Post on 28-Jan-2016
description
1
Alexander Azimov<aa@highloadlab.com> Highload Lab
Detecting Autonomous Systems Relationships
2
Quiz!
1. Why We need AS relation and policy discovery?
BGP Route Prediction, AS Design2. What have been already done?Physical link discovery, classterization3. What have we done?Active route policy discovery 4. What opportunities does it give?BGP Route Prediction, AS Design
3
Traffic generators
Internet
Inbound balancing
AS1 AS2
Интернет
4
Traffic consumers
Internet
Outbound balancing
AS1 AS2
Интернет
5
Traffic vector
Asymmetric!
AS1 AS2 AS3 AS5
AS6AS7
6
Quiz!
1. Why We need AS relation and policy discovery?
BGP Route Prediction, AS Design2. What have been already done?Physical link discovery, classterization3. What have we done?Active route policy discovery 4. What opportunities does it give?BGP Route Prediction, AS Design
7
Physical Link Discovery
8
Classterization
9
BGP AS Paths
10
Core of the problem
Used at any given moment
Could be used by sigle AS
Number of Links
0 100000 200000 300000 400000
Links between ASes
11
Route Policy in RR
Outdated or incomplete
12
Deadlock
1. Physical link discovery;2. No registry of current route
policies.
No opportunity for traffic flow prediction
13
Quiz!
1. Why We need AS relation and policy discovery?
BGP Route Prediction, AS Design2. What have been already done?Physical link discovery, classterization3. What have we done?Active route policy discovery 4. What opportunities does it give?BGP Route Prediction, AS Design
14
AS Design
15
I did it my way…
2
16
Route Policy Recovery
1. AS relations2. Active verification3. Priority at every level of BGP
decision process4. Mathematical Equations5. …….........
17
AS Relations : example
AS3
AS2
AS4
AS5
AS1 AS6 AS7
Relations:p2p = {AS3, AS4}c2p = {(AS2, AS23, (AS5,AS4), (AS1, AS2), (AS6, AS5), (AS7,AS5)}
p2p
18
AS Relations : example
AS3
AS2
AS4
AS5
AS1 AS6 AS7
p2p
Relations:p2p = {AS3, AS4}c2p = {(AS5, AS4} (AS2,AS3) (AS1, AS2), (AS6, AS5), (AS7,AS5)}
19
AS Relations : example
AS3
AS2
AS4
AS5
AS1 AS6 AS7
p2p
Relations:p2p = {AS3, AS4}c2p = {(AS5, AS4, (AS2,AS3), (AS1, AS2), (AS6, AS5), (AS7,AS5)}
20
Active Verification : example
ASXXX
TracerouteOne remote node – one path
21
Active Verification : example
ASXXX
Ping –R with source from ASXXXOne remote node – count(neighbors) * path
AS1
AS2
Echo request
Echo reply
22
Quiz!
1. Why We need AS relation and policy discovery?
BGP Route Prediction, AS Design2. What have been already done?Physical link discovery, classterization3. What opportunities does it give?Active route policy discovery 4. What opportunities does it give?BGP Route Prediction, AS Design
23
How to make You interested in my
results?
24
Qrator Radar
1. AS Relations2. BGP Route Prediction3. AS Design4. Security Issues5. Rates
25
AS Relations
Rates: peering, customers, providers
26
BGP Route Prediction
27
Route Withdraw
28
Prepend Policy
29
AS Design
30
Security Issues
1. Default Route Errors2. BGP Route Loops3. DDoS Amplifires4. Bots > 30 % of ASes are affected!
31
Security Issues
32
Botnet map
33
Quiz!
1. Why We need AS relation and policy discovery?
BGP Route Prediction, AS Design2. What have been already done?Physical link discovery, classterization3. What have we done?Active route policy discovery 4. What opportunities does it give?BGP Route Prediction, AS Design
34
Future Work
Drop detection -> Prediction how to overcome it using
prepend policy
35
Qrator Radarradar.qrator.net