the real-time Internet routing observatory Luca Sani 1 / 24 Our - - PowerPoint PPT Presentation

the real time internet routing observatory
SMART_READER_LITE
LIVE PREVIEW

the real-time Internet routing observatory Luca Sani 1 / 24 Our - - PowerPoint PPT Presentation

Feb 23, 2024 116 likes •424 views

the real-time Internet routing observatory Luca Sani 1 / 24 Our research topic: discovering the Internet structure Everyone knows the role of the Internet in our society, but since its commercialization in 1995, no one knows its complete

slide-1
SLIDE 1

the real-time Internet routing observatory

Luca Sani

1 / 24

slide-2
SLIDE 2

Our research topic: discovering the Internet structure

Everyone knows the role of the Internet in our society, but since its commercialization in 1995, no one knows its complete structure anymore We focused mostly on the AS-level to reveal the routing policies regulating the Internet

2 / 24

slide-3
SLIDE 3

Why is it important to reveal the Internet structure?

For example... ... to plan an optimal inter-domain network configuration to maintain an acceptable level of service in case of malicious or unintentional faults

3 / 24

slide-4
SLIDE 4

Classic BGP Route Collector

A Route Collector (RC) is a device which collects BGP routing data from co-operating ASes. RCs only collect routing information and not user traffic

4 / 24

slide-5
SLIDE 5

Route collector projects

BGP route collector projects

Data collected is largely incomplete Most provider-to-customer connections are discovered Most public peering connections are missing Participants do not receive anything back in change of their data

5 / 24

slide-6
SLIDE 6

Isolario project

Isolario - The Book of Islands ”where we discuss about all islands of the world, with their ancient and modern names, histories, tales and way of living...” Benedetto Bordone (Italian cartographer)

Do-ut-des Participants need to open a BGP session with Isolario providing the BGP full routing table and its evolution over time In change, Isolario offers real-time and historic analysis applications based on the aggregation of every routing information collected

6 / 24

slide-7
SLIDE 7

Isolario system overview

Unlike classic route collectors, Isolario uses incoming BGP flows also to create services for the participants

7 / 24

slide-8
SLIDE 8

Current feeders

AS 2597 (ccTLD.it) AS 6882 (Regione Toscana) AS 16004 (MIX) AS 20912 (Panservice) AS 24796 (NAMEX) AS 25309 (TOP-IX) AS 39120 (Convergenze) AS 197440 (ccTLD.it Anycast) AS 197835 (Ninux) AS 2598 (CNR-Isolario project) AS 6762 (TI Sparkle) AS 12637 (Seeweb) AS 12835 (Trentino Network) AS 16076 (IperV) AS 31638 (Lepida) AS 41497 (Qcom) AS 50809 (Digitel Italia) AS 60772 (Sky Italia)

8 / 24

slide-9
SLIDE 9

Isolario services for feeders

Already available BGP flow viewer Routing table viewer Route flap detector Website reachability My Subnet reachability Route Collector Software Custom software to perform route collecting instead of Quagga New services Daily report Alerting system Historic routing table viewer Historic my subnet reachability

9 / 24

slide-10
SLIDE 10

Isolario services for feeders

Already available BGP flow viewer Routing table viewer Route flap detector Website reachability My Subnet reachability Route Collector Software Custom software to perform route collecting instead of Quagga New services Daily report Alerting system Historic routing table viewer Historic my subnet reachability

9 / 24

slide-11
SLIDE 11

Already available services: Summary

Routing table viewer (RTV) Allows to analyse in real-time portion(s) of the routing table that each feeder announced to Isolario Development status: ready

10 / 24

slide-12
SLIDE 12

Already available services: Summary

My subnet reachability (MSR) Allows to analyse in real-time the reachability of the subnets of each feeder from every other Isolario feeder perspective Development status: ready

11 / 24

slide-13
SLIDE 13

New features

Already available BGP flow viewer Routing table viewer Route flap detector Website reachability My Subnet reachability Route Collector Software Custom route collecting software New services Daily report Alerting system Historic routing table viewer Historic my subnet reachability

12 / 24

slide-14
SLIDE 14

Route Collector Software

We are going to replace Quagga with a custom route collecting software Scalability in terms of access to routing information wrt number of connected feeders and number of requests Full support for MRT data (RIB and UPDATEs dump)

Feeders Readers Quagga Bird RCE 1 1 4.64s 1.67s 5.76s 5 11.2s 7.96s 6.43s 20 36.1s 31.4s 18.0 40

  • 62.7s

34.9s 8 1 35.1s 2.69s 6.11s 5 78.2s 10.9s 6.58s 20 246s 35.6s 17.9s 40

  • 83.0s

35.6s 64 1 356s 12.4s 6.23s 5 1716s 37.7s 6.85s 20

  • 131s

18.9s 40

  • 254s

36.7s

Time to dump one full routing table

1000 2000 3000 4000 5000 6000 1 2 4 8 16 32 64 RAM (MB) # of feeders

Quagga Bird RCE 13 / 24

slide-15
SLIDE 15

New features

Already available BGP flow viewer Routing table viewer Route flap detector Website reachability My Subnet reachability Route Collector Software Custom route collecting software New services Daily report Alerting system Historic routing table viewer Historic my subnet reachability

14 / 24

slide-16
SLIDE 16

New services: Daily report

Summary about the feeder inter-domain routing status as perceived by the Isolario system Routing statistics #Announce, #Withdrawn Most (un)stable prefixes Reachability statistics Inbound reachability BGP attributes statistics AS path anomalies One-time configuration: no need to be connected to the system

15 / 24

slide-17
SLIDE 17

Daily report: Summary of statistics

16 / 24

slide-18
SLIDE 18

Daily report (details)

Users can decide to include in the report further details

17 / 24

slide-19
SLIDE 19

Daily report (details)

For example details about the nature of the most unstable prefixes

17 / 24

slide-20
SLIDE 20

New services: Alerting system

Different types of alarms BGP attributes: BGP UPDATEs matching attributes of interest are announced by the feeder Flap events: a prefix is experiencing a flap event (rate of BGP UPDATEs involving that prefix > threshold) Hijack: BGP UPDATEs hijacking a feeder subnet Prefix reachability: complete/partial (un)reachability of prefixes of interest Session down/up: the session with Isolario goes down Notification report Web page, Email, HTTP(S) POST

18 / 24

slide-21
SLIDE 21

Alerting system: Example

BGP attributes prefix subnet = 208.65.152.0/22 and as path substr = 4134

19 / 24

slide-22
SLIDE 22

New services: Historic services

Store the past Historic services exploit different BGP data sources (RouteViews, RIPE NCC RIS, Isolario) to show historic results Challenge: store original MRT data in a way that is quickly accessible Analyse the past Inspect the status of the inter-domain routing across a particular event Analyse how outages/attacks/censorships/de-peering affected the inter-domain routing dynamics of ASes

20 / 24

slide-23
SLIDE 23

Historic services

Applications Routing table viewer: Allows to analyse portion(s) of the routing table that each feeder announced to Isolario My subnet reachability: Allows to analyse the reachability of the subnets of each feeder from every perspective available in the past

21 / 24

slide-24
SLIDE 24

Summary: how to use Isolario?

Real-time services Something is happening How is my RIB(s) evolving? How is my reachability affected? Historic services Something happened How was my RIB(s) evolving? How was my reachability affected? Alerting System Something is happening NOW! Check real-time services! Do something! (if needed) Daily report Did something happen yesterday? Check historic services! Do something! (if needed)

22 / 24

slide-25
SLIDE 25

Isolario future

End of test phase So far Isolario was in a test phase We are about to become fully operational

Support granted by CNR up to 2017 New public ASN 2598

To formalize the relationship with Isolario, we are going to propose to each feeder an agreement Distribute active measurement devices to enhance the measurement system and thus the offered services Agreement Feeders receive services in change of BGP data Isolario creates and maintains those services

23 / 24

slide-26
SLIDE 26

Thank you for your attention

Any question? luca.sani@iit.cnr.it www.isolario.it Feeders and Feedbacks are most welcome!

24 / 24

slide-27
SLIDE 27

25 / 24

slide-28
SLIDE 28

Some result

Feeders 17 ASes, 16 different organizations

12 are not connected to other RC projects

21 IPv4 sessions 14 IPv6 sessions AS-level connectivity computed across March 2015 data 3173 new AS connections 918 geolocated in Italy (+22.18%)

26 / 24

slide-29
SLIDE 29

Why is it important to reveal the Internet structure?

To understand how packets are routed in the Internet

Identify routes involving non-national ISPs Identify the importance of each AS in the ecosystem

To create economy-based models of the global Internet growth

Study the effectiveness of p2p connections Build more realistic topology generators to simulate the Internet

To properly select peers and diversify upstream providers based

  • n their connectivity

Increase network robustness Select data centers for server replicas Understand the effects of catastrophic events ...

27 / 24