IRRd
User/Configuration Guide
Version 1.4.3 Alpha
(Draft 2/27/98 3:46 PM)
The Regents of the University of Michigan ("The Regents") and Merit Network, Inc. All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above
copyright notice, this list of conditions and the
following disclaimer.
2. Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the
following disclaimer in the documentation and/or other
materials provided with the distribution.
3. All advertising materials mentioning features or use of
this software must display the following acknowledgement:
This product includes software developed by the University of Michigan, Merit Network, Inc., and their contributors.
4. Neither the name of the University, Merit Network, nor the
names of their contributors may be used to endorse or
promote products derived from this software without
specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Table of Contents
1. Introduction
*Document Conventions
*Getting Help
*Credits
*2. Obtaining the IRRd Code
*System Requirements
*3. Building and Installation Procedure
*4. Using IRRd
*Getting Started
*Synopsis
*Options
*Description
*Interactive Interface
*Configuration Commands
*Machine/Tool Interface
*Related Documents
*
IRRd is a streamlined, stand-alone version of the Internet Routing Registry (IRR) database server. When used in conjunction with policy tools such as RtConfig, Roe, and Aoe, the IRRd server allows:
Besides the usual RIPE whois queries, the IRRd Server also provides a protocol for getting information from RIPE-style database files that is not easily (or rapidly) obtainable using the standard RIPE whois queries. These queries can be submitted one-at-a-time via whois, or by establishing a connection to the server, issuing multiple queries, and then closing the connection.
IRRd is currently bundled with the Multi-threaded Routing Toolkit (MRT). a platform for developing and debugging routing protocols and routing code. In addition to IRRd, MRT includes multi-protocol routing daemons, network anyalyzers, routing simulators and routing management tools.,
The following document conventions are used in the IRRd User/Configuration Guide:
The IRRd and MRT development teams are available to answer questions and provide configuration advice. We are also very interested in bug reports, feature requests, and general feedback. Please contact us by sending e-mail to db-admin@ra.net.
IRRd was developed by Gerald Winters, Jake Khuon, and Craig Labovitz of the Internet Engineering Group at Merit.
MRT was originally developed by Merit Network, Inc., under National Science Foundation grant NCR-9318902, "Experimentation with Routing Technology to be Used for Inter-Domain Routing in the Internet." Current MRT research is supported by the National Science Foundation (NCR- 9710176) and a gift from Intel Corporation. The design and ideas behind many of the MRT libraries draws heavily on the architecture pioneered in the GateD routing daemon.
xx
To obtain current copies of the Internet Routing Registry databases, ftp the databases and CURRENT_SERIAL number from the Internet Routing Registry ftp site:
ftp://ftp.merit.net/routing.arbiter/radb/dbase
These files stored in the irr_directory file configured in the IRRd config file. By default, /var/spool/IRRd/ is used. (need help here)
For real-time mirroring, you will need to contact the database administrators to obtain the appropriate IP address and port number used for mirroing service. At present, only the RADB, RIPE, and ANS registries support real-time mirroring. For other database, a Perl FTP cronjob client is available. Send email to db-admin@ra.net for more information.
Although the binaries are compiled with IPv6 extensions, most of them will run on IPv4-only platforms. Examples of configuration files are found in each tool directory under programs, or in the conf directory in the binary distribution.
GCC is recommended but other commercial compilers will also work.
IRRd runs with native POSIX threads (pthreads) on Solaris 2.5 or later. IRRd does not work correctly with the MIT Pthreads library. IRRd is designed to run under threads-capable operating systems, but the code will run on uni-processor systems lacking thread and shared memory support. Without threads, however, the software's performance will be significantly degraded (but may be sufficient for some situations).
Because the IPv6 kernel implementations and API specifications are still in flux, IRRd may not run on the latest IPv6 platforms. On systems running Linux IPv6, IRRd may require the inet6 library, and the code will not compile with glibc-2.x.
We have compiled and tested IRRd and the other MRT tools on the following systems/environments:
MRT provides IPv6 support for:
Other users have reported that MRT runs on:
This chapter explains how to download, build, and install the IRRd code. We recommend that you use the IRRd binaries, but if desired, source code is also available.
% cd /tmp
% ftp ftp.merit.edu
ftp> cd /net-research/mrt
ftp> get irrd.tar.gz
ftp> quit
% cd /usr/local/src
% gzip -cd < /tmp/irrd.tar.gz | tar xvf –
Change (cd) into that directory and run the shell script make-sym-links. This will create a new directory named src.[platform]. Change into this new directory and run ./configure. The make-sym-links script allows the same source directory to build IRRd on multiple platforms.
% cd /usr/local/src/mrt-<version>
% sh make-sym-links
% cd src.<platform>
% ./configure
% make
% su
# make install
irrd 5673/tcp # MRT IRRd routing registry server
IRRd can be invoked from the command line, or from the Unix boot/startup script. Below is an example of starting the IRRd routing daemon from the command line:
> /usr/local/bin/irrd
Once running, IRRd will begin to listen for user telnet connections on the TCP port specified in /etc/services. The daemon may be configured by editing a configuration file, or by invoking the configuration utility from the interactive user telnet interface. Below is an example of telneting to the user interactive interface (UII) port on a machine running IRRd. The "irrtd" number has been configured in /etc/services (see the Installation Manual for more information).
>telnet mrt.merit.edu irrd
MRT version 1.4.2 ALPHA January 8, 1998
User Access Verification
[71] password> ***
[71] MRTd>
If a password is specified in the configuration file, it must be supplied at the password prompt. Initially, IRRd and other MRT programs default to no password access control and restrict user interactive telnet to the loopback address or the interface address of the local machine.
The IRRd user interface supports Unix shell-like redirection (> or >> filename) for output. To edit a line, emacs-like line editing, including ^a, ^e, ^b, ^f, ^d, ^k, ^u and ^c, is available. To reuse a previous line, the tcsh-line history function is available by typing ^p and ^n.
-f config_file
Specify the configuration file to use. By default, IRRd looks in /etc/irrd.config.
Verbose logging
The current version of IRRd supports mirroring and updates. Interactive telnet connections are on port "irrd" in /etc/services.
The IRRd command language shares many similarities with the language used on Cisco Systems routers. Commands include:
Below is an example of a user interactive telnet command to the IRRd daemon:
[47] IRRd> show databases
Database Size (kb) Rt Obj AutNum Obj Serial #
--------- -------- ------ --------- --------
mci 6722.3 40076 435 0
radb 10257.5 42913 1083 19889
ans 58654.5 9067 24 6498
ripe 3823.7 16854 1461 1312991
canet 1027.3 9073 58 0
mci mirroring 198.108.0.8
radb mirroring 198.108.0.8
ans mirroring 198.108.0.8
ripe mirroring 198.108.0.8
canet mirroring 198.108.0.8
When IRRd is started for the first time and no configuration file exists on disk, the programs will create a default configuration in volatile memory. This configuration may be modified in memory by issuing the "config" command from the UII telnet interface prompt. Modifications to volatile memory may be saved to disk using the "write" command. Modifications not saved to disk will be lost if the application terminates or is rebooted.
Upon startup, IRRd will search for the default configuration file for the application (usually /etc/<application_name.conf>). The user may also override the default configuration file by providing a "-f <filename> " flag on the command line of the application.
A WARNING – Most, but not all, configuration commands may be issued even through the interactive, telnet interface. In this alpha release, the modification of volatile memory occasionally may have unintended side effects. In rare instances, the alteration of some volatile memory setting may crash the application. We recommend most configuration changes be made directly to the configuration file on disk. The program must be restarted, or rebooted, to reread the changed configuration file. Improved support for configuration management will be available with the next release of IRRd.
IRRd supports the following configuration commands:
uii—configures the user interface (by telnet)
uii_password <string>
Sets a password
uii port
Changes the port number with
debug—controls debug options
debug
Logs debug messages specified
.... info, norm, trace, parse, packet, state, timer, all .... filename or "stdout". Some applications also support "syslog"
access-list—defines a filter
access-list
Defines an access list
Matches are performed in the order in which they appear. At the end of a list with the same number, permit all is assumed.
!—comment and separator
Comments can appear at the beginning of a line, or any other place in the line. A comment at the beginning of a line is treated as a separator, which ends a command clause followed by its sub-commands, such as router and interface.
redirect—allows shell-like redirection of output (> or >>).
redirect
<directory>Allows redirection to files in this directory. Unrestricted redirection was deemed a security problem.
irr_directory—specify the cache directory for database files
irr_directory
irr_database—the database to be included and served by this server
irr_database
Include a database named <name>.db in the IRR directory in the list of databases provided by the Server. If available, enable automatic mirroring to hostname on the selected port (default is 43). If authoritative keyword is used, updated will be allowed for this database.
irr_mirror_interval—The interval for obtaining mirror updates
irr_mirror_interval <
seconds>irr_port—The port to listen on for "RAWhoisd" style machine TCP connections
irr_port <
port>After editing the configuration file, the user may return to the top-level of the interactive telnet interface by typing a ^Z or entering exit. Below is an example of an interactive telnet session using the IRRd configuration mode.
[example to be supplied]
RADB-style machine telnet queries are available on the port specified in the configuration file. Although IRRd was designed for use by tools such as RtConfig, peval, and PRtraceroute, it is also extremely useful for compute-intensive queries generated by individuals.
g command
Get routes with specified origin. e.g., !gas1234 h command Get routes with specified community. e.g., !hCOMM_NSFNET i command with option 1 Return all lines of as-macro. Recursive lookup available. e.g., !iAS-ESNETEU # non-recursive, don't expand # any embedded marcos e.g., !iAS-ESNETEU,1 # expand any embedded AS marcos man command Get the aut-num object with the specied key. man,—aut-num mam,—as-macro mcm,—community mmt,—maintainer eg, !man,as1234 q command Quit the IRRd session. eg, !q r command with option l, o, L Perform route searches. Default finds exact prefix/len match. o - return origin of exact match(es) l—one-level less specific L—all less specific M—all more specific e.g., !r141.211.128/24,l s command Set the sources to the specified list. Default is all sources. e.g., !sradb,ans lc - show the currently selected sources e.g., !s-lc
u command
Update the database
!us—start update
IRRd treats each database (i.e., the RADB and the ANS, MCI, and RIPE databases) as a separate object. As a general algorithm, IRRd will scan each database and return an answer from each. However, the !m ... commands (i.e., ‘match objects commands’) and the !i... command use a slightly different general algorithm.
The !m... commands return immediately after finding an object, even if an identical object exists in another registry. The !m command is used to find a match for an object and will return at most one object. For example,
!man,AS1234
A351
*an: AS1234
*de: Imatran Voima Ltd
*de: IVOWAN
*ai: AS790 100 ANY
*ai: AS1759 100 AS544 OR AS1759
*ao: AS1234 AS1234
*ao: AS1759 AS1234
*ac: TT18-RIPE
*tc: JT35-RIPE
*tc: LK34-RIPE
*tc: KS76-RIPE
*ny: jan.tamlander@ttgroup.fi
*ny: lauri.kumpulainen@ttgroup.fi
*ny: kalevi.sinkko@ttgroup.fi
*mb: DATANET-NOC
*ch: Jarmo.Oksanen@tele.fi 951120
*so: RIPE
C
The !i command finds AS macro objects and will recursively expand embedded AS macros when the proper option is specified. For example,
!iAS-ICINET
A24
AS6561 AS7252 AS-LTINET
C
!iAS-ICINET,1
A28
AS6561 AS7252 AS7790 AS7346
C
The !i command searches the databases in the order specified by the user and returns when it finds an object. When the ,1 option is specified to indicate embedded macro expansion, the command will expand embedded macros using the database where the macro was found. The other database sources, as specified by the user, will only be used when a match is not found in the source in which the macro was found.
Therefore in the above sample command !iAS-ICINET,1, assuming the specified search order is RADB, RIPE, MCI, ANS, CANET (Bell Canada), and the embedded macro AS-LTINET is found in the ANS registry, AS-LTINET will be expanded first in the ANS registry, rather than in the RADB.
Below is an example of telneting to the IRRd command port and issuing a command to see all less specific routes:
home% telnet irrserver 5006
Trying 198.108.60.133...
Connected to irrserver.
Escape character is '^]'.
!r198.108.60.88/32,L
A329
*rt: 198.108.0.0/14
*nh: 192.41.177.181
*as: 3561 237 IGP
*or: AS237
*so: mae_east
*rt: 198.108.0.0/14
*nh: 198.32.128.129
*as: 3561 237 IGP
*or: AS237
*so: pb
*rt: 198.108.0.0/14
*nh: 198.32.130.12
*as: 3561 237 IGP
*or: AS237
*so: aads
Bates, T., E. Gerich, L. Joncheray, J-M. Jouanigot, D. Karrenberg, M. Terpstra, and J. Yu. Representation of IP Routing Policies in a Routing Registry (ripe-81++). ftp://nic.merit.edu/documents/rfc1786.
Colton, R., Ferguson, D. and J. Moy. OSPF for IPv6.
ftp://nic.merit.edu/documents/internet-drafts/ draft-ietf-ospf-ospfv6-05.txt
Gerich, E., Karrenberg, D., Meyer, D., Terpstra, M. Villamizar, C., Alaettinoglu, C., and T. Bates. Routing Policy Specification Language (RPSL).
ftp://nic.merit.edu/documents/internet drafts/draft-ietf-rps-rpsl-04.txt,ps.
Malkin, G. and R. Minnear. RIPng for IPv6.
ftp://nic.merit.edu/documents/rfc2080.
Marques, P.R. and F. Dupont. Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing.
ftp://nic.merit.edu/documents/internet_drafts/draft-ietf-idr-bgp4-ipv6-00.txt
Moy, J. OSPF Version 2.
ftp://nic.merit.edu/documents/internet-drafts/draft-ietf-ospf-vers2-02.txt
The RADB and the Internet Routing Registry, in RADB Frequently Asked Questions, http://www.ra.net/RADB.tools.docs/.faq.html.