BGP AS Override –
BGP’s one of many key loop prevention mechanism is to match the AS quantity within the AS path of the obtained BGP replace.
If the BGP AS-path attribute has the AS variety of the receiving router in then that BGP route shouldn’t be put in within the BGP routing desk.
This BGP characteristic although helpful for loop prevention can typically trigger points within the community (particularly for a giant enterprise spanning throughout a number of areas) the place a buyer has a number of websites unfold geographically, linked by some ISP and utilizing the identical AS quantity.
Associated – Prime BGP Interview Questions
On this case, the routes from one web site gained’t be accepted on the different web site because the AS quantity at each the websites is identical.
To beat this concern, BGP’s characteristic of AS Override shall be used.
We are going to perceive the characteristic utilizing beneath topology whereby 2 websites of a buyer shall be linked by an ISP.
SCENARIO 1:
Within the beneath diagram a loopback 1.1.1.1 is marketed from SITE A and this replace is forwarded by the ISP to buyer distant SITE B. Since each SITE A & B use the identical AS200 the route shall be rejected as soon as it’s obtained at SITE B as per the BGP loop prevention mechanism.
Diagram 1: AS OVERRIDE DISABLED
Configuration on PE2
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community each
exit-address-family
!
address-family ipv4 vrf ISP
neighbor 9.9.45.5 remote-as 200
neighbor 9.9.45.5 activate
exit-address-family
Standing codes: s suppressed, d damped, h historical past, * legitimate, > greatest, i – inner,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i – IGP, e – EGP, ? – incomplete
RPKI validation codes: V legitimate, I invalid, N Not discovered
Community Subsequent Hop Metric LocPrf Weight Path
Route Distinguisher: 4:4 (default for vrf ISP)
*>i 1.1.1.1/32 2.2.2.2 0 100 0 200 I >>>>>>>Route is put in right here
*> 5.5.5.5/32 9.9.45.5 0 0 200 I
We see that PE2 is promoting the route of 1.1.1.1 to CE-B at web site B however CE-B at web site B wont settle for that
Standing codes: s suppressed, d damped, h historical past, * legitimate, > greatest, i – inner,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i – IGP, e – EGP, ? – incomplete
RPKI validation codes: V legitimate, I invalid, N Not discovered
Community Subsequent Hop Metric LocPrf Weight Path
Route Distinguisher: 4:4 (default for vrf ISP)
*>i 1.1.1.1/32 2.2.2.2 0 100 0 200 i
Complete variety of prefixes 1
Verifying Desk at CE-B at Web site B and we gained’t see route for 1.1.1.1.
*> 5.5.5.5/32 0.0.0.0 0 32768 I
SCENARIO 2:
Within the beneath diagram the now we allow the AS OVERRIDE on the PE2 router. Now when any route obtained from SITE A is marketed to SITE B from PE2 as a substitute of getting AS path of “200, 100 “as prior to now the AS path would checklist 100,100.
When the route is obtained at SITE B it gained’t discover AS 200 within the AS path checklist and therefore would settle for the route (1.1.1.1 in our instance).
Diagram 2: AS OVERRIDE ENABLED
PE2(config-router)#address-family ipv4 vrf ISPPE2(config-router-af)#nei
PE2(config-router-af)#neighbor 9.9.45.5 as
PE2(config-router-af)#neighbor 9.9.45.5 as-override
Verification:
Now we’ll see the route within the routing desk on CE-B at web site B
Standing codes: s suppressed, d damped, h historical past, * legitimate, > greatest, i – inner,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i – IGP, e – EGP, ? – incomplete
RPKI validation codes: V legitimate, I invalid, N Not discovered
Community Subsequent Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 9.9.45.4 0 100 100 I >>>>>>>>>ISP over-writes its personal AS twice
*> 5.5.5.5/32 0.0.0.0 0 32768 I