Interdomain Routing and Games - PowerPoint PPT Presentation

About This Presentation
Title:

Interdomain Routing and Games

Description:

Motivation: Are Internet protocols incentive compatible? ... Can network formation games help to explain the Internet's commercial structure? ... – PowerPoint PPT presentation

Number of Views:18
Avg rating:3.0/5.0
Slides: 25
Provided by: Aviv4
Category:

less

Transcript and Presenter's Notes

Title: Interdomain Routing and Games


1
Interdomain Routing and Games
  • Hagay Levin, Michael Schapira and Aviv Zohar
  • The Hebrew University

2
On the Agenda
  • Motivation Are Internet protocols incentive
    compatible?
  • Interdomain routing path vector protocols
  • Convergence issues
  • BGP as a game
  • Hardness of approximation of social welfare
  • Incentive compatibility
  • Conclusions

3
Are Current Network Protocols Incentive
Compatible?
  • Protocols for the network have been dictated by
    some designer
  • Okay for cooperative settings
  • But what if nodes try to optimize regardless of
    harm to others?
  • Example TCP congestion control
  • Requires sender to transmit less when the network
    is congested
  • This is not optimal for the sender (always better
    off sending more)

4
Secure Network Protocols
  • A lot of effort is going into re-designing
    network protocols to be secure.
  • Routing protocols are currently known to be very
    susceptible to attacks.
  • Even inadvertent configuration errors of routers
    have caused global catastrophes.
  • Designers are also concerned about incentive
    issues in this context.
  • Our work highlights some connections between
    incentives and security of BGP.

5
Interdomain Routing
  • Messages in the Internet are passed from one
    router to the other until reaching the
    destination.
  • Goal of routing protocols decide how to route
    packets between nodes on the net.
  • The network is partitioned into Autonomous
    Systems (ASes) each owned by an economic entity.
  • Within ASes routing is cooperative
  • Between ASes inherently non-cooperative
  • Routing preferences are complex and uncoordinated.

Always chooseshortest paths.
Load-balance myoutgoing traffic.
Avoid routes through ATT if at all possible.
My link to UUNET is forbackup purposes only.
6
Path Vector Protocols
  • The only protocol currently used to establish
    routes between ASes (interdomain routing) The
    Border Gateway Protocol (BGP).
  • Performed independently for every destination
    autonomous system in the network.
  • The computation by each node is an infinite
    sequence of actions

7
Example of BGP Execution
5
4
41d
41d
23d
23d
2
23d
1d
1
3d
23d
3
1d
3d
d
d
d
d
receive routes from neighbors
choosebest neighbor
send updatesto neighbors
8
Our Main Results Informally
  • Theorem In reasonable economic settings, BGP
    is almost incentive-compatible (And can be
    tweaked to be incentive compatible).
  • Theorem In these same settings it is also almost
    collusion proof.
  • To make it fully collusion proof we need a
    somewhat stronger assumption.

9
BGP Not Guaranteed to Converge
1
2
2d
23d 2d ...
12d 1d
1d
12d
d
31d 3d
31d
3
  • Other examples may fail to converge for certain
    timings and succeed for others.

10
Finding Stable States
  • Previously known Its NP-Hard to determine if a
    stable state even exists. Griffin, Wilfong
  • We add
  • Theorem Determining the existence of a stable
    state requires exponential communication.
  • In practice, BGP does converge in the Internet!
    Why?

11
The Gao-Rexford Framework An economic
explanation for network convergence.
  • Neighboring pairs of ASes have one of
  • a customer-provider relationship
  • a peering relationship
  • Restrict the possible graphs and preferences
  • No customer-provider cycles (cannot be your own
    customer)
  • Prefer to route through customers over peers, and
    peers over providers.
  • Only provide transit services to customers.
  • Guarantees convergence of BGP.

peer
providers
peer
customers
12
Dispute Wheels
  • A Dispute Wheel Griffin et. al.
  • A sequence of nodes ui and routes Ri, Qi.
  • ui prefers RiQi1 over Qi.
  • If the network has no dispute wheels, BGP will
    always converge.
  • Also guarantees convergence with node link
    failures.

Gao-Rexford
No Dispute Wheel
Robust Convergence
Shortest Path
13
Modeling Path Vector Protocols as a Game
  • The interaction is very complex.
  • Multi-round
  • Asynchronous
  • Partial-information
  • Network structure, schedule, other players types
    are all unknown.
  • No monetary transfers!
  • More realistic
  • Unlike most works on incentive-compatibility in
    interdomain routing.

14
Routing as a Game
  • The source-nodes are the strategic agents
  • Agent i has a value vi(R) for any route R
  • The game has an infinite number of rounds
  • Timing decided by an entity called the scheduler
  • Decides which nodes are activated in each round.
  • Delays update messages along selective links.

15
Routing as a Game (2)
  • A node that is activated in a certain round can
  • Read update messages announcing routes.
  • Send update messages announcing routes.
  • Choose a neighboring node to forward traffic to.
  • The gain of node i from the game is
  • vi(R) if from some point on it has an unchanging
    route R.
  • 0 otherwise. (can be defined as the maximal
    gained path in an oscillation as well).
  • a nodes strategy is its choice of a routing
    protocol.
  • Executing BGP is a strategy.

16
Approximating Social Welfare
  • Theorem Getting an approximation to the optimal
    social welfare is impossible unless PNP even in
    Gao-Rexford settings.(Improvement on a bound
    achieved by Feigenbaum,Sami,Shenker)
  • Theorem It requires exponential communication to
    approximate social welfare up to

17
Manipulating in The Protocol
  • A node is said to deviate from BGP (or to
    manipulate BGP) if it does not follow BGP.
  • We want nodes to comply with the alg. Otherwise,
    suffer a loss when they deviate
  • Which forms of manipulation are available to
    nodes?
  • Misreporting preferences.
  • Reporting inconsistent information.
  • Announcing nonexistent routes.
  • Denying routes.

18
No Optimal Protocols
  • Theorem Any routing protocol that
  • Guarantees convergence to a solution for any
    timing with any preference profile
  • Resists manipulation
  • Must contain a (weak) dictator A node that
    always gets its most preferred path.
  • (Simple to prove using a variant of the
    Gibbard-Satterthwaite theorem)

19
  • Suppose node 1 is a weak dictator.
  • If it wants some crazy path, it must get it.
  • This feels like an unreasonable protocol.

5
4
3
6
2
1
7
d
20
Is BGP Incentive-Compatible?
  • Theorem BGP is not incentive compatible even in
    Gao-Rexford settings.

21
Can we fix this?
  • We define a property
  • Route verification means that an AS can verify
    that a route is available to a neighboring AS.
  • Route verification is
  • Achievable via computational means (cryptographic
    signatures).
  • An important part of secure BGP implementation.

22
Incentive Compatibility
  • Theorem If the No Dispute Wheel condition
    holds, then BGP with route verification is
    incentive-compatible in ex-post Nash equilibrium.
  • Theorem If the No Dispute Wheel condition
    holds, then BGP with route verification is
    collusion-proof in ex-post Nash equilibrium.

23
Open Questions
  • Characterizing robust BGP convergence (No
    dispute wheel is sufficient but not necessary).
  • Does robust BGP convergence with route
    verification imply incentive compatibility?
  • Can network formation games help to explain the
    Internets commercial structure?
  • Maintain incentive compatibility if the protocol
    is changed to deal with attacks and other
    security issues?
  • How do congestion and load fit in?

24
Conclusions
  • Our results help explain BGPs resilience to
    manipulation in practice.
  • Manipulation requires extensive knowledge on
    network topology preferences of ASes.
  • Faking routes requires manipulation of TCP/IP
    too.
  • Manipulations by coalitions require Herculean
    efforts, and tight coordination.
  • We show that proposed security improvements would
    benefit incentives in the protocol.
  • Work in progress other natural asynchronous
    games.
  • Best Reply Mechanisms with Noam Nisam and
    Michael Schapira
Write a Comment
User Comments (0)
About PowerShow.com