Towards Passive Analysis of Anycast in Global Routing: Unintended Impact of Remote Peering R

Towards Passive Analysis of Anycast in Global Routing: Unintended Impact of Remote Peering R

Public Review for Towards Passive Analysis of Anycast in Global Routing: Unintended Impact of Remote Peering R. Bian, S. Hao, H. Wang, A. Dhamdere, A. Dainotti, C. Cotton Anycast has been gaining increasing presence in a variety of services on the Internet, including DNS and CDN. In this paper the authors propose and in- vestigate a method based on passive measurements to infer Anycast prefixes. They use a number of BGP routing information, and an Anycast dataset as their ground truth. The paper brings insights into the reasons behind mis- classifications and impact of remote peering on path selection. They show that the combination of remote peering and Anycast yields suboptimal per- formance, as remote peering is invisible from layer-3. While the paper’s focus is rather narrow, it has two important contributions: (1) the methodology is novel, and (2) the impact of remote peering on Any- cast performance is a new observation. The methodology can be useful for informing other research in this space, hence the reviewers recommended this paper to be accepted into CCR. Public review written by Hamed Haddadi Imperial College London, UK ACM SIGCOMM Computer Communication Review Volume 49 Issue 3, July 2019 18 Towards Passive Analysis of Anycast in Global Routing: Unintended Impact of Remote Peering Rui Bian Shuai Hao Haining Wang University of Delaware CAIDA / UC San Diego University of Delaware [email protected] [email protected] [email protected] Amogh Dhamdere Alberto Dainotti Chase Cotton CAIDA / UC San Diego CAIDA / UC San Diego University of Delaware [email protected] [email protected] [email protected] ABSTRACT adoption [8] or the eciency in particular services like DNS [18]. Anycast has been widely adopted by today’s Internet services, in- Due to the insucient distinctions between unicast and anycast cluding DNS, CDN, and DDoS protection, in which the same IP from the perspective of a routing table, the common method to address is announced from distributed locations and clients are di- identify anycast addresses is through active Internet-wide measure- rected to the topologically-nearest service replica. Prior research has ments. Cicalese et al. [8, 9] studied the enumeration and city-level focused on various aspects of anycast, either its usage in particular geolocation of anycast prexes by using latency measurements services such as DNS or characterizing its adoption by Internet- based on the detection of speed-of-light violations. However, the wide active probing methods. In this paper, we rst explore an latency of ping may not always reliably reect the geographic dis- alternative approach to characterize anycast based on previously tance of two IP addresses [4, 34]. Also, active probing requires the collected global BGP routing information. Leveraging state-of-the- use of many vantage points to achieve the necessary coverage. art active measurement results as near-ground-truth, our passive To overcome these limitations, in this work, we explore a passive method without requiring any Internet-wide probes can achieve approach to identify and characterize IP anycast by leveraging BGP 90% accuracy in detecting anycast prexes. More importantly, our routing information. Specically, we propose and analyze a set of approach uncovers anycast prexes that have been missed by prior BGP-related features to classify anycast and unicast prexes, and datasets based on active measurements. While investigating the utilize simple classiers to train and predict anycast prexes on root causes of inaccuracy, we reveal that anycast routing has been the Internet. The results demonstrate that our passive approach, entangled with the increased adoption of remote peering, a type without requiring probing, can achieve 90% accuracy. Furthermore, of layer-2 interconnection where an IP network may peer at an we delve into the instances misclassied by our approach to nd IXP remotely without being physically present at the IXP. The in- the root causes of inaccuracy. visibility of remote peering from layer-3 breaks the assumption of The two major assumptions of our approach are that (1) anycast the shortest AS paths on BGP and causes an unintended impact prexes may have more upstream autonomous systems (ASes) than on anycast performance. We identify such cases from BGP routing unicast prexes, as anycast is announced from multiple physical information and observe that at least 19.2% of anycast prexes have locations and peering with transit providers at dierent places, and been potentially impacted by remote peering. (2) the distance between such upstream ASes will be topologically larger than that in the scenarios of unicast prexes (i.e., more hops CCS CONCEPTS in AS paths), as some of them are geographically distant from others. However, in our false positives, we also nd some unicast prexes • Networks → Routing protocols; Network management; Public falling into such a category. Through a deeper analysis, we identify Internet; that many of these cases involve remote peering [7, 23]. Remote peering allows a network to peer at an Internet exchange KEYWORDS point (IXP) without a physical presence within the IXP’s infrastruc- Internet Routing, Anycast, Peering, Remote Peering ture, either over a long cable or over IXP’s reseller partners that provide IXP layer-2 access. Remote peering enables the fast deploy- 1. INTRODUCTION ment of connectivity to an IXP and reduces cost. However, it also IP anycast is widely used in modern Content Delivery Networks brings unintended impact on global routing due to its invisibility (CDNs) [6], Domain Name System (DNS) [14, 21], and Distributed at layer-3, breaking the assumption that the peered autonomous Denial of Service (DDoS) protections [21]. With anycast, the same systems are physically close and provide a short path for transport- IP address(es) is announced from multiple locations, and the Border ing trac. As such, we investigate the impact of remote peering on Gateway Protocol (BGP) is responsible for directing clients to the anycast routing by using passive methods and validate our analysis site that is the “closest” to them on the basis of “best routing” (i.e., through traceroute results. AS path), providing reduced latency and improved availability to The remainder of this paper is organized as follows. We introduce end-users. the background of anycast and remote peering §2. We present our In recent years, researchers have conducted studies to under- methodology to identify anycast prexes in §3. We investigate stand and characterize anycast from various angles, such as its inaccuracies in our method in §4 and the impact of remote peering ACM SIGCOMM Computer Communication Review Volume 49 Issue 3, July 2019 19 onanycastroutingin§5.Wesurveyrelatedworkin§6andconclude 3.1 Datasets thepaperin§7. BGPRoutingInformation. Thedatasetsweusedtodetectand characterizeanycastprefxesarefromtheRouteViewsproject[30] 2. BACKGROUND andRIPE’sRoutingInformationService(RIS)[28].InRouteViews 2.1 BGPandAnycast andRIPERIS,serversreceiveBGPinformationbypeeringwith otherBGProuters,oftenatlargeIXPs.WeuseCAIDA’sBGPStream BorderGatewayProtocol(BGP)[25]isthedefactointer-domain [24]tocollectandprocessthedatafromRouteViewsandRIPERIS. routingprotocol,designedtoexchangereachabilityinformation amongautonomoussystemsontheInternet.BGPselectsabestAS AnycastDataset. Weusetheanycastprefxlistobtainedthrough pathbasedonvariousattributes(e.g.,theshortestpath)toreach activemeasurementsbyCicaleseetal.[8]asnear-ground-truth, f thespeci cdestination. whichprovidesaconservativeestimationofInternetanycastusage. Anycast[2]isanetworkaddressingandroutingmethodology Thedetectionmethodin[8]isbasedonspeed-of-lightviolations:if bywhichacollectionofserversannouncethesameIPaddressfrom thelatencymeasurementsfrommultiplevantagepointstowardsthe multiplegeographicallydistributedsites.Asroutersusuallychoose sametargetexhibitgeo-inconsistency,thetargetisclassifedasany- theshortestASpath,theuserrequestssenttoananycastaddress cast.Theyvalidatedtheirmethodandscrutinizedthedatasetthey areroutedtothetopologicallynearestendpoint.Asaresult,anycast makepubliclyavailable[3]usingground-truthcollectedthrough hasmanyadvantagesoverunicastsuchasreducedlatency,load protocol-specifctechniques(e.g.,DNSCHAOSrequestsorDPI balancing,DDoSmitigation,andimprovedrobustness. overHTTP). However,wealsonoticethatsomeprefxesstronglysuggested 2.2 RemotePeering asanycastbyourmethodarenotincludedintheirdataset.We Peeringisarelationshipwheretwonetworksexchangetrafcdi- manuallycheckand,throughtraceroutemeasurements,verifythat f rectlyratherthanthroughatransitprovider.Remotepeering[7,23] mostofthemareindeedanycastpre xes. isanewpeeringtypewhereanetworkpeersatanIXPthrough layer-2remotepeeringproviderssuchasresellerswithoutaphysi- 3.2 BGP-relatedFeatures calpresenceintheIXP’sinfrastructure.Fig.1showsanexampleof Duetothediferentdeploymentpatternsbetweenanycastand remotepeering.Remotepeeringcanbeimplementedwithstandard unicast,weleverageBGProutinginformationtocharacterizeany- methodslikeMPLS(Multi-ProtocolLabelSwitching)andVPNs(Vir- castprefxes.WeproposeandexplorethefollowingBGP-related f tualPrivateNetworks)inlayer-2,andprovidebene tssuchaslow featuresthatcouldbeusedtoidentifyanycastprefxes:asanany- cost,increasedconnectivity,andeasymanagement.Nevertheless,it castprefxisannouncedfrommultiplelocations,someofitspeer alsohassomedrawbackssuchasdegradationofperformance,loss ASesshouldnotbeclosetooneanother,bothgeographicallyand f ofresilience,anddi cultyforlayer-3management[23].Further- topologically. more,duetotheinvisibilityatlayer-3,BGProutersarenotaware

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    8 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us