[en] Internet topology discovery aims at analyzing one of the most complex distributed system currently deployed. Usually, it relies on measurement campaigns using hop-limited probes sent with traceroute. However, this probing tool comes with several limits. In particular, some MPLS clouds might obfuscate collected traces. Thus, the resulting Internet maps, the inferred properties, and the graph models are incomplete and inaccurate.
In this paper, we introduce TNT (Trace the Naughty Tunnels), an extension to Paris traceroute for revealing, or at least detect, all MPLS tunnels along a path. First, along with traceroute and ping probes, TNTlooks for hints indicating
the presence of hidden tunnels. Those hints are peculiar patterns in the resulting output, e.g., significant TTL shifts or duplicate IP addresses. Second, if those hints trigger alarms, TNT launches additional dedicated probing for possibly revealing hidden tunnels. We use GNS3 to reproduce, verify, and understand the limits and capabilities of TNT in a controlled environment. We also calibrate the thresholds at which alarms are triggered through a dedicated measurement campaign. Finally, we deploy TNT on the Archipelago platform and provide a quantified classification of MPLS usage. All our results, including the data, the code, and the emulation configurations, are fully and publicly
available
Disciplines :
Computer science
Author, co-author :
Vanaubel, Yves ; Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Smart grids
Luttringer, Jean-Romain
Mérindol, Pascal
Pansiot, Jean-Jacques
Donnet, Benoît ; Université de Liège - ULiège > Dép. d'électric., électron. et informat. (Inst.Montefiore) > Algorithmique des grands systèmes
Language :
English
Title :
TNT, Watch me Explode: A Light in the Dark for Revealing MPLS Tunnels
Publication date :
June 2019
Event name :
Network Traffic Measurement and Analysis (TMA) Conference 2019
Event place :
Paris, France
Event date :
du 19 juin 2019 au 21 juin 2019
Audience :
International
Main work title :
TMA 2019 - Proceedings of the 3rd Network Traffic Measurement and Analysis Conference
ISBN/EAN :
978-390317617-1
Peer reviewed :
Peer reviewed
Commentary :
Extended version available here http://hdl.handle.net/2268/232334 TMA Best Paper Award, TMA runner up for Best Dataset Award, ITC Best Paper Award
scite shows how a scientific paper has been cited by providing the context of the citation, a classification describing whether it supports, mentions, or contrasts the cited claim, and a label indicating in which section the citation was made.
Bibliography
B. Donnet and T. Friedman, "Internet topology discovery: a survey," IEEE Communications Surveys and Tutorials, vol. 9, no. 4, pp. 2-15, December 2007.
B. Donnet, P. Raoult, T. Friedman, and M. Crovella, "Efficient algorithms for large-scale topology discovery," in Proc. ACM SIGMETRICS, June 2005.
R. Beverly, "Yarrp'ing the Internet: Randomized high-speed active topology discovery," in Proc. ACM Internet Measurement Conference (IMC), November 2016.
E. Katz-Bassett, H. Madhyastha, V. Adhikari, C. Scott, J. Sherry, P. van Wesep, A. Krishnamurthy, and T. Anderson, "Reverse traceroute," in Proc. USENIX Symposium on Networked Systems Design and Implementations (NSDI), June 2010, see https://www.revtr.ccs.neu.edu.
K. Keys, "Internet-scale IP alias resolution techniques," ACM SIG-COMM Computer Communication Review, vol. 40, no. 1, pp. 50-55, January 2010.
R. Pastor-Satorras and A. Vespignani, Evolution and Structure of the Internet: A Statistical Physics Approach. Cambridge University Press, 2004.
P. Mérindol, B. Donnet, O. Bonaventure, and J.-J. Pansiot, "On the impact of layer-2 on node degree distribution," in Proc. ACM Internet Measurement Conference (IMC), November 2010.
G. Detal, B. Hesmans, O. Bonaventure, Y. Vanaubel, and B. Donnet, "Revealing middlebox interference with tracebox," in Proc. ACM Internet Measurement Conference (IMC), October 2013.
K. Edeline and B. Donnet, "A first look at the prevalence and persistence of middleboxes in the wild," in Proc. International Teletraffic Congress (ITC), September 2017.
E. Rosen, A. Viswanathan, and R. Callon, "Multiprotocol label switching architecture," Internet Engineering Task Force, RFC 3031, January 2001.
B. Donnet, M. Luckie, P. Mérindol, and J.-J. Pansiot, "Revealing MPLS tunnels obscured from traceroute," ACM SIGCOMM Computer Communication Review, vol. 42, no. 2, pp. 87-93, April 2012.
Y. Vanaubel, P. Mérindol, J.-J. Pansiot, and B. Donnet, "Through the wormhole: Tracking invisible MPLS tunnels," in In Proc. ACM Internet Measurement Conference (IMC), November 2017.
J. Sommers, B. Eriksson, and P. Barford, "On the prevalence and characteristics of MPLS deployments in the open Internet," in Proc. ACM Internet Measurement Conference (IMC), November 2011.
R. Sherwood and N. Spring, "Touring the internet in a TCP sidecar," in Proc. ACM Internet Measurement Conference (IMC), October 2006.
R. Sherwood, A. Bender, and N. Spring, "Discarte: a disjunctive Internet cartographer," in Proc. ACM SIGCOMM, August 2008.
P. Marchetta and A. Pescapé, "DRAGO: Detecting, quantifying and locating hidden routers in traceroute IP paths," in Proc. Global Internet Symposium (GI), April 2013.
B. Augustin, X. Cuvellier, B. Orgogozo, F. Viger, T. Friedman, M. Lat-apy, C. Magnien, and R. Teixeira, "Avoiding traceroute anomalies with Paris traceroute," in Proc. ACM Internet Measurement Conference (IMC), October 2006.
M. Luckie, "Scamper: a scalable and extensible packet prober for active measurement of the Internet," in Proc. ACM Internet Measurement Conference (IMC), November 2010.
K. claffy, Y. Hyun, K. Keys, M. Fomenkov, and D. Krioukov, "Internet mapping: from art to science," in Proc. IEEE Cybersecurity Application and Technologies Conference for Homeland Security (CATCH), March 2009.
Y. Vanaubel, J.-R. Luttringer, P. Mérindol, J.-J. Pansiot, and B. Donnet, "Tnt, watch me explode: A light in the dark for revealing mpls tunnels," arXiv, cs.NI 1901.10156, February 2019.
D. Awduche, L. Berger, D. Gan, T. Li, V. Srinivasan, and G. Swallow, "RSVP-TE: Extensions to RSVP for LSP tunnels," Internet Engineering Task Force, RFC 3209, December 2001.
Y. Vanaubel, P. Mérindol, J.-J. Pansiot, and B. Donnet, "MPLS under the microscope: Revealing actual transit path diversity," in Proc. ACM Internet Measurement Conference (IMC), October 2015.
L. Andersson, I. Minei, and T. Thomas, "LDP specification," Internet Engineering Task Force, RFC 5036, October 2007.
D. Aydin, "CISCO vs. Juniper MPLS," June 2014, see http://monsterdark.com/cisco-vs-juniper-mpls/.
L. De Ghein, MPLS Fundamental: A Comprehensive Introduction to MPLS (Theory and Practice). CISCO Press, November 2006.
R. Bonica, D. Gan, D. Tappan, and C. Pignataro, "ICMP extensions for multiprotocol label switching," Internet Engineering Task Force, RFC 4950, August 2007.
J.-F. Grailet, F. Tarissan, and B. Donnet, "TreeNET: Discovering and connecting subnets," in Proc. Traffic Monitoring and Analysis Workshop (TMA), April 2016.
Y. Vanaubel, J.-J. Pansiot, P. Mérindol, and B. Donnet, "Network fingerprinting: TTL-based router signature," in Proc. ACM Internet Measurement Conference (IMC), October 2013.
G. Davila Revelo, M. A. Ricci, B. Donnet, and J. I. Alvarez-Hamelin, "Unveiling the MPLS structure on Internet topology," in Proc. Traffic Monitoring and Analysis Workshop (TMA), April 2016.
This website uses cookies to improve user experience. Read more
Save & Close
Accept all
Decline all
Show detailsHide details
Cookie declaration
About cookies
Strictly necessary
Performance
Strictly necessary cookies allow core website functionality such as user login and account management. The website cannot be used properly without strictly necessary cookies.
This cookie is used by Cookie-Script.com service to remember visitor cookie consent preferences. It is necessary for Cookie-Script.com cookie banner to work properly.
Performance cookies are used to see how visitors use the website, eg. analytics cookies. Those cookies cannot be used to directly identify a certain visitor.
Used to store the attribution information, the referrer initially used to visit the website
Cookies are small text files that are placed on your computer by websites that you visit. Websites use cookies to help users navigate efficiently and perform certain functions. Cookies that are required for the website to operate properly are allowed to be set without your permission. All other cookies need to be approved before they can be set in the browser.
You can change your consent to cookie usage at any time on our Privacy Policy page.
