Get Off My Prefix! The Need for Dynamic, Gerontocratic Policies in Inter-domain Routing
Inter-domain routing in today’s Internet is plagued by security and reliability issues (e.g., preﬁx hijacking), which are often caused by malicious or Byzantine misbehavior. We argue that route selection policies must move beyond static preferences that select routes on the basis of static attributes such as route length or which neighboring AS is advertising the route. We prove that route convergence in the presence of Byzantine misbehavior requires that the route selection metric include the dynamics of route updates as a primary component. We then describe a class of simple dynamic policies which consider the observed “ages” of routes. These gerontocratic policies can be combined with static preferences and implemented without major infrastructural changes. They guarantee convergence when adopted universally, without sacriﬁcing most of the ﬂexibility that autonomous systems enjoy in route selection. We empirically demonstrate that even if adopted unilaterally by a single autonomous system, gerontocratic policies yield signiﬁcantly more stable routes, are more effective at avoiding preﬁx hijacks, and are as responsive to legitimate route changes as other policies.