1 / 21

Avoiding traceroute anomalies with Paris Traceroute

Avoiding traceroute anomalies with Paris Traceroute. Brice Augustin (Université Pierre et Marie Curie-LIP6/CNRS) Xavier Cuvellier, Timur Friedman, Renata Teixeira (Université Pierre et Marie Curie-LIP6/CNRS) Fabien Viger, Benjamin Orgogozo, Matthieu Latapy

banyan
Download Presentation

Avoiding traceroute anomalies with Paris Traceroute

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Avoiding traceroute anomalies with Paris Traceroute Brice Augustin (Université Pierre et Marie Curie-LIP6/CNRS) Xavier Cuvellier, Timur Friedman, Renata Teixeira (Université Pierre et Marie Curie-LIP6/CNRS) Fabien Viger, Benjamin Orgogozo, Matthieu Latapy (Université Denis Diderot-LIAFA/CNRS) Clémence Magnien (Ecole Polytechnique-CREA/CNRS)

  2. Contributions • Identified traceroute deficiencies on load balanced paths • Measured paths are inaccurate and incomplete • False diamonds, false loops and false cycles • Built a new traceroute: Paris traceroute

  3. Traceroute under load balancing Actual topology: A C Dst E Src L TTL = 2 B D TTL = 3 Inferred topology: A C False link Dst E Src L B D Missing nodes and links

  4. Anomalies: false diamonds A C Actual topology: Dst E Src L B D Inferred topology: A C Dst E Src L B D

  5. Anomalies: false loops and cycles TTL = 3 Actual topology: A Dst Src D L B C TTL = 4 TTL = 2 Inferred topology: Src Dst L D B

  6. Anomalies happen even under per-flow load balancing • Traceroute uses the destination port as identifier • Per-flow load balancers use the destination port as part of the flow identifier Port 2 Flow 1 A C Port 1 Dst E Src L TTL = 2 Port 3 B D TTL = 1 TTL = 3

  7. Paris traceroute • Solves the problem with per-flow load balancing • Probes to a destination belong to same flow • How to identify probes? • Use the UDP checksum • Does not address per-packet load balancing Checksum 2 Checksum 3 Port 1 Port 1 A C Checksum 1 Port 1 Dst E Src L TTL = 2 TTL = 3 B D TTL = 1

  8. Measurement infrastructure 5000 reachable destinations • Measurements • 1 round takes 100 minutes • 2 months • 1465 rounds Paris traceroute Classic traceroute Paris traceroute Classic traceroute Paris Paris traceroute INTERNET Source

  9. Unusual observations Diamonds Loops Cycles • What portion of these are false, i.e. anomalies? A A A B C B B D C C

  10. Measurement artifacts are common From our LIP6 vantage point: • Diamonds appear in 30% of the destinations • Paris traceroute removes 10,662 from 19,159 (56%) • Loops appear in 4.5% of the measured routes • Paris traceroute removes 5,047 from 5,795 (87%) • Cycles appear in 0.25% of the measured routes • Paris traceroute removes 3,886 from 5,674 (68%) • Other causes • Routing changes • NAT boxes • Buggy routers • Per-packet load balancing

  11. Conclusion • Classic traceroute leads to anomalies: • False diamonds, false loops and false cycles • Per-flow load balancers cause most of the anomalies • Paris traceroute reports more precise paths

  12. More information www.paris-traceroute.net

  13. Future Directions • Exhaustive algorithm • Find all paths • Fine characterization of load balancers • Impact on inferred graphs (stats, dynamics) • Broader experiments • More sources and destinations • Path diversity • Optimize Internet connections by selecting the appropriate flow identifier

  14. Anomalies: false loops and cycles TTL = 3 A Dst D Src L B C E TTL = 5 TTL = 2 TTL = 4 Dst D Src L B E

  15. Anomalies:Loops caused by buggy routers -bash$ traceroute Dst traceroute to Dst 1B0.289 ms 2 B 0.278 ms 3 Dst 0.578 ms Dst Src A B X Rejects the probe with a TTL of 0 and sends it back to the source Forwards the probe with TTL equal to 0 Forwards the probe with TTL equal to 0 TTL = 1 TTL = 1 Rejects the probe with a TTL of 0 and sends it back to the source TTL = 2 -bash$ traceroute-paris Dst traceroute to Dst 1 B0.289 ms!T0 2 B 0.278 ms 3 Dst 0.578 ms Src Dst B

  16. Anomalies:Loops caused by NAT boxes Response TTL = 254 IP Identifier = 12375 Response TTL = 252 IP Identifier = 9356 Dst (NAT) Src A B C Dst B TTL = 2 TTL = 3 TTL = 3 Response TTL = 253 IP Identifier = 5286 2 Dst Src A See [ Bellovin 2002 ]

  17. An intriguing traceroute output -bash$ -bash$ traceroute F traceroute to F, 64 hops max, ... 1 A0.353 ms 0.358 ms 0.222 ms 2 B0.848 msC0.264 msB0.985 ms 3 D0.225 msE0.718 msD0.778 ms 4 F0.590 ms 0.609 ms 0.750 ms -bash$ -bash$ -bash$ A B C ? D E F

  18. An intriguing traceroute output -bash$ -bash$ traceroute F traceroute to F, 64 hops max, ... 1 A0.353 ms 0.358 ms 0.222 ms 2 B0.848 msC0.264 msB0.985 ms 3 D0.225 msE0.718 msD0.778 ms 4 F0.590 ms 0.609 ms 0.750 ms -bash$ -bash$ -bash$ traceroute F traceroute to F, 64 hops max, ... 1 A0.253 ms0.354 ms 0.325 ms 2 C0.342 ms0.364 msB0.825 ms 3 E0.216 msD0.614 ms0.820 ms 4 F0.612 ms 0.503 ms 0.728 ms -bash$ A B C ? D E F

  19. Anomalies: diamonds A C Dst E Src L B D A C Dst E Src L B D

  20. What we expect with per-flow load balancing Flow 1 A C Dst E Src L TTL = 2 B D TTL = 3 A Dst E Src L D

  21. How traceroute works Src Dst A B 0 1 0 1 TTL = 1 TTL = 2 TTL = 3 Src Dst A0 B0 Src Dst A1 B1

More Related