[{"categories":null,"date":"0001-01-01T00:00:00Z","description":"","keywords":null,"link":"/documentation/","tags":null,"text":"These configuration examples assume your machine is present at Labicolo and use Labitat as BGP transit. Linux Networking The following configuration is for an interface named enp1s0 with the file location /etc/network/interface.d/enp1s0. It configures Labicolo IPv4 and IPv6 addresses, but more importantly, it tags VLAN 42 and assigns peering LAN addresses in order for your machine to use the peering LAN for IX related traffic. Replace interface name corresponding to yours, and replace addresses in \u003cbrackets\u003e that fits your network interface. Check your /etc/network/interfaces file to avoid overlapping interface configurations. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 # Labicolo addressing ## IPv4 auto enp1s0 iface enp1s0 inet static address \u003clabicolo_v4_address\u003e/26 gateway 185.38.175.65 ## IPv6 ## Note: ## - Disables Duplicate Address Detection (DAD), this skips the timeout when reloading an # interface, but WILL create issues if address is already in use. # - Disables Route Advertisements iface enp1s0 inet6 static address \u003clabicolo_v6_address\u003e/64 gateway 2a01:4262:1ab:20::1 dad-attempts 0 accept_ra 0 #LabIX. VLAN 42 auto enp1s0.42 iface enp1s0.42 inet static address \u003cpeering_lan_v4_address\u003e/24 iface enp1s0.42 inet6 static address \u003cpeering_lan_v6_address\u003e/64 dad-attempts 0 accept_ra 0 Reload config with systemctl restart networking.service. BIRD The following BIRD configuration can announce your IPv6 prefixes to your peers, receive a routing table from a transit, and connect to Route Server 0 via the peering LAN, as highlighted in the example. You need to fill in lines containing \u003cbrackets\u003e with your own details. The default location for the BIRD configuration is /etc/bird.conf or /etc/bird/bird.conf. Reload the configuration by opening the BIRD console with birdc and use the command configure soft. It is worth noting, that while the route server (and probably your transit) filters for reserved ASNs, reserved prefixes and invalid RPKI ROAs, it is still recommended that you implement these filters yourself. Have a look at the NLNOG BGP Filter Guide for inspiration. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 # # BIRD 2 configuration for ASxxxxx \u003cAS-Set\u003e - \u003cat_some_location\u003e # # All IPv4 related options are commented out, but left in in order easely allow enabling if needed # This config only honors gracefull shutdown, but could be extended with # BGP communities as described in: https://arouteserver.readthedocs.io/en/latest/CONFIG.html?highlight=communities#bgp-communities # # # Update config with # birdc and \"configure soft\" # Or 'birdcl configure' # Check config in birdc with # configure check \"/etc/bird/bird.conf\" # # See established peering connections with 'show protocols' in birdc log syslog all; #debug protocols all; debug protocols { events, states }; watchdog warning 5 s; watchdog timeout 30 s; timeformat base iso long; timeformat log iso long; timeformat protocol iso long; timeformat route iso long; # Global unique ID, ex. your public unicast IPv4 address router id \u003cyour_IPv4_address\u003e; # functions and filters define local_asn = \u003cyour_ASN\u003e; define labitat_asn = 205235; define labix_asn = 60247; # LabIX Peering LAN # ------------------------- define local_labix_ipv6 = \u003cpeering_lan_address\u003e; define local_labix_ipv4 = \u003cpeering_lan_address\u003e; # Route Server addresses define labix_rs0_ipv6 = 2001:7f8:149:1ab::6:0247:1; define labix_rs0_ipv4 = 185.0.29.1; # Define your prexies # ------------------------- # You can also do '\u003cyour_v6_prefix\u003e/44{44,48}' # This allows for announcing any size between 44 and 48 define local_prefixes_v6 = [ \u003cyour_v6_prefix\u003e/48, \u003cyour_v6_prefix\u003e/44 ]; define local_prefixes_more_specific_v6 = [ \u003cyour_v6_prefix\u003e/48{49,128}, \u003cyour_v6_prefix\u003e/44{45,128} ]; #define some_peer_prefixes_v6 = [ #\t\u003cpeer_v6_prefix\u003e/48, #\t\u003cpeer_v6_prefix\u003e/48 #]; # functions and filters function is_default_route() { case net.type { #NET_IP4: if net = 0.0.0.0/0 then return true; NET_IP6: if net = ::/0 then return true; } return false; } function is_customer_route() { case net.type { #NET_IP4: if net ~ local_prefixes_v4 then return true; NET_IP6: if net ~ local_prefixes_v6 then return true; } return false; } # define basic protocols protocol device {} protocol direct { #\tipv4; ipv6; } # ------------------------------- # Export to kernel network driver filter kernel_export { if source !~ [ RTS_BGP, RTS_STATIC ] then reject; if is_default_route() then accept; if is_customer_route() then accept; reject; } function honor_graceful_shutdown() { # RFC 8326 Graceful BGP Session Shutdown if (65535, 0) ~ bgp_community then { bgp_local_pref = 0; } } # Transit filters filter transit_import { honor_graceful_shutdown(); accept; } filter transit_export { if !is_customer_route() then reject; accept; } # generate local routes #protocol static static4 { #\tipv4; #\troute \u003cyour_v4_prefix\u003e/24 unreachable; #\troute \u003cyour_v4_prefix\u003e/24 unreachable; #} protocol static static6 { ipv6; route \u003cyour_v6_prefix\u003e/48 unreachable; route \u003cyour_v6_prefix\u003e/44 unreachable; } # --------------------- # Export to your kernel #protocol kernel kernel4 { #\tipv4 { #\timport all; #\texport filter kernel_export; #\t}; #\tlearn; #\tpersist; #\tgraceful restart; #\tmerge paths; #} protocol kernel kernel6 { ipv6 { import all; export filter kernel_export; }; learn; persist; graceful restart; merge paths; } # ------- # Transit #protocol bgp labitat_ipv4 { #\tlocal \u003cyour_local_v4_address\u003e as local_asn; #\tneighbor \u003cpeer_v4_address\u003e as labitat_asn; #\tpassive; #\tipv4 { #\timport limit 10 action block; #\treceive limit 20 action disable; #\timport keep filtered on; #\timport filter transit_import; #\texport filter transit_export; #\t}; #} # Transit - Labitat protocol bgp labitat_ipv6 { local \u003cyour_local_v6_address\u003e as local_asn; neighbor \u003ctransit_v6_address\u003e as labitat_asn; passive; ipv6 { import limit off; receive limit off; import keep filtered on; import filter transit_import; export filter transit_export; }; } # LabIX Route Server # ------------------------------------------------- # Non-passive connection, the RS awaits for your routers connection protocol bgp labix_ipv6 { local local_labix_ipv6 as local_asn; neighbor labix_rs0_ipv6 as labix_asn; ipv6 { import limit off; receive limit off; import keep filtered on; import filter transit_import; export filter transit_export; }; } # Peering # --------------------- template bgp bgp_peer { default bgp_local_pref 120; } # customer import function peer_import(int peer_asn; prefix set peer_prefixes) { if net !~ peer_prefixes then reject; if bgp_path.first != peer_asn then reject; accept; } #protocol bgp \u003csome_peer_v6\u003e from bgp_peer { #\tlocal \u003cyour_local_v6_address\u003e as local_asn; #\tneighbor \u003cpeer_local_v6_address\u003e as \u003csome_peer_asn\u003e; #\tttl security; #\tipv6 { #\timport limit 10 action block; #\treceive limit 20 action disable; #\timport keep filtered on; #\timport filter { peer_import(\u003csome_peer_asn\u003e, \u003csome_peer_prefixes_v6\u003e); }; #\texport filter transit_export; #\t}; #}","title":"Documentation"},{"categories":null,"date":"0001-01-01T00:00:00Z","description":"","keywords":null,"link":"/bornhack/","tags":null,"text":"Welcome Hi camping network nerds, Labitat Internet Exchange (LabIX) will temporarily become a multi-site IX, as we will be present at BornHack 2023. More concretely, we will transport our local peering LAN via our upstream provider to a VLAN the scouting field in Gelsted at BornHack, so you can peer with our members in Labitat and at BornHack. Why even do this? It has now become a tradition for the NOC team at BornHack to ask participant to USE MORE BANDWIDTH. This is of course not about abusing speedtest servers in order to achieve the highest possible throughput or hog the network from other participants, but to use the bandwidth for use-cases that benefits the event, participant or our society. BornHack usually gets a temporary IPv4 prefix and already got a IPv6 prefix, which is fine for many uses-cases. But you can also choose to run your own little ISP from your village and offer BGP dependent services to other participants (probably costs a beer to the NOC team), or you can use this opportunity to have more on hands experience with the workings of the internet. The IX is totally optional, but it is more fun to announce prefixes and play around, if there are others that can join in on the fun. How to connect? More details will come later, but if you do not already have an ASN and IP resources, now is definitely the time to request some (it takes some time to finalize). If you plan on joining LabIX at BornHack, please sign up by creating a pull request on the labix repository. I’m interested! How do learn more about Internet Exchanges We will hold a talk on creating LabIX, at BornHack 2023: Program link. The Network Startup Resource Center gives a nice introduction to BGP and Internet Exchanges. Just give me the slides, by Phillip Smith, 2021","title":"LabIX @ BornHack"},{"categories":null,"date":"0001-01-01T00:00:00Z","description":"","keywords":null,"link":"/members/","tags":null,"text":"Members present at Labicolo. AS Member Speed IPv6 60247 LabIX Route Servers 1G 2001:7f8:149:1ab::6:0247:1 199750 Olivia Wenya 1G 2001:7f8:149:1ab::19:9750:1 198886 Daniel Brasholt 1G 2001:7f8:149:1ab::19:8886:1 211153 Emil Petersen 1G 2001:7f8:149:1ab::21:1153:1 198275 Thomas Flummer 1G 2001:7f8:149:1ab::19:8275:1 We encourage IX clients to register on PeeringDB.com if not already done so. We use the database for max prefix length and AS-Set filtering. Our PDB entry can be found here. AS-sets are attempted to be collected from PeeringDB in case it is not available ix_clients.yml. The automation tool-chain for exporting members to the IX-F schema (coming soon) and updating PeeringDB currently only includes Route Server clients. This is due to time constrains and as ARouteServer supporting this feature we opted for the working solution. We are aware that forcing IX clients to be route server members is bad practice, which will be worked on as soon as possible.","title":"Members"}]