Dongkee LEE (dklee@an.kaist.ac.kr) 1

BorderGuard:BorderGuard:Detecting Cold Potatoes from PeersDetecting Cold Potatoes from Peers

Nick Feamster, et al.

Dongkee LEE (dklee@an.kaist.ac.kr) 2

Overview.Overview.

Hot/Cold Potatoes.

BoarderGuard.

Results.

Dongkee LEE (dklee@an.kaist.ac.kr) 3

Hot potato routingHot potato routing

Peering contracts typically require the peer to provide consistent routes at all interconnection points.

AS B can direct traffic through

peering point 3.

Dongkee LEE (dklee@an.kaist.ac.kr) 4

What’s the best route?What’s the best route?

BGP decision process.

1. Highest local preference.2. Lowest AS path length.3. Lowest origin type.4. Lowest MED (with same next-hop AS). 5. eBGP-learned over iBGP-learned.6. Lowest intradomain path cost to egress point.7. Lowest router ID of BGP speaker.

Dongkee LEE (dklee@an.kaist.ac.kr) 5

Using eBGP Feeds Using eBGP Feeds A network has m peer ASes, p = 1 … m

and np eBGP sessions with peer p. rp,u – route for the prefix d determined by update message on se

ssion u, where u in [1, np]

AS p

Let’s go to AS p

We can choose one of the rp,1 … rp,np

321

rp,1 rp,2 rp,3 rp,np ...

np

Dongkee LEE (dklee@an.kaist.ac.kr) 6

Using eBGP Feeds Using eBGP Feeds Upon receiving an update messages on session u,

Compare λ(rp,u) to λ(rp,v) for v in [1, np],

where λ() is a route ranking function.

Dongkee LEE (dklee@an.kaist.ac.kr) 7

Using iBGP Feeds Using iBGP Feeds Routers(p) - set of np routers in the AS that peer with p. For each border router i,

Import policy Ii is applied to rp,i

Select the best route bi = Ii (rp,i) for a destination.

Distributes the route bi to other routers in the AS via iBGP.

Limitations,

Dongkee LEE (dklee@an.kaist.ac.kr) 8

Using iBGP Feeds - LimitationsUsing iBGP Feeds - Limitations Import policy can make consistent routes appear inconsistent. Inability to distinguish inconsistent routes from a missing route.

AS p

21

AS q

“1 4 3” “1 5 3”

Monitoring point

b1 b2

λ(rp,1) = λ(rp,2)

Ii (rp,1) is not Ii (rp,2)

b1 = Ii (rq,1)

Dongkee LEE (dklee@an.kaist.ac.kr) 9

Using iBGP Feeds Using iBGP Feeds Upon receiving an update messages on session u,

for each border router i, i in [1, k] :

for each router j in Routers( peer(bi)) :

compare λ(bj) to λ(Ij ( I-1i(bi) ))

λ(rp,u) = λ(rp,v)

λ (I-1u (bi)) = λ(rp,v)

λ (Ij(I-1u (bi))) = λ (Ii(rp, v))

Dongkee LEE (dklee@an.kaist.ac.kr) 10

Results Results

AT&T’s commercial IP backbone. Analyze eBGP from one of AT&T’s peers.

iBGP from the border routers in AT&T’s net.

Assumes that AT&T’s import policies and peering sessions did not change during this period.

Dongkee LEE (dklee@an.kaist.ac.kr) 11

How bad routes can come … How bad routes can come … How bad routes can come from good peers ?

Dongkee LEE (dklee@an.kaist.ac.kr) 12

The END