DSCP and the Evil Bit Runa Barik (UiO), Michael Welzl (UiO), Ahmed - - PowerPoint PPT Presentation

dscp and the evil bit
SMART_READER_LITE
LIVE PREVIEW

DSCP and the Evil Bit Runa Barik (UiO), Michael Welzl (UiO), Ahmed - - PowerPoint PPT Presentation

Jan 31, 2024 9 likes •152 views

DSCP and the Evil Bit Runa Barik (UiO), Michael Welzl (UiO), Ahmed Elmokashfi (SRL) maprg @96th IETF Meeting Berlin, Germany 18 th July 2015 IETF96 DSCP and the Evil Bit 1 / 14 Motivation The Internet could ideally use the IP header for

slide-1
SLIDE 1

DSCP and the Evil Bit

Runa Barik (UiO), Michael Welzl (UiO), Ahmed Elmokashfi (SRL) maprg @96th IETF Meeting Berlin, Germany 18th July 2015

IETF96 DSCP and the Evil Bit 1 / 14

slide-2
SLIDE 2

Motivation

The Internet could ideally use the IP header for special treatment to the packet; but, which bits in the header can be used? Middleboxes in private networks also modify/drop the packets limiting the protocol innovations. This work complements to our paper in ANRW’16 1. In this context, we focus on: How middleboxes react to packets with different DSCP values, and Evil bit.

1Runa Barik, Michael Welzl, Ahmed Elmokashfi, “ How to say that you’re special:

Can we use bits in the IPv4 header? ”, in ANRW’16

IETF96 DSCP and the Evil Bit 2 / 14

slide-3
SLIDE 3

Test methodology

ICMP packet (Echo Request) ICMP packet (Echo Reply)

Test Packet Test Packet i d = i d 2 T C P S Y N , i d = i d 1 Client Server

Middlebox Router Router

id=id1 TCP SYN/ACK, id=id2

i 5

Extreme

IETF96 DSCP and the Evil Bit 3 / 14

slide-4
SLIDE 4

Location of Drop

ICMP packet (Echo Reply) ICMP packet (Echo Request)

}

Traceroute id=id1 TCP SYN, id=id1 id=id1 Server Client Router Middlebox Router Timeout

5i

Extreme

traceroute or tracebox like testing

IETF96 DSCP and the Evil Bit 4 / 14

slide-5
SLIDE 5

Test Locations

(a) Travel to India (b) Malaysia

IETF96 DSCP and the Evil Bit 5 / 14

slide-6
SLIDE 6

Change of DSCP values 10-3 10-2 10-1 100 10 8

Fraction of distinct paths DSCP values

(0: 185),(2: 6),(6: 2),(8: 3) (10: 2),(18: 3),(36: 3),(62: 1) (0: 145),(2: 2),(6: 1),(8: 14) (10: 3),(62: 1) 2 6 8 10 10 18 18 36 36 62 62 2 6 8 10 10 62 62

x-axis: the lower (larger) number is the original DSCP value, the upper (smaller) number is the changed value. The brackets on the top show the absolute number of paths (IP address pairs).

IETF96 DSCP and the Evil Bit 6 / 14

slide-7
SLIDE 7

Change of DSCP values 10-3 10-2 10-1 100 10 36 46

Fraction of distinct paths DSCP values

(0: 128),(2: 2),(4: 20),(6: 1) (10: 1),(12: 2),(36: 11),(62: 1) (0: 127),(2: 2),(6: 21),(10: 1) (14: 2),(46: 11),(62: 1) 2 4 6 10 10 12 12 36 36 62 62 2 6 10 10 14 14 46 46 62 62

IETF96 DSCP and the Evil Bit 7 / 14

slide-8
SLIDE 8

TTL and Change of DSCP values on paths

Table: DSCP packet-drop noticed in Countries

  • Src. Countries
  • Dst. Countries

DSCP initial Change Location Drop Location Oregon Kuala Lumpur, Malaysia CS1 Amazon Tech. Inc. Norway (ISP2) Kuala Lumpur, Malaysia AF42 TELIANET (4) TMNet Telekom Malaysia EF TELIANET (6) TMNet Telekom Malaysia

5 10 15 20 8 36 36 46 46

TTL (DSCP change)

DSCP (original)

client-side 00 8 8 8 server-side 18 10 22 2 22 8 8 32 8 32 32 32 4 40 40 40 2222 8 18 8 8 18 2 2 4 2 6

IETF96 DSCP and the Evil Bit 8 / 14

slide-9
SLIDE 9

DSCP/TOS values in ICMP time-exceeded Message 10-3 10-2 10-1 100 10

Fraction of DSCP/TOS DSCP/TOS values (in ICMP)

(0: 6560),(2: 114),(4: 5),(6: 17),(8: 133),(24: 1),(36: 18) (46: 8),(48: 3257),(52: 18),(54: 13) (2: 3),(3: 25),(48+2:2) 2 4 6 8 24 36 46 48 52 54 ECT(0) CE 48+2

The brackets on the top show (DSCP value in ICMP: number of packets)

IETF96 DSCP and the Evil Bit 9 / 14

slide-10
SLIDE 10

DSCP/TOS values in IPv4 header and payload of ICMP time-exceeded message 10-3 10-2 10-1 100 10 2 4 6

DSCP values (in ICMP) DSCP values (in payload)

2 6 8 24 24 24 24 48 48 48 48 2 6 48 48 48 48 2 6 6 48 48 48 48

Y-axis: Fraction of different DSCP values in IP header of ICMP messages, while the payload IP header contains DSCP values of 0, 2, 4, or 6

IETF96 DSCP and the Evil Bit 10 / 14

slide-11
SLIDE 11

Contd. 10-3 10-2 10-1 100 10 36 8 10 18

DSCP values (in ICMP) DSCP values (in payload)

4 36 36 36 36 48 48 48 48 52 52 52 52 8 48 48 48 48 2 2 48 48 48 48

Y-axis: Fraction of different DSCP values in IP header of ICMP messages, while the payload IP header contains DSCP values of 8, 10, 18, or 36

IETF96 DSCP and the Evil Bit 11 / 14

slide-12
SLIDE 12

Contd. 10-3 10-2 10-1 100 10 46 32 40 3(ECN)

DSCP/TOS values (in ICMP) DSCP/TOS values (in payload)

6 46 46 46 46 48 48 48 48 54 54 54 54 8 48 48 48 48 2 3 48+2 48+2 48+2 48+2

Y-axis: Fraction of different DSCP/TOS values in IP header of ICMP messages, while the payload IP header contains DSCP/TOS values of 32, 40, 46, or 3 (CE)

IETF96 DSCP and the Evil Bit 12 / 14

slide-13
SLIDE 13

Evil bit

In 169 out of 205 paths, packets with Evil bit set passed successfully. However, DSCP values are stripped or remain unchanged in around 165 paths. No modification to Evil bit on successful paths.

IETF96 DSCP and the Evil Bit 13 / 14

slide-14
SLIDE 14

Thank you!

IETF96 DSCP and the Evil Bit 14 / 14