Re: [RRG] How to Incrementally Deploy APT

[Robin Whittle <rw@firstpr.com.au>]

Hi Dan and Micheal,

Here are some questions prompted by your explanation of how packets
from a host in a non-APT network will find their way to the
destination host which uses address space which is managed by APT.

I have redrawn your diagram to add ISP5 to the left island.

 ________________
|  APT Island 1  |
|     ______     |
|    / ISP5 \<=================\
|    \__,___/    |            ||
|   ___/         |            ||              ________________
|  /             | BGP      __\/__      BGP |  APT Island 2  |
| |   ______     | Routes  / ISP4 \  Routes |     ______     |
| |  / ISP1 \<===|========>\______/<========|===>/ ISP3 \    |
| |  \__,___/    |            /\            |    \__,___/    |
|_|_____|________| BGP Routes ||            |_______|________|
  |     |                   __\/__                  |
   \ ___|___               / ISP2 \              ___|___
    / Site1 \              \______/             / Site3 \
    \_______/                 /\                \_______/
                   BGP Routes ||
                           ___\/__
                          / Site2 \
                          \_______/


Please let me know if the following statements are true or how
they reflect my faulty understanding of APT.  Each statement
tends to assume that the previous ones were true.

 1 - Site1 can multihome with ETRs in ISP1 and ISP5.

 2 - Site1 can't multihome with ETRs in any other ISPs,
     including ISP3.

 3 - If Site2 uses less than 256 IPv5 addresses, for instance
     128, then your plan of advertising its prefix to BGP will
     fail because of the industry standard filtering of route
     advertisements limiting them to no longer than /24.

 4 - Assuming Site1 has only 128 IP addresses, its hosts can
     only be reached from hosts in Site2 if:

     a - There is no other user of the /24 in which Site1's
         prefix is half of - in which case the whole /24
         can be advertised to BGP and all will be well.

     or

     b - The other half of the /24 is used by Site4 (not shown)
         AND Site4 is currently using one or more ISPs in the
         same APT island that Site1 is using.  Then the whole
         /24 can be advertised and all is well.

 5 - Therefore, APT has very limited flexibility in serving the
     needs of end-users who have less than 256 IP addresses,
     unless all APT sites join up into a single "APT Island".

     This puts APT at a distinct disadvantage compared to LISP or
     Ivip, which can handle end-user networks (EID prefixes AKA
     micronets) as small as a single IP address, and enable the
     end users to use any ETR in any ISP in the world,
     irrespective of whether that ISP has ITRs and without any
     restriction on which ETRs are used by end-users with
     neighbouring micronets, or micronets in the same Mapped
     Address Block (BGP advertised prefix containing typically
     hundreds or thousands of micronets).

 6 - When Site1 uses APT's TE capabilities (I recall this is
     part of APT) to load share incoming traffic for its
     prefix over the two links from the ETRs of ISP1 and ISP5,
     this probably does not mean that packets from Site2 will
     be load shared between the two links ISP4-ISP5 and
     ISP4-ISP1.  More likely, all the traffic will flow from
     ISP4 to one of these, say ISP5.

 7 - This would make it difficult or inefficient for the APT
     system to somehow load share the incoming traffic over
     the two ETRs, since half the traffic would need to flow
     from ISP5 to ISP1.  (How would this actually be done?)

 8 - If:

     a - Site1 only uses an ETR of ISP5 which is located in
         Sydney, Australia.

     b - ISP5's network covers Australia, Japan and the UK.

     c - ISP5's BR linking to ISP4 is located in Sydney and
         has a link across the Pacific to a BR of ISP4's in
         Los Angeles.

     d - ISP4's network covers North America.

     e - ISP1's network covers North America and the UK.

     f - ISP1's BR with ISP4 is in Los Angeles, connected via
         a 1Gbps patch cord.

     g - Site1's prefix is 11.22.33.0/24.

     Then I understand that both ISP5's BR in Sydney and
     ISP1's BR in Los Angeles will be advertising
     11.22.33.0/24 to ISP4.

     h - Policy in ISP4 causes a preference to send traffic
         over the patch cord rather than over the expensive
         link between LA and Sydney.

     Then I understand packets from Site2 addressed to some
     host in Site will leave ISP4, bound for their
     destination in 11.22.33.0/24, via the patchcord-connected
     BR of ISP1.

     Assuming APT does provide backwards compatibility so that
     packets from Site2 will get to their intended destination
     in Site 1, then I understand they will have to travel
     through ISP1's network to a BR in the UK which connects
     with ISP5's network.  Therefore the packets will travel
     from LA, across the USA and the Atlantic, to the UK,
     then right round the world to Sydney before reaching
     the ETR.

     LISP, TRRP and Ivip have no such problem with islands or
     long path for packets, since the ordinary BGP system takes
     packets directly from the ITR to the ETR, irrespective
     of whether the networks those BGP routers are in have any
     upgrades for LISP, TRRP or Ivip.


 - Robin


--
to unsubscribe send a message to rrg-request@psg.com with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg