Single AS Number for multiple prefixes in different country
Patrick W. Gilmore
patrick at ianai.net
Mon Jan 17 02:20:32 CST 2011
On Jan 17, 2011, at 12:32 AM, Michel de Nostredame wrote:
> On Fri, Jan 14, 2011 at 12:30 PM, Patrick W. Gilmore <patrick at ianai.net> wrote:
>> On Jan 14, 2011, at 11:03 AM, Michel de Nostredame wrote:
>>> On Fri, Jan 14, 2011 at 3:33 AM, Bogdan <shoshon at shoshon.ro> wrote:
>>>> allowas-in will do the trick
>>> Provided your uplink ISP does not filter out that.
>> Why would your upstream filter that out?
>> I would get a new upstream if they do.
> According to Juniper junos document,
> "BGP checks whether the neighboring AS matches the AS of the external
> peer to which the router is advertising. If there is a match, the
> route advertisement is suppressed. Advertisement suppression is
> enabled by default for BGP peers configured in non-VPN routing and
> forwarding (VRF) instances, including the master instance."
I do not think that paragraph means what you think it means.
I've seen my own AS in full tables from upstreams using Juniper routers many times.
> We may not able to assume all ISP willing to or by-default add
> "advertise-peer-as" into configuration if they use a Juniper router.
> Also we may not able to assume ISP will not put a policy/route-map to
> prevent route been advertised to the same AS.
> If there is a need to use single-AS in multiple sites and these sites
> need to communicate each other via Internet ISP, statically route
> traffic to Internet (or a default route to Internet) would be safer.
> If there is a need on this kind of communication, or the communication
> been done via a tunnel with both sides using ISP's IP (interface IP)
> as tunnel source, then there should have no risk to use single-AS in
> multiple sites in terms of connectivity.
More information about the NANOG