We hit half-million: The Cidr Report

ML ml at kenweb.org
Tue Apr 29 16:43:17 UTC 2014


At one time Covad stated they announce everything as /24 to make 
hijacking more difficult.  Looks like Covad (now MEGAPATH) hasn't 
changed that policy.




On 4/29/2014 12:29 PM, Kate Gerry wrote:
> Already working on aggregating as much as I can. I was checking  my tables the other day and I think I saw another provider advertising their /18 as /24s, it made me sick.
>
> --
> Kate Gerry
> Network Manager
> kate at quadranet.com
>
> 1-888-5-QUADRA Ext 206 | www.QuadraNet.com
> Dedicated Servers, Colocation, Cloud Services and more.
> Datacenters in Los Angeles, Dallas and Miami.
>
> Follow us on:
>
> -----Original Message-----
> From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of Patrick W. Gilmore
> Sent: Tuesday, April 29, 2014 9:23 AM
> To: NANOG list
> Subject: Re: We hit half-million: The Cidr Report
>
>> The remainder of the prefixes (45%) shares the same origin AS and the same path.
>> The could be TE prefixes, but as they are identical to their covering
>> aggregate its hard to appreciate exactly what the engineering intent
>> may be. I could make a wild guess and call these 45% of more specifics
>> to be an act of senseless routing vandalism. ( :-) ) This number has been steady as a % for the past three years.
> This could easily be TE, and a type of TE which would be trivially fixed.
>
> Let's take a simple example of a network with a /22 and 4 POPs. They have the same transit provider(s) at all 4 POPs and a small backbone to connect them. Each POP gets a /24.
>
> A not-ridiculous way to force their transit provider to carry bits instead of clogging their backbone while still ensuring redundancy would be to announce the /22 at all four POPs and the individual /24 at each individual POP. This creates four /24s and a covering /22 with exactly the same path, but still has "use" as TE.
>
> Of course, it would be trivial for the network to clean up their act by attacking no-export to the /24s. But some people either do not know it exists, know how it works, or know BGP well enough to understand it would not harm them. Or maybe they are just lazy: "What's 3 extra prefixes in half a million?"
>
> The answer to the last question is, frankly, nothing. But 3 prefixes for 30K ASNs is an ass-ton. (That's a technical term meaning "lots & lots".)
>
>
> This is a good time for a marketing effort. Let's see if we can get the table back under 500K. Everyone check your announcements. Are you announcing more specifics and a covering aggregate with the same path? Can you delete the more specific? Can you add no-export or another community to keep the more specifics from the global table?
>
> If you are unsure, ask. I think it would be rather awesome if we saw a quick reversal in table growth and went back under 500K, even if it was short lived. ESPECIALLY if we can do it before we hit 512K prefixes. Would prove the community still cares about, well, the community, not just their own network. Because on the Internet, "your network" is part of the "community", and things that harm the latter do harm the former, even if it is difficult for you to see sometimes.
>
> Who will be the first to pull back a few prefixes?
>
> --
> TTFN,
> patrick
>
> On Apr 29, 2014, at 03:31 , Geoff Huston <gih at apnic.net> wrote:
>
>> On 29 Apr 2014, at 12:39 pm, Valdis.Kletnieks at vt.edu wrote:
>>
>>> On Mon, 28 Apr 2014 21:59:43 -0400, "Patrick W. Gilmore" said:
>>>>> On Apr 28, 2014, at 19:41, Chris Boyd <cboyd at gizmopartners.com> wrote:
>>>>> I'm in the middle of a physical move.  I promise I'll take the 3
>>>>> deagg'd /24s out as soon as I can.
>>>> Do not laugh. If everyone who had 3 de-agg'ed prefixes fixed it, the
>>>> table would drop precipitously. We all have to do our part.
>>> Do we have a handle on what percent of the de-aggrs are legitimate
>>> attempts at TE, and what percent are just whoopsies that should be re-aggregated?
>>>
>> I made a shot at such a number in a presentation to NANOG in Feb this
>> year
>> (http://www.potaroo.net/presentations/2014-02-09-bgp2013.pdf)
>>
>>
>> If you assume that Traffic Engineering more specifics share a common
>> origin AS with the covering aggregate, then around 26% of more
>> specifics are TE advertisements. This number (as a percentage) has
>> gwon by 5% over the past three years
>>
>>
>> If you assume that Hole Punching more specifics are more specifics
>> that use a different origin AS, then these account for 30% of the more specifics in today's routing table.
>> This number has fallen by 5% over the past three years.
>>
>> The remainder of the prefixes (45%) shares the same origin AS and the same path.
>> The could be TE prefixes, but as they are identical to their covering
>> aggregate its hard to appreciate exactly what the engineering intent
>> may be. I could make a wild guess and call these 45% of more specifics
>> to be an act of senseless routing vandalism. ( :-) ) This number has been steady as a % for the past three years.
>>
>> Interestingly, it's the hole punching more specifics that are less
>> stable, and the senseless routing vandalism more specifics that are more stable than the average.
>>
>> thanks,
>>    Geoff




More information about the NANOG mailing list