Announcement - PowerPoint PPT Presentation

1 / 36
About This Presentation
Title:

Announcement

Description:

Safe BGP system guarantees that group of ASes will reach stable state. BGP Model ... any fair activation sequence , proof by induction on ASes, in same order ... – PowerPoint PPT presentation

Number of Views:27
Avg rating:3.0/5.0
Slides: 37
Provided by: Davi345
Category:

less

Transcript and Presenter's Notes

Title: Announcement


1
Announcement
  • Slides and reference materials available at
  • http//www.cs.purdue.edu/homes/yau/tsinghua-cours
    e2006

2
Stable Internet Routing Without Global
Coordination(based on Gao and Rexford)
Application of materials learned in Lecture 1
3
Guaranteed Convergence by Global Coordination
  • Internet routing registry
  • Require all routing policies be registered
  • Check for consistency
  • Problems
  • ISPs not willing to reveal their policies
  • Consistency check is NP complete
  • Possible divergence after policy change or node /
    link failure

4
Guaranteed Convergence by Distributed Approach
  • Prescription of set of guidelines for ASes to
    follow
  • Certain policies are disallowed
  • Observance of guidelines ensures convergence
  • Independent of underlying network topology
  • Guidelines based on
  • Internet hierarchical structure
  • Commercial relationships between ASes

5
AS Commercial Relationships
  • Customer-provider
  • Customer pays provider for service
  • Peer-to-peer
  • Agreement between ASes to exchange traffic
    between their customers
  • Frequently no exchange of money
  • Relationship assumed equal usage
  • Peering agreements usually treated as business
    secrets
  • Backup
  • Service in case of failures

6
Guidelines for Convergence
  • Routing preferences
  • Routing via customer link preferred over provider
    / peer link
  • Backup links always least preferred
  • AS free to choose local policies within each
    preference class
  • Guidelines not in BGP, but agree with ISP routing
    practice
  • Registry can be simplified to check only
    relationships between AS pairs

7
Internet Architecture
  • ASes are autonomous
  • Detailed knowledge of topology within AS
  • Limited knowledge of topology about other ASes
  • ASes interconnected at public IXPs or dedicated
    point-to-point links
  • Example IXPs Mae-East, Mae-West
  • Connectivity does not imply flow of traffic
  • Routes must be established through BGP

8
BGP Route Maintenance
  • Routes constructed by propagation of BGP
    advertisements
  • advertisement prefix attributes
  • Upon receipt of advertisement, BGP speaker
    decides whether to use path, and whether to
    propagate path
  • Routes removed by BGP withdrawals
  • Withdrawal leads to sequence of withdrawals by
    upstream ASes using path withdrawn

9
BGP Route Selection
  • BGP allows many routing policies
  • Local preference (reflecting AS relationships)
  • Community attribute (hint to neighbor on
    preference that should be given to a route)
  • MED (control over how traffic from neighbors
    enters AS)
  • Otherwise, neighbors use hot potato routing
  • AS path prepending (ingress traffic engineering)

10
Advertisement Processing
  • Import policies
  • Which routes to consider for use
  • Path selection
  • Which imported route to use as best route
  • Export policies
  • Whether best route is advertised to a neighbor
  • If so, what to advertise? (route can change since
    their attributes can change)

11
BGP Protocol Dynamics
  • Route convergence not guaranteed
  • Group of ASes may continually advertise and
    withdraw routes to a prefix because of policy
    conflicts
  • Convergence concepts
  • Group of ASes in stable state when no AS would
    change its routes
  • Safe BGP system guarantees that group of ASes
    will reach stable state

12
BGP Model
eBGP
  • Clustered graph G (N, V, E)
  • a(i) denotes AS of BGP speaker i

iBGP
BGP speaker
AS 1
AS 3
AS 2
13
Route Update Notation
  • For route update r
  • r.prefix destination prefix
  • r.next_hop next hop address
  • r.as_path as path
  • r.local_pref local preference
  • r.med multiplex exit discriminator
  • r.c_set community set

14
BGP Processing Notations
  • BGP speaker v, eBGP session between two BGP
    speakers
  • Import
  • For set of updates R, set of updates remaining
    after applying implicit import policy of v on
    edge l im_import(l,v)R
  • For explicit update policy ex_import(l,v)R
  • Overall import policy
  • import(l,v)R ex_import(l,v)im_import(l,v)R
  • Route selection
  • For set of route updates S, best route for each
    prefix picked from S Select(S)

15
BGP Processing Notations (contd)
  • Export
  • BGP speaker u applies implicit export policy on
    link l to neighbor v im_export(l,u)
  • For explicit export policy ex_export(l,u)
  • Overall export policy
  • export(l,u)R ex_export(l,u)im_export(l,u)R

16
Distributed Path Selection
  • Distributed and asynchronous process by all BGP
    speakers, for a prefix d
  • Triggered by advertisements / withdrawals
  • Sufficient for BGP speaker to remember only its
    own best route
  • System state is vector s (s1,sn), where si is
    route chosen by speaker i

17
Speaker Activation
  • System state changes when BGP speaker(s) apply
    route selection process
  • Speaker is activated when it has considered
    everything for triggering route s i.e., it has
    applied
  • Export policies of all its neighbors
  • Import policies of itself
  • BGP route selection
  • Activation order not deterministic due to
    asynchronous execution of protocol
  • At given time, a subset A of speakers are
    activated

18
Evolution of System State
  • System state s changes into next state s
  • For i ? A
  • si BestRoute(i,s) (best route chosen by i
    based on routes chosen by each speaker)
  • For i ? A
  • si si
  • s -gtA s denotes state change from s to s based
    on activation set A
  • State s is stable iff s -gtA s for any A

19
Activation Sequence
  • ?(j) denotes j-th activation in activation
    sequence ?
  • (Infinite) sequence is fair if it has infinitely
    many j s.t. i ? ?(j), for each speaker i
  • BGP system converges for ? and s0 if there is
    finite j s.t. s0 -gt?(1) s1 -gt?(j) sj and sj is
    stable
  • BGP system may have a stable state but is not
    converging

20
Stable state AS 1 (2,0) AS 2 (0)
(2,0) (0)
AS 1
AS 0
originates prefix d
AS 2
(1,0) (0)
21
Safe BGP System
  • BGP system is safe if it has a stable state and
    converges under any fair activation sequence and
    any initial state
  • BGP system is inherently safe it it is safe and
    remains safe after removing any nodes / edges

22
AS Relationships
  • Customers, providers, and peers of AS a
    customer(a), provider(a), peer(a)
  • Route r is customer (provider, peer) route of a
    if next hop AS in r.as_path is in customer(a)
    (provider(a), peer(a))

23
Rules for BGP Export Policies
  • Export to provider
  • Can export own routes and routes of customers,
    but not routes from providers / peers
  • AS does not provide transit for its provider
  • Export to customer
  • Can export own routes, and routes from providers
    / peers
  • AS provides transit for its cusomers
  • Export to peer
  • Same as for provider

24
Hierarchical Relationships
  • Customer-provider relationship assumed
    hierarchical
  • In practice, AS chooses a larger AS as provider
  • Any direct / indirect provider of u cannot be a
    customer of u
  • Provider-to-customer graph is a DAG

25
Guideline A
  • AS prefers a route via a customer to a route via
    a provider / peer
  • Set by r.loc_pref
  • Theorem 1 For a BGP system that has only
    customer-provider and peer-peer relationshps, if
    all ASes follow A, the system is inherently safe

26
Lemma 1 The BGP system has a stable state
  • Activate ASes in a two phase activation sequence
    ?
  • In phase 1, AS selects a customer route if one is
    available, following guideline A accomplished by
    activating ASes by customer-provider partial
    order
  • In phase 2, ASes that do not have a customer
    route after Phase 1 get provider or peer routes
    accomplished by activating ASes in
    provider-customer partial order

27
Claim 1 for Lemma 1 A Phase 1 BGP speaker
reaches a stable state after its activation in
phase 1
  • Proof by induction on the order that Phase 1
    speakers are activated in phase 1
  • Let Phase 1 BGP speaker i belong to ASn
  • Suppose all Phase 1 speakers that belong to an AS
    preceding ASn in Phase 1 reach a stable state
    after activation (induction hypothesis)
  • Speaker i selects best route from amongst its
    customer routes
  • Each such customer precedes ASn in ? either has
    reached a stable state or does not get a customer
    route in Phase 1

28
Claim 1 (contd)
  • A customer that does not get a customer route in
    Phase 1 does not export its route to i (by export
    policy rule)
  • Such a customers routing decisions do not affect
    is decisions

29
Claim 2 for Lemma 1 A Phase 2 speaker reaches a
stable state after its activation in Phase 2
  • Let AS0 be first Phase 2 speaker activated in
    Phase 2
  • Since AS0 is in Phase 2, its BGP speakers can
    only get routes from its peers / providers
  • For the peers, they are either stable after Phase
    1 (if they got a customer route), or they do not
    export their routes to AS0 (if their best route
    is a provider / peer route)
  • For the providers, they must be phase 1
    providers, and hence already stable when AS0 is
    activated

30
Claim 2 (contd)
  • Let Phase 2 speaker i belong to ASn
  • Suppose all BGP speakers that belong to an AS
    preceding ASn in Phase 2 reach a stable state
    after their activation in Phase 2 (induction
    hypothesis)
  • Since no customer route was learned in Phase 1, i
    must select route from its providers / peers
  • Each provider has already reached stable state
    (by ?)
  • Each peer is either Phase 1 AS or Phase 2 AS
  • If phase 1, peers route is already available to
    i when i is activated
  • If phase 2, peer selects route from its providers
    / peers such a route will not be announced to i

31
Lemma 2 The BGP System Converges to Stable State
for Any Initial State and Fair Activation Sequence
  • Given any fair activation sequence ?, proof by
    induction on ASes, in same order of ASes in ?
  • Originating AS stable after first activation
  • Suppose all speakers stable for ASes preceding
    ASn after ?(t)
  • Find t s.t. all speakers in ASn activated at
    least once between t and t these speakers all
    become stable after ?(t) (received all updates
    as in ?)

32
Proof of Theorem 1
  • Follows from Lemmas 1 and 2, and
  • Lemmas 1 and 2 are not affected by either node or
    link removals

33
Guideline B
  • Assumption P (constrained peer-peer
    relationships)
  • Peering only between similar ASes therefore
  • ASes do not peer with their direct / indirect
    providers
  • Guideline A can be relaxed to Guideline B
  • Peer route never more preferred than customer
    route
  • Provider route always less preferred than
    customer route
  • Under Assumption P, BGP system inherently safe if
    all ASes follow Guideline B

34
What About Backup Links?
  • If route does not have a backup link, follow
    Guidelines A and B, and give them higher local
    preferences than the backup local preference
  • If route has a backup link, give it the backup
    local preference
  • All backup links have the same local preference
  • Shortest paths first routing among the backup
    paths
  • Restriction can be relaxed

35
Robustness of Guidelines
  • Safety guidelines are independent of underlying
    network topology
  • Node / link failures
  • Relationship changes
  • Failures / changes trigger exchanges of route
    information, but guidelines ensure convergence
    after the changes

36
Discussions
  • AS relationships between different destination
    prefixes do not interact
  • Possible to have different policies for different
    prefixes (as long as guidelines are obeyed)
  • Approach avoids instability
  • Peace of mind effective despite dynamic
    operating conditions but
  • Can be overly conservative prevents otherwise
    useful policies
  • Alternative dynamic approach possible to detect
    and resolve conflicts when necessary
Write a Comment
User Comments (0)
About PowerShow.com