Question about migrating to IPv6 with multiple upstreams.

Owen DeLong owen at delong.com
Tue Jun 14 22:40:15 UTC 2011


On Jun 14, 2011, at 2:42 PM, Seth Mos wrote:

> 
> Op 14 jun 2011, om 19:04 heeft Ray Soucy het volgende geschreven:
> 
>> My guess is within the next year we'll see something pop up that does this.
> 
> Ehm, It's already here, you searched google right?
> 
> I finished it 4 months ago. And a number of commercial platforms already support it. Although Owen doesn't like it much.
> 
> I really wish there was a more bomb proof "lite" version of the BGP protocol.
> - One that has proper authentication not based on a single MD5.
> - One that does not allow the client side to define the networks.
> - That will only support default routes, it's easier if it can not carry the world.
> 
Bullet 1: You're in luck... In IPv6, you can run BGP/IPSEC.
Works today.

Bullet 2: Not sure how you'd do that, but, since the "client side" can't control
what the upstream side accepts, I'm not sure why that matters.

Bullet 3: You have the option of doing that in BGP today, but, I don't know of
any versions of BGP that are so limited other than by memory constraints.

> I think a evolved version of ebgp multihop is workable, but you'd still need some lightweight form of hooking back into the BGP table.
> 
Not sure what you mean by this.

Pretty simple, really... ISP advertises default and accepts <CUST> prefixes with a simple
prefix filter.

<CUST> accepts default and advertises own prefixes.

Done. Works today. Can mostly be fire-and-forget, even.

> Ideally, ISPs could deploy a number of these route "guides" that would inject the proper route into the real BGP table, but by then it is filtered and the ISP has proper control over what ends up in it. Some ISPs could mark this up as a luxury version.
> 

Why not just do it as part of the customer interface configuration on the edge router? Why add the
complication of an extra box somewhere else to manage?

> Perhaps a form of PI bound to country (Exchange) would be a workable solution. So request a piece of "country PI" that is delegated explicitly to the roaming guide(s).
> 

Country PI is fail for a number of reasons.

Owen





More information about the NANOG mailing list