Physical connection
TurkIX offers the following physical connection possibilities:
Ethertypes and MAC addresses allowed
Only one MAC address per port connected to TurkIX peering VLAN is allowed.
The expected Ethernet frame types are as follows:
Allowed Traffic
The following protocols are allowed at the data link level:
Interface configurations:
We recommend the following interface configurations for routers based on CISCO configurations:
no ip redirects no ip proxy-arp no ip directed-broadcast no mop enabled no cdp enable udld port disable no keepaliveFor IPv6:
no ipv6 redirects ipv6 nd suppressor
Prefix filtering
TurkIX route servers drop prefixes for the following reasons:
- PREFIX LENGTH TOO LONG – the prefix length is longer than /24 for IPv4 prefixes and /48 for IPv6 prefix
- BOGON – prefix is bogon (see IPv4 bogons lists / IPv6 bogons list below)
- AS PATH TOO LONG – as-path with more than 64 AS numbers
- AS PATH TOO SHORT – must have at least one AS number in the as-path
- FIRST AS NOT PEER AS – first AS number in the as-path must be peer AS number
- NEXT HOP NOT PEER IP – next-hop IP address must be one of the member’s peer IP addresses
- IRRDB PREFIX FILTERED – no IRR record for prefix found
- IRRDB ORIGIN AS FILTERED – origin AS number is not included in as-set
- TRANSIT FREE ASN – AS number of known transit network is present in the as-path (see list below)
IPv4 bogons list:
- 0.0.0.0/32 – Special Use IPv4 Addresses
- 0.0.0.0/0 ge 25 le 32 – Filter small prefixes
- 0.0.0.0/0 ge 7 – Requirements for Internet Hosts — Communication Layers 3.2.1.3
- 10.0.0.0/8 le 32 – Address Allocation for Private Internets
- 100.64.0.0/10 le 32 – IANA-Reserved IPv4 Prefix for Shared Address Space
- 127.0.0.0/8 le 32 – Requirements for Internet Hosts — Communication Layers 3.2.1.3
- 169.254.0.0/16 le 32 – Dynamic Configuration of IPv4 Link-Local Addresses
- 172.16.0.0/12 le 32 – Address Allocation for Private Internets
- 192.0.0.0/24 le 32 – Special-Purpose Address Registries
- 192.0.2.0/24 le 32 – IPv4 Address Blocks Reserved for Documentation
- 192.168.0.0/16 le 32 – Address Allocation for Private Internets
- 198.18.0.0/15 le 32 – Benchmarking Methodology for Network Interconnect Devices
- 198.51.100.0/24 le 32 – IPv4 Address Blocks Reserved for Documentation
- 203.0.113.0/24 le 32 – IPv4 Address Blocks Reserved for Documentation
- 224.0.0.0/4 le 32 – Host Extensions for IP Multicasting
- 240.0.0.0/4 le 32 – Special-Purpose Address Registries
IPv6 bogons list:
- ::/0 – Default
- ::/96 – IPv4-compatible IPv6 address – deprecated by RFC4291
- ::/128 – Unspecified address
- ::1/128 – Local host loopback address
- ::ffff:0.0.0.0/96 le 128 – IPv4-mapped addresses
- ::224.0.0.0/100 le 128 – Compatible address (IPv4 format)
- ::127.0.0.0/104 le 128 – Compatible address (IPv4 format)
- ::0.0.0.0/104 le 128 – Compatible address (IPv4 format)
- ::255.0.0.0/104 le 128 – Compatible address (IPv4 format)
- 0000::/8 le 128 – Pool used for unspecified, loopback and embedded IPv4 addresses
- 0200::/7 le 128 – OSI NSAP-mapped prefix set (RFC4548) – deprecated by RFC4048
- 3ffe::/16 le 128 – Former 6bone, now decommissioned
- 2001:db8::/32 le 128 – Reserved by IANA for special purposes and documentation
- 2002:e000::/20 le 128 – Invalid 6to4 packets (IPv4 multicast)
- 2002:7f00::/24 le 128 – Invalid 6to4 packets (IPv4 loopback)
- 2002:0000::/24 le 128 – Invalid 6to4 packets (IPv4 default)
- 2002:ff00::/24 le 128 – Invalid 6to4 packets
- 2002:0a00::/24 le 128 – Invalid 6to4 packets (IPv4 private 10.0.0.0/8 network)
- 2002:ac10::/28 le 128 – Invalid 6to4 packets (IPv4 private 172.16.0.0/12 network)
- 2002:c0a8::/32 le 128 – Invalid 6to4 packets (IPv4 private 192.168.0.0/16 network)
- fc00::/7 le 128 – Unicast Unique Local Addresses (ULA) – RFC 4193
- fe80::/10 le 128 – Link-local Unicast
- fec0::/10 le 128 – Site-local Unicast – deprecated by RFC 3879 (replaced by ULA)
- ff00::/8 le 128 – Multicast
- ::/0 ge 49 le 128 – Filter small prefixes
Known transit networks:
- AS174 – Cogent
- AS209 – Qwest (HE carries this on IXPs IPv6 (Jul 12 2018))
- AS701 – UUNET
- AS702 – UUNET
- AS1239 – Sprint
- AS1299 – Telia
- AS2914 – NTT Communications
- AS3257 – GTT Backbone
- AS3320 – Deutsche Telekom AG (DTAG)
- AS3356 – Level3
- AS3549 – Level3
- AS3561 – Savvis / CenturyLink
- AS4134 – Chinanet
- AS5511 – Orange opentransit
- AS6453 – Tata Communications
- AS6762 – Seabone / Telecom Italia
- AS7018 – AT&T
BGP peering connection
Addressing TurkIX
The IPv4 and IPv6 addressing space assigned to TurkIX should not be advertised outside the TurkIX infrastructure.
BGP TurkIX
ASn: 60850
IRR Record: AS60850:AS-TURKIX
TurkIX RS1
IPv4: 185.0.26.100
IPv6: 2001:7f8:146::6:0850:100
TurkIX RS2
IPv4: 185.0.26.200
IPv6: 2001:7f8:146::6:0850:200
Note: you need to disable the first-as-check mechanism on your BGP router (most vendors have it enabled by default) as the route server does not insert its own AS number into the as-path attribute of prefix announcements (equivalent Cisco command “no bgp enforce-first-as“).
Below follows a sample configuration for Cisco routers to announce a prefix to the route servers:
! router bgp your-asn bgp always-compare-med no bgp enforce-first-as bgp log-neighbor-changes neighbor TURKIX-RS peer-group neighbor TURKIX-RS remote-as 60850 neighbor TURKIX-RS version 4 neighbor TURKIX-RS transport connection-mode active neighbor TURKIX-RS-6 peer-group neighbor TURKIX-RS-6 remote-as 60850 neighbor TURKIX-RS-6 version 4 neighbor TURKIX-RS-6 transport connection-mode active neighbor 185.0.26.100 peer-group TURKIX-RS neighbor 185.0.26.100 description rs1.turkix.com.tr neighbor 185.0.26.200 peer-group TURKIX-RS neighbor 185.0.26.200 description rs2.turkix.com.tr neighbor 2001:7f8:146::6:0850:100 peer-group TURKIX-RS-6 neighbor 2001:7f8:146::6:0850:100 description rs1.turkix.com.tr neighbor 2001:7f8:146::6:0850:200 peer-group TURKIX-RS-6 neighbor 2001:7f8:146::6:0850:200 description rs2.turkix.com.tr ! address-family ipv4 neighbor TURKIX-RS activate neighbor TURKIX-RS next-hop-self neighbor TURKIX-RS soft-reconfiguration inbound neighbor TURKIX-RS route-map TO-TURKIX-RS out no auto-summary no synchronization neighbor 185.0.26.100 peer-group TURKIX-RS neighbor 185.0.26.200 peer-group TURKIX-RS network 192.168.100.0 mask 255.255.255.0 network 192.168.101.0 mask 255.255.255.0 exit-address-family ! address-family ipv6 neighbor TURKIX-RS-6 activate neighbor TURKIX-RS-6 next-hop-self neighbor TURKIX-RS-6 soft-reconfiguration inbound neighbor TURKIX-RS-6 route-map TO-TURKIX-RS out neighbor 2001:7f8:146::6:0850:100 peer-group TURKIX-RS-6 neighbor 2001:7f8:146::6:0850:200 peer-group TURKIX-RS-6 network 2001:DB8:10::/64 network 2001:DB8:11::/64 network 2001:DB8:12::/64 exit-address-family ! ip prefix-list TO-TURKIX-RS seq 10 permit 192.168.100.0/24 ip prefix-list TO-TURKIX-RS seq 20 permit 192.168.101.0/24 ! ipv6 prefix-list TO-TURKIX-RS seq 10 permit 2001:DB8:10::/64 ipv6 prefix-list TO-TURKIX-RS seq 20 permit 2001:DB8:11::/64 ! route-map TO-TURKIX-RS permit 10 match ip address prefix-list TO-TURKIX-RS ! end
Below is a similar example for Juniper routers:
[edit] user@junix# show protocols bgp group IPV4-TURKIX-RS { type external; description "TurkIX Route Servers"; family inet { unicast; } export TO-TURKIX-RS; peer-as 60850; neighbor 185.0.26.100 { description rs1.turkix.com.tr; } neighbor 185.0.26.200 { description rs2.turkix.com.tr; } } [edit] user@junix# show policy-options policy-statement TO-TURKIX-RS term unicast-export { from { rib inet.0; prefix-list to-turkix-announce; } then accept; } term end { then reject; } [edit] user@junix# show policy-options prefix-list to-dpeed-ix-announce 192.168.110.0/24;
Below is a similar example for Huawei routers:
bgp your-asn undo check-first-as group TURKIX-RS external peer TURKIX-RS as-number 60850 peer TURKIX-RS description *** TurkIX Route Servers *** peer 185.0.26.100 as-number 60850 peer 185.0.26.100 group TURKIX-RS peer 185.0.26.200 as-number 60850 peer 185.0.26.200 group TURKIX-RS peer 2001:7f8:146::6:0850:100 as-number 60850 peer 2001:7f8:146::6:0850:100 group TURKIX-RS peer 2001:7f8:146::6:0850:200 as-number 60850 peer 2001:7f8:146::6:0850:200 group TURKIX-RS # ipv4-family unicast network 192.168.100.0 255.255.255.0 network 192.168.101.0 255.255.255.0 peer TURKIX-RS enable peer TURKIX-RS route-policy EBGP_TurkIX_OUT export peer TURKIX-RS advertise-community both peer TURKIX-RS advertise-ext-community both peer 185.0.26.100 enable peer 185.0.26.100 group TURKIX-RS peer 185.0.26.200 enable peer 185.0.26.200 group TURKIX-RS # ipv6-family unicast network 2001:DB8:10:: 64 network 2001:DB8:11:: 64 network 2001:DB8:12:: 64 peer TURKIX-RS enable peer TURKIX-RS route-policy 6EBGP_TurkIX_OUT export peer TURKIX-RS advertise-community both peer TURKIX-RS advertise-ext-community both peer 2001:7f8:146::6:0850:100 enable peer 2001:7f8:146::6:0850:100 group TURKIX-RS peer 2001:7f8:146::6:0850:200 enable peer 2001:7f8:146::6:0850:200 group TURKIX-RS # route-policy EBGP_TurkIX_OUT permit node 10 if-match ip-prefix TO-TURKIX-RS # route-policy 6EBGP_TurkIX_OUT permit node 10 if-match ipv6 address prefix-list 6TO-TURKIX-RS # ip prefix-list TO-TURKIX-RS index 20 permit 192.168.100.0 24 ip prefix-list TO-TURKIX-RS index 30 permit 192.168.101.0 24 # ip ipv6-prefix 6TO-TURKIX-RS index 10 permit 2001:DB8:10:: 64 ip ipv6-prefix 6TO-TURKIX-RS index 20 permit 2001:DB8:11:: 64 # commit