BGP

Chapter Objectives
After successfully completing this chapter, you will be able to:
Explain basic BGP operations Configure EBGP and IBGP Verify and troubleshoot BGP operations Provide connectivity for BGP peers

2

Agenda: BGP
BGP Operations EBGP Configuration Verification and Troubleshooting IBGP Configuration BGP Connectivity

3

BGP4
Exterior routing protocol Path-vector protocol
No metric comparable to interior protocols

AS100 15.0.0.0

AS200

AS300

AS400

Connection oriented
Peers exchange updates via TCP

Path to 15.0.0.0: 300, 200, 100

4

BGP Terminology

EBGP Peers (neighbors) IBGP

EBGP

Transit Domain

5

How BGP Works Routing Exchanges

AS 100 15.0.0.0
Network Path 131.108.0.0 300 144.55.0.0 300, 200

AS 200 144.55.0.0
Network Path 131.108.0.0 300 15.0.0.0 300, 100

Network Path 15.0.0.0 100 144.55.0.0 300, 200

AS 300 131.108.0.0 10.0.0.0

Network Path 15.0.0.0 300, 100 144.55.0.0 200

6

BGP Message Types
BGP message types:
Open Update Keepalive Notification Refresh

Messages use a common header

8

How BGP Works Route Attributes
AS path Next hop Local preference Origin MED Community

10

Local Preference Example

AS 100 15.0.0.0

AS 500 42.0.0.0

AS 200 144.55.0.0

OC-3c

OC-12c

Router A AS 300 131.108.0.0 10.0.0.0

Router B

Path to 42.0.0.0: local preference: 200

Path to 42.0.0.0: local preference: 300

13

Use of the Origin Attribute

Export Statics: 10.0.0.0/8 172.16.0.0/16 192.168.27.0/24

Export Direct: 192.168.14.0/24

Export IGP: 10.20.0.0/16

To other AS: EBGP 10.0.0.0/8: origin IGP 10.20.0.0/16: origin IGP 172.16.0.0/16: origin IGP 172.31.0.0/24: origin EGP 192.168.14.0/24: origin IGP 192.168.27.0/24: origin IGP

From other AS 172.31.0.0/24 (origin= 1 (EGP))

14

Simple MED Example
AS1
(10.10.0.0/16 nearby) (10.20.0.0/16 nearby)

10.10.0.0/16 MED=10 10.20.0.0/16 MED=20

10.10.0.0/16 MED=20 10.20.0.0/16 MED=10

AS2

Traffic for 10.20.0.0/16 Traffic for 10.10.0.0/16

15

BGP Route Selection (1 of 2)
Steps:
1.Can the BGP next hop be resolved? 2.Prefer the highest local-preference value 3.Prefer the shortest AS-path length 4.Prefer the lowest origin value 5.Prefer the lowest MED value 6.Prefer routes learned using EBGP over routes learned using IBGP

16

BGP Route Selection (2 of 2)
Steps (contd.):
1.Prefer routes with the lowest IGP metric 2.Prefer paths with the shortest cluster length 3.Prefer routes from the peer with the lowest router ID 4.Prefer routes from the peer with the lowest peer ID

17

BGP Route Advertisement Rules
Advertise only the active BGP routes to peers
BGP next-hop attribute must be reachable

Never forward IBGP routes to IBGP peers
Prevents loops

Withdraw routes if active BGP routes become unreachable

18

Agenda: BGP
BGP Operations EBGP Configuration Verification and Troubleshooting IBGP Configuration BGP Connectivity

19

Basic EBGP Configuration Procedure
Steps:
1.Set router ID 2.Set BGP AS and enable BGP protocol 3.Define and enable BGP peers 4.Enable BGP on interface(s)

20

Sample Configuration

199.88.77.1 AS 100 AS 500

eth0/0

21

Example Configuration³CLI Configuration³
## Step 1: set router ID ## set vrouter trust-vr router-id 142.99.0.10 ## ## Step 2: Set AS number/enable BGP ## set vrouter trust-vr protocol bgp 500 set vrouter trust-vr protocol bgp enable ## ## Step 3: Define/enable BGP peers ## set vrouter trust-vr protocol bgp neighbor 199.88.77.1 remote-as 100 set vrouter trust-vr protocol bgp neighbor 199.88.77.1 enable ## ## Step 4: Enable BGP on interface set interface e0/0 protocol bgp

22

Step 2: Adding BGP AS and Enabling BGP³ BGP³WebUI

Network > Routing > Virtual Router > Edit

23

Step 3: Defining and Enabling BGP Peers³ Peers³WebUI
Network > Routing > Virtual Router > BGP

24

Step 4: Enabling BGP on the Interface

Network > Interfaces > Edit

25

Adding Routes to EBGP
Two options:
Add static routes directly
Use route maps to set BGP attributes if desired

Redistribute dynamic routes

26

Adding Static Routes
Parameters
IP address/mask Check IP address/mask Weight Route map Prefix of route(s) to be redistributed Check internal network reachability before advertising route Local, nonadvertised value to set route preference Route map to set outbound route attributes

Configuration
CLI WebUI set vrouter name protocol bgp network ip address/mask [check ip address/mask] [weight 1-65535] [route-map name] Network > Routing > Virtual Router > Edit > BGP > Networks

27

Sample Configuration³Best Practice Configuration³

AS 100

AS 500 (Learned via OSPF) 142.99.1.0/24 . . . 142.99.88.0/24

142.99.0.0/16

28

Sample Configuration³CLI Configuration³

## Step 1: set static route ## set route 142.99.0.0/16 interface null ## ## Step 2: Add route to BGP ## set vrouter trust-vr protocol bgp network 144.99.0.0/16

29

Redistributing Routes from BGP

AS 100

AS 500 OSPF What should we import? 1.0.0.0/8 2.0.0.0/8 . . 223.255.255.0/24

30

Agenda: BGP
BGP Operations BGP Configuration Verification and Troubleshooting IBGP Configuration BGP Connectivity

31

Verifying Routing
Remote1-> get route protocol bgp IPv4 Dest-Routes for <trust-vr> (26 entries) -------------------------------------------------------------------------------ID IP-Prefix Interface Gateway P Pref Mtr Vsys -------------------------------------------------------------------------------‡68 172.21.0.0/16 eth2 1.1.2.10 eB 250 0 Root

32

Troubleshooting
Useful commands:
± get vrouter name protocol bgp
Options include area, database, interface, neighbor, and statistics

± debug bgp
Options include all, basic, error, event, peer, update

33

get vrouter name protocol bgp
ns208-> get vrouter trust-vr protocol bgp Admin State: enable Local Router ID: 10.1.75.1 Local AS number: 65500 Hold time: 180 Keepalive interval: 60 = 1/3 hold time, default Retry time: 120 Local MED is: 0 Always compare MED: disable Local preference: 100 Route Flap Damping: disable IGP synchronization: enable Route reflector: disable Cluster ID: not set (ID = 0) Confederation based on RFC 1965 Confederation: disable (confederation ID = 0) Member AS: none Origin default route: disable Ignore default route: disable

34

get vrouter name protocol bgp options
ns208-> get vrouter trust-vr protocol bgp ? aggregate show aggregate always-compare-med show always compare MED state as-number show AS number as-path-access-list show AS path access list comm-rib-in show BGP internal RIB learned from peers with community community-list show community list confederation show confederation config show configuration in this instance flap-damping show route flap damping state hold-time show hold time keepalive show keepalive local-pref show local preference med show Multi Exit Discriminator neighbor show neighbor information network show network redistribution show redistribution rules reflector show route reflector state reject-default-route show BGP reject default route state rib-in show BGP internal RIB learned from peers router-id show router id

35

Neighbors and Network
ns208-> get vrouter trust-vr protocol bgp neighbor Peer AS Remote IP Local IP Wt Status State ConnID Up/Down -------------------------------------------------------------------------------65121 1.1.2.10 1.1.2.1 100 Enabled ESTABLISH 696 00:00:16 65111 1.1.1.10 0.0.0.0 100 Enabled ACTIVE 0 4d;22:49:07

ns208-> get vrouter trust-vr protocol bgp network network weight check reachable-prefix rib-in route-map -------------------------------------------------------------------------------172.75.0.0/16 32768 yes 172.75.0.0/16 yes null

36

Agenda: BGP
BGP Operations BGP Configuration Verification and Troubleshooting IBGP Configuration BGP Connectivity

37

IBGP
AS 300 IBGP OSPF OSPF

AS 100

AS 200

38

IBGP Full Mesh
AS 300

A

B

C

A·s routes B·s routes C·s routes

A·s routes B·s routes C·s routes

A·s routes B·s routes C·s routes

39

IBGP Configuration
Same as EBGP, only use same AS number for local device and peer

40

BGP Peer Options
Parameters
advertise-def-route ebgp-multihop num force-reconnect hold-time seconds keepalive seconds md5-auth string med next-hop self reject-default-route retry-time seconds Advertises default route to BGP peers; off by default Number of hops between local device and neighbor; 0 by default Forces BGP connection; off by default Time elapsed without message from peer before marking peer down; default is 180 seconds Time between keepalives; default is 60 seconds Enables MD-5 authentication between peers; off by default Sets MED value for peer; off by default Sets next hop to local interface; next hop unchanged by default Rejects any default route received via BGP; off by default Time after failed session that reattempt occurs; 120 seconds by default

Configuration
CLI WebUI set vrouter name protocol bgp neighbor ip address option Network > Routing > Virtual Router > Edit > BGP > Neighbors

41

IBGP and the Next-Hop-Self Parameter Next-HopAS 300 10.1.1.250 10.1.2.250 10.1.3.250

1.1.1.250 AS 200

42

Simplifying Peer Configuration
Steps:
1. Create peer group 
  Set peer options Include peer group in neighbor configuration Enable neighbors

2. Add neighbors

Configuration
CLI WebUI set vrouter name protocol bgp neighbor peer-group name Network > Routing > Virtual Router > Edit > BGP > Peer Group

43

Peer Group Example
AS 300

10.1.1.250

10.1.2.250

10.1.3.250

set vrouter trust-vr protocol set vrouter trust-vr protocol remote-as 300 set vrouter trust-vr protocol md5-authentication verify03 set vrouter trust-vr protocol set vrouter trust-vr protocol set vrouter trust-vr protocol set vrouter trust-vr protocol

bgp neighbor peer-group InternalPeers bgp neighbor peer-group InternalPeers bgp neighbor peer-group InternalPeers bgp bgp bgp bgp neighbor neighbor neighbor neighbor 10.1.2.250 10.1.3.250 10.1.2.250 10.1.3.250 peer-group InternalPeers peer-group InternalPeers enable enable

44

IBGP Scalability
Full mesh does not scale!
Solution 1: Route reflectors Solution 2: Confederations

45

Route Reflectors

46

Configuring Route Reflectors
Set only on peer performing route reflection
Enable reflector, set cluster ID to prevent loops Enable reflector-client on individual peer or in peer group (peer group is easier)
set vrouter trust-vr set vrouter trust-vr set vrouter trust-vr set vrouter trust-vr remote-as 300 set vrouter trust-vr reflector-client set vrouter trust-vr InternalPeers set vrouter trust-vr InternalPeers set vrouter trust-vr set vrouter trust-vr protocol protocol protocol protocol bgp bgp bgp bgp reflector reflector cluster-id 99 neighbor peer-group InternalPeers neighbor peer-group InternalPeers

protocol bgp neighbor peer-group InternalPeers protocol bgp neighbor 10.1.2.250 peer-group protocol bgp neighbor 10.1.3.250 peer-group protocol bgp neighbor 10.1.2.250 enable protocol bgp neighbor 10.1.3.250 enable

47

Confederations
AS 300

Sub-AS 65111 EBGP Sub-AS 65222

48

Configuring Confederations
Three different AS numbers:
Local sub-AS number³use to create protocol instance Confederation ID³the real (public) AS number Confederation peer(s)³ other sub-AS in the confederation

set vrouter trust-vr protocol bgp 65111 set vrouter trust-vr protocol bgp confederation id 300 set vrouter trust-vr protocol bgp confederation peer 65222 set vrouter trust-vr protocol bgp enable <configure BGP peers in local sub-AS> <configure BGP peer in other sub-AS if required> <configure ³real´ EBGP peers if required>

49

Agenda: BGP
BGP Operations EBGP Configuration Verification and Troubleshooting IBGP Configuration BGP Connectivity

50

BGP Connectivity
Configure policy to allow TCP port 179 between IBGP peers

AS 300 IBGP

51

Summary
In this chapter, we:
Explained basic BGP operations Configured EBGP and IBGP Verified and performed troubleshooting of BGP operations Provided connectivity for BGP peers

52

Sign up to vote on this title
UsefulNot useful