It seems to me that the issues (in terms of causing failures) are all
related to how the prefixes are announced, and not what ASN they are
announced from.
However if there ARE issues caused by how the prefixes are announced, it may
(or may not) be easier to troubleshoot the problem if the announcements are
from different ASNs.
I go back to the definition of an Autonomous System - a network or group of
networks under a common administrative control. Are the networks at the
datacenter and the networks at the corporate office under a common
administrative control or not?
From a certain purist perspective, if the corp office networks aren't run
by the same people who run the datacenter, then the prefixes should be
announced from different ASNs with different points of contact. In this
case, in theory, if the corp office prefixes are being announced from both
that location AND the datacenter, then you should BGP peer the corp office
with the datacenter, so that the data center announces them with the same
origin ASN that you are using at the corp office location, and the data
center ASN is next in the list as a provider. Of course that may have the
affect of tending to steer all or most of the corp office traffic away from
the datacenter (or not depending on peering), which may or may not be what
you intend.
Of course in spite of all of that, I have to ask if another ASN is really
NEEDED - i.e. do the people who run the data center network and the people
who run the corp office network talk to each other? Are the data center
network folks smart enough to figure out if a problem might be related to
announcements from the corp office, and friendly enough to be able to work
together with the other group to resolve the issue (and the other way
around)?
If you all get along, I have to ask if you need to add another ASN to the
routers of everyone in the world...
Mickster
On Wed, Feb 2, 2011 at 9:24 AM, Andy Litzinger
andy.litzin...@theplatform.com wrote:
I've had trouble finding any technical reason not to use it.
What is important to you about having QA and Corporate use separate AS
numbers? Does using the same AS number result in a reduction of
separation?
For my part it's mostly a desire to make sure that changes to QA or Corp
BGP configs could never impact BGP for our Production datacenter. So far it
looks like it may just be a fear of the unknown on my part as I can't think
of a good example of how one might actually affect one BGP installation by
making changes to another BGP installation purely based on sharing an AS
number (clearly you could have impact if you are advertising the same space
from both locations).
