9.6 BGP Attributes  
  9.6.6 AS_Path and private AS numbers  
In an effort to conserve AS numbers, customers whose routing policies are an extension of the policies of their provider generally are not assigned a legal AS number. Therefore, if a customer is single-homed or multihomed to the same provider, the provider generally requests that the customer use an AS number taken from the private pool, 64,512 to 65,535. As such, all BGP updates that the provider receives from its customer contain private AS numbers.

Private AS numbers cannot be advertised to the Internet because they are not unique. For this reason, Cisco has implemented a feature to strip private AS numbers out of the AS_Path list before the routes get propagated to the Internet.

In Figure , AS1 is providing Internet connectivity to its customer AS 65001. Because the customer connects to only this provider and has no plans to connect to an additional provider in the near future, the customer has been allocated a private AS number. Should the customer need connectivity to another provider, a legal AS number must be assigned.

Prefixes originating from AS65001 have an AS_Path of 65001. Notice the prefix 172.16.220.0/24 as it leaves AS65001. For AS1 to propagate the prefix to the Internet, it would have to strip the private AS number. When the prefix reaches the Internet, it would look like it has originated from the provider's AS. Notice how prefix 172.16.220.0/24 has reached the network access point (NAP) with AS_Path 1.

BGP will strip private AS numbers only when propagating updates to the external peers. This means that the AS stripping would be configured on RTB as part of its neighbor connection to RTC.

Privately numbered autonomous systems should be used only when connected to a single provider. If the AS_Path contains a mixture of private and legal AS numbers, BGP will view this as an illegal design. BGP will not strip the private AS numbers from the list, and the update will be treated as usual. Only AS_Path lists that contain private AS numbers in the range 64,512 to 65,535 are stripped.

The example that follows demonstrates how BGP can be configured to prevent the leakage of private AS numbers into the Internet.

RTB(config)#router bgp 1
RTB(config-router)#neighbor 172.16.20.2 remote-as 65001
RTB(config-router)#neighbor 192.168.6.3 remote-as 7
RTB(config-router)#neighbor 192.168.6.3 remove-private-as

Notice how RTB is using the remove-private-as keyword in its neighbor connection to AS7.

 

Lab Activity

e-Lab Activity: AS_Path and Private AS Numbers

This lab is to strip private AS numbers before propagating updates to external pairs.

    
 

Web Links

Configuring BGP

http://www.cisco.com/univercd/cc/td/doc/product/ software/ios122/122cgcr/fipr_c/ipcprt2/1cfbgp.htm