Upload File

protecting your peering edge. - afpif · protecting your peering edge. graham beneke afpif 2015....

  • Home
  • Documents
  • Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic
17
Protecting your peering edge. Graham Beneke AfPIF 2015

Upload: others

Post on 09-Jul-2020

4 views

Category:

Documents


1 download

Report

TRANSCRIPT

Page 1: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

Protecting your peering edge.

Graham Beneke AfPIF 2015

Page 2: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

#include std-disclaimer

Page 3: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

IXP

Peer 3

Peer 1

Peer 2ISP

Page 4: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

Expect to receive traffic not destined

to your network.

You will need to protect your network!

Page 5: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

FIB: NET_GREEN NET_BLUE

NET_REDFIB: NET_GREEN

NET_RED

IX

Page 6: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

Route Reflector Client

Route Reflector

Peering RouterIXP

Page 7: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

route-map filter-to-my-peering-routermatch criteria only_my_customers

permit only_my_customers

Page 8: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

Whom are you protecting against?

Page 9: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

IX

FIB: NET_GREEN NET_BLUE

NET_RED

FIB: NET_GREENNET_RED

Page 10: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

No valid 0/0 Partial Routes iACLs1 32

Page 11: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

• BGP advertisement classification

• QoS Policy Propagation via BGP (QPPB).

Page 12: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

Step 1: Tag peer prefixes uniquely within BGP and FIB tables - peer prefixes set with community attribute (P) and tag (P)

- customer prefixes are set with community attribute (C) and tag (C)

route-policy qosgroup_map

if community matches-any (C1) then

set qos-group 7

elseif community matches-any (C2)

then set qos-group 2

else set qos-group 1

endifend-policyrouter bgp <your ASN>

address-family ipv4 unicast

table-policy qosgroup_map

Page 13: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

Step 2: Tag external packets at peering locations based upon longest prefix match within FIB: - tag (P) for packets received from peer and destined to a prefix in the FIB with tag (P), - tag (C) for packets received from peer and destined to a prefix in the FIB with tag (C).

int Gig 0/0 ipv4 bgp policy propagation input qos-group destination

Page 14: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

ISP forwards or discards packets that ingress peering interconnects based upon associated packet tag value: - Packets with tag (P) are discarded - Packets with tag (C) are forwarded

match q

os-group

2

end-cla

ss-map

!clas

s-map ma

tch-any

EXT

match q

os-group

7

end-cla

ss-map

!poli

cy-map q

ppb_set_

dscp

class T

WO

set ds

cp af21

! cla

ss EXT

police

rate 10

00000 bp

s burst

31250 by

tes peak

-burst 3

1250 byt

es

confo

rm-actio

n drop

Step 3 (Packet classification via MQC):

int Gig 0/0 ipv4 bgp policy propagation input qos-group destination

service-policy input qppb_set_dscp

Page 15: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

handouts available for

IOS, IOS-XR and JunOS

Page 16: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

• Hardware forwarding platform.

• Classification is a key requirement.

Page 17: Protecting your peering edge. - AfPIF · Protecting your peering edge. Graham Beneke AfPIF 2015. #include std-disclaimer. IXP Peer 3 Peer 1 Peer 2 ISP. Expect to receive traffic

[email protected]

mailto:[email protected]?subject=iWeek%202014%20Presentation

The Evolution of the U.S. Internet Peering Ecosystem · Peering Behavior Motivation: Peer to ... peering benefits ... Peering Large Scale Network Savvy Content Player 2002 Tier 1

what is peering? - Netnod · what is peering? 1 What ... Why peer? Network operators may peer for many reasons. ... If the benefits stack up favorably, peering may

PCH Peering Survey 2011 - AfPIF€¦ · 03/09/2017  · About PCH Non profit based in San Francisco, California Support !critical internet infrastructure" Assist with start-up and

Understanding and Optimizing BGP Peering Relationships ... · Understanding and Optimizing BGP Peering Relationships with ... The educational network was able to peer ... Understanding

DDoS, Peering, Automation and more - AfPIF...AfPIF 2015 – Maputo - CloudFlare DDoS, Peering, Automation and more - Martin J Levy 4 CloudFlare works at the network level Once a website

Peering Inside: How do Peer Effects Impact Entrepreneurial ...mackinstitute.wharton.upenn.edu/wp-content/uploads/2016/03/Winston... · 1 Peering Inside: How do Peer Effects Impact

Peering and IXPs - PacNOGTypes of Peering (3) ! Open Peering " Where an ISP publicly states that they will peer with all parties who approach them for peering " Commonly found at IXPs

Engagement Case Study Google SDN Peering: An Early · PDF fileEngagement Case Study Murali Suriar, [email protected] ... BGP speaker eBGP Peering External Peer Espresso Metro Labeled

The Value of Peering - PacNOG: The Pacific Network ... · The Value of Peering ... Peering ISP shares circuit cost with peer ... other’s network/customers/content Upstream benefits

Peering Policies - When to Peer, When not to Peer Quilt Peering Workshop October 2006 St Louis, Missouri

Peering, Transit and IXPs - The Middle East Network ... · Peering, Transit and IXPs Philip Smith ... Why peer? ! Peering means that the three ISPs have to ... Non-participants miss

The Peering and Interconnection The Africa Peering ForumThe second day at the Africa Peering and Interconnection Forum (AfPIF) is dedicated to plenary presentations and discussions

Peering Best Practices - peeringforum.myix.mypeeringforum.myix.my/sites/default/files/Value Of Peering.pdf · p Private Peering n Where two network ... operator will not peer with

The Meeting Tool - AfPIF · 2019-08-23 · Moderators: Hisham Ibrahim and Mathieu Paonessa Frank Habicht Session 4b Barracuda Room - Peering Bilateral Meetings #2 Peering Personals

Analysis of Price Competition under Peering and Transit Agreements in Internet Service Provision to Peer-to-Peer Users

Aidan Baigrie 18.03.2011 3rd African Peering and Interconnection Forum (AfPIF) AFPIF August 2012 The Role Submarine Cables can play in the Interconnection

Protect your peering edge - review - AfPIF · Protect your peering edge -review Internet Solutions is a division of Dimension Data 25 Summary • BGP EPE: • More suitable for typical

Peering Into The Future: Peer-To-Peer Technology As A ... · peering into the future: peer-to-peer technology as a model for distributed joint battlespace intelligence dissemination

Introduction to PeeringDB - The African Peering ... · •Initial configuration to setup peering quickly •Update configuration if maximum prefixes change. 2019-08-20 AfPIF 2019,

AfPIF 2014 - AfPIF | The African Peering & Interconnection ... · Google took participants through the process of peering negotiations at a peering forum such as AfPIF. The key factors

The African Peering and Interconnection Forum 2018 @iWeek fileAssociation (ISPA). The AfPIF conference will run from 21-23 August in conjunction with South Africa’s leading Internet

AfPIF-2015 “Lessons Learnt” · 2019-05-27 · Peering Introductions •Your AS Number •Where you Peer •Your Peering Policy •Contact Information •Email the above to [email protected]

Meeting Summary - AfPIF · 2019. 5. 27. · This year, there were 27 peering introductions up from 21 introductions last year. ... cable and satellite TV service provider. In his

ENDEAVOUR: Towards a exible software-de ned network ......Bruy ere, M., \Open-IXSDN Umbrella IXP Fabric", Africa Peering and Interconnection Forum (AfPIF) Dar Es Salaam - Tanzania-

VoIP Peering: Why and How - North American Network ... · VoIP Peering: Why and How Jon ... • You peer when your voice application benefits from ... . 16

Akamai CDN, Peering and IPv6 - hknog.net€¦ · Akamai CDN, Peering and IPv6 ... • Claim performance benefits over competitors ... Peer Network • Akamai

Peering THINK - Telehouse€¦ · benefits of Peering as a resource, ... Contents What is Peering? Reasons to Peer Peering Types Route Servers ... between the users of each network,

The Value of Peering - au.int · The Value of Peering Importance and Benefits of ... them good peering partners • If they don t peer ... to another network –Private or Public

AFPIF: The Neutral Case Study

at AfPIF Peering Negotiations...Peering Negotiations at AfPIF Thomas Volmer. disclaimer: all opinions are all mine. Peering Principles 99.5% of all Internet peering is done by "handshake"

The Peering and Interconnection - AfPIF...Telegeography prévoit qu’en 2021, l’Afrique comptera 541 millions d’abonnés 3G, contre 471 millions en 2016. Les abonnés LTE devraient

How Big Networks Can Peer Regionallyapricot.net/apricot2007/presentation/tutorial/scg-regional-peering.pdf · Importance of Sane Peering Policies Historical peering policies: Some

AfPIF-2015 “Lessons Learnt”...AfPIF-2015 “Lessons Learnt” Welcome and Introductions Bem vindo a Maputo! • Welcome to AfPIF-2015, Maputo Mozambique • 6th AfPIF event looking

Quilt - Peering - mrp.net · Peering Policies - When to Peer, When not to Peer Quilt Peering Workshop October 2006 St Louis, Missouri

“Unfair” Discrimination in Two-sided Peering? Evidence ... · asymmetry in “network centrality” makes peering less likely ... each peer provides the other connectivity