Answer the following questions.
Question 1) Assume a hacker obtains control of all the BGP-speaking routers in several different Autonomous Systems (ASes). Our hacker has each AS \hijack" several IP blocks. That is, each AS under his or her control announces via BGP that it owns IP blocks for which it does not. Such as, our hacker has AS (CMU) announce a one-hop path to the IP block 18.0.0.0/8 (MIT).
(a) Suppose that the AS graph still converges to a stable state, can this attack cause routing loops to form? Describe why or why not.
(b) Assume the ASes under attack are identified. Can other ASes change their routing policies to ensure that their traffic still reaches the hijacked IP blocks? Describe.
(c) In response to this attack, assume all ASes agree to check central registry for IP block ownership before a path is considered valid. That is, whenever an AS receives a route to a prefix P, it checks that the last AS in the route actually owns P. Like, upon receiving a path to 18.0.0.0/8 (MIT), an AS will check that last AS in the route is 3 (MIT). Can a hacker still hijack IP address blocks belonging to ASes he or she does not control? (i.e., can he or she cause traffic destined to those IP blocks to be routed to the ASes he controls?) Describe.
(d) Assume a solution was devised where IANA hosted a server on the Internet which was able to validate all AS paths. Suppose that this server is always trustworthy and paths are valid if and only if the server says so.
State true or false: With this solution an AS can always check the validity of a BGP path advertisement it receives.
Question 2) Why do we require to infer ISP relationships? Why is this information not publicly available?
Question 3) Why would ISPs select to have peering relationships if it means they transport packets for free?
Question 4) Why do ISPs attempt to make sure valley-free routes?
Question 5) Despite the fact that ISPs have set relationships (i.e. provider/customer, peering, etc) based on contractual agreements, execution and management of these policies is not simple. A single misconfigured router within an AS (ie. one with incorrect import and/or export rules) can break these policies. What is a possible solution for this?