1 / 14

How DNS Misnaming Distorts Internet Topology Mapping

How DNS Misnaming Distorts Internet Topology Mapping. Ming Zhang, Microsoft Research Yaoping Ruan, IBM Research Vivek Pai, Jennifer Rexford, Princeton University. Basic Traceroute. % traceroute -n www.usenix.org 1 128.112.155.129 0.586 ms 0.408 ms 0.401 ms

lawson
Download Presentation

How DNS Misnaming Distorts Internet Topology Mapping

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How DNS Misnaming Distorts Internet Topology Mapping Ming Zhang, Microsoft Research Yaoping Ruan, IBM Research Vivek Pai, Jennifer Rexford, Princeton University

  2. Basic Traceroute % traceroute -n www.usenix.org 1 128.112.155.129 0.586 ms 0.408 ms 0.401 ms 2 128.112.138.2 0.627 ms 0.454 ms 0.645 ms 3 128.112.139.193 2.833 ms 1.412 ms 1.618 ms 4 128.112.12.57 1.505 ms 1.115 ms 1.548 ms 5 128.112.12.22 2.073 ms 1.237 ms 1.054 ms 6 204.153.48.9 3.275 ms 3.041 ms 2.459 ms 7 12.119.12.109 7.863 ms 8.513 ms 5.343 ms 8 12.123.219.133 10.458 ms 8.224 ms 8.770 ms 9 12.123.0.101 6.547 ms 8.504 ms 5.736 ms 10 204.255.168.1 8.536 ms 7.328 ms 6.912 ms 11 152.63.21.78 6.229 ms 6.215 ms 5.906 ms 12 152.63.145.241 71.186 ms 70.831 ms 71.415 ms 13 152.63.55.58 71.049 ms 71.716 ms 70.714 ms 14 152.63.48.73 73.591 ms 73.618 ms 73.887 ms 15 157.130.192.6 97.473 ms 94.833 ms 111.342 ms Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

  3. Reverse DNS Lookups tbr2-p012402.n54ny.ip.att.net ggr3-g90.n54ny.ip.att.net 0.so-2-1-0.BR1.NYC4.ALTER.NET 0.so-6-0-0.XL1.NYC4.ALTER.NET % traceroute www.usenix.org 1 ignition (128.112.155.129) 0.542 ms 2 targe (128.112.138.2) 0.894 ms 3 csgate (128.112.139.193) 1.592 ms 4 gigagate1.Princeton.EDU (128.112.12.57) 1.768 ms 5 vgate1.Princeton.EDU (128.112.12.22) 1.240 ms 6 tcggate.Princeton.EDU (204.153.48.9) 2.524 ms 7 12.119.12.109 (12.119.12.109) 9.014 ms 8 tbr2-p012402.n54ny.ip.att.net (12.123.219.133) 6.708 ms 9 ggr3-g90.n54ny.ip.att.net (12.123.0.101) 6.510 ms 10 0.so-2-1-0.BR1.NYC4.ALTER.NET (204.255.168.1) 6.806 ms 11 0.so-6-0-0.XL1.NYC4.ALTER.NET (152.63.21.78) 7.242 ms 12 0.so-7-0-0.XL1.SFO4.ALTER.NET (152.63.145.241) 70.959 ms 13 POS4-0.XR1.SFO4.ALTER.NET (152.63.55.58) 72.075 ms 14 191.ATM7-0.GW4.SFO4.ALTER.NET (152.63.48.73) 76.387 ms 15 usenix-gw.customer.alter.net (157.130.192.6) 95.806 ms n54ny.ip.att XL1.SFO4.ALTER 0.so-7-0-0.XL1.SFO4.ALTER.NET POS4-0.XR1.SFO4.ALTER.NET 191.ATM7-0.GW4.SFO4.ALTER.NET Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

  4. Network Debugging & Research • DNS now a critical tool, errors problematic • For humans  annoying • Assuming you can detect it • For mapping  small problems • Relatively contained • For derived data  magnified problems • “Worst” problems can be fictional Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

  5. Automating the Process • Generate large number of traceroutes • e.g., use PlanetLab and/or ScriptRoute • Extract geography from names • undns tool from RocketFuel • Understands conventions for tons of ISPs • Merge cities into POPs • Now, reverse-engineer paths, peering decisions, routing, etc. Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

  6. DNS Misnaming Problems • Reverse DNS names not critical for ISP • Especially in routers – debugging tool • Often no forward DNS mapping • Reasons for misnaming • Router gets moved • Linecards swapped (IP per linecard) • Reuse old IP addresses • Peering ISPs share IP addresses Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

  7. POP Loops & False Edges Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

  8. Extra Inter-POP Links Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

  9. DNS lookup Yahoo maps undns rules POP names IP address DNS names Geo location Data Collection • In-house version of traceroute • 132 nodes on PlanetLab • 259,343 routable address blocks • From all prefixes in current BGP tables • 20 hours on March 30, 2005 • Data parsing: Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

  10. Resolving POP-level loop • Greedy algorithm: • Get all fishy IPs • Pick IP that • Resolves most loops • Rarely appears good • Remove IP’s loops, report IP • Repeat • The correct location of a misnamed IP is decided by voting based on its neighbors Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

  11. Heuristics: 01/10 Rule • Given IP1, IP2, and IP3 • Infer IP4 from IP3 • If POPs for IP4, IP2 disagree: • Vote among interfaces on same router (IP4, IP5, and IP6) IP6 New York IP4 x.x.x.150 New York IP2 SF IP3 x.x.x.149 St Louis IP1 Boston IP5 New York Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

  12. Case Study Results • Large ISP, 100+ POPs • 1,957 POP-level loops • IP1, 2, 3, 4 • Router level discrepancy • IP5, 6 • Missed • IP7, 8 9 • Small POPs with 1 neighbor Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

  13. Impact on Previous Work • Impact on topology mapping • 11% of inferred edges are false edges • More reliable than speed-of-light only approach • Impact on path inflation studies Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

  14. Conclusion • DNS misnaming can be serious for network researchers • We study two heuristics to identify and fix the wrong names • Case study confirms the effectiveness of our approach Zhang, Ruan, Pai, Rexford - USENIX 2006 ATC

More Related