BGP AS-Path Prepending

BGP is rich in features that you can have more control than on what IGP's offer however, you can only have control on how the traffic leaves your autonomous system and can't really control how other autonomous systems reach you. Other AS'es might have BGP policies that route the traffic in a way you don't intend it to go. You don't have control over those because, its their autonomous systems after all. However, there are work arounds which allow, an autonomous system affect the other autonomous systems, one of this is called BGP AS-path prepending. It is basically adding additional AS-paths by repeating your own AS number. Consider the diagram below. (Click image for a bigger view) By looking at the diagram, if you are familiar with BGP, the AS-path the networks from R4 will take towards R1 will be AS4, AS3 and then AS1. If all the attributes are set to the default values, most likely the AS-path attribute will determine which path to take. The more desirable path in this scenario is AS4, AS3, AS2 and then AS1 for the reason that there is a 100mbps link connecting AS1 and AS2 which makes traffic forwarding more efficient. But remember, unlike IGP's, BGP doesn't take to account the bandwidth.

In this scenario we are in AS1 and we make AS2 the more desirable path for AS4 to reach us using AS-path prepending.



Checking on R4 we will see how it gets to R1.


R4#
*Jul 16 13:25:54.039: %SYS-5-CONFIG_I: Configured from console by console
R4#sh ip bgp
BGP table version is 11, local router ID is 34.34.34.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       34.34.34.3                             0 3 1 i
*> 4.4.4.4/32       0.0.0.0                  0         32768 i
*> 11.11.11.11/32   34.34.34.3                             0 3 1 i
*> 44.44.44.44/32   0.0.0.0                  0         32768 i


Just as we guessed, it would take AS3 then AS1 which is the shortest path based on BGP attributes. Now we will configure AS-prepending on R1 for R4 to take the AS3, AS2 then AS1 path.


R1(config)#route-map ASPREPEND permit 10          
R1(config-route-map)#set as-path prepend 1 1 1
R1(config)#route-map ASPREPEND permit 20


We made it 1 1 1 cause it would only 2 AS paths to reach R1 from R4 through R3. We will make that AS-path longer and less desirable. We will apply this route map we created to the neighborship peering between R1 and R3.


R1(config)#router bgp 1
R1(config-router)#neighbor 13.13.13.3 route-map ASPREPEND out


The reason its in the outbound direction because R1 is advertising the subnets. Let's clear the bgp process in R1 to make the changes. Then lets see what happened to the AS-path in R4.


R4#sh ip bgp
BGP table version is 13, local router ID is 34.34.34.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       34.34.34.3                             0 3 2 1 i
*> 4.4.4.4/32       0.0.0.0                  0         32768 i
*> 11.11.11.11/32   34.34.34.3                             0 3 2 1 i
*> 44.44.44.44/32   0.0.0.0                  0         32768 i


Ok, you can see the difference now, its now taking 3-2-1. This is because it received an advertisement from R3 about the best path. BGP only advertises the best path to a network to its neighbor. Since R3 is seeing the AS_Path going to R1 is longer, it now takes AS2 to get to R1. Lets see what happened to the BGP table after applying the route map.


R3#sh ip bgp
BGP table version is 13, local router ID is 23.23.23.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       23.23.23.2                             0 2 1 i
*                   13.13.13.1               0             0 1 1 1 1 i
*> 4.4.4.4/32       34.34.34.4               0             0 4 i
*> 11.11.11.11/32   23.23.23.2                             0 2 1 i
*                   13.13.13.1               0             0 1 1 1 1 i
*> 44.44.44.44/32   34.34.34.4               0             0 4 i


Three 1's were added to the AS_Path based on what we put on the route-map, so from the AS-path values, R3 will not go directly to R1 but will take R2 now instead.

Now what if we want traffic to 11.11.11.11 to take A3 directly and traffic to 1.1.1.1 take AS3 then AS2 from R4. We will create an access-list TAKER2 and modify the route-map to match the condition.


R1(config)#ip access-list extended TAKER2
R1(config-ext-nacl)#permit ip host 1.1.1.1 any

R1(config)#route-map ASPREPEND permit 10
R1(config-route-map)#match ip address TAKER2
R1(config-route-map)#set as-path prepend 1 1 1


Let's check what happened to R3


R3#sh ip bgp
BGP table version is 28, local router ID is 23.23.23.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       23.23.23.2                             0 2 1 i
*                   13.13.13.1               0             0 1 1 1 1 i
*> 4.4.4.4/32       34.34.34.4               0             0 4 i
*  11.11.11.11/32   23.23.23.2                             0 2 1 i
*>                  13.13.13.1               0             0 1 i
*> 44.44.44.44/32   34.34.34.4               0             0 4 i


Cool, you can see the difference with the ACL. Now 1.1.1.1 in R3 has prepend but 11.11.11.11 has no prepend. Finally, lets check R4.


R4#sh ip bgp
BGP table version is 27, local router ID is 34.34.34.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       34.34.34.3                             0 3 2 1 i
*> 4.4.4.4/32       0.0.0.0                  0         32768 i
*> 11.11.11.11/32   34.34.34.3                             0 3 1 i
*> 44.44.44.44/32   0.0.0.0                  0         32768 i


From R4 traffic to 1.1.1.1 will pass through AS2 but to 11.11.11.11 it will go directly to R3 then R1. Whew, kinda hard to explain. Enough is enough! Cheers! :)

Thursday, July 16, 2009 | Filed Under , , | 10 Comments

Comments

10 Responses to "BGP AS-Path Prepending"

Sai Linn Thu said... July 31, 2009 at 12:41 AM

What a top notch post! Keep it up Pete! Thank you...

Anonymous said... March 18, 2010 at 5:25 AM

Can you explain why R4-R3-R2-R1 would be the preferred path? It seems like R4-R3-R1 IS the optimal path because you aren't gaining any bandwidth...you're still traversing 2x 2mb links and just adding an extra hop to go over the 100mb link. I guess I'm not understanding why that path is better.

Pete said... March 18, 2010 at 8:13 AM

the preferred path by default is R4-R3-R1 based on BGP AS PATH Attribute. If we take a look at it from an IGP perspective, it is also considered the best path. What I am doing is showing how AS Prepending works but R4-R3-R1 is still the best path logically speaking if the bandwidth doesn't exceed 2 mbps.

What happens if people are accessing your networks and exceed 2mbps? You get inbound congestion and some traffic will be dropped. This is the time you create a policy or a route-map defining subnets so some traffic will pass through R4-R3-R2-R1, alleviating the load on the 2mbps link from R3-R1.

Pete said... March 18, 2010 at 8:14 AM

I should have made the link from R3 to R2 100mbps to avoid any confusion on the matter. :)

Mustafa Nassef said... February 7, 2012 at 7:57 PM

http://getcisco.blogspot.com/2012/02/many-ways-to-prepend-as-into-bgp-routes.html

watch this

Anonymous said... March 4, 2012 at 3:23 AM

We could somehow control how other AS's reach us. By other, we mean adjacent AS's. We could do this by MED.

Roha said... March 22, 2012 at 12:24 PM

great job ^^

good work.. said... December 20, 2012 at 11:07 AM

Good work.. did help me.

Anonymous said... April 11, 2013 at 3:26 AM

Good job Pete! Thanks for clarifying. The R4-R3-R2-R1 path was confusing me with the 2Mb link.

Anonymous said... June 5, 2013 at 11:36 AM

Nice post. Now I understand the function of AS-path. Thank you.

Post a Comment

Certifications

Certifications

The Dreamer

A fun loving person who enjoys learning new things. Currently working as a Network Engineer supporting the global network of a Fortune 500 company. This blog serves as my notes for the labs I created for my CCIE journey. I can guarantee there are errors in my posts. If you spot them, please let me know.

Join my Facebook Page I WANT TO BE A CCIE

Donate to the Cause

My aim is to create materials for free and possibly a free lab. If you wish to help out, please send any amount. Thanks.

Join my Bandwagon

Blogs that I Read