NTT MSC Sdn Bhd

ISP Readiness IPV6 Route Objects

An NTT Example

Teoh Kiat Jin

NTT MSC Sdn Bhd

Cyberjaya

NTT MSC Sdn Bhd

What is a Route Registry

http://en.wikipedia.org/wiki/Internet_Routing_Registry● Its a Database● Shares Route & Related Information● Mainly used by ISPs● Appropriate format for programming/configurating

routers

● Network Engineers from ISPs are Authorised to modify RPSL Objects

● Any Network Engineer or Public persons may query RR for related information

NTT MSC Sdn Bhd

Components● AS Number – Aut-Num / AS-Name / Inetnum

eg: whois AS10204 or AS2914

Aut-num: AS10204As-name: ARCNET-NTTMSC-MYDescr: Arcnet NTT MSC ISP

Aut-num: AS2914As-name: NTTC-GIN-ASDescr: NTT Communications Global IP Network

NTT MSC Sdn Bhd

Ipv4 Example:

● Eg. whois 203.115.224.0 / 129.250.50.0

Inetnum: 203.115.224.0 - 203.115.255.255Netname: ARCNETDescr: NTT MSC Arcnet ISP

NetRange: 129.250.0.0 - 129.250.255.255CIDR: 129.250.0.0/16NetName: NTTA-129-250NetHandle: NET-129-250-0-0-1….

OrgName: NTT America, Inc.OrgId: NTTAM-1Address: 8005 South Chester Street

NTT MSC Sdn Bhd

Ipv6 Example:

Eg. whois 2001:c18::/32 / 2401:3C00::/32

whois 2001:c18::/32Inet6num: 2001:0C18::/32Netname: ARCNET6-20020723Descr: Arcnet6 -NTT MSC Sdn. Bhd.

whois 2001:218::/32Inet6num: 2001:0218::/32Netname: NTT-JP-19990922Descr: NTT Communications Global IP Network

whois 2401:3c00::/32Inet6num: 2401:3C00::/32Netname: PACKETONE-AS-APDescr: Packet One Networks (Malaysia) SDN BHD

These are NOT RouteObjects!

NTT MSC Sdn Bhd

Route Objects (v4 & v6)

Record (Database Entry) of CIDR range which you'd like to advertise to your upstream.

whois -h rr.ntt.net 203.115.224.0/24Route: 203.115.224.0/24Descr: Arcnet NTT MSC ISPOrigin: AS10204

whois -h rr.ntt.net 203.115.224.0/18Route: 203.115.192.0/18Descr: Arcnet NTT MSC ISPOrigin: AS10204

Route Object areobtained fromRoute-Registry

NTT MSC Sdn Bhd

Route Objects (v4 & v6 cont)

whois -h rr.ntt.net 2001:0c18::/32Route6: 2001:c18::/32Descr: Proxy RO for Arcnet NTT MSC ISPOrigin: AS10204Source: NTTCOM

whois -h rr.ntt.net 2001:328::/32Route6: 2001:328::/32Descr: JARING MIMOS BHD MYOrigin: AS2042Notify: nic@jaring.myMnt-by: MAINT-AS2042Changed: zamzuri@jaring.my 20061213Source: RADB

Note: “Route6:” Objects

Note: “Origin”

NTT MSC Sdn Bhd

Why are Route Objects Important

When you do BGP with an ISP:● ISP needs to ensure your v4 & v6 blocks are

valid/correct● ISP needs to build filters/route-maps● Your AS-Number must be correct● The same applies to Your downstream and this

is achieved with an “AS-SET”

NTT MSC Sdn Bhd

What are AS-SETs

Its a “container” for downstream customers to include their “members” (with whom they do BGP with).

Example:

AS-2914 ↔ AS-00000 ↔ AS-1111 ↔ AS2222AS-SET AS-SET AS-SET AS-Num

● In this example, AS2222 does not have downstream customers, so they do not require an “AS-SET”

NTT MSC Sdn Bhd

This is what it looks like!whois -h rr.ntt.net as2914:as-asiaas-set: AS2914:AS-ASIAdescr: NTT Communications Global IP Network transit for Asian Customersmembers: AS2914, AS3949, AS-10099NTT, AS-10204, AS-17444-TRANSIT, AS-17666, AS-37997, AS-38322,

AS-45419, AS-4648-CUSTOMERS, AS-4788, AS-4818, AS-5713, AS-7552, AS-9381, AS-9513VERIO, AS-9908VERIO, AS-AKAMAI, AS-AMAZON, AS-BESTPATH, AS-CN2, AS-CTMTELEONE, AS-CWASIA, AS-DIYIXIAN, AS-DRUKNET, AS-DTN, AS-DYNINC, AS-EDGECAST, AS-EMIX, AS-GTLD, AS-HKBN, AS-HKNET, AS-HUTCHCITY, AS-IHENDERSON, AS-IXTECH-CUSTOMER, AS-KINX-TRANSIT, AS-LINKAGE, AS-LYNX, AS-MAGIX, AS-MICROSOFT, AS-NTTNETID, AS-OCN-ALL, AS-OPENDNS, AS-PLDT, AS-PNAPSYD001, AS-PROLE, AS-QTEL-SET, AS-SAMSUNGNETWORKS, AS-SET-10143EXETEL, AS-SET-GTI-PIP, AS-SINGNET, AS-SKYINTERNET, AS-SLTNET-TRANSIT, AS-SPT, AS-STARHUBINTERNET, AS-THIX, AS-TIG-GROUP, AS-TMHK, AS-TRIPLETNET, AS-UDOMAIN, AS-VDC, AS-VIPNETNTT, AS-VSNL-IN, AS-WHS-AP, AS17645:AS-NTTS-GIN, AS23649:AS-STANLEY-CUSTOMERS, AS23947:AS-GLOBAL, AS2914:AS-64600, AS2914:AS-64601, AS2914:AS-64602, AS2914:AS-64603, AS2914:AS-64604, AS2914:AS-64605, AS2914:AS-64606, AS2914:AS-64607, AS2914:AS-64696, AS2914:AS-64697, AS2914:AS-64951, AS2914:AS-65001, AS38040:AS-PEERS, AS38193:AS-PEERS, AS4641:AS-CUHK-TRANSIT, AS721:AS-JAPAN, AS7713:AS-TELKOM-TRANSIT, AS9498:AS-BHARTI-IN, AS4611, AS6447, AS9229, AS9420, AS9765, AS9808, AS10030, AS10031, AS10146, AS17924, AS23693, AS24334, AS29457, AS38757, AS38819, AS41625, AS45182, AS45422, AS45960, AS56180, AS-NHNadmin-c: NCGE-VRIOtech-c: NCGE-VRIOremarks: contacts per RFC2142:remarks: Abuse / UCE reports abuse@ntt.netremarks: Security issues security@ntt.netmnt-by: MAINT-NTTCOM-BBchanged: mivatury@us.ntt.net 20110419source: NTTCOM

AS-38322NB: AS-SET

AS_NumberIe, no downstreamcustomers

Mnt-By Account

NTT MSC Sdn Bhd

Who are “MEMBERS” of AS-38322?

whois -h rr.ntt.net as-38322As-set: AS-38322Descr: Packet-Hub 159 Jalan Templer,Members:AS38322, AS23678, AS45785, AS17736

What Route-Object have they registered?

Ipv4 Route-Objects:whois -h rr.ntt.net -i origin 38322 | grep 'route:'route: 120.139.0.0/16route: 120.140.0.0/15route: 122.255.96.0/19route: 120.140.0.0/18route: 120.140.64.0/20route: 120.140.80.0/20route: 120.141.16.0/20route: 120.140.128.0/17route: 120.141.128.0/17route: 120.141.0.0/19route: 120.141.32.0/20

IPV6 Route-Objects:

whois -h rr.ntt.net -i origin 38322 | grep 'route6:'route6: 2401:3C00::/32

Note: “Members”

NTT MSC Sdn Bhd

Putting it All TogetherYou will need:

● Inetnum | Inet6num

● AS-Number

● An Account (MNTNER) on a Route Registry

● An AS-SET provided by the RR

(in some cases you may need to apply for it)

● Route Objects ipv4 & ipv6 will need to be created

● Your ISP will place it under their AS-Set Tree

● Once this is done, and depending on how your ISP behaves, BGP Filters / Routes Maps will be build accordingly.

NTT MSC Sdn Bhd

AS2914 AS00000AS1111 AS2222

ASXXXX

as-set: AS2914:AS-ASIAdescr: NTT … Asian Cumembers: AS2914, AS3949, AS-00000, ASXXXX, ...

As-set: AS-00000Descr: I am AS00000members: AS00000,members: AS-1111members: ASXXXX

as-set: AS-1111descr: I am AS1111members: AS1111,members: AS2222

AS2914

RR APNICRR RADBRR NTT

Route Objects v4 & v6 Exchange/Mirrored

DailyLoads

Daily Loads

NTT MSC Sdn Bhd

Question?● How to create Route Objects v4 & v6?● If Route Objects are created, how long will it

take for the ISPs BGP Filters to build?● What if my Route Objects are on third party

Route Registries?● Can my Route Objects / AS-SET & Members be

made private?● What does it mean when it is Proxy-

Registered?● Are there Best Practices?