Dynamic CORE
This section describes the different configuration sections required to set up the dynamic CORE appliance. This includes configuration of the network interfaces, the SCION AS, and the SCION links.
Refer to the Getting Started Setup guide for step-by-step instructions on how to interact with the Anapaya appliance.
Information
The configuration examples below are based on the following information and need to be adapted to your specific setup.
The ISP deploys two CORE appliances in a single ISD-AS, which are connected to each other via the ISP internal network. The internal network is also used to connect the CORE appliances to the EDGE appliances of the customers. The ISP also peers with two other SCION ISPs, using dedicated network interconnects.
The main difference to the Static CORE appliances is that the dynamic CORE appliances do not use static routing to reach the customer EDGE appliances and the other CORE appliance, but instead use BGP to dynamically exchange routing information with the ISP internal network.
CORE appliances
Information defined by the ISP
- SCION ISD-AS:
1-ff00:0:1 - CORE 1:
- Internal IP address:
10.0.0.2/30 - BGP peer IP address:
10.0.0.1 - Loopback IP address:
10.100.0.2/32 - CORE BGP ASN:
65001 - BGP peer ASN:
65000
- Internal IP address:
- CORE 2:
- Internal IP address:
10.0.0.6/30 - BGP peer IP address:
10.0.0.5 - Loopback IP address:
10.100.0.6/32 - CORE BGP ASN:
65002 - BGP peer ASN:
65000
- Internal IP address:
SCION links to other ISPs
Information to be aligned with the other ISPs
- Underlay network:
fe80:2::/64(ISP 2) andfe80:3::/64(ISP 3)
Information defined by ISP 2
- SCION ISD-AS:
1-ff00:2:1 - SCION interface ID:
20 - SCION link underlay address:
[fe80:2::2]:31020
Information defined by ISP 3
- SCION ISD-AS:
3-ff00:3:1 - SCION interface ID:
5 - SCION link underlay address:
[fe80:3::2]:31005
Information defined by the ISP
- SCION link to ISP 2:
- SCION interface ID:
10 - SCION link underlay address:
[fe80:2::1]:31010
- SCION interface ID:
- SCION link to ISP 3:
- SCION interface ID:
20 - SCION link underlay address:
[fe80:3::1]:31020
- SCION interface ID:
SCION links to customer EDGE appliances
Information defined by the ISP
- EDGE WAN interface IP address:
10.10.0.24/24 - EDGE WAN interface gateway:
10.10.0.1 - SCION link from CORE 1:
- SCION interface ID:
100 - SCION link underlay address:
10.100.0.2:31100
- SCION interface ID:
- SCION link from CORE 2:
- SCION interface ID:
200 - SCION link underlay address:
10.100.0.3:31200
- SCION interface ID:
Information defined by the customer
- SCION ISD-AS:
1-ff00:0:10 - SCION link to CORE 1:
- SCION interface ID:
1 - SCION link underlay address:
10.10.0.24:31001
- SCION interface ID:
- SCION link to CORE 2:
- SCION interface ID:
2 - SCION link underlay address:
10.10.0.24:31002
- SCION interface ID:
Summary of SCION links
The following table summarizes the SCION links between the CORE appliances and the customer EDGE
appliances, as well as the SCION links to other SCION ISPs. The SCION interface is a combined representation
of the ISD-AS and the interface ID, e.g., 1-ff00:0:1#100 for CORE 1.
| Appliance | SCION interface | Underlay address | Neighbor SCION interface | Neighbor underlay address |
|---|---|---|---|---|
| CORE 1 | 1-ff00:0:1#100 | 10.100.0.2:31100 | 1-ff00:0:10#1 | 10.10.0.24:31001 |
| CORE 2 | 1-ff00:0:1#200 | 10.100.0.6:31200 | 1-ff00:0:10#2 | 10.10.0.24:31002 |
| CORE 1 | 1-ff00:0:1#10 | [fe80:2::1]:31010 | 1-ff00:2:1#20 | [fe80:2::2]:31020 |
| CORE 2 | 1-ff00:0:1#20 | [fe80:3::1]:31020 | 3-ff00:3:1#5 | [fe80:3::2]:31005 |
Network interfaces
The network interfaces section
describes the configuration of the network interfaces on the CORE appliances. In this example, we
assume that both CORE appliances have two network interfaces: one towards the internal network
internal and one for the SCION links to other SCION ISPs external. The internal interface is
used to connect the CORE appliances to the EDGE appliances of the customers but also to connect the
CORE appliances to each other.
- CORE 1
- CORE 2
BGP
The BGP section describes the configuration of the
BGP routing protocol on the CORE appliances. The BGP configuration is used to exchange routing
information with the ISP internal network. In this example, we assume that the CORE appliances are
connected to the ISP internal network each via a BGP peer with the IP address 10.0.0.1 and
10.0.0.5. The BGP peer ASN is 65000 and the CORE appliances have their own BGP ASNs
65001 and 65002. The CORE appliances are configured to advertise the loopback interface
address via BGP.
- CORE 1
- CORE 2
SCION
The SCION section describes the configuration of the SCION AS on the CORE appliances. For details, see the SCION configuration documentation covering general AS configuration, data plane, control plane, and SCION neighbors.
Most configuration parameters can be directly derived from the Information section. The following example shows the configuration of the SCION AS on the CORE appliances.
The control and router sections need to be set to enabled: true for the control and data plane to
be enabled. The address of the control plane as well as the internal_interface of the router
need to be set to the loopback interface address.
By default, set the neighbor relationship to CORE for other SCION ISPs and to CHILD for customer
EDGE appliances, unless specified otherwise.
- CORE 1
- CORE 2
Cluster
The cluster section describes the configuration of the cluster on the CORE appliances. In this example, the CORE appliances deployed in a sharded manner are part of the same cluster. The cluster configuration is used to synchronize topology as well as SCION beacon and path information amongst each other.
The cluster configuration includes the local cluster endpoint and the list of peers that are part of the cluster. For CORE appliances we recommend to use automatic topology synchronization, see Cluster for more details.
- CORE 1
- CORE 2
Complete configuration
For completeness, we provide the full configuration of both CORE appliances:
- CORE 1
- CORE 2