How do we count ASNs?

By on 19 Mar 2021

Category: Tech matters

Tags: , ,

Blog home

We previously discussed what it means to be an ASN, but let’s recap. An Autonomous System number (or AS number, or ASN), is a number with only one useful property: it has been assigned to only one BGP speaker. In other words, it’s uniquely assigned, which is the primary job of the Internet number registry system. That’s why RIRs exist, to delegate unique assignments of addresses, and ASNs.

What do ASNs look like?

They are numbers. They look like numbers. To be less silly, they are often referred to as ASxxxx (for some number of ASNs). As an example, AS4608 is one of APNIC’s two main ASNs (the other is AS4777). If you refer to ‘4608’ or ‘AS4608’, depending on the context, netops people will know what you mean. ‘On the wire’, they’re sent as binary values in 16-bit or 32-bit fields, so AS4608 would be encoded as 0001001000000000 or 00000000000000000001001000000000, but nobody talks binary here.

Let’s cut to the chase: how many are there?

ContextCount
16-bit ASN65,535
32-bit ASN4,294,967,296
Delegated99,868

Table 1 — Counting ASNs.

Originally, ASNs were 16 bits long, and so there were 65,536 at most in the global Internet. However, some have been kept back, or in IANA parlance, ‘reserved’:

ASNCountReasonDocumentDate
AS 01“Do not route this prefix”RFC 7607August 2015
AS 234561Bridge 2-byte and 4-byte ASN worlds in BGPRFC 6793December 2012
AS 64496 – 6451116Documentation use onlyRFC 5398December 2008
AS 65412 – 65534122“Private” ASNs, used in BGP but not in the default-free BGP routing viewRFC 1930March 1996
AS 655351Reserved by IANA (it was the end of the block of numbers, they often do this)RFC 7300July 2014

Table 2 — IANA reserved ASNs.

The March 1996 decision to reserve a block of ASNs was subsequently revised, but as early as 1996 it was on record the IETF knew that 16-bit ASNs were finite, and too close to the number of foreseeable active BGP speakers. To quote from RFC 1930:

9. AS Space exhaustion

   The AS number space is a finite amount of address space. It is
   currently defined as a 16 bit integer and hence limited to 65535
   unique AS numbers. At the time of writing some 5,100 ASes have been
   allocated and a little under 600 ASes are actively routed in the
   global Internet. It is clear that this growth needs to be continually
   monitored. 

A total of 64,493 would be expected, notwithstanding these reservations. The problem was that now we were going to need more than this from around 2007 onward. This space worked well until the Internet grew to have more than 50-60,000 active BGP speakers with their own ASNs. After that, it became clear that 16 bits was not enough, so ASNs were expanded from 16-bit (two bytes) to 32-bit (four bytes) in 2007, 10 years after it was first noted as a potential issue.

32 bits can number 4,294,967,296 things, so it seems unlikely there will be a need for that many discretely different BGP speaking systems identified by a unique ASN. So, for the foreseeable life of BGP-4, this is probably the maximum ‘size’ of the ASN field, or ‘how many’ there are. There are 4 billion of them.

Except, there are some reservations in the 4-byte ASN space too:

ASNCountReasonDocumentDate
65,536-65,55116Reserved for use in documentation and sample codeRFC 5398Dec-08
65,552-131,07165,520Reserved by IANA
4,200,000,000-4,294,967,29494,967,294Reserved for Private UseRFC 6996Jul-13
4,294,967,2951Reserved (it is the end of the block of numbers. What can I say? They often do this)RFC 7300Jul-14

Table 3 — Reservations in the 4-byte ASN space.

What are the special ASNs?

AS0 (zero), is used to signal ‘do not route these things’ and is now used in RPKI to signal that without a more specific RPKI ROA with a real AS, the Internet addresses shouldn’t be routed. This is, in effect, a ‘turn it on’ key, for addressing and routing security.

Read: Discussing the future of RPKI

ASNs 64,496 – 64,511 and 65,536 – 65,551 are used in documentation; there are 32 of them, 16 in the older 2-byte ASN and 16 in the newer 4-byte ASN, to allow for sufficiently complex example networks to be shown in training and documentation.

The ‘private AS’ numbers in the ranges 64,512 – 65,534 and 4,200,000,000 – 4,294,967,294 can be used everywhere EXCEPT global BGP (they do leak, but they were designed NOT to be used in public, hence are Private ASes). The very large set of private ASes in the 4-byte ASN space is perhaps unusual, but nonetheless, nobody should worry that they cannot construct complex interior routing logic inside their own AS, because 94 million should be enough.

The special ASN AS23456 is called AS-TRANS and is used to ‘bridge’ between the 2-byte and 4-byte BGP-speaking worlds. It is a mechanism to allow two different implementations of BGP to talk to each other, and routes to exist in the 2-byte ASN world that refer to 4-byte ASNs.

How many have been delegated?

99,868 (as of March 2021).

Counting how many ASNs have been delegated is remarkably simple. The list of all the delegated ASNs is published every day by the NRO as the delegated-extended file.

Figure 1 — The NRO’s delegated-extended file.
Figure 1 — The NRO’s delegated-extended file.

The NRO’s delegated-extended file has a simple CSV-like format, and each delegated ASN is recorded as a line like this:

apnic|TH|asn|141730|1|20210212|assigned|A91F4FDA|e-stats

The fourth and fifth field are critical. They record the ASN, and a count. If this were a block of numbers, the count would be more than one. All the assigned ASNs are marked with the word ‘assigned’. There are also ASN records with other keywords, which you can ignore for the purposes of this exercise.

Most people only get one ASN at a time but for process reasons, sometimes blocks of ASNs are given out, and this file has to record that. That is why the number of assigned ASNs isn’t just the count of matching lines in the file.

Status typeMeaning
‘assigned’In use
‘available’Not yet in use
‘reserved’Not yet in use
‘ianapool’Not yet delegated by IANA to an RIR

Table 4 — Status types and their meanings.

Noting this, if you take the fifth column (count) and add up all status ‘assigned’ lines in this file, the sum is the count of ASNs that have been delegated.

Over the years, and across the RIR system, a grand total of 99,868 ASNs have been delegated. Naturally, you might think that number is therefore visible in BGP. Alas, not so.

How many are visible in BGP?

To count the number of ASNs visible in BGP, you need to understand their two roles, origin and path, and also understand how to read a BGP dump. Here is an example of a fragment of one type of BGP dump, based on what is visible from a Cisco BGP router:

Figure 2 — Origin-AS and AS-PATH in the BGP dump.
Figure 2 — Origin-AS and AS-Path in the BGP dump.

The ASNs visible in this fragment are examples of the ASNs visible in BGP, in the role of path or origin. Taking examples from above, 4777 6939 4826 are the three ASNs on the path of a prefix, and 38803 is the origin.

Counting all these unique ASNs, 71,970 are active in BGP right now. Tomorrow it could be more, or less.

Counting the ‘active’ ASNs means counting the unique list of ASNs seen in BGP, regardless of if they are origin or path, and we can do this across both IPv4 and IPv6 BGP:

ContextCount
BGP for IPv470,872
BGP for IPv621,969
Across both71,970
Only used in IPv61,098

Table 5 — ASNs seen in BGP.

Notice how the count of unique ASes seen across both BGP for IPv4 and BGP for IPv6 is much less than the sum of each, distinctly? This is because most BGP for IPv6 speakers are also using the same ASN for IPv4, but not quite all of them. There are also 1,098 ASNs used to route IPv6 uniquely.

Where are the other ASNs?

Are the ‘missing’ ASNs really missing? It depends on where you are in BGP. In the numbers shown above, 27,898 are missing in action. Where are they?

Some of them are probably in use, but in ways that don’t show up in the view of BGP that I have access to. In principle, this shouldn’t happen. In practice, it does. Put simply, BGP is not the same, everywhere, all the time.

Some of them are genuinely not in use. We know this, because when we made ‘BGP the movie’ about the history of BGP, we charted the movement of ASNs into distribution and visibility in BGP (see below to watch it). Since we started routing, there have always been ASNs that came, had a brief existence in BGP, and then stopped being seen.

Why? Because the company that requested them didn’t see a need to formally hand them back, and we’ve never faced a shortage of ASNs, as we have IPv4 addresses. So, the simplest explanation is, they just stopped being useful to that entity. Should they be reclaimed? Arguably yes, but there are another four billion of them yet to use.

One specific case we do have to understand is that sometimes for administrative reasons ASNs are delegated and listed as in use, but they are for sub-distribution and have not yet been given to a BGP speaker. This has happened with NIRs in the APNIC region and with the Brazilian NIR in the LACNIC region. These entities get allocated blocks, and the ASNs appear in the global delegation statistics as in use, but they have been given to a registry and not an end-user. This does introduce some of the uncertainty around use.

To be fair, the actual number of ASNs in use could be higher. To find them, we could exhaustively compare the daily BGP views from around the world, or look at peering databases and other collections of ASNs that people hold, or look in the Internet Routing Registries, where ASNs are named and declared bound to a specific routing entity.

BGP, the movie.

Rate this article

The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Top