Mailing List Archive: Odp: Re: IRR information & BYOIP (Bring Your Own IP) with Cloud Providers

We don't advertise our prefix anymore from any actual DataCenter, we still own prefixes and ASN and GCP is only place we want to advertise it.

Dnia 21 stycznia 2024 23:39 Owen DeLong <owen@delong.com> napisa?(a):

On Jan 21, 2024, at 12:07, Christopher Morrow <morrowc.lists@gmail.com> wrote: ? On Fri, Jan 19, 2024, 4:55?PM Owen DeLong via NANOG < nanog@nanog.org > wrote: Sounds like you’ve got a weird mix of route origination. Why wouldn’t you advertise to Google via BGP and have your prefix originate from your own ASN? I think in this case the customer has their own disconnected deployment, and they are asking 396982 to announce some subset of their prefixes such that gcp gets that traffic. If that’s the case, IMHO, the better solution is to obtain a second ASN and announce that to GCP. Create ROAs (if you want to use RPKI) accordingly. Having Google originate prefixes on your behalf that are a subset of what you are announcing is just asking for difficulties you don’t need. Owen

Dnia 21 stycznia 2024 21:07 Christopher Morrow <morrowc.lists@gmail.com> napisa?(a): On Fri, Jan 19, 2024, 4:55?PM Owen DeLong via NANOG < nanog@nanog.org > wrote: Sounds like you’ve got a weird mix of route origination. Why wouldn’t you advertise to Google via BGP and have your prefix originate from your own ASN? I think in this case the customer has their own disconnected deployment, and they are asking 396982 to announce some subset of their prefixes such that gcp gets that traffic. Yes, this is the case. GCP is advertising our prefix on our behalf. Owen On Jan 19, 2024, at 02:39, kubanowy < kubanowy@o2.pl > wrote: Hi, We have our own prefix assignment from ARIN. We have our infrastructure in GCP (Google Cloud Platform) where we started using BYOIP functionality (Google advertises our IPs). We followed their recommendation with ROA configuration in ARIN cloud.google.com https://cloud.google.com/vpc/docs/bring-your-own-ip#live-migration-recommendations but they don't mention if IRR (whois database) should be updated as The roa is really for two reasons: 1) tell Google you actually control that asset. 2) tell the world that 396982 is permitted to originate that prefix. Use of irr data is nice, but not required here... This is understood, however due to missing entries in IRR those tools flag those prefixes as suspicious to mismatch between what's advertised and what's in ARIN database. My goal is to avoid it. I'm looking for information on what's community approach for this. How this should be handled? well. I've checked with their support and they said no additional changes need to be done there. But currently we are in situation where ARIN's whois contains entry for our prefix with our own ASN and Google advertised to RADb entry for our prefixes with their own ASN. I don't believe to robots at google are supposed to register irr data for byoip customers... Can you mail me off list and I can go do a.little digging? ;) I haven't seen info on that in their documentation, but we did notice a new entry in RADb for prefix that we added in GCP that had MAINT set to Google. When we use online tools like irrexplorer.nlnog.net https://irrexplorer.nlnog.net/ or Cisco's CrossWork Cloud (former BGPmon), they mark our prefixes due to mismatch of ASN in those 2 databases. We haven't observed any routing issues so far (i.e. ISP not importing our prefixes), but we aim to sort this out for better credibility. I'm wondering what's community approach for updating whois databases when using BYOIP functionality with Cloud providers and if there is a risk of any potential impact if we were to change information in ARIN. Thanks