Another one:
R1, R5 and R6 are CE routers all belong to the same BGP autonomous
system AS65156 while R2, R3 and R4 are service provider PE’s belong to AS65000.
All CE’s are connected in MPLS VPN, start topology, to the SP network in VRF
named CE1.
All 192.168.xx.0/24 networks which are advertised by R1, R5
and R6 won’t be learned by each other due to AS-PATH loop-prevention
mechanism which doesn’t allow BGP peer to learn a prefix with his own AS
in the AS-PATH.
We can see from the packet
capture that R2 (1) is sending to R1 (2) a BGP update message (3) with AS-PATH
65000 65156 (4) for networks 192.168.61.0/24 and 192.168.51.0/24 (5).
R1 in return discard these
networks because he sees his AS number in the AS-PATH.
R1:
R1#show ip route
Codes: C - connected, S -
static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route
Gateway of last resort is not
set
C 192.168.11.0/24 is directly connected,
Loopback1
10.0.0.0/24 is subnetted, 3 subnets
C 10.1.12.0 is directly connected, FastEthernet0/0
B 10.1.46.0 [20/0] via 10.1.12.2, 08:07:12
B 10.1.35.0 [20/0] via 10.1.12.2, 08:07:12
Now we can overcome this
issue by configuring allow-in in each of the CE routers (Customer side
solution) or we can configure as-override on the PE’s (SP solution side) which
basiclly takes the customer AS and convert it to his AS, in our case, instruct the
PE’s to convert AS65156 to AS65000 for every network prefix they send to their neighbors.
R2:
R2(config)#router bgp 65000
R2(config-router)#address-family
ipv4 vrf CE1
R2(config-router-af)#neighbor
10.1.12.1 as-override
The result, as we can see in
the pacekt capture:
R2 (1) is sending to R1 (2) a
BGP update message (3) with AS-PATH 65000 65000 (4) for networks 192.168.61.0/24
and 192.168.51.0/24 (5).
And now R1 sees his other CE
members networks:
R1# show ip route
Codes: C - connected, S -
static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route
Gateway of last resort is not
set
B 192.168.61.0/24 [20/0] via 10.1.12.2,
00:04:54
C 192.168.11.0/24 is directly connected,
Loopback1
10.0.0.0/24 is subnetted, 3 subnets
C 10.1.12.0 is directly connected,
FastEthernet0/0
B 10.1.46.0 [20/0] via 10.1.12.2, 00:04:54
B 10.1.35.0 [20/0] via 10.1.12.2, 00:04:54
B 192.168.51.0/24 [20/0] via 10.1.12.2,
00:04:54
Note that the as-override
command will be avliable only for IPv4 VRF address family neighbors (MP-BGP),
we can’t use this feature when working with normal BGP neighbors.
No comments:
Post a Comment