On Tue, Nov 30, 2010 at 09:34:25AM -0600, James Montz wrote:
We are a new Internet Exchange in Minneapolis, MN, USA. Currently evaluating BIRD as our route server.
Basic config working in lab with both IPv4 & IPv6 daemon.
Would like to see another IX's configuration to see how they are handling filtering, sessions, convention, etc.
Hello, We have one configuration issue in our IXP that can be interesting for those who use BIRD as route server. Some days ago our IXP received a connection request from customer with 32bit ASN. We use the same BGP policy as many other IXes do: 0:XXXXX - Do not announce route to peer XXXXX 0:MyASN - Do not announce route to all peers MyASN:XXXXX - Announce route to peer XXXXX only MyASN:MyASN - Announce routes to all peers. This community is automatically added to all routes that are not tagged with any of MyASN:XXXXX communities. We had no customers with 32bit ASNs before and that request made us a bit confused: we're using BIRD as route-server and it does not support BGP extended communities. And now we're wondering how to include support for 32bit ASNs into such policy? The idea is to store high 16 bits and low 16 bits of ASN separately in two communities, for example: 65000:0x0003, 0:0x02D7 - Do not announce prefix to peer with ASN 0x000302D7 Then put a check of 65000:* in filter. The function below implements described policy. In addition, it marks outgoing prefixes from route-server in the same way. function bgp_out (int peer_as) int asn_h; int asn_l; int t; { # # Announce only BGP routes # if ! (source = RTS_BGP ) then return false; # # Do not advertise route with 0:MyASN community # if (0,MyASN) ~ bgp_community then return false; # # Check for 32-bit ASN # if peer_as > 65535 then { # Get high 16 bits of Peer's ASN asn_h = peer_as/65536; # Get low 16 bits of Peer's ASN asn_l = peer_as-asn_h*65536; # Do not advertise route with [ 65000:asn_h, 0:asn_l ] communities if ( (65000,asn_h) ~ bgp_community && (0,asn_l) ~ bgp_community) then return false; # Advertise a route with [ 65000:asn_h, MyASN:asn_l ] communities or with MyASN:MyASN community if ( ( (65000,asn_h) ~ bgp_community && (MyASN,asn_l) ~ bgp_community) || (MyASN,MyASN) ~ bgp_community ) then { bgp_community.delete([ (0,0)..(65535,65535) ]); if bgp_path.first > 65535 then { # Bug (?) Workarond. # bgp_community.add((MyASN,bgp_path.first-bgp_path.first/65536*65536)); - does not work t = bgp_path.first/65536; bgp_community.add((65000,t)); t = t * 65536; bgp_community.add((MyASN,bgp_path.first-t)); } else bgp_community.add((MyASN,bgp_path.first)); return true; } return false; # We should never reach this... } else { if ((MyASN,peer_as) ~ bgp_community || (MyASN,MyASN) ~ bgp_community) then { bgp_community.delete([ (0,0)..(65535,65535) ]); if bgp_path.first > 65535 then { # Bug (?) Workarond. # bgp_community.add((MyASN,bgp_path.first-bgp_path.first/65536*65536)); - does not work t = bgp_path.first/65536; bgp_community.add((65000,t)); t = t * 65536; bgp_community.add((MyASN,bgp_path.first-t)); } else bgp_community.add((MyASN,bgp_path.first)); return true; } else return false; } # Do not advertise route in any another cases return false; } Comments, optimizations are heartily appreciated! -- MINO-RIPE