Evil_TTL> show | s

BGP Troubleshooting

Category:Cisco Systems -> Routing and Switching

It was a while ago and as far as I remember it happened when we bought another chunk of IP addresses via LIR. A pool of IP addresses was registered for us, AS was fine and nothing unusual was in RIPE database as well. BGP on our router was configured correctly. By using various BGP looking glasses I could successfully verify that our AS and the new pool was routable and seen across the world. Everything seemed alright. But while conducting internal testing procedures I came across an issue. The matter was that I could not get access to some web-servers around the world. Some web-sites worked ok, other sites opened only partially and others didn’t open at all. That was weird since no regularities were found to help with localizing the cause of the issue. The only catches were that most European Tier 1 carriers like TeliaSonera, Level 3 Communications and some others did not let through the traffic which originated from our network and dropped it in the middle way. Moreover I found out that some IP addresses from our pool were blacklisted for gambling. It seemed that previous owner wasn’t that clean.

NOTE

I used the following resources to run the scan for compromised IP addresses:

  1. http://cnet.robtex.com/
  2. http://ip.robtex.com/

Ironically it had nothing to do with our traffic being dropped. The true reason for such behavior was a missing object in RIPE database. The name of the object was route. As a result, after the object had been added the traffic passed through those carriers eventually.

route193.x.y.0/24
descr
route for company-name
origin
:   AS59xyz 

What I got from all this is that routing without route object in RIPE database does work. Not as good as it should but it still works. Another one is that mentioned Tier 1 carriers do make a “background” check before accepting our AS into their own routing tables. And the last one, check what is contained in RIPE database about your network more carefully.

NOTE

IANA owns all Internet IP addresses.

IANA delegates these IP addresses to 5 regional registires; AfriNIC (Africa), APNIC (Asia/Pacific), ARIN (North America), LACNIC (Latin America), and RIPE (Europe, Middle East, Central Asia).

Thus keep in mind, your own registry may be other than RIPE.

By privilege15