What's the meaning of BGP prefix? [closed] - ip

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
Through this website IP to ASN lookup,I can get a series of results about the ASN,but I can't find the meaning of BGP prefix.Maybe I know what it is,however,how it works?
Is there anyone who can tell me the role BGP prefix plays in the ASN system?

A prefix announced in BGP consists of the IPv4 or IPv6 address block being announced and also a path of AS numbers, indicating which ASNs the traffic must pass through to reach the announced address block.
A BGP prefix would look something like (IPv4): 701 1239 42 206.24.14.0/24. The /24 part is referred to as a CIDR mask. The /24 indicates that the first 24 bits in the address block is the ?network? part of the address block.
Robtex provides BGP prefixes for each AS number (ex. https://www.robtex.com/as/as42.html#bgp)

First, let us clarify the relationship among an IP prefix, a route, and BGP NLRI.
The primary function of BGP protocol is to exchange network reachability information (i.e. routes) between BGP speakers. Routes are advertised between BGP peers in BGP update messages.
A route contains 1) a set of destinations as an IP prefix which is carried in the Network Layer Reachability Information (NLRI) field in a BGP update message, and 2) the attributes of the path to the destinations, which is carried in the path attributes field in a BGP update message.
Specifically, in BGP update message, an IP prefix is encoded as a 2-tuple form (length, prefix). Also, BGP has an AS_PATH path attribute which is a list of AS numbers through which the routes in this BGP update message has passed. For more details about how AS_PATH works, you can refer to RFC4271 section 5.1.2.
And of course, a BGP session (eBGP or iBGP) needs to be successfully established in order to exchange BGP update messages.
So now we can summary the answer for your question, a prefix is a part of a BGP route, and will be exchanged between BGP neighbors in a BGP update message.

BGP protocol is responsible to exchange IP blocks advertisement (IP prefixes) between Autonomous Systems.
So when you run a query on Cymru IP tool what you see is the IP blocks advertised on Internet using BGP protocol as they reach Cymru routers. In other words this is the internet routing table from their perspective.
Tools like this has a name: looking glass. There's a lot of LG's on globe as they're a very nice tool to understand how IP blocks spread around Internet. BGP play is another project that uses some LG's to mount a graphic view from the Internet prefixes. Check it: https://stat.ripe.net/bgplay

In BGP, a set of destinations is advertised as an IP prefix, eliminating the concept of network "class" within BGP.

Related

How can I know if my computer is behind NAT? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
I'm trying to understand NAT (Network Address Translation) .
Can someone explain how can I determine if my computer is using a NAT (behind a NAT) , or
if it using its own IP address ?
What Barmar said in the comments is the easiest way. Obtaining your IP address over HTTP is indicative that you are behind either a NAT or an HTTP Proxy server. (I suppose it's possible you could have a public IP address, but your device is configured to route HTTP over a caching proxy).
Formal NAT detection and NAT classification can be done with the STUN protocol or equivalent protocol in which a UDP or TCP service echoes back the IP address back to the client that connected to it.
Another telling sign if you are behind a NAT is that your local IP address is in a private IP address range such as the 192.168.x.y range, the 10.x.y.z range, or then 172.16.0.0-172.31.255.255 range.
And pretty much any Wi-Fi setup is going to be a NAT configuration.
The NAT detection technique is based on two observations about the IP TTL (Time To Live) field.
Host operating systems have characteristic initial TTL values. This property of individual operating system implementations of TCP/IP is well known and can be used as part of a "fingerprint" to identify the operating system that a host is running merely by examining its traffic.
NAT devices or gateways decrement the TTL on packets that they forward.
For more details visit: http://www.sflow.org/detectNAT/

Using one ethernet interface to communicate with two routers separately [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
We have a computer that needs to communicate with two routers over one physical ethernet interface. I know this sounds weird, but each router is actually interfaced to an Iridium L Band receiver/transmitter, and we are hoping to double our bandwidth by using two.
I would like to be able to select which link to send data over at the application level, but I'm not quite sure how to do it. My first thought was to establish a virtual IP address in addition to the pre-configured static IP address and use two separate sockets to send() data out over each "interface" separately. My question is, how do I make it so that only one of the routers actually routes the data out to a remote host? The IP addresses and subnet masks of the Iridium transceivers are configurable. Is it possible to make one transceiver only listen to the data coming from one computer IP address? Subnets maybe?
Create vlan inter faces in your machine
ip link add link eth0 name eth0.1 type vlan id 10
ip link add link eth0 name eth0.2 type vlan id 20
assign ip address to eth0.1 and eth0.2 in two networks. Later you can choose which one to bind at application level.
say like this
ifconfig eth0.1 192.168.10.2/24 up
ifconfig eth0.2 192.168.20.2/24 up
Then configure your router in two networks rather than one. Your computer and the routers should be connected to trunk port in the switch. Configure your routers to be in two networks rather than same. Configure subinterfaces in routers so that they listen for vlan 10 and 20 respectively. (how exactly to do this depends on the type of router) I can give you commands only for cisco.

Need to use VPN tunnel for class C network using class A tunnel [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
Here is the scenery. I have several buildings with same subnet IP addresses (192.168.0.0/24).
I need to secure that connection with OpenVPN.
Please assist me how can I organize VPN connection with IP network 10.10.10.0/24
example
HQ (192.168.0.0/24) - VPN 1 (10.10.10.50) --- VPN 2 (10.10.10.51) - Branch (192.168.0.0/24)
I meas assist with NAT if it will be needed or if I just connect , the C class traffic will just be passed through.
Thank you
Since you are merging two nets, you should use TAP interfaces.
TAP (as in network tap) simulates a link layer device and it operates with layer 2 packets such as Ethernet frames. TUN (as in network TUNnel) simulates a network layer device and it operates with layer 3 packets such as IP packets. TAP is used to create a network bridge, while TUN is used with routing.
This way, you will be joining the HQ network with the branch network like if you plug a (secure, pre-shared key may be ok) ethernet cable between them.
But this will likely crash both environments if they are operating now without knowing one about each other. Maybe the HQ router has the same IP as the branch one, or maybe not, but they are both acting as DHCP servers and now they will be on the same network.
Do you really need to merge both nets? I think you should consider to do some network design and let the HQ on the 192.168.0.0/24 but change the n-th branch to 192.168.n.0/24. Then you can do a TUN OpenVPN setup and route between branches and HQ in a hierachical way. It will save you some bandwith too by not spreading irrelevant broadcast traffic over the tunnel.
Thank you
Well you know, I do not have any router installed in HQ side or anywhere in network and maybe that is a big minus (and I will fix that in a time). Now I just need to secure the links between HQ and branches so the optical network provider (that provides links) could not access out data. If you have any good solution please write.
Thank you

How is source port for HTTP determined? Is there ever collision in NAT? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
I know that when a HTTP request is made, packets are sent from a seemingly-random high-numbered port (e.g. 4575) on the client to port 80 on the server. Then the server sends the reply to the same high-numbered port, the router knows to route that to the client computer, and all is complete.
My question is: How is the return port (4575 in this example) determined? Is it random? If so, within what range? Are there any constraints on it? What happens, for example, if two computers in a LAN send HTTP requests with the same source port to the same website? How does the router know which one to route to which computer? Or maybe this situation is rare enough that no-one bothered to defend against it?
The NAT is going to decide/determine the outbound port for a NATed connection/session, via it's own internal means. Meaning, it will vary according to the implementation of the NAT. This means any responses back will come back to that same outbound port.
As for your question:
What happens, for example, if two computers in a LAN send HTTP
requests with the same source port to the same website?
It will assign different outbound ports for each. Thus, it can distinguish between the two in responses it receives. A NATs would create/maintain a mapping of translated ports, creating new outbound port numbers for new sessions. So even if if there were two different "internal" sessions, from two different machines, on the same port number, it would map to two different port numbers on the outgoing side. Thus, when packets came back in on the respective ports, it would know how to translate them back to the correct address/port on the inside LAN.
Diagram:
It depends on the NAT and on the protocol. For instance I'm writing this message behind a full cone NAT and this particular NAT is configured (potentially hard-wired) to always map an UDP private transport address UDP X:x to the public transport address UDP Y:x. It's quite easy to shed some light on this case with with a STUN server (google has some free stun servers), a cheap NAT, 2 laptops, wire shark and a really really light STUN client which uses a hard coded port like 777. Only the first call will get through and it will be mapped on the original port, the second one will be blocked.
NAT's are a hack, some of them are so bad that they actually override on return the public transport address not only in the header but even in the transported data which is kinda crazy.
ICE protocols has to xor the public address to bypass this issue.

non-routable IP address [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed last year.
The community reviewed whether to reopen this question last year and left it closed:
Original close reason(s) were not resolved
Improve this question
I know that 127.0.0.1 is by convention the loopback address and that there are various address ranges which are reserved for local use.
Is there an IP address that is reserved never to be assigned?
I would like to test that something works when an IP address can't be found, I could just use a local address which isn't used but thought that there may be an address which is reserved for such use.
According to Wikipedia article on reserved addresses, there are 3 test networks intended for use in documentation only.
192.0.2.0/24
198.51.100.0/24
203.0.113.0/24
Any address in one of those ranges (eg 203.0.113.1) should not map to anything, and indeed should fail to route.
Depending on the type of test you are doing, there are other listed addresses and address ranges that could be appropriate for what you are trying to do.
I think you may want to reword your question. The private address segments (10.0.0.0 - 10.255.255.255, 172.16.0.0 - 172.31.255.255, 192.168.0.0 - 192.168.255.255) are commonly referred to as "non-routable" addresses. I think what you are asking for is a reserved IP address that is reserved specifically to never be assigned. As far as I know there is no address that is reserved in this fashion.
Anything in the
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
ranges will be dropped by any Internet router - they are intended for internal use only and are not routed. There isn't a single address but using one from a block you don't use internally, as long as your router isn't too clever will do the job.
Of course if you have a managed router it may well drop these anyway and not let them go out of the internal network.
RFC-3330 lists these, and lots of other blocks as well
Looking at RFC 3330, I don't see any IPv4 address reserved for a globally non-routable address.
What I would do is assign -- in local DNS -- an unused local network IP address to the name "blackhole.<domain>" (using the appropriate domain) so you are guaranteed a stable address to which no computer will ever respond. Of course, like always when configuring DNS, ensure that no DHCP server is configured to give out the same address.
192.0.2.0
According to http://en.wikipedia.org/wiki/Reserved_IP_addresses
Assigned as "TEST-NET" in RFC 5737 for use solely in documentation and example source code and should not be used publicly.
https://www.rfc-editor.org/rfc/rfc5737
According to https://en.wikipedia.org/wiki/0.0.0.0, the IP address 0.0.0.0 “is a non-routable meta-address used to designate an invalid, unknown or non-applicable target.”
Well, the answers given are more or less correctly. What you can do is to assign some of the special addresses that are commonly only used as net masks. These will never be encountered in the wild as IP-addresses, so are safe - as long as you don't actually try to use them in the wrong circumstances.
The best ones are:
0.0.0.0 - but be careful to not use it to open a socket, since it will then open a socket to the current main interface on the computer
255.255.255.255 - this one is never assigned, so it should be the best sentinel, unless you need to interact with netmasks.
I had a similar question and I went to figure; if I understood properly; to use a non-forwardable network such as : 169.254.0.0/16 or 127.0.0.0/8
http://www.iana.org/assignments/iana-ipv4-special-registry/iana-ipv4-special-registry.xhtml
Will IPv6 work for your purposes? It looks like IPv6 has a whole range specifically reserved for blackhole usage: 100::/64
So, specifically, 100:: should work.
Wikipedia reference: https://en.wikipedia.org/wiki/IPv6_address#Special_addresses
RFC: https://datatracker.ietf.org/doc/html/rfc6666
depending on what the test is you might be able to use the subnet broadcast address.
i.e.
network = 192.168.1.0 /24
broadcast = 192.168.1.255
For IPV4 the non-routable addresses ranges are from 10.1.1.1 to 10.255.255.254, from 172.16.1.1 to 172.31.255.254, and from 192.168.1.1 to 192.168.255.254. These IP addresses will not be recognized outside of a private network.

Resources