BGP Private and Public AS Range

Lessons Discussion
16

Hello David

That’s an excellent question. First of all, let me just mention that it is possible for an enterprise to have purchased public IP addresses and to advertise those addresses using BGP, while at the same time maintaining a private AS at the edge of the network. This would have to be done in close coordination with the ISP. Specifically:

  1. The enterprise leases a block of public IP addresses from the ISP.
  2. The ISP assigns a private ASN to the enterprise.
  3. The enterprise uses BGP to advertise these IP addresses to the ISP using a BGP session with the ISP’s router.
  4. On the ISP’s side, the BGP session would be established with the enterprise’s private ASN. The ISP will then “strip” this private ASN when advertising the routes to the public Internet, replacing the private AS number with its own public ASN. Thus the ISP becomes the destination AS for the enterprise’s public IPs.

This setup allows the enterprise to manage its public IP space and control how traffic flows to and from its network while allowing the ISP to take care of the BGP peering on the public internet.

However, in this setup, the enterprise won’t be able to perform certain BGP functions, such as multi-homing with different ISPs, without coordination from its ISP. This is because it does not own the public ASN and cannot directly control how routes are advertised to the rest of the internet.

Now on to your specific question. What is the benefit of using a private ASN and private IP addresses if you have no public addresses to advertise? Well, there are still some advantages and these are listed below:

  1. Even with a private ASN, an enterprise can still achieve multi-homing to multiple ISPs for redundancy and failover. BGP can be used to manage the failover process for outgoing traffic.
  2. BGP may be used internally by the enterprise for implementations of MPLS VPNs, or traffic engineering, and in such cases, BGP and private ASNs are still necessary.
  3. Complex network topologies often require BGP even if you’re not advertising to the Internet at large. This may be needed for extensively large networks, or in order to manage IP address spaces more efficiently.

So there are reasons to employ BGP and private ASNs even if you’re not advertising public addresses that you may own.

I hope this has been helpful!

Laz