1 / 20

Alias Resolution

Alias Resolution. Yao Zhao. Why is Alias Resolution Important. Internet Topology Measurement Traceroute based approaches [Mercator,Rocketfoul] Traceroute discovers interfaces other than routers If alias is not resolved Virtual nodes Virtual edges Virtual topology.

harsha
Download Presentation

Alias Resolution

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Alias Resolution Yao Zhao

  2. Why is Alias Resolution Important • Internet Topology Measurement • Traceroute based approaches [Mercator,Rocketfoul] • Traceroute discovers interfaces other than routers • If alias is not resolved • Virtual nodes • Virtual edges • Virtual topology

  3. Existing Alias Resolution Approaches • DNS names • Some IP addresses are associated with the same DNS name • Using ICMP Port Unreachable • Source address of ICMP Port Unreachable is the outgoing interface that sends back ICMP TTL-exceeded. • Monotonically Increasing IP-ID • The IP-ID of two IP addresses are correlated

  4. What Are Unique in A Router • IP-ID counter • Buffer • IP fragment buffer • Rate Limiting Property • Allowed number of packet in a certain time • Periodically Maintenance • “Coffee-break” and most likely occurs when routers push forwarding tables to the line cards. • Fragments purge period

  5. IP Fragments Buffer A1B1C1D1A2B2 … A1 A2 B1 B2 C1 D1

  6. IP Fragments Buffer A1B1C1D1E1 A2B2 … E1 A1 B1 A2 C1 B2 D1 C2

  7. IP Fragments Buffer A1E1B1F1C1G1D1H1A2E2 … A1 A2 B1 B2 C1 D1 E1 E2 F1 F2 G1 H1

  8. IP Fragments Buffer A1E1B1F1C1G1D1H1A2E2 … C1 A1 E1 G1 D1 B1 H1 F1

  9. IP-ID Counter Verify previous research data Re-implement counter-based algorithm Rocketfuel alias resolution / Ally

  10. IP-ID Counter IP packet contains unique ID Large portion of routers generate sequential ID values

  11. IP-ID Counter Previous research 70% routers implement consecutive IP-ID counter User-level Internet Path Diagnosis, 2003. Ratul Mahajan, Neil Spring, David Wetherall, Thomas Anderson

  12. IP-ID Counter Procedure: Modify Yao’s LossProbe code Extract ID from header Send stream of ICMP_ECHO packets, await response, send stream of ICMP_TIMESTAMP packets, await response Probe 6,000+ routers known to be responsive to ICMP packets Analyze probe results, for each IP: Derive IP-ID interval sets For each set: min, max, mean, std

  13. IP-ID Counter Results 41% of responsive routers exhibited consecutive counter behavior; 1834 out of 4440 Follow-up test performed on 500 routers; 39% exhibited counter behavior Sample Data:

  14. IP-ID Counter Inferences Min, Max threshold Avg, Stddev threshold Next steps Create hasCounter(IP) probe function, use threshold values Create isAlias(IP1, IP2) prob function, interleave probe streams Test results against Ally

  15. Rate limiting • Many routers set a limit on the number of ICMP packets generated per unit time in response to requests directed at them • This is done to mitigate security vulnerabilities (such as the ping of death)

  16. Alias resolution using Rate limit (1) • If we know the value of the rate limit parameter for a router, this could help us in resolving two of its aliases • If set, this limit is set to very low values (< 10 in most cases)

  17. Alias resolution using Rate limit (2) • Suppose i1 and i2 are two IP aliases of a router. • We know that this router has set the rate limit parameter at 6 ICMP packets per second. • When we interleave 6 UDP packets to i1 with another 6 packets to i2, we may receive 3 ICMP Port Unreachable packets from either IP • This indicates i1 and i2 are aliases of the same router

  18. Alias resolution process The process of resolving aliases using the rate limit parameter involves two steps: • Finding the rate limit parameter for all the IP addresses belonging to routers in our experiment test list • Given two IP addresses with the same rate limit value, determining whether they are aliases or not

  19. Interim results of step 1

  20. Roadmap for second half • determine the rate limit parameter for all the 6000+ IP addresses in our test list • Investigate the feasibility of alias resolution using rate limit parameter

More Related