Question about experiences with BGP remote-AS

[tony at wicks.co.nz (Tony Wicks)]

JunOS has three different modes for Virtual routers depending on your
situation requirements. I would suggest that something in the QFX or ACX
range will be able to replicate what you are after. Otherwise the entry
level MX will certainly do the job for a little more outlay. 

-----Original Message-----
From: NANOG [mailto:nanog-bounces at nanog.org] On Behalf Of LF OD
Sent: Saturday, 6 May 2017 4:56 AM
To: nanog at nanog.org
Subject: Question about experiences with BGP remote-AS

We have a number of small routers in co-lo sites that peer with B2B
partners. As more of our partners move to cloud, we are considering a
consolidation effort and putting all of  our peering routers in a cloud
exchange site on a single HA pair of routers. Now, each existing B2B peering
router uses a unique private ASN to EBGP peer with partners and they, in
turn, EBGP peer with our extranet perimeter ASNs for security vetting and
other stuff.


We looked for a medium-density router (or L3-switch) that can replace
multiple small routers (b2b-only, no internet), but we need to retain all of
our existing ASNs and peerings. As it turns out, there are many routers that
can do VRFs but you cannot put a unique ASN on each VRF so replicating the
old environment isn't quite that straightforward. The BGP remote-as looks to
be a possible alternative solution, but we've never used it in production
and we are unsure of the caveats. Taken at face value, it looks like we can
mimic the multi-router/unique-ASN environment we have today on a single
platform. However, networking is rarely as smooth as that so I'm asking some
of the BGP gurus... what are the pros/cons of doing using remote-as? If
anyone here uses it extensively, we could really use some feedback if you
run into challenges or hidden surprises that we wouldn't normally think of
beforehand.


Thanks in advance!


LFOD