BGP allowas-in
Customer use same AS number in MPLS-VPN
・ISP provides MPLS-VPN as AS1234 ・Customer use BGP as AS65000 ・Each Customer's site use same AS number
Initial Set Up(excerpt only BGP)
PE1 router bgp 1234 no bgp default ipv4-unicast neighbor 10.10.10.10 remote-as 1234 neighbor 10.10.10.10 update-source Loopback0
address-family vpnv4 neighbor 10.10.10.10 activate neighbor 10.10.10.10 send-community extended neighbor 10.10.10.10 next-hop-self exit-address-family
address-family ipv4 vrf IP-VPN-A neighbor 10.99.1.2 remote-as 65000 neighbor 10.99.1.2 activate exit-address-family
PE2 router bgp 1234 no bgp default ipv4-unicast neighbor 10.10.10.10 remote-as 1234 neighbor 10.10.10.10 update-source Loopback0
address-family vpnv4 neighbor 10.10.10.10 activate neighbor 10.10.10.10 send-community extended exit-address-family
address-family ipv4 vrf IP-VPN-B neighbor 10.99.2.2 remote-as 65000 neighbor 10.99.2.2 activate neighbor 10.99.2.2 as-override exit-address-family
RR router bgp 1234 no bgp default ipv4-unicast neighbor iBGP peer-group neighbor iBGP remote-as 1234 neighbor iBGP update-source Loopback0 neighbor 1.1.1.1 peer-group iBGP neighbor 2.2.2.2 peer-group iBGP
address-family vpnv4 neighbor iBGP send-community extended neighbor iBGP route-reflector-client neighbor 1.1.1.1 activate neighbor 2.2.2.2 activate exit-address-family
CE1 router bgp 65000 network 10.0.0.0 mask 255.255.255.0 neighbor 10.99.1.1 remote-as 1234
CE2 router bgp 65000 network 172.16.0.0 mask 255.255.255.0 neighbor 10.99.2.1 remote-as 1234
CE1#sh ip route bgp
(none)
CE1#sh ip bgp summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 10.99.1.1 4 1234 51 49 2 0 0 00:40:27 0
CE1#sh ip bgp
Network Next Hop Metric LocPrf Weight Path *> 10.0.0.0/24 0.0.0.0 0 32768 i
CE1 doesn't have a route to CE2.
CE2#sh ip route bgp
(none)
CE2#sh ip bgp summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 10.99.2.1 4 1234 51 52 8 0 0 00:40:56 0
CE2#sh ip bgp
Network Next Hop Metric LocPrf Weight Path *> 172.16.0.0/24 0.0.0.0 0 32768 i
They did not recieve other CE prefix.
PE1#sh bgp vpnv4 unicast all neighbors 10.99.1.2 advertised-routes
Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 65000:1 (default for vrf IP-VPN-A) *>i 172.16.0.0/24 2.2.2.2 0 100 0 65000 i
PE1 had advertised prefix to CE1.
CEs don't receive its prefix because it has same AS path.
AS path is used not only to indicate where its prefix was passed through, but also to prevent a routing loop.
A router don't receive prefix which includes own AS number to AS path.
Configure allowas-in command on CEs
CE1 router bgp 65000 neighbor 10.99.1.1 allowas-in
CE2 router bgp 65000 neighbor 10.99.2.1 allowas-in
CE1#sh ip bgp summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 10.99.1.1 4 1234 76 70 3 0 0 00:58:24 1
CE1#sh ip bgp
Network Next Hop Metric LocPrf Weight Path *> 10.0.0.0/24 0.0.0.0 0 32768 i *> 172.16.0.0/24 10.99.1.1 0 1234 65000 i
CE1#sh ip route bgp
172.16.0.0/24 is subnetted, 1 subnets B 172.16.0.0 [20/0] via 10.99.1.1, 00:18:08
CE2#sh ip bgp summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 10.99.2.1 4 1234 90 89 9 0 0 01:14:29 1
CE2#sh ip bgp
Network Next Hop Metric LocPrf Weight Path *> 10.0.0.0/24 10.99.2.1 0 1234 65000 i *> 172.16.0.0/24 0.0.0.0 0 32768 i
CE2#sh ip route bgp
10.0.0.0/8 is variably subnetted, 3 subnets, 3 masks B 10.0.0.0/24 [20/0] via 10.99.2.1, 00:16:55
CE1#traceroute 172.16.0.1 source 10.0.0.1 Type escape sequence to abort. Tracing the route to 172.16.0.1 VRF info: (vrf in name/id, vrf out name/id) 1 10.99.1.1 236 msec 152 msec 108 msec 2 192.168.1.10 [MPLS: Labels 16/20 Exp 0] 208 msec 128 msec 120 msec 3 10.99.2.1 [MPLS: Label 20 Exp 0] 152 msec 216 msec 112 msec 4 10.99.2.2 180 msec 176 msec 148 msec
CEs that configured allowas-in command can receive prefixes
which has same AS number in AS path.
