how hard did you look? i got this detailed AI answer by just posting your question into google! -mel beckman
Mel- Thank you for providing another object lesson as to why "this is what AI said" is exceptionally unhelpful. On Mon, Jun 23, 2025 at 6:31 AM Mel Beckman via NANOG <nanog@lists.nanog.org> wrote:
how hard did you look? i got this detailed AI answer by just posting your question into google! -mel beckman
Understanding AWS Bring Your Own IP (BYOIP) and AS Path Prepending AWS BYOIP allows you to use your own public IPv4 addresses with AWS services like EC2, Global Accelerator, and Elastic IP Addresses (EIPs). This is particularly useful if you want to maintain brand consistency, simplify migration, or improve IP address reputation. BYOIP Process on AWS
1. Prerequisites: * Your IP address range must be registered with a Regional Internet Registry (RIR) like ARIN, RIPE, or APNIC. * The address range should be registered to a business or institutional entity. * You need to provide proof of ownership and authorize Amazon to advertise the address range. * The addresses should have a clean history (not associated with malicious activity). * You must stop advertising the IP address range from other locations before advertising it through AWS. 2. Authorization and Provisioning: * Create a ROA: Create a Route Origin Authorization (ROA) object with your RIR to authorize Amazon's ASNs (16509 and 14618) to advertise your IP range. * Generate an X.509 Certificate: Create a self-signed X.509 certificate and add it to your RIR's RDAP record to link the IP range to your AWS account. * Create a Signed Message: Create a signed authorization message that includes your AWS account ID, IP address range, and an expiration date. * Provision with AWS CLI: Use the AWS CLI to provision the IP address range within a specific AWS region. * Wait for Provisioning: AWS will verify the IP range and approve the provisioning request. 3. Advertising and Allocation: * Advertise the Range: Use the AWS CLI to advertise the IP address range through AWS. * Create Elastic IP Addresses: Allocate Elastic IP addresses from the provisioned IP address pool and associate them with your AWS resources.
Using AS Path Prepending AS path prepending is a technique used in BGP (Border Gateway Protocol) to influence the inbound traffic routing to your network. It involves adding your own Autonomous System Number (ASN) multiple times to the AS path in BGP advertisements. This makes the path appear longer and less preferred to other BGP speakers, causing them to choose alternative routes. How to Use AS Path Prepending with AWS BYOIP:
1. Bring your ASN to IPAM: You can now bring your own ASN to IPAM and associate it with your BYOIP CIDR. 2. Associate with BYOIP CIDR: After provisioning your ASN, associate it with the BYOIP CIDR that you brought to AWS. 3. Advertise with your ASN: When advertising the BYOIP CIDR, choose the ASN you brought to IPAM.
Note: While AS path prepending can be useful for influencing traffic flow, using excessive prepending can have negative consequences, including suboptimal routing and increased risk of route hijacking. It is generally recommended to use BGP communities for traffic engineering when possible.
On Jun 23, 2025, at 2:43 AM, Hank Nussbacher via NANOG < nanog@lists.nanog.org> wrote:
Can someone explain to me how to BYOIP into AWS and use AS prepends? _______________________________________________ NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/ZOARZWLK...