Peering with an exchange

RouterOS Forwarding Protocols
1

Learning as I go here..

Im trying to setup peering with a local exchange here in town.

I currently have to upstream providers with whom im already peering with without issues, this peering exchange thing seems abit more complicated.

I was given a ip from there /24
Configured new interface that connects to them with provided IP. They can ping me and im ready to go.
Im not sure how to peer with there members.
They strongly suggest I peer with there route server.
“We strongly recommend that you connect to our BGP routes server, which will give you access
to most of our members, to Akamai and Google caches, and time synchronization service (NTP).
RS-01: xxx.xxx.xx.253 ASN: xxxxx”

If I connect to them via the above info, I will receive the routes of all there memebers if my filters permit this? I entered this info and also the md5 hash that was generated and it connected. Im receiving 1078 prefix’s from them.
Question

  1. For filters, IN filter, I accept all the prefixes I imagine, so that is the filter I chose for the IN Filter box in the Peer config. But what about the Out Filter? Do I select my our prefix? Or no, because this is only an outbound traffic peer and they wont route traffic to me with my prefix’s? This is where I get confused.
  2. I have had a peering request from another member. In the provided information, I have his IP address which is of the same /24 as the IP I got, so I guess this is the IP I have to connect to in order to exchange routes with him? If so, I use my regular all prefix out filters for my prefix’s and accept all his routes using my In accept all filter?
  3. If I want to send out my prefix’s to my neighbors that im peering with via the exchange, how do I send out more than one /24 prefix of mine to that peer? I have only one prefix /24 per filter rule as it wont allow me to add more in that field. But in the Peer config box in BGP, I can only select one out filter with that one prefix…? Confused…

On top of all this, I see the exchange communities info stuff for there route server. No clue what this all means


Community Function Description
64600:peerasn DO NOT ADVERTISE prefix to peer ASN Prefixes marked with this community will not be advertised to the target peer ASN.

  • Prefix & peer specific, multiple statements can be used.
  • Can be combined with the no-export and MED communities for additional peer specificity.
    64700:peerasn ADVERTISE ONLY to peer ASN Prefixes marked with this community will only be advertised to the target peer ASN.
  • Prefix & peer specific, multiple statements can be used.
  • Can be combined with the no-export and MED communities for additional peer specificity.
    64800:0 Global NO-EXPORT community Prefixes marked with this community will have NO-EXPORT community set by RS when advertised to peers.
  • Peers receiving a prefix with NO-EXPORT will NOT send this prefix to their customers. Beware!
  • Prefix specific, applies to all peers which receive prefix.
  • Can be used with no-advertise/advertise/MED peer communities.
    64800:peerasn Peer-specific NO-EXPORT community Prefixes marked with this community will have NO-EXPORT community set by RS when advertised to target peer ASN.
  • Peers receiving a prefix with NO-EXPORT will NOT send this prefix to their customers. Beware!
  • Prefix & peer specific, multiple statements can be used.
  • Can be used with no-advertise/advertise/MED peer communities.
    64910:peerasn Add 100 to MED of prefix advertised to peer Prefixes marked with this community will be advertised with additional +100 MED to target peer ASN.
  • Prefix & peer specific, multiple statements can be used.
  • Can be combined with the no-export community.
    64911:peerasn Add 1000 to MED of prefix advertised to peer Prefixes marked with this community will be advertised with additional +1000 MED to target peer ASN.
  • Prefix & peer specific, multiple statements can be used.
  • Can be combined with the no-export community.
    64912:peerasn Add 10000 to MED of prefix advertised to peer Prefixes marked with this community will be advertised with additional +10000 MED to target peer ASN.
  • Prefix & peer specific, multiple statements can be used.
  • Can be combined with the no-export community.

Is all this stuff optional?

2

Peering rules/policies vary from one exchange to another. Policies on direct peering typically vary from exchange member to exchange member unless the exchange itself has a policy specified as a membership requirement.

Since you posted this a few days ago I suggest that you update with current status then take one remaining issue/question at a time.

3

You almost certainly do not want to allow all prefixes in your out filter!

I would be careful with all prefixes out as a filter. Remember that if you peer with AS100 and AS200, and allow all prefixes, then AS100 and AS200 will be able to route traffic to each other through your network.

If you have another BGP peer elsewhere (not on the exchange) sending you full routes, then those routes would go out into the exchange, so exchange members would see you as a way to reach the Internet!

In general, you want to have some kind of list of your own prefixes and any of your customers’ prefixes, and limit your advertisements to just those prefixes when sending out routes to “upstream” peers.

All of the community information they gave you is optional - it’s basically a menu of things you can tack onto your advertisements to control who in the exchange sees the routes you advertise, and how they appear to those peers.

Communities are basically like colorful stickers. The sticker doesn’t mean anything in and of itself to BGP. It’s like putting a yellow smiley-face sticker on a letter you send to a friend. It may mean “this letter is false, ignore it” or it may mean “be sure to put this on the break room bulletin board” - whatever you and the friend agreed such a sticker would mean. The list of communities the exchange gave you is their list what stickers they will look for, and what they will do if they see them.

You can put no communities, or several communities on each individual prefix as you see fit.

Example:
64700:peerasn ADVERTISE ONLY to peer ASN

This means that if you have a prefix 1.2.3.0/24 and you want to send this to the exchange, but only allow AS100 and AS200 to see this route, you should add community strings 64700:100 and 64700:200 onto this prefix before you send it to the exchange.