Bad routes update

Peter Tattam peter@jazz-1.trumpet.com.au
Tue, 20 Jul 1999 19:37:48 +1000 (EST)
Previous message: Bad routes update
Next message: Bad routes update
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 20 Jul 1999, Joe Abley wrote:

> On Mon, Jul 19, 1999 at 10:45:29PM -0400, Robert Rockell wrote:
> > After tearing down my inbound filter to only ONE peer of all of my pTLA
> > peers, I see the following bad routes (as path withheld to protect poor
> > non-filtering transit party that I used :)  )
> > 
> > 
> > block				Most downstream AS (not full path)
> > -----------------		----------------------------------
> >
> > [snip!]
> >
> > 3FFE:2900:FFE1::0/48		4768
> 
> When I set up our first tunnels to the 6bone, I was keen to set up
> more than one, since managing a multi-homed environment is the main
> thing I wanted to test. We are multi-homed in our IPv4 network, and
> this requirement will not go away as we transition to v6.
> 
> At the time, I asked about the multi-homing/non-(p)TLA problem, and
> got various conflicting responses.
> 
> More telling, when I progressed to setting up tunnels to our first
> test router, only one of the upstream networks was willing to delegate
> any address space to me -- the others all said "you already have some
> from Sprint, just announce that to us".
> 
> > II. If you are multi-homed:
> > 
> > Filter Outbound, please. It is simple.
> > 
> > ipv access-list firstprovider permit <provider one prefix>::/<length>
> > 
> > ipv access-list secondprovider permit <other prefix>::/<length>
> 
> We _are_ filtering outbound route advertisements; however, we are
> restricting each one to the same Sprint-provided prefix, since that's
> all we have.
> 
> This is clearly wrong, according to all the routing practices drafts
> I have seen for the 6Bone.
> 
> > When Ipv6 goes live, unless business is more good-willed than it is now,
> > this is going to break things, and one pTLA may not have much motivation to
> > fix the problem (unless flames on the 6bone mailing lists really hurt).
> 
> Should I be demanding v6 address prefixes from all my pTLAs?
> 
> On a related note, I've looked, but I can't find the recommended solution
> to the following problem; I also asked Steve Deering about this during
> his IPv6 tutorial at Apricot this year, and at the time he didn't know the
> operational policy on this either (although he could have been trying
> to encourage me to stop asking stupid questions by feigning ignorance :)
> 
>   o  NLA is multi-homed to several pTLAs;
>   o  Each pTLA delegates a v6 address prefix to that NLA;
>   o  NLA has a customer who needs addresses.
> 
> Does the NLA delegate one prefix to the customer per pTLA?
> 
> Does the customer then delegate address(es) from each supplied prefix
> to every interface they have to number in their network?
> 
> Given that the reason we are (and will be) multi-homed is for resilience,
> and reduce dependency on any single upstream provider, if I don't
> announce all prefixes to all providers we're never going to get TCP
> sessions (as they exist now) to survive a "pTLA down" event.
> 
> At the moment it looks like the only way to multi-home in the manner
> that we are used to with IPv4 is to become a (p)TLA.
> 
> I'm confused :) If someone could point me towards some written words on
> this stuff, I would be very appreciative.
> 
> Thanks,
> 
> 
> Joe

Tell me about it.  I banged on enough doors about the subject, but never got a
definitive answer from my point of view.  At the time I was running two NLA's
with suballocations from each which was the "done" thing.  The bottom line was
I had difficulty at the host level in making decisions as to which source
address to choose.  All the rules under the sun didn't (IMHO) help me make
those decisions and in the end it was arbitrary - it was pretty hit & miss
networking. I believe the answer lay in utilizing RA, but it was my impression
that this was still work in progress. It was listed as a hot topic at the last
IETF meeting, but as I wasn't there, I can't comment on the outcome.  I did
read the latest draft on the subject, but it didn't satisfy me either.  I've
had the impression it's been stuck in the too hard basket for too long.

My problems went away by moving to a pTLA, which I believe has been the de
facto answer to the problem :)  Clearly this is not a realistic scenario.

If there's anyone who multi homes NLA or SLA please speak up for I think you
would be a rarity.


BTW, a couple of months ago, for my own enjoyment, I put together a derivation
of the GSE proposal that may solve the problem of multihoming.  Sadly, however,
it is probably too late for this as too many things are set in concrete.   I
can throw it up on our web site for any interested parties.

anyway... back to writing OS's... seeya.

Peter

> 
> -- 
> Joe Abley <jabley@clear.co.nz>      Tel +64 9 912-4065, Fax +64 9 912-5008
> Te Kaihoahoa Kawei, CLEAR Communications Ltd      http://www.clear.net.nz/
> 

--
Peter R. Tattam                            peter@trumpet.com
Managing Director,    Trumpet Software International Pty Ltd
Hobart, Australia,  Ph. +61-3-6245-0220,  Fax +61-3-62450210
Previous message: Bad routes update
Next message: Bad routes update
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]