Flexsealing BGP Against Route Leaks: Peerlock Active Measurement and Analysis
Tyler McDaniel, Jared M. Smith, Max Schuchard
TL;DR
This paper evaluates Peerlock, a BGP route leak mitigation system, through live measurements and simulations, showing its current deployment reduces leaks and strategic expansion could nearly eliminate them.
Contribution
It provides the first live Internet measurements of Peerlock deployment and quantifies its effectiveness in reducing route leaks through simulations.
Findings
48% of Peerlock filters deployed among Tier 1 networks
Current Peerlock deployment restricts Tier 1 leaks to 10% or fewer networks
Strategic deployment of Peerlock-lite can mitigate 80% of simulated Tier 1 leaks
Abstract
BGP route leaks frequently precipitate serious disruptions to interdomain routing. These incidents have plagued the Internet for decades while deployment and usability issues cripple efforts to mitigate the problem. Peerlock, introduced in 2016, addresses route leaks with a new approach. Peerlock enables filtering agreements between transit providers to protect their own networks without the need for broad cooperation or a trust infrastructure. We outline the Peerlock system and one variant, Peerlock-lite, and conduct live Internet experiments to measure their deployment on the control plane. Our measurements find evidence for significant Peerlock protection between Tier 1 networks in the peering clique, where 48% of potential Peerlock filters are deployed, and reveal that many other networks also deploy filters against Tier 1 leaks. To guide further deployment, we also quantify…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.