Telecommunications networks rely on configurations to define routing behavior, especially in the Border Gateway Protocol (BGP), where misconfigurations can lead to severe outages and security breaches, as demonstrated by the 2021 Facebook outage. Unlike existing approaches that rely on synthesis or verification, our work offers a cost-effective method for identifying misconfigurations resulting from BGP's inherent complexity or vendor-specific implementations. We present BGPFuzz, a structure-aware and stateful fuzzing framework that systematically mutates BGP configurations and evaluates their effects in virtualized network. Without requiring predefined correctness properties as in static analysis, BGPFuzz detects anomalies through runtime oracles that capture practical symptoms such as session resets, blackholing, and traffic redirection. Our experiments show that BGPFuzz can reliably reproduce and detect known failures, including max-prefix violations and sub-prefix hijacks.

翻译：电信网络依赖配置定义路由行为，尤其在边界网关协议（BGP）中，配置错误可能导致严重中断与安全漏洞，如2021年Facebook中断事件所示。与依赖合成或验证的现有方法不同，本研究提出一种经济高效的方法，用于识别由BGP固有复杂性或供应商特定实现引发的配置错误。我们提出BGPFuzz——一种结构感知且具备状态保持能力的模糊测试框架，能系统化变异BGP配置并在虚拟化网络中评估其影响。无需如静态分析般依赖预定义的正确性属性，BGPFuzz通过运行时预言机捕获实际异常症状（如会话重置、流量黑洞与重定向）来检测异常。实验表明，BGPFuzz能可靠复现并检测已知故障，包括最大前缀违规与子前缀劫持。