BGP Policy Atoms
description
Transcript of BGP Policy Atoms
![Page 1: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/1.jpg)
1
BGP Policy Atoms
Yehuda Afek Omer Ben-Shalom
Anat Bremler-Barr
Tel-Aviv University
![Page 2: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/2.jpg)
2
Outline Atom definition
Atom calculation methods
Atom stability
Correlation to BGP update
Atom creation points
Using Atoms
![Page 3: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/3.jpg)
3
BGP ‘reminder’ The internet is a group of Autonomous
systems (ASs)
BGP is the routing protocol between ASDistance vector by AS hop countSame for any prefix destination
AS path built dynamically
Per prefix attributes to affect policy
![Page 4: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/4.jpg)
4
multiple AS path to prefixes in the same AS BGP tables may contain different BGP AS
paths to different prefixes on the same destination AS
Prefix AS path
123.45.68.0/21 12 34 56
123.45.76.0/21 12 34 56
123.45.84.0/21 14 45 56
![Page 5: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/5.jpg)
5
Why different AS path ?
AS path same for all prefix by default
Human intervention (Policy)By changing attributes per prefix By selectively blocking updates
Finding out where policy was set is not easy !
![Page 6: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/6.jpg)
Prefix AS path Preference
56.0.8.0/21 2 56 200
1 56 100
56.0.16.0/21 1 56 0
AS 56
AS 2AS 1
AS 34
Network 56.0.8.0/21Network 56.0.16.0/21
56.0.16.0 filter here ?
Ingress ? Egress ?
56.0.16.0 filter here ?
Ingress ? Egress ?
AS 34 BGP table:
![Page 7: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/7.jpg)
7
Atom definition - local
Atom definition by Andre Broido and kc claffya group of prefixes sharing the same
BGP AS path attributes globally
For single router – groups of prefixes with same AS path in the BGP table
![Page 8: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/8.jpg)
View of a single router in AS 9 – two atoms
![Page 9: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/9.jpg)
View of a single router in AS 8 – two atoms
![Page 10: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/10.jpg)
10
Atom definition - global
An Atom is defined globally if ANY backbone router agrees all ‘global’ atom member prefixes belong in it’s same ‘local’ atom
An Atom is likely the result of policy, fault should not make a distinction.
![Page 11: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/11.jpg)
Joint view of AS 8 + 9Three atoms
![Page 12: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/12.jpg)
12
Scale comparison
Atoms are much closer to AS in scope !!!
Entity Count
Announced Prefixes > 110K (now ~115K)
Atoms > 20K
AS > 12K (now ~14K)
![Page 13: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/13.jpg)
13
AS, Atom and Prefix size
![Page 14: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/14.jpg)
14
Practical Atom definition
Defined in theory by all BGP tables
Can be calculated well by sample (8) of BGP views taken in a ‘snapshot’
Analog to viewing a very complex ‘3D’ graph from 8 spatial locations Beware of ‘same angle’
![Page 15: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/15.jpg)
15
Practical Atom calculation Get ‘snapshot’ of many BGP tables
Create an ‘AS PATH’ set for each prefix
Each distinct set defines an atom
P1 A V RP2 A V W RP3 A V RP4 A V W RP5 A V R
P1 A V W XP2 A Z Y XP3 A V W XP4 A Z Y XP5 A Z Y X
P1A V R
A V W X
P2A V W RA Z Y X
P3A V R
A V W X
P4A V W RA Z Y X
P5A V R
A Z Y X
![Page 16: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/16.jpg)
16
Alternate Calculation
Is the snapshot method valid ?Uses distributed snapshotNo guarantee of synchronization
Filter out prefixes not assured converged
Search for stable prefix cliques during 4 hours -> Atoms
Results close to ‘snapshot’ method (2-3%)
![Page 17: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/17.jpg)
17
Atom Stability
Atoms calculated stable to 3% of prefixes in 8 hour period
Much more stable then the prefix AS path attribute.
Still Less stable then expectedPolicy set Manually or by script but by
design
![Page 18: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/18.jpg)
18
BGP updates
BGP groups prefixes in same update if they share same attributes
TIME: 09/01/01 12:23:27TYPE: BGP4MP/MESSAGE/UpdateFROM: 64.211.147.146 AS3549TO: 193.0.0.1 AS12654ORIGIN: IGPASPATH: 3549 6453 12956 4926NEXT HOP: 64.211.147.146COMMUNITY : 3549:2246 3549:9840ANNOUNCE200.16.216.0=24192.67.345.0=24
![Page 19: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/19.jpg)
19
Correlating Atoms to updates
Fault should affect full atoms and be in one update All attributes are the same
75% of updates include single, full atom
86% contain prefixes from one atom only
Full AS prefix set appears in just 20% of updates
![Page 20: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/20.jpg)
20
Atom split locations
Where do atoms get created ?
Policy normally enforced in source AS or neighbor
How can we calculate the ‘split’ location ?
![Page 21: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/21.jpg)
![Page 22: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/22.jpg)
22
Atom split exampleAtom Prefixes AS path set
#1 11.0.1.0/24
11.0.2.0/24
11.0.3.0/24
11.0.4.0/24
11.0.5.0/24
R1: 12R2: 12R3: 12
All prefixes belong to AS 12 (len 1)
![Page 23: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/23.jpg)
23
Atom split exampleAtom Prefixes AS path set
#1 11.0.1.0/24
11.0.2.0/24
R1: 3 12R2: 4 12 R3 5 12
#2 11.0.3.0/24
11.0.4.0/24
11.0.5.0/24
R1: 3 12R2: 4 12R3 6 12
New atom due to different path at R3 (len 2)
![Page 24: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/24.jpg)
24
Atom split exampleAtom Prefixes AS path set
#1 11.0.1.0/24
11.0.2.0/24
R1: 17 3 12R2: 54 4 12R3 25 5 12
#2 11.0.3.0/24 R1: 17 3 12R2: 54 4 12R3 22 6 12
#3 11.0.4.0/24
11.0.5.0/24
R1: 19 3 12R2: 54 4 12R3 22 6 12
New atom by different path at R1 (len 3)
![Page 25: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/25.jpg)
25
Atom split exampleAtom Prefixes AS path set
#1 11.0.1.0/24
11.0.2.0/24
R1: 2 17 3 12R2: 100 34 54 4 12R3: 22 11 25 5 12
#2 11.0.3.0/24 R1: 2 17 3 12R2: 100 34 54 4 12R3: 99 13 22 6 12
#3 11.0.4.0/24
11.0.5.0/24
R2: 1 19 3 12 R1: 100 34 54 4 12R3: 99 13 22 6 12
Longer paths will not provide extra resolution
![Page 26: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/26.jpg)
![Page 27: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/27.jpg)
27
Atom Split location
85% of atoms are created between origin AS and neighbor AS
Consistent with Atoms resulting from policy.
![Page 28: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/28.jpg)
28
Application of Atoms
1. Differentiate Fault from Policy
2. Tweak update hold timers: Panelize partial Atom updates Reward full updates
3. Reduce scope of tags used in MPLS Set on a per prefix basis Could be reduced by as much as 1:5
![Page 29: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/29.jpg)
29
Application of Atoms
4. Reduce load of active measurements Use Atoms sampling and not prefix
sampling Results are not very favorable
5. Compress BGP updates Gain limited to 66% of prefix section
6. Shows limit on route table reduction while keeping information Renumbering to CIDR by atoms gain 50%
only
![Page 30: BGP Policy Atoms](https://reader036.fdocuments.in/reader036/viewer/2022062309/56814f6f550346895dbd239f/html5/thumbnails/30.jpg)
30
Administration and distribution of Atom structure
1. Central body (CAIDA ?) ‘Perfect’ results How to distribute ?
2. Origin AS tag by extended community Knowledge propagation within BGP How to automate and not introduce more
administration overhead
3. Use ‘local’ versions of Atoms No distribution Reduces potential benefits