Evaluating Tier 1 Internet providers

Based on various conversation threads on Nanog I've come up with a few
criteria for evaluating Tier 1 providers. I'm open to add other criteria -
what would you add to this list? And how would I get a quantitative or
qualitative measure of it?

routing stability

BGP community offerings

congestion issues

BGP Peering relationships

path diversity

IPv6 table size

Seems like everyone offers 5 9's service, 45 ms coast-to-coast, 24x7
customer support, 100/1Gbps/10Gbps with various DIR/CIR and burst rates.
I'm shopping for new service and want to do better than choosing on
reputation. (or, is reputation also a criteria?)

much appreciated,

Eric Louie

Based on various conversation threads on Nanog I've come up with a few
criteria for evaluating Tier 1 providers. I'm open to add other criteria -
what would you add to this list? And how would I get a quantitative or
qualitative measure of it?

Define "Tier 1 provider". I ask this because it's something that many people don't know what it means, but assume that Tier 1 > Tier !=1.

routing stability

Routeviews.org can shed some light here.

BGP community offerings

If $provider has a page on www.peeringdb.com, they might publish a list of their BGP communities there. Other places to look would be the provider's whois/IRR entries, and on their respective websites, or the sales/marketing folks might be able to get this information for you.

congestion issues

There are various internet traffic report / weather report sites that can give you indirect insight into things like. By indirect, I mean that you might be able to infer things like congestion at a specific point based on what you see on those sites.

BGP Peering relationships

You can look at pages like www.peeringdb.com, and you will typically see if $provider is at an exchange, however the peering relationships that many providers have other providers (locations, speeds, etc) are confidential.

path diversity

You can ask $provider's sales and marketing folks, but there is no guarantee that you will get an answer (actual routes are considered confidential and proprietary information, despite the fact that a lot of providers' fiber ends up converging in a small handful of routes in some areas - i.e. many of them follow the same set of railroad tracks or cross a river at the same bridge, possibly even in the same conduit) or a correct answer (wave X might be re-groomed onto path Y without a whole lot of customer notification).

IPv6 table size

Sites like routeviews.org can give you some visibility here.

Seems like everyone offers 5 9's service, 45 ms coast-to-coast, 24x7
customer support, 100/1Gbps/10Gbps with various DIR/CIR and burst rates.
I'm shopping for new service and want to do better than choosing on
reputation. (or, is reputation also a criteria?)

Absolutely reputation should be a factor. I would argue that Internet access is largely commoditized anymore (and has been for several years), so the real differentiators are cost and level of service.

jms

I would add:

- presence of staff in key locations (if 60 Hudson is a critical location for you, find out whether there's someone regularly present in or near the building to clean fibre and help run loopback tests when you need them)

- expected time to clue when calling the support number (bonus points for being xkcd-806 compliant)

- time taken to turn around BGP import filter changes

- response you can expect when you call one day and say "our 10GE is maxed out with inbound traffic from apparently everywhere, it has been going on for an hour, please help"

- billing accuracy, and turnaround time for questions raised about invoices received

A lot of this comes down to conversations in the NANOG bar with people who have war stories to share. To that extent, I think "reputation" is a good indicator, so long as your sample size is reasonable, and depending on the amount of beer involved.

One other thing to think about -- Tier 1 providers are transit free, so your "can be reached by an IP packet from" is naturally limited to specific peering relationships with other Tier 1 providers. Tier 2 providers (those who buy transit from a suitably-diverse set of Tier 1s) can insulate you from route fade due to peering spats.

Joe

It's easy. Tier 1 is yourself. Tier 2 is your customers and your competitors. Tier 3 is your customers' customers, your competitors' customers, and your customers' competitors.

But yes, I'm sure there are as many criteria as there are NANOG subscribers.

But Joe Abley's are the correct ones.

<ducking>

                                -Bill

Good stuff Justin - Any other criteria that you would use?

much appreciated,
Eric Louie

Good stuff Justin - Any other criteria that you would use?

Joe covered a lot of good stuff in his response.

A few providers call themselves Tier 1, though the accuracy of those assertions is often suspect. The truth can be somewhat more complicated... and exactly how much more complicated isn't always clear
until Provider X gets de-peered by Provider Y and finds themselves having to negotiate a quick fix, often by cutting a check.

I would also ask people here who they have had very good experiences with, regardless of what "tier" the provider fits into.

jms

Clued-in support is a good criteria. (I've been using a broker for some of
my connections and there was virtually no value-add there, especially in the
prefix-list modifications, and a liability in other MACs)

That's a good point with the Tier 2 providers. So that begs the question,
why wouldn't I just get my upstream from a Tier 2? (Because my management
is under the perception that we're better off with Tier 1 providers, but
that doesn't mean their perception is accurate)

much appreciated,
Eric Louie

The good thing about your upstream being a Tier 2 is that it usually means
that if somebody's baking a peering cake, you're not one of the AS's that's
suffering.

Hmmm... if you're going for a connection to a Tier 1, maybe "peering cakes
per decade" is a valid criterion?

- time taken to turn around BGP import filter changes

So much This... You don't realize how important this is until your
nationwide provider takes 8 WEEKS to add one network to your (already set
up and working for 20 other networks) peering. Then decides to charge you
a fee for the change.

Ben Hatton
Network Systems Engineer

http://www.renesys.com/products/ provide some guidance, but probably not the kind of detailed tech you want.

Judging from my own experience, we have mostly been hit by limited path diversity & "everything seems fine" support in the past.

Tier 1 = Internet backbone providers (United States - AT&T, UUNET, Sprint,
AboveNet/Zayo, Cogent, Qwest/CenturyLink, L3/GBLX). However, I might be
better served with a Tier 2 for reachability as pointed out in another
response.

When you say "level of service", what are you referring to? Customer
service? Service level agreement (which is pretty much the same across all
the Tier 1's)?

much appreciated,
Eric Louie

Tier 1 = Internet backbone providers (United States - AT&T, UUNET, Sprint,
AboveNet/Zayo, Cogent, Qwest/CenturyLink, L3/GBLX). However, I might be
better served with a Tier 2 for reachability as pointed out in another
response.

Some of those providers are probably not in the DFZ. I know Cogent has been involved in some peering spats in the past. I don't know off-hand if Zayo/Above lives in the DFZ.

When you say "level of service", what are you referring to? Customer
service? Service level agreement (which is pretty much the same across all
the Tier 1's)?

Mainly customer service. Things like how easy it is to get a clued individual on the phone when there's an issue, turnaround time for things like BGP filter update requests. Like you mentioned, most providers' SLA terms are likely to look pretty similar if you were to compare them side-by-side.

I would also look at which providers are on-net in your location, or would be willing to build into your location for a reasonable cost. One thing you want to avoid is all of your providers using the same local loop provider to get into the building, or local dark fiber providers using the same right-of-way / conduit / manhole to get into your building.
Many providers might subcontract the physical last-mile construction to a local dark fiber provider. Entrance diversity and last-mile diversity is something you can probably have more influence over than how provider X gets between Chicago and New York.

Many providers will build into your location if they're in your city if you either pay the build costs, or are purchasing enough service that the construction costs can amortized over the term of the contract. If they amortize, make sure you keep that in mind when the contract is up for re-negotiation, so they're no longer trying to ding you for construction costs that you've already paid

jms

I'm thinking that same thing, although after researching, the "de-peering
King" is probably not a contender as one of our primary upstream connection.
(And I don't have secondary or tertiary connections)

much appreciated,
Eric Louie

If you don't have secondary connectivity, then I don't suggest going with a
Teir 1. Using a peer-only as a transit link is not something I would
recommend in general unless you know what you are doing in that regard, and
have designed around the inevitable peering issues related to that decision.

-Blake

I appreciate that warning. The bigger truth is, "No secondary/tertiary on
that router/in that location." I do have iBGP with alternate providers
through my core.

much appreciated,
Eric Louie

To add some more from recent experiences.. Most of these are in colocation
datacenters.

- speed to handle your emergency support call. (recent experience, some
tier1 can take a couple hours)

- if support requires a portal opened ticket, is the staff to reset a
password also 24/7.

- Latency in your region. (recent experience: I removed 4 circuits
because the backbones weren't the same in different areas).

- Is you location a pop, metro ring or dedicated fiber elsewhere.

- To get more specific, where is their peering in relationship to you.
Strong peering not near you could mean a lot of extra latency just to get
off their network.

thanks,
Bryan Socha

From: Justin M. Streiner [mailto:streiner@cluebyfour.org]
Sent: Tuesday, August 27, 2013 10:36 AM
To: nanog@nanog.org
Subject: RE: Evaluating Tier 1 Internet providers

I would also look at which providers are on-net in your location, or
would be willing to build into your location for a reasonable cost.
One thing you want to avoid is all of your providers using the same
local loop provider to get into the building, or local dark fiber
providers using the same right-of-way / conduit / manhole to get into
your building.
Many providers might subcontract the physical last-mile construction to
a local dark fiber provider. Entrance diversity and last-mile
diversity is something you can probably have more influence over than
how provider X gets between Chicago and New York.

The only thing I'm looking at are on-net solutions - luckily or unluckily we
are at data center locations (carrier neutral) so my choices are limited to
the on-nets that they already have (I'm not going through the pain of
bringing in a new one) and most of them are offering "free install"

To add some more from recent experiences.. Most of these are in colocation
datacenters.

[EL>] I'm colocated too.

- speed to handle your emergency support call. (recent experience, some
tier1 can take a couple hours)
[EL>] time to respond / time to resolve are good ones (hard to get them to
provide the true values, though)

- if support requires a portal opened ticket, is the staff to reset a
password also 24/7.

- Latency in your region. (recent experience: I removed 4 circuits
because the backbones weren't the same in different areas).

- Is you location a pop, metro ring or dedicated fiber elsewhere.

- To get more specific, where is their peering in relationship to you.
Strong peering not near you could mean a lot of extra latency just to get
off their network.

[EL>] "How many hops to their edge"? Will they admit that? can I get a
traceroute? (however, this is in downtown LA so I'm guessing it's close to
the edge

thanks,
Bryan Socha

If this was previously mentioned, my apologies.

The time they can respond to a PNI upgrade. If you have an existing 10G and
wish to add another. Can this be provisioned off the same device to form a
LAG or can they only provide ECMP. May not be something you can evaluate at
contract signing, but it can quickly become an issue when you need it.

- speed to handle your emergency support call. (recent experience,
some tier1 can take a couple hours)
*[EL>] * time to respond / time to resolve are good ones (hard to get
them to provide the true values, though)****

Call and pretend your a customer with an emergency. You might be

surprised how long it takes the first person to be on the call with you.

- To get more specific, where is their peering in relationship to you.
Strong peering not near you could mean a lot of extra latency just to get
off their network.****

*[EL>] *“How many hops to their edge”? Will they admit that? can I get
a traceroute? (however, this is in downtown LA so I’m guessing it’s close
to the edge****

* *

This one can be harder to get any answers on depending on who you are.
You can ask what locations they have most of their peering with. Also ask
for a POP list they are located in. Usually they are marked with the type
of service each building is (pop vs metro ring vs extension). unless
it's a private peer, I woudlnt' expect any peering at locations that are
not pops and you can see what is nearby your location that is a pop.

Somethign else I just thought of that I do ask providers. Ask how they
get into your building. If they are using some sort of metro ring between
their routers make sure your not about to screw yourself with no diversity
when that ring needs to be worked on.

Thanks,
Bryan