Border Patrol

Arguing the merits of using BGP to route through the network maze

Want all nonessential traffic to go through a cheap pipe during off-peak hours? Want to stay within budget on your bandwidth bill? Want high performance on mission-critical applications?

A growing number of companies — netVmg, RouteScience Technologies and Sockeye Networks — are offering stand-alone boxes that essentially automate the task of shifting traffic between different pipes for small network operators and businesses that purchase connectivity from more than one service provider.

This means saving money by balancing network performance against bandwidth costs no longer depends solely on that overpaid geek in shorts and sandals performing voodoo rituals with your companys routers.

At the core of these new companies technology is insider knowledge of an arcane networking language called Border Gateway Protocol (BGP). Used to program IP routers, this protocol essentially tells packets which networks to use to get from point A to point B.

But BGP in its raw form is dumb: The protocol picks routes either automatically or based on manual programming. On autopilot, it works much like Domain Name System (DNS), picking the next available route, regardless of network congestion or bandwidth cost.

Network operators have combated this lack of functionality for years.

"Standing inside the enterprise, PathControl [RouteSciences box] can learn 100,000 routes from the outside world and rearrange them from the existing links. Today, an enterprise would have to do this by hand," says Mike Lloyd, RouteSciences chief technology officer.

Since most companies simply dont have the staff or engineering talent to throw at the BGP problem, most just dont do it. Network watchdog Randy Bush, an AT&T Labs Research scientist, says some of the best practices he typically sees involve leasing two physically diverse pipes going to two different points of presence — but often to the same carrier to contain costs. This may soon change, though Bush is skeptical.

"It is yet to be shown this stuff really gets you anything," Bush says, adding that customers moving to first-tier backbones have experienced great improvements in connectivity without elaborate schemes such as BGP management.

BGP for the masses is a message received with a great degree of skepticism in the networking community.

BGP management is complex. Most carriers are very sensitive about the idea of organizations other than network operators using BGP, mostly because they fear additional routes will be thrown at service providers. BGP routes stored by thousands of individual routers represent one giant distributed database. Adding parameters to this database threatens to slow its performance for everybody.

Processing BGP routes could increase the time it takes to update the databases, and if they are not current, packets could be sent in the wrong direction. Observers, including Bush, even spoke out against particular implementations of Multiprotocol Label Switching virtual private network technology involving BGP, fearing massive interference with BGP routing would degrade overall connectivity of the Internet.

But after learning that the new vendors wont be messing with core BPG routing, some wonder what the fuss was about. "I dont see any downside for this technology, but the rest of the Net shouldnt really care about it because it affects only enterprises making use of it," says Genuity founder Rodney Joffe, now chairman and chief technology officer of UltraDNS.

BGP redirection technology has benefits that are limited to a very small subset of enterprises, Joffe says. Users with at least three or four alternative paths out of their networks will derive the biggest savings from a box such as RouteSciences PathControl. And while individual connection speeds really dont matter, the maximum savings would be available to companies buying expensive fiber pipes and burstable bandwidth packages.

RouteScience seems to be banking on that: PathControl runs $140,000 to $250,000, depending on the number of pipes managed. The savings promised by netVmg, RouteScience and Sockeye are impressive, though, averaging about 50 percent.

Conflicting Goals

Analysts note that the new BGP schemes, for the first time, make the Internet work to the benefit of the enterprise customer.

"There is a fundamental conflict between the goal of the network provider and the goal of the business," says Peter Christy, Jupiter Media Metrixs research director. "The network providers use BGP to define networking to maximize their business, which leads to things like hot-potato routing." The practice, common among networking companies, aims to offload the traffic of "peers" for which network operators are not paid, like a hot potato.

Analysts also say BGP rerouting schemes are precursors to more businesses taking charge of their connectivity quality and costs. Other companies already sell products that are not BGP-dependent, Christy says, referring to Radware, a company that makes similar products for DSL pipes.

But it will be a while before businesses bump heads with service providers over which company gets to decide what traffic goes where. The new technology is expected to first eliminate situations when downstream customers keep sending packets to already congested or broken networks.

The newest of the bunch touting BGP redirection is netVmg, which will officially launch next week. Founded by peering guru Alan Hannan, of UUnet and Global Crossing fame, the company expects to announce its product, prices and beta customers by years end.

Sockeye was the first to launch, but has not yet finalized the name of its box, nor has it priced its service — though the Akamai Technologies offshoot expects to make those announcements in the fourth quarter. RouteScience is the only one with a priced product — slated for general availability in the fourth quarter — and a satisfied beta customer, competitive carrier Focal Communications.

The three vendors differ in several ways: Sockeye is a service, while the other two companies are classic vendors with products and support cycles.

In terms of technology, the differences are more substantial. Routers on the borders of enterprise networks have a choice of an average of 100,000 different paths from upstream service providers. Sockeye figures out which routes are best, based on an Internet "weather report" furnished by Akamai and by using specific probes — HTTP requests and pings — sent on behalf of its customers. "Some other services just sit there and wait until there is trouble, looking at TCP and sniffing packets," says Daniel Golding, Sockeyes director of network engineering. "Our philosophy is that if you already had a problem, its already too late."

RouteScience, too, is an active service, implanting single-pixel GIF files into Web pages downloaded by end users. Its PathControl then looks inside the GIFs IP headers and deduces information about the route taken by these packets on their way to the enterprise customers. PathControl polls all routes valuable to the enterprise all the time, so it soon has a complete map of routes available to a given border router.

NetVmg execs say the active methods of determining individual BGP paths are flawed, since they analyze only Web traffic. NetVmg runs a general platform that supports all applications and measures the traffic by passively sniffing it and by using GIF and ping probes, says Eric Wolford, netVmgs senior vice president of marketing. "Our competitors measurement mechanism is very similar to what we have, where you put a GIF into a Web page. If there is no Web page because the application is not Web-based, that measurement mechanism wont work."

Executives at the other two companies counter that even though they extract their information from GIFs and pings, it is still describing IP movement and, therefore, is applicable to any applications using IP.