search

pierky / arouteserver

A tool to automatically build (and test) feature-rich configurations for BGP route servers.
https://arouteserver.readthedocs.org/
GNU General Public License v3.0
286 stars 46 forks source link

Try harder to find AS-SETs #7

Closed job closed 7 years ago

job commented 7 years ago

With a minimal configuration like below, arouteserver should query PeeringDB for the AS-SET and use the one found there rather than only expand AS15169.

clients:
  - asn: 15169
    ip:
    - "206.126.225.128"
    - "2001:504:2f::1:5169:1"

Using AS-GOOGLE instead of AS15169 should be the behaviour if cfg.filtering.peering_db: True

pierky commented 7 years ago

Thanks for your feedback Job.

I coded a new option that allows to do what you've said: cfg.filtering.irrdb.peering_db.

When set, if IRRDB-based filters are enabled and no AS-SETs are configured for a client, ARouteServer tries to fetch their values from the client’s ASN record on PeeringDB.

Since the data on PeeringDB are not always 100% accurate and up to date, and sometimes the IRR Record field contains values that are reported using exotic syntaxes, I preferred to disable this feature by default, by using a default value of False for this option. When enabled, an INFO message is logged whenever an AS-SET from PeeringDB is actually used to obtain data from IRRs.

I hope this works for you.

pierky commented 7 years ago

So, this feature has been merged with v0.10.0.

I tried to both guess and validate AS-SETs that are fetched from PeeringDB records, for example by stripping registry names prepended to the AS-SET (RIPE::AS-XXX). Invalid AS-SETs are ignored.

With regards of this, I also introduced a new argument that can be used with the clients-from-euroix command: --merge-from-peeringdb. It can be used to tell ARouteServer to fetch AS-SETs and/or max-prefix limits from PeeringDB if they are not included within the Euro-IX JSON file that is processed.