BGP Private and Public AS Range: On the internet, we have 2byte AS Numbers and 4 Byte AS Numbers. In this post, we will explain what are the BGP Private and Public AS Range for 2 byte AS and 4 byte AS numbers. Where Private BGP AS number is used and should be used and where Public AS Numbers in BGP is used and should be used. Not just where they should be used but also we will discuss where they shouldn't be used too.
BGP Private AS Range for 2-byte AS Number is between 64512 to 65535.
So we have 1023 BGP AS Numbers to use in a 2-byte ASN schema. Private AS numbers, similar to the Private IP address range (RFC 1918), should be used internally in the networks.
Not, external networks, such as the Internet. On Internet, in the Global Routing table, which is also known as Default Free Zone, only Public IP Addresses should be seen.
Thus, Private AS numbers only is used internally. They shouldn't be leaked to the Global Internet, intentionally or unintentionally.
IANA reserved 94,967,295 ASNs (4200000000 to 4294967294) for private/internal usage.
Similar to 2-byte Private ASNs, the 4-byte Private BGP AS range shouldn't be leaked to the Global Internet.
Private ASNs are removed at the edge of the networks, commonly known as IGW (Internet Gateways), and only Public AS is used on the Internet.
Today, there are thousands of 4-Byte AS numbers announcing prefixes to the Global Internet.
But what is an Enterprise company receiving a service from Internet Service Provider?. In this case, Enterprise can use the Private BGP AS number to peer with its upstream Internet Service Provider(ISP).
But ISP, when it announces the prefixes to its transit ISPs or Settlement Free Peers, they need to remove Private BGP ASN.
Another usage for the Private ASN range is Massively Scale Datacenters.
As you can understand from RFC 7938, which is explaining the usage of BGP inside the Massively-Scale Datacenters, Private BGP ASNs are used in these networks to avoid accidental BGP Route leaking with someone else's BGP Public ASNs.
You can advertise Private/Internal RFC 1918 IP Addresses to your peer on the Global Internet as well. So, BGP doesn't stop this.
Your job is to remove those private IP addresses and private BGP AS numbers before advertising to the Global Internet.
Of course, in order to avoid problems, neighboring ASNs should filter the Private IP addresses or Private ASNs, if they shouldn't come as Private. As we mentioned before, if it is Enterprise to ISP connection, ISP might be allowing Private advertisement, but in turn, they remove those private IP addresses and private ASNs before advertising to their neighbors on the Global Internet.
Orhan Ergun, CCIE/CCDE Trainer, Author of Many Networking Books, Network Design Advisor, and Cisco Champion 2019/2020/2021
He created OrhanErgun.Net 10 years ago and has been serving the IT industry with his renowned and awarded training.
Wrote many books, mostly on Network Design, joined many IETF RFCs, gave Public talks at many Forums, and mentored thousands of his students.
Today, with his carefully selected instructors, OrhanErgun.Net is providing IT courses to tens of thousands of IT engineers.
Write a public review