Toward a Fault-Tolerant Border Gateway Protocol

Abstract

Today, the Internet has become the nerve center of our society. However, the Internet has been faulty, insecure, unreliable and unavailable, which causes much financial loss and many security problems. Studies show that the current de facto inter-domain routing protocol, Border Gateway Protocol (BGP), is vulnerable to various attacks, and routing-based attacks have unfortunately become quite feasible. Enhancing the fault-tolerance property of BGP is a very important and timely issue for the sake of overall Internet robustness and security. At least in the short term, it is very hard to deploy a new protocol or upgraded version of BGP within today's Internet because BGP has been widely used for years. Therefore, this dissertation focuses on providing practical solutions to existing problems by using existing BGP mechanisms and fault detection techniques. Challenges exist because BGP only propagates aggregated information instead of raw information; the dynamics of BGP are difficult to understand; there is no common operational practice, and the coordination and cooperation between different administrative domains is hard to achieve.

In this dissertation, BGP vulnerabilities have been analyzed from different perspectives. A set of critical BGP-related problems has been identified. One of them is called the Multiple Origin Autonomous System (MOAS) problem. A practical enhancement to BGP is presented to enable BGP to distinguish valid MOAS cases due to operational needs and invalid MOAS cases caused by faults. One key property of this solution is believed to be its resilience against any single point of failure. Solutions are also provided to solve other problems under the same framework and operations provided by BGP . Equally important, solutions have been fully evaluated against real BGP data or via simulations. The evaluation results show our solutions are very effective.