All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Safe to announce IP from multiple ASNs?
I don't have my own ASN, but I have my own IP block.
If I am using the IP for anycast, Is it safe to announce the ip from more than 1 block if I find 2 providers that will advertise my prefix through their own ASN? What kind of issues might I run into?
I've done some googling and the only thing I could find about it was this paper which described it as "Multiple Origin AS (MOAS) Conflicts" but I could not find an answer about how it was a problem.
http://www.cs.colostate.edu/~massey/pubs/conf/massey_imw01.pdf
Is there a list of vps providers that will announce your prefix for you without requiring you to have an ASN? I see some providers advertising "free BGP sessions". Does this mean they will advertise your block for you on their ASN or do you need your own?
Comments
Vultr, @anyNode, @vmhaus, @Clouvider, @IonSwitch_Stan all support BGP. With the exception of Vultr, you’ll need your own ASN.
Having said that, if you want to anycast anything, I highly suggest you get an ASN. This is so you can announce the IPs yourself from multiple locations.
(tl;dr I don’t recommend announcing IPs from multiple ASNs AT all.)
Announcing the same subnet from multiple Autonomous Systems would allow incoming traffic to go to the nearest AS, as determined by shortest AS-level path.
Stateless services (e.g. DNS) is likely going to work. Stateful services (e.g. anything that involves TCP or DTLS) may have problems, because two packets from the same source could be routed to two different destinations, when two announcements have the same AS path length, or a path failure occurs.
But why exactly?
Isn't this an issue already for anycast behind a single ASN already? The incoming traffic can go to a different PoP at any time.
For unicast, sure having incoming traffic end up in random PoPs is a problem, but if your servers are stateless, is this an issue?
I think this page shows routes that are announced by multiple ASes: https://bgp.he.net/report/multi-origin-routes
Looks like it's fine actually, if Verisign are doing that...
I would not recommend it as a lot of ISPs, IXPs etc. filter on route origin and will just discard everything but the correct path to the asn that is set as the origin in arin/ripe/peeringdb .
The way to correctly do multicast is to have your own asn behind multipe ISPs. That way the origin asn stays the same and nobody should reject the bgp announcement.
See for example:
If multihoming to different ISPs, public ASN needed:Either go to upstream ISP who is a registry member, or Apply to the RIR yourself for a one off assignment, or Ask an ISP who is a registry member, or Join the RIR and get your own IP address allocation too (thisoption strongly recommended)!
[https://www.nanog.org/meetings/nanog41/presentations/BGPMultihoming.pdf Slide 34]
It’s ugly. Don’t do it. If you anycast, get an ASN.
^ this. There’s a reason why most companies don’t do this.
He wants to anycast his IPs. He’s likely going to use his prefix for web/etc. traffic.
It gets pretty darn ugly when you try to have ex. Vultr announce your IPs and another provider do the same halfway across the world. You’ll have a massive clusterfuck because you’ll have little-to-no control over your setup.
(If he does get an ASN: when you have your own router (virtual/physical), you can configure and use BGP communities with supported networks to control routes.)
tl;dr to the OP: while it is possible to announce a single prefix from multiple networks, I highly recommend that you don’t. Anycast isn’t easy to do well anyway — you should try playing around on DN42 and getting familiar with Bird. Once you’re comfortable with configuring routes/etcetera, get an ASN and announce the prefix yourself.
It will confuse route optimizers and similar. While it may work, it's certainly not a good idea.
Get an ASN.
You can do that anyway over iBGP if your BGP peers filters are setup correctly.
Ok then how do I go about getting 2 peering agreements to get an ASN?
Is this going to cost a lot of money?
You can do it, but it's much better to get your own ASN. It's easier to fine tune stuff.
If you are set on announcing from multiple ASNs, don't forget to create appropriate IRR entries for multiple ASNs.
Just put Vultr/Choopa AS20473 and HE AS6939 in the request.