Randy's Work Blog

Thanks to pfs, I am using Dynamips/Dynagen to have multiple virtual Ciscos on my MacBookPro.

Dynagen Web Site

Kit for MacOS X

It is not that I believe strongly in this approach. But it sure is simpler than many others.

Anja Feldmann, Luca Cittadini, Wolfgang Mühlbauer, Randy Bush, Olaf Maennel, HAIR: Hierarchical Architecture for Internet Routing, in Proceedings of Workshop on Rearchitecting the Internet, December 2009.

R Bush, O Maennel, M Roughan, S Uhlig Internet Optometry: Assessing the Broken Glasses in Internet Reachability, ACM SIGCOMM Internet Measurement Conference, November 2009. [in Japanese]

A co-worker pointed out that I have been lax in keeping this site updated. So …

Bellovin, S.M.; Bush, R. Configuration Management and Security, IEEE Journal on Selected Areas in Communications, Volume 27, Issue 3, April 2009 Page(s):268 – 274

At the IETF IPv6/IPv4 coexistence interim meeting in Montréal, I gave a presentation of the A+P proposal.

APNIC 26 attempted to focus on IPv6. It was a major disaster from Layer 2 to Layer 9. The network failed both at Layer 2 in the 802.11 and, for the few who managed to connect for a few minutes, applications at Layer 7 which should have worked did not. And, despite demonstrating on Tuesday that the IPv6 network did not work, APNIC staff persisted in turning the IPv4 network off on Wednesday. And they were proud of it. All in all, it was an impressive demonstration of non-professionalism and operational lack of clue.

And the panel held Tuesday morning was a complete train wreck. People walked away saying they were going home and telling folk that their companies should wait some years for IPv6 and consider just NATting IPv4.

APNIC has set a high bar that future IPv6 train wrecks will find hard to beat.

Network Discovery from Passive Measurements was interesting work on cartography. Use of the Record Route option in traceroute, is something we need to look at more seriously than we have. They went specifically after the failure of RocketFuel, that there are many interfaces on a router. Then it got into a daunting disjunctive logic model, which was not something to try at home (exponential in sample size). But it did a lot better than RocketFuel.

Nathan from UW is using many traceroute hacks to try to improve RocketFuel.

Our paper, iSPY: Detecting IP Prefix Hijacking on My Own, went well, probably because the wireless was not working. 🙂

Had a good lunch at Cafe Flora with JR, MM, and two JR students.

None of the p2p presentations grabbed me. And none of the wireless papers either, but it’s far from any of my interests.

WW was also interested in control plane visibility.

In the wireless session, one paper, ZigZag Decoding: Combating Hidden Terminals in Wireless Networks, was pretty sharp. They showed how to recover the packets from 802.11 frames which collided and thus otherwise would have been discarded.

If you were interested in URLs in SPAM, perhaps Spamming Botnets: Signatures and Characteristics might have been interesting to you. Not my cup of tea.

Anja’s group and Vern’s described sampling fiber tap recording. Not sure where the computer science was in this, but it could be operationally useful. See Enriching Network Security Analysis with Time Travel.

There was a quite good paper on radically reducing the state space in regexp evaluation, Deflating the Big Bang: Fast and Scalable Deep Packet Inspection with Extended Finite Automata.

Rationality and Traffic Attraction: Incentives for Honest Path Announcements in BGP used an incentive model to motivate and test if the data plane follows the BGP control plane. This could be used for routing security to test if a neighbor was lying about how it would route traffic given to it. It modeled ASses as rational actors. Bottom line was that Secure BGP could be used to enforce the conditions, but a multi-homed node could announce the path it does not actually use.  It explores additional mechanisms that improve the situation.  Definitely interesting work in the secure BGP area.

As promised in my post almost two weeks ago, Olaf Maennel, Steve Bellovin, Luca Cittadini, and I have come up with a proposal which we believe to be preferable to Carrier Grade NAT (CGN). We have written it up as a tech report for small circulation at the moment, see here for pdf.

The routing session ranged from uninteresting to embarrassing. One paper in particular was a notable disaster, rediscovering the decade+ wisdom that route distribution between protocols is dangerous. Maybe the authors should google “7007 incident.” They claimed to have analyzed router configurations from 1,600 networks and found redistribution in almost all of them. I’ll bet a good diner that, among their other massive lack of clue, they did not know that we all nail up our eBGP prefixes by redistributing special statics into BGP. And it contained not one bit of computer science.

And too many control plane researchers have only studied the one particular large ISP who has wide-scale control plane disasters twice a year, maybe more often than they have management reorgs, hard as that is to believe.  And guess what their solution to all these failures is, add more complexity and control to the network.  Rinse, repeat, …  I wish all my competitors did this.

Things got better in the data center session. One in particular, DCell: A Scalable and Fault-Tolerant Network Structure for Data Centers, a non-hierarchic connection topology, was both interesting operationally and had done the actual formal analysis. OMG, computer science!

What’s Going On? Learning Communication Rules In Edge Networks was a good tool-set for correlation of traffic within a network to understand what traffic flows are related to what others, and how to reveal unexpected and/or anomalous behavior.