AS-Set Object

Customers who have, or plan to have, more than one autonomous system (AS) should register an as-set to make sure that the access-lists applied to their BGP sessions are always up-to-date. Understanding the need for the as-set requires knowing how routes are selected from the registry when building access-lists. Contrary to what some people think, routes are not selected based on the mnt-by field. It is not the case that the access-list applied to customer Acme is generated by selecting all route objects with a mnt-by field of MAINT-AS123. The way routes are selected from the registry when building an access -list is by origin AS (the origin field of the route object). Broadband One has a configuration file which lists the AS's associated with a BGP session. If the customer adds a new AS to his network, then that customer would have to send a message to ipadmin@bboi.net and ask them to change their list of ASs. Because this is a manual process for two parties, it introduces delay and the possibility for mistakes. In this instance it is best to use an as-set object like the one shown below. Many European exchanges (and an increasing number of US exchanges) are using the registry information to generate their lists as well. This would imply that an entry that does not match both AS number and prefix will not necessarily function properly.

A sample AS-Set (preferred format):

as-set:      	AS-ACMENET
descr:        	List of all AS's and AS sets Broadband One should accept from Acme Net
members:      	AS123, AS376, AS542, AS591, AS838,
                AS611, AS684, AS691, AS800, AS839,
                AS803, AS807, AS-DRENET, AS-GTIS
remarks:      	just a quick example
tech-c:       	JD1-ACME
admin-c:      	ZA1-ACME
notify:       	jdoe@acme.net
mnt-by:       	MAINT-AS123
changed:      	jdoe@acme.com 19941206
source:       	BBOI
Hierarchical AS-Set:
as-set:         AS123:AS-ACMENET
descr:          List of all AS's and AS sets Broadband One should accept from Acme Net
members:        AS123, AS376, AS542, AS591, AS838,
                AS611, AS684, AS691, AS800, AS839,
                AS803, AS807, AS-DRENET, AS-GTIS
remarks:        just a quick example
tech-c:         JD1-ACME
admin-c:        ZA1-ACME
notify:         jdoe@acme.com
mnt-by:         MAINT-AS123
changed:        jdoe@acme.com 19941206
source:         BBOI
**NOTE - An aut-num object for the set ASN must be entered prior to the hierarchical as-set being entered. **NOTE - Broadband One does not build routing policies based on aut-num objects.

Object Template

as-set:         [mandatory]  [single]     [primary/look-up key]
descr:          [mandatory]  [multiple]   [ ]
members:        [optional]   [multiple]   [ ]
mbrs-by-ref:    [optional]   [multiple]   [inverse key]
remarks:        [optional]   [multiple]   [ ]
tech-c:         [mandatory]  [multiple]   [inverse key]
admin-c:        [mandatory]  [multiple]   [inverse key]
notify:         [optional]   [multiple]   [inverse key]
mnt-by:         [mandatory]  [multiple]   [inverse key]
changed:        [mandatory]  [multiple]   [ ]
source:         [mandatory]  [single]     [ ]

Attribute Descriptions

as-set: This attribute defines the name of the as-set, which may be used as a convenient reference to a group of ASNs and as-sets. The name should be of the format: (AS-NAME) or (AS#:AS-NAME) Where NAME is composed of alphabetic characters (in upper case) and numbers.

descr: A short description of this object. All characters are possible. The description field may span multiple lines, either with or without labels.

members: A list of ASN reference or names of other as-sets separated by commas. All as-sets referenced must be in the same registry as the parent as-set. There may be multiple members fields, with multiple members: labels, or a single label e.g.

members:        AS1,AS2,AS3,AS4,AS5, AS-CUSTOMER
OR:
members:	AS1, AS2, AS3,
	AS4, AS5, AS-CUSTOMER
OR:
members:	AS1, AS2, AS3
members:	AS4, AS5, AS-CUSTOMER

remarks: General remarks. Can include an URL or RFC822 email address (preceded by mailto:) - may span multiple lines, either with or without multiple remarks: labels.

admin-c: An on-site contact (person) represented by (NIC-handle), which links to a person object.

tech-c: A technical contact, represented by (NIC-handle ), which links to a person object.

notify: The e-mail address to which notifications of changes to an object should be sent (RFC-822 format).

mnt-by: The identifier of a registered maintainer object used for authorization and authentication - may be a reference to its own mntner label.

changed: The e-mail address of the person who previously changed this object. (RFC822 e-mail address) E-mail address of person updating the object.

source:The identifier of the database that contains authoritative data for this object. This should be BBOI (in upper case) for all Broadband One maintainers.

Back to Table Of Contents