ntacpeering - Re: R&E route policy with other NRENs
Subject: NTAC Peering Working Group
List archive
- From: David Farmer <>
- To: Michael H Lambert <>
- Cc:
- Subject: Re: R&E route policy with other NRENs
- Date: Sat, 7 Apr 2018 11:18:42 -0500
- Ironport-phdr: 9a23:PRwP8x9ZS9oJ2P9uRHKM819IXTAuvvDOBiVQ1KB21uocTK2v8tzYMVDF4r011RmVBd6ds6oMotGVmpioYXYH75eFvSJKW713fDhBt/8rmRc9CtWOE0zxIa2iRSU7GMNfSA0tpCnjYgBaF8nkelLdvGC54yIMFRXjLwp1Ifn+FpLPg8it2O2+55Pebx9UiDahfLh/MAi4oQLNu8cMnIBsMLwxyhzHontJf+RZ22ZlLk+Nkhj/+8m94odt/zxftPw9+cFAV776f7kjQrxDEDsmKWE169b1uhTFUACC+2ETUmQSkhpPHgjF8BT3VYr/vyfmquZw3jSRMNboRr4oRzut86ZrSAfpiCgZMT457HrXgdF0gK5CvR6tuwBzz4vSbYqINvRxY7ndcMsYSmpPXshfWS9PDJ6iYYQTFOcOJ/pUopPnqlcSsRezBw+hD/7vxD9SgX/22LU33eo7HgHY3QwvAs8FvnTOo9XvMacdT/q1x7TPwDXNdfxWwzL955bSch06vPGMWLRwfdDPxkYyCgPIl1OdopHrMTOS0+QCqWmb7+x4WO6xlmIqqht9riahy8oskIXFmJwZx1He+Sll2Io4KsO0RFR4bNOqCpdcqi+XOolsTs8+W21ltzg2xqcFtJO1ZiQG1Zoqyh3FZ/Cba4SE/A/vWPqLLTtmnn5od6iziwqq/US9zuDxWdO43EhFoydEiNXBsnEA2wbP5sSfV/dx4Ees1SyR2wzP6exIO085mKTBJ5I92rI8i4QfvETZEiPohEn7j7Wae0or9+Sy9+jqZKjtqJyEN4Jslw3zPKsjlta8DOk3KAQCQmyW9OWm2LH94UH0QK1GguMqnqTdqpzXJsQWqrSnDwNI3Isv8RSyAyqg3d8Fh3cINkhFdwiCj4XxO1HBPvT4DfCnjlSpjDdk3enKPqXhD5nXKXjDkavhcaxg605Zzgo/185Q6I9JCr0ZIfLzXFH+tMDAAxMkPQG5zPzrBdZy248ERG6CBq6UPLnMvVOU5u8jO+yMa5UUuDb5Jfgl/fnujXohlF8TZ6apx54XZ26iHvl9PkWZZHzsjs0fHmgXowoyVPbqh0GaUT5Pe3ayWLox5jcnCI28EYjDXp6ij6Kb3Ce6GJ1WaXtLClSNEXfza4WEQOkAZDiTIs9njjwLS6KhS4k/2hGyqgP20aRoIffJ+n5QiZW28dl+5+TekVkSvRh9Cs6QyX3FG2V9m2kFXSMexLt050Fx1wHQ/7J/hql0HMJS67tnWx0/OISUm+JzEdX/QCrce9HPRVq7FIb1SQotR848loddK312HM+v21Wah3Kn
To be clear I'm not saying it is inappropriate UBUNTU or RENU to have a GGC in their R&E route table, I think that is a great idea for them. However, what I am saying, is that Internet2 should not accept such routes from them. Furthermore, in most cases, we should not advertise such routes to them either. The intent of services like GGC, Akamai, and anycast generally, is to service users as topologically close as possible. Accepting these routes from other NRENs into the Internet2 R&E route table, which most participants local-pref over regular Internet routes, or advertising these routes to other NRENS, defeats that intent and degrades Internet performance, which runs counter to Internet2's goals.
In the case of GGC and Akamai for sure, it would be more effective for Internet2 work with Google and Akamai to get service node placed in developing NRENs than to provide routing for these services.
Thanks.
On Sat, Apr 7, 2018 at 10:30 AM, Michael H Lambert <> wrote:
In the same vein, I noticed last week that CUDI was leaking PNWGP and CENIC routes (and perhaps others) into the R&E network. The result was a likely violation of Internet2 AUPs and not just bad routing practices. The Internet2 NOC put a filter in at least for those ASNs and was reaching out to CUDI. This was probably the result of broken configuration because the AS paths were "11537 CUDI X Y CUDI Z".
Michael
David Farmer wrote:
FYI, I just sent the following note the Internet2 NOC. I think we need a set of ASNs that should not be accepted from other NRENs, This should include things like GGC nodes, DNS Root Server anycast nodes, AS112 nodes, global transit providers, etc...
There are several HE(AS6939) routes being leaked into the R&E route table.
*> 42.83.137.0/24 <http://42.83.137.0/24> 146.57.255.241 2735 202 0 11537 22388 7660 4641 4641 6939 24785 8763 8763 8763 8763 24151 i
*> 42.83.138.0/24 <http://42.83.138.0/24> 146.57.255.241 2735 202 0 11537 22388 7660 4641 4641 6939 28917 39134 15835 24406 i
*> 125.208.43.0/24 <http://125.208.43.0/24> 146.57.255.241 2735 202 0 11537 22388 7660 4641 4641 6939 28917 39134 15835 24406 i
*> 125.208.44.0/24 <http://125.208.44.0/24> 146.57.255.241 2735 202 0 11537 22388 7660 4641 4641 6939 28917 39134 15835 24406 i
*> 194.246.96.0/24 <http://194.246.96.0/24> 146.57.255.241 2735 202 0 11537 22388 7660 4641 4641 6939 24785 8763 31529 i
*> 210.2.4.0/24 <http://210.2.4.0/24> 146.57.255.241 2735 202 0 11537 22388 7660 4641 4641 6939 28917 39134 15835 24406 i
*> 216.235.226.0/24 <http://216.235.226.0/24> 146.57.255.241 2142 202 0 11537 40220 11164 6939 26202 i
Thanks
---------- Forwarded message ----------
From: *David Farmer* < <mailto:>>
Date: Sat, Apr 7, 2018 at 9:54 AM
Subject: RENU advertising GGC node
To: Internet2 NOC < <mailto:>>
RENU is advertising a GGC node via UBUNTU into the Internet2 R&E route table. Please stop accepting these routes from them. As these routes are in the R&E route table they were overriding at least one route (104.237.191.0/24 <http://104.237.191.0/24>) I learn from a GGC node in Minneapolis. I have dealt with this in my local route policy, but I suspect others may have an issue too.
Note AS36040 is the ASN Google uses for GGC nodes;
https://peeringdb.com/net/4319
https://peering.google.com/#/options/peering
*> 104.237.175.0/24 <http://104.237.175.0/24> 146.57.255.241 2749 202 0 11537 36944 327687 36040 i
*> 104.237.191.0/24 <http://104.237.191.0/24> 146.57.255.241 2749 202 0 11537 36944 327687 36040 i
Thanks.
--
--
===============================================
David Farmer <mailto:>
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE Phone: 612-626-0815
Minneapolis, MN 55414-3029 Cell: 612-812-9952
===============================================
--
Michael H Lambert, GigaPoP Manager Phone: +1 412 268-4960
Pittsburgh Supercomputing Center/3ROX FAX: +1 412 268-5832
300 S Craig St, Pittsburgh, PA 15213 USA
===============================================
David Farmer
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE Phone: 612-626-0815
Minneapolis, MN 55414-3029 Cell: 612-812-9952
===============================================
David Farmer
Networking & Telecommunication Services
Office of Information Technology
University of Minnesota
2218 University Ave SE Phone: 612-626-0815
Minneapolis, MN 55414-3029 Cell: 612-812-9952
===============================================
- R&E route policy with other NRENs, David Farmer, 04/07/2018
- Re: R&E route policy with other NRENs, Michael H Lambert, 04/07/2018
- Re: R&E route policy with other NRENs, David Farmer, 04/07/2018
- Re: R&E route policy with other NRENs, Nicholas Buraglio, 04/07/2018
- Re: R&E route policy with other NRENs, Matt Mullins, 04/10/2018
- Re: R&E route policy with other NRENs, Nicholas Buraglio, 04/10/2018
- Re: R&E route policy with other NRENs, David Farmer, 04/10/2018
- Re: R&E route policy with other NRENs, Brad Fleming, 04/10/2018
- Re: R&E route policy with other NRENs, David Farmer, 04/11/2018
- Re: R&E route policy with other NRENs, Brad Fleming, 04/11/2018
- Re: R&E route policy with other NRENs, Brad Fleming, 04/10/2018
- Re: R&E route policy with other NRENs, David Farmer, 04/10/2018
- Re: R&E route policy with other NRENs, Nicholas Buraglio, 04/10/2018
- Re: R&E route policy with other NRENs, David Farmer, 04/07/2018
- Re: R&E route policy with other NRENs, Michael H Lambert, 04/07/2018
Archive powered by MHonArc 2.6.19.