BGP Route Server on ASR1000
BGP Route Server is feature designated mostly for IX (Internet Exchange) deployment. You can find many deployment around the world mostly using open software like Quagga, but it’s also available on Cisco’s ASR1000 routers. Route server is an advanced route reflector which provide customized policy support for each service provider, which means that standard path selection can be overridden by route policies set per particular provider.
In typical IX design service provider edge routers share common subnet to provide connectivity between each other. Without route reflector full mesh of peerings is required to provide BGP prefix exchange between providers. Each operators set policies for particular neighbors manually. Route reflectors simplifies implementation because edge routers have only maintain session with RR router to receive full prefix table. This reduces CPU and memory requirements on the border routers not to mention OpEX of maintaining of edge routers.
Router servers are advanced route reflectors. There are transparent for traffic path but have ability to override the normal BGP best path with an alternative path based on some policy or suppress all paths for a prefix and therefore not advertise the prefix.
Route server is working within it’s own AS number but is transparent, which means that it’s AS is removed from AS_PATH while advertising to route server client. This feature have to be activated per neighbor in BGP configuration.
router bgp 65100 neighbor 10.0.0.1 remote-as 100 address-family ipv4 unicast neighbor 10.0.0.1 activate neighbor 10.0.0.1 route-server-client
The client routers also have to be prepared to work correctly with route servers. By default router won’t accept eBGP update if first AS number in AS_PATH is different than AS number of router sending the update. This situation occurs while route server is sending it’s transparent updates. Route server client router have to be configured to disable that behavior in order for the client to receive the updates.
router bgp 100 no bgp enforce-first-as
With this configuration route server is acting as route reflector. Now it’s time to configure policies that will affect standard BGP route selection process. It’s done by using contexts that are applied per neighbor. Route-maps are used to accomplish this task and all standard filtering mechanisms such as as-path access-list or prefix-list can be used.
router bgp 65100 route-server-context PERMIT_PREFIX_CONTEXT address-family ipv4 unicast import-map PERMIT_PREFIX exit-address-family exit-route-server-context neighbor 10.0.0.1 remote-as 100 address-family ipv4 unicast neighbor 10.0.0.1 activate neighbor 10.0.0.1 route-server-client context PERMIT_PREFIX_CONTEXT ! ip prefix-list 1 permit 172.16.0.0/16 ! route-map PERMIT_PREFIX permit 10 match ip address prefix-list 1 !
The import-map references a route-map, where the actual policy is defined by permit statement inside route-map. Prefixes are received from neighbors and standard inbound filtering is applied. The best path from among the subset of matching routes is imported into the virtual table for the contexts. Then standard outbound filtering is applied.