[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: The state of IPv6 multihoming development



On Sat, 26 Oct 2002, Tony Hain wrote:

> I know Craig said the host is making a routing decision, but it isn't.
> Even if it tried it could be overruled by the routers for the outbound
> packets. The only thing the host can decide that might even come close
> [...]
> between the providers. Since the origin network can't enforce reverse
> path routing decisions, the idea that the origin host is making any kind
> of routing decision is completely bogus.

Remember that simplicity is key for both providers and enterprises.  The
more exceptions that you need to configure in the routers, the higher the
cost.  What you're suggesting is that it's operationally feasible to
overrule many individual /48's for each end-user to push it down a
different path, which requires significant research and configuration for
each given end-user.

The IPv4 BGP model is much better at this because policy can be applied to
paths, not individual /48's for end-users.  This can range from a specific
end-user to aggregated paths from a specific end-provider to a large group
of paths from multiple providers -- it's not limited to overrides for
specific end-users.

Here's an example:

        P1---
         |   \
         |    \
CC1-----P2-----CP1
   \     |    /
    \    |   /
   SP1--P3---

CC1 = content consumer
CP1 = content provider
P1,P2,P3 = tier 1 provider
SP1 = sub-tier-1 (resale) provider

P1 allocated 2001:42c::/32
P2 allocated 2001:445::/32
P3 allocated 2001:49c::/32

SP1 allocated 2001:49c:100::/40

CC1 allocated 2001:445:b1c::/48 (P2), 2001:49c:18f::/48 (SP1/P3)
CP1 allocated 2001:42c:91cb::/48 (P1), 2001:445:8cb1::/48 (P2), 2001:49c:10c::/48 (P3)

host1.CC1 has addresses:
2001:0445:0b1c:005a::1f
2001:049c:018f:005a::1f

host1.CC1 sends DNS lookup for www.cp1, gets back:
2001:042c:91cb:0001::5
2001:0445:8cb1:0001::5
2001:049c:010c:0001::5

Using address selection rules proposed, host1.CC1 selects SA of
2001:049c:018f:005a::1f.  host1.CC1 selects DA of 2001:049c:010c:0001::5.

Assuming default routing (remember, keep it simple and keep exceptions to
an absolute minimum), traffic from host1.CC1 to www.CP1 will go via SP1
to P3 to CP1 (destination address follows P3's /32 aggregate).  Traffic
from www.CP1 to host1.CC1 will go via P3 to SP1 to CC1.  This is more
likely to be a suboptimal path, given more organizational hops.

The host's selection of source and destination addresses has selected the
paths, and the network infrastructure has no visibility whatsoever that
packets to host www.CP1 has an alternate path via P2.

The only way that the network operator of network CC1 can send this traffic
down a better path (P2) is to perform research on paths to CP1, identify
a better path, configure a manual entry to hijack traffic
going to 2001:049c:010c::/48 and send it down P2.  Now imagine doing this
for thousands of destination AS's.

A previous suggestion has been to withhold the 2001:049c:018f:005a prefix
from being a valid source address for host1.CC1; however, this isn't
reasonable as there may be many best paths from host1.CC1 to other networks
via SP1.

I'll admit that BGP isn't a perfect solution - but it at least allows the
network operator to have better, easier control over sets of paths (say,
generally preferring P2, or de-preferring SP1/P3) as opposed to making
individual, per-end-user policy specifications.

---
Craig A. Huegen, Chief Network Architect      C i s c o  S y s t e m s
IT Transport, Network Technology & Design           ||        ||
Cisco Systems, Inc., 400 East Tasman Drive          ||        ||
San Jose, CA  95134, (408) 526-8104                ||||      ||||
email: chuegen@cisco.com       CCIE #2100      ..:||||||:..:||||||:..