Loading in 5 sec....

Interdomain Routing and GamesPowerPoint Presentation

Interdomain Routing and Games

- By
**finn** - Follow User

- 111 Views
- Uploaded on

Download Presentation
## PowerPoint Slideshow about ' Interdomain Routing and Games' - finn

**An Image/Link below is provided (as is) to download presentation**

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

On the Agenda

- Motivation: Are Internet protocols incentive compatible?
- Interdomain routing & path vector protocols
- Convergence issues
- BGP as a game
- Hardness of approximation of social welfare
- Incentive compatibility
- Conclusions

Are Current Network Protocols Incentive Compatible?

- Protocols for the network have been dictated by some designer
- Okay for cooperative settings
- But what if nodes try to optimize regardless of harm to others?
- Example: TCP congestion control
- Requires sender to transmit less when the network is congested
- This is not optimal for the sender (always better off sending more)

Secure Network Protocols

- A lot of effort is going into re-designing network protocols to be secure.
- Routing protocols are currently known to be very susceptible to attacks.
- Even inadvertent configuration errors of routers have caused global catastrophes.

- Designers are also concerned about incentive issues in this context.
- Our work highlights some connections between incentives and security of BGP.

AT&T

Comcast

Qwest

Interdomain Routing- Messages in the Internet are passed from one router to the other until reaching the destination.
- Goal of routing protocols: decide how to route packets between nodes on the net.
- The network is partitioned into Autonomous Systems (ASes) each owned by an economic entity.
- Within ASes routing is cooperative
- Between ASes inherently non-cooperative

- Routing preferences are complex and uncoordinated.

Always chooseshortest paths.

Load-balance myoutgoing traffic.

Avoid routes through AT&T if at all possible.

My link to UUNET is forbackup purposes only.

send updatesto neighbors

choose“best” neighbor

Path Vector Protocols- The only protocol currently used to establish routes between ASes (interdomain routing): The Border Gateway Protocol (BGP).
- Performed independently for every destination autonomous system in the network.
- The computation by each node is an infinite sequence of actions:

Example of BGP Execution

5

4

41d

41d

23d

23d

2

23d

1d

1

23d

3d

3

1d

3d

d

d

d

d

receive routes from neighbors

send updatesto neighbors

choose“best” neighbor

Our Main Results Informally

- Theorem: In “reasonable economic settings”, BGP is almost incentive-compatible (And can be tweaked to be incentive compatible).
- Theorem: In these same settings it is also almost collusion proof.
- To make it fully collusion proof we need a somewhat stronger assumption.

BGP – Not Guaranteed to Converge

1

2

- Other examples may fail to converge for certain timings and succeed for others.

2d

23d

2d

...

12d

1d

…

1d

12d

d

31d

3d

…

31d

3

Finding Stable States

- Previously known: It’s NP-Hard to determine if a stable state even exists. [Griffin, Wilfong]
We add:

- Theorem: Determining the existence of a stable state requires exponential communication.
- In practice, BGP does converge in the Internet! Why?

The Gao-Rexford Framework: An economic explanation for network convergence.

Neighboring pairs of ASes have one of:

- a customer-provider relationship
- a peering relationship
Restrict the possible graphs and preferences:

- No customer-provider cycles (cannot be your own customer)
- Prefer to route through customers over peers, and peers over providers.
- Only provide transit services to customers.
Guarantees convergence of BGP.

peer

providers

peer

customers

Dispute Wheels network convergence.

- A Dispute Wheel [Griffin et. al.]
- A sequence of nodes ui and routes Ri, Qi.
- ui prefers RiQi+1 over Qi.

- If the network has no dispute wheels, BGP will always converge.
- Also guarantees convergence with node & link failures.

Gao-Rexford

No Dispute Wheel

Robust Convergence

Shortest Path

Modeling Path Vector Protocols as a Game network convergence.

- The interaction is very complex.
- Multi-round
- Asynchronous
- Partial-information
- Network structure, schedule, other player’s types are all unknown.

- No monetary transfers!
- More realistic
- Unlike most works on incentive-compatibility in interdomain routing.

Routing as a Game network convergence.

- The source-nodes are the strategic agents
- Agent i has a value vi(R) for any route R
- The game has an infinite number of rounds
- Timing decided by an entity called the scheduler
- Decides which nodes are activated in each round.
- Delays update messages along selective links.

Routing as a Game (2) network convergence.

- A node that is activated in a certain round can
- Read update messages announcing routes.
- Send update messages announcing routes.
- Choose a neighboring node to forward traffic to.

- The gain of node i from the game is:
- vi(R) if from some point on it has an unchanging route R.
- 0 otherwise. (can be defined as the maximal gained path in an oscillation as well).

- a node’s strategy is its choice of a routing protocol.
- Executing BGP is a strategy.

Approximating Social Welfare network convergence.

- Theorem: Getting an approximation to the optimal social welfare is impossible unless P=NP even in Gao-Rexford settings.(Improvement on a bound achieved by [Feigenbaum,Sami,Shenker])
- Theorem: It requires exponential communication to approximate social welfare up to

Manipulating in The Protocol network convergence.

- A node is said to deviate from BGP (or to manipulate BGP) if it does not follow BGP.
- We want nodes to comply with the alg. Otherwise, suffer a loss when they deviate
- Which forms of manipulation are available to nodes?
- Misreporting preferences.
- Reporting inconsistent information.
- Announcing nonexistent routes.
- Denying routes.
- …

No Optimal Protocols network convergence.

- Theorem: Any routing protocol that:
- Guarantees convergence to a solution for any timing with any preference profile
- Resists manipulation
Must contain a (weak) dictator: A node that always gets its most preferred path.

(Simple to prove using a variant of the Gibbard-Satterthwaite theorem)

- Suppose node 1 is a weak dictator. network convergence.
- If it wants some crazy path, it must get it.
- This feels like an unreasonable protocol.

5

4

6

3

2

7

1

d

m1d network convergence.

m12d

m1d

m12d

1

1

m

m

12d

1d

12d

1d

d

d

2

2

2md

2d

2md

2d

with manipulation

without manipulation

Is BGP Incentive-Compatible?- Theorem: BGP is not incentive compatible even in Gao-Rexford settings.

Can we fix this? network convergence.

- We define a property:
- Route verification means that an AS can verify that a route is available to a neighboring AS.

- Route verification is:
- Achievable via computational means (cryptographic signatures).
- An important part of secure BGP implementation.

Incentive Compatibility network convergence.

- Theorem: If the “No Dispute Wheel” condition holds, then BGP with route verification is incentive-compatible in ex-post Nash equilibrium.
- Theorem: If the “No Dispute Wheel” condition holds, then BGP with route verification is collusion-proof in ex-post Nash equilibrium.

Open Questions network convergence.

- Characterizing robust BGP convergence (“No dispute wheel” is sufficient but not necessary).
- Does robust BGP convergence with route verification imply incentive compatibility?
- Can network formation games help to explain the Internet’s commercial structure?
- Maintain incentive compatibility if the protocol is changed to deal with attacks and other security issues?
- How do congestion and load fit in?

Conclusions network convergence.

- Our results help explain BGP’s resilience to manipulation in practice.
- Manipulation requires extensive knowledge on network topology & preferences of ASes.
- Faking routes requires manipulation of TCP/IP too.
- Manipulations by coalitions require Herculean efforts, and tight coordination.

- We show that proposed security improvements would benefit incentives in the protocol.
- Work in progress: other natural asynchronous games.
- “Best Reply Mechanisms” with Noam Nisam and Michael Schapira

Download Presentation

Connecting to Server..