[afnog] please announce your prefixes at IXPs

Andrew Alston aa at alstonnetworks.net
Wed Mar 5 05:20:23 UTC 2014 

Hi All,

I have to echo what Frank said here.  Sending aggregates to the IXP and
de-aggregates to your transits can have other unintended consequences.

It was due to this very reason that we were at one point forced to
withdraw certain extremely high traffic CDN style content from a
particular african IXP.

What was happening was the aggregates were coming in via the IXP, getting
mapped on the CDN, the CDN would then send traffic to those aggregates,
but the moment the traffic left the CDN and hit our network, it would
start flowing towards the de-aggregate route.  The net result, we were
sending a lot of content that should have stayed locally on the continent
out via our international links and it was coming back via our peers
international links.  This a.) was costing money since it was using
expensive paths for both us and our peers and b.) drastically decreased
performance for the peer.

As a result, we withdrew the content from the IXP for a time until this
was (largely, not completely) rectified, and it effectively took almost
half a gig of traffic off the IXP.

Not something we wanted to do, but something we had no option to do.

The other thing is, sending aggregates to IXP¹s and de-aggregates to
elsewhere can and will end up with one of two situations in the long run:

A.) It will possibly end up getting you de-peered (not something you want)
B.) It will possibly end up with your routes coming via transits being
filtered to force traffic to use your aggregates (again, definitely not
something you want).

We¹ve appealed time and again to peers over this, and while where possible
we will work with peers to resolve this issue when we see it, where peers
refuse to solve it, one of the above two options becomes the only steps we
can really take, and those are not steps that are in the interest of
either the peer or us.

So please, heed what Frank has said.

Thanks


Andrew Alston
Head of IP Strategy
Liquid Telecommunications Limited, 6 New Street Square, London EC4A 3BF
T: +27 76 219 7933
E: andrew.alston at liquidtelecom.com<mailto:andrew.alston at liquidtelecom.com>
  -   Skype: symm001



On 2014/03/05, 7:47 AM, "Frank Habicht" <geier at geier.ne.tz> wrote:

>Hello all,
>
>I have come here to beg.
>
>All of you, if you're connected to your local IXP,
>if you announce your beautifully aggregated prefix to the IXP,
>if you need to "balance" the amount of traffic on your internet transit
>("upstream") links,
>if for that you're breaking up your prefixes [1] into smaller subnets,
>and announcing the smaller subnets to upstream providers,
> (nothing broken until now)
>and then your provider joins the same IXP,
>where you're also getting a lot of traffic from a peer,
>then your upstream would announce your prefix at the IXP (same city as the
>connection of the customer link to you),
>and all the big traffic from your peer would suddenly prefer the more
>specific prefix you're advertising to your upstream.
>And come to you over a link you're paying $$$ for,
>and that's maybe not even big enough for all that traffic suddenly
>rushing in.
>
>So:
>aggregate your prefixes.
>if you need to deaggregate (split up), then take a moment to think of all
>your other options first. (maybe deaggregate with NO-Export community ?)
>
>If finally you announce deaggregated prefixes to your upstreams and/or the
>internet in general,
>then _please_please_please_ also announce the same ones at your IXP.
>Only then you get the IXP connection to do what you want it to do.
>
>
>The deciding factor here is that a more specific prefix always wins.
>
>
>I want to give a (slightly anonymised) example.
>
>You are ISP $I
>you have an AfriNIC allocation x.xx.240.0/20
>You're advertising your x.xx.240.0/22 at your IXP
>You're advertising x.xx.240.0/23 to your upstream.
>All working. From peer $P you're getting a lot of traffic at the IXP.
>Good!
>Your upstream joins the IXP.
>Advertises x.xx.240.0/23 at the IXP - and you don't advertise the same
>prefix there.
>Lots of traffic that you once got directly and for free at the IXP will go
>to your upstream. And from your upstream over the link that you pay a lot
>of money for to you. Maybe the link is even too small.
>
>Please advertise all of your prefixes you advertise to any outsiders also
>at the IXP.
>You want your traffic to come in over the cheap link, right?
>If you advertise the same prefix at the IXP, then (all other things being
>equal) routers should decide that the AS_PATH via your peer is longer and
>prefer your direct connection - Done.
>
>
>That's a real-world problem.
>I'm the "upstream". Joining the IXP. Going to cause pain when I start
>announcing the customers' prefixes at the IXP. Ready to do that any
>minute.
>
>
>Thanks,
>Frank
>
>[1] always first think of other ways to achieve that goal,
>like different allocation to different uplinks, and as backup announcing
>the other with a community to not prefer it... ?
>
>[2] can provide the real numbers to replace "x.xx" - to those concerned.
>    will work with them to explain more, or to fix
>
>
>_______________________________________________
>afnog mailing list
>http://afnog.org/mailman/listinfo/afnog

More information about the afnog mailing list