RE: Provider Independent addressing usage

["Tony Hain" <alh-ietf@tndh.net>]

Pekka Savola wrote:

> Punching holes is the current reality with _IPv4_.  In IPv6 world 
> (at least 6bone), too specific routes are filtered by almost 
> everybody; so this would not work.

Filtering more-specifics was an IPv4 activity 5 years ago, but the reality of providing the service the end customer is paying for trumps the 'network-centric' viewpoint every time. If a site uses provider-based addresses and expects those to be routable through another provider then the upstream table of those two providers has to accept the explicit entry. No amount of wishing will make that untrue.


> FUD how?  I don't see flaw in my point _if_ there are no 
> Significant exchanges in the regions in question.  If there are 
> a lot of exchanges, ie. "neutral ground", this is not a problem.
>
> Consider:
>
> Assume source is in e.g. Europe and the destination in someone 
> from a different provider in a backwater city in the U.S.  
> Assume there is no regional exchange close by.
>
> There are a few issues here:
> 1) which out-of-the-country provider is selected
> 2) which intercontinental carrier is selected
> 3) where the intercontinental carrier drops the traffic
> 4) where someone else picks it up
> 
> 1) no problem and no matter; the customer has default routes 
> and direct relation with his ISP's.
> 
> 2) all EU-US carriers probably want to advertise reachability 
> to all US destinations, I'd suspect.  So, one of these is 
> picked.
> 
> 3) The carrier does not know what to actually do about the 
> packet yet, but let's assume it just pushes it toward a PoP 
> nearest to the region.
> 
> If there is no IX in the region, the carrier can either dump 
> the packet (if it doesn't know a more specific route), or throw 
> it at some operator operating in the region.
> 
> 4) Some operator operating in the region _might_ get a packet, 
> but it can't know yet whether the destination in the area is 
> reachable or not.
> So it could take the packet, muck around with it, perhaps route 
> it closer to the destination (geographically) and "throw the hot 
> potato to the next guy".
> 
> As said, these problems are "fixed" by:
>  1) lots and lots of IX's (up to the level where having full 
> /48's is acceptable), or
>  2) full /48 routes in all ISP's, carriers etc. which makes 
> the entire routing table size consideration moot

The reason I say FUD is the argument appears to be ignoring the origin of the routing entry. If an operator is forwarding a packet toward a pop in the destination region, it had to get that route from somewhere. The only way your scenario works is if the operator is not providing service in the destination region and decided to make up a route to that prefix for internal use. If a provider does this, yes the traffic will die, but this is no different than making up any other prefix.

The only way a provider would know which provider to hand a packet off to is not a hot-potato guess, but hearing a routing advertisement. If the origin provider hands off the packet based on the longest-match prefix for the destination, the expectation is that the packet will get delivered. If there are providers not participating in the exchange covering that region, the provider holding the packet would need to know the specifics from them. This is no different from provider-based prefixes; there is no magic.

There may be additional exchanges built, but this will be a clear engineering driven decision based on the number of multi-homed sites and the acceptable size of the local routing table. This is in contrast to the current set of exchanges that were built for purely political reasons, or simply avoiding the politically motivated international tariffs. Yes this mechanism will shift the balance back from private peering toward exchange-based peering, but is that a bad thing? It certainly opens up the local service area in a way that locking sites to a provider-based address will never do. The cost of connecting to multiple exchanges will act as a natural counter balance to prevent an absurd number of them from being created.


> What I'm worried about is situation where SiteA is customer 
> of ISPA, and ISPA does not participate in exchange in SiteA's 
> region, but does participate in some other exchanges.  Assume 
> SiteB is in the same region as SiteA, using ISPB which does 
> participate in the regional exchange.  Now the exchange 
> advertises the reachability of regional prefix, but SiteA
> will not be reachable.  ISPB and ISPA might not be willing 
> to "tie it together" if there is no customer relationship 
> between them (ie, not ISP - Carrier).

We are talking about multi-homed sites, right? So I assume you mean SiteA is a customer of ISPA & ISPC, while SiteB is a customer of ISPB & ISPD. If ISPA or ISPC neither one participate in the regional exchange, and their upstream filters the specific for SiteA (as it should), SiteA has a reason to switch to ISPB or ISPD. Since the addresses are not derived from ISPA or ISPC, there is no deterrent causing SiteA to stick with its current lame providers. SiteA is paying for a service; insulation from problems any individual provider may have; and in this scenario ISPA & ISPC both have a problem that SiteA wants to avoid.


> I think one of the goals is that inter-region providers, or 
> "upper layers" in general, don't have to know all the specific 
> routes.

I agree completely, but they can't push back and refuse to know specifics unless they have a replacement mechanism that gets the bits delivered to the paying customer. Provider-based specifics are all we have currently defined, and they are demonstrably broken for this purpose. 


> Perhaps the practical requirement for IX's should be noted 
> more clearly in the draft.

Please send text.


> Countries often have an IX, and as international connections 
> often require paying for carrier service or getting possibly 
> rather expensive connections, it's often that regional 
> boundaries are actually de-facto country boundaries.
> 
> Bigger IX's (probably most of the ones we regard as real 
> exchanges now) are most often "international".

I will give you the point that costs change as national boundaries are crossed, but the size and location of an exchange have no mandatory relationship to the prefix lengths exchanged there. For example, assume there is a massive exchange in London with 100's of providers participating covering all of the UK, and nearby another exchange, say Moscow, where there may only be 5 providers, but they cover all of Russia. The fact that one has more participants, or covers a region approximately 10 degrees square, while the other covers a region 20 x 150 degrees has nothing to do with the number of multi-homed sites supported. They may both be inadequate, or may both be overkill for the required service. 

The requirement is that all participants agree on the set of prefixes to be exchanged, and that set will almost assuredly contain multiple lengths to avoid overlapping with a neighboring exchange. 


> If PI addressing were to be adopted at large, there would have 
> to be more IX's.  Someone has to administer, and pay for them.  
> This might become an important point to consider.

And the multi-homed sites, which created the need, would be the logical place to look for the money. Currently there is no way to associate the site that creates the problem with where the pain is felt; but something like this where the providers could point at a specific local cost to support the site's goal, and the site could in turn see explicit value for the additional cost, might help that problem. 

Tony