Consequences of BGP Peering with Private Addresses

Hey All,

So we're running out of peering space in our /24 and we were considering using private /30's for new peerings. Are there any horrific consequences to picking up this practice?


"Horrific"? How about: "Most peers won't bring up a session."

What happens if the peer is using 1918 space internally?

yes. it causes nasty problems if you use urpf (as you should), in particular with pmtu discovery and traceroute.


You can reclaim space by switching your peerings to /31s where possible.

If you go down the private space route, make sure you and your peers
know about "next hop self"


IPv4? IPv6?

are you planning to do NAT or PAT?
Are you using a bogous ASN 64512 through 65534 to be used for private purposes?
/30 -> 4 addresses/2 hosts -> you can't do a mesh configuration w/ that subnet mask..........

i guess you have a lot of ibgp sessions ..........:slight_smile:

bgp finite state model

I agree with other posters that this is not a good practice. Is it
somehow not possible for you to obtain additional address space? Can
you not use neighbor-assigned /30s more frequently to avoid exhausting
your existing allocation?

For eBGP neighbors, I would sooner use non-unique /30s than utilize
RFC1918 space. While this would not allow for correct reverse DNS,
and traceroute would be less obvious, it has fewer disadvantages than
assigning RFC1918 for your peer link-nets. You will need to re-write
next-hop towards iBGP neighbors, though (using next-hop-self or
translating to internal numbers for routing protocol use) and you
should not re-use the same /30 twice on the same ASBR.

This may sound crazy, and it is certainly not an ideal way of doing
things; but it is an alternative worth consideration as networks
exhaust their available IPv4.

I was going to mention this, but it's only the neighbor address that is
IPv6. You still need an IPv4 next-hop and that is where the issue is in
using RFC1918 within this scenario.


And that will teach me not to read the thread!

Also absent from this discussion is that the RIRs are still issuing
address space, and interface addressing is perfectly reasonable


This might summarize it nicely.

- -gaurab

- --