skip to main content
research-article
Public Access

Scalable verification of border gateway protocol configurations with an SMT solver

Published:19 October 2016Publication History
Skip Abstract Section

Abstract

Internet Service Providers (ISPs) use the Border Gateway Protocol (BGP) to announce and exchange routes for de- livering packets through the internet. ISPs must carefully configure their BGP routers to ensure traffic is routed reli- ably and securely. Correctly configuring BGP routers has proven challenging in practice, and misconfiguration has led to worldwide outages and traffic hijacks. This paper presents Bagpipe, a system that enables ISPs to declaratively express BGP policies and that automatically verifies that router configurations implement such policies. The novel initial network reduction soundly reduces policy verification to a search for counterexamples in a finite space. An SMT-based symbolic execution engine performs this search efficiently. Bagpipe reduces the size of its search space using predicate abstraction and parallelizes its search using symbolic variable hoisting. Bagpipe's policy specification language is expressive: we expressed policies inferred from real AS configurations, policies from the literature, and policies for 10 Juniper TechLibrary configuration scenarios. Bagpipe is efficient: we ran it on three ASes with a total of over 240,000 lines of Cisco and Juniper BGP configuration. Bagpipe is effective: it revealed 19 policy violations without issuing any false positives.

References

  1. C. J. Anderson et al. “NetKAT: Semantic Foundations for Networks”. In: POPL. 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. T. Ball et al. “VeriCon: Towards Verifying Controller Programs in Software-defined Networks”. In: PLDI. 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. BelWü. https://www.belwue.de/.Google ScholarGoogle Scholar
  4. BGP Feature Guide for the OCX Series. 2015.Google ScholarGoogle Scholar
  5. M. Brown. Pakistan hijacks YouTube. http://research. dyn.com/2008/02/pakistan-hijacks-youtube-1/. 2008.Google ScholarGoogle Scholar
  6. C. Cadar, D. Dunbar, and D. Engler. “KLEE: unassisted and automatic generation of high-coverage tests for complex systems programs”. In: OSDI. 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. E. Clarke, D. Kroening, and F. Lerda. “A Tool for Checking ANSI-C Programs”. In: TACAS. 2004.Google ScholarGoogle ScholarCross RefCross Ref
  8. J. Cowie. China’s 18-Minute Mystery. http://research. dyn.com/2010/11/chinas-18-minute-mystery/. 2010.Google ScholarGoogle Scholar
  9. M. Dobrescu and K. Argyraki. “Software Dataplane Verification”. In: NSDI. 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. J. Dolby, M. Vaziri, and F. Tip. “Finding bugs efficiently with a SAT solver”. In: FSE. 2007. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. N. Feamster and H. Balakrishnan. “Detecting BGP Configuration Faults with Static Analysis”. In: NSDI. 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. A. Fogel et al. “A General Approach to Network Configuration Analysis”. In: NSDI. 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. N. Foster et al. “Frenetic: A Network Programming Language”. In: ICFP. 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. L. Gao and J. Rexford. “Stable Internet Routing Without Global Coordination”. In: SIGMETRICS. 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. S. Goldberg. “Why Is It Taking So Long to Secure Internet Routing?” In: Queue (2014). Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. S. Graf and H. Saïdi. “Construction of Abstract State Graphs with PVS”. In: CAV. 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. A. Guha, M. Reitblatt, and N. Foster. “Machine-verified Network Controllers”. In: PLDI. 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. International Telecommunication Union Statistics. 2014.Google ScholarGoogle Scholar
  19. Internet2 Configurations. http://vn.grnoc.iu.edu/Internet2/ configs/configs.html.Google ScholarGoogle Scholar
  20. Internet2 Fees. http : / / www. internet2. edu / about - us / membership/.Google ScholarGoogle Scholar
  21. M. Jose and R. Majumdar. “Bug-Assist: assisting fault localization in ANSI-C programs”. In: CAV. 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. Junos OS: Routing Policies, Firewall Filters, and Traffic Policers Feature Guide for Routing Devices. 2016.Google ScholarGoogle Scholar
  23. P. Kazemian, G. Varghese, and N. McKeown. “Header Space Analysis: Static Checking for Networks”. In: Proceedings of the 9th USENIX Conference on Networked Systems Design and Implementation. 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. A. S. Koksal et al. “Synthesis of Biological Models from Mutation Experiments”. In: POPL. 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. K. R. M. Leino. “Dafny: An Automatic Program Verifier for Functional Correctness”. In: LPAR. 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. K. R. M. Leino. This is Boogie 2. Tech. rep. 2008.Google ScholarGoogle Scholar
  27. D. Madory. Chinese Routing Errors Redirect Russian Traffic. http://research.dyn.com/2014/11/chinese-routingerrors-redirect-russian-traffic/. 2014.Google ScholarGoogle Scholar
  28. D. McConnell. Chinese company ‘hijacked’ U.S. web traffic. http : / / www. cnn. com / 2010 / US / 11 / 17 / websites. chinese.servers/. 2010.Google ScholarGoogle Scholar
  29. D. Meyer, J. Schmitz, and C. Alaettinoglu. Application of Routing Policy Specification Language (RPSL) on the Internet. 1997.Google ScholarGoogle Scholar
  30. C. Monsanto et al. “A Compiler and Run-time System for Network Programming Languages”. In: POPL. 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. B. Quoitin and S. Uhlig. “Modeling the Routing of an Autonomous System with C-BGP”. In: IEEE Network (2005). Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. Y. Rekhter, T. Li, and S. Hares. A Border Gateway Protocol 4 (BGP-4). RFC 4271. 2006.Google ScholarGoogle ScholarCross RefCross Ref
  33. L. Schaefer. Deutsche Telekom: ’Internet data made in Germany should stay in Germany’. http://www.dw. com/en/deutsche-telekom-internet-data-made-in-germanyshould-stay-in-germany/a-17165891. 2013.Google ScholarGoogle Scholar
  34. Selfnet. https://selfnet.de/.Google ScholarGoogle Scholar
  35. D. Slane. 2010 Report to Congress of the U.S.–China Economic and Security Review Commission. 2010.Google ScholarGoogle Scholar
  36. A. Solar-Lezama et al. “Combinatorial Sketching for Finite Programs”. In: ASPLOS. 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. P. Suter, A. S. Köksal, and V. Kuncak. “Satisfiability modulo recursive programs”. In: SAS. 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. E. Torlak and R. Bodik. “A Lightweight Symbolic Virtual Machine for Solver-aided Host Languages”. In: PLDI. 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. E. Torlak and R. Bodik. “Growing Solver-aided Languages with Rosette”. In: Onward! 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. D. Turner et al. “California Fault Lines: Understanding the Causes and Impact of Network Failures”. In: SIGCOMM. 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. K. Weitz et al. Bagpipe: Verified BGP Configuration Checking. Tech. rep. 2016.Google ScholarGoogle Scholar

Index Terms

  1. Scalable verification of border gateway protocol configurations with an SMT solver

            Recommendations

            Comments

            Login options

            Check if you have access through your login credentials or your institution to get full access on this article.

            Sign in

            Full Access

            • Published in

              cover image ACM SIGPLAN Notices
              ACM SIGPLAN Notices  Volume 51, Issue 10
              OOPSLA '16
              October 2016
              915 pages
              ISSN:0362-1340
              EISSN:1558-1160
              DOI:10.1145/3022671
              Issue’s Table of Contents
              • cover image ACM Conferences
                OOPSLA 2016: Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications
                October 2016
                915 pages
                ISBN:9781450344449
                DOI:10.1145/2983990

              Copyright © 2016 ACM

              Publisher

              Association for Computing Machinery

              New York, NY, United States

              Publication History

              • Published: 19 October 2016

              Check for updates

              Qualifiers

              • research-article

            PDF Format

            View or Download as a PDF file.

            PDF

            eReader

            View online with eReader.

            eReader
            About Cookies On This Site

            We use cookies to ensure that we give you the best experience on our website.

            Learn more

            Got it!