BGP Update Report Interval: 11-Mar-10 -to- 18-Mar-10 (7 days) Observation Point: BGP Peering with AS131072 TOP 20 Unstable Origin AS Rank ASN Upds % Upds/Pfx AS-Name 1 - AS665 99574 8.9% 1059.3 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 2 - AS45985 23578 2.1% 5894.5 -- DAEWOOSEC Daewoo Securities Co., Ltd. 3 - AS14420 17434 1.6% 44.4 -- CORPORACION NACIONAL DE TELECOMUNICACIONES CNT S.A. 4 - AS30890 15750 1.4% 35.6 -- EVOLVA Evolva Telecom s.r.l. 5 - AS9829 13664 1.2% 27.7 -- BSNL-NIB National Internet Backbone 6 - AS31055 13155 1.2% 3288.8 -- CONSULTIX-AS Consultix GmbH 7 - AS35805 12226 1.1% 20.7 -- UTG-AS United Telecom AS 8 - AS9808 10983 1.0% 24.4 -- CMNET-GD Guangdong Mobile Communication Co.Ltd. 9 - AS12479 10423 0.9% 694.9 -- UNI2-AS Uni2 - Lince telecomunicaciones 10 - AS8452 9035 0.8% 18.0 -- TEDATA TEDATA 11 - AS16569 8216 0.7% 8216.0 -- ASN-CITY-OF-CALGARY - City of Calgary 12 - AS33776 8174 0.7% 29.0 -- STARCOMMS-ASN 13 - AS7738 7862 0.7% 16.5 -- Telecomunicacoes da Bahia S.A. 14 - AS26025 7195 0.7% 7195.0 -- COC - City of Calgary 15 - AS20115 7025 0.6% 8.5 -- CHARTER-NET-HKY-NC - Charter Communications 16 - AS27747 6408 0.6% 37.3 -- Telecentro S.A. 17 - AS1659 6067 0.5% 19.9 -- ERX-TANET-ASN1 Tiawan Academic Network (TANet) Information Center 18 - AS10052 5951 0.5% 2975.5 -- KNU-AS Kyungpook National Univ. 19 - AS17974 5867 0.5% 8.5 -- TELKOMNET-AS2-AP PT Telekomunikasi Indonesia 20 - AS27097 5815 0.5% 1453.8 -- DNIC-ASBLK-27032-27159 - DoD Network Information Center TOP 20 Unstable Origin AS (Updates per announced prefix) Rank ASN Upds % Upds/Pfx AS-Name 1 - AS16569 8216 0.7% 8216.0 -- ASN-CITY-OF-CALGARY - City of Calgary 2 - AS26025 7195 0.7% 7195.0 -- COC - City of Calgary 3 - AS45985 23578 2.1% 5894.5 -- DAEWOOSEC Daewoo Securities Co., Ltd. 4 - AS31055 13155 1.2% 3288.8 -- CONSULTIX-AS Consultix GmbH 5 - AS10052 5951 0.5% 2975.5 -- KNU-AS Kyungpook National Univ. 6 - AS27097 5815 0.5% 1453.8 -- DNIC-ASBLK-27032-27159 - DoD Network Information Center 7 - AS665 99574 8.9% 1059.3 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 8 - AS22395 968 0.1% 968.0 -- GHCO-INTERNAP - Goldenberg Hehmeyer 9 - AS5691 2630 0.2% 876.7 -- MITRE-AS-5 - The MITRE Corporation 10 - AS12479 10423 0.9% 694.9 -- UNI2-AS Uni2 - Lince telecomunicaciones 11 - AS5554 653 0.1% 653.0 -- INTEGRA Integra Information Co. Ltd 12 - AS31496 615 0.1% 615.0 -- ATNET-AS ATNET Autonomous System 13 - AS35400 1082 0.1% 541.0 -- MFIST Interregoinal Organization Network Technologies 14 - AS45960 502 0.1% 502.0 -- YTLCOMMS-AS-AP YTL COMMUNICATIONS SDN BHD 15 - AS28052 496 0.0% 496.0 -- Arte Radiotelevisivo Argentino 16 - AS8346 2569 0.2% 428.2 -- SONATEL-AS Autonomous System 17 - AS32794 400 0.0% 400.0 -- ICFG - International Church of the Foursquare Gospel 18 - AS34875 2293 0.2% 382.2 -- YANFES OJSC "Uralsviazinform" 19 - AS18399 1409 0.1% 352.2 -- BAGAN-TRANSIT-AS Bagan Cybertech IDC & Teleport International Transit 20 - AS35291 651 0.1% 325.5 -- ICOMM-AS SC Internet Communication Systems SRL TOP 20 Unstable Prefixes Rank Prefix Upds % Origin AS -- AS Name 1 - 62.168.199.0/24 13100 1.1% AS31055 -- CONSULTIX-AS Consultix GmbH 2 - 208.98.230.0/24 8216 0.7% AS16569 -- ASN-CITY-OF-CALGARY - City of Calgary 3 - 208.98.231.0/24 7195 0.6% AS26025 -- COC - City of Calgary 4 - 155.230.0.0/16 5927 0.5% AS10052 -- KNU-AS Kyungpook National Univ. 5 - 210.92.10.0/24 5895 0.5% AS45985 -- DAEWOOSEC Daewoo Securities Co., Ltd. 6 - 210.92.6.0/24 5895 0.5% AS45985 -- DAEWOOSEC Daewoo Securities Co., Ltd. 7 - 210.92.4.0/24 5895 0.5% AS45985 -- DAEWOOSEC Daewoo Securities Co., Ltd. 8 - 123.140.107.0/24 5893 0.5% AS45985 -- DAEWOOSEC Daewoo Securities Co., Ltd. 9 - 214.15.217.0/24 5673 0.5% AS27097 -- DNIC-ASBLK-27032-27159 - DoD Network Information Center 10 - 41.235.80.0/24 5590 0.5% AS8452 -- TEDATA TEDATA 11 - 199.114.154.0/24 3567 0.3% AS1733 -- CENTAF-SWA - 754th Electronic Systems Group 12 - 85.60.192.0/23 3060 0.3% AS12479 -- UNI2-AS Uni2 - Lince telecomunicaciones 13 - 206.184.16.0/24 2874 0.2% AS174 -- COGENT Cogent/PSI 14 - 205.101.192.0/24 2658 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 15 - 205.109.96.0/20 2658 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 16 - 205.109.208.0/20 2657 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 17 - 205.109.160.0/19 2651 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 18 - 205.110.243.0/24 2647 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 19 - 205.101.66.0/24 2646 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 20 - 199.121.123.0/24 2638 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center Details at http://bgpupdates.potaroo.net ------------------------------------ Copies of this report are mailed to: nanog@merit.edu eof-list@ripe.net apops@apops.net routing-wg@ripe.net afnog@afnog.org
So, this week, I actually read the update report. Noting the stats below (..a flap/update once per minute? please, fix your CPE router), I have but one humble request: Could the settlement-free members of the DFZ please consider re-enabling route-flap dampening towards customers? Thanks, -Tk
Rank Prefix Upds % Origin AS -- AS Name 1 - 62.168.199.0/24 13100 1.1% AS31055 -- CONSULTIX-AS Consultix GmbH 2 - 208.98.230.0/24 8216 0.7% AS16569 -- ASN-CITY-OF-CALGARY - City of Calgary 3 - 208.98.231.0/24 7195 0.6% AS26025 -- COC - City of Calgary 4 - 155.230.0.0/16 5927 0.5% AS10052 -- KNU-AS Kyungpook National Univ. 5 - 210.92.10.0/24 5895 0.5% AS45985 -- DAEWOOSEC Daewoo Securities Co., Ltd. 6 - 210.92.6.0/24 5895 0.5% AS45985 -- DAEWOOSEC Daewoo Securities Co., Ltd. 7 - 210.92.4.0/24 5895 0.5% AS45985 -- DAEWOOSEC Daewoo Securities Co., Ltd. 8 - 123.140.107.0/24 5893 0.5% AS45985 -- DAEWOOSEC Daewoo Securities Co., Ltd. 9 - 214.15.217.0/24 5673 0.5% AS27097 -- DNIC-ASBLK-27032-27159 - DoD Network Information Center 10 - 41.235.80.0/24 5590 0.5% AS8452 -- TEDATA TEDATA 11 - 199.114.154.0/24 3567 0.3% AS1733 -- CENTAF-SWA - 754th Electronic Systems Group 12 - 85.60.192.0/23 3060 0.3% AS12479 -- UNI2-AS Uni2 - Lince telecomunicaciones 13 - 206.184.16.0/24 2874 0.2% AS174 -- COGENT Cogent/PSI 14 - 205.101.192.0/24 2658 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 15 - 205.109.96.0/20 2658 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 16 - 205.109.208.0/20 2657 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 17 - 205.109.160.0/19 2651 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 18 - 205.110.243.0/24 2647 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 19 - 205.101.66.0/24 2646 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center 20 - 199.121.123.0/24 2638 0.2% AS665 -- DNIC-ASBLK-00616-00665 - DoD Network Information Center
On Sun, Mar 28, 2010 at 01:20:04AM -0400, Anton Kapela wrote:
So, this week, I actually read the update report. Noting the stats below (..a flap/update once per minute? please, fix your CPE router), I have but one humble request:
Could the settlement-free members of the DFZ please consider re-enabling route-flap dampening towards customers?
The problem is that unless one is holding customer routes in a seperate VRF and dampen them there or take similar steps to segment, dampening leads directly to blackholes. Even in that case, failover within that VRF wouldn't work, as all implementations I've seen attack the prefix as the problem instead of the path vector. Bye-bye alternate paths. Cheers, Joe -- RSUC / GweepNet / Spunk / FnB / Usenix / SAGE
Joe,
The problem is that unless one is holding customer routes in a seperate VRF and dampen them there or take similar steps to segment, dampening leads directly to blackholes. Even in that case, failover within that VRF wouldn't work, as all implementations I've seen attack the prefix as the problem instead of the path vector. Bye-bye alternate paths.
I guess what I'm hinting at is precisely something finer-grained (path not prefix), as you suggest. Per-neighbor enabled, versus "entire bgp RIB" would be preferred. I'm also interested in the *chronic* nature of these apparent instabilities. An average of one flap per minute could imply that the end-site is not getting allot of useful TCP moved, and as such, after something on the (n)-hour timescale, perhaps it's worth suppressing it. So, I'd ask for a long-timescale dampening function, indexed against per-path, and enforced per neighbor. Perhaps as-path lists could be combined with relaxed timers on existing implementations to achieve this today (in a VRF target/context). -Tk
On Mar 28, 2010, at 12:00 PM, Anton Kapela wrote:
I guess what I'm hinting at is precisely something finer-grained (path not prefix), as you suggest. Per-neighbor enabled, versus "entire bgp RIB" would be preferred. I'm also interested in the *chronic* nature of these apparent instabilities. An average of one flap per minute could imply that the end-site is not getting allot of useful TCP moved, and as such, after something on the (n)-hour timescale, perhaps it's worth suppressing it.
So, I'd ask for a long-timescale dampening function, indexed against per-path, and enforced per neighbor. Perhaps as-path lists could be combined with relaxed timers on existing implementations to achieve this today (in a VRF target/context).
It's not just AS_PATH, a lot of the reason so many duplicate updates occur (nearly 50% of all updates at times, and often more during the busiest times) is because on the other end implementations don't keep egress advertisement state per attribute (e.g., if cluster_list length just triggered an internal transition then a new update is sent to external peers with no new information because the determining internal attributes are stripped before transmitting the new update), yet those *prefixes* might well be suppressed as a result of the implementation and/or network architecture on the other end of the BGP connection. Then you couple what Joe was pointing out, where intermediate nodes with consistently unstable links or "paths" result in penalizing an entire prefix, not just the unstable paths, and it makes for more brokenness than benefit when route flap damping is employed. It's not that people haven't studied and understand why this occurs, the issue is that implementation optimizations seem to always win out today over systemic state effects (i.e., that "be conservative in what you send" thing doesn't seem to apply in practice, unfortunately). -danny
It's not just AS_PATH, a lot of the reason so many duplicate updates occur (nearly 50% of all updates at times, and often more during the busiest times) is because on the other end implementations don't keep egress advertisement state per attribute (e.g., if cluster_list length just triggered an internal transition then a new update is sent to external peers with no new information because the determining internal attributes are stripped before transmitting the new update), yet those *prefixes* might well be suppressed as a result of the implementation and/or network architecture on the other end of the BGP connection.
Then you couple what Joe was pointing out, where intermediate nodes with consistently unstable links or "paths" result in penalizing an entire prefix, not just the unstable paths, and it makes for more brokenness than benefit when route flap damping is employed.
It's not that people haven't studied and understand why this occurs, the issue is that implementation optimizations seem to always win out today over systemic state effects (i.e., that "be conservative in what you send" thing doesn't seem to apply in practice, unfortunately).
might some of this be that the implementations use router-id to fill in an unconfigured rr cluster-id? randy
On Mar 30, 2010, at 9:30 PM, Randy Bush wrote:
might some of this be that the implementations use router-id to fill in an unconfigured rr cluster-id?
Yep! So intermediate nodes in an iBGP topology with varying cluster IDs per RR with a common client set can certainly result in duplicate eBGP updates (not to mention lots of *useless* adj-RIB-In memory on those RRs for storing routes that are completely useless and would otherwise be discarded). That said, even with common cluster IDs within a client set, and even a single level (or completely flat) iBGP hierarchy, coupled with any jitter, variable propagation delay along a path, asymmetric or not, depending on transport connection dynamics, or variance in update arrival rates, and BGP speaker MRAI interactions with each, all can result in these duplicate updates at egress, and subsequent suppression via flap damping if employed. And, of course, this is compounded by external interconnection denseness on ingress and even non-adjacent downstream ASNs. I.e., there's room for protocol, implementation, and network architecture variables here, and operators should expressly factor systemic effects of each in their operating environment - they can have considerable impact. -danny
participants (5)
-
Anton Kapela
-
cidr-report@potaroo.net
-
Danny McPherson
-
Joe Provo
-
Randy Bush