Route servers (aka RS) are servers with which members can establish BGP sessions in order to centralize routes and reduce network management.
A route server is not a router. There is no data going through the RS, it is only used to aggregate BGP information. For example, even if two members only establish BGP sessions with the RS, they will be able to exchange routing information through the RS, but the data will flow directly between their routers, because they are on the same LAN.
As you can this on this diagram, Control-plan and Data-plane are different.
The main benefits for peers connecting to RS are:
This “One session to rule them all” approach can make you save a lot of time!
Please keep in mind that some networks prefer to establish directly bilateral BGP peering and may not use the RS. RS adoption by France-IX members is indicated in France-IX members list. Alternatively you would need to send each network a peering request to their peering contact email.
France-IX RS have the following features:
By default, when advertising a route to a RS, every member receives this route. Alternatively, a member can choose to announce (or not) this route to selected members using BGP communities:
0:peer-as = Don't send route to this peer as 51706:peer-as = Send route to this peer as 0:51706 = Don't send route to any peer 51706:51706 = Send route to all peers
Additional information are available on our RIPE object:
whois -h whois.ripe.net as51706
In order to mitigate some fat (and “thin”) fingers errors, France-IX RS perform the following checks:
Any non compliant route is rejected.
In order to help our members fighting against DDoS (Distributed Denial of Service) attacks, a BLACKHOLING service is available. This service allows members to advertise routes with specific BGP communities in order to block malicious traffic.
The blackholing service is detailed here : FRANCE-IX BLACKHOLING
Please note that any route tagged with the BLACKHOLING community but non compliant the IRR check is rejected (see below).
There are several IRRs (Internet Routing Registries) managed by RIRs (Regional Internet Registries) and external entities, to register allocated IP ranges. In addition, there is also an RPKI infrastructure allowing Internet networks to check the origin of the routes announcements with ROAs (Route Origin Authorization).
ROA definition and prefixes registration are explained on the RIPE page of ressource management and certification.
France-IX route servers are tagging routes with BGP communities depending on their IRR and RPKI/ROA validation status. We are using several IRR in addition to the RIPE database and a local instance of the RIPE RPKI validator to ensure accurate data.
No action is taken to drop routes on the route servers. This allows members to easily filter routes based on theses communities and take whatever action they think being the best for their network.
Here are the communities we use to tag routes:
51706:65012 = Prefix has ROA status: VALID 51706:65022 = Prefix has ROA status: INVALID 51706:65023 = Prefix has ROA status: UNKNOWN 51706:65011 = Prefix is present in an AS's announced AS/AS-SET 51706:65021 = Prefix is not present in an AS's announced AS/AS-SET
Please make sure to have your aut-num object up-to-date in the IRR in order to enable us to discover your AS-SET automatically (see below).
For IPv4 and IPv6 address families:
export: to AS51706 announce ASxxxx
export-via: AS51706 to AS-ANY announce ASxxxx
mp-export: afi ipv4.unicast,ipv6.unicast to AS51706 announce ASxxxx
For IPv4 address family only:
export-via: afi ipv4.unicast AS51706 to AS-ANY announce ASxxxx
mp-export: afi ipv4.unicast to AS51706 announce ASxxxx
For IPv6 address family only:
export-via: afi ipv6.unicast AS51706 to AS-ANY announce ASxxxx
mp-export: ipv6.unicast to AS51706 announce ASxxxx
If you wish to filter routes collected from France-IX RS, you can filter prefixes using the following AS-SET:
Members connected to the Paris route servers:
Members connected to the Marseille route servers: