[194532] in North American Network Operators' Group
RE: Question about experiences with BGP remote-AS
daemon@ATHENA.MIT.EDU (Tony Wicks)
Fri May 5 18:15:49 2017
X-Original-To: nanog@nanog.org
From: "Tony Wicks" <tony@wicks.co.nz>
To: "'LF OD'" <bz_siege_01@hotmail.com>
In-Reply-To: <SN1PR06MB2288BABC2189F6DCC28E77CDABEB0@SN1PR06MB2288.namprd06.prod.outlook.com>
Date: Sat, 6 May 2017 10:15:12 +1200
WTL-MailScanner-From: tony@wicks.co.nz
Cc: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
JunOS has three different modes for Virtual routers depending on your
situation requirements. I would suggest that something in the QFX or ACX
range will be able to replicate what you are after. Otherwise the entry
level MX will certainly do the job for a little more outlay.
-----Original Message-----
From: NANOG [mailto:nanog-bounces@nanog.org] On Behalf Of LF OD
Sent: Saturday, 6 May 2017 4:56 AM
To: nanog@nanog.org
Subject: Question about experiences with BGP remote-AS
We have a number of small routers in co-lo sites that peer with B2B
partners. As more of our partners move to cloud, we are considering a
consolidation effort and putting all of our peering routers in a cloud
exchange site on a single HA pair of routers. Now, each existing B2B peering
router uses a unique private ASN to EBGP peer with partners and they, in
turn, EBGP peer with our extranet perimeter ASNs for security vetting and
other stuff.
We looked for a medium-density router (or L3-switch) that can replace
multiple small routers (b2b-only, no internet), but we need to retain all of
our existing ASNs and peerings. As it turns out, there are many routers that
can do VRFs but you cannot put a unique ASN on each VRF so replicating the
old environment isn't quite that straightforward. The BGP remote-as looks to
be a possible alternative solution, but we've never used it in production
and we are unsure of the caveats. Taken at face value, it looks like we can
mimic the multi-router/unique-ASN environment we have today on a single
platform. However, networking is rarely as smooth as that so I'm asking some
of the BGP gurus... what are the pros/cons of doing using remote-as? If
anyone here uses it extensively, we could really use some feedback if you
run into challenges or hidden surprises that we wouldn't normally think of
beforehand.
Thanks in advance!
LFOD
