🥇 Matsayin musayar zirga-zirga: daga asali zuwa ƙirƙirar naku IX

"Mun kafa haɗin wayar tarho tsakanin mu da mutanen a SRI...", Kleinrock ... ya ce a cikin wata hira:
"Mun buga L kuma mun tambaya a waya, "Shin kuna ganin L?"
"Eh, muna ganin L," in ji amsa.
"Mun buga O, kuma mun tambayi, "Kuna ganin O."
"Eh, mun ga O."
"Sai muka buga G, kuma tsarin ya fadi"

Amma duk da haka an fara juyin juya hali…

Farkon intanet.

Hello kowa da kowa!

Sunana Alexander, Ni injiniyan cibiyar sadarwa ne a Linxdatacenter. A cikin labarin yau za mu yi magana game da wuraren musayar zirga-zirga (Internet Exchange Points, IXP): abin da ya rigaya ya bayyana, abin da ayyuka suke warwarewa da kuma yadda aka gina su. Hakanan a cikin wannan labarin zan nuna ka'idar aiki na IXP ta amfani da dandamali na EVE-NG da na'ura mai ba da hanya tsakanin hanyoyin sadarwa na BIRD, don ku sami fahimtar yadda yake aiki "a ƙarƙashin hular".

A bit of history

Idan ka duba a nan, to za ku ga cewa saurin bunƙasa yawan wuraren musayar ababen hawa ya fara ne a shekara ta 1993. Hakan ya faru ne saboda yawancin zirga-zirgar kamfanonin sadarwa da suka wanzu a wancan lokacin suna bi ta hanyar sadarwar kashin bayan Amurka. Don haka, alal misali, lokacin da zirga-zirga ta tashi daga ma'aikaci a Faransa zuwa ma'aikaci a Jamus, ya fara tashi daga Faransa zuwa Amurka, sannan daga Amurka zuwa Jamus. Cibiyar sadarwa ta kashin baya a wannan yanayin ta kasance a matsayin hanyar wucewa tsakanin Faransa da Jamus. Hatta zirga-zirgar ababen hawa a cikin ƙasa ɗaya sau da yawa ba ta wuce kai tsaye ba, amma ta hanyar hanyoyin sadarwar kashin baya na ma'aikatan Amurka.

Wannan yanayin ya shafi ba kawai farashin isar da zirga-zirgar ababen hawa ba, har ma da ingancin tashoshi da jinkiri. Yawan masu amfani da Intanet ya karu, sabbin masu aiki sun bayyana, yawan zirga-zirga ya karu, kuma Intanet ya girma. Masu aiki a duk faɗin duniya sun fara fahimtar cewa ana buƙatar mafi dacewa hanya don tsara hulɗar tsakanin masu gudanarwa. "Me yasa ni, ma'aikacin A, zan biya kudin wucewa ta wata ƙasa domin isar da zirga-zirga ga ma'aikacin B, wanda ke kan titi na gaba?" Wannan ita ce kusan tambayar da masu aikin sadarwa suka yi wa kansu a lokacin. Don haka, wuraren musayar zirga-zirga sun fara bayyana a sassa daban-daban na duniya a wuraren tattara ma'aikata:

1994 - LINX a London,
1995 - DE-CIX a Frankfurt.
1995 - MSK-IX, a Moscow, da dai sauransu.

Intanet da kwanakin mu

A bisa ra’ayi, tsarin gine-ginen Intanet na zamani ya kunshi tsare-tsare masu cin gashin kansu da yawa (AS) da kuma alakoki da dama a tsakaninsu, na zahiri da na hankali, wadanda ke tantance hanyar zirga-zirga daga wannan AS zuwa wancan.

AS yawanci masu gudanar da tarho, masu samar da Intanet, CDNs, cibiyoyin bayanai, da kamfanoni masu zaman kansu. ASes suna tsara hanyoyin haɗin kai (peering) a tsakanin su, yawanci suna amfani da ka'idar BGP.

Yadda tsare-tsare masu cin gashin kansu ke tsara waɗannan haɗin gwiwa an ƙaddara su da abubuwa da yawa:

yanayin kasa,
tattalin arziki,
siyasa,
yarjejeniya da bukatun gama gari tsakanin masu AS,
da sauransu.

Tabbas, wannan tsari yana da wani tsari da matsayi. Don haka, ana rarraba masu aiki zuwa matakin-1, tier-2 da tier-3, kuma idan abokan ciniki na mai ba da Intanet na gida (tier-3) sune, a matsayin mai amfani, masu amfani na yau da kullun, to, misali, na matakin-1. ma'aikatan matakin abokan ciniki wasu masu aiki ne. Masu aiki na Tier-3 suna tara zirga-zirgar masu biyan kuɗin su, masu aikin sadarwa na tier-2, bi da bi, suna tattara zirga-zirgar ma'aikatan tier-3, da matakin-1 - duk zirga-zirgar Intanet.

A tsari za a iya wakilta kamar haka:

Wannan hoton yana nuna cewa an haɗa zirga-zirga daga ƙasa zuwa sama, watau. daga masu amfani na ƙarshe zuwa masu aiki na tier-1. Hakanan akwai musayar zirga-zirga a kwance tsakanin ASs wanda yayi daidai da juna.

Wani sashi mai mahimmanci kuma a lokaci guda rashin lahani na wannan makirci shine wani rikicewar haɗin kai tsakanin tsarin masu cin gashin kansa wanda ke kusa da mai amfani na ƙarshe, a cikin yanki na yanki. Yi la'akari da hoton da ke ƙasa:

Bari mu ɗauka cewa a cikin babban birni akwai ma'aikatan sadarwa guda 5, waɗanda ke kallon tsakanin, saboda wani dalili ko wani, an tsara su kamar yadda aka nuna a sama.

Idan mai amfani Petya, wanda aka haɗa zuwa Go ISP, yana so ya sami dama ga uwar garken da aka haɗa da mai bada ASM, to za a tilasta zirga-zirgar da ke tsakanin su ta hanyar 5 masu cin gashin kansu. Wannan yana ƙara jinkiri saboda adadin na'urorin sadarwar da zirga-zirgar zirga-zirgar za su bi ta ya karu, da kuma yawan zirga-zirgar zirga-zirgar ababen hawa a kan tsarin masu cin gashin kansu tsakanin Go da ASM.

Yadda za a rage adadin jigilar ASs da aka tilasta wa zirga-zirga wucewa? Haka ne - wurin musayar zirga-zirga.

A yau, fitowar sababbin IXPs yana haifar da buƙatu iri ɗaya kamar a farkon 90s-2000s, kawai a kan ƙananan sikelin, saboda karuwar yawan masu amfani da tarho, masu amfani da zirga-zirga, karuwar adadin abubuwan da ke haifar da hanyoyin sadarwa na CDN. da cibiyoyin bayanai.

Menene wurin musanya?

Wurin musayar zirga-zirga wuri ne da ke da kayan aikin cibiyar sadarwa na musamman inda mahalarta masu sha'awar musanya zirga-zirgar ababen hawa ke tsara haduwar juna. Babban mahalarta wuraren musayar zirga-zirga: masu gudanar da sadarwa, masu samar da Intanet, masu samar da abun ciki da cibiyoyin bayanai. A wuraren musayar zirga-zirga, mahalarta suna haɗa kai tsaye da juna. Wannan yana ba ku damar magance matsalolin masu zuwa:

rage latency,
rage yawan zirga-zirgar ababen hawa,
inganta zirga-zirga tsakanin AS.

Ganin cewa IXPs suna cikin manyan biranen duniya da yawa, wannan duk yana da tasiri mai amfani akan Intanet gaba ɗaya.

Idan yanayin da ke sama tare da Petya an warware ta amfani da ICP, zai zama wani abu kamar haka:

Ta yaya wurin musayar zirga-zirga ke aiki?

A matsayinka na mai mulki, IXP daban ne AS tare da nasa toshe na adiresoshin IPv4/IPv6 na jama'a.

Cibiyar sadarwa ta IXP galibi ta ƙunshi yanki mai ci gaba da L2. Wani lokaci wannan kawai VLAN ne wanda ke karɓar duk abokan ciniki na IXP. Idan ya zo ga girma, IXPs da aka rarraba a ƙasa, ana iya amfani da fasahar kamar MPLS, VXLAN, da sauransu don tsara yankin L2.

Abubuwan da aka bayar na IXP

SKS. Babu wani sabon abu a nan: racks, haɗin giciye na gani, facin faci.
Sauyawa - tushen IXP. Tashar tashar sauyawa ita ce wurin shiga cikin cibiyar sadarwa ta ICP. Maɓallan kuma suna yin wani ɓangare na ayyukan tsaro - suna tace zirga-zirgar zirga-zirgar da bai kamata ya kasance a cibiyar sadarwar ICP ba. A matsayinka na mai mulki, an zaɓi masu sauyawa bisa ga buƙatun aiki - amintacce, saurin tashar jiragen ruwa mai goyan baya, fasalulluka na tsaro, tallafin sFlow, da sauransu.
Sabar hanyar hanya (RS) - wani bangare mai mahimmanci kuma wajibi na kowane wurin musayar zirga-zirga na zamani. Ka'idar aiki tana kama da mai nuna hanya a iBGP ko na'ura mai ba da hanya tsakanin hanyoyin sadarwa a OSPF kuma tana magance matsalolin iri ɗaya. Yayin da adadin mahalarta a wurin musayar zirga-zirga ke ƙaruwa, adadin zaman BGP da kowane ɗan takara ke buƙatar tallafawa yana ƙaruwa, watau. wannan yana tunowa da kwatankwacin cikakken saɓo topology a iBGP. RS yana magance matsalar ta hanya mai zuwa: yana kafa zaman BGP tare da kowane ɗan takara na IXP mai sha'awar, kuma ɗan takarar ya zama abokin ciniki na RS. Da karɓar sabuntawar BGP daga ɗaya daga cikin abokan cinikinsa, RS tana aika wannan sabuntawa ga duk sauran abokan cinikinta, ba shakka, ban da wanda aka karɓi wannan sabuntawa daga gare ta. Don haka, RS yana kawar da buƙatar kafa cikakken raga tsakanin duk membobin IXP kuma cikin ladabi yana warware matsalar haɓakawa. Yana da kyau a lura cewa uwar garken hanya a bayyane take watsa hanyoyi daga wannan AS zuwa wani ba tare da yin canje-canje ga halayen da BGP ke watsawa ba, alal misali, ba ya ƙara lambar a cikin AS zuwa hanyar AS. Hakanan akan RS akwai mahimman hanyoyin tacewa: misali, RS baya karɓar cibiyoyin sadarwa na Martians da prefixes na IXP kanta.
Ana amfani da na'ura mai ba da hanya tsakanin hanyoyin sadarwa na buɗaɗɗen tushe, BIRD (BirD (BirD internet routing daemon), azaman mafita na sabar hanya. Abu mai kyau game da shi shi ne cewa yana da kyauta, yana aikawa da sauri akan yawancin rarrabawar Linux, yana da tsarin sassauƙa don kafa manufofin kewayawa / tacewa, kuma baya buƙatar kayan aiki na lissafi. Hakanan, ana iya zaɓar na'ura mai ba da hanya tsakanin hanyoyin sadarwa / na'ura mai ba da hanya tsakanin hanyoyin sadarwa daga Cisco, Juniper, da sauransu azaman RS.
Tsaro. Tun da cibiyar sadarwa ta IXP ta ƙunshi babban adadin ASes, manufar tsaro da duk mahalarta dole ne a rubuta su da kyau. Gabaɗaya, duk nau'ikan nau'ikan nau'ikan nau'ikan da ake amfani da su yayin kafa kusancin BGP tsakanin takwarorinsu BGP daban-daban a wajen IXP ana amfani da su anan, da wasu ƙarin fasalulluka na tsaro.
Misali, yana da kyau al'ada don ba da izinin zirga-zirga kawai daga takamaiman adireshin mac na ɗan takara na IXP, wanda aka tattauna a gaba. Ƙin zirga-zirga tare da filayen ethertype ban da 0x0800 (IPv4), 0x08dd (IPv6), 0x0806 (ARP); Anyi wannan ne domin a tace zirga-zirgar da ba ta cikin peering BGP. Hakanan ana iya amfani da injiniyoyi irin su GTSM, RPKI, da sauransu.

Wataƙila abubuwan da ke sama sune manyan abubuwan kowane ICP, ba tare da la'akari da sikelin ba. Tabbas, manyan IXPs na iya samun ƙarin fasaha da mafita a wurin.
Ya faru cewa IXP kuma tana ba wa mahalarta ƙarin ayyuka:

sanya a kan IXP TLD DNS uwar garken,
shigar da sabar NTP na hardware, yana bawa mahalarta damar daidaita lokaci daidai,
ba da kariya daga hare-haren DDoS, da dai sauransu.

Yadda yake aiki

Bari mu kalli ka'idar aiki ta hanyar musayar zirga-zirga ta amfani da misalin IXP mai sauƙi, wanda aka tsara ta amfani da EVE-NG, sannan muyi la'akari da ainihin saitin na'ura mai ba da hanya tsakanin hanyoyin sadarwa na BIRD. Don sauƙaƙe zane, za mu bar abubuwa masu mahimmanci kamar sakewa da haƙuri da kuskure.

Ana nuna topology na cibiyar sadarwa a cikin hoton da ke ƙasa.

Bari mu ɗauka cewa muna gudanar da ƙaramin wurin musayar wuri kuma muna samar da zaɓuɓɓuka masu zuwa masu zuwa:

kallon jama'a,
zaman kallo,
duba ta hanyar uwar garken hanya.

Lambar mu ta AS ita ce 555, muna da toshe adireshin IPv4 - 50.50.50.0/24, daga inda muke ba da adiresoshin IP ga waɗanda suke son haɗawa da hanyar sadarwar mu.

50.50.50.254 - Adireshin IP da aka saita akan hanyar sadarwar uwar garken hanya, tare da wannan abokan cinikin IP za su kafa zaman BGP idan ana ganin ta hanyar RS.

Hakanan, don leƙen asirin ta hanyar RS, mun ɓullo da ƙayyadaddun tsari mai sauƙi dangane da al'ummar BGP, wanda ke ba mahalarta IXP damar tsara wa da waɗanne hanyoyin aika:

Al'ummar BGP
Description

LOCAL_AS:PEER_AS
Aika prefixes kawai zuwa PEER_AS

LOCAL_AS:IXP_AS
Canja wurin prefixes zuwa duk mahalarta IXP

Abokan ciniki 3 suna son haɗawa zuwa ICP ɗin mu da musayar zirga-zirga; Bari mu ce waɗannan masu samar da Intanet ne. Duk suna son tsara peering ta hanyar sabar hanya. A ƙasa akwai zane tare da sigogin haɗin abokin ciniki:

Abokin Ciniki
Abokin ciniki AS lambar
Prefixes na abokin ciniki
Adireshin IP da aka ba abokin ciniki don haɗawa da ICP

ISP #1
Bayani na 100
1.1.0.0/16
50.50.50.10/24

ISP #2
Bayani na 200
2.2.0.0/16
50.50.50.20/24

ISP #3
Bayani na 300
3.3.0.0/16
50.50.50.30/24

Saitin BGP na asali akan na'ura mai ba da hanya tsakanin hanyoyin sadarwa:

router bgp 100
 no bgp enforce-first-as
 bgp log-neighbor-changes
 neighbor 50.50.50.254 remote-as 555
address-family ipv4
  network 1.1.0.0 mask 255.255.0.0
  neighbor 50.50.50.254 activate
  neighbor 50.50.50.254 send-community both
  neighbor 50.50.50.254 soft-reconfiguration inbound
  neighbor 50.50.50.254 route-map ixp-out out
 exit-address-family

ip prefix-list as100-prefixes seq 5 permit 1.1.0.0/16
route-map bgp-out permit 10
 match ip address prefix-list as100-prefixes
 set community 555:555

Yana da kyau a lura da babu bgp tilastawa-kamar saitin farko a nan. Ta hanyar tsohuwa, BGP yana buƙatar cewa hanyar hanyar sabuntawar BGP ta ƙunshi lambar bgp ta abokin aikin da aka karɓi sabuntawa daga gare ta. Amma tun da uwar garken hanya ba ta yin canje-canje ga hanyar-as-hanyar, lambar sa ba za ta kasance a cikin hanyar-as ba kuma za a watsar da sabuntawar. Ana amfani da wannan saitin don sa na'ura mai ba da hanya tsakanin hanyoyin sadarwa ta yi watsi da wannan doka.

Mun kuma ga cewa abokin ciniki ya saita bgp community 555:555 zuwa wannan prefix, wanda bisa ga manufofinmu yana nufin cewa abokin ciniki yana so ya tallata wannan prefix ga duk sauran mahalarta.

Ga sauran hanyoyin sadarwa na abokan ciniki, saitunan za su kasance iri ɗaya, ban da sigogin su na musamman.

Misalin tsarin BIRD:

define ixp_as = 555;
define ixp_prefixes = [ 50.50.50.0/24+ ];

template bgp RS_CLIENT {
  local as ixp_as;
  rs client;
}

Mai zuwa yana bayyana matatar da baya karɓar prefixes na martians, da kuma prefixes na IXP kanta:

function catch_martians_and_ixp()
prefix set martians;
prefix set ixp_prefixes;
{
  martians = [ 
  0.0.0.0/8+,
  10.0.0.0/8+,
  100.64.0.0/10+,
  127.0.0.0/8+,
  169.254.0.0/16+,
  172.16.0.0/12+,
  192.0.0.0/24+,
  192.0.2.0/24+,
  192.168.0.0/16+,
  198.18.0.0/15+,
  198.51.100.0/24+,
  203.0.113.0/24+,
  224.0.0.0/4+,
  240.0.0.0/4+ ];

  if net ~ martians || net ~ ixp_prefixes then return false;

  return true;
}

Wannan aikin yana aiwatar da tsarin tafiyar da hanyar da muka bayyana a baya.

function bgp_ixp_policy(int peer_as)
{
  if (ixp_as, ixp_as) ~ bgp_community then return true;
  if (ixp_as, peer_as) ~ bgp_community then return true;

  return false;
}

filter reject_martians_and_ixp
{
  if catch_martians_and_ixp() then reject;
  if ( net ~ [0.0.0.0/0{25,32} ] ) then {
    reject;
  }
  accept;


}

Muna saita peering, amfani da tacewa da manufofin da suka dace.

protocol as_100 from RS_CLIENT {
  neighbor 50.50.50.10 as 100;
  ipv4 {
    export where bgp_ixp_policy(100);
    import filter reject_martians_and_ixp;
  }
}

protocol as_200 from RS_CLIENT {
  neighbor 50.50.50.20 as 200;
  ipv4 {
    export where bgp_ixp_policy(200);
    import filter reject_martians_and_ixp;
  }
}

protocol as_300 from RS_CLIENT {
  neighbor 50.50.50.30 as 300;
  ipv4 {
    export where bgp_ixp_policy(300);
    import filter reject_martians_and_ixp;
  }
}

Yana da kyau a lura cewa akan uwar garken hanya yana da kyau a sanya hanyoyi daga takwarorinsu daban-daban zuwa RIBs daban-daban. Tsuntsu yana ba ku damar yin wannan. A cikin misalinmu, don sauƙi, duk sabuntawar da aka karɓa daga duk abokan ciniki ana ƙara su cikin RIB guda ɗaya.

Don haka, bari mu bincika abin da muka samu.

A kan uwar garken hanya muna ganin cewa an kafa zaman BGP tare da duk abokan ciniki uku:

Mun ga cewa muna karɓar prefixes daga duk abokan ciniki:

A matsayin na'ura mai ba da hanya tsakanin hanyoyin sadarwa 100, mun ga cewa idan akwai zaman BGP guda ɗaya tare da uwar garken hanya, muna karɓar prefixes daga duka biyu kamar 200 da 300, yayin da halayen BGP ba su canza ba, kamar dai an aiwatar da haɗin kai tsakanin abokan ciniki kai tsaye:

Don haka, mun ga cewa kasancewar uwar garken hanya yana sauƙaƙa ƙaƙƙarfan tsari na leƙen asiri akan IXP.

Ina fatan wannan nunin ya taimaka muku fahimtar yadda IXPs ke aiki da yadda uwar garken hanya ke aiki akan IXP.

Linxdatacenter IX

A Linxdatacenter, mun gina namu IXP bisa ga rashin haƙuri da kayan aikin sauyawa na 2 da sabar hanyoyin 2. IXP ɗin mu yanzu yana gudana cikin yanayin gwaji, kuma muna gayyatar kowa da kowa don haɗawa zuwa Linxdatacenter IX kuma mu shiga cikin gwaji. Lokacin da aka haɗa, za a samar muku da tashar jiragen ruwa tare da bandwidth na 1 Gbit/s, ikon duba ta hanyar sabobin hanyoyinmu, da kuma samun damar shiga asusun ku na tashar IX, akwai a ix.linxdatacenter.com.

Rubuta a cikin sharhi ko saƙonnin sirri don samun damar yin gwaji.

ƙarshe

Hanyoyin musayar ababen hawa sun taso ne a farkon fitowar Intanet a matsayin kayan aiki don magance matsalar zirga-zirgar ababen hawa tsakanin kamfanonin sadarwa. Yanzu, tare da zuwan sababbin ayyuka na duniya da karuwa a yawan adadin CDN, wuraren musayar suna ci gaba da inganta aikin hanyar sadarwa ta duniya. Haɓaka adadin IXPs a duniya yana amfana da ƙarshen mai amfani da sabis da masu gudanar da tarho, masu sarrafa abun ciki, da sauransu. Ga mahalarta IXP, an bayyana fa'idar a cikin rage farashin shirya peering na waje, rage yawan zirga-zirgar zirga-zirgar ababen hawa wanda manyan ma'aikata za su biya, inganta hanyoyin zirga-zirgar ababen hawa, da ikon samun hanyar sadarwa kai tsaye tare da masu sarrafa abun ciki.

hanyoyi masu amfani

Duba taswirar wurin wuraren musayar ababan hawa: www.internetexchangemap.com
Duba cikakkun ƙididdiga akan leƙen BGP, gami da kasancewar kan IXP: www.peeringdb.com

source: www.habr.com

Matsayin musayar zirga-zirga: daga asali zuwa ƙirƙirar IX naka