Abstract
The Border Gateway Protocol (BGP) is a key component in Internet routing. Consequently, monitoring BGP messages is essential to identify changes that are detrimental to networks reachability. This is however a complicated task, mainly due to the stateful and noisy nature of BGP. One need to keep track of the entire routing table to really understand the meaning of a single BGP message. And significant bursts of messages may be completely redundant. In this paper, we propose a complete taxonomy of BGP update messages and its corresponding classification tool called BLT. We also introduce a simple anomaly detector based on BLT that pinpoints surge of selected classes of messages. We illustrate the benefits of this detector with five case studies that validate its ability to identify meaningful events.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
