|
Talk Title and Presenter
|
Abstract
|
Route Views Update
Joel Jaeggli and
David Meyer
slides (HTML)
|
The University of Oregon Route Views service (www.routeviews.orgi) is widely used both for operational purposes by ISPs as well as a source of data for Internet researchers. The server currently has
EBGP multi-hop peerings service providers at 42 points around the world, carries more than 1.6M paths, and has averaged more than 1800 connections per day.
We discuss how routeviews data has been put to use, and outline some of the things that could help the sustainability of services of this kind.
New elements since the earlier talk
at NANOG23 entitled "Trends and Dynamics in BGP" include a discussion of current and projected storage requirements, ongoing migration to zebra bgpd, and continued legacy data format archiving.
|
RIPE NCC Measurement Infrastructure Update
Henk Uijterwaal
slides (HTML)
|
Part 1 of the talk will discuss recent development in the TTM and RIS
infrastructure and new features interesting for people analyzing the data.
Part 2 will be recent analysis of TTM and RIS data. Topics (TTM):
Jitter/IP Delay Variations, Bandwidth measurements, Long term trends in
the delays, RIS: growth of routing table. And more.
|
Growth of Public Internet Exchanges over Time
Bill Woodcock, and
Bob Arasmith
slides (HTML)
|
This is a short presentation of data and analysis surrounding the rate of
growth which public Internet exchange facilities (peering points)
experience over time. There is a commonly-held belief that exchange
points begin with a small number (2-3) of initial participants, followed
by straight-line growth up to a magic "critical mass" threshold, followed
by exponential growth up to the maximum carrying capacity of the facility
and its switch fabric. We hope to be able to either corroborate or refute
this belief upon completion of our analysis, which we will present at
ISMA. Principal investigator: Bill Woodcock, research director, Packet
Clearing House. Co-author: Bob Arasmith, research associate, Packet
Clearing House.
|
Global Routing Instabilities during Code Red II
and Nimda Worm Propagation
Andy Ogielski
slides (PDF)
|
I will present the latest results following the work published at
http://www.renesys.com/funding/bgp_instability/. This work
was performed jointly with James Cowie of Renesys.
|
Detection of Routing Loops in Packet Traces and Analysis of Their Impact
Sue Moon
slides (HTML)
|
Changes in routing information are propagated by various routing
protocols. Transient inconsistency between router states exists as
part of the normal routing protocol operation. As a result, a routing
loop is conformed, and some packets might be bounced back and forth
until the inconsistency is resolved. If the reachability to many
destination addresses is affected by the inconsistency, it is likely
that many packets are affected.
In this work, we present a methodology to detect routing loops as they
manifest in the packet traces. Then we study the causes behind the
routing incidents, and classify them by identifiable causes.
As a final step, we analyse the impact of routing loops on the network
traffic in terms of delay, loss, and bandwidth.
|
A study of BGP misconfigurations
Ratul Mahajan
slides (PDF)
|
We present preliminary results from a new study of BGP misconfiguration. In
the talk, we focus on two kinds of misconfigurations. The first is accidental
origination of routes. It includes not only origination of routes owned by
the ISP itself, but also address space hijacks. The second is route leaks,
exporting routes not consistent with the ISP's policy. We talk about our
methodology, results based on an email survey, and the underlying causes of
these misconfigurations.
|
On the performance characteristics of BGP routing decisions
Mike Lloyd
slides (HTML)
|
We describe a data collection infrastructure which accumulates BGP feeds along with performance data on a wide variety of end points. We then show some of the results we have generated by correlating these data sources. Specifically, we analyze the frequency with which BGP's unmodified decision process selects suboptimal forwarding paths. We also investigate the dynamic properties of observed performance differences.
|
Load Balancing Traffic in a BGP Environment Using
On-line Simulation and Dynamic NAT Techniques
Shivkumar Kalyanaraman
slides (HTML)
|
We focus on two problems in this talk: a) outbound load-balancing
using BGP LOCAL_PREF settings aided by online simulation and b) inbound
load balancing in a multihomed stub AS environment using dynamic NAT.
Outbound: The outbound load-balancing problem is posed as a constrained
multi-criterion optimization problem, with objectives such as
utilization of outbound links, cost, as_path length and reliability of
outbound paths. This optimization problem here can be modeled as a
classical ``bin packing'' problem, which is NP-hard. A new "Recursive
Random Search (RRS)" algorithm, which has been designed for
general black-box optimization problems, has been used to find a
approximate solution for this problem. We first identify a number of
``hot'' prefixes, then we use RRS algorithm to search for a ``optimal''
routing for these prefixes such that the objective function is minimized.
Then we implement these routes by setting the local preference for these
prefixes on BGP routers.
Inbound: Multihomed Stub AS's advertise a good share of the more-specific
prefixes which cause instability and increase global routing table
sizes. Many of these are more-specifics proxy advertised to achieve
inbound load balancing goals. We are investigating an alternative solution
using dynamic NAT coordinated between edge boxes at the stub AS
which would remove the need to advertise these more-specifics. In
effect, the load balancing problem is re-cast as a dynamic public
address assignment problem to the internal nodes that contribute to a
large fraction of inbound traffic. This solution will not work for
transit ASs that use full public addressing.
|
Edge vs. core time delay of propagation
Avi Freedman
slides (HTML)
|
A study of the real-world delay in propagation for prefixes with
changing associated BGP attributes. We examine, for ASs that
Akamai has BGP sessions with, prefixes with changing attributes,
and examine how long it takes in practice for those changes
(i.e. origin or AS_PATH padding, prefix introduction or
prefix withdrawl) to propagate. We classify networks by
'core' or 'edge' (less than 20 non-customer connections to
another AS) as an initial taxonomy, and compare time
for changes to propagate to core vs. edge ASs. We further
classify edge networks by degree of multihomed connectivity
and present similar data.
|
Analysis of RIPE/RIS Project's BGP Data:
CIDR at Work
Cengiz Alaettinoglu
slides (PDF)
|
We analyze the BGP messages collected by the RIPE-NCC Routing
Information Service. The data has been collected for about two years. It
is much richer than the daily snapshots often used in analysis and helps
us address more detailed questions than simply table size growth. For
example, we can show the effectiveness of CIDR aggregation, or account
for multi-homing and inter-domain traffic engineering more accurately.
In short, we find that the routing table size growth is not exponential,
CIDR is doing very well, and churn is decreasing. Most of the churn is
due to the loss and re-establishment of BGP peerings, as well as policy
misconfigurations (leaking routes, etc).
|
Internet stability amid change
Andre Broido and
k claffy
slides (HTML)
|
We analyze the RouteViews BGP routing tables sampled
with a granularity ranging from 6 months
for data measured in 1997-2001 to 2 hours
for data from the end of 2001. We study the
globally routed prefixes (those present in the
majority of backbone tables) and categorize them
as:
- standalone -- only one entry in tables for this prefix's
address range
- root -- a least specific route, but more specific routes
cover part of this prefix's address range
- subset -- a more specific route, less specific routes
also include this prefix.
Using these distinctions, we find that changes in
global routing system are not adequately captured by
bulk measures like total number of prefixes in a table.
This is due to the net change representing a sum total
of commensurable contibutions of opposite sign,
so that the total variation is not the difference,
but rather the sum of their magnitudes.
This phenomenon partly explains the fact
that most measures of routing system complexity
demonstrate slow growth, dynamic equilibrium
and/or decrease for the second half of the year 2001.
|
Comparison of end-to-end distance measurement
metrics
Brad Huffaker
slides (HTML)
|
While several methods currently exist for estimating the end-to-end
distance between Internet hosts, I present a novel technique for
comparing the distance metrics underlying different techniques.
Analysis of a set of baseline comparisons of different distance
metrics serves as a first step towards evaluating the utility of
each current or proposed distance estimation method. Individual
metrics provide dissimilar
levels of predictive value for particular application types. However,
high computational overhead may negate the benefits of measuring
distance using an application's optimal distance metric.
For this study we chose four existing metrics:
previously seen round trip time (RTT); geographical distance;
autonomous system (AS) path length; and IP path length.
|
Characterizing Resource Location in the Internet
Mark Crovella
slides (HTML)
|
I will report on recent work studying the geographic location of nodes and links in router-level Internet graphs.
|
Measuring Provider Path Diversity from
traceroute Data: Work in Progress
Krishna Nayak
slides (PDF)
|
With many Internet hosts today being multi-homed,
it is important to consider the path-diversity between providers. By collecting
traceroute data through all available providers, we uncover convergence
points between different providers' paths to determine which combination of
providers could produce the most diversity across the Internet "middle
mile". Our initial study involved four providers with points of presence in
San Jose, CA, and a random selection of 46,089 active prefixes
identified using netflow. In this talk, we will describe our initial study,
correlate results with active TCP probe data, and attempt to make general
statements about provider diversity based on these data.
|
Towards Capturing Representative AS-Level Internet
Topologies
Hyunseok Chang
slides (PDF)
|
Recent studies concerning the Internet connectivity at the AS level
have attracted considerable attention. These studies have exclusively
relied on the BGP data from Oregon route-views to derive some unexpected
and intriguing results.
There has been anecdotal evidence and an intuitive understanding among
researchers in the field that BGP-based AS-level topology is not
complete, however, as far as we know, there has been no systematic
study on quantifying the completeness of AS-level topologies.
By augmenting the Oregon route-views data sets with
BGP summary information from a large number of Internet Looking
Glass sites and with routing policy information from Internet
Routing Registry (IRR) databases, we find that (1) a significant
number of existing AS connections remain hidden from most BGP routing
tables, (2) the AS connections to tier-1 ASs are in general more
easily observed than those to non tier-1 ASs, and (3) there are at
least about 25--50% more AS connections in the Internet than
commonly-used BGP-derived AS maps reveal (but only about 2% more ASs).
Finally, we validate the newly-found connectivity by identifying
physically-adjacent ASs, and comment on how our findings can be
interpreted to capture more representative AS-level topologies.
|
Estimating Router ICMP Generation Times
Ramesh Govindan, and
Vern Paxson
slides (PDF)
|
As a consequence of layering in the Internet protocol suite, ICMP
responses provide the only available general mechanism for attaining
visibility into the Internet's internal packet dynamics. Measurement
tools such as pathchar (and the related clink and pchar) and treno
both send large numbers of TTL-limited packets in order to analyze the
delays between the transmissions of the packets and the receipt of the
corresponding ICMP replies. There are two significant difficulties
with analyzing such timing, however. The first is that the ICMP reply
might not be generated in a timely fashion at a router; in particular,
ICMP generation at routers might be relegated to the "slow" path. A
second difficulty with analyzing timing based on ICMP replies is that
responses from different routers might follow different paths. In
this talk, we discuss a technique for measuring a router's ICMP
generation time (specifically for Time Exceeded TE messages) using only
end-system measurements, and discuss an analysis of a preliminary set
of measurements made using the NIMI measurement infrastructure.
|
Statistical Reconstruction of Largest
Contributors to Network Traffic
Valery Kanevsky
slides (HTML)
|
The topic of this work is the issue of assessment of consistency of statistical
inference from the sampling of network traffic. Network management depends on
extensive data acquisition, processing, and analysis. One aspect of such
analysis is sample-based allocation of the traffic along a variety of
observable features/attributes (e.g, volume, protocol, source, destination), and selection of subsets of features that contribute to a significant
portion of the total traffic. We present a statistical foundation that
provides a confidence level to support such selection by addressing the
following question: How confident can one be to infer "large" contributors
from a sample of a limited size and how does confidence level
depend on sample size?
|
Cooperative Association for Internet Data Analysis (CAIDA)