measuring and characterizing ipv6 router availability
play

Measuring and Characterizing IPv6 Router Availability Robert Beverly - PowerPoint PPT Presentation

Jul 26, 2023 •164 likes •519 views

Measuring and Characterizing IPv6 Router Availability Robert Beverly , Matthew Luckie , Lorenza Mosley , kc claffy Naval Postgraduate School UCSD/CAIDA March 20, 2015 PAM 2015 - 16th Passive and Active Measurement

  1. Measuring and Characterizing IPv6 Router Availability Robert Beverly ∗ , Matthew Luckie † , Lorenza Mosley ∗ , kc claffy † ∗ Naval Postgraduate School † UCSD/CAIDA March 20, 2015 PAM 2015 - 16th Passive and Active Measurement Conference R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 1 / 28

  2. Infrastructure Uptime Outline Infrastructure Uptime 1 Methodology 2 Experiments 3 Conclusion 4 R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 2 / 28

  3. Infrastructure Uptime Motivation Infrastructure “Uptime:” More formally: uninterrupted system availability Duration between device restarts Restarts due e.g. to planned device reboots, crashes, power failures Our Work: Development of an active network measurement technique to infer 1 infrastructure uptime Uptime measurement survey of ∼ 21 , 000 IPv6 router interfaces 2 over 5-month period Validation of our uptime inferences by five autonomous systems 3 R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 3 / 28

  4. Infrastructure Uptime Motivation Infrastructure “Uptime:” More formally: uninterrupted system availability Duration between device restarts Restarts due e.g. to planned device reboots, crashes, power failures Our Work: Development of an active network measurement technique to infer 1 infrastructure uptime Uptime measurement survey of ∼ 21 , 000 IPv6 router interfaces 2 over 5-month period Validation of our uptime inferences by five autonomous systems 3 R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 3 / 28

  5. Infrastructure Uptime Motivation Why Who wants uptime data? Researchers Operators Policy makers Regulators: For instance, FCC mandates reporting voice network outages (but not broadband network services) Despite importance of Internet as critical infrastructure, little quantitative data on Internet device availability exists! R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 4 / 28

  6. Infrastructure Uptime Motivation Why Who wants uptime data? Researchers Operators Policy makers Regulators: For instance, FCC mandates reporting voice network outages (but not broadband network services) Despite importance of Internet as critical infrastructure, little quantitative data on Internet device availability exists! R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 4 / 28

  7. Infrastructure Uptime Motivation Uptime and Security Security Implications Understand whether a reboot-based security update/patch could possibly have been applied to a device (or whether device likely still vulnerable) Determine if an attack designed to reboot a device is successful Gain knowledge of a network’s operational practices and maintenance windows R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 5 / 28

  8. Infrastructure Uptime Motivation Obtaining Remote Uptime How to remotely obtain uptime? Just login? Management protocols (e.g. SNMP)? ...requires access privilege Prior Network Availability Work: nmap, netcraft: use TCP timestamp rate to estimate uptime ...only for old operating systems w/ low-frequency clocks ...restricted to infrastructure w/ listening TCP Prevalence and persistence of BGP routes [P97, RWXZ02] Operational mailing lists [FB05] ...indirect measures unreliable, miss events Edge probing [QHP13] ...not infrastructure, not uptime R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 6 / 28

  9. Infrastructure Uptime Motivation Obtaining Remote Uptime How to remotely obtain uptime? Just login? Management protocols (e.g. SNMP)? ...requires access privilege Prior Network Availability Work: nmap, netcraft: use TCP timestamp rate to estimate uptime ...only for old operating systems w/ low-frequency clocks ...restricted to infrastructure w/ listening TCP Prevalence and persistence of BGP routes [P97, RWXZ02] Operational mailing lists [FB05] ...indirect measures unreliable, miss events Edge probing [QHP13] ...not infrastructure, not uptime R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 6 / 28

  10. Infrastructure Uptime Motivation Objective Instead, our objective: Find uptime of remote routers... which don’t accept TCP connections from untrusted sources... without privileged access... using active measurement R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 7 / 28

  11. Methodology Outline Infrastructure Uptime 1 Methodology 2 Experiments 3 Conclusion 4 R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 8 / 28

  12. Methodology Obtaining an Identifier Fundamentally, our work is active fingerprinting Uses an identifier from the router’s IPv6 control plane stack Obtaining an Identifier for IPv6 Routers We leverage our prior work on IPv6 alias resolution: too-big-trick (PAM 2013), speedtrap (IMC 2013) To remotely obtain an identifier without privileged access R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 9 / 28

  13. Methodology Obtaining an Identifier Fundamentally, our work is active fingerprinting Uses an identifier from the router’s IPv6 control plane stack Obtaining an Identifier for IPv6 Routers We leverage our prior work on IPv6 alias resolution: too-big-trick (PAM 2013), speedtrap (IMC 2013) To remotely obtain an identifier without privileged access R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 9 / 28

  14. Methodology Obtaining an Identifier IPv6 Fragmentation Background No in-network fragmentation in IPv6 If next hop interface MTU is smaller than packet, routers: drop packet send ICMP6 “packet too big” (PTB) to source IPv6 stack receiving PTB: Caches per-destination maximum MTU Sends packets with length > PMTU using IPv6 fragment header extension IPv6 fragment header contains ID Prior Insight: Router’s control plane also implements PTB cache and sends fragments if necessary – providing an ID R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 10 / 28

  15. Methodology Obtaining an Identifier IPv6 Fragmentation Background No in-network fragmentation in IPv6 If next hop interface MTU is smaller than packet, routers: drop packet send ICMP6 “packet too big” (PTB) to source IPv6 stack receiving PTB: Caches per-destination maximum MTU Sends packets with length > PMTU using IPv6 fragment header extension IPv6 fragment header contains ID Prior Insight: Router’s control plane also implements PTB cache and sends fragments if necessary – providing an ID R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 10 / 28

  16. Methodology Too-Big Trick Too-Big Trick Too-Big Trick Our prober sends ICMP6 echos and fake PTBs Inducing remote IPv6 router to originate fragmented packets I C M P 6 E c h o R e q 1 3 0 0 B , S e q = 0 B 1 3 0 0 Fragment identifier is R e s p c h o M P E I C (frequently) I C M P 6 T o o B i g IPv6 Interface I C M P 6 E c h o R e monotonically q 1 3 0 0 B , S e q = 1 Prober increasing and resets s e t = 0 x , O f f I D = F r a g 2 3 2 s e t = 1 to 0 on (most) IPv6 x , O f f I D = F r a g stacks, including I C M P 6 E c h o R e q 1 3 0 0 B , S e q = 2 routers 0 f s e t = 1 , O f D = x + F r a g I 3 2 t = 1 2 O f f s e x + 1 , g I D = F r a R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 11 / 28

  17. Methodology Too-Big Trick Too-Big Trick Too-Big Trick Our prober sends ICMP6 echos and fake PTBs Inducing remote IPv6 router to originate fragmented packets I C M P 6 E c h o R e q 1 3 0 0 B , S e q = 0 B 1 3 0 0 Fragment identifier is R e s p c h o M P E I C (frequently) I C M P 6 T o o B i g IPv6 Interface I C M P 6 E c h o R e monotonically q 1 3 0 0 B , S e q = 1 Prober increasing and resets s e t = 0 x , O f f I D = F r a g 2 3 2 s e t = 1 to 0 on (most) IPv6 x , O f f I D = F r a g stacks, including I C M P 6 E c h o R e q 1 3 0 0 B , S e q = 2 routers 0 f s e t = 1 , O f D = x + F r a g I 3 2 t = 1 2 O f f s e x + 1 , g I D = F r a R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 11 / 28

  18. Methodology Too-Big Trick Methodology High-Level: Periodically probe IPv6 routers with PTB and ICMP6 echo request (using scamper packet prober) For interface k , obtain a time series of fragment IDs and timestamps: F k = ( f 1 , t 1 ) , ( f 2 , t 2 ) , . . . , ( f n , t n ) where t i < t i + 1 If f i + 1 < f i , then k rebooted between t i + 1 and t i Real example, 3 probes per cycle: Mar 4 21:30:01: 0x00000001, 0x00000002, 0x00000003 Mar 5 04:25:05: 0x00000004, 0x00000005, 0x00000006 . . . Apr 21 09:39:12: 0x000001b0, 0x000001b1, 0x000001b2 Apr 21 16:42:54: 0x00000001 , 0x00000002, 0x00000003 R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 12 / 28

  19. Methodology Too-Big Trick Real-world heterogeneity Not as easy in practice: Odd behaviors, corner cases require de-noising, e.g.,: .., 405, 406, 407, 850815256, 408, 409, ... Different router vendors == Different IPv6 stacks BSD-based devices (notably Juniper) return random fragment IDs Linux-based devices return cyclic fragment IDs R. Beverly et al. (NPS/CAIDA) IPv6 Router Uptime PAM 2015 13 / 28

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

IPv6 Router Alert Option for MPLS OAM (draft-raza-mpls-oam-ipv6-rao-00) Kamran Raza Nobo Akiya

IPv6 Router Alert Option for MPLS OAM (draft-raza-mpls-oam-ipv6-rao-00) Kamran Raza Nobo Akiya

IETF 90 Toronto July 2014 IPv6 Router Alert Option for MPLS OAM (draft-raza-mpls-oam-ipv6-rao-00) Kamran Raza Nobo Akiya Carlos Pignataro (Cisco Systems, Inc.) Problem Statement The LSP Ping/Traceroute specification [RFC4379] requires the

68 views • 6 slides
Global IPv6 statistics Measuring the current state of IPv6 for ordinary users Steinar H.

Global IPv6 statistics Measuring the current state of IPv6 for ordinary users Steinar H.

Global IPv6 statistics Measuring the current state of IPv6 for ordinary users Steinar H. Gunderson Software Engineer 1 Motivation There is too little data about IPv6 among clients Existing measurements mostly on a small scale and/or

517 views • 20 slides
Liberouter: a PC-based IPv6 router Ladislav Lhotka lhotka@cesnet.cz Ji Novotn

Liberouter: a PC-based IPv6 router Ladislav Lhotka lhotka@cesnet.cz Ji Novotn

Liberouter: a PC-based IPv6 router Ladislav Lhotka lhotka@cesnet.cz Ji Novotn novotny@ics.muni.cz Introduction Routers and routing complex technology, interesting algorithms inside the black (blue, violet) boxes

744 views • 16 slides
CLEO Cisco router in Low Earth Orbit IPv6 and IPsec on a satellite in space IAC-07-B2.6.06

CLEO Cisco router in Low Earth Orbit IPv6 and IPsec on a satellite in space IAC-07-B2.6.06

CLEO Cisco router in Low Earth Orbit IPv6 and IPsec on a satellite in space IAC-07-B2.6.06 Alex da Silva Curiel Surrey Satellite Technology Ltd (SSTL) International Astronautical Congress Hyderabad, India, September 2007 Executive summary

532 views • 20 slides
IPv6 State of Play An Australian ISP View Router Software Cisco finally ships

IPv6 State of Play An Australian ISP View Router Software Cisco finally ships

IPv6 State of Play An Australian ISP View Router Software Cisco finally ships production code IOS 12.2(2)T Are you game??!! Corporate Clients 12.2(2)T seems stable enough in a corporate LAN environment Take existing

394 views • 10 slides
Motivation Measuring the Internet is hard Significant previous work on Router and

Motivation Measuring the Internet is hard Significant previous work on Router and

Internet Inter-Domain Traffic Craig Labovitz, Scott Iekel-Johnson, Danny McPherson Arbor Networks Jon Oberheide, Farnam Jahanian University of Michigan Motivation Measuring the Internet is hard Significant previous work on Router and

503 views • 19 slides
Using the RIPE Atlas API for Measuring IPv6 Reachability Vesna Manojlovic Community Builder for

Using the RIPE Atlas API for Measuring IPv6 Reachability Vesna Manojlovic Community Builder for

Using the RIPE Atlas API for Measuring IPv6 Reachability Vesna Manojlovic Community Builder for Measurement Tools BECHA@ripe.net / @Ms_Multicolor BalCCoN 2014 | Novi Sad 1 Overview 2 Short intro to RIPE, RIPE NCC What is IPv6 &amp;

906 views • 74 slides
BitEngine 12000 IPv6 Core Router Dr. Fu Lizheng VP Technology Tsinghua Bitway Networking

BitEngine 12000 IPv6 Core Router Dr. Fu Lizheng VP Technology Tsinghua Bitway Networking

BitEngine 12000 IPv6 Core Router Dr. Fu Lizheng VP Technology Tsinghua Bitway Networking Technology Co.,Ltd. Feb. 23, 2005 The development of NGI in world The scale of NGI networks becomes much bigger in world: ! Internet2 Abilene backbone

490 views • 19 slides
Measuring IPv6 with adver3sements for fun and profit George

Measuring IPv6 with adver3sements for fun and profit George

Measuring IPv6 with adver3sements for fun and profit George Michaelson, APNIC how to measure the Internet What do we mean when we say

596 views • 59 slides
CNC Router What is it good for? About the CNC Full name is CNC Router but is shortened to CNC

CNC Router What is it good for? About the CNC Full name is CNC Router but is shortened to CNC

CNC Router What is it good for? About the CNC Full name is CNC Router but is shortened to CNC CNC stands for Computer Numeric Controlled (Router) Very Expensive Can only be used with proper training Trumans favorite

534 views • 7 slides
Measuring IPv6 Adop3on Jakub Czyz, University of Michigan Mark

Measuring IPv6 Adop3on Jakub Czyz, University of Michigan Mark

Measuring IPv6 Adop3on Jakub Czyz, University of Michigan Mark Allman, Interna=onal Computer Science Ins=tute Jing Zhang, University of Michigan ScoA

430 views • 29 slides
Measuring IPv6 Performance Nov 25, 2016 TU Munich, Germany Prof. Dr. Jrg Ott Aalto

Measuring IPv6 Performance Nov 25, 2016 TU Munich, Germany Prof. Dr. Jrg Ott Aalto

Overview Measuring IPv6 Performance Nov 25, 2016 TU Munich, Germany Prof. Dr. Jrg Ott Aalto University, Finland Saba Ahsan SamKnows Limited, London, UK Steffje Jacob Eravuchira | Sam Crawford Jacobs University Bremen, Germany Prof. Dr.

484 views • 29 slides
IPv6 IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery Jyh-Cheng Chen Department of Computer

IPv6 IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery Jyh-Cheng Chen Department of Computer

Outline IPv6 IPv6 Header IPv6 Addressing IPv6 Neighbor Discovery Jyh-Cheng Chen Department of Computer Science and IPv6 Autoconfiguration Institute of Communications Engineering National Tsing Hua University jcchen@cs.nthu.edu.tw

783 views • 11 slides
Are we there yet? Measuring iPv6 in 2016 Geoff Huston APNIC A question to each of you A

Are we there yet? Measuring iPv6 in 2016 Geoff Huston APNIC A question to each of you A

Are we there yet? Measuring iPv6 in 2016 Geoff Huston APNIC A question to each of you A question to each of you How many IPv6 presentations have you sat through? A question to each of you How many IPv6 presentations have you sat

960 views • 65 slides
Internet Evolution and IPv6 Paul Wilson APNIC 1 Where are IPv6 addresses today? 2 IPv6

Internet Evolution and IPv6 Paul Wilson APNIC 1 Where are IPv6 addresses today? 2 IPv6

Internet Evolution and IPv6 Paul Wilson APNIC 1 Where are IPv6 addresses today? 2 IPv6 Global allocations by RIR APNIC 337 21% RIPENCC 737 45% ARIN 438 LACNIC AFRINIC 27% 87 37 5% 2% Unit: IPv6 pref i x 3 IPv6

603 views • 24 slides
IPv6 Ready Logo Aiding IPv6 Deployment Timothy Winters LACNIC 27 May 2017 IPv6 Forums IPv6

IPv6 Ready Logo Aiding IPv6 Deployment Timothy Winters LACNIC 27 May 2017 IPv6 Forums IPv6

IPv6 Ready Logo Aiding IPv6 Deployment Timothy Winters LACNIC 27 May 2017 IPv6 Forums IPv6 Ready Logo Goal 2001-Present: Conformance and Interoperability test program intended to increase user confidence and promote IPv6 deployment.

403 views • 11 slides
Core Performances and Safety Implications of TRU Burning Medium to Large Fast Reactor Core

Core Performances and Safety Implications of TRU Burning Medium to Large Fast Reactor Core

Core Performances and Safety Implications of TRU Burning Medium to Large Fast Reactor Core Concepts The 10th IEMPT Mito, Japan 6-10 October 2008 Hoon Song, Sang-Ji Kim, Jinwook Jang, Yeong-Il Kim IEMPT, Mito, 6-10 October 2008 1 Outline I

281 views • 17 slides
Cargo turnover by stevedores, Mt (2015) 90% of grain export transported through Total 144.6 Mt

Cargo turnover by stevedores, Mt (2015) 90% of grain export transported through Total 144.6 Mt

WATERWAYS IN UKRAINE MINISTRY OF INFRASTRUCTURE OF UKRAINE March 2016 Cargo turnover by stevedores, Mt (2015) 90% of grain export transported through Total 144.6 Mt (2015) seaports 16.8 Attraction of private investments to State

306 views • 8 slides
s Mee Meeting ting S toc khol der www.ADOMANIelectric.com May, 8 2019 NASDAQ: NASDAQ: AD

s Mee Meeting ting S toc khol der www.ADOMANIelectric.com May, 8 2019 NASDAQ: NASDAQ: AD

Providing healthier air for all while reducing dependency on fossil fuels. 2019 Annual s Mee Meeting ting S toc khol der www.ADOMANIelectric.com May, 8 2019 NASDAQ: NASDAQ: AD OM Disclaimer This presentation has been prepared by

437 views • 27 slides
Identifying Network Traffic Activity Via Flow Sizes Overview Motivation identifying

Identifying Network Traffic Activity Via Flow Sizes Overview Motivation identifying

Identifying Network Traffic Activity Via Flow Sizes Overview Motivation identifying activity via payload Theory behind the idea Measuring NetFlow Measuring DNS traffic captures Implications and future work Motivation

580 views • 17 slides
Investor Overview Presentation December 2009 TD Bank Financial Group Caution regarding

Investor Overview Presentation December 2009 TD Bank Financial Group Caution regarding

Investor Overview Presentation December 2009 TD Bank Financial Group Caution regarding forward-looking statements From time to time, the Bank makes written and oral forward-looking statements, including in this document, in other filings with

944 views • 42 slides
2014/15-2018/19 STRATEGIC PLAN &amp; 2014/15 ANNUAL PERFORMANCE PLAN Presentation to the Standing

2014/15-2018/19 STRATEGIC PLAN &amp; 2014/15 ANNUAL PERFORMANCE PLAN Presentation to the Standing

2014/15-2018/19 STRATEGIC PLAN &amp; 2014/15 ANNUAL PERFORMANCE PLAN Presentation to the Standing Committee on Finance 01 July 2014 Agenda SARS Mandate Highlights of SARS business SARS Strategy Strategic outcomes 2 SARS mandate

218 views • 17 slides
TURBOCHARGER PARTS, SERVICE &amp; REPAIR . . . . . . . . . . . . . . .

TURBOCHARGER PARTS, SERVICE &amp; REPAIR . . . . . . . . . . . . . . .

TURBOCHARGER PARTS, SERVICE &amp; REPAIR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

296 views • 12 slides
Diablo Canyon Decommissioning Engagement Panel Meeting Date/Time: 3-13-19 / 6:00 PM 10:00 PM

Diablo Canyon Decommissioning Engagement Panel Meeting Date/Time: 3-13-19 / 6:00 PM 10:00 PM

Diablo Canyon Decommissioning Engagement Panel Meeting Date/Time: 3-13-19 / 6:00 PM 10:00 PM Facilitator: Chuck Anders 1055 Monterey Street, SLO; Brandy Lopez Meeting Location: Recorder: County Government Offices Webcast: SLO-SPAN

835 views • 30 slides

More recommend