Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
687
Views
15
Helpful
6
Replies

BGP Multi-peering with the same AS vs different AS

dtran
Level 6
Level 6

‎10-04-2022 10:30 PM

Hi all, hope everyone is well !!!

I have a couple questions around BGP multi-home with 2 separate upstream L3 devices. From the diagram below, I have a pair of Nexus 9300s directly connected to 2 separate SDWAN appliances via L3 links and I'll running eBGP between the Nexus 9300s and the SDWAN appliances. BGP will be configured on the SDWAN appliances so that inbound/outbound traffic will only prefer one over the other and if one should fail the other will take over. I am debating whether to keep the each SDWAN appliance on its own AS or have both on the same AS. What are the pros and cons to have them on the same AS vs two separate AS's ? Thank you very much !! I appreciate any inputs/suggestions.

Danny

dtran_0-1664946618978.png

 

Labels:
0 Helpful
6 Replies 6

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎10-05-2022 08:23 AM

Perhaps much depends on whether you want to have EBGP (different ASs) vs. IBGP (same AS) peers.

dtran
Level 6
Level 6
In response to Joseph W. Doherty

‎10-05-2022 08:53 AM

Hi Joseph, thanks Joseph !!

I also have another WAN router that's also connected to the Nexus 9300s that I am not showing in the diagram. This router is currently in production running EIGRP with the Nexus 9300s. I would like the SDWAN appliances to be the prefer path out to the WAN that's why I decide to use eBGP (lower admin distance) between the Nexus and the SDWAN appliances.

Thanks !!

Danny

 

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame
In response to dtran

‎10-05-2022 09:19 AM

Yea, by default on Cisco devices, eBGP would have a better AD vs. EIGRP which would have a better AD vs. iBGP.  Of course, though, you can override the default AD values for those protocols.

0 Helpful

rais
Level 7
Level 7

‎10-05-2022 09:20 AM

Using the same ASN for each SDWAN devices:

  1. any routes reflected back by nexus which it (nexus) learned from one of the sd devices would be rejected [by default]. 
  2. If MEDs are being used, the right route would be chosen automatically on nexus. 
  3. Load-sharing could be achieved, by default, should the two sd devices send the same routes to nexus. 

For unique ASNs, all of the above advantages are achievable by employing policies and different knobs available on Cisco devices. Additionally, unique ASNs provide clarity of which device the route has been through and may ease troubleshooting in a larger network.

dtran
Level 6
Level 6
In response to rais

‎10-05-2022 10:00 AM

Thanks Rais and Joseph !!! Your inputs/suggestions are highly appreciated !!!

Below my Nexus 9300s is a pair of Palo Alto FWs and VPC is used to connect the two and iBGP is used to exchange routes. Will the Nexus automatically advertise routes it learned from the SDWAN appliances to Palo Alto ? and routes learned from Palo Alto to the SDWAN appliances ?

Thanks again !!

Danny

0 Helpful

rais
Level 7
Level 7
In response to dtran

‎10-05-2022 12:16 PM

By default, routes will be shared barring anything blocked in the policies. 

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card