May 31st, 2007


Hi i have an AS number & an IP range supplied by ARIN for my headquarters. I am doing Multi-home with a couple of ISPs & running BGP for this.

I have another office with Internet connectivity in ASIA.

I want to use the same ARIN assigned AS number & an unused ARIN subnet from my Headquarters range for multi-home BGP setup ?

Is this possible.

mohammedmahmoud Thu, 05/31/2007 - 06:12


Yes you can freely do that, but make sure to use an unused IP subnet in the new location (not advertised from the main office in order to prevent any routing loops).

HTH,

Mohammed Mahmoud.

anandramapathy Thu, 05/31/2007 - 07:24

Thank you. Can explain me as to how will the routing happen.

How do i have to configure the routing such that traffic intended to my headquarters ( US ) subnets is routed there & the traffic intended to my ASIA subnet is routed to the ASIA network ?

Any Link / details would be greatly appreciated

devang_etcom Thu, 05/31/2007 - 08:28

how both the sites are connected with each other...?

what ever i understand is you want to use the same AS number for your USA and ASIA network... it means USA and ASIA network will be in the same AS cloud...right!!!



anandramapathy Thu, 05/31/2007 - 22:40

You understood it right.

Both sites are connected to the Internet using different ISPs

devang_etcom Fri, 06/01/2007 - 04:58

i think tunneling will solve your issue... creat the GRE tunnel between your two site and try to send and receive the routing update through that tunnel and get the reachablility between the loopback of each site and then configure the IBGP between both. but during configuration you have to make sure that your asia site traffic should exit through the ISP of the ASIA and same for US... so there you need the routfiltering for outgoing and incoming traffic for the internet... and you have to make sure that only internal subnets of the two different site should be reachable via tunnel...



bjornarsb Fri, 06/01/2007 - 02:52


Teoretically this is ok, but you need to

ask the ISP in ASIA the smallest Ip prefix they can advertise. And also think about prefix ISP's accept. It cannot be in the same summarized net, you already annonce. But I believe that you are aware of this.



anandramapathy Fri, 06/01/2007 - 03:54

Are you sure about this ?

It cannot be in the same summarized net,

Can i use a /24 which is unused in US from a pool of /18 subnet ?

Let me know if you have any docs for this ?

bjornarsb Fri, 06/01/2007 - 05:14


I have no docs, this is practical conciderations from an ISP point of view :)

Lets look at this scenario:

ISP1 announces

with same AS-path.

ISP254 want to announce

with same as-path.

Ok, then ISP1 actually needs to allow input

of same net as they announce.

ISP policy differ from country to country.

So I'm adviceing you to apply for a second

ip nett and a new AS number.

IP and AS should teoretically and historically correspond with SOO area.



mohammedmahmoud Fri, 06/01/2007 - 12:15

Hi Anand,

I've worked a lot with RIRs, but i've never done this before, but basically you should peer with the 2 ISPs in the 2 regions, you should advertise 2 different unsummarized subnet to both ISPs (for example 2 different class Cs to each), this should theoretically work, but i strongly recommend that you contact ARIN, they are the best party that can advise and help you do the best action to have this working according to their policies, and they are really very helpful, please contact them via "[email protected]", plus of course arranging with both ISPs.

HTH,

Mohammed Mahmoud.

anandramapathy Sun, 06/03/2007 - 23:22

Thanks i will do this.

Just an anology -

Is'nt this case similar to Routing.

I advertise a bigger subnet of /18 from one region. Then advertise another subnet of /24 from another region. The Network will identify how to reach each network since the lower mask /24 will advertise specifically to that particular region ?

mohammedmahmoud Sun, 06/03/2007 - 23:31

Hi Anand,

Yes it is, but i recommended that you contact your RIR (ARIN) and your ISP, just to make sure that there is no contradiction with the internet routing policies.

HTH,

Mohammed Mahmoud.

bjornarsb Mon, 06/04/2007 - 00:19


In a local AS this is true, but ISP policy is

to not accept a prefix in the range its advertising self. Same is with AS number.

ISP do not accept icomming AS witch is the same as its "owns". This is traditional BGP policies and the reaseon why BGP works.

So I quess that the answer you get is to

do as I have posted, else you could or probarly will get into trouble :)



mohammedmahmoud Mon, 06/04/2007 - 01:12


The main problem here is the AS-Path, Site 1 will drop received routes from Site 2, since they are originated from the same AS (AS-Path filtering to avoid routing loops), there are many work around, thats why i strongly recommend that you contact ARIN and your ISPs, to agree on the optimum solution for your scenario.


Mohammed Mahmoud.

anandramapathy Mon, 06/04/2007 - 02:32

I got this info from Cisco IP Journal.

But i am not able to understand whether it can be applicable to AS on the Internet.

Refer the attachment for the Diagram.

Can an ASN Be Split Across Separated Subdomains?

There are many cases of dispersed networks that exist in multiple locations.

If these locations are all administered by a single entity, it may be

desirable to use a single ASN across all these domains. This scenario

is possible, but considerable care needs to be exercised when designing

the routing configuration. Figure 4 shows two distinct subdomains of

AS1, and they are not interconnected internally.

Figure 4: Split AS

AS 1

AS 2 AS 3 AS 4

AS 1



AS1 (A) advertises the prefix to AS2, and this advertisement

is propagated to AS2, AS3, and AS4. When AS4 passes this

advertisement to the other segment of AS1 (B), this router rejects the

advertisement because the associated AS path (4, 3, 2, 1) indicates that

the route has already passed through AS1. Similarly, the first segment

of AS1 (A) rejects the advertisement of from AS2,

because its path (4, 3, 2, 1) also indicates that a loop has formed. To

restore complete connectivity between the distinct parts of AS1, AS1

needs to configure static routes at its edges. If AS1 (A) configures a

static route to pointing toward AS2, and AS1 (B)

similarly configures a route to through AS4, then the

configuration enables full connectivity.

In more complex configurations where each of the segments of the

network is multiply connected, the static route configuration becomes

more complex. However, with very careful configuration, a single ASN

can be distributed across multiple distinct networks.

mohammedmahmoud Mon, 06/04/2007 - 03:15

Hi Anand,

The static routes solution was the simplest solution when i said that there are work arrounds, but i insist on recommending that you'll need to contact your ISPs to consolidate this with them, as they can offer alternative optimum solutions according to their policies.

I hope that i've been informative, and i wish you good luck :)

HTH,

Mohammed Mahmoud.

Danilo Dy Mon, 06/04/2007 - 06:34


I've seen some implementation similar to what you are trying to do that is currently in production.

Its like this.

- Same ASN in LocationA and LocationB.

- LocationA has shorter prefix, say /18. Make sure that its "aggregated".

- LocationB has longer prefix, say /24. Its the last network in /18.

- Though /24 in LocationB is included in LocationA, it is not use in LocationA.

- There is no connection (iBGP) between LocationA and LocationB.

- Since LocationB advertises /24, it will be the preferred destination for that network.

- Unless ISPs filter shorter than /24 for incoming BGP routes, LocationB will not be reach.



