TY - GEN
T1 - Netreview
T2 - 6th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2009
AU - Haeberlen, Andreas
AU - Avramopoulos, Ioannis
AU - Rexford, Jennifer
AU - Druschel, Peter
PY - 2019/1/1
Y1 - 2019/1/1
N2 - Despite many attempts to fix it, the Internet's interdomain routing system remains vulnerable to configuration errors, buggy software, flaky equipment, protocol oscillation, and intentional attacks. Unlike most existing solutions that prevent specific routing problems, our approach is to detect problems automatically and to identify the offending party. Fault detection is effective for a larger class of faults than fault prevention and is easier to deploy incrementally. To show that fault detection is useful and practical, we present NetReview, a fault detection system for the Border Gateway Protocol (BGP). NetReview records BGP routing messages in a tamper-evident log, and it enables ISPs to check each other's logs against a high-level description of the expected behavior, such as a peering agreement or a set of best practices. At the same time, NetReview respects the ISPs' privacy and allows them to protect sensitive information. We have implemented and evaluated a prototype of NetReview; our results show that NetReview catches common Internet routing problems, and that its resource requirements are modest.
AB - Despite many attempts to fix it, the Internet's interdomain routing system remains vulnerable to configuration errors, buggy software, flaky equipment, protocol oscillation, and intentional attacks. Unlike most existing solutions that prevent specific routing problems, our approach is to detect problems automatically and to identify the offending party. Fault detection is effective for a larger class of faults than fault prevention and is easier to deploy incrementally. To show that fault detection is useful and practical, we present NetReview, a fault detection system for the Border Gateway Protocol (BGP). NetReview records BGP routing messages in a tamper-evident log, and it enables ISPs to check each other's logs against a high-level description of the expected behavior, such as a peering agreement or a set of best practices. At the same time, NetReview respects the ISPs' privacy and allows them to protect sensitive information. We have implemented and evaluated a prototype of NetReview; our results show that NetReview catches common Internet routing problems, and that its resource requirements are modest.
UR - http://www.scopus.com/inward/record.url?scp=85076898069&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85076898069&partnerID=8YFLogxK
M3 - Conference contribution
T3 - Proceedings of the 6th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2009
SP - 437
EP - 452
BT - Proceedings of the 6th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2009
PB - USENIX Association
Y2 - 22 April 2009 through 24 April 2009
ER -