Slides

538 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
538
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
16
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Slides

  1. 1. IP Network Configuration for Traffic Engineering Anja Feldmann Jennifer Rexford AT&T Labs - Research Presented by Zihui Ge 11/21/2000
  2. 2. Outline <ul><li>Introduction </li></ul><ul><li>Network model </li></ul><ul><li>Router configuration </li></ul><ul><li>Netdb examples </li></ul><ul><li>Conclusion </li></ul>
  3. 3. Nightmare! -Configure IP Router <ul><li>Configuring IP routers is extremely complicated </li></ul><ul><ul><li>Diversity of network equipment </li></ul></ul><ul><ul><li>Large number of configuration options </li></ul></ul><ul><ul><li>Interaction of configuration parameters across multiple routers </li></ul></ul><ul><ul><li>Rapid changes to network </li></ul></ul><ul><ul><li>Limited configuration tools </li></ul></ul><ul><li>Severe consequences of error by manual configuration of individual routers </li></ul>
  4. 4. HELP! -An Abstract model <ul><li>Need an ACCURATE network-wide CONSISTENT ABSTRACT view of network configuration. </li></ul><ul><ul><li>Guide router configuration. </li></ul></ul><ul><ul><li>Help in error detection. </li></ul></ul>
  5. 5. What need to be modeled? <ul><ul><li>Physical components </li></ul></ul><ul><ul><ul><li>Routers, interfaces </li></ul></ul></ul><ul><ul><li>Physical and logical connectivity </li></ul></ul><ul><ul><ul><li>Links, BGP sessions </li></ul></ul></ul><ul><ul><li>Routing protocols </li></ul></ul><ul><ul><ul><li>Static routes, OSPF, BGP </li></ul></ul></ul><ul><ul><li>Access control </li></ul></ul><ul><ul><ul><li>Packet filters, route filters </li></ul></ul></ul>
  6. 6. A peek on author’s model. router, remote peer (IP address), remote AS, iBGP/eBGP, {filter policy}, {interface},{session attribute} BGP IP prefix, tag (administrative weight), {interface} Static route IP prefix, permit/deny, {(interface, packet/route, in/out)} Access list IP prefix, link type (backbone/edge), OSPF area, {interface} Link router, interface name, {(IP address, IP prefix)}, capacity, OSPF weight, queuing strategy, status (up/down), {access list}, {static route} Interface router name, {loopback IP address}, location, {interface}, {global setting} Router Attributes Object
  7. 7. Think about router. <ul><li>Router </li></ul><ul><ul><li>Typically consists of a route processor, a switching fabric, a collection of interfaces. </li></ul></ul><ul><ul><li>Route processor construct forwarding table based on information of intradomain and interdomain routing protocol </li></ul></ul><ul><ul><li>Route processor is identified by loopback IP addresses </li></ul></ul><ul><ul><li>Router name, {loopback IP address}, location, {interface}, {global setting} </li></ul></ul>
  8. 8. Think about interface. <ul><li>Position in the router(indicated by interface name). </li></ul><ul><li>Each interface has a primary IP address and may have one or more secondary IP addresses; each IP address is associated with a particular prefix. </li></ul><ul><ul><li>12.34.56.77 in prefix 12.34.56.76/30 </li></ul></ul><ul><li>Could associate with static routes , filters. </li></ul><ul><li>Router, interface name, {(IP address, IP prefix)}, capacity, queuing strategy, status (up/down),{access list}, {static route}, OSPF weight </li></ul>
  9. 9. Think about link. <ul><li>Link is a physical media. </li></ul><ul><li>Addressing: IP prefix. </li></ul><ul><ul><li>12.34.56.76/30 </li></ul></ul><ul><ul><li>Two ends 12.34.56.77 & 12.34.56.78 </li></ul></ul><ul><li>Ethernet or FDDI may have smaller mask length </li></ul><ul><li>Backbone link VS. edge link </li></ul><ul><ul><li>All interfaces in the same AS? </li></ul></ul><ul><ul><li>Participate in intradomain or interdomain routing? </li></ul></ul><ul><li>IP prefix, link type (backbone/edge),{interface}, OSPF area </li></ul>
  10. 10. Think about OSPF. <ul><li>Link state protocol. </li></ul><ul><li>OSPF routers exchange weight information and compute shortest path </li></ul><ul><ul><li>Use flooding to propagate link-state update. </li></ul></ul><ul><ul><li>Length of path is defined as sum of weight </li></ul></ul><ul><li>Extension for scalability: </li></ul><ul><ul><li>Routing hierarchy(OSPF areas) </li></ul></ul><ul><ul><li>Each link belongs to SAME OSPF area </li></ul></ul><ul><li>Attribute “OSPF weight” in interface object </li></ul><ul><li>Attribute “OSPF area” in link object </li></ul>
  11. 11. Think about static route. <ul><li>Provides a simple way to associate destination prefixes with edge interfaces. </li></ul><ul><ul><li>The router knows to direct packets destined to some prefix to the appropriate next-hop interface. </li></ul></ul><ul><ul><li>Doesn’t ensure that the rest of the network knows how to reach this destination prefix. </li></ul></ul><ul><li>Advertise static route via OSPF or iBGP. </li></ul><ul><ul><li>administrative weight </li></ul></ul><ul><li>IP prefix, tag (administrative weight),{interface} </li></ul>
  12. 12. Think about BGP. <ul><li>BGP </li></ul><ul><li>Distance Vector. </li></ul><ul><li>Filter policy contains import and export policies. </li></ul><ul><li>BGP object corresponds to one end point of a BGP session(Addressing the session peer). </li></ul><ul><li>How to reach the remote end? (Interface) </li></ul><ul><li>Confederation, route reflectors? </li></ul><ul><li>router, remote peer (IP address), remote AS, iBGP/eBGP, {filter policy}, {interface},{session attribute} </li></ul>
  13. 13. Think about filter. <ul><li>Packet filters </li></ul><ul><ul><li>firewall </li></ul></ul><ul><ul><li>detect spoofed source IP address. </li></ul></ul><ul><li>Route filter </li></ul><ul><ul><li>Custom-Provider </li></ul></ul><ul><ul><li>avoids problem caused by misconfigured BGP policies in downstream routers. </li></ul></ul><ul><li>Access list </li></ul><ul><li>IP prefix, permit/deny, {(interface,packet/route, in/out)} </li></ul>
  14. 14. Cool! We did it! router, remote peer (IP address), remote AS, iBGP/eBGP, {filter policy}, {interface},{session attribute} BGP IP prefix, tag (administrative weight), {interface} Static route IP prefix, permit/deny, {(interface, packet/route, in/out)} Access list IP prefix, link type (backbone/edge), OSPF area, {interface} Link router, interface name, {(IP address, IP prefix)}, capacity, OSPF weight, queuing strategy, status (up/down), {access list}, {static route} Interface router name, {loopback IP address}, location, {interface}, {global setting} Router Attributes Object
  15. 15. Where to get information? <ul><li>Potential Data Sources </li></ul><ul><ul><li>SNMP MIBs </li></ul></ul><ul><ul><ul><li>Basic traffic statistics </li></ul></ul></ul><ul><ul><li>Topology discovery tools </li></ul></ul><ul><ul><ul><li>traceroute, pathchar </li></ul></ul></ul><ul><ul><ul><li>Active measure: topology, link capacity, … </li></ul></ul></ul><ul><ul><li>Route monitoring </li></ul></ul><ul><ul><ul><li>Passive monitor: BGP, OSPF link state update </li></ul></ul></ul><ul><ul><li>Router configuration files </li></ul></ul><ul><ul><ul><li>Physical and logical connectivity, link capacity, routing protocols, access lists, … </li></ul></ul></ul>
  16. 16. Router Configuration Files <ul><li>Cisco’s Internet Operating System(ISO) serves as a de facto standard for router configuration. </li></ul><ul><li>Access configuration files </li></ul><ul><ul><li>Complete </li></ul></ul><ul><ul><li>Consistent (snapshot) </li></ul></ul>
  17. 17. A sample file
  18. 18. Dependencies Within a File <ul><li>Domain(Section)-Independent </li></ul><ul><ul><li>Referencing undefined items </li></ul></ul><ul><ul><ul><li>Undefined access-list, route-map, … </li></ul></ul></ul><ul><ul><ul><li>Similar to compile error: undefined variable </li></ul></ul></ul><ul><ul><li>Unused items </li></ul></ul><ul><ul><ul><li>Similar to compile warning: unused variable </li></ul></ul></ul>
  19. 19. Dependencies Within a File <ul><li>Domain-Dependent </li></ul><ul><ul><li>Inconsistent definitions </li></ul></ul><ul><ul><ul><li>“ Speed” in channel-group </li></ul></ul></ul><ul><ul><ul><li>“ Bandwidth” in interface entry </li></ul></ul></ul><ul><ul><ul><li>Missing “IP classless” will cause the router to discard packets destined to an IP prefix that is not aligned with octet boundaries. </li></ul></ul></ul><ul><ul><li>Dependence on default parameters </li></ul></ul><ul><ul><ul><li>Missing OSPF area in the router section (router won’t participate in OSPF) </li></ul></ul></ul><ul><ul><ul><li>Missing OSPF weight in interface section (default weight is set inversely proportional to capacity) </li></ul></ul></ul>
  20. 20. Dependencies Across Files <ul><li>Inconsistent definitions </li></ul><ul><ul><li>Router level Significance (will not cause inconsistency) </li></ul></ul><ul><ul><ul><li>Similar to local variable </li></ul></ul></ul><ul><ul><ul><li>For example: access-list </li></ul></ul></ul><ul><ul><li>Network wide Significance (problematic) </li></ul></ul><ul><ul><ul><li>Similar to External variable or function </li></ul></ul></ul><ul><ul><ul><li>A backbone link with interfaces on two routers: two routers should agree on the selection of an OSPF area. </li></ul></ul></ul>
  21. 21. Dependencies Across Files <ul><li>Inconsistent references to remote nodes(even worse) </li></ul><ul><ul><li>eBGP session: peer router resides outside backbone, on different organization </li></ul></ul><ul><ul><li>Two routers: </li></ul></ul><ul><ul><ul><li>Neighbor 10.1.2.3 remote-as 1 </li></ul></ul></ul><ul><ul><ul><li>Neighbor 10.1.2.3 remote-as 2 </li></ul></ul></ul>
  22. 22. Netdb <ul><li>Netdb is a Perl script that parses configuration files in Cisco IOS formation </li></ul><ul><li>Populates the network model and detects possible configuration errors for AT&T Common IP Backbone. </li></ul><ul><ul><li>Running time < 2 minutes </li></ul></ul>
  23. 23. Netdb step 1 <ul><li>read configuration files of all routers </li></ul><ul><li>read keywords for global settings and section names </li></ul><ul><li>forall routers { </li></ul><ul><li>identify section boundaries </li></ul><ul><li>parse global variables </li></ul><ul><li>check global variables </li></ul><ul><li>} </li></ul>
  24. 24. Netdb step 2 <ul><li>foreach section in (controllers, access lists, interfaces, other filter sections, static routes, OSPF, BGP) { </li></ul><ul><li>read section keywords </li></ul><ul><li>read customization input files </li></ul><ul><li>forall routers </li></ul><ul><li>parse section and check keywords, network model violations </li></ul><ul><li>forall routers </li></ul><ul><li>perform error checks </li></ul><ul><li>} </li></ul>
  25. 25. STEP 2 - implementation <ul><ul><li>Multiple passes. </li></ul></ul><ul><ul><ul><li>Parse and load all file into memory </li></ul></ul></ul><ul><ul><li>Strict sequence: Controllers < ..< BGP </li></ul></ul><ul><ul><ul><li>Earlier sections do not depend on later sections </li></ul></ul></ul><ul><ul><ul><li>Processing later section requests previous section complete. </li></ul></ul></ul>
  26. 26. STEP 2 -What do we miss? <ul><ul><li>There is no LINK section in configuration file! </li></ul></ul><ul><ul><li>Link Object is created for the first occurrence of a prefix in interface section, and associated with the IP address of the particular interface. </li></ul></ul><ul><ul><li>It is extended to include the IP address of other interfaces if the prefix reappears. </li></ul></ul>
  27. 27. Netdb step 3 <ul><li>forall routers { </li></ul><ul><li>forall objects </li></ul><ul><li>report unassigned attributes </li></ul><ul><li>forall statements </li></ul><ul><li>report unused statements </li></ul><ul><li>} </li></ul>
  28. 28. Examples <ul><li>Examples of netdb error messages </li></ul><ul><ul><li>router1: unknown interface keyword: hold-queue value: ...... </li></ul></ul><ul><ul><li>router2: ROUTE-MAP ERROR: community 1000 undefined ROUTEMAP1: community 1000 1010 </li></ul></ul><ul><ul><li>router3: OSPF ERROR: ospf network 10.127.6.132/30 should either be in area 14 or 3 </li></ul></ul><ul><ul><li>router4: OSPF ERROR: network: 10.126.212.0 0.0.0.3 area 2 with only one IP address 10.126.212.2 </li></ul></ul><ul><ul><li>router5: OSPF ERROR: network: 10.126.12.172 0.0.0.3 area 3 with no IP address </li></ul></ul><ul><ul><li>router6: BGP ERROR: cannot resolve IP: 10.11.12.56 from ...BGP statement... </li></ul></ul>
  29. 29. Examples-2 <ul><li>Error messages for policy violations . </li></ul><ul><li>router1: GLOBAL ERROR: missing parameter BGP-COMMUNITY </li></ul><ul><li>router2: GLOBAL ERROR: incorrect parameter CEF value: ip cef </li></ul><ul><li>router3: ACL WARNING: default acl 6 missing </li></ul><ul><li>router3: ACL WARNING: default acl 7 differs from specification: deny 172.0.0.0/8 </li></ul><ul><li>router4: ACL ERROR: VPN customer needs in and out ACL; (customer ABCDE) </li></ul><ul><li>router5: CONTROLLER ERROR: missing clock sync for interface Serial2/1/0:2 </li></ul><ul><li>router6: BGP ERROR: wrong rr definition for rr client 10.126.236.3 with peer-group abc </li></ul>
  30. 30. Conclusion <ul><li>A network model for traffic engineering </li></ul><ul><li>A method to ensure network consistency </li></ul><ul><li>A tool, netdb, to identify configuration errors </li></ul>
  31. 31. Thanks! <ul><li>Happy </li></ul><ul><li>thanks giving! </li></ul>

×