How DNS Misnaming Distorts Internet Topology Mapping - PowerPoint PPT Presentation

1 / 14
About This Presentation
Title:

How DNS Misnaming Distorts Internet Topology Mapping

Description:

8 tbr2-p012402.n54ny.ip.att.net (12.123.219.133) 6.708 ms ... 15 usenix-gw.customer.alter.net (157.130.192.6) 95.806 ms. n54ny.ip.att. XL1.SFO4.ALTER ... – PowerPoint PPT presentation

Number of Views:82
Avg rating:3.0/5.0
Slides: 15
Provided by: vive2
Category:

less

Transcript and Presenter's Notes

Title: How DNS Misnaming Distorts Internet Topology Mapping


1
How DNS Misnaming Distorts Internet Topology
Mapping
  • Ming Zhang, Microsoft Research
  • Yaoping Ruan, IBM Research
  • Vivek Pai, Jennifer Rexford, Princeton University

2
Basic Traceroute
  • traceroute -n www.usenix.org
  • 1 128.112.155.129 0.586 ms 0.408 ms 0.401
    ms
  • 2 128.112.138.2 0.627 ms 0.454 ms 0.645
    ms
  • 3 128.112.139.193 2.833 ms 1.412 ms 1.618
    ms
  • 4 128.112.12.57 1.505 ms 1.115 ms 1.548
    ms
  • 5 128.112.12.22 2.073 ms 1.237 ms 1.054
    ms
  • 6 204.153.48.9 3.275 ms 3.041 ms 2.459
    ms
  • 7 12.119.12.109 7.863 ms 8.513 ms 5.343
    ms
  • 8 12.123.219.133 10.458 ms 8.224 ms 8.770
    ms
  • 9 12.123.0.101 6.547 ms 8.504 ms 5.736
    ms
  • 10 204.255.168.1 8.536 ms 7.328 ms 6.912
    ms
  • 11 152.63.21.78 6.229 ms 6.215 ms 5.906
    ms
  • 12 152.63.145.241 71.186 ms 70.831 ms 71.415
    ms
  • 13 152.63.55.58 71.049 ms 71.716 ms 70.714
    ms
  • 14 152.63.48.73 73.591 ms 73.618 ms 73.887
    ms
  • 15 157.130.192.6 97.473 ms 94.833 ms 111.342
    ms

3
Reverse DNS Lookups
tbr2-p012402.n54ny.ip.att.net
ggr3-g90.n54ny.ip.att.net 0.so-2-1-0.BR1.NYC4
.ALTER.NET 0.so-6-0-0.XL1.NYC4.ALTER.NET
  • traceroute www.usenix.org
  • 1 ignition
    (128.112.155.129) 0.542 ms
  • 2 targe (128.112.138.2)
    0.894 ms
  • 3 csgate
    (128.112.139.193) 1.592 ms
  • 4 gigagate1.Princeton.EDU (128.112.12.57)
    1.768 ms
  • 5 vgate1.Princeton.EDU (128.112.12.22)
    1.240 ms
  • 6 tcggate.Princeton.EDU (204.153.48.9)
    2.524 ms
  • 7 12.119.12.109 (12.119.12.109)
    9.014 ms
  • 8 tbr2-p012402.n54ny.ip.att.net
    (12.123.219.133) 6.708 ms
  • 9 ggr3-g90.n54ny.ip.att.net (12.123.0.101)
    6.510 ms
  • 10 0.so-2-1-0.BR1.NYC4.ALTER.NET (204.255.168.1)
    6.806 ms
  • 11 0.so-6-0-0.XL1.NYC4.ALTER.NET (152.63.21.78)
    7.242 ms
  • 12 0.so-7-0-0.XL1.SFO4.ALTER.NET
    (152.63.145.241) 70.959 ms
  • 13 POS4-0.XR1.SFO4.ALTER.NET (152.63.55.58)
    72.075 ms
  • 14 191.ATM7-0.GW4.SFO4.ALTER.NET (152.63.48.73)
    76.387 ms
  • 15 usenix-gw.customer.alter.net (157.130.192.6)
    95.806 ms

n54ny.ip.att
XL1.SFO4.ALTER
0.so-7-0-0.XL1.SFO4.ALTER.NET
POS4-0.XR1.SFO4.ALTER.NET 191.ATM7-0.GW4.SFO4.ALTE
R.NET
4
Network Debugging Research
  • DNS now a critical tool, errors problematic
  • For humans ? annoying
  • Assuming you can detect it
  • For mapping ? small problems
  • Relatively contained
  • For derived data ? magnified problems
  • Worst problems can be fictional

5
Automating the Process
  • Generate large number of traceroutes
  • e.g., use PlanetLab and/or ScriptRoute
  • Extract geography from names
  • undns tool from RocketFuel
  • Understands conventions for tons of ISPs
  • Merge cities into POPs
  • Now, reverse-engineer paths, peering decisions,
    routing, etc.

6
DNS Misnaming Problems
  • Reverse DNS names not critical for ISP
  • Especially in routers debugging tool
  • Often no forward DNS mapping
  • Reasons for misnaming
  • Router gets moved
  • Linecards swapped (IP per linecard)
  • Reuse old IP addresses
  • Peering ISPs share IP addresses

7
POP Loops False Edges
8
Extra Inter-POP Links
9
Data Collection
  • In-house version of traceroute
  • 132 nodes on PlanetLab
  • 259,343 routable address blocks
  • From all prefixes in current BGP tables
  • 20 hours on March 30, 2005
  • Data parsing

10
Resolving POP-level loop
  • Greedy algorithm
  • Get all fishy IPs
  • Pick IP that
  • Resolves most loops
  • Rarely appears good
  • Remove IPs loops, report IP
  • Repeat
  • The correct location of a misnamed IP is decided
    by voting based on its neighbors

11
Heuristics 01/10 Rule
  • Given IP1, IP2, and IP3
  • Infer IP4 from IP3
  • If POPs for IP4, IP2 disagree
  • Vote among interfaces on same router (IP4, IP5,
    and IP6)

IP6 New York
IP4 x.x.x.150 New York
IP3 x.x.x.149 St Louis
IP2 SF
IP1 Boston
IP5 New York
12
Case Study Results
  • Large ISP, 100 POPs
  • 1,957 POP-level loops
  • IP1, 2, 3, 4
  • Router level discrepancy
  • IP5, 6
  • Missed
  • IP7, 8 9
  • Small POPs with 1 neighbor

13
Impact on Previous Work
  • Impact on topology mapping
  • 11 of inferred edges are false edges
  • More reliable than speed-of-light only approach
  • Impact on path inflation studies

14
Conclusion
  • DNS misnaming can be serious for network
    researchers
  • We study two heuristics to identify and fix the
    wrong names
  • Case study confirms the effectiveness of our
    approach
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "How DNS Misnaming Distorts Internet Topology Mapping" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!