1 / 50

Routing Policy

Routing Policy. CS 6250 Nick Feamster Fall 2011. BGP Policies in ISP Networks. Introduced as fairly simple path vector protocol Many incremental modifications added over time Many policies used by operators; can ’ t enumerate them all Nevertheless, some patterns emerge.

tocho
Download Presentation

Routing Policy

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Routing Policy CS 6250Nick FeamsterFall 2011

  2. BGP Policies in ISP Networks • Introduced as fairly simple path vector protocol • Many incremental modifications added over time • Many policies used by operators; can’t enumerate them all • Nevertheless, some patterns emerge

  3. How is Policy Implemented? • Preference: Which route will be chosen for each destination? • Adding/deleting/modifying route attributes • Filtering: Eliminates certain routes from consideration • Can be done on inbound or outbound • Tagging: Adding state to a route • Tagging with community attribute

  4. Filtering: route advertisement Filtering and Rankings Ranking: route selection Customer Primary Competitor Backup

  5. Provider Customer Internet Business Relationships(Simplified) • Customer/Provider: One AS pays another for reachability to some set of destinations • “Settlement-free” Peering: Bartering. Two ASes exchange routes with one another. Preferences implemented with local preference manipulation Free to use Pay to use Peer Get paid to use Destination

  6. provider peer customer Rankings • Routes from customers over routes from peers • Routes from peers over routes from providers

  7. Traffic Engineering • Outbound traffic control: Control the way traffic leaves the network • Via local preference and IGP costs • Inbound traffic control: Control the way traffic enters the network • Via AS prepending and MED • Remote control: Control the preferences of a remote AS • Through the community attribute

  8. 1 2 3 Policy Interactions 1 3 0 1 0 0 2 1 0 2 0 3 2 0 3 0 Varadhan, Govindan, & Estrin, “Persistent Route Oscillations in Interdomain Routing”, 1996

  9. Strawman: Global Policy Check • Require each AS to publish its policies • Detect and resolve conflicts Problems: • ASes typically unwilling to reveal policies • Checking for convergence is NP-complete • Failures may still cause oscillations

  10. Think Globally, Act Locally • Key features of a good solution • Safety: guaranteed convergence • Expressiveness: allow diverse policies for each AS • Autonomy: do not require revelation/coordination • Backwards-compatibility: no changes to BGP • Local restrictions on configuration semantics • Ranking • Filtering

  11. Can BGP Be Made Stable? • Permit only two business arrangements • Customer-provider • Peering • Constrain both filtering and ranking based on these arrangements to guarantee safety • Surprising result: these arrangements correspond to today’s (common) behavior Gao & Rexford, “Stable Internet Routing without Global Coordination”, IEEE/ACM ToN, 2001

  12. customer customer Relationship #1: Customer-Provider Filtering • Routes from customer: to everyone • Routes from provider: only to customers From the customer To other destinations From other destinations To the customer providers providers advertisements traffic

  13. traffic customer customer Relationship #2: Peering Filtering • Routes from peer: only to customers • No routes from other peers or providers advertisements peer peer

  14. How Do Business Relationships Appear in Policy? • Local preference: influence the decision process to prefer customer routes • Controlling route export: prevent neighbors from sending traffic to some destinations • Defensive programming: prevent neighboring AS from influencing its choice of routes

  15. Physical Interconnections • Public peering (IXP): Across a layer-2 access technology (typically, port on “shared fabric”). • Larger number of smaller peers • Trial peering • Private peering: Direct interconnection between only two networks. • Previously: Circuit between two facilities • Today: Typically occur at “carrier hotels”

  16. The Art of Peering: The Peering Playbook William B. Norton Co-Founder & Chief Technical Liaison Equinix, Inc. NaMeX Member Meeting October 7, 2005 Rome, Italy <wbn@equinix.com>

  17. Research “The Art of Peering” • Follow up to the first three white papers. Q: When e-mail to peering@<ispdomain>.net generates no response, what do Seasoned Peering Coordinators do? • Smartest Peering Coordinator: “Tricks of the Trade” • 20 Tactics successfully used to obtain Peering where you otherwise might not be able to. Disclaimer: These are NOT recommended tactics…I am simply documenting what has been successfully used in the field to obtain peering.

  18. P? APC APC A APC APC BS BPC B BS BPC T? Graphical Notation of Tactics To Portray Peering Plays Pictorially… P?=Peering Request w/ Peering Coordinator Peering Negotiation T?=Transit Request To Sales Person Transit Negotiations A B ISP Initiator ISP Target P? ISP B Customers ISP A Customers T? $ $ Larger Circle=More Customer Prefixes Thicker Lines=More Traffic

  19. T A A A A P B B B B Transit and Peering Sessions T=Established Transit Session (Selling Access to entire Internet) Size indicates effective size of transport Supporting the session P=Established Peering Session (Reciprocal Access to each others customers) Size indicates effective size of transport Supporting the session $ T $ Represents “the rest of the Internet” P Graphical Display of Routing Announcements

  20. T A A A A P B B B B Traffic over Transit and Peering Sessions $ Traffic showed as directed lines Thickness of line indicates amount of Traffic in relevant direction T $ Other Variations P->T = Transition of Relationship P | T = Either Peering or Transit apply = Traffic destined anywhere = Fictitious Traffic = Packet Loss ridden Traffic = Traffic destined to green network = Traffic destined to brown network P

  21. Other Graphical Symbols Peering Point Exchange Point, Telco Hotel Tied with Indicates two or more Elements tied with relationship or Indicates a ordering: a sequence to be followed in the Peering Tactic

  22. APC APC A P BPC BPC B 1)The Direct Approach uses peering@<ispdomain>.net , phone calls, face to face meetings, or otherwise direct interactions with Peering Coordinators to establish peering. P? P?=Peering Request To Peering Coordinator(s) Peering Negotiation Leading to Peering Session P? {null} -or- {“No”,null}

  23. P T->P A APC APC APC A T? B B BS+BPC BS BS T? T->P? 2)The Transit with Peering Migration tactic leverages an internal advocate to buy transit with a contractual migration to peering at a later time. $ $ $ $ Transit Negotiations with Sales leads to Peering (…if peering prerequisites be met…)

  24. APC B 3)The End Run Tactic minimizes the need for transit by enticing a direct relationship with the target ISP’s largest traffic volume customers. T?/P? $ T?/P?

  25. P P A A B B 6)Paid Peering as a maneuver is positioned by some as a stepping stone to peering for those who don’t immediately meet the peering prerequisites. $

  26. A B 7)In the Partial Transit tactic, the routes learned at an exchange point are exchanged with the peer for a price slightly higher than transport costs. D C E F G Peering Point H pt $ I J K L M Routing Announcements Forwarding all customer & Peering Pt Routes (almost peering – maybe costs less) Geographically Remote Router

  27. X A A A P T B Y B B 8)The Chicken tactic involves de-peering in order to make the other peer adjust the relationship. $ or $ $ T T P Who will blink first? A<->B Traffic has to go somewhere

  28. The Business Game and Depeering • Cooperative competition (brinksmanship) • Much more desirable to have your peer’s customers • Much nicer to get paid for transit • Peering “tiffs” are relatively common 31 Jul 2005: Level 3 Notifies Cogent of intent to disconnect. 16 Aug 2005: Cogent begins massive sales effort and mentions a 15 Sept. expected depeering date. 31 Aug 2005: Level 3 Notifies Cogent again of intent to disconnect (according to Level 3) 5 Oct 2005 9:50 UTC: Level 3 disconnects Cogent. Mass hysteria ensues up to, and including policymakers in Washington, D.C. 7 Oct 2005: Level 3 reconnects Cogent During the “outage”, Level 3 and Cogent’s singly homed customers could not reach each other. (~ 4% of the Internet’s prefixes were isolated from each other)

  29. Depeering Continued Resolution… …but not before an attempt to steal customers! As of 5:30 am EDT, October 5th, Level(3) terminated peering with Cogent without cause (as permitted under its peering agreement with Cogent) even though both Cogent and Level(3) remained in full compliance with the previously existing interconnection agreement. Cogent has left the peering circuits open in the hope that Level(3) will change its mind and allow traffic to be exchanged between our networks. We are extending a special offering to single homed Level 3 customers. Cogent will offer any Level 3 customer, who is single homed to the Level 3 network on the date of this notice, one year of full Internet transit free of charge at the same bandwidth currently being supplied by Level 3. Cogent will provide this connectivity in over 1,000 locations throughout North America and Europe.

  30. http://66.249.93.104/search?q=cache:NOS3HJhX9jcJ:www.merit.edu/mail.archives/nanog/msg11606.html+level3+network+status+cogent&hl=ithttp://66.249.93.104/search?q=cache:NOS3HJhX9jcJ:www.merit.edu/mail.archives/nanog/msg11606.html+level3+network+status+cogent&hl=it

  31. What tactic is this?

  32. $ $ $ T T T P P P A APC A P? T T T $ T T T $ $ L G BPC B G L G L B $ $ $ A forces traffic Over B’s transit 1 MONTH LATER Contact PC-We should Peer! 9)In the Traffic Manipulation tactic, ISPs or content players force traffic along the network path that makes peering appear most cost effective. CH ISP i.e.Yahoo! B hears A’s route ‘for free’ through Peer L

  33. T T T P P P A A APC T T T T T T G B BPC L B G L G L 9b)    For Access Heavy Guys…In the Traffic Manipulation tactic, Access ISP a) stop announcing routes, orb) insert Target AS# into announcement to trigger BGP Loop Suppression to force traffic along the network path that makes peering appear most cost effective. $ $ $ P? $ $ $ $ Access ISP i.e. Verizon $ $ B hears A’s route ‘for free’ through Peer L A forces traffic Over B’s transit 1 MONTH LATER Contact PC-We should Peer!

  34. A A L B B G 10)The Bluff maneuver is simply overstating future traffic volumes or performance issues to make peering appear more attractive. P? Overstating Traffic Futures “You better peer with me now cause… Lots of transit fees coming otherwise!” P $ $ T T Fictitious Performance Problems

  35. APC 11)The Wide Scale Open Peering Policy as a tactic signals to the Peering Coordinator Community the willingness to peer and therefore increases the likelihood of being contacted for peering by other ISPs. P? To anyone who will listen! From the highest mountain “We will Peer with Anyone!”

  36. A A A A A A A A A A A A A A A IX IX IX IX IX IX IX IX IX IX IX IX IX IX IX 12)The Massive Colo Build tactic seeks to meet the collocation prerequisites of as many ISPs as possible by building POPs into as many exchange points as possible. C M Eastern TimeZone Pacific TimeZone “Meet us in 3 Time Zones”

  37. APC BPC 14)Friendship-based Peering leverages contacts in the industry to speed along and obtain peering where the process may not be in place for a peering. P? Forums to meet Peering Coordinators GPF NANOG APRICOT RIPE IETF :

  38. APC 15)The Spam Peering Requests tactic is a specific case of the Wide Scale Open Peering tactic using the exchange point contact lists to initiate peering. P? IX Participants List IX Participants List IX Participants List : :

  39. G GA A PA A P U B U B 17)Purchasing Legacy Peering provides an immediate set of peering partners. A P P A Purchases G and P P P Legacy (early Internet day) Peering

  40. ANOC BNOC 19)The False Peering Outage tactic involves deceiving an ill-equipped NOC into believing a non-existing peering session is down. Peering Point X ANOC: Hey – Emergency! ANOC: Our Peering Session with you Went Down! BNOC: Strange. <looks on router> I don’t see it configured. ANOC: It was. Don’t make me escalate to <famous person> BNOC: Ah – I bet is was that last config run that trashed it. BNOC: Give me a few minutes to fix it on both ends.

  41. P APC A A APC BS B B BS 20) The Leverage Broader Business Arrangement takes advantage of other aspects of the relationship between two companies to obtain peering in exchange for something else. P? Peering Tied with “Other” +Fiber deal +Dial-in deal +Racks +Transport +Strategic deal : P? Tied with Other

  42. Additional Assumption: Hierarchy Disallowed!

  43. Safety: Proof Sketch • System state: the current route at each AS • Activation sequence: revisit some router’s selection based on those of neighboring ASes

  44. Activation Sequence: Intuition • Activation: emulates a message ordering • Activated router has received and processed all messages corresponding to the system state • “Fair” activation:all routers receive and process outstanding messages

  45. Safety: Proof Sketch • State: the current route at each AS • Activation sequence: revisit some router’s selection based on those of neighboring ASes • Goal: find an activation sequence that leads to a stable state • Safety: satisfied if that activation sequence is contained within any “fair” activation sequence

  46. Proof, Step 1: Customer Routes • Activate ASes from customer to provider • AS picks a customer route if one exists • Decision of one AS cannot cause an earlier AS to change its mind An AS picks a customer route when one exists

  47. Proof, Step 2: Peer & Provider Routes • Activate remaining ASes from provider to customer • Decision of one Step-2 AS cannot cause an earlier Step-2 AS to change its mind • Decision of Step-2 AS cannot affect a Step-1 AS AS picks a peer or provider route when no customer route is available

More Related