Upload
others
View
15
Download
0
Embed Size (px)
Citation preview
UNIVERSITÀ DEGLI STUDI ROMA TREDepartment of Computer Science and Automation
How to Extract BGP Peering Information from the Internet
Routing RegistryRouting Registry
Giuseppe Di BattistaTiziana Refice
Massimo Rimondini
ACM SIGCOMM 2006 – MINENET Workshop
15 September 2006
Pisa, Italy
A BGP Peering
15 Sep 2006 MINENET 2006
About the IRR
Large distributed repository storing information on
allocation of network resources (subnets, AS #s)
BGP routing policies
15 Sep 2006 MINENET 2006
RIRs
LIRs
RIPE ARINAPNIC LACNIC AFRINIC
ICANN (IANA)
GARR RADBLEVEL3 VERIOBELL SPRINTSAVVIS
...
...
...
...
...
...
...
BUT…
What’s the Point with the IRR?
Born with the purpose of supporting stable and consistent routing policies
A valuable source of information to understand Internet routing
15 Sep 2006 MINENET 2006
BUT…
Maintained on a voluntary basis
Information is often inconsistent and/or out of date
A systematic approach to the extraction of information is still missing
Our Contribution(s)
A method to extract peering relationships (and more) from the IRR
An implementation of the method as
15 Sep 2006 MINENET 2006
An implementation of the method as an on-line service
A proof of effectiveness by comparison with the state of the art
An investigation on the constructions used to specify peerings
described by using the Routing Policy Specification Language (RPSL)
What’s Inside the IRR
BGP routing policies
objectobjectobject typeobject typeattributesattributesvaluesvalues
15 Sep 2006 MINENET 2006
aut-num: AS137import: from AS20965 action pref=100;
from AS1299 action pref=100;accept ANY
export: to AS1299 announce AS-GARRchanged: [email protected] 20000830source: RIPE
aut-num: AS137import: from AS20965 action pref=100;
from AS1299 action pref=100;accept ANY
export: to AS1299 announce AS-GARRchanged: [email protected] 20000830source: RIPE
aut-num:aut-num:import:
export:changed:source:
AS137from AS20965 action pref=100;from AS1299 action pref=100;accept ANYto AS1299 announce [email protected] 20000830RIPE
described by using the Routing Policy Specification Language (RPSL)
What’s Inside the IRR
BGP routing policies
description of an autonomous systemdescription of an autonomous system(bgp) routing policies(bgp) routing policiespeering specificationspeering specifications
15 Sep 2006 MINENET 2006
aut-num: AS137import: from AS20965 action pref=100;
from AS1299 action pref=100;accept ANY
export: to AS1299 announce AS-GARRchanged: [email protected] 20000830source: RIPE
aut-num: AS137import: from AS20965 action pref=100;
from AS1299 action pref=100;accept ANY
export: to AS1299 announce AS-GARR
AS20965AS1299
AS1299
Is it That Easy?
Structured policies
Set objects
aut-num: ASX5import: { from ASX2:AS-Z2 accept 100.0.0.0/8;
} refine {
Complex expressions
Multi-protocol extensions
} refine {ASX2:AS-Z2
15 Sep 2006 MINENET 2006
} refine {from ASX1 ASX2 accept 100.1.0.0/16;
} except {from ASX3 accept 100.1.1.0/24;}
export: to ASX1:PRNG-Y1to ASX1:AS-Z1 except ASX9announce 100.1.1.0/24
mp-export: to ASX11 at 2001::1 announce 2001::/48default: to ASX12 action pref=10default: to ASX13 100.1.1.1 at 100.1.1.2
} except {
} refine {
ASX1:PRNG-Y1ASX1:AS-Z1
ASX1 ASX2
except ASX9
mp-export: to ASX11 at 2001::1 announce 2001::/48
Where Others Fail
Existing tools (e.g., the RIPE Routing Registry Consistency Check) fail in correctly dealing with these constructions
aut-num: ASX5import: { from ASX2:AS-Z2 accept 100.0.0.0/8;
} refine {} refine {ASX2:AS-Z2
15 Sep 2006 MINENET 2006
} refine {from ASX1 ASX2 accept 100.1.0.0/16;
} except {from ASX3 accept 100.1.1.0/24;}
export: to ASX1:PRNG-Y1to ASX1:AS-Z1 except ASX9announce 100.1.1.0/24
mp-export: to ASX11 at 2001::1 announce 2001::/48default: to ASX12 action pref=10default: to ASX13 100.1.1.1 at 100.1.1.2
} except {
} refine {
ASX1:PRNG-Y1ASX1:AS-Z1
ASX1 ASX2
except ASX9
mp-export: to ASX11 at 2001::1 announce 2001::/48
Is That All?
aut-num: AS24336as-name: DIGITALBANK-JPdescr: d-b net Backboneimport: from AS17685
accept ANYexport: to AS17685
announce AS24336admin-c: DM210-JP
aut-num: AS24336as-name: DIGITALBANK-JPdescr: DIGITALBANK, Inc.,
Regional ISP in Japancountry: JPimport: from AS17685
action pref=100; accept ANYimport: from AS7682
aut-num: AS24336 aut-num: AS24336
import: from AS17685
import: from AS17685export: to AS17685
import: from AS7682
1. Identify stubs
2. Look at the last update timestamp
15 Sep 2006 MINENET 2006
admin-c: DM210-JPtech-c: DM211-JPnotify: [email protected]: MAINT-AS24336changed: [email protected]
20050220source: RADB
import: from AS7682action pref=100; accept ANY
export: to AS17685announce AS24336
export: to AS7682announce AS24336
admin-c: DM210-APtech-c: DM211-APnotify: [email protected]: MAINT-JP-DIGITALBANKmnt-by: MAINT-JP-DIGITALBANKchanged: [email protected]
20050210source: APNIC
export: to AS17685
import: from AS7682
export: to AS7682changed: [email protected]
changed: [email protected]
source: RADB
source: APNIC
timestamp
3. Consider highest ranked (i.e., largest) registry
count of rpsl objects (per type)overlap between registries
An Overview of the Method
basic info analyzer basic info analyzer basic info analyzer
15 Sep 2006 MINENET 2006
overlap between registriesupdate rate (per registry)
inter-registry consistency manager
RPSL peering specification analyzer
peering classifier
usage of rpsl constructions
HERMES collection service
From the Methodto the On-Line Service
basic info analyzer basic info analyzer basic info analyzerbasic info analyzerbasic info analyzerbasic info analyzerbasic info analyzerbasic info analyzerbasic info analyzerbasic info analyzer
>60 mirrored registriesboth regional and local
15 Sep 2006 MINENET 2006
inter-registry consistency manager
RPSL peering specification analyzer
peering classifier
also exploits pevala run each day
The Peering Classifier
aut-num: ASX1 aut-num: ASX2
ASX1 ASX2FULLHALFHALF_IHALF_LEFT1/4 _I3/4 _NOT_E
15 Sep 2006 MINENET 2006
Build topologies with different levels of confidence
aut-num: ASX1import: from ASX2
accept ASX2export: to ASX2
announce ASX1
aut-num: ASX2import: from ASX1
accept ASX1export: to ASX1
announce ASX2
A Look at the Data
68 registries downloaded on 03/31/06ftp://ftp.ripe.net/ripe/dbase
ftp://ftp.radb.net/radb/database
Overlapping aut-nums
# of
15 Sep 2006 MINENET 2006
# ofaut-nums ripe apnic radb arin verio
ripe 11468 11238 19 50 7 23
apnic 3299 19 2688 423 1 113
radb 2695 50 423 2037 37 45
arin 555 7 1 37 463 14
verio 498 23 113 45 14 310
A Look at the Data
Integrating registries
149779819800overall
peering-setas-setaut-numdefinitions
149747818735unique
15 Sep 2006 MINENET 2006
Kept definition from highest ranked registry
potentially inconsistent 1065 300 0potentially inconsistent 44 77 0
149747818735unique
112063133stub
A Look at the Data
11468
# ofaut-nums
ripe 237501911238
verioarinradbapnicripeleft after purging
92%
15 Sep 2006 MINENET 2006
498
555
2695
3299
11468
verio
arin
radb
apnic
ripe
310144511323
144633717
4537203742350
1131423268819
23750191123892%
84%
77%
41%
42%
Extracted Peerings
peerings
This work 236,663
[1] P. Mahadevan et al.,The Internet AS-Level Topology: Three Data Sources and One Definitive Metric.SIGCOMM Computer Communication Review, 2006.
15 Sep 2006 MINENET 2006
This work 236,663
RIPE RRCC 108,521
[1] (RIPE only) 56,949
[2] (RIPE only) 70,222
[3] 127,498
2006.
[2] B. Zhang et al.,Collecting the Internet AS-Level Topology.SIGCOMM Computer Communication Review, 2005.
[3] G. Siganos et al.,Analyzing BGP Policies: Methodology and Tool.INFOCOM 2004.
Extracted Peerings
peering type count from RIPE only
HALF_LEFT
HALF_RIGHT143,342 58.4%
FULL 42,599 94.6%
1/4_E 34,155 7.7%
15 Sep 2006 MINENET 2006
1/4_E 34,155 7.7%
1/4_I 13,997 23.7%
3/4_NOT_E 1,373 80.3%
3/4_NOT_I 1,013 82.2%
HALF 114 57.9%
1/2_I 51 66.7%
1/2_E 19 47.4%
So What?
Extracting peerings from the IRR is not trivial…
…yet it’s possible
A systematic approach
15 Sep 2006 MINENET 2006
A systematic approach
An on-line service
Promising results compared with past works
Hints about the health of the IRR
In the pot…
-
100000
200000
300000 peerings
?
?
?
15 Sep 2006 MINENET 2006
Who is responsible?
Focus on BGP routing policies
Investigate how routing information propagates
Estimate consistency of IRR data against actual routing
Prevent abnormal routing scenarios
0Our work RIS+ORV
?
Care to Have a Look?
http://tocai.dia.uniroma3.it/~irr_analysis/
15 Sep 2006 MINENET 2006
http://tocai.dia.uniroma3.it/~irr_analysis/
Thank you!Questions?