sorry when I say private peering session we have an EBGP neighbour to them to our public AS on a /30 link we just peer direct.

so between the direct link we just want to advertise our local networks and not our transit ( tier 1 links ) however this company seem to be advertising our prefix to the rest of the internet, which I presume they should not be doing this. As we don't want our /22 address space seen via them to the rest of the internet, they should be seen via our transit link instead?

Sorry Paul hope this makes sense as I understand the no export community wont help in this situation I we are peering over an EBGP session.

Maybe shut down the session to them and tell them to check the filters?

Thanks

Hello

If i understand you wish not to become a transit between ISPs

So the best way would be to apply a filter

ip as-path access-list 1 ^$

router bgp xx
neigbour (isp1) filter-list 1 out
neigbour (isp2) filter-list 1 out

This will just advertise your local routes ONLY and not routes from either ISP thus preventing you becoming a transit site for either ISP


res
Paul

 

Hi Paul,

Yes I don't want to become a transit AS but also this provider should not be advertising my local prefix's to the rest of the internet correct?

My example subnet 82.10.31.0/22 within my AS should only be advertised them to but they should then not be advertising my prefix's out to the rest of the internet? If they are advertising my prefix's this could cause my inbound traffic to come in via them and not my tier1 transit.

Sorry hope I'm clear on what is happening

Thanks.

Hello

So you can perform AS prepending to advertse your local routes to a specifc ISP for least preffered incoming path selection and  maybe also incorporate negating transit routing as the same time.

You can match on a sepcifi prefix if you wish or prepend all local routes

route-map AS-Prepend
set as path-prepend (your asn  your asn  your asn)

router bgp xx
neigbour (isp1) filter-list 1 out
neigbour (isp2) filter-list 1 out
neigbour (isp1) route-map AS-Prepend out



res
Paul

 

Also would it be a good idea to speak to the ISP and tell them to update there filters to tell them not to advertise our prefix to the rest of the world?

Not sure how it works but i thought another AS was not aloud to advertise your prefix's unless you give them permission am i correct?

Thanks

Hello

This way you would then have no resilency if the primary ISP link failed so you might awell not advertied it to them in the first place

res

Paul

we already have multiple tier 1 providers like NTT Cogent etc so i assume we would prefer to route via them. 

I think the whole point in getting this private session setup is to provide less hops within the AS path thus lower latency ( so is doesn't travel via the tier 1 and goes direct over the private session) if any traffic is destined to there prefix.

Thanks

Hello

Then pre pending will do the job