Route Server Operation and Community Usage
Prefix Filter Updates
Automatically and continuously, according to the following schedule:
- Every 15 minutes – data is retrieved from IRR databases.
- Every 4 hours – each Route Server is updated.
- 2-hour offset between servers – RS0 is updated first, and the same data is pushed to RS1 two hours later.
Route Servers' addresses
- RS0: 193.25.180.255/23, 2001:7F8:63::FF/64
- RS1: 193.25.181.0/23, 2001:7F8:63::FFFF/64
ASN: AS31210
AS-SET for filter generation: AS-DTEL-IX
BGP communities
Description | Basic RFC 1997 | Extended RFC 4360 | Large RFC 8092 | ||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Do not re-announce to any peer (highest priority) | 0:31210 | rt:0:31210 | large:31210:0:31210 | ||||||||||||||||||
Do not re-announce to a peer with a 16-bit ASN | 0:X | rt:0:X | large:31210:0:X | ||||||||||||||||||
Do not re-announce to a peer with a 32-bit ASN | — | rt:0:X | large:31210:0:X | ||||||||||||||||||
Re-announce only to a peer with a 16-bit ASN | 31210:X | rt:31210:X | large:31210:31210:X | ||||||||||||||||||
Re-announce only to a peer with a 32-bit ASN | — | rt:31210:X | large:31210:31210:X | ||||||||||||||||||
Announce to all peers (default, lowest priority) | 31210:31210 | rt:31210:31210 | large:31210:31210:31210 | ||||||||||||||||||
Prepend your own ASN to the AS-path X times towards ASN Y. 1 <= X <= 3 | — | — | large:31210:6500X:Y | ||||||||||||||||||
Prepend your own ASN to the AS-path X times towards all peers. 1 <= X <= 3 | — | — | large:31210:6500X:31210 | ||||||||||||||||||
Blackhole for IPv4 /32 or IPv6 /64 prefix | 65535:666 | — | — | ||||||||||||||||||
Simple Remote Triggered Firewall | |||||||||||||||||||||
The Simple RTBH mechanism allows a participant to drop all traffic towards a specific host within their network at the DTEL-IX edge. Only /32 (IPv4) and /56 or more specific (IPv6) routes are accepted.To activate blackholing, both of the following communities must be set:
X = 31210 , traffic will be blackholed from all peers.
Note: RTBH works only if both communities are applied at the same time: 65535:666 and 31210:31210 . | |||||||||||||||||||||
Advanced Remote Triggered Firewall | |||||||||||||||||||||
The Advanced RTBH feature allows not only dropping traffic but also redirecting it to the DTEL-IX Firewall, specifying which type of traffic should be filtered or rate-limited. It uses the same base community structure as Simple RTBH, with an additional extended community that defines the traffic type:
Drop Community — drops all packets matching the specified rule. | |||||||||||||||||||||
Informational Communities | |||||||||||||||||||||
Route received from a peer with a 16-bit ASN | 31210:X | ro:31210:X | large:31210:31210:X | ||||||||||||||||||
Route received from a peer with a 32-bit ASN | — | ro:31210:X | large:31210:31210:X | ||||||||||||||||||
Prefix Geotag (X – continent code, Y – ISO 3166-1 country code)
| 6500X:10YYY | — | — |
Route Server Operating Features
- Does not announce default routes, private networks, or private ASNs.
- Shares the full routing table with all connected clients and allows flexible policy control using specific BGP attributes (see details below).
- When receiving routes from a client, the Route Server sets the
next-hop
to the original router that announced them and redistributes those routes to other participants as-is.
Therefore, only routing information is exchanged via the Route Server, while the actual traffic flows directly between participants.
The most up-to-date description is always available via whois
Detailed information about DTEL-IX members that exchange routing information via the Route Server can be obtained from the RIPE database by querying the description of AS31210 (RS):
whois -h whois.ripe.net as31210
Prefix Filtering Rules
When building inbound prefix filters, the whois.radb.net database is queried, and the Route Server applies filtering to received announcements based on the following principles:
- Announcements of private networks are not accepted.
- Announcements from private ASNs are not accepted.
- Default route announcements are not accepted.
- Announcements from AS XXX are accepted only if the
origin
value belongs to an allowed AS range. - Announcements from AS XXX are accepted only if the originating ASes are explicitly listed in the routing policy of AS XXX as being exported to AS31210.
Basic Route Servers' functionality
- Prefix-list generation based on connected autonomous systems and IRR filtering.
- Support for both IPv4 and IPv6.
- RPKI support.
- BFD support.
- Blacklist for ASNs and prefixes.
- Prefix-to-geo mapping support.
- Simple Remote Triggered Blackhole (RTBH) for DDoS mitigation.
- Advanced Remote Triggered Blackhole with redirection to the DTEL-IX firewall for more granular DDoS filtering.
- Flowspec support with redirection to the DTEL-IX firewall.
Full List of Standards Supported by the Route Servers
- RFC 1997 – BGP Communities Attribute
- RFC 4360 – BGP Extended Communities
- RFC 4384 – BGP Communities для геолокації
- RFC 4893 / RFC 6793 – 32-бітні ASN
- RFC 7947 – Internet Exchange Route Servers
- RFC 7999 – BLACKHOLE community
- RFC 8092 – BGP Large Communities
- draft-hilliard-ix-bgp-route-server-operations