How to Extract BGP Peering Information from the IRRcompunet/www/docs/max/irr_peerings.pdf · RIPE APNIC ARIN LACNIC AFRINIC ICANN (IANA) ... Look at the last update timestamp 15 Sep

UNIVERSITÀ DEGLI STUDI ROMA TREDepartment of Computer Science and Automation

How to Extract BGP Peering Information from the Internet

Routing RegistryRouting Registry

Giuseppe Di BattistaTiziana Refice

Massimo Rimondini

ACM SIGCOMM 2006 – MINENET Workshop

15 September 2006

Pisa, Italy

A BGP Peering

15 Sep 2006 MINENET 2006

About the IRR

Large distributed repository storing information on

allocation of network resources (subnets, AS #s)

BGP routing policies


RIRs

LIRs

RIPE ARINAPNIC LACNIC AFRINIC

ICANN (IANA)

GARR RADBLEVEL3 VERIOBELL SPRINTSAVVIS

...

...

...

...

...

...

...

BUT…

What’s the Point with the IRR?

Born with the purpose of supporting stable and consistent routing policies

A valuable source of information to understand Internet routing


BUT…

Maintained on a voluntary basis

Information is often inconsistent and/or out of date

A systematic approach to the extraction of information is still missing

Our Contribution(s)

A method to extract peering relationships (and more) from the IRR

An implementation of the method as


An implementation of the method as an on-line service

A proof of effectiveness by comparison with the state of the art

An investigation on the constructions used to specify peerings

described by using the Routing Policy Specification Language (RPSL)

What’s Inside the IRR


objectobjectobject typeobject typeattributesattributesvaluesvalues


aut-num: AS137import: from AS20965 action pref=100;

from AS1299 action pref=100;accept ANY

export: to AS1299 announce AS-GARRchanged: [email protected] 20000830source: RIPE




aut-num:aut-num:import:

export:changed:source:

AS137from AS20965 action pref=100;from AS1299 action pref=100;accept ANYto AS1299 announce [email protected] 20000830RIPE

described by using the Routing Policy Specification Language (RPSL)

What’s Inside the IRR


description of an autonomous systemdescription of an autonomous system(bgp) routing policies(bgp) routing policiespeering specificationspeering specifications







export: to AS1299 announce AS-GARR

AS20965AS1299

AS1299

Is it That Easy?

Structured policies

Set objects

aut-num: ASX5import: { from ASX2:AS-Z2 accept 100.0.0.0/8;

} refine {

Complex expressions

Multi-protocol extensions

} refine {ASX2:AS-Z2


} refine {from ASX1 ASX2 accept 100.1.0.0/16;

} except {from ASX3 accept 100.1.1.0/24;}

export: to ASX1:PRNG-Y1to ASX1:AS-Z1 except ASX9announce 100.1.1.0/24

mp-export: to ASX11 at 2001::1 announce 2001::/48default: to ASX12 action pref=10default: to ASX13 100.1.1.1 at 100.1.1.2

} except {

} refine {

ASX1:PRNG-Y1ASX1:AS-Z1

ASX1 ASX2

except ASX9

mp-export: to ASX11 at 2001::1 announce 2001::/48

Where Others Fail

Existing tools (e.g., the RIPE Routing Registry Consistency Check) fail in correctly dealing with these constructions

aut-num: ASX5import: { from ASX2:AS-Z2 accept 100.0.0.0/8;

} refine {} refine {ASX2:AS-Z2


} refine {from ASX1 ASX2 accept 100.1.0.0/16;

} except {from ASX3 accept 100.1.1.0/24;}

export: to ASX1:PRNG-Y1to ASX1:AS-Z1 except ASX9announce 100.1.1.0/24

mp-export: to ASX11 at 2001::1 announce 2001::/48default: to ASX12 action pref=10default: to ASX13 100.1.1.1 at 100.1.1.2

} except {

} refine {

ASX1:PRNG-Y1ASX1:AS-Z1

ASX1 ASX2

except ASX9

mp-export: to ASX11 at 2001::1 announce 2001::/48

Is That All?

aut-num: AS24336as-name: DIGITALBANK-JPdescr: d-b net Backboneimport: from AS17685

accept ANYexport: to AS17685

announce AS24336admin-c: DM210-JP

aut-num: AS24336as-name: DIGITALBANK-JPdescr: DIGITALBANK, Inc.,

Regional ISP in Japancountry: JPimport: from AS17685

action pref=100; accept ANYimport: from AS7682

aut-num: AS24336 aut-num: AS24336

import: from AS17685

import: from AS17685export: to AS17685

import: from AS7682

1. Identify stubs

2. Look at the last update timestamp


admin-c: DM210-JPtech-c: DM211-JPnotify: [email protected]: MAINT-AS24336changed: [email protected]

20050220source: RADB

import: from AS7682action pref=100; accept ANY

export: to AS17685announce AS24336

export: to AS7682announce AS24336

admin-c: DM210-APtech-c: DM211-APnotify: [email protected]: MAINT-JP-DIGITALBANKmnt-by: MAINT-JP-DIGITALBANKchanged: [email protected]

20050210source: APNIC

export: to AS17685

import: from AS7682

export: to AS7682changed: [email protected]

changed: [email protected]

source: RADB

source: APNIC

timestamp

3. Consider highest ranked (i.e., largest) registry

count of rpsl objects (per type)overlap between registries

An Overview of the Method

basic info analyzer basic info analyzer basic info analyzer


overlap between registriesupdate rate (per registry)

inter-registry consistency manager

RPSL peering specification analyzer

peering classifier

usage of rpsl constructions

HERMES collection service

From the Methodto the On-Line Service

basic info analyzer basic info analyzer basic info analyzerbasic info analyzerbasic info analyzerbasic info analyzerbasic info analyzerbasic info analyzerbasic info analyzerbasic info analyzer

>60 mirrored registriesboth regional and local


inter-registry consistency manager

RPSL peering specification analyzer

peering classifier

also exploits pevala run each day

The Peering Classifier

aut-num: ASX1 aut-num: ASX2

ASX1 ASX2FULLHALFHALF_IHALF_LEFT1/4 _I3/4 _NOT_E


Build topologies with different levels of confidence

aut-num: ASX1import: from ASX2

accept ASX2export: to ASX2

announce ASX1

aut-num: ASX2import: from ASX1

accept ASX1export: to ASX1

announce ASX2

A Look at the Data

68 registries downloaded on 03/31/06ftp://ftp.ripe.net/ripe/dbase

ftp://ftp.radb.net/radb/database

Overlapping aut-nums

# of


# ofaut-nums ripe apnic radb arin verio

ripe 11468 11238 19 50 7 23

apnic 3299 19 2688 423 1 113

radb 2695 50 423 2037 37 45

arin 555 7 1 37 463 14

verio 498 23 113 45 14 310

A Look at the Data

Integrating registries

149779819800overall

peering-setas-setaut-numdefinitions

149747818735unique


Kept definition from highest ranked registry

potentially inconsistent 1065 300 0potentially inconsistent 44 77 0

149747818735unique

112063133stub

A Look at the Data

11468

# ofaut-nums

ripe 237501911238

verioarinradbapnicripeleft after purging

92%


498

555

2695

3299

11468

verio

arin

radb

apnic

ripe

310144511323

144633717

4537203742350

1131423268819

23750191123892%

84%

77%

41%

42%

Extracted Peerings

peerings

This work 236,663

[1] P. Mahadevan et al.,The Internet AS-Level Topology: Three Data Sources and One Definitive Metric.SIGCOMM Computer Communication Review, 2006.


This work 236,663

RIPE RRCC 108,521

[1] (RIPE only) 56,949

[2] (RIPE only) 70,222

[3] 127,498

2006.

[2] B. Zhang et al.,Collecting the Internet AS-Level Topology.SIGCOMM Computer Communication Review, 2005.

[3] G. Siganos et al.,Analyzing BGP Policies: Methodology and Tool.INFOCOM 2004.

Extracted Peerings

peering type count from RIPE only

HALF_LEFT

HALF_RIGHT143,342 58.4%

FULL 42,599 94.6%

1/4_E 34,155 7.7%


1/4_E 34,155 7.7%

1/4_I 13,997 23.7%

3/4_NOT_E 1,373 80.3%

3/4_NOT_I 1,013 82.2%

HALF 114 57.9%

1/2_I 51 66.7%

1/2_E 19 47.4%

So What?

Extracting peerings from the IRR is not trivial…

…yet it’s possible

A systematic approach


A systematic approach

An on-line service

Promising results compared with past works

Hints about the health of the IRR

In the pot…

-

100000

200000

300000 peerings

?

?

?


Who is responsible?

Focus on BGP routing policies

Investigate how routing information propagates

Estimate consistency of IRR data against actual routing

Prevent abnormal routing scenarios

0Our work RIS+ORV

?

Care to Have a Look?

http://tocai.dia.uniroma3.it/~irr_analysis/


http://tocai.dia.uniroma3.it/~irr_analysis/

Thank you!Questions?

Documents

How to Extract BGP Peering Information from the IRRcompunet/www/docs/max/irr_peerings.pdf · RIPE APNIC ARIN LACNIC AFRINIC ICANN (IANA) ... Look at the last update timestamp 15 Sep