1 / 52

# Pitch Patarasuk - PowerPoint PPT Presentation

Pitch Patarasuk. Policy Disputes in Path-Vector Protocol A Safe Path Vector Protocol The Stable Paths Problem and Interdomain routing. Safety in BGP. BGP is the only interdomain routing protocol in the internet A routing protocol is safe when it is guaranteed to converge

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.

## PowerPoint Slideshow about 'Pitch Patarasuk' - bennett

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

• Policy Disputes in Path-Vector Protocol

• A Safe Path Vector Protocol

• The Stable Paths Problem and Interdomain routing

• BGP is the only interdomain routing protocol in the internet

• A routing protocol is safe when it is guaranteed to converge

• RIP and OSPF protocols are safe

• Use shortest-path algorithm

• BGP is not safe

• BGP does not use pure shortest-path algorithm

• BGP allow policy concerns to override distance metric

• Each AS decides its own policy with little knowledge of of other ASs’ policies

• Policy

• Static

• ASs do not share their policies

• The problem is NP-complete

• Heuristic

• Dynamic

• Paths that are potentially create problem will be deleted

• SPP (stable path problem)

• SPVP (simple path vector protocol)

• SPVP1

• SPVP2

• SPVP3

• Dispute Digraph

• Dispute Wheel

• Simplify BGP solvability problem to a problem of “whether every node has a stable route to one destination node”

• Destination node == node 0

• (x) = path assignment from node x to node 0

•  = path assignment of every node to node 0

•  = ((1), (2), (3), ……………….)

• When  does not change

• Stable state

• Converge

•  is the solution to this problem

•  is a stable path assignment of this problem

• When  keep changing

• Diverge

** NOTE **

• Even if there is a solution, the problem can still be diverge (cannot find a solution)

• Even if a problem converge, some nodes may not have a route to node 0

•  = (10, , 310, 40)

permitted path(1) = ( 1 0, 1 3 0)

permitted path(2) = ( 2 0, 2 1 0)

permitted path(3) = (3 0)

permitted path(4) = (4 3 0, 4 2 0)

 = ( 1 3 0, 2 0, 3 0, 4 3 0)

1 = 1 3 0

2 = 2 0

3 = 3 0

4 = 4 3 0

 = (10, 20, 30, 430)

 = (130, 20, 30, 430)

 = (10, 210, 30, 430)

 = (130, 210, 30, 430)

 = (10, 20, 30, 420)

 = (130, 20, 30, 420)

 = (10, 210, 30, 420)

 = (130, 210, 30, 420)

•  = (10, 20, 30, 430)

•  = (130, 20, 30, 430)

•  = (10, 210, 30, 430)

• = (130, 210, 30, 430)

•  = (10, 20, 30, 420)

•  = (130, 20, 30, 420)

•  = (10, 210, 30, 420)

•  = (130, 210, 30, 420)

• Node i is stable if rank (i,j)P(j) < rank P(i) whenever (i,j)P(j) is a permitted path at i

• ** note that (2 1)(1 0) == (2 1 0) **

• Choice( , u) is a union of

• (u 0) if u is connected to 0 and (u 0) is a permitted path at u

• (u v) (v) when u is connected to v and (u v) (v) is a permitted path at u

let  = (1 0, 2 0, 3 0, 4 3 0)

Choices( ,1) = (1 0, 1 3 0)

Choices( , 2) = (2 0, 2 10)

Choices( , 3) = (3 0)

Choices( , 4) = (4 3 0, 4 2 0)

• Let W is a subset of permitted path at u,

Best(W, u) = P  W with a maximum ranking

• The path assignment at node u, (u), is stable if (u) = best(choices(, u), u)

• The path assignment  is stable if (u) is stable at every node u.

• There is only one solution (stable path assignment) for this problem

•  = ( 1 3 0, 2 0, 3 0, 4 3 0)

 = ( 1 3 0, 2 0, 3 0, 4 3 0)

• Choices(, 1) = (1 0, 1 3 0)

Best (Choices(, 1), 1) = 1 3 0 = (1) => stable

• Choices(, 2) = (2 0)

Best (Choices(, 2), 2) = 2 0 = (2) => stable

• Choices(, 3) = (3 0)

Best (Choices(, 3), 3) = 3 0 = (3) => stable

• Choices(, 4) = (4 3 0, 4 2 0)

Best (Choices(, 4), 4) = 4 3 0 = (4) => stable

**  = ( 1 3 0, 2 0, 3 0, 4 3 0) is stable **

Stable:  = ( 1 3 0, 2 0, 3 0, 4 3 0)

• Choices(, 1) = (1 0, 1 3 0)

Best (Choices(, 1), 1) = 1 3 0 != (1) => unstable

• Choices(, 2) = (2 0, 2 1 0)

Best (Choices(, 2), 2) = 2 1 0 != (2) => unstable

• (3), (4) are stable

•  = ( 1 0, 2 1 0, 3 0, 4 3 0) are not stable

Unstable:  = ( 1 0, 2 1 0, 3 0, 4 3 0)

• SPVP1

• Basic

• Not safe

• SPVP2

• Contains path history

• Can detect protocol oscillation due to policy conflict

• Still not safe

• SPVP3

• Extends SPVP2 to make it safe by suppressing paths that can make the protocol diverge

• Let rib(u) =  (u) for each node u

• Each node u send rib(u) to its neighbor

• When each node receives rib(w) from its neighbor w, called rib-in(u<=w), it computes best(u)

• If best(u) != rib(u), it replace rib(u) with best(u), and sends new rib(u) to all its neighbor

• When no node sends new rib(u) to its neighbor, the protocol is in a stable state, the problem is converge

• If there will never be a stable state, the problem is diverge

• Rib(u) = path from u to node 0

• Rib-in(u <= w) = rib(w) received from the neighbor w

• Best(u) = computed new path from u to 0 from all Rib-ins(u <=w)

•  = (130, 210, 30, 430)

•  = (130, 20, 30, 430)

•  = (130, 20, 30, 420)

•  is stable => problem is converge

** Step 0 and 9 are the same ** one round of oscillation

• Has a solution

• (130,20,30,420)

• Diverge

• Cannot go to (130,20,30,420) state with SPVP protocol

• Assume node u abandons path p1 and adopts path p2, we say that

• Node u went down from p1 if p2 has lower rank than p1

• Node u went up to p2 if p2 has higher rank than p1

• Look at node 2 from step 6 backward:

node 2 adopts (2 0) because it went down from (2 1 0) because node 1 went up to (1 3 0) because node 3 went down from (3 4 2 0) because node 4 went down from (4 2 0) because node 2 went up to (2 1 0)

• ** there is a cycle between went up and down to/from path 210 **

• Each node has path history

• Each node send path history to its neighbor

• Policy based oscillation can be detected

• But do nothing => still not safe

• The sentence “node 2 adopts (2 0) because it went down from (2 1 0) because node 1 went up to (1 3 0) because node 3 went down from (3 4 2 0) because node 4 went down from (4 2 0) because node 2 went up to (2 1 0)”can be translated to

(- 2 1 0) (+ 1 3 0) (- 3 4 20) (- 4 2 0) (+ 2 1 0)

• B(u) = bad paths at node u

• Choices(u) now exclude every path in B(u)

• In step 6, node 2 has a cycle in its history of path (2 0), it add path (2 0) to B(2) and adopts empty path

• The solution of this problem is ( 1 3 0, , 3 0, 4 3 0)

• The protocol converge, there is no oscillation, but node 2 cannot get to node 0

• There are 2 types of arc in dispute digraph

• Transmission arc

• Dispute arcs

• P = = => (u v)P when

• u and v are peers

• P is permitted at v

• (u v)P is permitted at u

• (1 0) = = => (2 1 0)

• (2 0) = = => (4 2 0)

• (3 0) = = => (1 3 0)

• (3 0) = = => (4 3 0)

• (4 2 0) = = => (3 4 2 0)

** node 1 adopts path (10) which allow node 2 to permit path

(2 1 0) **

Q ===> (u v)P when

• (u v)P is a permitted path at u

• Q and P are permitted path at v

• Path (u v)Q is not permitted at u, or path Q has lower rank than P at node u

• Path Q has higher rank than P at node v

• Node v could increase the rank of its best path by abandon path P and adopt path Q, however, this will force node u to abandon path (u v)P

• (1 3 0) ===> (2 1 0)

• (2 1 0) ===> (4 2 0)

• (3 4 2 0) ===> (1 3 0)

• (3 4 2 0) ===> (4 3 0)

• (4 3 0) ===> (3 4 2 0)

• Acyclic (no loop)

• Converge, unique solution, safe, robust

• 2 loops

• (430=>3420=>430)

• (3420=>130=>210=>420=>3420)

• 1 loop

• (3420=>130=>210=>420=>3420)

• Acyclic (no loop)

• good

• Contains loops (dispute cycles)

• An alternative representation structure of a dispute cycle

• A specification S has a dispute wheel if and only if the dispute digraph DD(S) contains a cycle

• Dispute cycles are built from local relationships between peers

• Dispute wheels are based on long-distance relationships

• A dispute wheel of size k is

• A sequence of nodes U = U0…Uk-1

• A sequence of paths Q = Q0….Qk-1

• A sequence of paths R = R0….Rk-1

• Such that for each 0 <= i <= k-1

• Ri is a path from ui to ui+1

• Qi is a permitted path at Ui

• RiQi+1 is a permitted path at Ui

• Rank Qi < RiQi+1 at Ui

U0

U2

R2=21

Q0=10

Q2=20

R0=13

Q1=30

R1=342

U1

At U0: rank (Q0 == 10) < (R0Q1 ==1330 == 130)

At U1: rank (Q1 == 30) < (R1Q2 ==34220 == 3420)

At U2: rank (Q2 == 20) < (R2Q3 ==2110 == 210)

• No dispute wheel implies solvability

• No dispute wheel implies a unique solution

• No dispute wheel implies safety

• No dispute wheel implies robustness

** No dispute wheel == no dispute cycle in DD(S) **

120

10

210

20

• Disagree

• Has 2 solutions (2 trees)

• Contains a dispute wheel

Disagree

solutions

** May or may not converge **

• Start from a problem of size 0, then 1, 2 ,….,k-1, where k is a number of nodes

• Grow an assignment in a greedy manner

• i is a stable path assignment of size i

• Vi  V where every node in (u) is in Vi, 0  Vi

•  = (130, 210, 30, 430), (0)=0

• V1 = {0,3}

• u  V-V1 = {1,2,4}

• Direct path to V1

• Node 1: 130

• Node 2: 20

• Node 4: 430

• 2 = (130,20,30,430)

• V2 = {0,3,1}

• V3 = {0,3,1,2}

• V4 = {0,3,1,2,4}

•  = (130,20,30,430)

• If this algorithm cannot find a solution, there must exists a dispute wheel

• Routing protocol based on shortest path is always safe

• Routing protocol can be safe even if it does not use the shortest path

• Not all path are permitted

• May not be safe

• Safe if there is no negative cost cycle

• A cycle 1342 has a negative cost of -16

• The protocol can also be safe even if there exists a negative cost cycle

** A+B+C < 0 ** ** no dispute cycle  safe **

• Ignore all issues relating to internal BGP

• There is at most one link between any two ASs

• Shortest path is safe, BGP is not

• There are 3 ways to make routing protocol safe

• Policy

• Static

• Dynamic

• Static

• Dispute digraph

• Dispute cycle

• Dispute wheel

• No dispute wheel == no dispute cycle

• No dispute wheel == safe, robust

• Dynamic

• SPP (simple path problem)

• simplify the problem

• route to one destination

• SPVP (simple path vector protocol)

• SPVP1: Like what is used in BGP, unsafe

• SPVP2: Can detect oscillation caused by policy conflict

• SPVP3: Get rid of bad path  safe , however, some nodes may not have a route to a destination

• Routing based on cost function without a negative cost cycle is safe