1

Policy Disputes in Path-Vector Policy Disputes in Path-Vector ProtocolsProtocols

A Safe Path-Vector ProtocolA Safe Path-Vector Protocol

Zacharopoulos Dimitris

(Jimmy@nic.umass.edu)

2

OverviewOverview

Describe basic problemsThe SPVP frameworkStability proposalsCandidate protocols

3

Basic problems with routingBasic problems with routing

BGP can theoretically divergeUnable to simulate the InternetISPs don’t publish their policies

4

SPVP FrameworkSPVP Framework

This framework applies to all path-vector protocols like BGP

Designed to capture the semantics of such protocols

Basic information– Permitted paths– Ranking of those paths

5

Route selection process in BGPRoute selection process in BGP

BGP Record– nlri:– next_hop:– as_path:– local_pref:– med:– c_set:

6

Route selection process in BGPRoute selection process in BGP

First check the nlriSecond local_prefThird shortest as_pathFourth lowest medFifth and last, smallest next_hop

7

SPVP Specifications and notationSPVP Specifications and notation Connected graph G=(V,E)

– V = {0,1,2,…,n} nodes– E = edges– For any node u, peers(u) = w {u,w} belong in E– 0 is the origin– P = {vk,vk-1,…,v1,v0} a path in G– Pv = permitted paths from v to 0– λv is a ranking function over Pv

• P1,P2 belong to Pv and λv(P1) < λv(P2), P2 is preferred over P1

– Λ is a set of ranking functions S=(G,P,Λ) is an SPVP specification

8

NoteNote

ReachabilityStability

– Node i is stable if λi((i,j)Pj) λi(Pi) whenever (i,j)Pj belongs in Pi

– A tree T is stable if all nodes are stableSolvability

– If there is a stable routing tree for S

9

Examples of SPVP specificationsExamples of SPVP specifications

Figure (b) is a solution for the SPVP specification of figure (a)

T1 = (1 3 0), (2 0), (3 0), (4 3 0) (stable)T2 = (1 0), (2 0), (3 0), (4 3 0) (unstable)

10

Sufficient conditions for stabilitySufficient conditions for stability

The Dispute DigraphDispute Wheels

11

The Dispute Digraph The Dispute Digraph

– Q is a permitted path at v

– P is a permitted path at u

– The arc is a local policy dispute about the relative ranking of P and Q

• (u,v)Q is rejected at u or λu((u,v)Q) < λu(P),• λv(P[v,0]) λv(Q)

12

The Dispute digraphs The Dispute digraphs

13

Dispute Wheels Dispute Wheels Π = (U, Q, R) of size k : Dispute

wheel U = { u0, u1, … ,uk-1} : Set of nodes

Q = {Q0, Q1, … ,Qk-1}: Set of paths

R = {R0, R1, … ,Rk-1} : Set of paths

1) Ri is a path from ui to ui+1

2) Qi belongs to Pu(i)

3) RiQi+1 belongs to Pu(i)

4) λu(i)(Qi) λu(i)(RiQi+1)

14

Properties of Dispute Wheels Properties of Dispute Wheels

If a specification S has more than one solution, then it has a dispute wheel

No dispute wheel implies a solution Divergence Implies a Dispute wheel If there is a cycle in the evaluation graph,

then S contains a dispute wheel Conclusion:If S has no dispute wheel, then the evaluation

graph has no cycles and so S is safe

15

Sufficient Condition Sufficient Condition

The lack of Dispute wheels means stability

The converse does not hold

This Specification has a dispute wheel but the evaluation graph has no cycles

16

A Safe Path Vector ProtocolA Safe Path Vector Protocol

Address the same problems – Stable Paths

Propose three protocols– SPVP1: Unable to detect oscillation

– SPVP2: Dynamically computing histories

– SPVP3: Detect and suppress unsafe paths

17

The Stable Paths ProblemThe Stable Paths Problem

Same as Dispute Digraph and Dispute Wheel

Always try to reach an equilibrium point in which each node is assigned its local maximum rank

18

Simple Path Vector Protocol 1Simple Path Vector Protocol 1

Abstract version of BGP

Will always diverge for unsolvable Stable Paths Problem

Also might diverge for solvable SPP

19

Simple Path Vector Protocol 2Simple Path Vector Protocol 2Adds a dynamically computed

attribute to messages: path history

Check step 6 Node 2 adopted path (2 0) because it

went down from (2 1 0) because node 1 went up to (1 3 0) because node 3 went down from (3 4 2 0) because node 4 went down from (4 2 0) because 2 went up to (2 1 0)

20

Simple Path Vector Protocol 2Simple Path Vector Protocol 2 Node 2 adopted path (2 0) because it went down from (2 1 0) because node

1 went up to (1 3 0) because node 3 went down from (3 4 2 0) because node 4 went down from (4 2 0) because 2 went up to (2 1 0)

Use path change event. The history will be:

(- 2 1 0) (+ 1 3 0) (- 3 4 2 0) (- 4 2 0) (+ 2 1 0)

This history contains a cycle Extend this to all nodes

21

This is a dynamic trace for SPVP2

At step 9 every node has a cycle in its history

22

Simple Path Vector Protocol 3Simple Path Vector Protocol 3

Dynamically suppress a bad pathOur example should converge to the

path assignment:((1 3 0), , (3 0), (4 3 0))

At step 6 there is a cycle detected. So node 2 adds path (2 0) to a set of bad paths and adopts the empty path

So BAD GADGET is solved

23

ConclusionConclusion

SPVP3 is a safe Routing Protocol

Try to extend BGP to add history in route records

Propose triggered histories– Start recording when a conflict occurs

24

SummarySummary

Defined basic routing problems– Instability

Introduced the SPVP frameworkDescribed a safe routing protocol