Upload
msyukor
View
43
Download
8
Tags:
Embed Size (px)
Citation preview
NTT MSC Sdn Bhd
ISP Readiness IPV6 Route Objects
An NTT Example
Teoh Kiat Jin
NTT MSC Sdn Bhd
Cyberjaya
NTT MSC Sdn Bhd
What is a Route Registry
http://en.wikipedia.org/wiki/Internet_Routing_Registry● Its a Database● Shares Route & Related Information● Mainly used by ISPs● Appropriate format for programming/configurating
routers
● Network Engineers from ISPs are Authorised to modify RPSL Objects
● Any Network Engineer or Public persons may query RR for related information
NTT MSC Sdn Bhd
Components● AS Number – Aut-Num / AS-Name / Inetnum
eg: whois AS10204 or AS2914
Aut-num: AS10204As-name: ARCNET-NTTMSC-MYDescr: Arcnet NTT MSC ISP
Aut-num: AS2914As-name: NTTC-GIN-ASDescr: NTT Communications Global IP Network
NTT MSC Sdn Bhd
Ipv4 Example:
● Eg. whois 203.115.224.0 / 129.250.50.0
Inetnum: 203.115.224.0 - 203.115.255.255Netname: ARCNETDescr: NTT MSC Arcnet ISP
NetRange: 129.250.0.0 - 129.250.255.255CIDR: 129.250.0.0/16NetName: NTTA-129-250NetHandle: NET-129-250-0-0-1….
OrgName: NTT America, Inc.OrgId: NTTAM-1Address: 8005 South Chester Street
NTT MSC Sdn Bhd
Ipv6 Example:
Eg. whois 2001:c18::/32 / 2401:3C00::/32
whois 2001:c18::/32Inet6num: 2001:0C18::/32Netname: ARCNET6-20020723Descr: Arcnet6 -NTT MSC Sdn. Bhd.
whois 2001:218::/32Inet6num: 2001:0218::/32Netname: NTT-JP-19990922Descr: NTT Communications Global IP Network
whois 2401:3c00::/32Inet6num: 2401:3C00::/32Netname: PACKETONE-AS-APDescr: Packet One Networks (Malaysia) SDN BHD
These are NOT RouteObjects!
NTT MSC Sdn Bhd
Route Objects (v4 & v6)
Record (Database Entry) of CIDR range which you'd like to advertise to your upstream.
whois -h rr.ntt.net 203.115.224.0/24Route: 203.115.224.0/24Descr: Arcnet NTT MSC ISPOrigin: AS10204
whois -h rr.ntt.net 203.115.224.0/18Route: 203.115.192.0/18Descr: Arcnet NTT MSC ISPOrigin: AS10204
Route Object areobtained fromRoute-Registry
NTT MSC Sdn Bhd
Route Objects (v4 & v6 cont)
whois -h rr.ntt.net 2001:0c18::/32Route6: 2001:c18::/32Descr: Proxy RO for Arcnet NTT MSC ISPOrigin: AS10204Source: NTTCOM
whois -h rr.ntt.net 2001:328::/32Route6: 2001:328::/32Descr: JARING MIMOS BHD MYOrigin: AS2042Notify: [email protected]: MAINT-AS2042Changed: [email protected] 20061213Source: RADB
Note: “Route6:” Objects
Note: “Origin”
NTT MSC Sdn Bhd
Why are Route Objects Important
When you do BGP with an ISP:● ISP needs to ensure your v4 & v6 blocks are
valid/correct● ISP needs to build filters/route-maps● Your AS-Number must be correct● The same applies to Your downstream and this
is achieved with an “AS-SET”
NTT MSC Sdn Bhd
What are AS-SETs
Its a “container” for downstream customers to include their “members” (with whom they do BGP with).
Example:
AS-2914 ↔ AS-00000 ↔ AS-1111 ↔ AS2222AS-SET AS-SET AS-SET AS-Num
● In this example, AS2222 does not have downstream customers, so they do not require an “AS-SET”
NTT MSC Sdn Bhd
This is what it looks like!whois -h rr.ntt.net as2914:as-asiaas-set: AS2914:AS-ASIAdescr: NTT Communications Global IP Network transit for Asian Customersmembers: AS2914, AS3949, AS-10099NTT, AS-10204, AS-17444-TRANSIT, AS-17666, AS-37997, AS-38322,
AS-45419, AS-4648-CUSTOMERS, AS-4788, AS-4818, AS-5713, AS-7552, AS-9381, AS-9513VERIO, AS-9908VERIO, AS-AKAMAI, AS-AMAZON, AS-BESTPATH, AS-CN2, AS-CTMTELEONE, AS-CWASIA, AS-DIYIXIAN, AS-DRUKNET, AS-DTN, AS-DYNINC, AS-EDGECAST, AS-EMIX, AS-GTLD, AS-HKBN, AS-HKNET, AS-HUTCHCITY, AS-IHENDERSON, AS-IXTECH-CUSTOMER, AS-KINX-TRANSIT, AS-LINKAGE, AS-LYNX, AS-MAGIX, AS-MICROSOFT, AS-NTTNETID, AS-OCN-ALL, AS-OPENDNS, AS-PLDT, AS-PNAPSYD001, AS-PROLE, AS-QTEL-SET, AS-SAMSUNGNETWORKS, AS-SET-10143EXETEL, AS-SET-GTI-PIP, AS-SINGNET, AS-SKYINTERNET, AS-SLTNET-TRANSIT, AS-SPT, AS-STARHUBINTERNET, AS-THIX, AS-TIG-GROUP, AS-TMHK, AS-TRIPLETNET, AS-UDOMAIN, AS-VDC, AS-VIPNETNTT, AS-VSNL-IN, AS-WHS-AP, AS17645:AS-NTTS-GIN, AS23649:AS-STANLEY-CUSTOMERS, AS23947:AS-GLOBAL, AS2914:AS-64600, AS2914:AS-64601, AS2914:AS-64602, AS2914:AS-64603, AS2914:AS-64604, AS2914:AS-64605, AS2914:AS-64606, AS2914:AS-64607, AS2914:AS-64696, AS2914:AS-64697, AS2914:AS-64951, AS2914:AS-65001, AS38040:AS-PEERS, AS38193:AS-PEERS, AS4641:AS-CUHK-TRANSIT, AS721:AS-JAPAN, AS7713:AS-TELKOM-TRANSIT, AS9498:AS-BHARTI-IN, AS4611, AS6447, AS9229, AS9420, AS9765, AS9808, AS10030, AS10031, AS10146, AS17924, AS23693, AS24334, AS29457, AS38757, AS38819, AS41625, AS45182, AS45422, AS45960, AS56180, AS-NHNadmin-c: NCGE-VRIOtech-c: NCGE-VRIOremarks: contacts per RFC2142:remarks: Abuse / UCE reports [email protected]: Security issues [email protected]: MAINT-NTTCOM-BBchanged: [email protected] 20110419source: NTTCOM
AS-38322NB: AS-SET
AS_NumberIe, no downstreamcustomers
Mnt-By Account
NTT MSC Sdn Bhd
Who are “MEMBERS” of AS-38322?
whois -h rr.ntt.net as-38322As-set: AS-38322Descr: Packet-Hub 159 Jalan Templer,Members:AS38322, AS23678, AS45785, AS17736
What Route-Object have they registered?
Ipv4 Route-Objects:whois -h rr.ntt.net -i origin 38322 | grep 'route:'route: 120.139.0.0/16route: 120.140.0.0/15route: 122.255.96.0/19route: 120.140.0.0/18route: 120.140.64.0/20route: 120.140.80.0/20route: 120.141.16.0/20route: 120.140.128.0/17route: 120.141.128.0/17route: 120.141.0.0/19route: 120.141.32.0/20
IPV6 Route-Objects:
whois -h rr.ntt.net -i origin 38322 | grep 'route6:'route6: 2401:3C00::/32
Note: “Members”
NTT MSC Sdn Bhd
Putting it All TogetherYou will need:
● Inetnum | Inet6num
● AS-Number
● An Account (MNTNER) on a Route Registry
● An AS-SET provided by the RR
(in some cases you may need to apply for it)
● Route Objects ipv4 & ipv6 will need to be created
● Your ISP will place it under their AS-Set Tree
● Once this is done, and depending on how your ISP behaves, BGP Filters / Routes Maps will be build accordingly.
NTT MSC Sdn Bhd
AS2914 AS00000AS1111 AS2222
ASXXXX
as-set: AS2914:AS-ASIAdescr: NTT … Asian Cumembers: AS2914, AS3949, AS-00000, ASXXXX, ...
As-set: AS-00000Descr: I am AS00000members: AS00000,members: AS-1111members: ASXXXX
as-set: AS-1111descr: I am AS1111members: AS1111,members: AS2222
AS2914
RR APNICRR RADBRR NTT
Route Objects v4 & v6 Exchange/Mirrored
DailyLoads
Daily Loads
NTT MSC Sdn Bhd
Question?● How to create Route Objects v4 & v6?● If Route Objects are created, how long will it
take for the ISPs BGP Filters to build?● What if my Route Objects are on third party
Route Registries?● Can my Route Objects / AS-SET & Members be
made private?● What does it mean when it is Proxy-
Registered?● Are there Best Practices?