Understanding BGP AS-OVERRIDE Feature

BGP’s one of the key loop prevention mechanism is to match the AS number in the AS path of the received BGP update. If the BGP AS path attribute has the AS number of the receiving router in then that BGP route is not installed in the BGP routing table.

This BGP feature though useful for loop prevention can sometimes cause issues in the network (especially for a big enterprise spanning across multiple locations) where a customer has multiple sites spread geographically, connected by some ISP and using the same AS number. In this case the routes from one site won’t be accepted at the other site as the AS number at both the sites is same.

To overcome this issue, BGP’s feature of AS-Override will be used.

We will understand the feature using below topology wherein 2 sites of a customer will be connected through an ISP.

 

Scenario 1:

In the below diagram a loopback 1.1.1.1 is advertised from SITE A and this update is forwarded by the ISP to customer remote SITE B. Since both SITE A & B use the same AS200 the route will be rejected once it is received at SITE B as per the BGP loop prevention mechanism.

Diagram 1: AS-OVERRIDE DISABLED





Configuration on PE2 :

PE2#sh runn | s r bgp

router bgp 100

bgp log-neighbor-changes

no bgp default ipv4-unicast

neighbor 3.3.3.3 remote-as 100

neighbor 3.3.3.3 update-source Loopback0

!

address-family ipv4

exit-address-family

!

address-family vpnv4

neighbor 3.3.3.3 activate

neighbor 3.3.3.3 send-community both

exit-address-family

!

address-family ipv4 vrf ISP

neighbor 9.9.45.5 remote-as 200

neighbor 9.9.45.5 activate

exit-address-family

PE2#sh ip bgp vpnv4 vrf ISP

BGP table version is 8, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,

r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,

x best-external, a additional-path, c RIB-compressed,

Origin codes: i – IGP, e – EGP, ? – incomplete

RPKI validation codes: V valid, I invalid, N Not found

Network          Next Hop            Metric           LocPrf     Weight    Path

Route Distinguisher: 4:4 (default for vrf ISP)

*>i 1.1.1.1/32       2.2.2.2                  0            100          0              200 I   >>>>>>>Route is installed here

*>  5.5.5.5/32         9.9.45.5              0                            0              200 I

We see that PE2 is advertising the route of 1.1.1.1 to CE-B at site B but CE-B at site B wont accept that

PE2#sh ip bgp vpnv4 vrf ISP neighbors 9.9.45.5 advertised-routes

BGP table version is 8, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,

r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,

x best-external, a additional-path, c RIB-compressed,

Origin codes: i – IGP, e – EGP, ? – incomplete

RPKI validation codes: V valid, I invalid, N Not found

Network          Next Hop            Metric    LocPrf    Weight        Path

Route Distinguisher: 4:4 (default for vrf ISP)

*>i 1.1.1.1/32       2.2.2.2           0            100          0               200 i

Total number of prefixes 1

Verifying Table at CE-B at Site B and we won’t see route for 1.1.1.1.

CE-B#sh ip bgp

Network          Next Hop            Metric   LocPrf   Weight    Path

*>  5.5.5.5/32       0.0.0.0                  0                   32768       I

 

Scenario 2:

In the below diagram the now we enable the AS-OVERRIDE at the PE2 router. Now when any route received from SITE A is advertised to SITE B from PE2 instead of having AS path of “200, 100 “as before now the AS path would list 100,100.

When the route is received at SITE B it won’t find AS 200 in the AS path list and hence would accept the route (1.1.1.1 in our example).

Diagram 2: AS-OVERRIDE ENABLED

Here we enable as-override under BGP on PE2

PE2(config-router)#address-family ipv4 vrf ISP

PE2(config-router-af)#nei

PE2(config-router-af)#neighbor 9.9.45.5 as

PE2(config-router-af)#neighbor 9.9.45.5 as-override

Verification:

Now we will see the route in the routing table on CE-B at site B

CE-B#sh ip bgp

BGP table version is 5, local router ID is 5.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,

r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,

x best-external, a additional-path, c RIB-compressed,

Origin codes: i – IGP, e – EGP, ? – incomplete

RPKI validation codes: V valid, I invalid, N Not found

Network          Next Hop            Metric LocPrf   Weight    Path

*>  1.1.1.1/32       9.9.45.4           0                                  100 100 I   >>>>>>>>>ISP over-writes its own AS twice

*>  5.5.5.5/32       0.0.0.0                0               32768      I




Please follow and like us:

Related Post

Comments

comments

Add a Comment