07-13-2021 06:32 AM
I have two ASNs registered under two different entities but belonging to my company. One ASN is in ARIN and the other one is in APNIC. I have recently signed up for co-location services with a Datacenter. I want to advertise both the ASNs and I know I will need two BGP routers for the two ASNs. The Datacenter will provide me a Internet Bandwidth uplink which I want to terminate on both the routers. My question is whether it is possible to do so or I will need two different uplinks for the two routers. One of the network guys from the Datacenter told me that I can have single uplink for both ASNs by defining one of the ASNs as the primary ASN and the second one as the secondary ASN and setup setup BGP routing with the single uplink. I want to know which if this is possible or not. What would be the correct approach for this? I need both the ASNs as I need to use the IP blocks of both ASNs to be used for my servers. Any help is appreciated.
- Nitesh
07-13-2021 06:55 AM - edited 07-13-2021 06:56 AM
Hello @nitaish ,
if you plan to use two routers I would suggest you to go for two uplinks to have two separated Fault domains.
If using a single link to the datacenter you will have a single point of faliure on the link itself.
It is possible to save one router in this scenario using the
neighbor .... local-as command.
With the local AS feature a router that belongs to ASN#1 can pretend to be part of ASN#2 towards a specific eBGP neighbor.
Note: I'm not sure that you can at the same time have a standard eBGP session and a session using local-as towards the same eBGP peer.
To complete the solution you will need route-maps performing route filtering so that IP prefixes of ASN#1 are only advertised on the standard eBGP session and IP prefixes of ASN#2 are only advertised towards the eBGP peer where you use the local-as feature.
To be noted these route-maps are applied per neighbor IP address so from this the need to use two different IP addresses on the DC side
On the side of DC provider it can use a secondary address or two VLAN tagged subinterfaces to provide two eBGP peers to your device.
>> I have recently signed up for co-location services with a Datacenter. I want to advertise both the ASNs and I know I will need two BGP routers for the two ASNs
Here, it depends on the data center if it has two VLANs for peering you could use a single router as explained above. O f course it becomes a single point of faliure.
>> One of the network guys from the Datacenter told me that I can have single uplink for both ASNs by defining one of the ASNs as the primary ASN and the second one as the secondary ASN and setup setup BGP routing with the single uplink
Partially true as explained above with local AS feature you can pretend to be in ASN#1 and ASN#2 but the route filtering that happens per neighbor IP address will require two different peer addresses on the DC Side.
Hope to help
Giuseppe
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide