benefits of using ripe routing registry and related ripe
play

Benefits of Using RIPE Routing Registry and Related RIPE NCC Tools - PowerPoint PPT Presentation

Sep 24, 2022 •186 likes •593 views

Benefits of Using RIPE Routing Registry and Related RIPE NCC Tools TELFOR, 24 November 2004 Vesna Manojlovic RIPE NCC Training Services TELFOR, November 2004, Belgrade . RIPE Routing Registry . 1 http://www.ripe.net/ Overview Intro:

  1. Benefits of Using RIPE Routing Registry and Related RIPE NCC Tools TELFOR, 24 November 2004 Vesna Manojlovic RIPE NCC Training Services TELFOR, November 2004, Belgrade . RIPE Routing Registry . 1 http://www.ripe.net/

  2. Overview • Intro: RIPE and RIPE NCC • Why document routing policy • RPSL • IRRToolset • Day-to-day Usage of the RR • RIS TELFOR, November 2004, Belgrade . RIPE Routing Registry . 2 http://www.ripe.net/

  3. Intro: RIPE and RIPE NCC • Réseaux IP Européens (1989) – Collaborative, open community of Internet operators and administrators – Working groups: DB, Routing; EOF (eqv. to NANOG), etc • RIPE Network Coordination Centre (1992) – Independent not-for-profit membership organisation – One of 4 Regional Internet Registries – Member services: distributing IP addresses, ASN, reverse DNS delegation, training courses – Public services: whois DB, K-root, ENUM, RIPE support etc TELFOR, November 2004, Belgrade . RIPE Routing Registry . 3 http://www.ripe.net/

  4. Intro: RIPE whois Database & the IRR • Public Network Management Database – “whois” info about networks & contact data • Routing Registry - a subset of the RIPE DB – contains routing information, in RPSL • RIPE RR is part of the I nternet R outing R egistry: – http://www.irr.net/ – Distributed databases that mirror each other – IRR = RIPE DB + RADB + Savvis (ex C&W) + ARIN + … TELFOR, November 2004, Belgrade . RIPE Routing Registry . 4 http://www.ripe.net/

  5. Intro: Why Document Routing Policy? • Recreate your policy in case of loss of hardware / administrators – Less downtime • Scaling • Troubleshooting TELFOR, November 2004, Belgrade . RIPE Routing Registry . 5 http://www.ripe.net/

  6. Intro: Why Document in RPSL? • Abstract – Not vendor specific • Global AS view, not router specific • Established standard • Tools available – router configuration – expertise built into tools TELFOR, November 2004, Belgrade . RIPE Routing Registry . 6 http://www.ripe.net/

  7. Intro: Why Document in IRR? • Required by some Transit Providers • Required by some Exchange Points • Allows peers to automatically update filters – For your announcements – Consistent information between neighbours • Good housekeeping TELFOR, November 2004, Belgrade . RIPE Routing Registry . 7 http://www.ripe.net/

  8. Intro: Why Document in RIPE DB? • Convenience – inetnums already there – aut-num already there – maintainer already there – person objects already there • Database most likely used by your peers TELFOR, November 2004, Belgrade . RIPE Routing Registry . 8 http://www.ripe.net/

  9. 9 http://www.ripe.net/ . TELFOR, November 2004, Belgrade . RIPE Routing Registry RPSL

  10. Routing Policy Specification Language • Object-oriented language – Structured whois DB objects • Describes things interesting for the routing policy – Routes, AS numbers… – Relations between BGP peers – Management responsibility • Established standard: – Routing Policy Specification Language (RFC-2622) – Routing Policy System Security (RFC-2725) – Using RPSL in Practice (RFC-2650) TELFOR, November 2004, Belgrade . RIPE Routing Registry . 10 http://www.ripe.net/

  11. RPSL: Example aut-num Object aut-num: AS2001 import: from AS3000 action pref=30; accept ANY import: from AS4000 action pref=40; accept ANY export: to AS4000 action aspath.prepend(AS2001,AS2001); announce AS2001 export: to AS3000 announce AS2001 policy as-name: RRTEST-AS2001 descr: Customer of AS3000 & AS4000 supportive admin-c: JS2-RRTEST & contact tech-c: JS2-RRTEST information changed: john.smith@example.net 20040606 source: RIPE mnt-by: john-smith-MNT authentication mnt-routes: third-MNT & notification upd-to: john.smith@example.net mnt-nfy: rr-db-notifications@example.net TELFOR, November 2004, Belgrade . RIPE Routing Registry . 11 http://www.ripe.net/

  12. RPSL: aut-num Attributes Syntax • import: – from <peering> [action <action>] accept <filter> • export: – to <peering> [action <action>] announce <filter> • <peering> = ASN ; as-set ; “ASN IP1 at IP2” • <filter> matches set of routes – ASN, as-sets, route-sets; – {0.0.0.0/0}; {1.2.3.4/19, 193.0.0.0/23} • Range operators: e.g. 192.0.2.0/24^+ – ANY ; PeerAS; AND, OR, NOT • AS-path filters: regular expressions (i.e. <…>) import: from AS4003 accept <^AS4003+AS4003:AS-customers*$> TELFOR, November 2004, Belgrade . RIPE Routing Registry . 12 http://www.ripe.net/

  13. RPSL: Simple Animated Example AS4000 AS2000 aut-num: AS2000 export: to AS4000 aut-num: AS4000 announce AS2000 import: from AS4000 import: from AS2000 accept AS2000 accept AS4000 export: to as2000 announce AS4000 TELFOR, November 2004, Belgrade . RIPE Routing Registry . 13 http://www.ripe.net/

  14. RPSL: 2 nd Animated Example Internet aut-num: AS3000 AS3000 export: to AS2001 announce ANY AS4000 import: from AS2001 accept AS2001 AS2001 aut-num: AS2001 export: to AS4000 action aspath.prepend (AS2001, AS2001); announce AS2001 aut-num: AS4000 import: from AS3000 action pref=30; import: from AS2001 accept AS2001 accept ANY import: from AS4000 action pref=10; accept AS4000 export: to AS2001 announce AS4000 ANY export: to AS3000 announce AS2001 import: from AS4000 action pref=40; accept ANY TELFOR, November 2004, Belgrade . RIPE Routing Registry . 14 http://www.ripe.net/

  15. RPLS: Localpref / prepend • Controlling the traffic flow: – for outbound traffic set the value of local-pref • “action pref=NN” in the “import” lines of aut-num object • the lower the “pref”, the more preferred the route – for inbound traffic, modify as-path length • “action aspath.prepend(ASN)” in the “export” lines • Longer the as-path, less preferred the route – Note: the direction of traffic is reverse from accepting / announcing routes TELFOR, November 2004, Belgrade . RIPE Routing Registry . 15 http://www.ripe.net/

  16. RPSL: Multiple Links / MED • By setting the value of MED on export lines, the preferred entry point into your AS can be controlled export: to AS4044 at 10.3.0.1 action med=2000; announce AS3033 # less preferred, bigger MED export: to AS4044 at 10.3.0.2 action med=1000; announce AS3033 # more preferred, smaller MED • The neighbour must agree to honour your MED values – Instead of MED, it is possible to use as-path prepend on less preferred link • Controlling outbound traffic: import: from AS4 10.4.0.7 at 10.3.0.1 action pref=10; accept AS4 import: from AS4 10.4.0.8 at 10.3.0.1 action pref=20; accept AS4 TELFOR, November 2004, Belgrade . RIPE Routing Registry . 16 http://www.ripe.net/

  17. RPSL: BGP Communities • Elegant solution for implementing policies • RFC-1998: An application of the BGP Community Attribute in Multi-home Routing • ISPs publish values of communities in the RR – E.g. to tell BT to prepend their ASN when announcing your routes to their peers: export: to 5400 action community = {5400:2073}; announce MY_ASN – E.g. to receive KPN NL routes on NL peering: import: from AS268 <ip-NL> action pref=10; accept AS286 AND community.contains (286:3031) TELFOR, November 2004, Belgrade . RIPE Routing Registry . 17 http://www.ripe.net/

  18. RPSL: Security / Bogon Filtering • Problems: – Bogon address space used as source for spamming, DDoS, probes… – Leaking “martians” & bogons due to mis-configuration – Leaking other people’s ranges => black-holing them • Add “AND NOT fltr-bogons” to all your import and export attribute filter rules • Secure BGP Template – www.cymru.com/Documents/secure-bgp-template.html TELFOR, November 2004, Belgrade . RIPE Routing Registry . 18 http://www.ripe.net/

  19. Outdated “bogon” Filters • Inverse problem: – Bogon filters in place, but not kept up-to-date – Consequence: when new /8 block is allocated to RIR / LIR, it is unreachable from networks with stale filters • Solution: – Use fltr-bogons instead your own manually updated list – Or: follow the lists where RIRs announce new /8 blocks • E.g. https://www.ripe.net/ripe/docs/smallest-alloc-sizes.html • E.g. www.ripe.net/ripe/draft-documents/deboganising-draft.html – Or: use bogon route server • (AS65333, community 65333:888)(e.g. cymru.com) => Keep your bogon filters up-to-date! TELFOR, November 2004, Belgrade . RIPE Routing Registry . 19 http://www.ripe.net/

  20. RPSL: as-set Object Syntax • as-set objects for groups of aut-num-s • previously known as AS-MACRO – as-set : name starts with “AS-”; • hierarchical, using “asn:” (e.g. AS4000:AS-CUSTOMERS) – (direct) members : ASNs, or as-set-s – (indirect) mbrs-by-ref : <mntner-name> | ANY • Aut-num should have “member-of” to include itself in the as-set • In your aut-num point to as-set-s – export/import: to/from ASN announce/accept as-set – export/import: to/from as-set announce/accept <filter> • expression PeerAS loops through the list of members TELFOR, November 2004, Belgrade . RIPE Routing Registry . 20 http://www.ripe.net/

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Using Routing Registry and Related Tools for Configuring Routers Vesna Manojlovic Advanced

Using Routing Registry and Related Tools for Configuring Routers Vesna Manojlovic Advanced

Using Routing Registry and Related Tools for Configuring Routers Vesna Manojlovic Advanced Courses Trainer, RIPE NCC APRICOT, February 2005, Kyoto APRICOT, February 2005, Kyoto . RIPE Routing Registry . 1 http://www.ripe.net/ Introduction:

168 views • 12 slides
Participating in RIPE Policy Development RIR Bottom-up Model Rules POLICIES RIPE NCC LIRs

Participating in RIPE Policy Development RIR Bottom-up Model Rules POLICIES RIPE NCC LIRs

Participating in RIPE Policy Development RIR Bottom-up Model Rules POLICIES RIPE NCC LIRs PDP WGs RIPE Community Mailing Lists / RIPE Meetings 2 Working Groups Address Policy IPv6 Routing RIPE NCC Services Database

90 views • 6 slides
Welcome to the Routing wg at RIPE 72 Joo Damas Rob Evans Agenda A. Welcome 00:05 Thanks

Welcome to the Routing wg at RIPE 72 Joo Damas Rob Evans Agenda A. Welcome 00:05 Thanks

Welcome to the Routing wg at RIPE 72 Joo Damas Rob Evans Agenda A. Welcome 00:05 Thanks to the scribe, jabber scribe and stenographer. Reminder of microphone etiquette. Minutes from RIPE 71. B. Appointment of new co-chair. 00:05 C.

58 views • 5 slides
Welcome to the Routing wg at RIPE 74 Joo Damas, Paolo Moroni Agenda A. Welcome. 5

Welcome to the Routing wg at RIPE 74 Joo Damas, Paolo Moroni Agenda A. Welcome. 5

Welcome to the Routing wg at RIPE 74 Joo Damas, Paolo Moroni Agenda A. Welcome. 5 Thanks to the scribe, jabber scribe and stenographer. Microphone etiquette. Minutes from RIPE 73. B. IRR Filtering at IXP Route Servers. 30 Erik

264 views • 4 slides
RIPE Atlas ICANN meeting 2014, Singapore ! ccTLD Tech Day RIPE and RIPE NCC ! ! ! ! ! ! !

RIPE Atlas ICANN meeting 2014, Singapore ! ccTLD Tech Day RIPE and RIPE NCC ! ! ! ! ! ! !

RIPE Atlas ICANN meeting 2014, Singapore ! ccTLD Tech Day RIPE and RIPE NCC ! ! ! ! ! ! ! ! ! ! ! ! RIPE Network Coordination Centre Rseaux IP Europens Started in 1992 Started in 1989 Not-for-profit

372 views • 24 slides
RIPE Atlas ! Robert Kisteleki ! RIPE NCC Science Group ! robert@ripe.net ! Introduction &quot; RIPE

RIPE Atlas ! Robert Kisteleki ! RIPE NCC Science Group ! robert@ripe.net ! Introduction &quot; RIPE

RIPE Atlas ! Robert Kisteleki ! RIPE NCC Science Group ! robert@ripe.net ! Introduction &quot; RIPE Atlas: &quot; There are many Atlases, this is RIPE Atlas RIPE Atlas &quot; A prototype system for a next generation Internet measurement

629 views • 30 slides
RIPE Atlas Tools for Operators and IXPs Michela Galante RIPE NCC 24 May 2017 | LACNIC 27 | Foz

RIPE Atlas Tools for Operators and IXPs Michela Galante RIPE NCC 24 May 2017 | LACNIC 27 | Foz

RIPE Atlas Tools for Operators and IXPs Michela Galante RIPE NCC 24 May 2017 | LACNIC 27 | Foz do Iguau Overview Introduction to RIPE Atlas Use cases IXP Country Jedi New: TraceMON How to take part in RIPE Atlas RIPE

732 views • 47 slides
RIPE Atlas Highlights (and more) Robert Kisteleki RIPE NCC Science Division At a Glance RIPE

RIPE Atlas Highlights (and more) Robert Kisteleki RIPE NCC Science Division At a Glance RIPE

RIPE Atlas Highlights (and more) Robert Kisteleki RIPE NCC Science Division At a Glance RIPE Atlas Highlights 2 Better UIs and APIs Probe tagging New measurement types Data streaming Anchors Other Bits: locality checks,

337 views • 21 slides
RIPE Address Policy Working Group May 13, 2020 RIPE 80, In Cyberspace WG Chairs: Gert D oring

RIPE Address Policy Working Group May 13, 2020 RIPE 80, In Cyberspace WG Chairs: Gert D oring

RIPE 80 APWG RIPE 80, virtually yours 1 RIPE Address Policy Working Group May 13, 2020 RIPE 80, In Cyberspace WG Chairs: Gert D oring &amp; Erik Bais please remember: this session is webcast RIPE 80 APWG

506 views • 11 slides
Some Internet Measuremen t Thoughts Richard Barnes BBN Technologies RIPE MAT Co - Chair

Some Internet Measuremen t Thoughts Richard Barnes BBN Technologies RIPE MAT Co - Chair

Some Internet Measuremen t Thoughts Richard Barnes BBN Technologies RIPE MAT Co - Chair RIPE MAT WG RIPE is the RIR for Europe; RIPE NCC is their secretariat RIPE has working groups on particular topics MAT ==

151 views • 12 slides
RIPE Address Policy Working Group May 10, 2017 RIPE 74, Budapest WG Chairs: Gert D oring

RIPE Address Policy Working Group May 10, 2017 RIPE 74, Budapest WG Chairs: Gert D oring

RIPE 74 APWG RIPE 74, Budapest 1 RIPE Address Policy Working Group May 10, 2017 RIPE 74, Budapest WG Chairs: Gert D oring &amp; Sander Steffann please remember: this session is webcast RIPE 74 APWG Agenda

194 views • 18 slides
World IPv6 Launch and RIPE Atlas traceroute6 Visualisation Bert Wijnen bwijnen@ripe.net

World IPv6 Launch and RIPE Atlas traceroute6 Visualisation Bert Wijnen bwijnen@ripe.net

World IPv6 Launch and RIPE Atlas traceroute6 Visualisation Bert Wijnen bwijnen@ripe.net (presenter) Emile Aben emile.aben@ripe.net Rene Wilhelm wilhelm@ripe.net Robert Kisteleki robert@ripe.net TREX Workshop 2012 14 September 2012 RIPE NCC

384 views • 19 slides
RIPE Address Policy Working Group October 17, 2018 RIPE 77, Amsterdam WG Chairs: Gert D oring

RIPE Address Policy Working Group October 17, 2018 RIPE 77, Amsterdam WG Chairs: Gert D oring

RIPE 77 APWG RIPE 77, Amsterdam 1 RIPE Address Policy Working Group October 17, 2018 RIPE 77, Amsterdam WG Chairs: Gert D oring &amp; Erik Bais please remember: this session is webcast RIPE 77 APWG Agenda

520 views • 18 slides
RIPE Address Policy Working Group October 24, 2017 RIPE 75, Dubai WG Chairs: Gert D oring

RIPE Address Policy Working Group October 24, 2017 RIPE 75, Dubai WG Chairs: Gert D oring

RIPE 75 APWG RIPE 75, Dubai 1 RIPE Address Policy Working Group October 24, 2017 RIPE 75, Dubai WG Chairs: Gert D oring &amp; Sander Steffann please remember: this session is webcast RIPE 75 APWG Agenda

391 views • 17 slides
at the RIPE NCC Emile Aben emile.aben@ripe.net RIPE NCC Emile Aben Afrinic11, 2009-11, Dakar,

at the RIPE NCC Emile Aben emile.aben@ripe.net RIPE NCC Emile Aben Afrinic11, 2009-11, Dakar,

RIPE Network Coordination Centre Internet Measurement and Analysis at the RIPE NCC Emile Aben emile.aben@ripe.net RIPE NCC Emile Aben Afrinic11, 2009-11, Dakar, Senegal http://www.ripe.net 1 RIPE Network Coordination Centre Measurement

886 views • 12 slides
Open-sourcing RIPE Atlas Vesna Manojlovic (Presented by Philip Homburg) 30 January 2016 |

Open-sourcing RIPE Atlas Vesna Manojlovic (Presented by Philip Homburg) 30 January 2016 |

Open-sourcing RIPE Atlas Vesna Manojlovic (Presented by Philip Homburg) 30 January 2016 | FOSDEM Overview Introduction to RIPE &amp; the RIPE NCC What is RIPE Atlas? Open-sourced RIPE Atlas tools How to take part in the RIPE

492 views • 28 slides
ODOT Draft Utility Circulars Marc A. Travis Division of Finance and Forecasting Office of Audits

ODOT Draft Utility Circulars Marc A. Travis Division of Finance and Forecasting Office of Audits

ODOT Draft Utility Circulars Marc A. Travis Division of Finance and Forecasting Office of Audits Agenda Introductions Background Circular Development Process Overview of each Circular The Comment Period The Post-Comment

775 views • 49 slides
Overview of Basin Boundary Modification Process/Regulations and Local Considerations Petaluma

Overview of Basin Boundary Modification Process/Regulations and Local Considerations Petaluma

Overview of Basin Boundary Modification Process/Regulations and Local Considerations Petaluma Valley Groundwater Sustainability Agency January 22, 2018 sonomacountygroundwater.org Presentation Summary Types of Basin Boundary Issues -

302 views • 17 slides
Summary of Potential Basin Boundary Modifications Santa Rosa Plain Groundwater Sustainability

Summary of Potential Basin Boundary Modifications Santa Rosa Plain Groundwater Sustainability

Summary of Potential Basin Boundary Modifications Santa Rosa Plain Groundwater Sustainability Agency Technical Advisory Committee Meeting February 12, 2018 sonomacountygroundwater.org Presentation Summary Review of DWR

497 views • 14 slides
Large-Scale Measurement Platforms

Large-Scale Measurement Platforms

Large-Scale Measurement Platforms cnds.eecs.jacobs-university.de/slides/2013-aims-large-scale-measurement-platforms.pdf Vaibhav Bajpai and Nikolay Melnikov {v.bajpai, n.melnikov}@jacobs-university.de AIMS 2013 Computer Networks and

817 views • 77 slides
( OPEN ASCENDING) AUCTIONS IN BYZCOIN By HARENA M. Diana Supervisor: Jeff Allen Auctions in

( OPEN ASCENDING) AUCTIONS IN BYZCOIN By HARENA M. Diana Supervisor: Jeff Allen Auctions in

( OPEN ASCENDING) AUCTIONS IN BYZCOIN By HARENA M. Diana Supervisor: Jeff Allen Auctions in Byzcoin 1 - PROJECT OVERVIEW Web browser User Interface Conode Conode Dynasent Byzcoin service application cothority Conode Auction Contract

147 views • 11 slides
Stressed Asset Presentation Our Story ! Quikr Realty Ltd in alliance with HDFC Ltd., erstwhile

Stressed Asset Presentation Our Story ! Quikr Realty Ltd in alliance with HDFC Ltd., erstwhile

Stressed Asset Presentation Our Story ! Quikr Realty Ltd in alliance with HDFC Ltd., erstwhile known as HDFC Realty Ltd, is a pan India real estate property Quikr India Pvt Ltd acquires Experience in real estate consultancy firm HDFC Realty

427 views • 15 slides
Pricing spectrum to maximise the benefits for all March 1 st 2017 Welcoming Remarks Brett

Pricing spectrum to maximise the benefits for all March 1 st 2017 Welcoming Remarks Brett

Pricing spectrum to maximise the benefits for all March 1 st 2017 Welcoming Remarks Brett Tarnutzer, GSMA Impact on mobile Richard Marsden, NERA Economic Consulting Background to the study SCOPE OF STUDY Widespread operator concern

547 views • 35 slides
The Regional Greenhouse Gas Initiative Pennsylvania Climate Change Advisory Committee Chris

The Regional Greenhouse Gas Initiative Pennsylvania Climate Change Advisory Committee Chris

The Regional Greenhouse Gas Initiative Pennsylvania Climate Change Advisory Committee Chris Hoagland Maryland Department of the Environment October 1, 2019 The Regional Greenhouse Gas Initiative Carbon Cap on Power Plants 10 States

422 views • 26 slides

More recommend