The presentation was delivered by HLL / Qrator network engineer Alexander Asimov at the ENOG 2/RIPE NCC Regional Meeting taking place at the World Trade Centre in Moscow on 28-30 November 2011.

1. Detecting Autonomous
Systems Relationships
Alexander Asimov
<aa@highloadlab.com>
Highload Lab

2. Our Goals
1. Traffic flow engineering
2. AS architecture design
3. BGP loop prediction

3. Traffic flow: prepend
«Дерни за веревочку, дверка
откроется»… а может быть, и нет

4. AS architecture design
1. Where to place next point of
presence?
2. How to forecast the
vector/amount of traffic
flow?

5. AS types
AS3
AS1 AS2
AS4
Is AS3 multihomed?
Is AS4 transit? CORE
According to RFC - Yes

6. AS with separate parts
Two ASes with different route policy under
one AS number! Transnational?

7. BGP Route Loops
Built-in defense for static loops
Dynamic loops!

8. BGP Route Loops
AS-X
200
AS2 AS3
A
200
AS5
200
AS1 AS4
A
200 AS1 --
AS2 --
AS3 AS5 AS-X
AS4 AS5 AS-X

9. BGP Route Loops
AS-X
200
AS2 A AS3
200
AS5
A
200
AS1 AS4
200 AS1 --
AS2 AS3 AS5 AS-X
AS3 AS4 AS5 AS-X
AS4 AS5 AS-X

10. BGP Route Loops
AS-X
200
AS2 A AS3
200
AS5
A
200
AS1 AS4
200 AS1 AS2 AS3 AS5 AS-X
AS2 AS3 AS4 AS5 AS-X
AS3 AS4 AS5 AS-X
AS4 AS5 AS-X

11. BGP Route Loops
AS-X
200
AS2 AS3
200
AS5
A
200
AS1 A AS4
200 AS1 AS2 AS3 AS4 AS5 AS-X
AS2 AS3 AS4 AS5 AS-X
AS3 AS4 AS5 AS-X
AS4 AS1 AS2 AS3 AS5 AS-X

12. BGP Route Loops
AS-X
200
AS2 AS3
200
AS5
A Packets
200
AS1 A AS4
200 AS1 AS2 AS3 AS4 AS5 AS-X
AS2 AS3 AS4 AS5 AS-X
AS3 AS4 AS5 AS-X
AS4 AS1 AS2 AS3 AS5 AS-X

13. BGP Route Loops
AS-X
200
AS2 AS3
200
AS5
A
200
AS1 A AS4
200 AS1 AS2 AS3 AS4 AS5 AS-X
AS2 AS3 AS4 AS5 AS-X
AS3 AS5 AS-X
Again!
AS4 AS5 AS-X

14. BGP Route Loops
Built-in defense for static loops
Dynamic loops!
• Packet loss
• BGP Announce noise

15. Breaking down
1. Route flap
2. Change prepend policy
AS-X AS-X
3. Prepend one of ASes in loop
AS-X AS2 AS-X
Makes AS2 ignore your route

16. Breaking down
1. Route flap
2. Change prepend policy
AS-X AS-X
3. Prepend one of ASes in loop
AS-X AS2 AS-X
Makes AS2 ignore your route
How not to fall into another loop?

17. One “killer” feature
Autonomous Systems
Reverse Map
And there are multiple projects…

18. Opte Project
Beautiful!

19. DIMES
Interesting!

20. ROBTEX
Ok. But what will be used by my AS?

21. Missing features
• Physical links discovery
No use of route policy
• Macro map
Show links that are used by
somebody, not by your AS.

22. WHOIS services

23. Incompleteness
Often Sometimes Never
ORIGIN
Accept Fliters Prepend
EBGP vs IBGP
IGP
Local Pref
Med
Route ID

24. Inconsistency
From RIPE DB
aut-num: AS42366
remarks: Due to major changes this
object is outdated at moment

25. Missing features
• Physical links discovery
No use of route policy;
• Macro map
Shows links that are used by
somebody, not by your AS;
• Route policy data
Outdated, incomplete.

26. Deadlock?
No opportunity for route policy recovery!

27. Project goals
• There are more then 400k physical
links at interdomain level;
• Only 40k links are used at every
moment by each AS;
• The goal is to find out links, that
could be used by single AS.

28. Route policy model
Accept Filters
Local Pref
Local Pref
AS_PATH Prepend model
ORIGIN
MED
eBGP vs iBGP Priority
IGP
Router_ID

29. Route policy model
Accept Filters
Local Pref
Local Pref
AS_PATH Prepend model
ORIGIN
MED
eBGP vs iBGP Priority
IGP
Router_ID
Discover every route policy level!

30. Active policy discovery
1. Colored AS map
2. Traceroute
3. ping –R (spoofed)

31. Colored AS Map
AS4
AS2 AS1 AS3
AS-X
Prefix I

32. Colored AS Map
AS4
PING!
AS2 AS1 AS3
AS-X
Prefix I

33. Colored AS Map
AS4
PING!
AS2 AS1 AS3
AS-X
Prefix I

34. AS graph properties
BGP router announces
only what is used.
AS graph must be
connected by each
color!

35. Model Correction
AS3
Increase localpref
10 20
AS1  AS2
AS1 AS2

36. Verification Process
BGP config
change
Model
Active probing
correction

37. WHOIS services check
ARIN
APNIC ASes in RR %
Errors %
RIPE
0 20 40 60 80

38. Amount of neighbours
AS Number Description
12389 ROSTELECOM
9002 RETN
20485 TRANSTELECOM
6854 SYNTERRA
3216 SOVAM
8732 COMCOR
31133 MegaFon
2854 ROSPRINT
39792 ANDERS

39. AS connectivity
AS1 AS2 AS3
Level0
AS-X

40. AS connectivity
Level1
AS4 AS5 AS6 AS7
AS1 AS2 AS3
Level0
AS-X

41. AS connectivity
𝐷𝑒𝑔𝑟𝑒𝑒 𝐴𝑆𝑋 = 𝑆𝑖𝑧𝑒𝑂𝑓 𝐿𝑒𝑣𝑒𝑙 𝑖 ∗ 𝑖
Level1
AS4 AS5 AS6 AS7
AS1 AS2 AS3
Level0
AS-X

42. Top AS connectivity
AS Number Description
12389 ROSTELECOM
9002 RETN
20485 TRANSTELECOM
31133 MegaFon
3216 SOVAM
6854 SYNTERRA
8744 STARTTELECOM
39792 ANDERS
8732 COMCOR

43. AS-QRATOR
Neighbours Connectivity
39792 9 8
41095 70 520
9002 2 2
It is balanced!

44. Results
• Policy recovery is impossible;
• Active policy discovery is possible;
• There is unique graph for every AS;
• The only opportunity for
engineering at interdomain routing
level.

45. Keep your WHOIS records
up to date
Pretty please…

46. Thank you for
listening!
Questions?