How to configure BGP ASN stripping in Advanced Routing Engine

How to configure BGP ASN stripping in Advanced Routing Engine

214
Created On 02/12/26 00:18 AM - Last Modified 02/12/26 01:26 AM


Environment


  • Palo Alto firewall running 10.2 or later
  • Panorama running 10.2 or later

Cause


  • It is sometimes needed to strip/remove BGP ASNs from the prefix's attributes. This is usually done while advertising a prefix towards the Internet or for privacy compliances reasons.
  • This article describes the process to do this in Advanced Routing Engine.

Resolution


  • Basically, we need to add the BGP ASN number which we want to strip/remove in the ASPATH Exclude option in the route-map which is applied to the BGP Neighbour.
  • Below are the screenshots detailing the before and after change in attribute as seen on the neighbouring device.

Before the option is used: (When no ASN is mentioned in the ASPATH Exclude option).

 

How the prefix was seen on the neighbour (Notice the ASN 1 seen):

 

 

 

Below is how to add the BGP ASN to the ASPATH Exclude option:

 

 

Note that when the prefix is seen on the neighbour, the BGP ASN 1 is not seen in the BGP ASNs.

 

Additional Information


NA
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA1Ki000000wkXvKAI&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail