Issue Date:

Revision:

ASN distribution and

interconnection in

Indonesia

12 June 2015

1.0

Overview

Introduction to ASN: What is it, how to

get it, and why is it important?

2-byte and 4-byte ASN

ASNs in Indonesia: Distribution and

Interconnection

AS interconnection: It’s about cost,

resiliency and performance

Looking ahead

Introduction to

ASN

Routing the Internet

• Every Internet router needs to know the relative location of

every destination address on the Internet

• Location information is distributed across the Internet using

routing architecture

• The Internet is divided into “clouds” of interconnection

called “networks”

– Interior routing protocols (OSPF, IS-IS, etc) maintain the internal

connectedness with a network

– Exterior routing protocols (BGP) maintain a map of how each of these

networks connect to each other

– BGP uses the concept of an Autonomous System Number to

uniquely identify each component network

Routing and ASN

• RFC 1930:

– An AS (Autonomous System) is a connected group of one or more IP

prefixes run by one or more network operators that has a SINGLE

and CLEARLY DEFINED routing policy.

– An AS has a globally unique number (sometimes referred to as an

ASN, or Autonomous System Number) associated with it. This

number is used in both the exchange of exterior routing information

(between neighbouring AS’s), and as an identifier of the AS itself.

ASN distribution

2-byte and 4-byte ASN

• 2-byte (16 bit ASN)

– Range: 0 – 65535

– Reserved: 0, 65535

– Documentation & Sample Code Use: 64496-64511

– Private Use: 64512 – 65534

– Public Use: 1 – 64495 (‘23456’ is used for 4-byte transition purposes)

• 4-byte (32 bit ASN)

– Range: 0 – 4294967295

– Additional Reserved: 65552 – 131071, 4294967295

– Additional Doc. & Sample Code Use: 65536 – 65551

– Additional Private Use: 4200000000 – 4294967294

– Additional Public Use: 131072 – 4199999999

2-byte ASN status

199 remain at IANA (as of 8 June 2015)

http://www.potaroo.net/tools/asn16/

4-byte ASN deployment

• A few issues due to old equipment & network operating systems – Better acceptance now

in all regions

• Can not be used in BGP community attribute – BGP community attribute

is a 32-bit value, the lower 16-bit specifies the ASN

• Otherwise it WORKS JUST

FINE

AS

interconnection

The Internet

11

• Networks worldwide

interconnect to form the

Internet. They include ISPs,

Internet Exchange Points,

Universities, Corporate

networks, etc.

• Each dot represents an AS

• There are 47,000+ ASNs

currently active in the

Internet

• Networks worldwide

interconnect to form the

Internet. They include ISPs,

Internet Exchange Points,

Universities, Corporate

networks, etc.

• Each dot represents an AS

• There are 47,000+ ASNs

currently active in the

Internet

peer1.com

Network Interconnection

202.178.112.0/24

2400:3E00:DD::/48 202.178.112.0/24

2400:3E00:DD::/48

Multi-homed network

MAY have a need for BGP and public ASN

Single-homed network

No need for public ASN

Why multihome with BGP and use a

public ASN?

Good interconnection strategy can lower cost of

operation by directing traffic through the most cost

effective connections wherever possible

Good interconnection strategy can lower cost of

operation by directing traffic through the most cost

effective connections wherever possible

Understanding where your network traffic goes and

when possible shortening the path to your main

customers/suppliers/partners could result in better

overall network experience

Understanding where your network traffic goes and

when possible shortening the path to your main

customers/suppliers/partners could result in better

overall network experience

Looking further than next hop path diversification allows

you to better evaluate interconnection options, which in

turn could result in better network resiliency

Looking further than next hop path diversification allows

you to better evaluate interconnection options, which in

turn could result in better network resiliency

Cost Cost

Performance Performance

Resilience Resilience

Global AS Core

Economy level ASN transit map

Data source

• Routeviews.org

– RIBs from routers located in various locations (mostly Internet

Exchanges) around the world (US, Japan, Korea, UK, Australia,

Brazil, Singapore, Serbia)

• First week of April 2015 data

• RIBs collected every two hours

– This is a snapshot, not live data

• This visualisation tool is a work in progress

– APNIC values your feedback

Explanation

Top view Side view

Explanation

Top view Side view

ASNs with more

downstreams

are displayed

closer to the

centre

Explanation

Top view Side view

Lowest ASN shown

at the top, followed

by higher ASNs in a

clockwise direction

Explanation

Top view Side view

Darker nodes/path

means there are more IP

addresses involved in

that route

Explanation

Top view Side view

Maximum observed path length

Singapore

Malaysia

Philippines

Thailand

Indonesia 530 advertised ASNs

4-byte ASN in Indonesia

4-byte range

4-byte ASN in Indonesia

4-byte ASN in Indonesia

Measurements by the Atlas project

RIPE Atlas employs a global

network of probes that

measure Internet

connectivity and

reachability, providing an

unprecedented

understanding of the state of

the Internet in real time

https://atlas.ripe.net/ Need more probes

in Indonesia

Domestic/International path

Domestic/International path

AS4796

AS59785

Domestic/International path

AS4796

AS38158

Transit & peering view

• Visibility of private peerings, which can not be seen on the

global routing table

Need your help

• More Atlas probes on different ASNs, cities, transit paths,

exchanges, etc.

Looking ahead

• As more organisations interconnect with upstreams,

downstreams and peers, the number of advertised ASNs

will continue to grow

• Opportunities to reduce cost, improve resiliency and

performance will be available to those with awareness of

this rich network ecosystem

• New technologies such as SDN and network virtualisation

will drive innovations and change the way networks are

interconnected, so expect to see a more dynamic

ecosystem in the future

Things to consider if you operate an

ASN

Routing Security

Registration

Aggregation

Routing security

• As more networks interconnect, security and stability risks

such as route hijacking, accidental route leakage and other

issues can escalate

• Register and maintain your ‘route’ and ‘route6’ objects in

the APNIC Whois database

– Ensure the import and export attributes accurately reflect your actual

routing policy

• Create your ROA

– A ROA or Route Origin Authorization is an attestation of a BGP route

announcement. It attests that the origin AS number is authorized to

announce the prefix(es). The attestation can be verified

cryptographically using RPKI

ROA

• Create your ROA now in MyAPNIC (or ask IDNIC)

• Benefits

– Verify whether an AS is authorized to announce a specific IP prefix

– Minimize common routing errors

– Prevent most accidental hijacks

• What's contained in a ROA

– The AS number you authorize

– The prefix that is being originated from it

– The most specific prefix (maximum length) that the AS may announce

• Example of what a ROA says in plain language:

– "ISP 4 permits AS 65000 to originate a route for the prefix

192.2.200.0/24" http://www.apnic.net/roa

Registration

• With IPv4 address space nearing exhaustion and transfers taking place, it’s really important that everyone keeps the resource registry updated

• Protect your Internet resource registration information – Keep your APNIC Whois data up to date

• IPv4 range (inetnum)

• IPv6 range (inet6num)

• ASN (autnum)

• Admin contact (admin-c)

• Technical contact (tech-c)

• Incident Response Team contact (irt)

• Help everyone resolve operational issues quickly – Report invalid contacts

Aggregation

• As more routing information entries get added to the global

routing table, it’s important that prefix announcements are

aggregated whenever possible

• The algorithm used in the report (see next slide) proposes

aggregation only when there is a precise match using AS

path so as to preserve traffic transit policies. Aggregation is

also proposed across non-advertised address space

('holes').

http://www.cidr-report.org

43