I’m currently evaluating the best approach for having my AS announced with my owned (not rented) IPv4 addresses, and I’ve observed that hosting providers have different preferences for handling BGP sessions. For example, one provider requires that the BGP session be managed on the same server running the Tor relays, while another handles the announcement with my AS entirely on their side. This inconsistency makes it challenging to determine the most effective approach.
I’m seeking guidance on the following points (or others you think are helpful):
-
When given the option: Should I manage the BGP session myself, or is it preferable to delegate it to the upstream provider whenever possible?
-
When required to manage BGP myself:
-
To conserve CPU/RAM resources for Tor, is it advisable to only use a default route (0.0.0.0/24) rather than a full routing table, relying on the upstream provider for full routing?
-
Under what circumstances should I implement multi-homed strategies myself versus allowing the upstream provider to manage them?
-
Are there best practices for route filtering or failover management?
-
What are your experiences regarding the compute and memory requirements for these configurations?
-
What are some preferred monitoring solutions? bgpmon.net doesn’t seem free…
Helpful read and suggestions at the end from this 6 year old article from nusenu, but couldn’t find too much beyond this: https://nusenu.medium.com/how-vulnerable-is-the-tor-network-to-bgp-hijacking-attacks-56d3b2ebfd92
I’m already using ROA and RPKI via ARIN for each /24 and limit max length to /24 to help as well.
“The Tor exit fraction located in /24 prefixes is much higher than the guard capacity. So hijacks against exit capacity might be harder than attacks against guard capacity.” - Seems also good to have /24 prefixes for guards, not just exits.
Thanks!
