pretty good bgp: improving bgp by cautiously adopting routes josh karlin, stephanie forrest,...

21
Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network Protocols 2006

Upload: melinda-todd

Post on 18-Jan-2016

220 views

Category:

Documents


1 download

TRANSCRIPT

Page 1: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

Pretty Good BGP: Improving BGP by Cautiously Adopting Routes

Josh Karlin, Stephanie Forrest, Jennifer Rexford

IEEE International Conference on Network Protocols 2006

Page 2: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

Outline

• What are current BGP security issues?

• What is PGBGP trying to solve?

• How does PGBGP solve it?

• How good is PGBGP?

• How bad is PGBGP?

• Shall we use it?

Page 3: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

What are current BGP security issues?

• BGP4 (RFC1771)– Inter-domain routing, internet core– Link state protocol, distributed system

• Vulnerabilities– No encryption: eavesdropping– No timestamp: replaying– No signature: man-in-the-middle

Page 4: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

What are current BGP security issues?

• Examples

Page 5: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

What is PGBGP trying to solve?

• General requirements of a good solution– BGP is widely deployed: don’t modify the protocol– Route’s resource is stretched thin: don’t consume too

much resource– ISPs are conservative: incremental deployable– ISPs are greedy: show good results!

Page 6: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

What is PGBGP trying to solve?

• Prefix hijack– Shorter AS_PATH

(man-in-the-middle)– MOAS

(multiple origin AS)

Page 7: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

How does PGBGP solve it?

• Basic idea– Suspicious Cautious– Use historical prefix-origin records– Damping suspicious prefix-origin

announcement for 24 hours– Human investigation– Good for prefix/sub-prefix hijacks

Page 8: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

How does PGBGP solve it?

• AlgorithmHistory period – h hours cleanSuspicious period – s hours quarantinedMove h forward remove staleness, get freshness

• Parameters sensitivityh = 10 days : short FP, long repeat slips s = 24 hours : human response time

Page 9: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

How does PGBGP solve it?

Prefix Hijacks: conflict w/ unknown origins

Sub-prefix hijacks:

Conflict w/ known origins

[Q1]?

Page 10: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

How does PGBGP solve it?

• Mitigation– Avoid suspicious routes:

• lower preference• Sub-prefix: quarantine, choose neighbor not

having the suspicious routes (not really helpful)• Never seen prefix / super-prefix will be adopted

– Convergence consideration• Obey relationship-based policy• Dampened as if not announced

Page 11: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

How good is PGBGP?

• Simulation– 18,943 ASes, average 4 links per AS-AS– Simulator w/ policy-based routing– Deployment strategries:

• random -- p• core+random -- 16 (15 degree+) + p

– 500 attacks per setup– Parameters: h = 3, s = 1– Day 1, O; Day 2 O’

Page 12: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

How good is PGBGP?

Page 13: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

How good is PGBGP?

Page 14: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

How good is PGBGP?

Page 15: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

How good is PGBGP?

Page 16: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

How good is PGBGP?

Page 17: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

How good is PGBGP?

• Conclusion: pretty good – Core + random deployment, 90%+ effective– Incrementally deployable– Out-of-core computation possible– Centralized computation possible– Overhead is small, real time possible– Extension: IAR (internet alert registry)

Page 18: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

How bad is PGBGP?

• Limitations:– FP: Origin change, multi-homed– DoS + no other choice– lucky slips – Man-in-the-middle (put itself in AS_PATH)

• Conclusion: not to bad

Page 19: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

Shall we use it?

• Critiques for the paper– FP delay propagation: 24+24+24+24+24– Model human correction rate with prob. p1,

FP rate p2 …– Some analysis is not thorough (e.g. Fig 3)– Undeployed ASes at risk (good & bad)– Distributed/Co-operated version

• Conclusion: try if you like

Page 20: Pretty Good BGP: Improving BGP by Cautiously Adopting Routes Josh Karlin, Stephanie Forrest, Jennifer Rexford IEEE International Conference on Network

Shall we use it?