BGP risk of using the as-override feature

One of BGP’s loop prevention mechanisms is to deny the installation of a route that contains a router’s own AS in the AS-PATH. This is very effective on networks such as the Internet. Using the as-override feature on the Internet can be disastrous!

However, within a controlled private network, such as an MPLS network that a single ISP manages, the use of as-override is quite safe. This is because a typical MPLS network has one or more centralized core ASes from which customer ASes hang off of. This is kind of like a tree structure, where the core ASes are the roots. In such a topology, there is no case where you would have a series of ASes in a loop arrangement.

As a result, using the as-override is safe in such an environment.

Links:

https://forum.networklessons.com/t/mpls-layer-3-vpn-bgp-as-override/1323/35?u=lagapides

https://networklessons.com/bgp/mpls-layer-3-vpn-bgp-override

Links to this page: