Hi,
On Wed, Nov 21, 2001 at 05:07:27PM +0300, Bob's Lists wrote:
> > Please comment on the *full* sentence :-) - we're not going to filter /24s
> > from Swamp space or from network blocks where /24s have been officially
> > given to end users. If we filter, we'll start with the ARIN (and APNIC)
> > blocks that have only been assigned as /20 or even bigger blocks - those
> > should be announced as /20 or less specific, not as /24s.
>
> Bzzzt. Still wrong. There's nothing to stop anyone with an ARIN /20
> announcing smaller blocks.
No. But there is nothing either that is going to force *me* to ever
increase my router's CPU and memory. If those people want to be reached,
they can announce the /20. If they do not want, they can announce it
as /32s (which would be ridiculous, but then, where is the border to
"ridiculous"?).
If I filter "no /24s", I will hit people from swamp space that are
legitimately announcing /24s (because they do not have anything else).
If I filter "no /24s in ARIN only-/20s-here blocks", I hit only those
people that think they can announce whatever they like without any
thought about the global cost they are causing. There are about
60.000 /24s in the global table, and MANY of them could be aggregated
just fine. If people only would care.
We have just spent about US$ 50.000 in upgrading all "full BGP" routers
to "256 Mb RAM", which for a number of boxes meant "get a new NPE or
a new RSP". These costs are caused by people that think "hey, announcing
a /20 is boring, there is no hurt in announcing 16 /24s and using that
for load balancing". There *is*.
> Where do you get off telling them they must announce it as a /20?
I'm not doing that. I tell them "if you want to reach AS 5539 in future,
you'd better get your announcements aggregated".
> Some do it through ignorance, sure. MOST do it through necessity.
There is hardly any necessity of announcing only more specifics.
In some cases (customer routes, whatnot) it's necessary to announce the
base /20 and then *some* /24s out of it, which usually then have different
AS paths. I'm not complaining about that.
I'm complaining about lots of networks that could be aggregated just fine.
> The ones you're whining about, I'd be prepared to bet that many of
> them are forced to announce their blocks as they do because of
> geographical or other circumstances which necessitate it. I have no
> argument with educating those who are announcing shorter blocks
> unnecessarily, but I think you will find those are in the minority.
Have you ever talked to them? Last time I did - talking to one of our
peers - one response was "oh, yes, we're so sorry about the mess we're
announcing, but our customer said that he wants it so" (and the customer
is actually single-homed). Another response was "people all over the
US do it, so it can't be wrong, what are you complaining about?".
There is *hardly* ever a hard need to deaggregate blocks.
Sometimes it's necessary to deaggreate to an upstream provider, but
usually it's then possible to make sure they do not announce the
more-specifics "out", but only the network block. Or (in case of
multiple ISPs) announce the deaggregates only to their peers, but not
"upstream" to the world.
> Actually 'wrong' is the wrong word. I'm not debating with you - start
> filtering or not it's your network do what you like with it. 'wrong'
> in that you will make your network unable to reach a small percentage
> of other networks, starting with mine. If that is of no consequence to
> you, who are we to argue.
So if you are one of the people that think there is a hard need to not
announce your aggregate and only announce all the more specifics - could
you elaborate on why this is so?
My goal is not to reduce connectivity - my goal is to reduce costs on my
end, and (more important) to ensure that the global routing system will
survive the next few years. With the current growth in BGP table size,
we see more and more BGP convergence problems due to overloaded routers
and RAM overflow, and this hurts everybody.
So if I manage to annoy people enough that they start considering "hey,
is this really the only way I can achieve what I want", then *this* is
what I want.
(Sorry for being off-topic on the cisco-nsp list - it's only OT insofar
as Cisco CPUs are always memory-limited, Cisco memory is way overpriced
and Cisco hardware design/marketing people always design things in
stupid ways, like "NPE-400 having only ONE memory slot, so when upgrading
you can throw away a very expensive Cisco memory module" - as this happens
all the time, and ever again, it can be considered purpose)
gert
-- USENET is *not* the non-clickable part of WWW! //www.muc.de/~gert/ Gert Doering - Munich, Germany gert@greenie.muc.de fax: +49-89-35655025 gert.doering@physik.tu-muenchen.de
This archive was generated by hypermail 2b29 : Sun Aug 04 2002 - 04:12:55 EDT