Information Technology Reference
In-Depth Information
Fig.2 (a) demonstrates the validation process of IRV. The dotted line denotes
validation message sent by AS
A
. In this scene, AS
A
,
B
and
C
deploy IRV
services. These three ASes monitoring their native and customers IP prefix.
E
is
a malicious AS and advertises three false BGP routes
R
1
,
R
2
and
R
3
for prefix
P
1
to AS
A
. In the first loop, AS
A
sends a validation message to
F
when it
receives
R
1
from AS
E
because only AS
F
is included in AS-PATH property of
R
1
. Unfortunately, AS
A
does not get confirmation message because AS
F
does
not deploy IRV service. In the second loop, AS A will send validation message to
F
and
B
when it receives
R
2
from AS
E
. Again, AS
A
does not get confirmation
message because AS
B
cannot identify whether
R
1
is a false route. Only when
AS
A
sends AS
C
a validation message for route
R
3
, it will receive a notification
because AS
C
knows that AS
F
is the actually owner of prefix
P
1
.Inthisex-
ample, AS
A
is a blind spot for
R
1
and
R
2
. In addition, IRV does not make use
of relativity of monitoring message. For every BGP route, AS A sends message
to all AS nodes included in AS-PATH. As the count of routing increasing, the
communication cost increases linearly.
According to the analysis of local validity and relative validity, we propose
a coordination model which is called CoISM. Fig.2 (b) demonstrates the route
validation process of CoISM. When AS
A
receives
R
1
, it sends validation request
to AS
B
and
C
which has deployed BGP monitoring service. In the first loop,
only AS
C
replies a notification. In the second loop, AS
A
does send request to
AS
B
because AS
B
does not reply in the first loop. Instead, AS
A
sends request
to AS
C
, because these three routes are routing correlative. Contrasting with
Fig.2 (b), our method removes blind spot and decreases communication cost. we
designed CoISM algorithms which are described in algorithm1 and algorithm2.
3.2 Implementation
We implement a cooperative routing monitoring system which is composed of
route monitor and CoISM registry. There are three functions of route monitor.
First, monitor establishes dumb iBGP session with ASs router to collect BGP
routing. Second, monitor exchanges routing monitoring information with other
monitor. Last, monitor sends notification to other monitor when false route
is detected. CoISM registry provides access information of AS which deploys
monitor service.
In our cooperative routing monitoring system, each ASs routing monitoring
service is deployed on PC server and exchanges monitoring information with
other ASs monitoring service through TCP connection. Each AS sends registra-
tion information to CoISM registry when monitoring service is deployed. Small
size AS can consign monitoring service to its provider. The architecture of CoISM
is illustrated as Fig.3.
Due to lacking of schedule center, AS cannot sense whether other AS deploys
monitor. Hence, an important issue of CoISM is how to locate monitor for AS. To
resolve this question, we build a CoISM registry web site to store and provide
all monitors contact information. CoISM registry only store monitor location
