BGP routing ARIN space in APNIC region
Jon Lewis
jlewis at lewis.org
Fri Jun 16 03:39:31 UTC 2023
On Fri, 9 Jun 2023, Matthew Petach wrote:
> I previously wrote:
> Every platform I've used has a knob for turning off / relaxing as-path
> loop detection. Note, for some platforms (at least Juniper), you may also
> have to have your upstream provider "advertise-peer-as", though I suspect
> it's highly unlikely you'd have BGP service from the same upstream in both
> CA and PH...so this won't likely be an issue.
>
> I'd recommend this be treated as a "BGP 201" level exercise, not a "BGP 101" knob to turn.
>
> If you're asking for advice from the NANOG mailing list about how to best set up your first
> "remote" network location, you're in BGP 101 territory, and probably shouldn't be
> disabling as-path loop detection as a general rule. ^_^;
>
> No knock on you, just that it's probably best not to do that until you're a lot more
> comfortable with the potential gotchas that can result from making changes to the
> default BGP protocol behaviour on your border routers.
Funny timing on this. Work somewhat recently opened a few new "island
POPs", each with the same couple of transit providers and no backbone.
While looking into something else, I realized one of our transits is not
advertising any of these sites' routes to the other sites. MAC address
lookup suggests they're running Cisco gear. Googling suggests that IOS XR
has added the functionality I thought was unique to Juniper of not
advertising routes to an eBGP neighbor if those routes were received from
the neighbor's ASN.
Juniper at least had the good sense to make this behavior configurable
down to the individual neighbor. IOS XR apparently only lets you turn off
this behavior at the address-family level. If the provider isn't willing
to make a change like this, we may have to ask APNIC for a few ASNs...and
it may be time to stop the practice of using the same ASN in all our
islands.
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
StackPath, Sr. Neteng | therefore you are
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG
mailing list