IP network operators face the challenge of making and managing router configuration changes to serve rapidly evolving user and organizational needs. Changes are expressed in low-level languages, and often impact multiple parts of a configuration file and multiple routers. These dependencies make configuration changes difficult for operators to reason about, detect problems in, and troubleshoot. In this paper, we present a methodology to extract network-wide correlations of changes.
|Published (Last):||21 November 2018|
|PDF File Size:||5.68 Mb|
|ePub File Size:||4.16 Mb|
|Price:||Free* [*Free Regsitration Required]|
Misconfigurations can compromise the security of an entire network or even cause global disruptions to Internet connectivity. Several solutions have been proposed. They can detect a number of problems in real configuration files. However, these solutions share a common limitation: they are based on rules which need to be known beforehand. Violations of these rules are deemed misconfigurations. As policies typically differ among networks, these approaches are limited in the scope of mistakes they can detect.
In this paper, we address the problem of router misconfigurations using data mining. We apply association rules mining to the configuration files of routers across an administrative domain to discover local, network-specific policies. Deviations from these local policies are potential misconfigurations. We have evaluated our scheme on configuration files from a large state-wide network provider, a large university campus and a high-performance research network.
In this evaluation, we focused on three aspects of the configurations: user accounts, interfaces and BGP sessions. User accounts specify the users that can access the router and define the authorized commands. Interfaces are the ports used by routers to connect to different networks. Each interface may support a number of services and run various routing protocols. BGP sessions are the connections with neighboring autonomous systems AS.
BGP sessions implement the routing policies which select the routes that are filtered and the ones that are advertised to the BGP neighbors. We included the routing policies in our study. The results are promising.
We discovered a number of errors that were confirmed and corrected by the network administrators. These errors would have been difficult to detect with current predefined rule-based approaches.
Article :. Date of Publication: 27 June DOI: Need Help?
Extracting Network-Wide Correlated Changes from Longitudinal Configuration Data