| Previous | Table of Contents | Next |
AS_Path Manipulation
Considering RTF's BGP table, RTF has picked the direct path via AS1 to reach 192.68.11.0/24 because it is shorter. The following configuration shows how the AS_path information can be manipulated to make the AS_path longer by prepending AS path numbers. Considering figure 10-6, we will prepend two extra AS path numbers to the AS_path information sent from RTC to RTA to change RTF's decision about reaching 192.68.11.0/24.
RTC configuration:
router bgp 1
network 192.68.11.0
neighbor 172.16.20.2 remote-as 3
neighbor 172.16.20.2 route-map AddASnumbers out
neighbor 192.68.6.1 remote-as 2
no auto-summary
route-map AddASnumbers permit 10
set as-path prepend 1 1
The preceding configuration prepends two additional AS_path numbers 1 and 1 to the AS_path information sent from RTC to RTA. If you look at RTF's BGP table, you will see that RTF can now reach 192.68.11.0/24 via next hop 192.68.5.2—that is, via path 2 1. RTF will prefer this path because it is shorter than the direct path via AS1, which has a path information of 1 1 1.
RTF#sh ip bgp
BGP table version is 18, local router ID is 192.68.5.1
Status codes: s suppressed, d damped, h history, * valid, > best,
i - internal Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i172.16.1.0/24 172.16.2.254 0 100 0 i
*> 0.0.0.0 0 32768 i
* i172.16.10.0/24 172.16.2.254 20 100 0 i
*> 0.0.0.0 0 32768 i
* i172.16.65.0/26 172.16.2.254 20 100 0 i
*> 0.0.0.0 0 32768 i
* i172.16.220.0/24 172.16.2.254 0 100 0 i
*> 172.16.1.1 20 32768 i
*> 192.68.10.0 192.68.5.2 0 0 2 i
*> 192.68.11.0 192.68.5.2 0 2 1 i
* i 172.16.20.1 0 100 0 1 1 1 i
Using Private ASs
This example demonstrates how BGP can be configured to prevent the leakage of private AS numbers into the Internet. Consider figure 10-7; AS1 will prevent private AS number 65001 from being leaked to the Internet when BGP routes are propagated.
)
Figure 10-7 Stripping private AS numbers.
RTA configuration:
router bgp 65001
network 172.16.220.0 mask 255.255.255.0
neighbor 172.16.20.1 remote-as 1
no auto-summary
RTC configuration:
router bgp 1
network 192.68.11.0 mask 255.255.255.0
neighbor 172.16.20.2 remote-as 65001
neighbor 192.68.6.3 remote-as 7
neighbor 192.68.6.3 remove-private-AS
no auto-summary
Note how RTC is using the remove-private-AS keyword in its neighbor connection to AS7. The following output shows the BGP tables of RTC and RTE.
RTC#show ip bgp
BGP table version is 72, local router ID is 192.68.11.1
Status codes: s suppressed, d damped, h history, * valid, > best,
i - internal Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.220.0/24 172.16.20.2 0 0 65001 i
*> 192.68.11.0 0.0.0.0 0 32768 i
RTE#sh ip bgp
BGP table version is 245, local router ID is 192.68.30.1
Status codes: s suppressed, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.220.0/24 192.68.6.2 0 1 i
*> 192.68.11.0 192.68.6.2 0 0 1 i
Note that prefix 172.16.220.0/24 has an AS_path of 65001 in RTC's BGP table and an AS_path of 1 in RTE's BGP table. RTC has stripped the private AS path information when propagating the update to AS7.
| Previous | Table of Contents | Next |