That will indeed help. Will check it out. How I have solved it now is by having network statements on the edge (/24s). To make the internal routing work I announce more specific prefixes from the internal router, so externally I announce a /24 (from edge to peering partners) but internally I announce two /25s (from internal to edge). That way internet knows how to find my /24 and edge knows how to find its way internally due to /25 being more specific compared to /24.
On Wed, Mar 27, 2019 at 9:33 PM Sebastian Benoit <benoit-li...@fb12.de> wrote: > > open...@kene.nu(open...@kene.nu) on 2019.03.27 12:25:33 +0100: > > Hello, > > > > That would unforunately affect all the prefixes announced to the edge > > router from the internal router. I need it to be only prefixes > > announced to my peering partners. > > > > /Oscar > > > > On Tue, Mar 26, 2019 at 3:50 PM Denis Fondras <open...@ledeuns.net> wrote: > > > > > > On Tue, Mar 26, 2019 at 02:54:38PM +0100, open...@kene.nu wrote: > > > > Hello, > > > > > > > > Is there a way to make openbgpd strip private ASNs from updates it > > > > sends to certain neighbors? > > > > I am using openbgpd on my edge routers and distribute routes generated > > > > internally to the rest of the world. However, the internal routers use > > > > private ASNs and this is obviously frowned upon by my peering > > > > partners. > > > > > > > > I can of course have network statements on my edge routers but that > > > > assumes the prefixes will always be reachable via said edge router, > > > > something I can never be certain of. I would rather the updates rely > > > > on the prefix actually being announced from the source. > > > > > > > > > > Perhaps with transparent-as ? > > In current (snapshots) there is "as-override": > > as-override (yes|no) > If set to yes, all occurrences of the neighbor AS in the AS > path will be replaced with the local AS before running the > filters. The Adj-RIB-In still holds the unmodified AS path. > The default value is no. > > this is a neighbor option and used on the session to a peer that uses a > private AS. > > You dont say much about your network structure, but if your edge router has > a normal As number, and your internal ebgp peers have private As numbers, > this option will help. > > /Benno >