I was configuring an SDN Gateway using Contrail Command and, among all the options, I noticed “BGP Router ASN”:
According to Juniper documentation, within that field “Enter the Local-AS number, specific to the associated peers.”
The “Local-AS” keyword grabbed my attention. “Local-AS” is a setting you can configure within BGP and can help during migrations.
For example, you have a session between router A (AS 100) and router B (AS 200). Due to a migration, router A is moved to AS 300. In order to avoid changes on router B, we can configure “local-as 100” on router A so that router B will keep its current “peer-as” configuration.
The same concept apply in a contrail scenario…it is bgp peering after all 🙂
Even if local-as seems extremely easy and straightforward, I did remember it could come with some surprises when we look at AS-paths.
For this reason, I di put Contrail aside for one moment and bult a small routing lab to better understand different scenarios involving local-as.
My lab has the following topology:
Let’s focus on the simple chain: r3-r4-r6
We have ebgp everywhere
Router R4 belongs to AS 300 but we want it to appear as part of AS 1000 from R3 point of view.
Set local-as on r4 towards r3:
root@r4_re# set protocols bgp group e100 local-as 1000Configure r3 conf to match that AS:
root@r3_re# set protocols bgp group e300 peer-as 1000Verify sessions are up:
root@r3_re# run show bgp summary
Groups: 1 Peers: 1 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0
0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
192.168.34.1 1000 2 2 0 0 1 0/0/0/0 0/0/0/0R4 receives a route from R3
root@r4_re# run show route receive-protocol bgp 192.168.34.0
inet.0: 16 destinations, 16 routes (16 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 10.10.10.10/32 192.168.34.0 100 IAs-path includes 100 (r3 as)
R4 advertises it to R6:
root@r4_re# run show route advertising-protocol bgp 192.168.46.1
inet.0: 16 destinations, 16 routes (16 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 10.10.10.10/32 Self 1000 100 IAS 1000 added (local-as) but r6 sees 300 as well!
root@r6_re# run show route receive-protocol bgp 192.168.46.0
inet.0: 20 destinations, 20 routes (20 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 10.10.10.10/32 192.168.46.0 300 1000 100 Ithis is correct as session between r4 and r6 uses as 300.
Summing up:
- r4 sets local-as 100 towards r3; r3 sets peer-as 100 towards r4
- r4-r3 session uses as 1000
- r4 receives route from r3 with as path 100
- r4 sends route to r6 adding 1000 (100, 1000)
- at r6, as 300 added as well as r4-r6 bgp session uses as 300 (100, 1000, 300)
Now we set the local-as to private:
root@r4_re# set protocols bgp group e100 local-as 1000 privateand now 1000 no longer added when advertising towards r6:
root@r4_re# run show route advertising-protocol bgp 192.168.46.1
inet.0: 16 destinations, 16 routes (16 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 10.10.10.10/32 Self 100 I
root@r6_re# run show route receive-protocol bgp 192.168.46.0
inet.0: 20 destinations, 20 routes (20 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 10.10.10.10/32 192.168.46.0 300 100 INow, R6 advertises a route
R4 rxs from R6:
root@r4_re# run show route receive-protocol bgp 192.168.46.1
inet.0: 17 destinations, 17 routes (17 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 20.20.20.20/32 192.168.46.1 200 Iand sends it to R3:
root@r4_re# run show route advertising-protocol bgp 192.168.34.0
inet.0: 17 destinations, 17 routes (17 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 20.20.20.20/32 Self 300 200 I
root@r3_re# run show route receive-protocol bgp 192.168.34.1
inet.0: 19 destinations, 19 routes (19 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 20.20.20.20/32 192.168.34.1 1000 300 200 IRoute received by R3 has both 1000 and 300.
This is not terrible. R3 peers with AS 1000 and AS 100 is the last AS in the AS path. From R3 point of view AS 300 might be another router along the path.
Let’s add this pn R4:
root@r4_re# set protocols bgp group e100 local-as no-prepend-global-asNow r3 does not see 300 in as path:
root@r3_re# run show route receive-protocol bgp 192.168.34.1
inet.0: 19 destinations, 19 routes (19 active, 0 holddown, 0 hidden)
Prefix Nexthop MED Lclpref AS path
* 20.20.20.20/32 192.168.34.1 1000 200 IGlobal-as (300, R4 system AS) no longer added!
Why might this be relevant? Here is an idea. Suppose R3 implements some sort of policy evaluating routes in terms of BGP AS path length. For example, it might prefer one route instead of another based on the AS Path length. Behind this choice there could be a (maybe hazardous) assumption: “the longer the path, the more the hops and ISPs traffic has to go through, the more the troubles it might bump into…”. Keeping both local-as and global-as will result treating that route as longer than what it actually is.
As always, it is a matter of use-cases and requirements.
And as always, what matters, is knowing how things work so to never be surprised when looking at an AS Path.
Ciao
IoSonoUmberto
IoSonoUnRouter 