Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis
vrfinder: Finding Outbound Addresses in Traceroute
A. Marder, M. Luckie, B. Huffaker, and k. claffy, "vrfinder: Finding Outbound Addresses in Traceroute", in SIGMETRICS, Jun 2020.
|   View full paper:    PDF    Related Presentation    |  Citation:    BibTeX    Resource Catalog   |

vrfinder: Finding Outbound Addresses in Traceroute

Alexander Marder1
Matthew Luckie2
Bradley Huffaker1
kc claffy1

CAIDA, San Diego Supercomputer Center, University of California San Diego


University of Waikato

Current methods to analyze the Internet’s router-level topology with paths collected using traceroute assume that the source address for each router in the path is either an inbound or off-path address on each router. In this work, we show that outbound addresses are common in our Internet-wide traceroute dataset collected by CAIDA's Ark vantage points in January 2020, accounting for 1.7% – 5.8% of the addresses seen at some point before the end of a traceroute. This phenomenon can lead to mistakes in Internet topology analysis, such as inferring router ownership and identifying interdomain links. We hypothesize that the primary contributor to outbound addresses is Layer 3 Virtual Private Networks (L3VPNs), and propose vrfinder, a technique for identifying L3VPN outbound addresses in traceroute collections. We validate vrfinder against ground truth from two large research and education networks, demonstrating high precision (100.0%) and recall (82.1% – 95.3%). We also show the benefit of accounting for L3VPNs in traceroute analysis through extensions to bdrmapIT, increasing the accuracy of its router ownership inferences for L3VPN outbound addresses from 61.5% - 79.4% to 88.9% - 95.5%.

Keywords: measurement methodology, routing, topology
  Last Modified: Tue Nov-17-2020 04:47:42 UTC
  Page URL: