In the previous blog, we discussed, how to configure weight attribute. Now when I started to prepare the design for the next attribute, I felt that, let’s first clear about transit AS.
By default, eBGP peers share all routes/prefixes with each other. In the above example, considering AS-7090, ISP1 and ISP2 will share all routes with AS-7090. In this situation ISP1 and ISP2 can route the traffic via AS-7090, becoming AS-7090 as a Transit AS.
- In the below slideshow, there is only iBGP connectivity between INBL-R1 and INBL-R2.
- INBL-R1 router advertising its connected prefixes (10.1.70.0/30 and 172.16.1.0/24) and INBL-R2 router advertising its connected prefixes ( 172.16.1.0/24 and 188.8.131.52/30) with each other.
- Focus on Weight and Local Preference attributes, weight is 0 and Local Preference is 100 on learned routes.
- In the next output, INBL-R1 and INBL-R2 routers are now sharing eBGP peering with ISP1 and ISP2 router.
- Prefixes 10.1.70.0/30 and 184.108.40.206/30 are learned from ISP1 and Prefixes 220.127.116.11/30 and 18.104.22.168/30 are learned from ISP2 and these prefixes are shared with each other.
- Now check below output from ISP1 and ISP2 routers. In the routing table of ISP1, Prefix 22.214.171.124/30 is learned from INBL-R1 router and In the routing table of ISP2, prefix 126.96.36.199/30 is learned from INBL-R2 router.
- As these routes are shared through AS-7090, therefore it became their Transit-AS.
- After eBGP peering with INTERNET router, check all the learned routes from INBL-R1 and INBL-R2 routers.
- There are few methods to prevent becoming Transit-AS:
— Prefix List
— No Export Community
— AS-Path Access List
Let’s configure Distribute List and check the output. In the configuration we have advertised only connected networks using Distribute-List.
INBL-R1 ip access-list standard TRANSIT-AS permit 172.16.1.0 0.0.0.255 permit 10.1.70.0 0.0.0.3 router bgp 7090 network 10.1.70.0 mask 255.255.255.252 network 172.16.1.0 mask 255.255.255.0 neighbor 10.1.70.2 remote-as 8070 neighbor 10.1.70.2 distribute-list TRANSIT-AS out neighbor 172.16.1.2 remote-as 7090
INBL-R2 ip access-list standard TRANSIT-AS permit 172.16.1.0 0.0.0.255 permit 188.8.131.52 0.0.0.3 router bgp 7090 network 184.108.40.206 mask 255.255.255.252 network 172.16.1.0 mask 255.255.255.0 neighbor 220.127.116.11 remote-as 9090 neighbor 18.104.22.168 distribute-list TRANSIT-AS out neighbor 172.16.1.1 remote-as 7090
Now check the final output on ISP1 and ISP2 router after configuration. Only advertised routes are learned from AS-7090.
In the next blog, we will discuss Local Preference attribute.