Cisco - BGP Case Studies
Cisco BGP Case Studies
Cisco BGP Case StudiesTable of ContentsBGP Case Studies.1BGP4 Case Studies Section 1.3Contents.3Introduction.3How Does BGP Work?.3eBGP and iBGP.3Enabling BGP Routing.4Forming BGP Neighbors.4BGP and Loopback Interfaces.6eBGP Multihop.7eBGP Multihop (Load Balancing).7Route Maps.8Network Command.11Redistribution.12Static Routes and Redistribution.13iBGP.15The BGP Decision Algorithm.16BGP4 Case Studies Section 2.17Contents.17As path Attribute.17Origin Attribute.18BGP Nexthop Attribute.19BGP Nexthop (Multiaccess Networks).20BGP Nexthop (NBMA).20Nexthopself.21BGP Backdoor.21Synchronization.23Disabling Synchronization.24Weight Attribute.25Local Preference Attribute.26Metric Attribute.27Community Attribute.29BGP4 Case Studies Section 3.31Contents.31BGP Filtering.31Route Filtering.31Path Filtering.32BGP Community Filtering.33AS Regular Expression.34BGP Neighbors and Route Maps.36Use of set as path prepend Command.37BGP Peer Groups.38BGP4 Case Studies Section 4.40Contents.40i
Cisco BGP Case StudiesTable of ContentsCIDR and Aggregate Addresses.40Aggregate Commands.41CIDR Example 1.42CIDR Example 2 (as set).43BGP Confederation.44Route Reflectors.46Multiple RRs within a Cluster.48RR and Conventional BGP Speakers.50Avoiding Looping of Routing Information.51Route Flap Dampening.51How BGP Selects a Path.54BGP4 Case Studies Section 5.55Practical Design Example.55ii
BGP Case StudiesThis document contains the following BGP case studies:BGP Case Studies Section 1IntroductioneBGP and iBGPEnabling BGP RoutingForming BGP NeighborsBGP and Loopback InterfaceseBGP MultihopRoute MapsNetwork CommandiBGPBGP4 Case Studies Section 2AS path AttributeOrigin AttributeBGP Nexthop AttributeBGP BackdoorSynchronizationWeight AttributeLocal Preference AttributeMetric AttributeCommunity AttributeBGP4 Case Studies Section 3BGP FilteringAS Regular ExpressionBGP Neighbors and Route MapsBGP4 Case Studies Section 4CIDR and Aggregate AddressesBGP ConfederationRoute ReflectorsRoute Flap DampeningHow BGP Selects a PathBGP4 Case Studies Section 5Practical Design ExampleGo to next sectionCisco Systems TAC CertifiedAll contents are Copyright 1992 2001 Cisco Systems Inc. All rights reserved. Important Notices and Privacy Statement.Cisco BGP Case Studies
Cisco BGP Case Studies
BGP4 Case Studies Section 1ContentsIntroductioneBGP and iBGPEnabling BGP RoutingForming BGP NeighborsBGP and Loopback InterfaceseBGP MultihopRoute MapsNetwork CommandiBGPIntroductionThe Border Gateway Protocol (BGP), defined in RFC 1771 , allows you to create loop free interdomainrouting between autonomous systems (AS). An AS is a set of routers under a single technical administration.Routers in an AS can use multiple interior gateway protocols to exchange routing information inside the ASand an exterior gateway protocol to route packets outside the AS.How Does BGP Work?BGP uses TCP as its transport protocol (port 179). Two BGP routers form a TCP connection between oneanother (peer routers) and exchange messages to open and confirm the connection parameters.BGP routers exchange network reachability information. This information is mainly an indication of the fullpaths (BGP AS numbers) that a route should take in order to reach the destination network. This informationhelps in constructing a graph of ASs that are loop free and where routing policies can be applied in order toenforce some restrictions on the routing behavior.Any two routers that have formed a TCP connection in order to exchange BGP routing information are calledpeers, or neighbors. BGP peers initially exchange their full BGP routing tables. After this exchange,incremental updates are sent as the routing table changes. BGP keeps a version number of the BGP table,which should be the same for all of its BGP peers. The version number changes whenever BGP updates thetable due to routing information changes. Keepalive packets are sent to ensure that the connection is alivebetween the BGP peers and notification packets are sent in response to errors or special conditions.eBGP and iBGPIf an AS has multiple BGP speakers, it could be used as a transit service for other ASs. As you see below,AS200 is a transit AS for AS100 and AS300.It is necessary to ensure reachability for networks within an AS before sending the information to externalASs. This is done by a combination of internal BGP (iBGP) peering between routers inside an AS and byredistributing BGP information to Internal Gateway Protocols (IGPs) running in the AS.Cisco BGP Case Studies
As far as this paper is concerned, when BGP is running between routers belonging to two different ASs, wecall this exterior BGP (eBGP). When BGP is running between routers in the same AS, we call this iBGP.Enabling BGP RoutingUse these steps to enable and configure BGP.Let's assume you want to have two routers, RTA and RTB, talk BGP. In the first example RTA and RTB arein different ASs and in the second example both routers belong to the same AS.We start by defining the router process and the AS number to which the routers belong. Use this command toenable BGP on a router:router bgp autonomous systemRTA#router bgp 100RTB#router bgp 200The above statements indicate that RTA is running BGP and it belongs to AS100 and RTB is running BGPand it belongs to AS200.The next step in the configuration process is to define BGP neighbors, which indicates the routers that aretrying to talk BGP.Forming BGP NeighborsTwo BGP routers become neighbors once they establish a TCP connection between each other. The TCPconnection is essential in order for the two peer routers to start exchanging routing updates.Once the TCP connection is up, the routers send open messages in order to exchange values such as the ASnumber, the BGP version they're running, the BGP router ID and the keepalive hold time. After these valuesare confirmed and accepted the neighbor connection is established. Any state other than "established" is anindication that the two routers didn't become neighbors, and BGP updates won't be exchanged.Use this neighbor command to establish a TCP connection:neighbor ip address remote as numberCisco BGP Case Studies
The remote as number is the AS number of the router we're trying to connect to using BGP. Theip address is the next hop directly connected address for eBGP and any IP address on the other router foriBGP.It's essential that the two IP addresses used in the neighbor command of the peer routers be able to reach oneanother. One sure way to verify reachability is an extended ping between the two IP addresses. The extendedping forces the pinging router to use as source the IP address specified in the neighbor command rather thanthe IP address of the interface the packet is going out from.It is important to reset the neighbor connection in case any BGP configuration changes are made in order forthe new parameters to take effect.clear ip bgp address (where address is the neighbor address)clear ip bgp * (clear all neighbor connections)By default, BGP sessions begin using BGP version 4 and negotiating downward to earlier versions ifnecessary. To prevent negotiations and force the BGP version used to communicate with a neighbor, performthe following task in router configuration mode:neighbor {ip address peer group name} version valueAn example of the neighbor command configuration follows:RTA#router bgp 100neighbor 129.213.1.1 remote as 200RTB#router bgp 200neighbor 129.213.1.2 remote as 100neighbor 175.220.1.2 remote as 200RTC#router bgp 200neighbor 175.220.212.1 remote as 200In the above example RTA and RTB are running eBGP. RTB and RTC are running iBGP. The differenceCisco BGP Case Studies
between eBGP and iBGP is manifested by having the remote as number pointing to either an external or aninternal AS.Also, the eBGP peers are directly connected while the iBGP peers are not. iBGP routers don't have to bedirectly connected, as long as there is some IGP running that allows the two neighbors to reach one another.The following is an example of the information that the show ip bgp neighbors command displays. Payspecial attention to the BGP state, since anything other than state "established" indicates the peers aren't up.You should also note the BGP version is 4, the remote router ID (highest IP address on the router or thehighest loopback interface in case it exists) and the table version (this is the state of the table, any time newinformation comes in, the table increases the version and a version that keeps incrementing indicates thatsome route is flapping causing routes to continuously be updated).#show ip bgp neighborsBGP neighbor is 129.213.1.1, remote AS 200, external linkBGP version 4, remote router ID 175.220.12.1BGP state Established, table version 3, up for 0:10:59Last read 0:00:29, hold time is 180, keepalive interval is 60 secondsMinimum time between advertisement runs is 30 secondsReceived 2828 messages, 0 notifications, 0 in queueSent 2826 messages, 0 notifications, 0 in queueConnections established 11; dropped 10BGP and Loopback InterfacesUsing a loopback interface to define neighbors is common with iBGP, but not with eBGP. Normally theloopback interface is used to make sure the IP address of the neighbor stays up and is independent ofhardware functioning properly. In the case of eBGP, peer routers are frequently directly connected andloopback doesn't apply.If you use the IP address of a loopback interface in the neighbor command, you need some extraconfiguration on the neighbor router. The neighbor router needs to tell BGP it's using a loopback interfacerather than a physical interface to initiate the BGP neighbor TCP connection. The command used to indicatea loopback interface is:neighbor ip address update source interfaceThe following example illustrates the use of this command.RTA#router bgp 100neighbor 190.225.11.1 remote as 100neighbor 190.225.11.1 update source loopback 1RTB#Cisco BGP Case Studies
router bgp 100neighbor 150.212.1.1 remote as 100In the above example, RTA and RTB are running iBGP inside AS 100. RTB is using in itsneighbor command the loopback interface of RTA (150.212.1.1); in this case RTA has to force BGP to usethe loopback IP address as the source in the TCP neighbor connection. RTA does this by adding theupdate source int loopback configuration (neighbor 190.225.11.1 update source loopback 1) and thisstatement forces BGP to use the IP address of its loopback interface when talking to neighbor 190.225.11.1.Note that RTA has used the physical interface IP address (190.225.11.1) of RTB as a neighbor, which is whyRTB doesn't need any special configuration.eBGP MultihopIn some cases, a Cisco router can run eBGP with a third party router that doesn't allow the two external peersto be directly connected. To achieve this, you can use eBGP multihop, which allows the neighbor connectionto be established between two non directly connected external peers. The multihop is used only for eBGPand not for iBGP. The following example illustrates of eBGP multihop.RTA#router bgp 100neighbor 180.225.11.1 remote as 300neighbor 180.225.11.1 ebgp multihopRTB#router bgp 300neighbor 129.213.1.2 remote as 100RTA is indicating an external neighbor that isn't directly connected. RTA needs to indicate that it's usingebgp multihop. On the other hand, RTB is indicating a neighbor that is directly connected (129.213.1.2),which is why it doesn't need the ebgp multihop command. You should also configure an IGP or staticrouting to allow the non connected neighbors to reach each other.The following example shows how to achieve load balancing with BGP in a particular case where we haveeBGP over parallel lines.eBGP Multihop (Load Balancing)Cisco BGP Case Studies
RTA#int loopback 0ip address 150.10.1.1 255.255.255.0router bgp 100neighbor 160.10.1.1 remote as 200neighbor 160.10.1.1 ebgp multihopneighbor 160.10.1.1 update source loopback 0network 150.10.0.0ip route 160.10.0.0 255.255.0.0 1.1.1.2ip route 160.10.0.0 255.255.0.0 2.2.2.2RTB#int loopback 0ip address 160.10.1.1 255.255.255.0router bgp 200neighbor 150.10.1.1 remote as 100neighbor 150.10.1.1 update source loopback 0neighbor 150.10.1.1 ebgp multihopnetwork 160.10.0.0ip route 150.10.0.0 255.255.0.0 1.1.1.1ip route 150.10.0.0 255.255.0.0 2.2.2.1The above example illustrates the use of loopback interfaces, update source and ebgp multihop. This is aworkaround in order to achieve load balancing between two eBGP speakers over parallel serial lines. Innormal situations, BGP picks one of the lines to send packets on, and load balancing wouldn't happen. Byintroducing loopback interfaces, the next hop for eBGP is the loopback interface. We use static routes (wecould also use an IGP) to introduce two equal cost paths to reach the destination. RTA has two choices toreach next hop 160.10.1.1: one via 1.1.1.2 and the other one via 2.2.2.2, and the same for RTB.Route MapsAt this point I would like to introduce route maps because they will be used heavily with BGP. In the BGPcontext, route map is a method used to control and modify routing information. This is done by defini
hardware functioning properly. In the case of eBGP, peer routers are frequently directly connected and loopback doesn't apply. If you use the IP address of a loopback interface in the neighbor command, you need some extra configuration on the neighbor router. The neighbor router needs to tell BGP it's using a loopback interface
A "BGP peer," also known as a "BGP neighbor," is a specific term that is us ed for BGP speakers that have established a neighbor relationship. Any two routers that have formed a TCP connection to exchange BGP routing information are called BGP peers or BGP neighbors. BGP peer must be configured with a BGP neighbor command. External BGP
If there are any BGP configuration changes, you must reset the neighbor connection to allow the new parameters to take effect. clear ip bgp address Note: The address is the neighbor address. clear ip bgp * This command clears all neighbor connections. By default, BGP sessions begin with the use of BGP version 4 and negotiate downward to earlier
Cisco IOS IP Routing: BGP Command Reference March 2011. Introduction. This book describes the commands used to configure and monitor Border Gateway Protocol (BGP) routing capabilities and features. For BGP configuration information and examples, refer to the . Cisco IOS IP Routing: BGP Configuration Guide.
BGP support for the L2VPN Address Family BGP - Add Path Support BGP - Remove/Replace Private AS Filter BGP VPLS auto discovery support on route reflector BGP selective FIB install ISO specification of IS-IS Use of OSI IS-IS for Routing in TCP/IP and Dual Environments ISIS for MPLS BGP VPN Open
Cisco ASA 5505 Cisco ASA 5505SP Cisco ASA 5510 Cisco ASA 5510SP Cisco ASA 5520 Cisco ASA 5520 VPN Cisco ASA 5540 Cisco ASA 5540 VPN Premium Cisco ASA 5540 VPN Cisco ASA 5550 Cisco ASA 5580-20 Cisco ASA 5580-40 Cisco ASA 5585-X Cisco ASA w/ AIP-SSM Cisco ASA w/ CSC-SSM Cisco C7600 Ser
Show Commands show bgp community-list 750 Cisco Nexus 7000 Series NX-OS Unicast Routing Command Reference OL-25807-03 show bgp community-list To display Border Gateway Protocol (BGP) routes that match a community list, use the show bgp community-list command. show bgp {{ipv4 ipv6} {unicast multicast} all} community-list commlist-name [exact-match] [vrf vrf-name]
Supported Devices - Cisco SiSi NetFlow supported Cisco devices Cisco Catalyst 3560 Cisco 800 Cisco 7200 Cisco Catalyst 3750 Cisco 1800 Cisco 7600 Cisco Catalyst 4500 Cisco 1900 Cisco 12000 Cisco Catalyst 6500 Cisco 2800 Cisco ASR se
Cisco Nexus 1000V Cisco Nexus 1010 Cisco Nexus 4000 Cisco MDS 9100 Series Cisco Nexus 5000 Cisco Nexus 2000 Cisco Nexus 6000 Cisco MDS 9250i Multiservice Switch Cisco MDS 9700 Series Cisco Nexus 7000/7700 Cisco Nexus 3500 and 3000 CISCO NX-OS: From Hypervisor to Core CISCO DCNM: Single
