- 138 Views
- Uploaded on

Download Presentation
## PowerPoint Slideshow about 'Pitch Patarasuk' - bennett

**An Image/Link below is provided (as is) to download presentation**

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

Pitch Patarasuk

- Policy Disputes in Path-Vector Protocol
- A Safe Path Vector Protocol
- The Stable Paths Problem and Interdomain routing

Safety in BGP

- BGP is the only interdomain routing protocol in the internet
- A routing protocol is safe when it is guaranteed to converge
- RIP and OSPF protocols are safe
- Use shortest-path algorithm
- BGP is not safe

Safety in BGP (Cont.)

- BGP does not use pure shortest-path algorithm
- BGP allow policy concerns to override distance metric
- Each AS decides its own policy with little knowledge of of other ASs’ policies

How to make BGP safe?

- Policy
- Static
- ASs do not share their policies
- The problem is NP-complete
- Heuristic
- Dynamic
- Paths that are potentially create problem will be deleted

Outline

- SPP (stable path problem)
- SPVP (simple path vector protocol)
- SPVP1
- SPVP2
- SPVP3
- Dispute Digraph
- Dispute Wheel

Stable Path Problem (SPP)

- Simplify BGP solvability problem to a problem of “whether every node has a stable route to one destination node”
- Destination node == node 0
- (x) = path assignment from node x to node 0
- = path assignment of every node to node 0
- = ((1), (2), (3), ……………….)
- When does not change
- Stable state
- Converge
- is the solution to this problem
- is a stable path assignment of this problem

Stable Path Problem (Cont.)

- When keep changing
- Diverge

** NOTE **

- Even if there is a solution, the problem can still be diverge (cannot find a solution)
- Even if a problem converge, some nodes may not have a route to node 0
- = (10, , 310, 40)

SPP – permitted path

permitted path(1) = ( 1 0, 1 3 0)

permitted path(2) = ( 2 0, 2 1 0)

permitted path(3) = (3 0)

permitted path(4) = (4 3 0, 4 2 0)

How to check whether a path assignment is stable?

= (10, 20, 30, 430)

= (130, 20, 30, 430)

= (10, 210, 30, 430)

= (130, 210, 30, 430)

= (10, 20, 30, 420)

= (130, 20, 30, 420)

= (10, 210, 30, 420)

= (130, 210, 30, 420)

How to check whether a path assignment is stable? (Cont.)

- = (10, 20, 30, 430)
- = (130, 20, 30, 430)
- = (10, 210, 30, 430)
- = (130, 210, 30, 430)
- = (10, 20, 30, 420)
- = (130, 20, 30, 420)
- = (10, 210, 30, 420)
- = (130, 210, 30, 420)

- Node i is stable if rank (i,j)P(j) < rank P(i) whenever (i,j)P(j) is a permitted path at i
- ** note that (2 1)(1 0) == (2 1 0) **

How to check whether a path assignment is stable? (Cont.)

- Choice( , u) is a union of
- (u 0) if u is connected to 0 and (u 0) is a permitted path at u
- (u v) (v) when u is connected to v and (u v) (v) is a permitted path at u

let = (1 0, 2 0, 3 0, 4 3 0)

Choices( ,1) = (1 0, 1 3 0)

Choices( , 2) = (2 0, 2 10)

Choices( , 3) = (3 0)

Choices( , 4) = (4 3 0, 4 2 0)

How to check whether a path assignment is stable? (Cont.)

- Let W is a subset of permitted path at u,

Best(W, u) = P W with a maximum ranking

- The path assignment at node u, (u), is stable if (u) = best(choices(, u), u)
- The path assignment is stable if (u) is stable at every node u.

Example: Good Gadget

- There is only one solution (stable path assignment) for this problem
- = ( 1 3 0, 2 0, 3 0, 4 3 0)

Example: Good Gadget (Cont.)

= ( 1 3 0, 2 0, 3 0, 4 3 0)

- Choices(, 1) = (1 0, 1 3 0)

Best (Choices(, 1), 1) = 1 3 0 = (1) => stable

- Choices(, 2) = (2 0)

Best (Choices(, 2), 2) = 2 0 = (2) => stable

- Choices(, 3) = (3 0)

Best (Choices(, 3), 3) = 3 0 = (3) => stable

- Choices(, 4) = (4 3 0, 4 2 0)

Best (Choices(, 4), 4) = 4 3 0 = (4) => stable

** = ( 1 3 0, 2 0, 3 0, 4 3 0) is stable **

Unstable path assignment example #1

Stable: = ( 1 3 0, 2 0, 3 0, 4 3 0)

- Choices(, 1) = (1 0, 1 3 0)

Best (Choices(, 1), 1) = 1 3 0 != (1) => unstable

- Choices(, 2) = (2 0, 2 1 0)

Best (Choices(, 2), 2) = 2 1 0 != (2) => unstable

- (3), (4) are stable
- = ( 1 0, 2 1 0, 3 0, 4 3 0) are not stable

Unstable: = ( 1 0, 2 1 0, 3 0, 4 3 0)

Simple path vector protocol (SPVP)

- SPVP1
- Basic
- Not safe
- SPVP2
- Contains path history
- Can detect protocol oscillation due to policy conflict
- Still not safe
- SPVP3
- Extends SPVP2 to make it safe by suppressing paths that can make the protocol diverge

SPVP1

- Let rib(u) = (u) for each node u
- Each node u send rib(u) to its neighbor
- When each node receives rib(w) from its neighbor w, called rib-in(u<=w), it computes best(u)
- If best(u) != rib(u), it replace rib(u) with best(u), and sends new rib(u) to all its neighbor
- When no node sends new rib(u) to its neighbor, the protocol is in a stable state, the problem is converge
- If there will never be a stable state, the problem is diverge

Algorithm for SPVP1

- Rib(u) = path from u to node 0
- Rib-in(u <= w) = rib(w) received from the neighbor w
- Best(u) = computed new path from u to 0 from all Rib-ins(u <=w)

Example: Good Gadget

- = (130, 210, 30, 430)
- = (130, 20, 30, 430)
- = (130, 20, 30, 420)
- is stable => problem is converge

Example2: Bad Gadget (no solution)

** Step 0 and 9 are the same ** one round of oscillation

Example3: Naughty Gadget

- Has a solution
- (130,20,30,420)
- Diverge
- Cannot go to (130,20,30,420) state with SPVP protocol

Protocol Oscillation

- Assume node u abandons path p1 and adopts path p2, we say that
- Node u went down from p1 if p2 has lower rank than p1
- Node u went up to p2 if p2 has higher rank than p1
- Look at node 2 from step 6 backward:

node 2 adopts (2 0) because it went down from (2 1 0) because node 1 went up to (1 3 0) because node 3 went down from (3 4 2 0) because node 4 went down from (4 2 0) because node 2 went up to (2 1 0)

- ** there is a cycle between went up and down to/from path 210 **

SPVP2

- Each node has path history
- Each node send path history to its neighbor
- Policy based oscillation can be detected
- But do nothing => still not safe
- The sentence “node 2 adopts (2 0) because it went down from (2 1 0) because node 1 went up to (1 3 0) because node 3 went down from (3 4 2 0) because node 4 went down from (4 2 0) because node 2 went up to (2 1 0)”can be translated to

(- 2 1 0) (+ 1 3 0) (- 3 4 20) (- 4 2 0) (+ 2 1 0)

SPVP3: A safe path vector protocol

- B(u) = bad paths at node u
- Choices(u) now exclude every path in B(u)

- In step 6, node 2 has a cycle in its history of path (2 0), it add path (2 0) to B(2) and adopts empty path
- The solution of this problem is ( 1 3 0, , 3 0, 4 3 0)
- The protocol converge, there is no oscillation, but node 2 cannot get to node 0

Dispute Digraph

- There are 2 types of arc in dispute digraph
- Transmission arc
- Dispute arcs

Transmission arc

- P = = => (u v)P when
- u and v are peers
- P is permitted at v
- (u v)P is permitted at u

- (1 0) = = => (2 1 0)
- (2 0) = = => (4 2 0)
- (3 0) = = => (1 3 0)
- (3 0) = = => (4 3 0)
- (4 2 0) = = => (3 4 2 0)

** node 1 adopts path (10) which allow node 2 to permit path

(2 1 0) **

Dispute arc

Q ===> (u v)P when

- (u v)P is a permitted path at u
- Q and P are permitted path at v
- Path (u v)Q is not permitted at u, or path Q has lower rank than P at node u
- Path Q has higher rank than P at node v

- Node v could increase the rank of its best path by abandon path P and adopt path Q, however, this will force node u to abandon path (u v)P

Dispute arc

- (1 3 0) ===> (2 1 0)
- (2 1 0) ===> (4 2 0)
- (3 4 2 0) ===> (1 3 0)
- (3 4 2 0) ===> (4 3 0)
- (4 3 0) ===> (3 4 2 0)

Dispute digraph: good gadget

- Acyclic (no loop)
- Converge, unique solution, safe, robust

Dispute digraph: naughty gadget

- 2 loops
- (430=>3420=>430)
- (3420=>130=>210=>420=>3420)

Dispute digraph: bad gadget

- 1 loop
- (3420=>130=>210=>420=>3420)

Loops in dispute digraph

- Acyclic (no loop)
- good
- Contains loops (dispute cycles)
- Potentially bad

Dispute Wheel

- An alternative representation structure of a dispute cycle
- A specification S has a dispute wheel if and only if the dispute digraph DD(S) contains a cycle
- Dispute cycles are built from local relationships between peers
- Dispute wheels are based on long-distance relationships

Dispute Wheel (Cont.)

- A dispute wheel of size k is
- A sequence of nodes U = U0…Uk-1
- A sequence of paths Q = Q0….Qk-1
- A sequence of paths R = R0….Rk-1
- Such that for each 0 <= i <= k-1
- Ri is a path from ui to ui+1
- Qi is a permitted path at Ui
- RiQi+1 is a permitted path at Ui
- Rank Qi < RiQi+1 at Ui

U0

U2

R2=21

Q0=10

Q2=20

R0=13

Q1=30

R1=342

U1

Dispute wheel of size 3: bad gadgetAt U0: rank (Q0 == 10) < (R0Q1 ==1330 == 130)

At U1: rank (Q1 == 30) < (R1Q2 ==34220 == 3420)

At U2: rank (Q2 == 20) < (R2Q3 ==2110 == 210)

Properties of dispute wheel

- No dispute wheel implies solvability
- No dispute wheel implies a unique solution
- No dispute wheel implies safety
- No dispute wheel implies robustness

** No dispute wheel == no dispute cycle in DD(S) **

Two trees imply a dispute wheel

120

10

210

20

- Disagree
- Has 2 solutions (2 trees)
- Contains a dispute wheel

Disagree

solutions

Disagree problem

** May or may not converge **

An algorithm to find a stable path assignment

- Start from a problem of size 0, then 1, 2 ,….,k-1, where k is a number of nodes
- Grow an assignment in a greedy manner
- i is a stable path assignment of size i
- Vi V where every node in (u) is in Vi, 0 Vi
- = (130, 210, 30, 430), (0)=0
- V1 = {0,3}
- u V-V1 = {1,2,4}

Direct path to V1

- Node 1: 130
- Node 2: 20
- Node 4: 430
- 2 = (130,20,30,430)
- V2 = {0,3,1}
- V3 = {0,3,1,2}
- V4 = {0,3,1,2,4}
- = (130,20,30,430)

- If this algorithm cannot find a solution, there must exists a dispute wheel

Stable path problem VS Shortest path problem

- Routing protocol based on shortest path is always safe
- Routing protocol can be safe even if it does not use the shortest path
- BGP: Good gadget

Routing protocol based on cost function

- Not all path are permitted
- May not be safe
- Safe if there is no negative cost cycle

Naughty gadget (unsafe)

- A cycle 1342 has a negative cost of -16

Routing protocol based on cost function (Cont.)

- The protocol can also be safe even if there exists a negative cost cycle

** A+B+C < 0 ** ** no dispute cycle safe **

Assumptions in these works

- Ignore all issues relating to internal BGP
- There is at most one link between any two ASs
- Ignore address aggregation

Conclusions

- Shortest path is safe, BGP is not
- There are 3 ways to make routing protocol safe
- Policy
- Static
- Dynamic
- Static
- Dispute digraph
- Dispute cycle
- Dispute wheel
- No dispute wheel == no dispute cycle
- No dispute wheel == safe, robust

Conclusions (Cont.)

- Dynamic
- SPP (simple path problem)
- simplify the problem
- route to one destination
- SPVP (simple path vector protocol)
- SPVP1: Like what is used in BGP, unsafe
- SPVP2: Can detect oscillation caused by policy conflict
- SPVP3: Get rid of bad path safe , however, some nodes may not have a route to a destination
- Routing based on cost function without a negative cost cycle is safe

Download Presentation

Connecting to Server..