Route Server
A route server at MVIX redistributes BGP routes received from its BGP clients to other clients based on predefined policies. By peering with a route server, customers can streamline BGP sessions, reducing the number of individual sessions with each peer.
Name | ASN | IPv4 | IPv6 |
Route Server 1 | AS9446 | 103.55.161.1 | 2001:dec:c000::1 |
Route Server 2 | AS9446 | 103.55.161.2 | 2001:dec:c000::2 |
Incoming Prefixes Filtering:
- Bogons and Martians:
- Reject prefixes identified as Bogons.
- Prefix Length:
- For IPV4: Accept prefixes during /8 to /24 (inclusive).
- For IPV6: Accept prefixes during /19 to /48 (inclusive).
- Private ASN:
- Reject prefixes containing a private ASN in their AS_PATH.
- Default Route:
- Reject default route announcements.
- IXP Prefix:
- Verify that the prefix is authorized for announcement within IXP.
- BGP Next Hop Verification:
- Ensure that the BGP next hop attribute is the same as the source of the BGP peer address.
- BGP AS Verification:
- Verify that the leftmost AS of AS_PATH matches the BGP peer ASN.
Filtering Modes:
MVIX introduces multiple filtering modes for receiving prefixes from Route Servers:
- IRRDB and RPKI Filtering (Default):
- Route Servers apply both IRRDB and RPKI filtering.
- Prefixes must pass both IRRDB and RPKI checks.
- Default option for all route server clients.
- IRRDB Filtering:
- Route Servers apply IRRDB-based filtering.
- Prefixes valid in the Member’s pre-defined AS/AS-SET are announced.
- RPKI Filtering:
- Route Servers apply RPKI-based filtering, performing Route Origin Validation (ROV).
- Prefixes with VALID or UNKNOWN ROV status are announced.
- Prefixes with INVALID ROV status are rejected.
- No Filtering (Not Recommended.):
- Route Servers will not accept any request.
IRRDB-Based Filtering:
- Members define the AS-SET object (or AUT-NUM) to generate a list of ROUTE objects.
- BGPQ3 is used for generating the list from specific IRR sources.
RPKI-Based Filtering:
- MVIX has a local validated cache implemented by RPKI Relying Party (RP) software.
- Prefixes with VALID or UNKNOWN ROV status are tagged and announced.
- Prefixes with INVALID ROV status are rejected.
Refer to RFC6483 for definitions of VALID, UNKNOWN, and INVALID.
MVIX Route Servers are MANRS (Mutually Agreed Norms for Routing Security) compliant.