[j-nsp] as-path rewrite

Pedro Roque Marques roque at juniper.net
Tue Sep 27 13:05:06 EDT 2005


Sorin CONSTANTINESCU wrote:
> Hi, all.
> 
> I have the following topology:
> 
> AS1 - AS99 (L3 Mpls VPN) - AS2 - AS99 - INTERNET
> 
> My customer (AS2 - public AS Number) buys from the company i work for
> 2 services:
> 
> 1) Internet Access
> 2) VPN between his location, and AS1 (also public AS Number).
> 
> The problem i have is that when i receive a prefix originated by AS1
> on the Internet Transit BGP session, the AS-PATH is: 1 99 2 . Our
> network is a mixture of Juniper and Cisco routers. I used "allowas-in"
> on the neighbor to the customer, but the Juniper routers won't import
> this prefix throughout the network. I know i can use
> 
> Has anyone ever ran into this problem? As far as i see it, i have the
> following options:
> 
> - use private "local-as" for the BGP sessions between AS99 and AS1/AS2
> for the MPLS VPN BGP sessions (haven't tested this one so far)
> - ask the customer to configure EBGP Multihop between AS1 and AS2, so
> that my own AS won't be in the AS-PATH
> 
> I wish i could AS-PATH rewrite :))

There is another option, which is pass the iBGP information of your 
customer transparently across the VPN network. i.e. the routes on the 
customer side will not see the AS(es) that are used on the VPN network.

On juniper boxes you can do this by configuring a VRF such that:

routing-instance {
     customer {
         routing-options autonomous-system <customer-as> independent-domain;
         protocols {
             bgp {
                 group pe-ce {
                     type internal;
                     neighbor <x.x.x.x>;
                 }
             }
         }
     }
}

This will instruct the PE to transport the customer network BGP 
attributes transparently over the VPN infraestructure. The protocol 
extension is documented in draft-marques-l3vpn-ibgp-01.

   Pedro.


More information about the juniper-nsp mailing list