Feedback Based Routing

1
Feedback Based Routing

• By Dapeng Zhu, Mark Gritter, and David R. Cheriton

2
Outline

• Problems with BGP
• Our solution
• Analysis
• Applications
• Related Work

3
Problems with BGP

• Vulnerability
• Scalability
• Convergence Time

4
Feedback Based Routing

• Overview of system
• Structural Information Propagation
• Algorithm for Access Routers

5
Analysis

• Attack Resistance
• Terrorist Black Holes
• Check!
• Bogus SYN-ACK response
• Nothing to see here, moving along

6
Scalability

• Scales better than BGP for three reasons
• Route computation/propagation removed from
  critical path
• Availability of routing system does not depend on
  in-time computation of shortest paths
• Requirements on transit routers are substantially
  reduced

7
Scalability (cont)

• This last point is huge!
• Routing system for the Internet backbone should
  not be dependent on the exponential growth at the
  edge.
• Back of the envelope calculation shows
  something like a mere 50mb to store an entire
  routing table with our scheme

8
Applications

• Defend against The Terrorists(tm) and DoS attacks
• Our scheme would allow for people to throttle DoS
  traffic without having to contact upstream
  providers
• Recognition of a pattern in the DoS traffic is
  the only requirement.

9
Applications (cont)

• Virtual Links with Zero Failover Time
• BGP currently has terrible convergence time after
  a link failure
• We propose highly available virtual links with
  zero failover time

10
Overview

• Separate structural and dynamic information
• Core Role
• Forward Packets
• Propagate structural information
• Edge Role
• Routing Decisions
• End to end Probing

11
Structural Information Propagation

• Edges associated with timer
• Renewed with announcement
• Removed from structure at expiration
• Three rule sets for packet forwarding
• Positive
• Negative
• Traffic Engineering

12
Algorithm for Access Routers

• Determine two disjoint routes
• Measure RTT
• TCP
• ICMP
• Periodic Renewing of Backup Routes

13
Related Work

• Differences between previous Byzantine
  robustness strategies and ours
• Transit routers don't know network topology,
  making transit routers almost independent of
  network growth
• Since most network traffic is TCP, we use TCP SYN
  and SYN ACK packets as a measure of network
  performance
• We are concerned about scalability...they clearly
  were not.

14
Related Work (cont)

• Resilient Overlay Network
• Overlay network that tries to get around
  routing failures.
• We believe this is not sufficient.
• These only work when there are isolated routing
  failures
• An overlay network could not function during a
  The Terrorists(tm) Black Hole attack. Think about
  it.

15
Related Work (cont)

• RouteScience, Eye Networks, netVmg
• They do provide possible performance enhancement
  (Are these the people spamming me about Ciali?!)
  
• Since they are edge-only, however, they do not
  shield against widespread network failure

16
Conclusion

• Separation of Performance Information and
  Structural Information
• Routing in the backbone is reduced purely to
  Structural Information
• Access routers maintain more than one route.
• Helps fight The Terrorists(tm)

17
The End

• Questions?
• Comments?
• Forfeit from the losing Offense team?