Abstract
Diagnosing IP-service anomalies requires network operators to analyze routing and service-application behavior at the protocol level from multiple viewpoints. For analyzing anomalies whose effects can be observed as static inconsistency among BGP routing tables, the multi-agent-based diagnostic system called ENCORE has been developed and successfully applied to actual autonomous systems (ASes). This system can integrate BGP routing information observed at multiple ASes and verify whether the routing information is being correctly distributed throughout the Internet. However, actual IP-service failures sometimes require temporal analysis of routing updates to identify specific causes and, moreover, comprehensive analysis from the viewpoint of interaction with other protocols than BGP. Thus, we have integrated such functions in the ENCORE architecture and developed a comprehensive diagnostic system called IP-MIND. It can consider historical BGP routing updates and the behavior of other protocols in conjunction with BGP-information reachability analysis in order to identify specific causes. It also enables diagnosis of a class of anomalies that cause reachability failures while not creating any inconsistency among the current BGP routing tables at multiple ASes.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Rekhter, Y., Li, T.: A Border Gateway Protocol 4 (BGP-4), RFC1771 (1995)
The North American Network Operators’ Group: NANOG mailing list, http://www.nanog.org
Premore, B.: An Experimental Analysis of BGP Convergence Time. In: Proc. of the Ninth International Conference on Network Protocols (ICNP), pp. 53–61. IEEE Computer Society, Los Alamitos (2001)
Chang, D., Govindan, R., Heidemann, J.: The Temporal and Topological Characteristics of BGP Path Changes. In: Proc. of Int’l Conf. on Network Protocols, pp. 190–199. IEEE, Los Alamitos (2003)
Feldmann, A., Maennel, O., Mao, Z., Berger, A., Maggs, B.: Locating Internet Routing Instability. In: Proc. of SIGCOMM, pp. 205–218. ACM, New York (2004)
Teixeira, R., Rexford, J.: A Measurement Framework for Pin-pointing Routing Changes. In: Proc. of the ACM SIGCOMM workshop on Network troubleshooting (NetT), pp. 313–318. ACM, New York (2004)
Chandrashekar, J., Zhang, Z., Peterson, H.: Fixing BGP, One as at a Time. In: Proc. of the ACM SIGCOMM workshop on Network troubleshooting (NetT), pp. 295–300. ACM, New York (2004)
Feamster, N., Balakrishnan, H.: Detecting BGP Configuration Faults with Static Analysis. In: Proc. of NSDI, pp. 43–56. USENIX/ACM (2005)
Mahajan, R., Wetherall, D., Anderson, T.: Understanding BGP Misconfiguration. In: Proc. of SIGCOMM, pp. 3–16. ACM, New York (2002)
Afek, Y., Bremler-Barr, A., Schwarz, S.: Improved BGP Convergence via Ghost Flushing. In: Proc. of 22nd INFOCOM, pp. 927–937. IEEE Computer Society, Los Alamitos (2003)
Akashi, O., Terauchi, A., Fukuda, K., Hirotsu, T., Maruyama, M., Sugawara, T.: Detection and Diagnosis of Inter-AS Routing Anomalies by Cooperative Intelligent Agents. In: Schönwälder, J., Serrat, J. (eds.) DSOM 2005. LNCS, vol. 3775. Springer, Heidelberg (2005)
Kern, E.: http://nitrous.digex.net
RIPE: http://www.ripe.net/
Meyer D.: http://www.routeviews.org
Zhang, K., Yen, A., Zhao, X., Massey, D., Wu, S., Zhnag, L.: On Detection of Anomalous Routing Dynamics in BGP. In: Proc. of Networking, IFIP, pp. 259–270 (2004)
Teoh, S., Ma, K., Wu, S., Massey, D., Zhao, X., Pei, D., Wang, L., Zhang, L., Bush, R.: Visual-Based Anomaly Detection for BGP Origin AS Change (OASC) Events. In: Brunner, M., Keller, A. (eds.) DSOM 2003. LNCS, vol. 2867, pp. 155–168. Springer, Heidelberg (2003)
Subramanian, L., Roth, V., Stoica, I., Shenker, S., Katz, R.: Listen and Whisper: Security Mechanisms for BGP. In: Proc. of Networked Systems Design and Implementation. USENIX, pp. 127–140 (November 2004)
Terauchi, A., Akashi, O., Maruyama, M., Fukuda, K., Sugawara, T., Hirotsu, T., Kurihara, S.: ARTISTE: An Agent Organization Management System for Multi-agent Systems. In: 8th Pacific Rim Int’l Workshop on Multi-Agents (PRIMA), IFMAS, pp. 245–259 (September 2005)
Akashi, O., Fukuda, K., Hirotsu, T., Sugawara, T.: Analysis of Diagnostic Capability for Hijacked Route Problem. In: Medhi, D., Nogueira, J.M., Pfeifer, T., Wu, S.F. (eds.) IPOM 2007. LNCS, vol. 4786. Springer, Heidelberg (2007)
Villamizar, C., Chandra, R., Govindan, R.: BGP Route Flap Damping, RFC2439 (1998)
VMware: http://www.vmware.com
The quagga routing suite, http://www.quagga.net
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Akashi, O., Terauchi, A. (2008). Diagnosis of IP-Service Anomalies Based on BGP-Update Temporal Analysis. In: Akar, N., Pioro, M., Skianis, C. (eds) IP Operations and Management. IPOM 2008. Lecture Notes in Computer Science, vol 5275. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-87357-0_3
Download citation
DOI: https://doi.org/10.1007/978-3-540-87357-0_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-87356-3
Online ISBN: 978-3-540-87357-0
eBook Packages: Computer ScienceComputer Science (R0)