Ok - Thought it was about time that the list had some more on-topic
posts for the week.
So I want to tackle the issue of the WIX and APE route servers. Any why
some people just don't love them.
First some background (excuse the lameness, but I thought I'd talk to a
wider audience on the list while I was at it). If you want to ignore
this then skip to the bottom where I get to the point (search for *THE
POINT*)
There are two route servers WIX and APE for the purpose of
exchangeing a list of prefix's which are reacable locally via each of
those networks.
Network entities peer with these servers inorder to get local (wix/ape)
nexthop information for prefix's rather than have to default route them
through an upstream provider.
Example:
Company A and Company B both have a presence on Citylink in Wellington.
They both have differernt upstream providers.
Under normal routing conditions, the traffic between these companies
would be routed to their upstream providers and delt with according to
their routing/billing policy. It is possible however for Company A and
Company B to route traffic directly to each other and thus bypass the
upstream. Gaining all the speed and billing advantages along the way.
This works well at the moment and there is no problem with this portion
of the route servers.
The issue comes from ISP's peering to the route servers.
Most of the ISP's who have a presence on citylink also advertise routes
to the route servers. This is great. It means that if I'm using ISP A
for my upstream, I can pass traffic to ISP B's networks across Citylink
.
The majority of these ISP's however are not listening to any
advertisments from the WIX/APE route servers. Which leads to the
following situation.
Company A uses ISP A as an upstream.
Company A is learning prefix's for ISP B through the route server and
will pass packets to them directly to ISP B. ISP B however is not
listening to any advertisments from the route servers, and will pass all
traffic BACK to Company A via ISP A. Thus negating the point of sending
the traffic locally in the first place.
*THE POINT*
SO - I know a few of the reasons why ISP's are not listening to the
routes from the servers, but I want to be able to understand them all.
Some possible problems ("We don't think that they are safe enough") can
be fixed. Other possible concerns ("We don't peer because we don't
think we need to") can not. I want to see if it's worth pursueing this
kind of network design. So I want to see how many problems fall into
each of my catagories above.
So if ISP's can send me the responses to:
"What are the reasons that you are not listening to prefix's via the
wix/ape route servers"
I'd appreciate it (private email ok)
If you are already listening to all the prefix's then keep the list
noise down and stay quiet =) But I know who's not - so don't try and
fool me. =)
Here are some possible concerns/solutions that I prepared earlier.
Might make your response easier
C: "People are morons. There is no way that I'm letting little people
like Company A inject BGP routes into my network. GOD it took me long
enought to understand BGP I'm not trusting some snotty nosed small
company administrator"
S: Ok - first of all get back on the medication.
Secondly - Simon Blake (the route server admin) assures me that he
has been running full import and export filters on all peering sessions
for the last 18 months. So there is no way that the small networks we
are talking about can advertise anything that they have not cleared with
Simon first. So in a sense you are not trusting every small company
admin - you are trusting Simon. So make your judgement on that.
C: "Piss off - I'm not providing domestic transit to other peoples
customers. Are you mental"
S: Well not last time I checked - but I have had a mountain bike
accident since then.
I'm not asking you to provide domestic transit for free. Just
advertise the routes that you are happy to accept traffic for.
for example - maybe you only advertise Wellington routes at WIX and
Auckland routes at APE. You all have networks where you can tell the
difference right? =)
C: "I don't peer with anyone smaller than myself"
S: Thats sad. I'm getting a network version of A Christmas Coral
flashbacks =)
Sure if thats your company policy then I'm not about to pass judgement
on it. But if it were me - I'd want to get traffic out of my network as
quick as possible. And passing it to a companies upstream is not always
the best (read cheapest) way of doing that. Nuff said.
C: "Peering is hard. Everytime you peer you add another level of
complexity to the network"
S: Sure. This is why Simon is also looking at automating the process
using some route registry tools. If this is one of your concerns then
make it known, but also keep in mind that it's in the pipes. And
remember you only have one peer (the server) not all the different
companies. Simon has already done one level of scrubbing for you. Pity
him his job =)
OK
So mail me (private if you dont' want to do it to the list) your reasons
for not loving the route servers. Even if all you have to say is
"Didn't know about them"
or
"Far too busy" (don't lie though)
Thanks
Dean
-
To unsubscribe from nznog, send email to majordomo(a)list.waikato.ac.nz
where the body of your message reads:
unsubscribe nznog
