Pitch patarasuk
Download
1 / 52

Pitch Patarasuk - PowerPoint PPT Presentation


  • 138 Views
  • Uploaded on

Pitch Patarasuk. Policy Disputes in Path-Vector Protocol A Safe Path Vector Protocol The Stable Paths Problem and Interdomain routing. Safety in BGP. BGP is the only interdomain routing protocol in the internet A routing protocol is safe when it is guaranteed to converge

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Pitch Patarasuk' - bennett


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Pitch patarasuk
Pitch Patarasuk

  • Policy Disputes in Path-Vector Protocol

  • A Safe Path Vector Protocol

  • The Stable Paths Problem and Interdomain routing


Safety in bgp
Safety in BGP

  • BGP is the only interdomain routing protocol in the internet

  • A routing protocol is safe when it is guaranteed to converge

  • RIP and OSPF protocols are safe

    • Use shortest-path algorithm

  • BGP is not safe


Safety in bgp cont
Safety in BGP (Cont.)

  • BGP does not use pure shortest-path algorithm

  • BGP allow policy concerns to override distance metric

  • Each AS decides its own policy with little knowledge of of other ASs’ policies


How to make bgp safe
How to make BGP safe?

  • Policy

  • Static

    • ASs do not share their policies

    • The problem is NP-complete

      • Heuristic

  • Dynamic

    • Paths that are potentially create problem will be deleted


Outline
Outline

  • SPP (stable path problem)

  • SPVP (simple path vector protocol)

    • SPVP1

    • SPVP2

    • SPVP3

  • Dispute Digraph

  • Dispute Wheel


Stable path problem spp
Stable Path Problem (SPP)

  • Simplify BGP solvability problem to a problem of “whether every node has a stable route to one destination node”

  • Destination node == node 0

  • (x) = path assignment from node x to node 0

  •  = path assignment of every node to node 0

  •  = ((1), (2), (3), ……………….)

  • When  does not change

    • Stable state

    • Converge

    •  is the solution to this problem

    •  is a stable path assignment of this problem


Stable path problem cont
Stable Path Problem (Cont.)

  • When  keep changing

    • Diverge

      ** NOTE **

  • Even if there is a solution, the problem can still be diverge (cannot find a solution)

  • Even if a problem converge, some nodes may not have a route to node 0

    •  = (10, , 310, 40)


Spp permitted path
SPP – permitted path

permitted path(1) = ( 1 0, 1 3 0)

permitted path(2) = ( 2 0, 2 1 0)

permitted path(3) = (3 0)

permitted path(4) = (4 3 0, 4 2 0)



Spp path assignment
SPP – path assignment

 = ( 1 3 0, 2 0, 3 0, 4 3 0)

1 = 1 3 0

2 = 2 0

3 = 3 0

4 = 4 3 0


How to check whether a path assignment is stable
How to check whether a path assignment is stable?

 = (10, 20, 30, 430)

 = (130, 20, 30, 430)

 = (10, 210, 30, 430)

 = (130, 210, 30, 430)

 = (10, 20, 30, 420)

 = (130, 20, 30, 420)

 = (10, 210, 30, 420)

 = (130, 210, 30, 420)


How to check whether a path assignment is stable cont
How to check whether a path assignment is stable? (Cont.)

  •  = (10, 20, 30, 430)

  •  = (130, 20, 30, 430)

  •  = (10, 210, 30, 430)

  • = (130, 210, 30, 430)

  •  = (10, 20, 30, 420)

  •  = (130, 20, 30, 420)

  •  = (10, 210, 30, 420)

  •  = (130, 210, 30, 420)

  • Node i is stable if rank (i,j)P(j) < rank P(i) whenever (i,j)P(j) is a permitted path at i

  • ** note that (2 1)(1 0) == (2 1 0) **


How to check whether a path assignment is stable cont1
How to check whether a path assignment is stable? (Cont.)

  • Choice( , u) is a union of

    • (u 0) if u is connected to 0 and (u 0) is a permitted path at u

    • (u v) (v) when u is connected to v and (u v) (v) is a permitted path at u

let  = (1 0, 2 0, 3 0, 4 3 0)

Choices( ,1) = (1 0, 1 3 0)

Choices( , 2) = (2 0, 2 10)

Choices( , 3) = (3 0)

Choices( , 4) = (4 3 0, 4 2 0)


How to check whether a path assignment is stable cont2
How to check whether a path assignment is stable? (Cont.)

  • Let W is a subset of permitted path at u,

    Best(W, u) = P  W with a maximum ranking

  • The path assignment at node u, (u), is stable if (u) = best(choices(, u), u)

  • The path assignment  is stable if (u) is stable at every node u.


Example good gadget
Example: Good Gadget

  • There is only one solution (stable path assignment) for this problem

  •  = ( 1 3 0, 2 0, 3 0, 4 3 0)


Example good gadget cont
Example: Good Gadget (Cont.)

 = ( 1 3 0, 2 0, 3 0, 4 3 0)

  • Choices(, 1) = (1 0, 1 3 0)

    Best (Choices(, 1), 1) = 1 3 0 = (1) => stable

  • Choices(, 2) = (2 0)

    Best (Choices(, 2), 2) = 2 0 = (2) => stable

  • Choices(, 3) = (3 0)

    Best (Choices(, 3), 3) = 3 0 = (3) => stable

  • Choices(, 4) = (4 3 0, 4 2 0)

    Best (Choices(, 4), 4) = 4 3 0 = (4) => stable

    **  = ( 1 3 0, 2 0, 3 0, 4 3 0) is stable **


Unstable path assignment example 1
Unstable path assignment example #1

Stable:  = ( 1 3 0, 2 0, 3 0, 4 3 0)

  • Choices(, 1) = (1 0, 1 3 0)

    Best (Choices(, 1), 1) = 1 3 0 != (1) => unstable

  • Choices(, 2) = (2 0, 2 1 0)

    Best (Choices(, 2), 2) = 2 1 0 != (2) => unstable

  • (3), (4) are stable

  •  = ( 1 0, 2 1 0, 3 0, 4 3 0) are not stable

Unstable:  = ( 1 0, 2 1 0, 3 0, 4 3 0)


Simple path vector protocol spvp
Simple path vector protocol (SPVP)

  • SPVP1

    • Basic

    • Not safe

  • SPVP2

    • Contains path history

    • Can detect protocol oscillation due to policy conflict

    • Still not safe

  • SPVP3

    • Extends SPVP2 to make it safe by suppressing paths that can make the protocol diverge


Spvp1
SPVP1

  • Let rib(u) =  (u) for each node u

  • Each node u send rib(u) to its neighbor

  • When each node receives rib(w) from its neighbor w, called rib-in(u<=w), it computes best(u)

  • If best(u) != rib(u), it replace rib(u) with best(u), and sends new rib(u) to all its neighbor

  • When no node sends new rib(u) to its neighbor, the protocol is in a stable state, the problem is converge

  • If there will never be a stable state, the problem is diverge


Algorithm for spvp1
Algorithm for SPVP1

  • Rib(u) = path from u to node 0

  • Rib-in(u <= w) = rib(w) received from the neighbor w

  • Best(u) = computed new path from u to 0 from all Rib-ins(u <=w)


Example good gadget1
Example: Good Gadget

  •  = (130, 210, 30, 430)

  •  = (130, 20, 30, 430)

  •  = (130, 20, 30, 420)

  •  is stable => problem is converge


Example2 bad gadget no solution
Example2: Bad Gadget (no solution)

** Step 0 and 9 are the same ** one round of oscillation


Example3 naughty gadget
Example3: Naughty Gadget

  • Has a solution

    • (130,20,30,420)

  • Diverge

  • Cannot go to (130,20,30,420) state with SPVP protocol


Protocol oscillation
Protocol Oscillation

  • Assume node u abandons path p1 and adopts path p2, we say that

    • Node u went down from p1 if p2 has lower rank than p1

    • Node u went up to p2 if p2 has higher rank than p1

  • Look at node 2 from step 6 backward:

    node 2 adopts (2 0) because it went down from (2 1 0) because node 1 went up to (1 3 0) because node 3 went down from (3 4 2 0) because node 4 went down from (4 2 0) because node 2 went up to (2 1 0)

  • ** there is a cycle between went up and down to/from path 210 **


Spvp2
SPVP2

  • Each node has path history

  • Each node send path history to its neighbor

  • Policy based oscillation can be detected

    • But do nothing => still not safe

  • The sentence “node 2 adopts (2 0) because it went down from (2 1 0) because node 1 went up to (1 3 0) because node 3 went down from (3 4 2 0) because node 4 went down from (4 2 0) because node 2 went up to (2 1 0)”can be translated to

    (- 2 1 0) (+ 1 3 0) (- 3 4 20) (- 4 2 0) (+ 2 1 0)





Spvp3 a safe path vector protocol
SPVP3: A safe path vector protocol

  • B(u) = bad paths at node u

  • Choices(u) now exclude every path in B(u)

  • In step 6, node 2 has a cycle in its history of path (2 0), it add path (2 0) to B(2) and adopts empty path

  • The solution of this problem is ( 1 3 0, , 3 0, 4 3 0)

  • The protocol converge, there is no oscillation, but node 2 cannot get to node 0


Dispute digraph
Dispute Digraph

  • There are 2 types of arc in dispute digraph

    • Transmission arc

    • Dispute arcs


Transmission arc
Transmission arc

  • P = = => (u v)P when

    • u and v are peers

    • P is permitted at v

    • (u v)P is permitted at u

  • (1 0) = = => (2 1 0)

  • (2 0) = = => (4 2 0)

  • (3 0) = = => (1 3 0)

  • (3 0) = = => (4 3 0)

  • (4 2 0) = = => (3 4 2 0)

** node 1 adopts path (10) which allow node 2 to permit path

(2 1 0) **


Dispute arc
Dispute arc

Q ===> (u v)P when

  • (u v)P is a permitted path at u

  • Q and P are permitted path at v

  • Path (u v)Q is not permitted at u, or path Q has lower rank than P at node u

  • Path Q has higher rank than P at node v

  • Node v could increase the rank of its best path by abandon path P and adopt path Q, however, this will force node u to abandon path (u v)P


Dispute arc1
Dispute arc

  • (1 3 0) ===> (2 1 0)

  • (2 1 0) ===> (4 2 0)

  • (3 4 2 0) ===> (1 3 0)

  • (3 4 2 0) ===> (4 3 0)

  • (4 3 0) ===> (3 4 2 0)


Dispute digraph good gadget
Dispute digraph: good gadget

  • Acyclic (no loop)

  • Converge, unique solution, safe, robust


Dispute digraph naughty gadget
Dispute digraph: naughty gadget

  • 2 loops

    • (430=>3420=>430)

    • (3420=>130=>210=>420=>3420)


Dispute digraph bad gadget
Dispute digraph: bad gadget

  • 1 loop

    • (3420=>130=>210=>420=>3420)


Loops in dispute digraph
Loops in dispute digraph

  • Acyclic (no loop)

    • good

  • Contains loops (dispute cycles)

    • Potentially bad


Dispute wheel
Dispute Wheel

  • An alternative representation structure of a dispute cycle

  • A specification S has a dispute wheel if and only if the dispute digraph DD(S) contains a cycle

  • Dispute cycles are built from local relationships between peers

  • Dispute wheels are based on long-distance relationships


Dispute wheel cont
Dispute Wheel (Cont.)

  • A dispute wheel of size k is

    • A sequence of nodes U = U0…Uk-1

    • A sequence of paths Q = Q0….Qk-1

    • A sequence of paths R = R0….Rk-1

  • Such that for each 0 <= i <= k-1

    • Ri is a path from ui to ui+1

    • Qi is a permitted path at Ui

    • RiQi+1 is a permitted path at Ui

    • Rank Qi < RiQi+1 at Ui


Dispute wheel of size 3 bad gadget

U0

U2

R2=21

Q0=10

Q2=20

R0=13

Q1=30

R1=342

U1

Dispute wheel of size 3: bad gadget

At U0: rank (Q0 == 10) < (R0Q1 ==1330 == 130)

At U1: rank (Q1 == 30) < (R1Q2 ==34220 == 3420)

At U2: rank (Q2 == 20) < (R2Q3 ==2110 == 210)


Properties of dispute wheel
Properties of dispute wheel

  • No dispute wheel implies solvability

  • No dispute wheel implies a unique solution

  • No dispute wheel implies safety

  • No dispute wheel implies robustness

    ** No dispute wheel == no dispute cycle in DD(S) **


Two trees imply a dispute wheel
Two trees imply a dispute wheel

120

10

210

20

  • Disagree

    • Has 2 solutions (2 trees)

    • Contains a dispute wheel

Disagree

solutions


Disagree problem

** May or may not converge **


An algorithm to find a stable path assignment
An algorithm to find a stable path assignment

  • Start from a problem of size 0, then 1, 2 ,….,k-1, where k is a number of nodes

  • Grow an assignment in a greedy manner

  • i is a stable path assignment of size i

  • Vi  V where every node in (u) is in Vi, 0  Vi

  •  = (130, 210, 30, 430), (0)=0

  • V1 = {0,3}

  • u  V-V1 = {1,2,4}


  • Direct path to V1

    • Node 1: 130

    • Node 2: 20

    • Node 4: 430

  • 2 = (130,20,30,430)

  • V2 = {0,3,1}

  • V3 = {0,3,1,2}

  • V4 = {0,3,1,2,4}

  •  = (130,20,30,430)

  • If this algorithm cannot find a solution, there must exists a dispute wheel


Stable path problem vs shortest path problem
Stable path problem VS Shortest path problem

  • Routing protocol based on shortest path is always safe

  • Routing protocol can be safe even if it does not use the shortest path

    • BGP: Good gadget


Routing protocol based on cost function
Routing protocol based on cost function

  • Not all path are permitted

  • May not be safe

  • Safe if there is no negative cost cycle

Naughty gadget (unsafe)

  • A cycle 1342 has a negative cost of -16


Routing protocol based on cost function cont
Routing protocol based on cost function (Cont.)

  • The protocol can also be safe even if there exists a negative cost cycle

** A+B+C < 0 ** ** no dispute cycle  safe **


Assumptions in these works
Assumptions in these works

  • Ignore all issues relating to internal BGP

  • There is at most one link between any two ASs

  • Ignore address aggregation


Conclusions
Conclusions

  • Shortest path is safe, BGP is not

  • There are 3 ways to make routing protocol safe

    • Policy

    • Static

    • Dynamic

  • Static

    • Dispute digraph

      • Dispute cycle

    • Dispute wheel

    • No dispute wheel == no dispute cycle

    • No dispute wheel == safe, robust


Conclusions cont
Conclusions (Cont.)

  • Dynamic

    • SPP (simple path problem)

      • simplify the problem

      • route to one destination

    • SPVP (simple path vector protocol)

      • SPVP1: Like what is used in BGP, unsafe

      • SPVP2: Can detect oscillation caused by policy conflict

      • SPVP3: Get rid of bad path  safe , however, some nodes may not have a route to a destination

  • Routing based on cost function without a negative cost cycle is safe



ad