asymmetric routing

Pim van Pelt pim@ipng.nl
Mon, 28 Jan 2002 16:55:58 +0100


Regarding my statements on asymmetric routing at IPng, Christian (JOIN) 
reasoned:
| > Yes, one could filter all but those prefixes a customer holds, but then the
| > customer has to name all his providers/prefixes. You can't force a customer
| > to do so, because that information might be confidential.

Sandy said:
|    Isn't this reasoning flawed? Customer #1 has prefix A.  You let that
| traffic through.  Customer #2 has prefixes X, Y and Z - but he doesn't
| want you to know about Z because he's afraid that you won't like him. 
| So, you let through traffic with prefixes X and Y.  Stop Z.  Traffic Z,
| if any, will go through some other provider, or it won't go through. 
| You're not forcing anyone to do anything.
|    What am I missing?  You can limit the prefixes you allow to those
| your customers tell you about.  Your customers can have more than one
| feed, and he doesn't have to tell you everything.
Well it's not really BGP we were talking about. In the BGP world we can
filter updates from downstream customers, which means we will not route
traffic to them. But what if the customer, with prefix B, sends traffic
originating from B via my networks (and I am prefix aggregator A). Then
I will inject traffic into the 6BONE that should not be coming from my
routers.
This can no longer be taken care of by BGP prefixlist filters, but the need
for ACL based filtering arises. The customer with a desire to be multihomed, 
should respect aggregation policies and not send provider A traffic that comes 
from prefix B, when A does not advertise B's prefixes into the default free
zone.
In practice, unless you deliberately deop the traffic, customers will send
you any and all traffic they please. Being passive makes you break rules.
This is why I brought my first post to the list. But I think we made that 
point already ;-)

|    You're not forcing anyone to do anything.  He is forcing himself to
| pay for routers and network people which can direct his traffic out the
| proper cables, and HE is the one who suffers if HE screws it up.  He
| does NOT have the right to force you to enable routing loops because his
| routers got confused.
This is a very harsh point of view. In real life, the customer pays you to
handle his traffic, and I can very well understand him wanting more than one
uplink to different providers, .. , in the ipv4 world this is very normal.
However, with IPv6, you (the provider) cannot simply handle any traffic given
to you by your customers. This breaks the multihomedness we know and use in
IPv4 networking.

About dual uplinks and load balancing. These are not layer3 decisions, and
can be taken care of at a lower level, eliminating the need of disjunct sets
of IPv6 addresses (eg, more than one prefix). Does anybody have info on 
situations where a customer would want more than one AS to uplink to ? And
please look at the future when reasoning, not at the present IPv4 situation.

groet,
Pim
-- 
---------- - -    - - -+- - -    - - ----------
Pim van Pelt                 Email: pim@ipng.nl
http://www.ipng.nl/             IPv6 Deployment
-----------------------------------------------