The ungleich routing infrastructure


This article is IN PROGRESS.

Peer with us!

If you have a VM / IPv6 network from us and want to peer with us, the following steps should help you:

  • Send a request to support at containing your
    • ASN
    • Networks

ungleich routers

To BGP peer with us, you will need to establish 2 BGP sessions (for redundancy reasons). The routers depend on the IPv6 that your endpoint has:

Your VM is in ... ... then peer with
2a0a:e5c0:0:2::/64 2a0a:e5c0:0:2::3 2a0a:e5c0:0:2::4
2a0a:e5c0:0:5::/64 2a0a:e5c0:0:5::3 2a0a:e5c0:0:5::4
2a0a:e5c0:2:2::/64 2a0a:e5c0:2:2::5 2a0a:e5c0:2:2::6

You will receive the full IPv6 routing table from us.

Configuration for you (the peer)

If you are using bird for peering, your configuration can look similar to this:

# Adjust filters to your own preference
filter from_ungleich {
filter to_ungleich {

protocol bgp ungleichrouter1 {
    local as YOURASN;
    neighbor SELECT_FROM_TABLE_ABOVE1 as 209898;

    import filter from_ungleich;
    export filter to_ungleich;

protocol bgp ungleichrouter2 {
    local as YOURASN;
    neighbor SELECT_FROM_TABLE_ABOVE2 as 209898;

    import filter from_ungleich;
    export filter to_ungleich;

Configuration for ungleich

These instructions are for ungleich staff.

  • Create / edit in the cdist type __ungleich_bgp_router:
    • ${peer}_v6.conf (very similar to the peer example above)
    • bird6.conf: define networks of peer (net_${peer})
    • general.conf: add appropriate filters
  • Apply bgp configuration or full cdist config
    • cdist config -vvp6 -bj5 router{..}.place{..} # full
    • echo __ungleich_bgp_router | cdist config -i - -vvp6 -bj5 router{..}.place{..} # routing only
  • Verify that config has been applied
    • bird6c
    • birdc6 conf
    • show route protocol $peer
  • Update our AS-SET at (currently manually, later via REST API)
    • Need to modify "as-ungleich-downstream": add the ASN or the AS-SET of downstream
      • By default add the ASN
      • Use AS-SET if customer supplies us with an AS-SET
  • Send an update by mail to init7 & netstream for the new prefixes
    • best is via RT
      Subject : Configure routing for ASN <...>
      Hello INIT7/NETSTERAM,
      we newly peer with a new ASN <ADDASNHERE> which has the networks <ADDNETWORKSHERE>. 
      Can you please add these networks to your whitelist and let us know when they should be reachable?


Our networks are registered with ripe.


Our AS is configured with the following AS-SETs (excerpt from whois AS209898):

aut-num:        AS209898
as-name:        ungleich
org:            ORG-UG21-RIPE
import:         from as-ungleich-upstream accept ANY
export:         to as-ungleich-upstream announce as-ungleich
import:         from as-ungleich-downstream accept as-ungleich-downstream
export:         to as-ungleich-downstream announce ANY
  • as-ungleich-upstream: contains all our upstreams
  • as-ungleich-downstream: contains our downstreams AS-SETS or downstream routes
  • as-ungleich: contains our networks and all our downstream networks


All objects should have the mnt-by flag of mnt-ungleich. This maintainer handle is usable by all our LIR accounts.


A cli for accessing RIPE's rest interface is developed on

Updated by Nico Schottelius about 5 years ago · 12 revisions