Sunteți pe pagina 1din 43

BGP Route Aggregation Best Practices

Philip Smith PhNOG 2 3rd-7th December 2007 Manila, Philippines

Agenda
! !

What is Aggregation? RIPE-399 Aggregation Recommendations What is happening world wide?

Aggregation
!

Aggregation means announcing the address block received from the RIR to the other ASes connected to your network Subprefixes of address block must NOT be announced to Internet unless aiding traffic engineering for multihoming Subprefixes of this aggregate will be present internally in the ISP network

Announcing an Aggregate
!

ISPs who dont and wont aggregate are held in poor regard by community Registries publish their minimum allocation size
! !

Anything from a /20 to a /22 depending on RIR Different sizes for different address blocks

No real reason to see anything longer than a /22 prefix in the Internet
!

BUT there are currently >125000 /24s!

Aggregation Example 1
100.10.10.0/23 100.10.0.0/24 100.10.4.0/22

customer

Internet

AS100

100.10.10.0/23

Customer has /23 network assigned from AS100s /19 address block AS100 announces customers individual networks to the Internet

Aggregation Bad Example


!

Customer link goes down


!

Customer link returns


!

Their /23 network becomes unreachable /23 is withdrawn from AS100s iBGP

Their ISP doesnt aggregate its /19 network block


!

! !

/23 network withdrawal announced to peers starts rippling through the Internet added load on all Internet backbone routers as network is removed from routing table

! !

Their /23 network is now visible to their ISP Their /23 network is readvertised to peers Starts rippling through Internet Load on Internet backbone routers as network is reinserted into routing table Some ISPs suppress the flaps Internet may take 10-20 min or longer to be visible Where is the Quality of Service???

Aggregation Example 2
100.10.0.0/19

100.10.0.0/19 aggregate

customer

Internet

AS100

100.10.10.0/23

Customer has /23 network assigned from AS100s /19 address block AS100 announced /19 aggregate to the Internet

Aggregation Good Example


!

Customer link goes down


!

! !

their /23 network becomes unreachable /23 is withdrawn from AS100s iBGP

Customer link returns Their /23 network is visible again


!

The /23 is re-injected into AS100s iBGP

/19 aggregate is still being announced


!

no BGP hold down problems no BGP propagation delays no damping by other ISPs

The whole Internet becomes visible immediately Customer has Quality of Service perception

Aggregation Summary
!

Good example is what everyone should do!


! ! ! !

Adds to Internet stability Reduces size of routing table Reduces routing churn Improves Internet QoS for everyone Why? Lack of knowledge? Laziness?

Bad example is what too many still do!


! !

The Internet Today (November 2007)


!

Current Internet Routing Table Statistics


! ! ! ! ! ! !

BGP Routing Table Entries Prefixes after maximum aggregation Unique prefixes in Internet Prefixes smaller than registry alloc /24s announced only 5734 /24s are from 192.0.0.0/8 ASes in use

239222 122992 116637 111829 125530 26769

The New Swamp


!

Swamp Space is name used for areas of poor aggregation


!

The original swamp was 192.0.0.0/8 from the former class C block
!

Name given just after the deployment of CIDR

The new swamp is creeping across all parts of the Internet


!

Not just RIR space, but legacy space too

The New Swamp RIR Space February 1999


RIR blocks contribute 49393 prefixes or 88% of the Internet Routing Table
Block
24/8 41/8 58/8 59/8 60/8 61/8 62/8 63/8 64/8 65/8 66/8 67/8 68/8 69/8 70/8 71/8 72/8 73/8

Networks
165 0 0 0 0 3 87 20 0 0 0 0 0 0 0 0 0 0

Block
74/8 75/8 76/8 80/8 81/8 82/8 83/8 84/8 85/8 86/8 87/8 88/8 89/8 90/8 91/8 121/8 122/8 123/8

Networks
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0

Block
124/8 125/8 126/8 188/8 189/8 190/8 192/8 193/8 194/8 195/8 196/8 198/8 199/8 200/8 201/8 202/8 203/8 204/8

Networks
0 0 0 0 0 0 6275 2390 2932 1338 513 4034 3495 1348 0 2276 3622 3792

Block
205/8 206/8 207/8 208/8 209/8 210/8 211/8 212/8 213/8 216/8 217/8 218/8 219/8 220/8 221/8 222/8

Networks
2584 3127 2723 2817 2574 617 0 717 1 943 0 0 0 0 0 0

The New Swamp RIR Space February 2006


RIR blocks contribute 161287 prefixes or 88% of the Internet Routing Table
Block
24/8 41/8 58/8 59/8 60/8 61/8 62/8 63/8 64/8 65/8 66/8 67/8 68/8 69/8 70/8 71/8 72/8 73/8

Networks
3001 41 606 628 468 2396 1860 2837 5374 3785 6292 1832 3069 3315 1597 888 1772 274

Block
74/8 75/8 76/8 80/8 81/8 82/8 83/8 84/8 85/8 86/8 87/8 88/8 89/8 90/8 91/8 121/8 122/8 123/8

Networks
109 2 4 1925 1350 1158 1130 971 1426 650 629 328 113 2 2 0 0 0

Block
124/8 125/8 126/8 188/8 189/8 190/8 192/8 193/8 194/8 195/8 196/8 198/8 199/8 200/8 201/8 202/8 203/8 204/8

Networks
292 682 27 1 0 39 6927 5203 4061 3519 1264 4908 4156 6757 1614 9759 9527 5474

Block
205/8 206/8 207/8 208/8 209/8 210/8 211/8 212/8 213/8 216/8 217/8 218/8 219/8 220/8 221/8 222/8

Networks
2934 3879 4385 3239 5611 3908 2291 2920 3071 6893 2590 1220 1003 1657 765 914

The New Swamp Summary


!

RIR space shows creeping deaggregation


!

Today an RIR /8 block averages around 6000 prefixes once fully allocated ! Existing 74 /8s will eventually cause 444000 prefix announcements Remaining 58 unallocated /8s and the 74 RIR /8s combined will cause:
! ! !

Food for thought:


!

852000 prefixes with 6000 prefixes per /8 density Plus 12% due to non RIR space deaggregation ! Routing Table size of 954240 prefixes

The New Swamp Summary


!

Rest of address space is showing similar deaggregation too " What are the reasons?
!

Main justification is traffic engineering Lack of knowledge Laziness Deliberate & knowing actions

Real reasons are:


! ! !

BGP Report (bgp.potaroo.net)


! !

199336 total announcements in October 2006 129795 prefixes


!

After aggregating including full AS PATH info


!

i.e. including each ASNs traffic engineering

35% saving possible After aggregating by Origin AS


!

109034 prefixes
!

i.e. ignoring each ASNs traffic engineering

10% saving possible

The excuses
!

Traffic engineering causes 10% of the Internet Routing table Deliberate deaggregation causes 35% of the Internet Routing table

Efforts to improve aggregation


!

The CIDR Report


!

Initiated and operated for many years by Tony Bates Now combined with Geoff Hustons routing analysis
!

www.cidr-report.org

Results e-mailed on a weekly basis to most operations lists around the world Lists the top 30 service providers who could do better at aggregating

The CIDR Report


! !

Also computes the size of the routing table assuming ISPs performed optimal aggregation Website allows searches and computations of aggregation to be made on a per AS basis
! !

Flexible and powerful tool to aid ISPs Intended to show how greater efficiency in terms of BGP table size can be obtained without loss of routing and policy information Shows what forms of origin AS aggregation could be performed and the potential benefit of such actions to the total table size Very effectively challenges the traffic engineering excuse

Agenda
! !

What is Aggregation? RIPE-399 Aggregation Recommendations What is happening world wide?

Route Aggregation Recommendations


!

LINX attempted aggregation policy for members


!

It failed even though most members voted for policy

RIPE Routing Working Group work item from early 2006


! !

Based on early LINX concept Authored by Philip Smith, Mike Hughes (LINX) and Rob Evans (UKERNA)

Route Aggregation Recommendations


!

RIPE Document RIPE-399


!

http://www.ripe.net/ripe/docs/ripe-399.html

Discusses:
! ! ! ! !

History of aggregation Causes of de-aggregation Impacts on global routing system Available Solutions Recommendations for ISPs

History:
!

Classful to classless migration


!

Clean-up efforts in 192/8 Started by Tony Bates to encourage adoption of CIDR & aggregation Mostly ignored through late 90s Now part of extensive BGP table analysis by Geoff Huston

CIDR Report
!

! !

Introduction of Regional Internet Registry system and PA address space

Deaggregation: Claimed causes (1):


!

Routing System Security


!

Announcing /24s means that no one else can DOS the network

Reduction of DOS attacks & miscreant activities


!

Announcing only address space in use as rest attracts noise Mind your own business

Commercial Reasons
!

Deaggregation: Claimed causes (2):


!

Leakage of iBGP outside of local AS


!

eBGP is NOT iBGP how many ISPs know this? Spraying out /24s hoping it will work Rather than do any real engineering All those pre-RIR assignments are to blame In reality it is both RIR and legacy assignments

Traffic Engineering for Multihoming


! !

Legacy Assignments
! !

Impacts (1):
!

Router memory
!

! !

Shortens router life time as vendors underestimate memory growth requirements Depreciation life-cycle shortened Increased costs for ISP and customers Processors are underpowered as vendors underestimate CPU requirement Depreciation life-cycle shortened Increased costs for ISP and customers

Router processing power


!

! !

Impacts (2):
!

Routing System convergence


! !

Larger routing table ! slowed convergence Can be improved by faster control plane processors see earlier Slowed convergence ! slowed recovery from failure Slowed recovery ! longer downtime Longer downtime ! unhappy customers

Network Performance & Stability


!

! !

Solutions (1):
!

CIDR Report
! !

Global aggregation efforts Running since 1994 Per RIR region aggregation efforts Running since 1999 Training, tutorials, Project Cymru,

Routing Table Report


! !

Filtering recommendations
!

CIDR Police

Solutions (2):
!

BGP Features:
! !

NO_EXPORT Community NOPEER Community


!

RFC3765 but no one has implemented it Still working through IETF IDR Working Group Some ISPs use them; most do not

AS_PATHLIMIT attribute
!

Provider Specific Communities


!

RIPE-399 Recommendations:
! !

! ! !

Announcement of initial allocation as a single entity Subsequent allocations aggregated if they are contiguous and bit-wise aligned Prudent subdivision of aggregates for Multihoming Use BGP enhancements already discussed (Oh, and all this applies to IPv6 too)

Agenda
! !

What is Aggregation? RIPE-399 Aggregation Recommendations What is happening world wide?

Looking at Deaggregation
!

CIDR Report
! ! !

www.cidr-report.org Encourages aggregation following CIDRisation of Internet Today: extensive suite of reports and tools covering state of BGP table BGP table status on per RIR basis Original CIDR Report and a whole lot more

Routing Report
! !

Deaggregation Factor
!

Routing Report
!

One summary takes BGP table and aggregates prefixes by origin AS


!

Called Max Aggregation in report http://thyme.apnic.net/current/

Global and per RIR basis


!

New Deaggregation Factor:


! !

Measure of Routing Table size/Aggregated Size Global value has been increasing slowly and steadily since records began

Original Internet 2007/11


Total Prefixes ! Global BGP Table
!

Deaggregation Factor ! Global Average


!

239k prefixes
!

1.94 1.75 1.55

North America
!

North America
!

112k prefixes
!

Europe & Middle East


!

Europe & Middle East


!

50k prefixes

Newer Internet 2007/11


Total Prefixes ! Global BGP Table
!

Deaggregation Factor ! Global Average


!

239k prefixes
!

1.94 2.62 3.01

Asia & Pacific


!

Asia & Pacific


!

56k prefixes
!

Africa
!

Africa
!

3k prefixes
!

Latin America & Caribbean


!

Latin America & Caribbean


!

18k prefixes

3.88

Africa Aggregation Savings Summary


ASN No of Nets 24863 389 20858 198 6713 143 5536 124 33783 123 33776 100 24835 88 15475 81 23889 76 20484 64 3741 281 15706 58 29571 55 12455 36 21152 31 10798 27 2018 141 33774 48 8524 32 15804 22 Poss Savings 352 195 132 114 107 97 82 77 61 58 55 54 48 33 26 26 25 22 22 21 Description LINKdotNET AS number EgyNet Itissalat Al-MAGHRIB Internet Egypt Network EEPAD TISP TELECOM & INTERNET Starcomms Nigeria Limited RAYA Telecom - Egypt Nile Online MAURITIUS TELECOM Yalla Online Autonomous Syste The Internet Solution Sudatel Internet Exchange Aut Ci Telecom Autonomous system Jambonet Autonomous system AS for the uplinks of Soficom Standard Bank of South Africa Tertiary Education Network AS Number for Telecom Algeria AUCEGYPT Autonomous System AS of The Way Out Internet So

http://thyme.apnic.net/current/data-CIDRnet-AFRINIC

Asia & Pacific Aggregation Savings Summary


ASN No of Nets 4755 1464 9498 1051 17488 879 4134 1103 9583 1090 7545 720 18101 611 4668 520 9829 519 4766 816 4812 524 17676 503 17974 398 4808 504 9443 440 4802 481 4538 355 7552 296 9929 325 4780 308 Poss Savings 1395 987 809 800 673 598 555 510 509 487 447 439 384 382 370 340 320 292 276 264 Description Videsh Sanchar Nigam Ltd. Aut BHARTI BT INTERNET LTD. Hathway IP Over Cable Interne CHINANET-BACKBONE Sify Limited TPG Internet Pty Ltd Reliance Infocom Ltd Internet LG-EDS Systems Inc. BSNL National Internet Backbo Korea Telecom (KIX) China Telecom (Shanghai) Softbank BB Corp. PT TELEKOMUNIKASI INDONESIA CNCGROUP IP network: China169 Primus Telecommunications Wantree Development China Education and Research Vietel Corporation China Netcom Corp. Digital United Inc.

http://thyme.apnic.net/current/data-CIDRnet-APNIC

North America Aggregation Savings Summary


ASN No of Nets 11492 1173 18566 1032 4323 1377 6478 1124 22773 819 5668 664 19262 812 15270 603 6517 584 19916 569 6197 1030 2386 1271 855 546 33588 470 3356 833 7011 982 20115 846 11139 380 3464 371 3602 414 Poss Savings 1131 1023 1014 945 765 647 629 562 551 522 521 490 484 447 418 412 393 352 346 338 Description Cable One Covad Communications Time Warner Telecom AT&T Worldnet Services Cox Communications, Inc. CenturyTel Internet Holdings, Verizon Global Networks PaeTec.net -a division of Pae Yipes Communications, Inc. OLM LLC BellSouth Network Solutions, AT&T Data Communications Serv Canadian Research Network Bresnan Communications, LLC. Level 3 Communications, LLC Citizens Utilities Charter Communications Cable & Wireless Dominica Alabama SuperComputer Network Sprint Canada, Inc.

http://thyme.apnic.net/current/data-CIDRnet-ARIN

Latin America Aggregation Savings Summary


ASN No of Nets 8151 1161 11830 539 16814 427 14522 381 7303 380 6471 357 11172 375 22047 317 10481 301 14117 285 11556 236 6147 242 10620 260 28573 213 7738 206 23216 220 20299 199 19169 183 8163 169 21826 186 Poss Savings 946 530 417 373 321 319 315 304 291 270 232 222 217 186 182 173 169 164 154 139 Description UniNet S.A. de C.V. Instituto Costarricense de El NSS, S.A. SatNet S.A. Telecom Argentina Stet-France ENTEL CHILE S.A. Servicios Alestra S.A de C.V VTR PUNTO NET S.A. Prima S.A. Telefonica del Sur S.A. Cable-Wireless Panama Telefonica Del Peru TVCABLE BOGOTA NET Servicos de Comunicao S.A Telecomunicacoes da Bahia S.A RAMtelecom Telecomunicaciones NEWCOM AMERICAS Telconet METROTEL REDES S.A. INTERCABLE

http://thyme.apnic.net/current/data-CIDRnet-LACNIC

EU & Middle East Aggregation Savings Summary


ASN No of Nets 9116 347 8551 327 8866 280 8452 239 3352 235 12479 195 9121 210 3215 264 3269 230 5462 174 5486 154 6830 170 29357 135 9155 129 15471 180 3300 214 31083 105 9051 149 15611 96 12883 97 Poss Savings 319 287 254 232 194 189 185 173 158 149 136 133 131 119 116 112 98 94 94 93 Description Goldenlines main autonomous s Bezeq International Bulgarian Telecommunication C TEDATA Ibernet, Internet Access Netw Uni2 Autonomous System TTnet Autonomous System France Telecom Transpac TELECOM ITALIA Telewest Broadband Euronet Digital Communication UPC Distribution Services WATANIYA TELECOM QualityNet AS number SNR - Societatea Nationala de AUCS Communications Services PowerNet.BG, Sofia, Bulgaria INCONET Autonomous System Iranian Research Organisation Farlep-Internet ISP

http://thyme.apnic.net/current/data-CIDRnet-RIPE

Observations
!

Huge gulf in operational good practices between older and newer Internet
!

Could threaten the Internet as we know it Hopefully all the RIRs will include pointers with each address allocation Hopefully more ISPs will pay attention to it Training is there most ISPs choose to ignore it

RIPE-399 is only a recommendation


!

! !

Conclusion
!

Newer Internet is growing rapidly


!

As is the deaggregation there

! !

RIPE-399 now exists Make it your BGP good practice document

S-ar putea să vă placă și