CCNP SERVICE PROVIDER - SPRI 300-510 Implementing Service Provider Advanced Routing Solutions mn mn a Wu Wt on ti " "'Sikandar'Shaik CCIEX3 (RS/SP/SEQ) | Ne eT WWW.lloasolutions.comTable of Contents About the Author. Border Gateway Protocol BGP NEIGHBORS ~ IBGP - EBGP. LAB: IBGP Peering... IBGP Peering with Loopback Interfaces Redundancy... LAB: IBGP Peering USING LOOPBACKS. BGP NEIGHBOR AUTHENTICATION... BGP Peer-Groups LAB ~ PEER GROUPS... BGP Route Reflectors. LAB: ROUTE REFLECTOR, LAB: ROUTE REFLECTOR USING LOOBACK... LAB: ROUTE REFLECTOR WITH TWO SERVERS FOR REDUNDANCY. EBGP Peering... LAB: Basic EBGP Configuration & Verify Next-hop Behavior. BGP Attributes BGP Weight Attribute .. LAB: USING WEIGHT ATTRIBUTE .... LAB : WEIGHT ATTRIBUTE using Route-maps.. BGP Local preference... LAB: USING LOCAL PREFERENCE. LAB: LOCAL PREFERENCE USING ROUTE-MAP .. BGP Path Selection Process. AS-PATH Attribute -Path Manipulation. LAB: AS-path Prepend Mutli Exit Discriminator (MED)... LAB : MULTLEXIT DISCRIMINATOR (METRIC). BGP Summarization LAB : BGP Summarization (Aggregation) BGP Summarization — AS-SET option BGP Summarization ~Suppress-Map GP Summarization — UnSuppress-Map. BGP Route Filtering LAB: BGP Filtering -with ACLs. 32 40 43 44 48 51 54 56 61 67 70 7 a2 289 94 98 104 110 12 116 21 124 136 143 148 157 159 162 165LAB : BGP filtering -with IP prefixlist. AS-PATH filtering, LAB : AS-PATH filters -with Regular expressions.. BGP Communities. LAB: BGP COMMUITIES - WELL KNOWN... BGP Communi ss — User Defined LAB: User Defined BGP Community: BGP Confederations. LAB: BGP Confederations BGP - Route Reflectors Clusters... LAB : Route Reflector Clusters. BGP Route-Dampening ..... LAB: ROUTE DAMPENING. BGP- Remove Private-AS.... LAB: Remove Private-AS. BGP Hide Local-Autonomous System ....cc0 BGP Support for Dual AS Configuration for Network AS Migrations LAB : BGP allowas-in .ssssnnnnenunsitnnnsesennnesee Lar IPv6 BGP. LAB : Basic IPV6 IBGP and EBGP configurations LAB: IPV6 IBGP & EBGP Advance Configurations. a7 184 189 202 206 220 223 235, 238 243 248 287 258 264 269 274 281 284 288 292 297About the Author Sikandar Shaik, a Triple CCIE (RS/SP/SEC # 35012), is a highly experienced and extremely driven senior technical instructor and network consultant. He has been training networking courses for more than 15 years, teaching on a wide range of topics including Routing and Switching, Service Provider and Security (CCNA to CCIE). In addition, he has been developing and updating the content for these courses. He has assisted many engineers in passing out the lab examinations and securing certifications. ‘Sikandar Shaik is highly skilled af designing, planning, coordinating, maintaining, troubleshooting and implementing changes to various aspects of mulfi-scaled, multi-platform, mulfi-protocol complex networks as well as course development and instruction for a technical workforce in a varied networking environment. His experience includes responsibilifies ranging from operating and maintaining PC's and peripherals to network control programs for multi-faceted data communication networks in LAN, MAN and WAN environments. Sikandar Shaik has delivered instructor led trainings in several states in India as welll as in abroad in countries like China, Kenya and UAE. He has also worked as a Freelance Cisco Certified Instructor globally for Corporate Major Clients. Acknowledgment First and foremost | would like to thank the Almighty for his continued blessings and for always being there for me. You have given me the power and confidence to believe in myself and pursue my dreams. | could never have done this without the faith | have in you. Secondly | would like to thank my family for understanding my long nights at the computer. | have spent a lot of fime-on preparing workbooks and this workbook would not have been possible without their support and encouragement. I would also like to recognize the cooperation of my students who fook my trainings and workbooks. | believe my workbooks have helped them in upskilling themselves with respect fo the subject and technologies and | will continue preparing workbooks for the updated technology version: Shaik Gouse Moinuddin Sikandar CCIE x 3 (RS/SP/SEC) Feedback Please send feedback if there are any issues with respect fo the content of this workbook. | would also appreciate suggestions from you which can improve this workbook further. Kindly send your feedback and suggestions at info@noasolutions.comBorder Gateway Protocol BGP Concepts and Terminology Autonomous System Number NEA WOM OWEN ACADEHY * isa collection of networks under a single administration. + Range 1- 65535Private AS example NOA eFWON OHNE ACADEHY + Used with in the same service provider. * unique with in service provider. + Range = 64513 - 65535 Public AS example + Used with in between multiple service provider. + Globally unique. + Range = 1 - 64512 ABC customer sites in India and UAERouting Protocol IGP + Interior Gateway Protocol + used to communicate within same autonomous system + RIP, IGRP, EIGRP, OSPF, IS-IS IGP RIP, OSPF, EIGRP. Classification NOA, [Gr nile etichoster 1. Exterior Gateway Protocol 2. used to communicate between two or more autonomous system 3. Border Gateway Protocol (BGP) IGP - RIP, OSPF, EIGRP BGP Features » Open Standard » Exterior Gateway protocol » Designed for Inter-AS Domain Routing » Designed to scale huge inter-network like internet. > Classless. ‘Support FLSM, VLSM, CIDR, auto and manual summary (BGP-4) » Updates are incremental and trigger » Path vector protocolBGP As-path — Path Vector 200 , 300, 400 Sey in BGP updateiM OA. Path Vector 10110 10110 ‘AS 65200 65300 65400 AS 65900 65400 BGP - AS Path Advertisement 20220 AS 65444 20.220 65333 65444 2022.0 ‘AS 65222 65333 65444 Metric = Attributes » Administrative distance 20 External updates ( EBGP) 200 Internal updates ( IBGP) BGP’s loop prevention mechanism NA, en ETSI Teawen Toro ee pat 0109 100 War opie reece one eo > 200? senions ‘BGP loop prevention mechanism between external ASBGP’s loop prevention mechanism NGA, 722125402 ‘Asean? wres126009 As Pan 725 vananon AS Pam? 25 1969 BGP’s loop prevention mechanism NA, AS-Path loop detection AS200 \/ AS100 ' \ 170.10.0.06 ("\ 180.10.0.0/16 cows CREE) ~ AS 500 Tanase ASPan 7219 , 180.10.0.0/16 is not accepted by AS100 as the prefix has ‘AS100 in its AS-PATH - this is loop detection in actionWhen to use BGP AS. working as transit A.S. (Ex. ISP) ° AS. connected to multiple A.S (when the AS is multi-homed) Data traffic path entering or leaving A.S. need to manipulated When not to use BGP * Ifit is Single-home A.S » Lack of recourses like memory and less processing power in routers © Limited understanding about BGP route filtering and path selection processes x OA. Types of ISP Connections » Single Homed » Dual-homed site > Multi-homing » Dual Multi-homedSingle homed site » A site with a single ISP connection is single-homed. » This is fine for a site that does not depend heavily on Internet or WAN connectivity. » Either use static routes, or advertise the site routes to the ISP and receive a default route from the ISP. ASN 80 ASN 1, ISP 1 Dual-homed site » A dual-homed site has two connections to the same ISP, either from one router or two routers. One link might be primary and the other backup, or the site ( might load balance over both 3 links. TaeMulti-homing » Multi-homing means connecting to more than one ISP at the same time. Itis done for redundancy and backup if one ISP fails and for better performance if one ISP provides a better path to frequently used networks. This also gives you an ISP- independent solution. BGP is typically used with multi- homed connections. Dual Multi-homed » You can take multi-homing a step further and be dual-multi- homed, with two connections to multiple ISPs. This gives the most redundancy. BGP is used with the ISPs and can be used internally also. asne0 ASN 18° 8 sn 2, 1802 oe @ ASN 18P 1 eS) ASN2,18P2 @ ) 1801 ) ASN2,15P2MW OA. Connecting to the Internet with BGP Route reception options: > Default route from provider(s) + Easy on resources, internal traffic routed to nearest BGP router >» Some routes + default route — Allows for selection of some paths with others falling back toa default route » All routes (full table) — + Hard on resources, but guarantees the most direct path is taken Default Routes from All Providers beet e acid IGP metric to reach DIS eta totic Service providerNSA, Default Routes from All Providers AS 64520 172.16.0.0/16 Isp. ‘AS 65000 Isp AS 65250 Router C chooses the lowest IGP metric to reach the default network. Default Routes from All Providers and Partial Table m| OA. Pena e Cay ern Tory 0.0.0.0/0 Partial RoutesDefault Routes from All Providers and Partial Table NO; —— Default AS 64520 ‘AS 64100 — Partial Table ISPA ISPB ‘AS 65000 ‘AS 64900 Owns SE pp 10.000 Prefixes: Router C uses the — default route to get FNeo VAS 64500 KI to networks in AS Full Routes from All Providers NGA. Router C uses the specific BGP routes that it has learned to 64100 and all other jet to networks autonomous Swned by AS 65000, systems not shown. Ys AS 64900, and ‘AS 64520.Full Routes from All Providers NO; AS 64520 DI AS 64100 // : ISPA ISPB Passes All Passes All Prefixes: AS 65000; "AS 64900 Prefixes to AS 64500 to AS 64500. _ AS 64500 path selection process can exit to either AS 65000 or ‘AS 64900 for any network.BGP Neighbors IBGP (internal) EBGP (external) BGP Neighbors MOA, > routers forming TCP connection for exchanging BGP updates. » Also called as BGP Peers or BGP Speakers. » Two type of BGP neighbor relationship. + IBGP (Internal BGP) + EBGP (external BGP)IBGP / EBGP Neighbors OA, IBGP Neighbors AS 65500 AS 65200 AS 65000 BGP Databases ( BGP tables) XA, Neighbor table © A\list of all configured BGP neighbors. © Has to be manually configured using neighbor command © # show ip bgp summary © #show ip bgp neighbors BGP forwarding table/database ° A\ list of networks known by BGP, along with their paths and attributes. © # show ip bgp IP routing table © List of best paths to destination networks © # Sivip routeConfiguring BGP Routing Protocol Router(config) router bgp Router(config-router)# neighbor remote-as Router(config-router)# network — [mask IBGP Configuration Example MOA. Ri(config)trouter bgp 500 Ri(config-router)# neighbor 1 Ri(config-router)# neighbor 4 Femote-as 500 Femote-as 500 Ri(config-router)# network 10.0.0.0 Ri(config-router}# network 1.0.0.0 Ri(config-routery# network 4.0.0.0 Ri(config-routery#necwork 11.0.0. mask 255.2: Ri(config-routery# exitRiash ip bgp summary Neighbor V AS MsgRcvd MsgSent TbiVer InQ OutQ Up/Down Sete Poked W120 4 500 SS 90 0 44.4.1 Ons Oo Sellen R-t4sh ip route bgp B_ 2.0.0.0/8 [20/0] via 1.1 40.0.0.0/8 [200/0] via 4.4.4.1, 00:02: No network 30.0.0.0 in the routing table BGP Split horizon rule N®A,, » An update send by one IBGP neighbor should not be send back to another IBGP neighbor » Prevents Routing loops within an same AS.Solution for BGP Split horizon rule NEA. » full mesh neighborship © every router should be a neighbor of every other router with in the AS IBGP neighbors no need to be directly connectedTASK: * Configure IBGP peering AS 500 as per the diagram ‘+ Make sure that all the routers should be able to see the routes from other routers through BGP 18 directly connected Interfaces. the routing table Ri(config)#router bgp 500 Ri(config-router)# neighbor 1.1.1.2 remote-as 500 Ri(config-router)# neighbor 4.4.4.1. remote-as 500 RI(config-router) #network 10.0.0.0 Ri(config-router)# network 1.0.0.0 Ri(config-router)# network 4.0.0.0 RI(config-router) ¢network 11.0.0.0 mask 255.255.255.0 Ri(config-router)# no auto-summary Ri(config-router)# no synchronization Ri(config-router)# exit NOTE: * To advertise with default mask value ex: 10.0.0.0/8 no need to use mask + to advertise with exact mask other than default like 11.0.0.0/24 * make sure that the mask on the interface( shown in routing table as connected) and in the network command should be same in order to advertise Routes in BGP. Example: BGP network Command Router(config-router)# network 192.168.1.1 mask 255.255.255.0 * The router looks for exactly 192.168.1.1/24 in the routing table, but cannot find it, so it will not announce anything. Router(config-router)# network 192.168.0.0 mask 255.255.0.0+ The router looks for exactly 192.168.0.0/16 in the routing table. + Ifthe exact route is not in the table, you can add a static route to nullO so that the route can be announced. R2(config)#router bgp 500 R2(config-router)# neighbor 1.1.1.1 remote-as 500 R2(config-router)# neighbor 2.2.2.2 remote-as 500 R2(config-router)# network 20.0.0.0 R2(config-router)# network 2.0.0.0 R2(config-router)# network 1.0.0.0 R2(config-router)# no auto-summary R2(config-router)# no synchronization R2(config-router)# end R3(config)#router bgp 500 R3(config-router)# neighbor 2.2.2.1 remote-as 500 R3(config-router)# neighbor 3.3.3.2 remote-as 500 R3(config-router)# network 30.0.0.0 R3(config-router)# network 3.0.0.0 R3(config-router)# network 2.0.0.0 R3(config-router)# no auto-summary R3(config-router)# no synchronization R3(config-router)# end R4(config)#Router bgp 500 Ra (config-router) #neighbor 3.3.3.1 remote-as 500 R4(config-router)# neighbor 4.4.4.2 remote-as 500 Ra(config-router)# network 40.0.0.0 Ré(config-router)# network 4.0.0.0 Ra(config-router)# network 3.0.0.0 Ré(config-router)# no auto-summary Ra(config-router)# no synchronization Ré(config-router)# exit Ri#sh ip bgp summary Neighbor VAS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed 1112 4 500 5 =5 9 0 000:01:40 3 4441 4500 5 5 9 0 000:01:17 3 R3#sh ip bgp summary Neighbor VAS MsgRevd MsgSent TbIVer InQ OutQ Up/Down State/PfxRed 222100 4 500 6 6 8 0 0 00:02:41 3 333.2 4 500 6 6 800 Relish ip route bgp 8B 2.0.0.0/8 [200/0] via 1.1.1.2, 00:03:00 B _3.0.0.0/8 [200/0] via 4.4.4.1, 00:02:46 No network 30.0.0.0 in the routing tableR-2ifsh ip route bgp B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:03: B__4.0.0.0/8 [200/0] via 1.1.1.1. 00:03:51 Here there is No network 40.0.0.0 in the routing table because of BGP SPLIT HORIZON RULE R3#sh ip route bgp B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:02:10 B 4.0.0.0/8 [200/0] via 3.3.3.2, 00: B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:02:10 B 40.0.0.0/8 [200/0] via 3.3.3.2, 00:02:10 R4fsh ip route bgp B 1.0.0.0/8 [200/0] via 4.4.4.2, 00:02:15 B 2.0.0.0/8 [200/0] via 3.3.3.1, 00:02:14 B 10.0.0.0/8 [200/0] via 4.4.4.2, 00:02:15, 11.0.0.0/24 is subnetted, 1 subnets 11.0.0.0 [200/0] via 4.4.4.2, 00:02:15 30.0.0.0/8 [200/0] via 3.3.3.1, 00:02:14 oo BGP SPLIT HORIZON RULE * An update send by one IBGP neighbor should not be send back to another IBGP neighbor * BGP split-horizon is necessary to ensure that routing loops are not started within an AS full-mesh IBGP peering is required within an AS for all the routers within the AS to learn about the BGP routes. AS 65001 ‘Why have these restrictions? ‘+ No mechanism to detect an UPDATE loop exists in iBGP. ‘+ What may be the consequences of not having a full iBGP mesh? ‘+ Black holes and routing loops. UPDATE loops. Solution: 1. full mesh neighbor ship (means every router should be a neighbor of every other router with in the AS.) 2. Use Route Reflector Note : IBGP neighbors need not to be directly connected ( but they must be reachable to each other ) RI(config)#Router bgp 500 Ri(config-router)#Neighbor 2.2.2.2 remote-as 500 Ri(config-router)#endR2(config)#Router bgp 500 R2(config-router)#Neighbor 3.3.3.2 remote-as 500 R2(config-router)#end R3(config)#Router bgp 500 R3(config-router)#Neighbor 1.1.1.1 remote-as 500 R3(config-router)#end R4(config)#Router bgp 500 R4(config-router)#Neighbor 2.2.2.1 remote-as 500 R4(config-router)#end R-ldsh ip bgp summary Neighbor __V_AS MsgRevd Msgsent_ TbiVer InQ OutQ Up/Down State/PfxRed R3#sh ip bgp summary Neighbor V_AS MsgRevd MsgSent_ TbiVer InQ OutQ Up/Down State/PhxRed LLLl 4 500 6 «6 = 36 «0 000:01:44 4 22.21 4 500 NM MN 36 0 000:07:33 3 333.2 4500 N Wl R-sh ip route bgp B 2.0.0.0/8 [200/0] via 1.1.1.2, 00:16:19 B 3.0.0.0/8 [200/0] via 2.2.2.2, 00: B 20.0.0.0/8 [200/0] via 1.1.1.2, 0 B__ 40.0.0.0/8 [200/0] via 4.4.4.1. 00:16:05 R-2#sh ip route bgp B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:16:42 B__4.0.0.0/8 [200/0] via 1.1.1.1, 00:16:48 B_ 40.0.0.0/8 [200/0] via 3.3.3.2, 00:00:57 B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:16:48 11.0.0.0/24 is subnetted, 1 subnets B _ 11.0.0.0 [200/0] via 1.1.1.1, 00:16:48 B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:16:42 R3#sh ip route bgp B 1.0.0.0/8 [200/0] via 1.1 B_ 4.0.0.0/8 [200/0] via 1.1.1 B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:06:49 B 40. Ré#tsh ip route bgp B 1.0.0.0/8 [200/0] via 4.4.4.2, 00:07:04 B 2.0.0.0/8 [200/0] via 2.2.2.1, 00:00:01B 10.0.0.0/8 [200/0] via 4.4.4.2, 0 11.0.0.0/24 is subnetted, 1 subnets B _ 11.0.0.0 [200/0] via 4.4.4.2, 00:07:04 B__30.0.0.0/8 [200/0] via 3.3.3.1, 00:07:04 7:04IBGP neighbors — Issues with connected neighbors OA. What happens if R1- R2 link goes down. © RY-R2 neighbors goes down and no exchange of routes between them. » Single point of failure » No redundancy in neighbors IBGP Peering using loopbacks Interfaces KOA, Provides Neighbor Redundancy Ri(config)trouter bgp 500 Ri(config-router}éneighbor 12.0.0.1 remote-as 5 Ri(config-router)#nelghbor 13.0.0.1 remote-as 500 Ri(config-router)#nelghbor 14.0.0.1 remote-as 500 Ri(config-router}#network 10.0.0.0 Ri(config-router}#exitRiésh Ip bgp summary Neighbor V_AS MsgRcvd MsgSent TbiVer InQ OutQ Up/Down State/PhxRed 20a 4 600 cl 100 never Active 13001 4 500 0 0 0 0 0 never Active woo. 4 500 0 0 0 0 0 never Active BGP Active State Troubleshooting NPA.. Active means the router has sent an open packet and is waiting for a response. The state may cycle between active and idle. » Neighbor is peering with the wrong address. Neighbor does not have a neighbor statement for this router. AS number is misconfiguration. «Neighbor does not have a route to the source IP address of the BGP open packet generated by this router. s Any extra command missing.(update source)Mf OA, Issues with IBGP peering using Loopbacks Retésh ip route Gateway of last resort is not set CC 1.0.0.0/8is directly connected, Serialt/0 C 4.0.0.0 Is directly connected, Seriali/1 10.0.0.0/8 is directly connected, FastEtherneto/0 .0.0.0/24is subnetted, 4 subnets 11.030 is directly connected, Loopback 11.0.2.0is directly connected, Loopback2 .0 Is directly connected, Loopback .0 Is directly connected, Loopbacko Loopbacks must be Reachable » to send unicast BGP open messages. ° Advertise Loopback interface inside IGP (OSPF/EIGRP/RIP) Issues with IBGP peering using Loopbacks NPA,. Problem with Source address 11.0.0.1LAB: IBGP Peering USING LOOPBACKS TASK: Remove the BGP configurations in the previous lab. (On RI, R2 R3 R4 Rx(config)# No Router bgp 500 RI Ri(config)#router bgp 500 Ri(config-router) #neighbor 12.0.0.1 remote-as 500 RI(config-router) #neighbor 13.0.0.1 remote-as 500 Ri(config-router) #neighbor 14.0.0.1 remote-as 500 RI(config-router) #network 10.0.0.0 Ri(config-router)#no auto-summary RI(config-router)#no syne Ri(config-router) #exit Configure IBGP AS 500 as per the diagram using directly Loopback Interfaces. Make sure that IBGP neighbor relationship should not be affected by the physical status of the link Make sure that all the routers should be able to see the routes from other routers in the BGP table WAN interfaces not preferably advertised in real networks ( It makes your BGP or routing table more big). R2(config)#router bgp 500 R2(config-router) #neighbor 11.0.0.1 remote-as 500 R2(config-router)#neighbor 13.0.0.1 remote-as 500 R2(config-router)#neighbor 14.0.0.1 remote-as 500R2(config-router)#network 20.0.0.0 R2(config-router)#no auto-summary R2(config-router)#no syne R2(config-router)#exit R3(config)#router bgp 500 R3 (config-router) #neighbor 12.0.0.1 remote-as 500 R3(config-router) #neighbor 11.0.0.1 remote-as 500 3 (config-router) neighbor 14,0.0.1 remote-as 500, R3(config-router)#network 30.0.0.0 R3(config-router)#no auto-summary R3(config-router)#no sync R3(config-router)#exit R4(config)#router bgp 500 R4(config-router) neighbor 12.0.0.1 remote-as 500 R4(config-router) neighbor 13.0.0.1 remote-as 500, Ra (config-router) #neighbor 11.0.0.1 remote-as 500 Ra(config-router)#network 40.0.0.0 R4(config-router)#no auto-summary R4(config-router)#no syne Ré(config-router) #exit Ri#sh ip bgp summary Neighbor V_AS MsgRevd Msgsent TbiVer InQ OutQ Up/Down State/PfxRcd 12.001 4500 0 0 0 O Onever 13.0.01 4 500 0 0 0 O Onever 140.01 4 500 0 O 0 O Onever R3#sh ip bgp summary Neighbor V_AS MsgRevd MsgSent_ TbiVer InQ QutQ Up/Down State/PfxRed 1.0.01 4 500 0 0 0 O Onever 12.001 4 500 0 © 0 O Onever 140.01 4 500 0 O 0 O Onever R2#sh ip bgp summary Neighbor V_AS MsgRevd MsgSent TbIVer InQ OutQ Up/Down State/PfxRed 1.0.01 4 500 0 0 0 O Onever 13.0.01 4 500 0 0 0 O Onever 14.001 4 500 0 © 0 O Onever Ré#tsh ip bgp summary Neighbor V_AS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed 1.0.01 4 500 0 O 0 O Onever 12.001 4 500 0 0 0 O Onever 13.0.1 4 500 0 0 0 O Onever Active means its actively trying to establish the neighbor ship (still trying) BGP Active State TroubleshootingActive: The router has sent an open packet and is waiting for a response. The state may cycle between active and idle, The neighbor may not know how to get back to this router because of the following reasons: 1. Neighbor is peering with the wrong address. 2. Neighbor does not have a neighbor statement for this router. 3. AS number is misconfiguration. 4, Neighbor does not have a route to the source IP address of the BGP open packet generated by this router. 5. Any extra command missing Sample output of AS number misconfiguration: At the router with the wrong remote AS number: At the remote router: To troubleshoot BGP neighborship First step: Make sure that there is a connectivity to neighbor Rel#ping 12.0.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 12.0.0.1, timeout is 2 seconds: Success rate {8/O)pereent (0/5) R-l#ping 13.0.0.1 ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 13.0.0.1, timeout is 2 seconds: cs Success rate is/O)pereent (0/5) R-l#ping 14.0.0.1 ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 14.0.0.1, timeout is 2 seconds: os Success rate is/Olpereent (0/5) Relfsh ip route Gateway of last resort is not set 1.0.0.0/8 is directly connected, Serial1/O 4.0.0.0/8 is directly connected, Seriall/1 10.0.0.0/8 is directly connected, FastEthernet0/O aaa 11.0.0.0/24 is subnetted, 4 subnets 11.0.3.0 is directly connected, Loopback3 11.0.2.0 is directly connected, Loopback2 11.0.1.0 is directly connected, Loopback! 11.0.0.0 is directly connected, LoopbackO nanNo entry of the neighbor address (12.0.0.1, 13.0.0.1, 14.0.0.1) ‘+ Here the router RI don't know how to reach neighbor address ( 12.0.0.1 ,13.0.0.1 , 14.0.0.1) ‘+ To learn about those neighbors BGP relies on IGP protocol ( RIP/EIGRP/OSPF) running inside the AS Here is the issue is with Routing. To fix it Configure RIP, OSPF, EIGRP any one and make sure that you also hulsetive the loopback interface used for IBCP peering. RI(config)#router ospf1 Ri(config-router) #net 10.0.0.0 0.255.255.255 area 0 Ri(config-router) #net 1.0.0.0 0.255.255.255 area 0 RI ie 4.0.0.0 0.255.255.255 area 0 Ri(config-router) #exit, R2(config)#router ospf 1 R2(config-router) #network 20.0.0.0 0.255.255.255 area 0 ACER! J#network 2.0.0.0 0.255.255.255 area 0 R2(config-router)#network 1.0.0.0 0.255.255.255 area O Ra(config-router)#end R3(config)#router ospf 1 R3(config-router)#network 30.0.0.0 0.255.255.255 area 0 3 (config-router) network 3.0.0.0 0.255.255.255 area 0 3 (config-router)¢network 13.0.0.0 0.255.255.255 area 0 3 (config-router)#network 2.0.0.0 0.255.255.255 area 0 R3(config-router)#end R4(config)#router ospf 1 Ré(config-router) network 40,0.0.0 0.255.255.255 area 0 Ra (config-router) network 4.0.0.0 0.255.255.255 area 0 ES RS 3.0.0.0 0.255.255.255 area O Ré(config-router)#end Rlish ip bgp summary Neighbor V_AS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed 4500 0 0 0 O Onever 4500 0 O 0 O Onever 140.01 4 500 0 0 0 O Onever Active Make sure that there is connectivity between neighbors R-l#ping 12.0.0.1 Type escape sequence to abort. Sending 5. 100-byte ICMP Echos to 12.0.0.1, timeout is 2 seconds: Success rate {S{1OO!Pereent (5/5), round-trip min/avg/max = 32/56/80 ms R-l#ping 13.0.0.1 Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 13.0.0.1, timeout is 2 seconds: Success rate is TOOIBEreEE (5/5), round-trip min/avg/max = 56/92/172 ms R-l#ping 14.0.0.1 ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 14,0.0.1, timeout is 2 seconds: Success rate is TOO/BEHEHE (5/5), round-trip min/avg/max = 48/71/12 ms Step-2_ the other issue can be Problem with source address. BGP Issues with Source IP Address + When creating a BGP packet, the neighbor statement defines the destination IP address and the outbound interface defines the source IP address. + When a BGP packet is received for a new BGP session, the source address of the packet is compared to the list of neighbor statements: + Ifa match is found, a relationship is established. + Ifo match is found, the packet is ignored, + Make sure that the source IP address matches the address that the other router has in its neighbor statement, Loopback 0 Loopback 0 1144 44.4.4 AS 65102 i To establish the IBGP session between router A and router D, which neighbor addresses should be used? What IP address should router A What IP address should router D use for peering with router D? —_use for peering with router A? 10.4.4.4 10.1.1.4 10.2.2.4 10:3:3:4 4444 1a + Update-source command allows the BGP process to use the IP address of a specified interface as the source IP address of all BGP updates to that neighbor. + A loopback interface is usually used, because it will be available as long as the router is operational. + The IP address used in the neighbor command on the other router will be the destination IP address of all BGP updates and should be the loopback interface of this router. + The neighbor update-source command is normally used only with IBGP neighbors. + The address of an EBGP neighbor must be directly connected by default; the loopback of an EBGP neighbor is not directly connected. Example: BGP Using Loopback AddressesAS 65101 ‘AS 65100 AS 65102 172. AD AA A 112 192.168.1 10.224 10.222 1002.2.2.2 1003.3.3.3 Sa SR neighbor 3.3.3.3 upda neighbor 2) 2.2.2 updat Ri(config)#Router bgp 500 RI(config-router)#Neighbor 12.0.0.1 update-source loop 0 Ri(config-router)#Neighbor 13.0.0.1 update-source loop 0 RI(config-router)#Neighbor 14.0.0.1 update-source loop 0 Ri(config-router)#end R2(config)#Router bgp 500 R2(config-router)#Neighbor 11.0.0.1 update-source loop 0 R2(config-router)#Neighbor 13.0.0.1 update-source loop 0 R2(config-router)#Neighbor 14.0.0.1 update-source loop 0 3 (config)#Router bgp 500 R3(config-router)#Neighbor 12.0.0.1 update-source loop 0 3 (config-router)#Neighbor 11.0.0.1 update-source loop 0 R3(config-router)#Neighbor 14.0.0.1 update-source loop 0 R3(config-router)#end Ra (config)#Router bgp 500 R4(config-router)#Neighbor 12.0.0.1 update-source loop 0 Ra (config-router)#Neighbor 13.0.0.1 update-source loop 0 R4(config-router)#Neighbor 11.0.0.1 update-source loop 0 Ra(config-router)#end Relish ip bgp summary Neighbor V_AS MsgRevd Msgsent TbiVer InQ OutQ Up/Down State/PfxRed 4500 7 7 4500 6 6 4500 6 6 R2#sh ip bgp summary Neighbor V_AS MsgRevd Msgsent TbiVer InQ OutQ Up/Down State/PfxRed 1.0.01 4 500 5 6 8 O 000:00:21 4500 5 5 8 0 000:00:40 4500 5 5 8 0 000:00:33 R3#sh ip bgp summary Neighbor VAS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed1.0.01 4 500 6 6 8 O 000:01:42 1 12.0.0.1 4 500 6 6 8 O 000:01:43 1 14.0.01 4 500 6 6 8 O 000:01:20 1 Réifsh ip bgp summary ighbor —V_AS MsgRevd MsgSent_TbiVer InQ OutQ Up/Down State/PfxRed. 4500 8 8 8 O 000:03:19 1 e500) 6) 8 == 0: (0.00:03:03, | 1 4500 7 7 8 O 000:02:58 1 Rl#sh ip route ospf © 2.0.0.0/8 [110/128] via 1.1.1.2, 00:14:46, Seriall/0 © 3.0.0.0/8 [110/128] via 4.4.4.1. 00:14:46, Serial1/1 © 40.0.0.0/8 [110/65] via 4.4.4.1, 00: 12.0.0.0/32 is subnetted, 4 subnets © 12.0.1.1 [110/65] via 1.1.1.2, 00:14:46, Seriall/0 246, Seriall/1 © 12.0,3.1 [110/65] via 1.1.1.2, 00:14:46, Seriall/0 © _ 12.0,2.1 [110/65] via 1.1.1.2, 00:14:46, Seriall/0 13.0.0.0/32 Is subnetted, 4 subnets O 13.0.1.1 [110/129] via 4.4.4.1, 00:14:46, Seriall/1 [10/129] via 1.1.1.2, 00:14:46, Serial1/O © 13.0.2. [MO/29] via 4.4.4.1, 00:14:46, Seriall/ [110/129] via 1.1.1.2, 00:14:46, Serial1/O © 13.0,3.1 [110/129] via 4.4.4.1, 00:14:46, Serial1/1 [10/129] via 1.1.1.2, 00:14:46, Serial1/O 14.0.0.0/32 is subnetted., 4 subnets 14.0.3.1 [110/65] via 4.4.4.1, 00:14:47, Seriall/1 14.0.2.1 [110/65] via 4.4.4.1, 00:14:47, Seriall/1 14.0.1.1 [110/65] via 4.4.4.1, 00:14:47, Serial1/1 14.0.0.1 [110/65] via 4.4.4.1, 00:14:47, Serial1/1 4.4.1, 00:14:47, Seriall/1 [110/129] via 1.1.1.2, 00:14:47, Serial1/0 ° ° ° ° Ri(config)#int s1/0 RI(config-if)#shutdown Rlfsh ip bgp summary Neighbor _V_AS MsgRevd MsgSent_ TbiVer InQ OutQ Up/Down State/PfxRed Rifsh ip int brief Interface IP-Address OK? Method Status Protocol FastEthemet0/0 10.111 YESNVRAM up up FastEthernet0/1 aaa YES NVRAM a down down Seriall/1 2 YESNVRAM up up Serialt/2 unassigned YES NVRAM_ administratively down downserialt/3 unassigned YES NVRAM administratively down down LoopbackO 11.0.0.1 YES NVRAM up up Loopback! 1.0.11 YESNVRAM up. up Loopback2 1.0.2.1 YES NVRAM up up Loopback3 1.0.3.1 YES NVRAM up up Riffsh ip route ospf © 2.0.0.0/8 [110/192] via 4.4.4.1, 00:12:27, Seriali/1 © 3.0.0.0/8 [10/128] via 4.4.4.1, 00:12:27, Seriall/1 © 20.0.0.0/8 [110/193] via 4.4.4.1, 00:12:27, Seriall/1 © 40.0.0.0/8 [110/65] via 4.4.4.1, 00:12:27, Serial1/L 12.0.0.0/32 is subnetted, 4 subnets 12.0.1.1 [110/193] via 4.4.4.1, 00:12:27, Serial1/1 12.0.0.1 [110/193] via 4.4.4.1, 00:12:27, Serial1/1 12.0.3.1 [110/193] via 4.4.4.1, 00:12:27, Serial1/1 12.0.2.1 [110/193] via 4.4.4.1, 00:12:27, Serial1/1 13.0.0.0/32 is subnetted, 4 subnets 13.0.0.1 [110/129] via 4.4.4.1, 00:12:27, Serial1/1 13.0.1.1 [110/129] via 4.4.4.1, 00:12:27, Serial1/1 13.0.2.1 [110/129] via 4.4.4.1, 00:12:27, Serial1/1 13.0.3.1 [110/129] via 4.4.4.1, 00:12:27, Serial1/1 14.0.0.0/32 is subnetted, 4 subnets O — 14.0.3.1 [110/65] via 4.4.4.1, 00:12:27, Seriall/1 © 14.0.2.1 [110/65] via 4.4.4.1, 00:12:27, Seriall/1 © — 14.0.1.1 [110/65] via 4.4.4.1, 00:12:27, Seriall/1 ° ° 0000 0000 14.0.0.1 [110/65] via 4.4.4.1, 00:12:27, Serial1/1 30.0.0.0/8 [110/129] via 4.4.4.1, 00:12:27, Seriall/1 Ri#sh ip bgp summary Neighbor V_AS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRcd 4500 7 8 12 0 000:02:24 1 4500 7 7 12 0 000:02:53 1 4500 7 7 12 0 00:02:57 1 RI(config)#int s1/0 Ri(config-if}#no shutdownP_NEIGHI HEN IN Configuring BGP Authentication on Cisco 10S: Border Gateway Protocol (BGP) supports authentication mechanism using Message Digest 5 (MDS) algorithm, When authentication is enabled, any Transmission Control Protocol (TCP) segment belonging to BGP exchanged between the peers is verified and accepted only if authentication is successful For authentication to be successful, both the peers must be configured with the same password. If authentication fails, the BGP neighbor relationship is not be established. Router(config-router)# neighbor {ip-address | peer-group-name} 10.64.0.2124 AS 65500 —_J/ AS 65000 ~~ 10.64.0.1/24 neighbor 10/64.0.2 pasoword veinedakels36 || neighbor 101641011 password velnedakel 336 BGP Authentication by OA. Ri(configi# router bgp 500 Reontg-outen# neighbor 1.0.01 password cisco123 Ri(config-router}# neighbor 13.0.0.1 password cisco123 Rt(config-router}# neighbor 14.0.0.1 password cisco123 R1(config-router}# neighbor 12.0.0.1 version 4 Ri (config-router}# neighbor 13.0.0.1 version 4 Rt (config-router}# neighbor 14.0.0.1 version 4TASK Continue with the lab configurations based on the previous lab Make sure that the authentication is established between all the peers and they should use password as cisco123. The peering should establish only if both the routers runs BGP v4. Ri(config)# router bgp 500 Ri(config-router)# neighbor 12.0.0.1 password ciscol23 Ri(config-router)# neighbor 13.0.0.1 password ciscol23 Ri(config-router)# neighbor 14.0.0.1 password ciscol23 Ri(config-router)# Ri(config-router)# Ri(config-router)# neighbor 14.0.0.1 version 4 Ri(config-router)# end R2(config)# router bgp 500 R2(config-router)# neighbor 11.0.0.1 password ciscol23 R2(config-router)# neighbor 13.0.0.1 password ciscol23 R2(config-router)#_ neighbor 14.0.0.1 password ciscol23 R2(config-router)# neighbor 11.0.0.1 version 4 R2(config-router)# neighbor 13.0.0.1 version 4 Ra(config-router)# R2(config-router)# end R3(config)# router bgp 500 R3(config-router)# neighbor 12. R3(config-router)# neighbor 11.0.0.1 password dscol23 R3(config-router)# 1 password ciscol23 R3(config-router)# 1 version 4 R3(config-router)# neighbor 11.0.0.1 version 4 R3(config-router)# neighbor 14.0.0.1 version 4 R3(config-router)# end Ra(config)# router bgp 500 Ra(config-router)# neighbor 12.0.0.1 password ciscol23 Ra(config-router)# neighbor 13.0.0.1 password ciscol23 R4(config-router)# neighbor 1.0.0.1 password cisco123 Ra(config-router)# neighbor 12. Ra(config-router)# neighbor 13. Ra(config-router)# neighbor 11.0.0.1 version 4 Ra(config-router)# end Relfsh ip bgp summary Neighbor VAS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed 4 500 7 7 8 0 000:02:04 4 500 6 6 8 0 000;01:39)00114.0.0.1 4 500 6 6 8 O 000:01:52 4 R2¢sh ip bgp summary Neighbor V_AS MsgRevd MsgSent TbiVer InQ QutQ Up/Down State/PfxRed 1.0.0.1 4500 5 6 8 O 000;00:21 i 13.0.0.1 4500 5 5 8 0 000;00:40 i 4001 4500 5 5 8 0 00:00:33 R3#sh ip bgp summary Neighbor -V_ AS MsgRevd MsgSent TbIVer InQ OutQ Up/Down State/PfxRed 1.0.01 4 500 6 6 120.01 4 500 6 6 14. 2500) 6.126 Ré#tsh ip bgp summary Neighbor V_AS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed 01 4500 8 8 8 0 000:03:19 1 4 500 8 8 8 0 000.0303 1 4500 7 7 8 0 000:02:58 1P Peer- BGP- Peer-groups + Apply same policies to multiple neighbors + useful when many neighbors have the ‘same policies. + Updates are generated once per peer group. * Configuration is simplified BGP- Peer-groups : configuration NA. / . \ f \ f bocca: 9h” Sis eer Ri(config}#router bgp 500 { Ri(config-outerj# neighbor CCIE peer-group | Ri(config-outerj# neighbor CCIE remote-as 600 Ri(conig-outerj# neighbor CCIE update-source loopback ° x Ri(contigrouterj# neighbor CCIE version 4 \ Ri(coniigvouterj# neighbor CCIE password ciscot23 Ri(configeouter}# neighbor 12.0.1 peer-group CCIE Ri(config-outer}# neighbor 13.0.0.1 peer-group CCIE Ri(configrouterj# neighbor 14.0.0.1 peer-group CCIE nig-router}# net 10.0.0.0,LAB - PEER GROUPS * Loopback 0 14.0.0.1, a TASK: Configure peering between R1 R2 R3 R4 with the below configurations: * Peering to be established using the loop 0 ip address (X. 0.0.1) of every router * Make sure that the authentication is established between all the peers and they should use password as ciscol23. ‘The peering should establish only if both the routers runs BGP v4 Use minimum commands as possible (peer groups). Configure IGP as OSPF area 0 to Provide reachability between loopbacks Advertise only LAN network only in BGP Ri(config)#router ospf 1 Ri(config-router) #net 10.0.0.0 0.255.255.255 area 0 Ri(config-router) #net 1.0.0.0 0.255.255.255 area 0 Ri(config-router) #net 4.0.0.0 0.255.255.255 area 0 Ri(config-router)#net 11.0.0.0 0.255.255.255 area O Ri(config-router)#exit R2(config)#router ospf 1 R2(config-router)#network 20.0.0.0 0.255.255.255 area 0 R2(config-router) #network 2.0.0.0 0.255.255.255 area 0R2{config-router)#end R3(config)#router ospf 1 R3(config-router) #network 30.0.0.0 0.255.255.255 area 0 R3(config-router)#network 3.0.0.0 0.255.255.255 area 0 3 (config-router) #network 2.0.0.0 0.255.255.255 area 0 R3(config-router)#end Ra (config)#router ospf 1 Ra (config-router) #network 40.0.0.0 0.255.255.255 area 0 Ra (config-router)#network 4.0.0.0 0.255.255.255 area 0 Ré(config-router) #network 3.0.0.0 0.255.255.255 area 0 Ra(config-router)#end Ri(config)#router bgp 500 Ri(config-router)# neighbor CCIE peer-group Ri(config-router)# neighbor CCIE remote-as 500 Ri(config-router)# neighbor CCIE update-source loopback 0 Ri(config-router)# neighbor CCIE version 4 Ri(config-router)# neighbor CCIE password ciscol23 Ri(config-router)# neighbor 12.0.0.1 peer-group. CCIE Ri(config-router)# neighbor 13.0.0.1 peer-group CCIE Ri(config-router)# neighbor 14.0.0.1 peer-group. CCIE Ri(config-router)# net 10.0.0.0 Ri(config-router)#no auto-summary Ri(config-router)# no synchronization Ra(config)#router bgp 500 Ra(config-router)# neighbor CCIE peer-group R2(config-router)# neighbor CCIE remote-as 500 R2(config-router)# neighbor CCIE update-source loopback 0 R2(config-router)# neighbor CCIE version 4 Ra(config-router)# neighbor CCIE password ciscol23 R2(config-router)# R2(config-router)# neighbor 11.0.0.1 peer-group CCIE R2(config-router)# neighbor 13.0.0.1 peer-group CCIE R2(config-router)# neighbor 14.0.0.1 peer-group CCIE R2(config-router) #net 20.0.0.0R2(config-router)#no auto-summary R2(config-router)# no synchronization R2(config-router)# end R3(config)#router bgp 500 R3(config-router)# neighbor CCIE peer-group R3(config-router)# neighbor CCIE remote-as 500 R3(config-router)# neighbor CCIE update-source loopback 0 R3(config-router)# neighbor CCIE version 4 R3(config-router)# neighbor CCIE password ciscol23 R3(config-router)# neighbor 12.0.0.1 peer-group CCIE R3(config-router)# neighbor 11.0.0.1 peer-group CCIE R3(config-router)# neighbor 14.0.0.1 peer-group CCIE R3(config-router)#net 30.0.0.0 R3(config-router)#no auto-summary R3(config-router)# no synchroni R3(config-router)# end R4(config)#router bgp 500 Ré(config-router)# neighbor CCIE peer-group Ré(config-router)# neighbor CCIE remote-as 500 Ré(config-router)# neighbor CCIE update-source loopback 0 Ré(config-router)# neighbor CCIE version 4 Ré(config-router)# neighbor CCIE password ciscol23 Ra(config-router)# neighbor 12.0.0.1 peer-group CCIE Ré(config-router)# neighbor 13.0.0.1 peer-group CCIE Ré(config-router)# neighbor 11.0.0.1 peer-group CCIE Ré(config-router)#net 40.0.0.0 Ré(config-router)#no auto-summary Ré(config-router)# no synchroni R-lfsh ip bgp summary Neighbor V_ AS MsgRevd MsgSent TbiVer InQ QutQ Up/Down State/PfxRed. 12.001 4 500 7 7 8 0 000:02:04 13.0.0.1 4500 6 6 8 0 000:01:350H 4.0.0.1 4 500 6 6 8 0 000:01:52 R2#tsh ip bgp summary Neighbor V_ AS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed M001 4 500 5 6 8 0 000:00:21 1 13.001 4500 5 5 8 0 0000040 1 14.0.0.1 4500 5 5 8 0 000;00:33 I R3¢sh ip bgp summaryNeighbor V_AS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed 110.01 4 500 6 6 & 0 ODODK 1 12.001 4500 6 6 8 0 0000143 1 14, 4500 6 6 8 0 000:01:20 1 Ré#tsh ip bgp summary Neighbor V_AS MsgRevd MsgSent TbIVer InQ OutQ Up/Down State/PfxRed 1.0.01 4500 8 8 120.01 4500 8 8 13.0.01 4500 7 7 8 0 0000258 1 Rish ip bgp Network Next Hop Metric LocPrf Weight Path *> 10.0.0.0 0 327681 1>120.0.0.0 12.0.0.1 0 100 03 1>130.0.0.013.0.0.1 0 100 03 1>140.0.0.0 4.0.0.1 0 100 OiBGP Route Reflectors BGP Split Horizon Rule : Review OA, » An update send by one IBGP neighbor should not be send back to another IBGP neighbor » BGP spli-horizon is necessary to ensure that routing loops are not started within an AS Solution : 1. full mesh neighborship means every router should be a neighbor of every other router with in AS. 2. Use Route Reflector iBGP Full Mesh Scalability NA, Concerns Administration CContiguration management on increasingly large number of router. Number of TCP Sessions Total numberof sessions = n(0-1)2 Maintaining extreme numbers of TCP sessions creates Extra overhead. BGP Table Size ‘Ahigher number of neighbors generally translate toa higher number of paths for each route, ‘Memory consumption,Route Reflector 7 NW Y A. » Scalable altemative to an iBGP full mesh, » Allows a router (route reflector — RR) to advertise routes received from an ISGP peer to other iBGP peers » Client updates server. » Server updates to all the remaining clients. + AllClients. should establish neighbor with only servers * Clients will not establish neighbor with any other client + Incase if you have 2 servers (server establish neighbor with other servers & clients)\ aie | | + AllClients. should establish neighbor with only servers + Clients will not establish neighbor with any other client + Incase if you have 2 servers (server establish neighbor with other servers & clients)LAB: ROUTE REFLECTOR TASK * Configure IBGP AS 500 as per the diagram, * Make sure that all the routers should be able to see the routes from other routers in the routing table through BGP. Do not use full mesh peering Ri(config)#router bgp 500 Ri(config-router)# neighbor 1.1.1.2 remote-as 500 Ri(config-router)# network 10.0.0.0 Ri(config-router)# network 1.0.0.0 Ri(config-router)# no auto-summary Ri(config-router)# no synchronization Ri(config-router)# exit R2(config)#router bgp 500 R2(config-router)# neighbor 1.1.1.1 remote-as 500 R2(config-router)# bor 2.2.2.2 remote-as 500 R2(config-router)# network 20.0.0.0 R2(config-router)# network 1.0.0.0 R2(config-router)# network 2.0.0.0 R2(config-router)# no synchronization R2(config-router)# no auto-summary R2(config-router)# end R3(config)#router bgp 500 R3(config-router)# neighbor 2.2.2.1 remote-as 500 R3(config-router)# network 30.0.0.0 R3(config-router)# network 2.0.0.0 R3(config-router)# no auto-summaryR3(config-router)# no synchronization R3(config-router)# end R2fsh ip bgp summary Neighbor V_AS MsgRevd MsgSent TbIVer InQ OutQ Up/Down State/PfxRed R2#sh ip bgp Network Next Hop Metric LocPrf Weight Path *iL000 Ltd 0 100 i *> 0.0.0.0 0 327681 #12000 2.2.2.2 0 100 03 *> 0.0.0.0 0 327681 *>i10.0.0.0 LLL 0 100 Oi *>20.0.0.0 0.0.0.0 0 32768i *>i30.0.0.0 2.2.2.2 0 100 Oi Rifsh ip bgp Network Next Hop Metric LocPrf Weight Path 111.2 0 100 oi 0.0.0.0 0 327681 0.0 112 0 100 Oi *>10.0.0.0 0.0.0.0 = 0327681 *2120.00.0 14120-1000 R3#sh ip bgp Network Next Hop Metric LocPrf Weight Path *>i10.0.0 2.2.21 0 100 OF *12.0.0.0 2.2.2.1 0 100 OF *> 0.0.0.0 0 327681 *>120.0.0.0 2.2.2.1 0 100 i *> 30.0.0.0 0.0.0.0 0 327681 RI and R3 cannot see each other routes in their respective BGP table because of split horizon rule In order to get the routes to be learned we have two Solutions: 1. Full mesh neighborship (which the requirement says not to_use here ) 2. Route reflector To Configure Route-reflector * All Clients should establish neigbbor with only servers * Clients will not establish neigbor with any other clinet * Incase if you have 2 servers ( server establish neigbbor with other servers and clients ) R2(config)#Router bgp 500 R2(config-router)# neighbor 1 route-reflector-clientR2(config-router)# neighbor 2.2.2.2 route-reflector-client R2(config-router)# end Rifsh ip bgp Network Next Hop Metric LocPrf Weight Path *>10.0.0.0 0.0.0.0 0 327681 *5120.0.0.0 1.41.2 0 100 01 *130.0.0.0 222.2 = 0 100 OF R3¥sh ip bep Network Next Hop Metric LocPrf Weight Path *>i10.0.0.0 111 0 100 0k *3120.0.00 2.2.2.1 0 100 Oi *> 30.0.0.0 0.0.0.0 0 327681LAB: ROUTE REFLECTOR USING LOOBACK TASK: * Configure BGP AS 500 as per the diagram using Loopnback Interfaces. * To provide Reachability configure RIPV2 as IGP protocol inside AS 500 RI(config)#router bgp 500 RI(config-router)#neighbor 12.0.0.1 remote-as 500 Ri(config-router)#neighbor 12.0.0.1 update-source loopback O Ri(config-router)#network 10.0.0.0 RI(config-router)#no synchronization Ri(config-router)#no auto-summary Ri(config-router)#exit R2(config)#router bgp 500 R2(config-router)#neighbor 11.0.0.1 remote-as 500 R2(config-router)#neighbor 11.0.0.1 update-source loopback O R2(config-router)#neighbor 13.0.0.1 remote-as 500 R2(config-router)#neighbor 13.0.0.1 update-source loopback 0 R2(config-router)#network 20.0.0.0 R2(config-router)#no auto-summary R2(config-router)#no synchronization R2(config-router) exit R3(config)#router bgp 500 3 (config-router)#neighbor 12.0.0.1 remote-as 500 R3(config-router) #neighbor 12.0.0.1 update-source loopback 0 R3 (config-router)#network 30.0.0.0 R3(config-router)#no auto-summary 3(config-router)#no synchronization R3(config-router)#exitR2#tsh ip bgp summary Neighbor V_ AS MsgRevd MsgSent_ TbiVer InQ OutQ Up/Down State/PfxRed 1.0.01 4 500 6 6 3.0.01 4500 8 8 Ri#show ip bgp summary Neighbor VAS MsgRevd MsgSent_TbiVer InQ OutQ Up/Down State/PfxRed 12.0.0.1 4500 6 6 4 0 000055 Jf R3#sh ip bgp summary Neighbor —_-V_AS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed Ri#show ip bp Network Next Hop Metric LocPrf Weight Path *>10.0.0.0 0.0.0.0 0327681 1120.0.0.0 12.001 = 0-100 01 RI Do Not Have R3 Routes (30.0.0.0) Because Of Split Horizon Rule R3#sh ip bgp Network Next Hop Metric LocPrf Weight Path 1>i20.0.0.0 12.0.0.1 0 100 0: *> 30.0.0.0 0.0.0.0 0 32768: R3 do not have RI routes (10.0.0.0) because of split Horizon rule TASK: Configure R2 as RR Server and RI and R3 as RR Clients R2(config)#router bgp 500 R2(config-router)#neighbor 11.0.0.1 route-reflector-client R2(config-router)#neighbor 13.0.0.1 route-reflector-client R2(config-router)#end Rifshow ip bgp Network Next Hop Metric LocPrf Weight Path *>10.0.0.0 0.0.0.0 0 32768i 1>i20.0.0.0 1.0.0.1 0 100 0% 1>130.000 3.001 = 0 100 01 R3Ash ip bgp Network Next Hop Metric LocPrf Weight Path 1>i10.0.0.0 1.0.0.1 0 100 Oi 7>i20.0.0.0 1.0.0.1 0 100 OFLAB: ROUTE REFLECTOR WITH TWO SERVERS FOR REDUNDANCY TASK: * Configure RIPV2 to provide Reachability between BGP peers © Configure R2/R4 as RR Server and RI/R3 as Clients Ri(config)#router rip Ri(config-router)# version 2 Ri(config-router)# network 1.0.0.0 Ri(config-router)# network 4.0.0.0 Ri(config-router}# network 10.0.0.0 Ri(config-router)# network 1.0.0.0 RI(config-router}# no auto-summary Ri(config-router) fexit R2(config)#router rip R2(config-router)# version 2 R2(config-router)# network 1.0.0.0 R2(config-router)# network 2.0.0.0 R2(config-router)# network 20.0.0.0 R2(config-router)# network 12.0.0.0 R2(config-router)# no auto-summary R2(config-router)# R2(config-router)#endR3(config)#router rip R3(config-router)# version 2 3 (config-router)# network 3.0.0.0 R3(config-router)# network 2.0.0.0 R3(config-router)# network 30.0.0.0 R3(config-router)# network 13.0.0.0 R3(config-router)# no auto-summary R3(config-router)#end R3# Ra(config)#router rip R4(config-router)# version 2 Ré(config-router)# network 3.0.0.0 Ré(config-router)# network 4.0.0.0 Ra (config-router)# network 40.0.0.0 Ra (config-router)# network 14.0.0.0 Ré(config-router)# no auto-summary Ra (config-router)#end Rag Ré#tsh ip route rip R_ 1.0.0.0/8 [120/1] via 4.4.4.2, 00:00:09, Serialt/1 R_2.0.0.0/8 [120/1] via 3.3.3.1, 00:00:09, Seriall/O R_ 20.0.0.0/8 [120/2] via 4.4.4.2, 9, Serial /1 [120/2] via 3.3.3.1, 00:00:09, Serial1/0 10.0.0.0/8 [120/1] via 4.4.4.2, 00:00:09, Seriall/1 11.0.0.0/24 is subnetted, 4 subnets 11.0.3.0 [120/1] via 4.4.4.2, 00:00:09. Seriall/1 11.0.2.0 [120/1] via 4.4.4.2, 00:00:09, Seriall/1 11.0.1.0 [120/1] via 4.4.4.2, 00:00:09, Serial¥/1 11.0.0.0 [120/1] via 4.4.4.2, 00:00:09, Seriali/1 12.0.0.0/24 is subnetted, 4 subnets 12.0.0.0 [120/2] via 4.4.4.2, 00:00:09, Seriali/1 1120/2] via 3.3.3.1, 00:00:09, Seriall/O R_ 12.0.1.0 [120/2] via 4.4.4.2, 00:00:09, Seriall/1 [120/2] via 3.3.3.1, 00:00:09, Seriall/O R_ 12,0.2.0 [120/2] via 4.4.4.2, 00:00:09. Seriall/1 1120/2] via 3.3.3.1, 00:00:09, Seriall/O R 12.0.3.0 [120/2] via 4.4.4.2, 00:00:09, Serial1/1 [120/2] via 3.3.3.1, 00:00:11, Serial1/O 13.0.0.0/24 is subnetted, 4 subnets R__13.0.1.0 [120/1] via 3.3.3.1, 00:00:11, Seriall/0 R —13.0.0.0 [120/1] via 3.3.3.1, 00:00:11, Serial1/0 R_—13.0.3.0 [120/1] via 3.3.3.1, 00:00:11, Serial1/O R R 7 PRRD z 13.0.2.0 [120/1] via 3.3.3.1, 00:00:12, Serial1/O 30.0.0.0/8 [120/1] via 3.3. , Seriall/ORI (RR CLIENT) Ri(config)#router bgp 500 RI(config-router)#neighbor 12.0.0.1 remote-as 500 RI(config-router)#neighbor 12.0.0.1 update-source loopback 0 Ri(config-router)#neighbor 14.0.0.1 remote-as 500 Ri(config-router) #neighbor 14.0.0.1 update-source loopback 0 Ri (config-router)#network 10.0.0.0 Ri(config-router)#no auto-summary Ri(config-router)#no synchronization Ri(config-router)#exit R3 (RR CLIENT) R3(config)#router bgp 500 R3 (config-router) #neighbor 12.0.0.1 remote-as 500 R3(config-router)#neighbor 12.0.0.1 update-source loopback 0 R3(config-router)#neighbor 14. R3(config-router) #neighbor 14. 1 remote-as 500 1 update-source loopback 0 R3(config-router)#network 30.0.0.0 R3 (config-router}#no auto-summary R3(config-router)#no synchronization R3(config-router)#exit R2 (RR SERVER) R2(config)#router bgp 500 R2(config-router)#neighbor 11.0.0.1 remote-as 500 R2(config-router)#neighbor 11.0.0.1 update-source loopback 0 R2(config-router) neighbor 11.0.0.1 route-reflector-client R2(config-router)#neighbor 13.0.0.1 remote-as 500 R2(config-router)#neighbor 13.0.0.1 update-source loopback O R2(config-router)#neighbor 13.0.0.1 route-reflector-client R2(config-router)#neighbor 14.0.0.1 remote-as 500 R2(config-router)#neighbor 14.0.0.1 update-source loopback 0 R2(config-router)#neighbor 14,0.0.1 route-reflector-client R2(config-router)#network 20.0.0.0 R2(config-router)#no auto-summary R2(config-router)#no synchronizationR2(config-router) exit 4 (RR server) R4(config)#router bgp 500 Ra (config-router)#neighbor 1.0.0.1 remote-as 500 Ra (config-router)#neighbor 11.0.0.1 update-source loopback 0 R2(config-router)#neighbor 11.0.0.1 route-reflector-client 1 remote-as 500 1 update-source loopback 0 1 route-reflector-client Ra (config-router)#neighbor 12. Ra (config-router)#neighbor 12. R2(config-router)#neighbor 12. 1 remote-as 500 1 update-source loopback 0 1 route-reflector-client R4(config-router)#neighbor 13. Ra (config-router)#neighbor 13. R2(config-router)#neighbor 13. R4(config-router)#network 40.0.0.0 R4(config-router)#no auto-summary R4(config-router)#no synchronization R4(config-router)#exit R2fsh ip bgp summary BGP router identifier 12.0.3.1, local AS number 500 BGP table version is 8, main routing table version 8 4 network entries using 468 bytes of memory 6 path entries using 312 bytes of memory 3/2 BGP path/bestpath attribute entries using 372 bytes of memory 2 BGP rrinfo entries using 48 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 1200 total bytes of memory BGP activity 4/0 prefixes, 6/0 paths, scan interval 60 secs Neighbor VAS MsgRevd MsgSentTbiVer InQ OutQ Up/Down State/PfxRed 1.0.0.1 4 500 5 8 8 0 OOOO:5S 1 3.0.01 4 500 7 10 8 0 0000134 1 1400.1 4 500 8 8 8 0 000:00:08 3 R4ifsh ip bgp summary BGP router identifier 14.0.3.1, local AS number 500 BGP table version is 8, main routing table version 8 4 network entries using 468 bytes of memory 6 path entries using 312 bytes of memory 3/2 BGP path/bestpath attribute entries using 372 bytes of memory2 BGP rrinfo entries using 48 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using O bytes of memory BGP using 1200 total bytes of memory BGP activity 4/0 prefixes, 7/1 paths, scan interval 60 secs Neighbor V_ AS MsgRevd MsgSent_ TbIVer InQ OutQ Up/Down State/PfxRed 1.0.01 4 500 5 8 8 0 00000:36 1 120.01 4500 8 8 8 0 000:00:29 3 13.0.01 4 500 5 8 8 0 000:00:54 1 Rifsh ip bgp summary BGP router identifier 11.0.3.1, local AS number 500 BGP table version is 8, main routing table version 8 4 network entries using 468 bytes of memory 7 path entries using 364 bytes of memory 3/2 BGP path/bestpath attribute entries using 372 bytes of memory 4 BGP rrinfo entries using 96 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 1300 total bytes of memory BGP activity 4/0 prefixes, 7/0 paths, scan interval 60 secs Neighbor V_ASMsgRevd MsgSent TbIVer InQ OutQ Up/Down State/PfxRed 12.001 4500 9 6 8 0 000:02:27 3 14.001 4500 8 5 8 0 000:00:47 3 Rifsh ip bgp BGP table version is 8, local router ID is 11.0.3.1 Status codes: s suppressed, d damped, h history, * valid, > best, i r RIB-failure, $ Stale Origin codes: i - IGP, e - EGP, ?- incomplete internal, Network Next Hop Metric LocPrf Weight Path *>10.0.0.0 0.0.0.0 0 327681 £120.0.0.0 —12.0.0.1 0 100 01 i 12.0.0.1 0 100 OF 1 130.0.0.0 13.0.0. 0 100 01 i 13.0.0.1 0 100 01 1140.0.0.0 — 14.0.0.1 0 100 01 i 14.0.0.1 0 100 OFEBGP Peering EBGP basic configuration NA, Ra(config)router bgp 500 Ra{config-router)# neighbor 1.1.1.1 remote-as 500 Ra{config-router)+ neighbor 2.2.2.2 remote-as 600 R2{config-router)+ network 20.0.0.0 Ri(config)#router bgp 500 Ra(config)srouter bgp 600 Ri(config-router)# neighbor 1.1.1.2 remote-as 500 Ra(config-router)# neighbor 2.2.2.1 remote-as 500 Ri(config-router)# network 10.0.0.0 Ra(config-router)# network 30.0.0.0Normal Routing - Next hop Behavior NA, Next-hop = Next Router 10.000 10009 190.00 10.000 A B & D E F G Next-hop - to Reach 10.0.0.0 BGP next hop behavior NEA. + When EBGP- EBGP neighbor (changes the next hop) 10.0.00 + When IBGP - IBGP neighbor (the next hop remains same) (unchanged) Erte aes 10.0.0.0 10.000 10.0.00 10.0.00 10.0.0.0 10000 © 10.000 A A A D D D G re aac To Reach -10.0.0.0 rid Next-hop = Next Router Next-hop = Next ASBGP next hop behavior NO; » BGP is an AS-by-AS routing protocol, not a router-by-router routing protocol. » In BGP, the next hop does not mean the next router; it means the IP address to reach the next AS. When EBGP - EBGP neighbor (changes the next hop) When IBGP - IBGP neighbor (the next hop remains same) (unchanged) BGP next hop behavior MOA. AS 300 40. AS 200 4192.10..0730, 1 N16 150.10.0.0/16 Network Ne Path 160.10.0.0/16 192.20.2.1 100 * Next hop to reach a network * Usually a local network is the next AS 100 ) hop in eBGP session 160.10.0.0/16BGP next hop behavior MPA. AS 300) AS 200 140.10.0.0/16 » 150.10.0.0/16 192.10..0/30 * Usually a local network is the next 8100» Hop in eBGP session \ 160.10.0.0/1 \ CaM * Next Hop updated between eBGP Peers BGP next hop behavior — example-1 NA, a 4 AS 300 AS 200 192.10.1.0/30 140.10.0.0/16 >, 150.10.0.0/16 4 . Q chang between iBGP peers AS 100 160.10.0.0/16 well-known, mandatory Attribute BGP is AS by AS routing Protocol Next hop # next router Next hop = IP to reach next ASBGP next hop behavior — example-2 172.20.0.0 172.20.10.1 172.20.10.2 » Router A advertises network 172.16.0.0 to router B in EBGP, with a next hop of 10.10.10.3. » Router B advertises 172.16.0.0 in IBGP to router C, keeping 10.10.10.3 as the next-hop address. Was 64520 BGP Next-hop Behavior -Verification Not change next-hop Ri#sh ip route bgp B_ 20.0.0.0/8 [200/0] via 1.1.1.2, 00:14:13 R1 do not install route in routing-table as the next-hop is not reachable Riash ip bgp Network Next Hop Metric LocPrf Weight Path *> 10.0.0.0 0 327681 0 100 of * 30.0.0. 0 100 06001Mi OA. Next-hop-self Ra(config)#router bgp 500 Ra(config-router)# neighbor 1.1.1.1 next-ho} i Riash ip bgp Network Next Hop Metric LocPrf Weight Path %> 100.00 0.0.0.0 0 327681 .0.0. 0 10 «Of *>130.0.0.0 0 100 06001 Riash ip route bgp B_ 20.0.0.0/8 (200/0] via 1. B_30.0.0.0/8 [200/0] via 1LAB: Basic EBGP Configuration & Verify Next-hop Behavior Ri(config)#router bgp 500 Ri(config-router)# neighbor 1.1.1.2 remote-as 500 Ri(config-router)# network 10.0.0.0 Ri(config-router)# no auto-summary Ri(config-router)# no synchronization RI(config-router)# end R2(config)#router bgp 500 R2(config-router)# neighbor 1.1.1.1 remote-as 500 R2(config-router)# neighbor 2.2.2.2 remote-as 600 R2(config-router)# network 20.0.0.0 R2(config-router)# no auto-summat R2(config-router)# no synchronization R2(config-router)# end R3(config)#router bgp 600 R3(config-router)# neighbor 2.2.2.1 remote-as 500 R3(config-router)# network 30.0.0.0 R3(config-router)# no auto-summary R3(config-router)# no synchronization R3(config-router)# exit R2#sh ip bgp summary Neighbor —V_AS MsgRevd MsgSent TbIVer InQ OutQ Up/Down State/PfxRed Ill 4 500 14 «1710-0 -000:09:08 1 2.222 4600 13 15 10 00 ToT R2dsh ip bgp Network Next Hop Metric LocPrf Weight Path *>i10.0.0.0 LAAT 0 100 Oi *>20.0.0.0 0.0.0.0 0 327681 *> 30.0.0.0 2.2.2.2 0 0.600:R2fsh ip route bgp B_ 10.0.0.0/8 [200/0] via 1.1.1.1, 00:01:00 B_30.0.0.0/8 [20/0] via 2.2.2.2, 00:00:50 Rifsh ip bgp. Network Next Hop Metric LocPrf Weight Path *>10.0.0.0 0.0.0.0 0 327681 *>i20.0.0.0 1.1.1.2 0 100 0 Rlfsh ip route bgp B_ 20.0.0.0/8 [200/0] via 1.1.1.2, 00:1 213 30.0.0.0 Network not present in the routing table as the next-hop 2.2.2.2 (due to default next-hop behavior of BGP) is unreachable To fix this issue 1. either advertise the wan interfaces 2. change the next-hop address to next router address BGP next hop behavior ‘+ When EBGP sends an update to another EBGP neighbor hanges the next hop ‘+ When IBGP —sends an update to another IBGP neighbor the next hop remains same ( not change) To change this behavior manually you need to tell to change the next hop ( done on the border routers pointing to internal BGP neighbors ) Or ‘+ if using Route Reflector with the AS in that case on server configure next-hop-self p: Router (config-router)# neighbor {ip-address | peer-group-name} next-hop-self ing to all clients router bgp 65107 Reighbor 172.16,1.1 remote-as 65100 Reighbor 3.3.3.3 renoteras 65101 Reighbor 3.3.3.3 update-scurce LoopbackO| Reighbor 313.3.3 next-hop-oel? router eigrp 1 hetwork 10-0.0.0 AS 65101 AS 65100, 30.0,0.0 5 Next-hop = 192,160.2.2 0.0.0.0 30,0.0.0 [Mext-hop = 172.16.1.1] [Next-nop = 2.2.2.2 + Forces all updates for this neighbor to be advertised with this router as the next hop. + The IP address used for the next-hop-self option will be the same as the source IP address of the BGP packet. On R2 R2(config)#router bgp 500 Ra(config-router)# neighbor 1.1.1.1 next-hop-selfRifsh ip bgp. Network Next Hop Metric LocPrf Weight Path *>10.0.0.0 0.0.0.0 0 327681 *>i20.0.0.0_ 1.1.1.2 © 100 01 Riésh ip route bgp B__ 20.0.0.0/8 [200/0] via 1.1.1.2. 00:18:13BGP Attributes m, | OA. BGP Path-Selection Process - BGP Attributes BGP Attributes OA., » BGP chooses a route to a network based on the attributes of its path. » Four categories of attributes exist as follows: ° Well-known mandatory: ° Well-known discretionary: ° Optional transitive: ° Optional non-transitive:NA. Well-known mandatory: Must be recognized by all BGP routers, Present in all BGP updates, and passed ‘on to other BGP routers. AS path, origin, and next hop. ‘Well-known discretionary: Must be recognized by all BGP routers and passed on to other BGP routers but need not be present in an update local preference.Optional transitive: Might or might not be recognized by a BGP router but is passed on to other BGP routers. » If not recognized, it is marked as partial. » Aggregator, community. Optional non-transitive: B » If the BGP process does not recognize the ‘qusreR 10 20.2.2.0 AS 65222 65333 65444 attribute then it can ignore the update and not advertise the path to its peers Multi-Exit Discriminator (MED), originator ID. AS-Path Attribute NOA,, BGP - AS Path Advertisement Ce fo220 rae ast » AS Path is Well known, mandatory attribute » List of AS through which updates are coming.a, OA, 300, 400, i BGP As-path attribute 200 , 300, 400, i best 400,i Path with shortest AS path list is more desirable. 40.0.0.0_ BGP next hop - Attribute NPA, > well-known, mandatory Attribute. > BGP is AS by AS routing Protocol » Next hop # next router » Next hop = IP to reach next ASBGP next hop behavior NEA. ‘+ When EBGP- EBGP neighbor (changes the next hop) 10.0.0.0 ‘+ When IBGP - IBGP neighbor (the next hop remains same) (unchanged) hange teers D D G [re eed ce uc To Reach -10.0.0.0 Next-hop = Next Router Next-hop = Next AS Mf OA, BGP Next-hop Behavior -Verification Not change next-hop Ri#sh ip route bgp B_ 20.0.0.0/8 [200/0] via 1.1.1.2, 00: Ri do not install route in routing-table as the next-hop is not reachable Riash ip bgp Network ‘Next Hop Metric LocPrf Weight Path *> 10.0.0.0 0 327681 *5120.0.0.0 0 100 of 0 100 060iMi OA. Next-hop-self Ra(config)#router bgp 500 Ra(config-router)# neighbor 1.1.1.1 next-ho} i Riash ip bgp Network Next Hop Metric LocPrf Weight Path *> 10.0.0.0 0 327681 *>120.0.0.0 0 100 «Of *>130.0.0.0 0 100 06001 Riash ip route bgp B_ 20.0.0.0/8 {200/0] via 1.1.1.2, 00:18:13 B_— 30.0.0.0/8 [200/0] via 1.1.1.2, 00:00:20 Origin Attribute NEA, » How network got introduced into BGP. advertised in BGP using network command IcP (i) ° EGP(e) Redistributed from EGP. © Incomplete (7) Redistributed in to BGP from IGP or static » “I” is better then “E” and “e” is better then “2” (1>E>7?)# Show ip bgp NA, RouterA# show ip bop BGP table version is 14, local router ID is 172.31.11.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, $ Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 10.1.0.0/24 0.0.0.0 ° 32768 i aa 10.1.0.2 0 100 o4 *> 10.1.1.0/24 0.0.0.0 ° 32768 i #>410.1.2.0/24 10.1.0.2 0 100 oa +> 10.97.97.0/24 172.31.1.3 0 64998 64997 i . 172.31.11.4 0 64999 64997 i. +a 172.31.11.4 0 1900 0 64999 64997 i *> 10.254.0.0/24 —172.31.1.3 ° 0 6ag98 + + 172.31.11.4 0 64999 6agsB i +a 172.31.1.3 0 1900 0 64998 3 > 172.31.1.0/24 — 172.31.1.3 ° 0 64998 > 5 172.31.11.4 0 64999 6agsB ra 172.31.1.3 0 1900 0 64998 > > 172.31,2.0/24 —172.31.1.3 ° 0 64998 2

BGP Weight Attribute Weight Attribute » Weight is Cisco's attribute. » Tells how to exit the AS » Path with the highest weight is more desirable ORK ONCINE ACADEMY Weight Attribute NA, » Default weight © 0 =learned routes © 32,768 = for locally injected routes » Local to the router ( not advertise to the other routers in the AS )Verifying Weight attribute Retash ip bgp Network Next Hop Metric LocPrf Weight Path + 20000 4441 0 7006001 . waz ° Rush Ip route bgp B_ 2.0..0/8 [20/0] via 1.1.1.2, 00:12: 40.0.0.0/8 [20/0] via 4.44.1, 00:10:28 30.0.0.0/8 [20/0] via 1.1.1.2, 00:10:58, R1 = change best Route via R4 Ri(confightrouter bgp 500 Ri(config-router)# neighbor 4.4.4.1 weight 40000 Ri(config-router)wend Ristraceroute 20.1.1.1 Type escape sequence to abort. Tracing the route to 20.1.1.1 14.4.4.1 196 msec 252 msec 36 msec 23.33.1 [AS 700] 116 msec 112 msec 64 msec 32.2.2. [AS 600] 368 msec * 216 msec Retash ip bgp *> 20.0.0.0 4AAT 40000 700 6001 . qaa2 ° 0 600kClearing the BGP Session NA, » Whenever there is an administrative change in routing policy, the BGP session must be reset before the new policy can take effect. » You must trigger an update to ensure that the policy is immediately applied to all affected prefixes and paths. » Ways to trigger an update: + Hard reset ( Clear ip bgp *) + Soft reset ( Clear ip bgp * soft in/out) » By default BGP applies weight to all the routes receiving from the specific neighbor to which it was configured. » To apply to specific routes we need to use the route-maps. Retish ip bgp Network Next Hop Metric LocPrf Weight Path 1000 444d 40000 700 600 i r 142 ° 0 600i 2000 4441 40000 700 600 i . az ° 0 6001 *> 3.000 © 40000 7001 . 0 600i > 4.0.00 © 40000 7001 r © 6007001 +> 20.000 40000 700 600 i . ° 0 600i *> 30.000 40000 700 600i . 0 600i * 40.000 © 40000 7001 ° 600 700 1WEIGHT using Route-maps NPA, + Remove weight applied in previous lab + Advertise 12xxx loopback on R2 in BGP Rash ip bgp Network Next Hop Metric LocPrf Weight Pat * 1200024 44.41 © 700 600 > ° 0 600i * 12.0.1.0/24 © 700 600i * ° 0 6001 * 12020724 © 7006001 i ° © 600i * 12030724 © 700.6001 » ° 0 600i by defaule R1 prefers via 1.1.1.2( R2) to reach the 12xxx Prefixes . 12.0.0.0 and 12.0.1.0 - exit R4 MW OA, v all Remaining - via R2 ( default) Ri(configh access-list 12 permit 12.0.0.00.0.0.255 Ri(config+ accesslist 12 permit 12.0.1.0 0.0.0.255 Ri(confight route-map WEIGHT permit 10 Riconfig-route-map)#_ match Ip address 12 Ri(config-route-map)* set weight 5000 Ri(config-route-map)e exit Ri(configh route-map WEIGHT permit 20 Ri(confightrouter bgp 500 Ri(config-router)#nelghbor 4.4.4.1 route-map WEIGHT inpero NPA, 2.0.0.0/8 [20/0] via 1.1.1.2, 00:00:20 NETWORK ONLINE ACADEMY 3.0.0.0/8 [20/0] via 1.1.1.2, 00:00:20 20.0.0.0/8 [20/0] via 1.1.1.2, 00: 40.0.0.0/8 [20/0] via 4.4.4.1, 00:00:20 12.0.0.0/24 Is subnetted, 4 subnets B_ 12.0.0. 20/0} via 4.4.6.1, 00:00:20, B_ 12.0.0 [20/0] via 4.4.4.1, 00:00:20 B_12.0.20 [20/0] via 1.1.1.2, 00:00:20 B B eae 12.03.0 [20/0] via 1.1.1.2, 00:00:20 30.0.0.0/8 [20/0] via 1.1.1.2, 0: Ridsh ip bgp Network Next Hop Metric LocPrf Weight Path 31200028 4441 5000 700.6001 . qa ° 0 600! 1201024 4441 5000 7006001 . aaa2 ° 0 6001 * 1202024 44.41 © 7006001 S aaa2z ° o 600 * 1203024 44.41 © 700 600iLAB: USING WEIGHT ATTRIBUTE TASK: * Configure basic IBGP and EBGP peering using direcly connected interfaces * Advertise all the Networks as per the Diagram ‘+ Make sure that the next-hop address should be the next router address Ri(config)#router bgp 500 Ri(config-router)# neighbor 1.1.1.2 remote-as 600 Ri(config-router)# neighbor 4.4.4.1 remote-as 700 Ri(config-router)# net 10.0.0.0 Ri(config-router)# net 1.0.0.0 Ri(config-router)# net 4.0.0.0 Ri(config-router)# no auto-summary Ri(config-router)# no syne Ri(config-router)# exit R2(config)#router bep 600 R2(config-router)# neighbor 1.1.1.1 remote-as 500 R2(config-router)# neighbor 2.2.2.2 remote-as 600 R2(config-router)# network 20.0.0.0 R2(config-router)# network 2.0.0.0 R2(config-router)# network 1.0.0.0 R2(config-router)# no auto-summary R2(config-router)# no syne 3 (config)#router bgp 600R3(config-router)#neighbor 2.2.2.1 remote-as 600 R3(config-router)#neighbor 3.3.3.2 remote-as 700 R3(config-router)#network 30.0.0.0 R3(config-router) #network 3.0.0.0 R3(config-router) fnetwork 2.0.0.0 R3(config-router)#no auto-summary R3(config-router)#no synchronization R3(config-router)#end R4(config)#router bgp 700 Ra(config-router)# Ré(config-router)# Ra(config-router)# Ré(config-router)# Ra(config-router)# R&(config-router)# neighbor 4.4.4.2 remote-as 500 neighbor 3.3.3.1 remote-as 600 network 40.0.0.0 network 4.0.0.0 network 3.0.0.0 no auto-summary R4(config-router)#no sync Ré(config-router) #exit R2#sh ip bgp summary Neighbor V_AS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed 11.1 4 500 17 17 10 0 OOOHOI2 4 2.222 4 600 17 I 10 0 0000932 5 Réifsh ip bgp summary Neighbor V_AS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed 333.1 4600 7 8 9 O 000:00:21 7 4442 4500 8 8 9 0 000:00:48 7 Ré#tsh ip bgp BGP table version is 9, local router ID is 14.0.3.1 Status codes: s suppressed, d damped. h history, * valid, > best, i RIB-failure, $ Stale Origin codes: i - IGP, e - EGP. ? - incomplete internal, Network Next Hop Metric LocPrf Weight Path * 1.0.0.0 3.3.31 06001 *> 444.2 0 0500: *> 2.0.0.0 3331 ° 0600 * 44.4.2 0.500 600i * 3.0.0.0 44.4.2 0500 600i * 3.3.3.1 0600: *> 0.0.0.0 Oo 327681 *> 4.0.0.0 0.0.0.0 0 327681 * 44.4.2 0 05001 * 10.0.0.0 3.3.3.1 0.600 500i a> 444.2 ° 05001 *> 20.0.0.0 3.3.3.1 0 600i * 4.4.4.2 0.500 6001 * 30.0.0.0 4.4.4.2 0500 600i a> 33.3.1 ° 06001 *> 40.0.0.0 0.0.0.0 0 327681 RaiR3#sh ip bgp BGP table version is 10, local router ID is 13.0.3.1 Status codes: s suppressed, d damped, h history, * valid, > best failure, S Stale = IGP, e- EGP, ? - incomplete internal, Metric LocPrf Weight Path 0.700 500i 0 100 Oi 0 100 Oi 0 327681 0 07001 0 327681 0 0700 0 100 0500: * 10.0.0.0 0 700 500i si ALT 1000 5003 *>i20.0.0.0 2.2.2.1 0 100 Oi *> 30.0.0.0 0.0.0.0 0 32768: *> 40.0.0.0 3.3.3.2 0 07001 R3#sh ip route bep B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:23:23 B 4.0.0.0/8 [20/0] via 3.3.3.2, 00:23:10 B_ 20.0.0.0/8 [200/0] via 2.2.2.1, 00:23:23 B 40.0.0.0/8 [20/0] via 3.3.3.2, 00:23:10 B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:01:43 R2#sh ip bgp BGP table version is 9, local router ID is 12.0.3.1 Status codes: s suppressed, d damped, h history, * valid, > best, i RIB-failure, $ Stale Origin codes: i - IGP, e - EGP. ? - incomplete internal, Network Next Hop Metric LocPrf Weight Path * 1.0.0.0 1d ° 0.5001 *> 0.0.0.0 0 327681 * 2.0.0.0 2.2.2.2 0 100 Oi 0.0.0.0 O 327681 Mad 0.500 700i 2.2.2.2 0 100 Oi 3.3.3.2 0 100 0700: ata 0 0.500; *>10.0.0.0 9 LLL ° 05001 *> 20.0.0.0 0.0.0.0 0 327681 *>130.0.0.0 2.2.2.2 0 100 01 * 40.0.0.0 11.1.1 0.500 700i R2#sh ip route bgp B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:22:13 B 4.0.0.0/8 [20/0] via 1.1.1.1, 00:23:11B 40.0.0.0/8 [200/0] via 3.3.3.2, 00:00:18 B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:23:11 B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:22:13 ‘To Change The Next Hop Behavior Of The BGP R2(config)#router bgp 600 R2(config-router) #neighbor 2.2.2.2 next-hop-self R3(config)#router bgp 600 R3(config-router) #neighbor 2.2.2.1 next-hop-self R3#sh ip bgp BGP table version is 11, local router ID is 13. 1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, $ Stale Origin codes: i - IGP, e - EGP. ? - incomplete Network —_ Next Hop Metric LocPrf Weight Path * 100.0 3.3.3.2 0 700 500i *>I 2.2.2.1 0 100 0% 2.0.0.0 2.2.2.1 0 100 Oi * 0.0.0.0 0 327681 * 3.0.0.0 3.3.3.2 ° 07001 *> 0.0.0.0 0 327681 *> 4.00.0 3.3.3.2 0 07001 bf] 2.2.21 0 100 0500: * 10.0.0.0 3.3.3.2 0700 500i spi 2.221 0 1000500: *>i20.0.0.0 2.2.2.1 0 100 Oi *> 30.0.0.0 0.0.0.0 0 32768: *> 40.0.0.0 3.3.3.2 ° 07001 R3#tsh ip route bgp B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:27:35 B 4.0.0.0/8 [20/0] via 3.3.3.2, 00:27:22 B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:27:35 B 40.0.0.0/8 [20/0] via 3.3.3.2, 00:27:22 B 10.0.0.0/8 [200/0] via 2.2.2.1, 00:01:56 R3# R2#sh ip bgp BGP table version is 10, local router ID is 12.0.3.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, F RIB-failure, $ Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path #1000 lL ° 05001 *> 0.0.0.0 0 (327681 * 2.0.0.0 2.2.2.2 0 100 Oia> 0.0.0.0 0 327681 *5i3.0.0.0 2.2.2.2 0 100 oi *14.0.0.0 2.2.2.2 0 100 0700: *> wld ° 0500: *>10.0.0.0 9 Lad ° 0.500; *520.0.0.0 0.0.0.0 0 32768: 0 100 Oi 0 500 700 i sri 2.222 0 100 07001 R2#sh ip route bgp B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:27:48 4.0.0.0/8 [20/0] via 1.1.1.1, 00:28:46 40.0.0.0/8 [200/0] via 2.2.2.2, 00: 10.0.0.0/8 [20/0] via 1.1 s 30.0.0.0/8 [200/0] via 2.2.2.2, 00:27:48 Configure R1 to prefer exit path via R4 to reach all the Networks. By default RI prefer via R2 (1.1.1.2) to reach 20.0.0.0/30.0.0.0 network as it has less number of AS path. Relish ip bgp Network Metric LocPrf Weight Path * 10.0.0 0 0 600i ° 32768 i 0) 700 600i ° 0 600i o 0 700i a 0.0. ! 0 700i 0 327681 32768 i * 30.0.0.0 4.4.4.1 0.700 600i i * 40.0.0.0 . 0.600 700i aaa O00) Rlésh ip route bgp B 2.0.0.0/8 [20/0] via 1. B__3.0.0.0/8 [20/0] via 1.11. B 20.00.08 [20/0 via 11.1.2, 00:12:00 B 40.0.0.0/8 [20/0] via 4.4.4.1, 00:10: B 30.0.0.0/8 [20/0] via 1.1.1.2, 00:10:58 Ri#ping 20.1.1.1 ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 20.1.1.1, timeout is 2 seconds:Success rate is 100 percent (5/5), round-trip min/avg/max = 4/99/216 ms Riftraceroute 20.1.1.1 Type escape sequence to abort. Tracing the route to 20.1.1.1 TAD 264 mice ™ 92 msec To change the default preferred route (via R2) to via R4 (4.4.4.1) we need to apply higher weight to R4 Ri(config)#router bgp 500 Ri(config-router)# neighbor 4.4.4.1 weight 40000 Ri(config-router)#end Ri#clear ip bgp * soft to update the changes. Rifsh ip bgp 20.0.0.0 BGP routing table entry for 20.0.0.0/8. version 28 Paths: (2 available, best #1, table Default-IP-Routing-Table) Flag: 0x820 Advertised to update-groups: i 700 600 4.4.4.1 from 4.4.4.1 (14.0.3.1) Origin IGP, localpref 100, weight 40000)WValid, external, best 600 1.1.1.2 from 11.1.2 (12.0.3.1) (Origin IGP, metric 0, localpref 100. valid, external Rie Relish ip bgp Network Next Hop Metric LocPrf Weight Path 444) 40000 700 600i 14.2 ° 0.600 "52.000 4.4.4.1 0000 700 600i * 141.2 ° 0600 *53.00.0 | 4.4.4.1 0 400001700; * 14.2 0.6001 4.4.4.1 0 — (40G00!700 14.1.2 0.600 700i *>30.0.0.0 4.4.4.1 40000 700 600 * 111.2 0600; *> 40.0.0.0 4.4.4.1 0 40000 7001 * 11.2 0.600 700i Rifsh ip route bgp B 2.0.0.0/8 [20/0] via 4.4.4.1, 00:00:47 B 3.0.0.0/8 [20/0] via 4.4.4.1, 00:00:47 B 20.0.0.0/8 [20/0] via 4.4.4.1, 00:00:4700:00:47 10:00:47 Riftraceroute 20.1.1.1 Type escape sequence to abort. Tracing the route to 20.1.1.1 TAAAL 196 msec 252 msec 36 msec 2 3.3.3.1 [AS 700] 116 msec 12 msec 64 msec 11 [AS 600] 368 msec * 216 msec Note: © By default BGP applies weight to all the routes receiving from the specific neighbor to which it was configured. * To apply to specific routes we need to use the route-maps ( check next lab) Example: show ip bgp rib-failure Command Rifsh ip bgp rib-failure Network, Next Hop RiB-failure | RIB-NH Matches 1.0.0.0 4.4.4.1 Higher admin n/a 4.0.0.0 4441 Higher admin distance n/ + Displays networks that are hot installed in the RIB and the reason that they were not installedLAB _: WEIGHT ATTRIBUTE using Route-maps °\\R2 loopbacks 0.1/24 12.0%,1/24 12.0.2. 12.0.8.1/24, s TASK: * Continue from the previous lab. and remove the last task configs © Advertise the 12.0.0.0 of R2 loopbacks in bgp with exact mask Ri(config)#router bgp 500 Ri(config-router)#no neighbor 4. 1 weight 40000 Ri(config-router)#do clear ip bgp * soft R2(config)#router bgp 600 R2(config-router)# network 12.0.0.0 mask 255.255.255.0 R2(config-router)# network 12.0.1.0 mask 255.255.255.0 R2(config-router)# network 12.0.2.0 mask 255.255.255.0 R2(config-router)# network 12.0.3.0 mask 255.255.255.0 R2(config-router)# end Ri#sh ip bgp BGP table version is 17, local router ID is 11.0.3.1 Status codes: s suppressed, d damped, h history, F RIB-failure, S Stale codes: i - IGP, e - EGP. valid, > best, i - internal, incomplete Network Next Hop Metric LocPrf Weight Path*> 1.0.0.0 327681 * 44. 0 700 600i * 0.6001 * 2.0.0.0 444.1 0 700 600i *> 111.2 06001 * 3.0.0.0 444.1 0700i *> 14.1.2 0600 *> 4.0.0.0 0.0.0.0 327681 * 44, 07001 *> 10.0.0.0 32768 i *> 111.2 0600: * 20.0.0.0 4.4.4.1 0700 600i *> 1.4.1.2 0.600 * 30.0.0.0 4.4.4.1 0700 600i *> 114.2 *>40.0.0.0 4.4.4.1 * 1A. Here by default RI prefers via 1.1.1.2 (R2) to reach the 12.x.x.x Prefixes . Rifsh ip route bgp B 2.0.0.0/8 [20/0] via 1.1 B 3.0.0.0/8 [20/0] via 1.1. B B 20.0.0.0/8 [20/0] via 1. 40.0.0.0/8 [20/0] via 4.4.4.1, OF 12.0.0.0/24 is subnetted. 4 subnets B 30.0.0.0/8 [20/0] via 1.1.1.2, 00:11:15, TASK: © Make sure that only 12.0.0.0 and 12.0.1.0_ both networks should prefer via R4 where as the remaining should use the default route via R2 : R(config)#access-list 12 permit 12.0.0.0 0.0.0.255 Ri(config)# access-list 12 permit 12.0.1.0 0.0.0.255 Ri(config)# route-map WEIGHT permit 10 Ri(config-route-map)# match ip address 12 Ri(config-route-map)# set weight 5000 Ri(config-route-map)# exit Ri(config)# route-map WEIGHT permit 20 Ri(config-route-map)#endRi(config)#router bgp 500 Ri(config-router)#neighbor 4.4.4.1 route-map ? WORD Name of route map Ri(config-router) #neighbor 4.4.4.1 route-map WEIGHT? in Apply map to incoming routes out Apply map to outbound routes Ri(config-router)#neighbor 4.4.4.1 route-map WEIGHT in Ri(config-router)#end Rifclear ip bgp * ‘The WEIGHT attribute is local to the router and does not get exchanged between routers: therefore it is only effective on inbound route maps nr Bound ‘© updetes received from that specific. + routes advertised f0 thet specific Neighbor Neighbor ‘+ Changes the local Router Path selection» outbound Route-maps Influence some process ‘other Routers Decision “+ influence oulbound Trafic + influence inbound Trafic + Weight. Local Preference MED. As path prepend Rifsh ip bgp BGP table version is 16, local router ID is 11.0.3.1 Status codes: s suppressed, d damped, h history, * valid, > best failure, S Stale = IGP, e- EGP, ? - incomplete Next Hop Metric LocPrf Weight Path 4.4.4.1 0 700 600 i 0.0.0.0 0 327681 : 14.2 ° 0.600% * 2000 44.41 0700 600 i *> 112 ° 0.6001 * 3000 44.41 0 0 700i > 112 0.600 * 4000 44.41 0 0 700i *> 0.0.0.0 0 327681 *> 100.00 0. 0 327681* 12.0.2.0/24 0700 600i *> i ° 0600: * 12.0.3.0/24 0.700 600i 1.4.1.2 ° 0600: * 20.0.0.0 4.4.4.1 0700 600i *> 1.4.1.2 0 0600 * 30.0.0.0 4.4.4.1 0700 600i *> 1.4.1.2 0600 *> 40.0.0.0 4.4.4.1 ° 07001 * 11.2 0.600 700i Rlf’sh ip bgp 12.0.0.0 BGP routing table entry for 12.0.0.0/24, version 48 Paths: (2 available, best #2. table Default-IP-Routing-Table) Flag: 0x820 Advertised to update-groups: 1 600 UL1.2 from 1.1.2 (12.0.3.1) Origin IGP, metric 0, localpref 100, valid, external 700 600 4.4.4.1 from 4.4.4.1 (14.0.3.1) Origin IGP, localpref 100, weight 5000, valid, external, best Rlfsh ip bgp 12.0.1.0 BGP routing table entry for 12.0.1.0/24, version 47 Paths: (2 available, best #1, table Default-IP-Routing-Table) Advertised to update-groups: 1 700 600 4.4.4.1 from 4.4.4.1 (14.0.3.1) Origin IGP, localpref 100. weight 5000. valid. external, best 600 11.1.2 from 1.1.1.2 (12.0.3.1) Origin IGP, metric 0, localpref 100, valid, external Rldsh ip bgp 12.0.2.0 BGP routing table entry for 12.0.2.0/24, version 44 Paths: (2 available, best #2, table Default-IP-Routing-Table) Advertised to update-groups: 2 700 600 4.4.4.1 from 4.4.4.1 (14,0.3.1) Origin IGP, localpref 100, valid, external 600 1.1.1.2 from 1.1.1.2 (12.0.3.1) Origin IGP, metric 0, localpref 100, valid, external, best Ri#sh ip bgp 20.1.1.1BGP routing table entry for 20.0.0.0/8, version 39 Paths: (2 available, best #2, table Default-IP-Routing-Table) Advertised to update-groups: 2 700 600 4.4.4.1 from 4.4.4.1 (14.0.3.1) Origin IGP, localpref 100, valid, external 600 11.1.2 from 1.1.1.2 (12.0.3.1) in IGP, metric 0, localpref 100, valid, external, best Rifsh ip route bgp B 2.0.0.0/8 [20/0] via 1.1.1.2, 00: 8B 3.0.0.0/8 [20/0] via 1.1.1.2, 00: B 20.0.0.0/8 [20/0] via 1.1.1.2, 00:00:20 B 40.0.0.0/8 [20/0] via 4.4.4.1, 00:00:20 12.0.0.0/24 is subnetted. 4 subnets B_ 12.0.2.0 [20/0] via 1.1.1.2, 00:00:20 B__ 12.0.3.0 [20/0] via 1.1.1.2, 00:00:20 B 30.0.0.0/8 [20/0] via 1.1.1.2, 00:00:20 Riftraceroute 12.0.0.1 Type escape sequence to abort. Tracing the route to 12.0.0.1 68 msec 40 msec 156 msec 2 3.3.3.1 [AS 600] 120 msec 24 msec 8 msec 3 2.2.2.1 [AS 600] 72 msec * 116 msec Riftraceroute 12.0.1.1 ‘Type escape sequence to abort. Tracing the route to 12.0.1.1 WAAR TAA nee 80 msec 28 msec 2 3.3.3.1 [AS 600] 20 msec 52 msec 36 msec 3 -2.2.2.1 [AS 600] 24 msec * 152 msec Riftraceroute 12.0.2.1 Type escape sequence to abort. 1 Tracing the route to 12.0.2.1 uaa "144 sec Ri#traceroute 12.0.3.1 Type escape sequence to abort. 1 Tracing the route to 12.0.3.1 TaD "144 secBGP Local preference Local preference XA, » Tells how to exit the AS » Path with highest preference value is more desirable. » Default value is 100 B, 6 2A, oe er Caco Dore) Local preference is well known, discretionary attribute. Itis advertised only to IBGP neighbor within an ASVerifying Local preference NPA, All the routers in the as 600 - Prefer via R2 /R1/R4 R2ssh ip bgp Network Next Hop Metric LocPrf Weight Path * 40000 14.1.1 0 500 7001 i Aas R3ésh ip bgp Network. Next Hop — Metric LocPrf Weight Path *> 40.0.0.0 333.2 0 0 7001 ficou cn NA, R(config-router)#bgp default local-preference 400 om OLE CY eee [BGP routing table entry for 40.00.08, version 37 Paths: 2 avallable, best +1, table Default-1P-Routing-Table) Flag: 0x820 ‘Advertised to update-groups: 2 500 700 222.1 from 22.21 (1203.1) Origin IGP, metric o, localpref 400, vad, internal, best 700 3332 from 33.3.2(1403.1) ‘Origin IGP, metric 0, localpref 109, valid, external Ratsh ip bgp 40.009 BGP routing table entry for 40.000, version 35 Paths: (1 avallable, best, table Default-IP-Routing-Table) Flag: oxs20 ‘Advertised to update-groups: 2 +500 700 1.4.14 from 1.1.14 (11.031) ‘Origin IGP, localpref 400, valid, external, best.R3ash Ip bep NOA., Network ‘Next Hop Metric LocPrf Weight Path *>11.0.0.0 2224 0 400 «OF . 3332 0 700 5001 » By default BGP applies local ooo 2221 © 400 ot preference to all the routes > 20.00 0 327681 receiving from the specific tooo 2224 © 400 05007001 Peto . 3.3.3.2 0 07001 a cna) ‘a » To apply to specific routes poco P gat ~go 200! we need to use the route- = o 07001 sho000 © 400 05001 me . 0 700 5001 *5112.0.0.0/24 0 400 of *5112.0.1.0/24 0 400 oi *5112.0.2.0/24 0 400 of "32030242221 © 400 01 *i20000 22.21 0 400 ol *> 30.0.0.0 0.0.0.0 o 32768 i *>140.0.0.0 2.221 0 400 05007001 . 3.3.3.2 0 07001 14.0.0.0 and 14.0.1.0 - exit R2 NOA NeTWOM ONE Acai all Remaining — via R3 ( default) Ra{confightaccess-list 14 permit 14.0.0.0 0.0.0.255 Ra{confightaccess-list 14 permit 14.0.1. 0.0.0.255 Ra(config# route-map LOCAL permit 10 R2(config-route-map)#_ match ip add 14 » R2(config-route-map)# set local-preference 2000 Ra(config-route-map)# exit R2(config route-map LOCAL permit 20 Ra(config-route-map)# exit Ra(config# router bgp 600 Ra(config-router}# neighbor 1.7.1.1 route-map LOCAL in= MOA. Network Next Hop Metric LocPrf Weight Path 000% 13a 2000 05007001 . Soro 3a 2000 0.500 7001 : * 14.0.20/24 1.1.1.1 0.500 7001 i 22.2.2 0 100 07001 * 14.03.0/24 1.1.1.1 0 500 700 1 2222 0 100 R3ash Ip bep Network Next Hop Metric LocPrf Weight Path 514000728 ©2221 0 2000 0 5007001 . 3332 ° 0 7001 *>i4.0.1.0724 2221 0 2000 0 5007001, . 3.332 ° 0 7001 1402024 3332 ° 0 7001 1403024 3332 ° 0 701 UNE cera © Apply for routes received from ¢ Apply to routes advertised to neighbor that specific Neighbor © Influence the local Router Path outbound Route-maps influence selection process. some other Routers Decision © How traffic should exit ¢ How traffic should enter © Weight , Local Preference + MED, As-path prependLAB: USING LOCAL PREFERENCE Continue the same previous lab just remove the last step of configurations applied so that it uses the default path selection process without any attributes applied Ri(config-router)#NO neighbor 4. RI(config-router)#do clear ip bgp * 1 route-map WEIGHT in OR + IF you start this Lab without any BGP configuration then configure basic IBGP and EBGP as per the diagram * Verify neighbors and Ensure that it uses the default path selection without any attributes applied * Ensure that you change the next hop to next Router Ri(config)#router bgp 500 Ri(config-router)# neighbor 1.1.1.2 remote-as 600 Ri(config-router)# neighbor 4.4.4.1 remote-as 700 Ri(config-router)# net 10.0.0.0 Ri(config-router)# net 1.0.0.0 Ri(config-router)# net 4.0.0.0 RI(config-router)# no auto-summary Ri(config-router)# no syne Ri(config-router)# exit R2(config)#router bep 600 R2(config-router)# neighbor 1.1.1.1 remote-as 500 R2(config-router)# neighbor 2.2.2.2 remote-as 600 R2(config-router)# network 20.0.0.0 R2(config-router)# network 2.0.0.0R2(config-router)# network 1.0.0.0 R2(config-router)# network 12.0.0.0 mask 255.255.255.0 Ra(config-router)# network 12.0.1.0 mask 255.255.255.0 R2(config-router)# network 12.0.2.0 mask 255.255.255.0 R2(config-router)# network 12.0.3.0 mask 255.255.255.0 R2(config-router)# no auto-summary R2(config-router)# no syne 3 (config)#router bgp 600 R3(config-router)#neighbor 2.2.2.1 remote-as 600 R3(config-router)#neighbor 3.3.3.2 remote-as 700 R3(config-router)#network 30.0.0.0 R3(config-router)#network 3.0.0.0 R3(config-router) #network 2.0.0.0 R3(config-router)#no auto-summary R3(config-router)#no synchronization R3(config-router)#end R4(config)#router bgp 700 Ré(config-router)# neighbor 4.4.4.2 remote-as 500 R4(config-router)# neighbor 3.3.3.1 remote-as 600 Ré(config-router)# network 40.0.0.0 Ré(config-router)# network 4.0.0.0 Ré(config-router)# network 3.0.0.0 Ré(config-router)# no auto-summary Ré(config-router)#no sync Ra (config-router) exit R2#sh ip bgp summary Neighbor V_AS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed Ll 4 500 17 17 10.0 OOOHO12, 4 22.22 4 600 17 17 10 0 0000932 5 Ré#sh ip bgp summary Neighbor VAS MsgRevd MsgSent TbiVer InQ OutQ Up/Down State/PfxRed 333.1 4600 7 8 9 0 000:00:21 7 4442 4500 8 8 9 0 000:00:48 7 To Change The Next Hop Behavior Of The BGP R2(config)#router bgp 600 R2(config-router)#neighbor 2.2.2.2 next-hop-self R3(config)#router bgp 600 3 (config-router) #neighbor 2.2.2.1 next-hop-self TASK: + Allthe routes going from AS 600 to reach as -700 ( 40.0.0.0) by default prefers out via R3 * Make sure that R2 and R3 (all the routers in the as 600 should prefer use path via R2 /RI/R4 using local preference.) R2fsh ip bgp BGP table version is 32, local router ID is 12.0.3.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,F RIB-failure, $ Stale Origin codes: i - IGP, e - EGP. ? - incomplete Network Next Hop Metric LocPrf Weight Path * 1.0.0.0 11d ° 0500: *> 0.0.0.0 0 327681 *12.0.0.0 2.2.2.2 0 100 Oi *> 0.0.0.0 0 327681 *>13.0.0.0 2.2.2.2 0 100 OF *> 4.0.0.0 Wd 0 0500: ai 2.2.2.2 © 100 07001 *>10.0.0.0 9 LLL ° 0500i *> 12.0.0.0/24 0.0.0.0 0 327681 *> 12.0.1.0/24 0.0.0.0 0 327681 *> 12.0.2.0/24 0.0.0.0 0 327681 *> 12.0.3.0/24 0.0.0.0 0 327681 *>20.0.0.0 0.0.0.0 0 327681 *>i30.0.0.0 2.2.2.2 0 100 01 R3#sh ip bgp BGP table version is 25, local router ID is 13.0.3.1 Status codes: s suppressed, d damped, h history, * valid, > best RIB-failure, S Stale (Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>i1.0.0.0 2.2.2.1 0 100 Oi * 2.0.0.0 2.2.2.1 0 100 0: 0.0.0.0 0 327681 * 3.0.0.0 3.3.3.2 0 070i 0.0.0.0 Oo 327681 * 4.0.0.0 Wd 0 100 05001 a> 3.3.3.2 0 0 700i * 10.0.0.0 3.3.3.2 (0700 500i >i Md 0 100 05001 *>i12.0.0.0/24 2.2.2.1 0 100 Oi *>i12.0.1.0/24 2.2.2.1 0 100 oF *>i12.0.2.0/24 2.2.2.1 0 100 Oi *>i12.0.3.0/24 2.2.2.1 0 100 Oi *>i20.0.0.0 2.2.2.1 0 100 Oi *>30.0.0.0 0.0.0.0 O 327681 R2#sh ip route bgp B 3.0.0.0/8 [200/0] via 2.2.2.2, 00: B__4.0.0.0/8 [20/0] via 1.1.1.1. 00: B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:00:21 B 30.0.0.0/8 [200/0] via 2.2.2.2, 00: R3#sh ip route bgp - internal,B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:00:45 B 4.0.0.0/8 [20/0] via 3.3.3.2, 00:01:19 B__20.0.0.0/8 [200/0] via 2.2.2.1, 00:00:45 ° 10.0.0.0/8 [200/0] via 2.2.2.1, 00:00:45 12.0.0.0/24 is subnetted, 4 subnets B__12.0.0.0 [200/0] via 2.2.2.1, 00:00:45 B 12.0.1.0 [200/0] via 2.2.2.1, 00:00:45 B B Ra#traceroute 40.1.1.1 Type escape sequence to abort. Tracing the route to 40.1.1.1 Bech msec * 60 msec R3Atraceroute 40.1.1.1 Type escape sequence to abort. Tracing the route to 40.1.1.1 PSUR msec * 168 msec In order to make sure that all the routers exit AS 600 via R2 we need to change the local-preference value of R2 higher than default R2(config)#router bgp 600 R2(config-router)#bgp default local-preference 400 R2(config-router)#do clear ip bgp * soft R2#sh ip bgp BGP table version is 17, local router ID is 12.0.3.1 Status codes: s suppressed, d damped. h history, * valid, > best, i F RIB-failure, $ Stale Origin codes: i - IGP, e - EGP. ? - incomplete internal, Network Next Hep Metric LocPrf Weight Path 0.0.0.0 0327681 52000 “Go0o 0 sz768i 2.2.2.2 0 100 Oi *>3.000 LT = 0 5007003 2.2.2.2 0 100 Oi *> 4.0.0.0 Ld ° 05001 *>10.0.0.0 9 11d ° 0.500 *> 12.0.0.0/24 0.0.0.0 0 327681 *> 12.0.1.0/24 0.0.0.0 0 32768% *> 12.0.2.0/24 0.0.0.0 Oo 327681 *> 12.0.3.0/24 0.0.0.0 0 327681 *520.0.0.0 0.0.0.0 2 giatee *(30.0.0.0 2.2.2.2 100 SYeo00 tint 95007001 R2fsh ip bgp 40.0.0.0BGP routing table entry for 40.0.0.0/8, version 35 Paths: (I available, best #1, table Default-IP-Routing-Table) Flag: 0x820 Advertised to update-groups: 2 500 700 VALLI from L111 (11.0.3.1) Origin IGP, localpref 400, valid, external, best R3#sh ip bgp 40.0.0.0 BGP routing table entry for 40.0.0.0/8, version 37 Paths: (2 available, best #1, table Default-IP-Routing-Table) Flag: 0x820 Advertised to update-groups: 2 500 700 2.2.2.1 from 2.2.2.1 (12.0.3.1) Origin IGP, metric 0, [6ealpref400) valid, internalfibest 700 3.3.3.2 from 3.3.3.2 (14.0.3.1) (Origin IGP, metric 0, localpref 100, valid, external R3#sh ip bgp BGP table version is 43, local router ID is 13.0.3.1 Status codes: s suppressed, d damped, h history, * valid, > best, i- internal, + RIB-failure, $ Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>i1.0.0.0 2.2.21 0 400 01 0 700 500i * 2.0.0.0 0 400 Oi Oo 327681 *13.0.0.0 © 400 0500700i * o 07001 > O 327681 *>14.0.0.0 0 400 05001 * 0 0 700i *>110.0.0.0 2.2.21 0 400 05001 * 3.3.3.2 0 700 500i *>i12.0.0.0/24 2.2.2.1 0 400 Oi *>i12.0.1.0/24 2.2.2.1 0 400 Oi *>i12.0.2.0/24 2.2.2.1 0 400 Oi *>i12.0.3.0/24 2.2.2.1 0 400 Oi *>i20.0.0.0 2.2.2.1 0 400 01 *> 30.0.0.0 0.0.0.0 0 327681 Network Next Hop Metric LocPrf Weight Path 3.3.3.2 07001 R2#sh ip route bgp B 3.0.0.0/8 [20/0] via 1.1.1.1, 00:01:34 B 4.0.0.0/8 [20/0] via 1B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:01:34 B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:01:35 R3#sh ip route bgp B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:02:11 B_ 4.0.0.0/8 [200/0] via 2.2.2.1, 00:02:15 B_ 20.0.0.0/8 [200/0] via 2.2.2.1, 00:02:11 2 10.0.0.0/8 [200/0] via 2.2.2.1, 00:02:15 12.0.0.0/24 is subnetted, 4 subnets 12.0.0.0 [200/0] via 2.2.2.1, 00:02:11 B B B B R3#traceroute 40.1.1.1 Type escape sequence to abort. Tracing the route to 40.1.1.1 116 msec 60 msec 64 msec msec 128 msec 156 msec 3 4.4.4.1 [AS 500] 180 msec * 104 msec R2#traceroute 40.1.1.1 Type escape sequence to abort. Tracing the route to 40.1.1.1 11.1.1.1 128 msec 84 msec 76 msec 2 4.4.4.1 [AS 500] 220 msec * 132 msecLAB: LOCAL PREFERENCE USING ROUTE-MAP Nano 3a 14.0.011/24 aso... 2. TASK: * Continue with the previous lab configurations * Only Remove the local preference value on R2 + Advertise the 14.0.0.0 of R4 loopbacks in bgp with exact mask R2(config)# router bgp 600 R2(config-router)# no bgp default local-preference 400 R2(config-router)# do clear ip bgp * R4(config)#router bgp 700 Ré(config-router)# network 14.0.0.0 mask 255.255.255.0 Ra(config-router)# network 14.0.1.0 mask 255.255.255.0 Ré(config-router)# network 14.0.2.0 mask 255.255.255.0 Ra(config-router)# network 14.0.3.0 mask 255.255.255.0 R4(config-router)#end R2#sh ip bgp Network Next Hop Metric LocPrf Weight Path *> 10.0.0 0.0.0.0 0 — 32768i * 1d o 05001 *> 2.0.0.0 0.0.0.0 0 327681 a 2.2.2.2 0 100 i * 3.0.0.0 L111 0500 700 i *>i 2.2.2.2 0 100 oF *> 4.0.0.0 1d 0 0500: ei 2.2.2.2 0 100 0700: *>10.0.0.0 L111 0 0.500; *> 12.0.0.0/24 0.0.0.0 0 327681 *> 12.0.1.0/24 0.0.0.0 0 327681*> 12.0.2.0/24 0.0.0.0 327681 *> 12.0.3.0/24 0.0.0.0 32768 i 20.0.0.0 0 327681 *>i30.0.0.0 2.2. 32 0 100 Oi * 400.00 1. 0.500 700 i >i 2.2.2.2 0 100 07001 R2#sh ip route bgp B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:04:38 B 4.0.0.0/8 [20/0] via 1.1.1.1, 00:04:38 : 40.0.0.0/8 [200/0] via 2.2.2.2, 00:04:38 10.0.0.0/8 [20/0] via 1.1.1.1, 00:04:38 14.0.0.0/24 is subnetted, 4 subnets 30.0.0.0/8 [200/0] via 2.2.2.2, 00:04:38 R3#sh ip bgp Network Next Hop Metric LocPrf Weight Path *>i1.0.0.0 2.2.2.1 0 100 Oi 4 3.3.3.2 0700 500 i * 2.0.0.0 2.2. 1 0 100 01 a> 0.0.0.0 0 © 327681 * 3.0.0.0 3.3.3.2 0 0 700i a> 0.0.0.0 0 327681 * 4.0.0.0 2.2.21 0 100 0500: a> 3.3.3.2 ° 07001 *>i10.0.0.0 2.2.2.1 © 100 0500: * 3.3.3.2 0 700 500i *>i12.0.0.0/24 2.2.2.1 0 100 01 *>i12.0.1.0/24 2.2.2.1 0 100 Oi *>i12.0.2.0/24 2.2.2.1 © 100 Oo: *>i12.0.3.0/24 2.2.2.1 0 100 oF *>i20.0.0.0 0 100 01 *> 30.0.0.0 0 327681 *> 40.0.0.0 ° 0 700i R3#sh ip route bgp B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:04:504.0.0.0/8 [20/0] via 3.3.3.2, 00:05:24 20.0.0.0/8 [200/0] via 2.2.2.1, 00:04:50 40.0.0.0/8 [20/0] via 3.3.3.2, 00:05:24 10.0.0.0/8 [200/0] via 2.2.2.1, 00:04:50 12.0.0.0/24 is subnetted, 4 subnets 12.0.0.0 [200/0] via 2.2.2.1, 00:04:50 12.0.1.0 [200/0] via 2.2.2.1, 00:04:50 12.0.2.0 [200/0] via 2.2.2.1, 00:04:50 12.0.3.0 [200/0] via 2.2.2.1, 00:04:50 14.0.0.0/24 is subnetted. 4 subnets wane Here by default both R2 and R3 exit the AS from R3 to reach al R4 14.x.x.x Prefixes. TASK: Configure AS 600 such that only routes ( 14.0.0.0 and 14.0.1.0) both networks prefer via R2 to exit the AS + All the remaining networks should use the default exit ( via R3) R2 R2(config)#access-list 14 permit 14.0.0,0 0.0.0.255 R2(config)# access-list 14 permit 14.0.1.0 0.0.0.255, R2(config)# route-map LOCAL permit 10 R2(config-route-map)# match ip add 14 Ra(config-route-map)# set local-preference 2000 R2(config-route-map)# exit R2(config)# route-map LOCAL permit 20 R2(config-route-map)# exit R2(config)# router bgp 600 R2(config-router)# neighbor 1.1.1.1 route-map LOCAL in R2(config-router)#end R2#clear ip bgp * soft R2#sh ip bgp BGP table version is 26, local router ID is 12.0.3.1 Status codes: s suppressed, d damped, h history, * valid, > best r RIB-failure, $ Stale Origin codes: i - IGP, e - EGP. ? - incomplete - internal, Network Next Hop Metric LocPrf Weight Path *> 1.0.0.0 0.0.0.0 0 327681 * Wd ° 0500: *> 2.0.0.0 0.0.0.0 0 327681 ai © 100 01 * 3.0.0.0 0.500 700i >i 0 100 Oi *> 4.0.0.0 ° 0500