topology inference from bgp routing dynamics
play

Topology Inference from BGP Routing Dynamics David Andersen, Nick - PowerPoint PPT Presentation

Jul 22, 2023 •425 likes •639 views

Topology Inference from BGP Routing Dynamics David Andersen, Nick Feamster, Steve Bauer, Hari Balakrishnan MIT Laboratory for Computer Science October 2002 http://nms.ls.mit.edu/ron/ Current Topologies: AS Topologies AT&T MIT BBN

  1. Topology Inference from BGP Routing Dynamics David Andersen, Nick Feamster, Steve Bauer, Hari Balakrishnan MIT Laboratory for Computer Science October 2002 http://nms.l s.mit.edu/ron/

  2. Current Topologies: AS Topologies AT&T MIT BBN UUNET Sprint ✔ Simple to construct ✔ Completely passive - BGP snapshot ✘ Obnoxiously free of interesting detail

  3. A few paths contain most prefixes 1 Fraction of announced prefixes 0.9 0.8 0.7 Source (AS) #prefixes 0.6 UUNET (701): 2053 0.5 REACH (1221): 1282 (hong Kong) AT&T (7018): 1250 0.4 UUNET (701 702): 1250 0.3 Supernet (3908): 793 0.2 0.1 Cumulative distribution 0 0 2000 4000 6000 8000 10000 14000 Number of origin AS’s � 13 common paths contain 10% of prefixes � Binning large ISPs misses critical detail

  4. Current Topologies: Router-Level BBN2 UU−1 BBN1 mit1 mit2 BBN3 ATT−1 BBN4 ✔ Lots of juicy detail ✘ Requires active probing - Annoys the paranoid (and can be blocked) - Consumes time and bandwidth ➔ Best of both worlds?

  5. New: Implied Logical Topologies Net 1 Net 2 Net 3 Net 4 � Group prefixes that “behave similarly” � What do the resulting clusters mean?

  6. BGP update streams 2002-01-10 23:51:05 198.140.178.0/24 2002-01-10 23:51:05 192.107.237.0/24 2002-01-10 23:55:53 199.230.128.0/23 2002-01-10 23:56:21 216.9.174.0/23 2002-01-10 23:56:21 216.9.172.0/24 � Colored prefixes updated at (nearly) same time ➔ Cluster prefixes that often do this

  7. Mechanics 2002-01-10 23:51:05 198.140.178.0/24 2002-01-10 23:51:05 192.107.237.0/24 2002-01-10 23:55:53 199.230.128.0/23 2002-01-10 23:56:21 216.9.174.0/23 2002-01-10 23:56:21 216.9.172.0/24 � Group by 30-second intervals (in practice, bin length choice flexible) (BGP min-route-adver time)

  8. Creating BGP update vectors p1 updates (t) u 1 0 1 1 p1 p2 updates (t) 0 u 1 1 0 p2 time I seconds � Update stream is a 0/1 signal [ t; + 30 s ℄ ? Did an update happen in time t � Now we have a bunch of 0/1 vectors to compare...

  9. BGP update vectors time � ! Prefix A 0 0 1 0 1 0 0 Prefix B 1 0 1 0 0 0 1 Prefix C 1 0 1 0 0 0 0 How close are two vectors? � Correlation coefficient

  10. Correlation Coefficient A 0 0 1 0 1 0 0 B 1 0 1 0 0 0 1 C 1 0 1 0 0 0 0 [( p )( p )℄ E p p � � 1 1 2 2 ( p ) = corr ; p 1 2 � � p 1 p 2 � Expresses correlation well � Susceptable to some “coincidental” correlation

  11. How to Group Prefixes? Input Distances Resulting Cluster A−B: 1 A−C: 0.75 B−C: 0.5 D−E: 0.25 E−A: 0.001 ... A B C D E Single-linkage clustering � Simple and efficient � Creates a similarty hierarchy: A & B most similar, etc.

  12. How to Group Prefixes? Input Distances Resulting Cluster A−B: 1 A−C: 0.75 B−C: 0.5 D−E: 0.25 E−A: 0.001 ... A B C D E Single-linkage clustering � Simple and efficient � Creates a similarty hierarchy: A & B most similar, etc.

  13. How to Group Prefixes? Input Distances Resulting Cluster A−B: 1 A−C: 0.75 B−C: 0.5 D−E: 0.25 E−A: 0.001 ... A B C D E Single-linkage clustering � Simple and efficient � Creates a similarty hierarchy: A & B most similar, etc.

  14. How to Group Prefixes? Input Distances Resulting Cluster A−B: 1 A−C: 0.75 B−C: 0.5 D−E: 0.25 E−A: 0.001 ... A B C D E Single-linkage clustering � Simple and efficient � Creates a similarty hierarchy: A & B most similar, etc.

  15. Data Capture and Analysis BBN AS 3 (MIT) Border Router Collection Host AS 10578 � Studied 90 days of BGP traffic at MIT � Examined 2 “huge” origin ASes – UUNET: 2338 prefixes – AT&T: 1310 prefixes � How do clusters relate to real-word features?

  16. Anecdotes � Many “expected” results - same city, etc. We’ll get to those in a second. � 135.36.0.0/16, 135.12.0.0/14. Denver vs. New Jersey. Lucent vs. Agere – a spinoff in 2000, identical network behavior. (... CIA?) � 6 Sandia labs prefixes - internet2 routes, but flapped to backup UUNET route. � Many transient discoveries: backups, etc.

  17. Topological similarities Measureable quantities: path, location � Compute pairwise similarity for metric (shared path length, or shared pop) � Average similarity as clustering proceeds � If match with logical clustering, similarity strongest for leaf clustering, weakest at end. ➔ Logical topology: integration of topological, organizational, and administrative factors.

  18. Leaves share more hops in traceroute 22 20 Number of traceroute hops 18 16 14 12 10 UUNET max hops UUNET shared hops 8 2000 1500 1000 500 0 Number of clusters � Path length varies less with clustering � More shared hops in earlier clustering � Data noisy: loops, etc., but still works

  19. Leaves often share the ISP POP 1 Avg. fraction of same-POP clustering 0.9 0.8 0.7 0.6 0.5 0.4 0.3 0.2 0.1 UUNET AT&T 0 2000 1500 1000 500 0 Number of clusters � UUNET: 50% clustered at 95% accuracy � AT&T: 30% clustered at 97% accuracy

  20. What does it all mean? � Update clusters reflect reality: – Topology – Prefix assignment – Fate sharing � Passive window into remote networks � Facilitate network mapping and data collection � What else can be extracted from this signal? Similar signals?

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Multiple Source Multiple Destination Topology Inference Destination Topology Inference using

Multiple Source Multiple Destination Topology Inference Destination Topology Inference using

Multiple Source Multiple Destination Topology Inference Destination Topology Inference using Network Coding Pegah Sattari EECS, UC Irvine Joint work with Athina Markopoulou, at UCI, Christina Fragouli at EPFL Lausanne Christina Fragouli,

503 views • 36 slides
Stochastic Routing Routing Area Meeting IETF 82 (Taipei) Nov.15, 2011 Routing Topology

Stochastic Routing Routing Area Meeting IETF 82 (Taipei) Nov.15, 2011 Routing Topology

Stochastic Routing Routing Area Meeting IETF 82 (Taipei) Nov.15, 2011 Routing Topology modeled as graph G = (V,E,A) V : ver3ces and E : edges A : set of

569 views • 10 slides
PNNI Private Network to Network Interface Principles Topology concepts Routing Protocols

PNNI Private Network to Network Interface Principles Topology concepts Routing Protocols

PNNI Private Network to Network Interface Principles Topology concepts Routing Protocols Topology aggregation Call setup and routing algorithm PNNI-1 S-38.121 / S-04 / RKa, NB ATM background ATM = Asynchronous Transfer Mode

500 views • 17 slides
Geometric Routing in Sensor Networks III: Geometric Routing in Sensor Networks III: Explore the

Geometric Routing in Sensor Networks III: Geometric Routing in Sensor Networks III: Explore the

Geometric Routing in Sensor Networks III: Geometric Routing in Sensor Networks III: Explore the Global Topology Explore the Global Topology Jie Gao Computer Science Department Stony Brook University 10/5/06 Jie Gao, CSE590-fall06 1 Routing

630 views • 51 slides
Large-Scale Network Topology Emulation and Inference Erik Rye Naval Postgraduate School

Large-Scale Network Topology Emulation and Inference Erik Rye Naval Postgraduate School

Large-Scale Network Topology Emulation and Inference Erik Rye Naval Postgraduate School Monterey, CA 31 March 2015 1 / 22 Outline 1 Motivation and Methodology Motivation Emulated Router Inference Kit 2 Results An example topology Example

726 views • 24 slides
Fail-in-Place Network Design Interaction between Topology, Routing Algorithm and Failures Jens

Fail-in-Place Network Design Interaction between Topology, Routing Algorithm and Failures Jens

Fail-in-Place Network Design Interaction between Topology, Routing Algorithm and Failures Jens Domke , Torsten Hoefler , Satoshi Matsuoka Tokyo Institute of Technology ETH Zrich Presentation Overview 1. Topologies, Routing,

628 views • 35 slides
PNNI - Private Network to Network Interface Principles Topology concepts Routing

PNNI - Private Network to Network Interface Principles Topology concepts Routing

PNNI - Private Network to Network Interface Principles Topology concepts Routing Protocols Topology aggregation Call setup and routing algorithm 6-1 S38.121/RKa s-01 Private-Network-to-Network Interface (PNNI) is ment

609 views • 15 slides
Wireless networks Routing: DSR, AODV 1 Routing in Ad Hoc Networks Goals Adapt quickly

Wireless networks Routing: DSR, AODV 1 Routing in Ad Hoc Networks Goals Adapt quickly

Wireless networks Routing: DSR, AODV 1 Routing in Ad Hoc Networks Goals Adapt quickly to topology changes No centralization Loop free routing Load balancing among different routes in case of congestion Supporting

908 views • 89 slides
Routing Topology Algorithms Mustafa Ozdal 1 Introduction How to connect nets with multiple

Routing Topology Algorithms Mustafa Ozdal 1 Introduction How to connect nets with multiple

Routing Topology Algorithms Mustafa Ozdal 1 Introduction How to connect nets with multiple terminals? Net topologies needed before point-to-point routing between terminals. Several objectives: Minimum wirelength Best timing

950 views • 48 slides
Location- -free Routing in free Routing in Location Sensor Networks Explore the Global

Location- -free Routing in free Routing in Location Sensor Networks Explore the Global

Location- -free Routing in free Routing in Location Sensor Networks Explore the Global Explore the Global Sensor Networks Topology Topology Jie Gao Computer Science Department Stony Brook University 9/29/05 Jie Gao,

956 views • 60 slides
On The Correlation between Route Dynamics and Routing Loops Ashwin Sridharan and Sue. B. Moon

On The Correlation between Route Dynamics and Routing Loops Ashwin Sridharan and Sue. B. Moon

On The Correlation between Route Dynamics and Routing Loops Ashwin Sridharan and Sue. B. Moon and Christophe Diot 1 Problem Statement Identify possible causes of routing loops within the Sprint backbone. Methodology to correlate

477 views • 22 slides
Topology and dynamics on the boundary of two-dimensional domains Meysam Nassiri IPM - Institute

Topology and dynamics on the boundary of two-dimensional domains Meysam Nassiri IPM - Institute

Topology and dynamics on the boundary of two-dimensional domains Meysam Nassiri IPM - Institute for Research in Fundamental Sciences Tehran Joint work with Andres Koropecki and Patrice Le Calvez Meysam Nassiri (IPM) Boundary dynamics and

799 views • 75 slides
Overlaid Mesh Topology Design and Deadlock Free Routing in Wireless Network-on-Chip Danella Zhao

Overlaid Mesh Topology Design and Deadlock Free Routing in Wireless Network-on-Chip Danella Zhao

Overlaid Mesh Topology Design and Deadlock Free Routing in Wireless Network-on-Chip Danella Zhao and Ruizhe Wu Presented by Zhonghai Lu, KTH Outline Introduction Overview of WiNoC system architecture Overlaid mesh topology design

482 views • 26 slides
SALT: Provably Good Routing Topology by a Novel S teiner Sh a llow- L ight T ree Algorithm Gengjie

SALT: Provably Good Routing Topology by a Novel S teiner Sh a llow- L ight T ree Algorithm Gengjie

SALT: Provably Good Routing Topology by a Novel S teiner Sh a llow- L ight T ree Algorithm Gengjie Chen , Peishan Tu, Evangeline F. Y. Young Department of Computer Science & Engineering The Chinese University of Hong Kong Nov 15, 2017 1 / 24

283 views • 25 slides
Classifiers Classifier methods Table of n slots Install entries into classifier install {}

Classifiers Classifier methods Table of n slots Install entries into classifier install {}

ns v2 Workshop Outline 1. Topology Generation, the nodes and the links Kannan Varadhan 2. OTcl and C++: The Duality USC/Information Sciences Institute 3. Routing h kannan@catarina.usc.edu i Unicast Multicast Network Dynamics 18

360 views • 22 slides
Enhancing Compact Routing in CCN with Prefix Embedding and Topology-Aware Hashing Stefanie Roos 1

Enhancing Compact Routing in CCN with Prefix Embedding and Topology-Aware Hashing Stefanie Roos 1

Enhancing Compact Routing in CCN with Prefix Embedding and Topology-Aware Hashing Stefanie Roos 1 , Liang Wang 2 , Thorsten Strufe 1 , Jussi Kangasharju 2 1 TU Dresden, firstname.lastname@tu-dresden.de 2 University of Helsinki,

434 views • 12 slides
PromCon 2019 Fun and profit with Alertmanager Simon Pasquier (@SimonHiker), November 7, 2019

PromCon 2019 Fun and profit with Alertmanager Simon Pasquier (@SimonHiker), November 7, 2019

PromCon 2019 Fun and profit with Alertmanager Simon Pasquier (@SimonHiker), November 7, 2019 Prometheus Who am I? Software engineer working at Red Hat Alertmanager & consul_exporter maintainer Prometheus Alerting craft

575 views • 34 slides
Janet6: What it is, and what it isnt. Rob Evans Chief Network Architect, Janet Janet

Janet6: What it is, and what it isnt. Rob Evans Chief Network Architect, Janet Janet

Janet6: What it is, and what it isnt. Rob Evans Chief Network Architect, Janet Janet background Backbone IP service managed by the Janet Network Operations Centre More on the transmission management later Regional networks

465 views • 12 slides
Network layer Distributed Routing: Link State Routing Link State Routing A very frequently

Network layer Distributed Routing: Link State Routing Link State Routing A very frequently

IN2140: Introduction to Operating Systems and Data Communication Network layer Distributed Routing: Link State Routing Link State Routing A very frequently use routing protocol IS-IS (Intermediate System-Intermediate System) OSPF

239 views • 8 slides
Why IPsec and BGP dont play well together in real networks Brian Weis Overview Of

Why IPsec and BGP dont play well together in real networks Brian Weis Overview Of

Why IPsec and BGP dont play well together in real networks Brian Weis Overview Of course IKE/IPsec can be configured on routers to provide transport security for BGP and other similar control plane protocols. And certainly

480 views • 16 slides
IPv6 route lookup performance and scaling Michal Kubeek SUSE Labs mkubecek@suse.cz

IPv6 route lookup performance and scaling Michal Kubeek SUSE Labs mkubecek@suse.cz

Proceedings of NetDev 1.1: The Technical Conference on Linux Networking (February 10th-12th 2016. Seville, Spain) IPv6 route lookup performance and scaling Michal Kubeek SUSE Labs mkubecek@suse.cz Proceedings of NetDev 1.1: The Technical

420 views • 25 slides
Ne NetBouncer uncer: A : Act ctiv ive D e Device and ice and Link Failure Lo Li

Ne NetBouncer uncer: A : Act ctiv ive D e Device and ice and Link Failure Lo Li

Ne NetBouncer uncer: A : Act ctiv ive D e Device and ice and Link Failure Lo Li Localization in Data Ce Center r Netw twork orks Presented by Akash Kulkarni Problems that may occur in Data Center Routing misconfigurations

670 views • 22 slides
LogAnomaly: Unsupervised Detection of Sequential and Quantitative Anomalies in Unstructured Logs

LogAnomaly: Unsupervised Detection of Sequential and Quantitative Anomalies in Unstructured Logs

LogAnomaly: Unsupervised Detection of Sequential and Quantitative Anomalies in Unstructured Logs Weibin Meng , Ying Liu, Yichen Zhu, Shenglin Zhang, Dan Pei Yuqing Liu, Yihao Chen, Ruizhi Zhang, Shimin Tao, Pei Sun and Rong Zhou 2019/9/10 1

2.58k views • 24 slides
Multipath TCP How one little change can make: Google more robust your iPhone service

Multipath TCP How one little change can make: Google more robust your iPhone service

Multipath TCP How one little change can make: Google more robust your iPhone service cheaper your home broadband quicker prevent the Internet from melting down enable remote brain surgery cure hyperbole Prof. Mark Handley

1.13k views • 48 slides

More recommend