Understanding the `disable-peer-as-check` Command in Cisco Nexus NX-OS BGP Configuration

Border Gateway Protocol (BGP) is an essential internet protocol that manages how packets get routed across the internet by exchanging information between edge routers. Cisco Nexus switches running the NX-OS operating system have specific commands and behaviors around BGP configuration, which differ slightly from other Cisco operating systems like IOS and IOS-XE. This blog post focuses on the disable-peer-as-check command, its significance, and how it varies across Cisco OS.


Before diving into this topic, it is recommended that you have a basic understanding of:

  • Cisco Nexus NX-OS Software
  • BGP Routing Protocol

What is `disable-peer-as-check`?

When a Cisco Nexus switch with NX-OS advertises a network prefix to an external BGP (eBGP) peer, it checks the Autonomous System (AS) in the AS_PATH attribute of the BGP update. By default, the Nexus switch will not send any network prefix to an eBGP peer if the peer’s AS number is already the last entry in the AS_PATH attribute of the network prefix.

This behavior is different in Cisco’s IOS and IOS-XE; prefixes are still sent to eBGP peers even if their AS is already in the AS_PATH.

The disable-peer-as-check command modifies this default behavior in NX-OS to make it similar to IOS and IOS-XE.

Why is it Important?

If you are running a mixed environment with Cisco IOS and Cisco Nexus devices, this difference in default behavior could cause discrepancies in your BGP routing updates. If the `disable-peer-as-check` command is not enabled, specific prefixes may not get advertised to peers, causing a failure in the expected route propagation.

Sample Configuration



  • R1 – Cisco IOS Router
  • N9K-1 – Cisco Nexus Switch running NX-OS
  • R2 – Cisco IOS Router

On R1:

router bgp 64512
 network mask
 neighbor remote-as 65535

On N9K-1:

router bgp 65535
 address-family ipv4 unicast
 neighbor remote-as 64512
 neighbor remote-as 64512

On R2:

router bgp 64512
 neighbor remote-as 65535

In the absence of the disable-peer-as-check command on N9K-1, it will not advertise the prefix `` to R2, as R2’s AS (64512) is the last in the AS_PATH attribute. Enabling the disable-peer-as-check command will permit this advertisement.

How to Verify

To ensure that the configuration works as expected, you can run verification commands on both N9K-1 and R2.

N9K-1# show bgp ipv4 unicast

On R2, you can enable debugs to verify the received routes.

R2# debug bgp ipv4 unicast
R2# clear bgp ipv4 unicast * soft

Troubleshooting Tips

If the routes are not being advertised as expected, you can enable debugging for specific BGP neighbors or prefixes to get more information.

On N9K-1:

N9K-1# debug-filter bgp neighbor
N9K-1# debug-filter bgp prefix
N9K-1# debug bgp updates


The disable-peer-as-check command in Cisco Nexus running NX-OS allows for more consistent BGP behavior across different Cisco platforms. Understanding the default behaviors and how to modify them can be critical in ensuring that your network operates as expected. Test any configuration changes in a lab environment before deploying them in a live network.