BORDER GATEWAY

PROTOCOL
BGP

TYPES OF ISP CONNECTIONS • Single Homed .

.

TYPES 0F ISP CONNECTIONS • Dual Homed .

• TYPES OF ISP CONNECTIONS Multi-homed .

• TYPES OF ISP CONNECTIONS Dual Multi-homed .

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

4 AS: 400 Lo0: 44.4.4/32 .4.4.4 AS: 400 300 200 44.44.4.4.4.

.

.

BGP COMMUNITY ATTRIBUTE

BGP Communites – No-Export Objective: Configure AS 2 using the community No-Export so that hosts on R3’s Ethernet have access to VLANs 5 and 43 but AS 1 and AS 3 cannot reach VLANs 43 and 5 respectively .

R2. R3. and R5 per the diagram • R1 should peer with R4 • R2 should peer with R5 • R1. and R3 should all peer with each other • Advertise R3’s Ethernet into BGP on R3 • Advertise VLAN 5 into BGP on R5 • Advertise VLAN 43 into BGP on R4 • Configure the community No-Export on R1 and R2 so that routes coming from AS 1 are not passed to AS 3 and vice-versa .Directions • Configure the topology per the diagram • Configure EIGRP AS 2 on the links between R1 & R3 and R2 & R3 • Configure BGP on R1. R4. R2.

0 ! interface Serial0/0 encapsulation frame-relay ! interface Serial0/0.23.23.23.23.1.13.1.1 send-community neighbor 155.0.1 next-hop-self neighbor 155.1 remote-as 2 neighbor 155.0.0 ! router eigrp 2 network 155.1 point-to-point ip address 155.3 remote-as 2 neighbor 155.13.1.255.0.2 0.1.5 remote-as 1 neighbor 155.3 remote-as 2 neighbor 155.255.1.1.1 255.10.1.1 0.255.23.255.2 255.1.5 route-map NO_EXPORT in neighbor 155.1.146.13.255.146.1.0 frame-relay interface-dlci 205 ! interface Serial0/1 ip address 155.3 next-hop-self neighbor 155.1.13.2 next-hop-self neighbor 155.1.1.1.1.4 remote-as 3 neighbor 155.1.255.1.1.1.1.0 router eigrp 2 network 155.255.2 remote-as 2 neighbor 155.23.1.0 no auto-summary router bgp 2 neighbor 155.13.0 ! interface Serial0/1 ip address 155.255.Final Configuration R1: interface FastEthernet0/0 ip address 155.3 next-hop-self ! route-map NO_EXPORT permit 10 set community no-export .0.4 route-map NO_EXPORT in ! route-map NO_EXPORT permit 10 set community no-export R2: interface FastEthernet0/0 ip address 192.23.2 255.2 send-community neighbor 155.255.0.0 no auto-summary ! router bgp 2 neighbor 155.2 255.1 255.255.13.146.0.13.0.

1.1.1.0.0 ! interface Serial1/2 ip address 155.1.0 mask 255.5 255.5.255.R3: interface Ethernet0/0 ip address 155.4 255.255.0 encapsulation frame-relay frame-relay map ip 155.255.1.255.255.3 0.0 neighbor 155.5.255.4 255.146.1.3 255.1.0 clockrate 64000 ! router eigrp 2 network 155.255.0.1.1.2 remote-as 2 R4: interface Ethernet0/0 ip address 204.5 255.37.2 remote-as 2 .23.0.23.1 remote-as 2 neighbor 155.255.0.0 mask 255.0 neighbor 155.255.1.1.3 255.0.255.2 502 broadcast ! interface Ethernet0/1 ip address 155.23.1.1.255.13.0.0.255.37.12.0 ! router bgp 1 network 155.255.255.1.13.13.1.1.255.3 0.0 clockrate 64000 ! interface Serial1/3 ip address 155.0 ! router bgp 3 network 204.0 no auto-summary ! router bgp 2 network 155.3 255.0 ! interface Ethernet0/1 ip address 155.0 neighbor 155.146.255.0 network 155.255.1 remote-as 2 R5: interface Serial0/0 ip address 155.1.255.12.

3 !!!!! Success rate is 100 percent (5/5). d damped.1.1.1.37.5. e .5 Status codes: s suppressed. ? . 100-byte ICMP Echos to 155. h history. round-trip min/avg/max = 84/86/88 ms Rack1R5#show ip bgp BGP table version is 3.0.5. > best.0/24 0.2 02i .EGP.5.1.5. timeout is 2 seconds: Packet sent with a source address of 155.0/24 155.3 Type escape sequence to abort.37.1.1.37. local router ID is 150. Sending 5. r RIB-failure.internal.incomplete Network Next Hop Metric LocPrf Weight Path *> 155.1. S Stale Origin codes: i .5 source 155. * valid.IGP.0. i .1.Verification Rack1R3#ping 155.5.0.0 0 32768 i *> 155.

and VLAN 43 all have access to each other but only R2 has access to VLAN 58 . VLAN 5.BGP Communites – No-Advertise Objective: Configure R2 using the community No-Advertise so that hosts on R3’s Ethernet.

and R5 per the diagram • R1 should peer with R4 • R2 should peer with R5 • R1. R2. R3. R2. R4.Directions • Configure the topology per the diagram • Configure EIGRP AS 2 on the links between R1 & R3 and R2 & R3 • Configure BGP on R1. and R3 should all peer with each other • Advertise R3’s Ethernet into BGP on R3 • Advertise VLANs 5 and 58 into BGP on R5 • Advertise VLAN 43 into BGP on R4 • Configure the community No-Advertise on R2 so that VLAN 58 is not advertised to any neighbor .

1.1 next-hop-self neighbor 155.23.2 255.0 no auto-summary router bgp 2 neighbor 155.3 next-hop-self ip prefix-list VLAN58 permit 155.0 router eigrp 2 network 155.1.10.0.1.146.1 point-to-point ip address 155.2 0.1.1.1.4 remote-as 3 R2: interface FastEthernet0/0 ip address 192.13.1 remote-as 2 neighbor 155.0.Final Configuration R1: interface FastEthernet0/0 ip address 155.0.0.255.5 remote-as 1 neighbor 155.1.255.23.0 frame-relay interface-dlci 205 interface Serial0/1 ip address 155.0 interface Serial0/0 encapsulation frame-relay interface Serial0/0.1.0 no auto-summary ! router bgp 2 neighbor 155.13.1.3 remote-as 2 neighbor 155.1.2 remote-as 2 neighbor 155.58.1.146.5 route-map NO_ADVERTISE in neighbor 155.2 255.0 ! router eigrp 2 network 155.13.1.23.255.1.1 255.0/24 route-map NO_ADVERTISE permit 10 match ip address prefix-list VLAN58 set community no-advertise route-map NO_ADVERTISE permit 20 .255.1.1.1.255.1.255.13.23.1.255.255.1.2 255.255.0.1 255.255.3 next-hop-self neighbor 155.23.2 next-hop-self neighbor 155.0.1 0.0.23.13.3 remote-as 2 neighbor 155.13.0 ! interface Serial0/1 ip address 155.

255.255.5 255.2 remote-as 2 .1.4 255.1 remote-as 2 neighbor 155.13.1.255.5.1.5.146.0 ! interface Ethernet0/1 ip address 155.1.255.255.255.0 mask 255.58.0 neighbor 155.0 ! router bgp 3 network 204.1.1.2 remote-as 2 R4: interface Ethernet0/0 ip address 204.255.0.255.1.3 0.1.255.12.13.255.37.0.0 ! interface Serial1/2 ip address 155.255.23.255.58.23.1.4 255.1 remote-as 2 R5: interface Serial0/0 ip address 155.0 no auto-summary ! router bgp 2 network 155.0 neighbor 155.1.3 0.0.23.1.0 network 155.3 255.255.255.1.0 mask 255.255.0.1.1.5 255.0.13.1.0 mask 255.146.0 encapsulation frame-relay frame-relay map ip 155.1.0.3 255.0 clockrate 64000 ! interface Serial1/3 ip address 155.37.255.1.255.R3: interface Ethernet0/0 ip address 155.0 ! router bgp 1 network 155.0 neighbor 155.1.0 ! interface Ethernet0/1 ip address 155.12.3 255.2 502 broadcast ! interface Ethernet0/0 ip address 155.255.1.255.0 network 155.255.0.255.0 clockrate 64000 ! router eigrp 2 network 155.255.5 255.

1. not advertised to any peer) Not advertised to any peer 1 155. best #1.0.5 (150. round-trip min/avg/max = 84/87/88 ms .5.37. 100-byte ICMP Echos to 155.1.5. localpref 100.3 Type escape sequence to abort. timeout is 2 seconds: Packet sent with a source address of 155.1.5.1.5) Origin IGP. external.1.1.5 source 155. Sending 5.58.1.1.0 BGP routing table entry for 155.1.0.0/24. version 4 Paths: (1 available. table Default-IP-RoutingTable. best Community: no-advertise Rack1R3#ping 155.37. valid.Verification Rack1R2#show ip bgp 155.58.5 from 155. metric 0.3 !!!!! Success rate is 100 percent (5/5).5.

.

.

.

R2. and R3 in confederation so that AS 1 and AS 3 see them as all belonging to AS 2 .BGP Confederation Objective: Configure R1.

R4. and R5 per the diagram • R1 and R3 should use the private AS 65013 and the public AS 2 • R2 should use the private AS 65002 and the public AS 2 • R1 should peer with R3 and R4 • R2 should peer with R3 and R5 • Advertise R3’s Ethernet into BGP on R3 • Advertise VLAN 5 into BGP on R5 • Advertise VLAN 43 into BGP on R4 . R3. R2.Directions • Configure the topology per the diagram • Configure BGP on R1.

2 255.1.3 next-hop-self neighbor 155.1.0.0.0 no auto-summary passive-interface serial 0/0 ! router bgp 65002 bgp confederation identifier 2 bgp confederation peers 65013 neighbor 155.255.1.0 interface Serial0/0 encapsulation frame-relay ! interface Serial0/0.255.1.1.0 ! interface Serial0/1 ip address 155.1 point-to-point ip address 155.1.1.255.255.13.2 255.0 no auto-summary ! router bgp 65013 bgp confederation identifier 2 neighbor 155.1.13.146.Final Configuration R1: interface FastEthernet0/0 ip address 155.0.255.10.2 255.23.0.1.1 0.0 network 155.0.13.13.146.3 remote-as 65013 .255.255.1 255.1.1.255.0 ! router eigrp 2 network 155.255.23.2 0.4 remote-as 3 R2: interface FastEthernet0/0 ip address 192.0.0.23.1.255.0 ! router eigrp 2 network 155.2 0.0.1.0.5 remote-as 1 neighbor 155.3 remote-as 65013 neighbor 155.1 255.0 frame-relay interface-dlci 205 ! interface Serial0/1 ip address 155.

12.0 network 155.255.1.1 remote-as 2 R5: interface Serial0/0 ip address 155.255.255.13.58.1.255.255.146.3 0.2 502 broadcast ! interface Ethernet0/0 ip address 155.0 neighbor 155.0 neighbor 155.1.0 no auto-summary ! router bgp 65013 bgp confederation identifier 2 bgp confederation peers 65002 network 155.5.0.1.0 ! interface Ethernet0/1 ip address 155.5.2 remote-as 65002 R4: interface Ethernet0/0 ip address 204.1.1.1 next-hop-self neighbor 155.37.5 255.1.0.0 ! router bgp 3 network 204.0 ! router bgp 1 network 155.255.1.23.0.0 clockrate 64000 ! interface Serial1/3 ip address 155.1.5 255.1.R3: interface Ethernet0/0 ip address 155.255.4 255.1.255.4 255.255.0 mask 255.255.3 255.255.0 ! interface Ethernet0/1 ip address 155.3 255.13.1.5 255.2 remote-as 2 .255.1.255.255.23.1.0.0 mask 255.13.0.255.0 clockrate 64000 ! router eigrp 2 network 155.12.1.23.146.255.255.0 encapsulation frame-relay frame-relay map ip 155.0.1.255.37.13.3 0.3 255.1.255.255.1.0 neighbor 155.1.1 remote-as 65013 neighbor 155.0 ! interface Serial1/2 ip address 155.0.

Sending 5.1. Sending 5.12.3 !!!!! Success rate is 100 percent (5/5).37.1.37.37.3 !!!!! Success rate is 100 percent (5/5).12. 100-byte ICMP Echos to 155.5.1. round-trip min/avg/max = 28/31/32 ms .1.3 Type escape sequence to abort.3 Type escape sequence to abort.5 source 155.5.1.1. timeout is 2 seconds: Packet sent with a source address of 155.37. 100-byte ICMP Echos to 204.1.4 source 155.Verification Rack1R3#ping 155.1. round-trip min/avg/max = 72/82/120 ms Rack1R3#ping 204.4. timeout is 2 seconds: Packet sent with a source address of 155.5.

BGP Communities – Local AS Objective: Configure the community Local-AS on R1 so that only R3’s Ethernet segment has reachability to VLAN 43 .

and R5 per the diagram • R1 and R3 should use the private AS 65013 and the public AS 2 • R2 should use the private AS 65002 and the public AS 2 • R1 should peer with R3 and R4 • R2 should peer with R3 and R5 • Advertise R3’s Ethernet into BGP on R3 • Advertise VLAN 5 into BGP on R5 • Advertise VLAN 43 into BGP on R4 • Configure R1 to set VLAN 43 to the community Local-AS as it is received from R4 . R2. R3.Directions • Configure the topology per the diagram • Configure BGP on R1. R4.

255.0 no auto-summary router bgp 65002 bgp confederation identifier 2 bgp confederation peers 65013 neighbor 155.1.0 router eigrp 2 network 155.3 remote-as 65013 neighbor 155.255.0 clockrate 64000 ! interface Serial1/3 ip address 155.2 255.255.0.1.1.3 next-hop-self neighbor 155.13.1 point-to-point ip address 155.23.255.13.Final Configuration R1: interface FastEthernet0/0 ip address 155.1.1.1.0 ! interface Serial0/1 ip address 155.1.0.3 255.0.3 255.1.0 ! router eigrp 2 network 155.146.0 ! interface Serial1/2 ip address 155.1 255.255.255.13.1.255.0.255.0 interface Serial0/0 encapsulation frame-relay interface Serial0/0.0 no auto-summary ! router bgp 65013 bgp confederation identifier 2 neighbor 155.4 route-map LOCAL_AS in ! route-map LOCAL_AS permit 10 set community local-as R2: interface FastEthernet0/0 ip address 192.2 0.1.1 255.5 remote-as 1 neighbor 155.255.1 0.255.1.13.0 clockrate 64000 .1.23.1.255.0.0.0 frame-relay interface-dlci 205 interface Serial0/1 ip address 155.13.1.4 remote-as 3 neighbor 155.23.10.3 send-community neighbor 155.255.2 255.146.255.1.2 255.3 remote-as 65013 R3: interface Ethernet0/0 ip address 155.13.37.255.3 255.255.255.1.23.146.1.

146.0.1.1.1.255.255.12.255.5.255.0.58.255.0 network 155.0.13.1.1.0 ! interface Ethernet0/1 ip address 155.255.1.1.0 ! router bgp 1 network 155.13.2 502 broadcast ! interface Ethernet0/0 ip address 155.0 neighbor 155.0 encapsulation frame-relay frame-relay map ip 155.1 next-hop-self neighbor 155.1.0 neighbor 155.0 ! interface Ethernet0/1 ip address 155.255.1.13.1.1.1 remote-as 65013 neighbor 155.23.255.0 neighbor 155.3 0.255.5 255.4 255.1.0.1.5 255.router eigrp 2 network 155.255.3 0.255.146.4 255.37.1.12.0.0 mask 255.23.1.0 router bgp 3 network 204.0.0.255.5 255.2 remote-as 2 .255.2 remote-as 65002 R4: interface Ethernet0/0 ip address 204.0 mask 255.1.255.0 no auto-summary ! router bgp 65013 bgp confederation identifier 2 bgp confederation peers 65002 network 155.5.1 remote-as 2 R5: interface Serial0/0 ip address 155.

best Community: local-AS Rack1R3#show ip bgp 204.1.146. external.1.1.Verification Rack1R1#show ip bgp 204.1 (150.1) Origin IGP.1. table Default-IP-RoutingTable.1.12.146.0/24.0/24. valid.1. metric 0.13.12.12.1.4 (150. localpref 100.4 from 155.1. version 5 Paths: (1 available.12. confedinternal. version 5 Paths: (1 available. not advertised outside local AS) Advertised to non peer-group peers: 155. valid.3 3 155.4.0 BGP routing table entry for 204. metric 0.1 from 155. best #1.1.13.1.1. localpref 100. best Community: local-AS . best #1.4) Origin IGP. not advertised outside local AS) Not advertised to any peer 3 155.0 BGP routing table entry for 204.1.13. table Default-IP-RoutingTable.

.

.

.

.

.

.

12. 13. 2. 8. 7.0—4-70 . 9. 10. synchronized if necessary. All rights reserved. consider multipath If external. prefer older one Lowest router ID or originator ID Minimum cluster list length Lowest neighbor address © 2009 Cisco Systems. Inc. 6. 4. CIERS-1 v4. 11. 5. Highest weight Highest local preference Locally originated Shortest AS path length Origin code Lowest MED EBGP over IBGP If internal.Choosing a Best Path Prerequisite: good next hop. 1. 3. prefer path with lowest IGP metric to next hop If external.

.

.

.

0—4-74 . Inc. CIERS-1 v4. All rights reserved.Path Attributes Categories Examples Mandatory Origin AS path Next hop Discretionary Local preference Atomic aggregate Transitive Community Aggregator Nontransitive Originator ID Cluster list Multi-exit discriminator (MED) Well known Optional © 2009 Cisco Systems.

.

.

0—4-77 .BGP Peering Options Analysis © 2009 Cisco Systems. All rights reserved. CIERS-1 v4. Inc.

39.14.4 Metric LocPrf Weight Path 100 32768 9999 i 0 100 0 9999 i 0 100 0 9999 i 0 100 0 9999 i 0 100 0 9999 i CIERS-1 v4.0 as-set summary-only neighbor 172.0/20 s>i179.4 172.200.32.41.37.110.43.200.120.120.200.2 remote-as 44 neighbor 172.4 172.0/24 s>i179.14.0.0—4-78 .4 172.0/24 s>i179.32.200.14.123.14.120. Inc. All rights reserved.255.123.4 remote-as 4 [lines removed for brevity] R3#sh ip bgp [lines removed for brevity] Network *> 179.0/24 © 2009 Cisco Systems. Next Hop 0.Example: Creating an Aggregate R3#sh run | sec router bgp router bgp 4 aggregate-address 179.120.120.110.0 172.0/24 s>i179.0 255.2 ebgp-multihop 255 neighbor 172.200.240.200.0.14.

Inc.0—4-79 . or dynamic routes – Uses origin code “?”  Use aggregation: – Summarizes routes by shortening the mask length of an existing route © 2009 Cisco Systems.Originating Routes  Use a network statement: – Supports classful and classless routes – Uses origin code “i”  Use redistribution techniques: – Supports connected. CIERS-1 v4. static. All rights reserved.

110.4 remote-as 4 R1 .2 remote-as 44 neighbor 172.2 ebgp-multihop 255 neighbor 172.123.123.2 R2 R3 router bgp 4 neighbor 172.110.3 remote-as 4 neighbor 172.3 .16.123.0 EBGP .3 remote-as 4 © 2009 Cisco Systems.16.110.1 172.1 remote-as 44 .1 172.110.3 ebgp-multihop 255 .1 remote-as 44 neighbor 172.110.123. All rights reserved.0 R2 router bgp 44 neighbor 172. BB1 AS 9999 CIERS-1 v4.120.4 IBGP R3 R4 AS 4 EBGP R4 router BGP 4 neighbor 150.10 remote-as 9999 neighbor 172.Example: BGP Peer Configuration AS 44 IBGP R1 router bgp 44 neighbor 172.14.14. Inc.123.110.123.100.123.10.110.0—4-80 .123.

Inc.© 2009 Cisco Systems. CIERS-1 v4. All rights reserved.0—4-81 .

CIERS-1 v4.0—4-82 .© 2009 Cisco Systems. All rights reserved. Inc.

© 2009 Cisco Systems. Inc. CIERS-1 v4.0—4-83 . All rights reserved.

All rights reserved. Inc.0—4-84 .© 2009 Cisco Systems. CIERS-1 v4.

Inc. CIERS-1 v4.0—4-85 .© 2009 Cisco Systems. All rights reserved.