Using RPSL in Practice

Using RPSL in Practice Chun Zhang Nov 2, 2000 ECE 697F: Special Topics - Internet Routing

Introduction • Terminology • How to specify routing policies? • How to analyze routing policies?

Terminology - RPSL • Routing Policy Specification Language RIPE181 - RFC 1786 (March 1995) RPSL - RFC 2280 (June 1999) Specify much wider range routing policy

Terminology - IRR • Internet Routing Registry • Repository of routing policies

Terminology - IRR (Cont.) Evolution Of IRR • 1995, Originally 5 databases CA*NET (now Bell Canada) [Canada] RADB, CW, ANS(now UUnet) [US] RIPE [Europe] • Now, more than two dozen databases

Routes Routes Criteria Filters

Filters Type • Destination address-prefix • {128.9.0.0/16, 128.8.0.0/16} • AS2 == {128.9.0.0/16, 128.8.0.0/16} • AS-FOO == {AS1, AS2, AS3} AS2 128.9.0.0/16 128.8.0.0/16

Filters Type • AS Path ?? What does this mean ?? • <^AS1.*AS2$> • <^AS1[AS2 AS3 AS4] *$>

AS Path Regular Expressions • ^ matches empty string at the beginning of AS path • . match any AS number • $ matches the empty string at the end of an AS path • […] matches any element in the AS set

A A A AS Path Regular Expressions • Zero or more occurrences A* • One or more occurrences A+ • Zero or one occurrences A?

A B A B AS Path Regular Expressions • Binary concatenation operator: • Example : AB • Binary alternative (or) operator: | • Example : A|B

AS1 AS2 End Start A2 AS1 A3 Start End A4 Regular Expressions Examples • <^AS1.*AS2$> • <^AS1[AS2 AS3 AS4] *$>

4-byte integer AS3 AS1 AS2 4-byte integer 4-byte integer 100 100 100 4-byte integer 4-byte integer 4-byte integer Filters Type • Other routes attributes Example : Community attributes Optional transitive attribute of variable length (a list of 4-byte integers)

Autonomous system object Aut-num: AS2 as-name: CAT-NET descr: Catatonic State University import: from AS1 accept ANY export: to AS3 announce ANY admin-c: AO36-RIPE tech-c: CO19-RIPE mnt-by: OPS4-RIPE changed: orange@ripe.net source: RIPE

AS1 AS2 AS3 peer customer Specify Policy in RPSL(I) Common Peering Policies Aut-num: AS2 import: from AS1 accept ANY import: from AS3 accept <^AS3+$> export: to AS3 announce ANY export: to AS1 announce AS2, AS3

AS1 AS2 AS3 AS2 peer AS2 customer AS4 Another AS2 customer Specify Policy in RPSL(II) ISP Customer - Transit Provider Policies Aut-num: AS2 import: from AS1 accept ANY import: from AS3 accept <^AS3+$> import: from AS4 accept <^AS4+$> export: to AS3 announce ANY export: to AS4 announce ANY export: to AS1 announce AS2, AS3, AS4

Specify Policy in RPSL(II) Using as-set object for simplification as-set: AS2:AS-CUSTOMERS members: AS3 AS4 Aut-num: AS2 import: from AS1 accept ANY import: from AS2:AS-CUSTOMERS accept <^AS2:AS-CUSTOMERS+$> export: to AS2:AS-CUSTOMERS announce ANY export: to AS1 announce AS2 AS2:AS-CUSTOMERS

Specify Policy in RPSL(II) Using route-set object for simplification Aut-num: AS2 import: from AS1 accept ANY import: from AS3 accept {7.7.0.0/16^16-19} import: from AS4 accept {7.8.0.0/16^16-18} export: to AS2:AS-CUSTOMERS announce ANY export: to AS1 announce AS2, AS2:AS-CUSTOMERS

Specify Policy in RPSL(II) Using route-set object for simplification route-set: AS2:RS-ROUTES:AS3 members: {7.7.0.0/16^16-19} route-set: AS2:RS-ROUTES:AS4 members: {7.8.0.0/16^16-18}

Specify Policy in RPSL(II) Using route-set object for simplification Aut-num: AS2 import: from AS1 accept ANY import: from AS3 accept AS2:RS-ROUTES:AS3 import: from AS4 accept AS2:RS-ROUTES:AS4 export: to AS2:AS-CUSTOMERS announce ANY export: to AS1 announce AS2, AS2:AS-CUSTOMERS

Specify Policy in RPSL(II) Using route-set object for simplification Aut-num: AS2 import: from AS1 accept ANY import: from AS3 accept AS2:RS-ROUTES:PeerAS import: from AS4 accept AS2:RS-ROUTES:PeerAS export: to AS2:AS-CUSTOMERS announce ANY export: to AS1 announce AS2, AS2:AS-CUSTOMERS

Specify Policy in RPSL(II) Using route-set object for simplification Aut-num: AS2 import: from AS1 accept ANY import: from AS2:AS-CUSTOMERS accept AS2:RS-ROUTES:PeerAS export: to AS2:AS-CUSTOMERS announce ANY export: to AS1 announce AS2, AS2:AS-CUSTOMERS

AS1 AS2 7.7.7.1 7.7.7.2 7.7.7.3 Specify Policy in RPSL(III) Including Interfaces in Peering Definitions aut-num: AS1 import: from AS2 7.7.7.2 at 7.7.7.1 accept <^AS2+$>

AS1 AS2 7.7.7.1 7.7.7.2 7.7.7.3 Specify Policy in RPSL(IV) Describing Simple Backup Connections aut-num: AS1 import: from AS2 7.7.7.2 at 7.7.7.1 action pref=10; from AS2 7.7.7.3 at 7.7.7.1 action pref=20; accept <^AS2+$> higher the number, lower the preference !!! aut-num: AS2 export: to AS1 7.7.7.1 at 7.7.7.2 action med=10; to AS1 7.7.7.1 at 7.7.7.3 action med=20; announce <^AS2+$>

I AS2 AS1 AS4 II AS3 Specify Policy in RPSL(V) Multi-home Routing Policies using the community Attribute aut-num:AS1 import: from AS2 accept (AS2 OR AS4) and <ÂS2+ AS4*$> import: from AS3 accept (AS3 OR AS4) and <ÂS3+ AS4*$> import: from AS5 accept AS5 and <ÂS5+$> ??? How AS4 signal AS1 to select path I/II ??? Solution: Using route community attributes

Specify Policy in RPSL(V) Multi-home Routing Policies using the community Attribute • AS1: I prefer the path where community attribute = C • AS4: Ok! Let me set my favorite path’s community attribute = C • AS1: Yes! Attribute = C I am working as you like!

AS1: I prefer where community=C Aut-num: AS1 import: from AS2 action pref=10; accept (AS2 OR AS4) AND <ÂS2+AS4*$> AND commnuity.contains(1:1) import: from AS2 action pref=0; accept(AS2 OR AS4) AND <ÂS2+AS4*$> import: from AS3 action pref=10; accept (AS3 OR AS4) AND <ÂS2+AS4*$> AND commnuity.contains(1:1) import: from AS3 action pref=0; accept(AS3 OR AS4) AND <ÂS2+AS4*$>

AS1: I prefer where community=C Using refine for simplification Aut-num: AS1 import: { from AS-ANY action pref=10; accept community.contains(1:1); from AS-ANY action pref=0; accept ANY; } refine { from AS2 accept (AS2 OR AS4) AND <^AS2+AS4*$> ; from AS3 accept (AS3 OR AS4) AND <^AS3+AS4*$> ; }

AS4: Let me set my favorite Aut-num: AS4 export: to AS2 action community.append(1:1); announce AS4 export: to AS3 announce AS4

RAToolSet (Version 4) • router Configuration tools (RtConfig) • paths analysis tools (prpath and prtraceroute) • edit, compare,validate and register RPSL objects (roe, aoe and prcheck) Autonomous system Object Editor

Using RtConfig • Generating router configuration from RPSL • Steps • register policy in an IRR • building a RtConfig source file • create vendor specific router configuration by the source file and policy in IRR (support cisco,juniper, gated, bay/nortel)

Using RtConfig AS2914 AS3701 198.32.162.6 198.32.162.2 198.32.162.1 128.223.0.0/16 AS3582

Sample RtConfig Source File Router bgp 3582 network 128.223.0.0 ! ! Start with access-list 100 ! @RtConfig set cisco_access_list_no = 100 ! NERO neighbor 192.32.162.2 remote-as 3701 @RtConfig set cisco_map_name = “AS3701-EXPORT” @RtConfig export AS3582 198.32.162.1 AS 3701 198.32.162.2 @RtConfig set cisco_map_name = “AS3701-IMPORT” @RtConfig import AS3582 198.32.162.1 AS3701 198.32.162.2 ! ! WNA/VERIO neighbor 198.32.162.6 remote-as 2914 @RtConfig set cisco_map_name = “AS2914-EXPORT” @RtConfig export AS3582 198.32.162.1 AS2914 198.32.162.6 @RtConfig set cisco_map_name = “AS2914-IMPORT” @RtConfig import AS3582 198.32.162.1 AS2914 198.32.162.6

Router Configuration File router bgp 3582 network 128.223.0.0 ! ! NERO neighbor 193.32.162.2 remote-as 3701 no access-list 100 access-list 100 permit ip 128.223.0.0 0.0.0.0 255.255.0.0 0.0.0.0 access-list 100 deny deny ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 ! no route-map AS3701-EXPORT route-map AS3701-EXPORT permit 1 match ip address 100 ! Router bgp 3582 neighbor 198.32.162.2 route-map AS3701-EXPORT out ! No route-map AS3701-IMPORT route-map AS3701-IMPORT permit 1 set local-preference 1000 ! Router bgp 3582

Router Configuration File neighbor 198.32.162.2 route-map AS3701-IMPORT in ! ! WNA/VERIO neighbor 198.32.162.6 remote-as 2914 ! No route-map AS 2914-EXPORT route-map AS2914-EXPORT permit 1 match ip address 100 ! Router bgp 3582 neighbor 198.32.162.6 route-map AS2914-EXPORT out no ip as-path access-list 100 ip as-path access-list 100 permit ^_2914((_[0_9]+))*_ \ (13|22|97|132|175|668|1914|2905|2914|3361|3381|3791|3937| \ 4178|4354|4571|4674|4683|5091|5303|5798|5855|5856|5881|6083 \ |6188|6971|7790|7951|8028))?$ ! No route-map AS2914-IMPORT route-map AS2914_IMPORT permit 1 match as-path 100 set local-preference 998

Thanks !

Using RPSL in Practice

Using RPSL in Practice

Presentation Transcript

Using genetic markers in clinical practice

Transform Your Practice Using Captives

Using Representations of Practice in Teacher Education

Using USPSTF Recommendations in VHA Clinical Practice

RPSL: Police’ing’ the Net

Using Interest-Based Strategies In Practice

Practice using the Frames .

Individualizing Fluency Practice Using Technology

Using the Guidelines in Your Weight Management Practice

Using Data to Change Practice

Using core exercises in pre practice warm-up

Using USPSTF Recommendations in VHA Clinical Practice

Using blogs to support reflective practice in HCI

Using evidence in practice

Using a Statewide Website in Your Practice

Exemple de déclaration des objets RPSL

Methodological aspects using criminalistics methods in practice.

Using Information in Practice

RPSL - Practical Tool for ISPs?

Using Netvibes and Yahoo! Pipes in practice

Diagnosis: using tests in practice

Using the Guidelines in Your Weight Management Practice