cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2415
Views
0
Helpful
5
Replies

AS_PATH rules for BGP/MP-BGP

jwstric22
Level 1
Level 1

See attached Physical TOPO.

CE(s) AS is 65100

PE(s) AS is 65501

CE1 vrf 100 (vrf lite) peered to PE1 vrf 100

CE2 vrf 100 (vrf lite) peeredto PE2 vrf 10.

CE1 is advertising 11.100.0.0/24

1.  At PE1; we see the route.  Since CE1 originated the route; its AS_PATH is set to CE1 AS.

RP/0/RSP1/CPU0:PE1-ASR9K-AG04-1#show bgp vrf 100 ipv4 unicast

BGP VRF 100, state: Active

BGP Route Distinguisher: 1:100

VRF ID: 0x60000001

BGP router identifier 21.1.101.1, local AS number 65501

BGP table state: Active

Table ID: 0xe0000010   RD version: 93478

BGP main routing table version 93478

Status codes: s suppressed, d damped, h history, * valid, > best

              i - internal, r RIB-failure, S stale, N Nexthop-discard

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network            Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 1:100 (default for vrf 100)

*> 11.100.0.0/24      121.1.201.1              0             0 65100 ?

*>i12.100.0.0/24      21.6.101.1               0    100      0 ?

*> 21.1.201.1/32      0.0.0.0                  0         32768 ?

2.  At PE2; we see the route.  Sent to PE2 (via a route reflector not shown). 

RP/0/RSP1/CPU0:PE2-ASR9K-AG04-2#show bgp vrf 100 ipv4 unicast

BGP VRF 100, state: Active

BGP Route Distinguisher: 1:100

VRF ID: 0x60000002

BGP router identifier 21.2.101.1, local AS number 65501

Non-stop routing is enabled

BGP table state: Active

Table ID: 0xe0000011   RD version: 91134

BGP main routing table version 91134

BGP NSR Initial initsync version 4294967295 (Not Reached)

Status codes: s suppressed, d damped, h history, * valid, > best

              i - internal, r RIB-failure, S stale, N Nexthop-discard

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network            Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 1:100 (default for vrf 100)

*>i11.100.0.0/24      21.1.101.1               0    100      0 65100 ?

Here is where it gets sticky, and I believe I'm missing some rule set of MP-BGP.  Unless we set as-override at PE2, PE2 will never send an update to CE2.  My belief in the scenerio was that PE2 would sent the advertisement but CE2 should dampen it unless it unless we set it to allow our own AS in , allow-as in.

1 Accepted Solution

Accepted Solutions

Hello Jonathan,

I think I found answer ->

as-path-loopcheck out disable

To disable AS PATH  loop checking  for outbound updates, use the as-path-loopcheck out disable command in an appropriate address family configuration mode. To re-enable  the default AS PATH loop checking, use the no form of this command.

as-path-loopcheck out disable

no as-path-loopcheck out disable

Syntax Description

This command has no keywords or arguments.

Command Default

AS PATH loop  checking is enabled for outbound updates.

Source:

http://www.cisco.com/en/US/docs/routers/crs/software/crs_r4.1/routing/command/reference/b_routing_cr41crs_chapter_01.html#wp3145726977

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions

View solution in original post

5 Replies 5

jwstric22
Level 1
Level 1

http://www.shafagh.net/2009/10/ccie-sp-bgp-as-pe-ce.html

similar to what is being attempted, except for IOS-XR.....  Looking through the config now to see if anything differs.

Hello Jonathan,

According your topology CE1 will never learn about CE2 networks and vice versa because of BGP loop rule.

- PE1 will send update to CE1 which will drop it because its own AS in AS_PATH

- same with PE2 and CE2

To allow CEs learn about networks from each other, you must configure as-override or allow-as.

as-override

- configure on PEs toward CEs, it will rewrite CE's AS 65100 to PE's AS 65501.

allow-as

- configure on CEs toward PEs, it will not apply BGP loop rule.

This is behaviour on Cisco IOS, I think same should apply to IOS-XR.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions

blau grana,

The problem I'm seeing, in IOS-XR its not advertising down to the CEs without as-override.

CE1 sends route to PE1 (11.100.0.0/24). 

PE1->PE2.

PE2 never sends to CE2. 

I turned on allowas-in at CE2 before the thread write-up.  The only option that seems to works is at the PE, as-override.

Without as-override at PE2:

RP/0/RSP1/CPU0:PE2-ASR9K-AG04-2#show bgp vrf 100 advertised | include 11.100.0

With as-override at PE2:

RP/0/RSP1/CPU0:PE2-ASR9K-AG04-2#show bgp vrf 100 aDvertised | include 11.100.0$

11.100.0.0/16 is advertised to 121.2.202.1

At CE2 with as-override:

RP/0/RSP0/CPU0:CE2-ASR9K-AG04-4#show bgp vrf 100 ipv4 unicast

Fri Mar 15 14:22:57.120 EST

BGP VRF 100, state: Active

BGP Route Distinguisher: 1:100

VRF ID: 0x60000002

BGP router identifier 21.4.1.1, local AS number 65100

BGP table state: Active

Table ID: 0xe0000011   RD version: 50742

BGP main routing table version 50742

Status codes: s suppressed, d damped, h history, * valid, > best

              i - internal, r RIB-failure, S stale, N Nexthop-discard

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network            Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 1:100 (default for vrf 100)

*> 11.100.0.0/16      121.2.202.0                            0 65501 65501 i

Thats the main problem here, the IOS config as seen in http://www.shafagh.net/2009/10/ccie-sp-bgp-as-pe-ce.html doesn't seem to correlate to what I'm attempting in IOS-XR.  Thus IOS-XR is just a bit different (missing flag).  I may need to go pull out an old 7200 in the corner here and see if I get same/different results.

Hello Jonathan,

I think I found answer ->

as-path-loopcheck out disable

To disable AS PATH  loop checking  for outbound updates, use the as-path-loopcheck out disable command in an appropriate address family configuration mode. To re-enable  the default AS PATH loop checking, use the no form of this command.

as-path-loopcheck out disable

no as-path-loopcheck out disable

Syntax Description

This command has no keywords or arguments.

Command Default

AS PATH loop  checking is enabled for outbound updates.

Source:

http://www.cisco.com/en/US/docs/routers/crs/software/crs_r4.1/routing/command/reference/b_routing_cr41crs_chapter_01.html#wp3145726977

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions

blau grana,

Much appreciated for finding this.  After applying to the ipv4 unicast address family the routes are as expected:

RP/0/RSP0/CPU0:CE2-ASR9K-AG04-4#show bgp vrf 100 ipv4 unicast

Fri Mar 15 15:28:52.649 EST

BGP VRF 100, state: Active

BGP Route Distinguisher: 1:100

VRF ID: 0x60000002

BGP router identifier 21.4.1.1, local AS number 65100

BGP table state: Active

Table ID: 0xe0000011   RD version: 50768

BGP main routing table version 50768

Status codes: s suppressed, d damped, h history, * valid, > best

              i - internal, r RIB-failure, S stale, N Nexthop-discard

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network            Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 1:100 (default for vrf 100)

*> 11.100.0.0/24      121.2.202.0                            0 65501 65100 ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Review Cisco Networking products for a $25 gift card