Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6767
Views
6
Helpful
5
Replies

allowas-in OR as-override best practice

Go to solution
romccallum
Level 4
Level 4

‎07-11-2005 02:40 AM

ok. up until last week I thought I knew where these commands were used. Now Im well confused. I configured up a lab last week which I configured allowas-in on the PE device. I waited for an hour and the CE still didnt have any routes. It then dawned on me that the CE actually requires the allowas-in command as well to import the route back into the same AS. Nows the question - why would you ever use allowas-in over as-override? The only reason I can see is that the CE device doesnt support that command. Best Practice in the real world? I have always stipulated as-override for simplicity (cough) is this right?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Harold Ritter
Cisco Employee
Cisco Employee

‎07-11-2005 04:31 AM

Robert,

You are correct. "allowas-in" is ussually used on the CE and "as-override" on the PE. In my experience, SPs prefer to configure "as-override" for consistency since the CE is most of the time own by the customer and as you said you can't really be sure what IOS is running and therefore what commands will be available.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

5 Replies 5

Go to solution
Harold Ritter
Cisco Employee
Cisco Employee

‎07-11-2005 04:31 AM

Robert,

You are correct. "allowas-in" is ussually used on the CE and "as-override" on the PE. In my experience, SPs prefer to configure "as-override" for consistency since the CE is most of the time own by the customer and as you said you can't really be sure what IOS is running and therefore what commands will be available.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Go to solution
romccallum
Level 4
Level 4
In response to Harold Ritter

‎07-11-2005 04:46 AM

Cheers H. There is a lot of documentation out there that specifically states that allowas-in should be configured on the PE. tut tut tut tut. Ah well at least IPEXPERT labs have learned me one thing.

0 Helpful

Go to solution
Harold Ritter
Cisco Employee
Cisco Employee
In response to romccallum

‎07-11-2005 06:55 AM

Robert,

The documentation is actually discussing the "allowas-in" in the context of hub and spoke MPLS VPN. In this case, it would be appropriate to use "allowas-in" on the PE.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Go to solution
romccallum
Level 4
Level 4
In response to Harold Ritter

‎07-11-2005 11:38 PM

aha now i get it. I must have been mis reading it all the time as I thought it was just talking about normal vpns where you had to configure allowas-in in order to pass the routes onto the CE router.

Cheers

0 Helpful

Go to solution
Martin12
Level 1
Level 1

‎06-08-2019 06:40 PM

Late reply : For those who think about these two options, realize that AS-OVERRIDE can be configured only for neighbors in VRF- that means usually not CE router, and AS-OVERRIDE is used in transit areas which connect remote areas with the same AS numbers that would be otherwise blocked due to AS_PATH ;; in comparison ALLOWAS-IN xTimes is good choice on most remote sites , if you are sure you won't cause control plane loop
0 Helpful
Customers Also Viewed These Support Documents