Solved: eBGP will not learn routes with same AS in path: what do I do ?

mcroft · ‎04-26-2013

Hi,

I am trying to think of an alternitive solution to get around this BGP RULE:

• Paths from an external BGP (eBGP) neighbor if the local autonomous system (AS) appears in the AS_PATH

Such paths are denied.

My scenario is as follows:

I have two routers in my AS-1234. Each router is connected to a WAN Provider, AS-5678

I want to adverise my network out (1.1.1.0/24) to the provider, so if the internal (iBGP) link is broke - the providers network will route traffic to 1.1.1.0/24 via Router B. Obviously this won't work because I cannot learn eBGP routes with my AS number in the path.

Other than creating a GRE tunnel (yuk!), do I have any other options here ?

any adive/suggestion appreciated.

Many thanks

Matt

Jon Marshall · ‎04-26-2013

You can use one the following BGP options to achieve this - as-override or allowas-in. To see which one fits better see this link -

http://ccieblog.co.uk/bgp/bgp-as-override-vs-allow-as-in

Jon

View solution in original post

cadet alain · ‎04-26-2013

Hi,

ok I understand better, to circumvent the AS_PATH loop prevention ,you can use this command on router B:

router bgp 1234

neighbor 10.1.1.2 allow as-in

But why don't you just put a backup link between router a and router B and do your iBGP peering with loopbacks, this way if one link fails the BGP session won't be torn down but will use the second link and router B will still know about 1.1.1.1 via iBGP.

Regards

Alain

Don't forget to rate helpful posts.

View solution in original post

cadet alain · ‎04-26-2013

Hi,

So you want a failover solution and the provider to route traffic to 1.1.1.1 via router A but if link to ISP is down you want them to use router B ?

So for this you can use AS_PATH prepending: you gonna make router A the preferred path and router B the least prefered by prepending your AS number multiple times when sending the prefix advertisement through router B to ISP.

example config on router B:

ip prefix-list PREPEND permit 1.1.1.0/24

route-map PREPEND permit 10

match ip address prefix-list PREPEND

set as-path prepend 1234 1234 1234

router bgp 1234

neighbor 10.1.1.2 remote-as 5678

neighbor 10.1.1.2 route-map PREPEND out

Regards

Alain

Don't forget to rate helpful posts.

mcroft · ‎04-26-2013

thanks for the repsonse Alain,

I may have not been too clear. Sorry ....

I am looking for a failover solution for when the Internal iBGP link goes down (from Router A to Router B). This won't work, becase I cannot learn routes from the WAN provider with my own AS in the path.

This make sense ?

Cheers

Jon Marshall · ‎04-26-2013

You can use one the following BGP options to achieve this - as-override or allowas-in. To see which one fits better see this link -

http://ccieblog.co.uk/bgp/bgp-as-override-vs-allow-as-in

Jon

cadet alain · ‎04-26-2013

Hi,

ok I understand better, to circumvent the AS_PATH loop prevention ,you can use this command on router B:

router bgp 1234

neighbor 10.1.1.2 allow as-in

But why don't you just put a backup link between router a and router B and do your iBGP peering with loopbacks, this way if one link fails the BGP session won't be torn down but will use the second link and router B will still know about 1.1.1.1 via iBGP.

Regards

Alain

Don't forget to rate helpful posts.

mcroft · ‎04-26-2013

Hi Guys,

thanks for the ideas, great stuff.

p.s I am unable to put a secondary link between the iBGP peers, as they are phyically different locations. (big wan cost)

However, I will try the "allowas in" command. so long as the WAN provider do not have a route-map in place to prevent this -the command should get this to work.

Thank again.

matt

mcroft · ‎04-26-2013

Works like a charm.

thanks again