deep dive into bgp communi1es
play

Deep Dive into BGP Communi1es Georgios Smaragdakis Joint work with - PowerPoint PPT Presentation

Mar 07, 2023 •184 likes •815 views

Deep Dive into BGP Communi1es Georgios Smaragdakis Joint work with Emile Aben, Arthur Berger, Robert Beverly, Randy Bush, Chris Dietzel, Anja Feldmann, Vasileios Giotsas, Franziska Lichtblau, Cristel Pelsser, Philipp Richter, Florian

  1. “Deep Dive into BGP Communi1es” Georgios Smaragdakis Joint work with Emile Aben, Arthur Berger, Robert Beverly, Randy Bush, Chris Dietzel, Anja Feldmann, Vasileios Giotsas, Franziska Lichtblau, Cristel Pelsser, Philipp Richter, Florian Streibelt, and many other colleagues!

  2. 2 The Internet is the Digital Backbone of our Civilization

  3. 3

  4. 4 Cyberattacks and Outages are Serious Threats Our objective: Understand the State and Health of the Internet’s Routing System

  5. 5 The New Internet Global Transit / "Hyper Giants" National Large Content, Consumer, Hosting CDN Global Internet Backbones Core IXP IXP IXP Outages at the core of Regional / Tier2 ISP1 ISP2 Providers the Internet: Measured? Customer IP Networks source: “Internet Interdomain Traffic”, Labovicz et al. SIGCOMM 2010

  6. 6 IXPs around the Globe > 300 active IXPs, ~ 125 Tbps Traffic, ~ 2 Million peerings

  7. 7 IXP is more than a Big Switch, it is an Ecosystem LINX (London Internet Exchange) in Telehouse Colocation Facility (Telehouse North at Docklands) 1000s of cross-connects established in the datacenters

  8. 8 Peering Infrastructures are Critical Infrastructures DHS and ENISA have characterized peering infrastructures as critical infrastructures – in the same category as nuclear reactors and power powerhouses . [An Annex to the National Infrastructure Protection Plan, 2010, 2015; Critical Infrastructures and Services, Internet Infrastructure: Internet Interconnections, 2010] Internet Exchange Points : Typical SLA 99.99% (~52 min. downtime/year) 1 Colocation facilities : Typical SLA 99.999% (~5 min. downtime/year) 2 1 https://ams-ix.net/services-pricing/service-level-agreement 2 http://www.telehouse.net/london-colocation/

  9. 9 Current practice: “Is anyone else having issues?” ● ASes try to crowd-source the detection and localization of outages. ● Inadequate transparency/responsiveness from infrastructure operators.

  10. 10 The AMS-IX outage Outage in AMS-IX, Amsterdam, The Netherlands on May 14, 2015

  11. 11 The AMS-IX outage DE-CIX in Frankfurt Outage in AMS-IX, Amsterdam, The Netherlands on May 14, 2015

  12. 12 Challenges in detecting infrastructure outages Actual incident Observed paths Before outage VP

  13. 13 Challenges in detecting infrastructure outages Actual incident Observed paths Before outage VP During outage

  14. 14 Challenges in detecting infrastructure outages 1. Capturing the infrastructure-level hops between ASes Actual incident Observed paths Before AS path outage VP does not During change! outage

  15. 15 Challenges in detecting infrastructure outages 1. Capturing the infrastructure-level hops between ASes Actual incident Observed paths Before outage VP During IXP or outage Facility 2 failed

  16. 16 Challenges in detecting infrastructure outages 1. Capturing the infrastructure-level hops between ASes 2. Correlating the paths from multiple vantage points Actual incident Observed paths Before outage VP During IXP or outage Facility 2 failed VP During IXP is still active outage

  17. 17 Challenges in detecting infrastructure outages 1. Capturing the infrastructure-level hops between ASes 2. Correlating the paths from multiple vantage points 3. Continuous monitoring of the routing system Actual incident Observed paths Before outage VP During The initial outage hops changed VP During No hop changes outage

  18. 18 Challenges in detecting infrastructure outages 1. Capturing the infrastructure-level hops between ASes BGP Traceroute 2. Correlating the paths from multiple vantage points BGP Traceroute 3. Continuous monitoring of the routing system Traceroute BGP Can we combine BGP continuous passive measurements with fine-grained topology discovery?

  19. 19 Deciphering location metadata in BGP PREFIX: 1.0.0.0/24 ASPATH: 2 1 0 1.0.0.0/24 COMMUNITY: 2:200 Is BGP an information hiding protocol?

  20. 20 Deciphering location metadata in BGP BGP Communities: PREFIX: 1.0.0.0/24 ASPATH: 2 1 0 ● Optional attribute 1.0.0.0/24 COMMUNITY: 2:200 ● 32-bit numerical values ● Encodes arbitrary metadata

  21. 21 Deciphering location metadata in BGP PREFIX: 1.0.0.0/24 ASPATH: 2 1 0 1.0.0.0/24 COMMUNITY: 2:200 Top 16 bits: Bottom 16 bits: ASN that sets Numerical value the community. that encodes the actual meaning.

  22. 22 Deciphering location metadata in BGP The BGP Community 2:200 PREFIX: 1.0.0.0/24 is used to tag routes ASPATH: 2 1 0 1.0.0.0/24 COMMUNITY: 2:200 received at Facility 2 i.e, Location Information!!

  23. 23 Deciphering location metadata in BGP PREFIX: 1.0.0.0/24 ASPATH: 2 1 0 COMMUNITY: 2:200 2.2.2.2/24 The BGP Community PREFIX: 3.3.3.3/24 ASPATH: 4 3 4:400 is used to tag COMMUNITY: 4:8714 4:400 routes received at PREFIX: 2.2.2.2/24 Facility 4 and at ASPATH: 4 2 COMMUNITY: 4:8714 4:400 the IXP 3.3.3.3/24

  24. 24 Deciphering location metadata in BGP PREFIX: 1.0.0.0/24 ASPATH: 2 1 0 COMMUNITY: 2:200 2.2.2.2/24 PREFIX: 3.3.3.3/24 ASPATH: 4 3 COMMUNITY: 4:8714 4:400 PREFIX: 2.2.2.2/24 ASPATH: 4 2 COMMUNITY: 4:8714 4:400 3.3.3.3/24

  25. 25 Deciphering location metadata in BGP When a route changes ingress PREFIX: 1.0.0.0/24 point, the community values will ASPATH: 2 1 0 1.1.1.1/24 COMMUNITY: 2:100 be update to reflect the change. 2.2.2.2/24 PREFIX: 3.3.3.3/24 ASPATH: 4 3 COMMUNITY: 4:8714 4:400 PREFIX: 2.2.2.2/24 ASPATH: 4 2 COMMUNITY: 4:8714 4:400 3.3.3.3/24

  26. 26 Building a BGP Communities Dictionary ● Community values not standardized ● Natural Language Tools ● Documentation in public data sources: Internet Routing Registries (IRRs), NOCs websites

  27. 27 Building a BGP Communities Dictionary 3,049 communities for locations used by 468 Ases

  28. 28 Topological coverage ● ~ 50% of IPv4 and ~ 30% of IPv6 paths annotated with at least one Community in our dictionary. ● 24% of the facilities in PeeringDB, 98% of the facilities with at least 20 members.

  29. 29 Passive outage detection: Initialization Time For each vantage point (VP) collect all the stable BGP routes tagged with the communities of the target facility (Facility 2)

  30. 30 Passive outage detection: Initialization AS_PATH: 1 x AS_PATH: 2 1 0 COMM: 1:FAC2 COMM: 2:FAC2 AS_PATH: 4 x COMM: 4:FAC2 Time For each vantage point (VP) collect all the stable BGP routes tagged with the communities of the target facility (Facility 2)

  31. 31 Passive outage detection: Monitoring Time Track the BGP updates of the stable paths for changes in the communities values that indicate ingress point change.

  32. 32 Passive outage detection: Monitoring AS_PATH: 2 1 0 COMM: 2:FAC1 Time We ignore about single router-level/ AS-level path changes if the ingress-tagging communities remain the same.

  33. 33 Passive outage detection: Outage signal AS_PATH: 1 x AS_PATH: 2 1 0 COMM: 1:FAC1 COMM: 2:FAC1 AS_PATH: 4 x COMM: 4:FAC4 4:IXP Time Crowdsourcing mechanism : Concurrent changes of communities values for multiple networks for the same facility is an indication of outage.

  34. 34 Passive outage detection: Outage signal AS_PATH: 1 x AS_PATH: 2 1 0 COMM: 1:FAC1 COMM: 2:FAC1 Partial outage? De-peering of large ASes? Major routing policy change? AS_PATH: 4 x COMM: 4:FAC4 4:IXP Time Crowdsourcing mechanism : Concurrent changes of communities values for multiple networks for the same facility is an indication of outage.

  35. 35 Passive outage detection: Outage tracking AS_PATH: 1 x AS_PATH: 2 1 0 COMM: 1:FAC2 COMM: 2:FAC2 Time End of outage inferred when the majority of paths return to the original facility.

  36. 36 De-noising BGP routing activity Number of BGP messages (log) 10 5 10 3 10 1 Time The aggregated activity of BGP messages (announcements, withdrawals, states) provides no outage indication.

  37. 37 De-noising BGP routing activity Number of BGP messages (log) Number of BGP messages (log) Fraction of infrastructure paths 1.0 10 5 10 5 0.8 0.6 10 3 10 3 0.4 0.2 10 1 10 1 0 Time Time The aggregated activity of BGP The BGP activity filtered using messages (announcements, communities provides strong withdrawals, states) provides no outage signal . outage indication.

  38. 38 Providing Hard Evidence: DE-CIX? Outage

  39. 39 Observed outages - 159 outages in 5 years of BGP data 76% of the outages not reported in popular mailing lists/websites - Validation through status reports, direct feedback, social media 90% accuracy, 93% precision (for trackable PoPs)

  40. 40 Effect of outages on Service Level Agreements ~ 70% of failed facilities worse than 99.999% uptime ~50% of failed IXPs worse than 99.99% uptime 5% of failed infrastructures worse than 99.9% uptime!

  41. 41 Measuring the performance impact of outages Fraction of paths RTT (ms) Median RTT rises by > 100 ms for rerouted paths during AMS-IX outage.

  42. 42 Cyberattacks and Outages are Serious Threats

  43. 43 Networks under Attack AS1 172.18.192.1 AS4 A<ack AS3 Target Server AS2

  44. 44 BGP Blackholing in the Internet 172.18.192.1/32 Community = AS3:666 AS1 172.18.192.1 AS4 A<ack AS3 Target Server AS2 RFC1997, RFC6535, RFC7999

  45. 45 BGP Blackholing in the Internet AS1 172.18.192.1 AS4 A<ack AS3 Target Server AS2 RFC1997, RFC6535, RFC7999

  46. 46 The Rise of BGP Blackholing 6x 46

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

DEEP DIVE DEEP DIVE INT INTO O SEO SEO Private and Confidential. Property of Whereoware, LLC.

DEEP DIVE DEEP DIVE INT INTO O SEO SEO Private and Confidential. Property of Whereoware, LLC.

DEEP DIVE DEEP DIVE INT INTO O SEO SEO Private and Confidential. Property of Whereoware, LLC. MEET THE SPEAKERS TEYA TUCCIO-FLICK CHRISTINA DAVES Partner, Search and Analytics Founder Whereoware PR for Anyone DEEP DIVE INTO SEO 2

729 views • 54 slides
DataPower DataPower-MQ Integration MQ Integration Deep Dive Deep Dive Robin Wiley (Robin

DataPower DataPower-MQ Integration MQ Integration Deep Dive Deep Dive Robin Wiley (Robin

DataPower DataPower-MQ Integration MQ Integration Deep Dive Deep Dive Robin Wiley (Robin Wiley Training) Capitalware's MQ Technical Conference v2.0.1.6 Your Presenter: Robin Wiley Senior Instructor, IBM Messaging Products MQ

457 views • 35 slides
RTGEN (AGC) &amp; ICCP Deep Dive February 23, 2012 Shari Brown and Matt Beck CBA Project Staff

RTGEN (AGC) &amp; ICCP Deep Dive February 23, 2012 Shari Brown and Matt Beck CBA Project Staff

RTGEN (AGC) &amp; ICCP Deep Dive February 23, 2012 Shari Brown and Matt Beck CBA Project Staff Section 1 INTRODUCTION: RTGEN (AGC) AND ICCP DISCUSSION TOPICS 3 RTGEN (AGC) and ICCP Deep Dive for CBA This Deep Dive will provide details for

784 views • 27 slides
A Deep Dive into the Dark Web Coen Schuijt UvA OS3 February 5 th , 2019 February 5 th , 2019

A Deep Dive into the Dark Web Coen Schuijt UvA OS3 February 5 th , 2019 February 5 th , 2019

A Deep Dive into the Dark Web Coen Schuijt UvA OS3 February 5 th , 2019 February 5 th , 2019 Coen Schuijt (UvA OS3) A Deep Dive into the Dark Web 1 / 28 Outline 1 Introduction Related work Research Questions 2 Methodologies Surface

473 views • 28 slides
Engaging Remote Indigenous Communi1es Using Appropriate Online

Engaging Remote Indigenous Communi1es Using Appropriate Online

Engaging Remote Indigenous Communi1es Using Appropriate Online Research Methods Brian Beaton &amp; Susan ODonnell First Na1ons Innova1on Project First Mile

470 views • 43 slides
Next Generation ACO Model Open Door Forum: Financial Deep Dive March 31, 2015 Agenda

Next Generation ACO Model Open Door Forum: Financial Deep Dive March 31, 2015 Agenda

Next Generation ACO Model Open Door Forum: Financial Deep Dive March 31, 2015 Agenda Preliminary Financial Timeline Financial Model Deep Dive Benchmark Prospective Benchmark Example Example Discount Calculations Risk

917 views • 28 slides
A Deep Dive into the kude@ga.co Shi Oku

A Deep Dive into the kude@ga.co Shi Oku

Stes Bais sen.bais@ga.co Kut el A Deep Dive into the kude@ga.co Shi Oku Interprocedural

1.48k views • 91 slides
Interactive Deep-dive : Visualizing Terrorism Data Ella Kim, Leah Kim Project Idea Evolution of

Interactive Deep-dive : Visualizing Terrorism Data Ella Kim, Leah Kim Project Idea Evolution of

Interactive Deep-dive : Visualizing Terrorism Data Ella Kim, Leah Kim Project Idea Evolution of terrorism in the Middle East + Interactive Data Visualization + Interactive Data Deep Dive Prior Work Static visualization No interactivity

242 views • 6 slides
2019 System Goals Deep-Dive Data Carmelo Barbaro Executive Director, Poverty Lab Urban Labs,

2019 System Goals Deep-Dive Data Carmelo Barbaro Executive Director, Poverty Lab Urban Labs,

2019 System Goals Deep-Dive Data Carmelo Barbaro Executive Director, Poverty Lab Urban Labs, University of Chicago Data Deep Dive System Goal 2: Reduce the time people remain homeless. System Goal 3: Homeless dedicated units should all be

419 views • 13 slides
Using the Assessment Findings to Dive Headfirst into the Deep End St. Louis City May 11, 2015

Using the Assessment Findings to Dive Headfirst into the Deep End St. Louis City May 11, 2015

NO PLACE FOR KIDS Using the Assessment Findings to Dive Headfirst into the Deep End St. Louis City May 11, 2015 Prepared with Support From: Juvenile Justice Strategy Group INTERVIEWS &amp; SURVEYS DATA ANALYSES

593 views • 42 slides
Demystifying the transition Deep Dive of the Transitional Provisions Trademarks Branch

Demystifying the transition Deep Dive of the Transitional Provisions Trademarks Branch

Demystifying the transition Deep Dive of the Transitional Provisions Trademarks Branch Canadian Intellectual Property Office IPIC Conference October 12, 2018 Fairmont Chateau Laurier, Ottawa, Ontario (Source: Brand Canada) Building a

769 views • 43 slides
A Computa1onal Framework for Social Capital in Online Communi1es

A Computa1onal Framework for Social Capital in Online Communi1es

A Computa1onal Framework for Social Capital in Online Communi1es Ma#hew Smith h#p://m.smithworx.com DML Data Mining Lab Department of Computer Science h#p://dml.cs.byu.edu Brigham

768 views • 43 slides
2019 CoC System Goals Deep-Dive for r Goal 1 Laura Bass, Director of Programs, Facing Forward to

2019 CoC System Goals Deep-Dive for r Goal 1 Laura Bass, Director of Programs, Facing Forward to

2019 CoC System Goals Deep-Dive for r Goal 1 Laura Bass, Director of Programs, Facing Forward to End Homelessness Carmelo Barbaro, Executive Director, Poverty Lab, University of Chicago 2019 CoC System Goals Deep-Dive for Goal 1 Goal 1

285 views • 7 slides
offMetro Deep Dive and Strategic Analysis TEAM TWO FAB FOUR LAUREN BETHEA MACKENZIE

offMetro Deep Dive and Strategic Analysis TEAM TWO FAB FOUR LAUREN BETHEA MACKENZIE

offMetro Deep Dive and Strategic Analysis TEAM TWO FAB FOUR LAUREN BETHEA MACKENZIE CLAPPERTON BRITTANY NAUMAN CLARISSA TORRES Objectives: Develop Strategies to Grow Readership Based on an understanding of industry standards and

360 views • 17 slides
SCE 2018 GRC Deep Dive on SCE T estimony on Poles November 2, 2016 1 Summary Pole

SCE 2018 GRC Deep Dive on SCE T estimony on Poles November 2, 2016 1 Summary Pole

SCE 2018 GRC Deep Dive on SCE T estimony on Poles November 2, 2016 1 Summary Pole inspection, assessment, maintenance, and replacement continue to be a major focus for SCE given: Their impact on public and worker safety Their

841 views • 32 slides
Deep Dive Strengthening practice and addressing industry challenges January 29, 2018 1 Thank

Deep Dive Strengthening practice and addressing industry challenges January 29, 2018 1 Thank

Impact Measurement &amp; Management Deep Dive Strengthening practice and addressing industry challenges January 29, 2018 1 Thank you for joining us today! Please note: All participants are muted. Use the chat function to submit

432 views • 32 slides
COMMISSION Ellen C. Ginsberg BRIEFING Vice President, General Counsel and Secretary 10 CFR

COMMISSION Ellen C. Ginsberg BRIEFING Vice President, General Counsel and Secretary 10 CFR

COMMISSION Ellen C. Ginsberg BRIEFING Vice President, General Counsel and Secretary 10 CFR 2.206 PROCESS February 8, 2018 SECTION 2.206 PROCESS Approach to Evaluation Does the structure of the implementing process serve the

631 views • 13 slides
Supplier Improvement Program PIA Government Systems Meeting Lexington, KY 6 August 2010 1

Supplier Improvement Program PIA Government Systems Meeting Lexington, KY 6 August 2010 1

Supplier Improvement Program PIA Government Systems Meeting Lexington, KY 6 August 2010 1 Outline Team Origin Rules of Conduct Shared objectives Approach Data analysis Paperwork brainstorming Escalation plan

398 views • 19 slides
MRO Annual Board Meeting December 5, 2019 1 Agenda 2 (pg. 6) Standards of Conduct and

MRO Annual Board Meeting December 5, 2019 1 Agenda 2 (pg. 6) Standards of Conduct and

MRO Annual Board Meeting December 5, 2019 1 Agenda 2 (pg. 6) Standards of Conduct and Anti-trust Guidelines Miggie Cramblit, Vice President General Counsel, Corporate Secretary and Director External Affairs 2 Agenda 3 (pg.7) Elect 2020

725 views • 8 slides
Payment May 11, 2017 12 pm EDT www.thecompanydime.com Questions? Click the chat icon at

Payment May 11, 2017 12 pm EDT www.thecompanydime.com Questions? Click the chat icon at

Payment May 11, 2017 12 pm EDT www.thecompanydime.com Questions? Click the chat icon at right or email us: team@thecompanydime.com Hosts Jay Campbell The Company Dime Journalist, Co-Founder David Jonas The Company Dime Journalist,

576 views • 8 slides
LONAP: Organisa.on Overview Will Hargrave IX.BR Forum 8 2015-12-08 Key facts 160 members

LONAP: Organisa.on Overview Will Hargrave IX.BR Forum 8 2015-12-08 Key facts 160 members

LONAP: Organisa.on Overview Will Hargrave IX.BR Forum 8 2015-12-08 Key facts 160 members ~ 1.1Tbit of connected capacity 140Gbit/s of peak traffic 6 sites in East London All within 2-20km of each other Telehouse,

413 views • 8 slides
Collaboration en Ralit Virtuelle Anne 2019 - 2020 / APP5 Info Polytech Paris-Sud Cdric

Collaboration en Ralit Virtuelle Anne 2019 - 2020 / APP5 Info Polytech Paris-Sud Cdric

Ralit Virtuelle et Interactions Collaboration en Ralit Virtuelle Anne 2019 - 2020 / APP5 Info Polytech Paris-Sud Cdric Fleury (cedric.fleury@lri.fr) Collaboration in Virtual Reality Several users work/play together in a VE

935 views • 55 slides
COMP 150: Probabilistic Robotics for Human-Robot Interaction Instructor: Jivko Sinapov

COMP 150: Probabilistic Robotics for Human-Robot Interaction Instructor: Jivko Sinapov

COMP 150: Probabilistic Robotics for Human-Robot Interaction Instructor: Jivko Sinapov www.cs.tufts.edu/~jsinapov This week: Planning Announcements Reading Assignment Project Related Article of your choice If working with a team, each

610 views • 48 slides
CS 378: Autonomous Intelligent Robotics Instructor: Jivko Sinapov

CS 378: Autonomous Intelligent Robotics Instructor: Jivko Sinapov

CS 378: Autonomous Intelligent Robotics Instructor: Jivko Sinapov http://www.cs.utexas.edu/~jsinapov/teaching/cs378/ Announcements FRI Summer Research Fellowships: https://cns.utexas.edu/fri/beyond-the-freshman-lab/fellowships Applications are

986 views • 70 slides

More recommend