research-article

Machiavellian routing: improving internet availability with BGP poisoning

Authors:

Ethan Katz-Bassett,

David R. Choffnes,

Thomas Anderson,

Arvind KrishnamurthyAuthors Info & Claims

HotNets-X: Proceedings of the 10th ACM Workshop on Hot Topics in Networks

Article No.: 11, Pages 1 - 6

https://doi.org/10.1145/2070562.2070573

Published: 14 November 2011 Publication History

Abstract

We propose a new approach to mitigate disruptions of Internet connectivity. The Internet was designed to always find a route if there is a policy-compliant path; however, in many cases, connectivity is disrupted despite the existence of an underlying valid path. The research community has done considerable work on this problem, much of it focused on short-term outages that occur during route convergence. There has been less progress on addressing avoidable long-lasting outages. Our measurements show that long-lasting events contribute significantly to overall unavailability.

To address these long-term problems, we develop a system, Machiavellian routing, for automatic failure remediation, centered around the use of BGP poisoning. With poisoning, an edge network can cause other networks to send traffic to it via paths that avoid a problem in a particular transit ISP. We describe the key challenges to using poisoning to improve Internet connectivity, and we develop a set of techniques to use it predictably, accurately, and effectively.

References

[1]

D. Andersen, H. Balakrishnan, F. Kaashoek, and R. Morris, Resilient overlay networks. In SOSP, 2001.

Digital Library

[2]

R. Austein, S. Bellovin, R. Bush, R. Housley, M. Lepinski, S. Kent, W. Kumari, D. Montgomery, K. Sriram, and S. Weiler. BGPSEC protocol. http://tools.ietf.org/html/draft-ietf-sidr-bgpsec-protocol.

[3]

BGPMux Transit Portal. http://tp.gtnoise.net/.

[4]

M. A. Brown, C. Hepner, and A. C. Popescu. Internet captivity and the de-peering menace. In NANOG, 2009.

[5]

R. Bush, O. Maennel, M. Roughan, and S. Uhlig. Internet optometry: assessing the broken glasses in Internet reachability. In IMC, 2009.

Digital Library

[6]

K. Chen, D. R. Choffnes, R. Potharaju, Y. Chen, F. E. Bustamante, D. Pei, and Y. Zhao. Where the sidewalk ends: Extending the Internet AS graph using traceroutes from P2P users. In CoNEXT, 2009.

Digital Library

[7]

L. Colitti. Internet Topology Discovery Using Active Probing. PhD thesis, University di "Roma Tre", 2006.

[8]

ec2. http://aws.amazon.com/ec2/.

[9]

L. Gao. On inferring autonomous system relationships in the Internet. IEEE/ACM TON, 2001.

Digital Library

[10]

K. P. Gummadi, H. V. Madhyastha, S. D. Gribble, H. M. Levy, and D. Wetherall. Improving the reliability of Internet paths with one-hop source routing. In OSDI, 2004.

Digital Library

[11]

J. P. John, E. Katz-Bassett, A. Krishnamurthy, T. Anderson, and A. Venkataramani. Consensus routing: The Internet as a distributed system. In NSDI, 2008.

Digital Library

[12]

E. Katz-Bassett, H. V. Madhyastha, V. K. Adhikari, C. Scott, J. Sherry, P. van Wesep, A. Krishnamurthy, and T. Anderson. Reverse traceroute. In NSDI, 2010.

Digital Library

[13]

E. Katz-Bassett, H. V. Madhyastha, J. P. John, A. Krishnamurthy, D. Wetherall, and T. Anderson. Studying black holes in the Internet with Hubble. In NSDI, 2008.

Digital Library

[14]

N. Kushman, S. Kandula, and D. Katabi. R-BGP: Staying connected in a connected world. In NSDI, 2007.

Digital Library

[15]

C. Labovitz, A. Ahuja, A. Bose, and F. Jahanian. Delayed Internet routing convergence. In SIGCOMM, 2000.

Digital Library

[16]

K. K. Lakshminarayanan, M. C. Caesar, M. Rangan, T. Anderson, S. Shenker, and I. Stoica. Achieving convergence-free routing using failure-carrying packets. In SIGCOMM, 2007.

Digital Library

[17]

H. V. Madhyastha, T. Isdal, M. Piatek, C. Dixon, T. Anderson, A. Krishnamurthy, and A. Venkataramani. iPlane: An information plane for distributed services. In OSDI, 2006.

Digital Library

[18]

D. Meyer. RouteViews. http://www.routeviews.org.

[19]

P. Mohapatra, J. Scudder, D. Ward, R. Bush, and R. Austein. BGP prefix origin validation. http://tools.ietf.org/html/draft-ietf-sidr-pfx-validate.

[20]

Outages mailing list. http://isotf.org/mailman/listinfo/outages.

[21]

UCLA Internet topology collection. http://irl.cs.ucla.edu/topology/.

[22]

W. Xu and J. Rexford. MIRO: Multi-path interdomain routing. In SIGCOMM, 2006.

Digital Library

Cited By

Krupp JRossow C(2021)BGPeek-a-Boo: Active BGP-based Traceback for Amplification DDoS Attacks2021 IEEE European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP51992.2021.00036(423-439)Online publication date: Sep-2021
https://doi.org/10.1109/EuroSP51992.2021.00036
Jin ZShi XYang YYin XWang ZWu J(2020)TopoScopeProceedings of the ACM Internet Measurement Conference10.1145/3419394.3423627(266-280)Online publication date: 27-Oct-2020
https://dl.acm.org/doi/10.1145/3419394.3423627
Jin YScott CDhamdhere AGiotsas VKrishnamurthy AShenker SLorch JYu M(2019)Stable and practical AS relationship inference with problinkProceedings of the 16th USENIX Conference on Networked Systems Design and Implementation10.5555/3323234.3323282(581-597)Online publication date: 26-Feb-2019
https://dl.acm.org/doi/10.5555/3323234.3323282
Show More Cited By

Index Terms

Machiavellian routing: improving internet availability with BGP poisoning
1. Networks
  1. Network protocols

Recommendations

Routing Protocols: RIP and BGP Rbsw05e
Practical Interdomain Routing Security

This article reviews risks and vulnerabilities in interdomain routing and best practices that can have near-term benefits for routing security. It includes examples of routing failures and common attacks on routers, and countermeasures to reduce router ...
Dynamics of hot-potato routing in IP networks

Despite the architectural separation between intradomain and interdomain routing in the Internet, intradomain protocols do influence the path-selection process in the Border Gateway Protocol (BGP). When choosing between multiple equally-good BGP routes, ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

HotNets-X: Proceedings of the 10th ACM Workshop on Hot Topics in Networks

November 2011

148 pages

ISBN:9781450310598

DOI:10.1145/2070562

General Chairs:
Hari Balakrishnan
MIT
,
Dina Katabi
MIT
,
Program Chairs:
Aditya Akella
University of Wisconsin-Madison
,
Ion Stoica
UC Berkeley

Copyright © 2011 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 November 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Funding Sources

Division of Computer and Network Systems

Conference

HOTNETS-X

Sponsor:

SIGCOMM

HOTNETS-X: Tenth ACM Workshop on Hot Topics in Networks

November 14 - 15, 2011

Massachusetts, Cambridge

Acceptance Rates

Overall Acceptance Rate 110 of 460 submissions, 24%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
137
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)1

Reflects downloads up to 15 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Krupp JRossow C(2021)BGPeek-a-Boo: Active BGP-based Traceback for Amplification DDoS Attacks2021 IEEE European Symposium on Security and Privacy (EuroS&P)10.1109/EuroSP51992.2021.00036(423-439)Online publication date: Sep-2021
https://doi.org/10.1109/EuroSP51992.2021.00036
Jin ZShi XYang YYin XWang ZWu J(2020)TopoScopeProceedings of the ACM Internet Measurement Conference10.1145/3419394.3423627(266-280)Online publication date: 27-Oct-2020
https://dl.acm.org/doi/10.1145/3419394.3423627
Jin YScott CDhamdhere AGiotsas VKrishnamurthy AShenker SLorch JYu M(2019)Stable and practical AS relationship inference with problinkProceedings of the 16th USENIX Conference on Networked Systems Design and Implementation10.5555/3323234.3323282(581-597)Online publication date: 26-Feb-2019
https://dl.acm.org/doi/10.5555/3323234.3323282
Schlinker BArnold TCunha IKatz-Bassett EMohaisen AZhang Z(2019)PEERINGProceedings of the 15th International Conference on Emerging Networking Experiments And Technologies10.1145/3359989.3365414(51-67)Online publication date: 3-Dec-2019
https://dl.acm.org/doi/10.1145/3359989.3365414
Goldberg SSchapira MHummon PRexford J(2019)How secure are secure interdomain routing protocols?Computer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2014.05.00770(260-287)Online publication date: 6-Jan-2019
https://dl.acm.org/doi/10.1016/j.comnet.2014.05.007
Arnold TSchlinker BCunha ÍKatz-Bassett E(2018)Controlling Real Cloud Experiments from BGP to the Server (and Back)Proceedings of the ACM SIGCOMM 2018 Conference on Posters and Demos10.1145/3234200.3234247(123-125)Online publication date: 7-Aug-2018
https://dl.acm.org/doi/10.1145/3234200.3234247
Sobrinho J(2017)Correctness of Routing Vector Protocols as a Property of Network CyclesIEEE/ACM Transactions on Networking (TON)10.1109/TNET.2016.256760025:1(150-163)Online publication date: 1-Feb-2017
https://dl.acm.org/doi/10.1109/TNET.2016.2567600
Nicutar CPaasch CBagnulo MRaiciu CHuici FSekar V(2013)Evolving the internet with connection acrobaticsProceedings of the 2013 workshop on Hot topics in middleboxes and network function virtualization10.1145/2535828.2535834(7-12)Online publication date: 9-Dec-2013
https://dl.acm.org/doi/10.1145/2535828.2535834

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents