Over writing ANS path

aprasad11 · ‎03-16-2020

Hi All,

I have a 3 ANS e.g 100 200 300 when advertised to the internet 100 200 300 ASN path is shown, i would like to overwrite the ASN and remove 100. So ASN path to the internet will only be 200 300.

I used "as-override" command under address family but still 100 ASN is showing .path.

Thanks

Francesco Molino · ‎03-16-2020

Hi
The as-override command can only be executed under vpnv4 address-family.
When you say as100, is it a private or public as?
You can't remove a public as from the as-path but you can do a workaround by advertising an aggregate address which will be seen with your as and not all AS.
If it's a private as, you can remove them. Can you detail why you want to remove an AS and if it's a public or private in order to help you.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

aprasad11 · ‎03-16-2020

Hi Francesco,

Its actually private ASN that i want to remove while maintain the public. Below is my configuration but still see private ASN in between.

Adverting router

2.2.2.2#show run | s r b
router bgp 64513
bgp log-neighbor-changes
neighbor 192.168.0.1 remote-as 1
neighbor 192.168.0.1 local-as 1
neighbor 192.168.0.10 remote-as 2
neighbor 192.168.0.10 local-as 1
!
address-family ipv4 vrf test
network 2.2.2.2 mask 255.255.255.255
aggregate-address 2.2.2.0 255.255.254.0 summary-only
neighbor 192.168.0.10 remote-as 2
neighbor 192.168.0.10 local-as 1
neighbor 192.168.0.10 activate
neighbor 192.168.0.10 as-override
exit-address-family

4.4.4.4>show ip bgp
*> 2.2.2.0/23 192.168.0.9 0 0 1 64513 i

Cristian Matei · ‎03-17-2020

Hi,

Based on the AS'es contained in the AS path as your BGP router receives it, you have several options to remove the private AS'es from the AS path:

- if the prefixes your BGP router receives have ONLY private AS'es in the AS path, you would need to configure "neighbor 192.168.0.10 remote-private-as"; so prefixes with an AS path like 64513 64516

- if the prefixes your BGP router receives has both private and public AS'es in the AS path, you would need to configure "neighbor 192.168.0.10 remote-private-as all"; so prefixes with an AS path like 64513 64516 20 64515

-in case you also want to preserve the AS path length, alongside with stripping private AS'es, you would need to configure "neighbor 192.168.0.10 remote-private-as all replace-as", so the router will not only strip, but replace each private AS with its own AS

Additionally, assuming your ISP BGP router is 192.168.0.10, and you run local-as feature with this neighbour, for remove private AS to work, you need to ensure that the "local-as" is the only one which shows is being appended by the local router, which actually runs BGP in private AS by itself. So you would, additionally to the above, need to configure "neighbor 192.168.0.10 local-as 1 no-prepend replace-as".

Regards,

Cristian Matei.

Francesco Molino · ‎03-19-2020

On your 192.168.0.10 bgp neighbor you're using local-as. You can add no-prepend replace-as at the end of this statement.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

aprasad11 · ‎03-16-2020

Also reason is my upstream uses ROA and when they see private ASN they don't allow it to the internet.