Help / Advise tweaking BGP settings

older
NZNOG 2014 - Registrations now open

Alexander Neilson

31 Oct 2013 31 Oct '13

3:17 a.m.

Hey All We have recently made some major changes at $DAYJOB with our connectivity to the outside world and our peering. One of the things we have taken on is a 1Gbps APE peering port and Upgraded out WIX port to 100Mbps. While I find often our inbound traffic takes a fairly efficient path (usually - tho $TRANSITPROVIDER seems to cut prepends and possibly even disaggregates some prefixes (tho this could be something hanging around)) our outbound does seem to be less efficient, especially where APE is concerned. I am currently testing an adaption where I only accept shorter prefixes from $TRANSITPROVIDER and a default route (to avoid blackholing) the domestic transit doesn’t have a “default route” option and I want to avoid pushing domestic traffic over International if it only has a long prefix to match and isn’t peered. Would anyone be willing to provide me some tips / tricks / advise / examples of what they do with BGP (or some good resources) that I can use to improve the routing table I use in the network? Also does anyone have NZ Provider looking glass servers (not the NZIX as I know and use them) where I can see how other domestic providers see my announced routes and how it appears to them (so I can make changes and test but also see what I am being seen as)? Thank you very much in advance for any help. Off list replies are welcomed and possibly better to avoid clogging up the list if people think this is too basic a request for here. Regards Alexander Alexander Neilson Neilson Productions Limited alexander(a)neilson.net.nz 021 329 681 022 456 2326

Attachments:

smime.p7s (application/pkcs7-signature — 4.1 KB)

Show replies by date

Karl Hardisty

31 Oct 31 Oct

6:55 a.m.

Alexander, Given how pervasive BGP is in all (most of?) our lives, any tips/tricks/advice/examples would only be of benefit to the community as a whole. Even if it doesn’t affect/influence the majority, we can all benefit from good neighbours. k. lE karl(a)mothership.co.nz lW mothership.co.nz lA PO Box 99814, Newmarket lM 021 999 990 lP 974 3171 On 1/11/2013, at 10:17 am, Alexander Neilson wrote:

...

Hey All

We have recently made some major changes at $DAYJOB with our connectivity to the outside world and our peering.

One of the things we have taken on is a 1Gbps APE peering port and Upgraded out WIX port to 100Mbps.

While I find often our inbound traffic takes a fairly efficient path (usually - tho $TRANSITPROVIDER seems to cut prepends and possibly even disaggregates some prefixes (tho this could be something hanging around)) our outbound does seem to be less efficient, especially where APE is concerned.

I am currently testing an adaption where I only accept shorter prefixes from $TRANSITPROVIDER and a default route (to avoid blackholing) the domestic transit doesn’t have a “default route” option and I want to avoid pushing domestic traffic over International if it only has a long prefix to match and isn’t peered.

Would anyone be willing to provide me some tips / tricks / advise / examples of what they do with BGP (or some good resources) that I can use to improve the routing table I use in the network?

Also does anyone have NZ Provider looking glass servers (not the NZIX as I know and use them) where I can see how other domestic providers see my announced routes and how it appears to them (so I can make changes and test but also see what I am being seen as)?

Thank you very much in advance for any help. Off list replies are welcomed and possibly better to avoid clogging up the list if people think this is too basic a request for here.

Regards Alexander

Alexander Neilson Neilson Productions Limited

alexander(a)neilson.net.nz 021 329 681 022 456 2326

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

Nathan Ward

10 a.m.

On 1/11/2013, at 10:17 AM, Alexander Neilson wrote:

...

Hey All

We have recently made some major changes at $DAYJOB with our connectivity to the outside world and our peering.

One of the things we have taken on is a 1Gbps APE peering port and Upgraded out WIX port to 100Mbps.

While I find often our inbound traffic takes a fairly efficient path (usually - tho $TRANSITPROVIDER seems to cut prepends and possibly even disaggregates some prefixes (tho this could be something hanging around)) our outbound does seem to be less efficient, especially where APE is concerned.

It would be very unusual for a transit provider to deaggregate your prefixes, or tamper with the AS_PATH you present them. Have you confirmed your assumptions by looking at some international looking glasses? I like route-views.oregon-ix.net (telnet). http://bgplay.routeviews.org/ is also a very useful resource, if you have Java installed :-) Another tip, get a subscription to http://www.bgpmon.net/

...

I am currently testing an adaption where I only accept shorter prefixes from $TRANSITPROVIDER and a default route (to avoid blackholing) the domestic transit doesn’t have a “default route” option and I want to avoid pushing domestic traffic over International if it only has a long prefix to match and isn’t peered.

Would anyone be willing to provide me some tips / tricks / advise / examples of what they do with BGP (or some good resources) that I can use to improve the routing table I use in the network?

What are you looking to do? Reduce your routing table size? I haven't come across any instances where choosing a domestic route instead of an international one caused a problem, in a number of years. Last time I remember it, someone had taken a /24 out of a University /16 to Germany, and it caused problems for the individual using it there. Given that, maybe you'd do well running default+domestic? I've got a few pretty complete NZ+international routing tables, I'm sure it wouldn't be hard to see if there's any international prefixes that are subnets of NZ prefixes. In fact, tonight after I've had a beer I'm going to give it a go. It's hard to say without the variables in this email being expanded, BTW :-)

...

Also does anyone have NZ Provider looking glass servers (not the NZIX as I know and use them) where I can see how other domestic providers see my announced routes and how it appears to them (so I can make changes and test but also see what I am being seen as)?

I tend to ask people what they see - I'm not aware of any public LGs in NZ. Happy to look on AS9500 and another AS hanging off Vocus/Maxnet which I've forgotten the number for, if you give me some prefixes.

...

Thank you very much in advance for any help. Off list replies are welcomed and possibly better to avoid clogging up the list if people think this is too basic a request for here.

-- Nathan Ward

Callum Barr

10:06 a.m.

WXC have a public looking glass/route server. just telnet to route-server.wxnz.net glhf On Fri, Nov 1, 2013 at 5:00 PM, Nathan Ward wrote:

...

On 1/11/2013, at 10:17 AM, Alexander Neilson wrote:

...
Hey All

We have recently made some major changes at $DAYJOB with our connectivity to the outside world and our peering.

One of the things we have taken on is a 1Gbps APE peering port and Upgraded out WIX port to 100Mbps.

While I find often our inbound traffic takes a fairly efficient path (usually - tho $TRANSITPROVIDER seems to cut prepends and possibly even disaggregates some prefixes (tho this could be something hanging around)) our outbound does seem to be less efficient, especially where APE is concerned.

It would be very unusual for a transit provider to deaggregate your prefixes, or tamper with the AS_PATH you present them. Have you confirmed your assumptions by looking at some international looking glasses? I like route-views.oregon-ix.net (telnet).

http://bgplay.routeviews.org/ is also a very useful resource, if you have Java installed :-)

Another tip, get a subscription to http://www.bgpmon.net/

...
I am currently testing an adaption where I only accept shorter prefixes from $TRANSITPROVIDER and a default route (to avoid blackholing) the domestic transit doesn’t have a “default route” option and I want to avoid pushing domestic traffic over International if it only has a long prefix to match and isn’t peered.

Would anyone be willing to provide me some tips / tricks / advise / examples of what they do with BGP (or some good resources) that I can use to improve the routing table I use in the network?

What are you looking to do? Reduce your routing table size?

I haven't come across any instances where choosing a domestic route instead of an international one caused a problem, in a number of years. Last time I remember it, someone had taken a /24 out of a University /16 to Germany, and it caused problems for the individual using it there. Given that, maybe you'd do well running default+domestic?

I've got a few pretty complete NZ+international routing tables, I'm sure it wouldn't be hard to see if there's any international prefixes that are subnets of NZ prefixes. In fact, tonight after I've had a beer I'm going to give it a go.

It's hard to say without the variables in this email being expanded, BTW :-)

...
Also does anyone have NZ Provider looking glass servers (not the NZIX as I know and use them) where I can see how other domestic providers see my announced routes and how it appears to them (so I can make changes and test but also see what I am being seen as)?

I tend to ask people what they see - I'm not aware of any public LGs in NZ. Happy to look on AS9500 and another AS hanging off Vocus/Maxnet which I've forgotten the number for, if you give me some prefixes.

...
Thank you very much in advance for any help. Off list replies are welcomed and possibly better to avoid clogging up the list if people think this is too basic a request for here.

-- Nathan Ward

_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog

-- Callum Barr me(a)callumb.com

Alexander Neilson

10:16 a.m.

Regards Alexander Alexander Neilson Neilson Productions Limited alexander(a)neilson.net.nz 021 329 681 022 456 2326 On 1/11/2013, at 5:00 pm, Nathan Ward wrote:

...

On 1/11/2013, at 10:17 AM, Alexander Neilson wrote:

...
Hey All

We have recently made some major changes at $DAYJOB with our connectivity to the outside world and our peering.

One of the things we have taken on is a 1Gbps APE peering port and Upgraded out WIX port to 100Mbps.

While I find often our inbound traffic takes a fairly efficient path (usually - tho $TRANSITPROVIDER seems to cut prepends and possibly even disaggregates some prefixes (tho this could be something hanging around)) our outbound does seem to be less efficient, especially where APE is concerned.

It would be very unusual for a transit provider to deaggregate your prefixes, or tamper with the AS_PATH you present them. Have you confirmed your assumptions by looking at some international looking glasses? I like route-views.oregon-ix.net (telnet).

I was wanting to take some feedback on this and get input. I didn’t want to besmirch the name of our providers until I had checked all the settings and made sure they had all taken effect before I accuse anyone of fiddling. I always want to test first before I point fingers at named targets.

...

http://bgplay.routeviews.org/ is also a very useful resource, if you have Java installed :-)

Thank you for this and other recommendations from people about getting route views I can inspect. They have been better than my haphazard identification of useful services

...

Another tip, get a subscription to http://www.bgpmon.net/

I have a free sub to this. However I need to tweak my settings, at the moment anything else is being hidden by the swamp of no delegation authority found which while I will get that done its not the first thing on my priority list.

...

...
I am currently testing an adaption where I only accept shorter prefixes from $TRANSITPROVIDER and a default route (to avoid blackholing) the domestic transit doesn’t have a “default route” option and I want to avoid pushing domestic traffic over International if it only has a long prefix to match and isn’t peered.

Would anyone be willing to provide me some tips / tricks / advise / examples of what they do with BGP (or some good resources) that I can use to improve the routing table I use in the network?

What are you looking to do? Reduce your routing table size?

My aims are multi faceted: * utilise peering connections most effectively / support and encourage peering * give my customers the best experience possible making use of the best path * make the best use of capacity (1Gbps peering link beats out any transit link) I am not worried about the size of my routing table, part of the router upgrades was to be able to take multiple full tables plus some public peering links and still be nowhere near router maximum performance so I can try new things / improve our own routing setup internally (thank you to everyone who let me know how bad our null routing etc is) Under the old routers I was worried about even logging into them in case I broke it.

...

I haven't come across any instances where choosing a domestic route instead of an international one caused a problem, in a number of years. Last time I remember it, someone had taken a /24 out of a University /16 to Germany, and it caused problems for the individual using it there. Given that, maybe you'd do well running default+domestic?

I've got a few pretty complete NZ+international routing tables, I'm sure it wouldn't be hard to see if there's any international prefixes that are subnets of NZ prefixes. In fact, tonight after I've had a beer I'm going to give it a go.

One of my next phases is to deploy a VM in our BGP sessions so I can grab hold of this data and have a chance to explore and deeper analyse this stuff

...

It's hard to say without the variables in this email being expanded, BTW :-)

As I say above I have made some “seems to” accusations that I wanted to not publicly name them (as I still have the basic assumption that I have made a mistake rather than enemy action by provider) however I will happily expand the variables off list and make sure I point out that I don’t have enough evidence to say for sure. Can people let me know if its common in NZ for transit providers to allow the use of BGP Communities to manage how they respond to your announcements? also is it normal to have access (as a customer) direct to any console / looking glass etc? ( I have to email the routing team for anything and that seems a little odd to me )

...

...
Also does anyone have NZ Provider looking glass servers (not the NZIX as I know and use them) where I can see how other domestic providers see my announced routes and how it appears to them (so I can make changes and test but also see what I am being seen as)?

I tend to ask people what they see - I'm not aware of any public LGs in NZ. Happy to look on AS9500 and another AS hanging off Vocus/Maxnet which I've forgotten the number for, if you give me some prefixes.

I will provide the prefixes off list for the reasons above.

...

...
Thank you very much in advance for any help. Off list replies are welcomed and possibly better to avoid clogging up the list if people think this is too basic a request for here.

-- Nathan Ward

4070

Age (days ago)

4070

Last active (days ago)

List overview

Download

4 comments

4 participants

participants (4)

Alexander Neilson
Callum Barr
Karl Hardisty
Nathan Ward