Reverse Traceroute. NSDI, April 2010 This work partially supported by Cisco, Google, NSF

Similar documents
Reverse traceroutes. Presented by F.E. Bustamante

The Internet Measurement Toolbox. Justine Sherry, University of University of Puget Sound April 12, 2010

Studying Black Holes on the Internet with Hubble

Real-time Blackhole Analysis with Hubble

LIFEGUARD: Practical Repair of Persistent Route Failures

Sibyl A Practical Internet Route Oracle

Quantifying Violations of Destination-based Forwarding on the Internet

Internet measurements: topology discovery and dynamics. Renata Teixeira MUSE Team Inria Paris-Rocquencourt

Resolving IP Aliases with Prespecified Timestamps

User-level Internet Path Diagnosis

Validity of router responses for IP aliases resolution

Machiavellian Routing: Improving Internet Availability with BGP Poisoning

iplane Nano: Path Prediction for Peer-to-Peer Applications

Motivation'for'CDNs. Measuring'Google'CDN. Is'the'CDN'Effective? Moving'Beyond'End-to-End'Path'Information'to' Optimize'CDN'Performance

A Study on PoP Level Mapping

Dig into MPLS: Transit Tunnel Diversity

Internet Measurements. Motivation

Achieving scale: Large scale active measurements from PlanetLab

Cisco Exam Cisco Certified Network Associate (CCNA) Version: 14.7 [ Total Questions: 653 ]

Studying Black Holes in the Internet with Hubble

Dissecting Round Trip Time on the Slow Path with a Single Packet

CS459 Internet Measurements

Authors: Rupa Krishnan, Harsha V. Madhyastha, Sridhar Srinivasan, Sushant Jain, Arvind Krishnamurthy, Thomas Anderson, Jie Gao

Introduction to Networking and Systems Measurements

Odin: Microsoft s Scalable Fault-

The Record Route Option is an Option!

Lab 6.7.1: Ping and Traceroute

The Record Route Option is an Option!

Impactful Routing Research with the PEERING Testbed

Moving Beyond End-to-End Path Information to Optimize CDN Performance

iplane: An Information Plane for Distributed Services

Moving Beyond End-to-End Path Information to Optimize CDN Performance

Revealing MPLS Tunnels Obscured from Traceroute

Table of Contents 1 System Maintaining and Debugging 1-1

Detecting Third-party Addresses in Traceroute Traces with IP Timestamp Option

PEERING: An AS for Us

PERISCOPE: Standardizing and Orchestrating Looking Glass Querying

iplane: An Information Plane for Distributed Services

Sibyl: A Practical Internet Route Oracle

Computer Networks: Lab 3 Traceroute and IP Luca Bedogni

The Impact of Router Outages on the AS-Level Internet

Measuring the Adoption of Route Origin Validation and Filtering

PinPoint: A Ground-Truth Based Approach for IP Geolocation

Abstraction-Driven Network Verification and Design (a personal odyssey) Geoffrey Xie Naval Postgraduate School

Validation of a LISP Simulator

Reformulating the monitor placement problem: Optimal Network-wide Sampling

Firewall Stateful Inspection of ICMP

This is a sample Lab report from ECE 461 from previous years. L A B 6

Table of Contents 1 System Maintaining and Debugging Commands 1-1

NAT Support for Multiple Pools Using Route Maps

The Case for Separating Routing from Routers

A Survey on Research on the Application-Layer Traffic Optimization (ALTO) Problem

IBTrack: An ICMP Black holes Tracker

Ping, tracert and system debugging commands

Lab: RIP v2 with VLSM

AS Connectedness Based on Multiple Vantage Points and the Resulting Topologies

Unicast Reverse Path Forwarding Loose Mode

Configuring IP SLAs LSP Health Monitor Operations

Table of Contents 1 System Maintenance and Debugging Commands 1-1

Mobile Routing : Computer Networking. Overview. How to Handle Mobile Nodes? Mobile IP Ad-hoc network routing Assigned reading

Accurate Real-time Identification of IP Hijacking. Presented by Jacky Mak

Network Coordinates in the Wild

Overview of IPM. What Is IPM? CHAPTER

Pitfalls for ISP-friendly P2P design. Michael Piatek*, Harsha V. Madhyastha, John P. John*, Arvind Krishnamurthy*, Thomas Anderson* *UW, UCSD

REVEALING MIDDLEBOXES INTERFERENCE WITH TRACEBOX

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

Measurement: Techniques, Strategies, and Pitfalls. David Andersen CMU

Lab Troubleshooting Using traceroute Instructor Version 2500

Available Bandwidth Estimation. Probing Packet Train in Pathneck. Transmission of RPT. Choke Point Detection. Packet train probing

A Tale of Nine Internet Exchange Points: Studying Path Latencies Through Major Regional IXPs

Lab 9.8.1: Address Resolution Protocol (ARP)

Communication Networks

A Learning-based Approach for IP Geolocation

Networked systems and their users

Flooding Attacks by Exploiting Persistent Forwarding Loops

Cisco CCNA Basic IP Routing Part I

Revealing the load-balancing behavior of YouTube traffic of interdomain links

A Configuration-only Approach to FIB Reduction. Paul Francis Hitesh Ballani, Tuan Cao Cornell

Segment Routing MPLS OAM Support

Lecture 19: Network Layer Routing in the Internet

ECE 697J Advanced Topics in Computer Networks

NaaS Network-as-a-Service in the Cloud

Static Routing. Routing Protocols and Concepts Chapter 2. ITE PC v4.0 Chapter Cisco Systems, Inc. All rights reserved.

MAPPING PEERING INTERCONNECTIONS TO A FACILITY

High Fidelity Off-Path Round-Trip Time Measurement via TCP/IP Side Channels with Duplicate SYNs

CS 5114 Network Programming Languages Control Plane. Nate Foster Cornell University Spring 2013

IP SLAs Overview. Finding Feature Information. Information About IP SLAs. IP SLAs Technology Overview

Peering at the Internet s Frontier:

Virtual Multi-homing: On the Feasibility of Combining Overlay Routing with BGP Routing

Contents. Ping, tracert, and system debugging commands 1 debugging 1 display debugging 2 ping 2 ping ipv6 5 tracert 7 tracert ipv6 9

Are We One Hop Away from a Better Internet?

Internet Anycast: Performance, Problems and Potential

Quantifying Internet End-to-End Route Similarity

Configuring Cisco IOS IP SLAs Operations

Making Middleboxes Someone Else s Problem: Network Processing as a Cloud Service

Segment Routing MPLS OAM Support

Using Segment Routing OAM

Creating private Megaport connections using Juniper MX and EX series devices

Measuring, modeling and troubleshooting Quality of Experience at Internet access:

Diagnosing Path Inflation of Mobile Client Traffic

Transcription:

Reverse Traceroute Ethan Katz-Bassett, Harsha V. Madhyastha, Vijay K. Adhikari, Colin Scott, Justine Sherry, Peter van Wesep, Arvind Krishnamurthy, Thomas Anderson NSDI, April 2010 This work partially supported by Cisco, Google, NSF

Researchers Need Reverse Paths, Too The inability to measure reverse paths was the biggest limitation of my previous systems:! Geolocation constraints too loose! Hubble can t locate reverse path outages! iplane predictions inaccurate [IMC 06] [NSDI 08] [NSDI 09] Other systems use sophisticated measurements but are forced to assume symmetric paths:! Netdiff compares ISP performance! ispy detects prefix hijacking! Eriksson et al. infer topology [NSDI 08] [SIGCOMM 08] [SIGCOMM ʻ08]

Everyone Needs Reverse Paths The number one go-to tool is traceroute. Asymmetric paths are the number one plague. The reverse path itself is completely invisible. NANOG Network operators troubleshooting tutorial, 2009. Goal: Reverse traceroute, without control of destination and deployable today without new support

! Want path from D back to S, don t control D! Traceroute gives S to D, but likely asymmetric! Can t use traceroute s TTL limiting on reverse path KEY IDEA! Technique does not require control of destination

! Want path from D back to S, don t control D! Set of vantage points KEY IDEA! Multiple VPs combine for view unattainable from any one

! Traceroute from all vantage points to S! Gives atlas of paths to S; if we hit one, we know rest of path " Destination-based routing KEY IDEA! Traceroute atlas gives baseline we bootstrap from

! Destination-based routing " Path from R1 depends only on S " Does not depend on source " Does not depend on path from D to R1 KEY IDEA! Destination-based routing lets us stitch path hop-by-hop

! Destination-based routing " Path from R3 depends only on S " Does not depend on source " Does not depend on path from D to R3 KEY IDEA! Destination-based routing lets us stitch path hop-by-hop

! Destination-based routing " Path from R4 depends only on S " Does not depend on source " Does not depend on path from D to R4 KEY IDEA! Destination-based routing lets us stitch path hop-by-hop

! Once we intersect a path in our atlas, we know rest of route KEY IDEAS! Destination-based routing lets us stitch path hop-by-hop! Traceroute atlas gives baseline we bootstrap from

! Segments combine to give complete path But how do we get segments? KEY IDEAS! Destination-based routing lets us stitch path hop-by-hop! Traceroute atlas gives baseline we bootstrap from

How do we get segments?! Unlike TTL, IP Options are reflected in reply! Record Route (RR) Option " Record first 9 routers " If D within 8, reverse hops fill rest of slots KEY IDEA! IP Options work over forward and reverse path

How do we get segments?! Unlike TTL, IP Options are reflected in reply! Record Route (RR) Option " Record first 9 routers " If D within 8, reverse hops fill rest of slots " but average path is 15 hops, 30 round-trip KEY IDEA! IP Options work over forward and reverse path

! From vantage point within 8 hops of D, ping D spoofing as S with Record Route Option! D s response records hop(s) on return path To: S Fr: D Ping! RR: h 1,,h 7,D,R1 To: S Fr: To: D D Ping! Fr: S RR: Ping? h RR: 1,,h h 1,,h 7,D 7 To: D Fr: S Ping? RR: KEY IDEA! Spoofing lets us use vantage point in best position

! Iterate, performing spoofed Record Routes to each router we discover on return path To: S Fr: R1 Ping! RR: h 1,,h 6,R1,R2,R3 KEY IDEAS To: R1 Fr: S Ping? RR:! Spoofing lets us use vantage point in best position! Destination-based routing lets us stitch path hop-by-hop

What if no vantage point is within 8 hops for Record Route?! Consult atlas of known paths to find adjacencies KEY IDEAS! Spoofing lets us use vantage point in best position! Destination-based routing lets us stitch path hop-by-hop

What if no vantage point is within 8 hops for Record Route?! Consult atlas of known paths to find adjacencies KEY IDEA! Known paths provide set of possible next hops to guess

How do we verify which possible next hop is actually on path?! IP Timestamp (TS) Option " Specify! 4 IPs, each timestamps if traversed in order To: R3 Fr: S Ping? TS: R3? R4? 1 2 To: S Fr: R3 Ping! TS: R3! R4? 3 To: S Fr: R3 Ping! TS: R3! R4! KEY IDEAS! Known paths provide set of possible next hops to guess! IP Options work over forward and reverse path

KEY IDEA! Destination-based routing lets us stitch path hop-by-hop

! Once we intersect a path in our atlas, we know rest of route KEY IDEAS! Destination-based routing lets us stitch path hop-by-hop! Traceroute atlas gives baseline we bootstrap from

! Techniques combine to give complete path KEY IDEAS! Destination-based routing lets us stitch path hop-by-hop! Traceroute atlas gives baseline we bootstrap from

Key Ideas! Works without control of destination! Multiple vantage points! Stitch path hop-by-hop! Traceroute atlas provides: " Baseline paths " Adjacencies! IP Options work over forward and reverse path! Spoofing lets us use vantage point in best position See paper for techniques to address:! Accuracy: Some routers process options incorrectly! Coverage: Some ISPs filter probe packets! Scalability: Need to select vantage points carefully

Deployment Coverage tied to set of spoofing vantage points (VPs)! Current: " VPs: PlanetLab / Measurement Lab! ~90 sites did not filter spoofing " Sources: Closed system of PlanetLab sources, demo at http://revtr.cs.washington.edu! Future plans: " VPs: Recruit participants to improve coverage " Sources: Open system to outside sources

Evaluation See paper for:! Coverage: How often are our techniques able to measure reverse hops?! Overhead: How much time and how many packets does a reverse traceroute require? Next:! Accuracy: Does it yield the same path as if you could issue a traceroute from destination? " 2200 PlanetLab to PlanetLab paths " Allows comparison to direct traceroute on reverse path

Does it give the same path as traceroute? Median: 87% with our system Median: 38% if assume symmetric! We identify most hops seen by traceroute! Hard to know if 2 IPs actually are the same router

Does it give the same path as traceroute? Median: 87% with our system Median: 38% if assume symmetric! We identify most hops seen by traceroute! Hard to know if 2 IPs actually are the same router " If we consider PoPs instead, median=100% accurate

Example of debugging inflated path! 150ms round-trip time Orlando to Seattle, 2-3x expected " E.g., Content provider detects poor client performance! (Current practice) Issue traceroute, check if indirect! Indirectness: FL#DC#FL But does not explain huge latency jump from 9 to 10

Example of debugging inflated path! (Current practice) Issue traceroute, check if indirect " Does not fully explain inflated latency! (Our tool) Use reverse traceroute to check reverse path! Indirectness: WA#LA#WA Bad reverse path causes inflated round-trip delay

Case Study: Sprint Link Latencies! Reverse traceroute sees 79 of 89 inter-pop links, whereas traceroute only sees 61! Median (0.4ms), mean (0.6ms), worst case (2.2ms) error all 10x better than with traditional approach

Conclusion! Traceroute is very useful, but can t give reverse path! Our reverse traceroute system addresses limitation, providing complementary information " Multiple vantage points build the path incrementally " Gives most hops as if you issued traceroute from destination, without requiring you to control it! Useful in a range of contexts! Demo at http://revtr.cs.washington.edu! Plan to open system to outside sources in future

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback