User Tools

Site Tools


federation:network-ranges

Network ranges

The following is the outcome of several discussions at the confine meeting in Barcelona (October 2012).

Connectivity (Current)

All project partners will be connected through Federica Network. Federica is basically a layer 2 switch spread over Europe which will be used by us to set up BGP peerings for the confine testbed.

Inside Federica the subnet 172.17.219.0/27 will be used for IPv4 peerings. Each partner also gets an (unofficial) AS Number for BGP.

Partner/Network AS Number IPv4 Address IPv6 Address
Funkfeuer Wien 172191 172.17.219.1 tba
Funkfeuer Graz/Weststeiermark 172192 172.17.219.2 tba
AWMN 172193 172.17.219.3 fe80::250:56ff:fe92:2023
guifi.net 172194 172.17.219.4 tba
iMinds 172195 172.17.219.5 tba
Fraunhofer FKIE 65064 172.17.219.6 fe80::5054:ff:fe02:5402
AWMN FEDERATION TEST ROUTER 172197 172.17.219.7 tba
iMinds BGP test at Guifi.net 172198 N/A N/A
ninux 172199 172.17.219.9 N/A
Sarantaporo.gr 172198 172.17.219.10 N/A
RedIris carrier 172196 172.17.219.11 N/A

(The iMinds BGP test router at Guifi.net is a test, and will not do any CONFINE peering.)

Federica is not maintained anymore, we use RedIris/GEANT for the federation

confine_architecure.pptx

Connectivity (New Plan)

IN PROCESS

With Federica issues in mind and due to considerations that some partners have expressed regarding the ASN assignments in the previous setup, we have discussed reassigning Private ASNs and implementing the VPNs and Routing with IPIP tunnels or by extending the EoIP bridged network that currently works from Guifi to AWMN. A proposal of the revised version of the above table plus the peering table can be seen below.

Partner/Network AS Number
Funkfeuer Wien 65065
Funkfeuer Graz/Weststeiermark 65066
AWMN 65067
guifi.net 65068
iMinds 65069
Fraunhofer FKIE 65064
AWMN FEDERATION TEST ROUTER 65070
iMinds BGP test at Guifi.net 65071
ninux 65072
Sarantaporo.gr 65073
RedIris/GEANT 65074
DANTE/GEANT for iMinds 20965

Option 1 Extending the EoIP VPN mechanism

One option we currently have is to extend the Use of EoIP and create a backbone based on nodes (Partners) that can offer connectivity to everybody with no adverse effect on their traffic bills. AWMN and iMinds have offered to provide the 2 PoPs which can be used to connect all the partners of the net. According to hop counts, distances and with traffic overhead estimates, we could design the interconnection of half of the testbed on one PoP and the rest to the other for a loop free network. Further extending this, we can utilize protocols to prevent loops and create redundant paths to cover for connectivity failures.

Option 2 IPIP Peering Map with Peering Addresses

A proposed alternative solution to the bridged solution of federica is to implement IPIP tunnels in mesh and fully connect each partner with all the rest. A proposed peering map is shown bellow.

It was suggested to keep existing peerings and to only establish tunnels if no other direct peerings (i.e. via federica) exist.

The partner in the same row as the netmask gets to use the first IP address and the partner in the same column gets the second IP address. i.e. Tunnel Funkfeuer Wien - Funkfeuer Graz. Wien gets 172.16.200.1 Graz gets 172.16.200.2.

Partner/Network Funkfeuer Graz AWMN guifi.net iMinds Fraunhofer FKIE ninux sarantaporo.gr
Funkfeuer Wien 172.16.200.0/30172.16.200.4/30172.16.200.8/30172.16.200.12/30172.16.200.16/30172.16.200.20/30 172.16.200.24/30
Funkfeuer Graz 172.16.200.28/30 172.16.200.32/30 172.16.200.36/30 172.16.200.40/30 172.16.200.44/30 172.16.200.48/30
AWMN 172.16.200.52/30 172.16.200.56/30 172.16.200.60/30 172.16.200.64/30 172.16.200.68/30
guifi.net 172.16.200.72/30172.16.200.76/30172.16.200.80/30 172.16.200.84/30
iMinds 172.16.200.88/30172.16.200.92/30172.16.200.96/30
Fraunhofer FKIE 172.16.200.100/30 172.16.200.104/30
ninux 172.16.200.108/30
Partner/Network Peering Router Public IP
Funkfeuer Wien
Funkfeuer Graz 217.29.149.78
AWMN 5.172.204.146
guifi.net
iMinds
Fraunhofer FKIE
ninux

IPv4

As most networks use private (RFC 1918) ranges (mostly 10.0.0.0/8) inside their networks it is not possible to have full routing between any node from network A to any node of network B due to clashes in range assignments. Nevertheless every partner will announce the network ranges (at least those used by confine nodes). For clashing network ranges incoming route filters have to be installed. The following network ranges will be announced using BGP. Prefix ranges marked as “essential” should be accepted by any partner, other prefixes may be accepted:

Partner/Network IP-Range Status Potential conflicts Verified
Funkfeuer Wien 78.41.119.0/24 essential
Funkfeuer Wien 78.41.112.0/21
Funkfeuer Wien 193.238.156.0/22
Funkfeuer Wien 10.255.128.0/17 essential
Funkfeuer Graz/Weststeiermark 10.12.120.0/21 essential 10.0.0.0/10 (AWMN)No Conflict
Funkfeuer Graz/Weststeiermark 10.12.0.0/16 10.0.0.0/10 (AWMN)No Conflict
Funkfeuer Graz/Weststeiermark 10.51.0.0/16 10.0.0.0/10 (AWMN)No Conflict
Funkfeuer Graz/Weststeiermark 193.33.150.0/23
AWMN 10.0.0.0/10 10.12.0.0/16 (FFGraz)
10.20.0.0/16 (guifi)
10.35.0.0/16 (guifi)
10.38.0.0/16 (guifi)
10.51.0.0/16 (FFGraz)
No Conflict
AWMN 10.64.0.0/11 10.64.0.0/16 (FKIE)
10.65.0.0/16 (iMinds)
No Conflict
AWMN Confine specific Subnet 10.255.0.0/17
Sarantaporo.gr 10.130.0.0/16
guifi.net 10.138.0.0/15
guifi.net 10.140.0.0/16
guifi.net 10.228.0.0/16
guifi.net (check validity) 10.20.0.0/16 10.0.0.0/10 (AWMN)Partial Conflicting
guifi.net (check validity) 10.35.0.0/16 10.0.0.0/10 (AWMN)Partial Conflicting
guifi.net (check validity) 10.38.0.0/16 10.0.0.0/10 (AWMN)Partial Conflicting
guifi.net (check validity) 10.90.0.0/16 10.64.0.0/11 (AWMN)Partial Conflicting
guifi.net (check validity) 10.95.0.0/16 10.64.0.0/11 (AWMN)No Conflict
iMinds 10.65.0.0/16 essential 10.64.0.0/11 (AWMN)No Conflict
Fraunhofer FKIE 10.64.1.0/24 essential 10.64.0.0/11 (AWMN)No Conflict
Fraunhofer FKIE 10.64.0.0/16 optional 10.64.0.0/11 (AWMN)No Conflict

Note: AWMN uses most ranges of 10.0.0.0/8 and therefore has to summarize or filter routes from partners on their border gateway. Each partner will also be responsible in taking care of conflicts. Compromises will be made on subnets that it is impossible to bridge. Those will either be filtered out or NATed. The subnet 10.255.0.0/16 has been reserved in the Original AWMN National Address plan. This has been chosen and split between partners as to avoid any extra clashes. Confine nodes inside AWMN will be kept in the range 10.255.0.0/17 and will be be able to connect to other confine nodes across to other partners. Under those conventions, connections to confine nodes of AWMN from any node in any other network should work.

All this information is subject to change and most probably will be updated as the networks actually get connected. Any changes, additional filtering and NAT must be documented here.

AWMN Athens address plan (03/02/2013)

Municipality IP start IP stop Prefectures
Reserved for Services 10.0.0.0 10.1.255.255Athens Prefecture
Municipality of Athens 10.2.0.0 10.11.255.255Athens Prefecture
Funkfeuer Graz / Weststeiermark 10.12.0.0 10.13.243.255 Athens Prefecture
Municipality of Agia Varvara 10.13.244.0 10.14.134.255 Athens Prefecture
Municipality of Agia Paraskevi 10.14.135.0 10.15.151.255 Athens Prefecture
Municipality of Aghios Dimitrios 10.15.152.0 10.16.208.255 Athens Prefecture
Municipality Saints Anargiri 10.16.209.0 10.17.110.255 Athens Prefecture
Municipality Aigaleo 10.17.111.0 10.18.209.255 Athens Prefecture
Municipality of Alimos 10.18.210.0 10.19.136.255 Athens Prefecture
Municipality of Maroussi 10.19.137.0 10.20.213.255 Athens Prefecture
Municipality Argyroupolis 10.20.214.0 10.21.116.255 Athens Prefecture
Municipality Vrilission 10.21.117.0 10.21.239.255 Athens Prefecture
Byron township 10.21.240.0 10.23.20.255 Athens Prefecture
Municipality Galatsiou 10.23.21.0 10.24.43.255 Athens Prefecture
Municipality of Glyfada 10.24.44.0 10.25.173.255 Athens Prefecture
Municipality Dafnis 10.25.174.0 10.26.31.255 Athens Prefecture
Greek Municipality 10.26.32.0 10.26.112.255 Athens Prefecture
Municipality of Zografou 10.26.113.0 10.27.221.255 Athens Prefecture
Municipality Heliopolis 10.27.222.0 10.29.73.255 Athens Prefecture
Heraklion 10.29.74.0 10.30.38.255 Athens Prefecture
Municipality of Ilion (New Liosion) 10.30.39.0 10.31.170.255 Athens Prefecture
Municipality Kaisarianis 10.31.171.0 10.32.41.255 Athens Prefecture
Municipality of Kallithea 10.32.42.0 10.34.55.255 Athens Prefecture
Municipality Kamaterou 10.34.56.0 10.34.162.255 Athens Prefecture
Municipality of Kifissia 10.34.163.0 10.35.117.255 Athens Prefecture
Municipality Lykovryseos 10.35.118.0 10.35.156.255 Athens Prefecture
Municipality of Melissia 10.35.157.0 10.35.250.255 Athens Prefecture
Municipality Transfiguration 10.35.251.0 10.36.121.255 Athens Prefecture
Muscat Municipality 10.36.122.0 10.36.232.255 Athens Prefecture
New township Eritrea 10.36.233.0 10.37.50.255 Athens Prefecture
Municipality of Nea Ionia 10.37.51.0 10.38.111.255 Athens Prefecture
Municipality of New Smyrna 10.38.112.0 10.39.210.255 Athens Prefecture
Municipality of Nea Philadelphia 10.39.211.0 10.40.70.255 Athens Prefecture
Municipality New Chalcedon 10.40.71.0 10.40.119.255 Athens Prefecture
New township Psychikou 10.40.120.0 10.40.171.255 Athens Prefecture
Municipality of Paleo Faliro 10.40.172.0 10.41.226.255 Athens Prefecture
Municipality Papagou 10.41.227.0 10.42.34.255 Athens Prefecture
Municipality of Peristeri 10.42.35.0 10.44.183.255 Athens Prefecture
Municipality Petersburg 10.44.184.0 10.45.159.255 Athens Prefecture
Pine township 10.45.160.0 10.45.255.255 Athens Prefecture
Tavros 10.46.0.0 10.46.71.255 Athens Prefecture
Hymettus Municipality 10.46.72.0 10.46.125.255 Athens Prefecture
Municipality Filotheis 10.46.126.0 10.46.161.255 Athens Prefecture
Municipality of Haidari 10.46.162.0 10.47.127.255 Athens Prefecture
Halandri 10.47.128.0 10.48.215.255 Athens Prefecture
Holargos 10.48.216.0 10.49.114.255 Athens Prefecture
Municipality Mental 10.49.115.0 10.49.167.255 Athens Prefecture
Community Ekalis 10.49.168.0 10.49.192.255 Athens Prefecture
Community Penteli 10.49.193.0 10.49.222.255 Athens Prefecture
Community Penteli 10.49.223.0 10.49.246.255 Athens Prefecture
Funkfeuer Graz / Weststeiermark 10.51.0.0 10.51.255.255 Athens Prefecture
Fraunhofer FKE 10.64.0.0 10.64.255.255 Athens Prefecture
iMinds 10.65.0.0 10.65.255.255 Athens Prefecture
Municipality of Pallini 10.66.176.0 10.66.255.255 Prefecture of Eastern Attica
Municipality of Aghios Stefanos 10.67.0.0 10.67.45.255 Prefecture of Eastern Attica
Municipality of Artemis 10.67.46.0 10.67.129.255 Prefecture of Eastern Attica
Municipality Avlonos 10.67.130.0 10.67.154.255 Prefecture of Eastern Attica
Municipality Acharnon 10.67.155.0 10.69.3.255 Prefecture of Eastern Attica
Municipality Varis 10.69.4.0 10.69.56.255 Prefecture of Eastern Attica
Municipality of Voula 10.69.57.0 10.69.179.255 Prefecture of Eastern Attica
Municipality of Vouliagmeni 10.69.180.0 10.69.210.255 Prefecture of Eastern Attica
Municipality Geraka 10.69.211.0 10.70.21.255 Prefecture of Eastern Attica
Municipality Sweet Waters 10.70.22.0 10.70.53.255 Prefecture of Eastern Attica
Municipality Kalyvia Thorikou 10.70.54.0 10.70.112.255 Prefecture of Eastern Attica
Municipality Kerateas 10.70.113.0 10.70.176.255 Prefecture of Eastern Attica
Municipality Kropia 10.70.177.0 10.71.42.255 Prefecture of Eastern Attica
Municipality of Lavrio 10.71.43.0 10.71.93.255 Prefecture of Eastern Attica
Municipality of Marathon 10.71.94.0 10.71.136.255 Prefecture of Eastern Attica
Municipality Markopoulos Mesogaias 10.71.137.0 10.71.211.255 Prefecture of Eastern Attica
Municipality of Nea Makri 10.71.212.0 10.72.26.255 Prefecture of Eastern Attica
Peania 10.72.27.0 10.72.89.255 Prefecture of Eastern Attica
Municipality of Rafina 10.72.90.0 10.72.147.255 Prefecture of Eastern Attica
Municipality of Spata - Loutsa 10.72.148.0 10.72.196.255 Prefecture of Eastern Attica
Community of Saint Constantine 10.72.197.0 10.72.200.255 Prefecture of Eastern Attica
Community Anavyssou 10.72.201.0 10.72.235.255 Prefecture of Eastern Attica
Community Anthousas 10.72.236.0 10.72.250.255 Prefecture of Eastern Attica
Community Anixeos 10.72.251.0 10.73.20.255 Prefecture of Eastern Attica
Community Afidnon 10.73.21.0 10.73.33.255 Prefecture of Eastern Attica
Barnabas Community 10.73.34.0 10.73.42.255 Prefecture of Eastern Attica
Community Grammar 10.73.43.0 10.73.50.255 Prefecture of Eastern Attica
Dionysus community 10.73.51.0 10.73.74.255 Prefecture of Eastern Attica
Community Dew 10.73.75.0 10.73.103.255 Prefecture of Eastern Attica
Community Thrakomakedonon 10.73.104.0 10.73.126.255 Prefecture of Eastern Attica
Community Kalamos 10.73.127.0 10.73.153.255 Prefecture of Eastern Attica
Community Kapandritiou 10.73.154.0 10.73.168.255 Prefecture of Eastern Attica
Community Kouvaras 10.73.169.0 10.73.177.255 Prefecture of Eastern Attica
Community Krioneriou 10.73.178.0 10.73.191.255 Prefecture of Eastern Attica
Community Malakasis 10.73.192.0 10.73.200.255 Prefecture of Eastern Attica
Community Markopoulos Oropou 10.73.201.0 10.73.219.255 Prefecture of Eastern Attica
Community Youth Palaces 10.73.220.0 10.73.237.255 Prefecture of Eastern Attica
Old Phocaea community 10.73.238.0 10.73.252.255 Prefecture of Eastern Attica
Community Pikermiou 10.73.253.0 10.74.11.255 Prefecture of Eastern Attica
Community Polidendri 10.74.12.0 10.74.18.255 Prefecture of Eastern Attica
Community Rodopoleos 10.74.19.0 10.74.29.255 Prefecture of Eastern Attica
Community Saronida 10.74.30.0 10.74.40.255 Prefecture of Eastern Attica
Scala community Oropou 10.74.41.0 10.74.59.255 Prefecture of Eastern Attica
Community Stamatas 10.74.60.0 10.74.71.255 Prefecture of Eastern Attica
Community mulberry 10.74.72.0 10.74.79.255 Prefecture of Eastern Attica
Community Oropou 10.74.80.0 10.74.85.255 Prefecture of Eastern Attica
Elefsina 10.76.223.0 10.77.90.255 District of West Attica
Municipality of Ano Liossia 10.77.91.0 10.77.217.255 District of West Attica
Aspropyrgos 10.77.218.0 10.78.94.255 District of West Attica
Municipality Vilia 10.78.95.0 10.78.110.255 District of West Attica
Municipality of Red 10.78.111.0 10.78.126.255 District of West Attica
Municipality Zefiri 10.78.127.0 10.78.169.255 District of West Attica
Municipality Mandra 10.78.170.0 10.78.231.255 District of West Attica
Municipality Megara 10.78.232.0 10.79.111.255 District of West Attica
New township Peramou 10.79.112.0 10.79.147.255 District of West Attica
Municipality of Breed 10.79.148.0 10.79.162.255 District of West Attica
Community Magoulas 10.79.163.0 10.79.182.255 District of West Attica
Community Oinois 10.79.183.0 10.79.186.255 District of West Attica
Municipality of Piraeus 10.80.174.0 10.83.247.255 Prefecture of Piraeus
Municipality of Agios Ioannis Rendi 10.83.248.0 10.84.64.255 Prefecture of Piraeus
Municipality of Aegina 10.84.65.0 10.84.129.255 Prefecture of Piraeus
Municipality Ampelakion 10.84.130.0 10.84.163.255 Prefecture of Piraeus
Municipality Drapetsonas 10.84.164.0 10.84.226.255 Prefecture of Piraeus
Municipality Keratsiniou 10.84.227.0 10.86.79.255 Prefecture of Piraeus
Municipality Korydallou 10.86.80.0 10.87.147.255 Prefecture of Piraeus
Municipality of Kythera 10.87.148.0 10.87.164.255 Prefecture of Piraeus
Municipality Methana 10.87.165.0 10.87.174.255 Prefecture of Piraeus
Municipality of Hydra 10.87.165.0 10.87.178.255 Prefecture of Piraeus
Municipality of Nikaia 10.87.175.0 10.89.108.255 Prefecture of Piraeus
Community Agistri 10.87.179.0 10.87.183.255 Prefecture of Piraeus
Community Antikythera 10.87.184.0 10.87.184.255 Prefecture of Piraeus
Municipality of Perama 10.89.109.0 10.89.232.255 Prefecture of Piraeus
Municipality of Poros 10.89.233.0 10.89.253.255 Prefecture of Piraeus
Salamina Municipality 10.89.254.0 10.90.146.255 Prefecture of Piraeus
Municipality of Spetses 10.90.147.0 10.90.165.255 Prefecture of Piraeus
Municipality TRIZINIA 10.90.166.0 10.90.197.255 Prefecture of Piraeus
Confine Athens 10.255.0.010.255.255.255 Athens Prefecture

BGP Rules, Filters and Aggregates

With interoperability in mind and after extensive rework on IP addressing we have improvised filter rules to make the coexistance of all partners possible in the IPv4 Range. Examples can be found here

IPv6

In order to support IPv6 inside the confine testbed an overlay of tinc-based VPN connections will be used to connect each confine node. This is necessary because most of the project partners do not have a mesh with comprehensive IPv6 coverage and additionally the overlay offers the possibility of a homogeneous addressing scheme. A small exception to this rule for the time being is AWMN and maybe other partners that will cater for direct physical interconnections between clusters of nodes within their network. As soon as there is a better IPv6 coverage inside of the meshes the tinc connections may be replaced by native routing.

There have been several discussions how the addressing scheme for IPv6 should look like. However so far we haven't aggreed on a common scheme

Current proposals

The proposed addressing scheme requires 48-bit address prefix per CONFINE island. Multiple possibilities to obtain these prefixes are discussed at the moment:

  • The usage of own global address space by the islands
  • The usage of a common address space to be allocated by RIPE or a provider

Another proposal is that each island takes a range from a source that looks appropriate to them.

Preliminary addresses usage (until further consensus is reached):

Partner/Network IP range Overlay IP range
Funkfeuer Wien
Funkfeuer Graz/Weststeiermark
AWMN fdd4:f629:ff09::/48 fdd4:f629:ff03::/48
guifi.net
iMinds
Fraunhofer FKIE fdb4:5429:38e9::/48 (ULA)fd04:1b47:e492::/48 (ULA)
federation/network-ranges.txt · Last modified: 2015/01/12 15:33 by braem