Junos OS

 View Only
last person joined: yesterday 

Ask questions and share experiences about Junos OS.
  • 1.  as path prepend

    Posted 06-17-2021 06:12
    Hello ,

    I am trying the understand the BGP policy . I have a Site called Remote office having an SRX Firewall . The AS number of site is 65111

    I have two datacenters to which i have VPN from Remote site- Data center name as DC1 and DC2


    set policy-options policy-statement EXPORT-VPN-DC1 term MATCH-direct from protocol direct
    set policy-options policy-statement EXPORT-VPN-DC1 term MATCH-direct then as-path-prepend "65111 65111 65111 65111 65111"
    set policy-options policy-statementEXPORT-VPN-DC1 term MATCH-direct then accept
    set policy-options policy-statement EXPORT-VPN-DC1 term AS-path-prepend from protocol bgp
    set policy-options policy-statement EXPORT-VPN-DC1 term AS-path-prepend then as-path-prepend "65111 65111 65111 65111 65111"
    set policy-options policy-statement EXPORT-VPN-DC1 term AS-path-prepend then accept

    set policy-options policy-statement EXPORT-VPN-DC2 term MATCH-direct from protocol direct
    set policy-options policy-statement EXPORT-VPN-DC2 term MATCH-direct then as-path-prepend "65111 65111 65111 65111 65111 65111"
    set policy-options policy-statement EXPORT-VPN-DC2 term MATCH-direct then accept
    set policy-options policy-statement EXPORT-VPN-DC2 term AS-path-prepend from protocol bgp
    set policy-options policy-statement EXPORT-VPN-DC2  term AS-path-prepend then as-path-prepend "65111 65111 65111 65111 65111 65111"
    set policy-options policy-statement EXPORT-VPN-DC2  term AS-path-prepend then accept


    My query is while prepending AS path - can we write any number other than 65111  .?

    Also for DC1 , it is written as 5 times 
    for DC2 , it is written 6 times

    making DC2 path longer . But is there any logic of using it 5 and 6 times .; can i use 7 and 8  times   ?  the goal is to have more number of entries for DC2 to make path longer ?

    ------------------------------
    skywalker
    ------------------------------


  • 2.  RE: as path prepend

    Posted 06-19-2021 06:55
    My query is while prepending AS path - can we write any number other than 65111  .?
    Yes, the AS path count is for all AS in the path and it does not care what the AS are in the count.

    Also for DC1 , it is written as 5 times 
    for DC2 , it is written 6 times

    making DC2 path longer . But is there any logic of using it 5 and 6 times .; can i use 7 and 8  times   ?  the goal is to have more number of entries for DC2 to make path longer ?
    Yes, shorter is better so the number does not matter for this criteria.

    However I would point out that typically this method would not be used for routing control on fully controlled peerings like this where you own the whole network.    AS path generally only comes into play when you have long paths through AS that you do NOT control and are interacting with.  So generally the internet.

    For inside networks like your won VPN connection your are better off using policies via local preference on the relevant peerings for this type of route steering.  You can also use communities to label your routes at the source and process routes that are ultimately from those sources in the desired handling way.

    AS path method is really the last hope and frequently ignored metric.  And excessive padding (more than 3 or 4) is frequently ignored by outside AS.


    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------