[6bone] private ASNs and the Default-Free-Zone

Nicolas DEFFAYET nicolas.deffayet@ndsoftware.net
25 Oct 2002 15:13:00 +0200

Previous message: [6bone] private ASNs and the Default-Free-Zone
Next message: [6bone] private ASNs and the Default-Free-Zone
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2002-10-25 at 12:15, John Fraizer wrote:

> This is not a problem:
> 
> ipv6-site:    COMPENDIUM-AR
> origin:       AS45328
> descr:        Compendium, Buenos Aires, AR
> country:      AR
> prefix:       3FFE:8260::/28

Do you think that it's normal to allocate a pTLA with an unallocated ASN
?

> Beyond that, if you peer with someone who uses a private ASN, use the
> following command (or equiv for your router) on the peering session:
> 
>  neighbor 3ffe:xxxx::xxxx remove-private-AS
> 
> If your router code doesn't support that command or one like it, might I
> suggest that you UPGRADE? 

remove-private-AS will remove the private ASN in ASpath, not the route
with private ASN...

Exemple:

3ffe:ffff::/32

1 2 3 65000

If AS3 use remove-private-AS, other network will get this:

3ffe:ffff::/32

1 2 3

AS3 is not the source of 3ffe:ffff::/32, the source is 65000

=> private ASN _MUST_ send their routes with the community no-export
(like i do before)

Using this for don't announce route with private ASN is better:

ip as-path access-list private-asn-out deny
_(6451[2-9]|645[2-9][0-9]|64[6-9][0-9][0-9]|65[0-4][0-9][0-9]|655[0-2][0-9]|6553[0-5])_
ip as-path access-list private-asn-out permit .*

Best Regards,

Nicolas DEFFAYET

Previous message: [6bone] private ASNs and the Default-Free-Zone
Next message: [6bone] private ASNs and the Default-Free-Zone
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]