Talks & Presentations

This talk addresses challenges in BGP data collection, focusing on redundancy and visibility gaps in current platforms. The talk introduces GILL, a new collection platform that enables data gathering from significantly more routers while controlling human effort and data volume through an overshoot-and-discard collection scheme allowing any AS to peer with GILL and export routes. Key topics include data compression algorithms for storing nonredundant routes, the bgproutes.io platform leveraging attribute redundancy, applications in topology mapping and AS ranking, and DFOH (a detector for forged-origin hijacks) that identifies BGP manipulation across the internet without relying on cryptographic extensions like BGPSec or ASPA.

BGP, the routing protocol that runs between large networks was not designed with security in mind. In this class, I'll present some of the attacks that are possible ranging from hijacks, blackholing using communities, path manipulation, and BGP session resets. I'll then move on to present some of the proposal aimed at detecting attacks on the protocol. The difficulty in detecting issues in inter-domain routing lies in that BGP hides information on the details of the Internet topology. This property is a given as it is at the root of the scalability of the protocol. How do we aim to fill the holes to improve detection and better understand the Internet? This can be addressed by careful selection of the data to analyse and tailored detections techniques, that we present in this talk.

With the growth of demands for quasi-instantaneous communication services such as real-time video streaming, cloud gaming, and industry 4.0 applications, multi-constraint Traffic Engineering (TE) becomes increasingly important. While legacy TE management planes have proven laborious to deploy, Segment Routing (SR) drastically eases the deployment of TE paths and thus became the most appropriate technology for many operators. The flexibility of SR sparked demands in ways to compute more elaborate paths. In particular, there exists a clear need in computing and deploying Delay-Constrained Least-Cost paths (DCLC) for real-time applications requiring both low delay and high bandwidth routes. However, most current DCLC solutions are heuristics not specifically tailored for SR. In this work, we leverage both inherent limitations in the accuracy of delay measurements and an operational constraint added by SR. We include these characteristics in the design of BEST2COP, an exact but efficient ECMP-aware algorithm that natively solves DCLC in SR domains. Through an extensive performance evaluation, we first show that BEST2COP scales well even in large random networks. In real networks having up to thousands of destinations, our algorithm returns all DCLC solutions encoded as SR paths in way less than a second. Segment routing, route aggregation and other TE techniques may introduce forwarding detours in an autonomous system. In the second part of the talk, I'll provide leads on how to detect forwarding detours. We study how traffic flows inside ASes. In case of detours, the forwarding routes do not match the best available routes, according to the internal gateway protocol (IGP) in use. We reveal such forwarding detours in multiple ASes.