RE: Designing an IX with non-PI space peers

  • To: "'Miguel A.L. Paraz'" <map at iphil dot net>, "'David R. Conrad'" <davidc at apnic dot net>
  • Subject: RE: Designing an IX with non-PI space peers
  • From: Barry Raveendran Greene <bgreene at cisco dot com>
  • Date: Thu, 1 May 1997 07:56:19 +0800
  • Cc: "'apops at apnic dot net'" <apops at apnic dot net>
  • Encoding: 83 TEXT
  • Sender:
    • Hello Miguel,
      > From:    Miguel A.L. Paraz [SMTP:map at iphil dot net]
      > The local ISPs that we would like to peer BGP with (and some of which
      > we are already partially peering with, statically, at the PHIX) are
      > already heavily dependent on their upstream space.  It is unlikely that
      > they would renumber to portable space.  One has two upstream providers
      > but uses provider-dependent space from each.
      > With this kind of situation, can they allocate an ASN?
      Yes, ASN allocation and the allocated IP space, to me, are two seperate 
      justifications. You can have some ISPs with space from APNIC (PI space) and 
      some ISP with space from their upstream providers peering together via BGP 
      at an IXP.
      > > Address allocations should follow network topology.  If the network
      > > topology is such that all organizations within the country's Internet
      > > can be aggregated together, the concept of allocating addresses on a
      > > national basis would make sense.
      > No, this is not what I meant.  What I thought was to set aside a
      > chunk of space for routing only WITHIN the country.  This will be
      > for organizations that only need nationwide connectivity, and visibility
      > to all ISPs (that peer locally, at least). but not international
      > connectivity.
      > Think of it like as a nationwide Intranet.  For example of one our
      > good Congressmen is pushing a bill that will build a government network
      > on top of the existing ISP infrastructure.  Now, each of this agencies
      > will choose their own ISP based on a public bidding and other criteria.
      > Factor in the condition that different provinces have different ISPs,
      > and that the Philippines has around 120 ISPs with 20 IPL-equipped
      > providers.
      > These agencies would want FULL connectivity to each other, and possibly
      > to the rest of the countries, but NOT to the world.  Hypothetically
      > if we allocate 10/8 for this purpose, each agency can have a /16 from
      > this chunk for "country-reachable" hosts, and get a /26 from their
      > ISP space for world-reachable hosts, such as web/mail servers, NATs
      > and firewalls.
      Two choices for a network like this - get space from APNIC or create PHNIC 
      and have it become a IP registry under APNIC (which will then allow PHNIC 
      to hand out IP addresses).
      I've seen several networks in the region like this. One thing to keep in 
      mind is the size of the network an amount of traffic flow going out from 
      this network. This will have a factor on whether NAT will work. NATs are 
      fantastic for the enterprise, but for ISPs and large public backbones, NATs 
      may not scale. Think of this before you dive into private IP space for 
      ISPs, NSP (National Service Providers), and large public backbones.
      > > However such cases are a bit rare -- I know of none at this time.  The
      > > "problem" is that international connectivity for ISPs is rarely
      > > coordinated (for economic or political reasons, not technical).
      > Yup and now we have seem to a cable shortage.  I hear the APCN
      > is not yet up?  It's causing us some major problems since we have trouble
      > fulfilling some customer commitments on time.
      > > As such, in order for routing to work, you end up having to announce 
      > > of more specifics from the "country block" for each ISP's portion of
      > > the country block.
      > No need if 10/8 is filtered from the different ISPs border routers?
      10/8 should be a standard filter on the outbound and inbound traffic. Some 
      ISPs to a double filtering for private space - putting filters on BGP and 
      on IP. If you would like to see an example, please let me know.
      Barry Raveendran Greene             |       ||        ||        |
      Senior Consultant                   |       ||        ||        |
      Consulting Engineering              |      ||||      ||||       |
      tel: +65 738-5535 ext 235           |  ..:||||||:..:||||||:..   |
      e-mail: bgreene at cisco dot com           |  c i s c o S y s t e m s  |
      To unsubscribe: send "unsubscribe" to apops-request at apnic dot net