08-18-2021 10:41 AM
Hello,
We're migrating from one ASN/netbock to another. All of the documentation I've found regarding BGP migration is from the perspective of an ISP that needs to change its AS in a way that's transparent to the customer (rfc7705, "BGP Support for Dual AS Configuration for Network AS Migrations").
However, I'm unable to find any documentation on a customer-centric AS migration. Of course, our provider needs to handle both ASNs, but does our router need a local-as/replace-as/dual-as entry?
Example BGP configs on PE and CE routers would be helpful for comprehension. Assume the existing ASN is 50000, the new ASN is 55000, our provider's ASN is 40000, our IP is 10.3.3.33, and our provider's is 10.3.3.11.
Thanks.
08-18-2021 09:04 PM
Hello @Brad303 ,
>> However, I'm unable to find any documentation on a customer-centric AS migration. Of course, our provider needs to handle both ASNs, but does our router need a local-as/replace-as/dual-as entry?
Yes the local-as feature and its variants is the tool to be used also when the the change happens on the customer side.
I would like to point out that we speak of PE -CE eBGP session only when an MPLS L3 VPN service is in use.
If you get simple internet connectivity from the ISP the terms PE and CE are not exact from a technical point of view.
Hope to help
Giuseppe
08-19-2021 11:21 AM - edited 08-19-2021 03:16 PM
Thanks for the reply, Guiseppe.
First, I've always used PE/CE as Provider Edge and Customer Edge in generic terms, whether for MPLS or "regular" IP. However, if the convention is to only use those terms in the context of MPLS (and a quick search indicates that's the most frequent use), I'll happily stand corrected. And, FWIW, we are using MPLS as well, but the scenario in question is regarding only our publicly routable Internet IPs.
Given:
Provider's AS 40000, IP 10.0.0.11
Our current AS 50000, net 10.3.3/24
Our new AS 55000, net 10.4.4/24
This is our current config:
router bgp 50000 no synchronization bgp log-neighbor-changes network 10.3.3.0 neighbor 10.0.0.11 remote-as 40000 neighbor 10.0.0.11 version 4 no auto-summary
What do I add/change to add our new AS & network?
This is what I've come up with:
router bgp 55000 no synchronization bgp log-neighbor-changes network 10.3.3.0 network 10.4.4.0 neighbor 10.0.0.11 remote-as 40000 neighbor 10.0.0.11 local-as 50000 no-prepend replace-as dual-as neighbor 10.0.0.11 version 4 no auto-summary
That should allow us to establish a peering session with our provider using either AS. But which AS is added to the path? Or doesn't it matter, since both ASs live on our router for the time being?
08-19-2021 03:43 PM - edited 08-19-2021 03:46 PM
Hello
@Brad303 wrote:
Provider's AS 40000, IP 10.0.0.11
Our current AS 50000, net 10.3.3/24
Our new AS 55000, net 10.4.4/24
This is our current config:
router bgp 50000 no synchronization bgp log-neighbor-changes network 10.3.3.0 neighbor 10.0.0.11 remote-as 40000 neighbor 10.0.0.11 version 4 no auto-summary
You example looks okay but I would include the subnetmask of the new local network if its a classless subnet?
router bgp 55000
no network 10.3.3.0
network 10.4.4.0 mask 255.255.255.0
Local-as - will allow you to use a different ASN but allow the provider rtr to peer with its neighbour via its old asn number, as such any advertised routes to either rtr will show the origin ASN and also the local as in the as-set path
Local-as no-prepend - should remove the local asn from any received advertised routes from provider peer.
Dual-as -should allow provider rtr to peer with either rtr ASN 55000 or 50000
Local-as no-prepend replace-as dual-as - as above but also any advertised routes between each rtr should only show directly attached asn rtrs in the as-path set depending on what asn the provider rtr is peering to ( 55000 or 50000)
08-20-2021 09:06 AM
If we do dual-as on our end, our provider would have to accept either AS, and therefore would need to enable dual-as on their end. Since that's the case, it doesn't make sense for us to do dual-as. We can simply update to our new AS any time after they've implemented dual-as and advertise for both networks. After the host migration is complete on our end, we can remove the old network, and they can remove the dual-as and old AS.
08-20-2021 01:36 PM
Hello
@Brad303 wrote:
If we do dual-as on our end, our provider would have to accept either AS, and therefore would need to enable dual-as on their end.
No they wouldnt require to use the dual-as it would be applicable to only you, the providers ASN will stay the same they would ahve no need to change, What it would do is allow the provider to peer to either your primary ASN or its local ASN
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide