01-24-2024 08:09 AM
Hello
Info:
Hardware: ASR-9901-RP
Version: 7.1.3
We are an open fibre provider with several white-label ISPs. The problem or rather question we are facing right now is the following.
As we only have one border connection to internet at the moment and each of our white-label ISP have an ASN(3 different to be exact) is it possible to announce all three of these through one BGP-peer?
As we primarily are using Huawei on other locations and it is the first time we have come across this specific scenario I thought it'd be best to ask around here.
Have been looking into local-as and is wondering if that would be a type of solution.
If you're not interested in solving my problems for me i would happily recieve pointers for me to investigate further.
Thank you in advance!
01-24-2024 08:30 AM
I dont get your Q
You have one router asr9k and other side is other vendor'
So what issue exactly that you think it solve by using local-as?
Thanks
MHM
01-24-2024 09:09 AM
Hello,
just for my understanding: you have three downstream white label ISPs (each with their own (public) ASN), and you are now basically a transit BGP provider for theses ASNs ? If that is the case, you one uplink to your upstrean BGP peer should not be an issue (as long, of course, as all ASNs are public ASNs).
03-03-2024 11:53 PM
I will try to explain it better.
As I said all of our ISP have public ASNs. We have a peer to a transit provider.
On this transit connection only one BGP is allowed to peer.
router bgp XXXXX
address-family ipv4 unicast
network X.X.X.X/24
network X.X.X.X/20
network X.X.X.X/23
How can we make it so that ASN XXXXX2 and XXXXX3 is announced on that same peer?
Is local-as not used for this?
We are present in many countries and another vendor is our main supplier, however some takeovers have given us access to cisco equipment and although I have a CCNP-certificate it was quite some time since I last handled Cisco so I appreciate all the help I can get.
Thanks in advance!
03-04-2024 12:27 AM
Hello @tojo2002 ,
>> How can we make it so that ASN XXXXX2 and XXXXX3 is announced on that same peer?
You need to configure your ASR 9000 to propagate the advertisements learned from ASN XXXXX2 and XXXXX3 to the transit provider and you need to change the route policy that you apply to the transit provider eBGP peer.
You don't need to appear as multiple ASes you need an appropriate route policy. Be aware that without a route policy your router will no advertise anything. This is specific behaviour of IOS XR.
Hope to help
Giuseppe
03-04-2024 12:36 AM - edited 03-04-2024 12:41 AM
Hello, thank you for your fast response.
The problem we are facing is that we as a parent company dont have any BGP peering in our net to this particular router.
We Company A own a net and sell internet service as ISP1 ISP2 and ISP3, we also allow external ISP:s to sell their service and relay that traffic so there is no problem there. The problem is that we dont have a "main"-unit for ISP1/2/3, instead all of them go through this router.
Hope this is understandable... Otherwise i will gladly try to explain it better.
Is it possible to manually add these ASNs with corresponding IP-nets to the ASR 9000 and propagate them that way?
03-04-2024 01:40 AM
Hello @tojo2002 ,
>> The problem we are facing is that we as a parent company dont have any BGP peering in our net to this particular router.
>> instead all of them go through this router.
But your ASR9000 is not running BGP. Does it provide only L2 services between ISP1, ISP2, ISP3 and other ISPs ?
It is not clear what the ASR9000 does in your network.
If I have understood your issue is that the transit provider expects / accepts a single eBGP peer from your side. You would be fine if the transit ISP could accept three eBGP sessions one with ISP1, one with ISP2, one with ISP3.
At the moment your ASR9000 is not acting as a BGP speaker and your idea is to activate BGP on it to present a single peer to the BGP transit ISP.
Can you confirm your network scenario ?
Hope to help
Giuseppe
03-04-2024 03:25 AM - edited 03-04-2024 03:26 AM
This is a brief description of the net, we install fiber at customers location.
The traffic to internet goes via our transit provider, the ASR today is peering with the transit provider using one of the three ISPs ASN. We want the ASR to propagate all three but the transit provider only accepts one ASN peering per connection and adding more connections is to expensive at this moment.
Maybe I'm seeing a problem that does not exist but my knowledge apparently is limited in that case.
Thanks everyone for the replies this far however
03-04-2024 03:36 AM
Hello @tojo2002 ,
>> The traffic to internet goes via our transit provider, the ASR today is peering with the transit provider using one of the three ISPs ASN. We want the ASR to propagate all three but the transit provider only accepts ASN peering.
if the ASR9000 uses ISP 1 ASN to peer with transit provider you need:
add eBGP peerings with ISP2 ASN2 and with ISP3 ASN3 on the ASR9000, then you need configure the route policy to the BGP transit provider to advertise all learned prefixes with AS path ASN1 or ASN1 SN2 or ASN1 ASN3.
This can work unless the BGP transit accepts only routes from ASN1 and not from "ASN1 ASN2" and not from "ASN1 ASN3"
it accepts a single eBGP peer or it accepts only prefixes with AS path = "ASN1" ?
Hope to help
Giuseppe
03-04-2024 03:56 AM
Transit provider don't mind being handed routes from other ASN, the problem is only in peering.
Okay so if i understand you correctly we should do the following.
ISP1 with ASN1 which is peering with transit provider and gets the config:
router bgp ASN1
address-family ipv4 unicast
network X.X.X.1/24
"All neighbour configs for peering"
and a route policy to advertise AS path ASN2 and ASN3
ISP2 with ASN2
router bgp ASN2
address-family ipv4 unicast
network X.X.X.2/24
ISP3 with ASN3
router bgp ASN3
address-family ipv4 unicast
network X.X.X.3/24
Or is that totally wrong?
03-04-2024 05:02 AM
Hello @tojo2002 ,
>> Transit provider don't mind being handed routes from other ASN, the problem is only in peering.
Ok you don't need to play with local-as tricks just configure the correct eBGP peerings and route policies on the ASR 9000 router.
You need to do this on three different router devices
Hope to help
Giuseppe
03-04-2024 05:31 AM
Thank you for your replies.
The gist of the problem is that we dont have three routers available, i dont even know if that would help even.
Where would you place these routers as, if i refer to earlier image, each of those customer connections could have one of many ISP:s?
Bascially, is it possible to do what we aim to do using only that one ASR-9000?
03-04-2024 10:11 PM
Indeed local-as can use between two peer to establish multi bgp with different AS
but this unusual config,
check below lab
03-04-2024 11:04 PM
Hello
Yeah i do realize this is not the optimal or even a good way to solve it but trying to make something out of what i got handed to me.
Would it be possible for you to share these configs so i could take a peek at them?
03-05-2024 10:03 PM
Sure Friend
R1#show run
Building configuration...
Current configuration : 2109 bytes
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Loopback10
ip address 11.11.11.11 255.255.255.255
!
interface FastEthernet0/0
ip address 100.0.0.1 255.255.255.0
duplex full
!
interface FastEthernet1/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet2/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet2/1
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet3/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet3/1
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet4/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet4/1
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet5/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet5/1
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet6/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet6/1
no ip address
shutdown
speed auto
duplex auto
!
router ospf 100
network 0.0.0.0 255.255.255.255 area 0
!
router bgp 1000
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 2
neighbor 2.2.2.2 ebgp-multihop 255
neighbor 2.2.2.2 update-source Loopback0
neighbor 22.22.22.22 remote-as 22
neighbor 22.22.22.22 ebgp-multihop 255
neighbor 22.22.22.22 update-source Loopback10
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
!
end
R2#show run
R2#show running-config
Building configuration...
Current configuration : 2177 bytes
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
!
!
no ip domain lookup
no ipv6 cef
!
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Loopback10
ip address 22.22.22.22 255.255.255.255
!
interface FastEthernet0/0
ip address 100.0.0.2 255.255.255.0
duplex full
!
interface FastEthernet1/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet2/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet2/1
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet3/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet3/1
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet4/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet4/1
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet5/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet5/1
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet6/0
no ip address
shutdown
speed auto
duplex auto
!
interface FastEthernet6/1
no ip address
shutdown
speed auto
duplex auto
!
router ospf 100
network 0.0.0.0 255.255.255.255 area 0
!
router bgp 2000
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 1000
neighbor 1.1.1.1 local-as 2
neighbor 1.1.1.1 ebgp-multihop 255
neighbor 1.1.1.1 update-source Loopback0
neighbor 11.11.11.11 remote-as 1000
neighbor 11.11.11.11 local-as 22
neighbor 11.11.11.11 ebgp-multihop 255
neighbor 11.11.11.11 update-source Loopback10
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
!
end
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide