Re: BGP "Allowas-in" -- scenarios to use this? from Steve Ohnmacht on 2009-08-20 (Ccielab archives 08/2009)

From: Steve Ohnmacht <gs.ohnmacht_at_gmail.com>
Date: Wed, 19 Aug 2009 20:14:14 -0700

Crap was typing too fast and inadvertently hit send... oh well...
continuation of response high-lighted... :)

On Wed, Aug 19, 2009 at 8:03 PM, Steve Ohnmacht <gs.ohnmacht_at_gmail.com>wrote:

> Hi David -
>
> Typically you would have a need to use this knob if you have multiple
> remote-sites connected to a providers MPLS VPN network and each of the
> remote-sites are configured with non-unique BGP ASN's.
>
> Using this knob would allow your remote-sites to accept updates that have
> the same ASN in the as-path, otherwise eBGPs loop prevention mechanism would
> drop the update and although your announcements from each remote-site would
> be propagated throughout the VPN you would not have site-to-site
> connectivity from the perspective of your CE devices.
>
> Typically, the service-provider (at least the one I work for) will have
> as-override configured to allow for this type of design whereby all of your
> remote-sites have non-unique ASN's and will replace the non-unique ASN with
> the provider's own ASN outbound towards the CE device.
>

If you plan on replacing your existing WAN infrastructure and connect up
to a provider's MPLS VPN, you might want to consider assigning unique ASNs
to your remote-sites to avoid this type of situation.

Also, it is possible you have an architecture or some circumstances on the
client side whereby you would have a need for the provider to allow looping
to occur, in this instance it may difficult for you to get the provider to
allow for this (depending on the provider).

HTH,
-so

>
>
> On Tue, Aug 18, 2009 at 7:25 AM, David Swafford <david_at_davidswafford.com
> > wrote:
>
>> Hi Groupstudy List--
>>
>> While learning the ins and outs of BGP I've come across something I'm
>> a bit fuzzy on--
>>
>> In BGP we have this configuration option under the neighbor
>> configuration of "allowas-in" which defeats BGP's loop prevention
>> mechanism and allows the programmed router to accept routes that
>> already contain it's own AS in the AS PATH list. Does anyone actually
>> implement this in their production environment? I'm interested to
>> know what kind of scenarios would require this.
>>
>> Thanks,
>> David Swafford.
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Aug 19 2009 - 20:14:14 ART

This archive was generated by hypermail 2.2.0 : Tue Sep 01 2009 - 05:43:57 ART