Evaluating the performance impact of RTR-BIRD in origin validation

Research in Adaptive and Convergent Systems Pub Date : 2014-10-05 DOI:10.1145/2663761.2664202

Kyoungha Kim, Ik-hyeon Jang, Yanggon Kim

{"title":"Evaluating the performance impact of RTR-BIRD in origin validation","authors":"Kyoungha Kim, Ik-hyeon Jang, Yanggon Kim","doi":"10.1145/2663761.2664202","DOIUrl":null,"url":null,"abstract":"RTR-BIRD we previously developed is the only software router that is not only capable of the resource public key infrastructure (RPKI) but able to access the route origin authorizations (ROAs) in the practical validated cache. Although RTR-BIRD practically validates origins as opposed to QuaggaSRx implemented by the national institute of standards and technology (NIST), the routing performance of RTR-BIRD in processing a BGP update message was 4900 times worse than the routing performance of BIRD; BIRD took 0.4 millisecond whereas RTR-BIRD took 1.96 seconds per BGP update message. The difference in performance could be neglected if RTR-BIRD deals with only few routing updates in a highly discrete period. The decrease in performance, however, can be considerable if thousands of routing updates are concurrently received by a RTR-BIRD router---for instance, at router-startup or at router-reboot. Moreover, the performance degradation possibly disconnects BGP-peering sessions or imprecisely validates origins. In order to investigate the degradation in performance of RTR-BIRD, we broke up RTRPKI into components depending on its functionalities because the main difference between RTR-BIRD and BIRD is RTRPKI, which figuratively validates origins. From the separation of RTRPKI, we developed few more variations of RTRPKI by differentiating them in components to validate origins. Our simulation results in comparing RTRPKI with those variations revealed that the most problematic component of RTRPKI was the delay to synchronize RTRPKI to its associated cache server, so we detached the synchronization from the origin validation cycle (OVC) of RTR-BIRD. Consequently, our simulation results on the updated RTR-BIRD showed that the updated version validates origins approximately 4475 times faster than the original RTR-BIRD. Furthermore, the new version showed 100 percent accuracy in validating origins by eliminating at most two percent inconsistency of the validation results presented by the original RTR-BIRD router.","PeriodicalId":120340,"journal":{"name":"Research in Adaptive and Convergent Systems","volume":"37 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-10-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Research in Adaptive and Convergent Systems","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2663761.2664202","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

Abstract

RTR-BIRD we previously developed is the only software router that is not only capable of the resource public key infrastructure (RPKI) but able to access the route origin authorizations (ROAs) in the practical validated cache. Although RTR-BIRD practically validates origins as opposed to QuaggaSRx implemented by the national institute of standards and technology (NIST), the routing performance of RTR-BIRD in processing a BGP update message was 4900 times worse than the routing performance of BIRD; BIRD took 0.4 millisecond whereas RTR-BIRD took 1.96 seconds per BGP update message. The difference in performance could be neglected if RTR-BIRD deals with only few routing updates in a highly discrete period. The decrease in performance, however, can be considerable if thousands of routing updates are concurrently received by a RTR-BIRD router---for instance, at router-startup or at router-reboot. Moreover, the performance degradation possibly disconnects BGP-peering sessions or imprecisely validates origins. In order to investigate the degradation in performance of RTR-BIRD, we broke up RTRPKI into components depending on its functionalities because the main difference between RTR-BIRD and BIRD is RTRPKI, which figuratively validates origins. From the separation of RTRPKI, we developed few more variations of RTRPKI by differentiating them in components to validate origins. Our simulation results in comparing RTRPKI with those variations revealed that the most problematic component of RTRPKI was the delay to synchronize RTRPKI to its associated cache server, so we detached the synchronization from the origin validation cycle (OVC) of RTR-BIRD. Consequently, our simulation results on the updated RTR-BIRD showed that the updated version validates origins approximately 4475 times faster than the original RTR-BIRD. Furthermore, the new version showed 100 percent accuracy in validating origins by eliminating at most two percent inconsistency of the validation results presented by the original RTR-BIRD router.

查看原文本刊更多论文

评估RTR-BIRD在原产地验证中的性能影响

我们之前开发的RTR-BIRD是唯一的软件路由器，不仅能够提供资源公钥基础设施(RPKI)，而且能够访问实际验证缓存中的路由源授权(roa)。虽然RTR-BIRD与美国国家标准与技术研究院(NIST)实现的QuaggaSRx相比，实际上是对起源进行验证，但RTR-BIRD在处理BGP更新消息时的路由性能比BIRD差4900倍;BIRD的时间为0.4毫秒，而RTR-BIRD的时间为1.96秒。如果RTR-BIRD在一个高度离散的周期内只处理很少的路由更新，则性能差异可以忽略不计。但是，如果RTR-BIRD路由器同时接收数千个路由更新(例如，在路由器启动或重新启动时)，则性能下降可能相当大。此外，性能下降可能会断开bgp对等会话或不精确地验证起源。为了研究RTR-BIRD的性能下降，我们根据其功能将RTRPKI分解为组件，因为RTR-BIRD和BIRD之间的主要区别在于RTRPKI，它象征性地验证了起源。从RTRPKI的分离开始，我们通过在组件中区分它们来验证起源，开发了RTRPKI的更多变体。我们将RTRPKI与这些变体进行比较的模拟结果显示，RTRPKI中最有问题的部分是将RTRPKI同步到其相关缓存服务器的延迟，因此我们将同步从RTR-BIRD的原始验证周期(OVC)中分离出来。因此，我们在更新后的RTR-BIRD上的仿真结果表明，更新后的版本比原来的RTR-BIRD验证起源的速度快了大约4475倍。此外，新版本通过消除原始RTR-BIRD路由器提供的验证结果最多2%的不一致性，在验证起源方面显示了100%的准确性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Research in Adaptive and Convergent Systems

自引率

0.00%

发文量