[afnog] Internet Traffic distribution management

Nishal Goburdhan nishal at controlfreak.co.za
Tue Sep 29 23:17:39 UTC 2015 

frank,
as i mentioned to you in private mail when you asked me earlier …

the first thing that you have to accept, is that what you _think_ 
you’re probably going to get by prepending, is probably not likely 
what will happen on the internet.  there’s a very simple reason for 
this.  baked into the BGP decision-making process, is something called 
“localpref” which attaches a preference value to a prefix learnt by 
network, with the general rule being:  the higher the better.
any  smart network operator has a policy that implements something like 
this:
* traffic from a customer = most preferred (ie. high localpref)
* traffic from a peer = highly preferred  (ie.  mid-level localpref)
* traffic from a transit provider = low (ie.  lowest localpref)
you can make this as complicated as you like (regional peer, US peers in 
EU vs. US peers in US, backup transit, etc…) but the principles remain 
the same…

when you prepend to your transits, you increase the as-path length to 
them;  trying to make the as-path longer, and hence influence BGP, eh?  
but, in most BGP implementations, localpref is considered *before* 
as-path length.   so, even if you prepend to your transit, if they are 
using localpref to make your prefixes attractive to their network (as is 
their right, and what any smart economics-aware netop would do), your 
prepends are actually just ignored …

and i suspect you’re seeing this …

your problem is:
- you pay for expensive submarine fibre bandwidth to the rest of the 
world
- these circuits are unevenly used
- you want to fix that …

you can do this best - and mark has suggested this already - but taking 
control of both ends of the circuit.  instead of landing circuits at N 
different locations, get your circuits consolidated where possible, and 
put them on a router that you control, on the other side of … well … 
side-B.
that means you have to stop letting the neo-colonial^W^W transit 
providers come to you, and you need to get to them.  which means you 
have to start building an international POP …

consider:  if you manage the router on both sides, and you have multiple 
circuits on the same routing infrastructure, you have a whole host of 
new “tricks” that you can play, that are all *internal* to your 
network, and under you, and your team’s control.  so you can make more 
effective us of the most expensive part of your investment here - the 
bandwidth.  sure, you’ll have to buy some colo space somewhere, and 
some new routers, but, CAPEX is easier to fund that OPEX, which is what 
you’re spending right fixing now.
and if you’re in doubt where the money goes, check the price of 
relatively modern, powerful routers, and compare that to what you’re 
paying for bandwidth.

oh.  and you don’t need to pollute the internet by things like silly 
de-aggregation, like some operators in some countries …

“overseas POPs” as they are called are difficult to explain to 
accounting teams, as they usually do not create money for your 
organisation.  but they save you time, and allow you to be smarter in 
how you manage your network.  and that’s a value that’s often 
undersold;  the lesson in “creating value” in these PoPs is left as 
an exercise ot the reader…


a workable plan B would be to contact your SP and ask them if they allow 
you to set communities on prefixes you advertise to them, to allow you 
to manipulate traffic that’s in _their_ network.  again, commonplace 
for most of the smart network operators - a list used to be kept at 
http://onestep.net/communities/ but i can’t attest to its validity - 
again, ping your transit for assistance.

hth,
—n.

More information about the afnog mailing list