Skip to Content.
Sympa Menu

ntacpeering - RE: Covering prefix blackholing traffic to one of its covered prefixes....

Subject: NTAC Peering Working Group

List archive

RE: Covering prefix blackholing traffic to one of its covered prefixes....


Chronological Thread 
  • From: "Spurling, Shannon" <>
  • To: Steven Wallace <>, "" <>
  • Subject: RE: Covering prefix blackholing traffic to one of its covered prefixes....
  • Date: Fri, 21 Apr 2017 13:51:33 +0000
  • Accept-language: en-US
  • Ironport-phdr: 9a23:NCbaEBJoK7gGzXSsVtmcpTZWNBhigK39O0sv0rFitYgeL/jxwZ3uMQTl6Ol3ixeRBMOAuqwC0Lad7fCocFdDyK7JiGoFfp1IWk1NouQttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBAj0OxZrKeTpAI7SiNm82/yv95HJbQhFgDuwbal8IRi5ognct8obipZ+J6gszRfEvmFGcPlMy2NyIlKTkRf85sOu85Nm7i9dpfEv+dNeXKvjZ6g3QqBWAzogM2Au+c3krgLDQheV5nsdSWoZjBxFCBXY4R7gX5fxtiz6tvdh2CSfIMb7Q6w4VSik4qx2ThLjlSUJOCMj8GzPisJ+kr9VoA6vqRJ8zY7bYoCVO+Zxca7GZ9wWWWhBU9xNWyBdAI6xaZYEAeobPeZfqonwv1UCowamBQmxHuPvzj5Ihnn53aEizu8vDAHG0xYmH9IIt3TUqtv5P7oVXOCuzKnH1zPDb/VR2Tf784XIdxchoeuSUr5qd8re11UvGhrDg16NqoLlJyuY2vkJvmWY9eZsS/6jhmo9pwx+pjWj3Nkgh4fUio4N1FzI6Sd0zJwoKdC5VEJ3e8OoHZVeui2AM4Z7TdsuT3xstSs50LEKp4K3cSwQxJknxhPTceGLfoyO7xn+TuieOy14i2hgeL+nhxa970ygyurkW8mp1VZGtzZFktjUtnwQzRDT982HRuFg/kekwjaO1xvT6v1aLkAxj6bUNYMuwqMompoSt0TMADP2lV3rgKKSdUgo4Pak5/jjb7n8qZKRM5V4hh/wP6gzgsC/BP43MgkKX2iV4+S807jj8FXiQLVKlPI2lK/ZsJfcJckAo665BBVV3Zg55xa5ETimzMwUnWMbI1JdZBKHk4/pNknIIPDkF/iwn0ysnyl1yPDcP73hBJrNI2PHkLfgZrZ991VcxBQpwdBe4ZJUFq8OIOj1WkDvqNzUEAU1PBKpzOb6W51B0dYlRW+RD6nRD6rWtVaD66p7OPKTTI4I/jvxNq5hr7TokXYygVIQZ6iv0rMWbmy1BPJrPx/fbHbxyJ9VF3sDtRIzQfbrjlKqUDhPamy0Ur5moDw3FdT1I53EQ9Xnu6ScxiO6GJISLltGA1aKFnGiP9GfW/4KbiWUCspmiDFCU7W9HdxynSqyvRP3nuI0ZtHf/TcV4Mru

Here is my thoughts: (Kind of thinking out loud)

I think this is a compound problem. There is the covering route issue, and then there is the IP address topology issue.

 

I see the covering route with specifics as a solution to the elephant in the room. Route table size. It also sounds like a better solution to those of us that want to avoid a LOT of extra work. If you can advertise a covering route, and a more specific route, you add two prefixes to the internet table. If you have to only advertise prefixes of what you want on a link, you have to break it down, and can be messy and big. Using Covering routes and more specifics is not a bad thing to do for influencing path selection. It’s all in how it mixes.

 

Then there is the IP topology issues. In some cases, people start to think of IP’s as identifiers, not addresses. (Cisco LISP tried to address that.) So, they want to take bits of their address space and move it to other locations around the internet. That should be fine by its self, but when they do the previous covering route behavior becomes an issue. There is also the policy issue, where people say “This service is available on this side of the network but not that one.” And it is located in a subnet that is advertised more specifically out where you want it to go. Then the other direction is blocked by policy or topology. That creates the partitioning.

 

Prefix advertisements are recommendations, not rules or laws. Kind of like David Farmer was saying about taking full routes for a multi-homed network. It’s a good idea (should), but no one says you have to (must). So, these network admins that set metrics or routes, which are more of a firm recommendation (should), and then set hard policies or partitions based on those routes (must), are being a bit naive. You really should have a path or some way to reach the more specific route when it’s being advertised by the covering route. Not sure you could say it’s unacceptable behavior. It’s not ideal.

 

 

Shannon Spurling

 

 

From: [mailto:] On Behalf Of Steven Wallace
Sent: Friday, April 21, 2017 7:54 AM
To:
Subject: Fwd: Covering prefix blackholing traffic to one of its covered prefixes....

 

FYI, I sent the following to the NANOG list…..

 

I’ll forward any responses.



Begin forwarded message:

 

From: Steven Wallace <>

Subject: Covering prefix blackholing traffic to one of its covered prefixes....

Date: April 21, 2017 at 8:37:46 AM EDT

To:

 

We have dual-homed sites that only accept routes from their peers, and default to their transit provider. A site may receive a covering prefix from a peer, but since they are not accepting the full table from their transit provider they don’t see the covered (i.e., more specific). In some cases the peer announcing the covering prefix blackholes traffic to the covered prefix.

Is this accepted behavior, or should a peer announcing a covering prefix always delver packets to its covered routes?


Does this happen often?

Thanks!

Steven Wallace
Indiana University

 




Archive powered by MHonArc 2.6.19.

Top of Page