Showing results for 
Search instead for 
Did you mean: 

AS-Override in MPLS L3VPN


Why to use as-override ?

When using BGP as the CE-PE routing protocol in MPLS VPNs usually enterprise customers have two choices

1. Use different BGP AS number on every site from the private pool.

2. Use same BGP AS number on ever site.

Most commonly used method is number 2 because then the customer doesn't have to track all the AS numbers already used in the network.

Now, when you use the same AS number on every site routing will not be exchanged between sites because the local CE will see its own AS number coming in the BGP AS_PATH attribute and the route will be rejected.

Following message is seen when you do a debug on the CE router:

BGP(0): rcv UPDATE about -- DENIED due to: AS-PATH contains our own AS;

The solution is to use "as-override" on the PE routers.

How to configure as-override ?

It is configured per neighbor and is an address-family sub config mode

router bgp 1


address-family ipv4 vrf customer

neighbor remote-as 2

neighbor activate

neighbor as-override


What as-override does ?

When configured per neighbor, the PE router does a check that will look at the BGP AS_PATH attribute and if it finds an AS number which is same as the one configured with "remote-as" command it replaces that AS number with its own AS-number.

But if the as-path doesn't contain the same "AS" as the one configured with the "remote-as" command then it doesn't replace that AS.


Looking at the above configuration example:

Actual AS-PATH

1 2


1 1

Actual AS-PATH

1 3


1 3

Cisco Employee

Adding to This there is one more way We can use the same AS on all the sites .

command neighor allowas-in

Configuration is quite simple.

router bgp 1


neighbor remote-as 2

neighbor activate

neighbor allowas-in 1

The allowas-in command permits multiple occurrences of the same AS  in the as-path as the AS of the BGP speaker without BGP denying the route. The number you can configure is from 1 to 10, specifying the number of times that the AS is allowed in the as-path.

Key difference between the two command is that  Allowas-in allows the loop prevention to be ignored for the configured amount of instances, and the as-override causes the routers to modify the AS_PATH.

Using these two commands you can cheat AS Path criteria in BGP



I use it. I see the route can install in the routing table but I can't ping, how should I do?


My Topology:

PE1 vrf A - PE2 with as-override - PE1 vrf B - PE3 vrf B - CE destination


Thank you very much.

Content for Community-Ad

This widget could not be displayed.