[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bad routes update

On Mon, Jul 19, 1999 at 10:45:29PM -0400, Robert Rockell wrote:
> After tearing down my inbound filter to only ONE peer of all of my pTLA
> peers, I see the following bad routes (as path withheld to protect poor
> non-filtering transit party that I used :)  )
> block				Most downstream AS (not full path)
> -----------------		----------------------------------
> [snip!]
> 3FFE:2900:FFE1::0/48		4768

When I set up our first tunnels to the 6bone, I was keen to set up
more than one, since managing a multi-homed environment is the main
thing I wanted to test. We are multi-homed in our IPv4 network, and
this requirement will not go away as we transition to v6.

At the time, I asked about the multi-homing/non-(p)TLA problem, and
got various conflicting responses.

More telling, when I progressed to setting up tunnels to our first
test router, only one of the upstream networks was willing to delegate
any address space to me -- the others all said "you already have some
from Sprint, just announce that to us".

> II. If you are multi-homed:
> Filter Outbound, please. It is simple.
> ipv access-list firstprovider permit <provider one prefix>::/<length>
> ipv access-list secondprovider permit <other prefix>::/<length>

We _are_ filtering outbound route advertisements; however, we are
restricting each one to the same Sprint-provided prefix, since that's
all we have.

This is clearly wrong, according to all the routing practices drafts
I have seen for the 6Bone.

> When Ipv6 goes live, unless business is more good-willed than it is now,
> this is going to break things, and one pTLA may not have much motivation to
> fix the problem (unless flames on the 6bone mailing lists really hurt).

Should I be demanding v6 address prefixes from all my pTLAs?

On a related note, I've looked, but I can't find the recommended solution
to the following problem; I also asked Steve Deering about this during
his IPv6 tutorial at Apricot this year, and at the time he didn't know the
operational policy on this either (although he could have been trying
to encourage me to stop asking stupid questions by feigning ignorance :)

  o  NLA is multi-homed to several pTLAs;
  o  Each pTLA delegates a v6 address prefix to that NLA;
  o  NLA has a customer who needs addresses.

Does the NLA delegate one prefix to the customer per pTLA?

Does the customer then delegate address(es) from each supplied prefix
to every interface they have to number in their network?

Given that the reason we are (and will be) multi-homed is for resilience,
and reduce dependency on any single upstream provider, if I don't
announce all prefixes to all providers we're never going to get TCP
sessions (as they exist now) to survive a "pTLA down" event.

At the moment it looks like the only way to multi-home in the manner
that we are used to with IPv4 is to become a (p)TLA.

I'm confused :) If someone could point me towards some written words on
this stuff, I would be very appreciative.



Joe Abley <[email protected]>      Tel +64 9 912-4065, Fax +64 9 912-5008
Te Kaihoahoa Kawei, CLEAR Communications Ltd      http://www.clear.net.nz/