Technical Tip: How to configure BGP AS prepending

alif · ‎09-29-2016

Description

This article provides a configuration example of BGP AS prepending.

Solution

BGP AS-path prepending is useful in cases when there are two sites announcing the same routes. However, it is required that one site is the primary and the other site is the backup.

The goal of AS-path prepending is to change the announced AS-path by adding more AS to influence the BGP algorithm to make it less preferable. By adding more AS, the path becomes longer and hence it will be less preferred.

In the following example, Router ID 10.5.18.68 (AS 65001) has BGP neighborship with 10.5.22.4 (AS 65002) and 10.5.20.173 (AS 65003). Network 10.190.0.0/20 is announced by both FGT-A and FGT-B. However, FGT-B announces the route with multiple AS-path prepend which makes the route less preferable.

FGT-A Configuration.
# config router bgp
    set as 65002
    set router-id 10.5.22.4
    # config neighbor
        edit "10.5.18.68"
            set soft-reconfiguration enable
            set remote-as 65001
            set route-map-out "to_MPLS_NETWORK"
        next
    end
    # config redistribute "connected"
        set status enable
    end
end

# config router route-map
    edit "to_MPLS_NETWORK"
        # config rule
            edit 1
                set match-ip-address "to_MPLS_NETWORK"
            next
        end
    next
end

# config router prefix-list
    edit "to_MPLS_NETWORK"
        # config rule
            edit 1
                set prefix 10.190.0.0 255.255.240.0
                unset ge
                unset le
            next
        end
    next
end
FGT-A Output.
FGT-A # get router info bgp summary
VRF 0 BGP router identifier 10.5.22.4, local AS number 65002
BGP table version is 2
1 BGP AS-PATH entries
0 BGP community entries

Neighbor   V         AS MsgRcvd MsgSent   TblVer InQ OutQ Up/Down State/PfxRcd
10.5.18.68 4      65001     117     140        1    0    0 00:11:28        0

Total number of neighbors 1

FGT-A # get router info bgp network
   Network          Next Hop            Metric LocPrf Weight RouteTag Path
*> 10.5.16.0/20     0.0.0.0                            32768        0 ? <-/1>
*> 10.190.0.0/20    0.0.0.0                            32768        0 ? <-/1>

Total number of prefixes 2

FGT-A # get router info routing-table all
S*      0.0.0.0/0 [10/0] via 10.5.31.254, wan2
C       10.5.16.0/20 is directly connected, wan2
C       10.190.0.0/20 is directly connected, internal1

FGT-B Configuration.
# config router bgp
    set as 65003
    set router-id 10.5.20.173
    # config neighbor
        edit "10.5.18.68"
            set remote-as 65001
            set route-map-out "to_MPLS_NETWORK"
        next
    end
    # config redistribute "connected"
        set status enable
    end
end
Both FGT-A and FGT-B are announcing the route 10.190.0.0/20. However, FGT-B is announcing with multiple AS-path '65002 65002 65002'.
# config router route-map
    edit "to_MPLS_NETWORK"
        # config rule
            edit 1
                set match-ip-address "to_MPLS_NETWORK"
                set set-aspath "65002 65002 65002"
            next
        end
    next
end

# config router prefix-list
    edit "to_MPLS_NETWORK"
        # config rule
            edit 1
                set prefix 10.190.0.0 255.255.240.0
                unset ge
                unset le
            next
        end
    next
end
FGT-B Output.
FGT-B # get router info bgp summary
VRF 0 BGP router identifier 10.5.20.173, local AS number 65003
BGP table version is 2
3 BGP AS-PATH entries
0 BGP community entries

Neighbor   V         AS MsgRcvd MsgSent   TblVer InQ OutQ Up/Down State/PfxRcd
10.5.18.68 4      65001      82     103        1    0    0 00:09:41        1

Total number of neighbors 1

FGT-B # get router info bgp network
VRF 0 BGP table version is 2, local router ID is 10.5.20.173
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight RouteTag Path
*> 10.5.16.0/20     0.0.0.0                            32768        0 ? <-/1>
* 10.190.0.0/20    10.5.22.4                0             0        0 65001 65002 ? <-/->

Total number of prefixes 2

FGT-B # get router info routing-table all
S*      0.0.0.0/0 [1/0] via 10.5.31.254, port1
C       10.5.16.0/20 is directly connected, port1
C       10.190.0.0/20 is directly connected, port2
FGT-C Configuration.
# config router bgp
    set as 65001
    set router-id 10.5.18.68
    # config neighbor
        edit "10.5.20.173"
            set soft-reconfiguration enable
            set remote-as 65003
        next
        edit "10.5.22.4"
            set soft-reconfiguration enable
            set remote-as 65002
        next
    end
end
FGT-C Output.
FGT-C # get router info bgp summary
VRF 0 BGP router identifier 10.5.18.68, local AS number 65001
BGP table version is 19
2 BGP AS-PATH entries
0 BGP community entries

Neighbor    V         AS MsgRcvd MsgSent   TblVer InQ OutQ Up/Down State/PfxRcd
10.5.20.173 4      65003    9306    9399       19    0    0 00:15:01        1
10.5.22.4   4      65002    9273    9372        0    0    0 00:15:01        1

Total number of neighbors 2

FGT-C # get router info bgp network

   Network               Next Hop            Metric LocPrf Weight RouteTag Path
*> 10.190.0.0/20    10.5.22.4                0             0        0 65002 ? <-/1>
*                           10.5.20.173              0             0        0 65003 65002 65002 65002 ? <-/->

Total number of prefixes 1
FGT-C is receiving the route 10.190.0.0/20 from both neighbors. However, it selects the one with lower AS-path and installs it in the routing table.
FGT-C # get router info routing-table all
S*      0.0.0.0/0 [10/0] via 10.5.31.254, port1
C       10.5.16.0/20 is directly connected, port1
C       10.40.66.0/24 is directly connected, port17
C       10.40.87.0/24 is directly connected, port2
B       10.190.0.0/20 [20/0] via 10.5.22.4, port1, 00:15:10