PEERING: An AS for Us

Transcription

1 1 : An AS for Us Ethan Katz-Bassett (University of Southern California) with: Brandon Schlinker and Kyriakos Zarifis (USC) Italo Cunha (UFMG Brazil) Nick Feamster (Georgia Tech) Supported By:

2 : An AS for Us (and You) 2 We are building a BGP testbed called!exchange routes and traffic with real ISPs!Expanding and adding functionality We ve found it useful (bold=required )! LIFEGUARD: route around failures! PECAN: joint content & network routing! PoiRoot: locate root cause of path changes! ARROW: deployable fix to routing problems! SDX: software-defined Internet exchange [SIGCOMM 2012] [SIGMETRICS 2013] [SIGCOMM 2013] [SIGCOMM 2014] [SIGCOMM 2014] We want you to use it

3 Why do we need a new testbed? 3 1. BGP contributes to many of the Internet s fundamental problems

4 Many problems with interdomain routing 4 BGP contributes to many of the Internet s BGP design results in: fundamental problems Poor performance due to circuitous routes [Spring et al. SIGCOMM 03. Krishnan et al. IMC 09] Security vulnerabilities such as hijacking and spoofing [Ballani et al. SIGCOMM 08. Beverly et al. IMC 09] Transient outages due to delayed convergence [Labovitz et al. SIGCOMM 00] Persistent outages due to protocol interactions [Katz-Bassett et al. NSDI 08. Quan et al. SIGCOMM 11] (the list goes on )

5 Why do we need a new testbed? 5 1. BGP contributes to many of the Internet s fundamental problems 2. Limited existing tools for BGP research

6 Motivating example: ARROW 6 ARROW: Advertising Reliable Routing Over Waypoints Peter et al., SIGCOMM 2014! ISP offers QoS tunnel across their network to remote customers to address problems from previous slide! Need to prototype ARROW ISP " Proof of concept, deployability " Evaluate vs existing Internet paths ARROW ISP Default Internet path

7 Existing approaches 7 Measurements: Realism without Control! Real view of routing! But passive observation only " Cannot change route and see effects " Cannot experiment with routing policies or protocols Simulation/Emulation: Control without Realism! Overcome lack of control! But can t accurately model Internet topology or policy

8 Goal: Control AND Realism 8 Existing approaches: Measurements: Realism without Control Simulation/Emulation: Control without Realism Goal: Realistic conditions to test under, and Control of experiment s routing

9 Approach: Our ISP interacts with real ones 9 Approach: Exchange routes and traffic with real ISPs, expose experiment to Internet policies & interactions Motivating example: ARROW! Need to prototype ARROW ISP ARROW ISP! Requirements " Define ARROW topology " Select routes from peers Internet " Attract traffic to ARROW routers " Route traffic across intradomain and to peers

10 What do we need for this prototype? 10! Resources! IP address space! AS number! Connectivity & contracts! BGP peering with real ISPs! Data plane forwarding ARROW ISP Internet! Time and money

11 : a community testbed 11 Solve problems once!establish peerings and PoPs!Safety " Filter spoofing, hijacks, leaks " Rate limit announcements and traffic Centralize relationships!isps have a relationship with us, not each experiment!stable peerings!central point-of-contact for ops and support!centralize trust

12 We are participants in Internet routing 12! Resources! IP address space /19! AS number AS47065! Connectivity & contracts! BGP peering with real ISPs 100s of peers! Data plane forwarding Send & receive traffic! Time and money One-time cost USC Cox Comm. UFMG Verizon L3 GBLX Hurr. Electric Trans Telecom Sprint GT Akamai

13 Pairing Emulated Experiments with 13 Real Interdomain Network Gateways is AS47065! 6 universities as providers Verizon Pairing Emulated Experiments with Real Interdomain Network Gateways USC Cox Comm. L3 GBLX Hurr. Electric Trans Telecom Akamai UFMG Sprint With, a researcher: GT! Emulates an ISP, including its topology and routing policies! Connects the emulated ISP to real ISPs on the Internet via BGP! Controls the ISP, including its exchange of traffic and routes

14 Pairing Emulated Experiments with Real Interdomain Network Gateways 14 is AS47065! 6 universities as providers Verizon Pairing Emulated Experiments with Real Interdomain Network Gateways USC Cox Comm. L3 GBLX Hurr. Electric Trans Telecom Akamai UFMG Sprint With, a researcher:! Emulates an ISP, including its topology and routing policies GT! Connects the emulated ISP to real ISPs on the Internet via BGP! Controls the ISP, including its exchange of traffic and routes

15 Transparent connectivity to upstream 15 is AS47065 P! Owns /19! 6 universities as providers Verizon Pairing Emulated Experiments with Real Interdomain Network Gateways USC Cox Comm. L3 GBLX Hurr. Electric Trans Telecom Akamai UFMG Sprint With, a researcher:! Emulates an ISP, including its topology and routing policies GT! Connects the emulated ISP to real ISPs on the Internet via BGP! Controls the ISP, including its exchange of traffic and routes

16 Transparent connectivity to upstream 15 is AS47065! Owns /19! 6 universities as providers P Verizon Pairing Emulated Experiments with Real Interdomain Network Gateways USC Cox Comm. L3 GBLX Hurr. Electric Trans Telecom Akamai UFMG Sprint With, a researcher:! Emulates an ISP, including its topology and routing policies GT! Connects the emulated ISP to real ISPs on the Internet via BGP! Controls the ISP, including its exchange of traffic and routes

17 Transparent connectivity to upstream 15 is AS47065! Owns /19! 6 universities as providers P USC P Verizon Pairing Emulated Experiments with Real Interdomain Network Gateways USC Cox Comm. L3 GBLX Hurr. Electric Trans Telecom Akamai UFMG Sprint With, a researcher: GT! Emulates an ISP, including its topology and routing policies! Connects the emulated ISP to real ISPs on the Internet via BGP! Controls the ISP, including its exchange of traffic and routes

18 Transparent connectivity to upstream 15 is AS47065! Owns /19! 6 universities as providers Pairing Emulated Experiments with Real Interdomain Network Gateways USC Cox Comm. P USC P GBLX USC P Verizon L3 USC P L3 GBLX Hurr. Electric Trans Telecom Akamai UFMG Sprint With, a researcher: GT! Emulates an ISP, including its topology and routing policies! Connects the emulated ISP to real ISPs on the Internet via BGP! Controls the ISP, including its exchange of traffic and routes

19 Transparent connectivity to upstream 15 is AS47065! Owns /19! 6 universities as providers Pairing Emulated Experiments with Real Interdomain Network Gateways USC Cox Comm. P USC P GBLX USC P Verizon L3 USC P L3 GBLX Hurr. Electric Trans Telecom Akamai With, a researcher: Sprint UFMG UFMG GBLX USC P GT! Emulates an ISP, including its topology and routing policies! Connects the emulated ISP to real ISPs on the Internet via BGP! Controls the ISP, including its exchange of traffic and routes

20 Transparent connectivity to upstream 15 is AS47065! Owns /19! 6 universities as providers Pairing Emulated Experiments with Real Interdomain Network Gateways With, a researcher: USC Cox Comm. P USC P GBLX USC P UFMG Verizon L3 USC P L3 GBLX UFMG GBLX USC P Hurr. Electric Trans Telecom Sprint! Emulates an ISP, including its topology and routing policies GT Akamai Sprint L3 USC P! Connects the emulated ISP to real ISPs on the Internet via BGP! Controls the ISP, including its exchange of traffic and routes

21 Transparent connectivity to upstream 15 is AS47065! Owns /19! 6 universities as providers Pairing Emulated Experiments with Real Interdomain Network Gateways With, a researcher: USC Cox Comm. P USC P GBLX USC P UFMG Verizon L3 USC P L3 GBLX UFMG GBLX USC P Hurr. Electric Trans Telecom Sprint! Emulates an ISP, including its topology and routing policies GT Akamai Sprint L3 USC P! Connects the emulated ISP to real ISPs on the Internet via BGP! Controls the ISP, including its exchange of traffic and routes GT Sprint L3 USC P

22 Transparent connectivity to upstream 15 is AS47065! Owns /19! 6 universities as providers Pairing Emulated Experiments with Real Interdomain Network Gateways With, a researcher: USC Cox Comm. P USC P GBLX USC P UFMG Verizon L3 USC P L3 GBLX UFMG GBLX USC P Hurr. Electric Trans Telecom Sprint! Emulates an ISP, including its topology and routing policies GT Akamai Sprint L3 USC P! Connects the emulated ISP to real ISPs on the Internet via BGP! Controls the ISP, including its exchange of traffic and routes GT Sprint L3 USC P

23 Expose routing policy via announcements 16 is AS47065! Owns /19 P P! 6 universities as providers Verizon USC Cox Comm. L3 GBLX Hurr. Electric Trans Telecom Akamai UFMG Sprint Example experiment: GT! Vary announcements! Observe reactions to infer policy! See PoiRoot [SIGCOMM 13] for more details

24 Expose routing policy via announcements 16 is AS47065! Owns /19! 6 universities as providers P Verizon USC Cox Comm. L3 GBLX Hurr. Electric Trans Telecom Akamai UFMG Sprint Example experiment: P GT! Vary announcements! Observe reactions to infer policy! See PoiRoot [SIGCOMM 13] for more details

25 Expose routing policy via announcements 16 is AS47065! Owns /19! 6 universities as providers P USC P Verizon USC Cox Comm. L3 GBLX Hurr. Electric Trans Telecom Akamai Example experiment:! Vary announcements! Observe reactions to infer policy UFMG P UFMG! See PoiRoot [SIGCOMM 13] for more details P Sprint GT

26 Expose routing policy via announcements 16 is AS47065! Owns /19! 6 universities as providers Cox Comm. P USC P Verizon USC L3 GBLX USC P GBLX Hurr. Electric Trans Telecom Akamai Example experiment:! Vary announcements! Observe reactions to infer policy UFMG P UFMG! See PoiRoot [SIGCOMM 13] for more details P Sprint GT

27 Expose routing policy via announcements 16 is AS47065! Owns /19! 6 universities as providers USC Cox Comm. P USC P GBLX USC P Verizon L3 USC P L3 GBLX Hurr. Electric Trans Telecom Akamai Example experiment:! Vary announcements! Observe reactions to infer policy UFMG P UFMG! See PoiRoot [SIGCOMM 13] for more details P Sprint GT

28 Expose routing policy via announcements 16 is AS47065! Owns /19! 6 universities as providers USC Cox Comm. P USC P GBLX USC P Verizon L3 USC P L3 GBLX Hurr. Electric Trans Telecom Akamai Example experiment:! Vary announcements! Observe reactions to infer policy UFMG P UFMG! See PoiRoot [SIGCOMM 13] for more details P Sprint GT

29 Expose routing policy via announcements 17 is AS47065! Owns /19! 6 universities as providers USC Cox Comm. P USC P GBLX USC P Verizon L3 USC P L3 GBLX Hurr. Electric Trans Telecom Akamai Example experiment:! Vary announcements! Observe reactions to infer policy UFMG! See PoiRoot [SIGCOMM 13] for more details P UFMG P Sprint GT

30 Expose routing policy via announcements 17 is AS47065! Owns /19! 6 universities as providers USC Cox Comm. P P P USC P GBLX USC P Verizon L3 USC P L3 GBLX Hurr. Electric Trans Telecom Akamai Example experiment:! Vary announcements! Observe reactions to infer policy UFMG! See PoiRoot [SIGCOMM 13] for more details P UFMG P Sprint GT

31 Expose routing policy via announcements 17 is AS47065! Owns /19! 6 universities as providers USC Cox Comm. USC P P P P GBLX USC P Verizon L3 USC P L3 GBLX Hurr. Electric Trans Telecom Akamai Example experiment:! Vary announcements! Observe reactions to infer policy UFMG! See PoiRoot [SIGCOMM 13] for more details P UFMG P Sprint GT

32 Expose routing policy via announcements 17 is AS47065! Owns /19! 6 universities as providers USC P P P USC Cox Comm. P P P GBLX USC P Verizon L3 USC P L3 GBLX Hurr. Electric Trans Telecom Akamai Example experiment:! Vary announcements! Observe reactions to infer policy UFMG P UFMG! See PoiRoot [SIGCOMM 13] for more details P Sprint GT

33 Expose routing policy via announcements 17 is AS47065! Owns /19! 6 universities as providers USC P P P USC Cox Comm. P P P GBLX USC P Verizon L3 USC P P P L3 GBLX Hurr. Electric Trans Telecom Akamai Example experiment:! Vary announcements! Observe reactions to infer policy UFMG P UFMG! See PoiRoot [SIGCOMM 13] for more details P Sprint GT

34 Expose routing policy via announcements 17 is AS47065! Owns /19! 6 universities as providers USC P P P USC Cox Comm. P P P Verizon L3 GBLX USC P P P GBLX USC P L3 USC P P P GBLX Hurr. Electric Trans Telecom Akamai Example experiment:! Vary announcements! Observe reactions to infer policy UFMG P UFMG! See PoiRoot [SIGCOMM 13] for more details P Sprint GT

35 Expose routing policy via announcements 17 is AS47065! Owns /19! 6 universities as providers USC P P P USC Cox Comm. P P P L3 GBLX UFMG P GBLX USC P Verizon L3 USC P P P GBLX Hurr. Electric Trans Telecom Akamai Example experiment:! Vary announcements! Observe reactions to infer policy UFMG P UFMG! See PoiRoot [SIGCOMM 13] for more details P Sprint GT

36 Expose routing policy via announcements 17 is AS47065! Owns /19! 6 universities as providers USC P P P USC Cox Comm. P P P L3 GBLX UFMG P GBLX USC P Verizon L3 USC P P P GBLX Hurr. Electric Trans Telecom Akamai Example experiment:! Vary announcements! Observe reactions to infer policy UFMG P UFMG! See PoiRoot [SIGCOMM 13] for more details P Sprint GT

37 Rich connectivity via IXPs 18 is AS47065! Owns /19! 6 universities as providers Verizon Phoenix-IX! Peers at AMS-IX " Largest IXP in the world " 500+ peers: Akamai, Google, Hurricane Electric, Terremark, TransTeleCom, "13 of the 50 largest ISPs 1 USC Cox Comm. UFMG L3 GBLX Hurr. Electric Trans Telecom Sprint AMS-IX Akamai! And now Phoenix-IX GT 1. CAIDA AS Rank

38 at AMS-IX 19 USC Experiment UW Experiment

39 at AMS-IX 20 emulated AS (Mininet) routing engine (Quagga)

40 Making Announcements via AMS-IX 21

41 Receiving Routes via AMS-IX 22

42 Exchanging Traffic via AMS-IX 23

43 Isolation of Experiments at AMS-IX 24

44 Emulate network, attach to 25 Emulate network(s) with:! MinineXt! VINI Phoenix-IX! Emulab THE INTERNET AMS-IX

45 Emulate network, attach to 26 Emulate network(s) with:! MinineXt! VINI Phoenix-IX! Emulab THE INTERNET AMS-IX

46 meets ARROW s needs 27 ARROW requirements ARROW ISP " Define ARROW topology " Select routes from peers Phoenix-IX " Attract traffic to ARROW " Route traffic across intradomain and to peers AMS-IX

47 meets ARROW s needs 28 ARROW requirements ARROW ISP " Define ARROW topology " Select routes from peers Phoenix-IX " Attract traffic to ARROW " Route traffic across intradomain and to peers AMS-IX

48 meets ARROW s needs 28 ARROW requirements ARROW ISP " Define ARROW topology " Select routes from peers Phoenix-IX " Attract traffic to ARROW " Route traffic across intradomain and to peers AMS-IX

49 meets ARROW s needs 29 ARROW requirements " Define ARROW topology " Select routes from peers ARROW ISP ARROW Phoenix-IX " Attract traffic to ARROW " Route traffic across intradomain and to peers AMS-IX

50 meets ARROW s needs 30 ARROW requirements ARROW ISP " Define ARROW topology " Select routes from peers Phoenix-IX " Attract traffic to ARROW ARROW " Route traffic across intradomain and to peers AMS-IX

51 meets ARROW s needs 30 ARROW requirements ARROW ISP " Define ARROW topology " Select routes from peers Phoenix-IX " Attract traffic to ARROW ARROW " Route traffic across intradomain and to peers AMS-IX

52 meets ARROW s needs 30 ARROW requirements ARROW ISP " Define ARROW topology " Select routes from peers Phoenix-IX " Attract traffic to ARROW ARROW " Route traffic across intradomain and to peers AMS-IX

53 meets ARROW s needs 30 ARROW requirements ARROW ISP " Define ARROW topology " Select routes from peers Phoenix-IX " Attract traffic to ARROW ARROW " Route traffic across intradomain and to peers AMS-IX

54 meets ARROW s needs 31 ARROW requirements ARROW ISP " Define ARROW topology " Select routes from peers Phoenix-IX " Attract traffic to ARROW ARROW " Route traffic across intradomain and to peers AMS-IX

55 meets ARROW s needs 31 ARROW requirements ARROW ISP " Define ARROW topology " Select routes from peers Phoenix-IX " Attract traffic to ARROW ARROW " Route traffic across intradomain and to peers AMS-IX

56 meets ARROW s needs 32 ARROW requirements ARROW ISP " Define ARROW topology " Select routes from peers Phoenix-IX " Attract traffic to ARROW ARROW " Route traffic across intradomain and to peers : Pairing Emulated Experiments with Real Interdomain Network Gateways AMS-IX! Emulate ARROW ISP! Connect ARROW to real ISPs, expose to real routes and policy! Control ARROW, including traffic and routes! Measure in comparison to real BGP paths

57 yields insight into routing problems 33 Poor performance due to circuitous routes PECAN used to find higher-performing paths Security vulnerabilities such as hijacking and spoofing ARROW used to prototype defense Transient outages due to delayed convergence LIFEGUARD used to speed convergence Persistent outages due to protocol interactions LIFEGUARD used to routing around failures Lack of visibility into policy and topology PoiRoot used to expose policy SDX used to demonstrate richer policy expression uses IXPs to attain rich connectivity

58 Conclusion 34 Little innovation in interdomain routing in 20 years! Yet BGP is at the root of fundamental Internet problems! Researchers lacked tools to run meaningful experiments provides a new approach to Internet research! Connects emulated ISPs with real ISPs on the Internet!Vision is to let researchers run the ISP of their choice A community testbed!contact us if you want to use or contribute!!