Configuring Basic BGP

© 2006 Cisco Systems, Inc. All rights reserved. Cisco PublicBSCI Module 6 1

Configuring Basic BGP

BSCI Module 6


Objectives Describe various databases and messages used in BGP.

Describe how to configure a BGP session for external and internal neighboring routers.

Describe how to administratively shutdown a BGP neighbor.

Describe EBGP peering.

Describe BGP Established and Idle states.

Identify problems associated with a router remaining in Active states.

Configure BGP peer groups.

Configure BGP authentication.

Troubleshoot BGP sessions

Describe how to use the debug ip debug command.

Describe how to use the BGP Local Preference attribute.

Describe how to configure route maps using the BGP MED attribute.


Purpose of this LessonCoverage of topics new to the “BGP” module of BSCI.

What’s new in this module?Description of various databases used in BGP.

Description of the types of messages exchanged by BGP.

Description of how to configure a BGP session for external and internal neighboring routers.

Description of how to administratively shutdown a BGP neighbor.

Description of EBGP peering.

Description of BGP Established and Idle states.

Description of problems associated with a router remaining in Active states.

Configuring BGP peer groups.


Purpose of this Lesson (Cont.)Coverage of topics new to the “BGP” module of BSCI. What’s new in this module?

Configuring BGP authentication.Description of how to troubleshoot BGPSteps to clear a BGP sessionDescription of the process to perform a hard reset of BGP session.Description of the process to perform the soft reset of BGP session.Function of the debug IP debug command.Description of how to use the BGP Local Preference attribute.Description of how to configure route maps using the BGP MED attribute.


Review


BSCI Module 6 BGP (review)

An AS is a collection of networks under a single technical administration.

IGPs operate within an AS. BGP is used between autonomous systems. Exchange of loop-free routing information is guaranteed.



An AS is a group of routers that share similar routing policies and operate within a single administrative domain.

An AS can be a collection of routers running a single IGP, or it can be a collection of routers running different protocols all belonging to one organization.

In either case, the outside world views the entire Autonomous System as a single entity.

Review from CCNP 1 Advanced Routing 3.1



Internet Assigned Numbers Authority (IANA) is enforcing a policy whereby organizations that connect to a single provider and share the provider's routing policies use an AS number from the private pool, 64,512 to 65,535.

AS numbers are a two byte number from 1 – 65,535

AS numbers 64,512 – 65,535 are private AS numbers

These private AS numbers appear only within the provider's network and are replaced by the provider's registered number upon exiting the network.



BSCI Module 6 BGP (review) When two routers establish a TCP enabled

BGP connection, they are called neighbors or peers.

BGP uses TCP 179

Each router running BGP is called a BGP speaker.

Peer routers exchange multiple messages to open and confirm the connection parameters, such as the version of BGP to be used.

If there are any disagreements between the peers, notification errors are sent and the connection fails.



BSCI Module 6 BGP

When BGP neighbors first establish a connection, they exchange all candidate BGP routes.

After this initial exchange, incremental updates are sent as network information changes.

Incremental updates are more efficient than complete table updates.

This is especially true with BGP routers, which may contain the complete Internet routing table.



Self Check

1. What is an Autonomous System (AS)?

2. How are updates handled after the initial exchange?

3. What are routers called when they have established a TCP enabled BGP connection?

4. What is the major difference between an IGP and an EGP?

5. Give examples of IGP and EGP routing protocols.


BGP Terms


BGP Databases

Neighbor table List of BGP neighbors

BGP table (forwarding database)List of all networks learned from each neighbor

Can contain multiple paths to destination networks

Contains BGP attributes for each path

IP routing tableList of best paths to destination networks


BGP Message TypesBGP defines the following message types:

OpenIncludes holdtime and BGP router ID

Keepalive

UpdateInformation for one path only (could be to multiple networks)

Includes path attributes and networks

NotificationWhen error is detected

BGP connection is closed after being sent


Open Message

Open Message – This message is used to establish connections with peers and includes fields for the BGP version number, the AS number, hold time, and Router ID.


Keepalive Message

Keepalive Message – This message type is sent periodically between peers to maintain connections and verify paths held by the router sending the keepalive.

If the periodic timer is set to a value of zero (0), no keepalives are sent.

The recommended keepalive interval is one third of the hold time interval.

The keepalive message is a 19-byte BGP message header with no data following it.


Notification Message

Notification Message – This message type is used to inform the receiving router of errors.


Update Message

Update Message – The update messages contain all the information BGP uses to construct a loop free picture of the internetwork.

There are three basic components of an update message. 1. Network-Layer Reachability Information (NLRI) 2. Path Attributes3. Withdrawn Routes


Peers = Neighbors

A “BGP peer,” also known as a “BGP neighbor,” is a specific term that is used for BGP speakers that have established a neighbor relationship.

Any two routers that have formed a TCP connection to exchange BGP routing information are called BGP peers or BGP neighbors.


External BGP – EBGP

When BGP is running between neighbors that belong to different autonomous systems, it is called EBGP.

EBGP neighbors, by default, need to be directly connected.


Internal BGP – IBGP

When BGP is running between neighbors within the same AS, it is called IBGP.

The neighbors do not have to be directly connected.


Self Check

1. What are the 4 BGP message types?

2. How is a notification message used?

3. How is the BGP neighbor command used?

4. What is EBGP?

5. What is IBGP


BGP Commands


BGP Commands

router bgp autonomous-system

Router(config)#

This command just enters router configuration mode; subcommands must be entered in order to activate BGP.

Only one instance of BGP can be configured on the router at a single time.

The autonomous system number identifies the autonomous system to which the router belongs.

The autonomous system number in this command is compared to the autonomous system numbers listed in neighbor statements to determine if the neighbor is an internal or external neighbor.


BGP neighbor remote-as Command

neighbor {ip-address | peer-group-name}

remote-as autonomous-system

Router(config-router)#

The neighbor command activates a BGP session with this neighbor.

The IP address that is specified is the destination address of BGP packets going to this neighbor.

This router must have an IP path to reach this neighbor before it can set up a BGP relationship.

The remote-as shows what AS this neighbor is in. This AS number is used to determine if the neighbor is internal or external.

This command is used for both external and internal neighbors.


Example: BGP neighbor Command

Note that the IBGP neighbors are not directly connected


BGP neighbor shutdown Command

neighbor {ip-address | peer-group-name} shutdown


no neighbor {ip-address | peer-group-name} shutdown


Administratively brings down a BGP neighbor

Used for maintenance and policy changes to preventroute flapping

Re-enables a BGP neighbor that has been administratively shut down


BGP neighbor update-source Command

neighbor {ip-address | peer-group-name} update-source

interface-type interface-number


This command allows the BGP process to use the IP address of a specified interface as the source IP address of all BGP updates to that neighbor.

A loopback interface is usually used, because it will be available as long as the router is operational.

The IP address used in the neighbor command on the other router will be the destination IP address of all BGP updates and should be the loopback interface of that router.

The neighbor update-source command is normally used only with IBGP neighbors.

The address of an EBGP neighbor must be directly connected by default; the loopback of an EBGP neighbor is not directly connected.


Example: BGP Using Loopback Addresses


BGP neighbor ebgp-multihop Command

neighbor {ip-address | peer-group-name} ebgp-multihop [ttl]


This command increases the default of one hop for EBGP peers.

It allows routes to the EBGP loopback address (which will have a hop count greater than 1) or if the EBGP neighbor is more than one hop away.

The neighbor ebgp multihop Command Parameters ip-address is the IP address of the BGP-speaking

neighbor. peer-group-name is the Name of a BGP peer group. ttl (Optional) TTL in the range from 1 to 255 hops


EBGP Multihop and IBGP


EBGP MultihopRTW(config)#router bgp 200

RTW(config-router)#neighbor 1.1.1.2 remote-as 300

RTW(config-router)#neighbor 1.1.1.2 ebgp-multihop 2

RTU(config)#router bgp 300

RTU(config-router)#neighbor 2.2.2.1 remote-as 200

RTU(config-router)#neighbor 2.2.2.1 ebgp-multihop 2

AS 200

AS 300

2.2.2.0/301.1.1.0/30


Example: BGP Peering

RouterA# show ip bgp summaryBGP router identifier 10.1.1.1, local AS number 65001BGP table version is 124, main routing table version 1249 network entries using 1053 bytes of memory22 path entries using 1144 bytes of memory12/5 BGP path/bestpath attribute entries using 1488 bytes of memory6 BGP AS-PATH entries using 144 bytes of memory0 BGP route-map cache entries using 0 bytes of memory0 BGP filter-list cache entries using 0 bytes of memoryBGP using 3829 total bytes of memoryBGP activity 58/49 prefixes, 72/50 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

10.1.0.2 4 65001 11 11 124 0 0 00:02:28 8172.31.1.3 4 64998 21 18 124 0 0 00:01:13 6172.31.11.4 4 64999 11 10 124 0 0 00:01:11 6


Self Check

1. How many instances of BGP can be configured on the router at a single time?

2. What command is used to administratively shut down a BGP neighbor?

3. What is the default source address used in a BGP update packet exiting a router?

4. What steps should be taken in order to use a loopback interface for an external neighbor instead of a directly connected interface?


BGP States


BGP StatesWhen establishing a BGP session, BGP goes through the following steps:

Idle: Router is searching routing table to see if a route exists to reach the neighbor.

Connect: Router found a route to the neighbor and has completed the three-way TCP handshake.

Open sent: Open message sent, with the parameters for the BGP session.

Open confirm: Router received agreement on the parameters for establishing session.

Alternatively, router goes into Active state if no response to open message

Established: Peering is established; routing begins.


BGP Established and Idle States

Idle: The router in this state cannot find the address of the neighbor in the routing table. Check for an IGP problem. Is the neighbor announcing the route?

Established: The established state is the properstate for BGP operations.

In the show ip bgp summary command, if the state column has a number, then the route is in the established state. The number is how many routes have been learned from this neighbor.


RouterA#sh ip bgp neighbors

BGP neighbor is 172.31.1.3, remote AS 64998, external link

BGP version 4, remote router ID 172.31.2.3

BGP state = Established, up for 00:19:10

Last read 00:00:10, last write 00:00:10, hold time is 180, keepalive interval is 60 seconds

Neighbor capabilities:

Route refresh: advertised and received(old & new)

Address family IPv4 Unicast: advertised and received

Message statistics:

InQ depth is 0

OutQ depth is 0

Sent Rcvd

Opens: 7 7

Notifications: 0 0

Updates: 13 38

<output omitted>

Example: show ip bgp neighbors Command


BGP Active State Troubleshooting

Active: The router has sent out an open packet and is waiting for a response.

The state may cycle between active and idle. The neighbor may not know how to get back to this router because of the following reasons: 1. Neighbor does not have a route to the source IP address of

the BGP open packet generated by this router

2. Neighbor peering with the wrong address

3. Neighbor does not have a neighbor statement for this router

4. AS number misconfiguration


Example: BGP Active State Troubleshooting

AS number misconfiguration:

At the router with the wrong remote-as number:%BGP-3-NOTIFICATION: sent to neighbor 172.31.1.3 2/2 (peer in wrong AS) 2 bytes FDE6

FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 FDE6 00B4 AC1F 0203 1002 0601 0400 0100 0102 0280 0002 0202 00

At the remote router:%BGP-3-NOTIFICATION: received from neighbor 172.31.1.1 2/2 (peer in wrong AS) 2 bytes FDE6


Activity

Lab 6-1 Configuring BGP with Default Routing

Learning Objective: In this lab, you will configure BGP to exchange routing information with two Internet Service Providers (ISPs).


Self Check

1. What are the 5 states that routers go through when establishing a BGP session?

2. What does the idle state indicate?

3. What command is used to display information about BGP connections to neighbors?

4. What is the most common reason that the BGP state toggles between idle and active?


Resetting BGP Sessions


Clearing the BGP Session When policies such as access lists or attributes are

changed, the change takes effect immediately, and the next time that a prefix or path is advertised or received, the new policy will be used.

It can take a long time for the policy to be applied to all networks

You must trigger an update to ensure that the policy is immediately applied to all affected prefixes and paths.

Ways to trigger an update:Hard reset

Soft reset

Route refresh


clear ip bgp *

Router#

Resets all BGP connections with this router. Entire BGP forwarding table is discarded. BGP session makes the transition from established to

idle; everything must be relearned.

Hard Reset of BGP Sessions

clear ip bgp [neighbor-address]

Router#

Resets only a single neighbor. BGP session makes the transition from established to

idle; everything from this neighbor must be relearned. Less severe than clear ip bgp *.


Soft Reset Outbound

clear ip bgp {*|neighbor-address} [soft out]

Router#

Routes learned from this neighbor are not lost.

This router resends all BGP information to the neighbor without resetting the connection.

The connection remains established.

This option is highly recommended when you are changing outbound policy.

The soft out option does not help if you are changing inbound policy.


Inbound Soft Reset

neighbor [ip-address] soft-reconfiguration inbound


This router stores all updates from this neighbor in case the inbound policy is changed.

The command is memory-intensive.

clear ip bgp {*|neighbor-address} soft in

Router#

Uses the stored information to generate new inbound updates.


clear ip bgp {*|neighbor-address} [soft in | in]

Router#

Routes advertised to this neighbor are not withdrawn. Does not store update information locally. The connection remains established. Introduced in IOS 12.0(2)S and 12.0(6)T

Route Refresh: Dynamic Inbound Soft Reset


debug ip bgp updates CommandRouterA#debug ip bgp updatesMobile router debugging is on for address family: IPv4 UnicastRouterA#clear ip bgp 10.1.0.2<output omitted>*Feb 24 11:06:41.309: %BGP-5-ADJCHANGE: neighbor 10.1.0.2 Up*Feb 24 11:06:41.309: BGP(0): 10.1.0.2 send UPDATE (format) 10.1.1.0/24, next 10.1.0.1, metric 0, path Local*Feb 24 11:06:41.309: BGP(0): 10.1.0.2 send UPDATE (prepend, chgflags: 0x0) 10.1.0.0/24, next 10.1.0.1, metric 0, path Local*Feb 24 11:06:41.309: BGP(0): 10.1.0.2 NEXT_HOP part 1 net 10.97.97.0/24, next 172.31.11.4*Feb 24 11:06:41.309: BGP(0): 10.1.0.2 send UPDATE (format) 10.97.97.0/24, next 172.31.11.4, metric 0, path 64999 64997*Feb 24 11:06:41.309: BGP(0): 10.1.0.2 NEXT_HOP part 1 net 172.31.22.0/24, next 172.31.11.4*Feb 24 11:06:41.309: BGP(0): 10.1.0.2 send UPDATE (format) 172.31.22.0/24, next 172.31.11.4, metric 0, path 64999<output omitted>*Feb 24 11:06:41.349: BGP(0): 10.1.0.2 rcvd UPDATE w/ attr: nexthop 10.1.0.2, origin i, localpref 100, metric 0*Feb 24 11:06:41.349: BGP(0): 10.1.0.2 rcvd 10.1.2.0/24*Feb 24 11:06:41.349: BGP(0): 10.1.0.2 rcvd 10.1.0.0/24


Self Check

1. List 3 ways to trigger an update.

2. What does a hard reset do?

3. How are the clear ip bgp * and the clear ip bgp [neighbor-address] commands different.

4. How should the soft out option be used?


BGP Attributes


Controlling BGP Routing with Attributes Common BGP Attributes (attribute-code)

Origin (1)

AS_Path (2)

Next Hop (3)

Multiple Exit Discriminator (MED) (4)

Local Preference (5)

Atomic Aggregate (6)

Aggregator (7)

Community (Cisco-defined) (8)

Originator-ID (Cisco-defined) (9)

Cluster list (Cisco-defined) (10)

Weight


BGP Operation – AS_PATH

Public AS numbers range between 1 and 64511 and the private AS numbers between 64512 and 65535.

500

AS Path =

200100400

300

800


The AS_Path Attribute


BGP Operation

The connection between any two systems forms a path, and the collection of path information expressed as a sequence of AS numbers (called the AS_PATH).

This sequence forms a route to reach a specific destination.

–All things being equal, BGP prefers routes with shorter AS paths.


NEXT_HOP Attribute The next hop attribute is a well-known mandatory attribute, type

code 3.

For EBGP sessions, the next hop is the IP address of the neighbor that announced the route.

For routes injected into the AS by way of EBGP, the next hop learned from EBGP is carried unaltered into IBGP.

For IBGP sessions, where routes originated inside the AS the next-hop is the IP address of the neighbor that announced the route.


The Next Hop Attribute


BGP Attributes: Next HopNext-hop attribute is different for BGP than it isfor the IGPs that we have already learned about


BGP Attributes: Next Hop Example The NEXT_HOP is not necessarily reachable via a direct connection.

– RTA’s next-hop for 128.213.1.0/24 is 1.1.1.1, but reaching it requires a pathway through 3.3.3.3.

Thus, the next-hop behavior mandates a recursive IP routing table lookup for a router to know where to send the packet.

To reach the NEXT_HOP 1.1.1.1, RTA will consult its IGP routing table to see if, and how, 1.1.1.1 is reachable. This recursive search continues until the router associates destination 1.1.1.1 with an outgoing interface.


Next Hop and Multiaccess Nets

Recall that a network link is considered multi-access if more than two hosts can potentially connect to it.

Routers on a multi-access link share the same IP subnet, and can physically access all other connected routers in one hop.

Ethernet, Frame Relay, and ATM are examples of multi-access media.


NEXT_HOP Multiaccess

On a Multiaccess environment such as Ethernet or Frame Relay, the next hop will be the interface connected to the media that originated the route.

The ‘next-hop-self’ keyword forces the router to advertise itself as the next hop if needed.

next-hop-self is generally used for NBMA networks like Frame Relay.



BGP speakers always advertise the actual source of the route if the source is on the same multi-access link as the speaker.



Hey, RTA…BGP Route: 11.11.11.0/24

Next Hop is 10.10.10.3 (RTB)

(not me)


Example Explained

RTA, RTB, and RTC share a common multi-access media.

– RTA and RTC are running EBGP, while RTC and RTB are running OSPF.

– RTC has learned network 11.11.11.0/24 from RTB via OSPF and is advertising it to RTA via EBGP.

– The correct behavior is for RTA to consider RTB (10.10.10.3) as the next hop because RTB shares the same media with RTC.

• This is also the default behavior of EBGP, to use the existing next hop IP address


Next Hop and NBMA

If the media is broadcast, such as Ethernet and FDDI, physical connectivity is a given and the NEXT_HOP behavior is no problem.

If the media is non-broadcast, such as Frame Relay and ATM, problems can arise.


Next Hop and NBMA


Next Hop and NBMA

RTA gets a BGP routing update about 11.11.11.0/24 from RTC and would try to use RTB (10.10.10.3) as the next hop (the same behavior as on multi-access media).

Routing will fail because no virtual circuit exists between RTA and RTB.


Next Hop and NBMA

Cisco IOS supports a special case parameter that remedies this situation.

The ‘next-hop-self’ command forces the router (in this case, RTC) to advertise 11.11.11.0/24 with itself as the next hop (10.10.10.2).

RTA would then direct its traffic to RTC to reach destination 11.11.11.0/24.


next-hop-self

Router(config-router)#neighbor IP-address next-hop-self

Soooooooo…

RTC(config-router)#neighbor 10.10.10.1 next-hop-self


The Atomic Aggregate Attribute


The Aggregator Attribute

A well-known discretionary attribute, type code 7.

Enabling ISP administrators to determine which BGP router is responsible for a particular instance of aggregation.

– The AGGREGATOR attribute indicates the local router as the device that has done the aggregating (summarizing).

• “I did the aggregating”

– The ATOMIC_AGGREGATE attributes says who did the aggregating.

• “He did the aggregating”


ATOMIC_AGGREGATE

The ATOMIC_AGGREGATE is a well-know discretionary attribute (type code 6). The ATOMIC_AGGREGATE attribute is set to either “True” or “False.”


ATOMIC_AGGREGATE

If true, this attribute alerts BGP routers that multiple destinations have been grouped into a single update.

In other words, the BGP router that sent the update had a more specific route to the destination, but did not send it.

ATOMIC_AGGREGATE warns receiving routers that the information they are receiving is not necessarily the most complete route information available.– More specific routes exist and not all of the AS numbers in

the AS_PATH are included


ATOMIC_AGGREGATE

You can manually configure BGP to summarize routes by using the aggregate-address command, which has the following syntax:

Router(config-router)#aggregate-address address mask [as-set] [summary-only] [suppress-map map-name][advertise-map map-name] [attribute-map map-name]


ATOMIC_AGGREGATE – Summarization

RTA(config)#router bgp 300

RTA(config-router)#neighbor 3.3.3.3 remote-as 200

RTA(config-router)#neighbor 2.2.2.2 remote-as 100

RTA(config-router)#network 160.10.0.0

RTA(config-router)#aggregate-address 160.0.0.0 255.0.0.0


AGGREGATOR AGGREGATOR is a well-known discretionary attribute (type code 7).

When configuring address aggregation, you can also configure the router to include its router ID and local AS number along with the supernet route.

This attribute allows ISP administrators to determine which BGP router is responsible for a particular instance of aggregation.

Tracing a supernet to its original “aggregator” may be necessary for troubleshooting purposes.


LOCAL_PREFERENCE Local Preference is a well-known discretionary attribute,

type code 5.

The Local Preference attribute is a degree of preference given to a route for comparison with other routes for the same destination

Higher Local Preference values are preferred.

Local Preference is local to the AS and is exchanged between IBGP peers only.


The Local Preference Attribute

AS 256


Local Preference Configuration

SanJose(config)#route-map SECONDARY_T1 permit 10

SanJose(config-route-map)#set local-preference 200

SanJose(config-route-map)#exit

SanJose(config)#router bgp 256

SanJose(config-router)#neighbor 192.168.1.5 route-map SECONDARY_T1 in

LA(config)#route-map PRIMARY_T3 permit 10

LA(config-route-map)#set local-preference 300

LA(config-route-map)#router bgp 256

LA(config-router)#neighbor 192.168.1.1 route-map PRIMARY_T3 in


Weight Attribute

The Weight attribute is similar to the Local Preference attribute in that it gives higher preference to the route that has a higher weight.

The difference is that the weight parameter is local to the router and is not exchanged between routers.

–The weight parameter influences routes coming from different providers to the same router


The Weight Attribute


Multi-Exit-Discriminator

The Multiple-exit-discriminator (MED) attribute is an optional nontransitive attribute, type code 4.

MED informs external neighbors about the preferred path into an AS that has multiple entry points.

A lower MED is preferred over a higher MED

Unlike Local Preference, the MED attribute is exchanged between autonomous systems,


The Multiple Exit Discriminator Attribute

The SF router will prefer the route to ANET via the SJ router b/c it has a lower metric (MED) than the LA router.

The metric from the NY router will not be considered for ANETb/c it is from a different AS.


MED Configuration Example

RTA will only compare the MED from RTC and RTD b/c they are from the same autonomous system.


MED ConfigurationRTC(config)#route-map PRIMARY_T1_MED permit 10

RTC(config-route-map)#set Metric 120

RTC(config-route-map)#exit

RTC(config)#router bgp 300

RTC(config-router)#neighbor 192.168.1.5 route-map PRIMARY_T1_MED out

RTD(config)#route-map SECONDARY_T1_MED permit 10

RTD(config-route-map)#set Metric 200

RTD(config-route-map)#exit

RTD(config)#router bgp 300

RTD(config-router)#neighbor 192.168.1.1 route-map SECONDARY_T1_MED out


The Origin Attribute

IGP – The prefix is internal to the originating AS.

EGP – The prefix was learned by way of some EGP, such as BGP.

Incomplete – The prefix was learned by some other means, probably redistribution.– well-known mandatory attribute (type code 1)


The ORIGIN attribute BGP considers the ORIGIN attribute in its decision-

making process to establish a preference ranking among multiple routes.

Specifically, BGP prefers the path with the lowest origin type, where IGP is lower than EGP, and EGP is lower than INCOMPLETE.

Use the set origin route map command to manipulate the ORIGIN attribute.


Highest WEIGHT Highest LOCAL PREFERENCE LOCALLY ORIGINATED (eg network/aggregate) Shortest AS-PATH Lowest ORIGIN (IGP < EGP < incomplete) Lowest MED EBGP IBGP Lowest IGP METRIC to next-hop

Neighbor with lowest ROUTE_ID

Full story see: www.cisco.com/warp/public/459/25.shtml

Basic Decision AlgorithmBasic Decision Algorithm

Consider only (synchronized) routes with no AS loopsand valid next-hop, then prefer:


BGP Decision Making

1. If the next hop is inaccessible, the route is ignored (this is why it is important to have an IGP route to the next hop).

2. The BGP router will prefer the path with the largest weight (weight is a Cisco proprietary parameter).

3. If the weights are the same, the BGP router will prefer the route with the largest local preference.


BGP Decision Making

4. If the routes have the same local preference, the BGP router will prefer the route that was locally originated (originated by this router).

5. If the local preference is the same, the BGP router will prefer the route with the shortest AS_PATH.

6. If the AS_PATH length is the same, the BGP router will prefer the route with the lowest origin type (where IGP is lower than EGP, and EGP is lower than INCOMPLETE).


BGP Decision Making

7. If the origin type is the same, the BGP router will prefer the route with the lowest MED.

8. If the routes have the same MED, the BGP router will prefer the route in the following manner: External (EBGP) is better than confederation external, which is better than IBGP. If the AS_PATH length is the same, the BGP router will prefer the route with the lowest origin type (where IGP is lower than EGP, and EGP is lower than INCOMPLETE).


BGP Decision Making

9. If all the preceding scenarios are identical, the BGP router will prefer the route that can be reached via the closest IGP neighbor—that is, take the shortest internal path inside the AS to reach the destination (follow the shortest path to the BGP NEXT_HOP).

10. If the internal path is the same, the BGP router ID will be a tie breaker. The BGP router will prefer the route coming from the BGP router with the lowest router ID. The router ID is usually the highest IP address on the router or the loopback address.


BGP Peer Groups & Neighbors


neighbor peer-group-name peer-group


This command creates a peer group.

Using a Peer Group

neighbor ip-address peer-group peer-group-name


This command defines a template with parameters set for a group of neighbors instead of individually.

This command is useful when many neighbors have the same outbound policies.

Members can have a different inbound policy. Updates are generated once per peer group. Configuration is simplified.


Example: Using a Peer Group


BGP Neighbor Authentication

BGP authentication uses MD5.

Configure a “key” (password); router generates a message digest, or hash, of the key and the message.

Message digest is sent; key is not sent.

Router generates and checks the MD5 digest of every segment sent on the TCP connection. Router authenticates the source of each routing update packet that it receives

neighbor {ip-address | peer-group-name} password string



Example: BGP Neighbor Authentication


Example: show ip bgp CommandRouterA# show ip bgpBGP table version is 14, local router ID is 172.31.11.1Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S StaleOrigin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path*> 10.1.0.0/24 0.0.0.0 0 32768 i* i 10.1.0.2 0 100 0 i*> 10.1.1.0/24 0.0.0.0 0 32768 i*>i10.1.2.0/24 10.1.0.2 0 100 0 i*> 10.97.97.0/24 172.31.1.3 0 64998 64997 i* 172.31.11.4 0 64999 64997 i* i 172.31.11.4 0 100 0 64999 64997 i*> 10.254.0.0/24 172.31.1.3 0 0 64998 i* 172.31.11.4 0 64999 64998 i* i 172.31.1.3 0 100 0 64998 ir> 172.31.1.0/24 172.31.1.3 0 0 64998 ir 172.31.11.4 0 64999 64998 ir i 172.31.1.3 0 100 0 64998 i*> 172.31.2.0/24 172.31.1.3 0 0 64998 i<output omitted>

Displays networks from lowest to highest.


Self Check

1. What is a peer group?

2. Describe the benefits of peer groups.

3. What type of neighbor authentication does BGP support?

4. What does an * in the first column of output for the show ip bgp command indicate?


BGP Local Preference Case Study


Local Preference Attribute

Paths with highest local preference value are preferred:

Local preference is used to advertise to IBGP neighbors about how to leave their AS.

The local preference is sent to IBGP neighbors only (that is, within AS only).

The local preference attribute is well-known discretionary.

Default value = 100


Changing BGP Local Preference For All Routes

bgp default local-preference value


Changes the default local preference value. All routes advertised to an IBGP neighbor have the

local preference set to the value specified.

Local preference is used in these ways:

Within an AS between IBGP speakers.

To determine the best path to exit theAS to reach an outside network.

Set to 100 by default; higher values are preferred.


What is the best path for router C to 65003, 65004, and 65005?

Local Preference Case Study

30%

20%

10%


Router C BGP Table With Default Settings

RouterC# show ip bgp

BGP table version is 7, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

* i172.16.0.0 172.20.50.1 100 0 65005 65004 65003 i

*>i 192.168.28.1 100 0 65002 65003 i

*>i172.24.0.0 172.20.50.1 100 0 65005 i

* i 192.168.28.1 100 0 65002 65003 65004 65005 i

*>i172.30.0.0 172.20.50.1 100 0 65005 65004 i

* i 192.168.28.1 100 0 65002 65003 65004i

By default, BGP selects the shortest AS path as the best (>) path.

With default behavior only, in AS 65001, the percent of traffic going to 172.24.0.0 is 30%, 172.30.0.0 is 20%, and 172.16.0.0 is 10%.

Currently, 50% of all traffic is going to the next hop of 172.20.50.1 (AS 65005), and 10% of all traffic is going to the next hop of 192.168.28.1 (AS 65002).

Make traffic to 172.30.0.0 select the next hop of 192.168.28.1 to achieve load sharing where both external links get approximately 30% of the load.


Route Map for Router A

router bgp 65001

neighbor 2.2.2.2 remote-as 65001


neighbor 2.2.2.2 remote-as 65001 update-source loopback0

neighbor 3.3.3.3 remote-as 65001 update-source loopback0


neighbor 192.168.28.1 route-map local_pref in

!

access-list 65 permit 172.30.0.0 0.0.255.255

!

route-map local_pref permit 10

match ip address 65

set local-preference 400

!

Router A’s configuration:


Router C BGP Table with Local Preference Learned

RouterC# show ip bgp





* i172.16.0.0 172.20.50.1 100 0 65005 65004 65003 i

*>i 192.168.28.1 100 0 65002 65003 i

*>i172.24.0.0 172.20.50.1 100 0 65005 i

* i 192.168.28.1 100 0 65002 65003 65004 65005 i

* i172.30.0.0 172.20.50.1 100 0 65005 65004 i

*>i 192.168.28.1 400 0 65002 65003 65004i Best (>) paths for networks 172.16.0.0/16 and 172.24.0.0/16 have not changed.

Best (>) path for network 172.30.0.0 has changed to a new next hop of 192.168.28.1 due to the next hop of 192.168.28.1 having a higher local preference, 400.

In AS 65001, the percentage of traffic going to 172.24.0.0 is 30%, 172.30.0.0 is 20%, and 172.16.0.0 is 10%.

30% of all traffic will go to the next hop of 172.20.50.1 (AS 65005), and 30% of all traffic will go to the next hop of 192.168.28.1 (AS 65002).


Self Check

1. What is local preference? How is it used?

2. What is the default value for local preference on Cisco routers?

3. Which values (higher or lower) are preferred for local preference?


BGP MED


The paths with the lowest MED (also called the metric) value are the most desirable: MED is used to advertise to EBGP neighbors how to exit their AS to

reach networks owned by this AS.

MED Attribute

The MED attribute is optional and nontransitive.

In other words, MED is used to tellanother AS how to enter your AS


Changing BGP MED For All Routes

default-metric number


MED is considered the metric of BGP.

All routes that are advertised to an EBGP neighbor are set to the value specified using this command.

MED is used when multiple paths exist between two autonomous systems.

A lower MED value is preferred. The default setting for Cisco is MED = 0. The metric is optional, nontransitive attribute. Usually, MED is shared only between two autonomous

systems that have multiple EBGP connections with each other.

This means it will not be passed toRouters in a different AS


BGP Using Route Maps and the MED

MED attribute is outbound to adjacent AS


Route Map for Router ARouter A’s Configuration:

router bgp 65001



neighbor 2.2.2.2 update-source loopback0



neighbor 192.168.28.1 route-map med_65004 out

!

access-list 66 permit 192.168.25.0.0 0.0.0.255


!

route-map med_65004 permit 10

match ip address 66

set metric 100

!


set metric 200


Route Map for Router B

Router B’s Configuration:

router bgp 65001neighbor 1.1.1.1 remote-as 65001





neighbor 172.20.50.1 route-map med_65004 out

!


!


match ip address 66

set metric 100

!


set metric 200


MED Learned by Router ZRouterZ# show ip bgp





*>i192.168.24.0 172.20.50.2 100 100 0 65001 i

* i 192.168.28.2 200 100 0 65001 i

* i192.168.25.0 172.20.50.2 200 100 0 65001 i

*>i 192.168.28.2 100 100 0 65001 i

* i192.168.26.0 172.20.50.2 200 100 0 65001 i

*>i 192.168.28.2 100 100 0 65001 i

Examine the networks that have been learned from AS 65001 on Router Z in AS 65004.

For all networks: Weight is equal (0); local preference is equal (100); routes are not originated in this AS; AS path is equal (65001); origin code is equal (i).

192.168.24.0 has a lower metric (MED) through 172.20.50.2 (100) than 192.168.28.2 (200).




Consider only (synchronized) routes with no AS loops and a valid next hop, and then: Prefer highest weight (local to router).

Prefer highest local preference (global within AS).

Prefer route originated by the local router (next hop = 0.0.0.0).

Prefer shortest AS path.

Prefer lowest origin code (IGP < EGP < incomplete).

Prefer lowest MED (exchanged between autonomous systems).

Prefer EBGP path over IBGP path.

Prefer the path through the closest IGP neighbor.

Prefer oldest route for EBGP paths.

Prefer the path with the lowest neighbor BGP router ID.

Prefer the path with the lowest neighbor IP address.

Route Selection Decision Process


Self Check

1. Which MED values are most desirable?

2. On a Cisco router, what is the default MED value for each network that an autonomous systems owns and advertises to an EBGP neighbor?

3. How has this been effected by the IETF decision regarding BGP MED?

4. How can a Cisco router be configured to conform to the IETF standard?

5. How many paths does BGP choose for each destination?


Summary BGP is a path-vector routing protocol that allows routing policy

decisions at the AS level to be enforced.

BGP forms EBGP relationships with external neighbors and IBGP with internal neighbors. All routers in the transit path within an AS must run fully-meshed IBGP.

When BGP is properly configured, it will: establish a neighbor relationship, set the next-hop address, set the source IP address of a BGP update, and announce the networks to other BGP routers.

BGP performs a multi-step process when selecting the best path to reach a destination.

BGP can manipulate path selection to affect inbound and outbound traffic policies of an AS. Route maps can be configured in order to manipulate the local preference and MED BGP attributes.


Q and A


Resources

BGP Case Studieshttp://cisco.com/en/US/partner/tech/tk365/technologies_tech_note09186a00800c95bb.shtml

Troubleshooting BGPhttp://cisco.com/en/US/partner/tech/tk365/technologies_tech_note09186a008009478a.shtml


Date post:	12-Jan-2016
Category:	Documents
Upload:	axl
View:	59 times
Download:	5 times

Configuring Basic BGP

Documents