Re: OT: Black holes and BGP
From: Howard C. Berkowitz (hcb@gettcomm.com)
Date: Fri Sep 17 2004 - 09:52:34 GMT-3
At 5:39 AM -0700 9/17/04, Anthony Pace wrote:
>Carlos,
>
>What you describe in your second paragraph is exactly the case. One of
>my ISP's (COX) has arrangements with other ISP's to prefer routes from
>COX regardless of whether the routes come in via other AS's. This
>nullifies my ability to utilize PRE-PENDS as a mechanism to make the
>route less attractive via COX. My only choice is stop advertising all
>together or admin down the BGP session.
If you have no financial relationship with other AS (e.g., peers of
Cox), the nature of Internet routing is such that you have no
definitive way to force them to send traffic in any particular way.
Do not rely on prepending, because ISPs may strip or ignore prepends.
Remember ISPs operate in a cooperative anarchy, where the only way to
force a certain behavior is contractual.
>
>The Black Holes occur because I AM available. I have no problem with
>outbound (EGRESS) traffic. I am connected to the PEER at the ISP. The
>ISP advertises my routes to the rest of the world, but because of some
>other problem (synchronization or whatever) the ISP actually can't bring
>in traffic to me.
The most likely explanation is that some other ISP is advertising
more-specifics than this ISP. Synchronization is not likely to be an
issue because no real-world ISPs use synchronization.
Synchronization is a relic of a time when ISPs did not run pervasive
BGP or certain more modern variants. Juniper doesn't even implement
it, and Cisco has suggested that they will, at some future time, drop
support for it. I believe the recent default is no sync.
>
>Tony
>
>On Fri, 17 Sep 2004 06:46:21 -0300, "Carlos G Mendioroz"
><tron@huapi.ba.ar> said:
>> Why would the ISP continue to advertise YOUR prefix if you are
>> unavailable ?
>>
>> One gotcha I've seen is that some ASs do prefer routes through some
>> peers no matter what prepending you do on that. But the longest match
>> rule seems to hold even then, so you may fix it by doing holes, for the
>> happyness of the whole internet routing table growing :-)
>>
>> If the problem is forcing one or the other, conditional advertising is
>> the way to go AFAIK. But I'm sure I'm missing something...
>>
>> Anthony Pace wrote:
>> > Does anyone know of a mechanism, or troubleshooting methodology for
>> > diagnosing a partial Internet Outage of INGRESS traffic?
>> >
>> > My network is multi-homed to 2 ISP�s, which land on 2 separate routers
>> > (which come in on 2 different ILEC's physical media). Each of these
>> > routers peers with the respective ISP and each other. There is
>> > flexibility to allow some address blocks to be advertised so that the
>> > INGRESS traffic will arrive at one or the other ISP links (and PREPENDS
>> > to the other ISP create an alternate route.)
>> >
>> > This architecture is an automatic failover for loss of router, circuit,
>> > or BGP session, but does nothing to protect against one of the providers
>> > advertising one of our address blocks and "black holing" the traffic
>> > (due to an outage or whatever). The world will not take the alternate,
>> > longer AS-PATH route from the second provider so long as the "problem
>> > provider" is announcing a more attractive route.
>> >
>> > The solution requires a human intervention (once it is determined that
>> > "some" people can't reach the address space.) I know there are services
>> > that will monitor your Internet presence and notify you if parts of the
>> > world are not able to reach you. I know there are public route servers,
>> > which can be checked in the event a problem is suspected.
>> >
>> > Does anyone know of a mechanism or a methodology that can be used in
>> > such a scenario? I know there allot of smart people on this list and I
>> > bet some of you have dealt with this exact scenario.
>> >
>> > Sorry for the off topic post.
>> >
>> > Anthony Pace CCIE 10349
>>
>> --
>> Carlos G Mendioroz <tron@huapi.ba.ar> LW7 EQI Argentina
>>
>--
> Anthony Pace
> anthonypace@fastmail.fm
>
>_______________________________________________________________________
>Subscription information may be found at:
>http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4
: Fri Oct 01 2004 - 15:00:45 GMT-3