ABSTRACT
Pinpointing autonomous systems which deploy specific inter-domain techniques such as Route Flap Damping (RFD) or Route Origin Validation (ROV) remains a challenge today. Previous approaches to detect per-AS behavior often relied on heuristics derived from passive and active measurements. Those heuristics, however, often lacked accuracy or imposed tight restrictions on the measurement methods.
We introduce an algorithmic framework for network tomography, BeCAUSe, which implements Bayesian Computation for Autonomous Systems. Using our original combination of active probing and stochastic simulation, we present the first study to expose the deployment of RFD. In contrast to the expectation of the Internet community, we find that at least 9% of measured ASs enable RFD, most using deprecated vendor default configuration parameters. To illustrate the power of computational Bayesian methods we compare BeCAUSe with three RFD heuristics. Thereafter we successfully apply a generalization of the Bayesian method to a second challenge, measuring deployment of ROV.
Supplemental Material
- Ruwaifa Anwar, Haseeb Niaz, David Choffnes, Ítalo Cunha, Phillipa Gill, and Ethan Katz-Bassett. 2015. Investigating Interdomain Routing Policies in the Wild. In Proc. of ACM IMC. ACM, New York, NY, USA, 71--77.Google ScholarDigital Library
- P. Barford, N. Duffield, A. Ron, and J. Sommers. 2009. Network Performance Anomaly Detection and Localization. In Prof. of IEEE INFOCOM. IEEE Press, Piscataway, NJ, USA, 1377--1385.Google Scholar
- A. Batsakis, T. Malik, and A. Terzis. 2005. Practical Passive Lossy Link Inference. In Proc. of PAM (LNCS, Vol. 3431). Springer-Verlag, Berlin, Heidelberg, 362--367.Google Scholar
- Steve Brooks, Andrew Gelman, Galin Jones, and Xiao-Li Meng (Eds.). 2011. Handbook of Markov Chain Monte Carlo. CRC Press, Boca Raton, FL, USA.Google Scholar
- Randy Bush, Cristel Pelsser, Mirjam Kuhne, Olaf Maennel, Pradosh Mohapatra, Keyur Patel, and Rob Evans. 2013. RIPE Routing Working Group Recommendations on Route Flap Damping. RIPE Document ripe-580. RIPE.Google Scholar
- R. Cáceres, N.G. Duffield, J. Horowitz, and D. Towsley. 1999. Multicast-based inference of network-internal loss characteristics. IEEE Trans. in Information Theory 45, 7 (1999), 2462--2480.Google ScholarDigital Library
- Matthew Caesar, Lakshminarayanan Subramanian, and Randy H. Katz. 2003. Towards Localizing Root Causes of BGP Dynamics. Technical Report UCB/CSD-03-1292. EECS Department, University of California, Berkeley. http://www2.eecs.berkeley.edu/Pubs/TechRpts/2003/6364.htmlGoogle Scholar
- Rui Castro, Mark Coates, Gang Liang, Robert Nowak, and Bin Yu. 2004. Network Tomography: Recent Developments. Statist. Sci. 19, 3 (2004), 499--517.Google ScholarCross Ref
- Di-Fa Chang, Ramesh Govindan, and John Heidemann. 2004. Locating BGP Missing Routes Using Multiple Perspectives. In Proc. of the ACM SIGCOMM Workshop on Network Troubleshooting: Research, Theory and Operations Practice Meet Malfunctioning Reality (NetT). ACM, New York, NY, USA, 301--306.Google ScholarDigital Library
- Shinyoung Cho, Rishab Nithyanand, Abbas Razaghpanah, and Phillipa Gill. 2017. A Churn for the Better: Localizing Censorship using Network-level Path Churn and Network Tomography. In Proc. of ACM CoNext. ACM, New York, NY, USA, 81--87.Google ScholarDigital Library
- Cloudflare. 2020. Is BGP safe yet? https://isbgpsafeyet.com/.Google Scholar
- M. Coates and R. Nowak. 2000. Network loss inference using unicast end-to-end measurements. In Proc. of ITC Specialist Seminar on IP Traffic Measurement, Modeling and Managemen. Monterey, CA, 28-1-28-9. Preprint https://hdl.handle.net/1911/19810.Google Scholar
- Simon Duane, A.D. Kennedy, Brian J. Pendleton, and Duncan Roweth. 1987. Hybrid Monte Carlo. Physics Letters B 195, 2 (1987), 216 - 222.Google ScholarCross Ref
- N. Duffield. 2006. Network Tomography of Binary Network Performance Characteristics. IEEE Transactions on Information Theory 52, 12 (2006), 5373--5388.Google ScholarDigital Library
- N.G. Duffield, J. Horowitz, F. Lo Presti, and D. Towsley. 2002. Multicast topology inference from measured end-to-end loss. IEEE Transactions in Information Theory 48, 1 (2002), 26--45.Google ScholarDigital Library
- N.G. Duffield, F. Lo Presti, V. Paxson, and D. Towsley. 2001. Inferring link loss using striped unicast probes. In Proc. of IEEE Infocom. IEEE Press, Piscataway, NJ, USA, 22--26.Google Scholar
- J. Durand, I. Pepelnjak, and G. Doering. 2015. BGP Operations and Security. RFC 7454. IETF.Google Scholar
- Anja Feldmann, Olaf Maennel, Z. Morley Mao, Arthur Berger, and Bruce Maggs. 2004. Locating Internet Routing Instabilities. In Proc. of ACM SIGCOMM. ACM, New York, NY, USA, 205--218.Google ScholarDigital Library
- Romain Fontugne, Esteban Bautista, Colin Petrie, Yutaro Nomura, Patrice Abry, Paulo Gonçalves, Kensuke Fukuda, and Emile Aben. 2019. BGP Zombies: An Analysis of Beacons Stuck Routes. In Proc. of PAM Conf. (LNCS, Vol. 11419). Springer, Berlin Heidelberg, 197--209.Google ScholarDigital Library
- D. Ghita, H. Nguyen, M. Kurant, K. Argyraki, and P. Thiran. 2010. Netscope: Practical Network Loss Tomography. In Proc. of IEEE INFOCOM. IEEE Press, Piscataway, NJ, USA, 1--9.Google Scholar
- Yossi Gilad, Avichai Cohen, Amir Herzberg, Michael Schapira, and Haya Shulman. 2017. Are We There Yet? On RPKI's Deployment and Security. In Proc. of NDSS. ISOC, Reston, USA, 15.Google ScholarCross Ref
- W. K. Hastings. 1970. Monte Carlo Sampling Methods Using Markov Chains and Their Applications. Biometrika 57, 1 (1970), 97--109.Google ScholarCross Ref
- IIT-CNR. 2020. Isolario Project. https://www.isolario.it/.Google Scholar
- Zhuoqing Morley Mao, Ramesh Govindan, George Varghese, and Randy H. Katz. 2002. Route Flap Damping Exacerbates Internet Routing Convergence. In Proc. of ACM SIGCOMM. ACM, New York, NY, USA, 221--233.Google Scholar
- Nicholas Metropolis and S. Ulam. 1949. The Monte Carlo Method. J. Amer. Statist. Assoc. 44, 247 (1949), 335--341. http://www.jstor.org/stable/2280232Google ScholarCross Ref
- P. Mohapatra, J. Scudder, D. Ward, R. Bush, and R. Austein. 2013. BGP Prefix Origin Validation. RFC 6811. IETF.Google Scholar
- W. Mühlbauer, A. Feldmann, O. Maennel, M. Roughan, and S. Uhlig. 2006. Building an AS-topology model that captures route diversity. In Proc. of ACM SIGCOMM. ACM, New York, NY, USA, 195--206.Google Scholar
- H.X. Nguyen and P. Thiran. 2007. The Boolean Solution to the Congested IP Link Location Problem: Theory and Practice. In Proc. of IEEE INFOCOM. IEEE Press, Piscataway, NJ, USA, 2117--2125.Google Scholar
- Venkata N. Padmanabhan, Lili Qiu, and Helen J. Wang. 2002. Passive network tomography using Bayesian inference. In Proc. of ACM Internet Measurement Workshop. ACM, New York, NY, USA, 93--94.Google Scholar
- Cristel Pelsser, Olaf Maennel, Pradosh Mohapatra, Randy Bush, and Keyur Patel. 2011. Route Flap Damping Made Usable. In Proc. of PAM Conf. (LNCS, Vol. 6579). Springer, Berlin Heidelberg, 143--152.Google ScholarCross Ref
- Y. Rekhter, T. Li, and S. Hares. 2006. A Border Gateway Protocol 4 (BGP-4). RFC 4271. IETF.Google Scholar
- Andreas Reuter, Randy Bush, Italo Cunha, Ethan Katz-Bassett, Thomas C. Schmidt, and Matthias Wählisch. 2018. Towards a Rigorous Methodology for Measuring Adoption of RPKI Route Validation and Filtering. ACM Sigcomm Computer Communication Review 48, 1 (January 2018), 19--27.Google ScholarDigital Library
- RIPE 2020. Routing Information Service (RIS). http://www.ripe.net/projects/ris/rawdata.htmlGoogle Scholar
- RIPE NCC. 2020. Current RIS Routing Beacons. https://www.ripe.net/analyse/internet-measurements/routing-information-service-ris/current-ris-routing-beacons.Google Scholar
- Christian P. Robert and George Casella. 2005. Monte Carlo Statistical Methods (Springer Texts in Statistics). Springer-Verlag New York, Inc., Secaucus, NJ, USA.Google Scholar
- Matthew Roughan, Walter Willinger, Olaf Maennel, Debbie Perouli, and Randy Bush. 2011. 10 Lessons from 10 Years of Measuring and Modeling the Internet's Autonomous Systems. IEEE Journal on Selected Areas in Communications 29, 9 (2011), 1810--1821.Google ScholarCross Ref
- Brandon Schlinker, Todd Arnold, Italo Cunha, and Ethan Katz-Bassett. 2019. PEERING: Virtualizing BGP at the Edge for Research. In Proc. of ACM CoNEXT. ACM, New York, NY, USA, 51--67.Google ScholarDigital Library
- Philip Smith and Christian Panigl. 2006. RIPE Routing-WG Recommendation For Coordinated Route-flap Damping Parameters. RIPE Document ripe-378. RIPE.Google Scholar
- Joel Sommers, Paul Barford, Nick Duffield, and Amos Ron. 2007. Accurate and Efficient SLA Compliance Monitoring. In Proc. of ACM SIGCOMM (Kyoto, Japan). Association for Computing Machinery, New York, NY, USA, 109--120. https://doi.org/10.1145/1282380.1282394Google ScholarDigital Library
- Florian Streibelt, Franziska Lichtblau, Robert Beverly, Anja Feldmann, Cristel Pelsser, Georgios Smaragdakis, and Randy Bush. 2018. BGP Communities: Even More Worms in the Routing Can. In Proceedings of the Internet Measurement Conference 2018. ACM, New York, NY, USA, 279--292.Google ScholarDigital Library
- Cecilia Testart, Philipp Richter, Alistair King, Alberto Dainotti, and David Clark. 2020. To Filter or Not to Filter: Measuring the Benefits of Registering in the RPKI Today. In Proc. of PAM Conf. (LNCS, Vol. 12048). Springer, Berlin Heidelberg, 71--87.Google ScholarCross Ref
- University of Oregon. 2017. Route Views Project. http://www.routeviews.org/.Google Scholar
- C. Villamizar, R. Chandra, and R. Govindan. 1998. BGP Route Flap Damping. RFC 2439. IETF.Google Scholar
Index Terms
- BGP Beacons, Network Tomography, and Bayesian Computation to Locate Route Flap Damping
Recommendations
Route flap damping exacerbates internet routing convergence
Proceedings of the 2002 SIGCOMM conferenceRoute flap damping is considered to be a widely deployed mechanism in core routers that limits the widespread propagation of unstable BGP routing information. Originally designed to suppress route changes caused by link flaps, flap damping attempts to ...
Route flap damping exacerbates internet routing convergence
SIGCOMM '02: Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communicationsRoute flap damping is considered to be a widely deployed mechanism in core routers that limits the widespread propagation of unstable BGP routing information. Originally designed to suppress route changes caused by link flaps, flap damping attempts to ...
Towards detecting BGP route hijacking using the RPKI
SIGCOMM '12: Proceedings of the ACM SIGCOMM 2012 conference on Applications, technologies, architectures, and protocols for computer communicationPrefix hijacking has always been a big concern in the Internet. Some events made it into the international world-news, but most of them remain unreported or even unnoticed. The scale of the problem can only be estimated.
The Resource Publication ...
Comments