Greetings, Here is a question -- maybe someone out there can suggest a solution to a problem... We are a small to mid-sized ISP and we feel that in order to compete in todays market we need to provide multiple circuits to different backbone providers and run BGP. We currently have a single T1 (from Sprintlink) which is handling our leased line, web, and dialup customers with little trouble (running at about 20-25%). We want to add another T1 to another major carrier so we can offer a backup circuit in the event our T1 goes down or if Sprint has a major outage. Of course, this wouldn't be just for backup -- it would share the load... We currently have 15 class C addresses and we have been told by Sprint that anthing smaller than a /19 BGP may get filtered. Since we have a whole bunch of non-contiguous class C address (which Sprint gave us), it seems that BGP would never work. So, we contacted the Internic and requested a /19 block so we can do this. The Internic refuses to give someone a /19 block unless they are in need of it right away (a few months projections). We don't need 32 Class Cs because we need to assign that many but we need them because we want to be able to use BGP. The Internic will not give them to us and we seem to have no options. Are there ways around this? Thanks, Steve
Greetings,
Here is a question -- maybe someone out there can suggest a solution to a problem...
We are a small to mid-sized ISP and we feel that in order to compete in todays market we need to provide multiple circuits to different backbone providers and run BGP. We currently have a single T1 (from Sprintlink) which is handling our leased line, web, and dialup customers with little trouble (running at about 20-25%). We want to add another T1 to another major carrier so we can offer a backup circuit in the event our T1 goes down or if Sprint has a major outage. Of course, this wouldn't be just for backup -- it would share the load...
We currently have 15 class C addresses and we have been told by Sprint that anthing smaller than a /19 BGP may get filtered. Since we have a whole bunch of non-contiguous class C address (which Sprint gave us), it seems that BGP would never work.
So, we contacted the Internic and requested a /19 block so we can do this. The Internic refuses to give someone a /19 block unless they are in need of it right away (a few months projections). We don't need 32 Class Cs because we need to assign that many but we need them because we want to be able to use BGP. The Internic will not give them to us and we seem to have no options.
Are there ways around this?
Ignore dire warnings, multi-home and run BGP4 anyway, I think you'll find that your routes are heard by the large majority of sites. By the time it really matters, you'll be able to justify a /19. We are doing this exact thing, (main T1 to sprint, another T1 to second provider, publishing routes via BGP and excepting two full routing views of the net), and have had little trouble with it. Jay Stewart Vice President Olympia Networking Services - "Olympia's Premier Internet Provider" Phone 360.753-3636 Fax 360.357.6160 http://www.olywa.net/
Steve Camas writes...
Are there ways around this?
Route filtering is not the end of the world. Suppose your network and AS are connected between ISP-A and ISP-B. You have a small /20 space from ISP-A. Now supposed ISP-C does filtering that blocks your announcements from going over their network. ISP-A will continue to announce the larger block that contains your small block. Thus for your network there will be a choice of two routes. Where both routes show up, _your_ route will be preferred because it is more specific for your prefix. The rest of the large block will go some other way. So the fact that ISP-A has an "umbrella announcement" over you will have no effect on your announcements. Within ISP-C, however, your announcement will be gone. But the "umbrella announcement" will be there, directing your traffic out over ISP-C's best route to ISP-A. You will _not_ be unreachable. When your traffic from ISP-C going to ISP-A finally reaches a router that has no filtering, then your own route will be seen. Depending on topology, at that point the best route to you may still be ISP-B. Whichever it is will now be the way your traffic goes. It could be ISP-B or ISP-A. Now suppose you lose your T1 to ISP-B. Everything will come to you via ISP-A because there is _your_ route as well as ISP-A's "umbrella route". Now suppose ISP-B is working and you lose your T1 to ISP-A. Your routes go out over ISP-B. The "umbrella route" will still come out to the world from ISP-A, but that won't matter because _your_ more specific route will be chosen anyway. But what about places behind ISP-C's filter that don't see your route at all? Your traffic will be guided out of ISP-C by ISP-A's "umbrella route" alone, but once a router is reached that has both routes, then your more specific route coming _only_ from ISP-B will be used, even if that router belongs to ISP-A (e.g. ISP-C peered to ISP-A directly). The scenario that will cause your network to be unreachable will be when ISP-A's "umbrella route" is no longer available. The smallest scale of failure would be the originating router being down. And this will only affect locations behind ISP-C's filters. Other places still see your routes via ISP-B. Your problem, Steve, is that your current ISP is ISP-C. They are a route filtering ISP. You need to either make sure they let your announcements out to the world at all of their peers (and getting this right may be a very difficult chore for these large bureaucractically driven companies) or choose ISPs that don't filter. You also need to make sure that the ISPs do not filter routes for parts of their own blocks coming in from other peers. If ISP-A did such filtering, then their own customers will find you unreachable, as well as those in ISP-C if ISP-C sends traffic for you into ISP-A. I know of no ISPs doing such a thing, but I actually discussed this with an engineer at MCI and verified that they indeed take announcements for their own networks back in over peers, so if you had MCI address space and your only working link was to another ISP, MCI will route to you via that ISP. I'm sure most others will, too, if they don't filter your route on the basis of your prefix size. That's why staying on Sprint can be a problem if you want to multi-home with a network smaller than a /19. -- Phil Howard | Is your website up right now? KA9WGN | If you subscribed to Red Alert you'd know for sure phil at milepost dot com | http://www.redalert.com/
participants (3)
-
Jay Stewart -
Phil Howard -
Steve Camas