Lab  8.8.2 Remove Private AS Numbers

Objectives:

  • In the example above, AS 300 needs to prevent the private AS number 65001 from being leaked to the Internet when BGP routes are propagated.

Scenario:

Router C learns about network 192.68.11.0/24 via EBGP from Router B with a next hop of 10.1.1.1, which is the IP address of the external neighbor to router B. However, Router C does not have a direct connection to Router A and therefore cannot reach the next hop. This will cause routing to fail. You will need to use the neighbor next-hop-self command to remedy this situation.

Tasks:

  1. Cable the lab and address the interfaces as shown in the graphic. Use the default subnet mask for all addresses. All Ethernet interfaces should use the .1 address. For example, 12.0.0.1.



  2. Enable BGP routing on each router. Only advertise the network off the Ethernet interfaces. The configurations should be as follows:

    RouterC(config)#router bgp 200 
    RouterC(config-router)#network 11.0.0.0 
    RouterC(config-router)#no synchronization 
    RouterC(config-router)#neighbor 3.3.3.1 remote-as 300

    RouterB(config)#router bgp 65001 
    RouterB(config-router)#network 12.0.0.0 
    RouterB(config-router)#neighbor 2.2.2.1 remote-as 300 
    RouterB(config-router)#no synchronization

    RouterA(config)#router bgp 300 
    RouterA(config-router)#network 170.10.0.0 
    RouterA(config-router)#neighbor 2.2.2.2 remote-as 65001 
    RouterA(config-router)#neighbor 3.3.3.2 remote-as 200


  3. Verify that you can see networks 12.0.0.0, 11.0.0.0 and 170.10.0.0 in the routing table. Use the show ip route and show ip bgp commands to do this.

  4. Issue the show ip bgp command on router C. What is that AS path to network 12.0.0.0?
  5. On router A, issue the following commands:

    RouterA(config)#router bgp 300 
    RouterA(confing-router)# neighbor 3.3.3.2 remove-private-as

    Configure BGP on Routers B and C.Save your configurations.

  6. Go back to router C and issue the command:

    RouterC#clear ip bgp *

  7. Wait a few seconds and issue the show ip bgp command. What is different?

     


  8. What is the usefulness of this command?