Verio Peering Question

Patrick W. Gilmore patrick at ianai.net
Fri Sep 28 16:31:53 UTC 2001


At 09:01 AM 9/28/2001 -0700, Majdi S. Abbas wrote:

 >	Sure, they filter, but they invite THEIR peers to filter them, as
 >well.  I don't see any hypocracy in that.

I am sorry you do not.  How about we agree to disagree?

I do, however, agree that all their peers should take them up on their 
invitation and filter Verio, but only Verio.

How much would you like to bet that if every backbone, or even just a few 
major ones, filtered Verio (and only Verio) as Verio suggests, that Verio 
would stop filtering and ask them to stop filtering?  I would put $1,000 on 
it right here and now, publicly.  (Since you mention my job history below, 
you know I am not an Internet millionaire, so you know this is not an 
insignificant amount of money for me.)

Then again, I can see from below that you obviously do not understand the 
implications of this filtering policy.



 >	Patrick, neither does claiming that such filtering /isn't/ "The Right
 >Thing."  And I find your prior argument that filtering is hurting the
 >business of Verio as completely laughable -- clearly the open filtering 
policy
 >is what made providers such as Priori and Onyx (USA) such a success.  Someone
 >with your, shall we say, `colorful' job history should be well aware that
 >engineering policy has little to do with the success or failure of an ISP.

Thank you for your support.  At least you did not try to imply that my 
previous networks died because I could not engineer them properly.  But 
that is not really the issue here.


 >> The Internet is where it is today because people pumped billions of 
dollars
 >> into it.  (Mostly to get pr0n. :)  Many of these people require robust,
 >> high performance connectivity to the Internet, which can best be 
guaranteed
 >> through multiple connections to multiple providers.  And they are willing
 >> to pay for it.
 >
 >	And the people who pumped billions of dollars into it are welcome
 >to protect their assets, their network, and their customers as they choose.
 >I do not yet have the ego required to claim that Verio's--or anyone's
 >equipment is in the public domain.

I was not claiming that.


 >> If you have a better way for people to get robust, high performance
 >> connections, please submit it.  I do not think filtering is bad because I
 >> had a vision from ghod, I think it is bad because it does not let the
 >> people paying for all these nice toys, and pushing all these 100s of Gbps,
 >> do what they want to do.  Do what they NEED to do if we are to continue
 >> having an Internet.
 >
 >	Doesn't it?  Filtering does not prevent these people from doing
 >what they wish.  It simply establishes guidelines for how they do it.
 >There is -no difference- between filtering on /25-and-longer and
 >filtering as Verio does.  The former modifies behavior by asking that
 >people refrain from announcing anything smaller than a /24.  The
 >latter simply filters prefixes based on registry allocation policy.

Actually, there is a difference.


 >> You can argue that they want what is bad for them, and you may be
 >> right.  But I argue that requiring smaller companies and providers to have
 >> a single connection will cause them more downtime and worse performance
 >> than allowing the global table to fill with the longer announcements.
 >
 >	How does this require that they single-home?  I have no idea
 >where this paragraph came from, but in the context of this post, I
 >guess that's not a new feeling.

Please read Randy's documents.  They explain it quite clearly.

I shall try to summarize.  A company or small provider can easily get a /24 
from their upstream by simply claiming they want to multi-home, even if 
they do not need 256 IP addresses.  A company or small provider cannot get 
a /20 from ARIN or RIPE or APNIC by claiming they need to multi-home.  The 
registries only hand out allocations based on IP need, they state quite 
clearly that you should get smaller allotments from your upstream.

So, say I am a small company with 50 or so employees, and I rely very, very 
heavily on my internal web server for my business.  I have a few options:
  * I can place my server at a colocation house, which would put me 
completely at the mercy of that colocation house.
  * I can put my web server here in my office and get a single link to the 
Internet, which puts me completely at the mercy of that physical line and 
single provider.
  * I can multi-home.

(Probably the best option would be to put the box at a colocation house 
like Above.Net which allows me to pull in a line from another provider, 
while also providing me with all the backup & security of a colocation 
facility instead of a standard business-class building.  But that still 
requires me to multi-home.)

Because of my small need for IP space, none of the IP registries will give 
me my own /20 (or whatever).  However, ARIN will not complain if one of my 
upstreams SWIPs a /24 to me, even if I do not require an entire /24.  I 
announce that /24 to both my upstreams.

If that /24 is filtered by all backbones, my second connection to the 
Internet is essentially useless, a waste of money.


Also, please note that if all backbones filtered Verio - and only Verio - 
as Verio suggests, then anyone announcing a /24 into Verio from the space 
of another provider would be wasting their money.  If the link to the other 
provider were to fail, the customer would receive no traffic from anywhere 
on the Internet, except Verio and Verio customers.  While this is not a 
trivial amount of the Internet, it is still a small fraction of the 
Internet.  (This is why I believe Verio would stop filtering if everyone 
filtered only Verio.)


Do you now understand why "filtering == forcing small providers / 
businesses to single home"?  If anything was not clear, please contact me 
off list and I shall try to explain further.


Again, I and many other people are open to alternatives.  Whenever I bring 
this argument up to Randy (and some others), he tells me that these smaller 
people do not need to multi-home, or that they are not big enough to 
matter.  Kinda arrogant if you ask me, especially considering some of these 
people (including Randy) used to do the opposite of what they now preach, 
back before they were "tier 1" providers.

I also submit that these small companies & providers are big enough to 
matter, at least in aggregate.  A large amount of traffic (and money) comes 
from these types of providers & businesses.  If there were not that many of 
them, it would not make a difference to the global table.


 >	--msa

--
TTFN,
patrick




More information about the NANOG mailing list