LINX Exchanges
ENG Admin
ENG Admin

Riyadh IX route server information

Overview

LINX/Riyadh IX maintains route servers at each peering LAN, allowing members to establish multilateral peerings with other participants on Riyadh IX. By establishing a single peering with a route server, routes can be shared with a large number of LINX members without configuring separate peerings with each LINX member.

Current route server statistics can be found here:Ā Route Server Graphs

Riyadh IX route server list

All LINX route servers are using the BIRD distribution and are configured with ASNĀ 216406

Policy Control

Policy control is done by use of BGP Standard Communities and BGP Large Communities. Members may tag their routes with the following to control policy via the route server. The model is as follows:

AS-Path prepending

Members can tag their prefixes with the following communities, causing the Riyadh IX route server to prepend ASNs to the prefix when advertising it to either all or selected members.

The following communities will cause the Riyadh IX route server to prepend ASNs to the prefix for all members peering on the route server.

Prefix validation

LINX is validating prefixes at ingress on all route servers. The validation is based on RPKI and IRR Object presence.

For RPKI validation we build a ROA table from IRR trust anchors and for IRR Object presence we build a list of valid origin ASN and prefixes based on route objects. Refines/more specifics of valid route objects are rejected.

We are looking for a valid AS-SET in the members PeeringDB record. If no valid AS-SET is found, we use the members ASN only, unless the member has provided us other information.

The results of the validation is reflected in communities which are being added at ingress:

  • 216406:1001:1 = Prefix is present in an AS's announced AS/AS-SET

  • 216406:1001:6 = Prefix is not present in an AS's announced AS/AS-SET

  • 216406:1001:2 = Prefix has valid Origin AS in AS-SET

  • 216406:1001:5 = Prefix has no valid Origin AS in AS-SET

  • 216406:1000:1 = Prefix is RPKI VALID

  • 216406:1000:4 = Prefix is RPKI INVALID

  • 216406:1000:2 = Prefix is RPKI UNKNOWN

The prefix validation will always occur, and members can check the communities being set to their prefixes, and as such see the result of the validation checks through the route server looking glass interface.

Prefixes will only be accepted on the following criteria where,

  1. Prefixes tagged with communities 216406:1001:2 (valid Origin AS in AS-SET) & 216406:1000:1 (RPKI VALID) or

  2. Prefixes tagged with communities 216406:1001:2 (valid Origin AS in AS-SET) & 216406:1001:1 (Prefix is present in an AS's announced AS/AS-SET) & 216406:1000:2 (RPKI UNKNOWN).

All other prefixes will be filtered at egress.

Any member who prefers to receive an unfiltered set of prefixes can request to opt-out of the filtering by contact our NOC at [email protected].

Vendor issues