User Tools

Site Tools


Sidebar

how_route_lacnic_ipv4_block_with_oneprovider

You need have public IPv4 for the tunnel type in this howto. One server with BGP session options and talk to oneprovider to enable the option (it's not free, the price is on demand, here +50€/month).

Our ASN for the exemple is ASN 266671, announced route is: 45.225.75.0/24, oneprovider ASN is 61272

Here we use limited MTU to work over PPP (GPON)

PS: 00:22:4d:a4:3b:51 from I receive my trafic (MITAC INTERNATIONAL CORP.)

Please add a route object from your LACNIC account pointing your range to your ASN 266671.

/etc/bird/bird.conf
  router id 185.64.105.21;

protocol bgp ONEPROVIDER
{
    local as 266671;
    source address 185.64.105.21;
    import none;
    export all;
    graceful restart on;
    multihop 2;
    neighbor 185.64.105.1 as 61272;
}

protocol static
{
    route   45.225.75.0/24 via 185.64.105.21;
}

protocol device
{
    scan time 5;
}
should show
  bird> show proto all
  name     proto    table    state  since       info
  ONEPROVIDER BGP      master   up     14:14:14    Established
  Preference:     100
  Input filter:   REJECT
  Output filter:  ACCEPT
  Routes:         0 imported, 1 exported, 0 preferred
  Route change stats:     received   rejected   filtered    ignored   accepted
      Import updates:              2          0          2          0          0
      Import withdraws:            0          0        ---          2          0
      Export updates:              1          0          0        ---          1
      Export withdraws:            0        ---        ---        ---          0
  BGP state:          Established
      Neighbor address: 185.64.105.1
      Neighbor AS:      61272
      Neighbor ID:      91.216.163.254
      Neighbor caps:    refresh restart-aware AS4
      Session:          external multihop AS4
      Source address:   185.64.105.21
      Hold timer:       155/240
      Keepalive timer:  52/80
  
  static1  Static   master   up     14:13:47
  Preference:     200
  Input filter:   ACCEPT
  Output filter:  REJECT
  Routes:         1 imported, 0 exported, 1 preferred
  Route change stats:     received   rejected   filtered    ignored   accepted
      Import updates:              1          0          0          0          1
      Import withdraws:            0          0        ---          0          0
      Export updates:              0          0          0        ---          0
      Export withdraws:            0        ---        ---        ---          0
  
  device1  Device   master   up     14:13:47
  Preference:     240
  Input filter:   ACCEPT
  Output filter:  REJECT
  Routes:         0 imported, 0 exported, 0 preferred
/etc/network/interfaces
source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet static
        address 185.64.105.21/24
        gateway 185.64.105.1
        # dns-* options are implemented by the resolvconf package, if installed
        dns-nameservers 91.216.163.2 91.216.163.3
        dns-search op-net.com

#router gateway

auto eth0:0
iface eth0:0 inet static
address 45.225.75.1
netmask 255.255.255.255

## Ipv6 configuration
iface eth0 inet6 static
        address 2a04:2180:0:2::12b
        netmask 64
        gateway 2a04:2180:0:2::1
        dns-nameservers 2a04:2180::101:53 2a04:2180::102:53
Setup the tunnel from oneprovider to confiared
/sbin/modprobe ipip
/sbin/ip tu ad confiared mode ipip local 185.64.105.21 remote 190.186.245.10 ttl 64 dev eth0
/sbin/ip ad ad dev confiared 10.0.0.1 peer 45.225.75.2/32
/sbin/ip li se dev confiared up
/sbin/ip link set dev confiared mtu 1280
/bin/ping 45.225.75.2 &
/sbin/ip ro ad 45.225.75.0/24 via 45.225.75.2
service script
#! /bin/sh
### BEGIN INIT INFO
# Provides:         uptunnel
# Required-Start:    $remote_fs $time
# Required-Stop:     umountnfs $time
# X-Stop-After:      sendsigs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: up tunnel
# Description:       up tunnel
## END INIT INFO

#
# Author: BRULE Herman Jacques Roger <alpha_one_x86@first-world.info>
#

# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="up tunnel"
NAME=uptunnel

uptunnel=uptunnel
DAEMON=/root/up-tunnel.sh
PIDFILE=/var/run/uptunnel.pid

SCRIPTNAME=/etc/init.d/$NAME
# Define LSB log_* functions.
. /lib/lsb/init-functions

case "$1" in
  start)
        log_daemon_msg "Starting $DESC" "$uptunnel"
        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON

        ;;
  stop)
        log_daemon_msg "Stopping $DESC" "$uptunnel"
        start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --exec $DAEMON

        ;;
  restart|force-reload)
        $0 stop
        $0 start
        ;;
  try-restart)
        $0 status >/dev/null 2>&1 && $0 restart
        ;;
  status)
        status_of_proc -p $PIDFILE $DAEMON $uptunnel && exit 0 || exit $?
        ;;
  *)
        echo "Usage: $SCRIPTNAME {start|stop|rotate|restart|force-reload|try-restart|status}" >&2
        exit 3
        ;;
esac

:
Setup the tunnel from confiared to oneprovider

Add into /etc/iproute2/rt_tables: 200 confiared

/sbin/modprobe ipip
/bin/ip tu ad oneprovider mode ipip local 190.186.245.10 remote 185.64.105.21 ttl 64 dev eth0
/bin/ip ad ad dev oneprovider 45.225.75.2 peer 10.0.0.1/32
/bin/ip li se dev oneprovider up
/bin/ip link set dev oneprovider mtu 1280
/bin/ping 10.0.0.1 &
# real ISP
/bin/ip ro ad 185.64.105.21/32 via ISPIPv4Gateway
# return gateway
/bin/ip rule add from 45.225.75.0/24 table confiared
/bin/ip route add default via 10.0.0.1 dev oneprovider table confiared
/bin/ip route add 172.20.0.0/16 dev eth0 table confiared
Registring to RIPE

Create a RIPE NCC Access Account

Create a RIPE NCC Access Account: https://access.ripe.net/registration

Create your person/maintainer object in the RIPE Database

Create your person/maintainer object in the RIPE Database: https://apps.db.ripe.net/db-web-ui/#/webupdates/create/person/self ( please note that before you can create your person/maintainer pair you first need to login with your RIPE NCC Access account)

Create your autnum object

Create your autnum object: https://apps.db.ripe.net/db-web-ui/#/webupdates/create/RIPE/aut-num Please fill in the AS number you are going to use for the route object(s), an organisation name, and the nic-handle that you created in your person/maintainer object in the admin-c and the tech-c.

Create your route object

Create your route object: https://apps.db.ripe.net/db-web-ui/#/webupdates/create/RIPE/route Please fill in your prefix and the AS number and submit.

Your route object will now be visible in the RIPE Database.

Please note that we do not control routing configuration and do not have an active role in the configuration of the routers and BGP setting being used.

Entering Route object into the RIPE Database does not automatically mean those routes will be picked up by the providers/networks.

Some networks filter and configure their routers automatically using the RIPE Database Internet Routing registry (IRR). You will need to make sure your routing configuration is set up correctly.

how_route_lacnic_ipv4_block_with_oneprovider.txt · Last modified: 2018/05/22 23:58 by admin