dscp and the evil bit
play

DSCP and the Evil Bit Runa Barik (UiO), Michael Welzl (UiO), Ahmed - PowerPoint PPT Presentation

DSCP and the Evil Bit Runa Barik (UiO), Michael Welzl (UiO), Ahmed Elmokashfi (SRL) maprg @96th IETF Meeting Berlin, Germany 18 th July 2015 IETF96 DSCP and the Evil Bit 1 / 14 Motivation The Internet could ideally use the IP header for


  1. DSCP and the Evil Bit Runa Barik (UiO), Michael Welzl (UiO), Ahmed Elmokashfi (SRL) maprg @96th IETF Meeting Berlin, Germany 18 th July 2015 IETF96 DSCP and the Evil Bit 1 / 14

  2. Motivation The Internet could ideally use the IP header for special treatment to the packet; but, which bits in the header can be used? Middleboxes in private networks also modify/drop the packets limiting the protocol innovations. This work complements to our paper in ANRW’16 1 . In this context, we focus on: How middleboxes react to packets with different DSCP values, and Evil bit. 1 Runa Barik, Michael Welzl, Ahmed Elmokashfi, “ How to say that you’re special: Can we use bits in the IPv4 header? ”, in ANRW’16 IETF96 DSCP and the Evil Bit 2 / 14

  3. Test methodology Client Test Packet Server Router Middlebox Router Extreme 5 i Test Packet ICMP packet (Echo Request) id=id1 T C P S Y N , i d = i d 1 ICMP packet (Echo Reply) 2 d = i d i TCP SYN/ACK, id=id2 IETF96 DSCP and the Evil Bit 3 / 14

  4. Location of Drop Server Client Router Router Middlebox Extreme 5 i ICMP packet (Echo Request) id=id1 TCP SYN, id=id1 } Timeout ICMP packet (Echo Reply) id=id1 Traceroute traceroute or tracebox like testing IETF96 DSCP and the Evil Bit 4 / 14

  5. Test Locations (a) Travel to India (b) Malaysia IETF96 DSCP and the Evil Bit 5 / 14

  6. Change of DSCP values 10 Fraction of distinct paths (0: 185),(2: 6),(6: 2),(8: 3) (0: 145),(2: 2),(6: 1),(8: 14) (10: 2),(18: 3),(36: 3),(62: 1) (10: 3),(62: 1) 10 0 10 -1 10 -2 10 -3 0 2 6 8 10 10 18 18 36 36 62 62 0 2 6 8 10 10 62 62 0 8 DSCP values x-axis: the lower (larger) number is the original DSCP value, the upper (smaller) number is the changed value. The brackets on the top show the absolute number of paths (IP address pairs). IETF96 DSCP and the Evil Bit 6 / 14

  7. Change of DSCP values 10 Fraction of distinct paths (0: 128),(2: 2),(4: 20),(6: 1) (0: 127),(2: 2),(6: 21),(10: 1) (10: 1),(12: 2),(36: 11),(62: 1) (14: 2),(46: 11),(62: 1) 10 0 10 -1 10 -2 10 -3 0 2 4 6 10 10 12 12 36 36 62 62 0 2 6 10 10 14 14 46 46 62 62 36 46 DSCP values IETF96 DSCP and the Evil Bit 7 / 14

  8. TTL and Change of DSCP values on paths Table: DSCP packet-drop noticed in Countries Src. Countries Dst. Countries DSCP initial Change Location Drop Location Oregon Kuala Lumpur, Malaysia CS1 Amazon Tech. Inc. Norway (ISP2) Kuala Lumpur, Malaysia AF42 TELIANET (4) TMNet Telekom Malaysia EF TELIANET (6) TMNet Telekom Malaysia client-side 20 8 0 0 TTL (DSCP change) server-side 8 0 10 8 18 0 15 18 0 8 2222 00 22 2 18 2 2 2 10 4 22 4 6 8 5 8 8 32 8 8 32 32 32 40 40 40 0 0 0 0 0 0 8 36 36 46 46 DSCP (original) IETF96 DSCP and the Evil Bit 8 / 14

  9. DSCP/TOS values in ICMP time-exceeded Message 10 (0: 6560),(2: 114),(4: 5),(6: 17),(8: 133),(24: 1),(36: 18) Fraction of DSCP/TOS 10 0 (46: 8),(48: 3257),(52: 18),(54: 13) 10 -1 (2: 3),(3: 25),(48+2:2) 10 -2 10 -3 48+2 0 2 4 6 8 24 36 46 48 52 54 ECT(0) CE DSCP/TOS values (in ICMP) The brackets on the top show (DSCP value in ICMP: number of packets) IETF96 DSCP and the Evil Bit 9 / 14

  10. DSCP/TOS values in IPv4 header and payload of ICMP time-exceeded message 10 DSCP values (in ICMP) 10 0 10 -1 10 -2 10 -3 0 2 6 8 24 24 24 24 48 48 48 48 0 2 6 48 48 48 48 0 2 6 0 6 48 48 48 48 0 2 4 6 DSCP values (in payload) Y-axis: Fraction of different DSCP values in IP header of ICMP messages, while the payload IP header contains DSCP values of 0, 2, 4, or 6 IETF96 DSCP and the Evil Bit 10 / 14

  11. Contd. 10 DSCP values (in ICMP) 10 0 10 -1 10 -2 10 -3 0 4 36 36 36 36 48 48 48 48 52 52 52 52 0 8 48 48 48 48 0 2 0 2 48 48 48 48 36 8 10 18 DSCP values (in payload) Y-axis: Fraction of different DSCP values in IP header of ICMP messages, while the payload IP header contains DSCP values of 8, 10, 18, or 36 IETF96 DSCP and the Evil Bit 11 / 14

  12. Contd. DSCP/TOS values (in ICMP) 10 10 0 10 -1 10 -2 10 -3 48+2 48+2 48+2 48+2 0 6 46 46 46 46 48 48 48 48 54 54 54 54 0 8 48 48 48 48 0 0 2 3 46 32 40 3(ECN) DSCP/TOS values (in payload) Y-axis: Fraction of different DSCP/TOS values in IP header of ICMP messages, while the payload IP header contains DSCP/TOS values of 32, 40, 46, or 3 (CE) IETF96 DSCP and the Evil Bit 12 / 14

  13. Evil bit In 169 out of 205 paths, packets with Evil bit set passed successfully. However, DSCP values are stripped or remain unchanged in around 165 paths. No modification to Evil bit on successful paths. IETF96 DSCP and the Evil Bit 13 / 14

  14. Thank you! IETF96 DSCP and the Evil Bit 14 / 14

Recommend


More recommend