Skip navigation
Cisco Learning Home > Certifications > Routing & Switching (CCNP) > Discussions

_Communities

This Question is Not Answered 1 Correct Answer available (4 pts) 2 Helpful Answers available (2 pts)
5991 Views 6 Replies Latest reply: Feb 19, 2011 7:06 PM by Scott Morris - CCDE/4xCCIE/2xJNCIE RSS

Currently Being Moderated

BGP Private ASN numbers vs Public ASN numbers

Feb 18, 2011 6:48 PM

Steven Williams 3,266 posts since
Jan 26, 2009

I was reading the CCNP Route official certification guide and really struggled on the topic of private and public ASN numbers. So I get that we have the same problem with ASN numbers as we "did" with IPv4 addresses. So it talked about private ASN numbers, but the explaination was vague to me. Can someone extend on the difference? Also what is the plan for when they run out of ASN numbers?

  • Public vs private ASN is the same as public vs private IPs.  Private ASNs are set aside for use internally with companies.  Kind of like the RFC1918 of ASNs.

     

    Not sure about the second half of your question.  Not sure it's an issue or not, yet.  Perhaps someone more in tune with the SP side of the house can comment on that.

  • Conwyn 7,907 posts since
    Sep 10, 2008
    Currently Being Moderated
    2. Feb 19, 2011 12:23 AM (in response to Steven Williams)
    Re: BGP Private ASN numbers vs Public ASN numbers

    Hi Hollywood

     

    One usage is confederations. You can have a public AS and behind that sits hundreds of private AS. It is a sort of NAT. The outside world sends all traffic to the public AS. Traffic from the confederations appears to come from the single public AS.

     

    Regards Conwyn

  • Keith Barker - CCIE RS/Security, CISSP 5,351 posts since
    Jul 3, 2009
    Currently Being Moderated
    3. Feb 19, 2011 12:42 AM (in response to Steven Williams)
    Re: BGP Private ASN numbers vs Public ASN numbers

    Hollywood0728 wrote:

     

    I was reading the CCNP Route official certification guide and really struggled on the topic of private and public ASN numbers. So I get that we have the same problem with ASN numbers as we "did" with IPv4 addresses. So it talked about private ASN numbers, but the explaination was vague to me. Can someone extend on the difference? Also what is the plan for when they run out of ASN numbers?

     

    The original 2 octet ASN numbers are depleting, so they kicked it up a notch to a 4 octet ASN number, with a migration path from 2 to 4.

     

    This is discussed in RFC 5668.

     

    If a customer wants to connect with their service provider via BGP, both the service provider and the customer need to have an ASN.   The service provider will have a real, registered ASN, and the customer will be given a private one in the range  from 64512 to 65535.   These customers are hiding behind there service providers, and as BGP updates come from the customer into the service provider, the service provider will strip off (hide) the private ASN and simply place it's own ASN in the AS_PATH instead, before sending those route updates into other autonomous systems.   This is a lot like NAT, where an RFC 1918 address like 10.0.0.1 is removed as a source address by the NAT device, and replaced with a global (registered) routable address such as 23.0.0.1

     

    Best wishes,

     

    Keith

  • That was actually an interesting read Keith.  Where does the actual migration stand there?  Is this something we're going to see soon? 

     

    SP is one environment I've got little experience in, outside of the military SP-type realm.

  • Marko Milivojevic 800 posts since
    Jun 26, 2008
    Currently Being Moderated
    5. Feb 19, 2011 8:59 AM (in response to tnewshott)
    Re: BGP Private ASN numbers vs Public ASN numbers

    Migration is happening, as we speak. Many RIRs (Regional Internet Registries - ARIN, RIPE, APNIC, AfriNIC, LACNIC) have started assigning 32-bit AS numbers to customers almost two years ago.

     

    IOS is a bit slow to pick up on the support for them, but in most high-end gear, it's there.

     

    --

    Marko Milivojevic - CCIE #18427 (SP R&S)

    Senior Technical Instructor - IPexpert

  • Scott Morris - CCDE/4xCCIE/2xJNCIE 8,396 posts since
    Oct 7, 2008

    The hardest part in the migration will be everyone's router/vendor/software-version actually supporting the 4-byte ASNs.  Even though there's a "compatibility" mode to it (AS23456), there have been several cases of "too many of these" causing issues in interpretation and rejecting routes or even crashing routers.

     

    As I understand it, most RIRs will only assign the 4-byte ones by request (or at least that seems to be ARINs mode).  There's a lot of reuse of "standard" ASNs going on.  Anything given up cycles back into the pool.

     

    I guess it's all we're doing trying to squeeze the last little bit of life out of it!   Like IPv4! 

     

    Scott

Actions

More Like This

  • Retrieving data ...

Bookmarked By (0)