MICE uses IXP Manager. Login at: https://ixpmgr.micemn.net
The looking glass does not require a login.
no bgp enforce-first-as or similar. The route servers do not add the MICE AS to the AS path.
no bgp enforce-first-as or similar. The route servers do not add the MICE AS to the AS path.
The route servers require participants to document their routes and downstream ASNs in IRR objects. If you are not familiar with this process, we recommend you use ARIN’s service (assuming you are in the ARIN region). They have documentation available.
The route servers are configured for passive BFD, meaning they will use BFD with you, but you need to start it. That is, you must be configured for active BFD. The route servers are configured with a minimum interval of 500 ms and a multiplier of 3.
The default behavior of the MICE route servers is to announce all routes to all peers. You may use the typical communities (but pick one or the other; do not mix) to modify the announcements:
| Description | Community | Large Community |
|---|---|---|
| Prevent announcement of a prefix to a peer |
0:peer-as
|
53679:0:peer-as
|
| Announce a route to a certain peer |
53679:peer-as
|
53679:1:peer-as
|
| Prevent announcement of a prefix to all peers |
0:53679
|
53679:0:0
|
| Announce a route to all peers (the default) |
53679:53679
|
53679:1:0
|
For example, setting 0:1234 0:5678 (or 53679:0:1234 53679:0:5678) or causes the route server to announce the route to everyone except AS1234 and AS5678. This is an opt-out model.
To use an opt-in model, set 0:53679 (or 53679:0:0) plus the communities for each AS you want to receive the route. For example, setting 0:53679 53679:1234 53679:5678 (or 53679:0:0 53679:1:1234 53679:1:5678) causes the route servers to announce the route to only AS1234 and AS5678. If you choose an opt-in model, you may want to monitor the MICE-DISCUSS mailing list to hear about new members connecting.
IXP Manager and our custom scripts are run on various schedules:
| Description | Server | Schedule (US/Central) | Notes |
|---|---|---|---|
| Sync IRR from PeeringDB to IXP Manager | IXP Manager | every 30-90 minutes | If the AS-SET referenced by PeeringDB is changed, the ASN and prefix caches will be immediately updated for that ASN. However, the changes will still only take effect on the route servers when the Update BIRD Config job runs. |
| Update IRR Prefixes Cache | IXP Manager | 00:07, 06:07, 12:07, 18:07 | Changes to IRR only take effect on the route servers when the Update BIRD Config job runs. |
| Update IRR ASNs Cache | 00:37, 06:37, 12:37, 18:37 | ||
| Update BIRD Config | Route Server 1 | 8-12 minutes after the hour | |
| Route Server 2 | 38-42 minutes after the hour | ||
| Revalidate Valid ROAs | Route Server 1 | 01:23, 13:23 | “Bird v2.0.4 does not support revalidation of prefixes following ROA updates (i.e. a prefix that was accepted as ROA valid that subsequently becomes ROA unknown / invalid will remain learnt as ROA valid).” |
| Route Server 2 | 07:53, 19:53 | ||
| Update MRTG Config | IXP Manager | every 30-90 minutes | |
| Update MANRS Participation Badges | IXP Manager | daily |
For more built-in IXP Manager tasks, see IXP Manager Documentation - Cron Jobs - Task Scheduling.
The MICE Equipment (.odg) diagram shows how the various switches are connected.
Here are some pictures of the rack, from 2017-05-10: full cabinet, switch, top of cabinet.
This shows how the MICE side is configured and is for reference only. While some of this may be applicable to the member side, it is not a set of instructions on how to configure your device. For that, see the AMS-IX Config Guide or the "Any other tips on configuring my router?" question in the SeattleIX FAQ.
errdisable recovery cause bpduguard errdisable recovery cause link-flap errdisable recovery cause portsec no lldp run platform fap voq scheduling round-robin platform sand lag hardware-only spanning-tree mode rapid-pvst spanning-tree portfast bpduguard default spanning-tree portfast bpdufilter default interface EthernetX/X mtu 9214 switchport port-security maximum 1 switchport port-security storm-control broadcast level 1 storm-control multicast level 1 spanning-tree portfast
This shows how the MICE side is configured and is for reference only. While some of this may be applicable to the member side, it is not a set of instructions on how to configure your device. For that, see the AMS-IX Config Guide or the "Any other tips on configuring my router?" question in the SeattleIX FAQ.
set interface X/X/X mtu 9216 set protocols rstp interface X/X/X edge set ethernet-switching-options bpdu-block interface X/X/X set ethernet-switching-options secure-access-port interface X/X/X mac-limit 1 set ethernet-switching-options storm-control interface X/X/X bandwidth 100000 set ethernet-switching-options bpdu-block disable-timeout 60 set ethernet-switching-options storm-control interface all
This shows how the MICE side is configured and is for reference only. While some of this may be applicable to the member side, it is not a set of instructions on how to configure your device. For that, see the AMS-IX Config Guide or the "Any other tips on configuring my router?" question in the SeattleIX FAQ.
system mtu jumbo 9198 mac address-table aging-time 14400 errdisable detect cause link-flap errdisable recovery cause link-flap errdisable recovery cause storm-control vtp mode transparent switchport block multicast switchport block unicast switchport port-security maximum 1 switchport port-security switchport port-security violation restrict storm-control broadcast level 20.00 spanning-tree bpdufilter enable no cdp enable
If you are interested in operating a MICE remote switch, please contact peering@micemn.net.
The process for connecting a new remote switch is as follows:
Remote switch operators’ obligations include (but are not necessarily limited to):
