[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content
Springer Nature Link
Log in

A Global Measurement of Routing Loops on the Internet

  • Conference paper
  • First Online:
Passive and Active Measurement (PAM 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 13882))

Included in the following conference series:

Abstract

Persistent routing loops on the Internet are a common misconfiguration that can lead to packet loss, reliability issues, and can even exacerbate denial of service attacks. Unfortunately, obtaining a global view of routing loops is difficult. Distributed traceroute datasets from many vantage points can be used to find instances of routing loops, but they are typically sparse in the number of destinations they probe.

In this paper, we perform high-TTL traceroutes to the entire IPv4 Internet from a vantage point in order to enumerate routing loops and validate our results from a different vantage point. Our datasets contain traceroutes to two orders of magnitude more destinations than prior approaches that traceroute one IP per /24. Our results reveal over 24 million IP addresses with persistent routing loops on path, or approximately 0.6% of the IPv4 address space. We analyze the root causes of these loops and uncover new types of them that were unknown before. We also shed new light on their potential impact on the Internet.

We find over 320k /24 subnets with at least one routing loop present. In contrast, sending traceroutes only to the .1 address in each /24 (as prior approaches have done) finds only 26.5% of these looping subnets.

Our findings complement prior, more distributed approaches by providing a more complete view of routing loops in the Internet. To further assist in future work, we made our data publicly available.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 51.99
Price includes VAT (United Kingdom)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 64.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    The literature is split between referring to these as “routing loops” [13, 26] or “forwarding loops” [41]. We use “routing loops” to differentiate them from loops that arise from application-level redirects [8].

  2. 2.

    Many targets had multiple routers that responded, due to load-balancing, ECMP, or the varying paths different probe packets take to reach their destination.

  3. 3.

    We refer to this vantage point as VP 1  for the rest of the paper.

  4. 4.

    We refer to this vantage point as VP 2  for the rest of the paper.

  5. 5.

    https://github.com/breakerspace/weaponizing-censors.

  6. 6.

    https://github.com/zmap/zdns.

  7. 7.

    We adopt ZMap’s blacklist, which excludes reserved addresses, private addresses, the loopback prefix, and the addresses reported to us to opt-out from being scanned.

References

  1. Augustin, B., et al.: Avoiding traceroute anomalies with Paris traceroute. In: ACM Internet Measurement Conference (IMC) (2006)

    Google Scholar 

  2. Beverly, R.: Yarrp’ing the Internet: randomized high-speed active topology discovery. In: ACM Internet Measurement Conference (IMC) (2016)

    Google Scholar 

  3. Bock, K., Alaraj, A., Fax, Y., Hurley, K., Wustrow, E., Levin, D.: Weaponizing middleboxes for TCP reflected amplification. In: USENIX Security Symposium (2021)

    Google Scholar 

  4. Brown, J.D., Willink, T.J.: A new look at an old attack: ARP spoofing to create routing loops in Ad Hoc networks. In: Ad Hoc Networks, pp. 47–59 (2018)

    Google Scholar 

  5. CAIDA: IPv4 Prefix-Probing Traceroute Dataset, April 2022. https://www.caida.org/data/active/ipv4_prefix_probing_dataset.xml

  6. CAIDA: The CAIDA UCSD AS Classification Dataset, April 2022. https://www.caida.org/catalog/datasets/as-classification

  7. CAIDA: The IPv4 Routed/24 Topology Dataset, April 2022. https://www.caida.org/data/active/ipv4_routed_24_topology_dataset.xml

  8. Chen, J., et al.: Forwarding-loop attacks in content delivery networks. In: Network and Distributed System Security Symposium (NDSS) (2016)

    Google Scholar 

  9. Durumeric, Z., Wustrow, E., Halderman, J.A.: ZMap: fast internet-wide scanning and its security applications. In: USENIX Security Symposium (2013)

    Google Scholar 

  10. Fan, X., Heidemann, J.: Selecting representative IP addresses for internet topology studies. In: ACM Internet Measurement Conference (IMC) (2010)

    Google Scholar 

  11. Gharaibeh, M., Shah, A., Huffaker, B., Zhang, H., Ensafi, R., Papadopoulos, C.: A look at router geolocation in public and commercial databases. In: ACM Internet Measurement Conference (IMC) (2017)

    Google Scholar 

  12. Guo, H., Heidemann, J.: Detecting ICMP rate limiting in the Internet. In: Beverly, R., Smaragdakis, G., Feldmann, A. (eds.) PAM 2018. LNCS, vol. 10771, pp. 3–17. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-76481-8_1

    Chapter  Google Scholar 

  13. Hengartner, U., Moon, S., Mortier, R., Diot, C.: Detection and analysis of routing loops in packet traces. In: ACM Internet Measurement Workshop (IMW) (2002)

    Google Scholar 

  14. Holterbach, T., Molero, E.C., Apostolaki, M., Dainotti, A., Vissicchio, S., Vanbever, L.: Blink: fast connectivity recovery entirely in the data plane. In: Symposium on Networked Systems Design and Implementation (NSDI) (2019)

    Google Scholar 

  15. Huang, Y., Rabinovich, M., Al-Dalky, R.: FlashRoute: efficient traceroute on a massive scale. In: ACM Internet Measurement Conference (IMC) (2020)

    Google Scholar 

  16. Katz-Bassett, E., Madhyastha, H.V., John, J.P., Wetherall, D., Anderson, T.: Studying Black holes in the Internet with Hubble. In: Symposium on Networked Systems Design and Implementation (NSDI). USENIX Association, San Francisco, CA, April 2008. https://www.usenix.org/conference/nsdi-08/studying-black-holes-internet-hubble

  17. Kučera, J., Basat, R.B., Kuka, M., Antichi, G., Yu, M., Mitzenmacher, M.: Detecting routing loops in the data plane. In: ACM Conference on emerging Networking EXperiments and Technologies (CoNEXT) (2020)

    Google Scholar 

  18. Li, S., Duan, H., Wang, Z., Li, X.: Route leaks identification by detecting routing loops. In: Thuraisingham, B., Wang, X.F., Yegneswaran, V. (eds.) SecureComm 2015. LNICST, vol. 164, pp. 313–329. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-28865-9_17

    Chapter  Google Scholar 

  19. Lone, Q., Luckie, M., Korczyński, M., van Eeten, M.: Using loops observed in traceroute to infer the ability to spoof. In: Kaafar, M.A., Uhlig, S., Amann, J. (eds.) PAM 2017. LNCS, vol. 10176, pp. 229–241. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-54328-4_17

    Chapter  Google Scholar 

  20. Luckie, M., Huffaker, B., Marder, A., Bischof, Z., Fletcher, M., Claffy, K.: Learning to extract geographic information from Internet Router Hostnames. In: ACM Conference on Emerging Networking EXperiments and Technologies (CoNEXT) (2021)

    Google Scholar 

  21. Madhyastha, H., et al.: iPlane: an information plane for distributed services. In: Symposium on Operating Systems Design and Implementation (OSDI) (2006)

    Google Scholar 

  22. Mai, H., Khurshid, A., Agarwal, R., Caesar, M., Godfrey, P.B., King, S.T.: Debugging the data plane with anteater. In: ACM SIGCOMM (2011)

    Google Scholar 

  23. Marder, A., Luckie, M., Dhamdhere, A., Huffaker, B., Claffy, K., Smith, J.M.: Pushing the boundaries with bdrmapIT: mapping router ownership at internet scale. In: ACM Internet Measurement Conference (IMC) (2018)

    Google Scholar 

  24. Marder, A., Luckie, M., Huffaker, B., Claffy, K.: VRFinder: finding outbound addresses in traceroute. In: Proceedings of the ACM on Measurement and Analysis of Computing Systems, vol. 4(2) (2020)

    Google Scholar 

  25. MaxMind: GeoLite2, October 2021. https://dev.maxmind.com/geoip/geoip2/geolite2

  26. Nakibly, G., Arov, M.: Routing loop attacks using IPv6 tunnels. In: USENIX Workshop on Offensive Technologies (WOOT) (2009)

    Google Scholar 

  27. Nosyk, Y., Korczyński, M., Duda, A.: Routing loops as mega amplifiers for DNS-based DDoS attacks. In: Hohlfeld, O., Moura, G., Pelsser, C. (eds.) PAM 2022. LNCS, vol. 13210, pp. 629–644. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-98785-5_28

    Chapter  Google Scholar 

  28. University of Oregon: Route Views Archive Project, October 2021. http://archive.routeviews.org/bgpdata

  29. Paxson, V.: End-to-end routing behavior in the Internet. In: ACM SIGCOMM (1996)

    Google Scholar 

  30. Pei, D., Zhao, X., Massey, D., Zhang, L.: A study of BGP path vector route looping behavior. In: IEEE International Conference on Distributed Computing Systems (ICDCS) (2004)

    Google Scholar 

  31. Pochat, V.L., Goethem, T.V., Tajalizadehkhoob, S., Korczyński, M., Joosen, W.: Tranco: a research-oriented top sites ranking hardened against manipulation. In: Network and Distributed System Security Symposium (NDSS) (2019)

    Google Scholar 

  32. Ravaioli, R., Urvoy-Keller, G., Barakat, C.: Characterizing ICMP rate limitation on routers. In: IEEE International Conference on Communications (ICC) (2015)

    Google Scholar 

  33. RIPE NCC Staff: RIPE Atlas: A global internet measurement network. Internet Protocol J. 18(3), 2–26 (2015)

    Google Scholar 

  34. Rüth, J., Zimmermann, T., Hohlfeld, O.: Hidden treasures – recycling large-scale Internet measurements to study the Internet’s control plane. In: Choffnes, D., Barcellos, M. (eds.) PAM 2019. LNCS, vol. 11419, pp. 51–67. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-15986-3_4

    Chapter  Google Scholar 

  35. Sherry, J., Katz-Bassett, E., Pimenova, M., Madhyastha, H.V., Anderson, T., Krishnamurthy, A.: Resolving IP aliases with prespecified timestamps. In: ACM Internet Measurement Conference (IMC) (2010)

    Google Scholar 

  36. Sherwood, R., Bender, A., Spring, N.: DisCarte: a disjunctive Internet cartographer. In: ACM SIGCOMM (2008)

    Google Scholar 

  37. Shukla, A., Foerster, K.T.: Shortcutting fast failover routes in the data plane. In: Symposium on Architectures for Networking and Communications Systems (ANCS) (2021)

    Google Scholar 

  38. Sridharan, A., Moon, S.B., Diot, C.: On the correlation between route dynamics and routing loops. In: ACM Internet Measurement Conference (IMC) (2003)

    Google Scholar 

  39. Wang, F., Mao, Z.M., Wang, J., Gao, L., Bush, R.: A measurement study on the impact of routing events on end-to-end Internet path performance. In: ACM SIGCOMM (2006)

    Google Scholar 

  40. Xia, J., Gao, L., Fei, T.: Flooding attacks by exploiting persistent forwarding loops. In: ACM Internet Measurement Conference (IMC) (2005)

    Google Scholar 

  41. Xia, J., Gao, L., Fei, T.: A measurement study of persistent forwarding loops on the Internet. Comput. Netw. 51(17), 4780–4796 (2007)

    Article  MATH  Google Scholar 

  42. Zhang, M., Zhang, C., Pai, V., Peterson, L., Wang, R.: PlanetSeer: Internet path failure monitoring and characterization in wide-area services. In: Symposium on Operating Systems Design and Implementation (OSDI) (2004)

    Google Scholar 

  43. Zhang, S., Liu, Y., Pei, D.: A measurement study on BGP AS path looping (BAPL) behavior. In: International Conference on Computer Communication and Networks (ICCCN) (2014)

    Google Scholar 

  44. Zhang, S., Liu, Y., Pei, D., Liu, B.: Measuring BGP AS path looping (BAPL) and private AS number leaking (PANL). Tsinghua Sci. Technol. 23(1), 22–34 (2018)

    Article  Google Scholar 

  45. Zhang, Y., Mao, Z.M., Wang, J.: A framework for measuring and predicting the impact of routing changes. In: IEEE Conference on Computer Communications (INFOCOM) (2007)

    Google Scholar 

Download references

Acknowledgments

We thank Jack Wampler for the insightful discussions. We also thank the anonymous reviewers for their helpful feedback. This work was supported in part by NSF award CNS-1943240 and NSF award CNS-1954063.

Author information

Authors and Affiliations

  1. University of Colorado, Boulder, USA

    Abdulrahman Alaraj & Eric Wustrow

  2. University of Maryland, College Park, USA

    Kevin Bock & Dave Levin

  3. Prince Sattam Bin Abdulaziz University, Al-Kharj, Saudi Arabia

    Abdulrahman Alaraj

Authors
  1. Abdulrahman Alaraj
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kevin Bock
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dave Levin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Eric Wustrow
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Abdulrahman Alaraj .

Editor information

Editors and Affiliations

  1. Karlstad University, Karlstad, Sweden

    Anna Brunstrom

  2. Edgio, Scottsdale, AZ, USA

    Marcel Flores

  3. IMDEA Networks Institute, Madrid, Spain

    Marco Fiore

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Alaraj, A., Bock, K., Levin, D., Wustrow, E. (2023). A Global Measurement of Routing Loops on the Internet. In: Brunstrom, A., Flores, M., Fiore, M. (eds) Passive and Active Measurement. PAM 2023. Lecture Notes in Computer Science, vol 13882. Springer, Cham. https://doi.org/10.1007/978-3-031-28486-1_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-28486-1_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-28485-4

  • Online ISBN: 978-3-031-28486-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation