Added value of having multiple BGP AS# for a single VRF on IP-VPN

Answered Question
Feb 27th, 2012

Hi folks,

  I just wonder if there is any added value of having mutiple private AS numbers for a single VRF, compared to the usual practise of having one single AS for the entire enterprise network of a given customer.  The solution provider is presenting a solution, basically connecting branches to Primary Data Center & DRC using 3-AS numbers, one AS for Primary Data Center, and one for Disaster Recovery Center and one for all the 1,000+ branaches.

Appreciate your input.

Sami

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 2 years 1 month ago

Hello Sami,

as explained by Milan using multiple AS numbers can provide advantages in troubleshooting.

I would add that in your scenario the use of multiple AS numbers on the customer side allows to build a clear hiearchy of BGP routes from the point of view of branch offices.

By using different AS numbers, as-override feature is not needed on the provider(s) side, and routes originated on the disaster recovery site can be made less preferred by simply using AS path prepending that is reported to every branch site.

If also branch to branch communication should be blocked for any reason it is enough to skip the as-override on the provider site of each branch facing PE node.

Hope to help

Giuseppe

Correct Answer by milan.kulik about 2 years 1 month ago

Hi,

if the provider is using the same AS number for all sites belonging to the cusomer, it's sometimes difficult to troubleshoot possible routing problems from the CE router point of view.

As the provider has to use BGP features like as-override or allowas-in to make a CE router to accept prefixes originated be other sites using the same AS number. And then looking into a CE router BGP table it's not clear which site the prefix was originated from.

So IMHO, the 3-AS number concept you mentioned is a minimum which should be used.

HTH,

Milan

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (2 ratings)
Correct Answer
milan.kulik Tue, 02/28/2012 - 00:17

Hi,

if the provider is using the same AS number for all sites belonging to the cusomer, it's sometimes difficult to troubleshoot possible routing problems from the CE router point of view.

As the provider has to use BGP features like as-override or allowas-in to make a CE router to accept prefixes originated be other sites using the same AS number. And then looking into a CE router BGP table it's not clear which site the prefix was originated from.

So IMHO, the 3-AS number concept you mentioned is a minimum which should be used.

HTH,

Milan

Correct Answer
Giuseppe Larosa Tue, 02/28/2012 - 02:39

Hello Sami,

as explained by Milan using multiple AS numbers can provide advantages in troubleshooting.

I would add that in your scenario the use of multiple AS numbers on the customer side allows to build a clear hiearchy of BGP routes from the point of view of branch offices.

By using different AS numbers, as-override feature is not needed on the provider(s) side, and routes originated on the disaster recovery site can be made less preferred by simply using AS path prepending that is reported to every branch site.

If also branch to branch communication should be blocked for any reason it is enough to skip the as-override on the provider site of each branch facing PE node.

Hope to help

Giuseppe

Actions

Login or Register to take actions

This Discussion

Posted February 27, 2012 at 6:24 PM
Stats:
Replies:2 Avg. Rating:5
Views:618 Votes:0
Shares:0

Related Content

Discussions Leaderboard