Leveraging BGP Dynamics to Reverse-Engineer Routing Policies
description
Transcript of Leveraging BGP Dynamics to Reverse-Engineer Routing Policies
![Page 1: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/1.jpg)
1
Leveraging BGP Dynamics to Reverse-Engineer Routing
Policies
Sridhar MachirajuRandy H. KatzUC, Berkeley
OASIS Retreat, Summer 2005
![Page 2: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/2.jpg)
2
Outline
• Internet Routing and Policies• Goal• Proposed Solution• Evaluation• Conclusions and Future Work
![Page 3: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/3.jpg)
3
Internet Routing
• Two-level– Intra-domain (OSPF, IS-IS etc.)– Inter-domain (BGP)
• Border Gateway Protocol– Policy-aware– Path-vector– Based on bilateral peering
relationships
![Page 4: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/4.jpg)
4
BGP Routing Policies
• Often proprietary and rarely revealed
• Influence– Whether or not to accept routes– Route selection process– Whether or not to propagate routes to
neighbors
![Page 5: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/5.jpg)
5
BGP Routing Policies (contd.)
AS A
1.Route with highest local preference2.Route with smallest # of hops3.Route learnt over IGP4.Route with smallest MED, same next hop5.Route learnt over eBGP6.Route with smallest IGP metric7.Route advertised by smallest ID router
a) Apply import policies
b) Tie-breaking steps in route selection
c) Apply export policies
![Page 6: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/6.jpg)
6
BGP Routing Policies (contd.)
AS A
1.Route with highest local preference2.Route with smallest # of hops3.Route learnt over IGP4.Route with smallest MED, same next hop5.Route learnt over eBGP6.Route with smallest IGP metric7.Route advertised by smallest ID router
a) Apply import policies
b) Tie-breaking steps in route selection
c) Apply export policies
![Page 7: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/7.jpg)
7
Outline
• Internet Routing and Policies• Goal• Proposed Solution• Evaluation• Conclusions and Future Work
![Page 8: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/8.jpg)
8
Goal
• Reverse-engineer local preference values
• Why?– Assist operators in performing inter-
domain traffic engineering (TE)– Prevent mis-configured and
divergence-causing policies– To understand Internet routing and
influence future architectures
![Page 9: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/9.jpg)
9
Prior Work
• AS relationships– [Subram02characterizing,
Wang03inferring, Gao01inferring]– Analyze BGP routing tables
• Use BGP dynamics for root cause analysis– [Feldmann04locating,
Caesar03localizing]
![Page 10: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/10.jpg)
10
Outline
• Internet Routing and Policies• Goal• Proposed Solution• Evaluation• Conclusions and Future Work
![Page 11: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/11.jpg)
11
Solution Overview• Leverage BGP dynamics to infer
routing policies
A
D
X
B C
1. ABDXRouter in X failsD withdraws DX from BD withdraws DX from CB withdraws BDX from A
2. ACDXC withdraws CDX from A
3. A withdraws ACDX
Loc_pref(B) > Loc_pref(C)
![Page 12: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/12.jpg)
12
Basic Observation
• ObsDec: AS A advertises paths in order of decreasing preference if – No new paths are advertised to A– A’s policy is unchanged
• ObsInc: AS A advertises paths in order of increasing preference if – No paths are withdrawn from A– A’s policy is unchanged
![Page 13: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/13.jpg)
13
Proposed Algorithm
• To use ObsDec– Look at PrefixDown events
• Use timeout to classify per-prefix updates at a BGP speaker into events
• Consider events in which a(n initially) stable route was withdrawn.
– During PrefixDown• New short-lived paths may be advertised
in pathological convergence processes
![Page 14: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/14.jpg)
14
Pathological Convergence Process
• e.g., A’s local preference is not dependent only on next-hop AS
A
D
X
B C
1. ABDXRouter in X failsD withdraws DX from B,CC selects CEXC advertised CEX to A
2. ACEXB withdraws BDX from AE withdraws EX from CC withdraws CEX from A
3. A withdraws ACEX
Loc_pref(B) > Loc_pref(C)
E
Loc_pref(CEX) >
![Page 15: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/15.jpg)
15
Justifying Heuristics• Policies mostly dependent only on
next hop• A neighbor that did not export earlier
will not do so after failure too.• Induced updates are rare
([Feldmann04])• New short-lived path advertisements
are limited by MRAI timer (30secs) unlike withdraw messages– Only look at first/last update
![Page 16: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/16.jpg)
16
Deducing local preferences
• BGP router/monitor of AS A observes, for prefix P, a PrefixDown event– Stable route R1 UVWXZD – Followed by route update R2 UVWYD
• Deduce W’s locpref(X) >= W’s locpref(Y)
![Page 17: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/17.jpg)
17
Deducing local preferences
• Use ObsDec and ObsInc– On update stream(s) PrefixDown/
PrefixUp events• If R1 preferred over R2,
– length(R1) > length(R2) implies locpref(R1) > locpref(R2) (+ve inference)
– length(R1) <= length(R2) implies locpref(R1) >= locpref(R2) (-ve inference)
![Page 18: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/18.jpg)
18
Outline
• Internet Routing and Policies• Goal• Proposed Solution• Evaluation• Conclusions and Future Work
![Page 19: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/19.jpg)
19
Simulations• Use SSFNet; pathological example
A
D
B C
Default: Shortest path preferredLocprefA(ABD) > LocprefA(AD)LocprefB(BCD) > LocprefB(BD)
D advertises to A,B,C1. C receives AD
B advertises BD to A2. C receives ABD
C advertises CD to BB chooses BCDB advertises BCD to AA prefers AD to ABCD
3. C receives AD
updates seenby C
ABD is not less preferred than AD by A!
![Page 20: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/20.jpg)
20
Simulations• If policies depend only on next
hop…A
D
B C
Default: Shortest path preferredLocprefA(AB*D) > LocprefA(AD)LocprefB(BC*D) > LocprefB(BD)
D advertises to A,B,C1. C receives AD
B advertises BD to A2. C receives ABD
C advertises CD to BB chooses BCDB advertises BCD to AA prefers ABCD to AD
3. C receives ABCD
updates seenby C
B does prefer BCD over over BD.
![Page 21: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/21.jpg)
21
Archived BGP Data
• Routeviews archived BGP data– About 50 peers– Updates from Jan 2003 – Jan 2005– Jan 2005 – 1.188 million events
available– 740000 PrefixDown and 450000
PrefixUp events • MRAI timer
– Inferences regarding 40000 IP prefixes• 6% Positive inferences
![Page 22: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/22.jpg)
22
Validation
• Whois registries– Incomplete– Confusion regarding RPSL syntax
• Some specs seem correct – AS5511– Validated 3 cases manually with
registered policy• 5511,6505(4),21826 > 5511,3549,21826
– Path prepending was seen to be useless
![Page 23: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/23.jpg)
24
Consistency Validation
• Same inference was made from each of the views
• No new path seen in any of the views– Our heuristic does not see induced updates
![Page 24: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/24.jpg)
25
Applications
• Non-conforming policies– Deviant policy in about 10000 prefixes!– Verio prefers GBX over AS15270, a
customer of Verio
• Inter-domain TE– OpenTransit prefers AS6505 over
AS354; path prepending does not help
![Page 25: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/25.jpg)
26
Outline
• Internet Routing and Policies• Goal• Proposed Solution• Evaluation• Conclusions and Future Work
![Page 26: Leveraging BGP Dynamics to Reverse-Engineer Routing Policies](https://reader036.fdocuments.us/reader036/viewer/2022062520/56815731550346895dc4d107/html5/thumbnails/26.jpg)
27
Conclusions and Future Work
• A novel approach to reverse-engineer local preference using BGP dynamics
• Pros– Prefix owners (edge ASs) can artificially
cause events!
• More simulations and validation– Clarify/determine when heuristic fails
(induced updates)