Manipulating the AS Path

Within Junos several tools are available to manipulate the AS Path, which can be useful when BGP is deployed as a PE to CE routing protocol across multiple VPN sites. Due to the built in loop prevention mechanisms of BGP a VPN site announcing a BGP route into a VRF may cause an AS loop to be detected if the route is advertised into the same AS number again in another VPN site. In order to overcome this limitation several features are available in Junos.

AS Override

AS Override is used by a BGP speaker (normally a PE router) to replace a remote AS number with the AS number of the local router receiving the route. The route is then advertised further downstream with two AS numbers in the path that are identical. This feature is often used in MPLS networks that are providing connectivity to a single AS that is distributed geographically across multiple VPN sites.

Depending on the requirements AS Override can be configured under the BGP global configuration, group configuration or neighbour configuration. The following configuration is an example of the group configuration overriding the remote AS of 2 with the local AS of 1.

protocols {
bgp {
group ASN1 {
neighbor 1.1.1.2 {
local-address 1.1.1.1;
family inet {
unicast;
}
as-override;
peer-as 2;
}
}
}
}

AS Loops

AS Loops is another approach that can be used to overcome the limitations of AS path loops when multiple VPN sites are announcing BGP routes from the same AS. The feature allows a CE device to accept a BGP route that has been advertised with the CE routers’ local AS in the path.

The following example demonstrates how the AS loops function is configured on the CE router. The command will instruct the CE to receive routes with its local AS in the path x amount of times.

protocols {
bgp {
group ASN2 {
neighbor 1.1.1.1 {
local-address 1.1.1.2;
family inet {
unicast;
}
autonomous-system loops 1;
peer-as 1;
}
}
}
}

Configuration is also required on the PE router, to allow the PE to announce a BGP route to a neighbour that is already in the AS path.

protocols {
bgp {
group ASN1 {
neighbor 1.1.1.2 {
local-address 1.1.1.1;
family inet {
unicast;
}
advertise-peer-as;
peer-as 2;
}
}
}
}

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s