[c-nsp] Ignoring BGP routes whose origin is own AS
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Tue Mar 7 02:44:51 EST 2006
Rick Kunkel <mailto:kunkel at w-link.net> wrote on Tuesday, March 07, 2006
8:34 AM:
> Thanks very much. As far as I could tell, the mystery was starting
> to lie in why it worked before. And I had no such command in there
then...
This is a good question. If this was an L3VPN, the ISP might have used
as-override to replace your AS with his before sending it to you, but if
this was a "regular" Internet connection, I wonder how it worked before.
> One other question... Do most other people use the allowas-in
> command, or do they simply rely on the fact that they've got a more
reliable
> NOC-NOC set of connections?
I feel you should prevent your own ASN to become partitioned under all
circumstances. For a simple NOC setup with only a few routes being
advertised, you could do allowas-in and configure some addtl. input
filters to perform "manual loop detection", i.e. you only accept your
NOC routes within your own ASN. But you could also use a simple
default-route towards the Internet and don't worry.. But I let others
comment if and how allowas-in is being used in Internet environments..
oli
More information about the cisco-nsp
mailing list