Private AS BGP number

Unanswered Question
Sep 2nd, 2009
User Badges:

Dear All,


We have site "A" with MPLS connection as Primary and ADSLVPN as Secondary.now we have connected one brach office "B" with lease line connection to site"A".


Now service provider is running L3 link between site A and Site B in other words site A and site B is connected with a Service proveder in between them Please note that it is not a point to point to link, its L3 routed Link.


Now Site B has primary connectetion as leased line to site A and back connection as ADSL VPN.(traffice from site B goes via lease line to site A and from there to the COre network and if the LL fails VPN in site B should trigger)

Now the issue is I can not run EIGRP between site A and Site B

I think the only option of Running Private AS between Service provder and my network, can one please suggest on me how to do this



Adhitya

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Peter Paluch Wed, 09/02/2009 - 03:01
User Badges:
  • Cisco Employee,

Hello Adhitya,


Does your provider require you to run a routing protocol against his routers? If yes then the provider should be responsible for taking the routing information from one site and transporting it to the other side. You should just run the routing protocol towards the provider's router and he should be responsible for redistributing the information between your two sites. It can be any routing protocol, including, but not limited to, BGP, EIGRP, OSPF or RIPv2.


In any case, you can create a tunnel interface between your sites and run the EIGRP on top of it. However, that will cause all your data going from one site to another to be encapsulated within a GRE+IP header that slightly increases both the load on the routers and the amount of transmitted information.


What would be your preferred solution? And what does the service contract with your ISP say about the routing issues?


Best regards,

Peter


adhityakarthik Wed, 09/02/2009 - 04:15
User Badges:

Hi Peter,


Fist of all thanks very much for your inputs


Circuit with service provider is MPLS circuit.


We are running only staic routing from remote site B to reach Site A, we are not running any routing protocol


We want to run EIGRP, but since it is L3 routed link we are unable to so the so.When we are forcing our router to form neigboruship with ohter IP we are getting message subnet is not in the same network


But we brefer to use private AS, could you please let me know how to do this


Adhitya

Peter Paluch Wed, 09/02/2009 - 05:06
User Badges:
  • Cisco Employee,

Hello Adhitya,


Having a private AS number won't help you by itself. A private AS is just a number - not a mechanism to solve your problems. You will have to use it in some routing protocol. In other words, even if you decide to use a private AS you still to run some sort of routing protocol against your provider. For a private AS to actually have a meaning, you would have to run BGP on both sites between the edge router of the site and the adjacent edge router of the provider.


But let me ask you another thing: Did your provider assign you IP prefixes to use on both your sites, or are you free to use whatever networks you want on the sites? Do you already use any routing protocol between a site and the provider?


Best regards,

Peter


adhityakarthik Wed, 09/02/2009 - 06:08
User Badges:

Yes we are planning to use BGP with private AS numbers

Yes Priovider has assigned IP prefixes for both sites( one sire is X.X.X.110 AND OTHER SIDE IS X.X.X.214)


no we are not using any routing protocol but we are using static routing


Adhitya


Giuseppe Larosa Wed, 09/02/2009 - 05:07
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Adhitya,

in a L3 MPLS VPN service routing follows a peer-to-peer model:

your CE node can speak with the PE node connected to it.

Service provider is in charge to propagate routing information between your sites within your MPLS VPN/VRF.


So to have an effective usage of BGP you need to talk with your provider and ask them if it is possibile to use eBGP as PE-CE protocol.


Hope to help

Giuseppe



Peter Paluch Wed, 09/02/2009 - 05:41
User Badges:
  • Cisco Employee,

Hi Giuseppe,


you need to talk with your provider and ask them if it is possibile to use eBGP as PE-CE protocol.


Would this not constitute a basic configuration of Carrier Supporting Carrier (CsC)? My concerns are related to the fact if using the BGP for a simple task like this is not too heavyweight.


Best regards,

Peter


Giuseppe Larosa Wed, 09/02/2009 - 09:25
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Peter,


>> Would this not constitute a basic configuration of Carrier Supporting Carrier (CsC)?


No I was meaning just to use BGP with provider.

An alternate solution could be that of setting BGP sessions over "the VPN" between ip addresses of CE nodes.


However, if there is a need to route the traffic the provider must be aware of new routes.

So two options:

eBGP as PE-CE to cooperate with service provider


or :

GRE tunnels with BGP sessions over it to hide the networks exchanged on the BGP session.


forwarding plane and control plane has to be taken in account


Hope to help

Giuseppe


adhityakarthik Wed, 09/02/2009 - 09:46
User Badges:

Dear All


Could you please give a clear explanation with the configuration



thanks very much in advance


Adhitya

Mohamed Sobair Wed, 09/02/2009 - 12:08
User Badges:
  • Gold, 750 points or more


Hi Adhitya,


If you plan to use BGP with private AS, then the config at your both sites are so staright forward: Example,


router bgp 65000

neighbor x.x.x.x remote-as

neighbor x.x.x.x prefix-list prefix in

network y.y.y.y mask z.z.z.z


1- ensure the next-hop is reachable via the routing table.

2- ensure your Networks are exist in the routing table before advertising them.

3- if you are peering using loaback, then makee sure the source of the BGP updates are the loaback address.

4- If your neighbor is not directly connected , then ensure you include the "ebgp multihop" option.


As for the provider , they should take care of exporting and importing your networks via BGP and you dont need example for the provider BGP config.



HTH

Mohamed

adhityakarthik Thu, 09/03/2009 - 07:11
User Badges:

Dear All,


Thanks to every one for there great support.


I am prefering to with BGP with private AS number, can you please guide me with the config


HQ Site----> A end(Service provider network) B end -------Remote site---- this is the existing connection


Remote site B addresss:-


LANetwork/Networ for remote site :11.36.5.0


ip route 0.0.0.0 0.0.0.0 112.88.239.241 ---this is the static router towards SP on remote site


-------------------------------


Hq Site A


LANetwork/Network:11.36.1.0


ip route 11.36.5.0 255.255.255.0 112.88.239.109---this is the staitc route towards remote site



Please guuie me with private AS using BGP Config



Adhitya

adhityakarthik Thu, 09/03/2009 - 07:16
User Badges:

Dear All,


Thanks to every one for there great support.


I am prefering to with BGP with private AS number, can you please guide me with the config


HQ Site----> A end(Service provider network) B end -------Remote site---- this is the existing connection


Remote site B addresss:-


LANetwork/Networ for remote site :11.36.5.0


ip route 0.0.0.0 0.0.0.0 112.88.239.241 ---this is the static router towards SP on remote site


-------------------------------


Hq Site A


LANetwork/Network:11.36.1.0


ip route 11.36.5.0 255.255.255.0 112.88.239.109---this is the staitc route towards remote site



Please guuie me with private AS using BGP Config



Adhitya

Giuseppe Larosa Thu, 09/03/2009 - 13:07
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Adhitya,

Mohamed has provided you sample configurations.


I want to point out the critical point: the SP has to take part in the process if you plan to advertise newer subnets.


-you should ask to the service provider to use eBGP

- they will provide you a private BGP AS number to use.


without service provider cooperation the suggested configuration are not enough if this is a L3 VPN service.


Hope to help

Giuseppe


Mohamed Sobair Thu, 09/03/2009 - 12:20
User Badges:
  • Gold, 750 points or more

Hi,


Here is the config example for Hq Site A, Assuming you have private AS 65000 at both locations:


router bgp 6500

neighbor 112.88.239.109 remote-as xxx

neighbor 112.88.239.109 prefix-list prefix in

network 11.36.1.0 mask 255.255.255.0


ip prefix-list prefix permit 11.36.5.0/24 le 32


Similar config applies for Site B.


you shall remove the Static routes pointing for each site LAN since you already running BGP.


HTH

Mohamed

Actions

This Discussion