Michael Schapira Joint work with Yaping Zhu and Jennifer Rexford Princeton University Once Upon a Time Internet InterNetwork Routing Small network Single administrative entity ID: 557015
Download Presentation The PPT/PDF document "Putting BGP on the Right Path: A Case fo..." is the property of its rightful owner. Permission is granted to download and print the materials on this web site for personal, non-commercial use only, and to display it on your personal computer provided you do not modify the materials and that you retain all copyright notices contained in the materials. By downloading content from our website, you accept the terms of this agreement.
Slide1
Putting BGP on the Right Path: A Case for Next-Hop Routing
Michael
SchapiraJoint work with Yaping Zhu and Jennifer Rexford (Princeton University)Slide2
Once Upon a Time…
Internet Inter-Network Routing:
Small network
Single administrative entity
NSFNET
Shortest-path routing
distance-vector routingThen....Slide3
Interdomain Routing
Over 35,000
Autonomous Systems (ASes)Interdomain
routing
= routing between
ASes
Border Gateway Protocol (BGP)AT&TQwestComcastSprintSlide4
Today’s Path-Based Routing With BGP
Complex!
configuration errors, software bugs, …Bad convergence!persistent route oscillations, slow convergence, …Vulnerable to attacks!malicious, economically-driven, inadvertent, … and more, and more, and more …bad performance, clumsy traffic engineering, …Slide5
How Can We Fix
Interdomain Routing?
One approach: add mechanisms to an already complex protocolroute flap damping, S-BGP, …Another approach: redesign interdomain routing from scratchHLP, NIRA,
pathlet
routing, consensus routing, …
Our approach
: simplify BGP!Slide6
Background
: Today’s Path-Based Routing With BGP
AS i’s routing policy:ranking
of simple routes from
i
to each destination d
export policyBGP is a path-vector protocol
Receive
route updates
from
neighbors
Choose
single
“best”
route
(ranking)
Send route updates to neighbors
(export policy)Slide7
3
d
1
2
Background
:
Today’s
Path-Based Routing With BGP
32d > 31d
Don’t export 2d to 3
1, 2, I’m available
3, I’m using 1d
a
stable state
is reachedSlide8
AS-PATH = the Route of All Evil
AS-PATH: list of
all ASes on pathoriginally meant for loop-detectionThe AS-PATH is to blame!error-prone, software bugsno/slow convergencelarge attack surfacebad scalability, clumsy traffic engineering, bad performance, …Slide9
Getting Off the AS-PATH
No way back to shortest-path routing…
Our proposal: next-hop routingmake routing decisions based solely on the “next hop”relegate the AS-PATH to its original roleSlide10
Wish List
Loop freedom
Fast ConvergenceSecurityIncentive compatibilityBusiness policiesGood performanceTraffic engineeringScalabilitySimplicitySlide11
Expressiveness vs. Complexity
complexity
expressiveness
not expressive
enough
sufficiently
expressive
extremely
expressive
simple
too complex
shortest-path
routing
next-hop
routing
BGP’s
path-based
routingSlide12
Next-Hop Routing Rules!
Rule 1: use next-hop rankings
4d
3
5
1
2
4 > 3
541d > 53d > 542dSlide13
Next-Hop Routing Rules!
Rule 1
: use next-hop rankings Rule 2: prioritize current routeto minimize path exploration [Godfrey-Caesar-Hagen-Singer-Shenker]2
d
3
1
2=3
Break ties in favor of lower AS number
2=3
Prioritize current routeSlide14
Next-Hop Routing Rules!
Rule 1
: use next-hop rankings Rule 2: prioritize current routeRule 3: consistently exportto avoid disconnecting upstream nodes [Feigenbaum-S-Ramachandran]
3
d
4
1
2
1 > 2,
Export 32d, but not 31d, to 4
1 > 2,
Export 31d
to 4Slide15
Next-Hop Routing Rules!
Rule 1
: use next-hop rankings Rule 2: prioritize current routeRule 3: consistently exportDefn: Node i
consistently exports
w.r.t
. neighbor j
if there is some route R s.t. each route Q is exportable to j iff R ≤i Q.Defn: Node i consistently exports if it consistently exports with respect to each neighboring node j.Slide16
Next-Hop Routing Rules!
Rule 1: use next-hop rankings
Rule 2: prioritize current routeRule 3: consistently export3 deployment schemesConfigure today’s routersCreate new router configuration interfaceBuild new router softwareSlide17
Wish List Revisited
Loop freedom
Fast convergenceSecurityIncentive compatibilityBusiness policiesGood performanceTraffic engineeringScalability
SimplicitySlide18
Wish List Revisited
Loop freedom
Fast convergence?SecurityIncentive compatibility [Feigenbaum-S-Ramachandran]
Business policies
Good performance
Traffic engineering
Scalability?SimplicitySlide19
Existence of Stable State
Existence of stable state not guaranteed
even with next-hop rankings (Rule 1) [Feamster-Johari-Balakrishnan]Thm: If the next-hop routing rules hold, then a stable state exists in the network.What about (fast!) convergence?Slide20
BGP Oscillations
BGP not guaranteed to converge even with next-hop routing! [Griffin-Shepherd-Wilfong]1
d
2
2 > d
1 > dSlide21
The Commercial Internet
ASes
sign long-term contracts.Neighboring pairs of ASes have:a customer-provider relationship
a
peering
relationship
peer
providers
customers
peerSlide22
Gao-Rexford Framework
3 simple conditions that are naturally induced by
the AS-business-hierarchy.Topology condition, Preference condition, Export conditionIf the Gao-Rexford conditions hold, then BGP is
guaranteed
to converge to a stable state.
[
Gao-Rexford]But, this might require exponentially-many forwarding changes! [Syed-Rexford]Slide23
Fast BGP Convergence
Thm
: In the Gao-Rexford framework, next-hop routing convergence to a stable state involves at most O(L2) forwarding changes (L = # links).all network topologiesall timings of AS activations and update message arrivalsall initial routing statesall initial “beliefs”implications for routing changes and number of BGP
updatesSlide24
Simulations
C-BGP simulator. Cyclops AS-level topology, Jan 1
st 2010 (33,976 ASes, ~5000 non-stubs)Protocols: BGP, Prefer Recent Route (PRR), next-hop routingMetrics:
# forwarding changes, # routing changes,
# updates, AS-PATH length
Events: prefix up, link failure, link recoveryMethodology: 500 experiments, 10,000 vantage points (all non-stubs, 5000 stubs)Slide25
Simulation Results
(# Forwarding Changes)
maximum number of BGP forwarding changes > 20maximum number of routing changes in next-hop routing = 3
maximum number of forwarding changes
in PRR = 10Slide26
Simulation Results
(# Routing Changes)
maximum number of BGP routing changes > 160maximum number of routing changes in next-hop routing < 20
maximum number of routing changes
in PRR > 40Slide27
Simulation Results
(# BGP Updates, Non-Stub
ASes)maximum number of BGP updates > 6000
maximum number of updates in next-hop routing < 300
maximum number of updates in PRR > 1000Slide28
Simulation Results
(# Routing Changes, The 0.1% Position)Slide29
Incentive Compatible
Routing Configurations
2d3
1
d > 2
3 > d > 1
2
Each node is getting its best
feasible
next-hopSlide30
Next-Hop Routing is
Incentive Compatible
Thm [Feigenbaum-Ramachandran-S]: In the Gao-Rexford framework, next-hop routing is incentive compatible. (each node is guaranteed its
best
feasible
next-hop)Slide31
Wish List Revisited
Loop freedom
Fast convergenceSecurity?Incentive compatibilityBusiness policiesGood performance?Traffic engineering?ScalabilitySimplicitySlide32
Limitations of Next-Hop Routing
AS-PATH length
AS-avoiding policiesAS-name prependingAS-PATH-based traffic engineeringSlide33
Security, Performance,
Traffic Engineering
Still open research questions.Handled mostly outside the routing protocol.We argue that next-hop routing makes things mostly better.Slide34
Performance
Faster/better convergence than BGP.
much more scalable.But…potential increase in path lengths.bloosely correlated with performance (# routers, physical distance… throughput…).still, significant increase clearly undesirable!Simulation results
: same path length for 97-99% of
ASes
; big increase only for ~0.1%.Slide35
Security
Reduces BGP’s attack surface (AS-PATH length plays no role in routing decisions).
More resilient to economically-driven attacks (incentive compatible).More resilient to misconfigurations (in progress)But… AS-avoiding policies impossible.come with no guarantees. e2e?Slide36
Traffic Engineering
We discuss how traffic engineering can be done without relying on the AS-PATH.
using different next-hop rankings for different (groups of) prefixesusing the BGP communities attribute…Slide37
Multipath Routing
Performance, security and traffic engineering can greatly benefit from multipath routing.
multiple working pathsimmediate response to failuresload balancing among multiple next-hops…Next-hop routing lowers the barrier for making this a reality (work in progress).Slide38
Multipath Routing
Exploiting path diversity torealize the
AS’s own objectivescustomize route selection for neighboring ASesBut... multipath routing is not scalable!
disseminate and store multiple routesSlide39
Multipath Routing is Not Scalable!
d
12
3
4
P
1
P
2
Q
1
Q
2
I’m using P
1
and P
2
I’m using Q
1
and Q
2
I’m using P
1
, P
2
, Q
1
and Q
2Slide40
From AS-PATH to AS-SET
Next-hop routing is more amenable to multipath
nodes don’t care about entire paths… other than for loop detectionDon’t announce routes, announce sets!set = union of ASes on all routesBGP route aggregationSlide41
Neighbor-Specific
Next-Hop Routing
Customizing route selection for neighborsoperational motivation [Kushman-Kandula-Katabi-Maggs]economic motivation [Wang-S-Rexford]
C
1
z
C2C3
d
?
R
1
R
2
R
3
Secure!
Short!
Cheap!Slide42
Neighbor-Specific
Next-Hop Routing
Neighbor-Specific BGP [Wang-S-Rexford]implementable using existing toolsResults for convergence and incentive compatibility extend to multipath!Slide43
Conclusions and
Future Research
BGP is far too complicated!New approach: simplify BGPwithout compromising global and local goals!Directions for future research:getting rid of the AS-PATH?software / configuration complexitymore theoretical and experimental workSlide44
Thank
You