jennifer rexford fall 2014 (tth 3:00-4:20 in cs 105) cos 561: advanced computer networks
DESCRIPTION
BGP Policies. Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks http://www.cs.princeton.edu/courses/archive/fall14/cos561/. BGP Route Selection. “ 12.34.158.0/24: path (2,1) ”. “ 12.34.158.0/24: path (1) ”. 2. 3. Border Gateway Protocol. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/1.jpg)
Jennifer Rexford
Fall 2014 (TTh 3:00-4:20 in CS 105)
COS 561: Advanced Computer Networks
http://www.cs.princeton.edu/courses/archive/fall14/cos561/
BGP Policies
![Page 2: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/2.jpg)
BGP Route Selection
2
![Page 3: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/3.jpg)
Border Gateway Protocol
• ASes exchange info about who they can reach– IP prefix: block of destination IP addresses–AS path: sequence of ASes along the path
• Policies configured by the AS’s operator–Path selection: which of the paths to use?–Path export: which neighbors to tell?
32 1
12.34.158.5
“12.34.158.0/24: path (2,1)”
“12.34.158.0/24:
path (1)”
data traffic data traffic
![Page 4: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/4.jpg)
Applying Policy to Routes
• Import policy–Filter unwanted routes from neighbor
E.g. prefix that your customer doesn’t own
–Manipulate attributes to influence path selection E.g., assign local preference to favored routes
• Export policy–Filter routes you don’t want to tell your neighbor
E.g., don’t tell a peer a route learned from other peer
–Manipulate attributes to control what they see E.g., make a path look artificially longer than it is
![Page 5: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/5.jpg)
BGP Policy: Influencing Decisions
Best Route Selection
Apply Import Policies
Best Route Table
Apply Export Policies
Install forwardingEntries for bestRoutes.
ReceiveBGPUpdates
BestRoutes
TransmitBGP Updates
Apply Policy =filter routes & tweak attributes
Based onAttributeValues
IP Forwarding Table
Apply Policy =filter routes & tweak attributes
Open ended programming.Constrained only by vendor configuration language
![Page 6: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/6.jpg)
BGP Decision Process on a Router
• Routing Information Base–Store all BGP routes for each destination prefix–Withdrawal message: remove the route entry–Advertisement message: update the route entry
• Selecting the best route–Consider all BGP routes for the prefix–Apply rules for comparing the routes–Select the one best route
Use this route in the forwarding table Send this route to neighbors
![Page 7: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/7.jpg)
BGP Decision Process• Highest local preference
– Set by import policies upon receiving advertisement
• Shortest AS path– Included in the route advertisement
• Lowest origin type– Included in advertisement or reset by import policy
• Smallest multiple exit discriminator– Included in the advertisement or reset by import policy
• Smallest internal path cost to the next hop– Based on intradomain routing protocol (e.g., OSPF)
• Smallest next-hop router id– Final tie-break
![Page 8: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/8.jpg)
Routing Policy
8
![Page 9: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/9.jpg)
Routing Policies
• Economics–Enforce business relationships–Pick routes based on revenue and cost–Get traffic out of the network as early as possible
• Traffic engineering–Balance traffic over edge links–Select routes with good end-to-end performance
• Security and scalability–Filter routes that seem erroneous–Prevent the delivery of unwanted traffic–Limit the dissemination of small address blocks
9
![Page 10: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/10.jpg)
Customer-Provider Relationship• Customer pays provider for Internet access –Provider exports customer’s routes to everybody–Customer exports only to downstream customers
d
d
provider
customer
customer
provider
Traffic to the customer Traffic from the customer
advertisements
traffic
![Page 11: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/11.jpg)
Peer-Peer Relationship
• Peers exchange traffic between customers –AS exports only customer routes to a peer–AS exports a peer’s routes only to its customers
peerpeer
Traffic to/from the peer and its customers
d
advertisements
traffic
![Page 12: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/12.jpg)
BGP Stability Without Global Coordination
12
![Page 13: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/13.jpg)
Three Restrictions on Policies• Route export–Do not export a route learned from one peers or
provider, to another
• Route selection–Prefer a route learned from a customer over a route
learned from a peer or provider
• AS graph–No cycle of provider-customer relationships
• Together: guarantee convergence to unique, stable route assignment
13
![Page 14: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/14.jpg)
Two Interpretations
• System is stable because ASes act like this–High-level argument
Export and topology assumptions are reasonable Path selection rule matches with financial incentives
–Empirical results BGP routes for popular prefixes stable for ~10 days Most instability from a few flapping destinations
• ASes should follow rules for system stability–Encourage operators to obey these guidelines–… and provide ways to verify the configuration–Need to consider more complex relationships
![Page 15: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/15.jpg)
Trading Off the Conditions• All three conditions are important–Route ranking, export policy, and graph structure
• Allowing more flexibility in ranking routes–Allow same preference for peer and customer routes –Never choose a peer route over a shorter customer route
• … at the expense of stricter AS graph assumptions–Hierarchical provider-customer relationship (as before)–No private peering with (direct or indirect) providers
Peer-peer
![Page 16: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/16.jpg)
Relaxing Export Rules [Feamster/Johari]• Goal: no restrictions on export and topology–Allow an AS to decide whether to export–Do not require hierarchical relationships
• Question–How much do you have to restrict path ranking to have a
guarantee that the system is safe?
• Answer–Limited to shortest-path routing
• Implications–Trade-off between safety, autonomy, & expressiveness
![Page 17: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/17.jpg)
Conclusion
• Interdomain routing policies–Local policies have global implications–Stability, scalability, security
• Next time: routing security–BGP vulnerabilities–Proposed security solutions–Deployment challenges
• Reminder–Project proposals due 5pm Friday
17
![Page 18: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/18.jpg)
Backup Slides: Multi-Homing
18
![Page 19: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/19.jpg)
Why Connect to Multiple Providers?
• Reliability–Reduced fate sharing–Survive ISP failure
• Performance–Multiple paths–Select the best
• Financial–Leverage through
competition–Game 95th-percentile billing
model
Provider 1 Provider 2
![Page 20: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/20.jpg)
The Stub AS Doesn’t Need to Speak BGP…
• Sending traffic–Assume both providers can reach everyone–Split traffic however you want (e.g., 50%/50%)–But… what if a provider can’t reach someone?–But… what if one provider has a better path?
Provider 1 Provider 2
L1 L20.0.0.0/0 L1, L2
One static route
![Page 21: Jennifer Rexford Fall 2014 (TTh 3:00-4:20 in CS 105) COS 561: Advanced Computer Networks](https://reader035.vdocuments.mx/reader035/viewer/2022062314/56812bdd550346895d904cbb/html5/thumbnails/21.jpg)
The Stub AS Doesn’t Need to Speak BGP…
• Receiving traffic–Both providers can announce the prefix into BGP–Ensures that everyone else can reach you–But… what if traffic load is very uneven?
Provider 1 Provider 2
12.34.158.0/24
Advertise 12.34.158.0/24
traffictraffic