Publication: A system for the detection of limited visibility in BGP
Loading...
Identifiers
Publication date
2014-09
Defense date
2014-11-11
Authors
Advisors
Tutors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
The performance of the global routing system is vital to thousands of entities operating
the Autonomous Systems (ASes) which make up the Internet. The Border Gateway
Protocol (BGP) is currently responsible for the exchange of reachability information and
the selection of paths according to their specified routing policies. BGP thus enables
traffic to flow from any point to another connected to the Internet. The manner traffic
flows if often influenced by entities in the Internet according to their preferences. The
latter are implemented in the form of routing policies by tweaking BGP configurations.
Routing policies are usually complex and aim to achieve a myriad goals, including technical,
economic and political purposes. Additionally, individual network managers need to
permanently adapt to the interdomain routing changes and, by engineering the Internet
traffic, optimize the use of their network.
Despite the flexibility offered, the implementation of routing policies is a complicated
process in itself, involving fine-tuning operations. Thus, it is an error-prone task and
operators might end up with faulty configurations that impact the efficacy of their strategies
or, more importantly, their revenues. Withal, even when correctly defining legitimate
routing policies, unforeseen interactions between ASes have been observed to cause important
disruptions that affect the global routing system. The main reason behind this
resides in the fact that the actual inter-domain routing is the result of the interplay of
many routing policies from ASes across the Internet, possibly bringing about a different
outcome than the one expected.
In this thesis, we perform an extensive analysis of the intricacies emerging from the
complex netting of routing policies at the interdomain level, in the context of the current
operational status of the Internet. Abundant implications on the way traffic flows in
the Internet arise from the convolution of routing policies at a global scale, at times
resulting in ASes using suboptimal ill-favored paths or in the undetected propagation of configuration errors in routing system. We argue here that monitoring prefix visibility
at the interdomain level can be used to detect cases of faulty configurations or backfired
routing policies, which disrupt the functionality of the routing system. We show that the
lack of global prefix visibility can offer early warning signs for anomalous events which,
despite their impact, often remain hidden from state of the art tools. Additionally, we show that such unintended Internet behavior not only degrades the efficacy of the routing
policies implemented by operators, causing their traffic to follow ill-favored paths, but
can also point out problems in the global connectivity of prefixes.
We further observe that majority of prefixes suffering from limited visibility at the
interdomain level is a set of more-specific prefixes, often used by network operators to
fulfill binding traffic engineering needs. One important task achieved through the use
of routing policies for traffic engineering is the control and optimization of the routing
function in order to allow the ASes to engineer the incoming traffic. The advertisement
of more-specific prefixes, also known as prefix deaggregation, provides network operators
with a fine-grained method to control the interdomain ingress traffic, given that the
longest-prefix match rule over-rides any other routing policy applied to the covering lessspecific
prefixes.
Nevertheless, however efficient, this traffic engineering tool comes with a cost, which
is usually externalized to the entire Internet community. Prefix deaggregation is a known
reason for the artificial inflation of the BGP routing table, which can further affect the
scalability of the global routing system. Looking past the main motivation for deploying
deaggregation in the first place, we identify and analyze here the economic impact of
this type of strategy. We propose a general Internet model to analyze the effect that
advertising more-specific prefixes has on the incoming transit traffic burstiness. We show
that deaggregation combined with selective advertisements (further defined as strategic
deaggregation) has a traffic stabilization side-effect, which translates into a decrease of the
transit traffic bill. Next, we develop a methodology for Internet Service Providers (ISPs)
to monitor general occurrences of deaggregation within their customer base. Furthermore,
the ISPs can detect selective advertisements of deaggregated prefixes, and thus identify customers which may impact the business of their providers. We apply the proposed
methodology on a complete set of data including routing, traffic, topological and billing
information provided by an operational ISP and we discuss the obtained results.
Description
Mención Internacional en el título de doctor
Keywords
Routing, BGP, Border Gateway Protocol, Monitoring