Glue Logic Training Star

8/8/2019 Glue Logic Training Star

http://slidepdf.com/reader/full/glue-logic-training-star 1/40

Shedding Light on theGlue Logic

of the Internet Routing

Architecture

SIGCOMM 2008, August 17-22, Seattle WACopyright 2008 ACM 978-1-60558-175-0/08/08

Frank Le, Geoffrey Xie, Dan Pei, Jia Wang, Hui Zhang



AcknowledgementAcknowledgement

Slides 12,15,18-20, 23, 29 and 30-39

were extracted from the actualpresentation given by the authors andpermission was obtained from them for

their use.



IntroductionIntroduction

The authors believe they have identified afundamental building block of the InternetRouting architecture -- Glue Logic.

What is Glue Logic and what part does it playin the network?

Why is the study of Glue Logic important?

– Why did it emerge? – How does it fit into network design?

– What do the authors propose we do about it?



AgendaAgenda

Glue logicMethodology the Authors used

Data AnalysisResults InterpretationConclusion



Typical scenarioTypical scenario

Think about the recent bank takeoversYou are in charge of integrating the

new network with yours and routingprotocols are not the same

– Redo your network or theirs

– Figure out some way to connect the two



Example Enterprise NetworkExample Enterprise Network

R o u t e r HR o u t e r G

R o u t i n g D o m a i n 1

O S F P

R o u t i n g D o m a i n 2

E I G R P 2 0

R o u t i n g D o m a i n 3R I P

R o u t e r A R o u t e r BR o u t e r D

R o u t e r ER o u t e r C

R o u t e r F



VocabularyVocabulary

Route RedistributionRoute Selection

Glue LogicProtocols OSPF, EIGRP, BGP, RIP



Route RedistributionRoute Redistribution

By default, processes of differingrouting protocols do not exchangerouting information so the internalrouters of the OSPF domain have novisibility of the destinations of theEIGRP domain

Route redistribution provides themeans to allow routes from one routingprocess to be imported into another routing process on the same router



Route SelectionRoute Selection

In the example because of routeredistribution configurations on routers

B and E there are now two routes torouter D from router C.Route selection provides the means to

customize the preference order between paths C-B-D and C-F-E-D



Glue LogicGlue Logic

Combination of route selection androute redistribution procedures

Introduced as a software enhancementby router vendors (rather than astandard protocol)

Independently configured per router




In the previous network BGP can beused as the route selection andredistribution mechanism between the

3 domains.Functionalities of the glue logic can not

be solely supported by BGP.

– Route selection and redistributionmechanisms are needed when

exchanging route information between

OSPF and BGP




Safety properties have not beenscrutinized much by the researchcommunity

– Misconfigurations can result in persistent

forwarding loops (cause of long-lived loops

and IP prefix hijacks) – One study says glue logic introduces a

wider range of safety challenges than BGP



Glue Logic -- Internet Routing Reality




One would expect operators wouldchoose BGP over glue logic for joiningrouting domains, however glue logic

seems to be very prevalent (authorspoint to operator interactions andbulletin boards)

Explanation could be glue logic iseasier to configure and need only beapplied at border routers




This paper takes a first step toward a

definite answer regarding whether gluelogic is a fundamental building block of IP routing design.



Glue Logic



17

Routing DesignRouting Design

Routing designs of operational networks areRouting designs of operational networks arecomplexcomplex11

Multiple IGP domains per network Multiple IGP domains per network

IGP

OSPF EIGRPISIS

OSPF OSPFOSPF RIP

1Maltz, et al. Routing design in operational networks: A look from theinside. SIGCOMM 04

IGP domains linked, not by BGPIGP domains linked, not by BGP



Routing Glue LogicRouting Glue Logic

Recent studyRecent study11 revealed the existence of a lower revealed the existence of a lower level glue logic to interconnect routing domainslevel glue logic to interconnect routing domains

Route redistribution allows exchange of routingRoute redistribution allows exchange of routinginformation among routing domainsinformation among routing domains

18

OSPF RIP

A B D

C

FIB

route selection

RIPOSPF

B

Route redistribution provides required “glue logic”

between routing domainsRoute redistribution provides required “glue logic”

between routing domains

1Le, Xie, Zhang, Understanding Route Redistribution, ICNP 07



19

• Glue logic can implement policies, like BGP

• Unlike BGP, glue logic is NOT a protocol

– RR is just configuration mechanism, used separately

at each router, and extremely vulnerable to anomalies1

• Our discussions with operators revealed glue logic, not

BGP, is often used to interconnect network domains

• Even when BGP is used, glue logic is required to specifythe routes to advertise at the BGP level

Glue logic seems more commonly used than BGP, but

is much less understood and much more error-proneGlue logic seems more commonly used than BGP, but

is much less understood and much more error-prone


How does the Glue Logic compareHow does the Glue Logic compare

to BGP?to BGP?



20

Router-level Shortest PathRouter-level Shortest Path

RoutingRouting

America(OSPF3)

Europe(OSPF2)

Asia(OSPF1)

Sender

Receiver

Sender

BGP 65001 BGP 65002

BGP 65003

BGP cannot support router-level shortest

path routing

BGP cannot support router-level shortest

path routing



21

Limitations of BGPLimitations of BGP

A

D

XY M N

S

R

Q

5 5

1

2 2

21

America

Europe

Asia 1

Sender

Receiver

cost: 12

cost: 10

cost: 13

Local Pref: 200

Local Pref: 100

X

Shortest path is not selectedShortest path is not selected

BGP 65001

BGP 65002

BGP 65003



Methodology UsedMethodology Used

Route redistribution studied in about 1600operational networks to test the followinghypotheses:

– Route redistribution is used widely in operationalnetworks

– Route redistribution is not just used to simplyinterconnect routing protocols but achieves moreobjectives than can be realized by routingprotocols alone

– Route redistibution configurations in the wild aread-hoc and complex



23

DatasetDataset1600+ operational networks1600+ operational networks

NetworksNetworks

– Tier-1 Service Provider Tier-1 Service Provider

– Enterprise networksEnterprise networks

– University campusesUniversity campuses

Number of routers per network: 1 to 3000+Number of routers per network: 1 to 3000+

Number of lines per router:Number of lines per router:

–Average: 675 linesAverage: 675 lines

– Maximum: 10000+ linesMaximum: 10000+ lines



24

Dataset – Size Distribution of Routing Domains studied (52% have 3Dataset – Size Distribution of Routing Domains studied (52% have 3

or fewer routers)or fewer routers)

34%

21%

10%

Number of Routing Domains (n)%

ofne

twork

swith

≤nroutin

gdomains



25

DatasetDataset

52% of the networks have 3 or fewer routers52% of the networks have 3 or fewer routers

As such a fraction of the networks does notAs such a fraction of the networks does not

present the complete configurations for allpresent the complete configurations for allrouters but instead consists of only therouters but instead consists of only theconfigurations from the routers located atconfigurations from the routers located atcustomer sites but managed by the ISPcustomer sites but managed by the ISP



26

DatasetDataset

Despite being incomplete theseDespite being incomplete theseconfigurations were still valuable givenconfigurations were still valuable given

the focus of this studythe focus of this studyThe authors were able to use them toThe authors were able to use them to

analyze the interconnections betweenanalyze the interconnections betweenthe customer networks and their the customer networks and their

provide ISPprovide ISP



Results InterpretationResults Interpretation

Design Patterns Discovered

Routing DataPotential Problems with Glue Logic



Design PatternsDesign Patterns

Two objectives unattainable with BGP:

(Didn’t see design patterns thoroughly identified)

- Efficient Routing, selection of best paththrough the network (BGP can’t)

- Partition Healing, provide reachabilityeven in the event of a network partition



29

Routing PoliciesRouting PoliciesConfigurations of route redistributionsConfigurations of route redistributions

have complex policieshave complex policies

– Tags, prefix filters, etc.Tags, prefix filters, etc.

RationaleRationale

– Route redistribution does not include anyRoute redistribution does not include any

mechanism to thwart routing anomaliesmechanism to thwart routing anomaliesAs such, each network designs own ad-As such, each network designs own ad-

hoc solution to prevent routing anomalieshoc solution to prevent routing anomalies



IGP, localIGP, local

BGP

30

Prevalence of RoutePrevalence of Route

RedistributionRedistribution

Office 1

IGP

BGP

Backbone

Office 2

IGP

Office 1

IGP

BGP

Backbone

Office 2

IGP

Office 1

IGP

Office 2

IGP

BGP

IGP, local

BGP BGP

Office 1

OSPF

Office 2

RIP

• 99.9% networks rely on route redistribution99.9% networks rely on route redistribution

1.1. From IGP and local routes to BGPFrom IGP and local routes to BGP

2.2. From BGP into IGP (78% of networks with 15+From BGP into IGP (78% of networks with 15+

routers)routers)

3.3. From IGP into IGP (35% of networks with 15+From IGP into IGP (35% of networks with 15+

routers)routers)



Glue Logic Problem



Glue Logic Problem



Long-lived inter-AS loopsLong-lived inter-AS loops

33

IGP

OSPFISIS

12, 1

5

2, 5

BGP 1

BGP 5BGP 4

BGP 2BGP 3

3,2,13,2,5

P

RR can cause persistent loops between BGP ASesRR can cause persistent loops between BGP ASes

V. Paxson. End-to-end routing behavior in the Internet. SIGCOMM, 1996



34

Count to Infinity problemCount to Infinity problem

America(OSPF3)

Europe(OSPF2)

Asia(OSPF1)

Dest.Count to infinity

problemb31 …b1b0

b31

…b2

b1

b0

b31

…b1

b0

X…00

X…01

X…11

32 bits tagbitmapX

route-map UStoAsia permit 30

match tag 8

set tag 9

!

...

...

route-map UStoAsia deny 100

!

route-map UStoAsia permit 10

match ip address prefix-list US

set tag 1

!route-map UStoAsia permit 20

match tag 4

set tag 5

!

...



Glue Logic Problem



Glue Logic Problems



37

Routing AnomaliesRouting Anomalies

Clever solutions to prevent routing anomaliesClever solutions to prevent routing anomalies

Yet, ensuring safety of route redistribution, proven to beYet, ensuring safety of route redistribution, proven to bevery difficultvery difficult11

Indeed,Indeed,

– Analyzed configurations, still vulnerable to route oscillationsAnalyzed configurations, still vulnerable to route oscillations

– Route redistribution, long suspected to be at the origins of Route redistribution, long suspected to be at the origins of

reported long-lived inter-AS loopsreported long-lived inter-AS loops




Concluding RemarksConcluding Remarks

Glue logic, a fundamental component of Glue logic, a fundamental component of Internet routing architectureInternet routing architecture

– Implements a necessary functionImplements a necessary function

– Widely used in operational networksWidely used in operational networks – Used to fulfill important design objectivesUsed to fulfill important design objectives

Existing glue logic, powerful tool, but severeExisting glue logic, powerful tool, but severelimitationslimitations

– Introduced by router vendors in an ad-hoc manner Introduced by router vendors in an ad-hoc manner

– No consideration of safety properties No consideration of safety properties

38



Concluding RemarksConcluding RemarksGlue logic’s functions are necessary but how toGlue logic’s functions are necessary but how to

achieve them safely?achieve them safely?

– Level of abstraction?Level of abstraction?

– Definitions of primitives?Definitions of primitives?

Correctness of routing protocols, not sufficient toCorrectness of routing protocols, not sufficient toensure robustness of networksensure robustness of networks

– Except few exceptionsExcept few exceptions1,21,2 , most work has focused on, most work has focused on

individual routing protocolsindividual routing protocols

– Yet, glue logic can result in routing anomaliesYet, glue logic can result in routing anomalieshttp://www.cs.cmu.edu/~4Dhttp://www.cs.cmu.edu/~4D

39

1

Griffin et al., On the correctness of IBGP configuration, SIGCOMM 022Teixeira et al., Dynamics of Hot-Potato Routing in IP Networks, SIGMETRICS 04



ContributionsContributions

1.1. Developed a model for characterizingDeveloped a model for characterizinginterconnections between routing domainsinterconnections between routing domains

2.2. Analyzed configurations of 1600+ networksAnalyzed configurations of 1600+ networks3.3. Show the glue logic is fundamental componentShow the glue logic is fundamental component

of Internet routing architectureof Internet routing architecture

4.4. Show insufficiencies of glue logic lead toShow insufficiencies of glue logic lead to

complex configurations and instability concernscomplex configurations and instability concerns5.5. Discuss potential role of glue logic as theDiscuss potential role of glue logic as the

Internet architecture evolvesInternet architecture evolves

40

Glue logic, a critical component of Internet architecture,

that needs more researchGlue logic, a critical component of Internet architecture,

that needs more research

Documents

Glue Logic Training Star