Routing all over the world

All over the world, everybody got the word. This could well describe computer networks across the globe getting their routing updates from each other. Making it possible for data to flow across networks is where the world of routing comes in. There are several types of routing so you do get to pick and choose what would work best for you.

You have static routes that are manually configured in the routers, typically in smaller environments. And dynamic routes where routers “magically” discover routes for themselves, figuring out who their neighbors are, determining best paths, sending traffic along one hop at a time, and automatically making changes or corrections when networks go down. Interior gateway protocols like RIP (stands for Routing Information Protocol, not what you might think) and OSPF (Open Shortest Path First) that reside within so called autonomous systems (managed by a single administrative entity like an ISP, a CDN, or a large enterprise) are what most typical enterprises are probably familiar with. Classless routing allows for subnet masks (the mask denotes the network portion of the IP address) other than the class default. Whereas with classful routing you are pretty much stuck with the class default subnet mask. As an aside, interesting play on words there with the classless type lording it over the classful variety.

Distance vector routing protocols select the best routing path based on distance (number of hops in RIP) and direction (which interface does it get out the door). On the other hand, link state protocols choose their paths by determining the status of each link and identifying the path with the lowest metric, with an understanding of the full scope of the topology. EIGRP was a Cisco proprietary protocol until Cisco opened it up, well sort of opened it. But EIGRP does not appear to be the network engineer’s best friend despite claims of how EIGRP captures the best of the distance vector and link state worlds (unsurprisingly CCNA class material does tend to go gaga on EIGRP)! That role seems to have been usurped by OSPF. Then there is BGP that lives outside the ASes, a variation on the distance vector type.

Ultimately the traffic has got to get to the right place. Either within a campus network or ISP. Or across the broader Internet. Loops where packets spin round and round in circles are to be avoided. Earlier versions of RIP were kind of “loopy,” which was fixed by updates like maximum hop counts, route poisoning, and hold-on timers. OSPF moved up routing several notches with its triggered updates, multiple tables, and complex algorithms.

However the prize for the most interesting routing protocol should probably go to BGP or the Border Gateway Protocol. Called the glue of the Internet, it helps connect the routers of the largest service providers that form the core of the Internet.

BGP advertisements contain the destination network prefix and the path to get to it. Multiple ASes sort of daisy chain to each other, appending their individual AS number to the announcement, so that the advertisement becomes a cumulative sequence of ASes that lead to the destination network. So essentially you have an announcement that says here I am and here are the ASes you need to traverse in order to find me. Traffic flows in the opposite direction to route announcements.

Though BGP appears to have some well-known flaws that could lead to a network or set of networks getting hijacked. Sounds dramatic, doesn’t it? Someone could inadvertently or maliciously announce that they contain network prefixes that in fact lie elsewhere. In certain circumstances, this spurious announcement could propagate and traffic could start to flow to the wrong network. For example someone could conceivably say that they contain prefixes that lie within the US government and if the announcement is made correctly then it is entirely possible that traffic intended for the US government could flow to the bad actor.

Corrections for this flaw are being through route filtering and BGP variants like BGPSEC with digitally signed prefixes and paths. Yet getting everyone to implement BGPSEC seems like a tall order. As a Cisco engineer reportedly said, “I can either route them or count them, what do you want me to do?” For now, it appears that snooping on the Internet, big time stuff, is well within the realm of possibility. Traffic that is hijacked could disappear into a black hole or could be tapped and nudged back onto the correct destination, leaving practically no trace of any tampering. Exploiting BGP could be a party for some folks (stealing bitcoins through a BGP hijack has been reported). Everybody got the word on routes zipping around. Somebody somewhere could be getting snoopy with BGP.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s