Mathematics for Networks Workshop
QMULMarch 23 2005
Timothy G. Griffin Matthew Roughan Computer Laboratory School of Mathematical Sciences
University of Cambridge University of Adelaide, Australia
[email protected] [email protected] http://www.cl.cam.ac.uk/~tgg22/ http://www.maths.adelaide.edu.au
A Challenge:A Challenge:Modeling the Dynamics of Modeling the Dynamics of
the Inter-domain Routing in the Inter-domain Routing in the Internetthe Internet
Architecture of Dynamic Routing
AS 1
AS 2
EGP (= BGP)
EGP = Exterior Gateway Protocol
IGP = Interior Gateway Protocol
Metric based: OSPF, IS-IS, RIP, EIGRP (cisco)
Policy based: BGP
The Routing Domain of BGP is the entire Internet
IGP
IGP
3
BGP Operations : Hard State Protocol
Establish session on TCP port 179
Exchange all active routes
Exchange incremental updates
AS1
AS2
While connection is ALIVE exchangeroute UPDATE messages
BGP session
How Many ASNs are Being Used Today?
Thanks to Geoff Huston: http://www.potaroo.net/
Jan 11, 2005
How Many Prefixes are Being Routed Today?
From AS 4637: Reach Network
Jan 11, 2005
Data Collection: GNU Zebra
Zebra Box
router
router
router
router
BGP sessions
BGP sessions
RIPE Routing Information Service
rrc00.ripe.net at RIPE NCC, Amsterdam, collects default free routing updates from peers. From October 1999. rrc01.ripe.net at LINX, London. Collects route updates announced by LINX members. From July 2000. rrc02.ripe.net at SFINX, Paris. Collects route updates announced by SFINX members . From March 2001. rrc03.ripe.net at AMS-IX, Amsterdam. Collects route updates announced by AMS-IX members. From January 2001. rrc04.ripe.net at CIXP, Geneva. Collects route updates announced by CIXP members. From April 2001. rrc05.ripe.net at VIX, Vienna. Collects route updates announced by VIX members. From June 2001. rrc06.ripe.net at Otemachi, Japan. Collects route updates announced by JPIX members. From August 2001. rrc07.ripe.net in Stockholm, Sweden. Collects route updates announced by the NETNOD members. From April 2002. rrc08.ripe.net at San Jose (CA), USA. Collects route updates announced by the MAE-WEST members. From May 2002. rrc09.ripe.net at Zurich, Switzerland. Collected route updates announced by the TIX members. From May 2003 to until early Feb 2004. rrc10.ripe.net at Milan, Italy. Collects route updates announced by the MIX members. From Nov 2003. rrc11.ripe.net at New York (NY), USA. Collects route updates announced by the NYIIX members. From Feb 2004. rrc12.ripe.net at Frankfurt, Germany. Collects route updates announced by the DE-CIX members. From Jul 2004.
http://www.ripe.net/ris
University of Oregon Route Views Project http://antc.uoregon.edu/route-views
AOL (NoVa) 66.185.128.48 through AS1668 APAN (tpr2-tokyo) 203.181.248.242 through AS7660 ATT (SFO) 192.205.31.33 through AS7018 Abilene (Indiana) 198.32.8.252 through AS11537 Accretive (PAO) 207.246.129.6 through AS11608 Accretive (SEA) 207.246.129.14 through AS11608 Army Research Lab 192.12.65.1 through AS13 Broadwing (ADDS) 216.140.14.186 through AS6395 Broadwing (MAE-EAST) 216.140.8.63 through AS6395 Broadwing (MAE-WEST) 216.140.2.62 through AS6395 C&W USA (Santa Clara) 208.172.146.2 through AS3561 COMindico (AU) 203.194.0.5 through AS9942 Carrier1 (NYC) 212.4.193.253 through AS8918 EBONE (EU) 192.121.154.25 through AS1755 ELI (MAE-EAST) 208.186.154.36 through AS5650 ELI (MAE-WEST) 208.186.154.35 through AS5650 EPOCH (PAIX) 155.229.0.36 through AS4565 ESnet (GA) 134.55.20.229 through AS293 France Telecom (NYC) 193.251.128.22 through AS5511 GLOBIX (LINX) 195.66.224.82 through AS4513 GLOBIX (New York) 209.10.12.28 through AS4513 GLOBIX (Chicago) 209.10.12.125 through AS4513 GLOBIX (Palo Alto) 209.10.12.156 through AS4513 GT Group Tel (Toronto,CA) 216.18.63.137 through AS6539 Genuity (Palo Alto) 4.0.4.90 through AS1 GlobalCrossing (PAIX) 208.51.113.253 through AS3549 IAGnet (Chicago) 204.42.253.253 through AS267 IIJ (Japan) 202.232.1.91 through AS2497 ISC (Palo Alto) 204.152.184.126 through AS3557 Intermedia (MAE-EAST) 198.32.187.23 through AS2548
Many streams since 2001
JINX (Johannesburg) 196.7.106.72 through AS2905 Jippii (ESPANIX/Spain) 62.164.11.10 through AS8782 LINX (London) 194.68.130.254 through AS5459 Level3 (Denver) 209.244.2.115 through AS3356 MFN/AboveNet (MAE-WEST) 207.126.96.1 through AS6461 MFS/MAE-lab (San Jose) 204.29.239.1 through AS6066 Nacamar (Frankfurt) 213.200.87.254 through AS3257 Netrail (MAE-WEST) 205.215.45.50 through AS4006 Port80 (Stockholm) 217.75.96.60 through AS16150 RCN (PAIX) 207.172.6.221 through AS6079 RCN (VA) 207.172.6.173 through AS6079 RIPE NCC (Amsterdam) 193.0.0.56 through AS3333 STARTAP (Chicago) 206.220.240.95 through AS10764 Sprint (Stockton) 144.228.241.81 through AS1239 Telefonica (New York) 213.140.32.144 through AS12956 Teleglobe (London,UK) 195.219.96.239 through AS8297 Teleglobe (PAIX) 207.45.223.244 through AS6453 Telstra (Sydney,AU) 203.62.252.26 through AS1221 TELUS (Toronto) 66.203.205.62 through AS852 TouchAmerica () 157.130.182.254 through AS19092 Verio () 129.250.0.11 through AS2914 Verio () 129.250.0.6 through AS2914 WCI Cable (Hillboro, OR) 209.161.175.4 through AS14608 Williams (San Francisco) 64.200.199.3 through AS7911 Williams (San Francisco) 64.200.199.4 through AS7911 X0 (Bay Area) 205.158.2.126 through AS2828 Zocalo (Berkeley) 157.22.9.7 through AS715 blackrose.org (Ann Arbor) 204.212.44.131 through AS234 netINS (Des Moines) 167.142.3.6 through AS5056
Participants
Reading the Data
www.mrtd.net
route_btoa translates binary to ASCII
BGP Update Streams
Data from rrc01.ripe.net (LINX, London)
A Closer Look …
High Variability
A Closer Look …
… 1000 Second Bins
Look At BGP Table Sizeta
ble
siz
e
A Closer Look …ta
ble
siz
e
Another Example: Christmas Eve!
A Closer Look …
High Variability, Again
… 1000 Second Bins
And Table Size
The Challenge
• the generation of BGP updates?• the propagation of BGP updates?• observed BGP update streams?• correlations between multiple data
streams? • anomaly detection?• improving protocol design?
Can we develop rigorous stochastic models for
This will not be easy…
• Data is complex• BGP topology is not known• BGP policies are secret• Implementation matters• A network of BGP speakers acts like a
large network of Communicating Finite State Machines ---- so is a large finite state transducer
A set of BGP speakers as a Communicating Finite State Machine
The FSM at node 4
The FSM at node 5
One announce/delete at node 1can produce 52 possible outputs at node 5
Implementation Does Matter!
Thanks to Abha Ahuja and Craig Labovit for this plot.
stateless withdrawswidely deployed
stateful withdrawswidely deployed
A few useful links…
Real-time Global Routing Metricshttp://www.nanog.org/mtg-0402/ogielski.html
BGP Beaconshttp://www.psg.com/~zmao/BGPBeacon.htmlhttp://www.ripe.net/ris/docs/beacon.html
What is the sound of one route flapping?http://www.cs.dartmouth.edu/~mili/workshop2002/slides/griffin_dartmouth_20020723.pdf