Re: [GLOBAL-V6]IPv6 Allocation Policy

To: Pekka Savola <pekkas@netcore.fi>
Subject: Re: [GLOBAL-V6]IPv6 Allocation Policy
From: "Craig A. Huegen" <chuegen@cisco.com>
Date: Mon, 19 May 2003 16:25:11 -0500 (Central Daylight Time)
Cc: Brian E Carpenter <brian@hursley.ibm.com>, <global-v6@lists.apnic.net>
In-reply-to: <Pine.LNX.4.44.0305192151120.21621-100000@netcore.fi>
List-archive: <http://www.apnic.net/mailing-lists/global-v6/>
List-help: <mailto:global-v6-request@lists.apnic.net?subject=help>
List-id: Discussion of new global IPv6 policy development <global-v6.lists.apnic.net>
List-post: <mailto:global-v6@lists.apnic.net>
List-subscribe: <http://mailman.apnic.net/mailman/listinfo/global-v6>,<mailto:global-v6-request@lists.apnic.net?subject=subscribe>
List-unsubscribe: <http://mailman.apnic.net/mailman/listinfo/global-v6>,<mailto:global-v6-request@lists.apnic.net?subject=unsubscribe>
Sender: global-v6-admin@lists.apnic.net

On Mon, 19 May 2003, Pekka Savola wrote:

> > Because I pay ISP's to bring traffic to me.  If I announce the /32
> > everywhere, then I have to build and manage my own Internet backbone to
> > carry the traffic globally (in parallel with my internal/clean WAN).  That
> > amounts to paying two service providers to carry the traffic where I need
> > it.
>
> I don't quite understand this, so I take it there may be some unstated
> assumptions here.
>
> You mean that if you have two physically separate sites with each e.g. /33
> block, and would announce the /32 block at both points, you would have to
> have more extensive & expensive internal WAN (carrying the other half, /33
> to the other physical location) to the -- and your WAN could not handle
> it?
>
> This seems to call for separate addresses to separate sites under
> different ISPs.  Oh.. that was called PA.

This company I know has 5 primary Internet route points, one for the west
coast of the US, one for the east coast of the US, one in western Europe,
one in Australia, and one in northern Asia.  Each has a minimum of 2
providers, some have 4.  If this company advertises the /32 from each SP
at each route point, traffic is going to jump to that company at the first
possible point.  This particular company has the greatest majority of its
traffic arriving at the west coast of the US.  BGP doesn't exactly have
the best intelligence when it comes to network proximity, so there are
cases when a European ISP might end up sending traffic to this company's
western US presence only to have the company's WAN backhaul it to Europe
for its final destination.

So, in essence it calls for separate addressing to separate sites with
multiple ISP's at the same site.  This company uses PA space when only one
provider is present at a site (smaller access points).

A secondary problem is stateful firewalls.  In order to admit traffic
related to a connection, stateful firewalls need to see the outbound
traffic, or have some mechanism to share state.  In large networks, this
state sharing may use a very significant amount of bandwidth.  By using
controlled announcements as mentioned above (and matching address space to
where the site's default route is located), symmetry is created and
expensive long-haul WAN bandwidth does not have to be used to share this
state.

/cah

-- 
Craig A. Huegen, Chief Network Architect      C i s c o  S y s t e m s
IT Transport, Network Technology & Design           ||        ||
Cisco Systems, Inc., 400 East Tasman Drive          ||        ||
San Jose, CA  95134, (408) 526-8104                ||||      ||||
email: chuegen@cisco.com       CCIE #2100      ..:||||||:..:||||||:..

Follow-Ups:
- Re: [GLOBAL-V6]IPv6 Allocation Policy
  - From: Pekka Savola <pekkas@netcore.fi>

References:
- Re: [GLOBAL-V6]IPv6 Allocation Policy
  - From: Pekka Savola <pekkas@netcore.fi>

Prev by Date: Re: [GLOBAL-V6]IPv6 Allocation Policy
Next by Date: RE: [GLOBAL-V6]IPv6 Allocation Policy
Previous by thread: Re: [GLOBAL-V6]IPv6 Allocation Policy
Next by thread: Re: [GLOBAL-V6]IPv6 Allocation Policy
Index(es):
- Date
- Thread