What technique should be used on BGP edge routers to prevent a multi-homed autonomous system from becoming a transit system?

What technique should be used on BGP edge routers to prevent a multi-homed
autonomous system from becoming a transit system?

What technique should be used on BGP edge routers to prevent a multi-homed
autonomous system from becoming a transit system?

A.
Advertise with a high MED value all networks that are discovered via external BGP.

B.
Remove the AS-Path information on all routes in theBGP table prior to advertising
externally.

C.
Only advertise networks externally if they have been discovered via internal BGP.

D.
Use an outgoing distribution list to filter all networks not originating from inside the
autonomous system.

E.
Set the no-export community attribute on all networks that are advertised externally.

F.
Set the origin code to incomplete for all networks that are discovered via external BGP.

Explanation:
A transit AS is an AS that routes traffic from one external AS to another external AS. Let’s
see an example below:

Suppose your company has 2 internet links to 2 different ISPs. If one connection to the ISP
goes down, your traffic can be sent through the other ISP. It is a good way to make sure
your company can access the internet any time. But if your routers are not configured
carefully, your company AS may become a transit AS.For example, AS 3 learned the route
10.10.10.0/24 from ISP1. If R2 advertises that route to ISP2 then ISP2 may use it to send
traffic to that network -> your company becomes a transit AS.
There are two popular ways to prevent a multi-homedautonomous system from becoming a
transit system:
+ Use a distribute-list or filter-list to filter all networks not originating from inside the
autonomous system.
+ Use the no-export community attribute on all networks not originating from inside the
autonomous system.
Answer E seems to be correct but in fact it is not because “all networks that are advertised
externally” include networks originating from inside and outside our AS. We should only filter
networks originating from outside our AS. In some cases, the routers in our company may
advertise some internal networks (for remote access, for example).



Leave a Reply 0

Your email address will not be published. Required fields are marked *