Private AS BGP number

adhityakarthik · ‎09-02-2009

Dear All,

We have site "A" with MPLS connection as Primary and ADSLVPN as Secondary.now we have connected one brach office "B" with lease line connection to site"A".

Now service provider is running L3 link between site A and Site B in other words site A and site B is connected with a Service proveder in between them Please note that it is not a point to point to link, its L3 routed Link.

Now Site B has primary connectetion as leased line to site A and back connection as ADSL VPN.(traffice from site B goes via lease line to site A and from there to the COre network and if the LL fails VPN in site B should trigger)

Now the issue is I can not run EIGRP between site A and Site B

I think the only option of Running Private AS between Service provder and my network, can one please suggest on me how to do this

Adhitya

Peter Paluch · ‎09-02-2009

Hello Adhitya,

Does your provider require you to run a routing protocol against his routers? If yes then the provider should be responsible for taking the routing information from one site and transporting it to the other side. You should just run the routing protocol towards the provider's router and he should be responsible for redistributing the information between your two sites. It can be any routing protocol, including, but not limited to, BGP, EIGRP, OSPF or RIPv2.

In any case, you can create a tunnel interface between your sites and run the EIGRP on top of it. However, that will cause all your data going from one site to another to be encapsulated within a GRE+IP header that slightly increases both the load on the routers and the amount of transmitted information.

What would be your preferred solution? And what does the service contract with your ISP say about the routing issues?

Best regards,

Peter

adhityakarthik · ‎09-02-2009

Hi Peter,

Fist of all thanks very much for your inputs

Circuit with service provider is MPLS circuit.

We are running only staic routing from remote site B to reach Site A, we are not running any routing protocol

We want to run EIGRP, but since it is L3 routed link we are unable to so the so.When we are forcing our router to form neigboruship with ohter IP we are getting message subnet is not in the same network

But we brefer to use private AS, could you please let me know how to do this

Adhitya

Peter Paluch · ‎09-02-2009

Hello Adhitya,

Having a private AS number won't help you by itself. A private AS is just a number - not a mechanism to solve your problems. You will have to use it in some routing protocol. In other words, even if you decide to use a private AS you still to run some sort of routing protocol against your provider. For a private AS to actually have a meaning, you would have to run BGP on both sites between the edge router of the site and the adjacent edge router of the provider.

But let me ask you another thing: Did your provider assign you IP prefixes to use on both your sites, or are you free to use whatever networks you want on the sites? Do you already use any routing protocol between a site and the provider?

Best regards,

Peter

adhityakarthik · ‎09-02-2009

Yes we are planning to use BGP with private AS numbers

Yes Priovider has assigned IP prefixes for both sites( one sire is X.X.X.110 AND OTHER SIDE IS X.X.X.214)

no we are not using any routing protocol but we are using static routing

Adhitya

Giuseppe Larosa · ‎09-02-2009

Hello Adhitya,

in a L3 MPLS VPN service routing follows a peer-to-peer model:

your CE node can speak with the PE node connected to it.

Service provider is in charge to propagate routing information between your sites within your MPLS VPN/VRF.

So to have an effective usage of BGP you need to talk with your provider and ask them if it is possibile to use eBGP as PE-CE protocol.

Hope to help

Giuseppe

Peter Paluch · ‎09-02-2009

Hi Giuseppe,

you need to talk with your provider and ask them if it is possibile to use eBGP as PE-CE protocol.

Would this not constitute a basic configuration of Carrier Supporting Carrier (CsC)? My concerns are related to the fact if using the BGP for a simple task like this is not too heavyweight.

Best regards,

Peter

Giuseppe Larosa · ‎09-02-2009

Hello Peter,

>> Would this not constitute a basic configuration of Carrier Supporting Carrier (CsC)?

No I was meaning just to use BGP with provider.

An alternate solution could be that of setting BGP sessions over "the VPN" between ip addresses of CE nodes.

However, if there is a need to route the traffic the provider must be aware of new routes.

So two options:

eBGP as PE-CE to cooperate with service provider

or :

GRE tunnels with BGP sessions over it to hide the networks exchanged on the BGP session.

forwarding plane and control plane has to be taken in account

Hope to help

Giuseppe

adhityakarthik · ‎09-02-2009

Dear All

Could you please give a clear explanation with the configuration

thanks very much in advance

Adhitya

Mohamed Sobair · ‎09-02-2009

Hi Adhitya,

If you plan to use BGP with private AS, then the config at your both sites are so staright forward: Example,

router bgp 65000

neighbor x.x.x.x remote-as

neighbor x.x.x.x prefix-list prefix in

network y.y.y.y mask z.z.z.z

1- ensure the next-hop is reachable via the routing table.

2- ensure your Networks are exist in the routing table before advertising them.

3- if you are peering using loaback, then makee sure the source of the BGP updates are the loaback address.

4- If your neighbor is not directly connected , then ensure you include the "ebgp multihop" option.

As for the provider , they should take care of exporting and importing your networks via BGP and you dont need example for the provider BGP config.

HTH

Mohamed

adhityakarthik · ‎09-03-2009

Dear All,

Thanks to every one for there great support.

I am prefering to with BGP with private AS number, can you please guide me with the config

HQ Site----> A end(Service provider network) B end -------Remote site---- this is the existing connection

Remote site B addresss:-

LANetwork/Networ for remote site :11.36.5.0

ip route 0.0.0.0 0.0.0.0 112.88.239.241 ---this is the static router towards SP on remote site

-------------------------------

Hq Site A

LANetwork/Network:11.36.1.0

ip route 11.36.5.0 255.255.255.0 112.88.239.109---this is the staitc route towards remote site

Please guuie me with private AS using BGP Config

Adhitya

adhityakarthik · ‎09-03-2009

Dear All,

Thanks to every one for there great support.

I am prefering to with BGP with private AS number, can you please guide me with the config

HQ Site----> A end(Service provider network) B end -------Remote site---- this is the existing connection

Remote site B addresss:-

LANetwork/Networ for remote site :11.36.5.0

ip route 0.0.0.0 0.0.0.0 112.88.239.241 ---this is the static router towards SP on remote site

-------------------------------

Hq Site A

LANetwork/Network:11.36.1.0

ip route 11.36.5.0 255.255.255.0 112.88.239.109---this is the staitc route towards remote site

Please guuie me with private AS using BGP Config

Adhitya

Giuseppe Larosa · ‎09-03-2009

Hello Adhitya,

Mohamed has provided you sample configurations.

I want to point out the critical point: the SP has to take part in the process if you plan to advertise newer subnets.

-you should ask to the service provider to use eBGP

- they will provide you a private BGP AS number to use.

without service provider cooperation the suggested configuration are not enough if this is a L3 VPN service.

Hope to help

Giuseppe

Mohamed Sobair · ‎09-03-2009

Hi,

Here is the config example for Hq Site A, Assuming you have private AS 65000 at both locations:

router bgp 6500

neighbor 112.88.239.109 remote-as xxx

neighbor 112.88.239.109 prefix-list prefix in

network 11.36.1.0 mask 255.255.255.0

ip prefix-list prefix permit 11.36.5.0/24 le 32

Similar config applies for Site B.

you shall remove the Static routes pointing for each site LAN since you already running BGP.

HTH

Mohamed