120 likes | 225 Views
Understanding BGP in Action. Dan Massey USC/ISI. DARPA NMS PI Meeting November 14, 2002. Some Open Questions. How well is BGP performing in the Internet? Where does BGP design or operation excel? Are there potential breaking points Are we close to any breaking points?
E N D
Understanding BGP in Action Dan Massey USC/ISI DARPA NMS PI Meeting November 14, 2002
Some Open Questions • How well is BGP performing in the Internet? • Where does BGP design or operation excel? • Are there potential breaking points • Are we close to any breaking points? • What lessons do this imply for protocol design? • Combine analysis with measurement and simulation to answer the above questions. masseyd@isi.edu
Measurement • Essential contributions of real measurement: • Component interactions are notunderstood and are only fully captured in the real system • Policies can be complex and have surprising impact. • Limitations on real measurement • Measurement artifacts can bias results • No vantage point (or collection of points) is representative of the “Internet”. • Easy to get lost in interesting data, but objective is results leading to insight and understanding. • Property of protocol vs property of implementation. masseyd@isi.edu
Classification of BGP Updates Routing Changes Measurement Artifacts masseyd@isi.edu
A Closer Look at the Route Changes Actual path changes Updates with no path change masseyd@isi.edu
Some Implications • Measurement artifacts illustrate the potential breaking points of hard connections. • Requires understanding of TCP and BGP. • Related Packet Design announcement last week. • SPATH (same path) updates consume cycles but convey varying degree of useful data. • On some days, set of DoD prefixes < 0.02% of Internet) contributed over 90% of SPATH updates. • Represents a valid policy, but is it useful/desirable? • Lesson: keep changes local if possible masseyd@isi.edu
What’s Else is Hiding in These Updates? • Invalid BGP routes exist in everyone’s table. • One example observed on 4/16/01 took out a gTLD (com/net/org) name server. originates route to 192.26.92/24 ISPs announce new path 3 lasted 20 minutes 1 lasted 3 hours Internet c.gtld-servers.net 192.26.92.30 rrc00 monitor masseyd@isi.edu
gTLD servers But DNS Routes Are Also Predictable ISP1 Root servers masseyd@isi.edu
Bush, Griffin, and Mao illustrate the challenge Top node sends one announce/withdraw. Only 5 nodes in network. No other events occur. 52 different update sequences can result See Bush, et.al in October 2002 NANOG. Now scale to Internet size and add multiple events! Theoretical Limitations Annouce/withdraw Monitor may see any of 52 different sequences masseyd@isi.edu
Simulation • Large scale systems with diverse components have intrinsically complex external behavior. • Potentially large numbers of unexpected events and couplings between diverse elements. • Use simulation to model and test scale changes. • X. Zhao, et. al exploits scale to an advantage • Hard to hide to valid data. • More understanding needed, but challenge of simulation scale • Additional challenge of reflecting component complexity. masseyd@isi.edu
Some Recent References • Our recent work: http://www.fniisc.nge.isi.edu • Observation and Analysis of BGP Behavior under Stress, 2nd ACM SIGCOMM Internet Measurement Workshop , November 2002. • Protecting the Routes to Top Level DNS Servers, NANOG 25, June 11, 2002. • Improving BGP Convergence Through Consistency Assertions, Presented at INFOCOM, June 23-27, 2002. • Detection of Invalid Routing Annoucements in the Internet, Presented at DSN, June 23-26, 2002. • October NANOG • SIGCOMM Internet Measurement Workshop masseyd@isi.edu