BGP Overview | Routing | Router (Computing)


Border Gateway Protocol Overview

This chapter covers basic Border Gateway Protocol (BGP) technology and path attributes, details BGP session establishment and routing information exchange and describes basic IOS configuration and troubleshooting tasks. It includes the following topics:
s s s s

Objectives Introduction to BGP BGP path attributes BGP neighbor configuration and session BGP routing updates Simple BGP configuration Monitoring and troubleshooting of simple BGP Summary Review Questions

s s s

s s

Upon completion of this lesson, you will be able to perform the following tasks:

Explain the need for BGP and typical BGP usage Describe basic BGP technical characteristics Describe BGP path attributes Describe BGP session establishment and routing Configure basic BGP on Cisco router Monitor and troubleshoot basic BGP setup

s s s

information exchange
s s


BGP Overview

Copyright ©1999, Cisco Systems, Inc.

Introduction to BGP
Upon completion of this section, you will be able to perform the following tasks:
s s s s s

Explain the need for interdomain routing Describe the need for external routing protocol List the basic BGP technical characteristics Identify typical BGP usage scenarios Explain BGP limitations

Copyright ©1999, Cisco Systems, Inc.

BGP Overview


www. s Exterior routing protocols (Border Gateway Protocol—BGP—being the only widely used one) are protocols that have the right set of functions to support the various interdomain routing policies. although confusing for a novice. It is usually based on a set of policies. Inc. Contrary to them. a range of private AS numbers (64512 – 65535) has been reserved. Some other definitions refer to a collection of routers or IP prefixes. OSPF. Legal and administrative ownership of the routers does not matter in terms of autonomous systems. s Interdomain routing is routing between autonomous systems.Interdomain Routing AS65000 AS65001 OSPF BGP EIGRP • An autonomous system (AS) is a collection of networks under a single technical administration • Interior routing protocol (IGP) is run inside an autonomous system resulting in optimum intra-AS routing • Exterior routing protocol (EGP) is run between autonomous systems to enable routing policies and improve security © 2000. These terms. which means sharing the same routing protocol and routing policy. interdomain routing and interior and exterior routing protocols are commonly used. The important principle is the technical administration. 16bit unsigned quantities ranging from 1 to 65535. with no respect to routing For customers that need AS numbers to run BGP in their private networks. interior routing protocols (for example. Cisco Systems. RIP or EIGRP) only care about finding the optimum (usually fastest) route between two points. not just the technical characteristics of the underlying infrastructure. s 23-4 BGP Overview Copyright ©1999. . the terms autonomous system. Autonomous systems are identified by AS numbers. Cisco BGP_Overview—Page-5 When talking to people involved with Internet routing. but in the end they all mean the same entity. Public AS numbers are assigned by Internet registries. are really extremely simple to grasp: An autonomous system (AS) is a collection of networks under a single technical administration. Inc.

s Copyright ©1999. s Secure information exchange—as the routers from other autonomous systems cannot be tight filters on routing updates and router authentication are very desirable features.000 routes and is still growing • Secure routing information exchange • Routers from another autonomous system cannot be trusted • Tight filters are required. which consists of over BGP_Overview—Page-6 The design goals for any interdomain routing protocol include the following: Scalability—interdomain routing protocol has to be able to support Internet routing. Inc.Interdomain Routing Goals • Scalability • Internet has over 80. BGP Overview 23-5 . Inc. authentication is desirable • Routing policies support • Routing between autonomous systems might not always follow the optimum path © 2000. Cisco Systems. Cisco Systems. www.000 routes. s Support for routing policies—routing between autonomous systems might not always follow the optimum path and exterior routing protocols have to support a wide range of customer requirements.

but AS2 will not forward that particular information to the Internet. That action would create a black hole —Company A would send its packets to Company B and then Company B would drop them. Cisco Systems. That would make traffic between AS1 and AS20 flow via AS2. Company B must make sure that packets from the Internet destined to Company A are never sent over the Internet access line to Company B. how will the traffic between AS1 and AS20 flow? Q: Will AS 2 allow this traffic? Q: How would you solve this problem with OSPF or EIGRP? © 2000. . Company B is unlikely to allow traffic from Company A to reach the Internet using Company B’s access line. In routing protocols other than BGP. AS1 23-6 BGP Overview Copyright ©1999. Also. where two companies are connected to the Internet via leased lines of differing speed. BGP_Overview—Page-7 To illustrate the need for interdomain routing protocol. AS2 will receive reachability information about the Internet from its Internet service provider. which are destined to the Internet. Cisco Systems. To avoid this situation. The result of this routing policy would be that AS1 sees all the networks within AS2 reachable over the 2Mbps link. Company B must make sure that the packets from Company A. Company B would easily achieve this goal by creating an access-list blocking all IP packets from AS1 transmitted on the 2Mbps serial line from Company B to the Internet. routing decisions are normally made to take benefit of the highest bandwidth available. Only networks local to AS2 are sent to AS1. www. which directly connects AS1 with AS2.Routing Policies . are never sent to Company B. Inc. which indicates that AS2 will receive reachability information from AS1 for its own use. Inc. but that information is never forwarded to AS1. This is not desirable by AS2.Case Study bp M s Service Provider (AS 10) 64 kb ps 2 Company X (AS 20) 2 M s bp 2 Mbps Company A (AS 1) Company B (AS 2) Q: Assuming standard IGP route selection rules. Company B could implement a routing policy. because it would make the users in Company A generate traffic on the Internet access line purchased and paid for by Company B. refer to the above network

cannot do powerful route filtering at all.will not see the rest of the Internet reachable through AS2. Cisco Systems. which directly connects AS1 with AS2. for example. Copyright ©1999. Therefore. such as OSPF. Also. however. not on all prefixes belonging to an autonomous system. the Internet Service Provider will not receive that reachability information from AS2. traffic from the Internet to Company A will be transmitted over the 64kbps link. but impossible to implement with any other routing protocol. This routing policy is easy to implement when using BGP. BGP. based on AS numbers. Link-state protocols. EIGRP. can do route filtering only on individual IP subnets. can do this. AS1 forwards the packets toward the Internet directly over the 64kbps link. therefore. However. BGP Overview 23-7 . Inc. it will only receive it from AS1. the IP networks in AS1 will appear reachable by AS2 over the 2Mbps link. which makes it possible to scale over the Internet.

Cisco Systems. If two different paths are available to reach one and the same IP subnet. combined with the batching of routing updates also performed by BGP_Overview—Page-8 BGP is a distance vector protocol. Inc. . Inc. This requires a means of measuring the distance. BGP sends routing updates to its neighbors by using a reliable transport. All distance vector protocols have such means. The receivers of that information will say “if that AS can reach those networks. This means that the sender of the information always knows that the receiver has actually received it. then I can reach them via it”. allows BGP to scale to Internet-sized networks. So there is no need for periodical updates or routing information refreshments. Only information that has changed is transmitted. Cisco Systems. This means that it will announce to its neighbors those IP networks that it can reach itself. 23-8 BGP Overview Copyright ©1999. www. The reliable information exchange. BGP is doing this in a very sophisticated way by using attributes attached to the reachable IP subnet.BGP Characteristics • Distance-vector protocol with enhancements: • Reliable updates • Triggered updates only • Rich metrics (called path attributes) • Designed to scale to huge internetworks © 2000. then the shortest path is a metric.

Since a reliable transport is BGP_Overview—Page-9 The reliable transport mechanism used by BGP is the standard TCP protocol. reply with a BGP keepalive packet. according to the BGP specification. TCP does not provide the service to signal that the TCP peer is lost. which must be considered by the routing protocol. A router which has received reachability information from a BGP peer. Inc. The larger the network is. causing the IP packets to be lost in a black hole. But low convergence time and quick responses to topology changes require fast updates and high CPU power to process both incoming and outgoing updates. These packets are considered application data by TCP and must therefore be transmitted reliably. Therefore. was to be able to handle enormous amounts of routing information in a very large and complex network.Reliable Updates • Uses TCP as transport protocol • No periodic updates • Periodic keepalives to verify TCP connectivity • Triggered updates are batched and ratelimited (every 5 seconds for internal peer. BGP takes care of detecting its neighbors presence by periodically sending small BGP keepalive packets to them. A key design goal when BGP was created. Copyright ©1999. Cisco Systems. Cisco Systems. the peer could be gone without TCP detecting it. the more updates per second could be expected if immediate response was required. The peer router must also. Inc. This could jeopardize the scalability. Otherwise traffic could be routed towards a next-hop router that is no longer available. BGP Overview 23-9 . unless some application data is actually transmitted between the peers. www. This makes periodic updates unnecessary and is thus avoided. where there is no need for BGP to update its peer. every 30 seconds for external peer) © 2000. the sender will know that the receiver has actually received the transmitted In this environment many links could go up and down causing topology changes. BGP is an application protocol that uses the TCP and IP protocols for reliable connections. In an idle state. must be sure that the peer router is still there.

23-10 BGP Overview Copyright ©1999. At the end of the interval. If a network flaps several times during the batch interval. Cisco Systems. only the state at the end of the interval is sent in an update.The designers of BGP decided that scalability was a more important issue than low convergence time. so BGP was designed to batch updates. Inc. The batching feature avoids an uncontrolled flood of updates all over the Internet as the amount of updates is throttled by the batching procedure. only the remaining result is forwarded in an outgoing update. Any changes received within the batch interval time are saved. .

some typical scenarios where BGP is usable is described. BGP is also used by some very large enterprises as their core routing protocol. BGP Overview 23-11 . These scenarios include customers connected to one or more service providers. Copyright ©1999. www. Inc.Common BGP Usages • Customer connected to one Internet Service Provider (ISP) • Customer connected to several Service Providers • Service Provider networks (transit autonomous systems) • Service providers exchanging traffic at an exchange point ( BGP_Overview—Page-10 On the following pages. Cisco Systems. GIX. NAP …) • Network cores of large enterprise customers © 2000. as well as the Internet Service Provider (ISP) networks themselves. Cisco Systems.

static routes are more commonly used to handle this BGP_Overview—Page-11 The above scenario where a customer network is connected to the Internet using a single Internet Service Provider is generally not a case where BGP is used. Cisco Systems. www. 23-12 BGP Overview Copyright ©1999. A normal Internet access to a single ISP does not require BGP. .Single-homed Customers • Large customer or small ISP connecting to the Internet Internet Customer or small Service Provider BGP Service Provider © especially if they want to start their business the proper way—by using their own AS number and having their own address space. Small ISPs buying Internet connectivity from other ISPs use this type of connectivity more often. Inc. Cisco Systems. Inc.

when customers are multi-homed to the same service provider (that is. Copyright ©1999. and small ISPs that plan to have multiple Internet connections in the future. Customers that plan to connect to more than one ISP.Customer Connected to One ISP Usage Guidelines Use BGP between the customer and the Service Provider: • Customers multi-homed to the same Service Provider • Customer that needs dynamic routing protocol with the Service Provider to detect failures • Hint: Use private AS number for these customers • Smaller ISPs that need to originate their routes in the Internet Use static routes in all other cases • Static routes are always simpler than BGP © 2000. Private AS numbers (AS numbers above 64512) are usually used for these customers. For example. This option is used even when they have a single link with the service provider in order to be prepared for future upgrades. Inc. BGP Overview 23-13 .cisco. BGP must be used between the customer and the Service Provider. Cisco Systems. Cisco Systems. BGP_Overview—Page-12 Under certain conditions. In all other cases. usually use BGP with their service provider. using static routes from the service provider toward the customer and using default static route from the customer toward the service provider is the preferred method of provider—customer routing in the Internet. www. the customer networks have multiple links connecting them with the service provider network) and thus need dynamic routing protocol with the service provider to detect link failures.

which has the problem to reach the rest of the Internet. The customer should avoid forwarding any routing information received from one ISP to the other. but the connection between one of the ISPs and the rest of the Internet is lost. however. So those routes are not withdrawn. The rest of the Internet will. withdraws all of those routes and thus tells the customer’s AS that it can no longer reach the rest of the Internet that way. received routes from the Internet will be withdrawn when the link fails. but that ISP can no longer forward the announcement to the rest of the Internet. but routes received over the remaining link are not affected. Full redundancy is achieved in this setup. So the Internet will still see all networks within the customer’s autonomous system as reachable. Cisco Systems. Inc. 23-14 BGP Overview Copyright ©1999. is still reachable over the remaining link. works like this: The ISP. but only over the remaining path. see the customer’s networks reachable over the path to the other ISP. Other problems are also handled by this design.Multi-homed Customers • Customer connecting to several serviceproviders (multi-homed customer) Internet Service Provider #1 Multi-homed Customer P BG Service Provider #2 BGP © 2000. The networks in the customer’s AS are still reachable by the ISP in trouble. If the customer fails to avoid that. Both ISPs forward all routes received from Internet to the customer network. Inc. Also. So the Internet. A case where both access links are available. If any of the two access links fails. But reachability is still announced over the remaining link. then the customer will become a transit provider between the two ISPs. This is something most customers like to avoid. including the ISP to which the direct connection has BGP_Overview—Page-13 The above figure illustrates a customer network connected to two different ISPs which requires the use of BGP for full redundancy. . www. The customer must have its own officially assigned AS number. Cisco Systems. which does not have any But the networks local to the ISP with the problem are still reachable that way. The customer is responsible for announcing its own IP networks to both ISPs. the reachability information previously transmitted of the now failed link will be withdrawn.

Multi-homed Customer Usage Guidelines • BGP is almost mandatory for multi-homed customers • Multi-homed customers have to use public AS numbers • Multi-homed customers should use provider-independent address space © BGP_Overview—Page-14 The following usage guidelines apply to multi-homed customers: Although there are designs where BGP could be avoided. www. Inc. BGP Overview 23-15 . Cisco Systems. most multi-homed customers use BGP with their service providers s The multi-homed customers must have their own AS number and it is recommended to use a public AS number s Multi-homed customers should use a providerindependent address space which is allocated to them directly by an Internet registry. Cisco Systems. Inc. s Copyright ©

POS. A transit AS is an AS that exchanges BGP routing information with other ASes and forwards information received from one AS to other ASes. When routing information is forwarded. as well as in the other direction. The transit AS must be prepared to relay the user data. Inc. as explained in the BGP Transit Autonomous System lesson. There is no need for additional physical interfaces in the ISPs border router.Transit Autonomous System • Using BGP to exchange routes is mandatory for transit autonomous systems (provider networks carrying customer traffic) Internet Multi-homed Customer BGP Another Service Provider Simple Customer Static Routing Service Provider (Transit AS) © 2000. they start exchange routing information and then user data traffic over the exchange point. a DTP ring or an ATM switch. the receiver will see an available path to a destination and start transmitting user data towards the destination using that path. Technically. As a result. Inc. When this is done. Such a network. These connections are sometimes called private peering. a Fast Ethernet switch or a FDDI switch). providing transit services to traffic originated in other networks. . If the already established ISPs want to. ISPs also interconnect at exchange points. 23-16 BGP Overview Copyright ©1999. they can open a BGP session with the new ISP. is thus called a transit autonomous system. user data traffic starts to flow between the customers and the rest of the Internet. peer-to-peer. a Gigabit Ethernet packet over SONET. It also connects to other ISPs and is required to forward the routes received from the customers to the rest of the Internet. using. Many ISPs can connect to an exchange point and establish BGP BGP BG P BGP_Overview—Page-15 BGP is used most commonly in service provider networks that ensure connectivity between their customers and the rest of the Internet. Cisco Systems. The ISP networks could have dedicated peer-to-peer connections. www. The benefit of an exchange point is that it is highly scalable. Cisco Systems. an exchange point is just a multi-access subnet: a LAN (for example. when a new ISP is launched. for example. An ISP might exchange BGP updates with the customers or use static routing toward them.

If the local AS has decided that the best path to reach a certain destination is via a specific next-hop router. the IP packets created and transmitted from the other AS are not treated differently from the IP packets created and transmitted from the local AS. Copyright ©1999. Cisco Systems. then all user data traffic towards the final destination will be routed via that specific next-hop router. regardless of which IP host has sourced the IP packets. If an AS acts as a transit AS for some other AS. BGP Overview 23-17 . The decision is made based on destination address only. Cisco www. Inc. the source IP address does not effect the decision. Inc.BGP Limitations • BGP and associated tools cannot express all routing policies • You cannot influence the routing policies of downstream autonomous systems RFC 1771: “BGP does not enable one AS to send traffic to neighbor AS intending that the traffic take a different route from that taken by traffic originating in the neighbor AS” © BGP_Overview—Page-16 BGP forwarding decisions are made based on IP destination address only.

Inc. and registration of an Autonomous System BGP-4 Protocol Analysis Experience with the BGP-4 protocol Application of the BGP in the Internet A Border Gateway Protocol 4 (BGP-4) BGP4/IDRP for IP---OSPF interaction BGP MIB © 2000. Cisco Systems.RFCs Covering Baseline BGP4 1930 1774 1773 1772 1771 1745 1675 Guidelines for www. selection. Cisco Systems. . 23-18 BGP Overview Copyright © BGP_Overview—Page-17 This figure lists some of the RFC standard documents covering BGP version 4. Inc.

Cisco BGP_Overview—Page-18 This figure lists additional RFC documents. Cisco Systems. Copyright ©1999. Inc. BGP Overview 23-19 .RFCs Covering Additions to BGP4 1965 Autonomous System Confederations for BGP 1997 BGP Communities Attribute 1998 An Application of the BGP Community Attribute in Multi-home Routing 2385 Protection of BGP sessions via the TCP MD5 Signature Option 2439 BGP Route Flap Damping 2796 BGP Route Reflection An alternative to full mesh IBGP © 2000. covering additions to BGP4. www.

23-20 BGP Overview Copyright ©1999. Cisco Systems. .RFCs Covering BGP Extensions 2842 Capabilities Advertisement with BGP-4 2858 Multiprotocol extensions for BGP-4 2918 Route Refresh Capability for BGP-4 © 2000. Cisco Systems. BGP_Overview—Page-19 This figure lists RFC documents covering extensions to Inc. Inc.

Inc. That decision kept the BGP protocol simple. which can forward reachability information between Autonomous Systems. Batching of updates and the relative low frequency of keepalive packets are examples where convergence time has been second to scalability. TCP.CPU intensive • Scalability is the top priority . Whenever there was a design choice between fast convergence and scalability. as any update that should be sent to many receivers has to be multiplied into several copies.slower convergence © 2000. The point-to-point nature of TCP might also introduce a slight increase in network traffic. also known as Routing Domains. but it put an extra load on the CPU or the routers running BGP. a well-known and widely proven BGP_Overview—Page-20 The designers of the BGP protocol have succeeded in creating a highly scalable routing protocol. Cisco Systems. www. Copyright ©1999. Inc. which are then transmitted on individual TCP sessions to the receivers. scalability was the top priority. BGP Overview 23-21 . Cisco Systems.Protocol Development Considerations BGP was designed to perform well in • Interdomain Routing application • Huge internetworks with large routing tables • Environments that require complex routing policies Some design tradeoffs that were made • BGP uses TCP for reliable transport . was chosen as the transport mechanism. They had to consider an environment with an enormous amount of reachable networks and complex routing policies driven by commercial rather than technical

BGP is still bound by the IP forwarding paradigm—the hop-by-hop destination-only routing. It is widely used for Internet connectivity of multi-homed customers. These cases require the use of exterior routing protocol. These protocols (also called interior routing protocols) are not suitable for environments where other reasons beyond technical optimality control the route selection or where the routing information received from neighboring routers cannot be trusted. routing based on source address or application) cannot be implemented with BGP. Inc. Nevertheless. a rich set of metrics called BGP path attributes and scalability features such as batched updates that make it suitable for very large networks (for example. BGP implementation in Cisco IOS has a number of features and tools that allow you to express your desired routing policy. Border Gateway Protocol (BGP) being the only one widely used today. BGP is sometimes also used in large enterprise networks that have exceeded the scalability of an interior routing protocol.Summary Well-known IP routing protocols. ranging from Routing Information Protocol (RIP). Open Shortest Path First (OSPF) or Enhanced Interior Gateway Routing Protocol (EIGRP) perform well within the scope of a single administration (also called autonomous system). exchange of routing updates between ISPs and internal routing inside the ISP networks. . where all routers share the same routing policy and where each router can trust the routing information received from other routers. BGP is an enhanced distance vector protocol with reliable transport provided by TCP. the Internet). Cisco Systems. Routing policies that deviate from this paradigm (for example. Review Questions s s What is an autonomous system? What are the design goals of an interdomain When should you use BGP between a customer Which transport mechanism is used to exchange What is BGP optimized for? routing protocol? s and a Service Provider? s the BGP routing updates? s 23-22 BGP Overview Copyright ©1999.

Inc. Cisco Systems. Origin and optional BGP attributes s attributes s Next-Hop attributes Copyright ©1999.BGP Path Attributes Objectives Upon completion of this section. you will be able to perform the following tasks: s s Describe the concept of BGP path attribute Explain the difference between well-known and List common mandatory and optional BGP Describe the functionality of AS-Path. BGP Overview 23-23 .

Inc. These could be attributes specified in a later extension of the BGP protocol or even private vendor extensions not documented in a standard document. Cisco Systems. 23-24 BGP Overview Copyright ©1999. Some of the attributes are required to be recognized by all BGP implementations. Inc. expected not to be recognized by everyone © 2000. Those attributes are called well-known BGP attributes. Cisco Systems. Attributes that are not well known are called optional.BGP Path Attributes • BGP metrics are called path attributes • BGP attributes are categorized as wellknown and optional • Well-known attributes must be recognized by all compliant implementations • Optional attributes are only recognized by some implementations (could be private). .com BGP_Overview—Page-24 Each BGP update consists of one or more IP subnets and a set of attributes attached to www.

Copyright ©1999. Cisco Systems. it will analyze the attached attributes and compare them with the attributes attached to the same IP subnet when received from a different source. The router then makes a decision which source indicates the best path to the particular IP subnet. are called well-known discretionary Cisco Systems. Inc. AS-path and origin attributes.Well-known BGP Attributes • Well-known attributes are divided into mandatory and discretionary • Well-known mandatory attributes must be present in all update messages • Well-known discretionary attributes are optional .they could be present in update messages • All well-known attributes are propagated to other neighbors © 2000. The best route is propagated. They are referred to as well-known mandatory attributes. Other well-known attributes may or may not be present depending on the circumstances under which the updates are sent and the desired routing policy. www. along with its well-known attributes. When a router receives a BGP update. BGP Overview 23-25 . to other BGP speaking neighbors. Inc. The well-known attributes that could be present. but are not required to be present. These three are the BGP_Overview—Page-26 There is a small set of three specific well-known attributes that are required to be present on every update.

If it does. Inc. might still be helpful to other upstream neighbors and shall be propagated. Inc. If the router does not recognize the attribute. If a router propagates an unknown optional transitive attribute. it will set an additional bit in the attribute header.Optional BGP Attributes • Optional BGP attributes are transitive or nontransitive • Optional transitive attributes • Propagated to other neighbors if not recognized. Some attributes. called the partial bit. Other attributes might be of no value to upstream routers if some router in the path does not recognize them. although not recognized by the router. Cisco Systems. the BGP implementation should look for the transitive bit in the attribute code. Partial bit set to indicate that the attribute was not recognized • Optional non-transitive attributes • Discarded if not recognized • Recognized optional attributes are propagated to other neighbors based on their meaning (not constrained by transitive bit) © the router checks if its implementation recognizes the particular BGP_Overview—Page-27 When a router receives an update. then the router should know how to handle it and whether to propagate it or not. These attributes (called optional transitive attributes) are propagated even when they are not recognized. which contains an optional attribute. . www. 23-26 BGP Overview Copyright ©1999. to indicate that at least one of the routers in the path did not recognize the meaning of an optional transitive attribute. These attributes (called optional non-transitive attributes) are dropped by routers that do not recognize them. Cisco Systems.

If the IP subnet is injected using redistribution. s The AS-path attribute is modified each time the information about a particular IP subnet passes over an AS border. was used when the Internet was migrating from EGP to BGP and is now obsolete. The origin attribute is set when the route is first injected into the BGP. the origin attribute is set to unknown or incomplete (these two words have the same meaning). BGP Overview 23-27 .com BGP_Overview—Page-28 The three well-known mandatory attributes are origin. It is used to indicate the IP address of the next-hop router—the router to which the receiving router should forward the IP packets toward the destination advertised in the routing Mandatory Attributes • Origin • Specifies the origin of a BGP route IGP EGP Unknown Route originated in an IGP Route originated in EGP Route was redistributed into BGP • AS_Path • Sequence of AS numbers through which the network is accessible • Next_Hop • IP address of the next-hop router © 2000. The sequence of Ases. s Copyright ©1999. When the route is first injected into the BGP the AS-path is empty. through which the route has passed. Cisco Systems. Inc. The origin code. can therefore be tracked using the AS-path attribute. www. Each time the route crosses an AS boundary the transmitting AS prepends its own AS number to appear first in the AS-path. AS-path and next-hop. s The next-hop attribute is also modified as the route passes through the network. If information about an IP subnet is injected using the network command or via aggregation (route-summarization within BGP) the origin attribute is set to IGP. Inc. EGP. Cisco Systems.

com BGP_Overview—Page-29 Well-known discretionary attributes must be supported by all BGP implementations. . s 23-28 BGP Overview Copyright ©1999. By default. but do not have to be present in all BGP updates. a consistent routing decision is made throughout the AS. Inc. Local Preference is used in the route selection process. Inc. Cisco Systems. They are used when their functions are required. www. s The Atomic Aggregate attribute is attached to a route that is created as a result of route summarization (called aggregation in BGP). Since all routers within the AS get the attribute along with the route. routes received from peer AS are tagged with the local preference set to the value 100 before they are entered into the local AS. The attribute is carried within an AS only. Cisco Systems.Well-known Discretionary Attributes • Local preference • Used for consistent routing policy within AS • Atomic aggregate • Informs the neighbor AS that the originating router aggregated routes © 2000. It signals that information that was present in the original routing updates may have been lost when the updates where summarized into a single entry. A route with a high local preference is preferred over a route with a low value. If this value is changed through BGP the BGP selection process is influenced.

Whenever there are several links between two adjacent ASes. multi-exit-discriminator may be used by one AS to tell the other AS to prefer one of the links over the other for specific destinations. Transitive optional attributes include: Aggregator identifies the AS and the router within that AS that created a route summarization. BGP configuration may cause routes with a specific community value to be treated differently than others.Optional Attributes • Non-transitive attributes • Multi_Exit_Disc – Used to discriminate between multiple entry points to a single autonomous system • Transitive attributes • Aggregator – Specifies IP address and AS number of the router that performed route aggregation • Communities – Used for route tagging © 2000. Cisco Systems. Inc. s Copyright ©1999. BGP Overview 23-29 . aggregate. The community value can then be checked at other points in the network for filtering or route selection purposes. BGP_Overview—Page-30 One of the non-transitive optional attributes is the Multi-Exit-Discriminator (MED) attribute which is also used in the route selection process. s A Community is a numerical value that can be attached to certain routes as they pass a specific point in the Cisco Systems. www.

23-30 BGP Overview Copyright ©1999. When the route is first injected into the BGP. There are several consequences of this behavior: When examining BGP routes. The local AS number is prepended to the AS-path each time the route crosses AS boundary. Inc. the route is silently ignored. The AS that originally injected the route into BGP is always found in the rightmost end of the AS-path. s It is easy to distinguish local routes from routes received from other autonomous systems—BGP routes with an empty ASpath are injected into BGP within the local AS. then the route has already crossed the local AS and obviously the router is faced with a routing information www. it will check the AS-path attribute and look for its own AS number. Inc. . If it is found in the AS-path. the AS-path is empty. Cisco Systems. When a router receives a BGP update.AS-Path • The AS-path attribute is empty when a local route is inserted in the BGP table • The sender’s AS number is prepended to the AS-path attribute when the routing update crosses AS boundary • The receiver of BGP routing information can use the AS-path to determine through which AS the information has passed • An AS that receives routing information with its own AS number in the AS-path silently ignores the information © 2000. Cisco Systems. the AS-path can be interpreted as the sequence of ASes that must be passed through in order to reach the indicated BGP_Overview—Page-31 The AS-path attribute is modified each time the information about a particular IP subnet passes over an AS border. To avoid this. s The AS-path attribute is also used to avoid routing loops.

1 10. The router in AS21 propagates the information about the network 10. where AS123 might try to reach its own network ( AS-Path=123 Network=10. the AS-path.0. When the routing update about network 10. AS37 also propagates the received route to AS123. The sending router does the prepending as part of the outgoing BGP update processing. since nothing is really wrong.0. Inc. BGP Overview 23-31 . resulting in an AS-path consisting of the sequence of 21 123. No error will be signaled. the AS number 123.0/8 is local to AS123. Copyright ©1999. BGP has a built in mechanism where the router in AS123 drops the incoming update as soon as it finds its own AS in the AS-path.0/8 AS-Path=21 123 21.0. Cisco Systems.0. it prepends its own AS number to the AS-path. is prepended to the empty AS-path.0. Inc. Cisco BGP_Overview—Page-32 The figure above shows how the BGP loop prevention works.0.0.0/8 AS-Path=37 21 123 Loop detected.AS-Path Example AS 21 AS 123 Network=10.0/8 into BGP with an empty AS-path. 37. The router in AS123 injects the route 10.0. It is merely the procedure used by BGP to avoid a routing information loops.1 AS 37 www.0. The network 10.0. The AS number 123 consequently never appears in the AS-path as long as the route is still within AS123.0.0/8) via AS37.1 Network= As it is sending the BGP update to AS37. incoming update is ignored Sender’s AS number is prepended to AS path when the update crosses AS boundary © 2000.0/8 to AS37.0/8 is sent from AS 123 to AS21.0. resulting in an AS-path consisting of only 123. To avoid a routing

Next-Hop Attribute • Next-hop attribute indicates the next-hop IP address used for packet forwarding • Usually set to the IP address of the sending BGP router • Can be set to a third-party IP address to optimize routing © 2000. Inc. where the next hop IP address points to a third Cisco Systems. . however. There are cases. Inc. 23-32 BGP Overview Copyright © BGP_Overview—Page-33 The BGP next-hop attribute identifies the IP address that should be used to forward packets toward the destination announced in the BGP routing update. Cisco Systems. In most cases. www. the sending router sets the next-hop attribute to its own IP address.

s RTR-A receives the routing update and installs it in its BGP table and routing table.0.0. BGP_Overview—Page-34 The figure above shows the usual next-hop processing: RTR-B announces network 21.0/8 to RTR-A.0.0.Next-Hop Processing Network=21. s Copyright ©1999.0. Should RTR-A need to forward packets toward network 21.5 Rtr-C AS 37 • Next-hop is usually set to the IP address of the sending router © 2000.1.0. it sets the BGP next hop to its own IP address.1. Cisco Systems.0.5 Network=21.0/8 10. it would send those packets toward the IP address 10. Inc.0/8.0.0/8 AS-Path=21 Next-hop = 10.0.1 AS 21 AS 123 AS-Path=123 21 Next-hop = 10.0. The outgoing IP address of RTR-B (the address used to establish BGP TCP session) is used as the BGP next hop.0.1 Rtr-B Rtr-A to RTR-C. www. Cisco Systems.0.0. BGP Overview 23-33 .1 (RTR-B) s When RTR-A propagates the information about 21.2 10.

www.0.1 AS 21 AS 123 10. Cisco Systems.0.2 10.0.0. allowing optimal data transfer across the shared LAN.0. if the RTR-A announces the network 21. the BGP next-hop rule states: If the current BGP next-hop is in the same IP subnet as the receiving BGP_Overview—Page-35 The next-hop processing changes if the BGP routers connect to a shared subnet.0. otherwise it is changed to the IP address of the sending router.0. Inc.0/8 AS-Path=21 Next-hop = 10. Note More formally. Cisco Systems.1 Rtr-B Rtr-A Network=21.0.3 Rtr-C AS 37 • If the receiving BGP router is in the same subnet as the current next-hop. the packets from AS 37 toward network would have to cross the shared LAN twice.0. Inc. the next-hop address is not changed to optimize packet forwarding © 2000. RTR-A thus sends the routing update toward RTR-C with the BGP next-hop unchanged (still pointing toward RTR-B).0.Next-Hop Processing on Shared Media 23-34 BGP Overview Copyright ©1999.0. In the figure above.0.0. the nexthop is not changed.0/8 AS-Path=123 21 Next-hop = 10. .0.0/8 to RTR-C with the BGP next-hop being RTR-A.0.1 10.

1 Connectivity is broken.0.0. www. and RTR-C tries to send packets directly toward RTR-B.3 Network=21. the BGP next-hop processing can break IP connectivity.0. Rtr-C cannot reach next-hop 10.0.0. As there is no direct connection (virtual circuit) between RTR-C and RTR-B. the network diagram above: RTR-A will send routing update about network 21. BGP Overview 23-35 . s Copyright ©1999. Inc.0. a LAN subnet). Inc.0.0.0/8 AS-Path=123 21 Next-hop = BGP_Overview—Page-36 BGP next-hop processing results in optimum data transfer over shared media (for example. the connectivity between AS 37 and AS 21 is broken.0. Cisco Systems.0.0/8 to RTR-C with RTR-B being the next-hop (as they are all in the same subnet).1 Rtr-B Frame Relay 10.0.0. not the other way round).0.Next-Hop Processing on NBMA Network Network=21. Cisco Systems.0.2 Rtr-A AS-Path=21 Next-hop = 10. There are two ways to solve the connectivity loss introduced by this design: Use the subinterfaces on RTR-A to make sure that RTR-B and RTR-C are in different subnets (and BGP next-hop processing would ensure that RTR-A is the BGP next-hop in the outgoing BGP updates) s Disable the BGP next-hop processing on RTR-A (this option is strongly discouraged in normal BGP designs—routing problems should be solved with proper design. for example. In partially meshed networks (like Frame Relay). Consider.1 AS 21 AS 123 Rtr-C AS 37 • BGP next-hop processing can break connectivity with improper network designs over partially-meshed WAN networks © 2000.

propagated if not • BGP Community. Other well-known attributes are discretionary—for example local preference. Cisco Systems.Summary BGP Path Attribute Summary Well-known mandatory attributes • Recognized by everone. s 23-36 BGP Overview Copyright ©1999. These attributes could be transitive (propagated if not recognized) or non-transitive. The attributes that are not required to be recognized by every BGP implementation are called optional. which lists the autonomous systems. Inc. These attributes are AS-path. If the current next-hop and the receiving router are in the same IP subnet. www. Cisco Systems. Today the origin attribute has the value internal for routes configured in BGP by the network administrator or unknown for routes redistributed into BGP. The BGP attributes used in every BGP network are: AS-path. s Origin. which specifies the IP address that is to be used for packet BGP_Overview—Page-37 BGP metrics attached to a BGP route are called path attributes. which was primarily used in EGP to BGP migration. . AS-path is used for BGP loop detection as well as one of the parameters in BGP route selection. optional • Local Preference. Origin Well-known discretionary • Recognized by everone. s Next-hop. Inc. Aggregator Optional non-transitive • Might not be recognized. always present • Some path attributes are well known and should be recognized by every BGP implementation. which the routing update has already crossed. the next-hop is not changed to optimize the actual data forwarding. Atomic Aggregate Optional transitive • Might not be recognized. dropped if not • Multi-exit-discriminator © 2000. next-hop and origin. BGP next-hop is usually set to the IP address of the BGP router sending the update. Some of the well-known attributes are mandatory and have to be present in every BGP update. Next-Hop.

Review Questions s s What is a BGP Path Attribute? Which BGP Path Attributes must be carried with List three well-known mandatory attributes? each update? s s How are the optional transitive attributes propagated between BGP neighbors? s s How do the BGP routers detect routing loops? When is the next-hop attribute different from the IP address of the sending router? Copyright ©1999. BGP Overview 23-37 . Cisco Systems. Inc.

. Cisco Systems.BGP Neighbor Configuration and Session Establishment Objectives Upon completion of this section. Inc. you will be able to perform the following tasks: s s Explain the need for static neighbor configuration Describe the BGP session establishment Describe the TCP MD5 signature protection and procedures s its benefits for BGP 23-38 BGP Overview Copyright ©1999.

If this happens. BGP_Overview—Page-42 Unlike other routing protocols. which must be opened from one router to the other. Copyright ©1999. In order to succeed in the connection attempts. A side effect to this is that they will both attempt to connect. The router that receives the incoming connection attempts does not answer them if the attempts are not from one of the configured neighbors. Cisco Systems. but it also introduces the risk that two BGP sessions are established between a pair of BGP routers.BGP does not Auto-discover Neighbors • BGP neighbors are not discovered .cisco. Inc. Cisco Systems. BGP has no means of auto-detecting neighbors. both routers are required to be configured to reach each other. the router attempting to open the session must be configured to know to which IP address to direct its attempts. The router-ID is used for this verification. In order to do so. Inc. This means that the two routers will recognize that they have multiple sessions even though they might be connected over different IP subnets. BGP Overview 23-39 . not the IP addresses used for the sessions. Two parallel BGP sessions between two routers are not © 2000. The IP source address of the connection attempt packet (TCP SYN packet) is verified against the list of IP addresses that the router itself would direct its connection attempts to. The BGP protocol is carried in a TCP session. both routers will recognize the problem and one of the sessions is torn down.they must be configured manually • Configuration must be done on both sides of the connection • Both routers will attempt to connect to the other with a TCP session on port number 179 • Only one session will remain if both connection attempts succeed • Source IP address of incoming connection attempts is verified against a list of configured neighbors www. This side effect adds robustness to the session establishment process.

6 Rtr-B Rtr-A BGP_Overview—Page-43 The network displayed above serves as the sample network to generate printouts in the following examples.7 3. Cisco Systems.0. Inc. 23-40 BGP Overview Copyright ©1999.3. .Small BGP Network Used in Following Examples AS 21 21.0.5 AS 123 Inc.4.5. Cisco Systems.0.4. www.0/8 © 2000. 2.6 Rtr-C AS 37 37.0/8 2.

4.4.3.Idle State • Initially all BGP sessions to the neighbors are idle Rtr-A#show ip bgp sum Rtr-A#show ip bgp sum BGP table version is 1.5. Each configured neighbor is listed. www. the remote AS number. The idle state indicates that the router is currently not attempting any connection establishments. main routing table version 1 BGP table version is 1.5 2.3.BGP Neighbors . The IP address to which the connection attempts are directed is shown.6 3. Copyright ©1999. some counter values.5. BGP_Overview—Page-44 The show ip bgp summary command gives an overview of the BGP status.5 3.4. BGP Overview 23-41 .6 V V 4 4 4 4 AS MsgRcvd MsgSent TblVer AS MsgRcvd MsgSent TblVer 21 0 0 0 21 0 0 0 37 0 0 0 37 0 0 0 InQ OutQ Up/Down InQ OutQ Up/Down 0 0 never 0 0 never 0 0 never 0 0 never State State Idle Idle Idle Idle © 2000. Cisco Systems. along with BGP version number. the status of the session and how long ago the session changed state. main routing table version 1 Neighbor Neighbor 2. Cisco Systems.

3. Inc. . seq 3142900499. this happens when the remote router’s IP address becomes reachable on a directly connected interface.5 went from OpenConfirm to Established 0:06:22: BGP: 2.3. If the peer router accepts the parameters in the open message. 0:06:22: TCB0012A910 bound to 2.5.6. The debug output shows how the router creates a socket data structure and binds it to its local IP address 2. advertising MSS 1460 0:06:22: TCP0: Connection to 2.5 went from Idle to Active 0:06:17: BGP: state goes from OpenSent to OpenConfirm.179 0:06:22: BGP: 2. advertising MSS 1460 0:06:22: TCP0: state was CLOSED -> SYNSENT [11003 -> it responds with its own open message.5 went from Idle to Active 0:06:22: TCB0012A910 created 0:06:22: TCB0012A910 created 0:06:22: TCB0012A910 setting property 0 12A8B4 0:06:22: TCB0012A910 setting property 0 12A8B4 0:06:22: TCB0012A910 bound to 2.5:179. 23-42 BGP Overview Copyright ©1999. received MSS 1460. The connection attempt succeeds and the TCP session is now ready to transfer the BGP information.3. The BGP session now goes from state Active to state OpenSent while waiting for the other router to respond. When the local router receives this message. For a BGP session between two routers in different ASes. received MSS 1460.5 and the wellknown destination port went from OpenSent to OpenConfirm 0:06:22: BGP:] 0:06:22: TCP0: state was SYNSENT -> ESTAB [11003 -> 2.4.3. the BGP peer relation must have left the Idle state and entered the Active BGP_Overview—Page-45 Before any connection attempt is made.5 went from OpenSent to OpenConfirm 0:06:22: BGP: 2.5 went from OpenConfirm to Established © 2000. The first BGP information sent is the BGP open message. Then a TCP SYN packet is sent to the configured peer router’s IP address 2.3.5:179.6.4.Establishing Session • TCP session is established when the neighbor becomes reachable • BGP Open messages are exchanged Rtr-A#debug ip tcp transactions Rtr-A#debug ip tcp transactions Rtr-A#debug ip bgp events Rtr-A#debug ip bgp events 0:06:17: BGP: 2.4.5(179)] 0:06:22: TCP0: state was SYNSENT -> ESTAB [11003 -> 2.6 and a high port number 11003. a keepalive packet is sent to signal this. seq 3142900499.3. MSS is 0:06:22: TCP0: Connection to 2. Cisco Systems.5 went from Active to OpenSent 0:06:22: BGP: 2.3. Inc.3. ack 0 0:06:22: TCP: sending SYN.5(179)] 0:06:22: TCP0: Connection to 2. MSS is 1460 1460 0:06:22: TCB0012A910 connected to 2.5(179)] 0:06:22: TCP0: state was CLOSED -> SYNSENT [11003 -> 2.3.4. The local router now verifies the peer router’s parameters in its open message.3.4. If they are accepted.3.4.5 went from Active to OpenSent 0:06:22: BGP: 2. ack 0 0:06:22: TCP0: Connection to 2.3.179 0:06:22: TCB0012A910 connected to 2.5:179. Cisco Systems.4.3. State is now Established.4.11003 0:06:22: TCP: sending SYN.

BGP Open
The BGP Open message contains:
• BGP Version number • My Autonomous System number • Hold Time • BGP Router Identifier • Optional Parameters

© 2000, Cisco Systems, Inc.


The parameters in the BGP open message are: Version number—the suggested version number. The highest common version that both routers support will be used. Most BGP implementations today use BGP version 4.

AS number—the local router’s AS number. The peer router will verify this information. If it is not the AS number expected the BGP session is torn down.

Hold time—the number of seconds that may elapse between receptions of successive BGP messages. If the time is exceeded the peer will be considered dead. The two routers will agree to use the lowest suggested value. When the session is established, both routers will use keepalive messages to make sure the hold timer does not expire. A suggested hold-timer value of 0 indicates that the timer never expires and no keepalives should be sent.

BGP identifier—a number uniquely identifying the router. The Cisco router will use one of its IP addresses for this, the Router-ID. This is selected as the numerically highest IP address of any loopback interface. If there is no loopback interface, it will use the highest IP address of any interface being up at the time of starting the BGP process.

Optional Parameters—are Type-Length-Value encoded. An example of optional parameters is session authentication.

Copyright ©1999, Cisco Systems, Inc.

BGP Overview


BGP Neighbors - Steady State
• All neighbors shall be up (no state info)

Rtr-A#show ip bgp sum Rtr-A#show ip bgp sum BGP table version is 10, main routing table version 10 BGP table version is 10, main routing table version 10 3 network entries (3/6 paths) using 516 bytes of memory 3 network entries (3/6 paths) using 516 bytes of memory 3 BGP path attribute entries using 284 bytes of memory 3 BGP path attribute entries using 284 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory Neighbor Neighbor V V 4 4 4 4 AS MsgRcvd MsgSent AS MsgRcvd MsgSent 21 17 22 21 17 22 37 11 17 37 11 17 TblVer TblVer 10 10 10 10 InQ OutQ Up/Down InQ OutQ Up/Down 0 0 0:01:47 0 0 0:01:47 0 0 0:07:07 0 0 0:07:07 State/PfxRcvd State/PfxRcvd 27 27 35 35

© 2000, Cisco Systems, Inc.


Once the BGP sessions are in the Established state routing information exchange can take place. The show ip bgp summary output indicates that a session is established by not displaying any information at all in the state column. The counter values show how many messages that have been received and sent on the session. InQ shows how many messages that have been received but not yet processed. A high InQ number indicates lack of CPU resources to process the input. OutQ shows how many outgoing messages that are queued. A high OutQ number indicates lack of bandwidth to transmit the outgoing messages or CPU overload of the other router. Table version is used to track the changes that need to be sent to the neighbors. There is a major table version number for the local BGP table. This is displayed on the first line of output from this show command. There is also one table version number maintained for each of the neighbors. This is displayed on the neighbors’ information line. Whenever a change is entered into the BGP table, the major table version number is incremented and the changed route is tagged with this number. When the time comes to update a specific neighbor, the BGP table is scanned and all the changes with the version numbers between the neighbor version and current table version are sent to the BGP neighbor in a single BGP routing update. Once the entire table is scanned and all changes have been sent to the neighbor, the table version number of the neighbor is set to the highest value of the routes being sent. A table version of a neighbor, which is lower than the major table version, indicates that the neighbor is not yet fully updated. The update interval for a neighbor in another AS is normally 30 seconds.


BGP Overview

Copyright ©1999, Cisco Systems, Inc.

In addition to the information about all sessions to all neighbors, the output also shows the amount of memory being used for the BGP data structures.

Copyright ©1999, Cisco Systems, Inc.

BGP Overview


calculates the same checksum from the TCP segment. then the receiver can be pretty sure that the information is transmitted from the correct source and the information has not been altered. Inc.MD5 Authentication • BGP Peers may optionally use MD5 TCP authentication using shared secret • Both routers must be configured with the same password (MD5 shared secret) • Each TCP segment is verified © 2000. which is using the same common secret. . The common secret is never transmitted on the network. every TCP segment on the BGP session will be transmitted along with a checksum. Cisco Systems. If MD5 authentication is being BGP_Overview—Page-48 Authentication between BGP neighbors can be negotiated using optional parameters in the Open Message. www. The checksum is calculated together with a secret known by the two routers using the MD5 algorithm. Authentication of BGP sessions is a vital tool to avoid denial of service attacks. If the receiver. Cisco Systems. 23-46 BGP Overview Copyright ©1999.

the two BGP neighbors sign every TCP segment with an MD5 checksum which is based on the contents of the segment and a shared secret that is never exchanged across the network. establish a TCP session and exchange the BGP Open message. BGP Overview 23-47 . once configured. adjacent routers are usually discovered through a dedicated hello protocol. Review Questions s s How are BGP neighbors discovered? Which steps must be taken before a BGP session Which information is carried in a BGP Open What are the benefits of using MD5? is established? s message? s Copyright ©1999.Summary When using interior routing protocols. which contains the parameters each BGP router proposes to use. Once these parameters are acceptable to both neighbors. the BGP routing updates can start to flow. denial-ofservice attacks or man-in-the-middle attacks. An optional MD5 authentication can be used to prevent spoofing. With the MD5 authentication configured. the neighbors have to be configured manually to increase the routing security. Cisco Systems. Inc. BGP neighbors. In BGP.

BGP Routing Updates Objectives Upon completion of this section. Cisco Systems. you will be able to perform the following tasks: s s Describe BGP data structures Explain how BGP announces networks local to Describe the processing of incoming BGP Explain the BGP route selection process Describe the propagation of the best BGP routes an Autonomous System s updates s s to other BGP neighbors 23-48 BGP Overview Copyright ©1999. . Inc.

cisco. BGP_Overview—Page-53 The actions taken by BGP after the session is established will be described in the following figures. Cisco Systems. Inc.BGP in Action BGP routing information exchange contains the following steps: • Receiving BGP routing updates • Building BGP table • BGP Route selection • BGP Route propagation • Building IP routing table • Advertising local networks © 2000. www. Cisco Systems. BGP Overview 23-49 . Copyright ©1999.

0 Routing Update • Information from the BGP tables is exchanged after adjacency establishment Rtr-A#debug ip bgp update Rtr-A#debug ip bgp update 1:24:11: BGP: 2.0/255. Inc.0. next hop 2.5. 1:24:11: BGP: 2.3. www.0.0/8 can be forwarded to the next-hop address next hop rcv UPDATE about 1. Inc.0 calling 1:24:11: BGP: nettable_walker Cisco Systems.0.0/ path 21 37 metric 0 1:24:11: BGP: 2.5 rcv UPDATE about 1.0.0 255. Each BGP routing update consists of one or more entries (routes). The neighbor indicates that IP packets to destination IP addresses in network 37.0. Other BGP attributes are optionally present.5.5 2.3.3. routing updates start to arrive. calling revise_route revise_route 1:24:11: BGP: revise route installing rcv UPDATE about 37.0. Each route is described by the IP address and subnet mask along with any number of attributes.0/8 is received from neighbor 2. Cisco BGP_Overview—Page-54 Once the BGP session is established. path 21 37 metric 0 next hop 2.0. AS-path and origin attributes must always be present.0.0 -> 2.0.0/ path 21 metric 0 next hop 2.5 rcv UPDATE about 21.3.0 255.0 255.0.3. The AS-path 21 37 indicates that the final destination is in AS37 but the packets have to pass through AS21 in order to get there.0.4.5 © 2000.0 -> 1:24:11: BGP: revise route installing -1:24:11: BGP: 2.0.0. path 21 metric 0 1:24:11: BGP: nettable_walker 21.5 rcv UPDATE about Metric is the multi-exitdiscriminator value.0.0.0 -denied denied 1:24:11: BGP: 2. The debug output shows how information about network 37.0.0. 23-50 BGP Overview Copyright ©1999.0. .4. The nexthop.0.0.5 rcv UPDATE about 21.0.3. 1:24:11: BGP: 2.0.0 255.

com BGP_Overview—Page-55 All routes received from a neighbor are saved in the router’s memory. The command show ip bgp gives an overview of all received routing information from all neighbors.0.6 2. because the neighboring router withdraws the route (or the neighboring router is no longer reachable).5 Metric LocPrf Weight Path Metric LocPrf Weight Path 0 32768 i 0 32768 i 0 37 21 i 0 37 21 i 0 0 21 i 0 0 21 i 0 0 37 i 0 0 37 i 0 21 37 i 0 21 37 i © 2000.5. the remaining alternatives are still stored in memory and a new alternative is selected as the best without involving other BGP routers.0.0. The output is sorted—different alternatives to reach the same network are displayed on consecutive lines.3.0. The network number is displayed only on the first lines indicating the same network.0 21. local router ID is 1.0. Cisco Systems.EGP. > best.EGP. Only one of the alternatives is selected as the best path toward the destination.4 Status codes: s suppressed.2.5 2. Cisco Systems.Building BGP Table • All inbound updates are placed into the BGP table Rtr-A#show ip bgp Rtr-A#show ip bgp BGP table version is 3. i . Copyright ©1999.4 BGP table version is 16.0. e . 3.0 37.internal Status codes: s suppressed. Inc.0 Next Hop Next Hop 0. When there is more than one way to reach a particular network the local router selects one of them as the best.incomplete Origin codes: i .6 3. local router ID is 1.0.5 3. Therefore. > best. ? .5.0 21.internal Origin codes: i . h history.3.0 0.0 1.0.6 ? .3. Inc. BGP Overview 23-51 . e .5.incomplete *> *> * * *> *> *> *> * * Network Network 1.2. www. This alternative is indicated with the ’>’ sign. * valid.0.3. Basic information about each route is displayed on a single line.0.4.5 2.0 37. If that alternative is later lost. there is no need to retransmit or refresh any unchanged information. h history.IGP.0. The network column is left blank on the consecutive lines indicating alternatives to reach the same network. * valid.0. i .0.5.

Cisco BGP_Overview—Page-56 © 2000. The first of the checks that indicates a difference is used. Step 6 23-52 BGP Overview Copyright ©1999. If the next-hop is not reachable. Unknown is the last alternative. . When a router has more than one alternative route to reach the same IP subnet (network and mask) the router has to select one of them as best. Cisco Systems. Check if the next-hop attribute indicates an IP address which is reachable according to the current forwarding table. the route with the highest value is selected best. Then no further testing is done. An origin code indicating IGP is preferred before EGP. It is not necessary to have a direct connection to the next-hop. the BGP route is not considered a candidate to become selected the best. The route with the shortest length is selected. Step 3 If one of the routes is injected into the BGP table by the local router. Step 2 If the local preference attributes are different. the lengths of the AS-paths are compared (the content is not checked. prefer oldest (most stable) path Prefer paths from router with the lower BGP router ID www. prefer path through closest IGP neighbor For EBGP paths. the local router prefers it to any routes received from other BGP routers. the origin code is Inc. only the number of ASes in each AS-path is counted). Inc. It can very well be several router-hops away and the route to it learned by the IGP.BGP Route Selection Criteria • • • • • • • • • • • Exclude routes with inaccessible next-hop Prefer highest weight (local to router) Prefer highest local-preference (global within AS) Prefer routes that the router originated Prefer shorter AS paths (only length is compared) Prefer lowest origin code (IGP < EGP < Unknown) Prefer lowest MED Prefer external (EBGP) paths over internal (IBGP) For IBGP paths. Step 5 If the AS-path lengths are the same. Step 1 Prefer route with higher weight. The selection process is made using the BGP attributes attached to the different updates. The selection criteria are checked in the order indicated below. it is a value assigned to the route by the local router and considered only within the router itself. The weight is not carried with the updates. Step 4 At this point.

Step 8 If all alternatives are received from peer routers in the local AS. Inc. normally. This means that the alternatives are equally good. It checks the BGP sessions on which it received the updates and chooses the route received on the session where the peer router has the lower BGP router ID. Routes with lower MED are preferred. Step 10 If the router still cannot differentiate the routes. as indicated in the forwarding table. if any of the alternatives are received from a BGP peer in another AS. that alternative is preferred. Distance to the exit point is calculated by comparing the IGP costs toward the BGP next-hops. Step 11 The final test is made only after all other checks are made.Multi-Exit-Discriminator (MED) values are. Step 7 At this point it is clear that the destination network is outside the local AS and that there is not much difference between the alternatives. Cisco Systems. it nevertheless has to make a decision and select the best route. So. Step 9 If all alternatives are received from external BGP neighbors the most stable path (the oldest path) is preferred. each of them indicates an exit point and the closest exit is used. only compared if the updates are received from the same neighboring AS. Since the IP packets to the destination network must leave the AS it is better that they do that sooner than later. BGP Overview 23-53 . Copyright ©1999.

Cisco Systems. h history.3.0.4. www. Inc.4. Likewise.2.2. In this example.6 3.0 1.internal Origin codes: i .internal Status codes: s suppressed. . network 37. Inc.0.0.0. ? .0.EGP.6 2.3. * 2. 23-54 BGP Overview Copyright ©1999.5.EGP. > best.0. e . local router ID is 1. i . 0.0. e .5.5.incomplete *> *> *> *> * * *> *> * * Network Network 1.6 3.0 3.6 2.0 21.0 37.3. i .5 2.4 BGP table version is 4.5.0/8 is reached via AS37 because the weight indicates it as the BGP_Overview—Page-57 In this example the router in AS123 can reach network 21.0. ? . the second straight to AS21 through neighbor 2. > best.0 21.4 Status codes: s suppressed.0/8 two paths.4.incomplete Origin codes: i .4.0.0 Next Hop Next Hop 0. h history. This means that the check made at point 2 concludes that the route via AS37 is selected the best. the weight is set to 100 for the alternative via AS37 and the other alternative does not have the weight set.0.BGP Route Selection • Best routes to the destination networks are selected from the BGP table as123#show ip bgp as123#show ip bgp BGP table version is one of them via neighbor 3.0. * valid.0 37.5 local router ID is 1.5 Metric LocPrf Weight Path Metric LocPrf Weight Path 0 32768 i 0 32768 i 100 37 21 i 100 37 21 i 0 0 21 i 0 0 21 i 0 100 37 i 0 100 37 i 0 21 37 i 0 21 37 i © 2000. Cisco Systems.6 in AS37 and then to AS21.

Inc. The process where routing information is not sent back to the source of information is called split-horizon.6 computing updates.5.0.4. Inc. metric BGP_Overview—Page-58 Only the route selected as best is propagated to the neighbors. Cisco Systems. www. start version 16.0. On the contrary. maximum=45) 1:24:16: BGP: 3. table version 16. a route is never sent back on the same BGP session that it was received.5. makes sure that the neighbor is not pointing back to the local router by poisoning the route and sending a withdraw message to that neighbor. check point net This is to avoid a potential routing loop problem where the neighbor router selected as the best next-hop relies on the local router as the best next-hop.4. next 3.BGP Route Propagation • Best BGP routes are propagated to BGP neighbors as123#debug ip bgp update as123#debug ip bgp update 1:24:16: BGP: 3.4. starting at 0.4.6 update run completed. path 123 21 1:24:16: BGP: 3.0. ran for 4ms.7.0. neighbor version 15. the best next-hop. However.6 computing updates.0 © 2000. next 3. ran for 4ms.0.0 version 15.5.0. Cisco Systems.0.0. starting at 0. table 1:24:16: BGP: 3.5.5. maximum=45) 1:24:16: BGP: 3.6 1 updates enqueued (average=45. Copyright ©1999.6 send UPDATE 21.0.0 version 16.6 update run completed.5.0 throttled to 16.0. the local router.6 send UPDATE 21.0. neighbor 1:24:16: BGP: 3. neighbor version path 123 21 metric 0.5. when a neighbor is selected. start version 16.0 1:24:16: BGP: 3.0. BGP Overview 23-55 . neighbor version 15.6 1 updates enqueued (average=45. throttled to 16.0. check point net 0. 1:24:16: BGP: 3.

0.5. The AD is shown as the first number within the brackets.4.OSPF.6. 00:02:06 3. * . L1 .0 is directly 2. R . Once the routes are installed in the forwarding table user data traffic starts to be forwarded.IS-IS level-2. Before a route can be installed.5. O . The route with the lowest AD will be installed. the router has to check if there is any other routing protocol that has information about the same subnet (network and mask).candidate i .0/8 and 37.RIP. EX .5.0. E .IS-IS.0 [20/0] via 21.0.static.OSPF external type B .0 [20/0] via 37.IS-IS level-1. Serial1 connected.0.6.IS-IS. S . Inc. O . In this example.6.OSPF external type 2. E2 .0. I .IS-IS level-1.0/8 are reachable via 3.BGP Codes: C . 00:02:06 3. * . . E . Serial0 connected.0.OSPF inter area E1 . B .EIGRP. M . Loopback0 connected.0. L2 .com BGP_Overview—Page-59 The route in the BGP table that BGP selects as the best is candidate to being installed in the forwarding table (switching table).0 is directly 2.EIGRP. 00:02:06 © 2000.0.0.6.OSPF. E2 .0.0.IGRP.6. www. L2 .cisco.EIGRP external.static.0.0 is directly 3.Building IP Routing Table • Best BGP routes are copied into the IP routing table based on administrative distance as123#show ip route as123#show ip route Codes: C .0 is directly 3.0.BGP D .mobile.OSPF inter area D .0 [20/0] via connected.0.0. Serial0 3.4.5. IA .0 [20/0] via 37. both networks 21. 23-56 BGP Overview Copyright ©1999.connected. EX .RIP.0.EGP i . I .0.0. S .5.IS-IS level-2.0.EIGRP external.EGP E1 . Inc. the administrative distance (AD) is used to determine which source to use. Loopback0 connected.connected. 00:02:06 3. Serial1 connected. If the subnet is known via different sources. M . The output from the show ip route command shows with the letter B which routes in the forwarding table that were installed using the BGP information. Cisco Systems. Cisco Systems.4.4. IA .0 is directly 1.0.OSPF external type 1. L1 . R .4.IGRP.OSPF external type 1.0.candidate default default Gateway of last resort is not set Gateway of last resort is not set C C C C C C B B B B 1.0 is directly 21.0.0.

giving the neighboring ASes the information about networks that are reachable in the local AS. The networks listed are candidates for being injected. if. the internal gateway protocol (IGP) used within the AS finds a valid path to them. This process is called advertising (also originating). Those routes will be propagated to the neighboring BGP peers if they are selected as best. s Copyright © BGP_Overview—Page-60 The BGP routing process can inject new routes in the BGP table. Inc. BGP Overview 23-57 . Cisco Systems. Local routes can be injected in the BGP process in two different ways: A list of networks is configured using the network configuration command.Advertising Local Networks • BGP router process keeps a list of local networks (defined with network command or through redistribution) • BGP process periodically scans the IP forwarding table and inserts or revokes routes from BGP routing table based on their presence in the forwarding table © 2000. local routes. for example. or announcing. Cisco Systems. s Redistribution of routes learned by another routing protocol. which they do. They are injected only if they appear in the forwarding table. www. The IGP used with the AS can be used as the source.

0. Cisco Systems. throttled to 5. maximum=25) 1:34:34: BGP: 2.0.0 -.0.0.5 update run completed.0 1:34:33: BGP: nettable_walker 1.3.5 1 updates enqueued (average=25.0.0.unreachable 1:34:34: BGP: is now unreachable.0 -.0.0.0/8 has been previously installed in the BGP table because it was listed with a network statement and it was in the forwarding table as directly connected.0. neighbor version 4.0.0. ran for 4ms. maximum=25) 1:34:34: BGP: 2.5 update run completed.0. . Local Networks Example 1/2 • BGP route is revoked after the network is removed from the forwarding table as123# debug ip routing as123# debug ip routing as123# debug ip bgp update as123# debug ip bgp update %LINEPROTO-5-UPDOWN: Line protocol on Loopback0 changed state to down %LINEPROTO-5-UPDOWN: Line protocol on Loopback0 changed state to down 1:34:33: RT: interface Loopback0 removed from routing table 1:34:33: RT: interface Loopback0 removed from routing table 1:34:33: RT: del 1.0 255. Inc.0.0. www.0 via 0.0 -.0.5 send UPDATE 1.0 255.4. neighbor 1:34:34: BGP: 2.4.6 send UPDATE 1.0. check point net 1:34:34: BGP: 3.0.0 1:34:33: RT: delete network route to no best path selected 1:34:34: BGP: is directly connected to interface loopback 0.4.0. Since there has been a change in the BGP table.0.0.3. connected metric [0/0] 1:34:33: RT: delete network route to 1.0. Cisco Systems. the BGP neighbors must be informed.0/255.0 255.0.unreachable © 2000.0. But when the loopback 0 interface goes down.3. start version 1:34:33: BGP: no valid path for send UPDATE 1.0. check point net 0.0 1:34:33: BGP: route down 255. throttled to send UPDATE 1.0 -. ran for BGP_Overview—Page-61 In this example.0 version 4.0.0 255.unreachable 1:34:34: BGP: 2. connected metric [0/0] 1:34:33: RT: del no best path selected 1:34:33: BGP: nettable_walker 1.unreachable 1:34:34: BGP: 3. Inc. start version 5. The route to network 1.0. the directly connected route in the forwarding table is deleted.0.0 255.0.0 via 0.0.3. 23-58 BGP Overview Copyright ©1999.0 1:34:33: BGP: route down 1.4. So the network must also be revoked from the BGP table.0 1:34:33: BGP: no valid path for 1.0. A BGP update message is sent to both neighbors indicating that network 1.5 1 updates enqueued (average=25.0.5.

0/255.0 255.0 © 2000.0.0 via 0.0.0 255.0.0. table 1:36:43: BGP: 2.0. throttled to 6.0.0 255. maximum=50) 1:36:44: BGP: 2. next 2.0 1:36:42: BGP: route up 1. Cisco Systems.0.0.0. Now the loopback 0 interface comes back up again. metric 0. 1:36:43: BGP: 2.0 route sourced locally %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0. Copyright ©1999.0. connected metric [0/0] 1:36:42: RT: interface Loopback0 added to routing table 1:36:42: RT: interface Loopback0 added to routing table 1:36:42: BGP: route up 1.6.0. next 2.3.5 computing updates. throttled to 6. However.4. Inc.0.0. check point net changed state %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0. neighbor version 5. neighbor 1:36:44: BGP: 2. www. neighbor version changed state to up to up 1:36:43: BGP: This means that the network 255.3. ran for 4ms.0/8 is listed with a network statement in the BGP process. 1 updates enqueued (average=50.0.0 version 5. So the route is injected into the BGP table and the neighbors are updated. neighbor version 5.0.0. starting at 0.0.5 computing updates. Inc.6.0.0 version 6.0. starting at send UPDATE 1.3.5 send UPDATE 1. ran for 4ms. start version 6.0. Cisco Systems. 1:36:42: BGP: nettable_walker 1.0 via is now in the forwarding table as directly connected. network 1. path 123 metric 0. the network was not in the forwarding table so it was not injected in the BGP table.0 255.5 update run completed. table version 6. start version 6.Advertising Local Networks Example 2/2 • BGP route is advertised after the network appears in the forwarding table 1:36:42: RT: add 1. check point net 0.4.0 1:36:43: BGP: update run completed.0.0.5 1 updates enqueued (average= path 123 1:36:44: BGP: 2.0/255. connected metric [0/0] 1:36:42: RT: add 1.0.0. BGP Overview 23-59 .0 route sourced locally 1:36:42: BGP: nettable_walker 1.3. maximum=50) 1:36:44: BGP: BGP_Overview—Page-62 In this example.

In both cases. or redistributed into BGP from IGP. the BGP routes will only be originated if the corresponding entry exists in the local routing table. as well as local decisions (indicated with weights). The best BGP routes are propagated to other BGP routers and installed in the local IP routing table. . Review Questions Which of the received routing updates are forwarded to other neighbors? s s Which incoming BGP updates are stored in the Which BGP routes are announced to other BGP BGP table? s neighbors With no BGP attributes modified. Cisco Systems. Every BGP router can also originate the routes in BGP. If a BGP router has several alternatives. regardless of whether they are used or not. The route-selection process takes into account various BGP attributes attached to the route.Summary After the BGP sessions are established between BGP routers. it uses a complex route-selection process to select the best route. Inc. All updates received from BGP neighbors are stored in the BGP table. which criteria will determine route selection? s s Describe methods that are available to announce local networks 23-60 BGP Overview Copyright ©1999. they can start exchanging the routing updates. The routes to be originated are entered manually in the BGP routing process.

Simple BGP Configuration Objectives Upon completion of this section. you will be able to perform the following tasks: s s s s Initial BGP setup Configuring BGP neighbors Originating local networks in BGP Basic BGP route aggregation Copyright ©1999. Inc. BGP Overview 23-61 . Cisco Systems.

net) or RIPE (www. www. assigned to you by an Internet registry or a private AS number (ranging from 64512 to 65535). use the router bgp global configuration command. This command starts the BGP routing process in the BGP_Overview—Page-67 router bgp To configure the Border Gateway Protocol (BGP) routing process. Cisco Systems.Start the BGP Routing Process router(config)# router bgp as-number • Starts BGP routing • Get your AS number from InterNIC (www. To remove a routing process. one BGP process in a The AS number could be a public AS number (ranging from 1 to 64511). Inc. at most. either directly or indirectly. It must uniquely identify the AS among all routers exchanging BGP routing information. router bgp autonomous-system no router bgp autonomous-system Syntax Description autonomous-system Number of an autonomous system that identifies the router to other BGP routers and tags the routing information passed along. The AS number is a 16-bit unsigned integer number.ripe. It must be assigned the local AS • Use private AS numbers (64512 . There can be.internic. This means that the AS numbers are required to be unique in the world when the BGP information is exchanged with the Internet. use the no form of this command. .65535) if you run BGP in a private network • Only one BGP routing process per router is allowed © 2000. Private AS numbers will never be propagated into the public Internet. Cisco Systems. 23-62 BGP Overview Copyright ©1999. Inc.

Configure External Neighbors router(config-router)# neighbor ip-address remote-as as-number neighbor ip-address description neighbor description • Defines an external neighbor and (optionally) assigns a description • External neighbor has to be reachable over directly connected subnet © 2000. use the neighbor remote-as router configuration command. To remove an entry from the table. neighbor remote-as To add an entry to the Border Gateway Protocol (BGP) neighbor table. Inc. neighbor {ip-address | peer-group-name} remote-as number no neighbor {ip-address | peer-group-name} remote-as number Syntax Description ip-address peer-group-name Neighbor's IP address Name of a BGP peer group number Autonomous system to which the neighbor belongs Copyright ©1999. but indicating different attributes. referring to the same neighbor IP address. This is done on successive configuration lines. Other attributes may optionally be configured with the neighbor. use the no form of this command. BGP_Overview—Page-68 BGP does not auto-discover neighbors. Cisco Systems. www. They have to be explicitly configured. The local router will try to connect to the indicated IP address and also accept incoming connection attempts from the indicated IP address. When the session is established the configured remote-AS will be verified with the BGP Open messages exchange. BGP Overview 23-63 . The first attribute that must be configured with a new neighbor is the remote-AS number in which the neighbor is taking part. other attributes will be described. Cisco Systems. On later pages. In this example a free text string is entered as the description of the

neighbor {ip-address | peer-group-name} description text no neighbor {ip-address | peer-group-name} description [text] Syntax Description ip-address peer-group-name text Neighbor's IP address Name of a BGP peer group Text (up to 80 characters) that describes the neighbor 23-64 BGP Overview Copyright ©1999. . Inc.neighbor description To associate a description with a neighbor. use the no form of this command. Cisco Systems. To remove the description. use the neighbor description router configuration command.

To re-enable the neighbor or peer group. Inc. www. neighbor {ip-address | peer-group-name} shutdown no neighbor {ip-address | peer-group-name} shutdown Syntax Description ip-address peer-group-name Neighbor's IP address Name of a BGP peer group Copyright ©1999. Cisco Systems. Inc. use the no form of this command.Temporary Disable BGP Neighbor router(config-router)# neighbor ip-address shutdown • Disables communication with a BGP neighbor • Usage scenarios: • Debugging and troubleshooting • Shutdown the neighbor during extensive modification of routing policies to prevent inconsistent routing data © 2000. BGP Overview 23-65 .cisco. Cisco BGP_Overview—Page-69 neighbor shutdown To disable a neighbor or peer group. use the neighbor shutdown router configuration command.

Inc. Cisco Systems. use the neighbor password router configuration command. The space after the number causes problems 23-66 BGP Overview Copyright ©1999.Configuring TCP MD5 Signature router(config-router)# neighbor ip-address password string • Enables Message Digest 5 authentication on BGP session • Use the same password string on both routers © 2000. neighbor {ip-address | peer-group-name} password string no neighbor {ip-address | peer-group-name} password Syntax Description ip-address peer-group-name Neighbor's IP address Name of a BGP peer group string Case-sensitive password of up to 80 BGP_Overview—Page-70 neighbor password To enable Message Digest 5 (MD5) authentication on a TCP connection between two Border Gateway Protocol (BGP) peers. The first character cannot be a number. . use the no form of this command. Inc. Cisco Systems. www. including You cannot specify a password in the format number-space-anything. The string can contain any alphanumeric characters. To disable this function.

indicating a local route. The internal gateway protocol (IGP) used with the AS can be used. There are two different ways to do this configuration: List the network numbers that are candidates to be advertised. Inc. www. Cisco Systems. Cisco Systems. Copyright © some kind of configuration is required. The AS-path attribute for such a route will be empty. This is called route aggregation and also requires BGP_Overview—Page-71 Before any local routing information is injected into the BGP table for advertising to other BGP speakers. then the network is injected as a route into the BGP table. Inc.Announcing Networks in BGP Only administratively defined networks are announced in BGP • Manually configure networks to be announced • Use redistribution from IGP • Use aggregation to announce summary prefixes © 2000. This is done with the network configuration command. The AS-path changes later as the route passes AS boundaries. BGP Overview 23-67 . Any route known by the local IGP can be injected into the BGP table this way. according to its forwarding table. Any route introduced by the router into the BGP table will appear as a new route. s A router can also introduce new routing information into the BGP table by summarizing routes already there. If any of the listed networks are reachable by the local router. s Redistribute routing information learned by other routing protocols into the BGP table.

Also. www. Cisco BGP_Overview—Page-72 To specify the networks to be advertised by the Border Gateway Protocol (BGP) routing process. 23-68 BGP Overview Copyright ©1999. At least one subnet of the specified major network needs to be present in the IP routing table to allow BGP to start announcing the major network as a BGP route. it is run over TCP sessions with manually configured neighbors. Note The meaning of network command in BGP is radically different from the way network command is used in other routing protocols. Cisco Systems. use the network router configuration command. . use the no form of this command. The network command with no mask option uses the classful approach to insert a major network into the BGP table. To remove an entry. the network command is used to indicate interfaces over which the routing protocol will be run. In BGP. In all other routing protocols.Manually Define Major Network router(config-router)# network major-network-number • Allows advertising of major networks into BGP • At least one of the subnets must be present in the routing table • The meaning of “network” command in BGP is completely different from any other routing protocol © 2000. it only indicates which routes should be injected into the BGP table. BGP never runs over individual interfaces. Inc.

and then redistribute them into BGP_Overview—Page-73 There are two alternatives for injecting local routes into the BGP table: list them using network statement or redistribute them. are often used within an AS for various reasons but must never be advertised out onto the This is a very desirable option for multi-homed customers or Internet service providers.0/8.Redistributing Routes from IGP • Easier than listing networks in BGP process in large networks • Redistributed routes carry origin-attribute ‘incomplete’ • Always filter redistributed routes to prevent route leaking • Avoid in Service Provider environments © 2000. this introduces the risk that the IGP finds some networks that were not supposed to be advertised. Private network numbers. Listing the routes gives you total control over networks that could possibly be advertised by BGP. Inc. such as network 10.0. Copyright ©1999. On the other hand. it could be easier to let the local internal gateway protocol (IGP) find the routes. Cisco Systems. www. in enterprise networks). Careful filtering must be done to prevent unintentional advertising. the origin code is set to IGP. Inc. If the route is injected into BGP through redistribution. and the BGP is used primarily to achieve scalability. the origin code is set to unknown/incomplete. If there are a lot of networks to be advertised. Cisco Systems. BGP Overview 23-69 . this approach requires a lot of configuration statements that could be hard to maintain.0. When a route listed with a network statement is injected. However. not routing security (for example.

or For ospf. It can be one of the following keywords: BGP_Overview—Page-74 redistribute (IP) To redistribute routes from one routing domain into another routing domain. egp. this is an appropriate OSPF process ID from Copyright ©1999. The keyword connected refers to routes which are established automatically by virtue of having enabled IP on an interface. www. egp. Creating a name for a routing process means that you use names when configuring routing. process-id 23-70 BGP Overview . Inc. this is an autonomous system number. Inc. Cisco Systems. Cisco Systems. For isis. igrp. this is an optional tag that defines a meaningful name for a routing process. isis. redistribute protocol [process-id] {level-1 | level-1-2 | level-2} [metric metricvalue] [metric-type type-value] [match {internal | external 1 | external 2}] [tag tag-value] [route-map map-tag] [weight weight] [subnets] no redistribute protocol [process-id] {level-1 | level-1-2 | level-2} [metric metric-value] [metric-type type-value] [match {internal | external 1 | external 2}] [tag tag-value] [route-map map-tag] [weight weight] [subnets] Syntax Description protocol Source protocol from which routes are being redistributed. You can only specify one IS-IS process per router. use the redistribute router configuration command. To disable redistribution. connected. ospf. static [ip]. use the no form of this command. and rip.Simple IGP to BGP Redistribution router(config)# router(config)# router bgp <AS> router bgp <AS> redistribute <IGP> redistribute <IGP> distribute-list <ACL> out <IGP> distribute-list <ACL> out <IGP> ! ! access-list <ACL> permit <network> access-list <ACL> permit <network> • Configure redistribution in BGP process • Configure route-filter using distribute list • Caveat: • BGP routes originated through redistribution have incomplete origin © 2000. which is a 16-bit decimal number. (Optional) For bgp.

This value takes the form of a nonzero decimal number. but are imported into OSPF as type 2 external route. If not specified. level-1 For IS-IS. In the BGP case. An integer from 0 to 65535. To cancel this function. distribute-list out (IP) To suppress networks from being advertised in updates. external 1---Routes that are external to the autonomous system. use the no form of this command. but no route map tags are listed. (Optional) Network weight when redistributing into BGP. If a value is not specified for this option. but are imported into OSPF as type 1 external route. distribute-list {access-list-number | access-list-name} out [interface-name | routing-process | autonomous-system-number] Copyright ©1999. but also subnets. It can be one of the following: internal—Routes that are internal to a specific autonomous system. and no value is specified using the default-metric command. Inc.which routes are to be redistributed. (Optional) Identifier of a configured route map. This identifies the routing process. map-tag weight weight subnetsIndicates that not only network with natural mask should be redistributed. metric metric-value (Optional) Metric used for the redistributed route. Level 2 routes are redistributed into other IP routing protocols independently. Level 1 routes are redistributed into other IP routing protocols independently. no routes will be imported. level-2 For IS-IS. external 2---Routes that are external to the autonomous system. For rip. BGP Overview 23-71 . both Level 1 and Level 2 routes are redistributed into other IP routing protocols. all routes are redistributed. match {internal | external 1 | external 2} (Optional) For OPSF. no process-id value is needed. route-map (Optional) Route map should be interrogated to filter the importation of routes from this source routing protocol to the current routing protocol. the criteria by which OSPF routes are redistributed into other routing domains. Cisco Systems. use the distribute-list out router configuration command. If this keyword is specified. metric will be the MED value. level-1-2 For IS-IS. the default metric value is 0.

The access-list referred to by the distribute-list command permits those routes that should be redistributed. . 23-72 BGP Overview Copyright ©1999. Inc. Cisco Systems.

Cisco Systems. If you only want to modify some data. only selected routes will be advertised and they will have the desired attribute values. you must configure a second route-map section with an explicit match specified. a route map can have several parts. When you are passing routes through a route map. Inc. Each route-map command has a list of match and set commands associated with it. the route will not be advertised. Any string could be used but a meaningful name is suggested. some path attributes of the redistributed routes may be changed. Copyright ©1999. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. that is. www. The route-map must be given a name. Inc. BGP Overview 23-73 . and the match and set routemap configuration commands. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. Thus. if desirable. Using the set BGP_Overview—Page-75 Route-maps can be used to filter updates and modify various attributes.Redistribution Using RouteMaps router(config)# router(config)# router bgp <AS> router bgp <AS> redistribute <IGP> route-map intoBGP redistribute <IGP> route-map intoBGP ! ! route-map intoBGP permit route-map intoBGP permit match ip address <ACL> match ip address <ACL> set origin igp set origin igp ! ! access-list <ACL> permit <network> access-list <ACL> permit <network> • Origin can be set to ‘IGP’ with a route-map • Other BGP path path attributes can also be set • Metric • Next-hop • Community © 2000. This is a case-sensitive string which is used when referring to it. Use the route-map global configuration to define the conditions for redistributing routes. A routemap can be applied on all routes being redistributed from the interior gateway protocol (IGP). Only the routes being permitted by the route-map will be redistributed. Cisco Systems. Any route that does not match at least one match clause relating to a routemap command will be ignored.

0 can be written using the prefix notation as 172.0/16 and a class C network.0. 172.16. As another example.0.1.0 starts with 16 consecutive bits set to 1. an old class A network.0 255. is written as 172.0. the subnet 172.255. Cisco Systems.0 © 2000. is referring to the number of bits in the subnet mask being set to 1.0. A class B network. 23-74 BGP Overview Copyright ©1999.0.255.Classless BGP Operation • BGP4 supports Classless Interdomain Routing (CIDR) • Any BGP router can advertise individual networks or supernets (prefixes) • Prefix notation is used with BGP instead of subnet masks • 192. in the and it has the rest of the bits set to zero.0/16 = 192.0.0 with mask 255. Inc.168. ‘/’.0. The mask 255.0. BGP uses prefix notation (address/number-of-bits) to display IP prefixes. meaning that its routing updates include IP address and the subnet mask.1.168.0. The number following the slash. for example 10. with the natural mask.255.0/ . When classless prefix notation is used. Inc.0 with natural mask.0 with natural mask.0/8.0. The combination of the IP address and the subnet mask is called an IP prefix. is written as 10.0/24.1.0. An IP prefix could be a subnet.168. Cisco Systems.0. is written as 192. a major network or a BGP_Overview—Page-76 BGP of version 4 is classless.0/16 notation above.168. www. 192.1.

the behavior changes slightly and it is required that an exact match of network number and subnetmask appear in the forwarding table before the route is injected into the BGP table. www. the network is assumed to have its natural mask according to the network class. To remove an entry. If network-mask is omitted. If the network-mask is specified. Copyright ©1999. BGP Overview 23-75 . network network-number [mask network-mask] no network network-number [mask network-mask] Syntax Description network-number mask (Optional) network-mask (Optional) Network mask address Network that BGP will advertise If the keyword mask and the subnetmask are omitted.Manually Announce Classless Prefix in BGP router(config-router)# network ip-prefix-address mask subnet-mask • Configures a classless prefix to be advertised into BGP • The prefix must exactly match an entry in the IP forwarding table • Hint: use a static route to null 0 to create a matching prefix in the IP forwarding table © BGP_Overview—Page-77 network (BGP) To specify the networks to be advertised by the Border Gateway Protocol (BGP) routing process. Inc. use the network router configuration command. use the no form of this Cisco Systems. the route is injected into BGP if there is any subnet of the major network reachable according to the forwarding table. Cisco Systems. Inc.

which is currently not reachable. The mask keyword and the mask 255.0.0/16 address range. Inc. which might occur when route summaries are used in combination with default routing.255.168.0 network 192. which is not shown in the configuration example.255.0/16. The network statement with mask tells BGP that 192. However.255 (inclusive) in direction of this router.255. This static route points to the null interface. Inc. This is a safe precaution to prevent a routing loop.0/16 is assigned to a Service Provider and the Service Provider would like that address space to be constantly advertised by BGP.255.168. When those packets arrive.0. however.0/16 is a candidate of being the packet would immediately be routed back again.0 null 0 ip route 192.0 255.0. Cisco Systems.0. 23-76 BGP Overview Copyright ©1999. It will always be found since there is a static route for it.0 mask www.168. the router checks the forwarding table for an exact match (both network number and mask).168.0 to 192.0.0 mask 255.0. and a routing loop would have occurred.0 are required since the mask is not the natural one.0. The conclusion is that 192.0/16 assigned to the Internet Service Provider router(config)# router(config)# router bgp 123 router bgp 123 network 192. the static route will route the packet to the null interface where it is dropped.0/16 will always be advertised by this router.168. which is always available.0 null 0 © 2000.0.168.Advertising a Supernet Prefix Example • Advertise prefix 192. an IP packet arrives with a destination address to which this router does not have a more explicit BGP_Overview—Page-78 In this example.0 ! ! ip route 192. Of course. This could be achieved by the interior gateway protocol (IGP). the IP address space 192.168. All other BGP routers will use this information and forward any IP packets with the destination IP address in the interval 192. the packet might otherwise have followed the default route towards the Internet because there was no more explicit route. If.255. the router in this example must have more explicit routes to the different parts of the 192.0. before the candidate route is actually advertised. Cisco Systems. . If a packet arrives from the Internet to a subnet of 192.

Before BGP advertises these routes to the rest of the network an aggregation of the subnets into a larger announcement would be appropriate. This is an option to the aggregate configuration command. a router must be configured to do so. they are marked as suppressed. The routes to be summarized could be internal gateway protocol (IGP) routes redistributed into BGP. When a router is configured to do aggregation. must be suppressed. However. If any route already in the BGP table is within the range indicated by the summary. Inc. This is called proxy-aggregation. which are covered by the route Aggregation is used when a group of more specific routes have been injected into the BGP table at one stage. Inc. To get any benefits from the aggregation. the more specific routes. www. When the more specific routes are configured to be suppressed. which means that they are never advertised to any other router. then the summary route is also injected into the BGP table and advertised to other routers. Copyright ©1999. This creates more information in the BGP table. Cisco Systems. but can be summarized at a later stage. the route summary must be configured.Aggregating BGP Networks Summarization is called aggregation in BGP • Aggregation creates summary routes (called aggregates) from networks already in BGP table • Individual networks could be announced or suppressed © 2000. In some networks. BGP Overview 23-77 . The summarization of BGP routes is called BGP_Overview—Page-79 When the BGP table is already populated with routes that should be summarized. Cisco Systems. more specific routes are injected into the BGP table by some routers and aggregation is done in another router or even in another AS. then they are still present in the BGP table of the router doing the aggregation.

both the route summary and the more specific routes will be advertised. . where summary-only is not used. Inc. Therefore.Configuring Aggregation (#1) router(config)# router bgp as-number aggregate-address address-prefix mask • Specify aggregation range in BGP routing process • The aggregate will be announced if there is at least one network in the specified range in the BGP table • Individual networks will still be announced in outgoing BGP updates © BGP_Overview—Page-80 In this example. www. described on next Cisco Systems. aggregate-address address mask [as-set] [summary-only] [suppress-map mapname][advertise-map map-name] [attribute-map map-name] no aggregate-address address mask [as-set] [summary-only] [suppress-map map-name][advertise-map map-name] [attribute-map map-name] Syntax Description address Aggregate address mask Aggregate mask summary-only (Optional) suppresses more specific routes 23-78 BGP Overview Copyright ©1999. use the aggregate-address router configuration command. is used in most cases. To disable this function. use the no form of this command. This is generally not the desired behavior. aggregate-address To create an aggregate entry in a BGP routing table. the suppressing of individual routes. Cisco Systems. Inc.

www. Sub-optimal routing could be introduced when redundant paths are available to reach a group of networks advertised by a single route summary. This reduces the amount of updates necessary and the CPU power required to process them. some others more reachable the other way. However. Inc. not the more specific routes. Inc. If one of the more specific routes is lost. all route summarization in any routing protocol causes loss of granularity. BGP Overview 23-79 . It eases the burden on the other routers by reducing the amount of memory required to hold the BGP table. Cisco Systems. Cisco Systems. One of the benefits from this is that the rest of the routers will receive only one route instead of several more specific routes. Another benefit is that route flapping is reduced. Copyright ©1999. only the route summary will be BGP_Overview—Page-81 When the summary-only option is From the outside this is not visible. The router doing the aggregation will keep on advertising the aggregate as long as there is at least one more specific route within the range still available. but at least one remains. The flap of the more specific route is not visible for the rest of the network. so there is a risk that the least optimum path will be chosen. Some of the networks could be more reachable via one of the paths. the aggregate itself will not be lost.Configuring Aggregation (#2) router(config)# router bgp as-number aggregate-address address-prefix mask summary-only • Configure aggregation of BGP routes • Advertise only the aggregate and not the individual networks Benefits: • Smaller BGP routing tables • More stable internetworks (less route flapping) Drawbacks: • Problems with multi-homed customers © 2000.

Bad does not do any aggregation of any routes starting with 192.0/24 192.1. The rest of the Internet will not see the route BGP_Overview—Page-82 In this example Good provider is doing aggregation of 192.0/16 before sending it to the rest of the network.10. Cisco Systems.0/24 will be propagated by Bad to the rest of the Internet. Inc.168. Cisco Systems.10. 23-80 BGP Overview Copyright ©1999.0/24 192.0/24 Multihomed Customer Rest of the Internet .1.1. and should not do so.1. www. Alternate provider advertises individual network © 2000. advertised by Customer AS. But Customer AS also advertises 192.10. This means that Good is also doing proxyaggregation for the route 192.0.168. Inc.0/24 to Bad provider.0.168.168. This means that 192.0/16 Primary Provider (aggregating) • Customer prefers Primary provider using Alternate only as backup • Primary provider advertises the aggregate.Multihomed Customer Problem Alternate Provider via Good provider.

1.0/24 192.0. However. Both routes will be installed in the forwarding table.1.1.10. If Good does so. the rest of the Internet could be advised to use Good instead of Bad. Inc.10. Cisco Systems. the rest of the Internet will see 192. These two routes are treated as different routes. turning off aggregation will also cause Good to advertise all routes within the aggregate.0/24 Multihomed Customer Rest of the Internet 192. the Good provider must turn off aggregation. www. reachable via Bad and reachable via Good. route-selection processing starts. Cisco Systems. They are not compared with each other in a route selection process since they indicate different destinations. To avoid this.1.0/24 BGP_Overview—Page-83 The rest of the Internet now sees overlapping routes.1.0/24 both ways. If a packet arrives with a destination address in the 192. Depending on the attribute values. BGP Overview 23-81 .0/16 192.168. It sees 192.0/24 192.0/24 Primary Provider (aggregating) • Remote autonomous systems prefer longest-match prefix. so all benefits of aggregation will be lost. traffic toward the customer flows through Alternate provider • Solution: don’t use aggregation © 2000. Copyright ©1999.Multihomed Customer Problem Alternate Provider 192.1. Since exactly the same route (network and mask) is reachable two ways. the rest of the Internet will follow the “longest matching prefix” rule and forward the packet to the Bad 192. Inc.168.

any more specific route is suppressed and not advertised to any neighbors. an exact match in the routing table is a required condition before the route is injected into the BGP table.0 aggregate-address 192. Inc. Inc. s 23-82 BGP Overview Copyright ©1999.0 null 0 © 2000. However.32.255. The network statement makes it a candidate for being advertised. Because the mask is 255. It is injected into the BGP table as a summary.168. It is injected into the BGP table whenever there is a more specific route within the route summary range already in the BGP table.0.240.0 255.0 255.168.0. the more specific route is still advertised. .0 aggregate-address 192.0/20 • Aggregate networks in 192.32. However. Cisco Systems.0.0/20 is also conditionally advertised.168.0 summary-only ! ! ip route suppressing individual network announcements router(config)# router(config)# router bgp 123 router bgp 123 network 192. www. 255.240.0/20 is conditionally advertised. 255.0. Cisco Systems.255. It is injected into the BGP table whenever there is a more specific route within the route summary range already in the BGP table. 255.168.Classless BGP Examples • Advertise prefix 192.168.0 mask 255. s The prefix null 0 ip route summary-only aggregate-address 192.240.0/20 is always advertised. The matching route is inserted in the IP routing table by the static ip route statement to the null 0 interface.168.168. The prefix 192.0 network 192.0/20 and announce individual networks • Aggregate networks in BGP_Overview—Page-84 The configuration example above shows three different ways of advertising a route summary. mask aggregate-address 192. s The prefix 192.

0.5 0.0 192.32.168. Copyright ©1999. the prefix length is not displayed on the show ip bgp printout. Nothing is changed with the more specific routes.4.0.0/24 are within the range.0. > best.32.0 Next Hop Next Hop 0. This means that they are still present and available in the routers BGP table. 192.0.0 0. however.17. Note Since the prefixes 192.0/20 192.4 Status codes: s suppressed.0/20 is injected because there is at least one more specific route within the summary range.168. h history. so they are still advertised.0 3. All more specific routes are marked as suppressed using the lower case letter s. Inc.0.6 0. In this case both 192.internal Origin codes: i BGP_Overview—Page-85 The show ip bgp command prints the BGP table.0/20 192. www.0.0.0 192.0 21.0.0/24. In this case both 192.4. * valid.0.0/24.0. local router ID is but they are not advertised on any BGP session.168.0.0/20 is injected because there is at least one more specific route within the summary range. 2.0 is always injected. e .0.0 0.EGP.0/24 and 192.168.0 192.4 BGP table version is 0.2.0 0.168.32. h history.0. ? .0 1.168.0/20 192. * valid. 192.168. The prefix 192. Inc.168.0/24 are within the range.168.6 3.16. The prefix 192.0 Metric LocPrf Weight Path Metric LocPrf Weight Path 0 32768 i 0 32768 i 0 37 21 i 0 37 21 i 0 0 21 i 0 0 21 i 0 0 37 i 0 0 37 i 0 21 37 i 0 21 37 i 0 32768 i 0 32768 i 0 32768 i 0 32768 i 0 32768 ? 0 32768 ? 0 32768 ? 0 32768 ? 0 32768 i 0 32768 i 0 32768 ? 0 32768 ? 0 32768 ? 0 32768 ? © 2000. BGP Overview 23-83 .168.0 *> *> * * *> *> *> *> * * *> *> *> *> *> *> *> *> *> *> s> s> s> s> Network Network 3.16.0/20 192. As shown above all three prefixes are injected.4.0 0.0 0. The network mask is.0.0 and 192.33.0 192.0 i .17.5.incomplete Origin codes: i .0 0.0. The prefix 192.Aggregation Example .6 Cisco Systems.0/20 192.0 37.5. local router ID is 1.5 192.EGP.0. stored in the BGP table and sent on any BGP update. 192.0.0. e . 192.17.3. i . ? . Cisco Systems.0 0.16.0/24 and 37. > best.4.IGP.0 0.3.BGP Table as123#show ip bgp as123#show ip bgp BGP table version is 16.3.0/24 all have natural masks as applied to class C networks.0.0 0.internal Status codes: s suppressed.

www. Inc. are never sent as updates on the BGP session. 192. path 123 1:36:43: BGP: next 192. next 192.0/ path 123 192.3.16. are included in the update.5 send UPDATE 2.3.0/24.6. metric 0.5 send UPDATE 1:36:43: BGP: 2. next © 2000.0 255.17.0/ send UPDATE 1:36:43: BGP: 2.5 send UPDATE 2. the non-suppressed more explicit routes.6.0 255.0/20 and 192. 192.32.0 255.4.5 send UPDATE 2.5 send UPDATE 2.168.0. next 192. . are included in the updates.4. Inc.32.6.240. path 123 path 123 2.17. next 192.168.255. 192.0 255.4.0/24 and 255.255.5 send UPDATE 1:36:43: BGP: 2. path 123 1:36:43: BGP: 2.168. next 192. metric path 123 1:36:43: BGP: 2.240. metric 0. metric 0.3.0 255.168. All three route summary prefixes.Aggregation Example Outgoing BGP Update Router#debug ip bgp updates Router#debug ip bgp updates 1:36:43: BGP: 2.255.3. path 123 2. next 192.3.5 send UPDATE 1:36:43: BGP: 2.0 255. Cisco Systems.5 send UPDATE 1:36:43: BGP: 2.3. However. 23-84 BGP Overview Copyright ©1999.33.255. path 123 BGP_Overview—Page-86 The debug output shows BGP updates sent to a neighbor. metric 0.5 send UPDATE 2.0.16. metric 0. metric 0. the suppressed more explicit routes.0/24 and 255. metric Also. Cisco Systems.4. metric 0.168.168. path 123 1:36:43: BGP: 2.4. path 123 2.6. next 255.32.4. next 192.4.0/20.0 255.3. metric 0. next 192.4.3.

Local networks are announced in BGP by listing them with the network command or by redistributing them with the redistribute command. As the next step. however. There are. BGP Overview 23-85 . the BGP neighbors have to be configured. Proper ISP network design would always rely on BGP routers announcing the address space allocated to the ISP through the network command.Summary BGP process in a router is started with router bgp command. There are several scenarios (dial backup and load sharing being the more common) that require an EBGP neighbor to be distant. The network command can be used in a classful scenario (to specify a major network) or in a classless scenario (with the mask option) to announce any IP prefix. some cases where the routes already in the BGP table have to be summarized. which also enters the BGP configuration. In these cases. a matching route has to reside in the IP routing table. External BGP neighbors should be directly connected. If you use the classless version of the network command. you have to specify ebgp-multihop option on the neighbor to start the EBGP session. Inc. Cisco Systems. You always have to specify the remote AS number for a neighbor you configure and you have the option to attach a description to the neighbor. This process is called aggregation in BGP and is configured with the aggregate-address command. BGP route aggregation is performed for exactly the same reasons as the route summarization in other routing protocols: s s Reduce the size of the routing table Make networks more stable as the flap of an IP prefix within the aggregate will not cause the whole aggregate to flap Review Questions s How many BGP processes can be active in a Which parameters must be configured for a BGP router? s neighbor? What potential problem could be caused by redistributing all routes from the IGP to BGP? s s Why are external BGP neighbors almost always What are the benefits of BGP route When should you use BGP aggregation? What are the drawbacks of using BGP directly connected? s summarization? s s aggregation? Copyright ©1999.

you will be able to perform the following tasks: s s s s s s Monitor the overall BGP status Monitor BGP neighbors Monitor BGP table Inspect individual prefixes in the BGP table Perform basic BGP debugging Troubleshoot simple BGP-related problems 23-86 BGP Overview Copyright ©1999. Inc. Cisco Systems. .Monitoring and troubleshooting BGP Objectives Upon completion of this section.

1 1. There is one line of text for each neighbor configured.1. The output displays how many networks that are known and how many different paths and attribute values that are associated with BGP_Overview—Page-91 This is a very useful command when troubleshooting BGP.1.Monitoring Overall BGP Routing router> show ip bgp summary • Displays BGP memory usage. s Main routing table version is the version number of the BGP table that was most recently installed in the forwarding table.1 1. www. The output provides a short summary of the status of the BGP process in the router. BGP table version is the version number of the local BGP table. The columns are: s IP address of the neighbor as configured in the BGP version number used when communicating Autonomous system number of the remote local router. BGP neighbors and the state of communication with them Fred#show ip bgp summary Fred#show ip bgp summary BGP table version is 8.0. s neighbor. s The amount of memory allocated to hold the Cisco Systems. The first section of text describes the BGP table and its content.1 V V 4 4 4 4 4 4 AS MsgRcvd MsgSent AS MsgRcvd MsgSent 213 80 81 213 80 81 387 79 81 387 79 81 213 82 82 213 82 82 TblVer TblVer 8 8 0 0 0 0 InQ OutQ Up/Down State/PfxRcd InQ OutQ Up/Down State/PfxRcd 0 0 01:15:51 2 0 0 01:15:51 2 0 0 00:00:15 Active 0 0 00:00:15 Active 0 0 02:15:23 Idle 0 0 02:15:23 Idle © 2000. BGP Overview 23-87 .0.0. s The second section of the output is a table in which the current neighbor statuses are shown.1.2. main routing table version 8 BGP table version is 8. Inc.1 1. s Copyright ©1999. s with the neighbor. main routing table version 8 4 network entries (8/12 paths) using 832 bytes of memory 4 network entries (8/12 paths) using 832 bytes of memory 5 BGP path attribute entries using 576 bytes of memory 5 BGP path attribute entries using 576 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory 2 received paths for inbound soft reconfiguration 2 received paths for inbound soft reconfiguration Neighbor Neighbor 1.1.3 1. This number is incremented every time the table is changed.0.2. s The number of messages/updates sent to the neighbor since the session was established.3 1.0. The number of messages/updates received from the neighbor since the session was established.0. Cisco Systems. Inc.

so no state name indicates the state established. s The information can be used to verify that BGP sessions are up and established. s Number of messages waiting to be processed in the incoming queue from this neighbor. A lot of messages in the in-queue indicate a lack of CPU resources in the local router. Inc. 23-88 BGP Overview Copyright ©1999.Version number of the local BGP table that has been included in the most recent update to the neighbor. If the session is established. Cisco Systems. use the show ip bgp summary EXEC command. show ip bgp summary Syntax Description This command has no arguments or keywords. s Number of messages waiting in the outgoing queue for transmission to the neighbor. further investigations must be done to see the reason for this. IP address and AS number of the neighbor can also be verified with this command. s How long the neighbor has been in the current state and the name of the current state. the number of messages sent and received can be used as an indication of stability. with several between the printouts. and calculate how many messages have been exchanged during that period. show ip bgp summary To display the status of all Border Gateway Protocol (BGP) connections. . State established is not printed out. A lot of messages in the out-queue indicates a lack of bandwidth to the remote router or a lack of CPU resources in the remote router. If they are not. Use the command a few times.

Inc. external link Index 3. TCP timers and counters will also be presented. Inc. keepalive interval is 60 seconds Minimum time between advertisement runs is 30 seconds Received 92 messages.2. received-routes (Optional) Displays all received routes (both accepted and rejected) from the specified neighbor. BGP Overview 23-89 . table version = If you omit this argument. show ip bgp neighbors To display information about the TCP and Border Gateway Protocol (BGP) connections to neighbors. remote AS 213.1. 0 in queue Connections established 1.1.1. routes (Optional) Displays all routes that are received and accepted. 0 notifications. of prefix received 2 © 2000.2. use the show ip bgp neighbors EXEC command. The other usage is not shown in this example. www. If any of the optional qualifiers referring to routes or paths are given.1 BGP neighbor is 1. This is a subset of the output from the received-routes keyword.0. hold time is 180. up for 01:23:05 Last read 00:00:05. The general case is shown in this example. Offset BGP_Overview—Page-92 This command can be used for two different purposes. This is useful when troubleshooting the path selection. Copyright ©1999. 0 notifications. All BGP session parameters are displayed. It is used to get information about the TCP session and the BGP parameters of the session. Cisco Systems. all neighbors are displayed. show ip bgp neighbors [address] [received-routes | routes | advertised-routes | {paths regular-expression} | dampened-routes] Syntax Description address (Optional) Address of the neighbor whose routes you have learned from. the BGP routing information sent or received on this session will be displayed.Monitoring BGP Neighbors router> show ip bgp neighbor ip-address • Displays detailed neighbor information Fred#show ip bgp neighbor 1.1 BGP state = Established. Cisco Systems. remote router ID 10. 0 in queue Sent 92 messages.0. Mask 0x8 BGP version 4. dropped 0 Last reset never No.

paths regular-expression (Optional) Regular expression that is used to match the paths received. Inc. 23-90 BGP Overview Copyright ©1999.advertised-routes (Optional) Displays all the routes the router has advertised to the neighbor. Cisco Systems. dampened-routes (Optional) Displays the dampened routes to the neighbor at the IP address specified. .

Short information about each route is displayed on a single line. i internal internal Origin codes: i . e .0. d damped.2.0.0. Next-hop.0. > best.0.0.incomplete *> *> * * *> *> * * *> *> *> *> Network Network 1. local router ID is 12. * valid.IGP.0 11. Inc.0 1. The lower case letter ‘i’ means Origin code IGP. the entire BGP table is displayed. Local-Preference and Weight each have their own columns.EGP.1 1. local router ID is BGP Overview 23-91 .0.0.0. of the BGP attributes associated with the route are displayed on the line. d damped.1. The output is sorted in network number order.0. h history.0.0.1 1.2. > best.1.1 1.0.IGP.0 12. Copyright ©1999. Inc.0.1 1. both routes are displayed on successive lines.0 10. This means that if the BGP table contains more than one route to the same network.0 11. Some.0.Monitoring BGP Table router> show ip bgp • Displays all routes in the BGP table in summary format Fred#show ip bgp Fred#show ip bgp BGP table version is 11.0. This route will be pointed out by the character ‘>’ in the left column.0 BGP_Overview—Page-93 In the general case. The network number is printed on the first of those lines only.2.1 1. but not all.0 14.0.1 0.1. The following lines.1 1.0. ‘e’ means EGP and ‘?’ means Incomplete/Unknown. The BGP path selection will select one of the alternative routes to each of the networks as the best.0.3 Metric LocPrf Weight Path Metric LocPrf Weight Path 500 0 213 i 500 0 213 i 1000 0 213 i 1000 0 213 i 500 0 213 i 500 0 213 i 1000 0 213 i 1000 0 213 i 0 32768 i 0 32768 i 0 0 387 i 0 0 387 i © 2000.EGP. when the show ip bgp command is given without the optional qualifiers. * valid.2. have the network number field left blank. Cisco Systems.0. Immediately following the AS-path.0.3 BGP table version is 11.2. e .1.0.0 Next Hop Next Hop 1. but not being a part of the AS-path attribute.1.0 12. MED (displayed as Metric). Cisco Systems.1. which are referring to the same network.0. www. h history. the Origin attribute is displayed.0 14.3 Status codes: s suppressed. ? .incomplete Origin codes: i . ? . The AS-path attribute is displayed as the sequence of AS numbers in the Path column. i Status codes: s suppressed.3 1.0.

use the show ip bgp EXEC ip bgp To display entries in the Border Gateway Protocol (BGP) routing table. network-mask (Optional) Displays all BGP routes matching the address/mask pair. show ip bgp [network] [network-mask] [longer-prefixes] Syntax Description network(Optional) Network number. Cisco Systems. Inc. entered to display a particular network in the BGP routing table. 23-92 BGP Overview Copyright ©1999. longer-prefixes (Optional) Displays route and more specific routes. .

2. localpref 100.0.1. Installation of routes in the forwarding table is made based on the administrative distance. best Origin IGP.0/8. advertised over EBGP) Paths: (2 available. advertised over EBGP) 213 213 1.Displaying Entries in BGP Table router> show ip bgp ip-prefix [mask subnet-mask] • Displays detailed information about all paths for a Advertising router IP address single prefix Fred#show ip bgp 11. external Origin IGP.1) Origin IGP.0.1.1 from 1. external. the information about network 11. One is received from neighbor 1.1) 1.1.0. metric 500.1 from 1. Inc. valid. Inc. There are two different routes to 11. version 5 Paths: (2 available. best #1.0. external.2. valid. BGP Overview 23-93 .0/8.0. metric 1000.0 is displayed.1. localpref 1.0. Cisco Systems. best 213 213 1. but only about that network.1. metric 1000.1.2.0. external Advertising router router-ID Next-hop Other BGP attributes AS-Path © 2000.0 Fred#show ip bgp version 5 BGP routing table entry for 11. This displays all the information.0. Copyright ©1999.0.0.1 (11.0.1 (11.1 as the best.0.1.1) Origin IGP.0.0.1 and the other from 1.0. localpref 100.1 (10.0 BGP routing table entry for 11. localpref metric 500.0.1.1 (10.0. Cisco Systems.2. This means that this is the route that BGP will try to install in the forwarding table. valid. the show ip bgp command should be given with the network number on the command BGP_Overview—Page-94 If more information and the complete set of BGP attributes are required.2. best #1. www.1 from 1.0. In this example.1 from 1.0.1. valid. The BGP route selection process has selected the route via 1.

Debugging BGP

debug ip tcp transaction

• Displays all TCP transactions (start of session, session errors …)

debug ip bgp event

• Displays significant BGP events (neighbor state transitions, update runs)

© 2000, Cisco Systems, Inc.


If a BGP session stays in the active state, where it is actively sending connection attempts to the neighbor, debug ip tcp transactions can give valuable information why the connection never succeeds. All TCP transactions in the router will be displayed on the console as they happen. The troubleshooter can now determine if the TCP session is being established or not and the reason for that. If the TCP session succeeds, but is torn down within a short period of time, the reason might be found using debug ip bgp events. All BGP events will be displayed on the console as they happen.


BGP Overview

Copyright ©1999, Cisco Systems, Inc.

Debugging BGP

debug ip bgp keepalives

• Debugs BGP keepalive packets


debug ip bgp updates

• Displays all incoming or outgoing BGP updates (use with caution)

© 2000, Cisco Systems, Inc.


In a stable state with no network topology changes, no updates are sent. When the session has been idle for some time, the BGP protocol exchange keepalive packets. The keepalive timer is default set to 60 seconds. Use debug ip bgp keepalive to get a printout on the console for every keepalive packet sent or received. Successful keepalive exchanges indicates that the session is working and is in a stable state. If no keepalives are sent or received, the session might still be working but the reason for not seeing any keepalives is that it is never idle for long enough. Use debug ip bgp updates to get a printout on the console for every update message sent or received. Successful exchanges of updates indicates that the session is working but is not idle. In a large network, updates are sent and received in large volumes. Starting debug ip bgp updates might cause extensive output on the console. In some cases, the CPU resources used to generate those outputs are so great that the real work that must be done will suffer. In a case with very busy BGP sessions, it is actually possible to set the router in a condition where all CPU resources are consumed with the debugging printouts.

Copyright ©1999, Cisco Systems, Inc.

BGP Overview


Debugging BGP

debug ip bgp updates acl

• Displays all incoming or outgoing BGP updates for routes matching an IP ACL

debug ip bgp neighbor-ip updates [acl]

• Displays all BGP updates received from or sent to a BGP neighbor (optionally matching an IP ACL)

© 2000, Cisco Systems, Inc.


To avoid debug printouts for every update sent or received, an access-list can be created and associated with the debug command. If it is used, only the updates referring to a network number that are permitted according to the access-list, will be displayed on the console. This is extremely useful in a live network with busy BGP sessions and the troubleshooter is interested only in updates on specific networks. Indicating a specific neighbor can even further restrict the debugging. Only the updates on the session to the indicated neighbor will be displayed. Optionally, it can be combined with an access-list.


BGP Overview

Copyright ©1999, Cisco Systems, Inc.

but the BGP session is BGP neighbor state oscillates between idle and not established. Inc. Cisco Systems. BGP Overview 23-97 . s active. www.BGP Session Startup Troubleshooting Common BGP Session Startup Symptoms • BGP neighbors do not become active • BGP neighbor is active. Cisco Systems. but the session is never established • BGP neighbor oscillates between idle and active © 2000. BGP neighbor is active. Copyright © BGP_Overview—Page-98 There are a number of common BGP session startup symptoms: s s BGP neighbor never becomes active. Inc.

www. the neighbor is intentionally reachable using a non-directly connected interface. so that no other routing protocol is required to set up the BGP session. the session will stay in the idle state. the router will start to attempt to establish the session. If this does not succeed. The normal way to fix this problem is to change the neighbor reference so that it is referred by an IP address. However. Cisco BGP_Overview—Page-99 BGP sessions to a router in another autonomous system should normally run across directly connected interfaces—routers share a common IP subnet. the local router must have routing information on how to reach that address. Cisco Systems. in some odd cases. Debug ip tcp transactions will display the connect attempts. If a router is configured with a BGP neighbor. further investigations must be done. They must be configured to reach each other using the IP address belonging to this shared subnet. Inc. Also.BGP Session Startup Issues: 1/4 Symptom • BGP neighbors do not become active show ip bgp neighbor display the neighbor state as idle for several minutes Diagnose • Neighbor is not directly connected Verification • Verify with show ip route © 2000. If the session goes into active state. which is in another AS but not directly connected. . The router will not even attempt to set up the session. In that rare case. the BGP session must be configured with the ebgpmultihop option. 23-98 BGP Overview Copyright ©1999. which is directly connected.

session is not established debug ip tcp transaction display shows that the SYN TCP packet is not answered with a SYN+ACK packet Diagnose • Neighbor is not reachable Verification • Verify connectivity with ping • Check for access list presence © 2000. Cisco Systems. Try to use the ping command and verify the existence of the remote router and the IP packet exchange between the local and remote router.BGP Session Startup Issues: 2/4 Symptom • BGP neighbor is active. BGP_Overview—Page-100 The TCP session establishment starts with the router sending a TCP SYN packet. www. BGP Overview 23-99 . the remote router might be dead or not reachable. If this is never answered. Cisco Systems. Copyright ©1999.

168. The sending router therefore never receives the reply to the SYN packet and aborts the TCP session in approximately 45 seconds (changing the state from SYNSENT to CLOSED).14(179)] 16:35:12: TCP0: state was SYNSENT -> CLOSED [11007 -> 192.4.4. advertising MSS 1460 TCP0: Connection to 192.13. seq 545426735. advertising MSS 1460 TCP0: state was CLOSED -> SYNSENT [11007 -> 192.4.11007 TCP: sending SYN. Inc.4.13. ack 0 TCP: sending SYN. Cisco Systems.168. seq BGP_Overview—Page-101 In the scenario Inc.168. www.14:179. 23-100 BGP Overview Copyright ©1999. TCP session is closed © 2000.168.14:179. the remote BGP router is not available.14(179)] TCP0: state was CLOSED -> SYNSENT [11007 -> 192. .4.11007 TCB82119C40 bound to 192.168.168.BGP Session Startup Neighbor not Reachable Router#debug ip tcp transaction Router#debug ip tcp transaction 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: TCB82119C40 created TCB82119C40 created TCB82119C40 setting property TCP_WINDOW_SIZE (0) 8223BDE8 TCB82119C40 setting property TCP_WINDOW_SIZE (0) 8223BDE8 TCB82119C40 setting property TCP_TOS (11) 8223BDEC TCB82119C40 setting property TCP_TOS (11) 8223BDEC TCB82119C40 bound to 192.4.14(179)] 16:35:12: TCP0: state was SYNSENT -> CLOSED [11007 -> 192.4.14(179)] 16:35:12: TCB 0x82119C40 destroyed 16:35:12: TCB 0x82119C40 destroyed SYN packet is sent SYN+ACK reply never came back. Cisco Systems. ack 0 TCP0: Connection to 192.

Copyright ©1999. Cisco Systems. session is not established debug ip tcp transaction display shows that the SYN TCP packet is answered with a RST packet Diagnose • This router is not configured as BGP neighbor on the neighboring router Verification • Check IP addresses of BGP neighbors with show ip bgp summary on the neighbor router © 2000. BGP Overview 23-101 . BGP_Overview—Page-102 If the TCP SYN packet is answered with a TCP RST packet. Inc. Cisco Systems.BGP Session Startup Issues: 3/4 Symptom • BGP neighbor is The reason for this may be that BGP is not started on the remote router or that the source IP address used by the local router in the connection attempt is not in the remote router’s list of valid neighbors. Inc. the remote router is alive and reachable but is not willing to grant the connection attempt.

4. www.4.14:179.4.14(179)] TCP0: bad seg from 192.13.closing connection: seq 0 ack rcvnxt 0 rcvwnd 0 len 0 rcvnxt 0 rcvwnd 0 len 0 TCP0: connection closed . 23-102 BGP Overview Copyright ©1999.4. The remote router responds with a RST packet as soon as it receives the initial SYN Session Startup Neighbor not Configured Router#debug ip tcp transaction Router#debug ip tcp transaction 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 305377216 305377216 16:30:30: 16:30:30: 16:30:30: 16:30:30: TCB82119C40 created TCB82119C40 created TCB82119C40 setting property TCP_WINDOW_SIZE (0) 8223BDE8 TCB82119C40 setting property TCP_WINDOW_SIZE (0) 8223BDE8 TCB82119C40 setting property TCP_TOS (11) 8223BDEC TCB82119C40 setting property TCP_TOS (11) 8223BDEC TCB82119C40 bound to 192.remote sent RST TCP0: connection closed . connection: seq 0 ack TCP0: bad seg from 192. seq 305377215. Cisco Systems. BGP_Overview—Page-103 In the scenario above.14(179)] TCP0: state was SYNSENT -> CLOSED [11005 -> 192.14(179)] TCP0: state was CLOSED -> SYNSENT [11005 -> 192.168.14(179)] TCP0: state was SYNSENT -> CLOSED [11005 -> 192.remote sent RST TCB 0x82119C40 destroyed TCB 0x82119C40 destroyed SYN packet is sent Neighbor replies with RST packet.4.14:179. terminating the BGP session.4. advertising MSS 1460 TCP0: state was CLOSED -> SYNSENT [11005 -> 192. ack 0 TCP: sending SYN.168.14 -.13.11005 TCB82119C40 bound to 192.4. advertising MSS 1460 TCP0: Connection to 192. Inc.168.4. seq 305377215. ack 0 TCP0: Connection to -. the remote router is not configured for BGP or there was a mismatch in the neighbor IP addresses. .11005 TCP: sending SYN.168. TCP session is closed © 2000. Cisco Systems. BGP_Overview—Page-104 If the TCP session is established using the specified three-way handshake. the BGP parameters are mismatching. the session is dropped after exchanging BGP Open messages. but the session is dropped after a short packet exchange. Inc. If the AS numbers do not match.BGP Session Startup Issues: 4/4 Symptom • BGP neighbor oscillates between active and idle debug ip tcp transaction display the TCP session being established and torn down immediately Diagnose • AS-number mismatch between BGP neighbors Verification • Verify the AS-numbers configured for neighboring routers show ip bgp summary on both routes © 2000. Make sure that the remote AS configured on each router matches the local AS configured on the neighbor. BGP Overview 23-103 . Cisco Systems. Inc. Cisco Systems. Copyright ©1999. SYN-ACK. www.

168. Cisco] TCB821197BC callback TCB821197BC callback TCB821197BC accepting 82119C40 from 192.168.168. seq 918933898. ack 862828853 TCP: sending SYN. 23-104 BGP Overview Copyright ©1999.4.168.4. .168.4. www. seq 918933898. Inc.14(11000)] TCP0: state was LISTEN -> SYNRCVD [179 -> 192.4. received MSS 1460 TCP: sending SYN.168.14 reset due to BGP Notification sent BGP: 192. Inc.14:11000.14:11000.BGP Session Startup AS-number Mismatch Router#debug ip tcp transaction Router#debug ip tcp transaction Router#debug ip bgp event Router#debug ip bgp event 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:44: 16:40:44: 16:40:44: 16:40:44: 16:40:44: 16:40:44: TCB82119C40 created TCB82119C40 created TCP0: state was LISTEN -> SYNRCVD [179 -> 192.4.14(11000)] TCP0: state was ESTAB -> FINWAIT1 [179 -> 192.14:11000.] TCP0: sending FIN TCP0: sending FIN TCP session is established BGP notification is sent due to AS number mismatch in open message © BGP_Overview—Page-105 Whenever there is a mismatch in AS-numbers (or any other BGP parameters that are necessary for proper BGP operation).11000 BGP: 192.168.11000 TCB821197BC accepting 82119C40 from 192. received MSS 1460 TCP0: Connection to 192.168.14(11000)] TCP0: Connection to 192. advertising MSS 1460 TCP0: Connection to 192.4.14. Cisco Systems. advertising MSS 1460 TCP0: state was SYNRCVD -> ESTAB [179 -> 192.14(11000)] TCP0: state was SYNRCVD -> ESTAB [179 -> 192.4.14 reset due to BGP Notification sent TCP0: state was ESTAB -> FINWAIT1 [179 -> 192.168.14:11000. ack 862828853 TCP0: Connection to 192.4.168. the BGP session is terminated with a BGP notification and the TCP session is terminated as well.

Cisco Systems. Inc.Summary There are a number of IOS commands that can be used to monitor and troubleshoot BGP: show ip bgp summary will display the overall status of BGP. show ip bgp can also be used to display an extended printout about a specific route in the BGP table s debug ip bgp events will display significant BGP events while debug ip bgp updates will display the routing information being exchanged between BGP neighbors s debug ip tcp transactions can also be used to troubleshoot BGP session establishment problems s Review Questions s What information do you get from a show ip bgp Which command is used to display detailed BGP summary? s neighbor information How does the output from show ip bgp tell you which route to a specific destination is selected as the best? s Which is the most common reason for a BGP session not leaving the idle state? s What happens when a BGP session is established. configured neighbors and their state s show ip bgp neighbor can be used to get more in-depth information about a BGP neighbor s s show ip bgp will display all entries in the BGP table. but terminated immediately? s Copyright ©1999. BGP Overview 23-105 .

you should be able to perform the following tasks: s Explain the need for BGP and typical BGP usage Describe basic BGP technical characteristics Describe BGP path attributes Describe BGP session establishment and routing Configure basic BGP on Cisco router Monitor and troubleshoot basic BGP setup scenarios s s s information exchange s s 23-106 BGP Overview Copyright ©1999. Cisco Systems.Summary After completing this chapter. . Inc.

Sign up to vote on this title
UsefulNot useful