Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

One private network with multiple AS numbers

Hi there,

We have currently about 15 different offices in remote locations. We have made a deal with one ISP to provide us with IP WAN network using BGP private AS numbers (65001 to 65015) so that we can advertise our private IP ranges (10.x.x.x/24, each site has several 24 bits IP subsets) through the BGP  as per the attached drawings. You can see from the network diagrame that every location has a different AS number.

Now, we have recently installed optical fiber cables between all our offices and connected all the Cisco 3560 L3 switches into our new private network and we want to run EIGRP as primary routing protocol over our private network as indicated in the attached drawing (after modification).  In the same time, we want to keep our IP WAN BGP connections as backup route via the ISP. We are seeking advise onto what will be the best way to redesign our network without changing the AS numbers.  The situation now is we have one private network but this network contains many bgp AS numbers and can't use iBGP among them.

Pls see attached diagram

Thanks and best regards

Baranan

  • WAN Routing and Switching
Everyone's tags (3)
12 REPLIES

Re: One private network with multiple AS numbers

Baranan,

On the bgp routers that you want to prefer the eigrp route for, you can use the backdoor statement on those routes. For example, let's say office 2 learns 192.168.1.0/24 from eigrp and bgp. BGP will be preferred because the AD is 20 vs EIGRP of 90. If you want to prefer this route in EIGRP first, on the office 2 router, you would set this route as "network 192.168.1.0 mask 255.255.255.0 backdoor". That would put the eigrp route in your routing table over the bgp learned route, but you would need to do that for every route as far as I know.

The other option would be to set your bgp routes to be a higher AD than eigrp with the distance command under bgp.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

One private network with multiple AS numbers

Hi John,

don't you think it would be quite complicated to configure the

network ... backdoor

commands for all non-local subnets on each router?

And to add/remove the commands with each subnet change?

The AD modification would be easier, I guess?

Best regrads,

Milan

One private network with multiple AS numbers

Milan,

It would, but I wanted to give the option. It would be even worse trying to maintain it because every new network now means they would have to get on every router and add that network to bgp. I agree, changing the AD would be easier.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***
New Member

One private network with multiple AS numbers

Hi John and Milan

Many thanks for your kind prompt advices.

The advantage of the backdoor is that we don't need to change any AD. The problem is that we have too may 24-bit subnets (about 300) and it would be quite complicated to add them one by one.

Is there a way to use summarization with the backdoor statement ?

I was thinking not to use any IGP protocols (EIGRP or OSPF) and instead use eBGP among the different sites over the fiber network with higher weighting factor over the link to the ISP. That means creating eBGP peer connections between a SVI of the 3560 switches as each site has different AS number. But not sure if this would be a good and clean design option. What do you think ?

Regarding Milan's idea of changing the AD of the BGP, I'm just a bit reluctant to change ADs as it dosn't look right for me

Would highly appreciate your thoughts

Best regards

Baranan

One private network with multiple AS numbers

Baranan,

That's what I do. I have only bgp everywhere and change my weights/local prefs depending on what I want to prefer. It's a lot easier doing that than messing with distance I believe.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

One private network with multiple AS numbers

Hi,

I'd say: It depends.

But handling 300 prefixes with backdoor command is definitely a nightmare.

Depending on your fiber topology and the bandwidth on the lines to your provider.

If you are running 1 Gbps fiber lines and E1 to the provider,e.g., you'd want to prefer the fiber connection as long as any fiber path exist from one site to the other.

In that case changing the AD would be an easy and perfectly working solution.

Running BGP only and playing with the BGP attributes should also work.

But is not so easy and could result in an asymmetric routing in some topologies, I'm afraid.

Best regards,

Milan

One private network with multiple AS numbers

"But is not so easy and could result in an asymmetric routing in some topologies, I'm afraid."

This is very true....

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

Re: One private network with multiple AS numbers

Hello

Given the two choices and the amount of network statement this is relating to - I would opt for the AD change on the Eigrp Process, it also gives you the easist backout procedure.

router eigrp 100

distance eigrp 90 19

sh ip protocols | in Distance|bgp|eigrp

Routing Protocol is "bgp 1"

    Gateway         Distance      Last Update

  Distance: external 20 internal 200 local 200

Routing Protocol is "eigrp 100"

  Redistributing: eigrp 100

    Gateway         Distance      Last Update

  Distance: internal 90 external 19

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please don't forget to rate any posts that have been helpful. Thanks.

One private network with multiple AS numbers

Hi Paul,

does it make a sense to configure internal EIGRP prefixes to get a worse AD than eBGP ones in this case?

I don't think so!

router eigrp 100

distance eigrp 9 19

would be more appropriate, I guess.

Best regards,

Milan

257
Views
0
Helpful
12
Replies
This widget could not be displayed.