NTAC Peering Working Group

[Brad Fleming <>]

As follows is a rough idea of what makes sense to my sensibilities. Very open for feedback or alternative ideas. I admit I don’t know all the parts of Internet2’s operations so I could have easily overlooked something that needs added.

R&E Communities Shown Below. TR-CPS Replaces 11537 prefix with 11164.

Action Tags

Accepted from Member Networks, Indicate Action Required on Internet2 Side

Highlights:

• Tried to keep things reasonable while still providing decent flexibility
• Pretty much ripped off Level(3)’s community setup, making a couple adjustments

Local Preference Signals

(standard LP appears to be 200)

11537:180 – Set Internet2 Local Preference to 180 (below standard)

11537: 220 – Set Internet2 Local Preference to 220 (above standard)

Guessing these will mainly be useful for organizations with more than one Internet2 connection. Are two values enough or should there be four?

65000:XXX – Do not announce to AS XXX

65001:0 - prepend once to all peers 

65001:XXX - prepend once at peerings to AS XXX
65002:0 - prepend twice to all peers
65002:XXX - prepend twice at peerings to AS XXX

65011:0 - prepend once to all non-US peers
65012:0 - prepend twice to all non-US peers 

65021:0 - prepend once to all European peers 

65022:0 - prepend twice to all European peers 

65031:0 - prepend once to all African peers 

65032:0 - prepend twice to all African peers 

65041:0 - prepend once to all South American peers 

65042:0 - prepend twice to all South American peers 

65051:0 - prepend once to all Asian peers 

65052:0 - prepend twice to all Asian peers 

65061:0 - prepend once to all Australian peers 

65062:0 - prepend twice to all Australian peers 

Use Examples

If KanREN didn’t want Google traffic to use Internet2 capacity due to political or capacity or <whatever> reasons we could simply attach communities 65000:15169 and 65000:36040 to our advertisements and force traffic through a commodity provider.

Another potential use case is a Mega Huge University with dedicated Internet2 capacity on one node (say Chicago) but limited or shared capacity in another city (say Denver). Being a good Netizen they could attach communities to their Denver advertisements to (1) lower preference (2) keep the Denver path from carrying traffic associated with 3-4 major traffic sources.

MetaData Tags

Applied Ingress to Internet2 and Passed to Downstream Networks

Highlights:

• Try to add metadata to all prefixes learned so downstream peers, connectors, etc can make more informed policy decisions
• Divide the United States into six segments and push a community which identifies the US region where the prefix was learned
• Push a node-specific community onto learned prefixes
• Desire to contain each region’s nodes into a range to make policy regex simpler to author
• Wanted to keep the total community block to 651**, again to keep regex simpler
• Due to number of nodes (44) this mean limiting some of the less populated regions to only 10 entries
• One block remaining (65190-65199) that can be assigned to a region if needed
• Push a community onto routes learned from specific contents (potential need to divide contents into North-South, East-West?)
• Push communities onto special prefixes (example: root DNS server prefixes)
• Allow for additional uses in the future 

Learned from Internet2 Connector: 11537:65000

Learned from Region / Node

NorthEast (10) -- 11537:65001

(65100 - 65119)

ALBA (Albany, NY)  -- 11537:65101

ASHB (Ashburn, VA) -- 11537:65102

ASHB2 (Ashburn, VA) -- 11537:65103

BOST (Boston, MA) -- 11537:65104

CLEV (Cleveland, OH) -- 11537:65105

HART2 (Hartford, CT) -- 11537:65106

NEWY2 (New York, NY) -- 11537:65107

NEWY32AOA (New York, NY) -- 11537:65108

PHIL (Philadelphia, PA)  -- 11537:65109

PITT (Pittsburgh, PA) -- 11537:65110

SouthEast (7) -- 11537:65002

(65120 - 65129)

ATLA (Atlanta, GA) -- 11537:65121

CHAR (Charlotte, NC) -- 11537:65122

JACK (Jacksonville, FL)  -- 11537:65123

JCSN (Jackson, MS) -- 11537:65124

LOUI (Louisville, KY)  -- 11537:65125

RALE (Raleigh, NC) -- 11537:65126

WASH (McLean, VA) -- 11537:65127

North MidWest (9) -- 11537:65003

(65130 - 65149)

CHIC (Chicago, IL) -- 11537:65131

EQCH (Chicago, IL) -- 11537:65132

EQCH2 (Chicago, IL)  -- 11537:65133

STAR (Chicago, IL) -- 11537:65134

CINC (Cincinnati, OH)  -- 11537:65135

DENV (Denver, CO)  -- 11537:65136

INDI (Indianapolis, IN) -- 11537:65137

KANS (Kansas City, MO) -- 11537:65138

MINN (Minneapolis, MN) -- 11537:65139

South Midwest (6) -- 11537:65004

(65150 - 65159)

BATO (Baton Rouge, LA) -- 11537:65151

DALL (Dallas, TX) -- 11537:65152

ELPA (El Paso, TX) -- 11537:65153

HOUH (Houston, TX)  -- 11537:65154

HOUS (Houston, TX) -- 11537:65155

TULS (Tulsa, OK) -- 11537:65156

NorthWest (3) -- 11537:65005

(65160 - 65169)

MISS2 (Missoula, MT) -- 11537:65161

PORT (Portland, OR) -- 11537:65162

SEAT (Seattle, WA) -- 11537:65163

SouthWest (9) -- 11537:65006

(65170 - 65189)

LASV (North Las Vegas, NV) -- 11537:65171

LOSA (Los Angeles, CA) -- 11537:65172

PAIX (Palo Alto, CA) -- 11537:65173

PHOE (Phoenix, AZ) -- 11537:65174

RENO (Reno, NV) -- 11537:65175

SALT (Salt Lake City, UT) -- 11537:65176

SUNN (Sunnyvale, CA) -- 11537:65177

TUCS (Tucson, AZ) -- 11537:65178

WILC (Los Angeles, CA) -- 11537:65179

Learned from non-US Peers -- 11537:65201

Learned from European Peers -- 11537:65202

Learned from African Peers -- 11537:65203

Learned from South American Peers -- 11537:65204

Learned from Asian Peers -- 11537:65205

Learned from Australian Peers -- 11537:65206

Special Case Communities

Attached to routes as learned from peers, allowed 

Root Server Prefixes -- 11537:65211

6to4 Gateways -- 11537:65212

Other stuff as needed -- 11537:6521[3-9]

Use Example

Let’s say Bob’s University (AS201) peers with Internet2 in Pittsburgh, PA on the PITT I2 router. Bob’s University hosts an L-Root server which originates the route 199.7.83.0/24 via AS20144. When University of Washington receives the advertisement from the Internet2 Seattle (SEAT) router it would looks something like this:

199.7.83.0/24

AS Path: 11537 20144

Communities: 11537:65000 11537:65001 11537:65110 11537:65211

With that much metadata University of Washington can decide “that’s a long physical distance, there’s probably something better” and use ingress policy on their border to down-pref the prefix. Their matching criteria could be “look for the Root Server community (11537:65211) along with anything along the East Coast (11537:65001 or 11537:65002) and apply a lower preference than normal (perhaps equal to that of full transit carriers). 

--
Brad Fleming
Assistant Director for Technology
Kansas Research and Education Network
Office: 785-856-9805
Mobile: 785-865-7231
NOC: 785-856-9820