[sdnog] using RIPE atlas to check which DNS root your resolver prefers.

Nishal Goburdhan nishal at controlfreak.co.za
Sun Dec 28 23:37:16 SAST 2014 

On 27 Dec 2014, at 22:47, Hiba Eltigani <higba6 at gmail.com <mailto:higba6 at gmail.com>> wrote:

> Ok, I am not sure this will work out, it will need careful configuration because you don't want to be in a position where Ethionet traffic use the IXP as a way to reach other opetators which can cause bandwidth issue.

actually you -want- ET (or any other international operator) to decide that the SIXP is interesting enough for them to peer at, and for them to build / lease infrastructure to do get to the IXP and peer.  that's really good for your network environment because you can then get to change traffic with other operators at your local IXP at no additional cost.  
what bandwidth issues do you see this creating?  if the link from (say ET) to the IX was too busy, then it would mean that there was ample local content;  and more incentive for  them to upgrade this link.  it would mean that more traffic could cross the peering link, and not to go their transit provider (peering is - or should be -  cheaper than transit)

you’ve got several other ideas tied up here, so let’s separate them out one by one….

first, an ISP in Sudan is -selling- IP transit to ET.   by definition, that makes ET a customer, and when an ISP sells IP transit to a customer, it basically says:  dear customer, these are all the internet prefixes I know about, and can hopefully get you to.  now, that should include the ISP's network; the ISP's other customers, and the ISP's peers.  so, a local (sudanese) ISP that sells transit to ET, should already be telling their ET customer about the prefixes that the ISP learns at SIXP (its peers).  that’s normal, and, as i said, desirable.  this is already not happening now;  so this is something that, imho, the ISP should probably fix …  ;-)


> I guess this is where L2 IXP comes handy.


no, not really.  the L2 IXP simply means that it’s: 
* cheaper and easier to manage the hardware;  a router 10gb port is much, much more expensive for the IXP to have to provision, than a L2 switch port.
* cheaper and easier to manage;  since the IXP operator’s function is not to interfere with “routing” you don’t need to have a super-duper BGP expert on staff;  just someone that can keep a L2 switch running
* since the IXP doesn’t get in the path of “routing” the ISPs can then make more interesting traffic engineering decisions 

unless the L3 run SIXP is doing something strange like tagging on no-export or other things, a functional change from L2 to L3 would not resolve this.  

>    I can't recall the exact case but one of the big IXPs had issue after their local prefix leaked to the Internet.
> 
that is an entirely different thing…
what happened there, was that the IXP peering lan prefix was visible to the internet.  that’s generally considered a Bad Thing to do.  in the case that you’re likely thinking of, a lot of backscatter traffic made its way to the peering-lan IP address of one of the peers.  functionally, it didn’t really affect the actual IX itself.  


—n.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sdnog.sd/pipermail/sdnog/attachments/20141228/93bf77de/attachment.html>

More information about the sdnog mailing list