Anzeige
Route Visibility Tool by Team JRMP.pdf
28. Mar 2023•0 gefällt mir•469 Aufrufe
0 gefällt mir
Sei der Erste, dem dies gefällt
Mehr anzeigen
Aufrufe
Aufrufe insgesamt
0
Auf Slideshare
0
Aus Einbettungen
0
Anzahl der Einbettungen
0
Downloaden Sie, um offline zu lesen
Melden
Technologie
Route Visibility Tool by Team JRMP.pdf
APNICFolgen
APNICAnzeige
Anzeige
Anzeige
Recomendados
Initial Experiences Route Filtering at the Edge AS15169 by Arturo L. ServinMyNOG
InternetMappingAndVisualizationGroup5JinfuZhengAndLingLiu?? ?
Internet Measurement Tools & Their Usefulness by Gaurab Raj UpadhayaMyNOG
4th SDN Interest Group Seminar-Session 2-3(130313)NAIM Networks, Inc.
AusNOG 2022: Measuring RPKI use in BGPAPNIC
3 ip routing vrf lite - v2SagarR24
Route Visibility Tool by Team JRMP.pdf
- Route Visibility Tool Presented by Team JRMP Date: 27-02-2023
- Team Members ❑Jervic – Enterprise Field Resource Support (PH) ❑Russell – PNG University of Technology (PG) ❑Makito – Information Beam Co., Ltd. (KH) ❑Phyo – Information Beam Co., Ltd. (MM)
- Objectives of the Project ❑ Create Route Visibility Tool to query delegated resources for following goals: ✓ Check whether the address space has been advertised to global routing table ✓ If there is no exact match, sub-prefixes will be queried for further verification ✓ If there is no match totally, then the address space has not been advertised yet ❑Users of the tool: RIRs such as APNIC, ISPs, and Telecom Operators. ❑It is useful in verifying whether the delegated resources are actually being used.
- Resources for the Tool ❑Data sources: ✓ Resource delegation dataset from APNIC ✓ Global routing table ✓ Data from a MikroTik Router, which is set up for this project ❑Data is stored in MSSQL Server for the query. ✓ Resource Delegations ✓ BGP Prefixes
- ❑This tool can be useful for resource quality assurance. ❑Using this tool, we can verify routing status of the delegated address space. ✓ Fully advertised ✓ Partially advertised ✓ Not advertised ❑Later it can be upgraded to compare the “route” object in whois database for Route Origin Validation. Use case I: Resource Quality Assurance
- Use Case II: Routing Issue • Users were delegated an address space, but it is not properly advertised to be routable. • Operators can search by country code or prefix using our tool. • Team member Russell shared a real issue he faced in PNG: • PNGUoT (PNG University of Technology) was delegated an IPv4 address space • PNGUoT did not advertise the entire address space • PNGUoT would like to find out who is advertising the prefixes of their address space • This tool can help to quickly verify whether the prefixes are advertised, and if yes, by which origin AS
- Use Case III: Route Origin and AS_PATH Verification • Route origin is displayed in the output of this tool, the prefix can be verified which origin AS it is from. • AS_PATH is displayed in the output of this tool, ASes along the path that the prefix traversed can be known.
- Flow Chart How the Tool Works
- Algorithm Procedures 1. Start query by Address Family plus country code or specific prefix. 2. Search the Address Delegations table to find out which address space has been delegated. 3. Search the BGP Prefixes table to find out which prefixes are visible on the Internet. 4. If the visible prefix exactly matches the delegated address space, return OK. 5. If there is no exact match, but there are sub-prefixes of the delegated address space, which cannot cover the entire address space, return PARTIALLY OK. 6. If there is no exact match, but there are enough sub-prefixes to cover the entire delegated space, return OK. 7. If there is no match totally (no exact match, no sub-prefix), return NOT OK.
- Load Delegation Prefixes to SQL Database
- Load IPv4 Global Routing Table from MikroTik Router to SQL Database
- Load IPv6 Global Routing Table from MikroTik Router to SQL Database
- Query Fields and Output Display ❑Query Fields: ✓ Address Family ✓ Country Code or Prefixes ❑Output ✓ Status ✓ OK – The prefix is exactly matched between global routing table and resource delegation. Or no exact match, but sub-prefixes presented, and they can cover the entire address space ✓ PARTIALLY OK – Sub-prefixes presented in global routing table, but not fully covering the entire address space ✓ NOT OK – It is not advertised ✓ Origin AS and AS_PATH
- Tasks to Do ❑Setting up Microsoft SQL Server database. ❑Setting up the MikroTik Router. ❑Program functions for loading data from sources to the database. ❑ Prefix Delegations from APNIC ❑ BGP Prefixes from global routing table ❑Program functions for performing the comparison. ❑Application development with C#. • Thanks and appreciate the help from our team mentor and all team members ☺
- Further Development ❑Web GUI. ❑Route Origin Validation with “route” object and ROA data. ❑Integration with multiple routing platforms. ❑Currently we have done with MikroTik RouterOS only ❑Data source expansion: ❑Include Address Delegations data from other RIRs ❑Include BGP Prefixes data from other parties (everyone can participate)
- Lab Demonstrations Makito
- Launching the Tool JRMP.RVTOOL.CLI.exe command line help is shown in the photo. JRMP.RVTool.CLI.exe
- Search IPv4 by Country (OK, Exact Match) Search IPv4 address delegations and routes in PG (Papua New Guinea), show only results that are in OK State. JRMP.RVTool.CLI.exe /search-route /ipv4-by-country PG 1
- Search IPv4 by Country (OK, Sub-prefix Covered) Search IPv4 address delegations and routes in PG (Papua New Guinea), show only results that are lacking exact match and the entire delegation space is fully covered by its sub- prefixes (OK state). JRMP.RVTool.CLI.exe /search-route /ipv4-by-country PG 2
- Search IPv4 by Country (PARTIALLY OK) Search IPv4 address delegations and routes in PG (Papua New Guinea), show only results that are lacking exact match and the entire delegation space is not fully covered by its sub- prefixes (PARTIALLY OK state). JRMP.RVTool.CLI.exe /search-route /ipv4-by-country PG 3
- Search IPv4 by Country (NOT OK) Search IPv4 address delegations and routes in PG (Papua New Guinea), show only results that are in NOT OK state. JRMP.RVTool.CLI.exe /search-route /ipv4-by-country PG 4
- Search IPv4 by Prefix Search IPv4 address delegations and routes by specific prefix (202.1.32.0/19). JRMP.RVTool.CLI.exe /search-route /ipv4-by-prefix 202.1.32.0/19
- Search IPv6 by Country (OK, Exact Match) Search IPv6 address delegations and routes in PG (Papua New Guinea), show only results that are in OK State. JRMP.RVTool.CLI.exe /search-route /ipv6-by-country PG 1
- Search IPv6 by country (OK, Sub-prefix Covered) Search IPv6 address delegations and routes in PG (Papua New Guinea), show only results that are lacking exact match and the entire delegation space is fully covered by its sub- prefixes (OK state). JRMP.RVTool.CLI.exe /search-route /ipv6-by-country PG 2
- Search IPv6 by Country (PARTIALLY OK) Search IPv6 address delegations and routes in PG (Papua New Guinea), show only results that are lacking exact match and the entire delegation space is not fully covered by its sub- prefixes (PARTIALLY OK state). JRMP.RVTool.CLI.exe /search-route /ipv6-by-country PG 3
- Search IPv6 by Country (NOT OK) Search IPv6 address delegations and routes in PG (Papua New Guinea), show only results that are in NOT OK state. JRMP.RVTool.CLI.exe /search-route /ipv6-by-country PG 4
- Search IPv6 by Prefix Search IPv6 address delegations and routes by specific prefix (2404:b300::/32). JRMP.RVTool.CLI.exe /search-route /ipv6-by-prefix 2404:b300::/32
- Q & A Session
- Thanks for your attention ☺ Team JRMP
Anzeige