Thursday, September 3, 2009

Understanding BGP Misconfiguration

The paper offers a study of globally visible BGP misconfiguration. BGP is important for the reliability of Internet, so any defect in its implementation such as route oscillation, increase time of the convergence or misconfiguration of routers that runs BGP, result in global connectivity problems like that happened by improper announcement of routes by AS7007 and AS3561

The main goals of the papers is to portray
· The frequency of misconfiguration occurrence
· Misconfiguration impact on the global connection and routing load
· The causes of misconfiguration
· Finally, how it can be solved

The authors analyzed BGP updates from 23 different points and they found that daily misconfiguration impacts on 0.2-1% of global routing table and results in increase route update load, however only 4% of improper announcements affect on the connectivity negatively. One of the reason of such misconfiguration is the software of router vendor

The authors focused on globally visible misconfiguration due to its wide disruption and it can be identified by a short lived changes in BGP routing table that last less than a day. It can be classified into

  • Origin misconfiguration is unintentional insertion of a route into BGP routing table like mistake of AS to summarize an address space
  • Export misconfiguration is against the policy of export route to BGP peer, for example an AS export a route received from provider to another provider such that create transit between its two providers.
    Such misconfiguration leads to increase in routing load in addition to to the high load due to contiguously growing in Internet. It can lead to disruption in some part or globally and threatens the AS's policy.

Slips (error in the execution of a correct plan) and mistakes (error due to incorrect plan with well execution) cause misconfiguration

Finally, the paper suggests several procedures to at least reduce the occurrence of such failures

  • Designing User interface such that human errors will be minimized
  • Some modification in BGP protocol can prevent misconfiguration errors, for example S-BGP which represents a proposed extension to the current BGP, impose authorization and authentication to announce a route.
Posted by at

1 comment:

  1. Randy H. KatzSeptember 3, 2009 at 6:51 PM

    The big challenge is developing a tool or method for validating the route advertisement policies.

    ReplyDelete

Subscribe to: Post Comments (Atom)