[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
IPv4 multihoming limitations
On vrijdag, mei 2, 2003, at 20:15 Europe/Amsterdam, Joe Abley wrote:
There are quite a few limitations for people that want to multihome
in v4. Not everyone may be aware of those and subsequently
underestimate the latent need for multihoming. So it might be good to
document this after all.
I am still very happy to collate ideas and edit that document, if
people are happy for me to do so.
Ok, here is some text:
The preferred way to multihome in IPv4 is to announce an independent
block of address space over two or more ISPs using BGP. Until the
mid-1990s this was relatively easy to accomplish, as the maximum
generally accepted prefix length in the global routing table was a /24,
and little justification was needed to receive a /24. However, in 1995
the growth of the global routing table became a problem once again, and
as a result Sprint decided to start filtering prefixes it accepted from
peers based on prefix length. This broke the expectation that a
multihomed network announcing a /24, regardless of where in the IPv4
address space this /24 was taken from, would be globally reachable.
Over the course of the next several years, filtering on Regional
Internet Registry allocation boundaries became accepted, if not
widespread, practice. As of the late 1990s the RIRs allocate address
space to those requesting it from them directly (mostly ISPs) in blocks
of at least a /20. The address space in 192.0.0.0/8 and part of
193.0.0.0/8 was allocated before CIDR was developed so it still
contains a large number of much smaller blocks. This part of the IPv4
address space is often called "the swamp". The networks that filter on
prefix length typically accept much larger prefixes from swamp space.
In the mean time, RIR address distribution policies became increasingly
more restrictive. The result of these two developments is that it is
nearly impossible for an non-ISP organization to obtain a large enough
block of address space to be sure its BGP announcement isn't filtered.
Multihomers are often forced to work around this by taking regular
provider aggregatable (PA) rather than the traditional
provider-independent (PI) address space from one of their ISPs and
announce this prefix to two ISPs. In theory, announcing this prefix to
the secondary ISP would be enough as reachability over the primary ISP
is assured by the aggregate this ISP announces. However, due to the
"longest match first" rule, traffic would exclusively flow over the
path with the longer prefix. So in practice the multihomer announces
the longer prefix both over the ISP that announces the aggregate and
over one or more secondary ISPs.
This practice has two advantages and one disadvantage for the
multihomed network. The first advantage is that they can obtain a much
smaller block of address space from an ISP than from a RIR. (Would-be
multihomers still often optimize their networks for qualifying for at
least a /24 by adopting accepted but relatively wasteful address
deployment strategies.) The second advantage is that even if their
announcement is filtered, they are still reachable over the primary ISP
by virtue of the aggregate announced by this ISP. Even when the circuit
to the primary ISP is down, this often works because the primary ISP
will generally accept the announcement over the secondary ISP, so
traffic flows from the filtering network to the primary ISP and then to
the secondary ISP in order to arrive at the multihomed network.
The disadvantage is that the multihomed network must depend on the
primary ISP for the aggregate. If the primary ISP goes down, this will
impact reachability to networks that filter. And when the multihomed
network leaves the primary ISP, they are generally expected to return
the address space because otherwise this ISP would have to route
traffic for a non-customer. Most ISPs will cooperate with this
"shooting holes in an aggregate" solution to multihoming, but some are
reluctant.