• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Main Menu

Read only BGP feed?

Started by thule, March 24, 2011, 08:18:49 PM

Previous topic - Next topic

thule

I am in a fiber wired building and the ISP is offering a IPv6 test/early adopter program. I have noticed that there is a lot of discussion with missing routes in many IPv6 BGP tables. Is there a way that I can a HE tunnel to supplement the IPv6 dual stack service that I will be getting from the building's ISP? Is there a way to combine the default route with the local ISP with HE's additional routes? I have never used BGP, so I am not even sure what I am asking is possible. Tunnelbroker appears to only offer BGP if I already have an AS. Since I don't, is there another way to supplement the routing table?

I have some room to experiment since IPv6 is not critical to the company.

broquea

If you want to see what routes we carry, you can telnet to route-server.he.net

Otherwise the BGP tunnels are for networks to announce their IPv6 address space when they can't do that natively. So you'd need your own ASN and IPv6 allocation.

thule

Quote from: broquea on March 24, 2011, 09:09:55 PM
If you want to see what routes we carry, you can telnet to route-server.he.net

Otherwise the BGP tunnels are for networks to announce their IPv6 address space when they can't do that natively. So you'd need your own ASN and IPv6 allocation.

I suppose what I should have asked is if there is a way to pull down HE routes and automatically add them to my router. It seemed that BGP would be one way to do that, but I was just speculating.

Can routes be downloaded in a way that is easy to parse (SNMP, XML, etc)? Once the list is easy to parse then I could upload them to my router.

BTW, thank you HE for the awesome IPv6 work!

mleber


What facility (facility name, city, and country) is your router in?

cconn

First you might want to check if your ISP has relatively full reachability with the IPv6 network.  In theory he would strive to peer with many v6 capable transit providers in order to offer reachability to the entire network.  It is pointless to offer IPv6 to end-users if you do not.

Quick test, if you can reach www.cogentco.com as well as www.tunnelbroker.net over IPv6, you likely have a total reachibility via your ISP.

If not, I only can think of one way to supplement your service;

ask your ISP if you can set up a private peering using an ASN in the private use range (64512-65534), and ask for a full view without a default route (filter it if necessary).  Set up a tunnel with HE, they won't let you use a private ASN as far as I know however you can point a default route to that tunnel.  So whatever routes are missing from your BGP view you can send traffic over to HE and hope it gets back to you :)

thule

Quote from: mleber on March 25, 2011, 02:35:38 AM

What facility (facility name, city, and country) is your router in?

Los Angeles (10 minutes from LAX), in an office building. The office building has been wired by Cogent. The install for our suite should happen in the next two weeks (just ordered it).

cconn

Quote from: thule on March 25, 2011, 12:24:54 PM
Quote from: mleber on March 25, 2011, 02:35:38 AM

What facility (facility name, city, and country) is your router in?

Los Angeles (10 minutes from LAX), in an office building. The office building has been wired by Cogent. The install for our suite should happen in the next two weeks (just ordered it).

so if your IPv6 connectivity is solely via Cogent (AS174), then you can definately rule out global reachability (and that includes www.tunnelbroker.(com|net), unfortunately for you...)

Here is our current prefix count:

Cogent: 3796
HE: 4785
Other ( ;)): 5020

not sure this is entirely up to date, but should be proportionally current;

http://en.wikipedia.org/wiki/Comparison_of_IPv6_support_by_major_transit_providers

thule

Quote from: cconn on March 25, 2011, 06:32:44 AM
First you might want to check if your ISP has relatively full reachability with the IPv6 network.  In theory he would strive to peer with many v6 capable transit providers in order to offer reachability to the entire network.  It is pointless to offer IPv6 to end-users if you do not.

Quick test, if you can reach www.cogentco.com as well as www.tunnelbroker.net over IPv6, you likely have a total reachibility via your ISP.

If not, I only can think of one way to supplement your service;

ask your ISP if you can set up a private peering using an ASN in the private use range (64512-65534), and ask for a full view without a default route (filter it if necessary).  Set up a tunnel with HE, they won't let you use a private ASN as far as I know however you can point a default route to that tunnel.  So whatever routes are missing from your BGP view you can send traffic over to HE and hope it gets back to you :)


From what I have been reading, there are very few, if any, ISP's that have "total reachibility." The recommendation, at this time, seems to be to get more than one ISP for serious IPv6. IPv6 for the company I work at is just for experimentation and learning, there is no reason to spend money on a second ISP. My theory was that I could combine the awesome work HE has been doing with the service that my ISP is giving me. That would give me a pseudo-dual ISP solution. The problem, of course, is how to load up the routing table? The ISP did ask if I wanted BGP for IPv6. Not knowing enough about BGP, I told them no. Another reply to my question states that I should ask for a private AS from my ISP which would allow me to populate the routes from them, then set HE to the default IPv6 route. Seems logical. I will have to ask them if the is an option.

thule

Quote from: cconn on March 25, 2011, 12:49:46 PM
so if your IPv6 connectivity is solely via Cogent (AS174), then you can definately rule out global reachability (and that includes www.tunnelbroker.(com|net), unfortunately for you...)

Here is our current prefix count:

Cogent: 3796
HE: 4785
Other ( ;)): 5020

not sure this is entirely up to date, but should be proportionally current;

http://en.wikipedia.org/wiki/Comparison_of_IPv6_support_by_major_transit_providers

Yes, only from Cogent, thus the question about supplementing the routing table somehow. My theory is that I could create a pseudo dual IPv6 ISP by connecting to HE's services over a tunnel. It will be interesting to note the route the majority of the traffic traverses, the tunnel or native. Once the install is completed, I plan on graphing the traffic (what little there is).

cconn

Quote from: thule on March 25, 2011, 12:55:47 PM


From what I have been reading, there are very few, if any, ISP's that have "total reachibility." The recommendation, at this time, seems to be to get more than one ISP for serious IPv6. IPv6 for the company I work at is just for experimentation and learning, there is no reason to spend money on a second ISP. My theory was that I could combine the awesome work HE has been doing with the service that my ISP is giving me. That would give me a pseudo-dual ISP solution. The problem, of course, is how to load up the routing table? The ISP did ask if I wanted BGP for IPv6. Not knowing enough about BGP, I told them no. Another reply to my question states that I should ask for a private AS from my ISP which would allow me to populate the routes from them, then set HE to the default IPv6 route. Seems logical. I will have to ask them if the is an option.

perhaps you qualify for an ASN?  are you multihomed?  If you are peering directly with Cogent I doubt they would allow you to use a private ASN to do so.  And you are correct that HE has been doing a great service to the community, granted in order to position itself as _the_ tier-1 provider of IPv6 services, however it is doing it in what I consider to be a very open and arguably generous way.  Unfortunately I doubt you could use a private ASN with them either  :-\

If you are not using BGP with Cogent, then you will likely be in a scenario where you need to use a default route towards them; in this case, you will need a means to have a more specific route for the prefixes Cogent _doesn't_ have, and route that to your HE tunnel.

thule

Quote from: cconn on March 25, 2011, 01:35:44 PM

perhaps you qualify for an ASN?  are you multihomed?

No. We are replacing our 2BASE-TL Metro Ethernet service with Cogent's service. We really don't need multi-homed service.

Quote from: cconn on March 25, 2011, 01:35:44 PM
If you are peering directly with Cogent I doubt they would allow you to use a private ASN to do so.  And you are correct that HE has been doing a great service to the community, granted in order to position itself as _the_ tier-1 provider of IPv6 services, however it is doing it in what I consider to be a very open and arguably generous way.  Unfortunately I doubt you could use a private ASN with them either  :-\

If you are not using BGP with Cogent, then you will likely be in a scenario where you need to use a default route towards them; in this case, you will need a means to have a more specific route for the prefixes Cogent _doesn't_ have, and route that to your HE tunnel.

Yes, this is what I would like to do. Run real IPv6 and HE tunnel at the same time. But the question still comes back to loading in the routing table so the router knows when to send traffic over the HE tunnel. I need an easy way to parse Cogent's and HE"s tables and find missing routes and add them to a static table on my router.

Do you think it would help to open a ticket with Cogent anytime I hit up a site that will not connect via Cogent's IPv6 transit? I suspect I will probably be one of only two (three? four?) squeaky wheels out of all their customers. In addition to that, it is not even critical right now.

thule

Quote from: cconn on March 25, 2011, 01:35:44 PM

If you are not using BGP with Cogent, then you will likely be in a scenario where you need to use a default route towards them; in this case, you will need a means to have a more specific route for the prefixes Cogent _doesn't_ have, and route that to your HE tunnel.

The more I think about this, the more it appears that I will have to create some script to handle this. I will have to scoop off the routes of off HE's public list. Then try to ping the routers from the Cogent transit. If they fail, create a route to send the traffic over the tunnel. Again, this is all for fun and learning. Nothing critical.



thule

Quote from: thule on March 25, 2011, 09:58:23 PM

The more I think about this, the more it appears that I will have to create some script to handle this. I will have to scoop off the routes of off HE's public list. Then try to ping the routers from the Cogent transit. If they fail, create a route to send the traffic over the tunnel. Again, this is all for fun and learning. Nothing critical.


I just figured out a problem with my technique. I keep assuming I have NAT. With IPv6 I don't have NAT! I can't map destinations with the correct outgoing IP address. There would be no way to make sure the packet comes via the correct route. Instead the originating IP address would be routed via the broken path that I am trying to get around.