Local-As
Scenario to verify BGP peer-group local-as inheritance.
When local-as is configured on a peer-group, members use an alternate
ASN for the BGP session instead of the process ASN. Options no-prepend
and replace-as control how the alternate ASN appears in the AS-path.
Test eBGP - Peer-group local-as uses alternate ASN and modifies AS-path
Description
Test that local-as configured on a peer-group allows members to use an
alternate ASN. DUT0 (AS 50) uses local-as 10 via peer-group MYGROUP for DUT1.
DUT1 (AS 20) advertises 192.168.100.0/24. DUT2 (AS 30) receives the route.
By default, AS-path includes both local-as and real ASN: 10 50 10 20.
With no-prepend, local-as is not prepended on receive: 10 50 20.
With replace-as on DUT2’s neighbor, real ASN is hidden on export: 10 20.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 192.168.100.1/24 set interfaces ethernet eth1 address 192.168.200.1/24 set protocols bgp 50 neighbor dut1 peer-group MYGROUP set protocols bgp 50 neighbor dut1 remote-address 192.168.100.2 set protocols bgp 50 neighbor dut2 local-as 10 set protocols bgp 50 neighbor dut2 remote-address 192.168.200.2 set protocols bgp 50 neighbor dut2 remote-as 30 set protocols bgp 50 neighbor dut2 route-map export PERMIT set protocols bgp 50 peer-group MYGROUP local-as 10 set protocols bgp 50 peer-group MYGROUP remote-as 20 set protocols bgp 50 peer-group MYGROUP route-map import PERMIT set protocols route-map PERMIT rule 1 action permit set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces ethernet eth0 address 192.168.100.2/24 set protocols bgp 20 neighbor peer remote-address 192.168.100.1 set protocols bgp 20 neighbor peer remote-as 10 set protocols bgp 20 neighbor peer route-map export PERMIT set protocols bgp 20 redistribute connected set protocols route-map PERMIT rule 1 action permit set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Set the following configuration in DUT2 :
set interfaces ethernet eth0 address 192.168.200.2/24 set protocols bgp 30 neighbor peer remote-address 192.168.200.1 set protocols bgp 30 neighbor peer remote-as 10 set protocols bgp 30 neighbor peer route-map import PERMIT set protocols route-map PERMIT rule 1 action permit set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Attention
Verify eBGP sessions establish on DUT0.
Step 4: Run command protocols bgp show ip summary at DUT0 and check if output matches the following regular expressions:
192.168.100.2.*Established[\s\S]*192.168.200.2.*EstablishedShow output
IPv4 Unicast Summary: BGP router identifier 192.168.200.1, local AS number 50 VRF default vrf-id 0 BGP table version 1 RIB entries 1, using 128 bytes of memory Peers 2, using 47 KiB of memory Peer groups 1, using 64 bytes of memory Neighbor LocalAddr V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State PfxRcd PfxSnt Desc 192.168.100.2 192.168.100.1 4 20 4 3 1 0 0 00:00:02 Established 1 (Policy) N/A 192.168.200.2 192.168.200.1 4 30 2 4 0 0 0 00:00:00 Established (Policy) 0 N/A Total number of neighbors 2
Note
By default, the alternate ASN is added to the AS-path for routes sent and received.
Step 5: Run command protocols bgp show ip at DUT2 and check if output matches the following regular expressions:
[*].*192.168.100.0/24\s+192.168.200.1\s+.\s+10 50 10 20Show output
BGP table version is 1, local router ID is 192.168.200.2, vrf id 0 Default local pref 100, local AS 30 local address - Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 192.168.100.0/24 192.168.200.1 0 10 50 10 20 ? Displayed 1 routes and 1 total paths
Note
With no-prepend, the alternate ASN is not prepended when receiving routes.
Step 6: Modify the following configuration lines in DUT0 :
set protocols bgp 50 peer-group MYGROUP local-as 10 no-prepend
Step 7: Run command protocols bgp show ip at DUT2 and check if output matches the following regular expressions:
[*].*192.168.100.0/24\s+192.168.200.1\s+.\s+10 50 20Show output
BGP table version is 3, local router ID is 192.168.200.2, vrf id 0 Default local pref 100, local AS 30 local address - Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 192.168.100.0/24 192.168.200.1 0 10 50 20 ? Displayed 1 routes and 1 total paths
Note
With replace-as, the real ASN is replaced by the alternate ASN when sending routes.
Step 8: Modify the following configuration lines in DUT0 :
set protocols bgp 50 neighbor dut2 local-as 10 no-prepend replace-as
Step 9: Run command protocols bgp show ip at DUT2 and check if output matches the following regular expressions:
[*].*192.168.100.0/24\s+192.168.200.1\s+.\s+10 20Show output
BGP table version is 5, local router ID is 192.168.200.2, vrf id 0 Default local pref 100, local AS 30 local address - Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 192.168.100.0/24 192.168.200.1 0 10 20 ? Displayed 1 routes and 1 total paths