Confusion on BGP Confederation

Answered Question
Jun 1st, 2009

All,

I understand that a confederation is a collection of ASs that are presented to an ebgp peer as one AS. I configured this with 4 routers with all of them being in their own AS:

Router1: AS100 (EBGP)

Router2: AS200 -> Presented as 500 to AS100

Router3: AS300 -> Peered with AS200

Router4: AS300 -> Peered with AS200

Okay, so all of my peerings came up correctly, but Router1 is seeing the ASPath to Router4's loopback 4.4.4.4 through AS 500 and AS 300.

Is AS300 supposed to show on Router1's bgp table?

Thanks,

John

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 7 years 6 months ago

Hello John,

R3 and E4 need to know they have to write their ASN in AS confed attribute and not in main AS path attribute.

once the AS path attribute is "corrupted" R2 cannot fix it.

Hope to help

Giuseppe

Correct Answer by Giuseppe Larosa about 7 years 6 months ago

Hello John,

also R3 and R4 need the commands

router bgp xx

bgp confed ident 500

bgp confed peer 200

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Giuseppe Larosa Mon, 06/01/2009 - 06:34

Hello John,

with BGP confederations:

BGP AS number is the mini AS

peer BGP numbers are defined with

bgp confederation peer list of other mini ASN

the public AS (to be seen outside) requires to be defined with

bgp confederation identifier xx

So you may need these commands to achieve BGP confederation scenario.

When correctly configured only public AS should be seen by real eBGP peer.

mini ASN are placed in Confed AS path separated by AS path

public AS is placed in AS path before sending to real eBGP peer, Confed As path is stripped

Hope to help

Giuseppe

John Blakley Mon, 06/01/2009 - 06:42

Giuseppe,

The confederation peers fine with the external peer, but the external peer was able to see the other external ASs that weren't peered with it.

For example, I had something like:

Router1:

ip address 192.168.1.1

as 100

neighbor Router2 remote-as 500

Router2:

ip address 192.168.1.2

ip address 192.168.3.1

ip address 192.168.4.1

AS 200

bgp confederation identifier 500

bgp confederation peer 400

bgp confederation peer 300

neighbor 192.168.1.1 remote-as 100

neighbor 192.168.3.1 remote-as 300

neighbor 192.168.4.1 remote-as 400

Router3:

AS 300

network 192.168.3.0 mask 255.255.255.0

neighbor 192.168.3.1 remote-as 200

Router4:

AS400

network 192.168.4.0 mask 255.255.255.0

neighbor 192.168.4.1 remote-as 200

The above is all from memory, so I may be missing something, but this is the gist of it. If you did a "sh ip bgp" on Router 1, you would see something like:

Network Peer AS Path

*>192.168.4.0 192.168.1.2 500 400

Thanks,

John

Correct Answer
Giuseppe Larosa Mon, 06/01/2009 - 08:31

Hello John,

also R3 and R4 need the commands

router bgp xx

bgp confed ident 500

bgp confed peer 200

Hope to help

Giuseppe

John Blakley Mon, 06/01/2009 - 08:35

Ah. So the peers that are part of the confederation will still go out as their own AS if they're not configured the same way the router is that's peering with the ebgp peer? I guess that makes sense. I'll play with it tonight and let you know tomorrow.

Thanks Giuseppe!

John

Correct Answer
Giuseppe Larosa Mon, 06/01/2009 - 09:05

Hello John,

R3 and E4 need to know they have to write their ASN in AS confed attribute and not in main AS path attribute.

once the AS path attribute is "corrupted" R2 cannot fix it.

Hope to help

Giuseppe

John Blakley Tue, 06/02/2009 - 05:37

Adding "bgp confederation peers" and "bgp confederation identifiers" to every AS solved the problem Giuseppe. Thanks!

John

Actions

This Discussion