Professional Documents
Culture Documents
Electrical Engineering
a r t i c l e i n f o a b s t r a c t
Article history: Border Gateway Protocol (BGP) is the defecto standard routing protocol of the internet and has served as
Received 2 November 2016 backbone technology for logical routing tasks to provide global connectivity in the world. Unfortunately,
Revised 10 February 2017 there are limitations on network performance factors such as latency or link utilization which are not used
Accepted 27 February 2017
in BGP routing decisions. These limitations have a great effect on internet services, especially bandwidth
Available online 9 March 2017
sensitive application, where BGP does not automatically redistribute the traffic over different
Multihomed links based on link utilization or latency. In this paper, a novel control mechanism for BGP
Keywords:
(BGP-NCM) is proposed. BGP-NCM is a software controller which has been developed and injected in the
Bandwidth
BGP
Enterprise or internet service provider BGP multihomed network to force the traffic redistribution over
BGP-NCM the available links based on the link utilization or latency. The BGP-NCM has been developed using
Utilization Python programming language and it consists of three modules which are Monitoring, Traffic Calculation
Multihomed and Configuration modules. BGP-NCM will keep an eye on link utilization by checking the monitoring tool
Python log and when the link utilization reaches a predefined value, the BGP-NCM traffic calculation module will be
Quagga triggered to determine the amount of traffic and corresponding IP prefix as well as the target link with avail-
SLA able bandwidth to accommodate the redistributed traffic. Our results show that BGP-NCM solves the traffic
SNMP
redistribution problem without any change in both BGP protocol and running internet infrastructure.
Ó 2017 Ain Shams University. Production and hosting by Elsevier B.V. This is an open access article under
the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
http://dx.doi.org/10.1016/j.asej.2017.02.008
2090-4479/Ó 2017 Ain Shams University. Production and hosting by Elsevier B.V.
This is an open access article under the CC BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/).
2080 M.T. Moubarak et al. / Ain Shams Engineering Journal 9 (2018) 2079–2091
incoming traffic engineering is difficult to optimize because rout- for end-users: first, the ability to configure measurement policies
ing incoming traffic is decided by other ASes in the Internet [8]. including probe addresses and second, monitoring the measured
Latest BGP version has no direct implementation that supports latency and the chosen path. Because of the limited community’s
any Quality of Service (QoS) and it cannot meet SLA which is information space, a new kind of extended communities could be
important for the internet users. Majority of IP traffic forwarding proposed for latency information sharing through BGP update
devices has their own control plane software with narrow view messages.
on global path possibilities to destination IP network and no infor- In [11], the authors proposed Multi-Path Inter-Domain For-
mation about chosen best path QoS characteristics [9]. warding (MIFO) protocol, which enables AS border routers to adap-
In normal BGP operation, only after the best-path calculation is tively offload outbound traffic from a congested default to an
complete, it is possible to measure and enhance the network per- alternate path with only data plane modification, rather than hav-
formance parameters such as latency, throughput, jitter, packet ing the load information communicated to the control plane and
loss and others. The lack of wider internet performance signaling using it to recognize alternate paths. Specifically, MIFO explores
and the difficulties for pro-active measurements implementation multiple paths learnt by the control plane and uses load-aware for-
has made the internet as a hard-challenging network to use the warding at the data plane over different outgoing AS paths, to keep
network performance factors such as link utilization and latency forwarding in line speed.
in routing decisions [10]. In [12], the authors proposed a novel inter-domain multipath
There are limitations on network performance factors such as flow transfer mechanism based on SDN and multi-domain collab-
latency or link utilization which are not used in BGP routing deci- oration where they designed a routing detection method based
sions. These limitations have a great effect on internet services, on hierarchical iteration. The authors take advantages of the SDN
especially bandwidth sensitive application, where BGP does not strong controller and fine-grained computing abilities to improve
automatically redistribute the traffic over different Multihomed the detection capability as well as interdomain collaboration to
links based on link utilization or latency. relieve the overheads of other proposed multipath solutions based
In this paper, the design and implementation of BGP Novel Con- on BGP notification without changing the existing BGP protocol.
trol Mechanism (BGP-NCM) has been proposed as an effective These protocols are such as Cisco multi-path selection mechanism
solution to the previously mentioned BGP limitation, supports in based on BGP, a route deflection mechanism based on labels, and
some the internet scalability challenges and internet users’ the multipath BGP (MBGP) mechanism.
requirements such as: In [13], the authors proposed a Multi-Dimension Link Vector
network view exchange mechanism (MLV). The exchanged domain
Network and service availability to be 100% up-time. views provide fine-grained information including not only IP desti-
Keeping Latency within the acceptable range. nation and AS path, but also, the AS links with IP flow 5-tuples
Keeping links usage below predefined commit levels. routing information and QoS attributes.
Guarantee the effective/proper use of available internet In [14], the authors proposed Routing As a Service (RAS)
resources. which imports third-party entities for calculating routing paths
to support customized routing with high scalability and great
The BGP-NCM has been designed and implemented to enhance flexibility.
the network performance parameters as follows: In [15], the authors proposed outsourcing the Routing Control
Logic as a new routing model. The outsourcing control logic is used
Implementation of BGP-NCM for BGP control based on network for inter-domain routing.
performance parameters such as link utilization and latency In [16], the authors focused on not only the network reliability
without any change in BGP protocol or running Internet in terms of maintaining connectivity but rather on the networks
environment. QoS and its ability to meet a certain SLA. Therefore, reliability anal-
Redistribution of traffic based on link utilization over available ysis becomes a special case of this general model. Various param-
multihomed links for congested links offers optimum band- eters are used to realistically represent the properties of end-to-
width management to enhance the network performance and end routes. These properties include the number and composition
achieves the required Service Level Agreement (SLA). of multipath, the degree of multihoming and the number of hops in
Reduce the end to end time delay for time sensitive applications each serial path.
by switching the application to other multihomed Link with All previously mentioned related work tried to solve the prob-
available bandwidth. lem using one of the following approaches:
BGP-NCM will handle BGP route updates in automatic and
dynamic manner based on network performance and cost a. Modifying the existing BGP protocol which leads to more
metrics. overheads to the protocol which affects the performance
and can’t be practically implemented due to the inability
The reset of this paper includes the followings: Section 2 to change the running internet environment.
describes the Related Work. Section 3 introduces the concept, b. Using of Software Defined Network (SDN) but using SDN
used tools and packages, implementation and operation process needs that all routers and switches over the internet support
of the BGP-NCM. Section 4 represents the research network the SDN which cannot be implemented in the real internet
design. Section 5 shows the traffic performance measurements. environment. Also, routers and switches in the traffic path
Section 6 presents BGP-NCM implementation challenges. Section 7 should be under the same administration to receive the traf-
presents the conclusion and finally future work has been pre- fic flow changes from the same SDN controller.
sented in Section 8.
Accordingly, the proposed controller is designed such that the
2. Related work key feature of the proposed mechanism is that it could be real time
implemented to solve the traffic redistribution problem without
In [10], the authors proposed the development of separate any change in both BGP protocol and running internet
latency management control panel with the following features infrastructure.
M.T. Moubarak et al. / Ain Shams Engineering Journal 9 (2018) 2079–2091 2081
3. BGP novel control mechanism (BGP-NCM) added to Quagga easily. Finally, Quagga is distributed under
the GNU Public License operating system like CentOS,
3.1. Concept of the mechanism FreeBSD and NetBSD. Quagga daemons are shown in Fig. 1.
Where each routing protocol has it corresponding daemon
The proposed BGP Novel control mechanism (BGP-NCM) is a which should be enabled to allow the routing protocol over
software controller which has been developed and injected in the Quagga router as well as the Zebra daemon which is the
BGP multihomed network to force the traffic redistribution over master routing daemon.
the available links based on the link utilization, latency or any c. The Multi Router Traffic Grapher (MRTG) [22,23], MRTG is a
other network performance parameters could be measured such graphical tool used to monitor the amount of traffic passing
as packet loss. through a network link, such as a router, switch or server.
On the following work, we will focus on link utilization because Being written in Perl, it has successfully been ported to most
the link congestion results in both packet loss and high latency as Unix platforms as well as Microsoft Windows. MRTG uses
well as packet loss may be due to faulty devices or cabling and this data obtained from using Simple Network Management Pro-
can’t be solved by software mechanism. tocol(SNMP) [24,25] to poll the network devices. Once the
The proposed mechanism will be used to automatically force data is obtained, it generates HTML pages containing images
BGP policies over the enterprise or ISP routers to handle the traffic based on the traffic load, allowing a graphical view of the
based on the link utilization and this action will be carried out if traffic load complete with timestamps and history. Sample
the utilization of the link reached a predefined value. graph of the MRTG output is shown in Fig. 2.
The designed BGP-NCM concept has been evolved based on the d. Python programming language [26–29] is a suite of client–
Software Defined Network (SDN) [17,18]concept that there is a server protocol implementations, C integration, and third-
controller which controls network switches and it forces the traffic party tools and libraries. Python is ideal for prototyping
flows over this switches using the open follow protocol. and deploying network applications. Python’s runtime inter-
SDN needs that all routers and switches should support SDN pretation drastically shortens the turnaround from modifi-
and must be under the same administration while the used BGP- cation to execution, a significant advantage when most
NCM will be implemented without any change in interdomain changes are incremental and most problems appear at run-
routing system but only adjust the BGP attributes to change traffic time. Python’s clean syntax, dynamic typing, integrated
routes and accordingly link utilization will be changed. exception handling, and object facilities have made it a
BGP-NCM will be embedded in the network and just collects widely used interpreted language. With the emergence of
network performance metrics from different tools and send new large-scale network tools and applications, such as the
routing policy through telnet or SSH sessions to the router and twisted framework, Bit Torrent, and Zope content manage-
doesn’t run BGP protocol and accordingly no traffic will be passed ment system, Python has proven to be a legitimate platform
or forwarded to it to avoid any performance degradation and no for network-oriented projects in a space that C has tradition-
more network overheads or security threats have been expected ally dominated.
in case of implementing the BGP-NCM and if it fails the BGP will e. NetFlow was a protocol originally developed by Cisco Sys-
return to its normal operation finally expected performance and tems in 1996 to collect IP traffic information. It can provide
security issues will be discussed on BGPNCM implementation chal- traffic statistics such as the top bandwidth users or IP pre-
lenges section. fixes, applications they use and what percentage of traffic
they use and this information is sent to a collector [30,31].
3.2. Used tools and packages Sample of NetFlow output is shown in Fig. 3.
The proposed BGP-NCM was developed using different software NetFlow has many equivalents, where other vendors than Cisco
packages as well as used several software packages to deploy the provide an equivalent technology on their routers and switches,
routers, monitor the traffic utilization, calculate the traffic utiliza- but use a different name for the technology Jflow or cflowd for
tion and finally force the router policy. These software packages Juniper Networks, NetStream for 3Com/HP and Huawei, Cflowd
are as the following: for Alcatel-Lucent Rflow for Ericsson, AppFlow Citrix, Traffic Flow
MikroTik and sFlow for other many vendors like Alaxala, Allied
a. Community Enterprise Operating System (CentOS) [19,20], Telesis, Arista Networks, Brocade, Dell, D-Link, Enterasys, Extreme,
CentOS is a Linux distribution that attempts to provide a Fortinet, Hitachi, IBM, Juniper, LG, Mellanox, MRV, NEC, Netgear,
free, enterprise-class, community-supported computing Proxim Wireless, Quanta Computer, Vyatta, ZTE and ZyXEL.
platform which aims to be functionally compatible with its
upstream source, Red Hat Enterprise Linux (RHEL). The Key
feature of CentOS that it has a repository which provides a
set of dynamic programming languages, database servers,
and various related packages.
b. Quagga Routing Software Suite [21], Quagga is a routing
software package that provides TCP/IP based routing ser-
vices with routing protocols such as OSPF, RIP and BGP-4.
Quagga also supports special BGP Route Reflector and Route
Server behavior. In addition to traditional IPv4 routing pro-
tocols, Quagga also supports IPv6 routing protocols. Quagga
provides routing protocol MIBs. Quagga uses an advanced
software architecture to provide a high quality, multi-
server routing engine. Quagga has an interactive user inter-
face for each routing protocol and supports common client
commands. Due to this design, a new protocol could be Fig. 1. Quagga daemons.
2082 M.T. Moubarak et al. / Ain Shams Engineering Journal 9 (2018) 2079–2091
3.3. BGP-NCM implementation BGP-NCM software has been developed using Python program-
ming language and the BGP-NCM consists of three modules.
The proposed BGP-NCM consists of Internet network, link and
BGP-NCM software as shown in Fig. 4. 3.3.1. BGP-NCM link monitoring module
Internet network represents services, users, traffic and routers.
BGP routers are the most important part which has been imple- a. It will monitor each link utilization by periodically checking
mented using Quagga daemon over CentOS Linux machine. the MRTG Log.
Internet services like HTTP and FTP have been represented by b. MRTG polls each router interface using SNMP to get the uti-
CentOS Linux machine with both HTTP and FTP service enabled lization statistics and accordingly updates each link log file
and has been configured to listen and respond to internet users’ every 5 min.
requests. c. Each record in the log file is time stamped and the monitor-
Internet users have been represented by CentOS Linux machine ing module will keep track with log file updates to check if
with Linux script used to generate the traffic over the network. the threshold value is reached.
Each ISP has been implemented by CentOS Linux machine with d. When the threshold value has been reached, the module will
Quagga daemon. BGP is the deployed routing protocol over all continue to check the log and for more 5 consecutive times
Quagga routers. to confirm that the threshold value has been reached and
MRTG package has been deployed as link monitoring tool and link utilization is continuously exceeding the threshold.
SNMP configuration has been applied between MRTG and Quagga e. The previously mentioned multiple check action for utiliza-
routers to get each link utilization statistics instantaneously and tion used to avoid network instability where the utilization
build link utilization data base. increase may be instantaneously and returns to its normal
M.T. Moubarak et al. / Ain Shams Engineering Journal 9 (2018) 2079–2091 2083
level again and accordingly no need for traffic ORIGIN: The origin attribute indicates how BGP learned
redistribution. about a route. Allowed values are IGP, EGP or
f. BGP-NCM Traffic Calculation Module will be initiated based Incomplete.
on the confirmation of that the link utilization has exceeded NEXT-HOP: The EBGP next-hop attribute is the IP address
the threshold value as per the previous step. that is used to reach the advertising router.
g. Threshold value for each link will be determined based on c. Well known discretionary May or may not appear in every
the services offered through this link and its required SLA. UPDATE message, but must be supported
LOCAL-PREF: Used by a BGP peer to prefer a specific exit
3.3.2. BGP-NCM traffic calculation module point from the local AS if there are several to choose
from. This information is propagated to peers in the
a. It will be triggered when the predefined threshold is UPDATE message.
reached. ATOMIC-AGGREGATE: Alerts BGP speakers along the
b. For this module, we get the traffic statistics based on Net- path that some information has been lost due to route
Flow or Internet Protocol Flow Information Export (IPFIX) aggregation
reports. d. BGP policies could be applied to control both Inbound and
c. Traffic Calculation module will analyze the Net-Flow report Outbound traffic and accordingly the BGP-NCM control
and generate table of utilization, Prefix pairs in descending mechanism can be deployed to both scenarios.
order from highest utilization Prefix to lowest utilization one. e. BGP AS Path attribute will be used to control the inbound
d. After determining the utilization Prefix Pairs, the suitable traffic by using AS Path prepending technique as well as
pair will be selected to reroute the traffic over another link the BGP local preference attribute which will be used to con-
based on available bandwidth over another links. trol the outbound traffic.
e. Finally, if there is no bandwidth available, it sends an alarm f. AS Path prepending technique used to make BGP routers to
to the network administrator otherwise the BGP configura- insert AS numbers to the Path to become more longer and
tion module will be initiated. then to preferred by BGP routers and select other shortest
Paths for this Prefix if available.
3.3.3. BGP-NCM configuration module g. BGP local preference attribute will be used to select the out-
bound traffic where route with highest local preference
a. BGP differs from the other routing protocols by neither being value will be preferable.
classified as a distance-vector protocol or a link state- h. BGP-NCM configuration module will select the suitable BGP
protocol. BGP bases its routing decisions on attributes. These policy to be applied to reroute the selected prefix over the
attributes are divided into groups of well-known mandatory new link by adjusting the above BGP attributes.
and discretionary [32]. i. Before applying the new configuration, a penalty timer will
b. Well known mandatory must appear in every UP-DATE mes- be checked to avoid Route dampening penalty.
sage and must be supported by every BGP software j. Route dampening penalty is used to help service providers
implementation. prevent one customer’s router or circuit problems from
AS-PATH: The AS-PATH attribute is a list of all the ASes affecting the stability of the provider’s network by with-
that route must take to reach its destination. Separated drawing problem BGP routes.
by spaces, this list can contain several ASes if the distance k. Route dampening penalty could be applied due multiple
is big enough. routing updates which caused by multiple configuration
2084 M.T. Moubarak et al. / Ain Shams Engineering Journal 9 (2018) 2079–2091
changes or link flapping so penalty timer has been imple- 4. Research network design
mented in the BGP configuration module.
The designed BGP network has been divided into three sections
BGP-NCM operation process could be summarized as follows: Enterprise, Internet service providers (ISP) and internet users as
shown in Fig. 6.
(1) Monitoring Module Loop if utilization threshold isn’t The enterprise section represents the service part where it
reached then check MRTG Log. offers different internet services to the internet users. Enterprise
(2) Initiate Traffic Calculation Module. uses three BGP Multihomed links of 10 Mbps bandwidth to main-
(3) Get NetFlow Statistics for the target Link. tain its service reliability, availability and off course its SLA.
(4) Calculate Traffic per each Prefix. ISP section represented tier 1 or tear 2 ISP where the internet
(5) Build Prefix- Bandwidth Utilization Table. traffic transits through their networks from the internet users to
(6) Select Highest Prefix and Bandwidth Utilization Pair. enterprise and vice versa.
(7) Check MRTG log for other links for bandwidth availability Internet users’ sections represented the tier 3 service provider
and (If there is no bandwidth available then return to (6) which offers internet access to the internet users for normal inter-
and select the 2nd highest prefix bandwidth pair) and repeat net activities.
(7) if no available bandwidth then sends Alarm. IP prefixes has been assigned to each network section and
(8) Issue BGP configuration policy. accordingly BGP configuration has been applied to each router in
(9) Check penalty timer if no then wait and recheck else send the network to allow end to end traffic flow from users’ section
configuration, reset the timer and return to (1). to access the services in enterprise section.
MRTG has been installed and SNMP configuration (Server IP,
BGP-NCM operation process is shown in Fig. 5 as a system flow SNMP community) has been applied over the MRTG server and
chart to present the previously mentioned steps as well as the enterprise Quagga router to allow utilization monitoring for the
three modules operation has been represented. three multihomed links of the enterprise.
This network model represents real time network scenario with
the connections between users, enterprises and ISPs.
Table 1
Voice & video network requirements.
All links utilization graphs have been obtained from link moni-
toring tool that monitors enterprise links utilization. In BGP normal
operation enterprise 1st link traffic load will be increased till the
enterprise services offered through this link will be affected due
to the link becomes fully or over utilization.
In case of deploying BGP-NCM, when the 1st link utilization is
increased to exceed the 90% of link bandwidth (9.5 Mbps as shown
in Fig. 9) the BGP-NCM traffic calculation module has been trig-
Fig. 7. Packet end-to-end delay. gered and select the required IP prefix to be rerouted as well as
the enterprise 2nd internet link has been selected to carry this
amount of traffic because it is the link with less traffic load and
has an available bandwidth to accommodate the redistributed
traffic.
Fig. 12 shows the difference in enterprise router BGP configura-
tion before and after BGP-NCM configuration module has sent the
new BGP policies to redistribute the traffic where six route maps
have been configured two per each link and applied to carry out
the required traffic redistribution over available internet links.
After BGP routing policies has been applied, the traffic over the
1st link has been decreased to reach to about 4Mbps as shown in
Fig. 13 and the ellipse and arrow highlights the traffic change in
the graph.
The decreased traffic load over the enterprise 1st link has been
instantaneously appeared on the 2nd enterprise link and its traffic
loads becomes about 6Mbps as shown in Fig. 14. And accordingly,
1st link utilization has been kept under 90% of link bandwidth and
accordingly enterprise maintain its offered service level.
The previous experiment shows that the BGP-NCM has
Fig. 8. Packet jitter. enhanced the network performance parameters delay and jitter
2086 M.T. Moubarak et al. / Ain Shams Engineering Journal 9 (2018) 2079–2091
and offers proper utilization of available internet links compare within the link capacity and keeps the delay and jitter values with
with normal BGP operation. the acceptable ranges and accordingly maintains network perfor-
Table 2 shows the significant enhancement of BGP-NCM in per- mance level for the offered service.
formance parameters delay and jitter compared with normal BGP Table 3 shows the traffic load over the ISPs links for normal BPG
operation where in normal BGP operation the traffic load could operation compared with BGP-NCM operation where in normal
be increased to reach the 100% of link capacity and exceeds the link BGP operation the traffic is increasing over the ISP1 link while
capacity as shown in the above table resulting in unacceptable val- the ISP2 link has no traffic and all services offered over ISP1 link
ues of delay and jitter that accordingly affects any offered service will be affected when link becomes fully utilized or over utilized
through this link while applying BGP-NCM keeps the traffic load while when applying BGP-NCM the traffic of ISP1 link traffic will
M.T. Moubarak et al. / Ain Shams Engineering Journal 9 (2018) 2079–2091 2087
Table 2 Table 3
BGP-NCM link performance parameter comparison. ISPS links load.
be redistributed when the predefined threshold has been reached Simply network admin can check his prefixes path length
and accordingly ISP2 link received an amount of ISP1 traffic to by consulting public route servers and accordingly deci-
maintain the services performance. des needed path length to ensure that new routing policy
issued by BGP-NCM will be effective and accordingly
6. BGP-NCM implementation challenges BGP-NCM will be initialized by these values correspond-
ing to each prefix and that is what we considered in this
In this section, we will discuss some of expected challenges to version of BGP-NCM.
real implementation of the proposed BGP-NCM because of the nat- Despite the ASPP approach has been extensively prac-
ure of BGP protocol operation that already results in many perfor- ticed by many ASes, but still there are many researches
mance and security issues. done to propose algorithms to allow more robust use of
ASPP such as a Greedy ASPP Search Algorithm for ISPs
6.1. BGP-NCM performance challenges to practice ASPP systematically mentioned in [37]or algo-
rithm for computing the optimal padding strategies given
Deploying BGP-NCM will issue a new BGP routing policy in case multiple neighboring links in [38]and accordingly BGP-
of link over utilization or the utilization reached predefined value NCM can use any one of the previous algorithms as well
to maintain the service level and accordingly BGP routers will send as we plane to work on our own algorithm to enhance the
update messages to their BGP neighbors to update their routing BGP-NCM in the future work.
tables and accordingly network performance may be affected
because as follows: 6.2. BGP-NCM security challenges
a. Multiple Network changes due to route updates or link fail- BGP relies on TCP as its transport protocol. BGP is susceptible to
ure leads to many BGP update messages this may result in the same attacks that target any TCP-based protocol as well as
network instability and accordingly performance degrada- because BGP is an application is vulnerable to various threats
tion due one of the following: and the most popular attacks are as the following:
BGP slow Convergence Where Convergence time is the
time required to router to start forwarding packets after a. BGP Route Manipulation attack occurs when the contents of
failure or change happens, as long as router received the BGP routing table has been altered by a malicious device,
update messages there is no traffic will be forwarded so which can prevent traffic from reaching its intended destina-
the increase of convergence time will decrease the net- tion without acknowledgement or notification.
work performance.
Route dampening penalty could be applied by ISPs on a Route manipulation attack can be mitigated by enabling the
BGP neighbor due multiple routing updates received MD5 neighbor authentication mechanism, to ensure that only
form it due to multiple configuration changes or link flap- authorized peers can establish this BGP neighbor relationship,
ping to avoid the network instability problem. and that the routing information exchanged between these two
devices has not been altered [39]
BGP-NCM deployed the penalty timer to be checked before
applying any new configuration to control and prevent the contin- b. BGP Denial of Service (DoS)-occurs when unwanted BGP
uous update messages and accordingly avoid both slow conver- traffic has been sent by a malicious host to a victim in an
gence and route dampening penalty problems. attempt to utilize all available BGP or CPU resources, which
results in a lack of resources for valid BGP traffic processing.
b. BGP update messages has a great effect on some real-time
service as Voice over IP (VOIP), when a BGP update happens, BGP Denial of Service (DoS) attack can be mitigated by Time to
voice quality falls to an unintelligible level where call can’t Live (TTL) security check when external BGP session (eBGP) is con-
be established by caller for the time needed by router to con- figured, the IP header TTL for all neighbor session packets is set to
verge [36]. 1. This setting was originally assumed to be useful because it pre-
vents the establishment of an eBGP session beyond a single hop.
Based on the above BGP update messages will affect the voice The BGP TTL security check is not required nor is it considered use-
call quality and accordingly deploying the BGPNCM may affect ful for internal BGP sessions (iBGP) [40].
the voice calls or any similar service but also the link congestion
or link over utilization has same effect on voice calls and this effect c. BGP Route Hijacking-occurs when a rogue BGP peer mali-
will be continuous as long as the link is congested or over utilized ciously announces a victim’s prefixes to reroute some or all
not only for the time needed for router to converge. traffic to itself for untoward purposes.
BGP-NCM will enhance the performance where it is offered to
solve the link congestion or over utilization problems and its effi- BGP Route Hijacking could be minimized by using both BGP
ciency is that the time of service degradation will not exceed the Neighbor Authentication with MD5, BGP Time to Live Security
convergence time which already can be maintained as minimum Check Beside some other configuration actions like Configuring
as possible by applying consistent BGP configuration. Maximum Prefixes, Filtering BGP Prefixes with Prefix Lists, Filter-
ing BGP Prefixes with Autonomous System Path Access Lists and
c. The 3rd challenge is concerning to AS Path prepending AS Path Length Limiting to ensure that received routes are from
(ASPP) technique, which is a popular technique for BGP trusted neighbors [41].
inbound traffic engineering and used by BGP-NCM to control Finally, BGP-NCM design has considered the above-mentioned
the inbound traffic but selecting the route based on AS path threats as follows:
length is not guaranteed 100% as well as it may cause rout-
ing loops so to minimize this mentioned risk network one of BGP-NCM controller doesn’t run BGP protocol or has any active
the following can be done: BGP session with BGP routers on the network.
2090 M.T. Moubarak et al. / Ain Shams Engineering Journal 9 (2018) 2079–2091
[31] Cisco. Introduction to Cisco IOS NetFlow - A Technical Overview. Cisco; 2012 [37] Wang J, Chiu D, Lui J, Chang RKC. Inter-as inbound traffic engineering via ASPP.
[Online]. Available: <http://www.cisco.com/c/en/us/products/collateral/ios- Transactions on Network and Service Management 2007;4(1):62–70.
nx-os-software/ios-netflow/prod_white_paper0900aecd80406232.html> [38] Zhang Y, Tatipamula M. Characterization and design of effective bgp as-path
[Accessed 22 October 2016]. prepending. In: Network Protocols (ICNP) 19th IEEE International Conference.
[32] Rekhter Y, Li T. A Border Gateway Protocol 4 (BGP-4); 1995. [Online]. p. 59–68.
[Accessed 22 October 2016]. [39] Touch J, Mankin A, Bonica R. The TCP Authentication Option. Internet
[33] Li H, Lin X. OPNET-based 3-tier network simulation architecture. IEEE Engineering Task Force (IETF); June 2010 [Online]. Available: <https://tools.
Communications and Information Technology 2005;2:793–6. ietf.org/html/rfc5925> [Accessed 22 October 2016].
[34] Siraj S, Gupta A, Badgujar R. Network simulation tools survey. Int J Adv Res [40] Gill V, Heasley J, Meyer D. The Generalized TTL Security Mechanism
Comput Commun Eng 2012;1(4):199–206. (GTSM). The Internet Society; 2004 [Online]. Available: <https://tools.ietf.
[35] Houle JD, Ramakrishnan KK, Sadhvani R, Yuksel M, Kalyanaraman S. The org/html/rfc3682> [Accessed 22 October 2016].
Evolving Internet - Traffic, Engineering, and Roles. In: The 35th TPRC [41] Protecting Border Gateway Protocol for the Enterprise, Cisco, [Online].
Research Conference on Communication, Information and Internet Policy, Available: <http://www.cisco.com/c/en/us/about/security-center/protecting-
Arlington. border-gateway-protocol.html#7>, [Accessed 22 October 2016].
[36] Kushman N, Kandula S, Katabi D. Can you hear me now?! it must be BGP. ACM [42] NetVolution, European Research Council (ERC); 2014. [Online]. Available:
SIGCOMM Comput Commun Rev 2007;37(2):77–84. <http://netvolution.eu/scientific-approach.html>, [Accessed 22 October 2018].