Upload File

more specific announcements in bgp - apnic · whyadvertise a more specific? ii: to redirect...

  • Home
  • Documents
  • More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8
45
More Specific Announcements in BGP Geoff Huston APNIC

Upload: others

Post on 27-Jun-2020

3 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

More Specific Announcements in BGP

Geoff HustonAPNIC

Page 2: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

What’s a more specific?

Aprefixadvertisementthatrefinesa“covering”advertisement

10.0.0.0/810.1.0.0/16

Page 3: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Why advertise a more specific?

I: Toredirectpacketstoadifferentnetwork:“holepunchingprefixes”

10.0.0.0/8AS65530

10.1.0.0/16AS138000DifferentOriginAS

Page 4: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Example: Type I

Network Path>* 72.249.184.0/21 4777 2497 3356 36024>* 72.249.184.0/24 4777 2497 2914 40824 394094

Page 5: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Why advertise a more specific?

II: Toredirectincomingtraffictodifferentnetworkpaths:“trafficengineeringprefixes”

10.0.0.0/8AS65530

10.0.0.0/9AS6553010.128.0.0/9AS65530

AS65536 AS65537

SameOriginAS,differentASPath

Page 6: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Example: Type II

Network Path*> 1.37.0.0/16 4608 1221 4637 4775 i*> 1.37.27.0/24 4608 1221 4637 4837 4775 i*> 1.37.237.0/24 4608 1221 4637 4837 4775 i

Page 7: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Why advertise a more specific?

III:Tomitigatemorespecificprefixhijacking:“morespecificoverlays”

10.0.0.0/22AS65530

10.0.0.0/24AS65530

10.0.1.0/24AS65530

10.0.2.0/24AS65530

10.0.3.0/24AS65530

SameOriginAS,sameASPath

Page 8: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Example: Type III

Network Path*> 1.0.4.0/22 4608 4826 38803 56203 i*> 1.0.4.0/24 4608 4826 38803 56203 i*> 1.0.5.0/24 4608 4826 38803 56203 i*> 1.0.6.0/24 4608 4826 38803 56203 i*> 1.0.7.0/24 4608 4826 38803 56203 i

Page 9: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

How many eBGP route advertisements are more specifics?

AS131072– 13October2017RoutesAdvertisedAddressSpan

BGPRoutes: 685,8952.86B/32sMoreSpecifics: 365,022(53%)1.04B/32s(36%)

Page 10: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

How many eBGP route advertisements are more specifics?

AS131072– 13October2017RoutesAdvertisedAddressSpan

BGPRoutes: 685,8952.86B/32sMoreSpecifics: 365,022(53%)1.04B/32s(36%)

Page 11: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Has this changed over time?

IPv4

Page 12: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Has this changed over time?

IPv4 IPv6

Page 13: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Has this changed over time?

IPv4 IPv6

Lets use the ratio of More-Specifics to the total route set

Page 14: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Has this changed over time?

IPv4 IPv6

Oddly stable at 50%Still growing

2007 2007now now

Page 15: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

More Specific Types – Prefix Counts

IPv4 IPv6

Page 16: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

More Specific Types – Relative Counts

IPv4 IPv6

Page 17: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

More Specific Types – Relative Counts

IPv4 IPv6Hole Punching

Overlay

Page 18: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

More Specific Types

InbothIPv4andIPv6:• TypeIprefixes(”holepunching”)aredecliningovertime(relatively)• TypeIIprefixes(“trafficengineering”)havebeenrelativelyconstantatsome30%ofmorespecifics• TypeIIIprefixes(“overlays”)haverisen(relatively)andarenowthemoreprevalentformofadvertisedmorespecifics

Page 19: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

What about Address Spans covered by more specifics?

IPv4 IPv6

Yes, this is a LOG scale

Page 20: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

What about Address Spans covered by more specifics?

IPv4 IPv6

Lets use the ratio of More-Specifics to the total address span

Page 21: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

What about Address Spans covered by more specifics?

IPv4 IPv6

Lets use the ratio of More-Specifics to the total address span

27% 2%

Page 22: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Address Span: Breakdown into Types

IPv4 IPv6

Page 23: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

% of Total Span: Breakdown into Types

IPv4 IPv6

It’s mostly overlays!

Page 24: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Overlays are the majority of More Specifics• TheinitialIPv6networkhadlittleinthewayofoverlaysandhadahighproportionofTypeI(HolePunching)morespecifics.ThishaschangedovertimeandtherecentprofileissimilartoIPv4

• Inbothprotocolsthelargestblockofmorespecificannouncementsintermsofaddressspanare“overlays”wheretheASPathoftheenclosingaggregateandthemorespecificareidentical

Page 25: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Overlays are the majority of More SpecificsAreOverlays“polluting”theBGPSpace?• Overlaysdonotchangerouting,butdothesemorespecificsaddtotheroutingload?

Page 26: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Updates

• Let’slookat“routingload”bylookingatBGPupdates

• Ourquestionsare:• Aremorespecifics“noisier”thanaggregates?and• AreoverlaysmoreactiveintermsofBGPUpdatesthanotherprefixes?

Page 27: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Update count by Prefix Type

IPv4 IPv6

Page 28: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Update count by Prefix Type

IPv4 IPv6

Page 29: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Update Count

• InIPv4theupdatecountformorespecificprefixesisgreaterthanthecomparablecountforrootprefixes,whiletheoppositeisthecaseinIPv6.• ButtherelativecountofmorespecificsislowerinIPv6• Let’s“normalise”thisbydividingtheupdatecountbythenumberofprefixestogettheaverageupdatecountperprefixofeachtype

Page 30: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Relative Update count by Prefix Type

IPv4 IPv6

Page 31: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Relative Updates

• Onaverage,inIPv4MoreSpecificsareslightlynoisierthanIPv4Roots,whileinIPv6rootsandmorespecificsareequallylikelytobethesubjectofBGPupdates

• AredifferenttypesofmorespecificsmoreorlessstableinBGPterms?

Page 32: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Average Number of Updates Per More Specific Prefix Type

IPv4 IPv6

Page 33: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Average Number of Updates Per More Specific Prefix Type• InIPv4TypeIITrafficEngineeringPrefixesshowaslightlyhigherlevelofBGPinstabilityonaverageoverTypeIHolePunchingPrefixes,whileTypeIIIOverlayPrefixesshowthehighestlevelsofstabilityofmorespecifics• InIPv6thishasonlybeenapparentinthepastthreeyearswhichTypeIITrafficEngineeringPrefixesshowingthegreatestlevelsofBGPinstability,andTypeIHolePunchingmorespecificsshowingthehighestlevelsofrelativestability

Page 34: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

BGP Instability is heavily skewed

IPv4 IPv6

Page 35: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

What Type of Prefixes are more Unstable?

IPv4 IPv6

Page 36: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

What Type of Prefixes are more Unstable?• TypeIIMoreSpecificPrefixes(TrafficEngineering)areapproximatelytwiceaslikelytobeunstablethaneitherrootprefixesorothertypesofMoreSpecificsinbothIPv4andIPv6

• Thismatchesaroughintuitionaboutthenatureofmorespecifics,whereoverlaysandholepunchingwouldbeexpectedtobeasstableasrootannouncements

Page 37: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Average Number of Updates per Active Prefix Type

IPv4 IPv6

Page 38: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Average Number of Updates per Active Prefix Type• InIPv4TypeIITrafficEngineeringPrefixeshaveagreateraveragenumberofupdatesthanotherprefixtypes• InIPv6RootPrefixestendtohavealoweraveragenumberofupdatesthanotherprefixtypes• PerhapsthesignificantmessagehereisthatIPv6hasahigherinherentlevelofinstability– unstableprefixesinIPv6have100xmoreinstabilityeventsperunstableprefixonaveragethanunstableprefixesinIPv4

Page 39: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

What if…

• AllOverlaymorespecificprefixeswereremovedfromtheroutingtable?

Page 40: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Table Size Implications

IPv4 IPv6

-150,000-10,000

Page 41: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Update Count Implications

IPv4 IPv6

Page 42: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

What if…

• AllOverlaymorespecificprefixeswereremovedfromtheroutingtable?• BothIPv4andIPv6routingtableswoulddropinsizebyapproximately30%,asOverlaymorespecificsarenowthepredominatetypeofmorespecificsintheroutingtables• TherateofdynamicinstabilityinBGPwouldnotchangebyanysignificantamount,asoverlymorespecificsarerelativelystableprefixes

Page 43: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Summary of Findings

• MorespecificsaddtoboththesizeandtheupdateloadofBGP• HoweverBGPitselfisbothareachabilityandatrafficengineeringtool,andmorespecificsareoftenusedtoqualifyreachabilitybytrafficengineering.Wehavenootherviableinternet-widetrafficengineeringtools,sothisparticularuseofBGPreallyhasnoalternative• Recentyearshaveseenthedeclineofholepunchingasmoreproviderstendtotreattheiraddressblocksasintegralunits.• Overlaysarebecomingmoreprevalent.WhilethishasimplicationsintermsoftotaltablesizeithasnosignificantimpactonBGPupdaterates.

Page 44: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Summary of Findings

• ThereisthequestionoftotalinstabilityinIPv6beingfargreaterthanIPv4,butthisisnotintrinsicallyanissuewithmorespecifics,butamoregeneralissueofBGProutinginstabilityinIPv6• Moreinvestigationcalledfor!

Page 45: More Specific Announcements in BGP - APNIC · Whyadvertise a more specific? II: To redirect incoming traffic to different network paths: “ traffic engineering prefixes” 10.0.0.0/8

Thanks!


U n i t 4 Implementing specific interventions to prevent road traffic injuries

Unit 4 Traffic Control Devices and Laws Fact Sheets · 2018-09-01 · Traffic Signs Fact Sheet 4.2 continued Content Information Traffic Signs Signs are specific sizes, shapes and

Optimizing Link Capacities in the Traffic Network ...cdo.ustp.edu.ph/wp-content/uploads/2017/12/6.-IMSP0904b.pdf · depth understanding of traffic flow characteristics with specific

Regulations relating to use of vessel traffic service ... · Regulations relating to use of vessel traffic service areas and use of specific waters (Maritime Traffic Regulations)

Traffic Engineering Management Provisioning · Chapter 10 Traffic Engineering Management Provisioning TEM Service Definitions Feature-Specific Prerequisites and Limitations Some features

m0n0wall and IPSEC · 10.0.0.0/8 and another that is 10.254.254.0/24 then the VPN router will send data to the appropriate network as defined. But if the 10.0.0.0/8 network contains

AUTOMATIZACIÓN Y CONTROL 10 - microautomacion.commicroautomacion.com/catalogo/10Automatizacion_y_control.pdf · 10 10.0.0.0 Introducción Introducción La automatización industrial

Unmanned Aircraft Systems Traffic Management (UTM) – A ... · A specific aspect of air traffic management which manages UAS operations safely, economically and efficiently through

New Annual Traffic Report 2010 - Washington State Department of … · 2011. 4. 27. · Traffic volume and truck percentage data for design purposes should be obtained through specific

TRAFFIC ENGINEERING DIVISION - Virginia Department …virginiadot.org/business/resources/wztc/wztc_training_procedures.pdf · TRAFFIC ENGINEERING DIVISION ... DATE: SPECIFIC SUBJECT:

Chapter 5 Traffic Control Plans Design - State of Oregon 5 Traffic Control Plans Design . ... TCP Designers are strongly encouraged to consider developing project-specific plan sheets

IMPLEMENTING SPECIFIC INTERVENTIONS TO REDUCE ROAD TRAFFIC ACCIDENTS

Traffic Control at Work Sites - Section 9 Specific situations

World Bank Document...- plan specific iteneraries for site machinery traffic - define traffic rules encouraging contractors to respect highway regulations 7. Employment - Hiring of

Appendix 2 – Medium Density Housing - Specific Precincts · KOGARAH DCP 2013 – September 2013 C.A2 - 14 1.3.9 Traffic Circulation Objectives (a) Improve traffic circulation in

TCP Dumps - cisco.com · TCP Dumps Specific Traffic Types. CPS Troubleshooting Guide, Release 11.1.0 4 TCP Dumps Specific Traffic Types. Title: TCP Dumps Author: Unknown Created Date:

Domain-specific NLP pipelines - AI Convention Europe · Domain-specific pipelines Non-standard language use: Radio communication (police, air traffic control) Dispatcher: Adam Twelve

ICM 10.0.0.0 – API Server & Forms Gary Ratcliffe

Chapter 5 - Traffic Operations - CCSF Home Page · PDF fileChapter 5 - Traffic Operations. ... specific categories of unlawful driving behavior. ... may notify the California Highway

INFORMATION PACKAGE FOR PERMIT TRAFFIC SIGNALS...INFORMATION PACKAGE FOR PERMIT TRAFFIC SIGNALS (April 21, 2014) ... (Signal Cabinet and Controller) for specific Permit # and Signal#

Traffic Signs Manual – Chapter 6 - Traffic Control · prerogative of the courts or parking adjudicators in relation to the appearance and use of specific traffic signs, road markings

Lesson 2.1 TRAFFIC SIGNS While traffic signs may give commands, set limits, or provide alerts, each sign has a specific shape and color. The copyright

Road Traffic Noise - DiVA portal212044/FULLTEXT01.pdf · Road Traffic Noise A ... thesis covers the method of noise calculation which applies in specific Nordic ... 3.4 Tools for

Connectivity to on-premises Networks - Oracle · 2019-11-27 · Dynamic Routing Gateway CUSTOMER DATA CENTER, 10.0.0.0/16 A virtual routerthat provides a path for private traffic

Translation d’adresse NAT Principes d’adressage public/privé Pénurie d’adresses officielles Sécurité RFC 1918 10.0.0.0 - 10.255.255.255 ( ? prefix) 172.16.0.0

Appendix F Hacienda at Fairview Valley Specific Plan ... · Appendix F Hacienda at Fairview Valley Specific Plan Traffic Analysis Adequacy Review and Peer Review

Annual Traffic Report 2013 - Washington State Department of … · 2014. 8. 11. · Traffic volume and truck percentage data for design purposes should be obtained through specific

ANNUAL TRAFFIC REPORT...Special stations are one off surveys required to provide traffic information for a specific project. 3.05 TRAFFIC COUNT SITE LOCATIONS AND YEAR OF LAST RECORD

Prefix Filtering: RIPE Database and ROAs · 2018. 4. 12. · !3 BGP - simple hijack Tim Bruijnzeels | 10 April 2018 | RIPE NCC Educa AS65001 AS65002 AS65003 AS65004 10.0.0.0/20 10.0.0.0/20

Table of Contents - XRoads · PDF fileprevent users from flooding the network with low priority traffic ... The “Allocation” option is used to determine what happens ... (10.0.0.0/24

Traffic Management and Streetscape - gov.uk · PDF file6 Traffic Management and Streetscape The Department for Transport does not necessarily advocate the specific examples of traffic

IXIA Corporate template 2016 · NPB All unique frames going to 10.0.0.0/8 Only the first 128 bytes of TCP Port 25 frames Hardware AFM NPB Adv. Packet Processing All traffic from Georgia

SEEM3490 Information Systems Managementseem3490/slides/lecture03.pptx.pdf · Supernetting (NAT) (cont'd) Range Total 10.0.0.0 – 10.255.255.255 224 172.16.0.0 – 172.31.255.255

Traffic Management Guide - Michigan Management Guide 5 Plan Development When a traffic problem is specific, the intervention should also be specific and measurable. With an accurate

Crowdsourcing for Traffic Survey Work on Amazon …Traffic surveys are used to understand the current traffic flow through specific roads, make forecasts to reduce traffic congestion,