Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1954
Views
0
Helpful
3
Replies

BGP Remove Private-AS

Daniel Anderson
Level 1
Level 1

‎02-19-2013 05:48 AM - edited ‎03-04-2019 07:04 PM

I'm currently labbing a scenario in which I'd like to remove the Private-ASs that are within NLRIs that I'm sending to an EBGP neighbor. The issue is complicated by the fact that within the existing NLRIs, there is a single Public-ASN amongst the private ones, along with the EBGP peerings all being based on Private ASNs. The scenario I'm labbing is below:

AS65000 <> AS65501 <> AS65251 <> AS123 <> AS65001

I've tested the above configuration replacing ASN 65501 with ASN 456, and when I add 'remove-private-as all' to the eBGP peering going to AS65000 I can see that all the Private ASNs within the NLRIs sent to AS65000 are stripped.

What I'd like to be able to do is run ASN456 as a private ASN (as above - and as will be in Production) and still be able to strip out all the Private ASN information, I'm happy I'm running the correct code to achieve this, I just believe that due to the peerings being made between Private ASNs, the functionality isn't available to me.

Is anyone able to offer any assistance on whether a workaround method is available for the above. The BGP ASNs are currently in place within a production environment, so we're unable to change these.

TIA

1 person had this problem
Labels:
0 Helpful
3 Replies 3

Peter Paluch
Cisco Employee
Cisco Employee

‎03-01-2013 04:24 AM

Hello Daniel,

I've  tested the above configuration replacing ASN 65501 with ASN 456, and  when I add 'remove-private-as all' to the eBGP peering going to AS65000 I  can see that all the Private ASNs within the NLRIs sent to AS65000 are  stripped. - See more at:  https://supportforums.cisco.com/thread/2199889#sthash.ieNB03JS.dpuf

I've  tested the above configuration replacing ASN 65501 with ASN 456, and  when I add 'remove-private-as all' to the eBGP peering going to AS65000 I  can see that all the Private ASNs within the NLRIs sent to AS65000 are  stripped.

- See more at: https://supportforums.cisco.com/thread/2199889#sthash.NZDF6KQb.dpuf
I've tested the above configuration replacing ASN 65501 with ASN 456,  and when I add 'remove-private-as all' to the eBGP peering going to  AS65000 I can see that all the Private ASNs within the NLRIs sent to  AS65000 are stripped.

Yes. And if you used remote-private-as all replace-as, all private ASNs would be replaced by your own AS number (though your own AS number may be private, thereby losing the advantage of hiding the private AS).

What I'd like to be able to do is run ASN456 as a private ASN (as above -  and as will be in Production) and still be able to strip out all the  Private ASN information,

I do not quite understand this requirement. Isn't the remove-private-as all already performing this operation? Can you perhaps give an example of the AS_PATH manipulation you want to perform?

Thank you!

Best regards,

Peter

0 Helpful

milan.kulik
Level 10
Level 10

‎03-01-2013 05:23 AM

Hi,

quite surprising from me it works now with a mixture of private and public ASNs.

But it seems changed considerably since IOS 15.1(2)T, see:

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/configuration/15-sy/irg-remove-as.html#GUID-C2F8C088-6081-490E-AB56-02427BDC7EB9

for details.

BR,

Milan

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to milan.kulik

‎03-01-2013 05:30 AM

Hi Milan,

Yes, quite so! I have also been looking at the Command Reference and the changes in the default behavior are quite extensive.

http://www.cisco.com/en/US/docs/ios-xml/ios/iproute_bgp/command/bgp-m1.html#wp3558926523

Best regards,

Peter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card