Route servers are BGP routers, typically operated by a providers who want to give people a view of what the Internet’s routes “look like” from their network’s perspective. They are queried via a telnet command line interface or via a web interface (sometimes called a looking glass). Route servers are also used at Internet peering points (or Internet exchanges) to collect routing information from members.
An example of a route server in South Africa is local-route-server.is.co.za, which is used by geeks to get an up-to-date list of “local” IP networks by running the show ip bgp Cisco command. A popular use for this information is “split routing” – a trick you might use if you have more than one Internet connection, especially if one of them is local-only (split routing is described here and here).
Other route servers, like the one at SAIX and Verizon Business SA, are probably not as well known. You’re unlikely to need them unless you’ve advertised a new BGP route to your ISP, and you need to check that it’s being received by their peers and providers. For this reason I tend to forget the host names of these more obscure route servers.
After the third time I had to resort to Google to find Verizon’s route server, I started making a list, which I’ve now published here: http://localloop.co.za/route-servers
So how do you use them?
Lets look at a simple example: suppose we want to find out how Neotel is doing BGP-wise. We look up the IP address for www.neotel.co.za and then log onto the IS route server:
local-route-server>sh ip bgp 196.34.133.113
BGP routing table entry for 196.34.0.0/15, version 392335447
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x208
Not advertised to any peer
3741
168.209.255.8 from 168.209.255.8 (168.209.255.245)
Origin IGP, localpref 100, valid, external, best
That number, 3741 is the as-path, and it’s telling us that the route is originating from AS3741 (Internet Solutions). That doesn’t seem right… Neotel just being an IS customer? Lets try one of their DNS servers: ns0.neotel.co.za:
local-route-server>sh ip bgp 41.160.0.4
BGP routing table entry for 41.160.0.0/12, version 392335736
Paths: (1 available, no best path)
Flag: 0x208
Not advertised to any peer
3741 36937
168.209.255.8 (inaccessible) from 168.209.255.8 (168.209.255.245)
Origin IGP, localpref 100, valid, external
Community: 3741:1111 3741:2000
Thats more like it, now the as-path has two numbers: 3741 and then 36937, which turns out to be Neotel. As you’ve guessed by now, the as-path shows us the path of autonomous systems through which the route is being advertised. Now that we know Neotel’s ASN, lets get a list of all the routes from them:
local-route-server>sh ip bgp regexp 36937
BGP table version is 392337041, local router ID is 196.4.160.227
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 41.160.0.0/12 168.209.255.8 0 3741 36937 i
* 87.236.68.0/24 168.209.255.8 0 3741 36937 35405 ?
* 87.236.69.0/24 168.209.255.8 0 3741 36937 35405 ?
Ah, now a /12 is a decent block of IP addresses. Notice that this shows two other routes with 35405 at the end of the as-path. These are routes from Neotel customers, in this case, someone called “Macquarie Bank South Africa”. If we only wanted to see routes originating from Neotel, we could have used sh ip bgp regexp _36937$ instead (“_36937$” is in fact a special kind of regular expression: “_” is short for “^|[,{}() ]|$”).
Please let me know if I missed any local route servers. I know MTNNS has a looking glass on their website, but it’s been broken for a long time. I reported the problem to a NOC email address they give for “questions and comments”, but they ignored me (big surprise).
Post a Comment