the real-time Internet routing observatory Luca Sani

Transcription

1 the real-time Internet routing observatory Luca Sani 1 / 24

2 Our research topic: discovering the Internet structure Everyone knows the role of the Internet in our society, but since its commercialization in 1995, no one knows its complete structure anymore We focused mostly on the AS-level to reveal the routing policies regulating the Internet 2 / 24

3 Why is it important to reveal the Internet structure? For example to plan an optimal inter-domain network configuration to maintain an acceptable level of service in case of malicious or unintentional faults 3 / 24

4 Classic BGP Route Collector A Route Collector (RC) is a device which collects BGP routing data from co-operating ASes. RCs only collect routing information and not user traffic 4 / 24

5 Route collector projects BGP route collector projects Data collected is largely incomplete Most provider-to-customer connections are discovered Most public peering connections are missing Participants do not receive anything back in change of their data 5 / 24

6 Isolario project Isolario - The Book of Islands where we discuss about all islands of the world, with their ancient and modern names, histories, tales and way of living... Benedetto Bordone (Italian cartographer) Do-ut-des Participants need to open a BGP session with Isolario providing the BGP full routing table and its evolution over time In change, Isolario offers real-time and historic analysis applications based on the aggregation of every routing information collected 6 / 24

7 Isolario system overview Unlike classic route collectors, Isolario uses incoming BGP flows also to create services for the participants 7 / 24

8 Current feeders AS 2597 (cctld.it) AS 6882 (Regione Toscana) AS (MIX) AS (Panservice) AS (NAMEX) AS (TOP-IX) AS (Convergenze) AS (cctld.it Anycast) AS (Ninux) AS 2598 (CNR-Isolario project) AS 6762 (TI Sparkle) AS (Seeweb) AS (Trentino Network) AS (IperV) AS (Lepida) AS (Qcom) AS (Digitel Italia) AS (Sky Italia) 8 / 24

9 Isolario services for feeders Already available BGP flow viewer Routing table viewer Route flap detector Website reachability My Subnet reachability Route Collector Software Custom software to perform route collecting instead of Quagga New services Daily report Alerting system Historic routing table viewer Historic my subnet reachability 9 / 24

10 Isolario services for feeders Already available BGP flow viewer Routing table viewer Route flap detector Website reachability My Subnet reachability Route Collector Software Custom software to perform route collecting instead of Quagga New services Daily report Alerting system Historic routing table viewer Historic my subnet reachability 9 / 24

11 Already available services: Summary Routing table viewer (RTV) Allows to analyse in real-time portion(s) of the routing table that each feeder announced to Isolario Development status: ready 10 / 24

12 Already available services: Summary My subnet reachability (MSR) Allows to analyse in real-time the reachability of the subnets of each feeder from every other Isolario feeder perspective Development status: ready 11 / 24

13 New features Already available BGP flow viewer Routing table viewer Route flap detector Website reachability My Subnet reachability Route Collector Software Custom route collecting software New services Daily report Alerting system Historic routing table viewer Historic my subnet reachability 12 / 24

14 Route Collector Software We are going to replace Quagga with a custom route collecting software Scalability in terms of access to routing information wrt number of connected feeders and number of requests Full support for MRT data (RIB and UPDATEs dump) Feeders Readers Quagga Bird RCE s 1.67s 5.76s s 7.96s 6.43s s 31.4s s 34.9s s 2.69s 6.11s s 10.9s 6.58s s 35.6s 17.9s s 35.6s 1 356s 12.4s 6.23s s 37.7s 6.85s s 18.9s s 36.7s Time to dump one full routing table RAM (MB) Quagga Bird RCE # of feeders 13 / 24

15 New features Already available BGP flow viewer Routing table viewer Route flap detector Website reachability My Subnet reachability Route Collector Software Custom route collecting software New services Daily report Alerting system Historic routing table viewer Historic my subnet reachability 14 / 24

16 New services: Daily report Summary about the feeder inter-domain routing status as perceived by the Isolario system Routing statistics #Announce, #Withdrawn Most (un)stable prefixes Reachability statistics Inbound reachability BGP attributes statistics AS path anomalies One-time configuration: no need to be connected to the system 15 / 24

17 Daily report: Summary of statistics 16 / 24

18 Daily report (details) Users can decide to include in the report further details 17 / 24

19 Daily report (details) For example details about the nature of the most unstable prefixes 17 / 24

20 New services: Alerting system Different types of alarms BGP attributes: BGP UPDATEs matching attributes of interest are announced by the feeder Flap events: a prefix is experiencing a flap event (rate of BGP UPDATEs involving that prefix > threshold) Hijack: BGP UPDATEs hijacking a feeder subnet Prefix reachability: complete/partial (un)reachability of prefixes of interest Session down/up: the session with Isolario goes down Notification report Web page, , HTTP(S) POST 18 / 24

21 Alerting system: Example BGP attributes prefix subnet = /22 and as path substr = / 24

22 New services: Historic services Store the past Historic services exploit different BGP data sources (RouteViews, RIPE NCC RIS, Isolario) to show historic results Challenge: store original MRT data in a way that is quickly accessible Analyse the past Inspect the status of the inter-domain routing across a particular event Analyse how outages/attacks/censorships/de-peering affected the inter-domain routing dynamics of ASes 20 / 24

23 Historic services Applications Routing table viewer: Allows to analyse portion(s) of the routing table that each feeder announced to Isolario My subnet reachability: Allows to analyse the reachability of the subnets of each feeder from every perspective available in the past 21 / 24

24 Summary: how to use Isolario? Real-time services Something is happening How is my RIB(s) evolving? How is my reachability affected? Historic services Something happened How was my RIB(s) evolving? How was my reachability affected? Alerting System Something is happening NOW! Check real-time services! Do something! (if needed) Daily report Did something happen yesterday? Check historic services! Do something! (if needed) 22 / 24

25 Isolario future End of test phase So far Isolario was in a test phase We are about to become fully operational Support granted by CNR up to 2017 New public ASN 2598 To formalize the relationship with Isolario, we are going to propose to each feeder an agreement Distribute active measurement devices to enhance the measurement system and thus the offered services Agreement Feeders receive services in change of BGP data Isolario creates and maintains those services 23 / 24

26 Thank you for your attention Any question? Feeders and Feedbacks are most welcome! 24 / 24

27 25 / 24

28 Some result Feeders 17 ASes, 16 different organizations 12 are not connected to other RC projects 21 IPv4 sessions 14 IPv6 sessions AS-level connectivity computed across March 2015 data 3173 new AS connections 918 geolocated in Italy (+22.18%) 26 / 24

29 Why is it important to reveal the Internet structure? To understand how packets are routed in the Internet Identify routes involving non-national ISPs Identify the importance of each AS in the ecosystem To create economy-based models of the global Internet growth Study the effectiveness of p2p connections Build more realistic topology generators to simulate the Internet To properly select peers and diversify upstream providers based on their connectivity Increase network robustness Select data centers for server replicas Understand the effects of catastrophic events / 24