router-level internet topology mapping

Router-level Internet Topology Mapping

By Talha OZ

Outline Introduction

Internet Topology Collection• Basic Techniques• Some Measurement Projects & Platforms• Issues in Topology Collection

Issues in Topology Construction• Resolving Anonymous Routers • Resolving Alias IP Addresses• Resolving Genuine Subnets

Summary2Internet Topology Discovery

My stress on this presentation

Will be explained in detail in the next presentation

Outline Introduction

• Internet as a Complex Network• Motivations on Internet Topology Measurement

Internet Topology Collection• Basic Techniques• Some Measurement projects & platforms• Issues in Topology Collection


Summary3Internet Topology Discovery

Internet Topology Discovery 4

Web of interconnected networks• Grows with no central authority• Autonomous Systems optimize local communication efficiency• The building blocks are engineered and studied in depth• Global entity has not been characterized

Most real world complex-networks have non-trivial properties.

Global properties can not be inferred from local ones• Engineered with large technical diversity• Range from local campuses to transcontinental backbone

providers

Internet

Once the graph is built, one can study its characteristics• Essential to design, implement, protect, and operate underlying network

technologies, protocols, services, and applications

Capture graph’s theoretic resilience to failure or say something about its efficiency for routing

Realistic simulation environment for developed products

Comprehend spreading of worms/viruses (Burch and Cheswick’s proposal)

Improve QoS for the multimedia content• Where to store the data in replicated servers distributed across the internet

ISPs are not willing to share their topology information

Motivation on Internet Topology Measurement

5Internet Topology DiscoveryLumenta Jan 06

Types of Internet topology maps• Autonomous System (AS) level maps• Point of presence (PoP) level • Router level maps• IP interface level

A router level Internet map consists of• Nodes: End-hosts and routers • Links: Point-to-point or multi-access links

Router level Internet topology discovery• A process of identifying nodes and links among them

Internet Topology Measurement

6Internet Topology DiscoveryLumenta Jan 06CAIDA Jan 08CAIDA Jan 00

Outline Introduction Internet Topology Collection

• Basic Techniques• Some Measurement projects & platforms

• Issues in Topology Collection


Summary

7Internet Topology Discovery

Internet topology measurement studies Involves topology collection / construction / analysis

How to collect ? Work on IP layer, leverage header information IETF’s RFCs determine the behavior of the nodes Send ICMP, UDP, TCP packets and wait ... Ideal case and issues ...

Internet Topology MeasurementTopology Collection


IETFThe Internet Engineering Task Force (IETF)

develops and promotes Internet standards

RFCAn Internet Standard is a special

Request for Comments (RFC) or set of RFCs.

http://tools.ietf.org/html/rfc792

Internet Topology MeasurementTopology Collection – Who sets the rules ?


http://en.wikipedia.org/wiki/Internet_standard

http://en.wikipedia.org/wiki/Standard

http://en.wikipedia.org/wiki/Request_for_Comments

http://tools.ietf.org/html/rfc792

Internet Topology MeasurementHow to collect


Direct probing

Indirect probing

A DB C

Internet Topology MeasurementsProbing

IPB TTL=64

IPB

IPD TTL=64

IPD

Vantage Point

A DB C

Vantage Point

IPB

IPD TTL=2IPD TTL=1

IPC


Probe packets are carefully constructed to elicit intended response from a probe destination

traceroute probes all nodes on a path towards a given destination• TTL-scoped probes obtain ICMP error messages from routers on the path• ICMP messages includes the IP address of intermediate routers as its source

Merging end-to-end path traces yields the network map

S DA B C

Destination

Internet Topology MeasurementTopology Collection (traceroute)

TTL=1

IPA

TTL=2

IPB

TTL=3

IPC

TTL=4

IPD

Vantage Point


Internet Topology Measurement:Background

Internet Topology Mapping 13

S

L

U

H

C

N

W

A

s.2

l.1

s.3

u.1

l.3

u.3

h.1

k.3

h.2

h.3

a.3

u.2k.1 c.4

a.1 a.2

w.3c.3w.1

c.2

n.1 n.3

w.2

l.2

K

c.1

k.2

dh.4

Trace to Seattle

h.4

l.3

s.2

Trace to NY

h.4

a.3

w.3

n.3

Internet2 backbone

Internet Topology Measurement:Background

Internet Topology Mapping 14

S

L

UC

N

A

s.2

l.1

s.3

u.1

l.3

h.1

k.3

h.2

a.3

u.2k.1 c.4

a.1 a.2

w.3c.3w.1

c.2

n.1 n.3

w.2

l.2

K

c.1

k.2

h.3

dh.4

s.1e f

n.2

H

W

u.3

Internet Topology MeasurementTopology Collection

Internet2 backbone

Traces• d - H - L - S - e• d - H - A - W - N - f• e - S - L - H - d• e - S - U - K - C - N - f• f - N - C - K- H - d• f - N - C - K - U - S - e

S

L

U

K

C

H

A

W

Ne

d

f



• Basic Techniques

• Some measurement projects & platforms• Issues in Topology Collection


Summary


17

PlanetLab• Currently consists of 1020 nodes at 483 sites• Since the beginning of 2003, 1000+ researchers develop new

technologies for • distributed storage• network mapping• peer-to-peer systems• distributed hash tables• query processing

CAIDA (Cooperative Association for Internet Data Analysis)• Provides tools and analyses promoting the engineering and

maintenance of a robust, scalable global Internet infrastructure.• San Diego Supercomputer Center @ UCSD

Topology Data Collecting Platforms - I

Internet Topology Discovery

18

Macroscopic Topology Measurements (Skitter project) by CAIDA• characterize macroscopic connectivity and performance of the

Internet• allow various topological and geographical representations at

multiple levels of aggregation granularity• provide a valuable input for empirically-based modeling of the

Internet behavior and properties

Skitter, developed by CAIDA• skitter measurement tool reads a file of destinations and writes

a file of traceroute paths• ...

Topology Data Collecting Platforms - II


19

• ...• ICMP traceroutes are used• RTTs are also stored• 24 monitors around the world• 970K common destination, IPv4 addresses• Scamper does the similar thing for IPv6

Archipelago (Ark) is the evolution of the skitter infrastructure, by CAIDA• skitter monitors• skitter measurement tool• an internal web server for distributing destination lists• a file storage server for collecting traces from monitors

Topology Data Collecting Platforms - III


20

The Distributed Internet Measurements and Simulations (DIMES)• Model of SETI@home• Counts more than 20,343 agents scattered over five continents• “What we ask is not so much your CPU or bandwidth (which

we hardly consume), but rather, your location.” iPlane

• Measuring the Internet: performs traceroutes from various VPs -- PlanetLab nodes and traceroute servers -- to construct a router interface-level atlas of the Internet.

• Clustering interfaces into PoPs• Measuring link attributes• Opportunistic measurements• Route prediction

Topology Collecting Platforms - IV


21

Rocketfuel tries to get the picture of the ISPs• Number of required probes is decreased

• directed probing• path reduction (ingress & egress)

• Alias resolution• Router identification and annotation (DNS and ISP naming)• Report on properties of maps from ten diverse ISPs :

• Size of POPs• Distribution of router outdegree• Inter-domain peering structure

Topology Collecting Platforms - V


22

Scriptroute allows everyone to measure from several VPs• Proposes remote measurement execution on PlanetLab nodes• RPT tool avoids retracing paths

TTM, developed by RIPE NCC• Full mesh between roughly a hundred monitors • One-way delay, packet loss, and bandwidth are also stored

Atlas is based on “source-routed IPv6 traceroute”• probe engine, topology constructor, topology verifier, interactive

visualization program

Topology Collecting Platforms - VI


23

TCP Sidecar• a technique and associated API for embedding measurement

probes into non-measurement TCP streams • avoids abuse reports and allows measurements to tunnel through

NATs and behind firewalls • Augment traceroute (TR) probes with IP Record Route option (RR)

DipZoom (Deep Internet Performance Zoom)• Focused, on-demand Internet measurements• Offers a matchmaking service which uses P2P concepts to bring

together experimenters in need of measurements with external measurement providers.

• DipZoom participants offer measurements for the benefit of being able to access measurements offered by other participants

Topology Collecting Platforms - VII




• Some measurement projects & platforms



Summary


25

Forward & primary paths • Asymmetric routing• miss out on backup paths

Unbiased Sampling

Traceroute & load balancer (Paris traceroute)

MPLS (TTL reduction)

Misconfigurated network elements

Issues in Topology CollectionIssues I


26

Third-party address (multi homing)

Redundancy• intra-monitor redundancy• inter-monitor redundancy• DDoS

Responsiveness• ICMP echo request• TCP syn • UDP port unreachable

Issues in Topology Collection Issues II




• Some measurement projects & platforms


Issues in Topology Construction• Resolving Alias IP Addresses• Resolving Anonymous Routers • Resolving Genuine Subnets

Summary


28

Alias Resolution• Iffinder• Ally• DNS based method• Graph based method• Analytical IP Alias Resolution (APAR)• Record route option

Issues in Topology Construction - I at Router Level


Each interface of a router has an IP address.

A router may respond withdifferent IP addresses to different queries.

Alias Resolution is the process of grouping the interface IP addresses of each router into a single node.

Inaccuracies in alias resolution may result in a network map that• includes artificial links/nodes • misses existing links

Alias Resolution

.5.33

.18

.13.7

Denver


30

Anonymous Router Resolution• Basic heuristics [Bilir 05] & [Xin 06]• Graph minimization approach [Yao 03]• ISOMAP based dimensionality reduction approach [Xin 06]• Graph based induction

Issues in Topology Construction - II at Router Level


Anonymous Router Resolution Problem

Anonymous routers do not respond to traceroute probes and appear as a in path traces• Same router may appear as a in multiple traces.• Anonymous nodes belonging to the same router should be resolved.

Anonymity Types1. Ignore all ICMP packets2. ICMP rate-limiting3. Ignore ICMP when congested4. Filter ICMP at border5. Private IP address


U K C N

L H A W

S

xy

z

Sampled network

x

y

zS U

L

C

A

W

Resulting network

32

Genuine Subnet Resolution• Inferring Subnets in Router-level Topology Collection Studies

[Gunes 07]

Issues in Topology Construction - III at Router Level


33

Genuine Subnet ResolutionProblem

Subnet resolution• Identify IP addresses that are connected over the same medium

Improve the quality of resulting topology map

IP2 IP3

IP1

IP2 IP3

IP1


(observed topology) (inferred topology) (underlying topology)C D

A B

C D

A B

C D

A B

C D

A B

Summary Introduction

• Internet as a Complex Network• Motivations on Internet Topology Measurement

Internet Topology Collection• Basic Techniques• Some Measurement Projects & Platforms• Issues in Topology Collection



Questions ?


router-level internet topology mapping

Documents

topology collectionissues

physical topology

topology collection

router level internet

internet isps

level mapsrouter level

routers links

different level of abstraction