I'm trying to understand what techniques/solutions are available to determine which AS's would make good peering partners. If we look at our Transit stream to our upstream provider, I had heard the following from someone and would like to get some other opinions:
When trying to identify good AS candidates for peering from your transit traffic stream. It would seem that distinguishing the ingress traffic by not only the next-hop AS but also by the next-next-hop AS (or by the complete AS path) so that you can identify which customer or peer of your transit provider might be a likely interesting new peer for you. However, due to the concept of BGP traffic in the internet being asymmetrically distributed. It is not possible to exactly determine the real AS path of incoming traffic. The only reliable information is about the next-hop and the origin AS. Assuming that traffic is mostly symmetrical it is possible to "estimate" the distribution of ingress traffic on AS paths. While this assumption is questionable it at least allows to find out one (or some) of the several "potential" intermediate" ASNs for a given origin ASNs.
Is the above statement OK, and what about egress analysis, would that not also provide useful as that information is more reliable?
-guy
Guy.Ram@usa.telekom.de wrote: > When trying to identify good AS candidates for peering from your transit > traffic stream. It would seem that distinguishing the ingress traffic by > not only the next-hop AS but also by the next-next-hop AS (or by the > complete AS path) so that you can identify which customer or peer of your > transit provider might be a likely interesting new peer for you. However, > due to the concept of BGP traffic in the internet being asymmetrically > distributed. It is not possible to exactly determine the real AS path of > incoming traffic. The only reliable information is about the next-hop and > the origin AS. Correct, and you can't generalize by assuming the traffic to by symmetrical, as it isn't far more of the time than it is. In my work, I've always looked at the entire AS-path on outbound traffic, and done a weighted assignment of bytes-through to each AS in the path. For inbound traffic, basically all you can do is look at the origin AS by itself. The neighbor you receive it from isn't interesting, because that's who you _currently_ receive it from, and the whole point of this exercise is to determine who _else_ you could receive it from if you added peers. -Bill
On Fri, Feb 15, 2002 at 12:33:39PM -0500, Guy.Ram@usa.telekom.de wrote:
Is the above statement OK, and what about egress analysis, would that not also provide useful as that information is more reliable?
Josh Wepman and I talked about this in our tutorial on Sunday and BOF on Monday, slides from which can be found here: http://www.automagic.org/IDTE1.ppt http://www.automagic.org/IDTE1bof.ppt (Sorry for the "ppt" part). We realised after we had finished that we forgot to put those URLs on the screen. Our examples were based on measuring outbound traffic, bascially counting packets and bytes per AS_PATH, as Bill mentioned. Some analysis of inbound traffic seems like it should be possible, but it is difficult to know how your model based on your particular view of the BGP table will correspond with real life: for example, you might be able to see a bunch of traffic sources that seem to get at least some transit through a small set of ASes, which might make those ASes good candidates for peering. However, just because they get some transit that way doesn't mean they don't have other transit too. Predicting traffic flow due to the policy of remote networks you have no control over is a somewhat inexact science. Questions of who to peer with are much easier to answer if your traffic profile is weighted outbound away from your AS. joe
participants (3)
-
Bill Woodcock
-
Guy.Ram@usa.telekom.de
-
Joe Abley