BGP Local-AS

When configuring BGP, we usually use the "remote-as" command to specify the AS of the neighbor specified. The purpose of the "local-as" command is to spoof the neighbor router by advertising a different AS other than the real AS of the originating router. This command is very useful whenever there is an ISP merger, when one ISP purchases another. Let's say ISP1 purchases ISP 2 and wants it to belong to AS 12345. The customers of ISP2's routers should need to configure the new "remote-as" on their end because ISP2 will now be on AS12345. As a temporary solution, "local-as" command can be configured on the ISPs's router and still have a BGP adjancency without any changes on the customer side. To see how local-as functions, let's take the diagram below as an example.



Scenario: R2 used to belong to AS 250 and now is on AS 200.

First, let see what happens in the router is there is a "remote-as" mismatch on the neighbors.


R2#
*May 10 15:33:38.983: %BGP-3-NOTIFICATION: received from neighbor 192.168.12.1 2
/2 (peer in wrong AS) 2 bytes 00C8

This is because R1 is configured as "neighbor 192.168.12.2 remote-as 250" but R2 now belongs to AS 200. Lets configure "local-as" in R2.


R2#config t
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router bgp 200
R2(config-router)#neighbor 192.168.12.1 local-as 250
*May 10 15:39:02.931: %BGP-5-ADJCHANGE: neighbor 192.168.12.1 Up neighbor 192.168.12.1

Now, adjacency is up! R2 "spoofed" its AS by sending AS 250 instead of AS 200. There is an option you can add to the local-as command. The "no-prepend" command. Before adding the option lets check "show ip bgp" output.


*May 10 16:29:49.119: %BGP-5-ADJCHANGE: neighbor 192.168.12.2 Up
R1#sh ip bgp
BGP table version is 55, local router ID is 11.11.11.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 0.0.0.0 0 32768 i
*> 2.2.2.2/32 192.168.12.2 0 0 250 200 i
*> 3.3.3.3/32 192.168.12.2 0 250 200 300 i
*> 11.11.11.11/32 0.0.0.0 0 32768 i
*> 22.22.22.22/32 192.168.12.2 0 0 250 200 i
*> 33.33.33.33/32 192.168.12.2 0 250 200 300 i

R2#sh ip bgp
BGP table version is 63, local router ID is 22.22.22.22
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 192.168.12.1 0 0 250 100 i
*> 2.2.2.2/32 0.0.0.0 0 32768 i
*> 3.3.3.3/32 192.168.23.3 0 0 300 i
*> 11.11.11.11/32 192.168.12.1 0 0 250 100 i
*> 22.22.22.22/32 0.0.0.0 0 32768 i
*> 33.33.33.33/32 192.168.23.3 0 0 300 i

R3#sh ip bgp
BGP table version is 35, local router ID is 33.33.33.33
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 192.168.23.2 0 200 250 100 i
*> 2.2.2.2/32 192.168.23.2 0 0 200 i
*> 3.3.3.3/32 0.0.0.0 0 32768 i
*> 11.11.11.11/32 192.168.23.2 0 200 250 100 i
*> 22.22.22.22/32 192.168.23.2 0 0 200 i
*> 33.33.33.33/32 0.0.0.0 0 32768 i

We notice that in the AS path, we can see AS 250. Lets check the routers after adding the "no-prepend" option.


R2(config-router)#neighbor 192.168.12.1 local-as 250 no-prepend
R1#sh ip bgp
BGP table version is 63, local router ID is 11.11.11.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 0.0.0.0 0 32768 i
*> 2.2.2.2/32 192.168.12.2 0 0 250 200 i
*> 3.3.3.3/32 192.168.12.2 0 250 200 300 i
*> 11.11.11.11/32 0.0.0.0 0 32768 i
*> 22.22.22.22/32 192.168.12.2 0 0 250 200 i
*> 33.33.33.33/32 192.168.12.2 0 250 200 300 i

R2#sh ip bgp
BGP table version is 79, local router ID is 22.22.22.22
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 192.168.12.1 0 0 100 i
*> 2.2.2.2/32 0.0.0.0 0 32768 i
*> 3.3.3.3/32 192.168.23.3 0 0 300 i
*> 11.11.11.11/32 192.168.12.1 0 0 100 i
*> 22.22.22.22/32 0.0.0.0 0 32768 i
*> 33.33.33.33/32 192.168.23.3 0 0 300 i

R3#sh ip bgp
BGP table version is 39, local router ID is 33.33.33.33
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 192.168.23.2 0 200 100 i
*> 2.2.2.2/32 192.168.23.2 0 0 200 i
*> 3.3.3.3/32 0.0.0.0 0 32768 i
*> 11.11.11.11/32 192.168.23.2 0 200 100 i
*> 22.22.22.22/32 192.168.23.2 0 0 200 i
*> 33.33.33.33/32 0.0.0.0 0 32768 i

R1 is not affected by the command, but R2 and R3 are. We can now see, that the AS 250 path is no longer included in the AS path. That's the purpose of the "no-prepend" command option, to hide that local-as configured from the other ebgp peers/ There is a "sub-option" however, for the "no-prepend" commands and that is the "replace-as" command. Lets see what it does.


R2(config-router)#neighbor 192.168.12.1 local-as 250 no-prepend replace-as

R1#sh ip bgp
BGP table version is 47, local router ID is 11.11.11.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 0.0.0.0 0 32768 i
*> 2.2.2.2/32 192.168.12.2 0 0 250 i
*> 3.3.3.3/32 192.168.12.2 0 250 300 i
*> 11.11.11.11/32 0.0.0.0 0 32768 i
*> 22.22.22.22/32 192.168.12.2 0 0 250 i
*> 33.33.33.33/32 192.168.12.2 0 250 300 i

R2#sh ip bgp
BGP table version is 71, local router ID is 22.22.22.22
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 192.168.12.1 0 0 100 i
*> 2.2.2.2/32 0.0.0.0 0 32768 i
*> 3.3.3.3/32 192.168.23.3 0 0 300 i
*> 11.11.11.11/32 192.168.12.1 0 0 100 i
*> 22.22.22.22/32 0.0.0.0 0 32768 i
*> 33.33.33.33/32 192.168.23.3 0 0 300 i

R3#sh ip bgp
BGP table version is 31, local router ID is 33.33.33.33
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 192.168.23.2 0 200 100 i
*> 2.2.2.2/32 192.168.23.2 0 0 200 i
*> 3.3.3.3/32 0.0.0.0 0 32768 i
*> 11.11.11.11/32 192.168.23.2 f0 200 100 i
*> 22.22.22.22/32 192.168.23.2 0 0 200 i
*> 33.33.33.33/32 0.0.0.0 0 32768 i

This command somehow affects R1 only, and what it does is it replaces AS 200 with AS 250 on the AS path.

Comments

0 Responses to "BGP Local-AS"

Post a Comment

Certifications

Certifications

The Dreamer

A fun loving person who enjoys learning new things. Currently working as a Network Engineer supporting the global network of a Fortune 500 company. This blog serves as my notes for the labs I created for my CCIE journey. I can guarantee there are errors in my posts. If you spot them, please let me know.

Join my Facebook Page I WANT TO BE A CCIE

Donate to the Cause

My aim is to create materials for free and possibly a free lab. If you wish to help out, please send any amount. Thanks.

Join my Bandwagon

Blogs that I Read