More BGP tricks
- Tony Mattke
- Cisco
- May 16, 2010
At times, the ‘rules of BGP’ don’t fit the needs of our productions networks. When we get into today’s production networks how often do book configurations apply? I’ll tell you one thing. I don’t see many book examples with 450+ line BGP configs, but I’ve worked on a number of networks where this was the case. Here are two examples where having these tools in your arsenal could be crucial.
Situation 1
Your company has gone through some major changes and requires changing AS numbers on your BGP routers. You have over 20 down stream clients, and several upstream connections that all need changed. Since these changes need to be configured on both sides, what are the chances of getting them all done at once? (feel free to laugh out loud…..) local-as is configurable on a per neighbor basis and will allow us to make these changes one peer at a time until such a time we can take the entire router down and reconfigure BGP. In the example below, we’re changing from ASN 65501, to 8888. Neighbor 1.2.3.4 will continue to use our original ASN, while 5.6.7.8 will use the new ASN 8888.
router bgp 65501 neighbor 1.2.3.4 remote-as 1234 neighbor 1.2.3.4 route-map as1234-in in neighbor 1.2.3.4 route-map as1234-out out neighbor 5.6.7.8 remote-as 5678 neighbor 5.6.7.8 local-as 8888 neighbor 5.6.7.8 route-map as5678-in in neighbor 5.6.7.8 route-map as5678-out out !
Situation 2
So, your network has had a major failure and you need to provide for access to the other half. The simplest way you can think of is configuring a tunnel from each end point, and running BGP over it. At least then, you can ensure when the network comes back up, BGP will handle the switchover. But, as you may know, BGP doesn’t allow incoming routes with your ASN already in the path. That’s simple enough to work around using the allowas-in command. Usage: allowas-in [allow X instances of our ASN in path] – see the following example.
router bgp 8888 neighbor 8.2.2.2 remote-as 8888 neighbor 8.2.2.2 allowas-in 2 neighbor 8.2.2.2 route-map as8888-in in neighbor 8.2.2.2 route-map as8888-out out !
Obviously these are just a couple of tricks in the bag, and may not be fully supported solutions… if you have any questions or any topics you’d like to hear more about please let me know in the comments below. Thanks!
