[c-nsp] BGP Route Nailing & Reoriginatin

Oliver Boehmer (oboehmer) oboehmer at cisco.com
Wed Dec 6 03:01:52 EST 2006


origin doesn't change anything in this regard, it doesn't cause BGP to
advertise or not advertise the prefix, so it doesn't help you.
I don't see a clean solution where you can achieve both objectives,
except of not running BGP at all (as it was suggested). Can you
elaborate why you need/want to hide AS1? Why are they running BGP in the
first place if they don't want to see their AS on the Internet?

You can use a private-as and "remove-private as" to hide AS1, but it
will still cause a withdrawal when your link to AS1 dies. You could use
a floating static Null route in AS2 to keep the advertisement up, but I
don't think this will fully hide any instabilities. Why are you worried?
You could use aggressive BGP dampening on your border to R1 to hide
continuous instabilities..

If AS1 is using part of your address space, you could create an
aggregate and advertise this summary. 

	oli



cisco-nsp-bounces at puck.nether.net <> wrote on Wednesday, December 06,
2006 2:52 AM:

> Hi SA,
> 
> Confederation looks out for us because AS1/AS2 are run by
> seperate entities. "set origin" looks like a solution. But
> would it cause issues with the BGP between R1<->R2? Like for
> example R2 may treat 1.1.1/24 as it's "own" route and
> re-advertise back into R1 ?
> 
> 
> Thanks,
> 
> 
> ----- Original Message ----
> From: Shakeel Ahmad <shakeelahmad at gmail.com>
> To: Lawrence Wong <lawrencewong72 at yahoo.com>
> Cc: cisco-nsp at puck.nether.net
> Sent: Wednesday, December 6, 2006 3:20:20 AM
> Subject: Re: [c-nsp] BGP Route Nailing & Reoriginatin
> 
> 
> I just read somewhere we can use
> 
> set origin .... command in a route-map to alter the origin
> codes for incoming routes
> 
> So if this works (which it should) you need to configure a
> route-map on R2 to mend the origin code for prefixes 1.1.1/24
> & 2.2.2/4 and set it to igp...(someone please correct me here
> if i am wrong)
> 
> 
> thanks,
> SA
> 
> 
> On 12/5/06, Shakeel Ahmad <shakeelahmad at gmail.com> wrote:
> Umm i would do it like this  --- Two options (idealy i would
> go with second but not sure what your requirment is)
> 
> * Concidering you want BGP still running between R1 & R2
> 
> Use Conferdeation in between R1 & R2 with AS2 as
> Confederation Identifier so that AS3 only knows about AS2
> (two private AS can be used on R1 & R2 to hide in AS2
> identifer) .. Solves your issue !!!
> 
> * Concidering we don't want (or should'ny) run BGP in between R1 & R2
> 
> on R2/AS2 put static routes for 1.1.1.0/24 & 2.2.2.0/24
> towards R1 (There's no point of BGP running in between R1 &
> R2 in this case). Now in your BGP session at R2, advertise
> 1.1.1/24 & 2.2.2/24 via network statement. It'll solve the
> first issue.....and R3 will recieve 1.1.1/24 & 2.2.2/24 as originated
> by AS2 - 
> 
> 
> now points come to stop flapping , simply (also a best
> practice for both above) put these static routes on R2/AS2
> 
> ip route 1.1.1.0/24 Null 0 250
> ip route 2.2.2.0/24 Null 0 250
> 
> Remmember metric should be as lowest as possible and the
> subnet thrown on Null 0 should be as aggregated as possible.
> This will eventaully stop your flaps and routes will never
> disappear from AS3 and will always point back to AS2.
> 
> 
> hope this helps....
> 
> Shakeel Ahmad
> 
> 
> On 12/5/06, Lawrence Wong <lawrencewong72 at yahoo.com > wrote:
> Dear gurus,
> 
> I have an environment as follows:
> 
>        (R1 / AS1) <-> (R2 / AS2) <-> (R3 / AS3)
> 
> 
> R1 (router 1) has AS number 1 (AS 1) and advertises the
> routes 1.1.1.0/24 and 2.2.2.0/24 to R2 which inturn
> advertises to R3. All advertisement is done via eBGP.
> 
> Is it possible to configure R2 such that the routes
> 1.1.1.0/24 and 2.2.2.0/24 are advertised to R3 under AS2
> instead of AS1? At the same time, can R2 "nail" down the
> routes so that in the event the (physical & BGP) link between
> R1 and R2 is down, the route continues to be advertised to R3 (and
> under AS2)? 
> 
> The objective is to "hide" AS1 and also to prevent BGP
> dampening at R3 caused by flapping link between R1 & R2.
> 
> 
> TIA!
> 
> 
> 
> 
> 
> 
> ______________________________________________________________
> ______________________ Do you Yahoo!?
> Everyone is raving about the all-new Yahoo! Mail beta.
> http://new.mail.yahoo.com 
> 
> _______________________________________________
> cisco-nsp mailing list   cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> 
> 
> 
> ______________________________________________________________
> ______________________ Cheap talk?
> Check out Yahoo! Messenger's low PC-to-Phone call rates.
> http://voice.yahoo.com _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list