RE: how can I prevent my AS from becoming a transit AS? (kinda

From: OhioHondo (ohiohondo@columbus.rr.com)
Date: Mon May 12 2003 - 10:35:46 GMT-3

• Next message: JenBell: "Boot Crap Camp"
• Previous message: Peter Wodle: "Difference between "arp frame-relay" and "frame-relay"
• Maybe in reply to: Robert Yee: "how can I prevent my AS from becoming a transit AS? (kinda"
• Next in thread: Cristian Henry H: "Re: how can I prevent my AS from becoming a transit AS? (kinda"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Note:

When you redistribute from BGP to OSPF, look at the LSA Type 5 entries of
the BGP routes redistributed into OSPF. They are already "tagged" with the
AS number from where they came.

-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com]On Behalf Of
Yadav, Arvind K (EM, GECIS)
Sent: Monday, May 12, 2003 3:46 AM
To: 'Robert Yee'; ccielab@groupstudy.com
Subject: RE: how can I prevent my AS from becoming a transit AS? (kinda
lo ng)

1. When you redistribute BGP router learned from AS300 on R2 and R1 to OSPF
mark some tag (By using route-map) to all routes and while redistributing
back to BGP on R1 and R2
filter the tag routes with tag. In that way you can prevent your AS to
becoming a transit AS.
2. ip as-path access-list 1 permit ^$ pm both the router R1 and r2

Arivnd

-----Original Message-----
From: Robert Yee [mailto:robert@bluespud.com]
Sent: Monday, May 12, 2003 10:27 AM
To: ccielab@groupstudy.com
Subject: how can I prevent my AS from becoming a transit AS? (kinda
long)

Given the following scenario, how can I prevent my AS from becoming a
transit AS:

   ----- -----
  |AS100| |AS300|
   ----- -----
     \ /
      \ /
   ---------------------------
  | \ / |
  | R1----iBGP---R2 |
  | \ / |
  | \ / |
  | OSPF OSPF |
  | \ / |
  | \ / |
  | R3 |
  |AS200 (OSPF) |
   ---------------------------

AS 300 advertises 10.1.1.0 /24 to AS 200 through R2.

The 2 edge routers in AS 200 are running BGP and OSPF. R3 is running OSPF
and has numerous routes that it is advertising to R1 and R2.
Syncronization in BGP is disabled, so there
should be no issue with bgp/ospf sync.

The 2 edge routers are running mutual redistribution between the IGP and
EGP.

R2 redistributes 10.1.1.0 /24 from BGP into OSPF. Eventually, this route
will reach R1 from OSPF (and from iBGP) and will be redistributed back into
BGP from OSPF. Since OSPF has
a better AD than iBGP, the OSPF route will be placed into routing table,
and BGP will pick the redisributed route as the best path. This route will
then get advertised to AS 100.

Because OSPF is redistributing many routes to BGP, I think the best solution
would be to put the following filter-list (skip ditribute-list,
prefix-list, route-map) on each edge
router:

  ip as-path access-list 1 permit ^$

This filter list should only allow routes out that have no AS-PATH attribute
associated with it.

This should prevent AS 200 from being a transit area (if we were only
running BGP), BUT since we are mutually redistributing, 10.1.1.0 /24 now is
seen by BGP on R1 as route w/out
an AS-PATH attribute.

Then 10.1.1.0 /24 gets advertised out to AS 100.

Is there any way around this?

This situation would also apply to routes received from As100

• Next message: JenBell: "Boot Crap Camp"
• Previous message: Peter Wodle: "Difference between "arp frame-relay" and "frame-relay"
• Maybe in reply to: Robert Yee: "how can I prevent my AS from becoming a transit AS? (kinda"
• Next in thread: Cristian Henry H: "Re: how can I prevent my AS from becoming a transit AS? (kinda"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Mon Jun 02 2003 - 15:13:41 GMT-3