From: Mohammad Dewan (dewan@fasttelco.net)
Date: Wed Jul 16 2008 - 05:52:53 ART
Harin,
I believe that the only drawback is the tunnel overheads but it still the
most valid solution for me and more secure
The #neighbor x.x.x.x allowas-in allows the ebgp neighbor to send wrong
updates in case of use neighbor x.x.x.x local-as YYYYY configuration and use
your AS number to prevent this you have to overload the router to filter the
prefixes you learned originated from your own AS remote-site.
That is rarely happens but in the end why to allow such a risky config.
Tunnel is your answer.
Regards,
Mohammad Dewan
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Harindha Fernando
Sent: Wednesday, July 16, 2008 10:10 AM
To: Petr Lapukhov
Cc: ccielab@groupstudy.com; comserv@groupstudy.com
Subject: Re: BGP IPv4
HI ALL,
Thanks for the quick responses, I think best way is to go with Allow-as in
both the customer sites, as they don't have any overlapping address space.
but what is the drawback if we create a GRE tunnel with the CUSTOMER Sites
and run IBGP ?
Rgds,
Harin
On Wed, Jul 16, 2008 at 9:55 AM, Petr Lapukhov <petr@internetworkexpert.com>
wrote:
> Hi,
> In your case, if the customer is using the same public AS number on both
> sites, you may use the "allowas-in" BGP feature.
> This per-neighbor command allows a BGP speaker to accept updates with it's
> own AS number in AS_PATH attribute. Configure this feature on your
> customer's BGP peering sessions with their respective ISPs.
>
> ==
>
> router bgp 100
> neighbor x.x.x.x allowas-in <count>
>
> ==
>
> Adjust the <count> value to match the number of AS num repetitions you
want
> to accept (e.g. this needed if some of the sites is doing AS_PATH
> prepending)
>
> Obviously, you need to ensure the segmeted regions do not advertise the
> same prefixes to their ISPs, e.g. have non-overlapping addressing spaces.
> Also, allowing to accept your own AS number may potentially lead to
routing
> loops, so be careful when implementing your filtering policy.
>
> HTH
> --
> Petr Lapukhov, CCIE #16379 (R&S/Security/SP/Voice)
> petr@internetworkexpert.com
>
> Internetwork Expert, Inc.
> http://www.InternetworkExpert.com
> Toll Free: 877-224-8987
> Outside US: 775-826-4344
> Online Community: http://www.IEOC.com
> CCIE Blog: http://blog.internetworkexpert.com
>
> 2008/7/16 Harindha Fernando <pottaharry@gmail.com>:
>
>> Hi Experts,
>>
>> I need your feedback for the below BGP IPv4 (NO MPLS) scenario.
>>
>> CUSTOMER (AS 100) <--> SERVICE_PROVIDER(AS 200) <---> INTERNET
>> <---->CUSTOMER(AS 100)
>>
>> This particular customer needs to use the SAME AS(100) in two different
>> parts of the world.
>>
>> 1. Can this be done ?
>> 2. If yes, how ?
>> 3. if no, why ?
>>
>> Your earliest response is highly appreciable.
>>
>> Rgds,
>> Harin.
>>
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Mon Aug 04 2008 - 06:11:55 ART