Bearbeiter: Oliver Scheickl
Betreuer: Wolfgang Mühlbauer
Several hundred Internet Service Providers (ISP) Peering Coordinators were interviewed over the past few years for their interconnection strategies. In particular, large Tier-2 ISPs seek to conclude so-called peering contracts with Tier-1 ASes. Such a peering contract means that two ASes exchange traffic between each other's customers freely and for mutual benefit. In this paper, we present tactics that Peering Coordinators have used to obtain peering where they otherwise might not have been able to obtain peering. We have identified 19 maneuvers that vary from mundane to the clever, from merely deceptive to manipulative. In sum, these tactics represent the "Peering Playbook", the current "Art" of Peering.
http://arneill-py.sacramento.ca.us/ipv6mh/playbook.pdf
Bearbeiter: Desislava Kodzhabasheva
Betreuer: Jörg Wallerich
A detailed understanding of the many facets of the Internet's topological structure is critical for evaluating the performance of networking protocols, for assessing the effectiveness of proposed techniques to protect the network from nefarious intrusions and attacks, or for developing improved designs for resource provisioning. Previous studies of topology have focused on interpreting measurements or on phenomenological descriptions and evaluation of graph-theoretic properties of topology generators. We propose a complementary approach of combining a more subtle use of statistics and graph theory with a first-principles theory of router-level topology that reflects practical constraints and tradeoffs. While there is an inevitable tradeoff between model complexity and fidelity, a challenge is to distill from the seemingly endless list of potentially relevant technological and economic issues the features that are most essential to a solid understanding of the intrinsic fundamentals of network topology. We claim that very simple models that incorporate hard technological constraints on router and link bandwidth and connectivity, together with abstract models of user demand and network performance, can successfully address this challenge and further resolve much of the confusion and controversy that has surrounded topology generation and evaluation.
Bearbeiter: Bora Ekmekci
Betreuer: Fabian Schneider
The separation of intradomain and interdomain routing has been a key feature of the Internet's routing architecture from the early days of the ARPAnet. However, the appropriate "division of labor" between the two protocols becomes unclear when an Autonomous System (AS) has interdomain routes to a destination prefix through multiple border routers—a situation that is extremely common today because neighboring domains often connect in several locations. We believe that the current mechanism of early-exit or hot-potato routing—where each router in an AS directs traffic to the "closest" border router based on the intradomain path costs—is convoluted, restrictive, and sometimes quite disruptive. In this paper, we propose a flexible mechanism for routers to select the egress point for each destination prefix, allowing network administrators to satisfy diverse goals, such as traffic engineering and robustness to equipment failures. We present one example optimization problem that uses integer-programming techniques to tune our mechanism to improve network robustness. Experiments with topology and routing data from two backbone networks demonstrate that our solution is both simple (for the routers) and expressive (for the network administrators).
http://www.cs.ucsd.edu/groups/sysnet/miscpapers/f23-teixeira.pdfBearbeiter: Michael Huber
Betreuer: Nils Kammenhuber
Hot-potato routing is a mechanism employed when there are multiple (equally good) interdomain routes available for a given destination. In this scenario, the Border Gateway Protocol (BGP) selects the interdomain route associated with the closest egress point based upon intradomain path costs. Consequently, intradomain routing changes can impact interdomain routing and cause abrupt swings of external routes, which we call hot-potato disruptions. Recent work has shown that hot-potato disruptions can have a substantial impact on large ISP backbones and thereby jeopardize the network robustness. As a result, there is a need for guidelines and tools to assist in the design of networks that minimize hot-potato disruptions. However, developing these tools is challenging due to the complex and subtle nature of the interactions between exterior and interior routing. In this paper, we address these challenges using an analytic model of hot-potato routing that incorporates metrics to evaluate network sensitivity to hot-potato disruptions. We then present a methodology for computing these metrics using measurements of real ISP networks. We demonstrate the utility of our model by analyzing the sensitivity of AT&T's backbone network.
Bearbeiter: Andreas Kellermeyer
Betreuer: Vinay Aggarwal
Hash tables — which map "keys" onto "values" — are an essential building block in modern software systems. We believe a similar functionality would be equally valuable to large distributed systems. In this paper, we introduce the concept of a Content-Addressable Network (CAN) as a distributed infrastructure that provides hash table-like functionality on Internet-like scale. The CAN is scalable, fault-tolerant and completely self-organizing and we demonstrate its scalability, robustness and low-latency properties through simulations. Perhaps the best example of current Internet systems, that could potentially be improved by a CAN, are peer-to-peer file sharing systems.
http://www.acm.org/sigs/sigcomm/sigcomm2001/p13-ratnasamy.pdf
Bearbeiter: Florian Bernstein
Betreuer: Holger Dreger
As our economy and critical infrastructure increasingly relies on the Internet, the insecurity of the underlying border gateway routing protocol (BGP) stands out as the Achilles heel. Recent misconfigurations and attacks have demonstrated the brittleness of BGP. Securing BGP has become a priority. In this paper, we focus on a viable deployment path to secure BGP. We analyze security requirements, and consider tradeoffs of mechanisms that achieve the requirements. In particular, we study how to secure BGP update messages against attacks. We design an efficient cryptographic mechanism that relies only on symmetric cryptographic primitives to guard an ASPATH from alteration, and propose the Secure Path Vector (SPV) protocol. In contrast to the previously proposed S-BGP protocol, SPV is around 22 times faster. With the current effort to secure BGP, we anticipate that SPV will contribute several alternative mechanisms to secure BGP, especially for the case of incremental deployments.
Bearbeiter: Georg Kalus
Betreuer: Nils Kammenhuber
Traffic engineering involves adapting the routing of traffic to the network conditions, with the joint goals of good user performance and efficient use of network resources. In this paper, we describe an approach to intradomain traffic engineering that works within the existing deployed base of Interior Gateway Protocols (IGPs), such as Open Shortest Path First (OSPF) and Intermediate System-Intermediate System (IS-IS). We explain how to adapt the conguration of link weights, based on a network-wide view of the traffic and topology within a domain. In addition, we summarize the results of several studies of techniques for optimizing OSPF/IS-IS weights to the prevailing traffic. The paper argues that traditional shortest-path routing protocols are surprisingly effective for engineering the flow of traffic in large IP networks.
Zur... [Seminar-Homepage] [Lehrstuhl-Homepage] [ Wolfgang Mühlbauer ]