[governance] ITRs
Karl Auerbach
karl at cavebear.com
Tue Oct 30 03:14:59 EDT 2012
The idea of "State control over Internet routing system" makes my head spin.
The reason why the internet is so flexible - and seemingly so much less
expensive - as compared to the old telco networks is that the internet
is based on "packet switching" rather than the old telco notion of
"circuit switching".
Attempts to turn the internet back into a circuit switched network will
cause the internet to become as inflexible and expensive as the old
telco networks. Perhaps then we ought to abandon IP and the internet
and resurrect ISDN?
That would be stupid - like trying to swim up Yosemite falls. I hope we
will not hear much demand for that.
There is no one singular thing that one can identify as "internet
routing" - IP routing choices are made on a packet-by-packet basis in
every IP layer device. And the choice made for packet N does not
mandate the choice for packet N+1.
The data that feeds that per-packet routing decision comes from many
sources - the best known in large scale routing is the BGP protocol.
But one has to understand that BGP, and all the other routing protocols,
merely feed possibilities into a routing policy mechanism that uses
policies to pick and chose among those possibilities to come up with
actual packet forwarding decisions.
Yes there is a bit of path-binding in the internet: Within providers
trunking of paths - which essentially removes the routing choice from
individual IP layer switching devices - is often done by wrapping
packets with things like MPLS. But any plan to span the internet with a
worldwide consistent cross-provider MPLS framework is as doomed to sink
under its technical and administrative weight as were notions of
spanning the world with consistent ATM VCI/VPI paths.
Nor are routes symmetrical - in fact many, perhaps most, internet paths
of any distance between an arbitrary hither and arbitrary yon are not
symmetrical.
Then there are things like source routes - where a packet contains a
strict or loose statement of where it should go before it is vectored
off towards its indicated destination.
And let's not forget anycast routing, a technology that is rather
important for things like DNS and content delivery.
And then for those who want to go into the mind-warping land of Escher
paintings there is IP multicast routing, both the classic
multiple-source variety and the more comprehensible single-source variety.
And then there are tunnels - consider them as wormholes through any
imposed routing regime.
Internet routing is a land of danger and unintended consequences -
virtually all of the total failures of the internet and its predecessor
networks were caused by routing data that got out of control. And in
recent years we have seen pieces of the internet world - entire
countries or regions - fall off because of polluted routing information
of failures of nailed-down physical links. Internet routing is a place
for agile dancers, not a place for the muddy boots of governmental
bureaucrats.
The closest thing that I can imagine that might be what is being desired
by these countries is the idea that some countries might want to declare
specific ingress and egress portals - pretty much exchange points -
which will be the sole point of entry into and out of that country. In
BGP terms these would be an AS (autonomous system) with an AS Number
(ASN) that is advertised via BGP as a way to send packets to
destinations within that country. (How packets exit that country is
really not constrained - internet routing really does not care how a
packet exited an AS, although specific peering/transit relationships
often do care.)
If that is what countries want, well then they have it today - all a
country needs to do is to is to convince/coerce all of its internal
internet providers to agree to abide by an internal routing regime that
has one ingress/egress AS, to advertise via BGP that that AS is the way
to the IP addresses in that country, and to not accept packets that
enter that country except via that path.
The technology to do this there, it is in every day use around the world
in commercial off the shelf gear. There is no need for an international
body to do this: individual countries can today impose this upon
themselves if they really want to do so.
This does not stop backdoor pathways, particularly for packet egress
from a country. But I consider that not a flaw but a feature.
--karl--
-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
governance at lists.igcaucus.org
To be removed from the list, visit:
http://www.igcaucus.org/unsubscribing
For all other list information and functions, see:
http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
http://www.igcaucus.org/
Translate this email: http://translate.google.com/translate_t
More information about the Governance
mailing list