network explorations with qrator radar...qrator)labs) network explorations with qrator radar...
TRANSCRIPT
Alexnader Lyamin <[email protected]> Qrator Labs
Network Explorations with Qrator Radar
Retrieving Route Policy
Common prac@ces 1. Route Registries a. Outdated b. Incomplete
2. AS Paths a. Affected by route leaks b. No opportunity for paid peering detec@on Don’t cover lesser priori@es
AS Paths
AS Rela,
ons (1)
AS Rela,
ons (2)
AS Rela,
ons (3)
Active Verification
Active Verification
Ac@ve Verifica@on
AS Next
AS1 Origin
AS2 Origin
Origin
AS1 AS2
Ac@ve Verifica@on
AS Next
AS1 Origin
AS2 Origin
AS3 ?
Origin
AS1 AS2
AS3
Ac@ve Verifica@on
Origin
AS1 AS2
AS3 AS Next
AS1 Origin
AS2 Origin
AS3 AS2
Ping it!
Ac@ve Verifica@on
Origin
AS1 AS2
AS3 AS Next
AS1 Origin
AS2 Origin
AS3 AS2
Ping it!
1. Cover AS graph Using Dijcstra algorithm; 2. Changing route policies at origin helps to detect more policies.
AS Rela,ons AS Design
Radar Monitor
What is Qrator Radar?
AS Rela@ons
1. AS Rela@ons typing 2. Prepend policy predic@on 3. Ac@ve verifica@on 4. Priority at every level of BGP decision process
AS Rela@ons
Peering, Customers, Providers
Qrator AS Graph
Path predic,on instead of AS Path visualiza,on.
BGP Route Predic@on
AS Design
Security Issues
Full disclosure is available after verification
Rates
Daily updated
Botnet Ac@vity Map
We are looking forward…
1. Your feedbacks! 2. Your feature requests 3. BGP sessions with our reflector
We are planning…
1. Reverse Looking Glass 2. No@fica@on for security issues 3. API
h[ps://radar.qrator.net
Questions?