IP Reachability Differences: Myths and Reali<es

Similar documents
IP Reachability Differences: Myths and Realities

Destination Reachability and BGP Convergence Time. Beichuan Zhang (UCLA) Dan Massey (Colorado State) Lixia Zhang (UCLA)

6 Watch: Monitoring IPv6 Deployment and Connectivity

Investigating occurrence of duplicate updates in BGP announcements

Monitoring IPv6 Content Accessibility and Reachability. Contact: R. Guerin University of Pennsylvania

Rethinking Path Valida/on. Russ White

Module 14 Transit. Objective: To investigate methods for providing transit services. Prerequisites: Modules 12 and 13, and the Transit Presentation

Inter-Domain Routing: BGP

Understanding BGP Behavior through a Study of DoD Prefixes Λ

On characterizing BGP routing table growth

Simulating Internet Scale Topologies with Metarouting

Understanding Opera.onal Rou.ng (part II) Geoffrey Xie Naval Postgraduate School

Combining Ac5ve Route Measurements with Passive BGP Data

Quantifying Path Exploration in the Internet

Inter-Domain Routing: BGP

New World BGP. Geoff Huston January2010 APNIC

Prop-083v003. Alterna(ve criteria for subsequent IPv6 alloca(ons. APNIC 31, Hong Kong. Skeeve Stevens

The Spoofer Project Inferring the Extent of Source Address Filtering on the Internet

PHAS: A Prefix Hijack Alert System

Quantifying Path Exploration in the Internet

Other Developments: CIDR

CSE 461 Interdomain routing. David Wetherall

BGPMON.IO: THE MANY NEW FACES OF BGPMON

An Empirical Study of Behavioral Characteristics of Spammers: Findings and Implications

EECS 122, Lecture 17. The Distributed Update Algorithm (DUAL) Optimization Criteria. DUAL Data Structures. Selecting Among Neighbors.

CS 43: Computer Networks. 24: Internet Routing November 19, 2018

BGP Configuration for a Transit ISP

BGP Inbound Optimization Using Performance Routing

Measurement of Highly Active Prefixes in BGP

Internet Measurements. Motivation

The BGP Visibility Scanner

Inferring Autonomous System Relationships in the Internet. Lixin Gao

On the Impact of Filters on Analyzing Prefix Reachability in the Internet. Ravish Khosla, Sonia Fahmy, Y. Charlie Hu Purdue University ICCCN 2009

APT: A Practical Transit-Mapping Service Overview and Comparisons

Quantifying Path Exploration in the Internet

Lecture 19: Network Layer Routing in the Internet

Identifying BGP Routing Table Transfer. !Machu Picchu!

MASSACHUSETTS INSTITUTE OF TECHNOLOGY Computer Systems Engineering: Spring Quiz 2

The BGP Visibility Scanner

CS519: Computer Networks. Lecture 4, Part 5: Mar 1, 2004 Internet Routing:

AS-CRED: Reputation Service for Trustworthy Inter-domain Routing

Studying Black Holes on the Internet with Hubble

CS 557 Internet Routing Policies

Achieving Sub-50 Milliseconds Recovery Upon BGP Peering Link Failures

Flooding Attacks by Exploiting Persistent Forwarding Loops

Testing the reachability of (new) address space

RPKI and Internet Routing Security ~ The regional ISP operator view ~

Inter-AS routing. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley

CS 268: Computer Networking. Next Lecture: Interdomain Routing

Next Lecture: Interdomain Routing : Computer Networking. Outline. Routing Hierarchies BGP

CS 557 BGP Convergence

Introduc)on to Computer Networks

RouteViews + BGPmon Enabling BGP Monitoring and Analysis. Catherine Olschanowsky Lawrence Weikum John Kemp

Preventing the unnecessary propagation of BGP withdraws

Assessing IPv6 Adop/on. Michael Bailey, University of Michigan NANOG 57

BGP Convergence in Virtual Private Networks

Routing on the Internet. Routing on the Internet. Hierarchical Routing. Computer Networks. Lecture 17: Inter-domain Routing and BGP

SaaS Providers. ThousandEyes for. Summary

Detection of Invalid Routing Announcement in the Internet Λ

Lecture 16: Interdomain Routing. CSE 123: Computer Networks Stefan Savage

An Analysis of Convergence Delay in Path-Vector Routing Protocols

IPv6 Pollution Traffic Analysis

On the Impact of Route Processing and MRAI Timers on BGP Convergence Times

A novel design for maximum use of public IP Space by ISPs one IP per customer

CS 43: Computer Networks Internet Routing. Kevin Webb Swarthmore College November 16, 2017

Timer Interaction in Route Flap Damping

On the Characteristics of BGP Multiple Origin AS Conflicts

Module 18 Transit. Objective: To investigate methods for providing transit services. Prerequisites: Modules 12 and 13, and the Transit Presentation

The Dark Oracle: Perspective-Aware Unused and Unreachable Address Discovery

Backbone Networks. Networking Case Studies. Backbone Networks. Backbone Topology. Mike Freedman COS 461: Computer Networks.

Data-Driven Network Opera1ons. France-IX 2016 Avi Freedman

Investigating occurrence of duplicate updates in BGP announcements

By Aftab A. Siddiqui Cyber Internet Services (Pvt.) Ltd IPv6 Task Force Pakistan

PART III. Implementing Inter-Network Relationships with BGP

E : Internet Routing

CS 43: Computer Networks Internet Routing. Kevin Webb Swarthmore College November 14, 2013

Understanding IPv6 Internet Background Radia6on

Dynamics of Hot-Potato Routing in IP Networks

Detecting inconsistencies in INRDB data

Inter-Domain Routing: BGP

Route Filtering. Types of prefixes in IP core network: Internal Prefixes External prefixes. Downstream customers Internet prefixes

Practical Verification Techniques for Wide-Area Routing

Module 1b IS-IS. Prerequisites: The setup section of Module 1. The following will be the common topology used for the first series of labs.

IPv6 deployment status: Where are we now and way forward. Miwa Fujii APNIC

Active BGP Measurement with BGP-Mux. Ethan Katz-Bassett (USC) with testbed and some slides hijacked from Nick Feamster and Valas Valancius

EEC-684/584 Computer Networks

Comparing IPv4 and IPv6 from the perspec7ve of BGP dynamic ac7vity. Geoff Huston APNIC February 2012

An Analysis of ARIN NetHandles with OriginAS i Data and Analysis of RIR/IRR Registry Data

Analysis of Routing Characteristics in the Multicast Infrastructure

Network Forensics Prefix Hijacking Theory Prefix Hijacking Forensics Concluding Remarks. Network Forensics:

ICANN Start -Ep 05 Page 1 of 11. ICANN Start, Episode 5: What Does IPv6 Mean?

COMP/ELEC 429 Introduction to Computer Networks

GUI Representation of Cisco IOS CLI Commands

ECE 428 Internet Protocols (Network Layer: Layer 3)

Homework Assignment #3b Due 11/22 at 3:50pm EE122 Fall 2010

Multi-Lateral Peering Agreement

A Measurement Study on the Impact of Routing Events on End-to-End Internet Path Performance

CS4700/CS5700 Fundamentals of Computer Networks

Persistent Detection and Recovery of State Inconsistencies

Routing on the Internet! Hierarchical Routing! The NSFNet 1989! Aggregate routers into regions of autonomous systems (AS)!

Transcription:

IP Reachability Differences: Myths and Reali<es Dr. Dan Massey Colorado State University He Yan, Ben Say, Dave Oko, Brendan Sheridan Colorado State University Dr. Christos Papadopoulos Dr. Dan Pei Colorado State University AT&T Research 1

Ideally, all ISPs provide you with reachability to same Internet In practice: Different ISPs can reach different portions of the Internet. In other words, there are some prefixes that can be reached via ISP A but cannot be reached by ISP B (a vice versa). The reasons why this occur are well known: Bogon filtering causes reachability differences for newly allocated prefixes. Bogon filtering matters, but the fact is that regional differences matter most and these differences may be political, economic, technical, or a combination of the above Bogon filtering and regional issues matter, but the real difference is due to various customer only services. Even if there are differences, there are very little (if any) production services on networks that are not globally reachable from most ISPs. 2

Our Objec<ves 1. Demonstrate reachability differences exist and quan<fy the extent of these differences. 2. Examine which conjectures (if any) provide a significant contribu<on to the differences. 3

Methodology Compare BGP Rou<ng Tables from 25 ISPs Data collected from Oregon RouteViews All peers send full tables of over 310K prefixes Studied from April 1 to April 20, 2010 Study Uses ISP0 As a Central Point of View ISP0 is a <er- 1 ISP Have addi<onal data on ISP0 opera<ons Compare each of the other 24 ISPs to ISP0 4

Types of Table Differences Exact Matches: ISP0 prefix appears ISPX table Ex: Both ISP0 and ISP2 have a route for 129.82/16 Covered Prefixes: ISP0 prefix does not appear in ISPX, but ISPX can reach all IP addresses Less Specific: 131.179.0/17 does not appear in ISPX, but 131.179/16 does appear in ISPX More specifics: 131.179.0/17 does not appear in ISPX, but 131.179.0/18 and 131.179.64/18 appear in ISP X Remainder represents poten<al reachability differences. 5

Exact Matches 313000 312000 Number of Prefixes 311000 310000 309000 308000 307000 98.5% of ISP0 prefixes also appear in ISPX 306000 0 5 10 15 20 25 ISP Index (not shown here, but 97.25% of ISPX prefixes also appear in ISP0) 04/15/2011 IP Reachability: Myths and Reality 6

4500 The BGP Table Differences Number of Prefixes 4000 3500 3000 2500 2000 1500 1000 500 0 On average, 3250 prefixes appeared in ISP0 tables, but did not appear in ISP22 tables 0 5 10 15 20 25 ISP Index 04/15/2011 IP Reachability: Myths and Reality 7

Covered Prefixes 7,000 Number of Prefixes 6,000 5,000 4,000 3,000 2,000 Not Covered Covered Nearly all ISP0 prefixes that don t appear in ISPX are covered by other table entries in ISPX 1,000 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 ISP Index 04/15/2011 IP Reachability: Myths and Reality 8

Overall Reachability Differences 10,000 1,000 (Prefixes) Not Reachable Partially Reachable Number of Prefixes 100 10 1 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 ISP Index 04/15/2011 IP Reachability: Myths and Reality 9

Overall Reachability Differences 1e+08 1e+07 (IP Addresses) Number of Destinations (IPs) 1e+06 100,000 10,000 1,000 100 10 1 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 ISP Index 04/15/2011 IP Reachability: Myths and Reality 10

Our Objec<ves 1. Reachability differences do exist. Small percentage (less than 3%) of total routes. Can be up to 1000 prefixes and millions of IP addresses 2. Examine which conjectures (if any) provide a significant contribu<on to the differences. 11

Transient Changes Short Lived BGP Table Differences Fast learners: IPS0 learns the route first, eventually other ISPs catch up and also learn the route Slow to react: ISPX learned the prefix is unreachable, but it takes longer for ISP0 to withdraw the route. Long Term BGP Table Differences. For mul<ple days, ISP0 could reach the prefix but ISPX could not. 12

Transient Behaviors 2,500 2,000 1/3 of reachability differences persisted for entire study period. Number of Prefixes 1,500 1,000 500 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 Number of Days Appeared 1/3 of reachability differences are short lived 04/15/2011 IP Reachability: Myths and Reality 13

Bogon Routes ISPs Apply Policies to Filter Invalid Routes No universal agreement on what is invalid New Alloca<ons and Bogons Filter unallocated prefixes and update filter ager alloca<on Going back 7 months accounts for 43 prefixes. Going back years yields 295 prefixes. Management Strategies and RADb 92 prefixes with no entry in RADb 199 prefixes with no origin in RADb. Does produce reachability differences, but only explains a small percent of differences. 14

Regional Differences 2,500 2,000 1895 prefixes from India, only unreachable from ISP 22. ISP 22 added these routes on day 13 of study. Number of Prefixes 1,500 1,000 500 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 04/15/2011 Number of Days Appeared Bulgaria accounted for most prefixes (509) Great Britain was second highest (168) IP Reachability: Myths and Reality 15

Customer Services and Prefix Usage ISPs Provide Specialized Services to Customers Confirmed ISP0 has several such prefixes Most are covered prefixes, but did find some uncovered prefixes Accounts for 9 prefixes in our study. Are Services Running on the Impacted Prefixes? Scanned prefixes looking for common services Limited scan to /19 or more specifics Responding prefixes further checked for DNS entries Contacted Prefix Owners Responses include reports of reachability problems, blacklist issues, network tes<ng, and so forth Valid Global Services Running on Clear Majority of Prefixes 16

RouteViews Data in Real- Time 04/15/2011 IP Reachability: Myths and Reality 17

Conclusions Reachability Issues Do Exist Over 97% of prefixes appeared as exact matches But differences do occur and impact both research and opera<ons Common Conjectures: Transient issues, Bogons, Management, Regional Policies, Configura<on Errors, Special Services all proposed as explaina<ons All are valid, but none are dominant. 18

Ques<ons massey@cs.colostate.edu 19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback