NSFNET Proposed NSFNET/DDN Routing Improvements
By Ken Horning
Part I: Overview
The NSFNET backbone, which provides network infrastructure for the National Science Foundation's computer network, interconnects multiple autonomously administered mid- level networks. These networks in turn connect autonomously administered networks of campuses and research centers.
NSFNET also connects to multiple peer networks consisting of national network infrastructures of other federal agencies. One of these peer networks is the Defense Data Network (DDN) which can be viewed, for the sake of this discussion, as the combination of the Defense Department's (DoD) MILNET and ARPANET component networks, both of which are national in scope. See NSFNET Routing Model to the right.
Until mid-1989, the NSFNET and the DDN were connected via a few intermediate routers which in turn were connected to the ARPANET. Those routers exchanged network reachability information via the Exterior Gateway Protocol (EGP) with the NSFNET nodes as well as with DDN mailbridges.
In the context of network routing, these mailbridges are route servers which exchange external network reachability information via EGP while using a proprietary protocol to exchange routing information among themselves.
Three mailbridges existed at locations on the East coast and three mailbridges at West coast locations. Besides functioning as route servers, these mailbridges also provided for connectivity by means of packet switching between the ARPANET and the MILNET. Intermediate systems between NSFNET and the ARPANET were under separate administrative control, typically by a mid-level network of NSFNET.
From July 1988 through May 1989, traffic between NSFNET and the DDN was carried by three ARPANET gateways. These ARPANET gateways were under the administrative control of a NSFNET mid-level network or local site.
The gateways had direct connections to both a Nodal Switching System (NSS) of the NSFNET and a Packet Switch Node (PSN) of the ARPANET. Routers at these gateways had simultaneous EGP sessions with a NSFNET NSS as well as a DDN mailbridge. This resulted in making these routers function as packet switches between the two peer networks. As the network routes were established, packets were switched between the NSFNET and the DDN.
During this period, NSFNET used three NSFNET/ARPANET gateways which were provided at different sites in order to ensure redundancy. The three sites were initially at Cornell University, the University of Illinois Urbana Champaign (UIUC), and at the Merit Computer Network. When the ARPANET connections at Cornell University and UIUC were terminated, a similar arrangement was initiated at the Pittsburgh Supercomputer Center and at the John von Neumann Supercomputer Center which, together with the Merit connection, allow for continued redundancy.
Routes announced from DDN to NSFNET
In the case of the three NSFNET/ARPANET gateways, each of the associated NSSs accepted the DDN routes at a different metric. The route with the lowest metric was then favored for traffic towards the specific DDN component network. If that gateway to the DDN experiences problems with loss of routing information, one of the redundant gateways would take over and carry the load as a fallback path.
Assuming consistent DDN routing information was received from the mailbridges at any of the three gateways, only a single NSFNET/ARPANET gateway was used at a given time for traffic from NSFNET towards the DDN. The remaining two gateways were standing by as hot backups. The metric for network announcements from the DDN to the NSFNET was coordinated by the Merit/NSFNET project.
Routes announced from the NSFNET to the DDN
Each NSS had an EGP peer relation with the NSFNET/ARPANET gateway. It announced a certain set of NSFNET connected networks via EGP, and was controlled by the distributed policy routing database to its peer. The NSFNET/ARPANET gateway then redistributed the networks which it had learned from the NSS to the DDN by means of a separate EGP session.
Each of the NSFNET/ARPANET gateways used a separate autonomous system number to communicate EGP information with the DDN. These autonomous system numbers were different from those the NSFNET backbone used to communicate with its directly attached client networks.
NSFNET/ARPANET gateways used the autonomous system number of the local network. The metrics for announcing network numbers to the DDN mailbridges were used according to the request of the mid-level network to which the individual network belonged.
Mid-level networks also influenced the specific NSFNET/ARPANET gateway used, including primary/secondary selection. These primary/secondary selections among the NSFNET/ARPANET gateways allowed for redundancy, while the preference of network announcements was modulated by the metric used for announcements to the DDN from the NSFNET/ARPANET gateways.
Some selection decisions were based on the reliability of a specific gateway or by congestion anticipated in a specific PSN which connected to the NSFNET/ARPANET gateway.
From an administrative point of view, the NSFNET/ARPANET gateways were administered by the institution to which the gateway belonged. This was never a real problem due to the excellent cooperation evidenced among all the involved sites.
New means of interconnectivity
During the first half of 1989, a new means of interconnectivity between NSFNET and the DDN was designed and implemented. This effort was sponsored jointly by the National Science Foundation (NSF), the Defense Advanced Research Projects Agency (DARPA), the Defense Communications Agency (DCA), and the National Aeronautics and Space Administration (NASA).
Two of the mailbridges, which previously had just connected the MILNET and the ARPANET, received Ethernet boards which allowed for a direct interface to the NSFNET nodes. One of these mailbridges is located on the West coast at the National Aeronautic and Space Administration's (NASA) Ames facility located at Moffett Field, California. The other is located on the East coast at Mitre in Reston, Virginia.
This direct interconnection now makes it possible for NSFNET to exchange routing information directly with DDN route servers without a gateway operated by a mid-level network in the middle. It also eliminates the need to traverse the ARPANET in order to reach MILNET sites and allows the Defense Communication Agency (DCA) as well as the National Science Foundation (NSF) to exercise control over the interconnection on a need basis. The connectivity can now be easily disabled from either site when tighter network security precautions are necessary.
Next month, Part Two . . .
Editor's Note: The article below is Part One of a portion of Request for Comment (RFC 1133) by Jessica Yu and Hans-Werner Braun. RFC 1133 is available via anonymous File Transfer Protocol from nis.nsf.net . Part Two will appear in the January, 1990 Link Letter.
Taken from The Link Letter, December 1989, Vol. 2 No. 6.