BGP AS-Paths

-

BGP AS-Path Prepending

BGP is rich in features that you can have more control than on what IGP's offer however, you can only have control on how the traffic leaves your autonomous system and can't really control how other autonomous systems reach you. Other AS'es might have BGP policies that route the traffic in a way you don't intend it to go. You don't have control over those because, its their autonomous systems after all. However, there are work arounds which allow, an autonomous system affect the other autonomous systems, one of this is called BGP AS-path prepending. It is basically adding additional AS-paths by repeating your own AS number. Consider the diagram below. (Click image for a bigger view) By looking at the diagram, if you are familiar with BGP, the AS-path the networks from R4 will take towards R1 will be AS4, AS3 and then AS1. If all the attributes are set to the default values, most likely the AS-path attribute will determine which path to take. The more desirable path in this scenario is AS4, AS3, AS2 and then AS1 for the reason that there is a 100mbps link connecting AS1 and AS2 which makes traffic forwarding more efficient. But remember, unlike IGP's, BGP doesn't take to account the bandwidth.

In this scenario we are in AS1 and we make AS2 the more desirable path for AS4 to reach us using AS-path prepending.



Checking on R4 we will see how it gets to R1.

R4#
*Jul 16 13:25:54.039: %SYS-5-CONFIG_I: Configured from console by console
R4#sh ip bgp
BGP table version is 11, local router ID is 34.34.34.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       34.34.34.3                             0 3 1 i
*> 4.4.4.4/32       0.0.0.0                  0         32768 i
*> 11.11.11.11/32   34.34.34.3                             0 3 1 i
*> 44.44.44.44/32   0.0.0.0                  0         32768 i


Just as we guessed, it would take AS3 then AS1 which is the shortest path based on BGP attributes. Now we will configure AS-prepending on R1 for R4 to take the AS3, AS2 then AS1 path.

R1(config)#route-map ASPREPEND permit 10          
R1(config-route-map)#set as-path prepend 1 1 1
R1(config)#route-map ASPREPEND permit 20


We made it 1 1 1 cause it would only 2 AS paths to reach R1 from R4 through R3. We will make that AS-path longer and less desirable. We will apply this route map we created to the neighborship peering between R1 and R3.

R1(config)#router bgp 1
R1(config-router)#neighbor 13.13.13.3 route-map ASPREPEND out


The reason its in the outbound direction because R1 is advertising the subnets. Let's clear the bgp process in R1 to make the changes. Then lets see what happened to the AS-path in R4.

R4#sh ip bgp
BGP table version is 13, local router ID is 34.34.34.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       34.34.34.3                             0 3 2 1 i
*> 4.4.4.4/32       0.0.0.0                  0         32768 i
*> 11.11.11.11/32   34.34.34.3                             0 3 2 1 i
*> 44.44.44.44/32   0.0.0.0                  0         32768 i


Ok, you can see the difference now, its now taking 3-2-1. This is because it received an advertisement from R3 about the best path. BGP only advertises the best path to a network to its neighbor. Since R3 is seeing the AS_Path going to R1 is longer, it now takes AS2 to get to R1. Lets see what happened to the BGP table after applying the route map.

R3#sh ip bgp
BGP table version is 13, local router ID is 23.23.23.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       23.23.23.2                             0 2 1 i
*                   13.13.13.1               0             0 1 1 1 1 i
*> 4.4.4.4/32       34.34.34.4               0             0 4 i
*> 11.11.11.11/32   23.23.23.2                             0 2 1 i
*                   13.13.13.1               0             0 1 1 1 1 i
*> 44.44.44.44/32   34.34.34.4               0             0 4 i


Three 1's were added to the AS_Path based on what we put on the route-map, so from the AS-path values, R3 will not go directly to R1 but will take R2 now instead.

Now what if we want traffic to 11.11.11.11 to take A3 directly and traffic to 1.1.1.1 take AS3 then AS2 from R4. We will create an access-list TAKER2 and modify the route-map to match the condition.

R1(config)#ip access-list extended TAKER2
R1(config-ext-nacl)#permit ip host 1.1.1.1 any

R1(config)#route-map ASPREPEND permit 10
R1(config-route-map)#match ip address TAKER2
R1(config-route-map)#set as-path prepend 1 1 1


Let's check what happened to R3

R3#sh ip bgp
BGP table version is 28, local router ID is 23.23.23.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       23.23.23.2                             0 2 1 i
*                   13.13.13.1               0             0 1 1 1 1 i
*> 4.4.4.4/32       34.34.34.4               0             0 4 i
*  11.11.11.11/32   23.23.23.2                             0 2 1 i
*>                  13.13.13.1               0             0 1 i
*> 44.44.44.44/32   34.34.34.4               0             0 4 i


Cool, you can see the difference with the ACL. Now 1.1.1.1 in R3 has prepend but 11.11.11.11 has no prepend. Finally, lets check R4.

R4#sh ip bgp
BGP table version is 27, local router ID is 34.34.34.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.1/32       34.34.34.3                             0 3 2 1 i
*> 4.4.4.4/32       0.0.0.0                  0         32768 i
*> 11.11.11.11/32   34.34.34.3                             0 3 1 i
*> 44.44.44.44/32   0.0.0.0                  0         32768 i


From R4 traffic to 1.1.1.1 will pass through AS2 but to 11.11.11.11 it will go directly to R3 then R1.

Comments

Post a Comment

Popular posts from this blog

REVERSE TELNET ON AUX PORT

-
  Requirement :   Need   to   configure   reverse telnet   via   AUX   port. Connect one router's aux port to another device's console port, and telnet to the router.Use reverse telnet to connect to the other device's console via your aux port   Setup   :   Here's how to set it up. 1.       Connect your router's aux port to another device's console port using a Cisco flat crossover cable. 2.       Telnet to your router, enable, and set the aux port up as follows:   R1#conf t R1(config)# line aux 0 R1(config-line)# modem InOut R1(config-line)# transport preferred all R1(config-line)# transport input all R1(config-line)# transport output all R1(config-line)# end 3.       Make sure you have an address on your lo0 interface, and the interface is up. R1#conf t R1(config)#int   lo0 R1(config-if)#ip   add   127.0.0.1 255.255.255.0 Execution : 1)       Come back in enable mode, find out the line number of your AUX port with “show   line”. It will look something l
Read more

Disabling Unneeded Services

-
Step 1: Configure the Physical Interface Because this lab uses only one router, you will simulate an active FastEthernet connection by activating the interface and applying the no keepalive command to initiate an “always up” state, regardless of the existence of a device at the remote end. Normally, you would not use the no keepalive command on a routed interface, except in special circumstances. In this lab, you will use it only for simulation purposes. Configure the R1 physical interface using the IP address shown in the topology diagram. Use the no keepalive command in interface configuration mode, and then use the no shutdown command to activate the interface. Because you have disabled keepalives, the interface status displays as link state (Layer 1) and line protocols state (Layer 2) “up,” even if it is not connected to an external device. R1(config)# interface fastethernet0/0 R1(config-if)# ip address 192.168.10.1 255.255.255.0 R1(config-if)# no keepalive R1(config-if)# no s
Read more