Визначення топологічного простору мережі Інтернет

A topology of a computer network is a method of organization or mutual arrangement of its elements determined by its architecture, which includes all types of network devices (end devices, switches, routers, extension cords, etc.) and its own connection. Since it is known that the Internet is a union of computer networks, and its essence is in this union on the principles of general logical addressing and routing, it is worth considering the "topology of the Internet" at the logical level, which describes data flows. The lack of a specific definition of the Internet topology as a concept, and, at the same time, the study of the Internet topology, is a contradiction that is an obstacle to finding ways to improve the network and protect against cyber-attacks, including its global routing system. Therefore, a variant of formulating the concept of "Internet topology" through the mathematical definition of the topological space of the global computer network Internet, which is formed by a global routing system on a set of connections between nodes – autonomous systems. It is also shown that routes that carry information about the availability of network prefixes are elements of the topology. This opens the way to the use of topology methods to study the topological space of the Internet.Топологией компьютерной сети называют определенный ее архитектурой способ организации или взаимного расположения ее элементов, в которые входят все виды устройств сети (конечные устройства, коммутаторы, маршрутизаторы, удлинители, такое, и собственно соединения). Поскольку известно, что Интернет является объединением компьютерных сетей и сущность его именно в этом объединении по принципам общей логической адресации и маршрутизации, следует рассматривать «топологию Интернет» именно на логическом уровне, где описываются потоки данных. Отсутствие конкретного определения топологии Интернет как понятия, и в то же время проведение исследования топологии Интернет, явлется противоречием, а также препятствием на пути поиска методов совершенствование и защиты от кибернетических атак, в частности, системы глобальной маршрутизации. Поэтому предложен вариант формулировки понятия «топология Интернет» через математическое определение топологического пространства глобальной компьютерной сети Интернет, образованный системой глобальной маршрутизации на множестве соединений между узлами - автономными системами. Также показано, что маршруты, которые несут информацию о доступности сетевых префиксов, являются элементами топологии. Это открывает путь к использованию методов топологии для исследования топологического пространства Интернет.Топологією комп’ютерної мережі називають визначений її архітектурою спосіб організації чи взаємного розташування її елементів, до яких входять всі види пристроїв мережі (кінцеві пристрої, комутатори, маршрутизатори, подовжувачі, таке інше, та власне з’єднання). Оскільки відомо, що Інтернет є об'єднанням комп'ютерних мереж, і сутність його саме в цьому об'єднанні за принципами загальної логічної адресації та маршрутизації, варто розглядати «топологію Інтернет» саме на логічному рівні, де описуються потоки даних. Відсутність конкретного визначення топології Інтернет як поняття, та, водночас, проведення дослідження топології Інтернет, є протиріччам, що є перепоною на шляху пошуку методів вдосконалення мережі та захисту від кібернетичних атак, зокрема, її системи глобальної маршрутизації. Тому запропоновано варіант формулювання поняття «топологія Інтернет» через математичне визначення топологічного простору глобальної комп’ютерної мережі Інтернет, що утворений системою глобальної маршрутизації на множині з’єднань між вузлами – автономними системами. Також показано, що маршрути, які несуть інформацію про доступність мережевих префіксів, є елементами топології. Це відкриває шлях до використання методів топології для дослідження топологічного простору Інтернет

Interdomain Routing Security (BGP-4)

The Border Gateway Protocol (BGP) is the most important protocol for the interconnectivity of the Internet. Although it has shown acceptable performance, there are many issues about its capability to meet the scale of the growth of the Internet, mainly because of the security issues that surround interdomain routing. The Internet is important to many organisations in various contexts. Thus, it is required to provide a highly secure protocol to keep the normal operation of the Internet. BGP suffers from many security issues. In this dissertation, we cover those issues and provide the security requirements for this protocol. We enumerate the numerous attacks that can be conducted against BGP. The aim of this study is to examine two considerably discussed protocols. Secure-BGP (S-BGP) and secure origin BGP (soBGP) have shown a revolutionary view on interdomain routing since they endeavour to providing security mechanisms at the protocol level. The objective is extended to comparing these two solutions by examining their contribution to the Border Gateway Protocol in terms of security. Moreover, we study their interoperability, efficiency, performance, and the residual vulnerabilities that each solution failed to resolve. Our findings have revealed that ultimately, the solution chosen will be dependent on the desired level of security and deployability. As is often the case with security, a compromise between security and feasibility is of a major concern and cost-effectiveness is the main driver behind deployment

Resilient routing in the internet

Although it is widely known that the Internet is not prone to random failures, unplanned failures due to attacks can be very damaging. This prevents many organisations from deploying beneficial operations through the Internet. In general, the data is delivered from a source to a destination via a series of routers (i.e routing path). These routers employ routing protocols to compute best paths based on routing information they possess. However, when a failure occurs, the routers must re-construct their routing tables, which may take several seconds to complete. Evidently, most losses occur during this period. IP Fast Re-Route (IPFRR), Multi-Topology (MT) routing, and overlays are examples of solutions proposed to handle network failures. These techniques alleviate the packet losses to different extents, yet none have provided optimal solutions. This thesis focuses on identifying the fundamental routing problem due to convergence process. It describes the mechanisms of each existing technique as well as its pros and cons. Furthermore, it presents new techniques for fast re-routing as follows. Enhanced Loop-Free Alternates (E-LFAs) increase the repair coverage of the existing techniques, Loop-Free Alternates (LFAs). In addition, two techniques namely, Full Fast Failure Recovery (F3R) and fast re-route using Alternate Next Hop Counters (ANHC), offer full protection against any single link failures. Nevertheless, the former technique requires significantly higher computational overheads and incurs longer backup routes. Both techniques are proved to be complete and correct while ANHC neither requires any major modifications to the traditional routing paradigm nor incurs significant overheads. Furthermore, in the presence of failures, ANHC does not jeopardise other operable parts of the network. As emerging applications require higher reliability, multiple failures scenarios cannot be ignored. Most existing fast re-route techniques are able to handle only single or dual failures cases. This thesis provides an insight on a novel approach known as Packet Re-cycling (PR), which is capable of handling any number of failures in an oriented network. That is, packets can be forwarded successfully as long as a path between a source and a destination is available. Since the Internet-based services and applications continue to advance, improving the network resilience will be a challenging research topic for the decades to come

An investigation into the scale-free nature of heterogenous networks.

In order to support a wide variety of services, to different user types, and under a variety of geographic situations, telecommunications networks are typically composed of a variety of layers and heterogeneous technologies. Layers (in terms of the OSI 7 layer model) such as the transmission layer (e.g. WDM), the data link layer (also known as the transport network e.g. SDH, Ethernet) and the network layer (e.g. IP). These layers may also contain logical layers within them such as virtual paths, as well as overlay networks such as a peer-to-peer system. No single layer is independent of the adjacent layer and the provisioning requirements of one layer become the demand on the layer below. Similarly the available resources become the delivered quality of service to the layer above. This thesis is concerned with the design aspects of various layers and how they affect each other's topology. The thesis' main focus is topological analysis and modelling of layers, and it presents a detailed analysis of a deployed national SDH network, examining bandwidth distribution, topology, geography and the demand pattern. The thesis finds that even the strictly planned and provisioned SDH network, whose architecture contains explicit structures and hierarchy, has notable power-law traits in various metrics of the topology traits similar to those which have been shown to exist in the Internet, as well as non-technological networks such as social graphs. There is also an examination of the protocols and architectures of the IP and SDH standards for features that affect topological development. With a better understanding of the layers, design goals and assumptions are deduced and implemented in a new topology simulator called MITIE. MITIE (Modular Inter-layer feedback Topology InvEstigation tool and simulator) is a tool designed to investigate inter-layer feedback and differs from existing topology generators in that it considers the effect of serviced demands and allows the capacity usage to affect the further development of the topology. The thesis presents results from a series of experiments with MITIE and demonstrates that as the network is re-designed to accommodate demand, it can tend to power-law compliant topologies under the correct circumstances. Such a reactive topology model could also be used to investigate the effect of topological change and the effect of increasing the number of layers (such as adding MPLS), or the use of peer-to- peer overlay networks, or the decrease of the number of layers (IP over WDM). The model could also be used to investigate link and node failure/addition and the real effect which will propagate through the rest of the multi-layer network