Post on 23-Mar-2021
1
Alexander Azimov <aa@highloadlab.com> Highload Lab
Detecting Autonomous
Systems Relationships
2
Quiz!
1. Why We need AS relation and policy discovery?
BGP Route Prediction, AS Design
2. What have been already done?
Physical link discovery, classterization
3. What have we done?
Active route policy discovery
4. What opportunities does it give?
BGP Route Prediction, AS Design
3
Traffic generators
Internet
Inbound balancing
AS1 AS2
Интернет
4
Traffic consumers
Internet
Outbound balancing
AS1 AS2
Интернет
5
Traffic vector
Asymmetric!
AS1 AS2 AS3 AS5
AS6 AS7
6
Quiz!
1. Why We need AS relation and policy discovery?
BGP Route Prediction, AS Design
2. What have been already done?
Physical link discovery, classterization
3. What have we done?
Active route policy discovery
4. What opportunities does it give?
BGP Route Prediction, AS Design
7
Physical Link Discovery
8
Classterization
9
BGP AS Paths
10
Core of the problem
0 200000 400000
Used at any
given moment
Could be used
by sigle AS
Number of Links
Links between ASes
11
Route Policy in RR
Outdated or incomplete
12
Deadlock
1. Physical link discovery;
2. No registry of current route policies.
No opportunity for traffic flow prediction
13
Quiz!
1. Why We need AS relation and policy discovery?
BGP Route Prediction, AS Design
2. What have been already done?
Physical link discovery, classterization
3. What have we done?
Active route policy discovery
4. What opportunities does it give?
BGP Route Prediction, AS Design
14
AS Design
15
I did it my way…
2
16
Route Policy Recovery
1. AS relations
2. Active verification
3. Priority at every level of BGP decision process
4. Mathematical Equations
5. …….........
17
AS Relations : example
AS3
AS2
AS4
AS5
AS1 AS6 AS7
Relations:
p2p = {AS3, AS4}
c2p = {(AS2, AS23, (AS5,AS4), (AS1, AS2), (AS6, AS5), (AS7,AS5)}
p2p
18
AS Relations : example
AS3
AS2
AS4
AS5
AS1 AS6 AS7
p2p
Relations:
p2p = {AS3, AS4}
c2p = {(AS5, AS4} (AS2,AS3) (AS1, AS2), (AS6, AS5), (AS7,AS5)}
19
AS Relations : example
AS3
AS2
AS4
AS5
AS1 AS6 AS7
p2p
Relations:
p2p = {AS3, AS4}
c2p = {(AS5, AS4, (AS2,AS3), (AS1, AS2), (AS6, AS5), (AS7,AS5)}
20
Active Verification :
example
ASXXX
Traceroute
One remote node – one path
21
Active Verification :
example
ASXXX
Ping –R with source from ASXXX
One remote node – count(neighbors) * path
AS1
AS2
Echo request
Echo reply
22
Quiz!
1. Why We need AS relation and policy discovery?
BGP Route Prediction, AS Design
2. What have been already done?
Physical link discovery, classterization
3. What opportunities does it give?
Active route policy discovery
4. What opportunities does it give?
BGP Route Prediction, AS Design
23
How to make You
interested in my results?
24
Qrator Radar
1. AS Relations
2. BGP Route Prediction
3. AS Design
4. Security Issues
5. Rates
25
AS Relations
Rates: peering, customers, providers
26
BGP Route Prediction
27
Route Withdraw
28
Prepend Policy
29
AS Design
30
Security Issues
1. Default Route Errors
2. BGP Route Loops
3. DDoS Amplifires
4. Bots
> 30 % of ASes are affected!
31
Security Issues
32
Botnet map
33
Quiz!
1. Why We need AS relation and policy discovery?
BGP Route Prediction, AS Design
2. What have been already done?
Physical link discovery, classterization
3. What have we done?
Active route policy discovery
4. What opportunities does it give?
BGP Route Prediction, AS Design
34
Future Work
Drop detection ->
Prediction how to overcome it using prepend policy
35
Qrator Radar radar.qrator.net