CNT Computer and Network Security: BGP Security
|
|
- Lynne Thomas
- 6 years ago
- Views:
Transcription
1 CNT Computer and Network Security: BGP Security Professor Kevin Butler Fall 2015
2 Internet inter-as routing: BGP BGP (Border Gateway Protocol): the de facto standard BGP provides each AS a means to: ebgp: Obtain subnet reachability information from neighboring Autonomous Systems (ASes). ibgp: Propagate reachability information to all AS-internal routers. Determine good routes to subnets based on reachability information and policy. allows subnet to advertise its existence to rest of Internet: I am here 2
3 BGP basics BGP session: two BGP routers ( peers ) exchange BGP messages: advertising paths to different destination network prefixes ( path vector protocol) exchanged over semi-permanent TCP connections When AS3 advertises a prefix to AS1: AS3 promises it will forward datagrams towards that prefix AS3 can aggregate prefixes in its advertisement other networks 3b 3a AS3 1a AS1 1c 1d ebgp session ibgp session 1b 2a AS2 2c 2b other networks 3
4 Prefix? How do routers advertise sets of IP addresses? Having a full list of all addresses that can be reached through is wasteful - think of the memory usage? We instead rely on address aggregations: / /16 4
5 Distributing reachability info Using an ebgp session between 3a and 1c, AS3 sends prefix reachability info to AS1. 1c can then use ibgp to distribute this new prefix reach info to all routers in AS1 1b can then re-advertise new reachability info to AS2 over 1bto-2a ebgp session When router learns of new prefix, creates entry for prefix in its forwarding table. other networks 3b 3a AS3 1a AS1 1c 1d ebgp session ibgp session 1b 2a AS2 2c 2b other networks 5
6 Path attributes & BGP routes When advertising a prefix, advert includes BGP attributes. prefix + attributes = route Two important attributes: AS-PATH: contains ASs through which prefix advertisement has passed: AS 67 AS 17 NEXT-HOP: Indicates specific internal-as router to next-hop AS. (There may be multiple links from current AS to next-hop-as.) When gateway router receives route advertisement, uses import policy to accept/decline. e.g., never route through AS x policy-based routing 6
7 BGP route selection Router may learn about more than 1 route to some prefix. Router must select route. Elimination rules: Local preference value attribute: policy decision Shortest AS-PATH Closest NEXT-HOP router: hot potato routing Additional criteria 7
8 BGP messages BGP messages exchanged using TCP. BGP messages: OPEN: opens TCP connection to peer and authenticates sender UPDATE: advertises new path (or withdraws old) KEEPALIVE keeps connection alive in absence of UPDATES; also ACKs OPEN request NOTIFICATION: reports errors in previous msg; also used to close connection 8
9 BGP routing policy B 1 A 2 C 3 A,B,C are provider networks. 1,2,3 are customer (of provider networks) 2 is multi-homed: attached to two networks 2 does not want to route from B via 2 to C... so 2 will not advertise to B a route to C 9
10 BGP routing policy (2) B 1 A 2 C 3 A advertises to B the path A1 B advertises to 2 the path BA1 Should B advertise to C the path BA1? No way! 2 gets no revenue for routing 2BA1 since neither 1 nor C are B s customers B wants to force C to route to 1 via A B wants to route only to/from its customers! 10
11 BGP Security Core Problem? BGP has absolutely no authentication, so anyone between two routers can inject traffic anyone can claim any path anyone can claim that they are any origin. How does this compare to the security issues we just discussed in DNS? 11
12 BGP Misconfiguration There are numerous examples of BGP misconfigurations that have lead to wide-spread traffic outages: AS 7007 (1997) Con Edison (2006) Pakistan Telecom (2008) These incidents are all confirmed to have been accidental. 12
13 BGP Misconfiguration? November
14 Protecting Sessions BGP Nodes use TCP connections to communicate. What sorts of attacks are they susceptible to? Solutions: TTL Security MD5 Digests IPsec 14
15 IPsec and the IP protocol stack IPsec puts the two main protocols in between IP and the other protocols HTTP TCP FTP SMTP UDP AH - authentication header AH ESP ESP - encapsulating security payload IP Tunnel vs. transport? Key management/authentication Policy Other function provided by external protocols and architectures 15
16 Practical Issues and Limitations IPsec implementations Large footprint resource poor devices are in trouble New standards to simplify (e.g, JFK, IKE2) Slow to adopt new technologies Issues IPsec tries to be everything for everybody at all times Massive, complicated, and unwieldy Policy infrastructure has not emerged Large-scale management tools are limited (e.g., CISCO) Often not used securely (common pre-shared keys) 16
17 Defensive Filtering Prevent bad routing updates through careful consideration of new advertisements. CIDR report (for bogons/martians ) Routing Registries Filter small subnets Prefix number limitations Limitations? Such filtering can only remove updates that are obviously bad, and will miss subtle issues/attacks 17
18 S-BGP First comprehensive solution specifically targeting BGP. Relies on a PKI for distributing certificates to all ASes Origins (address ranges) are signed and distributed out-of-band. Routes are attested by each AS signing the BGP UPDATE message Pro: Comprehensive! Con: Heavyweight, slow! 18
19 and More S-BGP is probably too heavyweight to actually deploy. So-BGP allows configurable tradeoffs between security and overhead. IRV creates a central repository for validating routing updates. Others explore techniques such as signature amortization and efficient data structures to solve S- BGPs deployment problems. Current status: No strong BGP security solution is deployed 19
20 Detection Mechanisms Multiple Origin AS (MOAS) detection looks for origins that are incorrectly advertised by multiple parties. Prefix Hijacking Alert System (PHAS) requires a prefix owner to be notified and approve changes. Pretty Good BGP (PGBGP) relies on historical data to determine which changes can be considered normal. 20
21 Importance Without BGP, the Internet simply does not exist. Networks are simply isolated islands. If large-scale routing attacks occur, it may be a VERY long time before traffic becomes routable again. Bellovin argues that the Internet may actually NEVER come back up. Deploying some secure inter-domain routing system will be the next great challenge in Internet security. 21
Inter-AS routing and BGP. Network Layer 4-1
Inter-AS routing and BGP Network Layer 4-1 Review: intra-as routing v Also known as interior gateway protocols (IGP) v Most common intra-as routing protocols: RIP: Routing Information Protocol, distance
More informationCSCI Topics: Internet Programming Fall 2008
CSCI 491-01 Topics: Internet Programming Fall 2008 Network Layer Derek Leonard Hendrix College November 17, 2008 Original slides copyright 1996-2007 J.F Kurose and K.W. Ross 1 Chapter 4: Roadmap 4.1 Introduction
More informationChapter 4: outline. Network Layer 4-1
Chapter 4: outline 4.1 introduction 4.2 virtual circuit and datagram networks 4.3 what s inside a router 4.4 IP: Internet Protocol datagram format IPv4 addressing ICMP IPv6 4.5 routing algorithms link
More informationChapter IV: Network Layer
Chapter IV: Network Layer UG3 Computer Communications & Networks (COMN) Myungjin Lee myungjin.lee@ed.ac.uk Slides copyright of Kurose and Ross Hierarchical routing our routing study thus far - idealization
More informationDATA COMMUNICATOIN NETWORKING
DATA COMMUNICATOIN NETWORKING Instructor: Ouldooz Baghban Karimi Course Book & Slides: Computer Networking, A Top-Down Approach By: Kurose, Ross Introduction Course Overview Basics of Computer Networks
More informationChapter 4: Network Layer
Chapter 4: Network Layer 4. 1 Introduction 4.2 Virtual circuit and datagram networks 4.3 What s inside a router 4.4 IP: Internet Protocol Datagram format IPv4 addressing ICMP IPv6 4.5 Routing algorithms
More informationComputer Networking Introduction
Computer Networking Introduction Halgurd S. Maghdid Software Engineering Department Koya University-Koya, Kurdistan-Iraq Lecture No.15 Chapter 4: outline 4.1 introduction 4.2 virtual circuit and datagram
More informationLast time. Transitioning to IPv6. Routing. Tunneling. Gateways. Graph abstraction. Link-state routing. Distance-vector routing. Dijkstra's Algorithm
Last time Transitioning to IPv6 Tunneling Gateways Routing Graph abstraction Link-state routing Dijkstra's Algorithm Distance-vector routing Bellman-Ford Equation 10-1 This time Distance vector link cost
More informationCSC 4900 Computer Networks: Routing Protocols
CSC 4900 Computer Networks: Routing Protocols Professor Henry Carter Fall 2017 Last Time Link State (LS) versus Distance Vector (DV) algorithms: What are some of the differences? What is an AS? Why do
More informationChapter 4: Network Layer. Lecture 12 Internet Routing Protocols. Chapter goals: understand principles behind network layer services:
NET 331 Computer Networks Lecture 12 Internet Routing Protocols Dr. Anis Koubaa Reformatted slides from textbook Computer Networking a top-down appraoch, Fifth Edition by Kurose and Ross, (c) Pearson Education
More informationInter-AS routing. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley
Inter-AS routing Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley Some materials copyright 1996-2012 J.F Kurose and K.W. Ross, All Rights Reserved Chapter 4:
More informationCS 204: BGP. Jiasi Chen Lectures: MWF 12:10-1pm Humanities and Social Sciences
CS 204: BGP Jiasi Chen Lectures: MWF 12:10-1pm Humanities and Social Sciences 1403 http://www.cs.ucr.edu/~jiasi/teaching/cs204_spring17/ 1 Overview AS relationships Inter-AS routing BGP Example Paper discussion
More informationCSc 450/550 Computer Networks Internet Routing
CSc 450/550 Computer Networks Internet Routing Jianping Pan Summer 2007 7/12/07 CSc 450/550 1 Review Internet Protocol (IP) IP header addressing class-based, classless, hierarchical, NAT routing algorithms
More informationPART III. Implementing Inter-Network Relationships with BGP
PART III Implementing Inter-Network Relationships with BGP ICNP 2002 Routing Protocols Autonomous System BGP-4 BGP = Border Gateway Protocol Is a Policy-Based routing protocol Is the de facto EGP of today
More informationHierarchical Routing. Our routing study thus far - idealization all routers identical network flat not true in practice
Hierarchical Routing Our routing study thus far - idealization all routers identical network flat not true in practice scale: with 200 million destinations: can t store all destinations in routing tables!
More informationCS 43: Computer Networks Internet Routing. Kevin Webb Swarthmore College November 16, 2017
CS 43: Computer Networks Internet Routing Kevin Webb Swarthmore College November 16, 2017 1 Hierarchical routing Our routing study thus far - idealization all routers identical network flat not true in
More informationInter-Domain Routing: BGP
Inter-Domain Routing: BGP Richard T. B. Ma School of Computing National University of Singapore CS 3103: Compute Networks and Protocols Inter-Domain Routing Internet is a network of networks Hierarchy
More informationCS 43: Computer Networks Internet Routing. Kevin Webb Swarthmore College November 14, 2013
CS 43: Computer Networks Internet Routing Kevin Webb Swarthmore College November 14, 2013 1 Reading Quiz Hierarchical routing Our routing study thus far - idealization all routers identical network flat
More informationCS 43: Computer Networks. 24: Internet Routing November 19, 2018
CS 43: Computer Networks 24: Internet Routing November 19, 2018 Last Class Link State + Fast convergence (reacts to events quickly) + Small window of inconsistency Distance Vector + + Distributed (small
More informationAnnouncements. CS 5565 Network Architecture and Protocols. Project 2B. Project 2B. Project 2B: Under the hood. Routing Algorithms
Announcements CS 5565 Network Architecture and Protocols Lecture 20 Godmar Back Project 2B due in 2 parts: Apr 29 and May 6 Extra Credit Opportunities: Expand simulator (and your implementation) to introduce
More informationChapter 4: Network Layer, partb
Chapter 4: Network Layer, partb The slides are adaptations of the slides available by the main textbook authors, Kurose&Ross Network Layer 4-1 Interplay between routing, forwarding routing algorithm local
More informationRouting in the Internet
Routing in the Internet Daniel Zappala CS 460 Computer Networking Brigham Young University Scaling Routing for the Internet 2/29 scale 200 million destinations - can t store all destinations or all prefixes
More informationNetwork layer: Overview. Network layer functions Routing IP Forwarding
Network layer: Overview Network layer functions Routing IP Forwarding Network Layer Functions Transport packet from sending to receiving hosts Network layer protocols in every host, router application
More informationInitial motivation: 32-bit address space soon to be completely allocated. Additional motivation:
IPv6 Initial motivation: 32-bit address space soon to be completely allocated. Additional motivation: header format helps speed processing/forwarding header changes to facilitate QoS IPv6 datagram format:
More informationInternet inter-as routing: BGP
Internet inter-as routing: BGP BGP (Border Gateway Protocol): the de facto standard BGP provides each AS a means to: 1. Obtain subnet reachability information from neighboring ASs. 2. Propagate the reachability
More informationInterdomain routing CSCI 466: Networks Keith Vertanen Fall 2011
Interdomain routing CSCI 466: Networks Keith Vertanen Fall 2011 Overview Business relationships between ASes Interdomain routing using BGP Advertisements Routing policy Integration with intradomain routing
More informationInter-Autonomous-System Routing: Border Gateway Protocol
Inter-Autonomous-System Routing: Border Gateway Protocol Antonio Carzaniga Faculty of Informatics University of Lugano June 14, 2005 Outline Hierarchical routing BGP Routing Routing Goal: each router u
More informationInter-Autonomous-System Routing: Border Gateway Protocol
Inter-Autonomous-System Routing: Border Gateway Protocol Antonio Carzaniga Faculty of Informatics University of Lugano December 10, 2014 Outline Hierarchical routing BGP Routing 2005 2007 Antonio Carzaniga
More informationRouting on the Internet! Hierarchical Routing! The NSFNet 1989! Aggregate routers into regions of autonomous systems (AS)!
Routing on the Internet! Hierarchical Routing! Aggregate routers into regions of autonomous systems (AS)! In the beginning there was the ARPANET:! route using GGP (Gateway-to-Gateway Protocol)," a distance
More informationDepartment of Computer and IT Engineering University of Kurdistan. Computer Networks II Border Gateway protocol (BGP) By: Dr. Alireza Abdollahpouri
Department of Computer and IT Engineering University of Kurdistan Computer Networks II Border Gateway protocol (BGP) By: Dr. Alireza Abdollahpouri Internet structure: network of networks local ISP Tier
More informationLecture 19: Network Layer Routing in the Internet
Lecture 19: Network Layer Routing in the Internet COMP 332, Spring 2018 Victoria Manfredi Acknowledgements: materials adapted from Computer Networking: A Top Down Approach 7 th edition: 1996-2016, J.F
More informationBGP. Daniel Zappala. CS 460 Computer Networking Brigham Young University
Daniel Zappala CS 460 Computer Networking Brigham Young University 2/20 Scaling Routing for the Internet scale 200 million destinations - can t store all destinations or all prefixes in routing tables
More informationCSCE 463/612 Networks and Distributed Processing Spring 2018
CSCE 463/612 Networks and Distributed Processing Spring 2018 Network Layer V Dmitri Loguinov Texas A&M University April 17, 2018 Original slides copyright 1996-2004 J.F Kurose and K.W. Ross Chapter 4:
More informationInternet rou)ng. V. Arun CS491G: Computer Networking Lab University of MassachuseFs Amherst
Internet rou)ng V. Arun CS491G: Computer Networking Lab University of MassachuseFs Amherst Slide material copyright 1996-2013 J.F Kurose and K.W. Ross, All Rights Reserved Graph abstraction 5 graph: G
More informationChapter 4: Network Layer
Mecanismes d Echange d Informations Chapter 4 Network Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint
More informationBorder Gateway Protocol - BGP
BGP Fundamentals Border Gateway Protocol - BGP Runs over TCP (port 179) TCP connection required before BGP session Need to be reachable! Path vector routing protocol Best path selection based on path attributes
More informationInternet Routing : Fundamentals of Computer Networks Bill Nace
Internet Routing 14-740: Fundamentals of Computer Networks Bill Nace Material from Computer Networking: A Top Down Approach, 6 th edition. J.F. Kurose and K.W. Ross Looking Ahead Lab #2 just due Quiz #2
More informationCOMP211 Chapter 5 Network Layer: The Control Plane
COMP211 Chapter 5 Network Layer: The Control Plane All material copyright 1996-2016 J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking: A Top Down Approach 7 th edition Jim Kurose, Keith
More informationChapter 4 Network Layer
Chapter 4 Network Layer A note on the use of these ppt slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see the animations; and
More informationCS 457 Networking and the Internet. The Global Internet (Then) The Global Internet (And Now) 10/4/16. Fall 2016
CS 457 Networking and the Internet Fall 2016 The Global Internet (Then) The tree structure of the Internet in 1990 The Global Internet (And Now) A simple multi-provider Internet 1 The Global Internet Some
More information5.1 introduction 5.5 The SDN control 5.2 routing protocols plane. Control Message 5.3 intra-as routing in Protocol the Internet
Chapter 5: outline 5.1 introduction 5.5 The SDN control 5.2 routing protocols plane link state 5.6 ICMP: The Internet distance vector Control Message 5.3 intra-as routing in Protocol the Internet t 5.7
More informationIntroduction to Communication Networks Spring Unit 16 Global Internetworking
Introduction to Communication Networks Spring 2007 Unit 16 Global Internetworking Acknowledgements slides coming from: Based almost completely on slides from the earlier issues of the EECS 122 taught recently
More informationChapter 5 Network Layer: The Control Plane
Chapter 5 Network Layer: The Control Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you
More informationReview for Chapter 4 R1,R2,R3,R7,R10,R11,R16,R17,R19,R22,R24, R26,R30 P1,P2,P4,P7,P10,P11,P12,P14,P15,P16,P17,P22,P24,P29,P30
Review for Chapter 4 R1,R2,R3,R7,R10,R11,R16,R17,R19,R22,R24, R26,R30 P1,P2,P4,P7,P10,P11,P12,P14,P15,P16,P17,P22,P24,P29,P30 R1. Let s review some of the terminology used in this textbook. Recall that
More informationA Survey of BGP Security: Issues and Solutions
A Survey of BGP Security: Issues and Solutions Butler, Farley, McDaniel, Rexford Kyle Super CIS 800/003 October 3, 2011 Outline Introduction/Motivation Sources of BGP Insecurity BGP Security Today BGP
More informationCSE543 Computer and Network Security Module: Network Security
CSE543 Computer and Network Security Module: Network Security Professor Trent Jaeger CSE543 - Introduction to Computer and Network Security 1 2 Communication Security Want to establish a secure channel
More informationCS4450. Computer Networks: Architecture and Protocols. Lecture 15 BGP. Spring 2018 Rachit Agarwal
CS4450 Computer Networks: Architecture and Protocols Lecture 15 BGP Spring 2018 Rachit Agarwal Autonomous System (AS) or Domain Region of a network under a single administrative entity Border Routers Interior
More informationMaster Course Computer Networks IN2097
Chair for Network Architectures and Services Prof. Carle Department of Computer Science TU München Master Course Computer Networks IN2097 Prof. Dr.-Ing. Georg Carle Chair for Network Architectures and
More informationSecurity in inter-domain routing
DD2491 p2 2011 Security in inter-domain routing Olof Hagsand KTH CSC 1 Literature Practical BGP pages Chapter 9 See reading instructions Beware of BGP Attacks (Nordström, Dovrolis) Examples of attacks
More informationSecurity Issues of BGP in Complex Peering and Transit Networks
Technical Report IDE-0904 Security Issues of BGP in Complex Peering and Transit Networks Presented By: Supervised By: Muhammad Adnan Khalid Qamar Nazir Olga Torstensson Master of Computer network engineering
More informationChapter 4: Network Layer. TDTS06 Computer networks. Subnets. Subnets. Subnets. IP Addressing: introduction
hapter 4: Network Layer TDTS06 omputer s Lecture 6: Network layer III Routing in the Internet Jose M. Peña, jospe@ida.liu.se ID/DIT, LiU 2009-09-16 4. 1 Introduction 4.2 Virtual circuit and datagram s
More informationMaster Course Computer Networks IN2097
Chair for Network Architectures and Services Prof. Carle Department of Computer Science TU München Master Course Computer Networks IN2097 Prof. Dr.-Ing. Georg Carle Christian Grothoff, Ph.D. Stephan Günther
More informationGraph abstraction: costs. Graph abstraction 10/26/2018. Interplay between routing and forwarding
0/6/08 Interpla between routing and forwarding Routing Algorithms Link State Distance Vector BGP routing routing algorithm local forwarding table header value output link 000 00 0 00 value in arriving
More informationTopics for This Week
Topics for This Week Routing Protocols in the Internet OSPF, BGP More on IP Fragmentation and Reassembly ICMP Readings Sections 5.6.4-5.6.5 1 Hierarchical Routing aggregate routers into regions, autonomous
More informationNetwork layer: Overview. Network layer functions Routing IP Forwarding
Network layer: Overview Network layer functions Routing IP Forwarding 1 Network Layer Functions Transport packet from sending to receiving hosts (processes) Network layer protocols in every host, router
More informationCS555, Spring /5/2005. April 12, 2005 No classes attend Senior Design Projects conference. Chapter 4 roadmap. Internet AS Hierarchy
CS555, Spring 2005 April 12, 2005 No classes attend Senior Design Projects conference Network Layer 4-1 Chapter 4 roadmap 4.1 Introduction and Network Service Models 4.2 VC and Datagram Networks 4.3 What
More informationHY 335 Φροντιστήριο 8 ο
HY 335 Φροντιστήριο 8 ο Χειμερινό Εξάμηνο 2009-2010 Παπακωνσταντίνου Άρτεμις artpap@csd.uoc.gr 4/12/2009 Roadmap IP: The Internet Protocol IPv4 Addressing Datagram Format Transporting a datagram from source
More informationSecuring BGP. Geoff Huston November 2007
Securing BGP Geoff Huston November 2007 Agenda An Introduction to BGP BGP Security Questions Current Work Research Questions An Introduction to BGP Background to Internet Routing The routing architecture
More informationConfiguring BGP. Cisco s BGP Implementation
Configuring BGP This chapter describes how to configure Border Gateway Protocol (BGP). For a complete description of the BGP commands in this chapter, refer to the BGP s chapter of the Network Protocols
More informationNetwork Layer: Routing
Network Laer: Routing Instructor: Anirban Mahanti Office: ICT 74 Email: mahanti@cpsc.ucalgar.ca Class Location: ICT Lectures: MWF :00 :0 hours Notes derived Computer Networking: A Top Down Approach Featuring
More informationIntroduction. Keith Barker, CCIE #6783. YouTube - Keith6783.
Understanding, Implementing and troubleshooting BGP 01 Introduction http:// Instructor Introduction Keith Barker, CCIE #6783 CCIE Routing and Switching 2001 CCIE Security 2003 kbarker@ine.com YouTube -
More informationRouting on the Internet. Routing on the Internet. Hierarchical Routing. Computer Networks. Lecture 17: Inter-domain Routing and BGP
Routing on the Internet Computer Networks Lecture 17: Inter-domain Routing and BGP In the beginning there was the ARPANET: route using GGP (Gateway-to-Gateway Protocol), a distance vector routing protocol
More informationCSCD 433/533 Network Programming Fall Lecture 14 Global Address Space Autonomous Systems, BGP Protocol Routing
CSCD 433/533 Network Programming Fall 2012 Lecture 14 Global Address Space Autonomous Systems, BGP Protocol Routing 1 Topics Interdomain Routing BGP Interdomain Routing Benefits vs. Link State Routing
More informationInterplay Between Routing, Forwarding
Internet Routing 1 Interplay Between Routing, Forwarding routing algorithm local forwarding table header value output link 0100 0101 0111 1001 3 1 value in arriving packet s header 0111 3 1 Graph Abstraction
More informationCSCI-1680 Network Layer: Inter-domain Routing Rodrigo Fonseca
CSCI-1680 Network Layer: Inter-domain Routing Rodrigo Fonseca Based partly on lecture notes by Rob Sherwood, David Mazières, Phil Levis, John Janno? Administrivia Midterm moved up from 3/17 to 3/15 IP
More informationIP Addressing & Interdomain Routing. Next Topic
IP Addressing & Interdomain Routing Next Topic IP Addressing Hierarchy (prefixes, class A, B, C, subnets) Interdomain routing Application Presentation Session Transport Network Data Link Physical Scalability
More informationOther Developments: CIDR
Other Developments: CIDR CIDR (classless Inter domain routing) Too many small networks requiring multiple class C addresses Running out of class B addresses, not enough nets in class A Assign contiguous
More informationBGP Configuration. BGP Overview. Introduction to BGP. Formats of BGP Messages. Header
Table of Contents BGP Configuration 1 BGP Overview 1 Introduction to BGP 1 Formats of BGP Messages 1 BGP Path Attributes 4 BGP Route Selection 8 Configuring BGP 8 Configuration Prerequisites 8 Configuration
More informationRouting. Jens A Andersson Communication Systems
Routing Jens A Andersson Communication Systems R1 Choosing an Optimal Path R4 5 R7 5 10 40 R6 6 5 B R2 15 A 20 4 10 10 R8 R3 5 R5 10 Router A router is a type of internetworking device that passes data
More informationInternet Routing Basics
Internet Routing Basics Back to basics J Application Presentation Application (HTTP, DNS, FTP) Data Application (HTTP, DNS, FTP) Session Transport Transport (TCP/UDP) E2E connectivity (app-to-app) Port
More informationHow the Internet works? The Border Gateway Protocol (BGP)
Chair of Network Architectures and Services - Prof. Carle Department of Computer Science Technical University of Munich How the Internet works? The Border Gateway Protocol (BGP) Edwin Cordeiro ilab2 Lecture
More informationNetworking: Network layer
control Networking: Network layer Comp Sci 3600 Security Outline control 1 2 control 3 4 5 Network layer control Outline control 1 2 control 3 4 5 Network layer purpose: control Role of the network layer
More informationRouting Protocols --- Exterior Gateway Protocol
Content Routing Protocols --- Exterior Gateway Protocol Linda Wu (CMPT 471 23-3) Limiting router interaction Autonomous system BGP protocol BGP messages Other issues on BGP Reference: chapter 15 Notes-13
More informationVendor: Alcatel-Lucent. Exam Code: 4A Exam Name: Alcatel-Lucent Border Gateway Protocol. Version: Demo
Vendor: Alcatel-Lucent Exam Code: 4A0-102 Exam Name: Alcatel-Lucent Border Gateway Protocol Version: Demo QUESTION 1 Upon the successful establishment of a TCP session between peers, what type of BGP message
More informationBGP. Inter-domain routing with the Border Gateway Protocol. Iljitsch van Beijnum Amsterdam, 13 & 16 March 2007
BGP Inter-domain routing with the Border Gateway Protocol Iljitsch van Beijnum Amsterdam, 13 & 16 March 2007 1 Routing Between ISPs Internal routing protocols don't work here: too much information So:
More informationAn Operational Perspective on BGP Security. Geoff Huston February 2005
An Operational Perspective on BGP Security Geoff Huston February 2005 Disclaimer This is not a description of the approach taken by any particular service provider in securing their network. It is intended
More informationA Survey of BGP Security Review
A Survey of BGP Security Review Network Security Instructor:Dr. Shishir Nagaraja Submitted By: Jyoti Leeka November 16, 2011 1 Introduction to the topic and the reason for the topic being interesting Border
More informationELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition
ELEC / COMP 177 Fall 2010 Some slides from Kurose and Ross, Computer Networking, 5 th Edition Project #2 Due Thursday, Nov 10 th Homework #5 Due Thursday, Nov 17 th Later this semester: Homework #6 - Presentation
More informationComputer Networks. Instructor: Niklas Carlsson
Computer Networks Instructor: Niklas Carlsson Email: niklas.carlsson@liu.se Notes derived Computer Networking: A Top Down Approach, b Jim Kurose and Keith Ross, Addison-Wesle. The slides are adapted and
More informationDistributed Systems. 27. Firewalls and Virtual Private Networks Paul Krzyzanowski. Rutgers University. Fall 2013
Distributed Systems 27. Firewalls and Virtual Private Networks Paul Krzyzanowski Rutgers University Fall 2013 November 25, 2013 2013 Paul Krzyzanowski 1 Network Security Goals Confidentiality: sensitive
More informationETSF10 Internet Protocols Routing on the Internet
ETSF10 Internet Protocols Routing on the Internet 2013, Part 2, Lecture 1.2 Jens Andersson (Kaan Bür) Routing on the Internet Unicast routing protocols (part 2) [ed.5 ch.20.3] Multicast routing, IGMP [ed.5
More informationRouting Unicast routing protocols
Routing Unicast routing protocols Jens A Andersson Electrical and Information Technology R1 Choosing an Optimal Path R4 5 R7 5 10 40 R6 6 5 B R2 15 A 20 4 10 10 R8 R3 5 10 R5 1 Router A router is a type
More informationCSC 8560 Computer Networks: Control Plane
CSC 8560 Computer Networks: Control Plane Professor Henry Carter Fall 2017 Last Time Subnets provide granularity for address assignment and ease management. What is 192.168.8.0? 192.168.32.0? 192.168.8.0:
More informationCS118 Discussion 1A, Week 7. Zengwen Yuan Dodd Hall 78, Friday 10:00 11:50 a.m.
CS118 Discussion 1A, Week 7 Zengwen Yuan Dodd Hall 78, Friday 10:00 11:50 a.m. 1 Outline Network control plane Routing Link state routing (OSPF) Distance vector routing (RIP) BGP ICMP Midterm/Project 2
More informationRouting part 2. Electrical and Information Technology
Routing part 2 Jens A Andersson Electrical and Information Technology Routing Introduction Inside the Router Unicast Routing Intra Domain Routing Inter Domain Routing MANET and AdHoc routing Multicast
More informationRouting Security Security Solutions
Routing Security Security Solutions CSE598K/CSE545 - Advanced Network Security Prof. McDaniel - Spring 2008 Page 1 Solving BGP Security Reality: most attempts at securing BGP have been at the local level
More informationCS321: Computer Networks Unicast Routing
CS321: Computer Networks Unicast Routing Dr. Manas Khatua Assistant Professor Dept. of CSE IIT Jodhpur E-mail: manaskhatua@iitj.ac.in Introduction The goal of the network layer is deliver a datagram from
More informationRouting Basics. SANOG July, 2017 Gurgaon, INDIA
Routing Basics SANOG 30 14-18 July, 2017 Gurgaon, INDIA Back to basics J Application Presentation Application (HTTP, DNS, FTP) Data Application (HTTP, DNS, FTP) Session Transport Transport (TCP/UDP) E2E
More informationChapter 4: Network Layer: Part II
4: Network Laer Chapter 4: Network Laer: Part II (last revision 9/04/05. v3) 4. Introduction 4. Virtual circuit and datagram networks 4.3 What s inside a router 4.4 IP: Internet Protocol Datagram format
More informationInter-domain Routing. Outline. Border Gateway Protocol
Inter-domain Routing Outline Border Gateway Protocol Internet Structure Original idea CS 640 2 Internet Structure Today CS 640 3 Route Propagation in the Internet Autonomous System (AS) corresponds to
More informationOn the State of the Inter-domain and Intra-domain Routing Security
On the State of the Inter-domain and Intra-domain Routing Security Mingwei Zhang April 19, 2016 Mingwei Zhang Internet Routing Security 1 / 54 Section Internet Routing Security Background Internet Routing
More informationRouting Between Autonomous Systems (Example: BGP4) RFC 1771
CS 4/55231 Internet Engineering Kent State University Dept. of Computer Science LECT-7B Routing Between Autonomous Systems (Example: BGP4) RFC 1771 52 53 BGP4 Overview Example of Operations BGP4 is a path
More informationBack to basics J. Addressing is the key! Application (HTTP, DNS, FTP) Application (HTTP, DNS, FTP) Transport. Transport (TCP/UDP) Internet (IPv4/IPv6)
Routing Basics Back to basics J Application Presentation Application (HTTP, DNS, FTP) Data Application (HTTP, DNS, FTP) Session Transport Transport (TCP/UDP) E2E connectivity (app-to-app) Port numbers
More informationRouting Protocols. Autonomous System (AS)
Routing Protocols Two classes of protocols: 1. Interior Routing Information Protocol (RIP) Open Shortest Path First (OSPF) 2. Exterior Border Gateway Protocol (BGP) Autonomous System (AS) What is an AS?
More informationCOMP/ELEC 429 Introduction to Computer Networks
COMP/ELEC 429 Introduction to Computer Networks Lecture 11: Inter-domain routing Slides used with permissions from Edward W. Knightly, T. S. Eugene Ng, Ion Stoica, Hui Zhang T. S. Eugene Ng eugeneng at
More informationA PKI For IDR Public Key Infrastructure and Number Resource Certification
A PKI For IDR Public Key Infrastructure and Number Resource Certification AUSCERT 2006 Geoff Huston Research Scientist APNIC If You wanted to be Bad on the Internet And you wanted to: Hijack a site Inspect
More informationCSCI-1680 Network Layer: Inter-domain Routing Rodrigo Fonseca
CSCI-1680 Network Layer: Inter-domain Routing Rodrigo Fonseca Based partly on lecture notes by Rob Sherwood, David Mazières, Phil Levis, John Janno? Today Last time: Intra-Domain Routing (IGP) RIP distance
More informationCS4700/CS5700 Fundamentals of Computer Networks
CS4700/CS5700 Fundamentals of Computer Networks Lecture 12: Inter-domain routing Slides used with permissions from Edward W. Knightly, T. S. Eugene Ng, Ion Stoica, Hui Zhang Alan Mislove amislove at ccs.neu.edu
More informationCSCE 463/612 Networks and Distributed Processing Spring 2018
CSCE 463/612 Networks and Distributed Processing Spring 2018 Network Layer IV Dmitri Loguinov Texas A&M University April 12, 2018 Original slides copyright 1996-2004 J.F Kurose and K.W. Ross 1 Chapter
More informationNetwork Layer: Routing
Network Layer: Routing The Problem A B R 1 R 2 R 4 R 3 Goal: for each destination, compute next hop 1 Lecture 9 2 Basic Assumptions Trivial solution: Flooding Dynamic environment: links and routers unreliable:
More information