I-D Action:draft-azinger-scalable-addressing-00.txt
Carlos Morgado
chbm at chbm.net
Wed Sep 29 12:05:15 CEST 2010
Hi,
I'm a bit late to the thread but I'd like to add an ISP point of view.
A decent ISP will have maybe 3 or 4 upstreams. On the all-PA scenario this means 3 or 4 prefixes to manage through the network. I haven't seen any discussion about what this means to end users, do they get 4 prefixes on their home gateways ? This, as far as I know, isn't being covered in CPE development. In fact, the mass deployable equipments I know barely work with autoconfiguration of a single prefix let alone multiple prefixes.
On the data center side this would mean provisioning 4 prefixes on each server and publishing them on DNS. Upstream providers don't change often so this wouldn't be a large operational effort. However this is leaking network topology into the DNS plane which means when a network problem occurs and an upstream is flaky or down the sysops need to update DNS to kill that mapping. Otherwise we get outages similar to what happens now when a site goes down on a dns balanced service.
This is equally valid for end customer addressing, except it's suicide to try to reprovision a customer base in response to an outage with something like a 1 day fix estimate. The average day to day outage an ISP deals with today turns into a massive blackhole.
On the application side I'm fairly confused as to happens when 2 multihomed machines talk to each other. Even with shims and all that we might get into a ridiculous situation where 2 hosts that share an upstream are talking to each other going halfway across the globe cause that's the addresses they resolved. If you move "route optimization" to the shim you end up with routing policy inside hosts. You might as well have everything running routing protocols.
Digging my old wholesale provider hat out of the closet I'm fairly concerned all my wholesale customers are announced in my block and AS. If they mess up and their link goes down I have no way to tell the rest of the DFZ that route is not valid. I'll be peppered with their traffic and my boxes will be hard at work with icmp unreachables. In a nutshell, all-PA for multihomed breaks our expectations about what we learn on BGP.
What I see happening is an all-PA policy driving everybody back to NAT to the great joy of network vendors. ISPs will only use fec0:: and CGN customers to their various PA spaces. Compounding to that, I fully expect some sites to elect one PA prefix to be "theirs" and then asking the other upstreams to route it (that shouldn't happen and so on, money talks ...). I've lived through this in v4 and it's pretty ugly on the administrative side. On the network side it's basically worse than handing out site specific prefixes.
--
Carlos Morgado
More information about the ipv6-ops
mailing list