-
SRv6: Is There Anybody Out There?
Authors:
Victor-Alexandru Pădurean,
Oliver Gasser,
Randy Bush,
Anja Feldmann
Abstract:
Segment routing is a modern form of source-based routing, i.e., a routing technique where all or part of the routing decision is predetermined by the source or a hop on the path. Since initial standardization efforts in 2013, segment routing seems to have garnered substantial industry and operator support. Especially segment routing over IPv6 (SRv6) is advertised as having several advantages for e…
▽ More
Segment routing is a modern form of source-based routing, i.e., a routing technique where all or part of the routing decision is predetermined by the source or a hop on the path. Since initial standardization efforts in 2013, segment routing seems to have garnered substantial industry and operator support. Especially segment routing over IPv6 (SRv6) is advertised as having several advantages for easy deployment and flexibility in operations in networks. Many people, however, argue that the deployment of segment routing and SRv6 in particular poses a significant security threat if not done with the utmost care. In this paper we conduct a first empirical analysis of SRv6 deployment in the Internet. First, we analyze SRv6 behavior in an emulation environment and find that different SRv6 implementations have the potential to leak information to the outside. Second, we search for signs of SRv6 deployment in publicly available route collector data, but could not find any traces. Third, we run large-scale traceroute campaigns to investigate possible SRv6 deployments. In this first empirical study on SRv6 we are unable to find traces of SRv6 deployment even for companies that claim to have it deployed in their networks. This lack of leakage might be an indication of good security practices being followed by network operators when deploying SRv6.
△ Less
Submitted 9 May, 2022;
originally announced May 2022.
-
Towards a Rigorous Methodology for Measuring Adoption of RPKI Route Validation and Filtering
Authors:
Andreas Reuter,
Randy Bush,
Ítalo Cunha,
Ethan Katz-Bassett,
Thomas C. Schmidt,
Matthias Wählisch
Abstract:
A proposal to improve routing security---Route Origin Authorization (ROA)---has been standardized. A ROA specifies which network is allowed to announce a set of Internet destinations. While some networks now specify ROAs, little is known about whether other networks check routes they receive against these ROAs, a process known as Route Origin Validation (ROV). Which networks blindly accept invalid…
▽ More
A proposal to improve routing security---Route Origin Authorization (ROA)---has been standardized. A ROA specifies which network is allowed to announce a set of Internet destinations. While some networks now specify ROAs, little is known about whether other networks check routes they receive against these ROAs, a process known as Route Origin Validation (ROV). Which networks blindly accept invalid routes? Which reject them outright? Which de-preference them if alternatives exist?
Recent analysis attempts to use uncontrolled experiments to characterize ROV adoption by comparing valid routes and invalid routes. However, we argue that gaining a solid understanding of ROV adoption is impossible using currently available data sets and techniques. Our measurements suggest that, although some ISPs are not observed using invalid routes in uncontrolled experiments, they are actually using different routes for (non-security) traffic engineering purposes, without performing ROV. We conclude with a description of a controlled, verifiable methodology for measuring ROV and present three ASes that do implement ROV, confirmed by operators.
△ Less
Submitted 5 May, 2018; v1 submitted 13 June, 2017;
originally announced June 2017.
-
Rigorous statistical analysis of HTTPS reachability
Authors:
George Michaelson,
Matthew Roughan,
Jonathan Tuke,
Matt P. Wand,
Randy Bush
Abstract:
The use of secure connections using HTTPS as the default means, or even the only means, to connect to web servers is increasing. It is being pushed from both sides: from the bottom up by client distributions and plugins, and from the top down by organisations such as Google. However, there are potential technical hurdles that might lock some clients out of the modern web. This paper seeks to measu…
▽ More
The use of secure connections using HTTPS as the default means, or even the only means, to connect to web servers is increasing. It is being pushed from both sides: from the bottom up by client distributions and plugins, and from the top down by organisations such as Google. However, there are potential technical hurdles that might lock some clients out of the modern web. This paper seeks to measure and precisely quantify those hurdles in the wild. More than three million measurements provide statistically significant evidence of degradation. We show this through a variety of statistical techniques. Various factors are shown to influence the problem, ranging from the client's browser, to the locale from which they connect.
△ Less
Submitted 8 June, 2017;
originally announced June 2017.
-
SoK: An Analysis of Protocol Design: Avoiding Traps for Implementation and Deployment
Authors:
Tobias Fiebig,
Franziska Lichtblau,
Florian Streibelt,
Thorben Krueger,
Pieter Lexis,
Randy Bush,
Anja Feldmann
Abstract:
Today's Internet utilizes a multitude of different protocols. While some of these protocols were first implemented and used and later documented, other were first specified and then implemented. Regardless of how protocols came to be, their definitions can contain traps that lead to insecure implementations or deployments. A classical example is insufficiently strict authentication requirements in…
▽ More
Today's Internet utilizes a multitude of different protocols. While some of these protocols were first implemented and used and later documented, other were first specified and then implemented. Regardless of how protocols came to be, their definitions can contain traps that lead to insecure implementations or deployments. A classical example is insufficiently strict authentication requirements in a protocol specification. The resulting Misconfigurations, i.e., not enabling strong authentication, are common root causes for Internet security incidents. Indeed, Internet protocols have been commonly designed without security in mind which leads to a multitude of misconfiguration traps. While this is slowly changing, to strict security considerations can have a similarly bad effect. Due to complex implementations and insufficient documentation, security features may remain unused, leaving deployments vulnerable.
In this paper we provide a systematization of the security traps found in common Internet protocols. By separating protocols in four classes we identify major factors that lead to common security traps. These insights together with observations about end-user centric usability and security by default are then used to derive recommendations for improving existing and designing new protocols---without such security sensitive traps for operators, implementors and users.
△ Less
Submitted 18 October, 2016;
originally announced October 2016.
-
A Multi-perspective Analysis of Carrier-Grade NAT Deployment
Authors:
Philipp Richter,
Florian Wohlfart,
Narseo Vallina-Rodriguez,
Mark Allman,
Randy Bush,
Anja Feldmann,
Christian Kreibich,
Nicholas Weaver,
Vern Paxson
Abstract:
As ISPs face IPv4 address scarcity they increasingly turn to network address translation (NAT) to accommodate the address needs of their customers. Recently, ISPs have moved beyond employing NATs only directly at individual customers and instead begun deploying Carrier-Grade NATs (CGNs) to apply address translation to many independent and disparate endpoints spanning physical locations, a phenomen…
▽ More
As ISPs face IPv4 address scarcity they increasingly turn to network address translation (NAT) to accommodate the address needs of their customers. Recently, ISPs have moved beyond employing NATs only directly at individual customers and instead begun deploying Carrier-Grade NATs (CGNs) to apply address translation to many independent and disparate endpoints spanning physical locations, a phenomenon that so far has received little in the way of empirical assessment. In this work we present a broad and systematic study of the deployment and behavior of these middleboxes. We develop a methodology to detect the existence of hosts behind CGNs by extracting non-routable IP addresses from peer lists we obtain by crawling the BitTorrent DHT. We complement this approach with improvements to our Netalyzr troubleshooting service, enabling us to determine a range of indicators of CGN presence as well as detailed insights into key properties of CGNs. Combining the two data sources we illustrate the scope of CGN deployment on today's Internet, and report on characteristics of commonly deployed CGNs and their effect on end users.
△ Less
Submitted 13 September, 2016; v1 submitted 18 May, 2016;
originally announced May 2016.
-
Pinpointing Delay and Forwarding Anomalies Using Large-Scale Traceroute Measurements
Authors:
Romain Fontugne,
Emile Aben,
Cristel Pelsser,
Randy Bush
Abstract:
Understanding network health is essential to improve Internet reliability. For instance, detecting disruptions in peer and provider networks facilitates the identification of connectivity problems. Currently this task is time consuming for network operators. It involves a fair amount of manual observation because operators have little visibility into other networks. In this paper we leverage the R…
▽ More
Understanding network health is essential to improve Internet reliability. For instance, detecting disruptions in peer and provider networks facilitates the identification of connectivity problems. Currently this task is time consuming for network operators. It involves a fair amount of manual observation because operators have little visibility into other networks. In this paper we leverage the RIPE Atlas measurement platform to monitor and analyze network conditions. We propose a set of complementary methods to detect network disruptions from traceroute measurements. A novel method of detecting changes in delays is used to identify congested links, and a packet forwarding model is employed to predict traffic paths and to identify faulty routers in case of packet loss. In addition, aggregating results from each method allows us to easily monitor a network and identify coordinated reports manifesting significant network disruptions, reducing uninteresting alarms. Our contributions consist of a statistical approach providing robust estimation for Internet delays and the study of hundreds of thousands link delays. We present three cases demonstrating that the proposed methods detect real disruptions and provide valuable insights, as well as surprising findings, on the location and impact of identified events.
△ Less
Submitted 15 May, 2017; v1 submitted 16 May, 2016;
originally announced May 2016.
-
A Primer on IPv4 Scarcity
Authors:
Philipp Richter,
Mark Allman,
Randy Bush,
Vern Paxson
Abstract:
With the ongoing exhaustion of free address pools at the registries serving the global demand for IPv4 address space, scarcity has become reality. Networks in need of address space can no longer get more address allocations from their respective registries.
In this work we frame the fundamentals of the IPv4 address exhaustion phenomena and connected issues. We elaborate on how the current ecosys…
▽ More
With the ongoing exhaustion of free address pools at the registries serving the global demand for IPv4 address space, scarcity has become reality. Networks in need of address space can no longer get more address allocations from their respective registries.
In this work we frame the fundamentals of the IPv4 address exhaustion phenomena and connected issues. We elaborate on how the current ecosystem of IPv4 address space has evolved since the standardization of IPv4, leading to the rather complex and opaque scenario we face today. We outline the evolution in address space management as well as address space use patterns, identifying key factors of the scarcity issues. We characterize the possible solution space to overcome these issues and open the perspective of address blocks as virtual resources, which involves issues such as differentiation between address blocks, the need for resource certification, and issues arising when transferring address space between networks.
△ Less
Submitted 27 February, 2015; v1 submitted 10 November, 2014;
originally announced November 2014.