Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the...
Transcript of Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the...
![Page 1: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/1.jpg)
Impactful Routing Research with PᴇᴇʀɪɴɢCombining intradomain emulation with real BGP connectivity
Brandon Schlinker, Ethan Katz-Bassett, Italo CunhaUniversity of Southern California, California, USA
Universidade Federal de Minas Gerais, Minas Gerais, Brazil
1
AIMSFebruary 2015
![Page 2: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/2.jpg)
With Pᴇᴇʀɪɴɢ, experiments can exchange
BGP routes and traffic at locations around the world
Pᴇᴇʀɪɴɢ: The BGP Testbed
2
![Page 3: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/3.jpg)
PEERINGServer
With Pᴇᴇʀɪɴɢ, experiments can exchange
BGP routes and traffic at locations around the world
Pᴇᴇʀɪɴɢ: The BGP Testbed
3
Amsterdam IX (AMS-IX)
![Page 4: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/4.jpg)
PEERINGServer
With Pᴇᴇʀɪɴɢ, experiments can exchange
BGP routes and traffic at locations around the world
Pᴇᴇʀɪɴɢ: The BGP Testbed
4
Amsterdam IX (AMS-IX)
ExperimentorAllocated:
184.164.224.0/23
![Page 5: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/5.jpg)
PEERINGServer
With Pᴇᴇʀɪɴɢ, experiments can exchange
BGP routes and traffic at locations around the world
Pᴇᴇʀɪɴɢ: The BGP Testbed
5
Amsterdam IX (AMS-IX)
ExperimentorAllocated:
184.164.224.0/23
184.164.224.0
184.164.225.0
![Page 6: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/6.jpg)
Pᴇᴇʀɪɴɢ provides unprecedented control
6
Route monitors / traceroutes only measure existing routesSimulations and emulations lack realism
![Page 7: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/7.jpg)
Pᴇᴇʀɪɴɢ provides unprecedented control
Route monitors / traceroutes only measure existing routesSimulations and emulations lack realism
With Pᴇᴇʀɪɴɢ, experiments can make changes...- route poisoning to check how other networks react- announce / withdraw routes at different PoPs / for different peers- select their outgoing routes
7
![Page 8: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/8.jpg)
Measuring ROA Filter Adoption with Pᴇᴇʀɪɴɢ
8
Route Origin Authorizations (ROA)- specifies which networks are allowed to announce a prefix
Existing studies have focused on the adoption of ROAs- do prefixes have ROAs and do they match the observed routes?- but ROAs are only effective if they are used in routing decisions
![Page 9: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/9.jpg)
Measuring ROA Filter Adoption with Pᴇᴇʀɪɴɢ
9
Route Origin Authorizations (ROA)- specifies which networks are allowed to announce a prefix
Existing studies have focused on the adoption of ROAs- do prefixes have ROAs and do they match the observed routes?- but ROAs are only effective if they are used in routing decisions
With Pᴇᴇʀɪɴɢ, we’re measuring how / if ROAs are used in decisions- coordinate BGP announcements, ROA manipulations- observe how ASes react (traceroutes, BGP collectors)
![Page 10: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/10.jpg)
Announce Anchor Prefix (184.164.224.0/24)
10
PEERINGTestbed
AS61574 AS61575
184.164.224.0
Announce anchor prefixprefix originated from two ASNs
AS61574’s announcement is propagated to a transit provider
AS61575’s announcement is propagated directly to peer
Expected path for HE to prefixHE -> PEERING -> AS61575(shortest path)
Internet
![Page 11: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/11.jpg)
Check Behavior for Test Prefix (184.164.225.0/24)
11
PEERINGTestbed
AS61574 AS61575
184.164.225.0
Add ROA for test prefixAS61574 is valid origin
Announce test prefixoriginated from same ASNspropagated to same peers
If HE’s filters account for ROAswill reject route from 61575prefer longer route from 61574
Internet
![Page 12: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/12.jpg)
Measuring Path Performance with Pᴇᴇʀɪɴɢ
12
Large content and cloud providers have many paths to destination- result of lots of peering at IXPs and backbones between PoPs
What’s the value of this rich interdomain connectivity?- can it help improve end-user experience? (bypass congestion?)- what’s the relative value of different IXP connections?
![Page 13: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/13.jpg)
Measuring Path Performance with Pᴇᴇʀɪɴɢ
13
Large content and cloud providers have many paths to destination- result of lots of peering at IXPs and backbones between PoPs
What’s the value of this rich interdomain connectivity?- can it help improve end-user experience? (bypass congestion?)- what’s the relative value of different IXP connections?
With Pᴇᴇʀɪɴɢ, we can:- direct traffic across different paths and measure performance- build and evaluate systems that leverage this rich connectivity
![Page 14: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/14.jpg)
Research Supported by Pᴇᴇʀɪɴɢ
- LIFEGUARD: route around failures- PECAN: joint content & network routing- PoiRoot: locate root cause of path changes- ARROW: deployable fix to routing problems- SDX: software-defined Internet exchange- Measuring Internet routing policies- Sprite: SDN-based inbound traffic engineering- RAPTOR: Routing attacks on TOR
14
(bold = Pᴇᴇʀɪɴɢ required)
SIGCOMM 12SIGMETRICS 13SIGCOMM 13SIGCOMM 14SIGCOMM 14IMC 15SOSR 15USENIX Security 15
![Page 15: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/15.jpg)
15
Updates on Pᴇᴇʀɪɴɢ Testbed
![Page 16: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/16.jpg)
More Points of Presence, More IXP Connectivity
Now control 8 ASNs, multiple IPv4 and v6 prefixes- Officially transferred our primary ASN (47065) from GENI
Pᴇᴇʀɪɴɢ projected to have 17 points of presence by mid-year- adding 10 or 40G connectivity at CloudLab sites (3 sites)
Highest priority = Internet Exchange Points (7 sites)- Seattle Internet Exchange (connected)- Amsterdam Internet Exchange (connected)- Phoenix Internet Exchange (connected)- Equinix facilities in Dallas and Asburn (equipment at facilities)- Brazil Internet Exchange in São Paulo (shipping soon)- One Wilshire in Los Angeles (planning)
16
![Page 17: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/17.jpg)
Measurements as a Service
Beacon service continuously issues announcements- cycles any unallocated prefixes through announcement loop
Experiments can control beacon service- request announcement through web interface UI- lower overhead than setting up infrastructure locally (VPNs, BIRD)- investigating programmatic interface (hackathon feedback)
Regular measurements and announcement- regular traceroutes from RIPE Atlas towards all /24s (every 20 min)- announcements archived in BGPMon
17
![Page 18: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/18.jpg)
Colocating Experiments at PoPs
18
Today, clients establish VPN connections to Pᴇᴇʀɪɴɢ PoPs- control and data-plane traffic is relayed to their system- sufficient for almost any control-plane experiment- difficult to run services, conduct performance measurements
![Page 19: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/19.jpg)
Colocating Experiments at PoPs
19
Remove backhauling by installing user VMs at PoPs- supports non-resource intensive experiments- enables hosting of Anycast content / services- enables performance / routing experiments
![Page 20: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/20.jpg)
Virtualized Layer-2 Backbone Connecting Sites
Connecting all PoPs via virtualized layer-2 interconnection- use R&E network infrastructure- provides performance guarantees, control over routing
20
![Page 21: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/21.jpg)
Experimenting with Large Cloud Networks
21
Cloud datacenters(compute, 10/40G)
Points of Presence(interdomain connectivity, 10/40G at some sites)
Connecting L2 network(virtualized via R&E Networks)
![Page 22: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/22.jpg)
Experimenting with Large Cloud Networks
22
Datacenters Backhaul Interdomain PoPs
Qualitative representation of cloud / content provider’s network- control of intra and interdomain routing, including R&E routes- services can be hosted for performance / route measurements- new routing schemes can be evaluated
![Page 23: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/23.jpg)
Improving Experiment Setup Process
New website interface for users- experiment setup was previously manual, error-prone process- automated majority of the steps, including allocations- adding more visibility to website, including looking glass
Rewrote setup scripts to make them easier to use- decide which peers at an IX receive an announcement- decide how egress traffic is routed among available paths- changed from Quagga to BIRD to support added functionality- successfully supported multiple clients during hackathon
23
![Page 24: Impactful Routing Research with Pᴇᴇʀɪɴɢ · BGP routes and traffic at locations around the world Pᴇᴇʀɪɴɢ: The BGP Testbed 2. ... propagated directly to peer Expected](https://reader033.fdocuments.us/reader033/viewer/2022042911/5f42189b1041c135fa002777/html5/thumbnails/24.jpg)
Summary
Pᴇᴇʀɪɴɢ is built for the community's research:- we’ve tackled the challenge of setting up this infrastructure- deployed routers and established peerings around the world- manage filters, traffic restrictions, peering sessions, servers
Working to expand Pᴇᴇʀɪɴɢ to meet the community’s needs:- colocated experiments, backbone connectivity, CloudLab- supporting a number of new security experiments
Contact us:- [email protected]
24