BGP instability

advertisement
BGP Instability
Jennifer Rexford
Fall 2014 (TTh 3:00-4:20 in CS 105)
COS 561: Advanced Computer Networks
http://www.cs.princeton.edu/courses/archive/fall14/cos561/
Holding the Internet Together
• Distributed cooperation for resource allocation
– BGP: what end-to-end paths to take (for ~50K ASes)
– TCP: what rate to send over each path (for ~3B hosts)
AS 2
AS 1
AS 3
AS 4
2
What Problem is BGP Solving?
The Stable Paths Problem
http://www.cs.princeton.edu/courses/archive/f
all14/cos561/papers/SPP02.pdf
3
What Problem Does Routing Solve?
• Most do shortest-path routing
–Shortest hop count
 Distance vector routing (e.g., RIP)
–Shortest path as sum of link weights
 Link-state routing (e.g., OSPF and IS-IS)
• Policy makes BGP is more complicated
–An AS might not tell a neighbor about a path
 E.g., Sprint can’t reach Verizon through AT&T
–An AS might prefer one path over a shorter one
 E.g., ISP prefers to send traffic through a customer
4
Could Use A Simulation Model
• Simulate the message passing
–Advertisements and withdrawals
–Message format
–Timers
• Simulate the routing policy on each session
–Filter certain route advertisements
–Manipulate the attributes of others
• Simulate the decision process
–Each router applying all the steps per prefix
Feasible, but tedious and ill-suited for formal arguments
Stable Paths Problem Instance
• Node
– BGP-speaking router
– Node 0 is destination
2 21 0
20
– BGP adjacency
– Set of routes to 0 at each
node 1
– Ranking of the paths
5210
2
• Edge
• Permitted paths
5
4
0
1
3
130
10
most preferred
…
least preferred
420
430
30
Solution to a Stable Paths Problem
2
210
20
• Solution
– Path assignment per node
– Can be the “null” path
• Each node is assigned
1
– The highest ranked path
– … consistent with the
assignment of its neighbors
5210
2
• If node u has path uwP
– {u,w} is an edge in the graph
– Node w is assigned path wP
5
4
0
1
130
10
3
420
430
30
A solution need not represent
a shortest path tree, or
a spanning tree.
Translating a Real Configuration into SPP
• Permitted paths at a node
– Composition of “export” policies at other nodes
Node 0 exports
route to node 2
0
210
20
Node 2 exports
5210
“2 1 0” but not “2 0”
2
5
Node 1 exports
“1 0” to node 2
• Ranking of paths at a node
– “Import” policies at the node
– Rank in terms of BGP decision process (i.e., local
preference, AS path length, origin type, MED, …)
An SPP May Have Multiple Solutions
120
10
120
10
1
120
10
1
0
0
2
210
20
1
0
2
210
20
First solution
2
210
20
Second solution
An SPP May Have No Solution
2
210
20
4
0
130
10
1
320
30
3
3
Stable System Unstable After Failure
210
20
BGP is not robust :
it is not guaranteed
to recover from
network failures.
1
130
10
2
Becomes a BAD GADGET if link
(4, 0) goes down.
4
40
420
430
0
3
3420
30
Strawman Solution Doesn’t Work
• Create a global Internet routing registry
– Store the AS-level graph and all routing policies
– Store all routing policies
– But, ASes may be unwilling to divulge
• Check for conflicting policies
– Analyze the global system and identify conflicts
– Contact the affected ASes to resolve them
– But, checking is an NP-complete problem
– … and, a safe system may be unsafe after failure
Goal: sufficient condition for convergence with local control
BGP Protocol
13
Two Kinds of Routing Protocols
Link State
Vectoring
• Topology information is flooded
within the routing domain
• Each router knows little about
network topology
• Best end-to-end paths are
computed locally at each router.
• Only best next-hops are chosen by
each router for each destination.
• Best end-to-end paths
determine next-hops.
• Best end-to-end paths result from
composition of all next-hop choices
• Based on minimizing some notion • Does not require any notion of
of distance
distance
• Works only if policy is shared and • Does not require uniform policies at
uniform
all routers
• Examples: OSPF, IS-IS
• Examples: RIP, BGP
AS Numbers (ASNs)
ASes represent units of routing policy
•
•
•
•
•
•
•
•
•
Level 3: 1
MIT: 3
Harvard: 11
Yale: 29
Princeton: 88
AT&T: 7018, 6341, 5074, …
Verizon: 701, 702, 284, 12199, …
Sprint: 1239, 1240, 6211, 6242, …
…
Currently around 50,000 in use.
Interdomain Routing
Path: 6, 5, 4, 3, 2, 1
4
3
5
2
7
1
6
Web server
Client
Border Gateway Protocol
• ASes exchange info about who they can reach
– IP prefix: block of destination IP addresses
– AS path: sequence of ASes along the path
• Policies configured by the AS’s operator
– Path selection: which of the paths to use?
– Path export: which neighbors to tell?
“12.34.158.0/24:
path (2,1)”
3
“12.34.158.0/24:
path (1)”
1
2
data traffic
data traffic
12.34.158.5
BGP Session Operation
Establish session on
TCP port 179
AS1
BGP session
Exchange all
active routes
AS2
Exchange incremental
updates
While connection
is ALIVE exchange
route UPDATE messages
Incremental Protocol
• A node learns multiple paths to destination
–Stores all of the routes in a routing table
–Applies policy to select a single active route
–… and may advertise the route to its neighbors
• Incremental updates
–Announcement
 Upon selecting a new active route, add node id to path
 … and (optionally) advertise to each neighbor
–Withdrawal
 If the active route is no longer available
 … send a withdrawal message to the neighbors
19
BGP Route
• Destination prefix (e.g., 128.112.0.0/16)
• Route attributes, including
– AS path (e.g., “7018 88”)
– Next-hop IP address (e.g., 12.127.0.121)
192.0.2.1
AS 7018
12.127.0.121
AT&T
AS 88
AS 11
Yale
Princeton
128.112.0.0/16
AS path = 88
Next Hop = 192.0.2.1
128.112.0.0/16
AS path = 7018 88
Next Hop = 12.127.0.121
20
ASPATH Attribute
128.112.0.0/16
AS Path = 1755 1239 7018 88
128.112.0.0/16
AS Path = 1239 7018 88
AS 1239
Sprint
AS 1755
AS 88
Princeton
Global Access
128.112.0.0/16
AS Path = 1129 1755 1239 7018 88
Ebone
AS 12654
128.112.0.0/16
AS Path = 7018 88
AS7018
128.112.0.0/16
AS Path = 88
AS 1129
RIPE NCC
RIS project
128.112.0.0/16
AS Path = 3549 7018 88
AT&T
128.112.0.0/16
AS Path = 7018 88
AS 3549
Global Crossing
128.112.0.0/16
Prefix Originated
21
BGP Path Selection
• Simplest case
AS 1129
–Shortest AS path
–Arbitrary tie break
• Example
Global Access
128.112.0.0/16
AS Path = 1129 1755 1239 7018 88
–Three-hop AS path preferred
over a five-hop AS path
–AS 12654 prefers path
through Global Crossing
• But, BGP is not limited to
shortest-path routing
–Policy-based routing
AS 12654
RIPE NCC
RIS project
128.112.0.0/16
AS Path = 3549 7018 88
AS 3549
Global Crossing
22
BGP Routing Changes
23
Causes of BGP Routing Changes
• Topology changes
– Equipment going up or down
– Deployment of new routers or sessions
• BGP session failures
– Due to equipment failures, maintenance, etc.
– Or, due to congestion on the physical path
• Changes in routing policy
– Reconfiguration of preferences
– Reconfiguration of route filters
• Persistent protocol oscillation
– More on this next class!
BGP Session Failure
• BGP runs over TCP
– BGP only sends updates
when changes occur
– TCP doesn’t detect lost
connectivity on its own
AS1
• Detecting a failure
– Keep-alive: 60 seconds
– Hold timer: 180 seconds
• Reacting to a failure
– Discard all routes learned from neighbor
– Send updates for any routes that change
AS2
Routing Change: Before and After
0
0
(2,0)
(2,0)
(1,0)
(1,2,0)
1
2
1
2
(3,2,0)
(3,1,0)
3
3
Routing Change: Path Exploration
• AS 1
– Delete the route (1,0)
– Switch to next route (1,2,0)
– Send route (1,2,0) to AS 3
0
(2,0)
• AS 3
– Sees (1,2,0) replace (1,0)
– Compares to route (2,0)
– Switches to using AS 2
(1,2,0)
1
2
(3,2,0)
3
Routing Change: Path Exploration
• Initial situation
– Destination 0 is alive
– All ASes use direct path
• When destination dies
– All ASes lose direct path
– All switch to longer paths
– Eventually withdrawn
(2,0)
(2,1,0)
(2,3,0)
(2,1,3,0)
(1,0)
(1,2,0)
(1,3,0)
1
2
0
• E.g., AS 2
– (2,0)  (2,1,0)
– (2,1,0)  (2,3,0)
– (2,3,0)  (2,1,3,0)
– (2,1,3,0)  null
3
(3,0)
(3,1,0)
(3,2,0)
Discussion of
BGP Instability Paper
29
Download