Hi Abdel and All,
Yes I've learned the local-as feature can be cumbersome with all the cool knobs
that can be conf with the cmd
That's why I decided to share my lab notes with you
=======================================================================
let's assume topology looked like this first:
we acquired a part of other isp's net (r2) that used to run as4
it's customer r3 used to peer with as4
-not to disturb the customers we used local-as -while waiting for customer
to reconfigure it's peering to match our own as2
_r3
/
/
r1------r2
(customer)
r3 config:
router bgp 3
neighbor 23.0.0.2 remote-as 4
(acquired node)
R2 config
router bgp 2
neighbor 23.0.0.3 remote-as 3
neighbor 23.0.0.3 local-as 4
=======================================================================
now assume that we now need to peer with the isp
-that we acquired a part of network from
-it's a regular peering and they peer with our own real as2
_r3
/
/
r1------r2
\
\_r4
R2 config
router bgp 2
neighbor 23.0.0.3 remote-as 3
neighbor 23.0.0.3 local-as 4
neighbor 24.0.0.4 remote-as 4
R4 config
router bgp 4
neighbor 24.0.0.2 remote-as 2
------------------------------------------
issue:
when we advertised the acquired customer's routes from r3 back to r4
we got the following "debug ip b updates" output:
*Apr 14 17:41:42.143: BGP(0): 24.0.0.2 rcv UPDATE about 100.10.0.0/24 -- DENIED
due to: AS-PATH contains our own AS;
*Apr 14 17:41:42.147: BGP(0): 24.0.0.2 rcv UPDATE about 100.20.0.0/24 -- DENIED
due to: AS-PATH contains our own AS;
*Apr 14 17:41:42.151: BGP(0): 24.0.0.2 rcv UPDATE about 100.30.0.0/24 -- DENIED
due to: AS-PATH contains our own AS;
reason:
let's see what we advertise to r4:
R2(config-router)#do sh ip b nei 24.0.0.4 a
BGP table version is 8, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x
best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Originating default network 0.0.0.0
Network Next Hop Metric LocPrf Weight Path
*> 10.10.0.0/24 12.0.0.1 0 0 1 i
*> 10.20.0.0/24 12.0.0.1 0 0 1 i
*> 10.30.0.0/24 12.0.0.1 0 0 1 i
*> 10.40.0.0/24 12.0.0.1 0 0 1 i
*> 100.10.0.0/24 23.0.0.3 0 0 4 3 ?
*> 100.20.0.0/24 23.0.0.3 0 0 4 3 ?
*> 100.30.0.0/24 23.0.0.3 0 0 4 3 ?
-please note that:
with the local-as feature the as4 is prepended to the as-path
on advertisements sent to r4
fix:
R2 config
router bgp 2
neighbor 23.0.0.3 remote-as 3
neighbor 23.0.0.3 local-as 4 no-prepend
%%%%%%%% session has been reset %%%%%%%%
now let's see what we advertise to r4:
R2(config-router-stmp)#do sh ip b nei 24.0.0.4 a
BGP table version is 14, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x
best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Originating default network 0.0.0.0
Network Next Hop Metric LocPrf Weight Path
*> 10.10.0.0/24 12.0.0.1 0 0 1 i
*> 10.20.0.0/24 12.0.0.1 0 0 1 i
*> 10.30.0.0/24 12.0.0.1 0 0 1 i
*> 10.40.0.0/24 12.0.0.1 0 0 1 i
*> 100.10.0.0/24 23.0.0.3 0 0 3 ?
*> 100.20.0.0/24 23.0.0.3 0 0 3 ?
*> 100.30.0.0/24 23.0.0.3 0 0 3 ?
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-please note that:
with the "local-as no-prepend" feature
the fake as4 is not prepended to the as-path
on routes ::received:: from the neighbor configured with this cmd anymore
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-and R4 can now accept the routes:
R4#sh ip b
BGP table version is 16, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x
best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.0.0/24 24.0.0.2 0 2 1 i
*> 10.20.0.0/24 24.0.0.2 0 2 1 i
*> 10.30.0.0/24 24.0.0.2 0 2 1 i
*> 10.40.0.0/24 24.0.0.2 0 2 1 i
*> 100.10.0.0/24 24.0.0.2 0 2 3 ?
*> 100.20.0.0/24 24.0.0.2 0 2 3 ?
*> 100.30.0.0/24 24.0.0.2 0 2 3 ?
-please note
-our real as2 is added to the as-path as per regular ebgp operation
========================================================================
as you can see next
what we did above has no effect on r1 originated routes:
(routes originated within our own/real as#2)
R1#sh ip b
BGP table version is 14, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x
best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.0.0/24 0.0.0.0 0 32768 i
*> 10.20.0.0/24 0.0.0.0 0 32768 i
*> 10.30.0.0/24 0.0.0.0 0 32768 i
*> 10.40.0.0/24 0.0.0.0 0 32768 i
R2(config-router)#do sh ip b
BGP table version is 20, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x
best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.0.0/24 12.0.0.1 0 0 1 i
*> 10.20.0.0/24 12.0.0.1 0 0 1 i
*> 10.30.0.0/24 12.0.0.1 0 0 1 i
*> 10.40.0.0/24 12.0.0.1 0 0 1 i
*> 100.10.0.0/24 23.0.0.3 0 0 3 ?
*> 100.20.0.0/24 23.0.0.3 0 0 3 ?
*> 100.30.0.0/24 23.0.0.3 0 0 3 ?
R3#sh ip b
BGP table version is 24, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x
best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.0.0/24 23.0.0.2 0 4 2 1 i
*> 10.20.0.0/24 23.0.0.2 0 4 2 1 i
*> 10.30.0.0/24 23.0.0.2 0 4 2 1 i
*> 10.40.0.0/24 23.0.0.2 0 4 2 1 i
*> 100.10.0.0/24 0.0.0.0 0 32768 ?
*> 100.20.0.0/24 0.0.0.0 0 32768 ?
*> 100.30.0.0/24 0.0.0.0 0 32768 ?
R4#sh ip b
BGP table version is 16, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x
best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.0.0/24 24.0.0.2 0 2 1 i
*> 10.20.0.0/24 24.0.0.2 0 2 1 i
*> 10.30.0.0/24 24.0.0.2 0 2 1 i
*> 10.40.0.0/24 24.0.0.2 0 2 1 i
*> 100.10.0.0/24 24.0.0.2 0 2 3 ?
*> 100.20.0.0/24 24.0.0.2 0 2 3 ?
*> 100.30.0.0/24 24.0.0.2 0 2 3 ?
------------------------------------------
issue:
-please note that R3 still has a record of both: fake as4 and real as2
on all the routes passing through R2
fix:
R2
router bgp 2
neighbor 24.0.0.4 local-as 4 no-prepend replace-as
%%%%%%%% session has been reset %%%%%%%%
-the replace-as can only be configured as an addition to no-prepend
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
as you can see below
with "local-as no-prepend replace-as"
-the real as# is replaced by the fake one
on updates ::sent:: to the peer configured with this command
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
R3#sh ip b
BGP table version is 32, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x
best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.0.0/24 23.0.0.2 0 4 1 i
*> 10.20.0.0/24 23.0.0.2 0 4 1 i
*> 10.30.0.0/24 23.0.0.2 0 4 1 i
*> 10.40.0.0/24 23.0.0.2 0 4 1 i
*> 100.10.0.0/24 0.0.0.0 0 32768 ?
*> 100.20.0.0/24 0.0.0.0 0 32768 ?
*> 100.30.0.0/24 0.0.0.0 0 32768 ?
R4#sh ip b
BGP table version is 22, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, x
best-external
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.0.0/24 24.0.0.2 0 2 1 i
*> 10.20.0.0/24 24.0.0.2 0 2 1 i
*> 10.30.0.0/24 24.0.0.2 0 2 1 i
*> 10.40.0.0/24 24.0.0.2 0 2 1 i
*> 100.10.0.0/24 24.0.0.2 0 2 3 ?
*> 100.20.0.0/24 24.0.0.2 0 2 3 ?
*> 100.30.0.0/24 24.0.0.2 0 2 3 ?
========================================================================
now let's go back to our topology
_r3
/
/
r1------r2
\
\_r4
and let's assume that now that our new acquired customer is ready to migrate
and start using our real as2
to accommodate the migration we configure:
router bgp 2
neighbor 24.0.0.4 local-as 4 no-prepend replace-as ?
dual-as Accept either real AS or local AS from the ebgp peer
%%%%%%%% session has been reset %%%%%%%%
dual-as can only be configured as an addition to "no-prepend replace-as"
please note without this keyword if customer on r3 decided to
change the config and specify as#2 as it's peer
we both would get a standard as-mismatch note
but now if he does that -the sesion would be reset and reestablished
with new remote as2
so the final config on both ends:
R2
router bgp 2
neighbor 24.0.0.4 remote-as 3
neighbor 24.0.0.4 local-as 4 no-prepend replace-as dual-as
R3
router bgp 3
neighbor 23.0.0.2 remote-as 2
-than we can go ahead and remove the local-as config from neighbor 24.0.0.4
on R2
========================================================================
so to recap:
----------------------------------------
R2 config
router bgp 2
neighbor 23.0.0.3 remote-as 3
neighbor 23.0.0.3 local-as 4
-does prepend the AS# conf as local-as
-to routes RX-ed from the neighbor
-to routes TX-ed to the neighbor
(the 23.0.0.3 neighbor has to peer with AS# conf as local-as)
----------------------------------------
R2 config
router bgp 2
neighbor 23.0.0.3 remote-as 3
neighbor 23.0.0.3 local-as 4 no-prepend
-stops prepending of the AS# conf as local-as
-to routes RX-ed from the neighbor
----------------------------------------
R2 config
router bgp 2
neighbor 23.0.0.3 remote-as 3
neighbor 23.0.0.3 local-as 4 no-prepend replace-as
-stops prepending of the AS# conf as local-as
-to routes TX-ed to the neighbor
----------------------------------------
R2 config
router bgp 2
neighbor 23.0.0.3 remote-as 3
neighbor 23.0.0.3 local-as 4 no-prepend replace-as dual-as
-allows the 23.0.0.3 neighbor to peer with
either the real-as conf under the bgp process
or the AS# conf as local-as
----------------------------------------
adam
-----Original Message-----
From: [email protected]
[mailto:[email protected]] On Behalf Of
[email protected]
Sent: Friday, July 15, 2011 11:41 AM
To: [email protected]
Subject: CCIE_SP Digest, Vol 52, Issue 1
Send CCIE_SP mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
http://onlinestudylist.com/mailman/listinfo/ccie_sp
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of CCIE_SP digest..."
Today's Topics:
1. BGP Local-as (Abdel el Anazi)
----------------------------------------------------------------------
Message: 1
Date: Fri, 15 Jul 2011 11:40:34 +0200
From: Abdel el Anazi <[email protected]>
To: [email protected], [email protected]
Subject: [OSL | CCIE_SP] BGP Local-as
Message-ID:
<CAFVqoDk_HoQdpqzvJ7s=HZXTd_rJ=fkfumyoc-yyzb9ucrd...@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi All,
I was working on one of the labs and I came across some problems which it
has been fixed, but I thought I will Spam the OSL with it maybe it can help
someone.
The part of the lab where I was struggling is the the BGP peering:
Two routers R2 and R4 both in the same Main AS #1 and they are peering with
Local-as command to make them peer as E-BGP neighbors. The tricky part is
when the peering was established, both routers where not able to exchange
routing-updates so no prefixes are exchange. It seems to me still as the
peer with different AS # they see each other as I-BGP so the rule of IBGP is
applied which is Ibgp learned route is not advertised to ibgp neighbor.
During my study I have understood that when the router peer with its
neighbor it compare its own AS # with the neighbor AS# to decide whether its
IBGP or E-BGP neighbor. This seems not the case! Anyhow after searching
Cisco site I found that the Local-as command will pre-pand additional AS# in
the AS_SEQUENCE carried with the Path-List attribute! in the form of
(local-as, Real-as) "*104, 1*"
This can explain why they didn't learn each other prefixes because its
carried along the path-list basic bgp routing-loops prevention is ignores
the updates.
To work around this mess I used the following command:
*neighbor x.x.x.x* *local-as 102* *no-prepend replace-as*
Attached is the topology used for this lab.
I hop this can be informative.
Regards,
Abdel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </archives/ccie_sp/attachments/20110715/91f99408/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: BGP_AS1_with_Local-as.jpeg
Type: image/jpeg
Size: 21146 bytes
Desc: not available
URL: </archives/ccie_sp/attachments/20110715/91f99408/attachment.jpeg>
End of CCIE_SP Digest, Vol 52, Issue 1
**************************************
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and Looking for a job? Check out
www.PlatinumPlacement.com
