Categories

This month, we continue to be at the edge of the Internet talking about aspects of Traffic Engineering (TE) in BGP! We began our blog series by writing about TE – the what, the why, capacity management and traffic management. This month, we’re taking a look at outbound and inbound TE on the Internet, focusing on how BGP performs best path selection and some of the BGP attributes that make up the algorithm to determine the best path for packets.

Optimising traffic flow is something every good network engineer tries to achieve, and there are several ways that we can do this. An important issue that often occurs during peak times is traffic congestion. We don’t need to tell you about the issue with traffic congestion, but for end users, seeing that buffering symbol is just as disappointing as seeing the red ring of death on an Xbox! Let’s begin by looking at optimising traffic flow through the lens of outbound vs. inbound traffic.

Outbound vs inbound
As network experts, we know what outbound and inbound traffic is, so let’s skip ahead and talk about engineering it! Engineering outbound traffic is the process of manipulating the routing of traffic leaving our AS. By doing this, we can locally influence outbound traffic routes by adjusting BGP attributes, specifically local preference or AS path length. In comparison, engineering inbound traffic is much more complex and involves manipulating the routing of traffic coming onto our network. It involves adjusting the BGP attributes of routes advertised by peers, but don’t forget, peers can override these attributes when updates are sent, making it much harder. Now that we’ve covered the difference between outbound and inbound TE, let’s talk more about best path selection.

 

‘Okay BGP, show me the fastest route’
The BGP specification defines an algorithm known as best path selection to choose and install the best routes into routing tables. The algorithm uses a predefined set of criteria to select the most efficient route across the Internet to a destination address or prefix. The table below lists the order of criteria.

Priority Attribute
1 Local preference
2 Local origin
3 AS path length
4 Origin code (lowest)
5 MultiExit Discriminator (MED)
6 eBGP over iBGP
7 Shortest IGP path to BGP next-hop
8 Oldest path
9 Router ID
10 Neighbour IP address (lowest)

Now that we’ve looked at this broadly, let’s examine this a little further and look at the attributes that can be manipulated to determine the best path.

BGP attributes 
BGP protocol determines a score for each path based on attributes – these are the aspects we manipulate to make the BSP algorithm work the way we want it to. To better understand attributes, let’s split them into categories: mandatory, discretionary, optional transitive and optional non-transitive.  

Mandatory 
Mandatory: sounds demanding, doesn’t it? That’s because they are REQUIRED for routes to be considered valid. These are recognised by all BGP peers and are present in all update messages. These attributes are Next-hop, Origin and AS Path. 

Discretionary 
Discretionary attributes influence the algorithm but aren’t required for route validation. These are recognised by all routers, passed to all peers and can be included in update messages if required. These attributes are Local Preference and Atomic Aggregate. 

Optional transitive 
Optional transitive attributes can provide additional information about routes, but don’t generally affect the algorithm. They are possibly recognised by BGP routers and may be passed to other peers when received from a peer. These attributes are Aggregator and Community. 

Optional non-transitive 
The optional non-transitive attributes are Multi-Exit Discriminator (MED), Originator ID and Cluster ID. Non-transitive attributes received from a peer are not permitted to be passed to other peers by the receiving AS. 

In addition to attributes, asymmetric routing is also integral to quality TE.  

Let’s take a different route home 
Asymmetric routing is another important aspect of TE. This occurs when a packet travels from a destination down one path and takes a different path upon its return – it’s very common in BGP and you can’t avoid it! Generally, asymmetric routing doesn’t cause issues, but when it does, it’s usually causing issues with load balancing leading to suboptimal routing. This type of routing occurs when 2 available paths are present and contain the same number of hops; AS path length will not force a routing decision. Therefore, the algorithm moves to the next attribute in the priority stack. 

Asymmetric routing can also cause issues with stateful devices, such as firewalls: traffic flows returning via a different path than the one they departed on can arrive at a different device, and if the receiving device is not aware of the flow’s existence or has no matching entry in its state table, the incoming traffic is dropped: 

Something’s wrong, help!
Things are always great when they work, unfortunately that’s not always the case! When it comes to TE, there are some great diagnostic tools out there including looking glasses, RIPE Atlas, NLNOG RING and more. They help us to troubleshoot a variety of different network issues. Here at IAA, we use looking glasses wherever they are available to determine how a network (AS) directs traffic destined for a particular IP address or subnet. We also operate our own looking glass for each IX, which can help give a better understanding of the paths available to a particular destination via the IX (or, indeed, if a destination is NOT reachable via the IX). When a looking glass is not available (i.e. a network operator has not made one publicly available), tools such as RIPE Atlas are invaluable for observing the path that traffic takes out of a particular AS, and can be used to narrow down the probable point of any routing issues along the path from a given AS to the destination. 

Understanding the difference between outbound and inbound traffic engineering is crucial to optimising traffic flow over networks. As network engineers, understanding which attributes can be manipulated to ensure packets travel down the best path can help reduce traffic congestion, improve efficiency and reliability. If you’d like to learn more about how to improve network performance through outbound traffic engineering, stay tuned for next month’s ‘how to’ blog article!

This month marked 10 years since IAA announced the launch of a peering point in South Australia, heralding the further expansion of our IX-Australia peering network. 

SA-IX’s 10th birthday was officially celebrated on Monday 27 February. Here’s to another 10 years – and hopefully many, many more! 

Voting is now open for the APNIC Executive Council (EC) election. If you are a member of APNIC, IAA strongly encourages you to vote.   

APNIC is the organisation responsible for the distribution and management of IP addresses and AS numbers in the Asia-Pacific region. The APNIC EC is responsible for the management of APNIC’s activities and functions, including its strategic direction and budget on behalf of APNIC members. The constitution of the EC can have a great impact on the Internet landscape and community in Australia, and more globally. IAA is firmly committed to stability and reliability in the management of Internet resources and considers the continuing good governance of APNIC to be essential to this cause.  

As it’s a member-driven organisation, it is important that you use your vote, and do so wisely to ensure a well-rounded and appropriate EC.  

We strongly encourage you to:  

  • carefully consider the candidates  
  • ensure the candidate you vote for appropriately represents the Internet community and works in the best interest of the Internet. 

Voting closes 14:30 AWST (UTC +8) Thursday 2 March 2023. 

Further information on the nominees and processes can be found on the APNIC nominations page. 

Amazon Web Services (AWS) ASN 16509 peering on NSW-IX has recently advised our technical team of a typo in their LAG IPv6 address. Unfortunately, this has resulted in a large number of NSW-IX members peering with an incorrect IPv6 address.

To rectify this issue, AWS has requested that all peers check and reconfigure the address if required. Please see the information below:

Incorrect: IPv4 218.100.52.9. IPv6 2001:7fa:11:4:0:470d:0:1
Correct: IPv4 218.100.52.9. IPv6 2001:7fa:11:4:0:407d:0:1

If you would like any further information regarding this matter, please get in contact with AWS via peering-apac@amazon.com

You may have noticed our email earlier this month about the APNIC EC Election. But what exactly is APNIC and why does it matter to you? 

APNIC (Asia Pacific Network Information Centre) is the Regional Internet Registry (RIR) for the Asia Pacific Region. It is one of 5 such registries across the world. RIRs manage the allocation and registration of Internet number resources (IP addresses and Autonomous System Numbers) in their respective regions. Nothing gets on the Internet without an IP address connected to an Autonomous System, and each must be unique, though we have ways of sharing them given the number of devices connected to the Internet now exceeds the number of IPv4 addresses. 

Through this technical coordination, RIRs play a very important role in supporting the infrastructure of the Internet, as well as in Internet Governance. As independent, not-for-profit, and member-based organisations, RIRs operate for the benefit of the wider Internet community.  

In recent times, the global Internet community has witnessed other RIRs struggle to operate particularly in the context of the fight over limited IPv4 addresses. As the Internet continues to evolve to heights much greater than anyone imagined at its conception with more and more people jumping online, protecting the sound management of Internet resources and promoting Internet policies is critical to ensure the resilience and continued growth of the Internet.  

Although the overarching Number Resource Organisation (NRO) serves as a coordinating body for the 5 RIRs, each RIR distributes resources according to its own policies that have been developed in its respective region via open, bottom-up policy development processes.  This bottom-up governance structure is to respect the autonomy of each region. As such, the constitution of the Executive Council (EC) of an RIR is very important to how it functions.  

With the voting for the APNIC EC election now open, IAA encourages all members who are also members of APNIC to utilise your vote carefully and wisely to ensure the protection of the Internet community. Voting closes 14:30 AWST (UTC +8) Thursday 2 March 2023.  

IAA’s public policy work has already kickstarted, holding the first PPAP meeting of 2023 this month. Although we were missing a few members, we still had lively discussions including an update on IAA’s public policy work since the fourth quarter of 2022, upcoming consultations on Internet policy issues, and even a debate on the need for a CSP registration scheme. 

We are always welcome to hearing our members’ thoughts and concerns on issues affecting the Internet industry, so please do share any comments you may have by email 

Another busy month for IAA’s policy team as we work on responding to key submissions and holding the first Public Policy Advisory Panel meeting of 2023. As always, please feel free to share any concerns or comments regarding public policy areas affecting the Internet community. 

Completed Submissions

Proposed Variation to the NBN Co Special Access Undertaking | ACCC
Since withdrawing its proposed SAU in July 2022, NBN Co submitted its revised SAU proposal in November 2022. The ACCC is seeking views on whether it should accept the new SAU. While the latest SAU proposal definitely demonstrates some improvement, IAA still indicated some concerns primarily regarding its pricing model, and service quality and standards.

Digital Platforms: Government Consultation on ACCC’s Regulatory Reform Recommendations – Consultation Paper | Department of Treasury
Following the ACCC’s report on Digital Platforms in late 2022, the Treasury sought views on introducing new regulation based on the ACCC’s recommendations. Our response primarily emphasised the critical importance of distinguishing ISPs from digital platforms as the ‘pipes’ of the Internet to ensure telco providers are not subject to any new regulations.

Record Keeping Rule – NBN Service Performance | ACCC
The ACCC held a consultation for a development of a Record Keeping Rule (RKR) for NBN Co’s service performance. The Consultation Paper also sought views on applying comparable regulation for SBAS providers. In general, IAA supported the development of RKRs for both NBN Co and SBAS providers to ensure transparency and accountability of the provision of NBN and SBAS services. RSPs are often blamed for service faults by consumers, but public reporting made mandatory by RKR can help increase awareness and understanding in the consumer base of underlying network issues affecting their services, and in turn, force NBN Co and SBAS to improve their service provision.

Open Submissions 

Copyright Enforcement Review 2022-2023 | Attorney General’s Department | 7 March 2023
The Attorney General is reviewing Australia’s copyright enforcement regime. Following recent court cases involving various ISPs and entertainment companies regarding website blocking, a review into Australia’s copyright regime seems indeed necessary to develop a more robust and efficient framework.

Privacy Act Review Report 2022 | Attorney General’s Department | 31 March 2023
Continuing its review since 2020, the Attorney General has issued its Privacy Act Review Report, seeking feedback on 116 recommendations. This Report follows recent high-profile data-breach incidents that occurred in late 2022, which brought to light major issues regarding Australia’s privacy framework. As data becomes increasingly commodified and important in today’s digital age, IAA is committed to contributing to the development of a privacy regime that is effective but measured.

 

 

Applications are now closed for our IAASysters 2023 program.

This year’s theme, Future Heroes of the Internet, continues our crusade to support and enable women within the Internet industry. We’re offering 10 successful applicants free attendance, including flights and accommodation (if necessary).

The third running of our IAASysters program is set to be our best one yet! Not only is it taking place on the beautiful Gold Coast in line with the AusNOG Conference, but we’re excited to announce that we’re bringing back a Systers favourite, Cheryl Alderman, who’ll be running her high-energy career coaching session during the workshop.

IAASysters was launched to support and encourage ALL women in the Internet space. Whether you’re an inspiring student, intern, re-entering the workforce after a break or have been working in your role for some time, it’s your passion for the Internet and the Internet industry that really counts. Applicants demonstrating the most potential for personal growth and passion for the Internet are rated highest.

Applications are open to ALL types of job roles within the Internet industry (network operations, engineering, IT, marketing, regulation, customer support or studying towards a relevant degree or diploma).

We’re offering 10 successful applicants the opportunity to attend:

• the one-day IAASysters Workshop – Wednesday 6 September

• the IAASysters lunch – Wednesday 6 September

• the two-day AusNOG Conference – Thursday 7-8 September

• the networking and social events that run in conjunction with the conference.

All flights and accommodation costs are covered, so all you have to do is fill out your application. Applications to become a Syster closed on Friday 28 April 2023 at 5:00pm AEST.

 

Learn more

 

Sign up to IAA's mailing list

Complete this form to receive all our latest news, events and updates.