The Illustrated Network- P38 potx

There are typically no fi nancial arrangements for peer ISPs providing transit services to the third peer, so peer ISPs will not provide transit to a third peer ISP unless, of course, th

different ISPs rather than keeping requests and replies all on one ISP’s network This common practice has real consequences for QoS enforcement

These drawbacks of the telephony settlements model resulted in a movement to

more simplistic arrangements among ISP peers, which usually means ISPs of roughly equal size These are often called peering arrangements or just peering There is no strict defi nition of what a peer is or is not, but it often describes two ISPs that are directly connected and have instituted some routing policies between them In addi-tion, there is nearly endless variation in settlement arrangements These are just some

of the broad categories The key is that any traffi c that a small network can offl oad onto

a peer costs less than traffi c that stays on internal transit links

Economically, there is often also a sender-keeps-all arrangement in place, and

no money changes hands An ISP that is not a peer is just another customer of the

ISP, and customers pay for services rendered An interesting and common situation arises when three peers share a “transit peer” member This situation is shown in Figure 13.4 There are typically no fi nancial arrangements for peer ISPs providing transit services to the third peer, so peer ISPs will not provide transit to a third peer ISP (unless, of course, the third peer ISP is willing to pay and become a customer of one of the other ISPs)

Traffic with Sources

and Destinations

in ISP A and ISP B

Is Okay

Traffic with Sources and Destinations

in ISP C and ISP B

Is Okay

ISP B

Peer of ISP A and ISP C

ISP A

Peer of ISP B,

but not ISP C

ISP C

Peer of ISP B,

but not ISP A

Traffic with Sources and Destinations

in ISP A and ISP C

Is Blocked

No Direct Connections Exist between ISP A and ISP C

FIGURE 13.4

ISPs do not provide free transit services, and generally are either peers or customers of other ISPs Unless “arrangements” are made, ISP B will routinely block transit traffi c between ISP A and ISP C.

All three of these ISPs are “peers” in the sense that they are roughly equal in terms

of network resources They could all be small or regional or national ISPs ISP A peers with ISP B and ISP B peers with ISP C, but ISP A has no peering arrangement (or direct link) with ISP C So packet deliveries from hosts in ISP A to ISP B (and back) are allowed, as are packet deliveries from hosts in ISP C to and from ISP B But ISP B has routing policies in place to prevent transit traffi c from ISP A to and from ISP C through ISP B How would that be of any benefi t to ISP B? Unless ISP A and ISP C are willing to peer with each other, or ISP A or ISP C is willing to become a customer of ISP B, there will be no routing information sent to ISP A or ISP C to allow these ISPs

to reach each other through ISP B The routing policies enforced on the routers in ISP B will make sure of this, telling ISP A (for example) “you can’t get to ISP C’s hosts through me!”

The real world of the Internet, without a clearly defi ned hierarchy, complicates peering drastically Peering is often a political issue The politics of peering began

in 1997, when a large ISP informed about 15 other ISPs that its current, easy-going peering arrangements would be terminated New agreements for transit traffi c were now required, the ISP said, and the former peers were effectively transformed into customers As the trend spread among the larger ISPs, direct connections were favored over public peering points such as the IXPs

This is one reason that Ace ISP and Best ISP in Figure 13.1 at the beginning of the chapter maintain multiple links between the four routers in the “quad” between their border routers Suppose for a moment that routers P2 and P4 only have a single, direct link between them to connect the two ISPs What would happen if that link were down? Well, at fi rst glance, the situation doesn’t seem very drastic Both have links

to “the Internet,” which we know now is just a collection of other ISPs just like Ace and Best

Can LAN1 reach LAN2 through “the Internet”? Maybe It all depends on the arrange-ments between our two ISPs and the ISPs at the end of the “Internet” links These ISPs might not deliver transit traffi c between Ace and Best, and may even demand payment for these packets as “customers” of these other ISPs The best thing for Ace and Best to do—if they don’t have multiple backup links in their “quad”—is to make more peers

of other ISPs

PICKING A PEER

All larger ISPs often want to be peers, and peers of the biggest ISPs around (For many, buying transit and becoming a customer of some other ISP is a much less expensive and effective way to get access to the global public Internet if being a transit provider is not your core business.) When it comes to peering, bigger is better, so a series of merg-ers and acquisitions (it is often claimed that there are no mergmerg-ers, only acquisitions) among the ISPs took place as each ISP sought to become a “bigger peer” than another This consolidation decreased the number of huge ISPs and also reduced the number of potential peers considerably

Potential partners for peering arrangements are usually closely examined in several areas ISPs being considered for potential peering must have high capacity backbones,

be of roughly the same size, cover key areas, have a good network operations center (NOC), have about the same quality of service (QoS) in terms of delay and dropped packets, and (most importantly), exchange traffi c roughly symmetrically Nobody wants their routers, the workhorse of the ISP, to peer with an ISP that supplies 10,000 packets for every 1000 packets it accepts Servers, especially Web sites, tend to generate much more traffi c than they consume, so ISPs with “tight” networks with many server farms

or Web hosting sites often have a hard time peering with anyone On the other hand, ISPs with many casual, intermittent client users are courted by many peering suitors Even if match is not quite the same in size, if the traffi c fl ows are symmetrical, peering

is always possible The peering situation is often as shown in Figure 13.5 Keep in mind that other types of networks (such as cable TV operators and DSL providers) have dif-ferent peering goals than presented here

Without peering arrangements in place, ISPs rely on public exchange and peer-ing points like the IXPs for connectivity The trend is toward more private peerpeer-ing between pairs of peer ISPs

Private peering can be accomplished by installing a WAN link between the AS border routers of the two ISPs Alternatively, peering can be done at a collocation site where the two peers’ routers basically sit side by side Both types of private peering are common

ISP A

Traffic with Balance

ISP A to ISP B: 1000

packets per min.

ISP B to ISP A: 1000

packets per min.

Traffic Flow Unbalanced

ISP A to ISP C: 1000 packets per min.

ISP C to ISP A: 10,000 packets per min.

Medium Infrastructure Mix of Clients and Servers

ISP B

Large Infrastructure

with Many Clients

ISP C

Many Web Servers

on Lots of Server Farms

Who will peer

with ISP A?

FIGURE 13.5

Good and bad peering candidates Note that the goal is to balance the traffi c fl ow as much as possible Generally, the more servers the ISP maintains, the harder it is to peer (a) ISP A will propose peering to ISP B; (b) ISP A will not want to peer with ISP C but will take them on as a customer.

The Internet today has more routes than there were computers attached to the

Internet in early 1989 Routing policies are necessary whether the peering relationship

is public or private (through an IXP or through a WAN link between border routers) Routing information simply cannot be easily distributed everywhere all at once Even the routing protocols play a role Some routing protocols send much more information than others, although protocols can be “tuned” by adjusting parameters and with rout-ing policies

Routing policies help interior gateway protocols (IGPs) such as OSPF and IS–IS distribute routing information within an AS more effi ciently The fl ow of routing infor-mation between routing domains must be controlled by routing policies to enforce the public or private peering arrangements in place between ISPs

In the next chapter, we’ll see how an IGP works within an AS or routing domain

Even Better ISP (established when EveNet ISP bought Better ISP)

One Unified Routing Policy and Domain

Lower Speed Link

Higher Speed

Link

Private Peering with Ace

ISP (large amounts of

traffic exchanged)

Public Peering with Best ISP at an IXP

AS

(former Better ISP)

FIGURE 13.6

Even Better ISP, showing peering arrangements and routing domains.

QUESTIONS FOR READERS

Figure 13.6 shows some of the concepts discussed in this chapter and can be used to help you answer the following questions

1 What is an Internet autonomous system (AS)?

2 Why might a single ISP like Even Better ISP have more than one routing domain?

3 What is the purpose of a routing policy?

4 What does “ISP peering” mean?

5 What is the difference between public and private peering? Are both necessary?

What You Will Learn

In this chapter, you will learn about the role of IGPs and how these routing proto-cols are used in a routing domain or autonomous system (AS) We’ll use OSPF and RIP, but mention IS–IS as well

You will learn how a routing policy can distribute the information gathered from one routing protocol into another, where it can be used to build routing and

forwarding tables, or announced (sent) to other routers We’ll create a routing

policy to announce our IPv6 routes to the other routers

As is true of many chapters in this book, this chapter’s content is more than enough for a whole book by itself Only the basics of IGPs are covered here, but they are enough to illustrate the function of an internal routing protocol on our network

14

In this chapter, we’ll confi gure an IGP to run on the Juniper Networks routers that make up the Illustrated Network In Chapter 9 we saw output that showed OSPF run-ning on router CE6 as part of Best ISP’s AS So fi rst we’ll show how OSPF was confi g-ured on the routers in AS 65127 and AS 65459 We could confi gure IS–IS on the other

AS, but that would make an already long chapter even longer Because we closed the last chapter with IPv6 ping messages not working, let’s confi gure RIPng, the version of RIP that is for IPv6 This is not an endorsement of RIPng, especially given other avail-able choices It’s just an example

Why not add OSPFv3 (the version of OSPF used with IPv6) for IPv6 support? We certainly could, but suppose the smaller site routers only supported RIP or RIPng? (RIP

is usually bundled with basic software, but other IGPs often have to be purchased.) Then we would have no choice but to run RIPng to distribute the IPv6 addresses If we confi gure RIPng to run on the ASs between on-site routers CE0 and CE6, we can always extend RIPng support right to the Unix hosts (the IPv6 hosts just need to point to CE0

or CE6 as their default routers)

In this chapter, we’ll use the routers heavily, as shown in Figure 14.1

IGPs: RIP, OSPF,

and IS–IS

FIGURE 14.1

The routers on the Illustrated Network, showing routers on which OSPF and RIPng will be running The IGPs will not be running between the two AS routing domains; instead, an EGP will run.

CE0

lo0: 192.168.0.1

fe-1/3/0: 10.10.11.1 MAC: 00:05:85:88:cc:db (Juniper_88:cc:db) IPv6: fe80:205:85ff:fe88:ccdb

P9

lo0: 192.168.9.1

PE5

lo0: 192.168.5.1

P4

lo0: 192.168.4.1

so-0/0/1 79.2

so-0/0/1 24.2

so-0/0/0 47.1

so-0/0/

2 29.2

so-0/0/3 49.2

so-0/0/3 49.1

so-0/0/059.2

so-0/0/2 45.1

so-0/0 /2 45.2 so-0/0/059.1

ge-0/0/3 50.2

ge-0/0/350.1 DSL Link

Ethernet LAN Switch with Twisted-Pair Wiring

bsdclient lnxserver wincli1

em0: 10.10.11.177

MAC: 00:0e:0c:3b:8f:94

(Intel_3b:8f:94)

IPv6: fe80::20e:

cff:fe3b:8f94

eth0: 10.10.11.66 MAC: 00:d0:b7:1f:fe:e6 (Intel_1f:fe:e6) IPv6: fe80::2d0:

b7ff:fe1f:fee6

LAN2: 10.10.11.51 MAC: 00:0e:0c:3b:88:3c (Intel_3b:88:3c) IPv6: fe80::20e:

cff:fe3b:883c

LAN2: 10.10.11.111 MAC: 00:0e:0c:3b:87:36 (Intel_3b:87:36) IPv6: fe80::20e:

cff:fe3b:8736

winsvr1

LAN1

Los Angeles

Office

Ace ISP

AS 65459

Wireless

in Home

Solid rules ⫽ SONET/SDH

Dashed rules ⫽ Gig Ethernet

Note: All links use 10.0.x.y

addressing only the last

two octets are shown.

lo0: 192.168.6.1

fe-1/3/0: 10.10.12.1 MAC: 0:05:85:8b:bc:db (Juniper_8b:bc:db) IPv6: fe80:205:85ff:fe8b:bcdb Ethernet LAN Switch with Twisted-Pair Wiring

bsdserver lnxclient winsvr2 wincli2

eth0: 10.10.12.77

MAC: 00:0e:0c:3b:87:32

(Intel_3b:87:32)

IPv6: fe80::20e:

cff:fe3b:8732

eth0: 10.10.12.166 MAC: 00:b0:d0:45:34:64 (Dell_45:34:64) IPv6: fe80::2b0:

d0ff:fe45:3464

LAN2: 10.10.12.52 MAC: 00:0e:0c:3b:88:56 (Intel_3b:88:56) IPv6: fe80::20e:

cff:fe3b:8856

LAN2: 10.10.12.222 MAC: 00:02:b3:27:fa:8c IPv6: fe80::202: b3ff:fe27:fa8c

LAN2

New York

Office

P7

lo0: 192.168.7.1

PE1

lo0: 192.168.1.1

P2

lo0: 192.168.2.1

so-0/0/1

79.1

so-0/0/1

24.1

so-0/0/0

47.2

so-0/0/2

29.1

so-0/0/3 27.2

so-0/0/3 27.1

so-0/0/2 17.2

so-0/0/2 17.1

so-0/0/0 12.2

so-0/0/0 12.1

ge-0/0/3 16.2

ge-0/0/3 16.

1

Best ISP

AS 65127

Global Public Internet

Unfortunately, when it comes to networks, a lot of things are interrelated, although we’d like to learn them sequentially For example, we’ve already shown in Chapter 9 that OSPF is confi gured on the routers, although we didn’t confi gure it Also, although

both ASs will run the same IGP (RIPng) in this chapter, the ASs are not running RIPng

or any other IGP in between (e.g., on the links between routers P9 and P7) That’s the job of the EGP, which we’ll explore in the next chapter There is a lot going on in this chapter, so let’s list the topics covered here (and in Chapter 15), so we don’t get lost

1 We’ll talk about ASs and the role of IGP and EGPs on a network

2 We’ll confi gure RIPng as the IGP in both ASs, starting with the IPv6 address on the interfaces and show that the routing information about LAN1 and LAN2 ends up everywhere We will not talk about the role of the EGP in all this until Chapter 15

3 We’ll compare three major IGPs: RIP, OSPF, and IS–IS In the OSPF section, we’ll show how OSPF was confi gured in the two ASs for Chapter 9

Internal and External Links

In this chapter, we’ll add RIPng as an IGP on all but the links between AS 65459 and AS 65127 This affects routers P9 and P4 in AS 65459 and routers P7 and P2 in

AS 65127 IGPs run on internal (intra-AS) links, and EGPs run on external

(inter-AS) links

In Chapter 15, we’ll confi gure BGP as the EGP on those links This chapter assumes that BGP is up and running properly on the external links between P9 and P4 in AS 65459 and P7 and P2 in AS 65127

We’ll use our Windows XP clients for this exercise, just to show that the “home version” of XP is completely comfortable with IPv6

Autonomous System Numbers

Ace and Best ISP on the Illustrated Network use AS numbers (ASNs) in the private range, just as our IP addresses IANA parcels them out to the various registries that assign them as needed to those who apply Before 2007, AS numbers were 2-byte (16-bit) values with the following ranges of relevance:

■ 0: Reserved (can be used to identify nonrouted networks)

■ 1–43007: Allocated by ARIN, APNIC, AfriNIC, and RIPE NCC

■ 43008–48127: Held by IANA

■ 48128–64511: Reserved by IANA

■ 64512–65534: Designated by IANA for private use

■ 65535: Reserved