The Next Generation of BGP Data Collection Platforms

Title: The Next Generation of BGP Data Collection Platforms

Authors: Thomas Alfroy, Thomas Holterbach (University of Strasbourg); Thomas Krenc, kc Claffy (UC San Diego / CAIDA); Cristel Pelsser (UCLouvain)

Scribe: Ruyi Yao

Introduction

The study of the global Internet infrastructure relies on BGP data collection platforms that maintain BGP peering sessions with network operators who volunteer to share (sometimes portions of) their routing tables. Vantage Points (VPs) are set to collect routes from BGP router.

The authors emphasize that more VPs are needed to improve the accuracy and coverage of scientific and operational analyses of Internet infrastructure, e.g., the AS topology mapping, locating outages, and BGP hijack detection. 25-100× more VPs are expected.

Data collection presents challenges for both data providers and users. For data providers, the compound effect—more VPs and more updates per VP—yields a quadratic increase in updates reaching the collection platforms. For users, in order to save time and resources, they are willing to sacrifice the quality of the results to facilitate data processing, using only a sample of the data.

Key idea and contribution

• The authors used simulations and experiments to corroborate that important analyses lose accuracy and/or coverage when using heavily sampled topologies.
• The authors found strong data redundancy at different granularities and proposed GILL. GILL has two key mechanisms: an overshoot-and-discard collection scheme and sampling algorithms that maximize fairness.

Their contributions include:

• a survey,measurements,and simulations to demonstrate the limitations of current systems;
• a general framework and algorithms to assess and remove redundancy in BGP observations;
• quantitative analysis of the benefit of our approach in terms of accuracy and coverage for several canonical BGP routing analyses such as hijack detection and topology mapping.
• Implementation and deployment a new BGP peering collection system that automates peering expansion using our redundancy analytics,which provides a path forward for more thorough evaluation of this approach.

Evaluation
Long-term impact: Simulations of a scenario where 50% (vs. 2%) of ASes peered with GILL tripled the number of peer-to-peer links observed,doubled the number of Internet failures that we could localize,and reduced by 33% the proportion of undetected forged-origin hijacks without processing more data than what RIS and RV do today.
Immediate benefits: GILL improved the accuracy and coverage while processing the same data volume inferred more AS relationships (+16%), identified and corrected errors in CAIDA’s ASrank dataset, and inferred more forged-origin hijacks (+23%) with ≈4× fewer incorrect inferences (i.e., false positives).

Sorry for the late Q & A part. I failed to upload it and just noticed the draft.

Q: Can we still study BGP convergence using the data collected by GILL?
A: Yes, the data collected by GILL from anchor vantage points will still support studying BGP convergence. Objectives requiring relevance in BGP data, such as analyzing convergence dynamics, will remain achievable. However, I cannot guarantee that all potential use cases will be fully supported by the data collected by GILL—this limitation also applies to other BGP data collection infrastructures.

Q: Will the transitions leading to the BGP end state be preserved in the data collected by GILL?
A: Yes, the transitions will still be visible. Its per-prefix similarity-based data retention ensures that all relevant updates, including intermediate states, are captured. This means that you will still observe the “before and after” dynamics as the system converges.

Q: Were the parameters (e.g., 50% managed coverage) chosen to give the best results?
A: The best results would theoretically come from 100% managed coverage. However, we explored other configurations, such as 10% managed coverage, which still showed significant improvements, including 80% more peer-to-peer links compared to current approaches, while maintaining manageable data volume.

Q: Is there a sweet spot for balancing data volume and coverage? How did you pick the parameters that you showed?
A: Not necessarily. The system automatically optimizes certain parameters, like discarding 96% of redundant data, while the managed coverage levels (e.g., 10%, 50%) were chosen arbitrarily for evaluation purposes to demonstrate GILL’s impact.

Q: GILL addresses critical issues like data redundancy and storage overhead, but the main challenge remains insufficient vantage point coverage. Your simulations assume 50% coverage, yet in reality, we’re only at 2%. Can GILL help incentivize operators to expand coverage?
A: GILL enables scaling to significantly more vantage points but doesn’t solve the challenge of incentivizing operators. We propose potential incentives in the paper and on our website, but this remains an area for further research.