You are here: Home / Archives for General

Greatness and failure

25/10/2010 By Leave a Comment

Failure (and Greatness)

This is part of a series of posts – The Lisp Papers.

So, we’ve pretty much run out of IPv4 addressing, right? And we’re anticipating a new release of the (Capital I) Internet – which will definitely be the greatest upheaval in the networking world. Why is this going to happen? A very simple and flippant answer is that we don’t have enough addresses. This has created all sorts of problems and will continue to have significant impact for between 10 and 20 years. And why don’t we have enough addresses?

The question is answered by Vint Cerf, arguably the most important man in the history and development of the Internet. It’s all his fault. As he explains, a temporary fix becomes long-term infrastructure. I will definitely be using this example the next time a “tactical” fix is proposed.

Of course, this doesn’t stop him being a legend. As I like to point out, importance is directly related to how many people your mistakes affect. Any time you affect 1.6 Billion people (and counting), you are important

Greatness (and Failure?)

This week I’m going to continue on my theme of the expanding Internet Routing Table that I delved into last week (the good, bad and ugly), particularly looking at some suggested solutions and cool technologies. Wednesday’s post is going to be around the concept of Location and Identification semantic overloading (what?) and the impact that has on the routing table. I really like this, as it’s a subtle concept with a large impact. Then, Friday and next week, I’ll be diving into the terribly named Location Identification Separation Protocol. LISP is already an acronym in widespread usage – as someone put it, we have a namespace conflict.

When I first learnt about MPLS Layer 3 VPNs, I remember thinking, “Wow, this is incredible.” It’s still early days but LISP might just be in that category. Of course, it might not, but Cisco has already released working code and I’m going to attempt to configure a number of network topologies with it.

Share
Filed Under: Modern Networking Tagged With: ,

Internet Routing Table – the ugly

22/10/2010 By Leave a Comment

So, is it getting worse?

Over the past few posts (the good and the bad), I have considered the various causes for a non-optimal Internet Routing Table. And now on to the question of whether it is getting worse.

Enterprise deaggregation (click for full size)

The graph above (source) shows the deaggregation by Enterprise ASes. Enterprises represent the vast majority of the edge of the Internet. As such, they are by far the largest source of deaggregation. According to this, the level of deaggregation has not increased significantly.

However, the following graph (source) shows a significant increase in the deaggregation factor.

Deaggregation by RIR

(click for full size)

The discrepancy appears to be as a result of definition. The 1st graph is based on allocations (maximum aggregation is bound by RIR allocation size) , while the second is based on best-case aggregation (idealised aggregation to maximum possible per AS). These are very different. It is therefore getting worse and has increased from 1.27 in 1999 to 2.18 today. This represents an increase of over 70% in deaggregation.

What solutions are there. Well – a whole whack have been developed. However, how many are viable? This humorous post actually captures a stack of the issues.

Further Reading

BGP Aggregation & The Deaggregation Report

Evolution of Internet Address Space Deaggregation: Myths and Reality

CIDR REPORT

Internet Routing Table Analysis Update

Statistics

This is part of a series of posts – The Lisp Papers.

Share
Filed Under: Modern Networking Tagged With: , ,

Internet Routing Table – the bad

20/10/2010 By Leave a Comment

In the previous post, I considered the legitimate uses of deaggregation. Here are some examples of deaggregation for either indefensible reasons or through simple stupidity.

The New Internet

A deaggregation factor, developed by Philip Smith and reported in the BGP Routing Table Analysis (current prefixes / prefixes after maximum aggregation), shows to what extent an allocation is deaggregated.

Regional Internet RegistryTotal PrefixesTotal Prefixes after Maximum AggregationDeaggregation factor
Total332,835152,8322.18
APNIC81,25427,8652.92
ARIN136,02870,1671.94
RIPE76,56044,3411.73
LACNIC30,1567,1544.22
AfriNIC7,4411,8863.95
The “new” Internet (APNIC – 2.92, AfriNIC – 3.95 and LACNIC – 4.22) have reasons for deaggregating but the scale is significant. For every prefix they should advertise, LACNIC’s subscribers produce 4.22 prefixes.

Fragmented address allocation

As discussed earlier, with unlimited addressing, the 35575 active ASes could be allocated a single large address block. This would be the lower bound for addressing allocations. As the address pool has shrunk, so the rules governing the allocation of addressing have tightened. The unintended consequence of this is that poorly administered and documented networks have not been able to justify large address allocations. This has meant that they have been issued with smaller and smaller blocks, and have in turn requested address allocations more frequently, all of which has been fragmented. The top 100 unaggregatable ASes (no aggregates can be created with any of their advertised addresses) add over 3k prefixes:

Unaggregateable ASes Top 100

ASAS NamePrefixesAfter Aggregation# removed
Top 100 Total3088
786JANET The JANET IP Service1901900
33668CMCS - Comcast Cable Communications, Inc.95950
158ERI-AS - Ericsson Network Systems, Inc.88880
7016CCCH-3 - Comcast Cable Communications Holding74740
3307BANETELE-NORWAY BaneTele AS (formerly Enitel)59590
17561SERVICENET-AP Internet service provision to W51510
3248SIL-AT SILVER SERVER GmbH49490
2554IDC2554 Yahoo Japan Corporation46460
13649ASN-VINS - ViaWest46460
12312ECOTEL ecotel communication ag42420
28571Universidade de Sao Paulo - USP42420
33660CMCS - Comcast Cable Communications, Inc.42420
16265LEASEWEB LEASEWEB AS40400
5413AS5413 Vialtus Solutions Ltd.39390
12654RIPE-NCC-RIS-AS RIPE NCC RIS project39390
2519VECTANT VECTANT Ltd.38380
766REDIRIS RedIRIS Autonomous System38380
29550SIMPLYTRANSIT Simply Transit Ltd37370
553BELWUE Landeshochschulnetz Baden-Wuerttemberg36360
8473BAHNHOF Bahnhof AB35350
9644SKTELECOM-NET-AS SK Telecom., Ltd.35350
29308GSD-AS Gesellschaft fuer Systemforschung35350
4181TDS-AS - TDS TELECOM34340
6079RCN-AS - RCN Corporation34340
1241FORTHNET-GR FORTHnet33330
21844THEPLANET-AS - ThePlanet.com Internet Service32320
25668CIPHERKEY - Cipherkey Exchange Corp.32320
2381WISCNET1-AS - WiscNet31310
12843TELEMAXX TelemaxX Telekommunikation GmbH Auto31310
13432ASN-CXA-LV-13432-CBS - Cox Communications Inc31310
30217DESYNC - Desync Networks31310
16445ISPACE - Wave2Wave Communications, Inc30300
25577C4L-AS C4L main AS30300
33654CMCS - Comcast Cable Communications, Inc.30300
2129HP-EUROPE-AS-TRADE Hewlett-Packard29290
2527SO-NET So-net Entertainment Corporation29290
7497CSTNET-AS-AP Computer Network Information Cen28280
9650CITEC-AU-AP QLD Government Business (IT)28280
15576NTS NTS workspace AG, Bern, Switzerland28280
16718EMBARQ-HMBL - Embarq Corporation28280
19169Telconet S.A28280
6428CDM - CDM27270
9891CSLOX-IDC-AS-AP CS LOXINFO Public Company Lim27270
12350VTX-NETWORK VTX Services SA27270
16097HLKOMM HL komm Telekommunikations GmbH27270
33665CMCS - Comcast Cable Communications, Inc.27270
46837VRCT-BOS - SunGard VeriCenter Inc27270
2518BIGLOBE NEC BIGLOBE, Ltd.26260
4691DTI Dream Train Internet Inc.26260
6171WORLDGATE - WorldGate26260
6315XMISSION - XMission, L.C.26260
17402EMBARQ-CHSK - Embarq Corporation26260
33655CMCS - Comcast Cable Communications, Inc.26260
2611BELNET AS for BELNET, The Belgian National Re25250
3265XS4ALL-NL XS4ALL25250
13000LEON-AS Leon sp. z o.o.25250
32613IWEB-AS - iWeb Technologies Inc.25250
40020FARMERS-TELECOMMUNICATIONS-COOPERATIVE-INC -25250
9947SIMNET-AS-KR Simulation Multimedia Network24240
25180EXPONENTIAL-E-AS Exponential-e Ltd24240
31406ESIDE Bucharest, Romania24240
790EUNETFI EUnet Finland23230
4264CERNET-ASN-BLOCK - California Education and R23230
31313STS Serviciul de Telecomunicatii Speciale23230
31400ACCELERATED-IT Accelerated IT Services GmbH23230
33656CMCS - Comcast Cable Communications, Inc.23230
3475LANT-AFLOAT - Navy Network Information Center22220
7341VELOCITY - The Velocity Network22220
15623CYBERLINK Cyberlink AG22220
29551HGCOMP-ASN Aixit GmbH22220
3249ESTPAK Elion Enterprises Ltd.21210
8400TELEKOM-AS TELEKOM SRBIJA a.d.21210
12968CDP Crowley Data Poland, sp. z o.o.21210
14910EMBARQ-FTMY - Embarq Corporation21210
16245NGDC NetGroup A/S21210
20500GRIFFIN Griffin Internet European Network21210
25176AC-NET LaNet Vasterbotten Data och Tele AB21210
37914UNIVNET Advanced Software Technology & Mechat21210
47965SATLYNX_AG Satlynx AG21210
1761TGSCNET - General Services Commission20200
1811CSC-300-AS1810-AS1815 - Computer Sciences Cor20200
11252ISU-NET-AS - Idaho State University20200
14155RURAL-TELEPHONE-SVCCO - Rural Telephone Servi20200
22958FIDELITY-001 - Fidelity Access Networks, LLC20200
23481HCTC-LINK1 - Hill Country Telephone Cooperati20200
30081CACHENETWORKS - CacheNetworks, Inc.20200
31822CITY-UNIVERSITY-OF-NEW-YORK - City University20200
42652DELUNET inexio Informationstechnologie und Te20200
378MACHBA-AS ILAN19190
1741FUNETAS FUNET autonomous system19190
1901EUNETAT-AS eTel Austria Gesmbh u. CO KG19190
5669VIA-NET-WORKS-AS PSINet Europe / VIA NET.WORK19190
8680Cable & Wireless Channel Island Network19190
9167WEBPARTNER WEBPARTNER A/S is a Danish Interne19190
9708PKNU-AS Pukyong National University19190
12578APOLLO-AS LATTELEKOM-APOLLO19190
13193ASN-NERIM Nerim SAS19190
14793API-DIGITAL - API Digital Communications Grou19190
16095JAYNET jay.net a/s19190
18117HARBOURMSP-AU-AP Harbour MSP Pty. Ltd19190

.

In all, over 10,000 ASes advertise 2 or more ASes of which none are aggregatable. This group of ASes add over 40k routes. The entire list of Unaggregateable ASes is available here (an up to date source is available at CIDR report)

For detailed information regarding the prefixes advertised, enter an AS here to generate an aggregation report for the AS – e.g. “786″

Poor configuration

There are two other reasons that contribute to the problem. The first is a lack of knowledge of CIDR. The application of /16 and /24 to allocated aggregates (“to match the class”) by well-meaning but misguided staff is a source of deaggregation.

Another “reason” put forward is fear of Denial of Service attacks by neighbouring ISPs falsely announcing longer prefixes. This is a beggar thy neighbour policy, as all routers have to carry these additional routes. Taken to an extreme, all networks should advertise /32s, as these could never be hijacked by longer prefixes. Of course, this would result in over a billion routes, so clearly not a serious recommendation! Even deaggregating everything to /24 will result in over 5 million prefixes.

How many prefixes do top deaggregators contribute? The top 1% of deaggregators inject 10% of the prefixes in the Internet. Deaggregating ASes contribute nearly 50% of the routing table size. At NANOG 50, the following example of routes direct from your favourite coffeemaker, Starbucks:

route-server>sh ip bgp 98.96.0.0/14 longer-prefixes | i 98.96|98.97

*  98.96.0.0/17     12.123.29.249                          0 7018 ?
*  98.96.0.0/16     12.123.29.249                          0 7018 ?
*  98.96.0.0/15     12.123.29.249                          0 7018 ?
*  98.96.0.0/14     12.123.29.249                          0 7018 ?
*  98.96.41.0/24    12.123.29.249                          0 7018 ?
*  98.96.74.0/24    12.123.29.249                          0 7018 ?
*  98.96.86.0/24    12.123.29.249                          0 7018 ?
*  98.96.100.0/24   12.123.37.250                          0 7018 ?
*  98.96.108.0/24   12.123.29.249                          0 7018 ?
*  98.96.149.0/24   12.123.29.249                          0 7018 ?
*  98.96.247.0/24   12.123.29.249                          0 7018 ?
*  98.97.114.0/24   12.123.29.249                          0 7018 ?
*  98.97.116.0/24   12.123.29.249                          0 7018 ?
*  98.97.117.0/24   12.123.29.249                          0 7018 ?
*  98.97.118.0/24   12.123.29.249                          0 7018 ?
*  98.97.131.0/24   12.123.17.244                          0 7018 ?
*  98.97.140.0/24   12.123.29.249                          0 7018 ?
*  98.97.141.0/24   12.123.29.249                          0 7018 ?
*  98.97.142.0/24   12.123.29.249                          0 7018 ?
*  98.97.144.0/24   12.123.29.249                          0 7018 ?
*  98.97.149.0/24   12.123.29.249                          0 7018 ?
*  98.97.150.0/24   12.123.29.249                          0 7018 ?
*  98.97.152.0/24   12.123.29.249                          0 7018 ?
*  98.97.154.0/24   12.123.29.249                          0 7018 ?
*  98.97.155.0/24   12.123.29.249                          0 7018 ?
*  98.97.156.0/24   12.123.29.249                          0 7018 ?
*  98.97.160.0/24   12.123.29.249                          0 7018 ?
*  98.97.161.0/24   12.123.29.249                          0 7018 ?
*  98.97.162.0/24   12.123.29.249                          0 7018 ?
*  98.97.164.0/24   12.123.29.249                          0 7018 ?
*  98.97.168.0/24   12.123.29.249                          0 7018 ?
*  98.97.169.0/24   12.123.29.249                          0 7018 ?
*  98.97.174.0/24   12.123.13.241                          0 7018 ?
*  98.97.176.0/24   12.123.29.249                          0 7018 ?
*  98.97.209.0/24   12.123.29.249                          0 7018 ?
*  98.97.210.0/24   12.123.29.249                          0 7018 ?
*  98.97.214.0/24   12.123.29.249                          0 7018 ?
*  98.97.217.0/24   12.123.29.249                          0 7018 ?
*  98.97.222.0/24   12.123.29.249                          0 7018 ?
*  98.97.226.0/24   12.123.29.249                          0 7018 ?
*  98.97.236.0/24   12.123.29.249                          0 7018 ?
*  98.97.249.0/24   12.123.29.249                          0 7018 ?
*  98.97.250.0/24   12.123.29.249                          0 7018 ?

I’ll leave it up to you to decide whether there could be any legitimate reason for advertising their routing in this fashion.

So, we’ve looked at two categories of deaggregation, the “good” and “bad”. With a classic sense of the cliché, the next blog will consider how extensive the problem really is, a.k.a. the “ugly”.

This is part of a series of posts – The Lisp Papers.

Share
Filed Under: Modern Networking Tagged With: , ,

Internet Routing Table – the good

18/10/2010 By Leave a Comment

In the previous post, I looked at a number of causes for routing table growth. In this post, I will consider Multi-homing and Traffic engineering. These are legitimate causes of de-aggregation and add the largest number of deaggregated prefixes to the table.

Multi-homing

According to a number of authorities (Cisco, Internet Research Task Force, IEEE) a major factor in the growth of routing tables is quite simple. End-points are multi-homing. This means that enterprises are connecting to multiple Service Providers. In the example below, resilient connectivity is compared with multihoming. Although the complexity is higher and an additional load is placed on the internet BGP tables, multihoming is popular because of the advantages. Clearly, the flexibility and additional fault-tolerance is appreciated by network teams.


In the diagram above (click images for full size) the left topology depicts a normal resilient connection. Two problems present themselves. Firstly, the connection to the Internet is entirely dependant on the upstream partner. If you are going to all of the bother of divergent circuits and Telco suppliers (and you would, right?) then surely you would want a separate upstream partner.

Secondly, your addressing will in all likelihood be part of your ISP’s allocation (known as Provider Aggregatable Address Space). If you want to move, you would need to change addressing, with DNS Record updates and possible downtime.

If you want to multihome (right topology), you must have Provider Independent Address Space and a separate AS. This is advantageous, as an enterprise could simply run in new connectivity and change suppliers. If your connectivity goes into an Internet Exchange, then changing connectivity might be as simple as a few commands on a router.

What is advantageous for the Enterprise carries a heavy burden for the Internet as a whole, as the Enterprise’s addressing cannot be aggregated into a larger Provider Aggregation.

Traffic-engineering

A further reason for the expansion of the routing table is traffic engineering policy. Traffic engineering is delivered either by advertising longer prefixes, with or without the shorter prefix, down specific links or by AS Prepending. Essentially deaggregation is being used to influence traffic flows.

In the diagram above, the left-hand configuration depicts longer prefix advertisements. The longest match rule will pass traffic towards the longest prefix. As a result, traffic destined to 8.8.8.0/24 will transit AS 3356 and 8.8.9.0/24 will transit AS 3549.

In the right-hand configuration, AS prepending is used. 8.8.8.0/24 is advertised with an extra copy of the 15169 AS towards 3356, and 8.8.9.0/24 with an extra AS towards 3549. In AS702, traffic towards 8.8.8.0/24 will transit 3549 and 8.8.9.0/24 will transit 3356.

Traffic engineering can be optimised using the no-advertise community in specific cases where traffic is being TE’d towards a single provider over resilient links.  By sending the aggregate and the longer prefixes, with the no-advertise community set for the longer prefixes, traffic will follow the aggregate to the upstream provider. At the upstream provider traffic will then follow the longer match towards the correct link.

80% of deaggregation can be attributed to the  factors discussed above – 50% to multihoming and 30% to traffic engineering. These factors are, to a large extent, unavoidable.

In the next post, I will look at the less defensible causes of deaggregation.

This is part of a series of posts – The Lisp Papers.

Share
Filed Under: Modern Networking Tagged With: , ,

Underlying causes for an expanding Internet Routing Table

13/10/2010 By 3 Comments

In the previous post I considered the expansion of the Internet Routing Table. What is driving this trend and will it get better or worse? Obviously, the Internet is getting bigger. Is this enough to explain the size? Is the Routing table as efficiently optimised as possible?

The extremes of the routing table are as follows:

  • 1 address range per AS. Every independent Autonomous System would only advertise a single block. This is largely impossible to achieve with the Internet today. In order to achieve this, BGP would need a native Traffic Engineering mechanism and each AS would require a sufficiently large block of addresses to cater for current and future needs. IPv6 is the hope for the latter. There are some thoughts around the former (SCTP, LISP and others). This would reduce the Internet Routing Table to approximately 10% of its current size (35,600 ASes active).
  • Optimally aggregated – if we  took all prefixes that matched in AS Path (to preserve traffic transit policies – discussed below) and aggregated them, we could reduce the routing table by 38.2%. This would mean aggregating over address holes (without violating allocations) and crossing consecutive allocations per AS – essentially nothing would change in the way that the Internet routes today but there would be a sizeable reduction.
  • BGP routing table that matches allocations by RIRs. This would neither aggregate over consecutive allocations nor deaggregate to longer prefixes. This is approximately 20% smaller than the current Internet Routing Table and 20% larger than the optimally aggregated. If an ISP were allocated 10/8 and 11/8, it would neither aggregate to 10/7 or deaggregate to longer prefixes.
  • The Internet Routing table – the current jumble of (mostly) deaggregrations, aggregrations and omissions.

So, if the Internet is approximately 40% larger than optimal and 20% larger than allocated, why?

The following causes of an expanded routing table are considered significant:

  • Multi-homing
  • Traffic Engineering
  • Fragmented allocation
  • Poor configuration

In the next post, I will consider Multi-homing and Traffic engineering. These are legitimate causes of de-aggregation and add the largest number of deaggregated prefixes to the table.

This is part of a series of posts – The Lisp Papers.

Share
Filed Under: Modern Networking Tagged With: , ,
« Older Posts

Copyleft(ↄ) 2013. Text is available under the Creative Commons Attribution-ShareAlike license

Pattinson Consulting Limited