Fix a BGP AS number mismatch

Sometimes you end up having wrong BGP AS number throughout your network. It could be a result of an unexpected merger or split or you could have started using a private BGP AS number and realized you have to connect to the Internet using a real AS number. The proper solution would be a total reconfiguration of the whole network, but of course not many engineers have the time and courage to do it ;), so it's time to introduce another kludge: the neighbor local-as configuration command.For example, let's assume your AS number should be 20, but you're using a private AS 65001, as shown in the following figure:To retain the AS 65001 internally but appear as AS 20 to the outside world, you could use the following configuration on R1:

router bgp 65001
 neighbor 10.0.0.18 remote-as 65001
 neighbor 10.0.0.18 description IBGP to R2
 neighbor 10.1.0.2 remote-as 10
 neighbor 10.1.0.2 local-as 20
 neighbor 10.1.0.2 description EBGP to AS 10
This configuration would ensure that the EBGP session with AS 10 is established (R1 pretends that it belongs to AS 20 on this session), but the AS path propagated to AS 30 is somewhat odd …
AS30#show ip bgp | include 20
*> 172.16.0.0 10.1.0.5 0 20 65001 20 10 i
… making your network appear as a set of nested autonomous systems:There are two reasons for the weird AS path:
  • R1 inserts local-as into inbound EBGP updates
  • R2 (configured like R1) inserts local-as as well as its real AS (65001) in outbound EBGRP update
To fix the AS path, you need the BGP Support for Dual AS Configuration introduced in IOS release 12.3T. This feature adds two options to the local-as configuration command:
  • no-prepend disables local-as prepending on incoming EBGP updates;
  • replace-as replaces router's own AS with local-as on outgoing EBGP updates.
When the configuration on R1 and R2 includes these two keywords …:
router bgp 65001
 neighbor 10.1.0.2 remote-as 10
 neighbor 10.1.0.2 local-as 20 no-prepend replace-as
 neighbor 10.1.0.2 description EBGP to AS 10
… the path propagated through AS 65001/AS 20 looks as expected:
AS30#show ip bgp | include 20
*> 172.16.0.0 10.1.0.5 0 20 10 i

3 comments:

  1. Hi Ivan little offtopic here, its looks like Cisco preparing 12.5T for this year. Few things already pointing for that like history of previous releases and bug tracker ;). So I assume 12.4(15)T will be last release with new functionality.

    ReplyDelete
  2. Is there any way to do this if your IOS doesn't have dual AS support? I.e. is there any way to reproduce the "replace-as" functionality?

    ReplyDelete

You don't have to log in to post a comment, but please do provide your real name/URL. Anonymous comments might get deleted.

Ivan Pepelnjak, CCIE#1354, is the chief technology advisor for NIL Data Communications. He has been designing and implementing large-scale data communications networks as well as teaching and writing books about advanced technologies since 1990. See his full profile, contact him or follow @ioshints on Twitter.