Mapping peering interconnections to a facility
TL;DR: This study develops a methodology, called constrained facility search, to infer the physical interconnection facility where an interconnection occurs among all possible candidates, which outperforms heuristics based on naming schemes and IP geolocation.
Abstract: Annotating Internet interconnections with robust physical coordinates at the level of a building facilitates network management including interdomain troubleshooting, but also has practical value for helping to locate points of attacks, congestion, or instability on the Internet. But, like most other aspects of Internet interconnection, its geophysical locus is generally not public; the facility used for a given link must be inferred to construct a macroscopic map of peering. We develop a methodology, called constrained facility search, to infer the physical interconnection facility where an interconnection occurs among all possible candidates. We rely on publicly available data about the presence of networks at different facilities, and execute traceroute measurements from more than 8,500 available measurement servers scattered around the world to identify the technical approach used to establish an interconnection. A key insight of our method is that inference of the technical approach for an interconnection sufficiently constrains the number of candidate facilities such that it is often possible to identify the specific facility where a given interconnection occurs. Validation via private communication with operators confirms the accuracy of our method, which outperforms heuristics based on naming schemes and IP geolocation. Our study also reveals the multiple roles that routers play at interconnection facilities; in many cases the same router implements both private interconnections and public peerings, in some cases via multiple Internet exchange points. Our study also sheds light on peering engineering strategies used by different types of networks around the globe.
Summary (4 min read)
- Measuring and modeling the Internet topology at the logical layer of network interconnection, i. e., autonomous systems (AS) peering, has been an active area for nearly two decades.
- There are good reasons for the dearth of this information: evolving complexity and scale of networking infrastructure, information hiding properties of the routing system (BGP), security and commercial sensitivities, and lack of incentives to gather or share data.
- Knowledge of geophysical locations of interconnections also enables assessment of the resilience of interconnections in the event of natural disasters [53, 20], facility or router outages , peering disputes , and denial of service attacks [22, 60].
- The authors first create and update a detailed map of interconnection facilities and the networks present at them.
- The contributions of this work are as follows: .
2. BACKGROUND AND TERMINOLOGY
- Interconnection is a collection of business practices and technical mechanisms that allows individually managed networks (ASes) to exchange traffic .
- An Internet Exchange Point (IXP) is a physical infrastructure composed of layer-2 Ethernet switches where participating networks can interconnect their routers using the switch fabric.
- These switches connect via high bandwidth connections to the core switches.
- Crossconnects can be established between members that host their network equipment in different facilities of the same interconnection facility operator, if these facilities are interconnected.
- Public peering, also referred to as public interconnect, is the establishment of peering connections between two members of an IXP via the IXP’s switch fabric.
3. DATASETS AND MEASUREMENTS
- To infer details of a given interconnection, the authors need information about the prefixes of the two networks and physical facilities where they are present.
- This section describes the publicly available data that the authors collected and analyzed for this study, and the publicly available measurement servers (vantage points) they utilized.
3.1 Data Sources
- And in some cases it is required to be public (e. g., for facilities that partner with IXPs in Europe), the information is not available in one form.
- To remove such discrepancies, the authors convert country and city names to standard ISO and UN names.
- The authors use various publicly available sources to get an up-to-date list of IXPs, their prefixes, and associated interconnection facilities.
- PeeringDB was not missing the records of the facilities, only their association with the IXPs.
- ASes tend to connect to more interconnection facilities than IXPs, with 54% of the ASes in their dataset connected to more than one IXPs and 66% of the ASes connected at more than one interconnection facilities.
3.2 Vantage Points and Measurements
- To perform targeted traceroute campaigns the authors used publicly available traceroute servers, RIPE Atlas, and looking glasses.
- The authors also used existing public measurements gathered previously by RIPE Atlas nodes (e. g., periodic traceroute queries to Google from all Atlas nodes).
- After filtering out inactive or otherwise unavailable looking glasses, the authors ended up with 1877 looking glasses in 438 ASes and 472 cities including many in members of IXPs and 21 offered by IXPs.
- These types of looking glasses allow us to list the BGP sessions established with the router running the looking glass, and indicate the ASN and IP address of the peering router, as well as showing metainformation about the interconnection, e. g., via BGP communities .
- The authors analyzed one dataset collected when they performed the traceroute campaigns with RIPE Atlas and the looking glasses.
4.1 Preparation of traceroute data
- Interconnections occur at the network layer when two networks agree to peer and exchange traffic.
- To capture these interconnections, the authors performed a campaign of traceroute measurements from RIPE Atlas and looking glass vantage points, targeting a set of various networks that include major content providers and Tier-1 networks (see section 5).
- Such errors can reduce the accuracy of their methodology since they can lead to inference of incorrect candidate facilities for an IP interface.
- The authors used the MIDAR alias resolution system  to infer which aliases belong to the same router.
- Alias resolution helped us improve the accuracy of their IP-to-ASN mappings, but more importantly it provided additional constraints for mapping interfaces to facilities.
4.2 Constrained Facility Search
- At the end of the previous step the authors obtained three representations of the routing paths between the vantage points and their targets: the IP-level paths as well as the corresponding router-level and AS-level abstractions.
- Figure 4 provides an overview of the Constrained Facility Search (CFS) algorithm.
- After the authors determine the public and private peering interconnections, they calculate the possible locations where each interconnection could be established.
- From this comparison the authors have three possible outcomes regarding the resolution of an IP interface to facility: 1. Resolved interface:.
- The resulting traceroute will contribute constraints only if it does not cross the same IXP against which the authors compared the facilities of A in Step 1.
4.3 Facility search in the reverse direction
- So far the authors have located the peering interconnections from the side of the peer AS that appears first in the outgoing direction of the traceroute probes.
- In remote peering, tethering and public peering at IXPs where the second peer is connected at multiple facilities, the two peers can be located at different facilities.
- In Figure 5 the CFS algorithm will infer the facility of A.1’s router but not the facility of IX.1’s router.
- This outcome arises because traceroute replies typically return from the ingress, black, interface of a router and therefore do not reveal the router’s exgress, white, interfaces.
- For many cases, but not all, this reverse search is possible, because the authors use a diverse set of vantage points.
4.4 Proximity Heuristic
- As a fallback method to pinpoint the facility of the far end interface, the authors use knowledge of common IXP practices with respect to the location and hierarchy of switches.
- For a public peering link (IPA, IPIXP,B , IPB) for which the authors have already inferred the facility of IPA, and for which IPB has more than one candidate IXP facilities, they require that IPB is located in the facility that is proximate to IPA.
- The authors executed an additional traceroute campaign from 50 AMS-IX members who are each connected to a single facility of AMS-IX, targeting a different set of 50 AMSIX members who are each connected to two facilities.
- The authors found that in 77% of the cases the switch proximity heuristic finds the exact facility for each IXP interface.
- When it fails, the actual facility is in close proximity to the inferred one (e. g., both facilities are in the same building block), which is because (per the AMS-IX web site) the access switches are connected with the same backhaul switch.
- To evaluate the feasibility of their methodology, the authors first launched an IPv4 traceroute campaign from different measurement platforms targeting a number of important groups of interconnections, and tried to infer their locations.
- From the 13,889 peering interfaces in their traceroute data, 29% have no associated DNS record, while 55% of the remaining 9,861 interfaces do not encode any geolocation information in their hostname.
- As shown in Figure 8, removing 850 facilities ( 50% of the total fa- 1Each iteration of the CFS algorithm repeats steps 2–4 as explained in section 4.2. cilities in their dataset) causes on average 30% of the previously resolved interfaces to become unresolved, while when the authors remove 1,400 (80%) facilities 60% of the resolved interfaces become unresolved.
- The authors also find that 11.9% of the observed routers used to implement public peering, are used to establish links over two or three IXPs.
- RIPE Atlas probes have a significantly larger footprint in Europe than in Asia, thus, it is expected that one can infer more interfaces in Europe.the authors.
- Due to its low-level nature, ground-truth data on interconnection to facility mapping is scarce.
- For example the hostname x.y.rtr.thn.lon.z denotes that a router is located in the facility Telehouse-North in London.
- The higher accuracy rate for this validation subset is explained by the fact that the authors collected through the IXP websites complete facilities lists for the IXPs and their members.
- Importantly, when their inferences disagreed with the validation data the actual facility was located in the same city as the inferred one (e. g., Telecity Amsterdam 1 instead of Telecity Amsterdam 2).
- The increasing complexity of interconnection hinders their ability to answer questions regarding their physical location and engineering approach.
- Eventually the multiple sources of constraints led to a small enough set of possible peering locations that in many cases, it became feasible to identify a single location that satisfied all known constraints.
- The accuracy of their method (>90%) outperforms heuristics based on naming schemes and IP geolocation.
- Nevertheless, by utilizing results for individual interconnections and others inferred in the process, it is pos- sible to incrementally construct a more detailed map of interconnections.
- The authors make their data available at http:// www.caida.org/publications/paper/2015/constrained facility search/supplemental.
Did you find this useful? Give us your feedback
Cites methods from "Mapping peering interconnections to..."
...Our work enables the construction of a router-level map of interdomain connectivity, which will empirically ground e orts to accurately model AS topology evolution....
Cites background from "Mapping peering interconnections to..."
...These results suggest that MAP-IT is sufficiently reliable for network diagnostics....
"Mapping peering interconnections to..." refers background in this paper
..., colocation facilities, carrier hotels, and Internet exchange points (IXP), that enable today’s richly interconnected ecosystem [46, 8, 20, 21, 16]....
Related Papers (5)
Frequently Asked Questions (1)
Q1. What are the contributions in "Mapping peering interconnections to a facility" ?
A key insight of their method is that inference of the technical approach for an interconnection sufficiently constrains the number of candidate facilities such that it is often possible to identify the specific facility where a given interconnection occurs. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored.