02-19-2013 05:48 AM - edited 03-04-2019 07:04 PM
I'm currently labbing a scenario in which I'd like to remove the Private-ASs that are within NLRIs that I'm sending to an EBGP neighbor. The issue is complicated by the fact that within the existing NLRIs, there is a single Public-ASN amongst the private ones, along with the EBGP peerings all being based on Private ASNs. The scenario I'm labbing is below:
AS65000 <> AS65501 <> AS65251 <> AS123 <> AS65001
I've tested the above configuration replacing ASN 65501 with ASN 456, and when I add 'remove-private-as all' to the eBGP peering going to AS65000 I can see that all the Private ASNs within the NLRIs sent to AS65000 are stripped.
What I'd like to be able to do is run ASN456 as a private ASN (as above - and as will be in Production) and still be able to strip out all the Private ASN information, I'm happy I'm running the correct code to achieve this, I just believe that due to the peerings being made between Private ASNs, the functionality isn't available to me.
Is anyone able to offer any assistance on whether a workaround method is available for the above. The BGP ASNs are currently in place within a production environment, so we're unable to change these.
TIA
03-01-2013 04:24 AM
Hello Daniel,
I've tested the above configuration replacing ASN 65501 with ASN 456, and when I add 'remove-private-as all' to the eBGP peering going to AS65000 I can see that all the Private ASNs within the NLRIs sent to AS65000 are stripped.
- See more at: https://supportforums.cisco.com/thread/2199889#sthash.NZDF6KQb.dpufI've tested the above configuration replacing ASN 65501 with ASN 456, and when I add 'remove-private-as all' to the eBGP peering going to AS65000 I can see that all the Private ASNs within the NLRIs sent to AS65000 are stripped.
Yes. And if you used remote-private-as all replace-as, all private ASNs would be replaced by your own AS number (though your own AS number may be private, thereby losing the advantage of hiding the private AS).
What I'd like to be able to do is run ASN456 as a private ASN (as above - and as will be in Production) and still be able to strip out all the Private ASN information,
I do not quite understand this requirement. Isn't the remove-private-as all already performing this operation? Can you perhaps give an example of the AS_PATH manipulation you want to perform?
Thank you!
Best regards,
Peter
03-01-2013 05:23 AM
Hi,
quite surprising from me it works now with a mixture of private and public ASNs.
But it seems changed considerably since IOS 15.1(2)T, see:
for details.
BR,
Milan
03-01-2013 05:30 AM
Hi Milan,
Yes, quite so! I have also been looking at the Command Reference and the changes in the default behavior are quite extensive.
http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/command/bgp-m1.html#wp3558926523
Best regards,
Peter
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide