Route Server

A route server at MVIX redistributes BGP routes received from its BGP clients to other clients based on predefined policies. By peering with a route server, customers can streamline BGP sessions, reducing the number of individual sessions with each peer.

Route Server 1AS9446103.55.161.12001:dec:c000::1
Route Server 2AS9446103.55.161.22001:dec:c000::2

Incoming Prefixes Filtering:

  1. Bogons and Martians:
    • Reject prefixes identified as Bogons.
  2. Prefix Length:
    • For IPV4: Accept prefixes during /8 to /24 (inclusive).
    • For IPV6: Accept prefixes during /19 to /48 (inclusive).
  3. Private ASN:
    • Reject prefixes containing a private ASN in their AS_PATH.
  4. Default Route:
    • Reject default route announcements.
  5. IXP Prefix:
    • Verify that the prefix is authorized for announcement within IXP.
  6. BGP Next Hop Verification:
    • Ensure that the BGP next hop attribute is the same as the source of the BGP peer address.
  7. BGP AS Verification:
    • Verify that the leftmost AS of AS_PATH matches the BGP peer ASN.

Filtering Modes:

MVIX introduces multiple filtering modes for receiving prefixes from Route Servers:

  1. IRRDB and RPKI Filtering (Default):
    • Route Servers apply both IRRDB and RPKI filtering.
    • Prefixes must pass both IRRDB and RPKI checks.
    • Default option for all route server clients.
  2. IRRDB Filtering:
    • Route Servers apply IRRDB-based filtering.
    • Prefixes valid in the Member’s pre-defined AS/AS-SET are announced.
  3. RPKI Filtering:
    • Route Servers apply RPKI-based filtering, performing Route Origin Validation (ROV).
    • Prefixes with VALID or UNKNOWN ROV status are announced.
    • Prefixes with INVALID ROV status are rejected.
  4. No Filtering (Not Recommended.):
    • Route Servers will not accept any request.

IRRDB-Based Filtering:

  • Members define the AS-SET object (or AUT-NUM) to generate a list of ROUTE objects.
  • BGPQ3 is used for generating the list from specific IRR sources.

RPKI-Based Filtering:

  • MVIX has a local validated cache implemented by RPKI Relying Party (RP) software.
  • Prefixes with VALID or UNKNOWN ROV status are tagged and announced.
  • Prefixes with INVALID ROV status are rejected.

Refer to RFC6483 for definitions of VALID, UNKNOWN, and INVALID.