Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Subscribe to our newsletter

Advertise on LowEndTalk.com

Latest LowEndBox Offers

    How to use a Single ASN across multiple locations for BGP session.
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    How to use a Single ASN across multiple locations for BGP session.

    indiavpsindiavps Member, Provider
    • If multiple locations are administered by a single entity, how we use single ASN for BGP session.
    • How the prefix can be announced to different peering ASN's (public) at multiple locations.
    • How this works on an incoming request.
    • Are we expected to get an issues

    Please share your views and suggestions.

    IndiaVPS.com | VPS, Dedicated & Colocation in India, US & Netherlands.

    Comments

    • PetaByetPetaByet Member
      edited October 2015

      @jphost said:

      • If multiple locations are administered by a single entity, how we use single ASN for BGP session.

      You just setup BGP sessions in each location.

      @jphost said:

      • How the prefix can be announced to different peering ASN's (public) at multiple locations.
      • How this works on an incoming request.
      • Are we expected to get an issues

      Please share your views and suggestions.

      That's something called Anycast. Requests are routed to the closest location.

      Thanked by 1indiavps

      PetaByet - Server Benchmarks + Free GeoIP API

      Run a benchmark today and compare with other users!

    • It's not a problem that you are using the same AS at multiple locations. The only problem could be that the different locations would not be able to see each other if there are no direct connections between the locations. To overcome this, you can do two things:

      1. Configure your neighbors with allows-as in.
      2. Accept default routes from your upstreams.

      Both would work well.

      Thanked by 2indiavps PetaByet

      -

    • The smallest block you can announce per location is a /24, using the same ASN though, yes.

      Thanked by 1indiavps

      Email Me: [email protected]
      | http://SwiftInternet.de

      320TB High Bandwidth Servers on 1Gbps, 2Gbps & 10Gbps! PCCW, NTT, Psychz Network Blend (+Addtl Upstreams Coming!)

    • indiavpsindiavps Member, Provider

      @PetaByet said: That's something called Anycast. Requests are routed to the closest location.

      I guess same IP prefix is advertised from multiple locations in anycast and user requests are routed based on routing protocol costs / 'health'. My case is like One ASN, different prefix from multiple geo location.

      @rds100 said: The only problem could be that the different locations would not be able to see each other.

      Thanks, Yes visibility among locations should be taken care.

      @ItsChrisG siad: The smallest block you can announce per location is a /24, using the same ASN though, yes.

      Right :)

      Could there be any thing more to be considered.

      IndiaVPS.com | VPS, Dedicated & Colocation in India, US & Netherlands.

    • ClouviderClouvider Member, Provider

      Other than heaving a messy setup, harder diagnostic in case of routing issues, and messing with all the BGP optimisers that some networks use, there are no issues in using the same ASN across many unconnected locations.

      Clouvider Leading UK Cloud Hosting solution provider || UK Dedicated Servers Sale || Tasty KVM Slices || Latest LET Offer

      Web hosting in Cloud | SSD & SAS True Cloud VPS on OnApp | Private Cloud | Dedicated Servers | Colocation | Managed Services

    • patrick7patrick7 Member, LIR

      Why a messy setup? I do the same since 1.5 years and I don't see anything that is harder to debug/configure. The only thing you have to configure is allow-asin.

      RIPE NCC member | IPv4 & IPv6 & ASN: https://www.ipv4.ch/ | 5x /24 available |

    • @rds100 said:
      It's not a problem that you are using the same AS at multiple locations. The only problem could be that the different locations would not be able to see each other if there are no direct connections between the locations. To overcome this, you can do two things:

      1. Configure your neighbors with allows-as in.
      2. Accept default routes from your upstreams.

      Both would work well.

      Nailed it :)

      Mind explaining the two options?

      PetaByet - Server Benchmarks + Free GeoIP API

      Run a benchmark today and compare with other users!

    • patrick7patrick7 Member, LIR

      If you have a fulltable and receive a route with your own ASN in the path, BGP usually drops this route (loop protection). That would mean, you cannot reach the second location as the route will not be installed. To prevent that, you can turn on allow-asin, then the route will be accepted.

      If you have a default route, that's not a problem as this route covers all traffic.

      RIPE NCC member | IPv4 & IPv6 & ASN: https://www.ipv4.ch/ | 5x /24 available |

    • ClouviderClouvider Member, Provider

      @patrick7 said:
      Why a messy setup? I do the same since 1.5 years and I don't see anything that is harder to debug/configure. The only thing you have to configure is allow-asin.

      Example situation:
      If I want to optimise routing between us, I will use communities. Traffic engineering communities are per ASN, and not per prefix, which makes it much harder or impossible to work towards better lately or avoiding packet loss between our networks if the 'default' route is problematic.

      Example 2:
      BGP optimisers using AS historical data to plan routing, by using the same AS in a non-anycasted network you break this feature too.

      Clouvider Leading UK Cloud Hosting solution provider || UK Dedicated Servers Sale || Tasty KVM Slices || Latest LET Offer

      Web hosting in Cloud | SSD & SAS True Cloud VPS on OnApp | Private Cloud | Dedicated Servers | Colocation | Managed Services

    • patrick7patrick7 Member, LIR
      edited October 2015

      How do you mean communities are per asn? I can set communities for each single prefix (example if I want to blackhole prefix 1.2.3.0/24 at level3, I set 3356:9999 on this prefix by route map / filter). Works perfect.

      RIPE NCC member | IPv4 & IPv6 & ASN: https://www.ipv4.ch/ | 5x /24 available |

    • ClouviderClouvider Member, Provider
      edited October 2015

      @patrick7 said:
      How do you mean communities are per asn? I can set communities for each single prefix (example if I want to blackhole prefix 1.2.3.0/24 at level3, I set 3356:9999 on this prefix by route map / filter). Works perfect.

      Yes. But when I want Level3 to prep end 3 times to you as I can see that you have problems with your Level3 connection, or there is a problem within Lecel3 between us I can't do it as it would also affects other PoPs.

      Level3 BGP traffic engineering communities (some of them)

      65001:0 - prepend once to all peers

      65001:XXX - prepend once at peerings to AS XXX

      65002:0 - prepend twice to all peers

      65002:XXX - prepend twice at peerings to AS XXX

      65003:0 - prepend 3x to all peers

      65003:XXX - prepend 3x at peerings to AS XXX

      65004:0 - prepend 4x to all peers

      65004:XXX - prepend 4x at peerings to AS XXX

      As you can see 'the other end', the community action is ASN dependant.

      Same if I see that my outgoing route to you is problematic. I won't engineer per single prefix, I will engineer per ASN. For example, Virgin Media has a problem with their peering at LINX today. Whatever is announced via Virgin Media's AS send via NTT.

      Setup that shares the ASN across many locations unconnected with each other is simply disturbing, or makes it impossible to engineer and may break the connection all together if say you have 7 locations and one of them is single homed to Level3 and I set a community to not announce my subnet to your ASN via Level3.

      There is a reason why you have different ASN's. If there wouldn't be, why wouldn't we just randomly select numbers, or simply ditch the ASN's all together?

      Their sole purpose is to identify network, and if you have 10 unconnected networks, you still have 10 Autonomus Systems, to make it neat and clean you should have a single ASN per each of your network that has a different network policy, especially that, for example in the RIPE region they are free.

      Thanked by 1singsing

      Clouvider Leading UK Cloud Hosting solution provider || UK Dedicated Servers Sale || Tasty KVM Slices || Latest LET Offer

      Web hosting in Cloud | SSD & SAS True Cloud VPS on OnApp | Private Cloud | Dedicated Servers | Colocation | Managed Services

    • patrick7patrick7 Member, LIR

      Yes, that's true. But it will never be reality that all ASN operators will announce a consistent set of routes at all locations to all peers.

      Thanked by 1Clouvider

      RIPE NCC member | IPv4 & IPv6 & ASN: https://www.ipv4.ch/ | 5x /24 available |

    Sign In or Register to comment.