13 research outputs found
Multilevel MDA-Lite Paris Traceroute
Since its introduction in 2006-2007, Paris Traceroute and its Multipath
Detection Algorithm (MDA) have been used to conduct well over a billion IP
level multipath route traces from platforms such as M-Lab. Unfortunately, the
MDA requires a large number of packets in order to trace an entire topology of
load balanced paths between a source and a destination, which makes it
undesirable for platforms that otherwise deploy Paris Traceroute, such as RIPE
Atlas. In this paper we present a major update to the Paris Traceroute tool.
Our contributions are: (1) MDA-Lite, an alternative to the MDA that
significantly cuts overhead while maintaining a low failure probability; (2)
Fakeroute, a simulator that enables validation of a multipath route tracing
tool's adherence to its claimed failure probability bounds; (3) multilevel
multipath route tracing, with, for the first time, a Traceroute tool that
provides a router-level view of multipath routes; and (4) surveys at both the
IP and router levels of multipath routing in the Internet, showing, among other
things, that load balancing topologies have increased in size well beyond what
has been previously reported as recently as 2016. The data and the software
underlying these results are publicly available.Comment: Preprint. To appear in Proc. ACM Internet Measurement Conference 201
Speedtrap: Internet-Scale IPv6 Alias Resolution
Proceedings of the Thirteenth ACM SIGCOMM Internet Measurement (IMC 2013) Conference, Barcelona, ES, October 2013.The article of record as published may be located at http://dx.doi.org/10.1145/2504730.2504759.Impediments to resolving IPv6 router aliases have precluded understanding the emerging router-level IPv6 Internet topology. In this work, we design, implement, and validate the first {\em Internet-scale alias resolution technique} for IPv6. Our technique, \st, leverages the ability to induce fragmented IPv6 responses from router interfaces in a particular temporal pattern that produces distinguishing per-router fingerprints. Our algorithm surmounts three fundamental challenges to Internet-scale IPv6 alias resolution using fragment identifier values: (1) unlike for IPv4, the identifier counters on IPv6 routers have no natural velocity, (2) the values of these counters are similar across routers, and (3) the packet size required to collect inferences is 46 times larger than required in IPv4. We demonstrate the efficacy of the technique by producing router-level Internet IPv6 topologies using measurements from CAIDA's distributed infrastructure. Our preliminary work represents a step toward understanding the Internet's IPv6 router-level topology, an important objective with respect to IPv6 network resilience, security, policy, and longitudinal evolution
Revealing the Evolution of a Cloud Provider Through its Network Weather Map
peer reviewedResearchers often face the lack of data on large operational networks to understand how they are used, how they behave, and sometimes how they fail. This data is crucial to drive the evolution of Internet protocols and develop techniques such as traffic engineering, DDoS detection and mitigation. Companies that have access to measurements from operational networks and services leverage this data to improve the availability, speed, and resilience of their Internet services. Unfortunately, the availability of large datasets, especially collected regularly over a long period of time, is a daunting task that remains scarce in the literature.
We tackle this problem by releasing a dataset collected over roughly two years of observations of a major cloud company (OVH). Our dataset, called OVH Weather dataset, represents the evolution of more than 180 routers, 1,100 internal links, 500 external links, and their load percentages in the backbone network over time. Our dataset has a high density with snapshots taken every five minutes, totaling more than 500,000 files. In this paper, we also illustrate how our dataset could be used to study the backbone networks evolution. Finally, our dataset opens several exciting research questions that we make available to the research community
vrfinder: Finding outbound addresses in traceroute
Current methods to analyze the Internet's router-level topology with paths collected using traceroute assume that the source address for each router in the path is either an inbound or off-path address on each router. In this work, we show that outbound addresses are common in our Internet-wide traceroute dataset collected by CAIDA's Ark vantage points in January 2020, accounting for 1.7% - 5.8% of the addresses seen at some point before the end of a traceroute. This phenomenon can lead to mistakes in Internet topology analysis, such as inferring router ownership and identifying interdomain links. We hypothesize that the primary contributor to outbound addresses is Layer 3 Virtual Private Networks (L3VPNs), and propose vrfinder, a technique for identifying L3VPN outbound addresses in traceroute collections. We validate vrfinder against ground truth from two large research and education networks, demonstrating high precision (100.0%) and recall (82.1% - 95.3%). We also show the benefit of accounting for L3VPNs in traceroute analysis through extensions to bdrmapIT, increasing the accuracy of its router ownership inferences for L3VPN outbound addresses from 61.5% - 79.4% to 88.9% - 95.5%
Network-provider-independent overlays for resilience and quality of service.
PhDOverlay networks are viewed as one of the solutions addressing the inefficiency and slow
evolution of the Internet and have been the subject of significant research. Most existing
overlays providing resilience and/or Quality of Service (QoS) need cooperation among
different network providers, but an inter-trust issue arises and cannot be easily solved.
In this thesis, we mainly focus on network-provider-independent overlays and investigate
their performance in providing two different types of service. Specifically, this thesis
addresses the following problems:
Provider-independent overlay architecture: A provider-independent overlay
framework named Resilient Overlay for Mission-Critical Applications (ROMCA)
is proposed. We elaborate its structure including component composition and
functions and also provide several operational examples.
Overlay topology construction for providing resilience service: We investigate the topology design problem of provider-independent overlays aiming to provide resilience service. To be more specific, based on the ROMCA framework, we
formulate this problem mathematically and prove its NP-hardness. Three heuristics are proposed and extensive simulations are carried out to verify their effectiveness.
Application mapping with resilience and QoS guarantees: Assuming application mapping is the targeted service for ROMCA, we formulate this problem as
an Integer Linear Program (ILP). Moreover, a simple but effective heuristic is
proposed to address this issue in a time-efficient manner. Simulations with both
synthetic and real networks prove the superiority of both solutions over existing
ones.
Substrate topology information availability and the impact of its accuracy on overlay performance: Based on our survey that summarizes the methodologies available for inferring the selective substrate topology formed among a group
of nodes through active probing, we find that such information is usually inaccurate
and additional mechanisms are needed to secure a better inferred topology. Therefore, we examine the impact of inferred substrate topology accuracy on overlay
performance given only inferred substrate topology information
Resolving IP Aliases with Prespecified Timestamps
University of Washington Operators and researchers want accurate router-level views of the Internet for purposes including troubleshooting and modeling. However, tools such as traceroute return IP addresses. Because routers may have dozens of IP addresses, or aliases, multiple measurements may return different addresses, obscuring whether they represent the same machine. While many techniques exist to address this issue by identifying some IP aliases, these techniques, even in combination, find only a subset of alias pairs. To improve this state, we design and evaluate a new alias resolution technique using the IP prespecified timestamp option. This option allows a sender to request timestamp values from multiple IP addresses in the same probe. By careful arrangement of these IP addresses, we show that we can infer aliases in many cases. In this paper, we conduct a measurement study of how many routers support IP timestamps, demonstrating that enough honor the option to base our technique on it. Using our technique, and compared to the most accurate alias information available, we find that 94.7 % of the aliases identified by our technique are true positives. Further, we show that our IP timestamp-based technique complements existing alias resolution techniques, providing significant gains by discovering previously unidentifiable aliases