Brocade Multi-Service IronWare Routing Configuration Guide (Supporting R05.6.00) User Manual
Page 69
Multi-Service IronWare Routing Configuration Guide
41
53-1003033-02
Requiring the first AS to be the neighbor AS
When you configure the device to require that the AS an EBGP neighbor is in be the same as the
first AS in the AS_SEQUENCE field of an update from the neighbor, the device accepts the update
only if the AS numbers match. If the AS numbers do not match, the device sends a notification
message to the neighbor and closes the session. The requirement applies to all updates received
from EBGP neighbors.
The hierarchy for enforcement of this feature is: a neighbor will try to use the enforce-first-as value
if one is configured; if none is configured, the neighbor will try to use the configured value for a
peer group. If neither configuration exists, enforcement is simply that of the global configuration
(which is disabled by default).
To enable this feature globally, enter the enforce-first-as command at the BGP4 configuration level
of the CLI.
Brocade(config-bgp)# enforce-first-as
Syntax: [no] enforce-first-as
To enable this feature for a specific neighbor, enter the following command at the BGP4
configuration level.
Brocade(config-bgp)# neighbor 10.1.1.1 enforce-first-as enable
Syntax: [no] neighbor ip-address enforce-first-as [enable | disable]
The ip-address value is the IP address of the neighbor.
When the first-as requirement is enabled, its status appears in the output of the show running
configuration command. The optional last keyword choice of enable or disable lets you specify
whether the output of the show running configuration command includes the configuration of the
first-as requirement. This option allows the show running configuration command output to show
what is actually configured.
To enable this feature for a peer group, enter the following command at the BGP4 configuration
level.
Brocade(config-bgp)# neighbor Peergroup1 enforce-first-as enable
Syntax: [no] neighbor peer-group-name enforce-first-as [enable | disable]
The peer-group-name value is the name of the peer group.
When the first-as requirement is enabled, its status appears in the output of the show running
configuration command. The optional last keyword choice, that of enable or disable, lets you
specify whether the output of the show running configuration command includes the configuration
of the first-as requirement: this option helps the show running command output to show what you
have actually configured.
The following example shows a running configuration with the first-as enforcement items (for
global, peer group, and neighbor) in bold.
Brocade(config)# router bgp
BGP4: Please configure 'local-as' parameter in order to enable BGP4.
Brocade(config-bgp)# local-as 1
Brocade(config-bgp)# enforce-first-as
Brocade(config-bgp)# neighbor abc peer-group
Brocade(config-bgp)# neighbor abc remote-as 2
Brocade(config-bgp)# neighbor abc enforce-first-as disable
Brocade(config-bgp)# neighbor 192.168.1.2 peer-group abc
Brocade(config-bgp)# neighbor 192.168.1.2 enforce-first-as enable