User Tools

Site Tools



You need have public IPv4 for the tunnel type in this howto. One server with BGP session options and talk to oneprovider to enable the option (it's not free, the price is on demand, here +50€/month).

Our ASN for the exemple is ASN 266671, announced route is:, oneprovider ASN is 61272

Here we use limited MTU to work over PPP (GPON)

PS: 00:22:4d:a4:3b:51 from I receive my trafic (MITAC INTERNATIONAL CORP.)

Please add a route object from your LACNIC account pointing your range to your ASN 266671.

  router id;

protocol bgp ONEPROVIDER
    local as 266671;
    source address;
    import none;
    export all;
    graceful restart on;
    multihop 2;
    neighbor as 61272;

protocol static
    route via;

protocol device
    scan time 5;
should show
  bird> show proto all
  name     proto    table    state  since       info
  ONEPROVIDER BGP      master   up     14:14:14    Established
  Preference:     100
  Input filter:   REJECT
  Output filter:  ACCEPT
  Routes:         0 imported, 1 exported, 0 preferred
  Route change stats:     received   rejected   filtered    ignored   accepted
      Import updates:              2          0          2          0          0
      Import withdraws:            0          0        ---          2          0
      Export updates:              1          0          0        ---          1
      Export withdraws:            0        ---        ---        ---          0
  BGP state:          Established
      Neighbor address:
      Neighbor AS:      61272
      Neighbor ID:
      Neighbor caps:    refresh restart-aware AS4
      Session:          external multihop AS4
      Source address:
      Hold timer:       155/240
      Keepalive timer:  52/80
  static1  Static   master   up     14:13:47
  Preference:     200
  Input filter:   ACCEPT
  Output filter:  REJECT
  Routes:         1 imported, 0 exported, 1 preferred
  Route change stats:     received   rejected   filtered    ignored   accepted
      Import updates:              1          0          0          0          1
      Import withdraws:            0          0        ---          0          0
      Export updates:              0          0          0        ---          0
      Export withdraws:            0        ---        ---        ---          0
  device1  Device   master   up     14:13:47
  Preference:     240
  Input filter:   ACCEPT
  Output filter:  REJECT
  Routes:         0 imported, 0 exported, 0 preferred
source /etc/network/interfaces.d/*

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
allow-hotplug eth0
iface eth0 inet static
        # dns-* options are implemented by the resolvconf package, if installed

#router gateway

auto eth0:0
iface eth0:0 inet static

## Ipv6 configuration
iface eth0 inet6 static
        address 2a04:2180:0:2::12b
        netmask 64
        gateway 2a04:2180:0:2::1
        dns-nameservers 2a04:2180::101:53 2a04:2180::102:53
Setup the tunnel from oneprovider to confiared
/sbin/modprobe ipip
/sbin/ip tu ad confiared mode ipip local remote ttl 64 dev eth0
/sbin/ip ad ad dev confiared peer
/sbin/ip li se dev confiared up
/sbin/ip link set dev confiared mtu 1280
/bin/ping &
/sbin/ip ro ad via
service script
#! /bin/sh
# Provides:         uptunnel
# Required-Start:    $remote_fs $time
# Required-Stop:     umountnfs $time
# X-Stop-After:      sendsigs
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: up tunnel
# Description:       up tunnel

# Author: BRULE Herman Jacques Roger <>

# PATH should only include /usr/* if it runs after the script
DESC="up tunnel"


# Define LSB log_* functions.
. /lib/lsb/init-functions

case "$1" in
        log_daemon_msg "Starting $DESC" "$uptunnel"
        start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON

        log_daemon_msg "Stopping $DESC" "$uptunnel"
        start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --exec $DAEMON

        $0 stop
        $0 start
        $0 status >/dev/null 2>&1 && $0 restart
        status_of_proc -p $PIDFILE $DAEMON $uptunnel && exit 0 || exit $?
        echo "Usage: $SCRIPTNAME {start|stop|rotate|restart|force-reload|try-restart|status}" >&2
        exit 3

Setup the tunnel from confiared to oneprovider

Add into /etc/iproute2/rt_tables: 200 confiared

/sbin/modprobe ipip
/bin/ip tu ad oneprovider mode ipip local remote ttl 64 dev eth0
/bin/ip ad ad dev oneprovider peer
/bin/ip li se dev oneprovider up
/bin/ip link set dev oneprovider mtu 1280
/bin/ping &
# real ISP
/bin/ip ro ad via ISPIPv4Gateway
# return gateway
/bin/ip rule add from table confiared
/bin/ip route add default via dev oneprovider table confiared
/bin/ip route add dev eth0 table confiared
Registring to RIPE

Create a RIPE NCC Access Account

Create a RIPE NCC Access Account:

Create your person/maintainer object in the RIPE Database

Create your person/maintainer object in the RIPE Database: ( please note that before you can create your person/maintainer pair you first need to login with your RIPE NCC Access account)

Create your autnum object

Create your autnum object: Please fill in the AS number you are going to use for the route object(s), an organisation name, and the nic-handle that you created in your person/maintainer object in the admin-c and the tech-c.

Create your route object

Create your route object: Please fill in your prefix and the AS number and submit.

Your route object will now be visible in the RIPE Database.

Please note that we do not control routing configuration and do not have an active role in the configuration of the routers and BGP setting being used.

Entering Route object into the RIPE Database does not automatically mean those routes will be picked up by the providers/networks.

Some networks filter and configure their routers automatically using the RIPE Database Internet Routing registry (IRR). You will need to make sure your routing configuration is set up correctly.

how_route_lacnic_ipv4_block_with_oneprovider.txt · Last modified: 2018/05/22 23:58 by admin