The Internet の仕組み ~ISPの作り方~

Transcript

1. The Internet ͷ࢓૊Έ ~ISPͷͭ͘Γ͔ͨ~ ͘͞ΒΠϯλʔωοτגࣜձࣾ ߐ૲ཅଠ Home NOC Operators’ Group

   (AS59105) @chibiegg ୈ48ճ ৘ใՊֶएखͷձ 2015-09-20

2. ͨ͜·͝
   !DIJCJFHH ܦྺ
 େࡕେֶ޻ֶ෦ଔ޻ֶݚڀՊதୀ
 ͘͞ΒΠϯλʔωοτ
 ݸਓࣄۀओ
 ɹɾిࢠճ࿏ͷઃܭɾϑΝʔϜ΢ΤΞͷ։ൃ
 ɹɾۀ຿γεςϜͷ։ൃ
   8FCϝΠϯ 
 ɹɾاۀͷΠϯϑϥߏங


   
 ͦͷଞ
 ϩϘΧοϓδϡχΞɾ/),େֶϩϘίϯ
 /8c%#c4$ εϖγϟϦετ
   ฽هࡾڃ
 4&$$0/
   $5'
   
   ౳
   .S5BLFEB
 ޷͖ͳϝʔΧʔ͸
   :".")"
   +VOJQFS
   $JTDP
 4PGUXBSF%FTJHO
   ɾ݄߸
   ͓ͱͳϥζύΠϦϨʔ

3. ͨ͜·͝
   !DIJCJFHH ͘͞ΒΠϯλʔωοτ
 ϓϥοτϑΥʔϜࣄۀ෦
   αʔϏε։ൃνʔϜ
 
 "1*c%#c੍ޚγεςϜ ୲౰
 ιϑτ΢ΤΞΤϯδχΞ
 1ZUIPO
   
   %KBOHP
   େ޷͖
   )PNF
   /0$
   0QFSBUPST`
   (SPVQ
   

   "4 
 ؂ࢹγεςϜɾ؅ཧγεςϜ։ൃ
 ͘͞ΒͱͷτϥϯδοτͷίϯϑΟάͱ͔΋
 +1/*$্
   ӡӦҕһ
   ܦཧ୲౰

4. ஫ҙࣄ߲ • ৬ۀωοτϫʔΫΤϯδχΞͰ͸͋Γ·ͤΜ • ݫີͰ͸͋Γ·ͤΜ • AS59105Ҏ֎ͷ૊৫΍ߏ੒͸ΠϝʔδͰ͢

5. Πϯλʔωοτͬͯͳʹʁ • ՈిྔൢళͰചͬͯΔ΍ͭʁ
 ˠ ਃ͠ࠐΈ͸͢Δ͚Ͳɺ࣋ͬͯ͸ؼΒͳ͍ • NTTͷϑϨοπͷ͜ͱʁ
 ˠ ϑϨοπޫ͚ͩΛܖ໿ͯ͠΋
 ɹ

   ɹɹɹɹɹΠϯλʔωοτ͸࢖͑ͳ͍ ϞϊͰ͸ͳ͍ʁ

6. The Internet • IPωοτϫʔΫΛ࣋ͭ૊৫ͷू߹ମ • ੈքதͱͭͳ͕Δͱ͍͏͜ͱ͸ੈքͰҰͭ • ઀ଓͨ࣌͠఺Ͱࣗ਎΋The InternetͷҰ෦

7. The Internet Tier 1 Tier 2 ɾɾɾ ɾɾɾ Tier 3

   ͍Ζ͍Ζলུ

8. ϐΞϦϯάͱτϥϯδοτ • τϥϯδοτ (ϑϧϧʔτΛఏڙ͢Δ)
 ɹ্Լؔ܎/جຊతʹྉۚΛ෷͏ • ϐΞϦϯά (͓ޓ͍ͷܦ࿏͚ͩަ׵͢Δ)
 ɹ࣮අͷΈͷ৔߹͕ଟ͍

9. The Internet Tier 1 Tier 2 ɾɾɾ ɾɾɾ Tier 3

   ϐΞϦϯά ͋͘·Ͱ΋ΠϝʔδͰࣄ࣮ͱ͸ҟͳΓ·͢

10. http://www.slideshare.net/yuyarin/ss-39061287

11. ISP͸Կͯ͠Δͷʁ • ଞͷISPͱ஥ྑ͘͢Δ͜ͱ (େࣄ) • ͞Βʹͦͷ্ͰαʔϏεΛఏڙ͢Δ͜ͱ The Internet΁ͷ઀ଓੑΛఏڙ͢Δ͜ͱ

12. ීஈͷۀ຿ • αʔϏεͷ։ൃ͸͢Δ͚Ͳɺ
 ɹɹɹɹɹɹɹɹɹ઀ଓੑʹؔͯ͠͸͓·͔ͤ • ࢭΊΔ͜ͱ͸ڐ͞Εͳ͍ͷͰɺ
 ɹɹɹɹɹɹɹɹɹ௅ઓతͳ࣮ݧ͕Ͱ͖ͳ͍ • ϥϘͰ͸࣮ݧͰ͖Δ͚ͲɺτϥϑΟοΫ͸ྲྀΕͳ͍ •

    ISPΛҰ͔Β࡞Δ͜ͱ͸ීஈͰ͖ͳ͍

13. ࣮ՈαʔόϧʔϜ ΍ͬͺΓ઀ଓੑʹؔͯ͠͸ISPґଘ…

14. Home NOC Operators’ Group • ࡞Βͳ͍ͱΘ͔Βͳ͍͜ͱ΋͋Δ͸ͣ • ଞͷASͱަྲྀͰ͖Δ • Ұ౓͸ASӡ༻͍ͨ͠ΑͶʁ

    • The Internetʹͭͳ͕ΔॠؒͬͯυΩυΩ͢Δʂ ࣮༻ʹ଱͑͏ΔASΛઃܭɺߏங͠ɺ೔ʑӡ༻͢Δ
 ΈΜͳͰ৮ͬͯɺָ͠Έͳ͕Βษڧ͢Δ

15. ISPʹඞཁͳϞϊ • IPΞυϨε • AS൪߸ • ػࡐ
 ɹϧʔλɾճઢɾ৔ॴ • AS59105ɹ

    • 103.48.31.0/24 • 2001:df2:c00::/48 2015೥1݄
 JPNICΑΓׂ౰

16. AS59105 ػثߏ੒ Ϙʔμʔ+ίΞ αʔϏεऩ༰ ސ٬౳ NOC NOC ଞAS ଞAS ※ϘʔμʔͱίΞ͸෼͚Δͷ͕Ұൠత

17. AS59105 ڌ఺ߏ੒

18. ϧʔςΟϯάςʔϒϧ 2ASͱͭͳ͍ͩΒ… σϑΥϧτήʔτ΢ΤΠ͕2ͭͰ… AS಺ͷܦ࿏͕͍͔ͭ͋͘Δ͔Β…
 10ܦ࿏͙Β͍͔ͳʁ

19. ϧʔςΟϯάςʔϒϧ 563237ܦ࿏ʂ ※ ੢৽॓DCίΞϧʔλ 2015-09-19 17:22:00 ࣌఺ ख࡞ۀͰܦ࿏ొ࿥Ͱ͖Δ͸ͣͳ͍ʂ

20. ϧʔςΟϯάϓϩτίϧ ࣗ෼͕஌ͬͯΔܦ࿏Λަ׵͠
 ࣗಈͰϧʔςΟϯάςʔϒϧΛ࡞Δ

21. ϧʔςΟϯάϓϩτίϧ BGP
 ASؒ (ͲͷϘʔμʔϧʔλ͔Βग़Δ͔)
 OSPF
 AS಺ (Ϙʔμʔϧʔλ·ͰͲ͏΍ͬͯߦ͔͘)

22. ϧʔςΟϯάઃܭ͕ॏཁ ίετ
 τϥϯδοτΛආ͚ΔɾఆֹΛ௒͑ͳ͍Α͏ʹ ᫔᫓
 ڧ͍ASͱͷճઢ͹͔Γʹ৐ͤͳ͍Α͏ʹ ੓࣏తཧ༝
 ௨ͨ͘͠ͳ͍ASͱ͔ɾࠃՈؒͷ໰୊ͱ͔

23. BGP Local Preference
 ࣗ෼Ͱ͚ͭΔɾߴ͍΋ͷ༏ઌ AS Path
 ్தͲͷASΛ௨Δ͔ɾ୹͍΋ͷ༏ઌ MED
 ૬ख͕͚ͭͯૹΔɾখ͍͞΋ͷ༏ઌ 173.194.117.0/24

    *[BGP/170] 3d 22:38:49, MED 1000, localpref 310, from 103.48.31.2 AS path: 17686 15169 I, validation-state: unverified > to 103.48.31.121 via ge-0/0/3.102 [BGP/170] 1w3d 07:21:18, MED 1000, localpref 200 AS path: 9370 15169 I, validation-state: unverified > to 210.188.225.233 via ge-0/0/0.0 ༏ઌ౓ߴ

24. Local Preference • ϐΞϦϯάΛ༏ઌ • ΞΫςΟϒελϯόΠ • ·ͩ༨༟ͷ͋ΔτϥϯδοτΛ༏ઌ ྫ 59105ࣗ਎ͷܦ࿏

    350 ւ֎ͷϓϥΠϕʔτPeer 310 ࠃ಺ͷϓϥΠϕʔτPeer 300 ࠃ಺͔ΒͷTransit 200

25. AS Path • ࣗ਎ͷAS൪߸Λͨ͘͞Μ͚ͭΔ (AS Prepend)
 ɹ→Ͱ͖Δ͚ͩ࢖ΘΕͳ͍Α͏ʹͳΔ AS path: 59105

    9370 15169 AS path: 59105 59105 59105 59105 9370 15169 AS15169ѼͷτϥϑΟοΫΛ͏ͪʹ౤͛ʹ͘͘ͳΔ

26. Multi Exit Discriminator • ASͱASͷؒʹෳ਺ͷ઀ଓ͕͋Δͱ͖ʹར༻ • ܦ࿏޿ࠂ͢Δଆ͕ܾΊΔ AS59105 AS9370 100→

    ←200 200→ ←100 ઀ଓ఺͕1ͭͩͱҙຯͳ͍Α̇

27. BGP Local Preference
 ࣗ෼Ͱ͚ͭΔɾߴ͍΋ͷ༏ઌ AS Path
 ్தͲͷASΛ௨Δ͔ɾ୹͍΋ͷ༏ઌ MED
 ૬ख͕͚ͭͯૹΔɾখ͍͞΋ͷ༏ઌ ༏ઌ౓ߴ

    ओʹ͜ͷࡾͭΛ͔ͭͬͯτϥϑΟοΫͷྲྀΕΛ੍ޚ

28. BGP Community • ܦ࿏ʹෳ਺ͷ໨ҹΛ͚ͭɺ੍ޚ͕Մೳ
 (ྫ) ւ֎ͷܦ࿏͸·ͱΊͯ࠶޿ࠂ͢Δ • Communityผʹ౷ܭΛऔΔͱ͖ʹ΋࢖͑Δ ྫ 59105ࣗ਎ͷܦ࿏

    59105:100 59105-SPECIFIC ւ֎ͷϓϥΠϕʔτPeer 59105:400 PEER-ABROAD ࠃ಺ISPͷϓϥΠϕʔτPeer 59105:300 PEER-ISP ࠃ಺ISPҎ֎ͷϓϥΠϕʔτPeer 59105:310 PEER-xSP ࠃ಺͔ΒͷTransit 59105:200 TRANSIT-DOMESTIC ࠃ಺͔ΒͷTransit(BIGLOBE) 59105:201 TRANSIT-DOMESTIC-AS2518 ࠃ಺͔ΒͷTransit(SoftEther) 59105:202 TRANSIT-DOMESTIC-AS59103

29. ·ͱΊ • ੈքதͰڠௐಈ࡞͢Δ୯ҰͷγεςϜͬͯ͘͢͝ͳ͍ʂʁ • ܦ࿏੍ޚ͓΋͠Ζ͍Α • ࣮ݧ઀ଓαʔϏε։࢝͠·͢ • ϓϥΠϕʔτϐΞϦϯά଴ͬͯ·̇͢ •

    དྷ೥͸؂ࢹɾӡ༻ܥͷ࿩͠Α͏͔ͳʁ

30. 

31.