article

Practical verification techniques for wide-area routing

Author:

Nick FeamsterAuthors Info & Claims

ACM SIGCOMM Computer Communication Review, Volume 34, Issue 1

Pages 87 - 92

https://doi.org/10.1145/972374.972390

Published: 01 January 2004 Publication History

Abstract

Protocol and system designers use verification techniques to analyze a system's correctness properties. Network operators need verification techniques to ensure the "correct" operation of BGP. BGP's distributed dependencies cause small configuration mistakes or oversights to spur complex errors, which sometimes have devastating effects on global connectivity. These errors are often difficult to debug because they are sometimes only exposed by a specific message arrival pattern or failure scenario.This paper presents an approach to BGP verification that is primarily based on static analysis of router configuration. We argue that: (1) because BGP's a configuration affects its fundamental behavior, verification is a program analysis problem, (2) BGP's complex, dynamic interactions are difficult to abstract and impossible to enumerate, which precludes existing verification techniques, (3) because of BGP's flexible, policy-based configuration, some aspects of BGP configuration must be checked against a higher-level specification of intended policy, and (4) although static analysis can catch many configuration errors, simulation and emulation are also necessary to determine the precise scenarios that could expose errors at runtime. Based on these observations, we propose the design of a BGP verification tool, discuss how it could be applied in practice, and describe future research challenges.

References

[1]

BICKNELL, L. Re: transit across the ixs. http://www.merit. edu/mail.archives/nanog/1999--02/msg00192.html, February 1999.

[2]

BUSH, R. It's 1918 in Bologna. http://www. merit. edu/mail.archives/nanog/msg11169.html, July 2003.

[3]

BUSH R., ET AL. Watching your router configurations and detecting those exciting little changes. http://www.nanog.org/mtg-0310/rancid.html, October 2003. Panel at NANOG 29.

[4]

FARROW, R. Routing instability on the Internet. Network Magazine (March 4, 2002). http://www.networkmagazine.com/article/NMG20020304S0007/2.

[5]

FEAMSTER, N., AND BALAKRISHNAN, H. A systematic approach to BGP configuration checking. http://www.nanog.org/mtg-0310/feamster.html, October 2003. NANOG 29.

[6]

FEAMSTER, N., AND BALAKRISHNAN, H. Towards a logic for wide-area Internet routing. In ACM SIGCOMM Workshop on Future Directions in Network Architecture (Karlsruhe, Germany, Aug. 2003).

Digital Library

[7]

FEAMSTER, N., BORKENHAGEN, J., AND REXFORD, J. Techniques for interdomain traffic engineering. Computer Communications Review 33, 5 (October 2003).

Digital Library

[8]

FEAMSTER, N., WINICK, J., AND REXFORD, J. A model of BGP routing for network engineering. In submission, Nov. 2003.

[9]

Goldwire Formulator, 2003. http://www.goldwiretech. com/products/formulator.cfm.

[10]

GOTTLIEB, J., GREENBERG. A., REXFORD, J., AND WANG, J. Automated Provisioning of BGP Customers. IEEE Network (2003).

[11]

GOVINDAN, R., ALAETTINOGLU, C., VARADHAN, K., AND ESTRIN, D. Route servers for inter-domain routing. Networks and ISDN Systems 30 (1998), 1157--1174.

Digital Library

[12]

GRIFFIN, T., AND WILFONG, G. Analysis of the MED oscillation problem in BGP. In Proc. ICNP (Paris, France, November 2002).

Digital Library

[13]

GRIFFIN, T., AND WILFONG, G. On the corrections of IBGP configuration. In Proc. ACM SIGCOMM (Pittsburgh, PA, August 2002).

Digital Library

[14]

GRIFFIN, T. G. SHEPHERD, F. B., AND WILFONG, G. The stable paths problem and interdomain routing. IEEE Transactions on Networking 10, 1 (2002), 232--243.

Digital Library

[15]

MAHAJAN, R., WETHERALL. D., AND ANDERSON, T. Understanding BGP misconfiguration. In Proc. ACM SIGCOMM (Aug. 2002), pp. 3--17.

Digital Library

[16]

McPHERSON, D., GILL, V., WALTON, D., AND RETANA, A. Border Gateway Protocol (BGP) Persistent Route Oscillation Condition. Internet Engineering Task Force, August 2002. RFC 3345.

Digital Library

[17]

PAYNE, J. Filtering Customer BGP Sessions, http://www.merit.edu/mail.archives/nanog/msg11184.html, July 2003.

[18]

REKHTER, Y., AND LI, T. A Border Gateway Protocol 4 (BGP-4). Internet Engineering Task Force, 1995. RFC 1771.

Digital Library

[19]

REXFORD, J. State of the art in router configuration. http://www.merit.edu/mail.archives/nanog/2002-01/msg00265.html, January 2002.

Cited By

Hart NRotsos CGiotsas VRace NHutchison D(2020)λBGP: Rethinking BGP programmabilityNOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium10.1109/NOMS47738.2020.9110331(1-9)Online publication date: 20-Apr-2020
https://dl.acm.org/doi/10.1109/NOMS47738.2020.9110331
Vanhoef MPiessens FRossow CYounan Y(2018)Symbolic execution of security protocol implementationsProceedings of the 12th USENIX Conference on Offensive Technologies10.5555/3307423.3307436(13-13)Online publication date: 13-Aug-2018
https://dl.acm.org/doi/10.5555/3307423.3307436
Yao JVenkitasubramaniam PKishore SSnyder LBlum R(2017)Network topology risk assessment of stealthy cyber attacks on advanced metering infrastructure networks2017 51st Annual Conference on Information Sciences and Systems (CISS)10.1109/CISS.2017.7926147(1-6)Online publication date: Mar-2017
https://doi.org/10.1109/CISS.2017.7926147
Show More Cited By

Index Terms

Practical verification techniques for wide-area routing
1. Networks
  1. Network protocols
    1. Network layer protocols
      1. Routing protocols

Index terms have been assigned to the content through auto-classification.

Recommendations

Automated verification of practical garbage collectors
POPL '09: Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages

Garbage collectors are notoriously hard to verify, due to their low-level interaction with the underlying system and the general difficulty in reasoning about reachability in graphs. Several papers have presented verified collectors, but either the ...
Modeling the optimized link-state routing protocol for verification
TMS/DEVS '12: Proceedings of the 2012 Symposium on Theory of Modeling and Simulation - DEVS Integrative M&S Symposium

The exhaustive property verification of mobile ad hoc routing protocols has proven difficult, especially for proactive protocols. Several attempts to produce tractable models have failed. This article presents the application of formal methods to verify ...
An abstraction refinement approach combining precise and approximated techniques for efficient program verification: abstract for the invited talk
SAVCBS '09: Proceedings of the 8th international workshop on Specification and verification of component-based systems

Predicate abstraction is a powerful technique to reduce the state space of a program to a finite and affordable number of states. It produces a conservative over-approximation where concrete states are grouped together according to the predicates. Given ...

Comments

Information & Contributors

Information

Published In

cover image ACM SIGCOMM Computer Communication Review

ACM SIGCOMM Computer Communication Review Volume 34, Issue 1

January 2004

140 pages

ISSN:0146-4833

DOI:10.1145/972374

Issue’s Table of Contents

Copyright © 2004 Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 January 2004

Published in SIGCOMM-CCR Volume 34, Issue 1

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

18
Total Citations
View Citations
353
Total Downloads

Downloads (Last 12 months)8
Downloads (Last 6 weeks)1

Reflects downloads up to 27 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hart NRotsos CGiotsas VRace NHutchison D(2020)λBGP: Rethinking BGP programmabilityNOMS 2020 - 2020 IEEE/IFIP Network Operations and Management Symposium10.1109/NOMS47738.2020.9110331(1-9)Online publication date: 20-Apr-2020
https://dl.acm.org/doi/10.1109/NOMS47738.2020.9110331
Vanhoef MPiessens FRossow CYounan Y(2018)Symbolic execution of security protocol implementationsProceedings of the 12th USENIX Conference on Offensive Technologies10.5555/3307423.3307436(13-13)Online publication date: 13-Aug-2018
https://dl.acm.org/doi/10.5555/3307423.3307436
Yao JVenkitasubramaniam PKishore SSnyder LBlum R(2017)Network topology risk assessment of stealthy cyber attacks on advanced metering infrastructure networks2017 51st Annual Conference on Information Sciences and Systems (CISS)10.1109/CISS.2017.7926147(1-6)Online publication date: Mar-2017
https://doi.org/10.1109/CISS.2017.7926147
HIMURA YYASUDA Y(2015)Bridging the Gap between Tenant CMDB and Device Status in Multi-Tenant Datacenter NetworkingIEICE Transactions on Communications10.1587/transcom.E98.B.2132E98.B:11(2132-2140)Online publication date: 2015
https://doi.org/10.1587/transcom.E98.B.2132
Qadir JHasan O(2015)Applying Formal Methods to Networking: Theory, Techniques, and ApplicationsIEEE Communications Surveys & Tutorials10.1109/COMST.2014.234579217:1(256-291)Online publication date: 1-Jan-2015
https://dl.acm.org/doi/10.1109/COMST.2014.2345792
Song JCadar CPietzuch P(2014)SymbexNetIEEE Transactions on Software Engineering10.1109/TSE.2014.232397740:7(695-709)Online publication date: 1-Jul-2014
https://dl.acm.org/doi/10.1109/TSE.2014.2323977
Deca RCherkaoui OSavaria Y(2012)Rule-Based Network Service ProvisioningJournal of Networks10.4304/jnw.7.10.1493-15047:10Online publication date: 1-Oct-2012
https://doi.org/10.4304/jnw.7.10.1493-1504
LIANG WBI JLI ZXIA Y(2011)Towards Inferring Inter-Domain Routing Policies in ISP NetworksIEICE Transactions on Communications10.1587/transcom.E94.B.3049E94-B:11(3049-3056)Online publication date: 2011
https://doi.org/10.1587/transcom.E94.B.3049
Huadmai C(2011)Verification of routing policies by using model checking techniqueProceedings of the 6th IEEE International Conference on Intelligent Data Acquisition and Advanced Computing Systems10.1109/IDAACS.2011.6072863(711-716)Online publication date: Sep-2011
https://doi.org/10.1109/IDAACS.2011.6072863
Wei Liang Jingping Bi Yiting Xia Chengchen Hu (2011)RPIM: Inferring BGP Routing Policies in ISP Networks2011 IEEE Global Telecommunications Conference - GLOBECOM 201110.1109/GLOCOM.2011.6133970(1-6)Online publication date: Dec-2011
https://doi.org/10.1109/GLOCOM.2011.6133970
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents