A Networker Blog

neighbor CE as-override

Posted in Cisco, MPLS by vcappuccio on May 11th, 2008

neighbor 192.168.25.2 as-override

 RFC 1771
9.3 Route Selection Criteria- If the local AS appears in the AS path of the new route being considered,then that new route cannot be viewed as better than any other route. If such a route were ever used, a routing loop would result.

New AS path update procedures have been implemented to reuse the same AS number on

VPN B sites.

R6(config)#router bgp 56
R6(config-router)#add ipv4 vrf B
R6(config-router-af)#neigh 192.168.46.4 as-override
R6(config-router-af)#^Z
 
R4  is now receiving that information from R6 that comes as a VPNV4 Route  from R5 that is
talking BGP with R2 that is announcing that network  into this domain
R4#show ip bgp summ
BGP router identifier 4.4.4.4, local AS number 24
BGP table version is 9, main routing table version 9
2 network entries using 240 bytes of memory
2 path entries using 104 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 2) using 32 bytes of memory
BGP using 772 total bytes of memory
BGP activity 2/0 prefixes, 5/3 paths, scan interval 60 secs
Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
192.168.46.6    4    56      88      83        9    0    0 01:10:06        1

R4#show ip bgp
BGP table version is 9, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.2/32       192.168.46.6                           0 56 56 i
*> 4.4.4.4/32       0.0.0.0                  0         32768 i

See that the AS Path is now replaced with the Carrier AS #, The same must be configured in R5 to R2

R2#deb ip bgp upda
BGP updates debugging is on for address family: IPv4 Unicast
R2#clear ip bgp * in
*May  11 12:32:26.687: BGP(0): 192.168.25.5 rcv UPDATE w/ attr: nexthop 192.168.25.5
origin i,originator 0.0.0.0, path 56 24, community ,  extended community
BGP(0): 192.168.25.5 rcv UPDATE about 4.4.4.4/32 --
DENIED due to:AS-PATH contains our own AS;
 
ok, we can override this rule, instead of sending the Customer AS#, we replace the Customer
AS # with ISPF AS# in order to respect RFC 1771, 9.3 rule, using the neighbor as-override
command, at the of each PE Router, that is talking BGP via the Customer via BGP VRF Address
Family.
R5(config)#router bgp 56
R5(config-router)#address-family ipv4 vrf B
R5(config-router-af)#neigh 192.168.25.2 as-override
R5(config-router-af)#^Z
R5#
*May 11 12:28:55.154: %BGP-5-ADJCHANGE: neighbor 192.168.25.2 vpn vrf B Down
AS-override change!
This WARNING is for ISPs: the BGP Relationship is reestablished..
you know what i mean (BW, CPU, Routes being advertised here and there…. etc.

Now on R2 we are getting this:

*May 11 12:33:19.175: BGP(0): 192.168.25.5 send UPDATE (format) 2.2.2.2/32,
 next 192.168.25.2,metric 0, path Local
*May 11 12:33:19.183: BGP(0): 192.168.25.5 rcvd UPDATE w/ attr: nexthop 192.168.25.5,
origin i,path 56 56
*May 11 12:33:19.183: BGP(0): 192.168.25.5 rcvd 4.4.4.4/32
*May 11 12:33:19.183: BGP(0): Revise route installing 1 of 1 routes for 4.4.4.4/32 ->
192.168.25.5(main) to main IP table
R2#show ip bgp
BGP table version is 13, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.2/32       0.0.0.0                  0         32768 i
*> 4.4.4.4/32       192.168.25.5                           0 56 56 i

The neigh as-override command, allows the provider to replace customer AS with its own AS

and prepend his AS number to the AS Path. lets do a some test of as path prepending on R4

R4(config)#route-map PREPEND
R4(config-route-map)#set as-path prepend 45 22 24
R4(config-route-map)#router bgp 24
R4(config-router)#neigh 192.168.46.6 route-map PREPEND out
R4(config-router)#^Z

Lets see what R6 (the PE router ) is receiving..The route in the PE (Ingress)

R6#clear ip bgp vpnv4 unicast 24 in
R6#
R6#show ip bgp vpnv4 vrf B neighbors 192.168.46.4 routes | b Network
Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 6.6.6.6:46 (default for vrf B)
*> 4.4.4.4/32       192.168.46.4             0             0 24 45 22 24 i
Total number of prefixes 1

The route send as VPNV4 route to R5, and annouced to R2 via BGP (watch the AS Sequence String)

R5#show ip bgp vpnv4 all neighbors 192.168.25.2 advertised-routes
BGP table version is 60, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 5.5.5.5:25 (default for vrf B)
*>i4.4.4.4/32       6.6.6.6                  0    100      0 24 45 22 24 i
Total number of prefixes 1

The route @ R2

R2#show ip bgp
BGP table version is 13, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network          Next Hop            Metric LocPrf Weight Path
*> 2.2.2.2/32       0.0.0.0                  0         32768 i
*> 4.4.4.4/32       192.168.25.5                           0 56 56 45 22 56 i

From this test, we can conclude, that BGP loop detection prevents Customers from
reusing their AS.

The neighbor as-overide command replaces the customer AS number, with the ISP AS number.

Saludos, Victor Cappuccio.-

Leave a Reply