research-article

Public Access

The parallel lives of autonomous systems: ASN allocations vs. BGP

Authors:

Eugenio Nerio Nemmi,

Francesco Sassi,

Massimo La Morgia,

Cecilia Testart,

Alessandro Mei,

Alberto DainottiAuthors Info & Claims

IMC '21: Proceedings of the 21st ACM Internet Measurement Conference

Pages 593 - 611

https://doi.org/10.1145/3487552.3487838

Published: 02 November 2021 Publication History

Abstract

Autonomous Systems (ASes) exist in two dimensions on the Internet: the administrative and the operational one. Regional Internet Registries (RIRs) rule the former, while BGP the latter. In this work, we reconstruct the lives of the ASes on both dimensions, performing a joint analysis that covers 17 years of data. For the administrative dimension, we leverage delegation files published by RIRs to report the daily status of Internet resources they allocate. For the operational dimension, we characterize the temporal activity of ASNs in the Internet control plane using BGP data collected by the RouteViews and RIPE RIS projects. We present a methodology to extract insights about AS life cycles, including dealing with pitfalls affecting authoritative public datasets. We then perform a joint analysis to establish the relationship (or lack of) between these two dimensions for all allocated ASNs and all ASNs visible in BGP. We characterize the usual behaviors, specific differences between RIRs and historical resources, as well as measure the discrepancies between the two "parallel" lives. We find discrepancies and misalignment that reveal useful insights, and we highlight through examples the potential of this new lens to help pinpoint malicious BGP activity and various types of misconfigurations. This study illuminates a largely unexplored aspect of the Internet global routing system and provides methods and data to support broader studies that relate to security, policy, and network management.

Supplementary Material

ZIP File (p593-nemmi.zip)

Supplemental material.

Download
2.36 MB

References

[1]

J. Abley and W. Sotomayor. May 2015. RFC7534: AS112 Nameserver Operations. https://tools.ietf.org/html/rfc7534

[2]

AfriNIC. [n. d.]. AfriNIC ftp. Retrieved 2020-05-17 from ftp://ftp.afrinic.net/pub/stats/afrinic/

[3]

AfriNIC. Sep. 2015. afrinic-10years. Retrieved 2020-05-11 from https://afrinic.net/ast/pdf/afrinic-10years-ab-sept-2015.pdf

[4]

Cisco and/or its affiliates. 2020. BGPmon. https://bgpmon.net/

[5]

APNIC. [n. d.]. APNIC ftp. Retrieved 2020-05-17 from https://ftp.apnic.net/stats/apnic/

[6]

APNIC. 2020. apnic erx resources. https://www.apnic.net/manage-ip/manage-historical-resources/erx-project/erx-asn-transfer/

[7]

ARIN. [n. d.]. ARIN ftp. Retrieved 2020-05-17 from ftp://ftp.arin.net/pub/stats/arin/

[8]

ARIN. 2020. erx resources. ftp://ftp.arin.net/erx/asn/erx-asns.txt

[9]

ARIN. 2021. WhoWas Service. https://www.arin.net/reference/research/whowas/

[10]

Jon Arnold, Olaf Maennel, Ashley Flavel, Jeremy McMahon, and Matthew Roughan. 2008. Quantitative analysis of incorrectly-configured bogon-filter detection. In 2008 Australasian Telecommunication Networks and Applications Conference. IEEE, 10--15.

[11]

Number Resource Organization (ASO). 2010. RIR Comparative Policy Overview 2010-03. https://www.nro.net/rir-comparative-policy-overview-2010-03/#1-3-3

[12]

bgpmon. Sep. 2014. Using BGP data to find Spammers. https://bgpmon.net/using-bgp-data-to-find-spammers/

[13]

V. Cerf. Aug. 1990. RFC 1174: IAB Recommended Policy on Distributing Internet Identifier Assignment and IAB Recommended Policy Change to Internet "Connected" Status. https://tools.ietf.org/html/rfc1174

[14]

Vint Cerf. Oct. 1969. RFC 20: ASCII format for Network Interchange. https://tools.ietf.org/html/rfc20

[15]

Jian Chang, Krishna K Venkatasubramanian, Andrew G West, Sampath Kannan, Boon Thau Loo, Oleg Sokolsky, and Insup Lee. 2011. AS-TRUST: A trust quantification scheme for autonomous systems in BGP. In International Conference on Trust and Trustworthy Computing. Springer, 262--276.

[16]

Shinyoung Cho, Romain Fontugne, Kenjiro Cho, Alberto Dainotti, and Phillipa Gill. 2019. BGP hijacking classification. In 2019 Network Traffic Measurement and Analysis Conference (TMA). IEEE, 25--32.

[17]

Ben Cox. 2021. Hunting down the stuck BGP routes. Retrieved 2021-05-25 from https://blog.benjojo.co.uk/post/bgp-stuck-routes-tcp-zero-window

[18]

Alberto Dainotti, Karyn Benson, Alistair King, Bradley Huffaker, Eduard Glatz, Xenofontas Dimitropoulos, Philipp Richter, Alessandro Finamore, and Alex C Snoeren. 2016. Lost in space: improving inference of IPv4 address space utilization. IEEE Journal on Selected Areas in Communications 34, 6 (2016), 1862--1876.

[19]

D Dietrich. 2005. Bogons and bogon filtering. In 33rd meeting of the North American Network Operator's Group (NANOG 33).

[20]

Christoph Dietzel, Anja Feldmann, and Thomas King. 2016. Blackholing at ixps: On the effectiveness of ddos mitigation in the wild. In International Conference on Passive and Active Network Measurement. Springer, 319--332.

[21]

Nick Feamster, Jaeyeon Jung, and Hari Balakrishnan. 2005. An empirical study of" bogon" route advertisements. ACM SIGCOMM Computer Communication Review 35, 1 (2005), 63--70.

Digital Library

[22]

Romain Fontugne, Esteban Bautista, Colin Petrie, Yutaro Nomura, Patrice Abry, Paulo Gonçalves, Kensuke Fukuda, and Emile Aben. 2019. BGP zombies: An analysis of beacons stuck routes. In International Conference on Passive and Active Network Measurement. Springer, 197--209.

Digital Library

[23]

Center for Applied Internet Data Analysis based at the University of California's San Diego Supercomputer Center. 2021. AS Relationships. https://www.caida.org/catalog/datasets/as-relationships/

[24]

American Registry for Internet Numbers. 2004. New Statistics Format Available. Retrieved 2020-05-05 from https://www.arin.net/vault/announcements/2004/20040108.html

[25]

American Registry for Internet Numbers. 2009. Extended Allocation and Assignment Report for RIRs. Retrieved 2020-05-05 from https://www.arin.net/reference/research/statistics/nro_extended_stats_format.pdf

[26]

Huston Geoff. [n. d.]. Ipv4 stats. Retrieved 2020-06-29 from https://www.pot.aroo.net/tools/ipv4/index.html

[27]

Huston Geoff. Aug. 2005. ASN stats. Retrieved 2020-06-29 from https://www.potaroo.net/ispcol/2005-08/as.pdf

[28]

Huston Geoff. Dec. 2003. IPv4 - How long do we have? Retrieved 2020-06-29 from https://www.potaroo.net/papers/ipj/2003-v6-n4-ipv4/ipv4.html

[29]

Huston Geoff. Dec. 2008. RFC 5398:Autonomous System (AS) Number Reservation for Documentation Use. https://tools.ietf.org/html/rfc5398

[30]

Huston Geoff. Jul. 2003. ASN IPs stats. Retrieved 2020-06-29 from http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.108.5361&rep=rep1&type=pdf

[31]

Huston Geoff. May. 2021. The 32-bit AS Number Report. Retrieved 2021-05-22 from https://www.potaroo.net/tools/asn32/

[32]

Huston Geoff. Oct. 2008. Confronting IPv4 Address Exhaustion. Retrieved 2020-06-29 from https://www.potaroo.net/ispcol/2008-10/v4depletion.pdf

[33]

Dan Goodin. Apr. 2018. Suspicious event hijacks Amazon traffic for 2 hours, steals cryptocurrency. Retrieved 2020-06-29 from https://arstechnica.com/information-technology/2018/04/suspicious-event-hijacks-amazon-traffic-for-2-hours-steals-cryptocurrency/

[34]

Google. 2018. The Hunt for 3ve Taking down a major ad fraud operation through industry collaboration. https://services.google.com/fh/files/blogs/3ve_google_whiteops_whitepaper_final_nov_2018.pdf

[35]

J. Haas and J. Mitchell. Jul. 2014. RFC 7300: Reservation of Last Autonomous System (AS) Numbers. https://tools.ietf.org/html/rfc7300

[36]

J. Hawkinson and T. Bates. Mar. 1996. RFC 1930: Guidelines for creation, selection, and registration of an Autonomous System (AS). https://tools.ietf.org/html/rfc1930

[37]

John Heidemann, Yuri Pradkin, Ramesh Govindan, Christos Papadopoulos, Genevieve Bartlett, and Joseph Bannister. 2008. Census and survey of the visible internet. In Proceedings of the 8th ACM SIGCOMM conference on Internet measurement. 169--182.

Digital Library

[38]

Urs Hengartner, Sue Moon, Richard Mortier, and Christophe Diot. 2002. Detection and analysis of routing loops in packet traces. In Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment. 107--112.

Digital Library

[39]

Packet Clearing House. 2021. Packet Clearing House. https://www.pch.net/

[40]

IANA. Aug. 2015. Special-Purpose Autonomous System (AS) Numbers Created. Retrieved 2020-05-17 from https://www.iana.org/assignments/iana-as-numbers-special-registry/iana-as-numbers-special-registry.xhtml

[41]

Daniel Karrenberg, Gerard Ross, Paul Wilson, and Leslie Nobile. 2001. Development of the Regional Internet Registry System. The Internet Protocol Journal 4, 4 (Dec. 2001), 17--29. https://www.nro.net/development-of-the-regional-internet-registry-system/

[42]

S. Kirkpatrick, M. Stahl, and M. Recker. Jul. 1990. RFC 1166: Internet numbers. https://tools.ietf.org/html/rfc1166

[43]

Maria Konte, Roberto Perdisci, and Nick Feamster. 2015. ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes. In Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication - SIGCOMM '15. ACM Press, London, United Kingdom, 625--638.

Digital Library

[44]

W. Kumari, R. Bush, H. Schiller, and K. Patel. Aug. 2015. RFC7607:Codification of AS 0 Processing. https://tools.ietf.org/html/rfc7607

[45]

LACNIC. [n. d.]. LACNIC ftp. Retrieved 2020-05-17 from https://ftp.lacnic.net/pub/stats/lacnic/

[46]

lacnog. Oct. 2013. secuestro de ruta. Retrieved 2020-06-29 from https://mail.lacnic.net/pipermail/lacnog/2013-October/002622.html

[47]

K. Lougheed and Y. Rekhter. Jun. 1989. RFC 1105: A Border Gateway Protocol (BGP). https://tools.ietf.org/html/rfc1105

[48]

Matthew Luckie, Bradley Huffaker, Amogh Dhamdhere, Vasileios Giotsas, and KC Claffy. 2013. AS relationships, customer cones, and validation. In Proceedings of the 2013 conference on Internet measurement conference. 243--256.

Digital Library

[49]

Xiaoqiao Meng, Zhiguo Xu, Beichuan Zhang, Geoff Huston, Songwu Lu, and Lixia Zhang. 2005. IPv4 address allocation and the BGP routing table evolution. ACM SIGCOMM Computer Communication Review 35, 1 (2005), 71--80.

Digital Library

[50]

J. Mitchell. Jul. 2013. RFC6996: Autonomous System (AS) Reservation for Private Use. https://tools.ietf.org/html/rfc6996

[51]

Nanog. Aug. 2017. Hijack Factories: AS203418, AS205944, and AS203040. Retrieved 2020-06-29 from https://mailman.nanog.org/pipermail/nanog/2017-August/191858.html

[52]

Nanog. Jan. 2018. Spectrum prefix hijacks. Retrieved 2020-06-29 from https://mailman.nanog.org/pipermail/nanog/2018-January/193573.html

[53]

Inc. NANOG. 2021. NANOG. https://www.nanog.org/resources/nanog-mailing-list/nanog-mailing-lists/

[54]

RIPE NCC. 2021. Routing Information Service (RIS). Retrieved 2021-05-25 from https://www.ripe.net/analyse/internet-measurements/routing-information-service-ris

[55]

Number Resource Organization (NRO). 2021. RIR Comparative Policy Overview. https://www.nro.net/policy/regional/rir-comparative-policy-overview/

[56]

Ricardo Oliveira, Dan Pei, Walter Willinger, Beichuan Zhang, and Lixia Zhang. 2009. The (in) completeness of the observed internet AS-level structure. IEEE/ACM Transactions on Networking 18, 1 (2009), 109--122.

Digital Library

[57]

Chiara Orsini, Alistair King, Danilo Giordano, Vasileios Giotsas, and Alberto Dainotti. 2016. BGPStream: a software framework for live and historical BGP data analysis. In Proceedings of the 2016 Internet Measurement Conference. 429--444.

Digital Library

[58]

J. Postel and J. Vernon. Jan. 1983. RFC 820: Assigned Numbers. https://tools.ietf.org/html/rfc820

[59]

The Spamhaus Project. 2021. Spamhaus. https://www.spamhaus.org/

[60]

Y. Rekhter, T. Li, and S. Hares. January 2006. RFC 4271: A Border Gateway Protocol 4 (BGP-4). https://www.rfc-editor.org/info/rfc4271

[61]

Philipp Richter, Mark Allman, Randy Bush, and Vern Paxson. 2015. A Primer on IPv4 Scarcity. ACM SIGCOMM Computer Communication Review 45, 2 (April 2015), 21--31.

Digital Library

[62]

Philipp Richter, Georgios Smaragdakis, David Plonka, and Arthur Berger. 2016. Beyond Counting: New Perspectives on the Active IPv4 Address Space. In Proceedings of the 2016 Internet Measurement Conference. ACM, Santa Monica California USA, 135--149.

Digital Library

[63]

RIPE. [n. d.]. RIPE ftp. Retrieved 2020-05-17 from https://ftp.ripe.net/pub/stats/ripencc/

[64]

RIPE. 2020. legacy-resources. https://www.ripe.net/manage-ips-and-asns/legacy-resources/erx

[65]

RIPE. 2020. ripe erx resources. https://www.ripe.net/manage-ips-and-asns/legacy-resources/erx/erx-transfer-of-as-number-registrations

[66]

Eric C. Rosen. Oct. 1982. RFC 827: Exterior Gateway Protocol (EGP). https://tools.ietf.org/html/rfc827

[67]

Matthew Roughan, Walter Willinger, Olaf Maennel, Debbie Perouli, and Randy Bush. 2011. 10 lessons from 10 years of measuring and modeling the internet's autonomous systems. IEEE Journal on Selected Areas in Communications 29, 9 (2011), 1810--1821.

[68]

RouteViews. 2021. RouteViews Routing Table Archive. Retrieved 2021-05-22 from http://www.routeviews.org

[69]

Georgos Siganos and Michalis Faloutsos. 2004. Analyzing BGP policies: Methodology and tool. In IEEE INFOCOM 2004, Vol. 3. IEEE, 1640--1651.

[70]

Anusha Sriraman, Kevin RB Butler, Patrick D McDaniel, and Padma Raghavan. 2007. Analysis of the ipv4 address space delegation structure. In 2007 12th IEEE Symposium on Computers and Communications. IEEE, 501--508.

[71]

Spamhaus Team. 2020. Suspicious network resurrections. Retrieved 2021-05-25 from https://www.spamhaus.org/news/article/802/suspicious-network-resurrections

[72]

Cecilia Testart, Philipp Richter, Alistair King, Alberto Dainotti, and David Clark. 2019. Profiling BGP Serial Hijackers: Capturing Persistent Misbehavior in the Global Routing Table. In Proceedings of the Internet Measurement Conference. 420--434.

Digital Library

[73]

Andree Toonk. Dec. 2017. Popular destinations rerouted to russia. Retrieved 2020-06-29 from https://bgpmon.net/popular-destinations-rerouted-to-russia/

[74]

Ravi Vaidyanathan, Abhrajit Ghosh, Yukiko Sawaya, and Ayumu Kubota. 2012. On the use of enhanced bogon lists (EBLs) to detect malicious traffic. In 2012 International Conference on Computing, Networking and Communications (ICNC). IEEE, 1--6.

[75]

Q. Vohra and E. Chen. Dec. 2012. RFC6793: BGP Support for Four-Octet Autonomous System (AS) Number Space. https://tools.ietf.org/html/rfc6793

[76]

Wikipedia. Jun. 2020. dot-com bubble. Retrieved 2020-06-29 from https://en.wikipedia.org/wiki/Dot-com_bubble

[77]

Rene Wilhelm and Henk Uijterwaal. Oct. 2005. ASN Missing In Action. Retrieved 2020-06-29 from https://www.ripe.net/publications/docs/ripe-353

Cited By

Wirtgen TRybowski NPelsser CBonaventure O(2024)The Multiple Benefits of a Secure Transport for BGPProceedings of the ACM on Networking10.1145/36964062:CoNEXT4(1-23)Online publication date: 25-Nov-2024
https://dl.acm.org/doi/10.1145/3696406
Almazarqi HWoodyard MMarnerides A(2024)Macroscopic Insights of IoT Botnet Dynamics Via AS-level Tolerance AssessmentICC 2024 - IEEE International Conference on Communications10.1109/ICC51166.2024.10622782(5244-5249)Online publication date: 9-Jun-2024
https://doi.org/10.1109/ICC51166.2024.10622782
Arturi ACarisimo EBustamante F(2023) : Enriching AS-to-Organization Mappings with PeeringDBPassive and Active Measurement10.1007/978-3-031-28486-1_17(400-428)Online publication date: 21-Mar-2023
https://dl.acm.org/doi/10.1007/978-3-031-28486-1_17
Show More Cited By

Index Terms

The parallel lives of autonomous systems: ASN allocations vs. BGP
1. Networks
  1. Network performance evaluation
    1. Network measurement

Recommendations

An active approach to measuring routing dynamics induced by autonomous systems
ExpCS '07: Proceedings of the 2007 workshop on Experimental computer science

We present an active measurement study of the routing dynamics induced by AS-path prepending, a common method for controlling the inbound traffic of a multi-homed ISP. Unlike other inter-domain inbound traffic engineering methods, AS-path prepending not ...
An active approach to measuring routing dynamics induced by autonomous systems
ecs'07: Experimental computer science on Experimental computer science

We present an active measurement study of the routing dynamics induced by AS-path prepending, a common method for controlling the inbound traffic of a multi-homed ISP. Unlike other inter-domain inbound traffic engineering methods, AS-path prepending not ...
Autonomous security for autonomous systems

The Internet's interdomain routing protocol, BGP, supports a complex network of Autonomous Systems which is vulnerable to a number of potentially crippling attacks. Several promising cryptography-based solutions have been proposed, but their adoption ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

IMC '21: Proceedings of the 21st ACM Internet Measurement Conference

November 2021

768 pages

ISBN:9781450391290

DOI:10.1145/3487552

General Chairs:
Dave Levin
University of Maryland
,
Alan Mislove
Northeastern University
,
Program Chairs:
Johanna Amann
International Computer Science Institute
,
Matthew Luckie
University of Waikato

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

In-Cooperation

USENIX Assoc: USENIX Assoc

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 November 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Funding Sources

Conference

IMC '21

Sponsor:

IMC '21: ACM Internet Measurement Conference

November 2 - 4, 2021

Virtual Event

Acceptance Rates

Overall Acceptance Rate 277 of 1,083 submissions, 26%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
647
Total Downloads

Downloads (Last 12 months)217
Downloads (Last 6 weeks)13

Reflects downloads up to 25 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Wirtgen TRybowski NPelsser CBonaventure O(2024)The Multiple Benefits of a Secure Transport for BGPProceedings of the ACM on Networking10.1145/36964062:CoNEXT4(1-23)Online publication date: 25-Nov-2024
https://dl.acm.org/doi/10.1145/3696406
Almazarqi HWoodyard MMarnerides A(2024)Macroscopic Insights of IoT Botnet Dynamics Via AS-level Tolerance AssessmentICC 2024 - IEEE International Conference on Communications10.1109/ICC51166.2024.10622782(5244-5249)Online publication date: 9-Jun-2024
https://doi.org/10.1109/ICC51166.2024.10622782
Arturi ACarisimo EBustamante F(2023) : Enriching AS-to-Organization Mappings with PeeringDBPassive and Active Measurement10.1007/978-3-031-28486-1_17(400-428)Online publication date: 21-Mar-2023
https://dl.acm.org/doi/10.1007/978-3-031-28486-1_17
Almazarqi HWoodyard MMursch TPezaros DMarnerides A(2022)Macroscopic Analysis of IoT BotnetsGLOBECOM 2022 - 2022 IEEE Global Communications Conference10.1109/GLOBECOM48099.2022.10001223(2674-2679)Online publication date: 4-Dec-2022
https://doi.org/10.1109/GLOBECOM48099.2022.10001223

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents