No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Same AS BGP network fail to communicate with each other cause the same AS exist in E-BGP path

Publication Date:  2012-07-27 Views:  47 Downloads:  0
Issue Description
If the enterprise router connected with multiple providers , on some occasions, the enterprise AS is hit with an enormous amount of traffic that does not belong to that enterprise AS (here enterprise AS means the CE/operator AS which is not global Internet traffic carrier ).

There is a probability to became a transit AS when the enterprise router connected with Internet upstream via E-BGP and take full routing table. If the enterprise allow to became a transit AS (but transit AS not needed), then the hardware resources, link resource is used very much which is not recommended. If the router capacity is low, then router crashing may also be happen.




Alarm Information
Null

Handling Process
For avoid to become “transit AS” for the Internet upstream provider, we can use regular expression in the BGP and block unwanted traffic. Check the below configuration #

bgp 45951
peer 114.130.131.73 as-number 17806
peer 114.130.131.73 description Internet_Upstream
//This is avoide the enterprise AS become a transit path of it's Internet upstream //

peer 114.130.131.73 as-path-filter 10 export

//This AS-PATH-FILTER 10 will avoide the enterprise AS become a transit path of it's Internet upstream //

ip as-path-filter 10 permit ^$

The BGP filter is applied on the outgoing updates (note the export keyword). The regular expression ^$ indicates an AS-Path that is empty. The caret symbol (^) indicates the beginning of the AS-Path, and the $ symbol indicates the end of the AS-Path. Because all networks originating from enterprise have an empty AS-PATH list, they will be advertised. All other prefixes will be denied.



Root Cause
A transit connection means that the upstream provider lets the customer transit its network to reach any available destination on the Internet. A transit AS would advertise to one AS routes that it learned from another AS. This way, the transit AS would open itself to traffic that does not belong to it.



Suggestions
It is important that enterprise AS (which is not Internet global carrier or not an exchage) be consistent about the routes it advertises to avoid unnecessarily black-holing traffic.

If the multihomed to the same provider we also need to consider this issue. Becoming an Transit AS unnecessarily consuming CPU and link resources with useless information; if possible, make sure that we should send own routes only.

 




END