|
|
You are hereHome » NANOG Meeting Presentation Abstract
|
|
NANOG Meeting Presentation Abstract
| Research Forum: Nemecis - A Tool to Analyze the IRR Registries | | Meeting: | NANOG30 | |
| Date / Time: | 2004-02-09 4:20pm - 5:00pm | |
| Room: | Symphony Ballroom II - IV | |
| Presenters: | Speakers:
Georgos Siganos, UC Riverside. | |
| Abstract: | One of the few efforts to develop a globally analyzable and secure Internet is the creation of the Internet Routing Registries (IRRs). IRRs provide a voluntary detailed repository of BGP policy information. The IRR effort has not reached its full potential for two reasons: a) extracting useful information is far from trivial, and b) the accuracy of the data is uncertain. In this presentation, we provide a brief overview of our systematic approach to analyze the policy information stored in the IRRs.
There exist a number of tools to measure actual BGP routing, such as ping, traceroute, looking glass, BGP table dumps, etc. But there does not exist a tool to bridge the gap between intended policy (configuration) and actual routing. Internet Routing Registries contain the policy of a large number of networks expressed in a high-level language. These registries are often considered to be useless and outdated, based primarily on empirical evidence. To the best of our knowledge, there does not exist a tool that can analyze these policies, and check their validity or freshness.
The registries are maintained manually and on a voluntary basis to a large extent, and the policies remain as simple text. Thus, analyzing the IRR is not a trivial task. The difficulties include a) RPSL is very flexible, so policies can be very complex, b) there can be many different ways to express the same policy, c) the registries can contain inaccurate, and incomplete data. At the same time, having a tool that can analyze the policy information stored in IRRs, and more specifically RPSL-based policies, is important during the configuration and operation phases.
During the configuration phase we can check the registered policy for correctness. During the operation phase, we can check (offline) whether the intended policy matches the actual routing. In fact, our tool is among the first public tools to analyze the IRR policies. A long-term goal of the RIPE Routing Information Service is to validate the policies that Autonomous Systems register, and thus increase the robustness of BGP. Our work here is the first step in reaching this ambitious goal.
Our tool, Nemecis, which stands for Network ManagEment and ConfIguration System, consists of two parts. First, we convert the policies using filters to an equivalent link-level policy. In the link-level policy, we replace the export and import filters, with a boolean matrix that describes the relation between the links for an AS. For example, if we import a route from link i, and export that route to link j, then the value of the matrix at (i,j) will be true.
By converting the problem to the link level, the problem becomes independent of the different kinds of implementations of the policy, or about specific routes or sets used in the filters. This way we can concentrate on how to model the actual policy. The second part is to infer the business policies using the link-level model. This part is independent of the first one. For example, we can enrich the business relations to include more types of relations, such as backup links, without changing the link-level approach. Finally, as a validation of our method, we check whether the registered policies agree with the actual Internet routing.
Our contributions can be summarized in the following points:
We provide Nemecis, an efficient tool to analyze the IRR/RPSL information. Our tool can be used to parse, clean, and infer the business relations found in the Internet Routing Registries, and create an easy-to-query relational database, where the policies are stored in tables and not as simple text.
Our tool can infer the policy with higher than 83% accuracy. We validate the policy from IRR against real routing tables. We consider the accuracy to be very good, if we take into account the quality of the registered policies.
We quantify the usefulness of the IRR information: we find that 28% of the ASes have both a consistent policy and are consistent with BGP routing tables. Note though that almost all are from a single registry, RIPE.
We identify common mistakes and problems in IRR registries. We discuss ways to overcome them so that the IRR can be used to automate the management and safety of Internet routing.
Our ambition is to establish our tool as a foundation and inspiration for two complementary goals. First, we would like to draw the interest of experts to develop efficient RPSL-based tools. Second, we would like to motivate practitioners and the related authorities to maintain and use the IRRs more. We think that one of the ways to succeed this is by establishing the practical potential of the IRR. We view our tool to be a promising first step in this direction.
The presentation will be based on the following paper: \"Analyzing BGP Policies: Methodology and Tool\", by Georgos Siganos and Michalis Faloutsos, which will appear in IEEE INFOCOM 2004.
For more details, please see http://www.cs.ucr.edu/~siganos/papers/Nemecis.pdf | |
| Files: |  Georgos Siganos Presentation(PDF)
 Research Forum: Nemecis - A Tool to Analyze the IRR Registries
| |
| Sponsors: | None. | |
Back to NANOG30 agenda. NANOG30 Abstracts- Making Sense of BGP
Speakers:
Tina Wong, Packet Design; Van JacobsonPacket Design; .Cengiz AlaettinogluPacket Design; .
- Making Sense of BGP
Speakers:
Tina Wong, Packet Design; Van JacobsonPacket Design; .Cengiz AlaettinogluPacket Design; .
- Making Sense of BGP
Speakers:
Tina Wong, Packet Design; Van JacobsonPacket Design; .Cengiz AlaettinogluPacket Design; .
- Real-time Global Routing Metrics
Speakers:
Jim CowieRenesys Corporation; .Andy T. OgielskiRenesys Corporation; .B.J. PremoreRenesys Corporation; .Eric A. SmithRenesys Corporation; .Todd UnderwoodRenesys Corporation; .
- Real-time Global Routing Metrics
Speakers:
Jim CowieRenesys Corporation; .Andy T. OgielskiRenesys Corporation; .B.J. PremoreRenesys Corporation; .Eric A. SmithRenesys Corporation; .Todd UnderwoodRenesys Corporation; .
- Real-time Global Routing Metrics
Speakers:
Jim CowieRenesys Corporation; .Andy T. OgielskiRenesys Corporation; .B.J. PremoreRenesys Corporation; .Eric A. SmithRenesys Corporation; .Todd UnderwoodRenesys Corporation; .
- Real-time Global Routing Metrics
Speakers:
Jim CowieRenesys Corporation; .Andy T. OgielskiRenesys Corporation; .B.J. PremoreRenesys Corporation; .Eric A. SmithRenesys Corporation; .Todd UnderwoodRenesys Corporation; .
- Real-time Global Routing Metrics
Speakers:
Jim CowieRenesys Corporation; .Andy T. OgielskiRenesys Corporation; .B.J. PremoreRenesys Corporation; .Eric A. SmithRenesys Corporation; .Todd UnderwoodRenesys Corporation; .
|
|
|
Media Releases
NANOG Meetings
