Network migration or merger with BGP Local-AS feature

From CT3

(Redirected from BGP Local-AS feature)
Jump to: navigation, search

By Ivan Pepelnjak

The BGP Local-AS feature of Cisco IOS allows a BGP-speaking router to impersonate an autonomous system different from the one configured with the router bgp global configuration command. Its primary use was to facilitate seamless AS mergers, later additions made it useful in AS renumbering scenarios.

The BGP Local-AS feature is configured with the neighbor ip-address local-as as-number [no-prepend [replace-as [dual-as]]] router configuration command. The original feature has been introduced in IOS release 12.0S and 12.0T, the no-prepend keyword was added in 12.2(8)T, 12.2(14)S and 12.0(18)S. IOS releases 12.3(11)T, 12.0(27)S and 12.2(25)S added the replace-as and dual-as keywords to support AS renumbering. The full functionality is thus available in IOS releases 12.4, 12.4T and all branches of 12.2S (including 12.2SR).

Contents

Typical network migration usage scenario

The BGP Local-AS functionality was designed to ease network migration in ISP merger/acquisition scenarios. For example, assume that ISP B (AS 64510) is merging with ISP A (AS 64500).

Figure 1: Testbed diagram and addressing

When the routers in AS 64510 are moved into AS 64500, the EBGP peering sessions with the customers have to be reconfigured on the customer’s side, requiring significant coordination and planning efforts. The Local-AS feature allows the migrated PE routers to participate in AS 64500 while impersonating AS 64510 toward the customers’ CE routers.

Figure 2: R1 and R2 impersonate AS 64510 toward CE routers

The routers using the Local-AS feature retain the information that the BGP routes have passed the local AS in the AS-path. They prepend local-AS in inbound EBGP updates and prepend both actual AS number and local-AS number in outbound EBGP updates.

Figure 3: AS-path processing in the migrated network

Sample network migration and monitoring

The migration of our test network is performed in these steps:

  1. OSPF is established between ISPA, R1 and R2.
  2. EBGP session between ISPA and R1 is changed into an IBGP session.
  3. Complete BGP configuration has to be removed and reconfigured on R1 and R2 (it’s impossible to change the BGP AS number once the BGP routing process has started). Changes in BGP configuration on R1 and R2 might also involve changes in inbound AS-path filters.
  4. A new structure of IBGP sessions has to be established between old and new members of AS 64500. In the test network, R1 will be configured as a route reflector and ISPA and R2 as its clients, resulting in no extra IBGP sessions and minimal configuration changes. You can expect more extensive changes in an actual production network.
Network migration is a usually complex process requiring thorough design, migration plan and acceptance and fallback procedures. If you need consulting, network design or project management/deployment services, contact NIL's Professional Services team

BGP topology prior to network migration

The following printouts contain the state of the BGP routing tables (RIB) on all routers in the test network prior to the network migration. You can use these tables to compare the initial network state with the migration results.

BGP routing table on ISPA

ISPA#show ip bgp | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.6.6.0/24      0.0.0.0                  0         32768 i
*> 10.8.8.0/24      10.0.7.2                               0 64510 65000 i
*> 10.9.9.0/24      10.0.7.2                               0 64510 65100 i 

BGP routing table on R1

R1#show ip bgp | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.6.6.0/24      10.0.7.1                 0             0 64500 i
*> 10.8.8.0/24      10.0.7.6                 0             0 65000 i
*>i10.9.9.0/24      10.0.7.10                0    100      0 65100 i 

BGP routing table on R2

R2#show ip bgp | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*>i10.6.6.0/24      10.0.7.1                 0    100      0 64500 i
*>i10.8.8.0/24      10.0.7.6                 0    100      0 65000 i
*> 10.9.9.0/24      10.0.7.10                0             0 65100 i 

BGP routing table on CustA

CustA#show ip bgp | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.6.6.0/24      10.0.7.5                               0 64510 64500 i
*> 10.8.8.0/24      0.0.0.0                  0         32768 i
*> 10.9.9.0/24      10.0.7.5                               0 64510 65100 i 

BGP routing table on CustB

CustB#show ip bgp | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.6.6.0/24      10.0.7.9                               0 64510 64500 i
*> 10.8.8.0/24      10.0.7.9                               0 64510 65000 i
*> 10.9.9.0/24      0.0.0.0                  0         32768 i 

Router configuration changes

The OSPF process is started on ISPA and run on the WAN link between ISPA and R1. Furthermore, the EBGP session between ISPA and R1 is converted into an IBGP session (the neighbor AS number is changed in the BGP configuration):

Configuration changes on ISPA

router bgp 64500
 neighbor 10.0.7.2 remote-as 64500
!
router ospf 1
 passive-interface default 
 no passive-interface Serial1/0 
 network 0.0.0.0 255.255.255.255 area 0 

More extensive changes are needed on R2: the whole BGP configuration has to be removed and a new BGP process started with a different AS number. Local AS is configured on customer EBGP sessions to avoid configuration changes on customer’s end.

Configuration changes on R2

no router bgp 64510
!
router bgp 64500
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.7.10 remote-as 65100
 neighbor 10.0.7.10 local-as 64510
 neighbor 10.2.1.1 remote-as 64500
 no auto-summary 

R1 requires changes in OSPF as well as BGP configuration. OSPF has to be enabled on the WAN link between R1 and ISPA. EBGP configuration has to be reentered with a different AS number. Customer EBGP sessions need local AS number and the IBGP sessions are configured as route reflector server-to-client sessions.

Configuration changes on R1

no router bgp 64510
!
router bgp 64500
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.7.1 remote-as 64500
 neighbor 10.0.7.1 route-reflector-client
 neighbor 10.0.7.6 remote-as 65000
 neighbor 10.0.7.6 local-as 64510
 neighbor 10.2.1.2 remote-as 64500
 neighbor 10.2.1.2 route-reflector-client
 no auto-summary
!
router ospf 1
 no passive-interface Serial1/0 

No configuration changes are needed on the customers’ CE routers.

BGP topology after the network migration

BGP tables on ISPA are the least affected by the network migration. The only noticeable change is a different next-hop for routes received from CustB via R2. Previously the next-hop was changed by the EBGP session between ISPA and R1, now it’s propagated unchanged across AS 64500. The AS paths for IP prefixes received from the customers are also unchanged: they look like they would still pass through AS 64510 due to inbound prepending of Local AS.

BGP routing table on ISPA (after migration)

ISPA#show ip bgp | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.6.6.0/24      0.0.0.0                  0         32768 i
*>i10.8.8.0/24      10.0.7.6                 0    100      0 64510 65000 i
*>i10.9.9.0/24      10.0.7.10                0    100      0 64510 65100 i 

The changes on R1 and R2 are also minor – as they belong to the same AS as ISPA, the IP prefix advertised by ISPA has become an internal BGP route with an empty AS path:

BGP routing table on R1 (after migration)

R1#show ip bgp | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*>i10.6.6.0/24      10.0.7.1                 0    100      0 i
*> 10.8.8.0/24      10.0.7.6                 0             0 64510 65000 i
*>i10.9.9.0/24      10.0.7.10                0    100      0 64510 65100 i 

BGP routing table on R2 (after migration)

R2#show ip bgp | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*>i10.6.6.0/24      10.0.7.1                 0    100      0 i
*>i10.8.8.0/24      10.0.7.6                 0    100      0 64510 65000 i
*> 10.9.9.0/24      10.0.7.10                0             0 64510 65100 i 

The migration effects on the customer routers are more dramatic. The AS paths of prefixes originated in AS 64500 (and any network beyond AS 64500) are unchanged, but the paths to other customers of ISPB have changed significantly. Before the migration the path between CustA and CustB passed only through AS 64510. Now it looks like it passes through two copies of AS 64510 (due to inbound and outbound prepending of Local AS) as well as through the AS 64500 (the actual AS of ISPA).

Modified BGP routing table on CustA

CustA#show ip bgp | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.6.6.0/24      10.0.7.5                               0 64510 64500 i
*> 10.8.8.0/24      0.0.0.0                  0         32768 i
*> 10.9.9.0/24      10.0.7.5                               0 64510 64500 64510 65100 i 

Modified BGP routing table on CustB

CustB#show ip bgp | begin Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 10.6.6.0/24      10.0.7.9                               0 64510 64500 i
*> 10.8.8.0/24      10.0.7.9                               0 64510 64500 64510 65000 i
*> 10.9.9.0/24      0.0.0.0                  0         32768 i 
The longer AS paths observed by the customer routers might affect their outbound route selection (if they do load balancing based on AS-path lengths) or even the route availability if the customers use inbound AS-path filters.

Initial router configurations

Initial configuration of ISPA

version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISPA
!
boot-start-marker
boot-end-marker
!
logging buffered 4096
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
interface Loopback0
 ip address 10.0.1.1 255.255.255.255
!
interface Serial1/0
 description Link to R1(ISP-B) s1/0
 ip address 10.0.7.1 255.255.255.252
 encapsulation ppp
 serial restart-delay 0
!
router bgp 64500
 no synchronization
 bgp log-neighbor-changes
 network 10.6.6.0 mask 255.255.255.0
 neighbor 10.0.7.2 remote-as 64510
 no auto-summary
!
ip classless
ip route 10.6.6.0 255.255.255.0 Null0
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 transport preferred none
 stopbits 1
!
ntp logging
end 

Initial configuration of R1

version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
logging buffered 4096
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
interface Loopback0
 ip address 10.0.1.2 255.255.255.255
!
interface FastEthernet0/0
 description LAN 1 (R2)
 ip address 10.2.1.1 255.255.255.0
 speed auto
 duplex auto
!
interface Serial1/0
 description Link to ISPA s1/0
 ip address 10.0.7.2 255.255.255.252
 encapsulation ppp
 serial restart-delay 0
!
interface Serial1/1
 description Link to CustA s1/0
 ip address 10.0.7.5 255.255.255.252
 encapsulation ppp
 serial restart-delay 0
!
router ospf 1
 log-adjacency-changes
 passive-interface default
 no passive-interface FastEthernet0/0
 network 0.0.0.0 255.255.255.255 area 0
!
router bgp 64510
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.7.1 remote-as 64500
 neighbor 10.0.7.6 remote-as 65000
 neighbor 10.2.1.2 remote-as 64510
 no auto-summary
!
ip classless
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 transport preferred none
 stopbits 1
!
ntp logging
end 

Initial configuration of R2

version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
logging buffered 4096
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
interface Loopback0
 ip address 10.0.1.3 255.255.255.255
!
interface FastEthernet0/0
 description LAN 1 (R1)
 ip address 10.2.1.2 255.255.255.0
 speed auto
 duplex auto
!
interface Serial1/1
 description Link to CustB s1/0
 ip address 10.0.7.9 255.255.255.252
 encapsulation ppp
 serial restart-delay 0
!
router ospf 1
 log-adjacency-changes
 passive-interface default
 no passive-interface FastEthernet0/0
 network 0.0.0.0 255.255.255.255 area 0
!
router bgp 64510
 no synchronization
 bgp log-neighbor-changes
 neighbor 10.0.7.10 remote-as 65100
 neighbor 10.2.1.1 remote-as 64510
 no auto-summary
!
ip classless
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 transport preferred none
 stopbits 1
!
ntp logging
end 

Configuration of Customer A

version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CustA
!
logging buffered 4096
!
no aaa new-model
ip subnet-zero
!
ip cef
!
interface Loopback0
 ip address 10.0.1.4 255.255.255.255
!
interface Serial1/0
 description Link to R1 s1/1
 ip address 10.0.7.6 255.255.255.252
 encapsulation ppp
 serial restart-delay 0
!
router bgp 65000
 no synchronization
 bgp log-neighbor-changes
 network 10.8.8.0 mask 255.255.255.0
 neighbor 10.0.7.5 remote-as 64510
 no auto-summary
!
ip classless
ip route 10.8.8.0 255.255.255.0 Null0
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 transport preferred none
 stopbits 1
!
ntp logging
end 

Configuration of Customer B

version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CustB
!
logging buffered 4096
!
no aaa new-model
ip subnet-zero
!
ip cef
no ip domain lookup
!
interface Loopback0
 ip address 10.0.1.5 255.255.255.255
!
interface Serial1/0
 description Link to R2 s1/1
 ip address 10.0.7.10 255.255.255.252
 encapsulation ppp
 serial restart-delay 0
!
router bgp 65100
 no synchronization
 bgp log-neighbor-changes
 network 10.9.9.0 mask 255.255.255.0
 neighbor 10.0.7.9 remote-as 64510
 no auto-summary
!
ip classless
ip route 10.9.9.0 255.255.255.0 Null0
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
 transport preferred none
 stopbits 1
!
ntp logging
end 

Additional Resources  

Configuring BGP on Cisco Routers (BGP) course
Other links
Personal tools

CT3

Main menu