03-16-2020 05:50 PM
Hi All,
I have a 3 ANS e.g 100 200 300 when advertised to the internet 100 200 300 ASN path is shown, i would like to overwrite the ASN and remove 100. So ASN path to the internet will only be 200 300.
I used "as-override" command under address family but still 100 ASN is showing .path.
Thanks
03-16-2020 06:24 PM
03-16-2020 08:40 PM
Hi Francesco,
Its actually private ASN that i want to remove while maintain the public. Below is my configuration but still see private ASN in between.
Adverting router
2.2.2.2#show run | s r b
router bgp 64513
bgp log-neighbor-changes
neighbor 192.168.0.1 remote-as 1
neighbor 192.168.0.1 local-as 1
neighbor 192.168.0.10 remote-as 2
neighbor 192.168.0.10 local-as 1
!
address-family ipv4 vrf test
network 2.2.2.2 mask 255.255.255.255
aggregate-address 2.2.2.0 255.255.254.0 summary-only
neighbor 192.168.0.10 remote-as 2
neighbor 192.168.0.10 local-as 1
neighbor 192.168.0.10 activate
neighbor 192.168.0.10 as-override
exit-address-family
4.4.4.4>show ip bgp
*> 2.2.2.0/23 192.168.0.9 0 0 1 64513 i
03-17-2020 01:38 AM
Hi,
Based on the AS'es contained in the AS path as your BGP router receives it, you have several options to remove the private AS'es from the AS path:
- if the prefixes your BGP router receives have ONLY private AS'es in the AS path, you would need to configure "neighbor 192.168.0.10 remote-private-as"; so prefixes with an AS path like 64513 64516
- if the prefixes your BGP router receives has both private and public AS'es in the AS path, you would need to configure "neighbor 192.168.0.10 remote-private-as all"; so prefixes with an AS path like 64513 64516 20 64515
-in case you also want to preserve the AS path length, alongside with stripping private AS'es, you would need to configure "neighbor 192.168.0.10 remote-private-as all replace-as", so the router will not only strip, but replace each private AS with its own AS
Additionally, assuming your ISP BGP router is 192.168.0.10, and you run local-as feature with this neighbour, for remove private AS to work, you need to ensure that the "local-as" is the only one which shows is being appended by the local router, which actually runs BGP in private AS by itself. So you would, additionally to the above, need to configure "neighbor 192.168.0.10 local-as 1 no-prepend replace-as".
Regards,
Cristian Matei.
03-19-2020 05:47 PM
03-16-2020 08:42 PM
Also reason is my upstream uses ROA and when they see private ASN they don't allow it to the internet.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide