BGP Policies Jennifer Rexford Fall 2014 TTh 3
BGP Policies Jennifer Rexford Fall 2014 (TTh 3: 00 -4: 20 in CS 105) COS 561: Advanced Computer Networks http: //www. cs. princeton. edu/courses/archive/fall 14/cos 561/
BGP Route Selection 2
Border Gateway Protocol • ASes exchange info about who they can reach – IP prefix: block of destination IP addresses – AS path: sequence of ASes along the path • Policies configured by the AS’s operator – Path selection: which of the paths to use? – Path export: which neighbors to tell? 3 “ 12. 34. 158. 0/24: path (2, 1)” “ 12. 34. 158. 0/24: path (1)” 1 2 data traffic 12. 34. 158. 5
Applying Policy to Routes • Import policy – Filter unwanted routes from neighbor E. g. prefix that your customer doesn’t own – Manipulate attributes to influence path selection E. g. , assign local preference to favored routes • Export policy – Filter routes you don’t want to tell your neighbor E. g. , don’t tell a peer a route learned from other peer – Manipulate attributes to control what they see E. g. , make a path look artificially longer than it is
BGP Policy: Influencing Decisions Open ended programming. Constrained only by vendor configuration language Receive Apply Policy = Based on filter routes & BGP Attribute Updates tweak attributes Values Apply Import Policies Best Route Selection Apply Policy = Best filter routes & Routes tweak attributes Best Route Table Apply Export Policies Install forwarding Entries for best Routes. IP Forwarding Table Transmit BGP Updates
BGP Decision Process on a Router • Routing Information Base – Store all BGP routes for each destination prefix – Withdrawal message: remove the route entry – Advertisement message: update the route entry • Selecting the best route – Consider all BGP routes for the prefix – Apply rules for comparing the routes – Select the one best route Use this route in the forwarding table Send this route to neighbors
BGP Decision Process • Highest local preference – Set by import policies upon receiving advertisement • Shortest AS path – Included in the route advertisement • Lowest origin type – Included in advertisement or reset by import policy • Smallest multiple exit discriminator – Included in the advertisement or reset by import policy • Smallest internal path cost to the next hop – Based on intradomain routing protocol (e. g. , OSPF) • Smallest next-hop router id – Final tie-break
Routing Policy 8
Routing Policies • Economics – Enforce business relationships – Pick routes based on revenue and cost – Get traffic out of the network as early as possible • Traffic engineering – Balance traffic over edge links – Select routes with good end-to-end performance • Security and scalability – Filter routes that seem erroneous – Prevent the delivery of unwanted traffic – Limit the dissemination of small address blocks 9
Customer-Provider Relationship • Customer pays provider for Internet access – Provider exports customer’s routes to everybody – Customer exports only to downstream customers Traffic to the customer Traffic from the customer d provider advertisements provider traffic customer d customer
Peer-Peer Relationship • Peers exchange traffic between customers – AS exports only customer routes to a peer – AS exports a peer’s routes only to its customers Traffic to/from the peer and its customers advertisements peer d traffic peer
BGP Stability Without Global Coordination 12
Three Restrictions on Policies • Route export – Do not export a route learned from one peers or provider, to another • Route selection – Prefer a route learned from a customer over a route learned from a peer or provider • AS graph – No cycle of provider-customer relationships • Together: guarantee convergence to unique, stable route assignment 13
Two Interpretations • System is stable because ASes act like this – High-level argument Export and topology assumptions are reasonable Path selection rule matches with financial incentives – Empirical results BGP routes for popular prefixes stable for ~10 days Most instability from a few flapping destinations • ASes should follow rules for system stability – Encourage operators to obey these guidelines – … and provide ways to verify the configuration – Need to consider more complex relationships
Trading Off the Conditions • All three conditions are important – Route ranking, export policy, and graph structure • Allowing more flexibility in ranking routes – Allow same preference for peer and customer routes – Never choose a peer route over a shorter customer route • … at the expense of stricter AS graph assumptions – Hierarchical provider-customer relationship (as before) – No private peering with (direct or indirect) providers Peer-peer
![Relaxing Export Rules [Feamster/Johari] • Goal: no restrictions on export and topology – Allow](http://slidetodoc.com/presentation_image_h2/aebfdecd66f8acc3c255bad0e9b29061/image-16.jpg "Relaxing Export Rules [Feamster/Johari] • Goal: no restrictions on export and topology – Allow")
Relaxing Export Rules [Feamster/Johari] • Goal: no restrictions on export and topology – Allow an AS to decide whether to export – Do not require hierarchical relationships • Question – How much do you have to restrict path ranking to have a guarantee that the system is safe? • Answer – Limited to shortest-path routing • Implications – Trade-off between safety, autonomy, & expressiveness
Conclusion • Interdomain routing policies – Local policies have global implications – Stability, scalability, security • Next time: routing security – BGP vulnerabilities – Proposed security solutions – Deployment challenges • Reminder – Project proposals due 5 pm Friday 17
Backup Slides: Multi-Homing 18
Why Connect to Multiple Providers? • Reliability – Reduced fate sharing – Survive ISP failure • Performance Provider 1 – Multiple paths – Select the best • Financial – Leverage through competition – Game 95 th-percentile billing model Provider 2
The Stub AS Doesn’t Need to Speak BGP… • Sending traffic – Assume both providers can reach everyone – Split traffic however you want (e. g. , 50%/50%) – But… what if a provider can’t reach someone? – But… what if one provider has a better path? Provider 1 L 1 Provider 2 One static route L 2 0. 0/0 L 1, L 2
The Stub AS Doesn’t Need to Speak BGP… • Receiving traffic – Both providers can announce the prefix into BGP – Ensures that everyone else can reach you – But… what if traffic load is very uneven? Advertise 12. 34. 158. 0/24 Provider 1 traffic Provider 2 traffic 12. 34. 158. 0/24
- Slides: 21
