Using Routing Policies Using Routing Policies Mark Prior Mark Prior Core Engineering Group Core Engineering Group connect.com.au connect.com.au
Topics Topics � Why define a routing policy? Why define a routing policy? � � How to define a policy How to define a policy � � What to do with the policy now? What to do with the policy now? � � Futures... Futures... �
Why define a Routing Policy? Why define a Routing Policy? � Documents relationship between BGP Documents relationship between BGP � peers peers � Allows automatic generation of router Allows automatic generation of router � configurations configurations � Provides a debugging aid to third parties Provides a debugging aid to third parties �
How to define a Policy How to define a Policy � Current de facto language in use is defined Current de facto language in use is defined � by RIPE-181 by RIPE-181 � Used by Internet Routing Registries Used by Internet Routing Registries � • RADB, MCI, RIPE, ANS & CA*NET RADB, MCI, RIPE, ANS & CA*NET • � Connect registers its policy at RADB (run Connect registers its policy at RADB (run � by Merit in the USA) by Merit in the USA)
Aut- -Num Num Object Object Aut � Routing Policy Description object Routing Policy Description object � � Most important components are Most important components are � • as-in as-in • • as-out as-out • � These define the incoming and outgoing These define the incoming and outgoing � external routing announcement external routing announcement relationships relationships
Example Example aut- -num num: AS2764 : AS2764 aut descr: connect.com.au : connect.com.au pty ltd pty ltd descr as-in: from ASn ASn 5 accept 5 accept ASn ASn and <^ and <^ASn ASn+$> +$> as-in: from as-out: to ASn ASn announce AS2764 announce AS2764 as-out: to as-out: to ASn ASn announce AS-CONNECT and AS- announce AS-CONNECT and AS- as-out: to CONNECTDOMESTIC CONNECTDOMESTIC mnt-by: MAINT-AS2764 -by: MAINT-AS2764 mnt changed: mrp mrp@connect.com.au 980514 @connect.com.au 980514 changed: source: RADB source: RADB
Connect’ ’s s Real Policy Real Policy Connect � RIPE-181 policy registered at RIPE-181 policy registered at whois whois. .ra ra.net .net � • whois whois -h -h whois whois. .ra ra.net AS2764 .net AS2764 • � (Work in Progress) RPSL policy soon to (Work in Progress) RPSL policy soon to � appear at new RPSL server run by Merit at appear at new RPSL server run by Merit at compute.merit.edu edu compute.merit. � To examine routes registered under an AS To examine routes registered under an AS � • whois whois -h -h whois whois. .ra ra.net !gAS2764 .net !gAS2764 • • Note: This only works at RADB Note: This only works at RADB •
What to do with the policy? What to do with the policy? � Use it to generate router configurations Use it to generate router configurations � � RtConfig RtConfig, part of , part of RAToolSet RAToolSet from from � USC/Information Sciences Institute USC/Information Sciences Institute � Creates route and AS path filters. Can also Creates route and AS path filters. Can also � create ingress/egress filters. create ingress/egress filters.
Things RIPE-181 can’ ’t do t do Things RIPE-181 can � Perform special processing for communities Perform special processing for communities � � Connect communities Connect communities � • 2764:1, 2764:2, 2764:3, 2764:4, 2764:5 2764:1, 2764:2, 2764:3, 2764:4, 2764:5 •
Futures Futures � RPSL, new IETF defined standard RPSL, new IETF defined standard � � More flexible than RIPE-181 More flexible than RIPE-181 � � Connect will be migrating to RPSL over Connect will be migrating to RPSL over � next couple of months next couple of months � Start to use our own server in place of Start to use our own server in place of � RADB (but will still register at RADB for RADB (but will still register at RADB for information) for configuration generation information) for configuration generation
References References � RIPE-181 RIPE-181 � • ftp ftp:// ://ftp ftp.ripe.net/ripe/docs/ripe-181. .ripe.net/ripe/docs/ripe-181.ps ps • � RPSL - RFC 2280 RPSL - RFC 2280 � • ftp ftp:// ://munnari munnari.oz.au/ .oz.au/rfc rfc/rfc2280.Z /rfc2280.Z • � RAToolSet RAToolSet � • ftp ftp:// ://ftp ftp. .isi isi. .edu edu/ /ra ra/ /RAToolSet RAToolSet • � RPS Working Group of the IETF RPS Working Group of the IETF �
Contact Details Contact Details Mark Prior Mark Prior connect.com.au pty ltd pty ltd connect.com.au Level 1, 45 Pirie Pirie Street Street Level 1, 45 Adelaide, South Australia Adelaide, South Australia Phone: (08) 8203 2088 Phone: (08) 8203 2088 Fax: (08) 8203 2087 Fax: (08) 8203 2087 Email: : mrp mrp@connect.com.au @connect.com.au Email
Recommend
More recommend