Sunday, March 31, 2019

Re: openbgpd; strip private ASNs from bgp updates

On 2019-03-31, Remi Locherer <remi.locherer@relo.ch> wrote:
> On Sun, Mar 31, 2019 at 01:09:06PM +0200, Claudio Jeker wrote:
>> On Fri, Mar 29, 2019 at 08:36:26AM +0100, openbsd@kene.nu wrote:
>> > I forgot to add to my previous email. One thing that could be useful
>> > in this case is to mimic the Cisco option "neighbor x.x.x.x
>> > remove-private-as" which removes any private ASes from the path on any
>> > updates to a peer. Just throwing it out there, cant be a very
>> > difficult option to implement I guess?
>>
>> I think changing the AS PATH is a bad thing, removing elements from your
>> AS path has a major impact on the route selection and opens doors for
>> routing loops. In general I will only add features like 'as-override' when
>> there is a clear reason why it is needed.
>> So my question is, why do you need to use private AS numbers in your
>> internal network?
>
> It's common to use private AS numbers in data center networks for Clos
> topologies (one AS number per leaf switch and one for all spine switches
> because of ECMP).
>
> Private AS numbers are also used for large DMVPN deployments.

Also if you have a downstream with two connections to your network, that
isn't eligible to get a public ASN (e.g. doesn't have a second upstream
provider).

No comments:

Post a Comment