aa
• secure peering.• RIB table dump by attributes in order to save space.
ReferencesReferences1. RouteViews, http://www.routeviews.org/2. RIPE, http://www.ripe.net/ris3. M. Welsh, D. Culler, and E. Brewer. SEDA: An Architecture for Well- Conditioned, Scalable
Internet Services. In the Proceedings of the 18th Symposium on Operation Systems Principles, October 2001.
BGP Data CollectionBGP Data Collection
BGP Monitoring System (BGPMon)BGP Monitoring System (BGPMon)
Our SolutionOur Solution
BGPMon ArchitectureBGPMon Architecture Data in XMLData in XML
Ongoing and future workOngoing and future work
• BGPMon functionalities: 1) collects ALL information receive from BGP routers by peering with them, 2) labels BGP updates, 3) provides customizable BGP data to end users or other BGPMons in XML format, and 4) periodically logs the data.
• The system adopts a modular event-driven design; the data is shared among modules in a producer and consumer way.
• Record data in a both human and machine readable format by increasing affordable storage space
• XML is a common interface to other applications. Various existing tools can be used to process data.
• Easy to add new feature by simply insert a new tag.
Rib UpdaterBGP Peer Monitor
Updates in BMF (No Label )
R ib Tables in BMF
BMF (BGPMon Format )
XML
Updates in BMF (With Label )
Updates Convertor( BMF to
XML )
Update Logger
Updates in XML
Update Logs in
XML
BGP
Rib Logs in
XML
Rib Convertor (BMF to XMl ) and Logger
Client
Client
Rib Convertor (BMF to XMl)
Updates Convertor(XML to BMF )
Client
BGPMonBGPMon
BGPMonBGPMon
BGPMon CompositionBGPMon Composition
BGPMon
BGPMon BGPMon
Logs Logs
Client
ClientClient
XML
BGP
• The BGPMon is chainable: Each BGPMon can provide or send data to other BGPMons.
• The root BGPMon is able to monitor large number of BGP routers through consolidating feeds from regions
• Address handling of RIB table contents when peer session lost.
• Integrate with PHAS, share with NetViews team
Format Raw (Bytes) /MRT size Compressed /MRT size
XML 15,606,616 7.7 243,405 1.46
bgpdump 5,742,039 2.8 243,107 1.46
MRT 2,024,614 1.0 167,050 1.00
updates
BGP Peer Session
Collectors
Central ServerBGP data
ISPBGP Routers
ASAS
ASAS
ASAS
ASAS
ASAS
ASAS
ribs
• Hundreds of peers• Millions of updates per day per peer• More than 200,000 entries in each peer’s rib
• Hundreds of peers• Millions of updates per day per peer• More than 200,000 entries in each peer’s rib
<?xml version="1.0"?><bgp><message> <time>2007-03-22T19:00:07Z</time> <source_as>65001</source_as> <source_ip>129.82.138.4</source_ip> <destination_as>65009</destination_as> <destination_ip>129.82.47.109</destination_ip> <address_family>1</address_family> <interface_index>0</interface_index> <update> <path_attributes> <origin> <transitive/> <igp value='0'/> </origin> <as_path> <transitive/> <as_sequence>65001 14041 3356 22351
</as_sequence> </as_path> <next_hop> <transitive/> <value>129.82.138.4</value> </next_hop> </path_attributes> <nlri> <prefix label=“NANN”>82.206.163/24</prefix> </nlri> </update></message>
Main ChallengesMain Challenges
• BGP data is an essential resource for researchers and operators in Internet routing.
• BGP data collection systems passively collect BGP data from Internet BGP routers.
• BGP data collection system samples: RouteViews and RIPE.
• 40 publications cite RouteViews [CiteSeer].
• 615 documents list RouteViews as references [Google Scholar].
• BGP data is an essential resource for researchers and operators in Internet routing.
• BGP data collection systems passively collect BGP data from Internet BGP routers.
• BGP data collection system samples: RouteViews and RIPE.
• 40 publications cite RouteViews [CiteSeer].
• 615 documents list RouteViews as references [Google Scholar]. Users
Collection system: RouteViews/RIPE
BGP data is large!BGP data is large!• Improve the current infrastructureImprove the current infrastructure -- introduce fewer measurement artifacts (lack of reset messages, inability to clearly identify table transfers, peering session failures etc)
• Scale the monitoring systemScale the monitoring system -- be able to peer with more routers
• Add real-time access to data Add real-time access to data over current delay of hours
• Support for protocol changes and Support for protocol changes and featuresfeatures -- secure peering, new BGP attributes, etc.
• Better organize the resulting dataBetter organize the resulting data for long term storage and ease of use by researchers
• Improve the current infrastructureImprove the current infrastructure -- introduce fewer measurement artifacts (lack of reset messages, inability to clearly identify table transfers, peering session failures etc)
• Scale the monitoring systemScale the monitoring system -- be able to peer with more routers
• Add real-time access to data Add real-time access to data over current delay of hours
• Support for protocol changes and Support for protocol changes and featuresfeatures -- secure peering, new BGP attributes, etc.
• Better organize the resulting dataBetter organize the resulting data for long term storage and ease of use by researchers
• Design a lightweight software Design a lightweight software focus on accurately and reliably collecting and storing BGP data ( no forwarding tables, route announcements etc)
• Provide chainable feature Provide chainable feature to support regional deployment and scalability
• Allow users directly connect to Allow users directly connect to systemsystem to get real-time data for specific peers and/or prefixes
• Log data in an extendable and Log data in an extendable and human-readable XML formathuman-readable XML format to easily support new BGP attributes.
• Label BGP data and organize it into a Label BGP data and organize it into a single file for each peer’s daily data single file for each peer’s daily data to facilitate researcher..
• Design a lightweight software Design a lightweight software focus on accurately and reliably collecting and storing BGP data ( no forwarding tables, route announcements etc)
• Provide chainable feature Provide chainable feature to support regional deployment and scalability
• Allow users directly connect to Allow users directly connect to systemsystem to get real-time data for specific peers and/or prefixes
• Log data in an extendable and Log data in an extendable and human-readable XML formathuman-readable XML format to easily support new BGP attributes.
• Label BGP data and organize it into a Label BGP data and organize it into a single file for each peer’s daily data single file for each peer’s daily data to facilitate researcher..
Yan Chen, He Yan, Dave Matthews, Dan Massey (Colorado State University)Lan Wang (University of Memphis)Lixia Zhang (UCLA)http://netsec.colostate.edu/bgpmonitor
Comparing the sizes of 15 minutes’ BGP updates in various formats