06-21-2019 08:09 AM
I currently have a router with a private AS configured as the primary AS (router bgp 65204)
I have an ISP peer that I'm trying to advertise a block to. The peer config is utilizing "local as xxxx" with a non-private AS. i'm also using "neighbor x.x.x.x remove-private-as" but it does not appear to be working as my peer is advising they still see 65204 on the incoming advertisements.
is it possible to entirely remove the 65204 AS from my advertisements, when I'm using that AS as the primary AS for the entire device? Could I possibly prepend my public AS, along with the remove-private-as to get the expected behavior? Or will I be forced to rebuild the router config with my public AS (which I realize is the better option, but I'm looking for a bandaid fix to get this working now)?
May also be worth noting that this router is running 12.2(54)SG1 - and I do not have the remove-private-as ALL option (all not there)
Solved! Go to Solution.
06-21-2019 08:19 AM
Hello lgordnier,
the remove private-as works only on AS paths that contain only private AS numbers.
A possible solution is to use BGP confederations concept
You can keep the current private AS number but within the BGP router config you add:
router bgp 65204
bgp confederation identifier <your-public-AS>
This should allow to remove the private AS number in updates sent to the peer, because the private AS number is placed in a different AS sequence segment called Confederation AS sequence that is stripped when sending updates to a true eBGP peer.
Please note that this change will affect also the previously existing ISP1 eBGP session that needs to reconfigure as you were in your public AS number.
Hope to help
Giuseppe
06-22-2019 03:56 AM - edited 06-22-2019 04:05 AM
Hello
@lgordnier wrote:
I currently have a router with a private AS configured as the primary AS (router bgp 65204)
I have an ISP peer that I'm trying to advertise a block to. The peer config is utilizing "local as xxxx" with a non-
private AS. i'm also using "neighbor x.x.x.x remove-private-as" but it does not appear to be working as my peer is advising they still see 65204 on the incoming advertisements.
is it possible to entirely remove the 65204 AS neig from my advertisements, when I'm using that AS as the primary
If your ISP is peering with the local-as asn then i guess the other way you can do this is from the private-as router using the below syntax but note applying this will reset the bgp session between those rtrs
router bgp 65204
neighbor x.x.x.x local-as YYY no-prepend replace-as
06-21-2019 08:19 AM
Hello lgordnier,
the remove private-as works only on AS paths that contain only private AS numbers.
A possible solution is to use BGP confederations concept
You can keep the current private AS number but within the BGP router config you add:
router bgp 65204
bgp confederation identifier <your-public-AS>
This should allow to remove the private AS number in updates sent to the peer, because the private AS number is placed in a different AS sequence segment called Confederation AS sequence that is stripped when sending updates to a true eBGP peer.
Please note that this change will affect also the previously existing ISP1 eBGP session that needs to reconfigure as you were in your public AS number.
Hope to help
Giuseppe
06-21-2019 09:14 AM
nice, thank you Giuseppe! New tool for the box!
This would probably work if I didn't have several MPLS connections to the same provider/peer that use the private AS currently (same peer, but I'm trying to fix a public peering session for public advertisements)
guess it's time for a maintenance window!
06-22-2019 03:56 AM - edited 06-22-2019 04:05 AM
Hello
@lgordnier wrote:
I currently have a router with a private AS configured as the primary AS (router bgp 65204)
I have an ISP peer that I'm trying to advertise a block to. The peer config is utilizing "local as xxxx" with a non-
private AS. i'm also using "neighbor x.x.x.x remove-private-as" but it does not appear to be working as my peer is advising they still see 65204 on the incoming advertisements.
is it possible to entirely remove the 65204 AS neig from my advertisements, when I'm using that AS as the primary
If your ISP is peering with the local-as asn then i guess the other way you can do this is from the private-as router using the below syntax but note applying this will reset the bgp session between those rtrs
router bgp 65204
neighbor x.x.x.x local-as YYY no-prepend replace-as
06-24-2019 05:45 AM
Paul,
works great. Not sure how, but this is something I had forgotten about. thank you :)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide