^ Top

NANOG Meeting Presentation Abstract

BGP Tools
Meeting: NANOG40
Date / Time: 2007-06-05 2:00pm - 3:30pm
Room: Lake Washington
Presenters: Speakers:

Daniel Massey, Colorado State University

Dr. Dan Massey is an assistant professor at Colorado State University. Dr. Massey\'s research investigates large-scale infrastructure problems including BGP routing as well as other infrastructure such as DNS and future network designs. He is currently PI on several projects funded by the National Science Foundation and some of this work has been presented at previous NANOG meetings. Dr. Massey’s contact information is [email protected] Dave Matthews is a PhD student at Colorado State University. He contributed to the design and implementation of BGPMonitor. Dave is employed by Hewlett-Packard in the Office of Strategy & Technology. At HP he led early development efforts in HP\'s OpenView program, including Network Node Manager. Lihua Yuan is currently a PhD Candidate in the Department of Electrical and Computer Engineering at the University of California, Davis. He received his Bachelor\'s degree in electrical and Electronics Engineering from Nanyang Technological University (Singapore) and Master\'s degree in Electrical and Computer Engineering from National University of Singapore (Singapore). His research interests are in systems that assist network measurement and management. Dr. Chen-Nee Chuah is currently an Associate Professor in the Electrical and Computer Engineering Department at the University of California, Davis (UCD). Her research interests are in the area of computer networking and distributed systems, Internet measurements, overlay/peer-to-peer systems, network security, and wireless/mobile networking. Chuah has served as PI/Co-PI on several NSF funded projects, including an NSF CAREER Award in 2003. The FIREMAN tool is developed with funding from NSF NeTS project (2005-08).
Abstract: In recent years various non-commercial tools have been developed to collected and analyze BGP data. When combined with BGP data collected by individual ISPs as well as by public archives such as RouteViews and RIPE RIS, these tools can potentially provide invaluable insight into the operations of inter-domain routing. The fifth BGP Analysis Tools BOF builds on the potential of these tools by fostering a closer interaction between non-commercial tool developers and the potential users represented by NANOG attendees.



The BoF is organized as a series of short presentations and is followed by hands-on demonstrations. This BoF features the FIREMAN, LinkRank, Datapository, and BGPMonitor. Following the presentations, the tool developers will be available for tool demonstrations and discussions.



Featured Tools:



FIREMAN (FIREwall Modeling and ANalysis): Firewalls have become indispensable security defense mechanisms for business and enterprise networks. Just as router mis-configurations can lead to unpredictable routing problems, misconfigured firewalls may fail to enforce the intended security policies or present a performance bottleneck. Unfortunately, firewall configuration for a large, complex enterprise network is a demanding and error-prone task, even for experienced administrators. Previous studies show that misconfigurations, e.g. policy violations, inconsistencies, and inefficiencies are common cases.



We have developed a scalable static analysis toolkit for FIREwall Modeling and ANalysis called FIREMAN. FIREMAN takes a set of firewall configurations as specialized programs and applies static analysis techniques to check all types of misconfigurations, in individual firewalls as well as among distributed firewalls. The symbolic model checking performed by FIREMAN covers all possible IP packets and along all possible data paths and therefore is both sound and complete. We have used FIREMAN to uncover several real misconfigurations in enterprise/ISP networks



Link-Rank:



A new version of Link-Rank was recently released with a new set of features and functions on top of the previous release 2 years ago. Link-Rank is an open source java based visualization toolset for monitoring and diagnosing large-scale BGP routing changes. By weighing AS-AS links using number of BGP routes carried, and tracking the changes in these weights, Link-Rank produces easy-to-understand visual representations of aggregate route changes along different AS paths.



Link-Rank graphs are easy to navigate and built-in data filters can be tailor graphs to different granularity level and target prefix sets. One of the important new features is semi-realtime display of the routing changes as soon as BGP data from Oregon RouteViews collector becomes available. Link-Rank code package also enables individual operators to use the code on BGP data from individual ISPs, providing continuous monitoring of BGP routing dynamics in near real time. The new release also added the function of saving graph snapshots with a note, and load them in again at a later time for further analysis.



Datapository:



Internet measurement data provides the foundation for the operation and planning of the networks that comprise the Internet, and is a necessary component in research for analysis, simulation, and emulation. Despite its critical role, however, the management of this data from collection and transmission to storage and its use within applications remains primarily ad hoc, using techniques created and re-created by each corporation or researcher that uses the data. We examine several of the challenges faced when attempting to collect and archive large volumes of network measurement data. We present an architecture for an Internet data repository the \"datapository\" designed to create a framework for collaboratively addressing these challenges.



BGPMonitor:



BGPMonitor combines a light weight BGP listener with a new XML log format and offers several advantages over using existing BGP monitoring packages. First, as a light weight system designed to simply maintain a peering session and log all received updates, the code is small and fast (as compared to a full BGP implementation). Second, the system is designed to scale by allowing multiple BGPMonitors to chain together. This allows monitoring tools to interact with a single BGP monitor. Third, the log formats include both the existing MRT format and new XML log format. The XML format makes the data easy to view without requiring a translation step (such as bgpdump), allows one to easily annotate the data such as adding a label to distinguish between duplicate updates and AS path changes, and can be fed directly into a growing set of XML aware tools and packages. One concern is the XML format may take substantially more space than the more compact binary representation, but perhaps surprisingly, the compressed XML format actually requires less storage space the compressed MRT logs making long term storage of BGP logs more efficient.
Files: None.
Sponsors: None.

Back to NANOG40 agenda.

NANOG40 Abstracts

  • Panel: Higher Speed Ethernet - 40G vs 100G
    Moderators:
    Richard A. Steenbergen, nLayer Communications; Panelists:
    Greg Hankins, Force10 Networks; Drew Perkins, Infinera; Igor Gashinsky, Yahoo!; Lane PattersonEquinix; .
  • Panel: Higher Speed Ethernet - 40G vs 100G
    Moderators:
    Richard A. Steenbergen, nLayer Communications; Panelists:
    Greg Hankins, Force10 Networks; Drew Perkins, Infinera; Igor Gashinsky, Yahoo!; Lane PattersonEquinix; .
  • Panel: Higher Speed Ethernet - 40G vs 100G
    Moderators:
    Richard A. Steenbergen, nLayer Communications; Panelists:
    Greg Hankins, Force10 Networks; Drew Perkins, Infinera; Igor Gashinsky, Yahoo!; Lane PattersonEquinix; .
  • Panel: Higher Speed Ethernet - 40G vs 100G
    Moderators:
    Richard A. Steenbergen, nLayer Communications; Panelists:
    Greg Hankins, Force10 Networks; Drew Perkins, Infinera; Igor Gashinsky, Yahoo!; Lane PattersonEquinix; .
  • Panel: Higher Speed Ethernet - 40G vs 100G
    Moderators:
    Richard A. Steenbergen, nLayer Communications; Panelists:
    Greg Hankins, Force10 Networks; Drew Perkins, Infinera; Igor Gashinsky, Yahoo!; Lane PattersonEquinix; .
  • ISP Security
    Moderators:
    Danny McPherson, Arbor Networks; Kevin Lanning, AT&T;
  • ISP Security
    Moderators:
    Danny McPherson, Arbor Networks; Kevin Lanning, AT&T;
  • BGP Tools
    Speakers:
    Daniel Massey, Colorado State University;
  • Community Meeting
    Speakers:
    Randy BushActing SC Chair; .
    Steve FeldmanPC Chair; .
    Aleksandr PilosovActing MLC Chair; .
    Betty BurkeNANOG Project Chair at MERIT; .
  • Community Meeting
    Speakers:
    Randy BushActing SC Chair; .
    Steve FeldmanPC Chair; .
    Aleksandr PilosovActing MLC Chair; .
    Betty BurkeNANOG Project Chair at MERIT; .
  • Community Meeting
    Speakers:
    Randy BushActing SC Chair; .
    Steve FeldmanPC Chair; .
    Aleksandr PilosovActing MLC Chair; .
    Betty BurkeNANOG Project Chair at MERIT; .
  • Community Meeting
    Speakers:
    Randy BushActing SC Chair; .
    Steve FeldmanPC Chair; .
    Aleksandr PilosovActing MLC Chair; .
    Betty BurkeNANOG Project Chair at MERIT; .
  • Real-time Blackhole Analysis with Hubble
    Speakers:
    Ethan Katz-Bassett, University of Washington; Harsha V. MadhyasthaUniversity of Washington; .
    John P. JohnsonUniversity of Washington; .
    Arvind KrishnamurthyUniversity of Washington; .
    Thomas AndersonUniversity of Washington; .
  • Real-time Blackhole Analysis with Hubble
    Speakers:
    Ethan Katz-Bassett, University of Washington; Harsha V. MadhyasthaUniversity of Washington; .
    John P. JohnsonUniversity of Washington; .
    Arvind KrishnamurthyUniversity of Washington; .
    Thomas AndersonUniversity of Washington; .
  • Real-time Blackhole Analysis with Hubble
    Speakers:
    Ethan Katz-Bassett, University of Washington; Harsha V. MadhyasthaUniversity of Washington; .
    John P. JohnsonUniversity of Washington; .
    Arvind KrishnamurthyUniversity of Washington; .
    Thomas AndersonUniversity of Washington; .
  • Real-time Blackhole Analysis with Hubble
    Speakers:
    Ethan Katz-Bassett, University of Washington; Harsha V. MadhyasthaUniversity of Washington; .
    John P. JohnsonUniversity of Washington; .
    Arvind KrishnamurthyUniversity of Washington; .
    Thomas AndersonUniversity of Washington; .
  • Real-time Blackhole Analysis with Hubble
    Speakers:
    Ethan Katz-Bassett, University of Washington; Harsha V. MadhyasthaUniversity of Washington; .
    John P. JohnsonUniversity of Washington; .
    Arvind KrishnamurthyUniversity of Washington; .
    Thomas AndersonUniversity of Washington; .

 

^ Back to Top