BGP Communities: Even More Worms in the Routing Can

Loading...
Thumbnail Image
Authors
Streibelt, Florian
Lichtblau, Franziska
Beverly, Robert
Feldmann, Anja
Pelsser, Cristel
Smaragdakis, Georgios
Bush, Randy
Subjects
Networks → Routing protocols; Network measurement
BGP
Communities
Exploits
Advisors
Date of Issue
2018
Date
Publisher
ACM
Language
Abstract
BGP communities are a mechanism widely used by operators to manage policy, mitigate attacks, and engineer traffic; e.g., to drop unwanted traffic, filter announcements, adjust local preference, and prepend paths to influence peer selection. Unfortunately, we show that BGP communities can be exploited by remote parties to influence routing in unintended ways. The BGP community-based vulnerabilities we expose are enabled by a combination of complex policies, error-prone configurations, a lack of cryptographic integrity and authenticity over communities, and the wide extent of community propagation. Due in part to their ill-defined semantics, BGP communities are often propagated far further than a single routing hop, even though their intended scope is typically limited to nearby ASes. Indeed, we find 14% of transit ASes forward received BGP communities onward. Given the rich inter-connectivity of transit ASes, this means that communities effectively propagate globally. As a consequence, remote adversaries can use BGP communities to trigger remote blackholing, steer traffic, and manipulate routes even without prefix hijacking. We highlight examples of these attacks via scenarios that we tested and measured both in the lab as well as in the wild. While we suggest what can be done to mitigate such ill effects, it is up to the Internet operations community whether to take up the suggestions.
Type
Article
Description
The article of record as published may be found at http://dx.doi.org/10.1145/3278532.3278557
Series/Report No
Department
Organization
Naval Postgraduate School (U.S.)
Identifiers
NPS Report Number
Sponsors
Funder
Format
14 p.
Citation
Streibelt, Florian, et al. "BGP Communities: Even More Worms in the Routing Can." Proceedings of the Internet Measurement Conference 2018. ACM, 2018.
Distribution Statement
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.
Collections