Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

How DNS Misnaming Distorts Internet Topology Mapping Ming Zhang,

advertisement 
How DNS Misnaming
Distorts Internet
Topology Mapping
Ming Zhang, Microsoft Research
Yaoping Ruan, IBM Research
Vivek Pai, Jennifer Rexford, Princeton University
Basic Traceroute
% traceroute -n www.usenix.org
1 128.112.155.129 0.586 ms
2 128.112.138.2
0.627 ms
3 128.112.139.193 2.833 ms
4 128.112.12.57
1.505 ms
5 128.112.12.22
2.073 ms
6 204.153.48.9
3.275 ms
7 12.119.12.109
7.863 ms
8 12.123.219.133 10.458 ms
9 12.123.0.101
6.547 ms
10 204.255.168.1
8.536 ms
11 152.63.21.78
6.229 ms
12 152.63.145.241 71.186 ms
13 152.63.55.58
71.049 ms
14 152.63.48.73
73.591 ms
15 157.130.192.6
97.473 ms
June 3, 2006
0.408
0.454
1.412
1.115
1.237
3.041
8.513
8.224
8.504
7.328
6.215
70.831
71.716
73.618
94.833
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
0.401
0.645
1.618
1.548
1.054
2.459
5.343
8.770
5.736
6.912
5.906
71.415
70.714
73.887
111.342
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
2
Reverse DNS Lookups
% traceroute www.usenix.org
tbr2-p012402.n54ny.ip.att.net
1 ignition
(128.112.155.129) 0.542
ggr3-g90.n54ny.ip.att.net
2 targe
(128.112.138.2)
0.894
0.so-2-1-0.BR1.NYC4.ALTER.NET
3 csgate
(128.112.139.193) 1.592
4 gigagate1.Princeton.EDU
(128.112.12.57)
1.768
0.so-6-0-0.XL1.NYC4.ALTER.NET
5 vgate1.Princeton.EDU
(128.112.12.22)
1.240
6 tcggate.Princeton.EDU
(204.153.48.9)
2.524
7 12.119.12.109
(12.119.12.109)
9.014
8 tbr2-p012402.n54ny.ip.att.net (12.123.219.133)
6.708
9 ggr3-g90.n54ny.ip.att.net
(12.123.0.101)
6.510
10 0.so-2-1-0.BR1.NYC4.ALTER.NET (204.255.168.1)
6.806
11 0.so-6-0-0.XL1.NYC4.ALTER.NET (152.63.21.78)
7.242
12 0.so-7-0-0.XL1.SFO4.ALTER.NET (152.63.145.241) 70.959
13 POS4-0.XR1.SFO4.ALTER.NET
(152.63.55.58)
72.075
14 191.ATM7-0.GW4.SFO4.ALTER.NET (152.63.48.73)
76.387
15 usenix-gw.customer.alter.net (157.130.192.6)
95.806
n54ny.ip.att
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
ms
XL1.SFO4.ALTER
0.so-7-0-0.XL1.SFO4.ALTER.NET
POS4-0.XR1.SFO4.ALTER.NET
191.ATM7-0.GW4.SFO4.ALTER.NET
June 3, 2006
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
3
Network Debugging & Research

DNS now a critical tool, errors problematic

For humans  annoying
 Assuming

For mapping  small problems
 Relatively

you can detect it
contained
For derived data  magnified problems
 “Worst”
June 3, 2006
problems can be fictional
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
4
Automating the Process

Generate large number of traceroutes
 e.g.,

use PlanetLab and/or ScriptRoute
Extract geography from names
 undns
tool from RocketFuel
 Understands conventions for tons of ISPs
Merge cities into POPs
 Now, reverse-engineer paths, peering
decisions, routing, etc.

June 3, 2006
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
5
DNS Misnaming Problems

Reverse DNS names not critical for ISP
in routers – debugging tool
 Often no forward DNS mapping
 Especially

Reasons for misnaming
 Router
gets moved
 Linecards swapped (IP per linecard)
 Reuse old IP addresses
 Peering ISPs share IP addresses
June 3, 2006
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
6
POP Loops & False Edges
June 3, 2006
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
7
Extra Inter-POP Links
June 3, 2006
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
8
Data Collection



In-house version of traceroute
132 nodes on PlanetLab
259,343 routable address blocks
 From
all prefixes in current BGP tables

20 hours on March 30, 2005

Data parsing:
IP
address
June 3, 2006
DNS
lookup
DNS
names
undns
rules
POP
names
Yahoo
maps
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
Geo
location
9
Resolving POP-level loop

Greedy algorithm:
 Get
all fishy IPs
 Pick IP that
Resolves most loops
 Rarely appears good

 Remove
IP’s loops, report IP
 Repeat

The correct location of a misnamed IP is
decided by voting based on its neighbors
June 3, 2006
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
10
Heuristics: 01/10 Rule
Given IP1, IP2, and IP3
 Infer IP4 from IP3
 If POPs for IP4, IP2 disagree:
 Vote among interfaces on same router (IP4,
IP5, and IP6)

IP6
New York
IP4 x.x.x.150
New York
IP1
Boston
IP2
IP3
x.x.x.149
SF
IP5
St Louis
New York
June 3, 2006
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
11
Case Study Results


Large ISP, 100+ POPs
1,957 POP-level loops


Router level discrepancy


IP1, 2, 3, 4
IP5, 6
Missed


IP7, 8 9
Small POPs with 1
neighbor
June 3, 2006
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
12
Impact on Previous Work

Impact on topology mapping
 11%
of inferred edges are false edges
 More reliable than speed-of-light only approach

Impact on path inflation studies
June 3, 2006
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
13
Conclusion
DNS misnaming can be serious for
network researchers
 We study two heuristics to identify and fix
the wrong names
 Case study confirms the effectiveness of
our approach

June 3, 2006
Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC
14
Related documents
Title Page, Organizers, Reviewers
Title Page, Organizers, Reviewers
What Is Topology?! Featuring: Dr. Dan Freed SATURDAY MORNING MATH GROUP ?!
What Is Topology?! Featuring: Dr. Dan Freed SATURDAY MORNING MATH GROUP ?!
Download
advertisement