An autonomous system is a routing domain that shares routing information. Typically, an autonomous system is the same as an organization. Within the context of internal security, every network within the organization is available, and information about the networks is transmitted via an interior routing protocol such as EIGRP, OSPF, RIP, or IGRP. Although there may be more than one interior routing protocol running within the autonomous system, the probability is that they are sharing information. This sharing is achieved through redistribution, and it allows every router within the domain awareness of every available network within the domain.
The Cisco glossary describes an autonomous system as follows:
A collection of networks under a common administration sharing a common routing strategy. An autonomous system is subdivided by areas. An autonomous system must be assigned a unique 16-bit number by IANA.
The reason for defining an autonomous system is to be able to determine the demarcation between organizations and the Internet. The capability of the Internet to identify an entire organization by the means of the unique 16-bit integer allows for great constriction of the amount of information that needs to be held in routing tables or transmitted in routing updates. This level of hierarchy is crucial to the successful operation and maintenance of the Internet.
BGP-4 is the routing protocol that is used between autonomous systems to carry this pared down information into and across the Internet. If the autonomous system is connecting directly into the Internet, then it is necessary to acquire a unique autonomous system number from the IANA. However, many organizations connect to the Internet via a service provider, who will have an autonomous system for connecting into the Internet, which includes all organizations connecting through them.
Many organizations are using BGP-4 without connecting directly to the Internet and are using private autonomous system numbers. This is done for reasons of scale and requires the same precautions as using private IP addresses.
Was this article helpful?