Border Gateway Protocol (BGP) is an essential internet protocol that manages how packets get routed across the internet by exchanging information between edge routers. Cisco Nexus switches running the NX-OS operating system have specific commands and behaviors around BGP configuration, which differ slightly from other Cisco operating systems like IOS and IOS-XE. This blog post focuses on the disable-peer-as-check command, its significance, and how it varies across Cisco OS.
Before diving into this topic, it is recommended that you have a basic understanding of:
Cisco Nexus NX-OS Software
BGP Routing Protocol
What is `disable-peer-as-check`?
When a Cisco Nexus switch with NX-OS advertises a network prefix to an external BGP (eBGP) peer, it checks the Autonomous System (AS) in the AS_PATH attribute of the BGP update. By default, the Nexus switch will not send any network prefix to an eBGP peer if the peer’s AS number is already the last entry in the AS_PATH attribute of the network prefix.
This behavior is different in Cisco’s IOS and IOS-XE; prefixes are still sent to eBGP peers even if their AS is already in the AS_PATH.
The disable-peer-as-check command modifies this default behavior in NX-OS to make it similar to IOS and IOS-XE.
Why is it Important?
If you are running a mixed environment with Cisco IOS and Cisco Nexus devices, this difference in default behavior could cause discrepancies in your BGP routing updates. If the `disable-peer-as-check` command is not enabled, specific prefixes may not get advertised to peers, causing a failure in the expected route propagation.
In the absence of the disable-peer-as-check command on N9K-1, it will not advertise the prefix `192.168.10.1/32` to R2, as R2’s AS (64512) is the last in the AS_PATH attribute. Enabling the disable-peer-as-check command will permit this advertisement.
How to Verify
To ensure that the configuration works as expected, you can run verification commands on both N9K-1 and R2.
N9K-1# show bgp ipv4 unicast
On R2, you can enable debugs to verify the received routes.
The disable-peer-as-check command in Cisco Nexus running NX-OS allows for more consistent BGP behavior across different Cisco platforms. Understanding the default behaviors and how to modify them can be critical in ensuring that your network operates as expected. Test any configuration changes in a lab environment before deploying them in a live network.