BGP IPv4 - Remove Private AS

Download

Remove Private AS

BGP IPv4 Remove Private AS is a feature that addresses the need to filter out private Autonomous System (AS) numbers from BGP updates. Private AS numbers, as defined by RFC 6996, are reserved for use within a single organization and are not globally unique. When implementing BGP routing, it is essential to prevent the propagation of these private AS numbers to external networks. The "BGP IPv4 Remove Private AS" functionality allows network administrators to selectively remove private AS numbers from BGP updates, ensuring that only valid and globally recognized AS numbers are advertised to the wider Internet. This feature enhances routing integrity and conformity to established BGP best practices.

Lab:

BGP Topology

Disclaimer

This Configuration Guide is designed to assist members to enhance their skills in particular technology area. While every effort has been made to ensure that all material is as complete and accurate as possible, the enclosed material is presented on an “as is” basis. Neither the authors nor Forum assume any liability or responsibility to any person or entity with respect to loss or damages incurred from the information contained in this guide. This configuration guide was developed by Forum. Any similarities between material presented in this configuration guide and any other material is completely coincidental.

Cisco IOS Software, Linux Software (I86BI_LINUX-ADVENTERPRISEK9-M), Version 15.2(4)M1, DEVELOPMENT TEST SOFTWARE

Task 1: Configure IPv4 BGP Remove Private AS

Step 1: In the configuration mode of router configure IPv4 BGP Process by following command:

R1: 
interface Serial2/0
ip address 12.0.0.1 255.255.255.0
no shutdown
interface Loopback1
ip address 11.11.11.11 255.255.255.0

router bgp 1
neighbor 12.0.0.2 remote-as 2
address-family ipv4
network 11.11.11.0 mask 255.255.255.0
exit

Configures Router 1 as an eBGP neighbor in Public AS 1

R2: 
interface Serial2/0
ip address 12.0.0.2 255.255.255.0
no shutdown
interface Ethernet0/0
ip address 23.0.0.2 255.255.255.0
no shutdown
interface Loopback1
ip address 22.22.22.22 255.255.255.0

router bgp 2
neighbor 12.0.0.1 remote-as 1
neighbor 23.0.0.3 remote-as 65000
address-family ipv4
network 22.22.22.0 mask 255.255.255.0 
exit

Configures Router 2 as an eBGP neighbor in Public AS 2

R3: 
interface Ethernet0/0
ip address 23.0.0.3 255.255.255.0
no shutdown
interface Loopback1
ip address 33.33.33.33 255.255.255.0

router bgp 65000
neighbor 23.0.0.2 remote-as 2
address-family ipv4
network 33.33.33.0 mask 255.255.255.0
exit

Configures Router 3 as an eBGP neighbor in Private AS 65000

		
R1:
R1#show bgp ipv4 unicast
BGP table version is 5, local router ID is 11.11.11.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          	Next Hop        Metric  	LocPrf  	Weight  	Path
 *>  11.11.11.0/24    	0.0.0.0           0         	        32768 	     i
 *>  22.22.22.0/24    	12.0.0.2          0             	      0 	    2 i
 *>  33.33.33.0/24    	12.0.0.2          0 			                    2 65000 i
		
Network 33.33.33.0/24 is received by R1 via 2 65000 i

Step 2: Configure IPv4 BGP Remove Private AS on router R2

R2:
router bgp 2
neighbor 12.0.0.1 remote-as 1
address-family ipv4
neighbor 12.0.0.1 remove-private-as	//Removes the private AS numbers from outgoing eBGP updates

Step 3: Verify BGP Remove Private AS on router R1

R2#debug ip bgp updates
BGP updates debugging is on for address family: IPv4 Unicast
*Oct  8 10:30:15.822: BGP(0): (base) 23.0.0.3 send unreachable (format) 33.33.33.0/24
*Oct  8 10:30:15.822: BGP(0): (base) 23.0.0.3 send UPDATE (format) 11.11.11.0/24, next 23.0.0.2, metric 0, path 1
*Oct  8 10:30:15.822: BGP(0): (base) 23.0.0.3 send UPDATE (format) 22.22.22.0/24, next 23.0.0.2, metric 0, path Local
*Oct  8 10:30:44.960: BGP(0): (base) 12.0.0.1 send UPDATE (format) 33.33.33.0/24, next 12.0.0.2, metric 0, path 65000
*Oct  8 10:30:44.960: BGP(0): (base) 12.0.0.1 send unreachable (format) 11.11.11.0/24
*Oct  8 10:30:44.960: BGP(0): (base) 12.0.0.1 send UPDATE (format) 22.22.22.0/24, next 12.0.0.2, metric 0, path Local


R1#show bgp ipv4 unicast
BGP table version is 5, local router ID is 11.11.11.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          	Next Hop       Metric   	LocPrf	    Weight      Path
 *>  11.11.11.0/24    	0.0.0.0           0                     32768 	     i
 *>  22.22.22.0/24    	12.0.0.2          0             	      0 	    2 i
 *>  33.33.33.0/24    	12.0.0.2                               	  0 	    2 i

Network 33.33.33.0/24 is received by R1 via 2 i. Thus Private AS has been removed by router R2 for router R1