 1000 10000 100000 1 10 100 1000 Time [s] RAM [MB] Only IPv6 feeders (26 sessions, 24 full tables) 11/17

  14. RIS rrc00 collector � UPDATE size RIB size µ UPDATE size # files 1.1GB 33.6GB 3.85MB 8930 Time elapsed Memory consumption Peak bgpscanner bgpscanner Avg bgpreader bgpdump bgpdump mabo mabo bgpparser bgpparser bgpreader 100 1000 10000 1 10 100 Time [s] RAM [MB] IPv4 + IPv6 feeders (39 sessions) 22 IPv4 sessions (21 full tables) 17 IPv6 sessions (14 full tables) 12/17

  15. Isolario Korriban collector � UPDATE size RIB size µ UPDATE size # files 5.7GB 810.64GB 92.97MB 8930 Time elapsed Memory consumption Peak Avg bgpscanner bgpscanner bgpdump bgpdump 1000 10000 100000 1 10 Time [s] RAM [MB] IPv4 + IPv6 feeders with ADDPATH 512 IPv4 sessions (112 full tables) 407 IPv6 sessions (126 full tables) Thanks to NLNOG RING for providing 68 IPv4 and 69 IPv6 full tables! 13/17

  16. Filtering benchmark Data source Last RIB of July 2018 of Korriban collector 475MB (7.8GB uncompressed) Filtering time None Feeder AS First AS End AS Cross link Loop 10 20 30 40 50 60 70 80 seconds 14/17

  17. Filtering benchmark Filters BGP data announced by feeder AS199036 bgpscanner -a "199036" First AS of AS PATH is AS199036 bgpscanner -p "^199036" Last AS of AS PATH AS3333 bgpscanner -p "3333 $ " AS PATH crosses link AS174 AS3356 bgpscanner -p "174 3356" Subnets of 193.0.0.0/16 or 2001:67c::/32 destined to AS3333 bgpscanner -s "193.0.0.0/16" -s "2001:67c::/32" -p "3333 $ " AS PATH contains a loop bgpscanner -l 15/17

  18. How to install BGP Scanner? BGP Scanner is open-source BSD license Available on www.isolario.it → Tools Source code on https://gitlab.com/Isolario Install procedure (Source Tarball) 1 Download bgpscanner- [version] .tar.gz 2 ./configure && make && make install Install procedure (Debian package archives) 1 Download libisocore1 [version] .deb 2 Download bgpscanner [version] .deb 3 dpkg -i *.deb 16/17

  19. Thank you for your attention Any question? info < at > isolario.it lorenzo.cogotti < at > alphacogs.com https://www.isolario.it https://www.alphacogs.com 17/17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

2D &amp; 3D Scanner 2D &amp; 3D Scanner 3D &amp; 2D scanner HD The scanner C800 was specially

2D &amp; 3D Scanner 2D &amp; 3D Scanner 3D &amp; 2D scanner HD The scanner C800 was specially

2D &amp; 3D Scanner 2D &amp; 3D Scanner 3D &amp; 2D scanner HD The scanner C800 was specially developed to suit the wallpaper and dcor industry. The high precision table is equipped with linear motors which results in fast and precise scans.

102 views • 7 slides
2. Lexical Analysis 2.1 Tasks of a Scanner 2.2 Regular Grammars and Finite Automata 2.3 Scanner

2. Lexical Analysis 2.1 Tasks of a Scanner 2.2 Regular Grammars and Finite Automata 2.3 Scanner

2. Lexical Analysis 2.1 Tasks of a Scanner 2.2 Regular Grammars and Finite Automata 2.3 Scanner Implementation 1 Tasks of a Scanner 1. Delivers terminal symbols (tokens) scanner IF, LPAR, IDENT, EQ, NUMBER, RPAR, ..., EOF i f ( x = = 3

252 views • 21 slides
2. Lexical Analysis 2.1 Tasks of a Scanner 2.2 Regular Grammars and Finite Automata 2.3 Scanner

2. Lexical Analysis 2.1 Tasks of a Scanner 2.2 Regular Grammars and Finite Automata 2.3 Scanner

2. Lexical Analysis 2.1 Tasks of a Scanner 2.2 Regular Grammars and Finite Automata 2.3 Scanner Implementation 1 Tasks of a Scanner 1. Recognizes tokens if, lpar, ident, eql, number, rpar, ..., eof scanner i f ( x = = 3 ) character

581 views • 18 slides
HP Presentation Barcode Scanner The HP Presentation Barcode scanner is compatible with CornerStore

HP Presentation Barcode Scanner The HP Presentation Barcode scanner is compatible with CornerStore

International Point of Sale: Corner Store POS HP Presentation Barcode Scanner The HP Presentation Barcode scanner is compatible with CornerStore and any non-wireless computer. This document will show you how to program your scanner to read

411 views • 6 slides
Lexical Analysis The Scanner CSC 4181 Compiler Construction 1 Scanner 1 Introduction A

Lexical Analysis The Scanner CSC 4181 Compiler Construction 1 Scanner 1 Introduction A

Lexical Analysis The Scanner CSC 4181 Compiler Construction 1 Scanner 1 Introduction A scanner, sometimes called a lexical analyzer A scanner : gets a stream of characters (source program) divides it into tokens Tokens are

139 views • 11 slides
Getting Input from a File To open a file for reading: Scanner inFile = new Scanner (file);

Getting Input from a File To open a file for reading: Scanner inFile = new Scanner (file);

Getting Input from a File To open a file for reading: Scanner inFile = new Scanner (file); Scanner constructor - takes a File parameter and provides methods to get individual pieces of data 1 Scanner class Provides methods to get the next

179 views • 4 slides
Introduction to Computer Science I Scanner, Increment/Decrement, Conversion Janyl Jumadinova 5

Introduction to Computer Science I Scanner, Increment/Decrement, Conversion Janyl Jumadinova 5

Introduction to Computer Science I Scanner, Increment/Decrement, Conversion Janyl Jumadinova 5 February, 2018 Review: Scanner The Scanner class in the java.util package is a simple text scanner which can parse primitive types and strings

507 views • 14 slides
Introduction to Computer Science I Scanner, Increment/Decrement, Conversion Janyl Jumadinova

Introduction to Computer Science I Scanner, Increment/Decrement, Conversion Janyl Jumadinova

Introduction to Computer Science I Scanner, Increment/Decrement, Conversion Janyl Jumadinova September 19, 2016 Scanner The Scanner class in the java.util package is a simple text scanner which can parse primitive types and strings We

424 views • 13 slides
Scanning Slides and Negatjves Prepare the scanner #1 1. Open the scanner and remove the document

Scanning Slides and Negatjves Prepare the scanner #1 1. Open the scanner and remove the document

Scanning Slides and Negatjves Prepare the scanner #1 1. Open the scanner and remove the document mat if it is present. Note: You must remove the document mat from the scanner to scan fjlm or slides. This uncovers the transparency unit window beneath

69 views • 6 slides
HP Fortify Scanner Setup CSIF computer's should have the scanner already installed

HP Fortify Scanner Setup CSIF computer's should have the scanner already installed

HP Fortify Scanner Setup CSIF computer's should have the scanner already installed Command is sourceanalyzer Problems which sourceanalyzer == &lt;path&gt;/HP_Fortify/HP_Fortify_SCA_and_Apps_&lt;ver

358 views • 15 slides
How to Scan 35mm Slides Make sure the scanner cable is plugged into the iMacs USB port. 1 Tie

How to Scan 35mm Slides Make sure the scanner cable is plugged into the iMacs USB port. 1 Tie

DIGITAL MEDIA LAB at the new lenox public library How to Scan 35mm Slides Make sure the scanner cable is plugged into the iMacs USB port. 1 Tie scanner cable is cream-colored. 2 Turn the scanner on by pressing the power button. Tie power

195 views • 8 slides
How to use the Scanner For Slides Double click on the HP Precision scan icon You will see

How to use the Scanner For Slides Double click on the HP Precision scan icon You will see

How to use the Scanner For Slides Double click on the HP Precision scan icon You will see this screen: Click on Scan . Click on XPA Sildes . Open Scanner and place Scanner Mask on glass. Ensure that the mask is face up and the rectangular

189 views • 3 slides
Laser Wire Scanner test on CTF2 Laser Wire Scanner test on CTF2 Motivation Experimental

Laser Wire Scanner test on CTF2 Laser Wire Scanner test on CTF2 Motivation Experimental

Laser Wire Scanner test on CTF2 Laser Wire Scanner test on CTF2 Motivation Experimental set-up Time and space overlap X-ray detection Result of the scan Future improvements and perspectives CERN Royal Holloway University

296 views • 16 slides
Retrieving String inputs from the keyboard package PackageName ; // import the Scanner class

Retrieving String inputs from the keyboard package PackageName ; // import the Scanner class

Retrieving String inputs from the keyboard package PackageName ; // import the Scanner class import java.util.Scanner ; public class ClassName { public static void main(String args[]) { // Declare a new input scanner for use in your program

63 views • 3 slides
TDT4205 Lecture #6 2 Weve recognized the words Regular Scanner expressions Generator

TDT4205 Lecture #6 2 Weve recognized the words Regular Scanner expressions Generator

1 Context-Free Grammars TDT4205 Lecture #6 2 Weve recognized the words Regular Scanner expressions Generator Source Scanner Pairs of code (token, lexeme) Inside of compiler 3 Next comes statements That is, syntactic

513 views • 32 slides
Implementation of the treatment of the scanner data in France Guillaume Rateau Head of the CPI

Implementation of the treatment of the scanner data in France Guillaume Rateau Head of the CPI

Implementation of the treatment of the scanner data in France Guillaume Rateau Head of the CPI methodology section May 2017 Introduction : project schedule since 2009 Solution studies, implementation of the IT system to treat scanner data

388 views • 26 slides
2016-09-28 Routing in Drupal 9, and lessons learned in Drupal 8 Peter Wolanin

2016-09-28 Routing in Drupal 9, and lessons learned in Drupal 8 Peter Wolanin

2016-09-28 Routing in Drupal 9, and lessons learned in Drupal 8 Peter Wolanin drupal.org/u/pwolanin Track: Core Conversations events.drupal.org/dublin2016/sessions/routing-drupal-9-and-lessons-learned-drupal-8 This is a Conversation If I get

631 views • 23 slides
Back of queue detection Edward D. Cox, Indiana DOT 1 Back ck of queue, queue, m many option

Back of queue detection Edward D. Cox, Indiana DOT 1 Back ck of queue, queue, m many option

Back of queue detection Edward D. Cox, Indiana DOT 1 Back ck of queue, queue, m many option ons available today ay 2 Smar mart w work zone t technology 3 Probe Data choices Dashboards &amp; Services VS. Real Time Data Feed 4 INDO

373 views • 26 slides
Slide 1 / 80 1 Light is incident upon a mirror at an angle of 50 0 to a line normal to the

Slide 1 / 80 1 Light is incident upon a mirror at an angle of 50 0 to a line normal to the

Slide 1 / 80 1 Light is incident upon a mirror at an angle of 50 0 to a line normal to the surface. What angle does the reflected light make with respect to the normal? Slide 2 / 80 2 Light has a wavelength of 450 nm in vacuum. It enters a

388 views • 27 slides
Frehiwots diary WaterAid/ Behailu Shiferaw Play the video Can you answer these questions

Frehiwots diary WaterAid/ Behailu Shiferaw Play the video Can you answer these questions

Frehiwots diary WaterAid/ Behailu Shiferaw Play the video Can you answer these questions about the film you have just watched? How long is her journey to How does she carry collect water? Do you think she the water back is happy or

679 views • 12 slides
Pr Proto toDUNE-SP SP HV HVS Vertical Slice Test FRP Current Kevin Wood May 29, 2018 HV

Pr Proto toDUNE-SP SP HV HVS Vertical Slice Test FRP Current Kevin Wood May 29, 2018 HV

Pr Proto toDUNE-SP SP HV HVS Vertical Slice Test FRP Current Kevin Wood May 29, 2018 HV HV Deliv eliver ery Chain ain Tes est t (I) I) Vertical slice test before installing at 38.2 mm Cable NP04 Power supply, cables,

508 views • 5 slides
A Standard-Model Security Analysis of TLS-DHE Tibor Jager

A Standard-Model Security Analysis of TLS-DHE Tibor Jager

A Standard-Model Security Analysis of TLS-DHE Tibor Jager 1 , Florian Kohlar 2 , Sven Schge 3 , and Jrg Schwenk 2 1 Karlsruhe Ins-tute of Technology

425 views • 17 slides
XIV. Arithmetic Hierarchy Yuxi Fu BASICS, Shanghai Jiao Tong University We introduce a hierarchy

XIV. Arithmetic Hierarchy Yuxi Fu BASICS, Shanghai Jiao Tong University We introduce a hierarchy

XIV. Arithmetic Hierarchy Yuxi Fu BASICS, Shanghai Jiao Tong University We introduce a hierarchy of sets in terms of logical formula and prove its relationship to the hierarchy 0 , 0 , 0 , . . . of Turing degree. Computability Theory,

732 views • 33 slides
Financial Report Financial Report For the Period Ending For the Period Ending August 31, 2018

Financial Report Financial Report For the Period Ending For the Period Ending August 31, 2018

Financial Report Financial Report For the Period Ending For the Period Ending August 31, 2018 August 31, 2018 Presented in thousands. F YT D F YT D Be ginning R e ve nue s E xpe nse s E nding Gove r nme ntal Ope r ating/ De bt

589 views • 14 slides

More recommend