Tools About Anycast Agility Against DDoS in Tangled Testbed

anygility/anygility-tangled

This page contains tools for experiments in Tangled testbed. This tool runs anycast measurement,parses the collected data, and builds BGP playbook for Tangled.

anygility - anycast agility tools in Tangled

This page contains tools related to our experiments in Tangled testbed. The other datasets and tools are available in the following links:

We provide tools and setup used to perform our experiments on the TANGLED: ANYCAST TESTBED. The following tools and setup configurations are available for Tangled testbed:

Tools and Setup Configurations in Tangled

Here we provide the tools we used to perform anygility experiments on the TANGLED: ANYCAST TESTBED.

  • measurement scripts: set of scripts to implement the measurement process, collect catchment statistics and playbook creation.
  • tangler-cli: Tangled Routing tool is used to control BGP routing in an anycast networks. This tool uses ExaBGP software to inject routes on each anycast site.
  • vp-cli: process Verfploeter raw files to generate the statistics used to build the anycast playbook.
  • bgp-tuner: graphical interface to manage anycast networks using catchment statistics.
  • make-playbook: use statistics and routing information to create the playbook file.
  • run-playbook: run a selected playbook policy applying one BGP routing policy in anycast sites.

Workflow

A set of measurement scripts to generate the Playbook on different routing setups (baseline, positive and negative prepends, communities and bgp poisoning). These scripts make use of Tangler-cli (to control anycast routing on Tangled testbed); Verfploeter software to measure the catchment distribution; and vp-cli to analyze the verfploeter data and generate the site load statistics for each routing setup. The (bgp-tuner) provides an prototyped graphical interface to visualize the Playbooks available and help the administrator to choosing which Playbook entry to apply. make-playbook build the playbook to be used for applications as playbook_tuner. run-playbook tool implements the chosen Playbook entry on Tangled network.

Components

Measurement Scripts

Measurements are the core for the measurement process. They (1) established a connection to each anycast node; (2) call tangler-cli to recursively setup BGP routing and store the configuration for all sites; (3) call Verfploeter to measure catchment; and finally (3) call vp-cli to account catchment stats for one routing policy. We used the following scripts:

  • 00-functions.sh: basic functions used for all scripts.
  • 00-globalvars.sh: the config file for paths and other parameters used on all scripts.
  • 01-baseline.sh: script to create a baseline for all anycast sites.
  • 02-positive_prepend.sh: BGP path prepend measurement.
  • 03-negative_prepend.sh: Negative prepend measurement.
  • 04-communities.sh: BGP community experiment.
  • 05-poison.sh </code>: BGP Poisoning measurement

After running one of these scripts, you should obtain five types of files in dataset directory.

  • *.csv.gz: The raw file produced by Verfploeter (v1.0.42). This file contains the ICMP answers in CSV format.
  • *.meta: Meta information about how Verfploeter data was used to produce .routing and .stats files with vp-cli.
  • *.meta-convert: Meta information to vp-cli normalize measurement considering network weight and geolocation.
  • *.routing: Routing information to reconfigure the anycast networks (sites, neighbor, and bgp attributes)
  • *.stats: Catchment statistics

Routing Configuration (tangler-cli)

As described, we have used different setups and routing configuration policies to perform the experiments. Beside other support tools, we provide the tangler-cli tools that manages our testbed using exabgp. You can find more details about it here.

  • tangler-cli.py: used to control BGP routing in an anycast networks

Synopsis

tangler-cli.py [-hdv46wrA] [--target=NODE_TARGET_ADDRESS|all] [--cmd=ROUTER_COMMAND] [-p=NUMBER_OF_PREPENDS] [-r=ROUTE] [--version] [--status] [--annouces] [--csv] [--nodes-with-announces] [--user=USERNAME] [--key=USER_KEY]

Usage

➜  tangler-cli.py -4 --announces --csv
site,prefix,peer_as,neighbor,attributes
br-poa-anycast02,145.100.118.0/23,264575,177.52.38.113,as-path [ 1149 1149 1149 ]
br-poa-anycast02,145.100.118.0/23,64552,145.100.119.1,as-path [ 1149 1149 1149 ]
nl-ams-anycast01,145.100.118.0/23,64515,169.254.169.254,
us-mia-anycast01,145.100.118.0/23,20080,198.32.252.96,

Measurement Analysis (vp-cli)

The measurements were taken using the tool Verfploeter (1.0.42) . Verfploeter provides a raw file describing all the catchments and respective metrics. A sample of this raw file is shown below:

task_id,client_id,transmit_time,receive_time,send_receive_time_diff,source_address,destination_address,meta_source_address,meta_destination_address,ttl,source_address_country,source_address_asn
17,br-poa-anycast02,1645539507122609845,1645539507242452495,119.84265,1.37.27.39,145.100.118.1,145.100.118.1,1.37.27.39,61,PH,4775
17,br-poa-anycast02,1645539507044239644,1645539507249394694,205.15505,1.1.87.188,145.100.118.1,145.100.118.1,1.1.87.188,243,JP,2519
  • vp-cli.py: used to process Verfploeter raw files to generate the statistics used to build the anycast playbook.

Synopsis

vp-cli.py [-hdvq] [--file=VERFPLOETER_FILE] [--hitlist=IP_HITLIST_FILE] [--geo=IP_GEOLOCATION_DATABASE] [--bgp=BGP_POLICY_NAME] [--weight=WEIGHT_FILE] [--normalize] [--source] [--filter] [--nodes-with-announces] [--csv]

Usage

➜  vp-cli.py --file verfploeter.csv.gz
uk-lnd-anycast02 | 2463339 -  72%  █████████████████████████
br-poa-anycast02 |  769772 -  22%  ███████▋
us-mia-anycast01 |  174477 -   5%  █▋

Visualization tool (bgp-tuner)

Besides the vp-cli interface that provides the load, we’ve build the GUI called BGPTuner to help on anycast network administration better visualize the effect of anycast redistribution while using a set of playbooks.


Figure 1: BGPTuner on Tangled Testbed

Usage

➜  pip install -r pyreqs/bgptuner-requirements.txt
➜  cd tools/bgp-tuner/
➜  ./bgp-tuner.py

Then access the interface open your browser on http://127.0.0.1:12345/ or the URL indicated by program output.

PS: This prototyped version is prepared for anycast sites: CDG, IAD, LHR, MIA, POA, SYD. For convenience, we provide BGP playbook samples in the bgp-tuner/dataset directory.

Playbook creation (make-playbook)

make-playbook reads all vp-cli generated files generate the Anycast Playbook. Its is possible to add several different measurements, one in each directory.

Synopsis

make-playbook [-hvd] [--dir=STATS_DIR] [--out=PLAYBOOK_FILE_OUT] [--fsdb=PLAYBOOK_FSDB_OUT] [--routing] [--version]

--routing: Add routing information to playbook file.

--dir: Directory with vp-cli stats files.

--fsdb: File name to save in FSDB format (used by playbook-tuner)

--out: File name to save Playbook results.

Usage

➜  make-playbook.py --dir dataset/baseline --dir dataset/prepend
Building Playbook from dataset/baseline
Building Playbook from dataset/prepend
site       AMS   MIA  POA
bgp
baseline  94.0   4.0  1.0
1xAMS     29.0  60.0  9.0
2xAMS     72.0  17.0  9.0
3xAMS     72.0  18.0  9.0
...

Run a playbook entry

run-playbook use the routing files information (.routing) to configure the BGP routing in the anycast network.

Synopsis

run-playbook [-hvd] [--test=ROUTING_FILE] [--playbook=PLAYBOOK_ROUTING] [--show] [--version] [--user=USERNAME] [--key=USER_KEY]

--playbook=routing playbook information (.routing file)

--show=Show current routing configuration on Tangled sites.

--user=Username used to access Tangled testbed network.

--key=SSH key to access Tangled testbed network.

Usage

➜ run-playbook.py --playbook positive-20473.routing
Configuring routes...
[au-syd-anycast01] neighbor 169.254.169.254 prefix 145.100.118.0/23
[fr-par-anycast01] neighbor 169.254.169.254 prefix 145.100.118.0/23 extended-community target:20473:6601
[uk-lnd-anycast02] neighbor 169.254.169.254 prefix 145.100.118.0/23
[us-mia-anycast01] neighbor 198.32.252.96 prefix 145.100.118.0/23
 Configured [4] nodes