[c-nsp] as-override
Peter Rathlev
peter at rathlev.dk
Mon Apr 14 18:37:48 EDT 2008
On Mon, 2008-04-14 at 10:25 +0100, Gary Roberton wrote:
> I am only trying to replace the AS as the one being advertised by R1
> is used again by another part of the network. i.e. R5 also uses the
> same AS number. I need my network to be advertised through to R5 and
> R5 would drop the updates if it saw its own AS number inthe path,
> therefore I am trying to find various options to 'hide' the AS of R1.
> This was one of the potential options but not now as it doesnt do what
> I want it to do.
Well, you'd need something like "local-as no-prepend", but that doesn't
work for routes originated within your AS. I don't think there's any
other option than redistributing in and out of somewhere, like Dean
mentioned. It's ugly, and my boss would kick me if I did anything like
that. (And if he knew the first thing about networks of course.)
I think a much better approach would be to renumber the offending
network, giving it a new (coordinated) AS. If it's a smallish enterprise
network (which I really hope it is) it shouldn't be a big deal. And any
of the hacks that will make it work now are bound to give you, your
colleagues and your neighbors (AS-wise) massive headaches later on.
On Mon, 2008-04-14 at 11:51 +0100, Dean Smith wrote:
> Whilst the ability to remove specific AS numbers
> from an as-path might be perceived as undesirable or dangerous on the
> internet - it would have made many an enterprise engineer's life very much
> easier. Its not like there aren't other configuration options which can be
> equally dangerous in the wrong hands.
I agree that the option should be there, giving as much control as
possible to the administrator. OTOH it would make people less prone to
correcting "errors" like overlapping ASses. If a network is so
large/important that one can't "just" change AS, one should consider
trying to obtaining a real AS.
Regards,
Peter
More information about the cisco-nsp
mailing list