Inevitable death, was Re: Verizon Public Policy on Netflix

list list at
Tue Jul 15 16:02:10 UTC 2014

On 07/15/2014 07:33 AM, Naslund, Steve wrote:
> Here is the number one reason to have an ASN and your own addresses:
> If you are using your upstream provider's address space and dump
> them, you will have to renumber.  That is a big deal for anyone with
> a large internet facing presence and usually results in at least some
> downtime.  Due to the way DNS works (cacheing), there is no really
> instantaneous way to change all the addressing on your publicly
> facing systems without incurring some interruption.  You also could
> have your upstream provider get acquired or re-arrange their network
> whenever they feel necessary and you do not control your own destiny
> at all.  It can also be complex announcing address space you received
> from one provider through another provider's network especially if
> those two providers change their peering arrangements between them.

OK, I used to work for a Web hosting company who (at the start of my
tenure) did not have an ASN, and was not using BGP.  Wasn't multi-homed,
either.  Every time they changed providers, they had to renumber.  Now,
this was a Linux house, very little Windows hosting, so the last time
they renumbered from one upstream number space to another, I came up
with a way to bridge the DNS update problem.

1)  First step was to shorten the old times on DNS, about a month in
advance of the changeover.
2)  I had both upstreams on an overlap of two months.
3)  I shifted all outgoing traffic to the new circuit, and DNS to the
new numbers
4)  In each of the Linux servers, I had both IP addresses configured.
5)  In each box, the old address was then NATted to the new address.

During the two-month transition period, my Web servers would answer to
both addresses, and kept everything straight with NAT so that outgoing
traffic exited the boxes using the same circuit.

After two months, I took all the jerry-rigging out, and canceled the old

Result: absolute minimum down-time for the Web sites, even for
cable-based surfers.

It was even easier when the hosting company got their own IP block and
ASN.  We just added the advertisements into the edge network, and did
the same shuffle to our owned IP addresses.  After a couple of months,
we gave back the old addresses and stopped announcing them (by
prearrangement with our legacy upstream, by the way.)  Then we were home
free and portable.

Renumbering doesn't have to be a customer nightmare, if you plan
carefully and use all the facilities you have at your disposal.

And the earlier renumbering was done at the time that cable companies
used to hold onto DNS caches FOREVER.  Are those days over?  I sure hope so.

More information about the NANOG mailing list