The ungleich routing infrastructure » History » Revision 10
Revision 9 (Jin-Guk Kwon, 05/16/2019 08:14 PM) → Revision 10/12 (Nico Schottelius, 05/17/2019 10:08 AM)
h1. The ungleich routing infrastructure
{{toc}}
h2. Status
This article is *IN PROGRESS*.
h2. Peer with us!
If you have a VM / IPv6 network from us and want to peer with us, the following steps should help you:
* Send a request to support -at- ungleich.ch containing your
** ASN
** Networks
h3. ungleich routers
To BGP peer with us, you will need to establish 2 BGP sessions (for redundancy reasons). The routers depend on the IPv6 that your endpoint has:
|_. Your VM is in ... |_. ... then peer with |
| 2a0a:e5c0:0:2::/64 | 2a0a:e5c0:0:2::3 2a0a:e5c0:0:2::4 |
| 2a0a:e5c0:0:5::/64 | 2a0a:e5c0:0:5::3 2a0a:e5c0:0:5::4 |
| 2a0a:e5c0:2:2::/64 | 2a0a:e5c0:2:2::5 2a0a:e5c0:2:2::6 |
You will receive the full IPv6 routing table from us.
h3. Configuration for you (the peer)
If you are using bird for peering, your configuration can look similar to this:
<pre>
# Adjust filters to your own preference
filter from_ungleich {
accept;
}
filter to_ungleich {
accept;
}
protocol bgp ungleichrouter1 {
local as YOURASN;
neighbor SELECT_FROM_TABLE_ABOVE1 as 209898;
import filter from_ungleich;
export filter to_ungleich;
}
protocol bgp ungleichrouter2 {
local as YOURASN;
neighbor SELECT_FROM_TABLE_ABOVE2 as 209898;
import filter from_ungleich;
export filter to_ungleich;
}
</pre>
h3. Configuration for ungleich
These instructions are for ungleich staff.
* Create / edit in the cdist type __ungleich_bgp_router:
** ${peer}_v6.conf (very similar to the peer example above)
** bird6.conf: define networks of peer (net_${peer})
** general.conf: add appropriate filters
* Apply bgp configuration or full cdist config
** cdist config -vvp6 -bj5 router{..}.place{..}.ungleich.ch # full
** echo __ungleich_bgp_router | cdist config -i - -vvp6 -bj5 router{..}.place{..}.ungleich.ch # routing only
* Verify that config has been applied
** bird6c
** birdc6 conf
** show route protocol $peer
* Update our AS-SET at www.ripe.net (currently manually, later via REST API)
** ...
* Send an update by mail to init7 & netstream for the new prefixes
** best is via RT
<pre>
Subject : Configure routing for ASN <...>
Hello INIT7/NETSTERAM,
we newly peer with a new ASN <ADDASNHERE> which has the networks <ADDNETWORKSHERE>.
Can you please add these networks to your whitelist and let us know when they should be reachable?
Best,
Jin-Guk
</pre>
h2. RIPE
Our networks are registered with ripe.
h3. Maintainer
All objects should have the *mnt-by* flag of *mnt-ungleich*. This maintainer handle is usable by all our LIR accounts.
h3. CLI
A cli for accessing RIPE's rest interface is developed on https://code.ungleich.ch/ungleich-public/ungleich-cli