Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

Query on Transit AS

Hi,

We have 2 router ( A & B) connected with different ISP ( C & D) via EBGP with different Public AS no provided by ISP

In between 2 router( A & B) we are running IBGP so that any ISP link fail, traffic can take IBGP path to internet via alternate ISP

How to ensure, that my IBGP Link / My Internal Private AS not become transit AS in between ISP C & D

What are the commands/area to check for the same & how to prevent the same

Also How to check in my ISP facing router whether I am getting Full internet Routing table or default table or partial routing table ?

Br/Subhojit

2 REPLIES

Query on Transit AS

Hello.

The easiest way not to become transit area is to filter all the outgoing announces.

One way could be to filter everything, but local prefixes.

Another one is to allow only locally originated:

ip as-path access-list 1 permit ^$

route-map ALLOW_LOCAL_ONLY permit 10

match as-path 1


router bgp xxx

neig a.b.c.d route-map ALLOW_LOCAL_ONLY out

If you have only 2 routers and you receive only default gateway (that is typical situation) and want them to run in active/passive mode, then it would be easier to:

  • run HSRP on internal interface;
  • track default route and decrement HSRP priority if it's not in RIB;
  • LAN should use static toward HSRP address.

So, no need for IBGP as additional troubleshooting area.

IBGP is worth to use if your ISP facing routers are far from each other or you are doing load-sharing/load-balance.

Super Bronze

Re: Query on Transit AS

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

As Mikhail described, you just filter what you send to your eBGP peer.  (NB: Normally an ISP will filter what you provide them.  I.e. if you did try to act as a transit, the ISPs shoud precluded.  However, you still shouldn't send the them the transit routes.)

If you look at the routes received from you eBGP peers, you may be able to determine if you're getting the full Internet set of routes, or not.  The reason I say may, if the ISP filters out "some" (e.g. couple hundred or less) you may not be able to tell you're not receiving the the whole Internet route set.  Conversely, if you're only getting a default just some, you can tell your only working with partial.

If you have two different ISP, you can also compare what each is giving you.

308
Views
0
Helpful
2
Replies
CreatePlease to create content