A Measurement Study of BGP Blackhole Routing Performance
Abstract
BGP Blackhole routing is a mechanism used to protect networks from DDoS attacks. During the last several years, a number of variations of BGP Blackhole routing have been proposed. However, even though these methods have been used by many organizations and ISPs for some years, the academic community has provided only a limited evaluation of BGP Blackhole routing, using mainly network simulations. The objective of this research was to evaluate the basic methods of BGP Blackhole routing in a real test-bed network in various environments. By using the response time, the CPU load, and the link load as performance metrics, we first evaluated the performance of those methods in networks where the routers CPU load was the limiting factor. Then we examined the effect of the high link load and the effect of routers preconfiguration on the BGP Blackhole routing's performance. The results showed that the BGP Blackhole routing may not be effective under stressful situations, that is, a high link load, because its dependence on TCP and the underlying routing protocols. Of the three basic Blackhole routing methods, the best method is the destination-based, followed closely by the source-based. The third method, customer-triggered Blackhole routing, in all cases had very degraded performance.
Document Details
- Document Type
- Technical Report
- Publication Date
- Sep 01, 2006
- Accession Number
- ADA457366
Entities
People
- Nikolaos Stamatelatos
Organizations
- Naval Postgraduate School