[86232] in North American Network Operators' Group
Re: Scalability issues in the Internet routing system
daemon@ATHENA.MIT.EDU (Lincoln Dale)
Thu Oct 27 18:35:58 2005
Date: Fri, 28 Oct 2005 08:33:36 +1000
From: Lincoln Dale <ltd@interlink.com.au>
To: Alexei Roudnev <alex@relcom.net>
Cc: Blaine Christian <blaine@blaines.net>, nanog@nanog.org,
Daniel Senie <dts@senie.com>
In-Reply-To: <012a01c5db19$f9a6f120$6401a8c0@alexh>
Errors-To: owner-nanog@merit.edu
Alexei Roudnev wrote:
> If this 500K routes come from upstream, it is just _default_ so can be
> installed instantly if configuration is correct.
mostly correct --
you're talking about a RIB->FIB optimization -- potentially no need to
populate 500K FIB entries as they essentially result in the 'same' path.
however, note that this works both ways -- these are 'more specific'
prefixes so should always take priority over a '0/0' route. also note
that if the upstream stops announcing a '0/0' route, then you're going
to have to instantiate those 500K prefixes awfully quickly...
it would be "broken" if an optimization such as this meant that you had
even one second of blackholing traffic destined to one of those 500K
prefixes while an 'optimization' instantiated forwarding entries that
should have been there in the first place...
in my humble view, i'd argue that this is but one part of building a
router and there are potentially many many more things that one needs to
optimize for.
> If this 500K routes are from the peer, you switch (in reality) 10 - 20%, so
> it is simpler anyway.
>
> Even if it is multihome customer, there is not any need in _fast_
> installation for these 500K routes. You just switch from one
> provider to another _some_ of the routes - if it takes 1 minute, nothing
> wrong happen.
this is the whole "populate the forwarding table on demand" approach
(a.k.a. "route cache") versus "prepopulate the forwarding table" (a.k.a.
CEF).
i think history has shown that the latter is far more necessary than the
former. think DDoS attack.
the former works provided you're not pushing traffic to bogus addresses.
it may be that under 'normal' conditions you have traffic going to
less than 20% of prefixes. but think of a worm/virus looking for new
hosts to infect - typically guessing random ip-addresses to probe.
cheers,
lincoln.
