Setting the AS_Path Attribute

The AS_Path attribute is used to prevent routing loops and control route selection.

Procedure

  • Enable a BGP device to accept the routes that contain the local AS number if the number of repetitions in each route is within a configured limit.

    Generally, BGP uses AS numbers to detect routing loops. In the Hub and Spoke networking, if EBGP runs between a Hub-PE and a Hub-CE at a Hub site, a route sent from the Hub-PE to the Hub-CE carries the AS number of the Hub-PE. If the Hub-CE sends an Update message that contains the AS number of the Hub-PE to the Hub-PE, the Hub-PE will deny it.

    To ensure proper route transmission in the Hub and Spoke networking, configure all the BGP peers on the path, along which the Hub-CE advertises VPN routes to the Spoke-CE, to accept the routes that contain the local AS number if the number of repetitions in each route is within the default limit (1).

    1. Run system-view

      The system view is displayed.

    2. Run bgp as-number

      The BGP view is displayed.

    3. Run ipv4-family unicast

      The IPv4 unicast address family view is displayed.

    4. Run peer { ipv4-address | group-name } allow-as-loop [ number ]

      The device is enabled to accept BGP routes that contain the local AS number as long as the number of repetitions in each route is within the configured limit.

      In most cases, a BGP device checks the AS_Path attribute of a route received from a peer. If the local AS number is carried by the route, the BGP device discards this route to avoid routing loops.

      In some special applications, you can use this command to allow the AS_Path attribute of a route received from a peer to contain the local AS number and set the allowed number of repeated local AS numbers.

    5. Run commit

      The configuration is committed.

  • Enable the local device to ignore the AS_Path attribute during route selection.
    1. Run system-view

      The system view is displayed.

    2. Run bgp as-number

      The BGP view is displayed.

    3. Run ipv4-family unicast

      The IPv4 unicast address family view is displayed.

    4. Run bestroute as-path-ignore

      The local device is enabled to ignore the AS_Path attribute when selecting the optimal route.

    5. Run commit

      The configuration is committed.

  • Configure a fake AS number.
    1. Run system-view

      The system view is displayed.

    2. Run bgp as-number

      The BGP view is displayed.

    3. Run peer { ipv4-address | group-name } fake-as fake-as-value [ dual-as ] [ prepend-global-as ] [ prepend-fake-as ]

      A fake AS number is configured.

      The actual AS number can be hidden by using this command.

      EBGP peers in other ASs can learn only this fake AS number. The peers in other ASs use the fake AS number as the AS number of the local peer.

      The peer fake-as command is applicable only to EBGP peers.

    4. Run commit

      The configuration is committed.

  • Substitute the AS numbers in the AS_Path attribute.

    In a BGP/MPLS IP VPN scenario, if the ASs to which two VPN sites belong use private AS numbers, the AS numbers of the two VPN sites may be the same. If a CE in a VPN site sends a VPN route to the connected PE using EBGP and the PE then sends the route to the remote PE, the remote CE will discard the route because the AS number carried by the route is the same as the local AS number. As a result, different sites of the same VPN cannot communicate. The peer substitute-as command can be used on the PE to enable AS number substitution to address this problem. After that, the PE replaces the AS number carried in the VPN route with the local AS number. As a result, the remote CE will not discard the route due to identical AS numbers.

    On a BGP public network, two devices have the same AS number and the same EBGP peer. After one of the two devices learns a route of the other device from the EBGP peer, the route is discarded because it carries an AS number that is the same as the local one. To address this problem, run the peer substitute-as command on the EBGP peer.

    Configuring the peer substitute-as command may cause a routing loop. Therefore, exercise caution when running this command.

    1. Run system-view

      The system view is displayed.

    2. Run bgp as-number

      The BGP view is displayed.

    3. Run ipv4-family { vpn-instance vpn-instance-name | unicast }

      The BGP-VPN instance IPv4 address family view or BGP-IPv4 unicast address family view is displayed.

    4. Run peer { ipv4-address | group-name } substitute-as

      The device is enabled to replace a specified peer or peer group's AS number in the AS_Path attribute with the local AS number.

    5. Run commit

      The configuration is committed.

  • Enable the device to remove all the private AS numbers from the AS_Path attribute in BGP Update messages.
    1. Run system-view

      The system view is displayed.

    2. Run bgp as-number

      The BGP view is displayed.

    3. Run ipv4-family unicast

      The IPv4 unicast address family view is displayed.

    4. Run the peer { ipv4-address | group-name } public-as-only [ force [ replace ] [ include-peer-as ] | limited [ replace ] [ include-peer-as ] ] command to configure the AS_Path attribute in the BGP Update messages to be sent to carry only public AS numbers. Alternatively, run the peer { ipv4-address | group-name } public-as-only import [ force ] command to configure the device to remove all the private AS numbers from the AS_Path attribute in received BGP Update messages.

      Generally, AS numbers range from 1 to 4294967295, including public AS numbers, private AS numbers, and reserved AS numbers. Private AS numbers range from 64512 to 65534. The AS numbers 65535 and 4294967295 are reserved for special applications. Other AS numbers are public AS numbers.

      If the 4-byte private AS number capability is enabled using the private-4-byte-as enable command, in addition to the range from 64512 to 65534, the private AS number range also includes 4200000000 to 4294967294 (or 64086.59904 to 65535.65534).

      Public AS numbers can be used on the Internet, and are assigned and managed by the Internet Assigned Number Authority (IANA). Private AS numbers cannot be advertised to the Internet, and are used only within ASs.

      Generally, BGP routes to be advertised to peers carry either public or private AS numbers, or both. In certain cases, private AS numbers do not need to be advertised. In this case, you can run this command to configure the AS_Path attribute to carry only public AS numbers.

    5. Run commit

      The configuration is committed.

  • Set the maximum number of AS numbers in the AS_Path attribute.
    1. Run system-view

      The system view is displayed.

    2. Run bgp as-number

      The BGP view is displayed.

    3. Run as-path-limit limit

      The maximum number of AS numbers allowed in the AS_Path attribute is set.

      After the as-path-limit command is run, a device checks whether the number of AS numbers in the AS_Path attribute of a received route exceeds the maximum value. If the number of AS numbers exceeds the maximum value, the device discards the route. Therefore, if the maximum number of AS numbers allowed in the AS_Path attribute is set to an excessively small value, routes may be discarded.

    4. Run commit

      The configuration is committed.

  • Disable the BGP device from checking the first AS number contained in the AS_Path attribute of each Update message received from an EBGP peer.
    1. Run system-view

      The system view is displayed.

    2. Run bgp as-number

      The BGP view is displayed.

    3. Run undo check-first-as

      The BGP device is disabled from checking the first AS number in the AS_Path attribute that is carried in each Update message received from an EBGP peer.

      Exercise caution when running the undo check-first-as command because use of this command may cause routing loops.

    4. Run commit

      The configuration is committed.

      After the configuration is complete, run the refresh bgp command to check the received routes again.

  • Enable the device to check or disable the device from checking the first AS number in the AS_Path attribute contained in the Update messages received from a specified EBGP peer or peer group.
    1. Run system-view

      The system view is displayed.

    2. Run bgp as-number

      The BGP view is displayed.

    3. Run peer { group-name | ipv4-address } check-first-as { enable | disable }

      The device is enabled to check or disabled from checking the first AS number in the AS_Path attribute contained in each Update message received from a specified EBGP peer or peer group.

      If the peer check-first-as enable command is run, the device checks whether the first AS number in the AS_Path attribute contained in the update messages received from the specified EBGP peer or peer group is the number of the AS where the EBGP peer or peer group resides. If the two AS numbers are different, the local device discards the update messages. If the peer check-first-as disable command is run, the device accepts all update messages received from the specified EBGP peer or peer group, regardless whether the two AS numbers are the same. If the undo peer check-first-as disable command is run, the default configuration takes effect.

      The check function can be configured for a specified EBGP peer, peer group, or for BGP as a whole. If the function is not configured for a specified EBGP peer, the device checks whether the function is configured for the related peer group; if the function is not configured for the peer group, the device checks whether the function is configured in the BGP view.

    4. Run commit

      The configuration is committed.

      After the configuration is complete, run the refresh bgp command to check the received routes again.

Parent Topic: Configuring BGP Route Attributes
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >