[technique] jouer avec inetnum 109.197.240.0/21 et AS24935

[Jérôme Nicolle]

Plop,

Les entrées RIPE sont toutes à jour :

inetnum:        109.197.240.0 - 109.197.247.255
netname:        CERIZ-MAIN
descr:          Ceriz
country:        FR
org:            ORG-CA1006-RIPE
admin-c:        JN2000-RIPE
tech-c:         JN2000-RIPE
status:         ASSIGNED PI
mnt-by:         RIPE-NCC-END-MNT
mnt-by:         MNT-CERIZ
mnt-lower:      RIPE-NCC-END-MNT
mnt-routes:     MNT-CERIZ
mnt-domains:    MNT-CERIZ
source:         RIPE #Filtered



organisation:   ORG-CA1006-RIPE
org-name:       Ceriz
org-type:       OTHER
address:        35 rue Musset, 31200 Toulouse, FR
e-mail:         jerome at ceriz.fr
mnt-ref:        MNT-CERIZ
mnt-by:         MNT-CERIZ
source:         RIPE #Filtered



person:         Nicolle Jerome
address:        35 rue Musset
address:        appt.74 et.13
address:        31200 Toulouse
address:        FRANCE
phone:          +33619312714
e-mail:         jerome at ceriz.fr
remarks:        email prefered
remarks:        recommended mail treated as spam
remarks:
remarks:        PGPKEY-06A68A1B
nic-hdl:        JN2000-RIPE
mnt-by:         MNT-CERIZ
source:         RIPE #Filtered



aut-num:        AS24935
as-name:        CERIZ
descr:          Ceriz
org:            ORG-CA1006-RIPE
import:         from as197422 accept any
export:         to as197422 announce AS-CERIZ
admin-c:        JN2000-RIPE
tech-c:         JN2000-RIPE
mnt-by:         RIPE-NCC-END-MNT
mnt-by:         MNT-CERIZ
mnt-routes:     MNT-CERIZ
source:         RIPE #Filtered



as-set:         AS-CERIZ
descr:          Ceriz
members:        AS24935
admin-c:        JN2000-RIPE
tech-c:         JN2000-RIPE
mnt-by:         MNT-CERIZ
source:         RIPE #Filtered



route:          109.197.240.0/21
descr:          CERIZ
org:            ORG-CA1006-RIPE
origin:         AS24935
mnt-by:         MNT-CERIZ
source:         RIPE #Filtered



mntner:         MNT-CERIZ
descr:          Maintainer of Ceriz
admin-c:        JN2000-RIPE
auth:           MD5-PW $1$RLoP8ZCU$GVQpDUGBudLxTD2FWQCgc/
auth:           PGPKEY-06A68A1B
mnt-by:         MNT-CERIZ
referral-by:    RIPE-DBM-MNT
source:         RIPE #Filtered


J'ai plus qu'à configurer la machine kivabien... Puis on rajouterai ça
dans h3 :

filter bgp_IN_CERIZ {
        if (net ~ [109.197.240.0/21]) then accept;
        else reject;
}

protocol bgp CERIZ {
         local as myas;
         neighbor [IP_TBD] as 24935;
         preference 200;
         password "wtfbbqdeadbeef";
         import filter bgp_IN_CERIZ;
         export all;
}

et sur gw et h3, remplacer filter bgp-OUT par :

filter bgp_OUT {
        if (net ~ [91.224.148.0/23,109.197.240.0/21]) then accept;
        else reject;
}

Voilà pour IPv4, j'ai pas de préfixe v6 à annoncer pour l'instant.

Ca vous semble correct ?

@+

-- 
Jérôme Nicolle
06 19 31 27 14