maz
/
bgprtrmgr-templates
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
BGP Router Manager templates for Voneus core and aggregation infrastructure
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
24 Commits
1 Branch
0 Tags
91 KiB
Tree: ffc9cd009b
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ffc9cd009b'
${ noResults }
Marek Isalski ffc9cd009b ignore some of my own files 3 years ago
includes BCP38 3 years ago
.gitignore ignore some of my own files 3 years ago
README.md improve documentation 3 years ago
junos-v21-core-router.j2 refactor 3 years ago
routeros-v7-network-aggregation-router.j2 add MikroTik aggregation routers 3 years ago
routeros-v7-regional-aggregation-router.j2 add MikroTik aggregation routers 3 years ago

README.md

IPv4 Address Plan

Prefix Usage Routing
192.175.40.0/22 Customer /32 (was acquired from LonsdaleNet) Accept IPv4 /32 from Aggregation
185.149.208.0/22 Customer /32 (was acquired from LonsdaleNet) Accept IPv4 /32 from Aggregation
185.66.204.0/22 Customer /32 (was acquired from Fibre WiFi) Accept IPv4 /32 from Aggregation
149.255.168.0/21 Customer /32 (was acquired from Fibre WiFi) Accept IPv4 /32 from Aggregation
193.162.44.0/24 Core and Loopbacks Not announced to DFZ
172.22.0.0/16 Management Static
172.22.0.0/24 Infrastructure/Servers Static /32, via Wireguard
172.22.1.0/24 OOB/Management at TN2 Static /24, via Wireguard
172.22.2.0/24 OOB/Management at LD5 Static /24, via Wireguard
172.22.3.0/24 OOB/Management at MA1 Static /24, via Wireguard
172.22.4.0/24 OOB/Management at PUE Static /24, via Wireguard
100.64.0.0/10 RFC6598 CGNAT for customer access PPPoE/OSPF within agg network
169.254.0.0/16 Link-local addressing for linknets Used to establish BGP to Core

Core: Loopbacks and Linknets

Prefix Usage Routing
193.162.44.0/29 Core Loopbacks, including blackhole destination IS-IS; and to establish iBGP
193.162.44.8/29 Core Linknets IS-IS core adjacencies
193.162.44.16/28 reserved for future Core Linknets IS-IS core adjacencies
193.162.44.32/27 reserved for future Core Infrastructure reserved
193.162.44.64/26 reserved for future Core Infrastructure reserved
193.162.44.128/25 reserved for future Core Infrastructure reserved

Infrastructure Linknets to Aggregation Routers

Prefix Usage Routing
169.254.0.0/21 cr1.tn2 via NNC067 to aggregation routers BGP
169.254.64.0/21 cr1.ld5 via NNC068 to aggregation routers BGP
169.254.128.0/21 cr1.ma1 via NNC069 to aggregation routers BGP
169.254.192.0/21 cr1.pue via NNC070 to aggregation routers BGP

IPv6 Address Plan

Prefix Usage Routing
2a04:1840::/29 Business Static /48 (can de-agg to /52) Accept IPv6 /48-/52 from Aggregation
2a0b:8640::/29 Residential /56 (was acquired from Dyfed IT) Accept IPv6 /40-/48 from Aggregation
2a0d:a0c0::/29 Residential /56 (was acquired from LonsdaleNET) (will become like 2a0b:8640::/29 if required)
2a10:f0c0::/29 Core and Loopbacks (was acquired from FibreWiFi) Not announced to DFZ

Core: Loopbacks and Linknets

Prefix Usage Routing
2a10:f0c0:0000::/48 Core Linknets and Loopbacks Some subnets may BGP
2a10:f0c0:1000::/40 BGP-speaking Infrastructure Can speak BGP
2a10:f0c0:1001::/48 Infrastructure at TN2 Can speak BGP
2a10:f0c0:1002::/48 Infrastructure at LD5 Can speak BGP
2a10:f0c0:1003::/48 Infrastructure at MA1 Can speak BGP
2a10:f0c0:1004::/48 Infrastructure at PUE Can speak BGP

Infrastructure Linknets to Aggregation Routers

Prefix Usage Routing
2a10:f0c0:1001:0001:0067::/80 cr1.tn2 (1 from 193.162.44.1) via NNC067 to aggregation routers BGP
2a10:f0c0:1002:0002:0068::/80 cr1.ld5 (2 from 193.162.44.2) via NNC068 to aggregation routers BGP
2a10:f0c0:1003:0003:0069::/80 cr1.ma1 (3 from 193.162.44.3) via NNC069 to aggregation routers BGP
2a10:f0c0:1004:0004:0070::/80 cr1.pue (4 from 193.162.44.4) via NNC070 to aggregation routers BGP

Prefix scheme is 2a10:f0c0:10SS:CCCC:NNNN:YYYY:ZZZZ::/112 where:

  • SS = site
  • CCCC = Core router IPv6 loopback last 16 bits
  • NNNN = NNI number
  • YYYY = outer VLAN tag (VLAN tag ordered with Neos goes here)
  • ZZZZ = inner VLAN tag (if double-tagging for some future reason)

Addressing within the prefix is as follows:

  • ::CCCC/112 = Core router loopback last 16 bits (e.g. ::1/112 through ::4/112)
  • ::a001/112 = Aggregation router 1
  • ::a002/112 = Aggregation router 2 (...etc)

BGP Communities

59811:2 send to aggregation routers

Added to routes learned from peer ASNs that Voneus meets at 2 (or more) locations.

59811:666 announce for DDoS scrubbing

Accepted on /24 routes only, and will:

  • only work for routes where their aggregate could be announced to the DFZ
  • will force that /24 to be announced to (and only to) Voxility for DDoS scrubbing

65535:666 blackhole

This is accepted on IPv4 /32 routes and IPv6 /56 through /64, and will:

  • blackhole traffic within the core
  • announce to RTBH on ixs/upstreams/UTRS

59811:6500x learned through site

Added to routes learned from core sites. x is from:

  • 0 = all
  • 1 = TN2
  • 2 = LD5
  • 3 = MA1
  • 4 = PUE

650xy:zzzzz traffic engineering

Where x is from:

  • 0 = all
  • 1 = TN2
  • 2 = LD5
  • 3 = MA1
  • 4 = PUE

And y is from:

  • 0 = no-announce
  • 1 = prepend 1
  • 2 = prepend 2
  • 3 = prepend 3
  • 9 = no-export

And z is ASN:

  • 0 = any peer/upstream/downstream
  • 1299 = Arelion
  • 2914 = NTT
  • 3223 = Voxility (NB see also 59811:666)
  • 6762 = TISparkle
  • 65511 = Tampnet (would be 200781)
  • 65521 = LON1
  • 65522 = LON2
  • 65523 = LINX Manchester
  • 65524 = LINX Scotland
  • 65525 = LONAP

BGP Local Preferences

Transit

  • 100 => transit (de-pref)
  • 200 => transit
  • 300 => transit (up-pref)

Peering

  • 400 => peering (de-pref) - default for IX route-servers
  • 500 => peering - default for direct sessions over IX
  • 600 => peering (up-pref) - default for PNI

Customer

  • 700 => downstream (de-pref)
  • 800 => downstream
  • 900 => downstream (up-pref)