Formal Semantics and Automated Verification for the Border Gateway - - PowerPoint PPT Presentation

formal semantics and automated verification for the
SMART_READER_LITE
LIVE PREVIEW

Formal Semantics and Automated Verification for the Border Gateway - - PowerPoint PPT Presentation

Apr 16, 2023 346 likes •648 views

Formal Semantics and Automated Verification for the Border Gateway Protocol Konstantin Doug Emina Michael Arvind Zachary Weitz Woos Torlak D. Ernst Krishnamurthy Tatlock The Border Gateway Protocol The Border Gateway Protocol AS AS

slide-1
SLIDE 1

Formal Semantics and Automated Verification for the Border Gateway Protocol

Konstantin Weitz Doug Woos Michael

  • D. Ernst

Arvind Krishnamurthy Zachary Tatlock Emina Torlak

slide-2
SLIDE 2

The Border Gateway Protocol

slide-3
SLIDE 3

AS AS

The Border Gateway Protocol

slide-4
SLIDE 4

AS AS AS AS

The Border Gateway Protocol

AS

slide-5
SLIDE 5

AS AS AS AS

Autonomous systems communicate routing information via the 
 Border Gateway Protocol 
 (RFC 4271).

The Border Gateway Protocol

AS

slide-6
SLIDE 6

AS AS AS AS

Autonomous systems communicate routing information via the 
 Border Gateway Protocol 
 (RFC 4271).

The Border Gateway Protocol

AS

slide-7
SLIDE 7

AS AS AS AS

Autonomous systems communicate routing information via the 
 Border Gateway Protocol 
 (RFC 4271).

The Border Gateway Protocol

AS

slide-8
SLIDE 8

Evaluation

BGP Semantics

slide-9
SLIDE 9

Evaluation

BGP Semantics

  • 1. Gao & Rexford Proof
slide-10
SLIDE 10

Evaluation

BGP Semantics

  • 1. Gao & Rexford Proof
  • 2. Configuration Verification

Bagpipe

slide-11
SLIDE 11

Evaluation

BGP Semantics

  • 1. Gao & Rexford Proof
  • 2. Configuration Verification

Bagpipe

  • 3. Differential Testing
slide-12
SLIDE 12
  • 1. Gao & Rexford Proof

Guidelines → BGP Converges!

slide-13
SLIDE 13
  • 1. Gao & Rexford Proof

Guidelines → BGP Converges! ?

slide-14
SLIDE 14
  • 1. Gao & Rexford Proof

Guidelines → BGP Converges! ?

b > a a > b

X Y A a b a b a b Z

slide-15
SLIDE 15
  • 1. Gao & Rexford Proof

Guidelines → BGP Converges! ?

b > a a > b

X Y A a b a b a b a b Z

slide-16
SLIDE 16
  • 1. Gao & Rexford Proof

Guidelines → BGP Converges! ?

b > a a > b

X Y A a b Z

slide-17
SLIDE 17
  • 1. Gao & Rexford Proof

Guidelines → BGP Converges! ?

b > a a > b

X Y A a b

New Guideline: Preserve iBGP 
 Preference

Z

slide-18
SLIDE 18
  • 1. Gao & Rexford Proof

Guidelines → BGP Converges! ?

b > a a > b

X Y A a b

New Guideline: Preserve iBGP 
 Preference

Z

slide-19
SLIDE 19

Bagpipe

Specification Configuration

configure terminal router bgp 1 neighbor 8.212.226.20 remote-as 2 neighbor 172.16.254.1 remote-as 3 neighbor 95.112.23.51 remote-as 4 ! prefix lists ip prefix-list outC permit 0.0.0.0/0 le 32 ip prefix-list outPeer permit 8.212.226.0/24 le p prefix-list ou permit

Counter
 Example Correctness 
 Proof

  • 2. Configuration Verification

Bagpipe

slide-20
SLIDE 20

Bagpipe

  • GaoRexford

14 problems

  • Internet2 >100K
  • 2. Configuration Verification

Bagpipe

slide-21
SLIDE 21

Bagpipe

  • GaoRexford
  • NoMaritan
  • BlockToExternal
  • 10 Juniper

Scenarios 19 problems

  • Internet2 >100K
  • BelWü >200K
  • Selfnet >50
  • 2. Configuration Verification

Bagpipe

configure terminal router bgp 1 neighbor 8.212.226.20 remote-as 2 neighbor 172.16.254.1 remote-as 3 neighbor 95.112.23.51 remote-as 4 ! prefix lists ip prefix-list outC permit 0.0.0.0/0 le 32 ip prefix-list outPeer permit 8.212.226.0/24 le p prefix-list ou permit
slide-22
SLIDE 22

Configuration

configure terminal router bgp 1 neighbor 8.212.226.20 remote-as 2 neighbor 172.16.254.1 remote-as 3 neighbor 95.112.23.51 remote-as 4 ! prefix lists ip prefix-list outC permit 0.0.0.0/0 le 32 ip prefix-list outPeer permit 8.212.226.0/24 le p prefix-list ou permit

Topology 100,000x Random

A B C

  • 3. Differential Testing
slide-23
SLIDE 23

Configuration

configure terminal router bgp 1 neighbor 8.212.226.20 remote-as 2 neighbor 172.16.254.1 remote-as 3 neighbor 95.112.23.51 remote-as 4 ! prefix lists ip prefix-list outC permit 0.0.0.0/0 le 32 ip prefix-list outPeer permit 8.212.226.0/24 le p prefix-list ou permit

Topology

C-BGP Simulator

100,000x Random

A B C

  • 3. Differential Testing
slide-24
SLIDE 24

Configuration

configure terminal router bgp 1 neighbor 8.212.226.20 remote-as 2 neighbor 172.16.254.1 remote-as 3 neighbor 95.112.23.51 remote-as 4 ! prefix lists ip prefix-list outC permit 0.0.0.0/0 le 32 ip prefix-list outPeer permit 8.212.226.0/24 le p prefix-list ou permit

Topology

C-BGP Simulator

Trace

A B B C A C A

100,000x Random

A B C

  • 3. Differential Testing
slide-25
SLIDE 25

Configuration

configure terminal router bgp 1 neighbor 8.212.226.20 remote-as 2 neighbor 172.16.254.1 remote-as 3 neighbor 95.112.23.51 remote-as 4 ! prefix lists ip prefix-list outC permit 0.0.0.0/0 le 32 ip prefix-list outPeer permit 8.212.226.0/24 le p prefix-list ou permit

Topology

C-BGP Simulator

Trace

A B B C A C A

100,000x Random

A B C

  • 3. Differential Testing
slide-26
SLIDE 26

Configuration

configure terminal router bgp 1 neighbor 8.212.226.20 remote-as 2 neighbor 172.16.254.1 remote-as 3 neighbor 95.112.23.51 remote-as 4 ! prefix lists ip prefix-list outC permit 0.0.0.0/0 le 32 ip prefix-list outPeer permit 8.212.226.0/24 le p prefix-list ou permit

Topology

C-BGP Simulator

Trace

A B B C A C A

  • Resends Identical Announcements
  • Modifies AdjRIBsIn

100,000x Random

A B C

  • 3. Differential Testing
slide-27
SLIDE 27

Related Work

  • Simple Path-Vector Protocol 


Griffin, et al. TON’10

  • Gao & Rexford’s Semantics


Gao, Rexford, SIGMETRICS’00

  • Isabelle Semantics


Voellmy, SafeConfig’09

slide-28
SLIDE 28

Related Work

  • Simple Path-Vector Protocol 


Griffin, et al. TON’10

  • Gao & Rexford’s Semantics


Gao, Rexford, SIGMETRICS’00

  • Isabelle Semantics


Voellmy, SafeConfig’09

Simplified: iBGP, Tie-Breaking, Withdrawals, …

slide-29
SLIDE 29

weitzkon@cs.uw.edu / bagpipe.uwplse.org

BGP Semantics

  • 1. Gao & Rexford Proof
  • 2. Configuration Verification

Bagpipe

  • 3. Differential Testing

Thank You