David A. Maltz
Albert Greenberg
ABSTRACT
In any IP network, routing protocols provide the intelligence that takes a collection of physical links and transforms them into a network that enables packets to travel from one host to another. Though routing design is arguably the single most important design task for large IP networks, there has been very little systematic investigation into how routing protocols are actually used in production networks to implement the goals of network architects. We have developed a methodology for reverse engineering a coherent global view of a network's routing design from the static analysis of dumps of the local configuration state of each router. Starting with a set of 8,035 configuration files, we have applied this method to 31 production networks. In this paper we present a detailed examination of how routing protocols are used in operational networks. In particular, the results show the conventional model of "interior" and "exterior" gateway protocols is insufficient to describe the diverse set of mechanisms used by architects, and we provide examples of the more unusual designs and examine their trade-offs. We discuss the strengths and weaknesses of our methodology, and argue that it opens paths towards new understandings of network behavior and design.
- D. Eastlake 3rd and P. Jones. RFC 3174 - US Secure Hash Algorithm 1 (SHA1), 2001. Available from http://www.ietf.org/rfcs/rfc3174.html.]] Google Scholar
Digital Library
- CAIDA. http://www.caida.org/tools/measurement/skitter/, 2000.]]Google Scholar
- Don Caldwell, Anna Gilbert, Joel Gottlieb, Albert Greenberg, Gisli Hjalmtysson, and Jennifer Rexford. The cutting EDGE of IP router configuration. In Second Workshop on Hot Topics in Networks (HotNets-II), November 2003.]]Google Scholar
- R. Callon. RFC 1195 - Use of OSI IS-IS for routing in TCP/IP and dual environments, 1990.]] Google ScholarDigital Library
- Anja Feldmann, Albert Greenberg, Carsten Lund, Nick Reingold, and Jennifer Rexford. Netscope: Traffic engineering for IP networks. IEEE Network Magazine, pages 11--19, March 2000.]] Google ScholarDigital Library
- P. Ferguson and D. Senie. Network Ingress Filtering: Defeating Denial of Service Attacks which Employ IP Source Address Spoofing. Internet Engineering Task Force, January 1998. RFC 2267.]] Google ScholarDigital Library
- Lixin Gao and Feng Wang. The extent of AS path inflation by routing policies. In Proceedings of Global Internet 2002, 2002.]]Google Scholar
- Ramesh Govindan and Hongsuda Tangmunarunkit. Heuristics for internet map discovery. In IEEE INFOCOM 2000, pages 1371--1380, Tel Aviv, Israel, March 2000. IEEE.]]Google ScholarCross Ref
- Timothy Griffin, F. Bruce Shepherd, and Gordon T. Wilfong. Policy disputes in path-vector protocols. In Proceedings of the 7th Annual International Conference on Network Protocols, pages 21--30, Toronto, Canada, November 1999.]] Google ScholarDigital Library
- Timothy G. Griffin and Gordon T. Wilfong. An analysis of BGP convergence properties. In Proceedings of SIGCOMM, pages 277--288, Cambridge, MA, August 1999.]] Google ScholarDigital Library
- DMTF Networks~Working Group. http://www.dmtf.org/standards/cim/cim_schema_v27.]]Google Scholar
- Sam Halabi and Danny McPherson. Internet Routing Architectures. Cisco Press, 2001.]] Google ScholarDigital Library
- C. Hedrick. RFC 1058 - Routing Information Protocol, 1988.]] Google ScholarDigital Library
- OPNET~Technologies Inc. http://www.mil3.com/products/home.html.]]Google Scholar
- Packet~Design Inc. http://www.packetdesign.com.]]Google Scholar
- D. E. Knuth. An empirical study of FORTRAN programs. Software - Practice and Experience, 1(2):105--133, April-June 1971.]]Google ScholarCross Ref
- David A. Maltz, Jibin Zhan, Geoffrey Xie, Hui Zhang, Gisli Hjalmtysson, Albert Greenberg, and Jennifer Rexford. Structure preserving anonymization of router configuration data. Technical Report CMU-CS-04-149, Carnegie Mellon University, 2004.]]Google ScholarDigital Library
- David Meyer and University of~Oregon Route Views~Project. http://antc.uoregon.edu/route-views/.]]Google Scholar
- Greg Minshall. tcpdpriv - remove private information from a tcpdump -w file. Software distribution available from http://ita.ee.lbl.gov/html/contrib/tcpdpriv.html, 1997.]]Google Scholar
- J. Moy. RFC 2178 - OSPF Version 2, 1997.]]Google Scholar
- Vern Paxson. End-to-end routing behavior in the Internet. IEEE\slash ACM Transactions on Networking, 5(5):601--615, 1997.]] Google ScholarDigital Library
- Y. Rekhter and T. Li. RFC 1771 - A Border Gateway Protocol 4 (BGP-4), 1995.]] Google ScholarDigital Library
- ITU-T M series recommendations. http://www.itu.int/rec/recommendation.asp-?type=products&lang=e&parent=T-REC-M.]]Google Scholar
- A. Shaikh, L. Kalampoukas, R. Dube, and A. Varma. Routing stability in congested networks: Experimentation and analysis. In Proc. ACM SIGCOMM'00, pages 163--174, Stockholm, Sweden, 2000.]] Google ScholarDigital Library
- N. Spring, R. Mahajan, and D. Wetherall. Measuring ISP topologies with Rocketfuel. In Proc. ACM SIGCOMM, August 2002.]] Google ScholarDigital Library
- Cisco Systems. Enhanced IGRP. http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/en_igrp.htm.]]Google Scholar
- Geoffrey Xie, Jibin Zhan, David~A. Maltz, Hui Zhang, Albert Greenberg, Gisli Hjalmtysson, and Jennifer Rexford. On static reachability analysis of IP networks. Technical Report CMU-CS-04-146, Carnegie Mellon University, 2004.]]Google Scholar
- Tatu Ylonen. Thoughts on how to mount an attack on tcpdpriv's "-a50" option... Web White Paper available from http://ita.ee.lbl.gov/html/contrib/attack50/attack50.html.]]Google Scholar
Index Terms
- Routing design in operational networks: a look from the inside
Recommendations
Routing design in operational networks: a look from the inside
In any IP network, routing protocols provide the intelligence that takes a collection of physical links and transforms them into a network that enables packets to travel from one host to another. Though routing design is arguably the single most ...
Modeling complexity of enterprise routing design
CoNEXT '12: Proceedings of the 8th international conference on Emerging networking experiments and technologiesEnterprise networks often have complex routing designs given the need to meet a wide set of resiliency, security and routing policies. In this paper, we take the position that minimizing design complexity must be an explicit objective of routing design. ...
Comments