Route servers for inter-domain routing
Computer Networks and ISDN Systems
The stable paths problem and interdomain routing
IEEE/ACM Transactions on Networking (TON)
Understanding BGP misconfiguration
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
On the correctness of IBGP configuration
Proceedings of the 2002 conference on Applications, technologies, architectures, and protocols for computer communications
Analysis of the MED Oscillation Problem in BGP
ICNP '02 Proceedings of the 10th IEEE International Conference on Network Protocols
Towards a logic for wide-area Internet routing
FDNA '03 Proceedings of the ACM SIGCOMM workshop on Future directions in network architecture
Guidelines for interdomain traffic engineering
ACM SIGCOMM Computer Communication Review
On the benefits and feasibility of incentive based routing infrastructure
Proceedings of the ACM SIGCOMM workshop on Practice and theory of incentives in networked systems
Hi-index | 0.00 |
Protocol and system designers use verification techniques to analyze a system's correctness properties. Network operators need verification techniques to ensure the "correct" operation of BGP. BGP's distributed dependencies cause small configuration mistakes or oversights to spur complex errors, which sometimes have devastating effects on global connectivity. These errors are often difficult to debug because they are sometimes only exposed by a specific message arrival pattern or failure scenario.This paper presents an approach to BGP verification that is primarily based on static analysis of router configuration. We argue that: (1) because BGP's a configuration affects its fundamental behavior, verification is a program analysis problem, (2) BGP's complex, dynamic interactions are difficult to abstract and impossible to enumerate, which precludes existing verification techniques, (3) because of BGP's flexible, policy-based configuration, some aspects of BGP configuration must be checked against a higher-level specification of intended policy, and (4) although static analysis can catch many configuration errors, simulation and emulation are also necessary to determine the precise scenarios that could expose errors at runtime. Based on these observations, we propose the design of a BGP verification tool, discuss how it could be applied in practice, and describe future research challenges.