Hi Laz ,
Superb .
Thank you so much .
Tanmoy
1 Like
Hi Rene,
Will AS Override work inbound, outbound or both ways? Meaning, will PE1 replace AS 12 with its own upon receiving the advertisement from CE1? Or when advertising the prefix to CE1? I guess this second case would only occur if there was no AS Override on PE2âŚ
Thanks,
LP
Hello Luis
The AS override will replace the AS number of the advertised route before sharing it with the CE1 router. In the lesson topology, PE1 will receive a route to 5.5.5.5 with an AS of 12. Before advertising it to CE1, it will replace the AS of 12 with an AS of 234. So from the PE1 point of view, this occurs in an outgoing direction. This will not take place when CD1 advertises 1.1.1.1 to PE1 with AS12 as the AS. Because AS 234 will accept such an AS, there is no need to change this on an incoming direction from the point of view of PE1.
I hope this has been helpful!
Laz
Hi,
When you see your own AS number in the AS path, we do not accept the prefix. This mechanism is fine for Internet routing but there are some other scenarios where this might be an issue.
Can you show how this is ok for internt routing ?
Thanks
Hello Sims
The default behaviour of BGP is that a BGP router will not accept a path to a destination that contains its own AS number. This mechanism is not only OK for the Internet, but it is absolutely necessary. Take a look at the following diagram:
Letâs say that R1 shares a route to destination D with R2 via eBGP. If that route includes AS4 in its path, R2 will not accept it and wonât put it in the BGP table. Why? Because this means that somewhere along the line, BGP has created a loop.
If R2 does put this in its routing table, then when R2 wants to reach destination D it will send such packets to the installed route, but those packets are destined to reenter AS4 at some point (since AS4 is in the path) resulting in a loop.
By not accepting paths that include the local AS, BGP prevents loops which is vital for correct Internet routing.
The lesson here however, indicates a situation where this feature can cause problems, in particular, in a VPN environment such as the one described in the lesson.
I hope this has been helpful!
Laz
Hi,
Thanks for the reply . I did understand about the loop but what about the second part of the question . How it is ok for internet routing
Thanks
Hello Sims
Rene mentions in the lesson that:
This mechanism is fine for Internet routing
However, I will go further in saying that this mechanism is not only fine but is absolutely necessary. The example I shared in the post describes this default behavior and demonstrates that it is necessary for use on the Internet. Otherwise, we would have many routing loops, and the Internet as a whole will slow down considerably.
When Rene says âitâs fineâ for the Internet, he means that it works just fine simply because that is the expected, but also the required behavior.
I hope this has been helpful!
Laz
My other question is, why is BPG the preferred choice of routing between CE to PE? I understand many enterprise customers donât have public ASNâs, does the service provider provide their customers with private ASNâs? or how does it work? what can the service provider do to make sure they donât advertise the customerâs private ASN to another external tier 1 service providers?
Hello Walter
BGP as a routing protocol is a preferred choice for the edge network of enterprises in general, regardless of what the WAN technology being used is. This is because BGP has advantages such as dual and multihomed topologies as well as route advertisement options not made available through other routing protocols.
Now having said that, remember that MPLS is not a technology that typically connects users to the Internet, but interconnects multiple branch sites together. In such a scenario you donât need public ASNs to function. You can use your own ASN, but in most cases, you coordinate with the MPLS service provider for what ASN to use for your particular locations. This is because the MPLS provider will also be using private ASNs and you must make sure that youâre not duplicating ASNs in the MPLS network.
I hope this has been helpful!
Laz
1 Like
How can i filter and donât advertise to same asn in a different site if i am receiving the prefix from same asn from other site ??, i dont want to give those prefixes as an ISP to CE even if the customer is configured the allow as in .
Hello Narad
The purpose of not accepting a prefix via eBGP if it belongs to your own AS is to prevent loops. This is the default behavior. You can override this using the commands shown in the lesson.
Now having said that, if you as an ISP want to filter out some prefixes that are advertised to CE devices, you can always do this using the various filtering techniques shown in Unit 5 of the BGP course. But as an ISP, you donât want to do that because you want the customer to be able to advertise whatever they want to their other sites. Otherwise, you would be messing with their internal routing, and I canât think of a situation where you as an ISP would want to do that.
Now keep in mind that this scenario is valid only for situations where you are running eBGP between the CE and PE devices. If youâre using an IGP such as EIGRP or OSPF, this situation would not come upâŚ
I hope this has been helpful!
Laz
Any situation in MPLS L3VPN scenario where as-override can be harmful when used between BGP PE-CE routing?
Hello Muhammad
One of BGPâs loop prevention mechanisms is to deny the installation of a route that contains a routerâs own AS in the AS-PATH. This is very effective on networks such as the Internet. Using the as-override feature in such a case can be disastrous!
However, within a controlled private network, such as an MPLS network that a single ISP manages, the use of as-override is quite safe. This is because a typical MPLS network has one or more centralized core ASes from which customer ASes hang off of. This is kind of like a tree structure, where the core ASes are the roots. In such a topology, there is no case where you would have a series of ASes in a loop arrangement.
As a result, using the as-override is safe in such an environment.
I hope this has been helpful!
Laz
1 Like
Hi
I am able to see the 2.2.2.2 routes in âNOIDA_TCL_4â Routerâs routing table &
I am able to see the 4.4.4.4 routes in âACH_TCL_2â Routerâs routing table
But unable to ping to each other.
Trace is dropping in PE router.
Sharing the PE router configuration in the attached Pic.
Hello Pratik
You must make sure that the source of your ping is the loopback address of the CE router. As shown in the lesson as well, the pings are sourced from loopback 0 on the CE1 router and are destined for the 5.5.5.5 destination, which is the loopback on CE2.
If you just ping or traceroute, the router will use the IP address of the Gi0/0 interface, which is, in your topology, 10.124.2.78. However, your ACH_TCL_2 router doesnât know how to reach the 10.124.2.76/30 subnet, so the ping/traceroute fails at your PE router.
Issue the following command at your NOIDA_TCL_4 router:
NOIDA_TCL_4#ping 2.2.2.2 source loopback 0
Let us know how you get along!
I hope this has been helpful!
Laz
Thanks Team, It has been resolved after replacing the IOS in the EVE-NG.
Configuration was correct because of routers already placed in both routers
Hello Pratik
Great news! Thanks for letting us know!
Laz