schapira O

8/8/2019 schapira O

1/46

Putting BGP on the Right Path:

A Case for Next-Hop Routing

Michael Schapira

(Yale Universityand

UC Berkeley)

Joint work withYaping Zhuand Jennifer Rexford

(Princeton University)

8/8/2019 schapira O

2/46

Once Upon a TimeInternet Inter-Network Routing:

Small network

Single administrative entity NSFNET

Shortest-path routing distance-vector routing

Then....

8/8/2019 schapira O

3/46

Interdomain Routing

Over 35,000 Autonomous Systems (ASes)

Interdomain routing = routing between ASes

Border Gateway Protocol (BGP)

AT&T

Qwest

Comcast

Sprint

8/8/2019 schapira O

4/46

Todays Path-Based RoutingWith BGP

Complex! configuration errors, software bugs,

Bad convergence! persistent route oscillations, slow convergence,

Vulnerable to attacks! malicious, economically-driven, inadvertent,

and more, and more, and more

bad performance, clumsy traffic engineering,

8/8/2019 schapira O

5/46

How Can We FixInterdomain Routing?

One approach: add mechanisms toan already complex protocol route flap damping, S-BGP,

Another approach: redesign

interdomain routing from scratch HLP, NIRA, pathlet routing, consensus routing,

Our approach: simplify BGP!

8/8/2019 schapira O

6/46

Agenda

Our proposal: next-hop routing

Fast convergence and

Incentive-compatibility More scalable

multipath routing

Security, performance,traffic engineering

Conclusions and future research

merits

8/8/2019 schapira O

7/46

Background: Todays Path-Based Routing With BGP

AS is routing policy: ranking of simple routes from i to each destination d

export policy

BGP is a path-vector protocol

Receiveroute updatesfrom neighbors

Choose singlebestroute

(ranking)

Send routeupdates toneighbors

(export policy)

8/8/2019 schapira O

8/46

3 d

1

2

Background: Todays Path-Based Routing With BGP

32d > 31d

Dont export2d to 3

1, 2, Imavailable

3, Imusing 1d

a stable state is reached

8/8/2019 schapira O

9/46

AS-PATH = the Route of All Evil

AS-PATH: list of all ASes on path originally meant for loop-detection

The AS-PATH is to blame! error-prone, software bugs

no/slow convergence large attack surface

bad scalability, clumsy traffic engineering, badperformance,

8/8/2019 schapira O

10/46

Getting Off the AS-PATH

No way back to shortest-pathrouting

Our proposal: next-hop routing

make routing decisions based solelyon the next hop

relegate the AS-PATH to its

original role

8/8/2019 schapira O

11/46

Wish List Loop freedom

Fast Convergence

Security

Incentive compatibility

Business policies

Good performance Traffic engineering

Scalability

Simplicity

8/8/2019 schapira O

12/46

Expressiveness vs. Complexitycomplexity

expressiveness

not expressiveenough sufficientlyexpressive extremelyexpressive

simple

too complex

shortest-pathrouting

next-hoprouting!

BGPspath-based

routing

8/8/2019 schapira O

13/46

Next-Hop Routing Rules!

Rule 1: use next-hop rankings

4 d

3

5

1

2

4 > 3

541d >53

d >542d

8/8/2019 schapira O

14/46



Rule 2: prioritize current route to minimize path exploration [Godfrey-Caesar-Hagen-Singer-Shenker]

2

d

3

1

2=3Break ties infavor of lowerAS number

2=3Prioritizecurrentroute

8/8/2019 schapira O

15/46



Rule 2: prioritize current route

Rule 3: consistently export to avoid disconnecting upstream nodes [Feigenbaum-S-Ramachandran]

3 d41

2

1 > 2,Export 32d, butnot 31d, to 4

1 > 2,Export 31d

to 4

8/8/2019 schapira O

16/46




Rule 3: consistently export Defn: Node i consistently exports w.r.t.neighbor j if there is some route R s.t. each

route Q is exportable to j iff R i Q.

Defn: Node i consistently exports if itconsistently exports with respect to each

neighboring node j.

8/8/2019 schapira O

17/46




Rule 3: consistently export

3 deployment schemes Configure todays routers

Create new router configuration interface

Build new router software

8/8/2019 schapira O

18/46

Wish List Revisited Loop freedom

Security


Business policies


Scalability

Simplicity

8/8/2019 schapira O

19/46


Fast convergence?

Security

Incentive compatibility?

Business policies


Scalability?

Simplicity

8/8/2019 schapira O

20/46

Agenda

next-hop routing



multipath routing



merits

8/8/2019 schapira O

21/46

Existence of Stable State

Existence of stable state notguaranteed even with next-hop

rankings (Rule 1) [Feamster-Johari-Balakrishnan]

Thm: If the next-hop routing rules

hold, then a stable state exists inthe network.

What about (fast!) convergence?

8/8/2019 schapira O

22/46

BGP Oscillations

BGP not guaranteed to converge evenwith next-hop routing! [Griffin-Shepherd-Wilfong]

1

d

22 > d 1 > d

8/8/2019 schapira O

23/46

The Commercial Internet

ASes sign long-term contracts.

Neighboring pairs of ASes have: a customer-provider relationship

a peering relationship

peerproviders

customers

peer

8/8/2019 schapira O

24/46

Gao-Rexford Framework

3 simple conditions that are naturallyinduced by the AS-business-hierarchy. Topology condition, Preference condition, Export condition

If the Gao-Rexford conditions hold,then BGP is guaranteed to converge

to a stable state. [Gao-Rexford]

But, this might require exponentially-many forwarding changes! [Syed-Rexford]

8/8/2019 schapira O

25/46

Fast BGP Convergence

Thm: In the Gao-Rexford framework,next-hop routing convergence to a

stable state involves at most O(|L|2

)forwarding changes (|L| = # links). all network topologies

all timings of AS activations and updatemessage arrivals

all initial routing states

all initial beliefs

8/8/2019 schapira O

26/46

Simulations

C-BGP simulator

Cyclops AS-level topology,Jan 1st 2010 33,976 ASes, ~5000 non-stubs

Protocols BGP, Prefer Recent Route (PRR), next-hop routing

8/8/2019 schapira O

27/46

Simulations

Metrics# forwarding changes, # routing changes, # updates

Events prefix up, link failure, link recovery

Methodology 500 experiments

10,000 vantage points (all non-stubs, 5000 stubs)

8/8/2019 schapira O

28/46

Simulation Results(# Forwarding Changes)

maximum number ofBGP forwardingchanges > 20

maximum number ofrouting changes in

next-hop routing = 3

maximum number offorwarding changes

in PRR = 10

8/8/2019 schapira O

29/46

Simulation Results(# Routing Changes)

maximum number of BGProuting changes > 160

maximum number ofrouting changes in

next-hop routing < 20

maximum number ofrouting changesin PRR > 40

8/8/2019 schapira O

30/46

Simulation Results(# BGP Updates, Non-Stub ASes)

maximum number of BGP

updates > 6000

maximum number of

updates in next-hoprouting < 300 maximum number ofupdates in PRR > 1000

8/8/2019 schapira O

31/46

Simulation Results(# Routing Changes, The 0.1% Position)

8/8/2019 schapira O

32/46

Incentive CompatibleRouting Configurations

2

d

3 1d > 2

3 > d > 1

2

Each node is getting its best feasible next-hop

8/8/2019 schapira O

33/46

Next-Hop Routing isIncentive Compatible

Thm [Feigenbaum-Ramachandran-S]: In the

Gao-Rexford framework, next-hoprouting is incentive compatible.

(each node is guaranteed its bestfeasible next-hop)

8/8/2019 schapira O

34/46

Agenda

next-hop routing


Incentive-compatibility More scalablemultipath routing



merits

8/8/2019 schapira O

35/46

Multipath Routing

Exploiting path diversity to realize the ASs own objectives

customize route selection forneighboring ASes

But... multipath routing is notscalable!

disseminate and store multiple routes

8/8/2019 schapira O

36/46

Multipath Routing is Not Scalable!

d

1

2

34

P1

P2

Q1

Q2

Im using P1and P2

Im using Q1and Q2

Im using P1, P2,Q1 and Q2

8/8/2019 schapira O

37/46

From AS-PATH to AS-SET

Next-hop routing is moreamenable to multipath nodes dont care about entire paths other than for loop detection

Dont announce routes,announce sets! set = union of ASes on all routes

BGP route aggregation

N hb f

8/8/2019 schapira O

38/46

Neighbor-SpecificNext-Hop Routing

Customizing route selection forneighbors operational motivation [Kushman-Kandula-Katabi-Maggs]

economic motivation [Wang-S-Rexford]

C1

zC2

C3

d?

R1

R2

R3

Secure!

Short!

Cheap!

N hb f

8/8/2019 schapira O

39/46

Neighbor-SpecificNext-Hop Routing

Neighbor-Specific BGP [Wang-S-Rexford] implementable using existing tools

Results for convergence and

incentive compatibility extend tomultipath!

8/8/2019 schapira O

40/46


Security


Business policies


Scalability

Simplicity

8/8/2019 schapira O

41/46

Agenda

next-hop routing



multipath routing



merits

S i P f

8/8/2019 schapira O

42/46

Security, Performance,Traffic Engineering

Still open research questions

Handled (mostly) outside therouting protocol and what is handled within the protocol is not effective!

Next-hop routing makes thesituation better

S it P f

8/8/2019 schapira O

43/46

Security, Performance,Traffic Engineering

AS-PATH does not help large attack surface, shorter is not better,

Next-hop routing is better smaller attack surface, multipath!

[Andersen-Balakrishnan-Kaashoek-Rao] [Motiwala-Elmore-Feamster-

Vempala] [Xu-Rexford]

End-to-end mechanisms[Wendlandt-Avaramopoulos-Andersen-Rexford]

8/8/2019 schapira O

44/46

Agenda

next-hop routing



multipath routing



merits

C l i d

8/8/2019 schapira O

45/46

Conclusions andFuture Research

BGP is far too complicated!

New approach: simplify BGP without compromising global and local goals!

Directions for future research: getting rid of the AS-PATH?

software / configuration complexity

more theoretical and experimental work

8/8/2019 schapira O

46/46

Thank YouThank You

Documents

schapira O