Flowspec for BGP Route Servers at IXPs
BIRD is a widely deployed software for BGP route servers at IXPs. The release of version 2.0.2 in March added support for BGP Flow Specification (RFC 5575). While …
Talk Title | Flowspec for BGP Route Servers at IXPs |
Speakers | Benedikt Rudolph, DE-CIX |
Conference | NANOG73 |
Conf Tag | |
Location | Denver, CO |
Date | Jun 25 2018 - Jun 27 2018 |
URL | Talk Page |
Slides | Talk Slides |
Video | Talk Video |
BIRD is a widely deployed software for BGP route servers at IXPs. The release of version 2.0.2 in March added support for BGP Flow Specification (RFC 5575). While constantly adding new features, the single-threaded architecture of the routing daemon imposes limits on computationally-intensive tasks. This raises questions about scalability and resource consumption, especially for deployments with hundreds of peers and hundred-thousands of prefixes, common at IXPs. In this talk we present a first performance evaluation of BIRD 2.0.2 and test the new Flowspec feature in a close to reality, large-scale IXP deployment. To set the context, we investigate a scenario where Flowspec is used to exchange information about DDoS traffic blackholed on the IXPs switching platform. Ideally this feature would not interfere with routine operation of the route server. To be effective, BGP announcements of blackhole routes need to be disseminated quickly. Therefore we look at the forwarding performance of Flowspec messages in BIRD under various operating conditions. Especially important to us is resource consumption (memory and CPU) as well as practical deployment considerations. In addition to the evaluation of BIRD 2.0.2 we provide reference measurements with the widely deployed and stable BIRD 1.6.4 release without Flowspec support.