Overview
The route servers simplify the exchange of routing information between the members and speed up the peering process for new members.
The route servers act as BGP proxies, eliminating the need for direct peerings among the members. The route servers forward BGP announcements among the members according to rules set by the members themselves, without altering the BGP next-hop or the AS-PATH. As a result, the route servers participate in the BGP control plane without participating into the data plane of the exchanged traffic.
The route servers support MD5 passwords. The route servers process and advertise prefixes according to some rules, and directions received by the members in the form of bgp communities. The route servers implement passive BGP sessions. That is, they will always act in server mode, listening to port 179
, and will never initiate a session as a client.
The use of the route servers is recommended but not mandatory for GR-IX members. Each member should not assume that all other members are connected to the route servers, or that all connected members will be willing to exchange traffic with it. Even when peering through the route server, a bilateral (business-level) agreement may be necessary.
Recommendations for the members
- Peering with all route servers is recommended (although not mandatory).
- For members with multiple routers connected to GR-IX, it is recommended that each of these routers connect to all route servers, and that each of those routers implement the same import/export policy for all of these peerings.
- Members are not discouraged from setting up direct bgp peerings with other key members, in addition to peering with them through the route servers.
How to connect
GR-IX::Athens
Route Server | AS Number | IPv4 Address | IPv6 Address | PoP |
---|---|---|---|---|
rs0.gr-ix.gr | 50745 | 176.126.38.120 | 2001:7f8:6e::120 | ATH02 – Lamda Hellix (LH) |
rs1.gr-ix.gr | 50745 | 176.126.38.121 | 2001:7f8:6e::121 | ATH01 – National Hellenic Research Foundation (NHRF) |
rs2.gr-ix.gr | 50745 | 176.126.38.117 | 2001:7f8:6e::117 | ATH03 – Telecom Italia Sparkle (TIS) |
GR-IX::Thessaloniki
Route Server | AS Number | IPv4 Address | IPv6 Address |
---|---|---|---|
rs0.thess.gr-ix.gr | 50745 | 185.1.123.120 | 2001:7f8:ce::120 |
rs1.thess.gr-ix.gr | 50745 | 185.1.123.121 | 2001:7f8:ce::121 |
The route servers implement the following BGP timers:
keepalive 10
hold-time 30
(Note: Timers are part of the bgp negotiation with the peer; the larger values apply)
Tip: In some BGP implementations, the BGP process will discard by default any prefixes received from eBGP peers if the peer’s autonomous system (AS) number does not appear first in the AS_PATH. This is always the case when peering with a route server, as the route server is configured to “hide” its AS number. Hence, when peering with the route servers, this check must be disabled (i.e. with a no bgp enforce-first-as
on a Cisco
router)
BGP communities can be used in order to control the members where a prefix is advertised.
- By default, the route server will advertise each prefix to all connected members.
- Standard community
50745:PEER-AS
or extended communityroute_target:50745:PEER-AS
(depending on whether the PEER AS is 2- or 4-byte) can be used to exclude announcing this prefix to PEER-AS. - Community
50745:0
can invert the policy for a prefix; that is, the prefix will be advertised only to the AS’es identified by the(route_target:)50745:PEER-AS
communities on the prefix.
Note that this is a per-prefix behavior, i.e. each prefix may implement a different policy based on its own communities.
Note: also that there is no way for a member to block the incoming advertisements on the route-server level; this has to be done by ingress BGP filters on its own equipment.
BGP Communities
Community | Purpose |
---|---|
Advertisement Control: | |
50745:PeerAS (for 16-bit AS numbers) or route_target:50745:PeerAS (for 16-bit or 32-bit AS numbers) | Do not advertise to PeerAS |
50745:0 or route_target:50745:0 | Inverse policy (do not advertise to any peers, except from those defined with RSasn:PeerAS) |
Prepending (communities can be combined) | |
50745:65501 | Prepend 50745 one time |
50745:65502 | Prepend 50745 two times |
50745:65503 | Prepend 50745 three times |
MED handling | |
50745:65000 | Do not alter incoming MED for IX switching optimization |
Marking (performed by the route servers) | |
50745:65101 | Prefix received by a peering at ATH01 (EIE) |
50745:65102 | Prefix received by a peering at ATH02 (LH) |
50745:65103 | Prefix received by a peering at ATH03 (TIS) |
50745:65111 | Prefix received by a peering at THESS01 (SNC) |
Processing of prefixes
Received prefixes
The route server will not accept:
- Prefixes with next-hop different than the peers’ ip(v4/v6) address.
- Martians and other unexpected routes:
- v4: 10.0.0.0/8+, 169.254.0.0/16+, 172.16.0.0/12+, 192.0.0.0/24+, 192.0.2.0/24+, 192.168.0.0/16+, 198.18.0.0/15+, 198.51.100.0/24+, 203.0.113.0/24+, 224.0.0.0/4+, 240.0.0.0/4+, 0.0.0.0/32, 0.0.0.0/0(28-32), 0.0.0.0/0(0,7)
- v6: ::/0, ::/96, ::/128, ::1/128, ::ffff:0.0.0.0/96+, ::224.0.0.0/100+, ::127.0.0.0/104+, ::0.0.0.0/104+, ::255.0.0.0/104+, 0000::/8+, 0200::/7+,3ffe::/16+, 2001:db8::/32+, 2002:e000::/20+, 2002:7f00::/24+, 2002:0000::/24+, 2002:ff00::/24+, 2002:0a00::/24+, 2002:ac10::/28+, 2002:c0a8::/3+, fc00::/7+, fe80::/10+, fec0::/10+, ff00::/8+
- Prefixes
- with an RPKI INVALID status
- with the last AS in the AS-PATH not included in the member’s AS-SET (as defined in the members portal), and
- without a corresponding route object of same length that originates from an AS in the member’s AS-SET
In addition, the number of received prefixes is capped by the maximum prefixes defined per member in the members portal.
Advertised prefixes
The route servers:
- Will advertise to all peers except PeerAS all prefixes that contain
50745:PeerAS
- Will advertise only to PeerAS all prefixes that contain both
50745:0
and50745:PeerAS
- Will NOT advertise to any peer all prefixes that contain only
50745:0
If more than one candidate exists for the same prefix, the route selection will take place as follows:
- The prefix with the shortest AS path will be selected
- The prefix with the best origin will be selected (IGP->EGP->incomplete)
- For prefixes of the same Peer (same first AS in the AS-PATH), the prefix with the lower MED will be selected (no MED=0)
- The older (more stable) prefix will be selected
Note: As different prefixes may be eligible to be advertised to different peers, different best candidates for the same prefix may be advertised to different members.
By default, the route servers will change MED in order to optimise routing (i.e, between two same prefixes of the same AS, the closer (in terms of switching hops) will be selected). This behavior can be overridden using the community 50745:65000
; in that case MED will be respected by the route server and will be preserved at the outgoing advertisements.
The route server will always preserve the AS-PATH and next-hop.
MD5 Authentication
The route servers support MD5 authentication of the BGP peerings. In order to enable authentication please contact our helpdesk
Update Schedule
The route servers are updated in a regular basis in order to reflect changes in the IRRDBs (eg new AS numbers within a macro, new prefixes originating from an AS) or changes within the members portal (eg new MD5 password, new macro etc). The update scedule for the route servers is different in order to minimize the propagation of errors. The update schedule is as follows:
- rs0: Every two hours, between 10.00 and 14.00 (local time), Monday to Friday
- rs1: Every two hours, between 12.00 and 16.00 (local time), Monday to Friday
- rs2: Every two hours, between 11.00 and 15.00 (local time), Monday to Friday
You can see the time of the last reconfiguration of each route server through the route server looking glass.
Debugging
Two debugging tools are offered:
- The route server looking glass where you can check the prefixes and their properties (as_path, communities, next-hop etc) in each of the routing tables of each route server
- A Route Server Prefix report tool that reports prefixes accepted, rejected and acceptable (but not announced) prefixes. This tool is available for members only through the GR-IX portal.