Login
Login

Network Policies

What is a network policy?

The goal of network policies is to show the various ways Tier 1 ISPs reach a network. Each policy represents a different path the Tier 1 ISPs take to reach a network.

How are they calculated for my ASN?

  • We gather all AS Paths that we have for prefixes that originate from your ASN.
  • We truncate each path at the last Tier 1 ISP we find.

For example, we might have a route with this path in the database:

206924-136620-174-6461-50673-200365-202562

We then truncate this path to:

206924-136620-174

  • We group these (truncated) routes together by the truncated AS path. Each of these groups is a unique policy

In other words:

Other sites show “Global Aggregation”, and that is basically “what if we pushed all AS relationships into one massive graph.”

This is however not that useful for understanding the actual everyday routing of some prefixes, and in large networks they quickly become useless because they are too complex to understand (as they are made up of possibly 100’s of different announcement configurations).

Instead bgp.tools groups together prefixes that have the same announcement profile (same upstreams, same reach, same visibility) and generates a name (so they can be easily referenced (this name is not stable for more than a few hours!))

These groups can happen on purpose, for example: A network that has two or more locations that are not connected together, but do share the same ASN. So they will have different upstreams or connectivity.

These groups can also happen accidently: A network has announced 4 prefixes, but one prefix is not accepted by one of their upstreams, so two policies are formed, one with the 3 prefixes that go out on all providers, and the single prefix that got rejected in one of their providers prefix filters.

How do I read the diagrams?

We’ll use this example policy for AS206924. The diagram is:

ASN Path graph

And the prefixes in this policy are:

2a0c:2f07:ac1::/48

This graph tells us that this prefix is originated by AS206924 and has a single visible upstream to the rest of the internet in the form of AS20474 (Constant).

Constant then announces this route to AS1299 (Arelion) and AS2914 (NTT), both distribute the route to the rest of the internet, With some Tier 1 ISPs appearing to have a preference with Arelion or NTT, or some picking both (with that decision likely dependent on geography).

We can follow this graph and observe that if somebody is single homed to AS3320 (DTAG), then they will pass through AS2914 (NTT), Then AS20473 (Constnat), Then AS206924 (The originator).

The path that AS206924 uses to reply to the user who is single homed to AS3320 may be different to the one shown on the graph, as how AS206924 selects routes is not displayed here. Only how “the rest of the internet” gets to AS206924.


← All knowledge base articles