Trouble Ahead for Internet Routing Tables?

joabj writes: "This article in Light Reading, a fiber optics news page, claims that the Internet's routing tables are ballooning in size and within a couple of years "equipment won't have enough processor power and memory to handle them." The article draws its conclusions from the dramatic increase in the number of BGP routing tables over the last six years and the predicted need for more IP addresses for all those pervasive computing goodies we've been promised."

*Why* BGP is growing so fast

[billstewart]

The main problem the article addresses is not the supply of IP addresses, but the rapid increase in the number of BGP AS numbers, which increases the amount of memory and CPU that routers need to track and calculate routes. We've largely fixed the problem of regular IP addresses, between CIDR, RFC1918 10.x addresses behind firewalls, and virtual hosting for web sites. So why do people need their own BGP addresses? It's not just for ISPs any more - there are about 5-10,000 ISPs but 100,000 BGP addresses in use.

I think the answer is that, as IP connectivity from the outside world becomes mission-critical for business applications, businesses often want to deal with more than one ISP, or at least more than one technology (e.g. cable modem plus DSL) so that their customers can reach them even if their primary ISP is down, and to improve performance. To some extent, you fix this by using reliable ISPs and hosting services, or by using fancy DNS tricks to make it easy to find the connections that aren't down or that will give the fastest connections. But ultimately, you get yourself a BGP number and advertise your routes diversely so you can get diversity.

How do we find alternatives to this? Either ISPs need to come up with ways to handle it for their customers, or routers need to get bigger and faster, or we need alternative protocols that make it easier to avoid BGP. A good local ISP can provide this - buying service from a couple of big carriers, and providing enough transparency and responsiveness that customers trust them, and enough customers that their one BGP number supports multiple customers. Hosting centers also do the same thing, and let their customers avoid access circuits as well. But it's tougher to make it work for customers who have offices in multiple locations.

Death of the Internet Predicted. Film at 11.

[BeBoxer]

This seems to be more of a scare article than anything else. This is primarily a problem of memory. Given the rapid advances in the RAM industry, I would be suprised if the global routing table could grow too fast. Even the article itself says that within a couple of years, routers might need gigabits of memory. So what. Is spec'ing out a whole GB of RAM on a > $100K router really going to be a big deal in two years? Hell, if you bought 1GB of RAM for Cisco's top of the line router (12000 series GSR), you would spend ~$30K today. Moore's Law says that cost will drop to less than $10K within a couple of years. That's chump change on a serious router. Cisco charges that much for the power supplies alone.

Let's face it. The global routing table is never going to stop growing. It's certainly never going to get any smaller. Every year the core routers will need more memory than the year before. Is this a bad thing? That the Internet is growing? I don't think so. Personally I think everybody who wants it should be able to get portable address space. But, that probably would melt down the routers. Not to mention exhausing the IPv4 address space ;-)>

Static IP addresses for stupid things

[Fervent]

I'm concerned with the increasing occurance of giving static, permanent IP addresses to relatively dumb items. Palm Pilots, refrigerators, guns in the army, etc.

Why do devices that only really need temporary internet access get permanent IP's? If we didn't have all of these extra devices crowding available IP numbers, perhaps there would be no need to develop a more complex numbering system.

Re:This is not a serious problem.

[Russ+Nelson]

No, we don't need IPv6. That's why it hasn't been implemented yet. We can get along with IPv4 just fine by aggregating routes. But before we can do that, we need to scavenge IP addresses.

Yes, the decision to allocate all those class B's was reasonable at the time. It's not reasonable now, and those IP addresses are needed.
-russ

Well No Shit

[Dungeon+Dweller]

Yeah, if every coffee maker in the world gets it's own IP address, is hosting a website about it's personal stats, and can be turned off and on via the web... We're kinda fucked. The big question being, who really wants this shit? A lot of stuff will be on tiny intranets, so I doubt that we really have much to worry about. I imagine that your coffee maker and fridge will post to a household webserver, that way you can get aggregate data which is much more managable, and also much more meaningful/useful anyways.

Now you will recieve spam for expensive coffee beans every time you make a few pots! Enjoy!

Routing table is _already_ affecting performance.

[Phizzy]

Alright.. so first off, this isn't news. Anyone following the NANOG list knows that the routing table is increasing exponentially with the rest of the internet. There isn't anything that can be done about that, realistically. The aggregation Nazis will scream day and night that they can fix the Internet if you would just let them aggregate things properly. Fine, but that would require a total renumbering of the internet, so it isn't at all possible with IPv4, unless everyone out there really feels like renumbering every machine on their network with a publicly addressable IP. Think about that for a minute. They'll scream that they can do it without renumbering, but they're wrong. The routing table is an intricate mesh of advertisements and if everything was aggregated, nothing would work right. BGP's first method of selection of routes is the longest match rule, whereby when you're choosing a route to pass traffic on, you choose the most specific advertisement, eg choose a class C rather than a class B advertisement. If everything was aggregated into /20 or larger blocks, there would be no practical way to load balance traffic in a multihomed environment (when you have transit through more than one ISP).

And secondly, BGP isn't the cause for the routing table growing, it is the cure. There is no way we would still be using IPv4 without BGP. It saved the internet by introducing classless routing.

The answer to this is simple.. upgrade, upgrade, upgrade. There are routers out there that can handle far more than the internet has to throw at them right now.. it's just that Cisco doesn't make them. Juniper does.. check them out. They built a router off some sweet hardware and BSD. You can type 'start shell' in the router and drop to a BSD shell, and they have the route processor to chew through a routing table many times the size of our current table.

ISPs need to keep up with the growth and upgrade their routers, or they will have problems. Much of the instability of the 'net is due to that now, routers get overloaded and reboot and cause all kinds of churn in the network, which overloads other routers, which reload.. you can see the cascading effect. The ISP I work for had to upgrade all of our older routers to 128m of ram and newer route processors.. if all the ISPs did this, there would be no routing table problems. They just don't want to spend the millions they need to to upgrade their infrastructure, unless the users start screaming. So start screaming at your ISP! (unless it's mine. ;)

//Phizzy

Re:a few years is a long time

[g_mcbay]

Um..why is this moderated as flamebait?

Redundant -- perhaps, though even that wouldn't really be fair as its post #18 and was probably up fairly soon after the article and started before the other posts of this type were finished/poste.d

This is not a serious problem.

[Russ+Nelson]

This is not a serious problem. What is a serious problem is all the sites that were allocated 2^16 (many colleges) or 2^24 (HP, Stanford, Interop, e.g.) addresses back when there seemed to be an infinite supply. For example, Potsdam State University has a class B. They only have 500 staff and 3000 students. What are they doing with 65,534 addresses??
-russ

Re:This is not a serious problem.

[dublin]

Wow, I finally get to disagree with Russ on technical grounds... :-)

I think we do need IPv6 for one crucial reason: mobile support. This is something that's cooked into IPv6, and it's the only right way to solve the problem. With v6 mobility, nodes essentially have two IP addresses - one static, the other dynamic. The advantage of this is that most of the world only has to know the static one to talk to you - your nomadic device is responsible for letting the static server know what your current mobile IP addr is. This keeps the Inernet routing tables from ever having to deal with any of the routes to a particular device - it just points to your static IP (which would be part of a routable superblock), and the local network (or wireless carrier, etc.) handles it from there.

I agree that NAT and superblocks have allowed us to be lazy for a few years too long, but it's critical to recognize that the move to IPv6 will be driven by mobility, not a lack of v4 addresses. This in turn won't happen until people start developing and embedding lean, fast v6 stacks into high-volume mobile consumer devices like cellphones, laptops, and PDAs. As much as I hate to say it, Microsoft may be the only one that can get us kicked off-center here.

Oh, and if you've ever done a massive IP address change for a large corporation (I have), you'll know why it's easier to pull shark's teeth than get those addresses back. Note that even mandating NAT at border routers (which seems reasonable on the surface) still requires all IP addresses to be changed to the "martian networks" (net 10, etc.) to avoid the possibility of collisions with the reclaimed addresses. The costs of this re-addressing are simply too high to expect that IANA could reasonably force any recalamation of IP addresses.

We need IPv6, but not because we're running out of v4 address space...

a few years is a long time

[cornjones]

the article is saying that in a few YEARS we are going to need more memory and faster processors for our routers. the problem with this is where? I don't see any slowdown in the hardware advances we are making.
if we want to /can find more efficient ways to do it, all the better. I am just saying that this might be a problem if we were running out of space tomorrow but in a few years I am confident the basic hardware will be much better than it is now.

Static IPs bad even for smart things

[fm6]

I'm concerned with the increasing occurance of giving static, permanent IP addresses to relatively dumb items. Palm Pilots, refrigerators, guns in the army, etc.

You're actually focusing on the wrong problem. Except if you focus on the right problem, it turns turns out to be even worse than you suggest.

It isn't simply a case of addresses for trivial devices versus "real" computers. A lot of computers -- real serious computers -- can get all the the access they need without using any address space at all. RFC 1597 sets asides IP numbers that cannot be used for "public" interaction. These addresses are valid only for intranet traffic.

The machine I'm using right now is a case in point. My employers do not want anybody not on our campus network accessing this computer. So I don't need an IP number that's valid in the Internet at large. Instead, I have a Class A address in Network 10. Addresses in 10.*.*.* can be reused endlessly, so long as they're not re-used on the same network.

I used to work for a major computing company that was extremely paranoid about off-campus access to their systems. But for some reason (probably institutional inertia) they assign IP numbers out of their permanent allocation. So that's thousands of IP numbers used unnecessarily. Plus they have a permanent shortage of IP numbers for internal use. Plus, every once in a while, a hacker finds his way through the firewall...

Perhaps I speak in ignorance, but it seems to me that nobody needs a public IP address, permanent or transient, unless they have a server or peer app. (Age of Empires anyone?) Thus 90% of all users -- especially the users of "real" computers -- are just wasting address space. And making themselves vulnerable to boot.

On the other hand, it makes perfect sense to assign an IP address to a gun. You never know who needs to kill who....

__________

How big is a routing table?

[Orifice]

Exactly how big is a routing table? I've never seen one, but given that they can fit inside a computer they must be pretty small. If they get bigger why can't we just keep them in that big empty hole they dug for the Supercollider in texas?

Some quick thinking....

[X]

Let's go through a number of things that came up here:

1. BGP isn't working. Well, fortunately, there are a lot of other protocols out there to choose from. When it becomes too costly for everyone to have routers using BGP, people will negotiate the use of other protocols.
2. Routers will need "gigabits" of memory within two years. Well, that sounds really scary, but of course a "gigabit" is roughly 128MB. That is a lot of memory for a router, but right now that'll cost you at most $150. In two years time you'd like to think it'd be a lot less. Either way, it's a tiny portion of the cost of a router. I think we'll survive that.
3. In 6 years we went from 10,000 to 100,000 entries. That is some pretty serious growth, but it is not nearly as scary when you consider that Moore's law suggests that processing power has improved 2^4 = 16 times in the same time frame. So, in other words, CPU speeds at least are easily out pacing the growth of routing tables. I don't know how this plays out for memory, but I seem to recall that 6 years ago 16MB of memory was over $1000 and now 256MB of RAM for a laptop is $400. Bottom line: it's easy to make computing growth numbers look scary, because computing is growing at a scary rate. You just have to remember that both the capability and need side of the equation are growing at an insane pace.
4. Of course IPv6 changes all this. Part of the reason the routing tables are growing so much is because IPv4 does not make routing tables very efficient. Chalk this up as one more reason to use IPv6. Given that IPv6 is available today, I think the relevant parties will make the switch when it starts saving them lots of $$'s.

Re:Some quick thinking....

[CoreDump]

1.BGP isn't working. Well, fortunately, there are a lot of other protocols out there to choose from.

Really, pray tell what these are? Apart from draft proposals, please tell me what these other protocols are? BGP does work. No, it is not perfect, but it works and it's failure modes are pretty well defined. The fact of no legitimate alternatives also poses a problem. :\

2.Routers will need "gigabits" of memory within two years.

Assuming cisco, which is pretty much the standard, you are going to have trouble fitting a full BGP table into less than 128 MB today. So what? That doesn't mean the sky is falling.

3.In 6 years we went from 10,000 to 100,000 entries.

Yes, for a good statistical analysis of this growth please see:

• http://www.telstra.net/ops/bgptable.html
• http://www.employees.org/~tbates/cidr.hist.plot. html

Now, how did the number of end users on the "Internet" grow during the same period?

4. ... Part of the reason the routing tables are growing so much is because IPv4 does not make routing tables very efficient.

Not the case at all. IPv6 is going to save nothing. Greater than 1/2 of the current routing table is announced as /24 or longer prefixes. Aggregation can cut the routing table size. Please see the CIDR report for the worst abusers of de-aggregation. The worst offender is announcing ~430 blocks when they could aggregate those into ~150 blocks, without losing any routing stability. The CIDR report is available at:

CIDR Report

IPv4 has a long way to go still before we are in dire straights. Let's not forget what 2^32 gives us, and what we are using now out of that.

------------------------------------------------ ------------

Is Cisco ripping us off?

[swb]

Hell, if you bought 1GB of RAM for Cisco's top of the line router (12000 series GSR), you would spend ~$30K today.

Every time I read one of these articles, I'm initially thinking, "Wow, we can't keep up." And then I remember what Cicso passes off as big-bucks equipment is lame-ass compared to off-the-shelf desktop computer components. My biggest router is a 3640, used internally to route between various LAN segments, and its selling around $5k now, and I bought mine two years ago (along with RAM and ethernet cards). With a lame R4000 CPU and 96MB RAM, it's not a particularly impressive computer.

Given that SMP capable systems with 800Mhz CPUs (mobos, CPU, and maybe RAM) are running ~ $1000, why can't we "solve" the routing table crisis with some cheap, high-powered hardware? Moreover, why is Cisco stinging us along with overpriced, underpowered hardware platforms? Because they can?

I know that Cisco equipment is capable of doing some fancy switching between interfaces that generic PC hardware wouldn't do, but has anyone ever put 4 of those 4-port NICs into a fast SMP box and compared its ability to route relative to a high-end Cisco box? Omit from the comparison the encryption modules and some of the other goodies that you can do on a custom hardware platform but which isn't totally necessary for vanilla IP routing.

Lecture

[l33t+j03]

I for one applaud the foresight of you geeks. First you design operating systems and hardware that can't understand dates beyond 1999. Now, you folks designed the entire Internet so that it will collapse under its own weight. You know, if you weren't so busy trying to get everything from toasters to Furbies an IP you wouldn't run into this problem. I know, I know, you're all thinking: "But we designed an obfuscated OS to foil all of the Johnny Lunchpails who tried to use our Internet!". Not good enough, you efforts go for naught. The thing is getting overloaded and there is nothing you can do about it now.

Given that the Internet has undergone a transformation as of late, what with all of the theft of IP and violent imagery it propagates, I am happy about its demise. This ranks right up there with the inevitable heat death of the universe in terms of things that I look forward to.

Possibly, when your Internet (the Vint Cerf crappy one) is finished, Microsoft will invent you a new one. You will all probably hate it of course because they certainly won't permit any misdeeds that you all seem so fond of. Just nice clean fun and information with a little dash of profit for all.

Run along now children, play on your Internet while you still can. When Daddy builds a new one your decaying 386 machines won't be compatible and you'll all have to revert back to your BBS days.

Private IP plus generic proxy

[michael_cain]

At least at my house, I don't want all of the local widgets on the home network to have globally routable/reachable addresses. Unpleasant thoughts about hackers using the recently discovered bug in the firmware on the Brand X washing machine to turn it on twelve times a day...

What I would like is a generic proxy capability in my home firewall/gateway that allows devices that require some form of outside access to register, and as part of that registration, include some proxy code to be executed by the server when someone outside wants to access the device. Lots of different security models needed -- selected addresses at the power company are allowed to contact the electric meter, any address is allowed to access the Tivo recorder if they possess the magic password, etc.

Obviously, the code passed to the proxy needs to be processor and OS independent. Java could probably do the job.

Hey! A generic proxy server, software, the whole concept fairly obvious -- I'll bet the USPTO would grant a patent on this!

Route aggreggation

[MattW]

There's a problem with route aggreggation, and while bigger providers are more responsible, its still an issue. But lets put gigabytes of memory in perspective, here: my biggest personal box is sporting 512M of ram. Is a few gigs of ram any sort of shock for routers that cost hundreds of thousands of dollars?

It also wouldn't surprise me to see more auto-aggregation being done with spare cpu cycles as the routes propagate, which would probably help.