The "crisis" of the routing table is a challenge, but it is manageable

Digital No comment

As a company, you may be concerned about the "crisis" of the recent Internet routing table, where the number of Internet routes listed exceeded the carrying capacity of 512,000 existing on many Internet routers (524,288 to be precise, or 2 ^ 19). Does your company will buy new routers? Internet he will become unstable? Before calling your team of network engineers to an emergency meeting, some advice: the problem is long known, proves manageable, and can even provide an opportunity to explore ways to make your network more flexible and effective.

First, as I said, nothing new. In my previous position , I had to specifically manage routing table capacity issues. This goes back to the time when the global routing table was limited to about 300,000 prefixes (and IPv6 routing table only 2500 prefixes).

"Determining the prefixes that we could safely summarize or exclude"

The "crisis" of the routing table is a challenge, but it is manageable
Working for a company operating a global content delivery network with its own IP backbone network meant that my team was mobilized an amazing number of 10 Gigabit ports connected to transportation providers and web partners. Each of these ports in turn demanded a complete Internet monitoring to optimize outbound traffic of critical importance to ensure customer service quality.

In addition, each of these thousands of 10G ports accept a maximum of 512 000 prefixes because of limitations TCAM (Ternary CAM), the technical name of the memory that contains the routing table in which the media talk a lot lately. 300,000 IPv4 prefixes available while in the security zone still left a margin of 40% growth before reaching the limit of 512,000.

The challenge was that we were in full adoption of the IPv6 standard (in coexistence with IPv4 configuration). TCAM profile available for these ports gave 384,000 IPv4 prefixes (with 64,000 reserved for IPv6 prefixes).

Given the growth curve of the global routing table (Source: BGP report), it became pretty obvious that we would reach the ceiling of 384.000 prefixes available with an AAGR profile. Our router vendor was happy to sell us cards online with enough TCAM memory to handle a million roads. However, it is probably worth mentioning that if one of the main cost centers lies in the price of 10G ports, TCAM is very expensive. Let's just say that my task was soon to determine the prefixes that we could safely summarize or to exclude only manage 512,000 TCAM entries and therefore minimize the cost of 10G ports, the project that most network engineers might see as a challenge.

"Easier for a company to justify the demand for new IP blocks that optimize"

Of course, knowing a little history of the Internet, I realized that things could be different. Much of the problem was (and is) a division of the IPv4 Internet address space into smaller networks following the recurrent requests allocation businesses. It was often a direct result of the lack of adequate IP planning tools in these companies to know exactly at a given time, the IP address usage levels and block current or allocated IP addresses. Thus, it was often easier for a company to justify the demand for new IP blocks to optimize utilization levels of the blocks already allocated.

Such requests for additional IP space then were satisfied with allocations increasingly small and not contiguous, because of the constant reduction of available IPv4 addresses. This trend has resulted in turn the growth of the global routing table, to the current situation, with slightly more than 512.000 roads and caused blackouts, among others, lack of tools used to manage IP addresses a mature operational framework.

In truth, despite the hype, the problem of 512.000 entries can easily be adjusted for most companies. Service providers have this problem for a long time and can not justify not having anticipated upgrade their equipment. In addition, the vast majority of companies need not optimize routing storing the Internet routing table on their own equipment. In all cases, a little diligence and consensus sufficient to avoid the negative impact of a fraction of the IPv6 space.

But the question remains, as an organization, if you wanted a report of all the IP address prefixes that holds your company, all IP addresses that it controls, with all their DNS data and related DHCP (or violations of safety rules which are possibly responsible associated hosts and servers), what would this report? Would it be possible to use it to quickly make the right decisions?

We are talking about information that improves network visibility, control, automation and security. Today, the analysis of these data already allows to see the shape and cost of the next problem similar to this one.

There is still time to deploy the right tools and processes to access this data, reduce downtime and anticipate the impact of technological limitations.

This forum is written by Tom Coffeen , Chief Evangelist for Infoblox IPv6