Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
734
Views
0
Helpful
5
Replies

BGP ASN/netblock client-side migration

Brad303
Level 1
Level 1

‎08-18-2021 10:41 AM

Hello,

 

We're migrating from one ASN/netbock to another. All of the documentation I've found regarding BGP migration is from the perspective of an ISP that needs to change its AS in a way that's transparent to the customer (rfc7705, "BGP Support for Dual AS Configuration for Network AS Migrations").

 

However, I'm unable to find any documentation on a customer-centric AS migration. Of course, our provider needs to handle both ASNs, but does our router need a local-as/replace-as/dual-as entry?

 

Example BGP configs on PE and CE routers would be helpful for comprehension. Assume the existing ASN is 50000, the new ASN is 55000, our provider's ASN is 40000, our IP is 10.3.3.33, and our provider's is 10.3.3.11.

 

Thanks.

Labels:
0 Helpful
5 Replies 5

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-18-2021 09:04 PM

Hello @Brad303 ,

 

>> However, I'm unable to find any documentation on a customer-centric AS migration. Of course, our provider needs to handle both ASNs, but does our router need a local-as/replace-as/dual-as entry?

 

Yes the local-as feature and its variants is the tool to be used also when the the change happens on the customer side.

 

I would like to point out that we speak of PE -CE eBGP session only when an MPLS L3 VPN service is in use.

If you get simple internet connectivity from the ISP the terms PE and CE are not exact from a technical point of view.

 

Hope to help

Giuseppe

 

0 Helpful

Brad303
Level 1
Level 1
In response to Giuseppe Larosa

‎08-19-2021 11:21 AM - edited ‎08-19-2021 03:16 PM

Thanks for the reply, Guiseppe.

First, I've always used PE/CE as Provider Edge and Customer Edge in generic terms, whether for MPLS or "regular" IP. However, if the convention is to only use those terms in the context of MPLS (and a quick search indicates that's the most frequent use), I'll happily stand corrected. And, FWIW, we are using MPLS as well, but the scenario in question is regarding only our publicly routable Internet IPs.

Given:

 

Provider's AS 40000, IP 10.0.0.11
Our current AS 50000, net 10.3.3/24
Our new AS 55000, net 10.4.4/24

This is our current config:

router bgp 50000
 no synchronization
 bgp log-neighbor-changes
 network 10.3.3.0
 neighbor 10.0.0.11 remote-as 40000
 neighbor 10.0.0.11 version 4
 no auto-summary

What do I add/change to add our new AS & network?

This is what I've come up with:

router bgp 55000
 no synchronization
 bgp log-neighbor-changes
 network 10.3.3.0
 network 10.4.4.0
 neighbor 10.0.0.11 remote-as 40000
 neighbor 10.0.0.11 local-as 50000 no-prepend replace-as dual-as
 neighbor 10.0.0.11 version 4
 no auto-summary

That should allow us to establish a peering session with our provider using either AS. But which AS is added to the path? Or doesn't it matter, since both ASs live on our router for the time being?

0 Helpful

paul driver
VIP
VIP
In response to Brad303

‎08-19-2021 03:43 PM - edited ‎08-19-2021 03:46 PM

Hello

@Brad303 wrote:

Provider's AS 40000, IP 10.0.0.11

Our current AS 50000, net 10.3.3/24

Our new AS 55000, net 10.4.4/24

 

This is our current config:

router bgp 50000
 no synchronization
 bgp log-neighbor-changes
 network 10.3.3.0
 neighbor 10.0.0.11 remote-as 40000
 neighbor 10.0.0.11 version 4
 no auto-summary

You example looks okay but I would include the subnetmask of the new local network if its a classless subnet?

router bgp 55000
no network 10.3.3.0
network 10.4.4.0 mask 255.255.255.0


Local-as - will allow you to use a different ASN but allow the provider rtr to peer with its neighbour via its old asn number, as such any advertised routes to either rtr will show the origin ASN and also the local as in the as-set path

Local-as no-prepend - should remove the local asn from any received advertised routes from provider peer.

Dual-as -should allow provider rtr to peer with either rtr ASN 55000 or 50000

Local-as no-prepend replace-as dual-as - as above but also any advertised routes between each rtr should  only show directly attached asn rtrs in the as-path set depending on what asn the provider rtr is peering to ( 55000 or 50000)


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Brad303
Level 1
Level 1

‎08-20-2021 09:06 AM

If we do dual-as on our end, our provider would have to accept either AS, and therefore would need to enable dual-as on their end. Since that's the case, it doesn't make sense for us to do dual-as. We can simply update to our new AS any time after they've implemented dual-as and advertise for both networks. After the host migration is complete on our end, we can remove the old network, and they can remove the dual-as and old AS.

0 Helpful

paul driver
VIP
VIP
In response to Brad303

‎08-20-2021 01:36 PM

Hello

@Brad303 wrote:

If we do dual-as on our end, our provider would have to accept either AS, and therefore would need to enable dual-as on their end. 

No they wouldnt require to use the dual-as it would be applicable to only you, the providers ASN will stay the same they would ahve no need to change, What it would do is allow the provider to peer to either your primary ASN or its local ASN

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card