Abstract
A longstanding problem with the Internet is that it is vulnerable to outages, black holes, hijacking and denial of service. Although architectural solutions have been proposed to address many of these issues, they have had difficulty being adopted due to the need for widespread adoption before most users would see any benefit. This is especially relevant as the Internet is increasingly used for applications where correct and continuous operation is essential.
In this paper, we study whether a simple, easy to implement model is sufficient for addressing the aforementioned Internet vulnerabilities. Our model, called ARROW (Advertised Reliable Routing Over Waypoints), is designed to allow users to configure reliable and secure end to end paths through participating providers. With ARROW, a highly reliable ISP offers tunneled transit through its network, along with packet transformation at the ingress, as a service to remote paying customers. Those customers can stitch together reliable end to end paths through a combination of participating and non-participating ISPs in order to improve the fault-tolerance, robustness, and security of mission critical transmissions. Unlike efforts to redesign the Internet from scratch, we show that ARROW can address a set of well-known Internet vulnerabilities, for most users, with the adoption of only a single transit ISP. To demonstrate ARROW, we have added it to a small-scale wide-area ISP we control. We evaluate its performance and failure recovery properties in both simulation and live settings.
- http://www.caida.org/data/active/asrelationships/.Google Scholar
- http://www.routeviews.org.Google Scholar
- D. Andersen, H. Balakrishnan, F. Kaashoek, and R. Morris. Resilient overlay networks. In SOSP, 2001. Google ScholarDigital Library
- D. G. Andersen. Mayday: Distributed filtering for internet services. In USENIX Symposium on Internet Technologies and Systems, 2003. Google ScholarDigital Library
- D. G. Andersen, H. Balakrishnan, N. Feamster, T. Koponen, D. Moon, and S. Shenker. Accountable internet protocol (aip). In SIGCOMM, 2008. Google ScholarDigital Library
- J. Cowie. The new threat: Targeted internet traffic misdirection. http://www.renesys.com/2013/11/mitm-internet-hijacking/. Retrieved 2014-05-20.Google Scholar
- C. Dixon, T. Anderson, and A. Krishnamurthy. Phalanx: Withstanding multimillion-node botnets. In NSDI, 2008. Google ScholarDigital Library
- M. Dobrescu, N. Egi, K. Argyraki, B.-G. Chun, K. Fall, G. Iannaccone, A. Knies, M. Manesh, and S. Ratnasamy. Routebricks: exploiting parallelism to scale software routers. In SOSP, 2009. Google ScholarDigital Library
- Emulab: A network emulation testbed. http://www.emulab.net.Google Scholar
- P. B. Godfrey, I. Ganichev, S. Shenker, and I. Stoica. Pathlet routing. In SIGCOMM, 2009. Google ScholarDigital Library
- S. Han, K. Jang, K. Park, and S. Moon. Packetshader: a gpu-accelerated software router. In SIGCOMM, 2010. Google ScholarDigital Library
- P. Hunt, M. Konar, F. P. Junqueira, and B. Reed. Zookeeper: Wait-free coordination for internet-scale systems. In USENIX Annual Technical Conference, 2010. Google ScholarDigital Library
- J. John, E. Katz-Bassett, A. Krishnamurthy, T. Anderson, and A. Venkataramani. Consensus routing: the Internet as a distributed system. In NSDI, 2008. Google ScholarDigital Library
- E. Katz-Bassett, H. Madhyastha, J. John, A. Krishnamurthy, D. Wetherall, and T. Anderson. Studying blackholes in the Internet with Hubble. In NSDI, 2008. Google ScholarDigital Library
- E. Katz-Bassett, H. V. Madhyastha, V. K. Adhikari, C. Scott, J. Sherry, P. Van Wesep, T. Anderson, and A. Krishnamurthy. Reverse traceroute. In NSDI, 2010. Google ScholarDigital Library
- E. Katz-Bassett, C. Scott, D. R. Choffnes, I. Cunha, V. Valancius, N. Feamster, H. V. Madhyastha, T. Anderson, and A. Krishnamurthy. LIFEGUARD: practical repair of persistent route failures. In SIGCOMM, 2012. Google ScholarDigital Library
- S. Kent, C. Lynn, and K. Seo. Secure border gateway protocol (S-BGP). IEEE Journal on Selected Areas in Communications, 2000. Google ScholarDigital Library
- A. Keromytis, V. Misra, and D. Rubenstein. SOS: An architecture for mitigating DDoS attacks. IEEE Journal on Selected Areas in Communications, 2003. Google ScholarDigital Library
- N. Kushman, S. Kandula, and D. Katabi. R-BGP: Staying Connected in a Connected World. In NSDI, 2007. Google ScholarDigital Library
- C. Labovitz, S. Iekel-Johnson, D. McPherson, J. Oberheide, and F. Jahanian. Internet inter-domain traffic. In SIGCOMM, 2010. Google ScholarDigital Library
- M. Lad, D. Massey, D. Pei, Y. Wu, B. Zhang, and L. Zhang. PHAS: a Prefix Hijack Alert System. In USENIX Security Symposium, August 2006. Google ScholarDigital Library
- K. Lakshminarayanan, I. Stoica, S. Shenker, and J. Rexford. Routing as a service. Technical Report UCB/EECS-2006-19, UC Berkeley, 2006.Google Scholar
- X. Liu, A. Li, X. Yang, and D. Wetherall. Passport: secure and adoptable source authentication. In NSDI, 2008. Google ScholarDigital Library
- J. Naous, M. Walfish, A. Nicolosi, D. Mazières, M. Miller, and A. Seehra. Verifying and enforcing network paths with icing. In CoNEXT, 2011. Google ScholarDigital Library
- E. Nordstrom, D. Shue, P. Gopalan, R. Kiefer, M. Arye, S. Ko, J. Rexford, and M. J. Freedman. Serval: An End-Host Stack for Service-Centric Networking. In NSDI, 2012. Google ScholarDigital Library
- B. Parno, D. Wendlandt, E. Shi, A. Perrig, B. Maggs, and Y.-C. Hu. Portcullis: protecting connection setup from denial-of-capability attacks. In SIGCOMM, 2007. Google ScholarDigital Library
- B. Raghavan and A. C. Snoeren. A system for authenticated policy-compliant routing. In SIGCOMM, 2004. Google ScholarDigital Library
- G. Rétvári, J. Tapolcai, A. Korösi, A. Majdán, and Z. Heszberger. Compressing IP forwarding tables: Towards entropy bounds and beyond. In SIGCOMM, 2013. Google ScholarDigital Library
- S. Savage, A. Collins, E. Hoffman, J. Snell, and T. Anderson. The end-to-end effects of internet path selection. In SIGCOMM, 1999. Google ScholarDigital Library
- M. Shand and S. Bryant. IP Fast Reroute Framework. IETF Draft, 2007.Google Scholar
- I. Stoica, D. Adkins, S. Zhuang, S. Shenker, and S. Surana. Internet indirection infrastructure. In SIGCOMM, 2002. Google ScholarDigital Library
- P. Trimintzios, C. Hall, R. Clayton, R. Anderson, and E. Ouzounis. Resilience of the Internet Interconnection Ecosystem. http://www.enisa.europa.eu/.Google Scholar
- V. Valancius, N. Feamster, J. Rexford, and A. Nakao. Wide-area route control for distributed services. In USENIX Annual Technical Conference, 2010. Google ScholarDigital Library
- VICCI: A programmable cloud-computing research testbed. http://www.vicci.org.Google Scholar
- S. Waterman. Internet traffic was routed via chinese servers. http://www.washingtontimes.com/news/2010/nov/15/internet-traffic-was-routed-via-chinese-servers/. Retrieved 2014-05-20.Google Scholar
- W. Xu and J. Rexford. MIRO: multi-path interdomain routing. In Proc. of SIGCOMM, 2006. Google ScholarDigital Library
- X. Yang, D. Clark, and A. W. Berger. NIRA: A New Inter-Domain Routing Architecture. IEEE/ACM Transactions on Networking, 2007. Google ScholarDigital Library
- X. Yang, D. Wetherall, and T. Anderson. TVA: A DoS-limiting Network Architecture. IEEE/ACM Transactions on Networking, 2008. Google ScholarDigital Library
- Z. Zhang, Y. Zhang, Y. C. Hu, Z. M. Mao, and R. Bush. iSPY: detecting IP prefix hijacking on my own. IEEE/ACM Transactions on Networking, 18(6):1815--1828, Dec. 2010. Google ScholarDigital Library
Index Terms
- One tunnel is (often) enough
Recommendations
One tunnel is (often) enough
SIGCOMM '14: Proceedings of the 2014 ACM conference on SIGCOMMA longstanding problem with the Internet is that it is vulnerable to outages, black holes, hijacking and denial of service. Although architectural solutions have been proposed to address many of these issues, they have had difficulty being adopted due ...
Self-reliant detection of route leaks in inter-domain routing
Route leaks are among the several inter-domain routing anomalies that have the potential to cause large scale service disruptions on the Internet. The reason behind the occurrence of route leaks is the violation of routing policies among Autonomous ...
A system for authenticated policy-compliant routing
Internet end users and ISPs alike have little control over how packets are routed outside of their own AS, restricting their ability to achieve levels of performance, reliability, and utility that might otherwise be attained. While researchers have ...
Comments