The ungleich routing infrastructure » History » Revision 11
« Previous |
Revision 11/12
(diff)
| Next »
Nico Schottelius, 05/17/2019 10:13 AM
The ungleich routing infrastructure¶
- Table of contents
- The ungleich routing infrastructure
Status¶
This article is IN PROGRESS.
Peer with us!¶
If you have a VM / IPv6 network from us and want to peer with us, the following steps should help you:
- Send a request to support
atungleich.ch containing your- ASN
- Networks
ungleich routers¶
To BGP peer with us, you will need to establish 2 BGP sessions (for redundancy reasons). The routers depend on the IPv6 that your endpoint has:
Your VM is in ... | ... then peer with |
---|---|
2a0a:e5c0:0:2::/64 | 2a0a:e5c0:0:2::3 2a0a:e5c0:0:2::4 |
2a0a:e5c0:0:5::/64 | 2a0a:e5c0:0:5::3 2a0a:e5c0:0:5::4 |
2a0a:e5c0:2:2::/64 | 2a0a:e5c0:2:2::5 2a0a:e5c0:2:2::6 |
You will receive the full IPv6 routing table from us.
Configuration for you (the peer)¶
If you are using bird for peering, your configuration can look similar to this:
# Adjust filters to your own preference filter from_ungleich { accept; } filter to_ungleich { accept; } protocol bgp ungleichrouter1 { local as YOURASN; neighbor SELECT_FROM_TABLE_ABOVE1 as 209898; import filter from_ungleich; export filter to_ungleich; } protocol bgp ungleichrouter2 { local as YOURASN; neighbor SELECT_FROM_TABLE_ABOVE2 as 209898; import filter from_ungleich; export filter to_ungleich; }
Configuration for ungleich¶
These instructions are for ungleich staff.
- Create / edit in the cdist type __ungleich_bgp_router:
- ${peer}_v6.conf (very similar to the peer example above)
- bird6.conf: define networks of peer (net_${peer})
- general.conf: add appropriate filters
- Apply bgp configuration or full cdist config
- cdist config -vvp6 -bj5 router{..}.place{..}.ungleich.ch # full
- echo __ungleich_bgp_router | cdist config -i - -vvp6 -bj5 router{..}.place{..}.ungleich.ch # routing only
- Verify that config has been applied
- bird6c
- birdc6 conf
- show route protocol $peer
- Update our AS-SET at www.ripe.net (currently manually, later via REST API)
- ...
- Send an update by mail to init7 & netstream for the new prefixes
- best is via RT
Subject : Configure routing for ASN <...> Hello INIT7/NETSTERAM, we newly peer with a new ASN <ADDASNHERE> which has the networks <ADDNETWORKSHERE>. Can you please add these networks to your whitelist and let us know when they should be reachable? Best, Jin-Guk
- best is via RT
RIPE¶
Our networks are registered with ripe.
AS-SETS¶
Our AS is configured with the following AS-SETs (excerpt from whois AS209898
):
aut-num: AS209898 as-name: ungleich org: ORG-UG21-RIPE import: from as-ungleich-upstream accept ANY export: to as-ungleich-upstream announce as-ungleich import: from as-ungleich-downstream accept as-ungleich-downstream export: to as-ungleich-downstream announce ANY
- as-ungleich-upstream: contains all our upstreams
- as-ungleich-downstream: contains our downstreams AS-SETS or downstream routes
- as-ungleich: contains our networks and all our downstream networks
Maintainer¶
All objects should have the mnt-by flag of mnt-ungleich. This maintainer handle is usable by all our LIR accounts.
CLI¶
A cli for accessing RIPE's rest interface is developed on https://code.ungleich.ch/ungleich-public/ungleich-cli
Updated by Nico Schottelius over 5 years ago · 11 revisions