Inferring Autonomous System Relationships in the Internet Lixin Gao Presented by Santhosh R Thampura

1
Inferring Autonomous System Relationships in the
InternetLixin GaoPresented bySanthosh R
Thampuran
2
Contents

• Motivation
• Background
• AS Relationships
• Heuristic Algorithms
• Experimental Results

3
Motivation

• Interdomain routing in the Internet is
  coordinated by BGP
• BGP allows each AS to choose its own policy in
  selecting routes and propagating reachability
  information to others

4
Motivation (contd.)

• These routing policies are constrained by the
  contractual commercial agreements between
  administrative domains
• For example AS sets policy so that it does not
  provide transit services between its providers

5
Motivation (contd.)

• Since routing between ASes is controlled by BGP-
  a policy based routing protocol, connectivity
  does not imply reachability
• Also, connectivity alone can not fully
  characterize the structural properties of the
  internet

6
Motivation (contd.)
National ISP B
National ISP A
Regional ISP C
7
Motivation (contd.)

• Hence there is a necessity to classify the types
  of routes that can appear in BGP routing tables
  based on the relationships between the ASes in
  the path

8
Background

• connectivity between ASes can be modeled using an
  AS graph
• G (V,E)
• node set V consists of ASes
• edge set E consists of AS pairs that exchange
  traffic
• between each other

9
Background (contd.)
10
Background (contd.)

• The degree of an AS is the number of ASes that
  are its neighbors
• An AS uses import policies to transform incoming
  route updates

11
Background (contd.)

• We consider a BGP session (u,v) ? E between two
  ASes, u and v
• v receives a set of route updates R from u
• import(u,v)R represents vs update set after
  applying the import policy

12
Background (contd.)

• loop avoidance rule
• if v ? r.as_path, then import(l,v)r
• B(u,d) denotes the best route selected by u for
  prefix d
• AS u applies export policies export(v,u) to its
  best route set, R, for sending to a neighboring
  AS v

13
Background (contd.)

• The routing table entry in AS u for destination d
  is a route with empty AS path, denoted as e(u,d),
  if u originates prefix d
• Otherwise, it depends on the best route of its
  neighboring AS v, B(v,d), as well as the import
  policies of u from v and the export policies of v
  to u

14
Background (contd.)
For the sake of simplicity, we assume that the AS
path in the BGP routing table entry is
proprocessed so that no AS appears more than once
- no additional information
15
AS Relationships

• The commercial agreements between pairs of
  administrative domains can be classified into
• customer-provider relationship
• peering relationship
• mutual-transit relationship

16
AS Relationships

• We classify the relationship between a pair of
  Autonomous Systems into
• customer-to-provider relationship
• provider-to-customer relationship
• peer-to-peer relationship
• sibling-to-sibling relationship

17
AS Relationships

• An annotated AS graph is a partially directed
  graph whose nodes represent ASes and whose edges
  are classified into
• provider-to-customer
• customer-to-provider
• peer-to-peer
• sibling-to-sibling

18
AS Relationships
19
Rules governing BGP export policy
20
Selective Export Rule

• An AS does not provide transit services between
  any two of its providers and peers
• The selective export rule indicates that a BGP
  routing table entry should have a certain pattern

21
704
702
1849
701
22
Lemma

• If u0s BGP routing table contains an entry with
  AS path (u1,u2,,un) for destination prefix d,
  then,
• (a) any node ui selects a route with as_path
  (ui1,,un) as the best route to prefix d, and,
• (b) ui exports its best route ui-1

23
Valley-free property
No V-shape possible
24
Valley-free property
No Step possible
25
Valley-free property
No Step possible
26
Valley-free property
AS2
AS6
AS3
AS1
AS5
AS4
provider-to-customer edge
AS path (1,2,3) is valley-free
peer-to-peer edge
sibling-to-sibling edge
27
Valley-free property
AS2
AS6
AS3
AS1
AS5
AS4
provider-to-customer edge
AS path (1,2,6,3) is valley-free
peer-to-peer edge
sibling-to-sibling edge
28
Valley-free property
AS2
AS6
AS3
AS1
AS5
AS4
provider-to-customer edge
AS path (1,4,3) is not valley-free
peer-to-peer edge
sibling-to-sibling edge
29
Valley-free property
AS2
AS6
AS3
AS1
AS5
AS4
provider-to-customer edge
AS path (2,1,3,6) is not valley-free
peer-to-peer edge
sibling-to-sibling edge
30
Valley-free property

• After traversing a provider-to-customer or
  peer-to-peer edge, the AS path can not traverse a
  customer-to-provider or peer-to-peer edge.
• Formally, an AS path (u1,u2,,un) is valley-free
  iff the following conditions hold true
• A provider-to-customer edge can be followed by
  only provider-to-customer or sibling-to-sibling
  edges
• A peer-to-peer edge can be followed by only
  provider-to-customer or sibling-to-sibling edges

31
Theorem

• If all ASes set their export policies according
  to the selective export rule, then the AS path in
  any BGP routing table entry is valley-free
• This basically shows that the selective export
  policy and the lemma ensures that the AS path of
  a BGP routing table entry has the valley-free
  property

32
Case(a) provider-to-customer edge that is
followed by a customer-to-provider or
peer-to-peer edge
un
ui
un-1
ui1
u2
uk
u1
uk1
33
Case(a) provider-to-customer edge that is
followed by a customer-to-provider or
peer-to-peer edge
un
ui
un-1
ui1
u2
uk
u1
uk1
34
Case(a) provider-to-customer edge that is
followed by a customer-to-provider or
peer-to-peer edge

• (ui,ui1) is provider-to-customer
• (uj,uj1) is the first customer-to-provider or
  peer-to-peer
• (uj-1,uj) is either provider-to-customer or
  sibling-to-sibling
• from lemma, the best route to destination d
  selected by uj is (uj1,,un) and it exports this
  route to uj-1
• contradiction since uj-1 and uj1 are provider or
  peer of uj

35
Case(b) peer-to-peer edge is followed by a
customer-to-provider or peer-to-peer edge

• can apply similar argument as in case(a)
• The valley-free property enables us to identify
  patterns for BGP routing table entries

36
Routing Table Entry Patterns

• Downhill Path a sequence of edges that are
  either provider-to-customer or sibling-to-sibling
• Uphill Path a sequence of edges that are either
  customer-to-provider or sibling-to-sibling

37
Routing Table Entry Patterns

• An AS path of a BGP routing table entry has one
  of the following patterns
• an uphill path
• a downhill path
• an uphill path followed by a downhill path
• an uphill path followed by a peer-to-peer edge
• a peer-to-peer edge followed by a downhill path
• an uphill path followed by a peer-to-peer edge
  followed by a downhill path

38
Routing Table Entry Patterns

• This can be classified into
• maximal uphill path, peer-to-peer edge and
  maximal downhill path in order, or
• maximal uphill path and the maximal downhill path
  in order

39
Routing Table Entry Patterns
40
Heuristic Algorithms

• The Algorithm for inferring AS relationships is
  based on the fact that ASes set up their export
  policies according to the relationships and on
  the resulting patterns on BGP routing table
  entries
• It is also based on the intuition that a provider
  typically has a larger size than its customer and
  the size of an AS is typically proportional to
  its degree in the AS graph

41
Heuristic Algorithms

• top provider of an AS path is the AS that has the
  highest degree among all ASes in the path
• we can infer that consecutive AS pairs on the
  left of the top provider are customer-to-provider
  or sibling-to-sibling edges and on the right are
  provider-to-customer or sibling-to-sibling edges
  

42
Algorithms for Inferring Provider-Customer and
Sibling-to-Sibling Relationships
43
Basic Algorithm

• Input BGP routing table RT
• Output Annotated AS graph G
• Phase 1 Compute the degree for each AS
• Phase 2 Parse AS path to initialize consecutive
  AS pair relationship
• Phase 3 Assign relationship to AS pairs

44
Phase 1 (Compute the degree for each AS)
uj
uj1
u2
un-1
when i 1, neighborui neighborui ?
ui1 neighborui1 neighborui1 ? ui
u1
un
45
Phase 1 (Compute the degree for each AS)
uj
uj1
u2
un-1
degreeu1 neighboru1
u1
un
46
Phase 2 (Parse AS path to initialize consecutive
AS pair relationship)
uj
uj1
u2
un-1
Smallest j such that degreeuj max1?i ?
ndegreeui
u1
un
47
Phase 2 (Parse AS path to initialize consecutive
AS pair relationship)
uj
uj1
transientuj1,uj 1
u2
un-1
transientu1,u2 1
transientun,un-1 1
u1
un
48
ub
ua
uc
uj
uj1
ud
u2
un-1
u1
un
49
ub
ua
transientua,ub 1
uc
transientud,u2 1
ud
u2
transientu2,u1 1
u1
50
ub
ua
transientua,ub 1
uc
uj
uj1
transientuj1,uj 1
transientud,u2 1
ud
u2
un-1
transientun,un-1 1
u1
un
transientu1,u2 1 transientu2,u1 1
51
Phase 3 (Assign relationship to AS pairs)

• if transientui,ui1 1 and transientui1,ui
  1
• relationshipui,ui1 sibling-to-sibling
• else if transientui1,ui 1
• relationshipui,ui1 provider-to-customer
• else if transientui,ui1 1
• relationship ui,ui1 customer-to-provider

52
ub
ua
transientua,ub 1
provider-to-customer edge
uc
peer-to-peer edge
sibling-to-sibling edge
uj
uj1
transientuj1,uj 1
transientud,u2 1
u2
un-1
transientun,un-1 1
u1
un
transientu1,u2 1 transientu2,u1 1
53
Refined Algorithm

• Top provider may not have the highest degree -
  possibility of incorrect inference of
  relationships
• let each routing table entry vote on the
  relationship of an AS pair
• if a sibling-to-sibling relationship is concluded
  by only one entry, we ignore it

54
Refined Algorithm

• If all routing table entries agree that an AS
  pair has a provider-to-customer (or
  customer-to-provider) relationship, then the AS
  has that relationship
• If only one routing table entry infers that an AS
  pair has a provider-to-customer (or
  customer-to-provider) relationship and more than
  one entry infer that an AS pair has a
  customer-to-provider (provider-to-customer)
  relationship, then the AS pair has a
  customer-to-provider (provider-to-customer)
  relationship

55
Refined Algorithm

• For all other cases, the AS pair has a
  sibling-to-sibling relationship
• Unlike the basic algorithm, the refined algorithm
  ignores some routing table entries

56
Refined Algorithm

• Input BGP routing table RT
• Output Annotated AS graph G
• Phase 1 Compute the degree for each AS
• Phase 2 Count the number of routes that infers
  an AS pair as having a provider-to-customer or
  customer-to-provider relationship
• Phase 3 Assign relationship to AS pairs

57
Algorithm for Inferring Peer-to-Peer Relationships
58
Final Algorithm

• Peer-to-peer edge between top provider and one of
  its neighbors only
• If the top provider has sibling-to-sibling
  relationship with one of its neighbors, then it
  has a peer-to-peer relationship with the other
  neighbor
• We use the heuristic that peer-to-peer edge is
  between the top provider and its neighboring AS
  that has a higher degree because such edges are
  between ASes of comparable sizes
• We also use the heuristic that the degrees of two
  peers do not differ significantly - ASes having
  peer-to-peer relationship do not differ by more
  than R times

59
Final Algorithm

• Input BGP routing table RT
• Output Annotated AS graph
• Phase 1 Use either Basic or Refined algorithm to
  coarsely classify AS pairs into having
  provider-to-customer or sibling-to-sibling
  relationships
• Phase 2 Identify AS pairs that can not have a
  peer-to-peer relationship
• Phase 3 Assign peer-to-peer relationships from
  rest of the connected AS pairs as long as the
  pair degrees do not differ by more than R times

60
Phase 2
Uj-1
uj
uj1
u3
Un-2
degreeuj-1 lt degreeuj1
u2
un-1
u1
un
61
Phase 3
Uj-1
uj
uj1
u3
Un-2
degreeuj / degreeuj1 lt R and degreeuj /
degreeuj1 gt 1/R
u2
un-1
u1
un
62
Experimental Results
63
Inference Results
64
Verification of Inferred Relationships by ATT
Comparing inference results from Basic and
Final(R ) with ATT internal information
8
65
Verification of Inferred Relationships by ATT
Comparing inference results from Refined and
Final(R ) with ATT internal information
8
66
Verification of Inferred Relationships by ATT
Comparing inference results from Basic and
Final(R60) with ATT internal information
67
WHOIS lookup Service

• supplies the name and address of the company that
  owns an AS
• we can confirm that an AS pair has
  sibling-to-sibling relationship if they belong to
  the same company or two merging companies
• we also confirm that two AS pairs have
  sibling-to-sibling relationship if they belong to
  two small companies that are located in the same
  city

68
WHOIS lookup Service

• 101 of the 186 inferred sibling-to-sibling
  relationships were confirmed (more than 50)
• unconfirmed sibling-to-sibling can attribute to
  the fact that WHOIS service is not up to date

69
Applications of AS Relationships

• can help in the construction of distance map and
  the placement of the proxy or mirror site servers
• can help ISPs or domain administrators to achieve
  load balancing and congestion avoidance
• can help ISPs or companies to plan for future
  contractual agreements
• can help ISPs to reduce the effect of the
  misconfiguration and to debug router
  configuration files
• can potentially avoid route divergence problem
• can verify the consistency of information in the
  Internet Routing Registry (IRR)

70
Thank You