Project

General

Profile

The ungleich routing infrastructure » History » Version 11

Nico Schottelius, 05/17/2019 10:13 AM

1 1 Nico Schottelius
h1. The ungleich routing infrastructure
2
3 4 Nico Schottelius
{{toc}}
4
5 1 Nico Schottelius
h2. Status
6
7
This article is *IN PROGRESS*.
8
9 2 Nico Schottelius
h2. Peer with us!
10 1 Nico Schottelius
11 2 Nico Schottelius
If you have a VM / IPv6 network from us and want to peer with us, the following steps should help you:
12 1 Nico Schottelius
13 2 Nico Schottelius
* Send a request to support -at- ungleich.ch containing your
14
** ASN
15
** Networks
16
17
h3. ungleich routers
18
19
To BGP peer with us, you will need to establish 2 BGP sessions (for redundancy reasons). The routers depend on the IPv6 that your endpoint has:
20
21 3 Nico Schottelius
|_. Your VM is in ... |_. ... then peer with |
22 2 Nico Schottelius
| 2a0a:e5c0:0:2::/64 | 2a0a:e5c0:0:2::3 2a0a:e5c0:0:2::4 |
23
| 2a0a:e5c0:0:5::/64 | 2a0a:e5c0:0:5::3 2a0a:e5c0:0:5::4 |
24
| 2a0a:e5c0:2:2::/64 | 2a0a:e5c0:2:2::5 2a0a:e5c0:2:2::6 |
25
26
You will receive the full IPv6 routing table from us.
27 4 Nico Schottelius
28
h3. Configuration for you (the peer)
29
30
If you are using bird for peering, your configuration can look similar to this:
31
32
<pre>
33
# Adjust filters to your own preference
34
filter from_ungleich {
35
  accept;
36
}
37
filter to_ungleich {
38
  accept;
39
}
40
41
42
protocol bgp ungleichrouter1 {
43
	local as YOURASN;
44
	neighbor SELECT_FROM_TABLE_ABOVE1 as 209898;
45
46
	import filter from_ungleich;
47
	export filter to_ungleich;
48
}
49
50
protocol bgp ungleichrouter2 {
51
	local as YOURASN;
52
	neighbor SELECT_FROM_TABLE_ABOVE2 as 209898;
53
54
	import filter from_ungleich;
55
	export filter to_ungleich;
56
}
57
58
</pre>
59
60
h3. Configuration for ungleich
61
62
These instructions are for ungleich staff.
63
64
* Create / edit in the cdist type __ungleich_bgp_router:
65
** ${peer}_v6.conf (very similar to the peer example above)
66
** bird6.conf: define networks of peer (net_${peer})
67
** general.conf: add appropriate filters
68
* Apply bgp configuration or full cdist config
69
** cdist config -vvp6 -bj5 router{..}.place{..}.ungleich.ch # full
70
** echo __ungleich_bgp_router | cdist config -i - -vvp6 -bj5 router{..}.place{..}.ungleich.ch # routing only
71
* Verify that config has been applied
72
** bird6c
73 8 Jin-Guk Kwon
** birdc6 conf
74 4 Nico Schottelius
** show route protocol $peer
75 10 Nico Schottelius
* Update our AS-SET at www.ripe.net (currently manually, later via REST API)
76
** ...
77 5 Nico Schottelius
* Send an update by mail to init7 & netstream for the new prefixes
78
** best is via RT
79 7 Jin-Guk Kwon
<pre>
80 9 Jin-Guk Kwon
Subject : Configure routing for ASN <...>
81
82 7 Jin-Guk Kwon
Hello INIT7/NETSTERAM,
83
84
we newly peer with a new ASN <ADDASNHERE> which has the networks <ADDNETWORKSHERE>. 
85
86
Can you please add these networks to your whitelist and let us know when they should be reachable?
87
88
Best,
89
90
Jin-Guk
91 8 Jin-Guk Kwon
</pre>
92 2 Nico Schottelius
93 1 Nico Schottelius
h2. RIPE
94
95
Our networks are registered with ripe.
96
97 11 Nico Schottelius
h3. AS-SETS
98
99
Our AS is configured with the following AS-SETs (excerpt from @whois AS209898@):
100
101
<pre>
102
aut-num:        AS209898
103
as-name:        ungleich
104
org:            ORG-UG21-RIPE
105
import:         from as-ungleich-upstream accept ANY
106
export:         to as-ungleich-upstream announce as-ungleich
107
import:         from as-ungleich-downstream accept as-ungleich-downstream
108
export:         to as-ungleich-downstream announce ANY
109
</pre>
110
111
* as-ungleich-upstream: contains all our upstreams
112
* as-ungleich-downstream: contains our downstreams AS-SETS or downstream routes
113
* as-ungleich: contains *our* networks and all our downstream networks
114
115
116 1 Nico Schottelius
h3. Maintainer
117
118
All objects should have the *mnt-by* flag of *mnt-ungleich*. This maintainer handle is usable by all our LIR accounts.
119 2 Nico Schottelius
120
121
h3. CLI
122
123
A cli for accessing RIPE's rest interface is developed on https://code.ungleich.ch/ungleich-public/ungleich-cli