Loose Source Routing as a Mechanism for Traffic Policies

1
Loose Source Routing as a Mechanism for Traffic
Policies

• Katerina Argyraki and David R. Cheriton
• Presented by Thuan Huynh, Robert Patro, and
  Shomir Wilson

2
Overview

• Background and theory
• Implementation
• Applications
• Related works

3
Brief Review of LSRR

• Loose Source Record Routing (LSRR) is an option
  in IP.
• The sender specifies a list of IP addresses that
  the datagram must traverse.
• The route is loose the datagram can pass
  through other routers between any two addresses
  on the list.

4
LSRR Continued
General Format of the IP Source Route Option
39 bytes
code
len
ptr
IP addr 1
IP addr 2
IP addr 9
. . .
1 1 1 4 bytes 4 bytes
4 bytes
destD R1, R2, R3
Example of IP Source Routing
S
R1
R2
R3
D
destR1 R2, R3, D
destR2 R1, R3, D
destR3 R1, R2, D
destD R1, R2, R3
5
WRAP Wide-Area Relay Addressing Protocol

• WRAP runs on top of IP and uses loose-source
  routing, but implements it differently from IPs
  LSRR.
• WRAP and LSRR are
• Similar A WRAP packet includes a forward path
  and a reverse path. Every time a relay on the
  forward path is traversed, it is moved to the
  reverse path.
• Different The WRAP header (including the forward
  and reverse paths) is included as the beginning
  of the IP payload. The source and destination in
  the IP header are the next and previous hops
  taken by the packet.

6
WRAP Advantages Over LSRR

• Relaying of WRAP packets is easier to implement
  in hardware.
• Filtering of WRAP packets can be done with
  conventional wire-speed filters (similar to
  TCP/UDP-level filters).
• LSRR relaying or filtering requires processing
  the variable-length IP options field, typically
  requiring the CPU.

7
Transmit Policies

• WRAP enables a node to specify a transmit policy
  for each packet.
• An edge system can compute multiple paths to a
  destination, monitor them, and choose between
  them based on QoS needs.
• An access router that connects an edge network to
  the Internet computes paths and choices, or
• The end user (PC application, person) can specify
  outgoing traffic paths.
• Either way, the Internet core becomes purely a
  forwarding engine.

8
Receive Policies

• WRAP enables a node to specify a receive policy
  for each packet (accept, block, rate-limit)
  according to its end-to-end path.
• A victim of a DDoS attack can ask routers close
  to the attack sources to block bad traffic from
  them.
• This is implemented with Active Internet Traffic
  Filtering (AITF), which verifies requests are
  real node M cannot disrupt traffic between A and
  B unless M is on the path between them.

9
Alternatives to LSRR/WRAP

• Transmit policies with labels edge system tags
  each packet with a policy label that indicates
  how it should be routed.
• Good less burdensome on edge systems
• Bad each ISP knows only its own internal
  performance
• Receive policies via hop-by-hop traceback
  requests to rate-limit traffic propagate
  hop-by-hop upstream.
• Good again, less burdensome
• Bad core routers become a filtering bottleneck

10
Wrap Implementation The Header
0-7
8-15
16-23
24-31
protocol
length
foffset
reserved
reverse path
forward path

• protocol The higher layer protocol (UDP, TCP
  etc.).
• length The number of 32-bit addresses the
  reverse and forward paths
• foffset The offset into the list of addresses
  where forward path field
• starts
• reverse path List of 32-bit addresses
  corresponding to the end-point
• and relays already traversed
• forward path List of 32-bit addresses
  corresponding to the relays and
• end-point still ahead
• data Contains the higher level (protocol
  format) packet

data
11
RELAYING
S
D
A
B
12
WRAP IMPLEMENTATION Name-To-Path Resolution

• Wrap requires modification of current DNS
• Current DNS maps names to IP addresses
• Modified DNS maps names to domain-level paths
• How?
• Each realm gets internal external DNS server
• Internal responds to requests originating inside
  the realm.
• Provides mappings from domain names to WRAP
  paths
• External responds to requests originating outside
  the realm. Provides mappings from domain names to
  a tuple global prefix, IP
• Forward Reference (Incremental Deployment)
• State for WRAPID gateways can be instantiated
  during name resolution

13
WRAP IMPLEMENTATION Name-To-Path Resolution
S
D
A
B
14
DESIRABLE PROPERTIES Limited Path Spoofing

• WRAP limits the effectiveness of spoofing by its
  design.
• Property A Just as a destination addr. must be
  correct for delivery in IP, the forward path must
  be correct for delivery in WRAP.
• A malicious node may still spoof some other node
  by placing that nodes address in the reverse
  path.
• However, because of property A, the malicious
  nodes gateway will necessarily appear in the
  reverse path.

15
DESIRABLE PROPERTIES Limited Path Spoofing
IP Src C IP Dst D Fpath Rpath V,A,B
M
D
B
A
C
V
16
DESIRABLE PROPERTIES Low Packet Overhead

• WRAP chooses to explicitly include variable
  length lists of IP addresses in its headers.
• Seems as though it might introduce much larger
  headers than a scheme like NIRA, but how bad is
  it in practice?
• Mangoni and Pansiot 14, find that AS path
  distance appears to have a Gaussian distribution
  with a mean m, with 3
• 75 of AS pairs have a path length of AS pairs have a path length
• WRAP authors make the conservative assumption
  that each AS may be a collection of networks
  behind a NAT. This shifts the distribution
  average by 2.
• Still, 75 of WRAP headers would have a path
  length
  path length
• Also Mangoni and Pansiot found the empirical
  law
• The average distance, diameter and radius of the
  inter-domain graph of AS networks stays constant
• This law holds despite the fact that the of
  ASs grew by 40 during the duration of their study

17
DESIRABLE PROPERTIES Address Space

• Make IP addresses become routing tags and have NO
  end-to-end significance

S
A
B
D
D
18
DESIRABLE PROPERTIES Address Space

• Unlike NIRA and other schemes, globally unique
  addresses are not required
• IP addresses must only be unique within a realm.
• 4 billion addresses per realm.
• Relay addresses specify not just a specific
  router, but a pair router, outgoing realm .
  This is an artifact of a routers non-uniqueness
  in the global address space.

19
Similarity to IPNL

• IPNL is an NAT-extended architecture
• An address has 10 bytes, consists of
• Global IPv4 address
• Realm number
• Local IPv4 address
• Packets must be routed to global address first,
  then to the realm, and local address.

20
WRAPID Gateways

• Deploying WRAP is similar to placing every
  administrative domain behind NAT
• can be incremental
• must upgrade routers to WRAP capable
• hosts can be upgraded or not
• can support non-WRAP hosts by WRAPID gateways
  (WRAP to IP Domain)
• WRAPID gateways can implement IP ? WRAP and WRAP
  ? IP translating functionality.

21
WRAPID Gateways
S
D
A
B
WRAPID gateway
WRAPID gateway
Problems?
22
Applications

• Virtual Private Network
• Different sites are connected by WRAP relay nodes
• Policy-based routing
• Extended forwarding path check
• The source can be verified up to the trusted
  relay node.
• Multicast
• WRAPsec

23
Related works

• TRIAD (Translating Relaying Internet Architecture
  integrating Active Directories)
• RouteScience
• RON
• NIRA (Tuesday)
• IPNL and IPv44
• shim protocol
• router upgrade
• routing information in header

24

• Q A