Added value of having multiple BGP AS# for a single VRF on IP-VPN

Answered Question
Feb 27th, 2012
User Badges:

Hi folks,

  I just wonder if there is any added value of having mutiple private AS numbers for a single VRF, compared to the usual practise of having one single AS for the entire enterprise network of a given customer.  The solution provider is presenting a solution, basically connecting branches to Primary Data Center & DRC using 3-AS numbers, one AS for Primary Data Center, and one for Disaster Recovery Center and one for all the 1,000+ branaches.



Appreciate your input.


Sami

Correct Answer by Giuseppe Larosa about 5 years 2 months ago

Hello Sami,

as explained by Milan using multiple AS numbers can provide advantages in troubleshooting.


I would add that in your scenario the use of multiple AS numbers on the customer side allows to build a clear hiearchy of BGP routes from the point of view of branch offices.

By using different AS numbers, as-override feature is not needed on the provider(s) side, and routes originated on the disaster recovery site can be made less preferred by simply using AS path prepending that is reported to every branch site.


If also branch to branch communication should be blocked for any reason it is enough to skip the as-override on the provider site of each branch facing PE node.


Hope to help

Giuseppe

Correct Answer by milan.kulik about 5 years 2 months ago

Hi,


if the provider is using the same AS number for all sites belonging to the cusomer, it's sometimes difficult to troubleshoot possible routing problems from the CE router point of view.

As the provider has to use BGP features like as-override or allowas-in to make a CE router to accept prefixes originated be other sites using the same AS number. And then looking into a CE router BGP table it's not clear which site the prefix was originated from.


So IMHO, the 3-AS number concept you mentioned is a minimum which should be used.


HTH,

Milan

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
milan.kulik Tue, 02/28/2012 - 00:17
User Badges:
  • Red, 2250 points or more

Hi,


if the provider is using the same AS number for all sites belonging to the cusomer, it's sometimes difficult to troubleshoot possible routing problems from the CE router point of view.

As the provider has to use BGP features like as-override or allowas-in to make a CE router to accept prefixes originated be other sites using the same AS number. And then looking into a CE router BGP table it's not clear which site the prefix was originated from.


So IMHO, the 3-AS number concept you mentioned is a minimum which should be used.


HTH,

Milan

Correct Answer
Giuseppe Larosa Tue, 02/28/2012 - 02:39
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Sami,

as explained by Milan using multiple AS numbers can provide advantages in troubleshooting.


I would add that in your scenario the use of multiple AS numbers on the customer side allows to build a clear hiearchy of BGP routes from the point of view of branch offices.

By using different AS numbers, as-override feature is not needed on the provider(s) side, and routes originated on the disaster recovery site can be made less preferred by simply using AS path prepending that is reported to every branch site.


If also branch to branch communication should be blocked for any reason it is enough to skip the as-override on the provider site of each branch facing PE node.


Hope to help

Giuseppe

Actions

This Discussion