[c-nsp] AS-set usage
Tim Devries
tdevries at northrock.bm
Mon Nov 7 16:58:55 EST 2005
-----Original Message-----
From: James Jun
To: 'Tim Devries'; cisco-nsp at puck.nether.net
Sent: 11/7/05 5:07 PM
Subject: RE: [c-nsp] AS-set usage
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Tim Devries
> Sent: Monday, November 07, 2005 3:48 PM
> To: 'cisco-nsp at puck.nether.net'
> Subject: [c-nsp] AS-set usage
>
> Hi,
>
>
>
> I wondering if this list can settle a friendly dispute a co-worker and
I
> are
> having regarding the usage of the BGP command 'as-set' when
summarizing.
>
>
>
> Assuming I am AS X, this is the scenario for simplicity (i.e. AS X
also
> has
> other upstreams):
>
>
>
> AS X connects to AS Y, receives table and announces summary of
x.x.x.x/20
> upstream
>
>
>
> AS X allocates /24 of x.x.x.x/20 to customer AS Z
>
>
>
> AS Z then peers with us (AS X) as well as AS Y announcing /24 to both
>
>
>
> Z----Y
>
> | /
>
> X
>
>
>
> I am of the opinion here that since AS X is announcing the /20 summary
for
> that /24 it needs to also ensure it keeps the AS set intact in order
to
> prevent loops in BGP.
>
>
>The customer is announcing his own /24, which is more specific than your
>/20. As long as customer makes that advertise sourced from his ASN
>which is
>different from yours, loop-detection failure should not occur.
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094826
.shtml
If you look at the link I provided as an example, router C is in a different
AS than router B and A (which are announcing 160.10.0.0/16 AS200 and
160.20.0.0/16 AS100 respectively), while router C (AS300) is announcing to
router D (AS400) the aggregate 160.0.0.0/8. In the document it states that
because the as-set command is not in router C, "The aggregate route
160.0.0.0/8 is considered to have originated from AS-300 with origin code
IGP. The route has lost all the specific AS_PATH information of the
individual prefixes 160.10.0.0/16, of AS-200, and 160.20.0.0/16, of AS-100.
"
It then goes on to state "In any closed network, this aggregate information
propagates through BGP and back to one of the ASs that the as-set lists.
This propagation creates the possibility of a loop. The loop detection
behavior of BGP notes its own AS number in the as-set of the aggregate
update and drops the aggregate. This action prevents a loop. "
This seems to indicate that the as-set command is needed on my border
routers that are performing summarization. For example without the as-set
command my other peers would see the route only as a summary and all other
path information would be lost...?
Regards,
Tim
>James Jun
>IP Infrastructure & Technology Services
>TowardEX Technologies, Inc.
>WWW: http://www.towardex.com
>Email: james at towardex.com
>Office: +1 (617) 459-4051 Ext. 179
>Mobile: +1 (978) 394-2867
More information about the cisco-nsp
mailing list