Predicting host level reachability via static analysis of routing protocol configuration

Download
Author
McManus, Stephen C.
Date
2007-09Advisor
Xie, Geoffrey
Second Reader
Fulp, J.D.
Metadata
Show full item recordAbstract
Static analysis refers to techniques that extract and check the semantics of a program entirely from examining its source code. In this case, router configuration files can be thought of as the source code of a distributed program whose execution determines the host level reachability of the network. Static analysis brings about new challenges. Unlike a regular computer program, router configuration commands hide the detailed logic of routing protocols. Completely constructing the logic for static analysis of router configuration files is difficult and even impossible in some cases where the network has a large number of concurrently running routing processes distributed over many routers and variable network delays make the interactions between these processes too complex to understand exactly. This research takes an initial step in understanding the power of static analysis. A system is built to infer the packet forwarding table of each router from the router configuration files. The scope of the work is confined to networks where OSPF is used exclusively for routing. The system is able to infer the exact forwarding tables of the Cisco routers for several lab test networks.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.Collections
Related items
Showing items related by title, author, creator and subject.
-
On Route Aggregation
Le, F.; Zhang, H.; Xie, Geoffrey (2011-12);Route Aggregation (RA), the method to supersede a set of routes by a single, more general route, is a fundamental mechanism to the Internet scalability. Yet, despite its importance, it is poorly understood. We present the ... -
Validating network security policies via static analysis of router ACL configuration
Wong, Eric Gregory Wen Wie (Monterey, California. Naval Postgraduate School, 2006-12);The security of a network depends on how its design fulfills the organization's security policy. One aspect of security is reachability: whether two hosts can communicate. Network designers and operators face a very ... -
Prototyping of an active and lightweight router
Kaplan, Namik (Monterey, California. Naval Postgraduate School, 1999-03-01);A new network management system named Server and Agent based Active Management (SAAM) has been proposed. SAAM can locate and fix network problems much more quickly than today's systems. Stand-alone routers are used in ...