1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
|
Network Working Group T. Bates
Request for Comments: 2260 Cisco Systems
Category: Informational Y. Rekhter
Cisco Systems
January 1998
Scalable Support for Multi-homed Multi-provider Connectivity
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1998). All Rights Reserved.
2. Abstract
This document describes addressing and routing strategies for multi-
homed enterprises attached to multiple Internet Service Providers
(ISPs) that are intended to reduce the routing overhead due to these
enterprises in the global Internet routing system.
3. Motivations
An enterprise may acquire its Internet connectivity from more than
one Internet Service Provider (ISP) for some of the following
reasons. Maintaining connectivity via more than one ISP could be
viewed as a way to make connectivity to the Internet more reliable.
This way when connectivity through one of the ISPs fails,
connectivity via the other ISP(s) would enable the enterprise to
preserve its connectivity to the Internet. In addition to providing
more reliable connectivity, maintaining connectivity via more than
one ISP could also allow the enterprise to distribute load among
multiple connections. For enterprises that span wide geographical
area this could also enable better (more optimal) routing.
The above considerations, combined with the decreasing prices for the
Internet connectivity, motivate more and more enterprises to become
multi-homed to multiple ISPs. At the same time, the routing overhead
that such enterprises impose on the Internet routing system becomes
more and more significant. Scaling the Internet, and being able to
support a growing number of such enterprises demands mechanism(s) to
contain this overhead. This document assumes that an approach where
routers in the "default-free" zone of the Internet would be required
Bates & Rekhter Informational [Page 1]
^L
RFC 2260 Multihoming January 1998
to maintain a route for every multi-homed enterprise that is
connected to multiple ISPs does not provide an adequate scaling.
Moreover, given the nature of the Internet, this document assumes
that any approach to handle routing for such enterprises should
minimize the amount of coordination among ISPs, and especially the
ISPs that are not directly connected to these enterprises.
There is a difference of opinions on whether the driving factors
behind multi-homing to multiple ISPs could be adequately addressed by
multi-homing just to a single ISP, which would in turn eliminate the
negative impact of multi-homing on the Internet routing system.
Discussion of this topic is beyond the scope of this document.
The focus of this document is on the routing and addressing
strategies that could reduce the routing overhead due to multi-homed
enterprises connected to multiple ISPs in the Internet routing
system.
The strategies described in this document are equally applicable to
both IPv4 and IPv6.
4. Address allocation and assignment
A multi-homed enterprise connected to a set of ISPs would be
allocated a block of addresses (address prefix) by each of these ISPs
(an enterprise connected to N ISPs would get N different blocks).
The address allocation from the ISPs to the enterprise would be based
on the "address-lending" policy [RFC2008]. The allocated addresses
then would be used for address assignment within the enterprise.
One possible address assignment plan that the enterprise could employ
is to use the topological proximity of a node (host) to a particular
ISP (to the interconnect between the enterprise and the ISP) as a
criteria for selecting which of the address prefixes to use for
address assignment to the node. A particular node (host) may be
assigned address(es) out of a single prefix, or may have addresses
from different prefixes.
5. Routing information exchange
The issue of routing information exchange between an enterprise and
its ISPs is decomposed into the following components:
a) reachability information that an enterprise border router
advertises to a border router within an ISP
b) reachability information that a border router within an ISP
advertises to an enterprise border router
Bates & Rekhter Informational [Page 2]
^L
RFC 2260 Multihoming January 1998
The primary focus of this document is on (a); (b) is covered only as
needed by this document.
5.1. Advertising reachability information by enterprise border routers
When an enterprise border router connected to a particular ISP
determines that the connectivity between the enterprise and the
Internet is up through all of its ISPs, the router advertises (to the
border router of that ISP) reachability to only the address prefix
that the ISP allocated to the enterprise. This way in a steady state
routes injected by the enterprise into its ISPs are aggregated by
these ISPs, and are not propagated into the "default-free" zone of
the Internet.
When an enterprise border router connected to a particular ISP
detemrines that the connectivity between the enterprise and the
Internet through one or more of its other ISPs is down, the router
starts advertising reachability to the address prefixes that was
allocated by these ISPs to the enterprise. This would result in
injecting additional routing information into the "default-free" zone
of the Internet. However, one could observe that the probability of
all multi-homed enterprises in the Internet concurrently losing
connectivity to the Internet through one or more of their ISPs is
fairly small. Thus on average the number of additional routes in the
"default-free" zone of the Internet due to multi-homed enterprises is
expected to be a small fraction of the total number of such
enterprises.
The approach described above is predicated on the assumption that an
enterprise border router has a mechanism(s) by which it could
determine (a) whether the connectivity to the Internet through some
other border router of that enterprise is up or down, and (b) the
address prefix that was allocated to the enterprise by the ISP
connected to the other border router. One such possible mechanism
could be provided by BGP [RFC1771]. In this case border routers
within the enterprise would have an IBGP peering with each other.
Whenever one border router determines that the intersection between
the set of reachable destinations it receives via its EBGP (from its
directly connected ISP) peerings and the set of reachable
destinations it receives from another border router (in the same
enterprise) via IBGP is empty, the border router would start
advertising to its external peer reachability to the address prefix
that was allocated to the enterprise by the ISP connected to the
other border router. The other border router would advertise (via
IBGP) the address prefix that was allocated to the enterprise by the
ISP connected to that router. This approach is known as "auto route
injection".
Bates & Rekhter Informational [Page 3]
^L
RFC 2260 Multihoming January 1998
As an illustration consider an enterprise connected to two ISPs,
ISP-A and ISP-B. Denote the enterprise border router that connects
the enterprise to ISP-A as BR-A; denote the enterprise border router
that connects the enterprise to ISP-B as BR-B. Denote the address
prefix that ISP-A allocated to the enterprise as Pref-A; denote the
address prefix that ISP-B allocated to the enterprise as Pref-B.
When the set of routes BR-A receives from ISP-A (via EBGP) has a
non-empty intersection with the set of routes BR-A receives from BR-B
(via IBGP), BR-A advertises to ISP-A only the reachability to Pref-A.
When the intersection becomes empty, BR-A would advertise to ISP-A
reachability to both Pref-A and Pref-B. This would continue for as
long as the intersection remains empty. Once the intersection becomes
non-empty, BR-A would stop advertising reachability to Pref-B to
ISP-A (but would still continue to advertise reachability to Pref-A
to ISP-A). Figure 1 below describes this method graphically.
+-------+ +-------+ +-------+ +-------+
( ) ( ) ( ) ( )
( ISP-A ) ( ISP-B ) ( ISP-A ) ( ISP-B )
( ) ( ) ( ) ( )
+-------+ +-------+ +-------+ +-------+
| /\ | /\ | /\ |
| || | || | Pref-A (connection
| Pref-A | Pref-B | Pref-B broken)
| || | || | || |
+-----+ +-----+ +-----+ +-----+
| BR-A|------|BR-B | | BR-A|------|BR-B |
+-----+ IBGP +-----+ +-----+ IBGP +-----+
non-empty intersection empty intersection
Figure 1: Reachability information advertised
Although strictly an implementation detail, calculating the
intersection could potentially be a costly operation for a large set
of routes. An alternate solution to this is to make use of a selected
single (or more) address prefix received from an ISP (the ISP's
backbone route for example) and configure the enterprise border
router to perform auto route injection if the selected prefix is not
present via IBGP. Let's suppose ISP-B has a well known address
prefix, ISP-Pref-B for its backbone. ISP-B advertises this to BR-B
and BR-B in turn advertises this via IBGP to BR-A. If BR-A sees a
withdraw for ISP-Pref-B it advertises Pref-B to ISP-A.
Bates & Rekhter Informational [Page 4]
^L
RFC 2260 Multihoming January 1998
The approach described in this section may produce less than the full
Internet-wide connectivity in the presence of ISPs that filter out
routes based on the length of their address prefixes. One could
observe however, that this would be a problem regardless of how the
enterprise would set up its routing and addressing.
5.2. Further improvements
The approach described in the previous section allows to
significantly reduce the routing overhead in the "default-free" zone
of the Internet due to multi-homed enterprises. The approach
described in this section allows to completely eliminate this
overhead.
An enterprise border router would maintain EBGP peering not just with
the directly connected border router of an ISP, but with the border
router(s) in one or more ISPs that have their border routers directly
connected to the other border routers within the enterprise. We
refer to such peering as "non-direct" EBGP.
An ISP that maintains both direct and non-direct EBGP peering with a
particular enterprise would advertise the same set of routes over
both of these peerings. An enterprise border router that maintains
either direct or non-direct peering with an ISP advertises to that
ISP reachability to the address prefix that was allocated by that ISP
to the enterprise. Within the ISP routes received over direct
peering should be preferred over routes received over non-direct
peering. Likewise, within the enterprise routes received over direct
peering should be preferred over routes received over non-direct
peering.
Forwarding along a route received over non-direct peering should be
accomplished via encapsulation [RFC1773].
As an illustration consider an enterprise connected to two ISPs,
ISP-A and ISP-B. Denote the enterprise border router that connects
the enterprise to ISP-A as E-BR-A, and the ISP-A border router that
is connected to E-BR-A as ISP-BR-A; denote the enterprise border
router that connects the enterprise to ISP-B as E-BR-B, and the ISP-B
border router that is connected to E-BR-B as ISP-BR-B. Denote the
address prefix that ISP-A allocated to the enterprise as Pref-A;
denote the address prefix that ISP-B allocated to the enterprise as
Pref-B. E-BR-A maintains direct EBGP peering with ISP-BR-A and
advertises reachability to Pref-A over that peering. E-BR-A also
maintain a non-direct EBGP peering with ISP-BR-B and advertises
reachability to Pref-B over that peering. E-BR-B maintains direct
EBGP peering with ISP-BR-B, and advertises reachability to Pref-B
over that peering. E-BR-B also maintains a non-direct EBGP peering
Bates & Rekhter Informational [Page 5]
^L
RFC 2260 Multihoming January 1998
with ISP-BR-A, and advertises reachability to Pref-A over that
peering.
When connectivity between the enterprise and both of its ISPs (ISP-A
and ISP-B is up, traffic destined to hosts whose addresses were
assigned out of Pref-A would flow through ISP-A to ISP-BR-A to E-BR-
A, and then into the enterprise. Likewise, traffic destined to hosts
whose addresses were assigned out of Pref-B would flow through ISP-B
to ISP-BR-B to E-BR-B, and then into the enterprise. Now consider
what would happen when connectivity between ISP-BR-B and E-BR-B goes
down. In this case traffic to hosts whose addresses were assigned
out of Pref-A would be handled as before. But traffic to hosts whose
addresses were assigned out of Pref-B would flow through ISP-B to
ISP-BR-B, ISP-BR-B would encapsulate this traffic and send it to E-
BR-A, where the traffic will get decapsulated and then be sent into
the enterprise. Figure 2 below describes this approach graphically.
+---------+ +---------+
( ) ( )
( ISP-A ) ( ISP-B )
( ) ( )
+---------+ +---------+
| |
+--------+ +--------+
|ISP-BR-A| |ISP-BR-B|
+--------+ +--------+
| /+/ |
/\ | Pref-B /+/ |
|| | /+/ \./
Pref-A| /+/ non- /.\
|| | /+/ direct |
| /+/ EBGP |
+------+ +-------+
|E-BR-A|-----------|E-BR-B |
+------+ IBGP +-------+
Figure 2: Reachability information advertised via non-direct EBGP
Observe that with this scheme there is no additional routing
information due to multi-homed enterprises that has to be carried in
the "default-free" zone of the Internet. In addition this scheme
doesn't degrade in the presence of ISPs that filter out routes based
on the length of their address prefixes.
Note that the set of routers within an ISP that maintain non-direct
peering with the border routers within an enterprise doesn't have to
be restricted to the ISP's border routers that have direct peering
Bates & Rekhter Informational [Page 6]
^L
RFC 2260 Multihoming January 1998
with the enterprise's border routers. The non-direct peering could be
maintained with any router within the ISP. Doing this could improve
the overall robustness in the presence of failures within the ISP.
5.3. Combining the two
One could observe that while the approach described in Section 5.2
allows to completely eliminate the routing overhead due to multi-
homed enterprises in the "default-free" zone of the Internet, it may
result in a suboptimal routing in the presence of link failures. The
sub-optimality could be reduced by combining the approach described
in Section 5.2 with a slightly modified version of the approach
described in Section 5.1. The modification consists of constraining
the scope of propagation of additional routes that are advertised by
an enterprise border router when the router detects problems with the
Internet connectivity through its other border routers. A way to
constrain the scope is by using the BGP Community attribute
[RFC1997].
5.4. Better (more optimal) routing in steady state
The approach described in this document assumes that in a steady
state an enterprise border router would advertise to a directly
connected ISP border router only the reachability to the address
prefix that this ISP allocated to the enterprise. As a result,
traffic originated by other enterprises connected to that ISP and
destined to the parts of the enterprise numbered out of other address
prefixes would not enter the enterprise at this border router,
resulting in potentially suboptimal paths. To improve the situation
the border router may (in steady state) advertise reachability not
only to the address prefix that was allocated by the ISP that the
router is directly connected to, but to the address prefixes
allocated by some other ISPs (directly connected to some other border
routers within the enterprise). Distribution of such advertisements
should be carefully constrained, or otherwise this may result in
significant additional routing information that would need to be
maintained in the "default-free" part of the Internet. A way to
constrain the distribution of such advertisements is by using the BGP
Community attribute [RFC1997].
6. Comparison with other approaches
CIDR [RFC1518] proposes several possible address allocation
strategies for multi-homed enterprises that are connected to multiple
ISPs. The following briefly reviews the alternatives being used
today, and compares them with the approaches described above.
Bates & Rekhter Informational [Page 7]
^L
RFC 2260 Multihoming January 1998
6.1. Solution 1
One possible solution suggested in [RFC1518] is for each multi-homed
enterprise to obtain its IP address space independently from the ISPs
to which it is attached. This allows each multi-homed enterprise to
base its IP assignments on a single prefix, and to thereby summarize
the set of all IP addresses reachable within that enterprise via a
single prefix. The disadvantage of this approach is that since the
IP address for that enterprise has no relationship to the addresses
of any particular ISPs, the reachability information advertised by
the enterprise is not aggregatable with any, but default route.
results in the routing overhead in the "default-free" zone of the
Internet of O(N), where N is the total number of multi-homed
enterprises across the whole Internet that are connected to multiple
ISPs.
As a result, this approach can't be viewed as a viable alternative
for all, but the enterprises that provide high enough degree of
addressing information aggregation. Since by definition the number of
such enterprises is likely to be fairly small, this approach isn't
viable for most of the multi-homed enterprises connected to multiple
ISPs.
6.2. Solution 2
Another possible solution suggested in [RFC1518] is to assign each
multi-homed enterprise a single address prefix, based on one of its
connections to one of its ISPs. Other ISPs to which the multi-homed
enterprise is attached maintain a routing table entry for the
organization, but are extremely selective in terms of which other
ISPs are told of this route and would need to perform "proxy"
aggregation. Most of the complexity associated with this approach is
due to the need to perform "proxy" aggregation, which in turn
requires t addiional inter-ISP coordination and more complex router
configuration.
7. Discussion
The approach described in this document assumes that addresses that
an enterprise would use are allocated based on the "address lending"
policy. Consequently, whenever an enterprise changes its ISP, the
enterprise would need to renumber part of its network that was
numbered out of the address block that the ISP allocated to the
enterprise. However, these issues are not specific to multihoming
and should be considered accepted practice in todays internet. The
approach described in this document effectively eliminates any
distinction between single-home and multi-homed enterprise with
respect to the impact of changing ISPs on renumbering.
Bates & Rekhter Informational [Page 8]
^L
RFC 2260 Multihoming January 1998
The approach described in this document also requires careful address
assignment within an enterprise, as address assignment impacts
traffic distribution among multiple connections between an enterprise
and its ISPs.
Both the issue of address assignment and renumbering could be
addressed by the appropriate use of network address translation
(NAT). The use of NAT for multi-homed enterprises is the beyond the
scope of this document.
Use of auto route injection (as described in Section 5.1) increases
the number of routers in the default-free zone of the Internet that
could be affected by changes in the connectivity of multi-homed
enterprises, as compared to the use of provider-independed addresses
(as described in Section 6.1). Specifically, with auto route
injection when a multi-homed enterprise loses its connectivity
through one of its ISPs, the auto injected route has to be propagated
to all the routers in the default-free zone of the Internet. In
contrast, when an enterprise uses provider-independent addresses,
only some (but not all) of the routers in the default-free zone would
see changes in routing when the enterprise loses its connectivity
through one of its ISPs.
To supress excessive routing load due to link flapping the auto
injected route has to be advertised until the connectivity via the
other connection (that was previously down and that triggered auto
route injection) becomes stable.
Use of the non-direct EBGP approach (as described in Section 5.2)
allows to eliminate route flapping due to multi-homed enterprises in
the default-free zone of the Internet. That is the non-direct EBGP
approach has better properties with respect to routing stability than
the use of provider-independent addresses (as described in Section
6.1).
8. Applications to multi-homed ISPs
The approach described in this document could be applicable to a
small to medium size ISP that is connected to several upstream ISPs.
The ISP would acquire blocks of addresses (address prefixes) from its
upstream ISPs, and would use these addresses for allocations to its
customers. Either auto route injection, or the non-direct EBGP
approach, or a combination of both could be used by the ISP when
peering with its upstream ISPs. Doing this would provide routability
for the customers of such ISP, without advertsely affecting the
overall scalability of the Internet routing system.
Bates & Rekhter Informational [Page 9]
^L
RFC 2260 Multihoming January 1998
9. Security Considerations
Since the non-direct EBGP approach (as described in Section 5.2)
requires EBGP sessions between routers that are more than one IP hop
from each other, routers that maintain these sessions should use an
appropriate authentication mechanism(s) for BGP peer authentication.
Security issues related to the IBGP peering, as well as the EBGP
peering between routers that are one IP hop from each other are
outside the scope of this document.
10. Acknowledgments
The authors of this document do not make any claims on the
originality of the ideas described in this document. Anyone who
thought about these ideas before should be given all due credit.
11. References
[RFC1518]
Rekhter, Y., and T. Li, "An Architecture for IP Address
Allocation with CIDR", RFC 1518, September 1993.
[RFC1771]
Rekhter, Y., and T. Li, "A Border Gateway Protocol 4 (BGP-4)",
RFC 1771, March 1995.
[RFC1773]
Hanks, S., Li, T., Farinacci, T., and P. Traina, "Generic
Routing Encapsulation over IPv4 networks", RFC 1773, October
1994.
[RFC1918]
Rekhter, Y., Moskowitz, B., Karrenberg, D., de Groot G.J., and
E. Lear, "Address Allocation for Private Internets", RFC 1918,
February 1996.
[RFC1997]
Chandra, R., Traina, P., and T. Li, "BGP Communities Attribute",
RFC 1997, August 1996.
[RFC2008]
Rekhter, Y., and T. Li, "Implications of Various Address
Allocation Policies for Internet Routing", BCP 7, RFC 2008,
October 1996.
Bates & Rekhter Informational [Page 10]
^L
RFC 2260 Multihoming January 1998
12. Authors' Addresses
Tony Bates
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
EMail: tbates@cisco.com
Yakov Rekhter
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
EMail: yakov@cisco.com
Bates & Rekhter Informational [Page 11]
^L
RFC 2260 Multihoming January 1998
13. Full Copyright Statement
Copyright (C) The Internet Society (1998). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Bates & Rekhter Informational [Page 12]
^L
|
