Inferring BGP Blackholing in the Internet
|
|
- Amice Hart
- 6 years ago
- Views:
Transcription
1 Inferring BGP Blackholing in the Internet Vasileios Giotsas, Georgios Smaragdakis, Christoph Dietzel, Philipp Richter, Anja Feldmann, and Arthur Berger TU Berlin CAIDA MIT DE-CIX Akamai
2 DDoS A&acks are a Serious Threat 2
3 Networks under A&ack AS AS2 AS3 AS4 AIack Target Server 3
4 Blackholing AS AS2 AS3 AS4 AIack Target Server 4
5 BGP Blackholing AS1 BGP AS2 AS3 AS4 AIack Target Server 5
6 BGP Blackholing AS AS2 AS3 AS4 AIack Target Server 6
7 Agenda BGP Blackholing in Detail Inference Methodology for BGP Blackholing Trends in BGP Blackholing AcDvity Visibility of BGP Blackholing BGP Blackholing Network Efficacy Profile of BGP Blackholing Adopters 7
8 Agenda BGP Blackholing in Detail Inference Methodology for BGP Blackholing Trends in BGP Blackholing AcDvity Visibility of BGP Blackholing BGP Blackholing Network Efficacy Profile of BGP Blackholing Adopters 8
9 BGP Blackholing in the Internet AS AS2 AS3 AS4 AIack Target Server 9
10 BGP Blackholing in the Internet AS /32 Community = AS3: AS2 AS3 RFC1997, RFC6535, RFC7999 AS4 AIack Target Server 10
11 Terminology /32 Community = AS3:666 AS3:666 Blackholing Community AS AS2 AS3 RFC1997, RFC6535, RFC7999 AS /32 Blackholed Prefix AIack Target Server 11
12 BGP Blackholing in the Internet AS AS2 AS3 RFC1997, RFC6535, RFC7999 AS4 AIack Target Server 12
13 BGP Blackholing in the Internet /32 Community = AS3:666 AS AS2 AS3 RFC1997, RFC6535, RFC7999 AS4 AIack Target Server 13
14 BGP Blackholing in the Internet AS AS2 AS3 RFC1997, RFC6535, RFC7999 AS4 AIack Target Server 14
15 Terminology /32 Community = AS3:666 AS1 AS2 AS3 Blackholing Provider AS AS4 Blackholing User AS4 AIack Target Server 15
16 BGP Blackholing in an IXP member AS1 member AS2 Route Server member AS3 IXP member AS4 AIack Target Server 16
17 BGP Blackholing in an IXP member AS1 member AS2 Route Server /32 Community = IXP: member AS3 IXP member AS4 AIack Target Server 17
18 BGP Blackholing in an IXP member AS /32 Next hop: (blackhole) Community = IXP:666 member AS2 Route Server member AS3 IXP member AS4 AIack Target Server 18
19 BGP Blackholing in an IXP member AS1 member AS2 Route Server member AS3 IXP member AS4 AIack Target Server 19
20 BGP Blackholing in an IXP member AS1 member AS2 member AS3 IXP Blackholing Provider Route Server IXP member AS4 AIack AS4 Target Blackholing Server User 20
21 Agenda BGP Blackholing in Detail Inference Methodology for BGP Blackholing Trends in BGP Blackholing AcDvity Visibility of BGP Blackholing BGP Blackholing Network Efficacy Profile of BGP Blackholing Adopters 21
22 BGP Blackhole Community DicDonary BGP CommuniDes are standardized We mine Internet Registries, NOC webpages etc. for keywords like blackhole, null route using Natural Language Processing Level3 DE-CIX 22
23 Methodology AS1 BGP Collector /32 AS3 AS1 Community = AS3: AS2 AS3 AS4 AIack Target Server 23
24 Methodology BGP Collector Starts at t 0 : A /32 provider:as3 user:as4 communiaes AS AS2 AS3 AS4 AIack Target Server 24
25 Methodology AS1 BGP Collector Starts at t 0 : A /32 provider:as3 user:as4 communiaes Ends at t 1 : W / / AS2 AS3 AS4 AIack Target Server 25
26 Methodology AS1 BGP Collector Starts at t 0 : A /32 provider:as3 user:as4 communiaes Ends at t 1 : W / AS2 AS3 AS4 AIack Target Server 26
27 Methodology t 3 : A /32 provider: AS13 user: AS9 communiaes t 4 : W /32 AS1 BGP Collector Starts at t 0 : A /32 provider:as3 user:as4 communiaes Ends at t 1 : W / t 7 : A /32 provider: AS30 user: AS11 communiaes t 8 : W /32 AS2 AS3 AS3 AS4 AIack Target Server 27
28 Agenda BGP Blackholing in Detail Inference Methodology for BGP Blackholing Trends in BGP Blackholing Acavity Visibility of BGP Blackholing BGP Blackholing Network Efficacy Profile of BGP Blackholing Adopters 28
29 BGP Datasets Source #IP peers #AS peers RIPE Route Views PCH 8,897 1,721 CDN 3,349 1,282 Total 12,940 2,798 CDN and PCH infer 3x more blackholed prefixes than RIPE and Route Views 29
30 The Rise of BGP Blackholing 2.5x 30
31 The Rise of BGP Blackholing 4x 31
32 The Rise of BGP Blackholing 6x 32
33 The Rise of BGP Blackholing Mirai 33
34 Agenda BGP Blackholing in Detail Inference Methodology for BGP Blackholing Trends in BGP Blackholing AcDvity Visibility of BGP Blackholing BGP Blackholing Network Efficacy Profile of BGP Blackholing Adopters 34
35 BGP Blackholing Inference StaDsDcs 35
36 BGP Blackholing PropagaDon AS1 BGP Collector /32 Community = AS3: /32 Next hop = R4 Community = AS3: AS120 AS130 AS3 AS140 BGP Collector AS4 AIack Target Server 36
37 BGP Blackholing Inference StaDsDcs Due to Blackholing Propagaaon 37
38 BGP Blackhole Bundling AS1 BGP Collector /32 Community = AS3:666, AS20:666, AS30:99, AS40: AS3 AS20 AS30 AS4 AIack Target Server AS40 38
39 BGP Blackholing Inference StaDsDcs Due to Blackholing Bundling 39
40 Agenda BGP Blackholing in Detail Inference Methodology for BGP Blackholing Trends in BGP Blackholing AcDvity Visibility of BGP Blackholing BGP Blackholing Network Efficacy Profile of BGP Blackholing Adopters 40
41 BGP Blackholing Efficacy: AcDve Measurements AS AS3 AS4 AIack Target Server 41
42 BGP Blackholing Efficacy: AcDve Measurements AS AS3 AS4 AIack Target Server 42
43 BGP Blackholing Efficacy: AcDve Measurements AS AS3 AS4 AIack Target Server 43
44 BGP Blackholing Efficacy: AcDve Measurements Reducaon by 5 IP hops (on average) 44
45 BGP Blackholing Efficacy: AcDve Measurements Reducaon by 3 AS hops (on average) 45
46 Agenda BGP Blackholing in Detail Inference Methodology for BGP Blackholing Trends in BGP Blackholing AcDvity Visibility of BGP Blackholing BGP Blackholing Network Efficacy Profile of BGP Blackholing Adopters 46
47 Popularity of Blackholing Providers 47
48 Popularity of Blackholing Providers 48
49 Popularity of Blackholing Users 49
50 Popularity of Blackholing Users 43% of bh prefixes belong to content providers/hosters 50
51 Profile of Blackholed Prefixes 50% 40% 30% 20% 10% 0 Open ports in hosts in 60% of the blackholed prefixes In many cases default hosdng so`ware configuradons Serve ephemeral or low-ranked domains 51
52 BGP Blackholing DuraDon 52
53 Conclusion The first Internet-wide study on the adopdon and state of BGP Blackholing Methodology to infer Blackholing acdvity from BGP data BGP Blackholing is on the rise in all three metrics (Providers, Users, Prefixes) BGP Blackholing is effecdve in dropping traffic early Profile of Blackholed adopters and Insights on Usage 53
54 Thank you! 54
BGP Community Harvesting: Locating Peering Infrastructures
Community Harvesting: Locating Peering Infrastructures Vasileios Giotsas, Christoph Dietzel, Georgios Smaragdakis, Anja Feldmann, Arthur Berger, Emile Aben # TU Berlin CAIDA DE-CIX MIT Akamai # RIPE NCC
More informationDetecting Peering Infrastructure Outages
Detecting Peering Infrastructure Outages ENOG14, Minsk Vasileios Giotsas, Christoph Dietzel, Georgios Smaragdakis, Anja Feldmann, Arthur Berger, Emile Aben # TU Berlin CAIDA DE-CIX MIT Akamai # RIPE NCC
More informationPeering at Peerings: On the Role of IXP Route Servers
Peering at Peerings: On the Role of IXP Route Servers Contact: Philipp Richter (prichter@inet.tu-berlin.de) Paper: net.t-labs.tu-berlin.de/~prichter/imc238-richtera.pdf Philipp Richter TU Berlin Nikolaos
More informationMAPPING PEERING INTERCONNECTIONS TO A FACILITY
MAPPING PEERING INTERCONNECTIONS TO A FACILITY Vasileios Giotsas 1 Georgios Smaragdakis 2 Bradley Huffaker 1 Matthew Luckie 3 kc claffy 1 vgiotsas@caida.org WIE 2015 1 UCSD/CAIDA 2 MIT/TU Berlin 3 University
More informationMAPPING PEERING INTERCONNECTIONS TO A FACILITY
MAPPING PEERING INTERCONNECTIONS TO A FACILITY Vasileios Giotsas 1 Georgios Smaragdakis 2 Bradley Huffaker 1 Matthew Luckie 3 kc claffy 1 vgiotsas@caida.org CoNEXT 2015 1 UCSD/CAIDA 2 MIT/TU Berlin 3 University
More informationBack-Office Web Traffic on the Internet. IMC 2014 Vancouver, BC, CANADA November 5-7, 2014
Back-Office Web Traffic on the Internet Enric Pujol Philipp Richter Balakrishnan Chandrasekaran Georgios Smaragdakis Anja Feldmann Bruce Maggs Keung- Chi Ng TU- Berlin TU- Berlin Duke University MIT /
More informationExpress or Local Lanes: On Assessing QoE over Private vs. Public Peering Links
Express or Local Lanes: On Assessing QoE over Private vs. Public Peering Links Walter Willinger, NIKSUN Inc. Anja Feldmann, Philipp Richter, TU Berlin Georgios Smaragdakis, MIT/TU Berlin Fabian Bustamante,
More informationBGP Routing Table Report
BGP Routing Table Report View of the routing table between 2006-2016 Objective Analyse changes in global routing table between 2006 to 2016 Analysis is along: 1. Top 5 well connected ASNs 2. Growth of
More informationThe forces behind the changing Internet: IXPs and content delivery and SDN
The forces behind the changing Internet: IXPs and content delivery and SDN Steve Uhlig Queen Mary, University of London steve@eecs.qmul.ac.uk http://www.eecs.qmul.ac.uk/~steve/ Credit to collaborators:
More informationUnderstanding the Share of IPv6 Traffic in a Dual-Stack ISP
Understanding the Share of IPv6 Traffic in a Dual-Stack ISP Enric Pujol, Philipp Richter, and Anja Feldmann PAM 2017, Sydney, Australia IPv6 adoption metrics User end hosts Server-side measurements e.g.,
More informationIllegitimate Source IP Addresses At Internet Exchange Points
Illegitimate Source IP Addresses At Internet Exchange Points @ DENOG8, Darmstadt Franziska Lichtblau, Florian Streibelt, Philipp Richter, Anja Feldmann 23.11.2016 Internet Network Architectures, TU Berlin
More informationImplementation of RPKI and IRR filtering on the AMS-IX platform. Stavros Konstantaras NOC Engineer
Implementation of RPKI and IRR filtering on the AMS-IX platform Stavros Konstantaras NOC Engineer RIPE EDUCA 2018 Agenda AMS-IX Route Servers Architecture Features Filtering IRRdb RPKI BGP Communities
More informationBGP Routing Table Report
BGP Routing Table Report View of the routing table between 2006-2016 Objective Analyse changes in global routing table between 2006 to 2016 Analysis is along: 1.Top 5 well connected ASNs 2.Growth of ASNs
More informationMobile Content Hosting Infrastructure in China: A View from a Cellular ISP. Zhenhua Li Chunjing Han Gaogang Xie
Mobile Content Hosting Infrastructure in China: A View from a Cellular ISP Zhenyu Li Donghui Yang Zhenhua Li Chunjing Han Gaogang Xie Continuous increase of mobile data CISCO projected: the mobile data
More informationBGP Communities: A measurement study
BGP Communities: A measurement study @RIPE77, Amsterdam Florian Streibelt 1, Franziska Lichtblau 1, Robert Beverly 2, Cristel Pelsser 3, Georgios Smaragdakis 4, Randy Bush 5, Anja Feldmann 1 Oct. 2018
More informationBuilding an AS-Topology Model that Captures Route Diversity
Building an AS-Topology Model that Captures Route Diversity Wolfgang Mühlbauer Technische Universität München wolfgang@net.in.tum.de Anja Feldmann Olaf Maennel Matthew Roughan Steve Uhlig Deutsche Telekom
More informationFG INET: Internet Network Architectures
FG INET: Internet Network Architectures Prof. Anja Feldmann, Ph.D. anja.feldmann@tu-berlin.de http://www.inet.tu-berlin.de/ 1 INET: Research Group Location MAR-4 Office hours Tuesday 12:30 13:00 After
More informationJumpstarting BGP Security. Yossi Gilad Joint work with: Avichai Cohen, Amir Herzberg, and Michael Schapira
Jumpstarting BGP Security Yossi Gilad Joint work with: Avichai Cohen, Amir Herzberg, and Michael Schapira Prefix hijacking Victim Path: 111 AS X AS 111 Boston University BGP Ad. AS 666 Data flow 2 Prefix
More informationInternet exchange Federation Project Funding Proposal
Internet exchange Federation Project Funding Proposal The Internet exchange Point Database (IXPDB) Executive Summary Internet Exchange Points (IXPs) are network facilities that enable the interconnection
More informationDailyCatch: A Provider-centric View of Anycast Behaviour
DailyCatch: A Provider-centric View of Anycast Behaviour Stephen McQuistin University of Glasgow Sree Priyanka Uppu Marcel Flores Verizon Digital Media Services What is IP anycast? 2 What is IP anycast?
More informationNetwork Layer (Routing)
Network Layer (Routing) Border Gateway Protocol Structure of the Internet Networks (ISPs, CDNs, etc.) group with IP prefixes Networks are richly interconnected, often using IXPs Prefix E1 Net E IXP Prefix
More informationDDoS Defense Mechanisms for IXP Infrastructures
DDoS Defense Mechanisms for IXP Infrastructures Tim Dijkhuizen Lennart van Gijtenbeek Supervisor: Stavros Konstantaras (AMS-IX) SNE: Research Project II 03-07-2018 Introduction Distributed Denial of Service
More informationWeb Content Cartography. Georgios Smaragdakis Joint work with Bernhard Ager, Wolfgang Mühlbauer, and Steve Uhlig
Web Content Cartography Georgios Smaragdakis Joint work with Bernhard Ager, Wolfgang Mühlbauer, and Steve Uhlig Cartography Cartography (from Greek Χάρτης, chartes or charax = sheet of papyrus (paper)
More informationInferring Multilateral Peering
Inferring Multilateral Peering ABSTRACT Vasileios Giotsas University College London v.giotsas@cs.ucl.ac.uk Matthew Luckie CAIDA / UC San Diego mjl@caida.org The AS topology incompleteness problem is derived
More informationGeorge Nomikos
George Nomikos gnomikos@ics.forth.gr To appear in IMC, Boston, 2018 V. Kotronis, P. Sermpezis, P. Gigis, L. Manassakis, C. Dietzel, S. Konstantaras, X. Dimitropoulos, V. Giotsas *Jane Coffin and Christian
More informationRPKI in practice. Sebastian Wiesinger DE-CIX Technical Meeting June 2017
RPKI in practice Sebastian Wiesinger sebastian.wiesinger@noris.net DE-CIX Technical Meeting June 2017 Generate ROAs Generate ROAs for your prefixes RIPE NCC makes this very easy Available at the LIR portal
More informationAnatomy of a Large European IXP
Anatomy of a Large European IXP Nikos Chatzis Nadi Sarrar TU Berlin/T-Labs Anja Feldmann TU Berlin/T-Labs Bernhard Ager ETH Zürich Steve Uhlig Queen Mary University of London Walter Willinger AT&T Labs
More informationIPv4/IPv6 BGP Routing Workshop. Organized by:
IPv4/IPv6 BGP Routing Workshop Organized by: Agenda Multihoming & BGP path control APNIC multihoming resource policy 2 ISP Hierarchy Default free zone Made of Tier-1 ISPs who have explicit routes to every
More informationMeasuring the Adoption of Route Origin Validation and Filtering
Measuring the Adoption of Route Origin Validation and Filtering Andreas Reuter (andreas.reuter@fu-berlin.de) Joint work with Randy Bush, Ethan Katz-Bassett, Italo Cunha, Thomas C. Schmidt, and Matthias
More informationA Multi-Perspective Analysis of Carrier-Grade NAT Deployment
A Multi-Perspective Analysis of Carrier-Grade NAT Deployment Philipp Richter, Florian Wohlfart, Narseo Vallina-Rodriguez, Mark Allman, Randy Bush, Anja Feldmann, Christian Kreibich, Nicholas Weaver, and
More informationISP-Aided Neighbor Selection for P2P Systems
ISP-Aided Neighbor Selection for P2P Systems Anja Feldmann Vinay Aggarwal, Obi Akonjang, Christian Scheideler (TUM) Deutsche Telekom Laboratories TU-Berlin 1 P2P traffic
More informationIntroduction to BGP. ISP/IXP Workshops
Introduction to BGP ISP/IXP Workshops 1 Border Gateway Protocol A Routing Protocol used to exchange routing information between different networks Exterior gateway protocol Described in RFC4271 RFC4276
More informationThe information in this document is based on Cisco IOS Software Release 15.4 version.
Contents Introduction Prerequisites Requirements Components Used Background Information Configure Network Diagram Relevant Configuration Verify Test case 1 Test case 2 Test case 3 Troubleshoot Introduction
More informationHow Complete and Accurate is the Internet Routing Registry (IRR)?
How Complete and Accurate is the Internet Routing Registry (IRR)? Dec 5 th 2011 4th CAIDA-WIDE-CASFI Joint Measurement Workshop Akmal Khan, Hyun-chul Kim, Ted "Taekyoung" Kwon Seoul National University
More informationAnalyzing static, dynamic, and gateway IPv4 addresses. Ramakrishna Padmanabhan, Dave Plonka, Arthur Berger
Analyzing static, dynamic, and gateway IPv4 addresses Ramakrishna Padmanabhan, Dave Plonka, Arthur Berger 1 Analyzing static, dynamic, and gateway IPv4 addresses Ramakrishna Padmanabhan, Dave Plonka, Arthur
More informationIntroduction to BGP. ISP Workshops. Last updated 30 October 2013
Introduction to BGP ISP Workshops Last updated 30 October 2013 1 Border Gateway Protocol p A Routing Protocol used to exchange routing information between different networks n Exterior gateway protocol
More informationPractical everyday BGP filtering with AS_PATH filters: Peer Locking
Practical everyday BGP filtering with AS_PATH filters: Peer Locking job@ntt.net Disclaimer: ISPs and their ASNs used in this talk are examples for discussion purpose only. NTT does not admit or deny any
More informationPERISCOPE: Standardizing and Orchestrating Looking Glass Querying
PERISCOPE: Standardizing and Orchestrating Looking Glass Querying Vasileios Giotsas UCSD/CAIDA vgiotsas@caida.org NANOG 68, October 17-19 2016, Dallas, TX Purpose of this Talk Inform the operational community
More informationTTM AS-level Traceroutes
TTM AS-level Traceroutes Matching IPs to ASes René Wilhelm New Projects Group RIPE NCC 1 Motivation TTM performs frequent traceroutes to find closest IP route for delay measurements
More informationAdvancing the Art of Internet Edge Outage Detection
Advancing the Art of Internet Edge Outage Detection ACM Internet Measurement Conference 2018 Philipp Richter MIT / Akamai Ramakrishna Padmanabhan University of Maryland Neil Spring University of Maryland
More informationIPv6 Pollution Traffic Analysis
IPv6 Pollution Traffic Analysis Manish Karir (DHS S&T Cyber Security Division) Jake Czyz, Kyle Lady, Sam Miller, Michael Kallitsis, Michael Bailey (University of Michigan) Internet Pollu+on Darknet sensors
More informationPeering observations on security and resiliency at IXPs Greg Hankins, AS NANOG 67
Peering observations on security and resiliency at IXPs Greg Hankins, AS 38016 NANOG 67 Image source: http://as2914.net/ 1 Nokia 2016 Public NANOG 67 2016/06/14 Agenda Introduction
More informationIPv6 Module 16 An IPv6 Internet Exchange Point
IPv6 Module 16 An IPv6 Internet Exchange Point Objective: To investigate methods for connecting to an Internet Exchange Point. Prerequisites: Modules 12, 14 and 15, and the Exchange Points Presentation
More informationBGP and inter-as economic relationships
BGP and inter-as economic relationships E. Gregori 1, A. Improta 2,1, L. Lenzini 2, L. Rossi 1, L. Sani 3 1 Institute of Informatics and Telematics, Italian National Research Council Pisa, Italy 2 Information
More informationENDEAVOUR: Towards a flexible software-defined network ecosystem
ENDEAVOUR: Towards a flexible software-defined network ecosystem Project name ENDEAVOUR Project ID H2020-ICT-2014-1 Project No. 644960 Working Package Number 5 Deliverable Number 5.3 Document title Report
More informationMeasuring Adoption of RPKI Route Origin Validation and Filtering
PEERING The BGP Testbed Measuring Adoption of RPKI Route Origin Validation and Filtering Andreas Reuter (andreas.reuter@fu-berlin.de) Joint work with Randy Bush, Ethan Katz-Bassett, Italo Cunha, Thomas
More informationMultihoming Techniques. bdnog8 May 4 8, 2018 Jashore, Bangladesh.
Multihoming Techniques bdnog8 May 4 8, 2018 Jashore, Bangladesh. 2 ISP Hierarchy Default free zone Internet Routers that have explicit routes to every network on the Internet Regional /Access Providers
More informationSecurity by BGP 101 Building distributed, BGP-based security system
Security by BGP 101 Building distributed, BGP-based security system Łukasz Bromirski lukasz@bromirski.net May 2017, CERT EE meeting Roadmap for the session BGP as security mechanism BGP blackholing project
More informationBGP ANOMALY DETECTION USING DATA MINING TECHNIQUES. Iñigo Ortiz de Urbina
BGP ANOMALY DETECTION USING DATA MINING TECHNIQUES Iñigo Ortiz de Urbina Introduction Goal Apply machine learning algorithms to mine network data and produce a preliminary offline anomaly detection system
More informationA content delivery perspective on mobility in the Internet
A content delivery perspective on mobility in the Internet Prof. Steve Uhlig Queen Mary, University of London steve@eecs.qmul.ac.uk Credit to collaborators: Bernhard Ager, Anja Feldmann, Benjamin Frank,
More informationProgrammatic Interface to Routing
Programmatic Interface to Routing NANOG 61 Draft version, slides will be updated before presentation Applications and Networks Routing system players: the Application and the Network. Different interdependent
More informationMeasuring IPv6 Adoption
Measuring IPv6 Adoption Presenter: Johannes Zirngibl Technische Universität München Munich, 18. May 2017 Author: Jakub Czyz (University of Michigan) Mark Allman (International Computer Science Institute)
More informationInternet Mapping Primitives
CYBER SECURITY DIVISION 2014 R&D SHOWCASE AND TECHNICAL WORKSHOP Internet Mapping Primitives Naval Postgraduate School Robert Beverly December 17, 2014 Team Profile Naval Postgraduate School: US Navy s
More informationBGP Route Leaks Analysis
BGP Route Leaks Analysis Benjamin Wijchers Faculty of Exact Sciences, department of Computer Science Vrije Universiteit Amsterdam December 3, 2014 Supervisors: Dr. Benno Overeinder (NLnetLabs) Dr. Paola
More informationfrom BGPlay to ibgplay
from BGPlay to ibgplay graphical inspection of your routing data maurizio pizzonia BGPlay team - compunet@dia.uniroma3.it BGPlay avalable as RIS tool since 2004 graphically shows RIS data shows for a certain
More informationBGP and the Internet
BGP and the Internet Communities, Transit, Collocation ISP/IXP Workshops 2000, Cisco Systems, Inc. 1 Advanced Community usage ISP/IXP Presentation_ID Workshops 2000, 1999, Cisco Systems, Inc. www.cisco.com
More informationIXP Techniques. 4 7 July 2017, Suva, Fiji.
IXP Techniques 4 7 July 2017, Suva, Fiji. Acknowledgment Cisco Systems Philip Smith 2 Overview What is an Internet Exchange Point (IXP)? What is the value of Peering? How to build an IXP? IXP Design Considerations
More informationThe Internet Ecosystem
The Internet Ecosystem How does the Internet really work? Alvaro Retana (aretana@cisco.com) Distinguished Engineer, Cisco Services Original Slides with Russ White (russ@riw.us) The Net What are the protocols
More informationInternet Engineering Task Force (IETF) Request for Comments: 7999 Category: Informational. NTT G. Doering SpaceNet AG G. Hankins Nokia October 2016
Internet Engineering Task Force (IETF) Request for Comments: 7999 Category: Informational ISSN: 2070-1721 T. King C. Dietzel DE-CIX J. Snijders NTT G. Doering SpaceNet AG G. Hankins Nokia October 2016
More informationBGP and the Internet
BGP and the Internet Transit and Internet Exchange Points 1 Definitions Transit carrying traffic across a network, usually for a fee traffic and prefixes originating from one AS are carried across an intermediate
More informationAPNIC elearning: BGP Basics. 30 September :00 PM AEST Brisbane (UTC+10) Revision: 2.0
APNIC elearning: BGP Basics 30 September 2015 1:00 PM AEST Brisbane (UTC+10) Issue Date: 07 July 2015 Revision: 2.0 Presenter Nurul Islam (Roman) Senior Training Specialist, APNIC Nurul maintains the APNIC
More informationGeorgios Smaragdakis
Georgios Smaragdakis http://www.smaragdakis.net georgios.smaragdakis@tu-berlin.de Research Interests My research brings a data- and measurement-driven approach to understand the state and improve the health
More informationRIPE NCC Routing Information Service (RIS)
RIPE NCC Routing Information Service (RIS) Overview Colin Petrie 14/12/2016 RON++ What is RIS? What is RIS? Worldwide network of BGP collectors Deployed at Internet Exchange Points - Including at AMS-IX
More informationMultihoming Complex Cases & Caveats
Multihoming Complex Cases & Caveats ISP Workshops Last updated 6 October 2011 Complex Cases & Caveats p Complex Cases n Multiple Transits n Multi-exit backbone n Disconnected Backbone n IDC Multihoming
More informationDE-CIX Academy: BGP - Multihoming
Notice of Liability Despite careful checking of content, we accept no liability for the content of external links. Content on linked sites is exclusively the responsibility of the respective website operator.
More informationBGP101. Howard C. Berkowitz. (703)
BGP101 Howard C. Berkowitz hcb@clark.net (703)998-5819 What is the Problem to be Solved? Just configuring the protocol? Participating in the Internet and/or running Virtual Private Networks A Life Cycle
More informationRouting State Distance: A Path-based Metric for Network Analysis Gonca Gürsun
Routing State Distance: A Path-based Metric for Network Analysis Gonca Gürsun joint work with Natali Ruchansky, Evimaria Terzi, Mark Crovella Distance Metrics for Analyzing Routing Shortest Path Similar
More informationModule 16 An Internet Exchange Point
ISP Workshop Lab Module 16 An Internet Exchange Point Objective: To investigate methods for connecting to an Internet Exchange Point. Prerequisites: Modules 12 and 13, and the Exchange Points Presentation
More informationModelling Inter-Domain Routing
Modelling Inter-Domain Routing Olaf Maennel University of Adelaide Wolfgang MühlbauerM Technical University Munich Anja Feldmann Technical University Munich Steve Uhlig Université catholique de Louvain
More informationSecuring the Internet at the Exchange Point Fernando M. V. Ramos
Securing the Internet at the Exchange Point Fernando M. V. Ramos 18.09.2017 Securing the Internet at the Exchange Point Fernando M. V. Ramos 18.09.2017 There are vulnerabilities in the Internet architecture
More informationRouting Is At Risk. Let's Secure It Together. Andrei Robachevsky 1
Routing Is At Risk. Let's Secure It Together Andrei Robachevsky robachevsky@isoc.org 1 No Day Without an Incident 120 6 month of suspicious activity 100 80 60 Hijack Leak 40 20 0 1/1/17 2/1/17 3/1/17 4/1/17
More informationInternet Engineering Task Force. Intended status: Standards Track Expires: May 4, 2016 November 1, 2015
Internet Engineering Task Force J. Mauch Internet-Draft J. Snijders Intended status: Standards Track NTT Expires: May 4, 2016 November 1, 2015 By default reject propagation when no policy is associated
More informationThe BGP Visibility Scanner
The BGP Visibility Scanner Andra Lutu 1,2, Marcelo Bagnulo 2 and Olaf Maennel 3 Institute IMDEA Networks 1, University Carlos III Madrid 2, Loughborough University 3 Problem Statement The routing preferences
More informationA Server-to-Server View of the Internet
A Server-to-Server View of the Internet Balakrishnan Chandrasekaran Duke University balac@cs.duke.edu Georgios Smaragdakis MIT / TU Berlin / Akamai gsmaragd@csail.mit.edu Arthur Berger MIT / Akamai awberger@csail.mit.edu
More informationLocating Internet Routing Instabilities
Locating Internet Routing Instabilities Anja Feldmann Olaf Maennel Z. Morley Mao Arthur Berger Bruce Maggs TU-München TU-München U. of Michigan MIT/Akamai Technologies CMU/Akamai Technologies München,
More informationSoftware Systems for Surveying Spoofing Susceptibility
Software Systems for Surveying Spoofing Susceptibility Matthew Luckie, Ken Keys, Ryan Koga, Bradley Huffaker, Robert Beverly, kc claffy https://spoofer.caida.org/ NANOG68, October 18th 2016 www.caida.o
More informationStrategies, approaches and ethical considerations
Strategies, approaches and ethical considerations q Internet design principles and measurements q Strategies and standards q Experimental approaches q Ethical considerations Design principles of the Internet
More informationThe BGP Visibility Scanner
The BGP Visibility Scanner Andra Lutu 1,2, Marcelo Bagnulo 2 and Olaf Maennel 3 Institute IMDEA Networks 1, University Carlos III Madrid 2, Loughborough University 3 Problem Statement } The routing preferences
More informationUsing Loops Observed in Traceroute to Infer the Ability to Spoof
Using Loops Observed in Traceroute to Infer the Ability to Spoof Qasim Lone 1,MatthewLuckie 2, Maciej Korczyński 1,andMichelvanEeten 1 1 Delft University of Technology, the Netherlands Q.B.Lone, Maciej.Korczynski,
More informationRouting Is At Risk. Let's Secure It Together. Andrei Robachevsky 1
Routing Is At Risk. Let's Secure It Together Andrei Robachevsky robachevsky@isoc.org 1 No Day Without an Incident 120 6 month of suspicious activity 100 80 60 Hijack Leak 40 20 0 1/1/17 2/1/17 3/1/17 4/1/17
More informationService Provider Multihoming
Service Provider Multihoming BGP Traffic Engineering 1 Service Provider Multihoming Previous examples dealt with loadsharing inbound traffic Of primary concern at Internet edge What about outbound traffic?
More informationA First Look at QUIC in the Wild
A First Look at QUIC in the Wild Jan Rüth 1, Ingmar Poese 2, Christoph Dietzel 3, Oliver Hohlfeld 1 1 : RWTH Aachen University 2 : Benocs GmbH 3 : TU Berlin / DE-CIX http://comsys.rwth-aachen.de/ London
More informationA Region-Centric Analysis of the Internet Peering Ecosystem
Computer Science Technical Reports Computer Science 6-216 A Region-Centric Analysis of the Internet Peering Ecosystem Rajesh Putta Venkata Iowa State University, rajeshpv@iastate.edu Lu Ruan Iowa State
More informationAttack Fingerprint Sharing: The Need for Automation of Inter-Domain Information Sharing
Attack Fingerprint Sharing: The Need for Automation of Inter-Domain Information Sharing RIPE 50 Stockholm, Sweden Danny McPherson danny@arbor.net May 3, 2005 Agenda What s a bot and what s it used for?
More informationPDF hosted at the Radboud Repository of the Radboud University Nijmegen
PDF hosted at the Radboud Repository of the Radboud University Nijmegen The following full text is a preprint version which may differ from the publisher's version. For additional information about this
More informationMeasuring RPKI Route Origin Validation in the Wild
Master Thesis Measuring RPKI Route Origin Validation in the Wild Andreas Reuter Matr. 4569130 Supervisor: Prof. Dr. Matthias Wählisch Institute of Computer Science, Freie Universität Berlin, Germany January
More informationSierra- Cedar s Best PracDces for Building a Security OperaDons Center
Copyright 2015 Splunk Inc. Sierra- Cedar s Best PracDces for Building a Security OperaDons Center Robert Miller Manager Corporate Security, Sierra- Cedar, Inc. Disclaimer During the course of this presentadon,
More informationIntroduction to BGP ISP/IXP Workshops
Introduction to BGP ISP/IXP Workshops 1 Border Gateway Protocol Routing Protocol used to exchange routing information between networks exterior gateway protocol RFC1771 work in progress to update draft-ietf-idr-bgp4-18.txt
More informationBGP and the Internet
BGP and the Internet Using Communities for Multihoming 1 Multihoming and Communities The BGP community attribute is a very powerful tool for assisting and scaling BGP Multihoming 2 Loadsharing Using Communities
More informationApplication Layer Traffic Optimization (ALTO)
Application Layer Traffic Optimization (ALTO) Network Positioning System Stefano Previdi - sprevidi@cisco.com Distinguished Engineer Cisco Systems RIPE61 Rome, November 2010 1 Cisco NPS Introduction NPS
More informationPEERING AND BENEFITS
PEERING AND BENEFITS Martin Hannigan Director, Network and Data Center Architecture CaribNOG 9 Castries, St. Lucia Agenda What is an Internet Exchange Point (IXP)? What is Peering? Why networks use IXPs
More informationThe real-time Internet routing observatory. Luca Sani RIPE Meeting 77 Amsterdam, NL October 15 th, 2018
The real-time Internet routing observatory Luca Sani RIPE Meeting 77 Amsterdam, NL October 15 th, 2018 Isolario project Objective: foster ASes to share their BGP data The more the ASes, the more the completeness
More informationFG INET: Intelligent Networks
FG INET: Intelligent Networks An-Institut Deutsche Telekom Laboratories Prof. Anja Feldmann, Ph.D. anja@net.t-labs.tu-berlin.de http://www.net.t-labs.tu-berlin.de/ 1 INET: Research Group Location Telefunkenhochhaus,
More informationRevisiting router architectures with Zipf
Revisiting router architectures with Zipf Steve Uhlig Deutsche Telekom Laboratories/TU Berlin Nadi Sarrar, Anja Feldmann Deutsche Telekom Laboratories/TU Berlin Rob Sherwood, Xin Huang Deutsche Telekom
More informationReport: Applicability of current "constrained facility search" mapping methods to intra-u.s interconnections
Report: Applicability of current "constrained facility search" mapping methods to intra-u.s interconnections Bradley Huffaker, Marina Fomenkov, kc claffy UCSD/CAIDA bradley,marina,kc@caida.org ABSTRACT
More information32-bit ASNs. Greg Hankins Chris Malayter APRICOT 2009 APRICOT /02/25
32-bit ASNs Greg Hankins ghankins@force10networks.com Chris Malayter cmalayter@switchanddata.com APRICOT 2009 APRICOT 2009 2009/02/25 ASN Terminology Soup What??? 2-octet, 2-byte, 16-bit, ASN16, and OLD
More informationNew levels of cooperation between eyeball ISPs and OTT/CDNs. RIPE 75 Dubai Oct 24, 2017 Falk von Bornstaedt, DTAG ICSS
New levels of cooperation between eyeball ISPs and OTT/CDNs. RIPE 75 Dubai Oct 24, 2017 Falk von Bornstaedt, DTAG ICSS 1 LACK OF TRANSPARENCY IMPAIRS internet performance Appl e Traffic Generators Clouds
More informationMeasurement and Analysis for Protocols Research Group (maprg) London, March 20, 2018
Measurement and Analysis for Protocols Research Group (maprg) London, March 20, 2018 co-chairs : Mirja Kühlewind Dave Plonka Intellectual
More informationAre We Growing Fast Enough?
IPv6 routing table Introduction 1 Are We Growing Fast Enough? A snapshot of the global IPv6 routing table Gert Döring, SpaceNet AG, Munich, Germany May 5, 2009 RIPE 58, Amsterdam IPv6 routing table Overview
More informationRouting Control at Peering Points. HKNOG 0.1 Raphael Ho
Routing Control at Peering Points HKNOG 0.1 Raphael Ho Peering Points Types Bi-Lateral Fine grained control Potentially complicated to manage Multi-lateral Coarse grained control Simple to manage for some
More information