Part one of BGP series… check out Part 2: Route48 BGP TunnelBroker
I’ve been learning about BGP lately - I use Mikrotik in my lab as the hardware is pretty solid, however following the many online tutorials and resources has become difficult post-upgrade from RouterOS 6 to 7 (the underlying Mikrotik OS), as most of the BGP commands for CLI and options within WinBox have changed.
This series of posts will provide some assistance to BGP users using Mikrotik.
Why BGP & IPv6?
I’ve had BGP on the list for a while. My intention with BGP is to create a multi-homed network with IPv6 space which can move with me should I change hosting provider or ISP.
IPv6 adoption is slowly improving worldwide since we’ve now exhausted the IPv4 address space available. Global access to Google via IPv6 is currently at 40%, up from around 10% on January 2016 (data dates 21-MAY-22, accessed 23-MAY-22, source).
While this isn’t a definitive number of IPv6 users, it does serve as proof that there is a steady increase in adoption.
I started off learning about BGP using DN42, which describes itself as...
"dn42 is a big dynamic VPN, which employs Internet technologies (BGP, whois database, DNS, etc). Participants connect to each other using network tunnels (GRE, OpenVPN, WireGuard, Tinc, IPsec) and exchange routes thanks to the Border Gateway Protocol." https://dn42.dev/
DN42 was a great introduction, but because it’s a big VPN, it’s not publicly routable.
I would recommend experimenting with DN42 if you decide to learn BGP. The technology and frustrations you can expect with publically routable addresses will be similar to that of DN42 private addresses... and has the added benefit that you won't accidently announce a route you shouldn't and break something on the public internet!
Getting started with Public routing
I knew I would need an Autonomous System Number (ASN) for public BGP.
An ASN is a 16 or 32-bit number, used in BGP to announce a prefix. A prefix is a group of IP addresses.
To obtain an ASN, you need to apply to an RIR - a Regional Internet Registry. An RIR is an organization that manages the allocation and registration of Internet number resources within a region, such as RIPE which managed Europe.
The application for an ASN typically comes from a Local Internet Registry, or LIR. To become an LIR, you must pay the authority (the RIR) a fee.
Due to the cost associated, I decided to use an existing LIR to sponsor my application with RIPE. This is much more affordable as an experimental & learning project.
The process took a few weeks to have the LIR make the request with RIPE, but IP6 were responsive to my messages and e-mails.
I was also assigned a /40 PA (Provider Allocated) block of IP addresses - another step in the process of becoming IP independent to VPS providers & ISPs!
During my research I came across a new project called Route48. Route48 is very similar to the Hurricane Electric Tunnelbroker, but allows BGP tunnels.
Tunnelbrokers allow you to connect to the IPv6 internet via your IPv4 connection. Your router will tunnel all IPv6 traffic via a VPN tunnel, then it will transit the providers network and back via your tunnel.
Route48 will also provide you with a /44-/48 of free IPv6 address space.
I will write another post (part 2!) on connecting to Route48 via Mikrotik hardware/CHR.
During my research I found a number of locations that required annual fees for ASN maintenance. I’m reliably informed by an LIR owner that this is bad practice and likely a way to fund their recurring LIR fees.
Personally, I would engage with any LIR before completing a purchase to ensure you are satisfied with the service you’re hoping to receive.
With my ASN and PA IPv6 space allocated, I was ready to continue to the next step of the process: experimenting with Route48 to announce IPv6 space!