24 Jan

BGP Route Server on ASR1000

BGP Route Server is feature designated mostly for IX (Internet Exchange) deployment. You can find many deployment around the world mostly using open software like Quagga, but it’s also available on Cisco’s ASR1000 routers. Route server is an advanced route reflector which provide customized policy support for each service provider, which means that standard path selection can be overridden by route policies set per particular provider.

In typical IX design service provider edge routers share common subnet to provide connectivity between each other. Without route reflector full mesh of peerings is required to provide BGP prefix exchange between providers. Each operators set policies for particular neighbors manually. Route reflectors simplifies implementation because edge routers have only maintain session with RR router to receive full prefix table. This reduces CPU and memory requirements on the border routers not to mention OpEX of maintaining of edge routers.
Router servers are advanced route reflectors. There are transparent for traffic path but have ability to override the normal BGP best path with an alternative path based on some policy or suppress all paths for a prefix and therefore not advertise the prefix.
Route server is working within it’s own AS number but is transparent, which means that it’s AS is removed from AS_PATH while advertising to route server client. This feature have to be activated per neighbor in BGP configuration.

router bgp 65100
   neighbor 10.0.0.1 remote-as 100
      address-family ipv4 unicast
      neighbor 10.0.0.1 activate
      neighbor 10.0.0.1 route-server-client

The client routers also have to be prepared to work correctly with route servers. By default router won’t accept eBGP update if first AS number in AS_PATH is different than AS number of router sending the update. This situation occurs while route server is sending it’s transparent updates. Route server client router have to be configured to disable that behavior in order for the client to receive the updates.

router bgp 100
   no bgp enforce-first-as

With this configuration route server is acting as route reflector. Now it’s time to configure policies that will affect standard BGP route selection process. It’s done by using contexts that are applied per neighbor. Route-maps are used to accomplish this task and all standard filtering mechanisms such as as-path access-list or prefix-list can be used.

router bgp 65100
   route-server-context PERMIT_PREFIX_CONTEXT
      address-family ipv4 unicast
         import-map PERMIT_PREFIX
      exit-address-family
   exit-route-server-context
   neighbor 10.0.0.1 remote-as 100
   address-family ipv4 unicast
      neighbor 10.0.0.1 activate
      neighbor 10.0.0.1 route-server-client context PERMIT_PREFIX_CONTEXT
!
ip prefix-list 1 permit 172.16.0.0/16 
!
route-map PERMIT_PREFIX permit 10
   match ip address prefix-list 1 
!

The import-map references a route-map, where the actual policy is defined by permit statement inside route-map. Prefixes are received from neighbors and standard inbound filtering is applied. The best path from among the subset of matching routes is imported into the virtual table for the contexts. Then standard outbound filtering is applied.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.