Skip to content
Aug 16 / Greg

ARIN’s Route Registry – Why You Need AS-SET

Believe it or not, I’m just now having to create entries in ARIN’s RRs…and I’ve been doing this thing for ages hehehe. A RR is a searchable database of route policy information. There are some that are easy to use with web interfaces, but these are generally pay to play. If you stick with ARIN, it’s free…which means I’m going with ARIN.

Ultimately, what’s the point? When you are peering with other BGP ASNs, they will often seek to verify what information they will allow you to advertise to them. One easy way for them to lookup what to expect from you is to connect to an RR. I can also dictate some more advanced policies inside of special records.

Getting started, ARIN has a very complete list of information on how/what you should submit to them. The problem is, it’s pretty complex. I did a lot of googling, but I eventually happened on Theodore’s blog entry on the subject. This guy is kind enough to explain the basics which will guide you through most of the process. It looks like his page is dead for now(hopefully it will be back).

The most important part for me were the AS-SET entries. In simple terms, this is a list of autonomous systems that peer with you. Since I’m a service provider, this will be all of my customers(not my upstream ISPs) that I’ll be sending traffic sourced from. More and more upstream ISPs have started requiring an AS-SET entry that contains your downstream customer AS’s. I’ve noticed that just because you have this entry, doesn’t mean you don’t need to also tell them all of the subnets to expect as well as the source AS’, because they will. I’ve also noticed that I don’t have to create an RR record including customer subnets, I just need their AS# in my AS-SET list.

Here’s an example of my AS-SET:

as-set: AS-MNS-1
password: MyPassword
descr: Managed Network Solutions AS-SET-1
members: AS19366, AS13701, AS16903, AS29808, AS46724, AS32768, AS55291
mbrs-by-ref: ANY
notify: [email protected]
admin-c: SOWEL6-ARIN
tech-c: SOWEL6-ARIN
mnt-by: MNT-MNSL
changed: [email protected] 20160519
source: ARIN

aut-num: AS19366
password: MyPassword
as-name: MNS-AS19366
descr: Managed Network Solutions AUT-NUM-1
member-of: AS-MNS-1
notify: [email protected]
admin-c: SOWEL6-ARIN
tech-c: SOWEL6-ARIN
mnt-by: MNT-MNSL
changed: [email protected] 20160519
source: ARIN

As you can see my AS-SET simply lists all of my downstream customers. Keeps it pretty simple.

If you plan to simply update an entry, just submit the same information with the modification, and the entry will be overridden in the IRR entry.

Once you have it submitted and would like to verify it, use the IRRExplorer online portal!

**Line wrap warning**

If you get errors described as:
members: AS19366, AS13701, AS16903, AS29808, AS46724, AS32768, AS55291, AS12345
***Error: Syntax error in “”
:
***Error: Attribute missing colon, ‘:’

You likely have a line that is too long.
Break the errored line into two like this:
members: AS19366, AS13701, AS16903, AS29808
members: AS46724, AS32768, AS55291, AS12345

**End of warning**

I know there is a lot more you can do with it, and I’m sure some of you kind fellows will be happy to leave me comments on best practices 🙂

Leave a Comment

 

*