Xbgp: When You Can't Wait for the IETF and Vendors

Xbgp: When You Can't Wait for the IETF and Vendors

xBGP: When You Can’t Wait for the IETF and Vendors Thomas Wirtgen Quentin De Coninck∗ Randy Bush ICTEAM, UCLouvain ICTEAM, UCLouvain IIJ Research & Arrcus Louvain-la-Neuve, Belgium Louvain-la-Neuve, Belgium Bainbridge Island, WA, USA [email protected] [email protected] [email protected] Laurent Vanbever Olivier Bonaventure NSG, ETH Zürich ICTEAM, UCLouvain Zürich, Switzerland Louvain-la-Neuve, Belgium [email protected] [email protected] ABSTRACT 1 INTRODUCTION Thanks to the standardization of routing protocols such as BGP, Put yourself in the shoes of a mobile application developer who OSPF or IS-IS, Internet Service Providers (ISP) and enterprise net- needs to support all mobile platforms. Your application would works can deploy routers from various vendors. This prevents them clearly benefit from being able to seamlessly switch from Wi-Fito from vendor-lockin problems. Unfortunately, this also slows innova- cellular without impacting the established TCP connections. Multi- tion since any new feature must be standardized and implemented path TCP [14] supports such handovers, but you don’t have the lux- by all vendors before being deployed. ury to wait until its adoption by all smartphone vendors1. Instead, We propose a paradigm shift that enables network operators to you will likely resort to integrate a QUIC library in your software program the routing protocols used in their networks. We demon- to benefit from its connection migration capabilities [23, 25]. strate the feasibility of this approach with xBGP. xBGP is a vendor Contrast this situation with the one of network operators whose neutral API that exposes the key data structures and functions of networks could really benefit from new network-level features any BGP implementation. Each xBGP compliant implementation such as improved traffic engineering protocols [1], faster conver- includes an eBPF virtual machine that executes the operator sup- gence mechanisms [36], or improved DDoS protection [34]. Like plied programs. We extend FRRouting and BIRD to support this our programmer, network operators run highly heterogeneous en- new paradigm and demonstrate the flexibility of xBGP with four vironments, composed of a wide variety of devices types (routers, different use cases. Finally, we discuss how xBGP could affect future switches, middle boxes), coming from distinct vendors, and running research on future routing protocols. distinct operating systems. This heterogeneity is actually necessary, not only to avoid vendor lock-in [9], but also for increased reliability CCS CONCEPTS (bugs or vulnerabilities tend not to affect all OSes at once). Unlike our programmer, though, network operators often need • Networks ! Network protocol design; Routing protocols; Pro- the entire network to support the features (not only the endpoints) gramming interfaces; Programmable networks. and, as such, have no alternative but to wait for the required features to be: ¹8º standardized by the IETF; ¹88º implemented by all vendors; KEYWORDS ¹888º widely tested; and ¹8Eº widely deployed in their network. The BGP; Routing; Network architecture; eBPF standardization process alone often takes years. As an illustration, Fig. 1 depicts the delay between the moment the IETF working ACM Reference Format: group responsible for the BGP routing protocol (IDR) started to Thomas Wirtgen, Quentin De Coninck, Randy Bush, Laurent Vanbever, work on a new feature and its actual RFC publication. This delay and Olivier Bonaventure. 2020. xBGP: When You Can’t Wait for the IETF and Vendors. In Proceedings of the 19th ACM Workshop on Hot Topics in includes the time required to document two independent and inter- Networks (HotNets ’20), November 4–6, 2020, Virtual Event, USA. ACM, New operable implementations as required by the IETF working group. York, NY, USA, 7 pages. https://doi.org/10.1145/3422604.3425952 We see that the median delay before RFC publication is 3.5 years, and that some features required up to ten years before being stan- dardized. Even worse, this delay ignores the time elapsed between ∗Quentin De Coninck is a F.R.S.-FNRS Postdoctoral researcher. the initial idea and its first adoption by the working group. Of course, this is not a new story. Frustrated by these delays and the difficulty to innovate in networks, researchers have argued Permission to make digital or hard copies of all or part of this work for personal or for Software-Defined Networks (SDN)30 [ ] for more than a decade. classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation Instead of relying on a myriad of distributed protocols and features, on the first page. Copyrights for components of this work owned by others than ACM SDN assumes that switches and routers expose their forwarding must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a tables through a standardized API. This API is then used by logically fee. Request permissions from [email protected]. centralized controllers to “program” routers and switches. HotNets ’20, November 4–6, 2020, Virtual Event, USA © 2020 Association for Computing Machinery. 1Multipath TCP is supported by third-party applications on iOS since 2017. The Multi- ACM ISBN 978-1-4503-8145-1/20/11...$15.00 path TCP implementation in the Linux kernel is not yet integrated in the mainline https://doi.org/10.1145/3422604.3425952 kernel and thus not yet adopted by all Android smartphones. 1.0 extension that restricts paths inside data centers to be valley-free. Each use case involves the same xBGP bytecode running on both 0.5 FRRouting and BIRD. We further show that the overhead of xBGP CDF is within 20%, which is very reasonable given the flexibility benefits. 0.0 In one use case, our extension was even faster than the native code 0 2 4 6 8 10 Standardization Delay (Years) thanks to a more optimized datastructure. Similarly to what OpenFlow [30] achieved, we believe that pro- grammable distributed routing protocols have the potential to open Figure 1: Delay between the publication of the first IETF up many promising avenues for research, while being fundamen- draft and the published version of the last 40 BGP RFCs. tally more practical and deployable. We discuss several of these in Section 4. While SDN has enabled countless new research [12, 24], it has not been widely adopted. While many various factors can explain this, 2 XBGP: OVERVIEW one of the main hurdles is that deploying SDN requires a complete We now provide an overview of xBGP and its prototype imple- network overhaul, both at the control-plane level, to deploy scalable mentation libxbgp. In a nutshell, xBGP is a software layer that and robust logically centralized controllers, and at the data-plane enables to expand a BGP implementation with user-supplied pro- level, to deploy SDN-capable network devices. We believe SDN grams. Similarly to eBPF, xBGP programs are compiled to a specific went “too far” to enable network programmability. instruction set, can call functions specified in the xBGP API and In this paper, we argue for a much lighter weight and practical are attached to specific insertion points in the BGP implementation. approach to network programmability by allowing easy extension Whenever these code points are reached, the corresponding xBGP of the distributed routing protocols themselves. Our new approach, programs (if any) are executed using the xBGP virtual machine. which we call xBGP, is inspired by the recent success of extended API The xBGP API defines a set of functions enabling xBGP pro- Berkeley Packet Filter (eBPF) in the Linux kernel. eBPF is an in- grams to access key BGP data structures. The xBGP API leverages kernel Virtual Machine (VM) which supports a custom instruction the fact that all BGP implementations must adhere to the protocol set. Thanks to eBPF, programmers can easily (and securely) deploy specification [32] which defines, among others, the abstract data new programs that can access a subset of the kernel functions structures that each BGP implementation must maintain. We illus- and memory [17]. Similarly, in xBGP, distributed routing protocols trate the three main data structures in Fig. 2 (in blue). Incoming BGP expose an API and an in-protocol VM with a custom instruction set update messages first pass through an import filter before being to access and modify the intrinsic protocol functions and memory. installed in the Adj-RIB-In. Valid BGP routes are then stored in the Thanks to this API and the VM, the same code can be executed on Loc-RIB. This Loc-RIB is used by the BGP Decision process together different implementations of a given routing protocol. Note that with the router’s RIB to select the best path towards each prefix. the instructions set and the in-protocol VM would still need to The routes selected to be sent are stored in the Adj-RIB-Out. They be adopted and implemented by each vendor, but this would be a are filtered by the export filters attached to each session before one-off effort, instead ofa per-feature effort. being advertised to a peer. The xBGP API exposes simple functions Of course, opening up distributed routing protocols to exter- (e.g. get, set or write_buf) to access each of these structures. nal programs opens the door to many (research) questions: Which Insertion points As their names indicate, the xBGP insertion instructions set should we offer? How to implement this instruction points correspond to specific code locations in a BGP implemen- set efficiently—so as to minimize the overhead or What about the tation from where xBGP programs can be called. These insertion correctness and the security of these extensions? We start to answer points correspond to specific operations that are performed during these questions in this paper in the context of BGP because this the processing of BGP messages, enabling xBGP programs to mod- protocol plays a key role in ISP and data center networks, support- ify the router’s behavior.

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    7 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us