CCIE SPv5.1 Labs
  • Page
  • Intro
    • Setup
  • MVPN
    • Start
    • Topology
    • Profile 0
    • Profile 0 with data MDTs
    • Profile 1
    • Profile 1 w/ Redundant Roots
    • Profile 1 with data MDTs
    • Profile 6
    • Profile 7
    • Profile 3
    • Profile 3 with S-PMSI
    • Profile 11
    • Profile 11 with S-PMSI
    • Profile 11 w/ Receiver-only Sites
    • Profile 9 with S-PMSI
    • Profile 12
    • Profile 13
    • UMH (Upstream Multicast Hop) Challenge
    • Profile 13 w/ Configuration Knobs
    • Profile 13 w/ PE RP
    • Profile 12 w/ PE Anycast RP
    • Profile 14 (Partitioned MDT)
    • Profile 14 with Extranet option #1
    • Profile 14 with Extranet option #2
    • Profile 14 w/ IPv6
    • Profile 17
    • Profile 19
    • Profile 21
  • MVPN SR
    • Start
    • Topology
    • Profile 27
    • Profile 27 w/ Constraints
    • Profile 27 w/ FRR
    • Profile 28
    • Profile 28 w/ Constraints and FRR
    • Profile 28 w/ Data MDTs
    • Profile 29
  • Segment Routing
    • Start
    • Topology
    • Basic SR with ISIS
    • Basic SR with OSPF
    • SRGB Modifcation
    • SR with ExpNull
    • SR Anycast SID
    • SR Adjacency SID
    • SR LAN Adjacency SID (Walkthrough)
    • SR and RSVP-TE interaction
    • SR basic inter-area with ISIS
    • SR basic inter-area with OSPF
    • SR basic inter-IGP (redistribution)
    • SR basic inter-AS using BGP
    • SR BGP Data Center (eBGP)
    • SR BGP Data Center (iBGP)
    • LFA
    • LFA Tiebreakers (ISIS)
    • LFA Tiebreakers (OSPF)
    • Remote LFA
    • RLFA Tiebreakers?
    • TI-LFA
    • Remote LFA or TILFA?
    • TI-LFA Node Protection
    • TI-LFA SRLG Protection
    • TI-LFA Protection Priorities (ISIS)
    • TI-LFA Protection Priorities (OSPF)
    • Microloop Avoidance
    • SR/LDP Interworking
    • SR/LDP SRMS OSPF Inter-Area
    • SR/LDP Design Challenge #1
    • SR/LDP Design Challenge #2
    • Migrate LDP to SR (ISIS)
    • OAM with SR
    • SR-MPLS using IPv6
    • Basic SR-TE with AS
    • Basic SR-TE with AS and ODN
    • SR-TE with AS Primary/Secondary Paths
    • SR-TE Dynamic Policies
    • SR-TE Dynamic Policy with Margin
    • SR-TE Explicit Paths
    • SR-TE Disjoint Planes using Anycast SIDs
    • SR-TE Flex-Algo w/ Latency
    • SR-TE Flex-Algo w/ Affinity
    • SR-TE Disjoint Planes using Flex-Algo
    • SR-TE BSIDs
    • SR-TE RSVP-TE Stitching
    • SR-TE Autoroute Include
    • SR inter-IGP using PCE
    • SR-TE PCC Features
    • SR-TE PCE Instantiated Policy
    • SR-TE PCE Redundancy
    • SR-TE PCE Redundancy w/ Sync
    • SR-TE Basic BGP EPE
    • SR-TE BGP EPE for Unified MPLS
    • SR-TE Disjoint Paths
    • SR Converged SDN Transport Challenge
    • SR OAM DPM
    • SR OAM Tools
    • Performance-Measurement (Interface Delay)
  • EVPN
    • Start
    • Topology
    • EVPN VPWS
    • EVPN VPWS Multihomed
    • EVPN VPWS Multihomed Single-Active
    • Basic Single-homed EVPN E-LAN
    • EVPN E-LAN Service Label Allocation
    • EVPN E-LAN Ethernet Tag
    • EVPN E-LAN Multihomed
    • EVPN E-LAN on XRv
    • EVPN IRB
    • EVPN-VPWS Multihomed IOS-XR (All-Active)
    • EVPN-VPWS Multihomed IOS-XR (Port-Active)
    • EVPN-VPWS Multihomed IOS-XR (Single-Active)
    • EVPN-VPWS Multihomed IOS-XR (Non-Bundle)
    • PBB-EVPN (Informational)
  • VPWS
    • Start
    • Topology
    • Basic VPWS
    • VPWS with Tag Manipulation
    • Redundant VPWS
    • Redundant VPWS (IOS-XR)
    • VPWS with PW interfaces
    • Manual VPWS
    • VPWS with Sequencing
    • Pseudowire Logging
    • VPWS with FAT-PW
    • MS-PS (Pseudowire stitching)
    • VPWS with BGP AD
  • VPLS
    • Start
    • Topology
    • Basic VPLS with LDP
    • VPLS with LDP and BGP
    • VPLS with BGP only
    • Hub and Spoke VPLS
    • Tunnel L2 Protocols over VPLS
    • Basic H-VPLS
    • H-VPLS with BGP
    • H-VPLS with QinQ
    • H-VPLS with Redundancy
    • VPLS with Routing
    • VPLS MAC Protection
    • Basic E-TREE
    • VPLS with LDP/BGP-AD and XRv RR
    • VPLS with BGP and XRv RR
    • VPLS with Storm Control
  • BGP Multi-Homing (XE)
    • Start
    • Topology
    • Lab1 ECMP
    • Lab2 UCMP
    • Lab3 Backup Path
    • Lab4 Shadow Session
    • Lab5 Shadow RR
    • Lab6 RR with Add-Path
    • Lab7 MPLS + Add Path ECMP
    • Lab8 MPLS + Shadow RR
    • Lab9 MPLS + RDs + UCMP
  • BGP Multi-Homing (XR)
    • Start
    • Topology
    • Lab1 ECMP
    • Lab2 UCMP
    • Lab3 Backup Path
    • Lab4 “Shadow Session”
    • Lab5 “Shadow RR”
    • Lab6 RR with Add-Path
    • Lab7 MPLS + Add Path ECMP
    • Lab8 MPLS + “Shadow RR”
    • Lab9 MPLS + RDs + UCMP
    • Lab10 MPLS + Same RD + Add-Path + UCMP
    • Lab11 MPLS + Same RD + Add-Path + Repair Path
  • BGP
    • Start
    • Conditional Advertisement
    • Aggregation and Deaggregation
    • Local AS
    • BGP QoS Policy Propagation
    • Non-Optimal eBGP Routing
    • Multihomed Enterprise Challenge
    • Provider Communities
    • Destination-Based RTBH
    • Destination-Based RTBH (Community-Based)
    • Source-Based RTBH
    • Source-Based RTBH (Community-Based)
    • Multihomed Enterprise Challenge (XRv)
    • Provider Communities (XRv)
Powered by GitBook
On this page
  • Answer
  • Explanation
  • Verification
  1. BGP

Local AS

PreviousAggregation and DeaggregationNextBGP QoS Policy Propagation

Last updated 1 day ago

Topology: russo-bgp-iol

Load unix:local.as.init.cfg

#R1-R6
configure replace unix:local.as.init.cfg

R1 is now in AS 64901 and R6 is now in AS 64906. ASN 65000 has not been updated to use R1 and R6’s new ASNs.

On R1 and R6 we must allow the peering sessions with AS 65000 to form without changing the global ASN.

  • On R1, allow R2 to peer with either 64901 or 65001. This will allow R1 to easily switchover in the future.

  • On R6, we will not allow R4 or R5 to peer with 64906.

  • On R6, prepend routes received from R4 with 65006, and prepend routes sent to R4 with 65006

  • On R6, do not prepend routes received or sent from/to R5.

Answer

#R1
router bgp 64901
 neighbor 10.1.2.2 local-as 65001 no-prepend replace-as dual-as
 neighbor FC00:10:1:2::2 local-as 65001 no-prepend replace-as dual-as

#R6
router bgp 64906
 neighbor 10.4.6.4 local-as 65006 
 neighbor 10.5.6.5 local-as 65006 no-prepend replace-as
 neighbor FC00:10:4:6::4 local-as 65006 
 neighbor FC00:10:5:6::5 local-as 65006 no-prepend replace-as

Explanation

First, here is a tip to reduce the flood of “received NOTIFICATION from peer, peer in wrong AS” messages if you are using console - use no bgp log-neighbor-changes. This helps you complete the beginning of the lab while the neighbor log messages are occuring. (When using clab, you are using SSH, so this isn’t a problem unless you have term mon enabled).

The local-as feature allows the router to peer with a neighbor using a different ASN than the global ASN. This helps with migrating to a new ASN.

There are a few keywords with this feature that can be a little confusing:

  • dual-as

    • Allows the neighbor to peer with the local router using either the local-as or the global ASN.

    • Must be configured with both no-prepend and replace-as

  • no-prepend

    • Does not prepend the local ASN on received routes

    • Otherwise, received routes have the local real ASN prepended, resulting in [local-real-ASN peer’s-ASN rest-of-AS-path…]

      • i.e. if the real ASN is 64906 and you are peering with local ASN 65006:

        • With nothing configured, received paths will have ASN 65006 appended

        • With no-prepend, received paths will be “as normal”

  • replace-as

    • Replaces the global ASN with the local ASN when sending routes to the neighbor

    • Otherwise, outgoing routes have both the global and the local ASN

    • In practice, this means that when replace-as is used, the peer only sees routes as coming from the local ASN.

      • i.e. <local ASN> <rest of path>

    • When replace-as is not used, the peer sees routes as coming from the peer’s real ASN first.

      • i.e. <local ASN> <real ASN> <rest of path>

The requirement for R1 is to allow R2 to peer using either ASN. This forces us to use all three keywords.

#R1
router bgp 64901
 neighbor 10.1.2.2 local-as 65001 no-prepend replace-as dual-as
 neighbor FC00:10:1:2::2 local-as 65001 no-prepend replace-as dual-as

The requirement for R6 and R4 is for routes received and sent to R4 to have the global ASN prepended. This is the default behavior, so we do not use any keywords.

#R6
router bgp 64906
 neighbor 10.4.6.4 local-as 65006 
 neighbor FC00:10:4:6::4 local-as 65006

The requirement for R6 and R5 is for routes received and sent to R5 to not have the global ASN prepended. We use both no-prepend and replace-as to achieve this.

#R6
router bgp 64906
 neighbor 10.5.6.5 local-as 65006 no-prepend replace-as
 neighbor FC00:10:5:6::5 local-as 65006 no-prepend replace-as

Verification

First we’ll verify the peering between R1 and R2. R1 should not prepend any routes received or sent. We can see that ASN 65001 is not seen on received routes:

We also see on R2 that ASN 64901 is not seen on routes sent by R1. R1 is replacing the global ASN with its local ASN.

We should also be able to peer with R1 on its new ASN on R2 with no changes needed on R1.

#R2
router bgp 65000
 neighbor 10.1.2.1 remote-as 64901
 neighbor FC00:10:1:2::1 remote-as 64901

The peering session immediately comes back up.

The received routes now have R1’s global ASN prepended instead of the local AS.

We’ll now examine the peering on R6. R6 should be prepending routes received from R4 with its local ASN, but not routes received from R5.

Likewise, R6 should be prepending its local ASN on routes sent to R4, but not on routes sent to R5. Notice below that R4 has a better path through R5 because it has a shorter AS_PATH length.

There is no situation in which the router can prepend only its global ASN. This would cause a problem if the peering router was using bgp enforce-first-as, which appears to be on by default.