© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Configuring Basic BGP BSCI Module 6.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 2 Objectives  Describe various databases and messages used in BGP.  Describe how to configure a BGP session for external and internal neighboring routers.  Describe how to administratively shutdown a BGP neighbor.  Describe EBGP peering.  Describe BGP Established and Idle states.  Identify problems associated with a router remaining in Active states.  Configure BGP peer groups.  Configure BGP authentication.  Troubleshoot BGP sessions  Describe how to use the debug ip debug command.  Describe how to use the BGP Local Preference attribute.  Describe how to configure route maps using the BGP MED attribute.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 3 Purpose of this Lesson Coverage of topics new to the “BGP” module of BSCI.  What’s new in this module? Description of various databases used in BGP. Description of the types of messages exchanged by BGP. Description of how to configure a BGP session for external and internal neighboring routers. Description of how to administratively shutdown a BGP neighbor. Description of EBGP peering. Description of BGP Established and Idle states. Description of problems associated with a router remaining in Active states. Configuring BGP peer groups.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 4 Purpose of this Lesson (Cont.) Coverage of topics new to the “BGP” module of BSCI.  What’s new in this module? Configuring BGP authentication. Description of how to troubleshoot BGP Steps to clear a BGP session Description of the process to perform a hard reset of BGP session. Description of the process to perform the soft reset of BGP session. Function of the debug IP debug command. Description of how to use the BGP Local Preference attribute. Description of how to configure route maps using the BGP MED attribute.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 6 BSCI Module 6 BGP (review)  An AS is a collection of networks under a single technical administration.  IGPs operate within an AS.  BGP is used between autonomous systems.  Exchange of loop-free routing information is guaranteed.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 7 BSCI Module 6 BGP (review)  An AS is a group of routers that share similar routing policies and operate within a single administrative domain.  An AS can be a collection of routers running a single IGP, or it can be a collection of routers running different protocols all belonging to one organization.  In either case, the outside world views the entire Autonomous System as a single entity. Review from CCNP 1 Advanced Routing 3.1

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 8 BSCI Module 6 BGP (review)  Internet Assigned Numbers Authority (IANA) is enforcing a policy whereby organizations that connect to a single provider and share the provider's routing policies use an AS number from the private pool, 64,512 to 65,535. AS numbers are a two byte number from 1 – 65,535 AS numbers 64,512 – 65,535 are private AS numbers  These private AS numbers appear only within the provider's network and are replaced by the provider's registered number upon exiting the network. Review from CCNP 1 Advanced Routing 3.1

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 9 BSCI Module 6 BGP (review)  When two routers establish a TCP enabled BGP connection, they are called neighbors or peers. BGP uses TCP 179  Each router running BGP is called a BGP speaker.  Peer routers exchange multiple messages to open and confirm the connection parameters, such as the version of BGP to be used.  If there are any disagreements between the peers, notification errors are sent and the connection fails. Review from CCNP 1 Advanced Routing 3.1

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 10 BSCI Module 6 BGP  When BGP neighbors first establish a connection, they exchange all candidate BGP routes.  After this initial exchange, incremental updates are sent as network information changes.  Incremental updates are more efficient than complete table updates.  This is especially true with BGP routers, which may contain the complete Internet routing table. Review from CCNP 1 Advanced Routing 3.1

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 11 Self Check 1.What is an Autonomous System (AS)? 2.How are updates handled after the initial exchange? 3.What are routers called when they have established a TCP enabled BGP connection? 4.What is the major difference between an IGP and an EGP? 5.Give examples of IGP and EGP routing protocols.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 13 BGP Databases  Neighbor table List of BGP neighbors  BGP table (forwarding database) List of all networks learned from each neighbor Can contain multiple paths to destination networks Contains BGP attributes for each path  IP routing table List of best paths to destination networks

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 14 BGP Message Types BGP defines the following message types:  Open Includes holdtime and BGP router ID  Keepalive  Update Information for one path only (could be to multiple networks) Includes path attributes and networks  Notification When error is detected BGP connection is closed after being sent

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 15 Open Message  Open Message – This message is used to establish connections with peers and includes fields for the BGP version number, the AS number, hold time, and Router ID.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 16 Keepalive Message  Keepalive Message – This message type is sent periodically between peers to maintain connections and verify paths held by the router sending the keepalive.  If the periodic timer is set to a value of zero (0), no keepalives are sent. The recommended keepalive interval is one third of the hold time interval. The keepalive message is a 19-byte BGP message header with no data following it.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 18 Update Message  Update Message – The update messages contain all the information BGP uses to construct a loop free picture of the internetwork.  There are three basic components of an update message. 1.Network-Layer Reachability Information (NLRI) 2.Path Attributes 3.Withdrawn Routes

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 19 Peers = Neighbors  A “BGP peer,” also known as a “BGP neighbor,” is a specific term that is used for BGP speakers that have established a neighbor relationship.  Any two routers that have formed a TCP connection to exchange BGP routing information are called BGP peers or BGP neighbors.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 20 External BGP – EBGP  When BGP is running between neighbors that belong to different autonomous systems, it is called EBGP.  EBGP neighbors, by default, need to be directly connected.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 21 Internal BGP – IBGP  When BGP is running between neighbors within the same AS, it is called IBGP.  The neighbors do not have to be directly connected.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 22 Self Check 1.What are the 4 BGP message types? 2.How is a notification message used? 3.How is the BGP neighbor command used? 4.What is EBGP? 5.What is IBGP

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 24 BGP Commands router bgp autonomous-system Router(config)#  This command just enters router configuration mode; subcommands must be entered in order to activate BGP.  Only one instance of BGP can be configured on the router at a single time.  The autonomous system number identifies the autonomous system to which the router belongs.  The autonomous system number in this command is compared to the autonomous system numbers listed in neighbor statements to determine if the neighbor is an internal or external neighbor.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 25 BGP neighbor remote-as Command neighbor {ip-address | peer-group-name} remote-as autonomous-system Router(config-router)#  The neighbor command activates a BGP session with this neighbor.  The IP address that is specified is the destination address of BGP packets going to this neighbor.  This router must have an IP path to reach this neighbor before it can set up a BGP relationship.  The remote-as shows what AS this neighbor is in. This AS number is used to determine if the neighbor is internal or external.  This command is used for both external and internal neighbors.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 27 BGP neighbor shutdown Command neighbor {ip-address | peer-group-name} shutdown Router(config-router)# no neighbor {ip-address | peer-group-name} shutdown Router(config-router)#  Administratively brings down a BGP neighbor  Used for maintenance and policy changes to prevent route flapping  Re-enables a BGP neighbor that has been administratively shut down

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 28 BGP neighbor update-source Command neighbor {ip-address | peer-group-name} update-source interface-type interface-number Router(config-router)#  This command allows the BGP process to use the IP address of a specified interface as the source IP address of all BGP updates to that neighbor.  A loopback interface is usually used, because it will be available as long as the router is operational.  The IP address used in the neighbor command on the other router will be the destination IP address of all BGP updates and should be the loopback interface of that router.  The neighbor update-source command is normally used only with IBGP neighbors.  The address of an EBGP neighbor must be directly connected by default; the loopback of an EBGP neighbor is not directly connected.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 30 BGP neighbor ebgp-multihop Command neighbor {ip-address | peer-group-name} ebgp-multihop [ttl] Router(config-router)#  This command increases the default of one hop for EBGP peers.  It allows routes to the EBGP loopback address (which will have a hop count greater than 1) or if the EBGP neighbor is more than one hop away. The neighbor ebgp multihop Command Parameters  ip-address is the IP address of the BGP-speaking neighbor.  peer-group-name is the Name of a BGP peer group.  ttl (Optional) TTL in the range from 1 to 255 hops

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 32 EBGP Multihop RTW(config)#router bgp 200 RTW(config-router)#neighbor 1.1.1.2 remote-as 300 RTW(config-router)#neighbor 1.1.1.2 ebgp-multihop 2 RTU(config)#router bgp 300 RTU(config-router)#neighbor 2.2.2.1 remote-as 200 RTU(config-router)#neighbor 2.2.2.1 ebgp-multihop 2 AS 200 AS 300 2.2.2.0/30 1.1.1.0/30

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 33 Example: BGP Peering RouterA# show ip bgp summary BGP router identifier 10.1.1.1, local AS number 65001 BGP table version is 124, main routing table version 124 9 network entries using 1053 bytes of memory 22 path entries using 1144 bytes of memory 12/5 BGP path/bestpath attribute entries using 1488 bytes of memory 6 BGP AS-PATH entries using 144 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 3829 total bytes of memory BGP activity 58/49 prefixes, 72/50 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 10.1.0.2 4 65001 11 11 124 0 0 00:02:28 8 172.31.1.3 4 64998 21 18 124 0 0 00:01:13 6 172.31.11.4 4 64999 11 10 124 0 0 00:01:11 6

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 34 Self Check 1.How many instances of BGP can be configured on the router at a single time? 2.What command is used to administratively shut down a BGP neighbor? 3.What is the default source address used in a BGP update packet exiting a router? 4.What steps should be taken in order to use a loopback interface for an external neighbor instead of a directly connected interface?

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 36 BGP States When establishing a BGP session, BGP goes through the following steps:  Idle: Router is searching routing table to see if a route exists to reach the neighbor.  Connect: Router found a route to the neighbor and has completed the three-way TCP handshake.  Open sent: Open message sent, with the parameters for the BGP session.  Open confirm: Router received agreement on the parameters for establishing session. Alternatively, router goes into Active state if no response to open message  Established: Peering is established; routing begins.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 37 BGP Established and Idle States  Idle: The router in this state cannot find the address of the neighbor in the routing table. Check for an IGP problem. Is the neighbor announcing the route?  Established: The established state is the proper state for BGP operations.  In the show ip bgp summary command, if the state column has a number, then the route is in the established state. The number is how many routes have been learned from this neighbor.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 38 RouterA#sh ip bgp neighbors BGP neighbor is 172.31.1.3, remote AS 64998, external link BGP version 4, remote router ID 172.31.2.3 BGP state = Established, up for 00:19:10 Last read 00:00:10, last write 00:00:10, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old & new) Address family IPv4 Unicast: advertised and received Message statistics: InQ depth is 0 OutQ depth is 0 Sent Rcvd Opens: 7 7 Notifications: 0 0 Updates: 13 38 Example: show ip bgp neighbors Command

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 39 BGP Active State Troubleshooting  Active: The router has sent out an open packet and is waiting for a response.  The state may cycle between active and idle. The neighbor may not know how to get back to this router because of the following reasons: 1.Neighbor does not have a route to the source IP address of the BGP open packet generated by this router 2.Neighbor peering with the wrong address 3.Neighbor does not have a neighbor statement for this router 4.AS number misconfiguration

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 40 Example: BGP Active State Troubleshooting AS number misconfiguration:  At the router with the wrong remote-as number: %BGP-3-NOTIFICATION: sent to neighbor 172.31.1.3 2/2 (peer in wrong AS) 2 bytes FDE6 FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 FDE6 00B4 AC1F 0203 1002 0601 0400 0100 0102 0280 0002 0202 00  At the remote router: %BGP-3-NOTIFICATION: received from neighbor 172.31.1.1 2/2 (peer in wrong AS) 2 bytes FDE6

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 41 Activity Lab 6-1 Configuring BGP with Default Routing  Learning Objective: In this lab, you will configure BGP to exchange routing information with two Internet Service Providers (ISPs).

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 42 Self Check 1.What are the 5 states that routers go through when establishing a BGP session? 2.What does the idle state indicate? 3.What command is used to display information about BGP connections to neighbors? 4.What is the most common reason that the BGP state toggles between idle and active?

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 44 Clearing the BGP Session  When policies such as access lists or attributes are changed, the change takes effect immediately, and the next time that a prefix or path is advertised or received, the new policy will be used. It can take a long time for the policy to be applied to all networks  You must trigger an update to ensure that the policy is immediately applied to all affected prefixes and paths.  Ways to trigger an update: Hard reset Soft reset Route refresh

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 45 clear ip bgp * Router#  Resets all BGP connections with this router.  Entire BGP forwarding table is discarded.  BGP session makes the transition from established to idle; everything must be relearned. Hard Reset of BGP Sessions clear ip bgp [neighbor-address] Router#  Resets only a single neighbor.  BGP session makes the transition from established to idle; everything from this neighbor must be relearned.  Less severe than clear ip bgp *.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 46 Soft Reset Outbound clear ip bgp {*|neighbor-address} [soft out] Router#  Routes learned from this neighbor are not lost.  This router resends all BGP information to the neighbor without resetting the connection.  The connection remains established.  This option is highly recommended when you are changing outbound policy.  The soft out option does not help if you are changing inbound policy.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 47 Inbound Soft Reset neighbor [ip-address] soft-reconfiguration inbound Router(config-router)#  This router stores all updates from this neighbor in case the inbound policy is changed.  The command is memory-intensive. clear ip bgp {*|neighbor-address} soft in Router#  Uses the stored information to generate new inbound updates.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 48 clear ip bgp {*|neighbor-address} [soft in | in] Router#  Routes advertised to this neighbor are not withdrawn.  Does not store update information locally.  The connection remains established.  Introduced in IOS 12.0(2)S and 12.0(6)T Route Refresh: Dynamic Inbound Soft Reset

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 49 debug ip bgp updates Command RouterA#debug ip bgp updates Mobile router debugging is on for address family: IPv4 Unicast RouterA#clear ip bgp 10.1.0.2 *Feb 24 11:06:41.309: %BGP-5-ADJCHANGE: neighbor 10.1.0.2 Up *Feb 24 11:06:41.309: BGP(0): 10.1.0.2 send UPDATE (format) 10.1.1.0/24, next 10.1.0.1, metric 0, path Local *Feb 24 11:06:41.309: BGP(0): 10.1.0.2 send UPDATE (prepend, chgflags: 0x0) 10.1.0.0/24, next 10.1.0.1, metric 0, path Local *Feb 24 11:06:41.309: BGP(0): 10.1.0.2 NEXT_HOP part 1 net 10.97.97.0/24, next 172.31.11.4 *Feb 24 11:06:41.309: BGP(0): 10.1.0.2 send UPDATE (format) 10.97.97.0/24, next 172.31.11.4, metric 0, path 64999 64997 *Feb 24 11:06:41.309: BGP(0): 10.1.0.2 NEXT_HOP part 1 net 172.31.22.0/24, next 172.31.11.4 *Feb 24 11:06:41.309: BGP(0): 10.1.0.2 send UPDATE (format) 172.31.22.0/24, next 172.31.11.4, metric 0, path 64999 *Feb 24 11:06:41.349: BGP(0): 10.1.0.2 rcvd UPDATE w/ attr: nexthop 10.1.0.2, origin i, localpref 100, metric 0 *Feb 24 11:06:41.349: BGP(0): 10.1.0.2 rcvd 10.1.2.0/24 *Feb 24 11:06:41.349: BGP(0): 10.1.0.2 rcvd 10.1.0.0/24

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 50 Self Check 1.List 3 ways to trigger an update. 2.What does a hard reset do? 3.How are the clear ip bgp * and the clear ip bgp [neighbor-address] commands different. 4.How should the soft out option be used?

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 52 Controlling BGP Routing with Attributes  Common BGP Attributes (attribute-code) Origin (1) AS_Path (2) Next Hop (3) Multiple Exit Discriminator (MED) (4) Local Preference (5) Atomic Aggregate (6) Aggregator (7) Community (Cisco-defined) (8) Originator-ID (Cisco-defined) (9) Cluster list (Cisco-defined) (10) Weight

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 53 BGP Operation – AS_PATH Public AS numbers range between 1 and 64511 and the private AS numbers between 64512 and 65535. 500 AS Path = 200 100 400 300 800

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 55 BGP Operation  The connection between any two systems forms a path, and the collection of path information expressed as a sequence of AS numbers (called the AS_PATH).  This sequence forms a route to reach a specific destination. –All things being equal, BGP prefers routes with shorter AS paths.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 56 NEXT_HOP Attribute  The next hop attribute is a well-known mandatory attribute, type code 3.  For EBGP sessions, the next hop is the IP address of the neighbor that announced the route. For routes injected into the AS by way of EBGP, the next hop learned from EBGP is carried unaltered into IBGP.  For IBGP sessions, where routes originated inside the AS the next- hop is the IP address of the neighbor that announced the route.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 59 BGP Attributes: Next Hop Example  The NEXT_HOP is not necessarily reachable via a direct connection. –RTA’s next-hop for 128.213.1.0/24 is 1.1.1.1, but reaching it requires a pathway through 3.3.3.3.  Thus, the next-hop behavior mandates a recursive IP routing table lookup for a router to know where to send the packet.  To reach the NEXT_HOP 1.1.1.1, RTA will consult its IGP routing table to see if, and how, 1.1.1.1 is reachable. This recursive search continues until the router associates destination 1.1.1.1 with an outgoing interface.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 60 Next Hop and Multiaccess Nets  Recall that a network link is considered multi-access if more than two hosts can potentially connect to it.  Routers on a multi-access link share the same IP subnet, and can physically access all other connected routers in one hop.  Ethernet, Frame Relay, and ATM are examples of multi- access media.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 61 NEXT_HOP Multiaccess  On a Multiaccess environment such as Ethernet or Frame Relay, the next hop will be the interface connected to the media that originated the route.  The ‘next-hop-self’ keyword forces the router to advertise itself as the next hop if needed. next-hop-self is generally used for NBMA networks like Frame Relay.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 62 Next Hop and Multiaccess Nets  BGP speakers always advertise the actual source of the route if the source is on the same multi-access link as the speaker.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 64 Example Explained  RTA, RTB, and RTC share a common multi-access media. –RTA and RTC are running EBGP, while RTC and RTB are running OSPF. –RTC has learned network 11.11.11.0/24 from RTB via OSPF and is advertising it to RTA via EBGP. –The correct behavior is for RTA to consider RTB (10.10.10.3) as the next hop because RTB shares the same media with RTC. This is also the default behavior of EBGP, to use the existing next hop IP address

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 65 Next Hop and NBMA  If the media is broadcast, such as Ethernet and FDDI, physical connectivity is a given and the NEXT_HOP behavior is no problem.  If the media is non-broadcast, such as Frame Relay and ATM, problems can arise.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 67 Next Hop and NBMA  RTA gets a BGP routing update about 11.11.11.0/24 from RTC and would try to use RTB (10.10.10.3) as the next hop (the same behavior as on multi-access media).  Routing will fail because no virtual circuit exists between RTA and RTB.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 68 Next Hop and NBMA  Cisco IOS supports a special case parameter that remedies this situation.  The ‘next-hop-self’ command forces the router (in this case, RTC) to advertise 11.11.11.0/24 with itself as the next hop (10.10.10.2).  RTA would then direct its traffic to RTC to reach destination 11.11.11.0/24.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 69 next-hop-self Router(config-router)#neighbor IP-address next-hop-self Soooooooo… RTC(config-router)#neighbor 10.10.10.1 next-hop-self

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 71 The Aggregator Attribute  A well-known discretionary attribute, type code 7.  Enabling ISP administrators to determine which BGP router is responsible for a particular instance of aggregation. –The AGGREGATOR attribute indicates the local router as the device that has done the aggregating (summarizing). “I did the aggregating” –The ATOMIC_AGGREGATE attributes says who did the aggregating. “He did the aggregating”

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 72 ATOMIC_AGGREGATE  The ATOMIC_AGGREGATE is a well-know discretionary attribute (type code 6). The ATOMIC_AGGREGATE attribute is set to either “True” or “False.”

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 73 ATOMIC_AGGREGATE  If true, this attribute alerts BGP routers that multiple destinations have been grouped into a single update.  In other words, the BGP router that sent the update had a more specific route to the destination, but did not send it.  ATOMIC_AGGREGATE warns receiving routers that the information they are receiving is not necessarily the most complete route information available. –More specific routes exist and not all of the AS numbers in the AS_PATH are included

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 74 ATOMIC_AGGREGATE You can manually configure BGP to summarize routes by using the aggregate-address command, which has the following syntax: Router(config-router)#aggregate-address address mask [as- set] [summary-only] [suppress-map map-name][advertise- map map-name] [attribute-map map-name]

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 75 ATOMIC_AGGREGATE – Summarization RTA(config)#router bgp 300 RTA(config-router)#neighbor 3.3.3.3 remote-as 200 RTA(config-router)#neighbor 2.2.2.2 remote-as 100 RTA(config-router)#network 160.10.0.0 RTA(config-router)#aggregate-address 160.0.0.0 255.0.0.0

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 76 AGGREGATOR  AGGREGATOR is a well-known discretionary attribute (type code 7).  When configuring address aggregation, you can also configure the router to include its router ID and local AS number along with the supernet route.  This attribute allows ISP administrators to determine which BGP router is responsible for a particular instance of aggregation.  Tracing a supernet to its original “ aggregator ” may be necessary for troubleshooting purposes.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 77 LOCAL_PREFERENCE  Local Preference is a well-known discretionary attribute, type code 5.  The Local Preference attribute is a degree of preference given to a route for comparison with other routes for the same destination Higher Local Preference values are preferred. Local Preference is local to the AS and is exchanged between IBGP peers only.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 79 Local Preference Configuration SanJose(config)#route-map SECONDARY_T1 permit 10 SanJose(config-route-map)#set local-preference 200 SanJose(config-route-map)#exit SanJose(config)#router bgp 256 SanJose(config-router)#neighbor 192.168.1.5 route-map SECONDARY_T1 in LA(config)#route-map PRIMARY_T3 permit 10 LA(config-route-map)#set local-preference 300 LA(config-route-map)#router bgp 256 LA(config-router)#neighbor 192.168.1.1 route-map PRIMARY_T3 in

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 80 Weight Attribute  The Weight attribute is similar to the Local Preference attribute in that it gives higher preference to the route that has a higher weight.  The difference is that the weight parameter is local to the router and is not exchanged between routers. –The weight parameter influences routes coming from different providers to the same router

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 82 Multi-Exit-Discriminator  The Multiple-exit-discriminator (MED) attribute is an optional nontransitive attribute, type code 4.  MED informs external neighbors about the preferred path into an AS that has multiple entry points. A lower MED is preferred over a higher MED  Unlike Local Preference, the MED attribute is exchanged between autonomous systems,

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 83 The Multiple Exit Discriminator Attribute The SF router will prefer the route to ANET via the SJ router b/c it has a lower metric (MED) than the LA router. The metric from the NY router will not be considered for ANET b/c it is from a different AS.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 85 MED Configuration RTC(config)#route-map PRIMARY_T1_MED permit 10 RTC(config-route-map)#set Metric 120 RTC(config-route-map)#exit RTC(config)#router bgp 300 RTC(config-router)#neighbor 192.168.1.5 route-map PRIMARY_T1_MED out RTD(config)#route-map SECONDARY_T1_MED permit 10 RTD(config-route-map)#set Metric 200 RTD(config-route-map)#exit RTD(config)#router bgp 300 RTD (config-router)#neighbor 192.168.1.1 route-map SECONDARY_T1_MED out

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 86 The Origin Attribute  IGP – The prefix is internal to the originating AS.  EGP – The prefix was learned by way of some EGP, such as BGP.  Incomplete – The prefix was learned by some other means, probably redistribution. –well-known mandatory attribute (type code 1)

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 87 The ORIGIN attribute  BGP considers the ORIGIN attribute in its decision- making process to establish a preference ranking among multiple routes.  Specifically, BGP prefers the path with the lowest origin type, where IGP is lower than EGP, and EGP is lower than INCOMPLETE.  Use the set origin route map command to manipulate the ORIGIN attribute.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 88 Highest WEIGHT Highest LOCAL PREFERENCE LOCALLY ORIGINATED (eg network/aggregate) Shortest AS-PATH Lowest ORIGIN (IGP < EGP < incomplete) Lowest MED EBGP IBGP Lowest IGP METRIC to next-hop Neighbor with lowest ROUTE_ID Full story see: www.cisco.com/warp/public/459/25.shtml Basic Decision Algorithm Consider only (synchronized) routes with no AS loops and valid next-hop, then prefer:

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 89 BGP Decision Making 1.If the next hop is inaccessible, the route is ignored (this is why it is important to have an IGP route to the next hop). 2.The BGP router will prefer the path with the largest weight (weight is a Cisco proprietary parameter). 3.If the weights are the same, the BGP router will prefer the route with the largest local preference.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 90 BGP Decision Making 4.If the routes have the same local preference, the BGP router will prefer the route that was locally originated (originated by this router). 5.If the local preference is the same, the BGP router will prefer the route with the shortest AS_PATH. 6.If the AS_PATH length is the same, the BGP router will prefer the route with the lowest origin type (where IGP is lower than EGP, and EGP is lower than INCOMPLETE).

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 91 BGP Decision Making 7.If the origin type is the same, the BGP router will prefer the route with the lowest MED. 8.If the routes have the same MED, the BGP router will prefer the route in the following manner: External (EBGP) is better than confederation external, which is better than IBGP. If the AS_PATH length is the same, the BGP router will prefer the route with the lowest origin type (where IGP is lower than EGP, and EGP is lower than INCOMPLETE).

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 92 BGP Decision Making 9.If all the preceding scenarios are identical, the BGP router will prefer the route that can be reached via the closest IGP neighbor—that is, take the shortest internal path inside the AS to reach the destination (follow the shortest path to the BGP NEXT_HOP). 10.If the internal path is the same, the BGP router ID will be a tie breaker. The BGP router will prefer the route coming from the BGP router with the lowest router ID. The router ID is usually the highest IP address on the router or the loopback address.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 94 neighbor peer-group-name peer-group Router(config-router)#  This command creates a peer group. Using a Peer Group neighbor ip-address peer-group peer-group-name Router(config-router)#  This command defines a template with parameters set for a group of neighbors instead of individually.  This command is useful when many neighbors have the same outbound policies.  Members can have a different inbound policy.  Updates are generated once per peer group.  Configuration is simplified.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 96 BGP Neighbor Authentication  BGP authentication uses MD5.  Configure a “key” (password); router generates a message digest, or hash, of the key and the message.  Message digest is sent; key is not sent.  Router generates and checks the MD5 digest of every segment sent on the TCP connection. Router authenticates the source of each routing update packet that it receives neighbor {ip-address | peer-group-name} password string Router(config-router)#

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 98 Example: show ip bgp Command RouterA# show ip bgp BGP table version is 14, local router ID is 172.31.11.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 10.1.0.0/24 0.0.0.0 0 32768 i * i 10.1.0.2 0 100 0 i *> 10.1.1.0/24 0.0.0.0 0 32768 i *>i10.1.2.0/24 10.1.0.2 0 100 0 i *> 10.97.97.0/24 172.31.1.3 0 64998 64997 i * 172.31.11.4 0 64999 64997 i * i 172.31.11.4 0 100 0 64999 64997 i *> 10.254.0.0/24 172.31.1.3 0 0 64998 i * 172.31.11.4 0 64999 64998 i * i 172.31.1.3 0 100 0 64998 i r> 172.31.1.0/24 172.31.1.3 0 0 64998 i r 172.31.11.4 0 64999 64998 i r i 172.31.1.3 0 100 0 64998 i *> 172.31.2.0/24 172.31.1.3 0 0 64998 i Displays networks from lowest to highest.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 99 Self Check 1.What is a peer group? 2.Describe the benefits of peer groups. 3.What type of neighbor authentication does BGP support? 4.What does an * in the first column of output for the show ip bgp command indicate?

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 101 Local Preference Attribute Paths with highest local preference value are preferred:  Local preference is used to advertise to IBGP neighbors about how to leave their AS.  The local preference is sent to IBGP neighbors only (that is, within AS only).  The local preference attribute is well-known discretionary.  Default value = 100

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 102 Changing BGP Local Preference For All Routes bgp default local-preference value Router(config-router)#  Changes the default local preference value.  All routes advertised to an IBGP neighbor have the local preference set to the value specified. Local preference is used in these ways:  Within an AS between IBGP speakers.  To determine the best path to exit the AS to reach an outside network.  Set to 100 by default; higher values are preferred.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 104 Router C BGP Table With Default Settings RouterC# show ip bgp BGP table version is 7, local router ID is 3.3.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * i172.16.0.0 172.20.50.1 100 0 65005 65004 65003 i *>i 192.168.28.1 100 0 65002 65003 i *>i172.24.0.0 172.20.50.1 100 0 65005 i * i 192.168.28.1 100 0 65002 65003 65004 65005 i *>i172.30.0.0 172.20.50.1 100 0 65005 65004 i * i 192.168.28.1 100 0 65002 65003 65004i By default, BGP selects the shortest AS path as the best (>) path. With default behavior only, in AS 65001, the percent of traffic going to 172.24.0.0 is 30%, 172.30.0.0 is 20%, and 172.16.0.0 is 10%. Currently, 50% of all traffic is going to the next hop of 172.20.50.1 (AS 65005), and 10% of all traffic is going to the next hop of 192.168.28.1 (AS 65002). Make traffic to 172.30.0.0 select the next hop of 192.168.28.1 to achieve load sharing where both external links get approximately 30% of the load.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 105 Route Map for Router A router bgp 65001 neighbor 2.2.2.2 remote-as 65001 neighbor 3.3.3.3 remote-as 65001 neighbor 2.2.2.2 remote-as 65001 update-source loopback0 neighbor 3.3.3.3 remote-as 65001 update-source loopback0 neighbor 192.168.28.1 remote-as 65002 neighbor 192.168.28.1 route-map local_pref in ! access-list 65 permit 172.30.0.0 0.0.255.255 ! route-map local_pref permit 10 match ip address 65 set local-preference 400 ! Router A’s configuration:

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 106 Router C BGP Table with Local Preference Learned RouterC# show ip bgp BGP table version is 7, local router ID is 3.3.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * i172.16.0.0 172.20.50.1 100 0 65005 65004 65003 i *>i 192.168.28.1 100 0 65002 65003 i *>i172.24.0.0 172.20.50.1 100 0 65005 i * i 192.168.28.1 100 0 65002 65003 65004 65005 i * i172.30.0.0 172.20.50.1 100 0 65005 65004 i *>i 192.168.28.1 400 0 65002 65003 65004i  Best (>) paths for networks 172.16.0.0/16 and 172.24.0.0/16 have not changed.  Best (>) path for network 172.30.0.0 has changed to a new next hop of 192.168.28.1 due to the next hop of 192.168.28.1 having a higher local preference, 400.  In AS 65001, the percentage of traffic going to 172.24.0.0 is 30%, 172.30.0.0 is 20%, and 172.16.0.0 is 10%.  30% of all traffic will go to the next hop of 172.20.50.1 (AS 65005), and 30% of all traffic will go to the next hop of 192.168.28.1 (AS 65002).

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 107 Self Check 1.What is local preference? How is it used? 2.What is the default value for local preference on Cisco routers? 3.Which values (higher or lower) are preferred for local preference?

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 109 The paths with the lowest MED (also called the metric) value are the most desirable:  MED is used to advertise to EBGP neighbors how to exit their AS to reach networks owned by this AS. MED Attribute The MED attribute is optional and nontransitive. In other words, MED is used to tell another AS how to enter your AS

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 110 Changing BGP MED For All Routes default-metric number Router(config-router)#  MED is considered the metric of BGP.  All routes that are advertised to an EBGP neighbor are set to the value specified using this command.  MED is used when multiple paths exist between two autonomous systems.  A lower MED value is preferred.  The default setting for Cisco is MED = 0.  The metric is optional, nontransitive attribute.  Usually, MED is shared only between two autonomous systems that have multiple EBGP connections with each other. This means it will not be passed to Routers in a different AS

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 112 Route Map for Router A Router A’s Configuration: router bgp 65001 neighbor 2.2.2.2 remote-as 65001 neighbor 3.3.3.3 remote-as 65001 neighbor 2.2.2.2 update-source loopback0 neighbor 3.3.3.3 update-source loopback0 neighbor 192.168.28.1 remote-as 65004 neighbor 192.168.28.1 route-map med_65004 out ! access-list 66 permit 192.168.25.0.0 0.0.0.255 access-list 66 permit 192.168.26.0.0 0.0.0.255 ! route-map med_65004 permit 10 match ip address 66 set metric 100 ! route-map med_65004 permit 100 set metric 200

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 113 Route Map for Router B Router B’s Configuration: router bgp 65001 neighbor 1.1.1.1 remote-as 65001 neighbor 3.3.3.3 remote-as 65001 neighbor 1.1.1.1 update-source loopback0 neighbor 3.3.3.3 update-source loopback0 neighbor 172.20.50.1 remote-as 65004 neighbor 172.20.50.1 route-map med_65004 out ! access-list 66 permit 192.168.24.0.0 0.0.0.255 ! route-map med_65004 permit 10 match ip address 66 set metric 100 ! route-map med_65004 permit 100 set metric 200

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 114 MED Learned by Router Z RouterZ# show ip bgp BGP table version is 7, local router ID is 122.30.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *>i192.168.24.0 172.20.50.2 100 100 0 65001 i * i 192.168.28.2 200 100 0 65001 i * i192.168.25.0 172.20.50.2 200 100 0 65001 i *>i 192.168.28.2 100 100 0 65001 i * i192.168.26.0 172.20.50.2 200 100 0 65001 i *>i 192.168.28.2 100 100 0 65001 i  Examine the networks that have been learned from AS 65001 on Router Z in AS 65004.  For all networks: Weight is equal (0); local preference is equal (100); routes are not originated in this AS; AS path is equal (65001); origin code is equal (i).  192.168.24.0 has a lower metric (MED) through 172.20.50.2 (100) than 192.168.28.2 (200).  192.168.25.0 has a lower metric (MED) through 192.168.28.2 (100) than 172.20.50.2 (200).  192.168.26.0 has a lower metric (MED) through 192.168.28.2 (100) than 172.20.50.2 (200).

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 115 Consider only (synchronized) routes with no AS loops and a valid next hop, and then:  Prefer highest weight (local to router).  Prefer highest local preference (global within AS).  Prefer route originated by the local router (next hop = 0.0.0.0).  Prefer shortest AS path.  Prefer lowest origin code (IGP < EGP < incomplete).  Prefer lowest MED (exchanged between autonomous systems).  Prefer EBGP path over IBGP path.  Prefer the path through the closest IGP neighbor.  Prefer oldest route for EBGP paths.  Prefer the path with the lowest neighbor BGP router ID.  Prefer the path with the lowest neighbor IP address. Route Selection Decision Process

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 116 Self Check 1.Which MED values are most desirable? 2.On a Cisco router, what is the default MED value for each network that an autonomous systems owns and advertises to an EBGP neighbor? 3.How has this been effected by the IETF decision regarding BGP MED? 4.How can a Cisco router be configured to conform to the IETF standard? 5.How many paths does BGP choose for each destination?

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 117 Summary  BGP is a path-vector routing protocol that allows routing policy decisions at the AS level to be enforced.  BGP forms EBGP relationships with external neighbors and IBGP with internal neighbors. All routers in the transit path within an AS must run fully-meshed IBGP.  When BGP is properly configured, it will: establish a neighbor relationship, set the next-hop address, set the source IP address of a BGP update, and announce the networks to other BGP routers.  BGP performs a multi-step process when selecting the best path to reach a destination.  BGP can manipulate path selection to affect inbound and outbound traffic policies of an AS. Route maps can be configured in order to manipulate the local preference and MED BGP attributes.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 119 Resources  BGP Case Studies http://cisco.com/en/US/partner/tech/tk365/technologies_tech_no te09186a00800c95bb.shtml  Troubleshooting BGP http://cisco.com/en/US/partner/tech/tk365/technologies_tech_no te09186a008009478a.shtml

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Configuring Basic BGP BSCI Module 6.

Similar presentations

Presentation on theme: "© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Configuring Basic BGP BSCI Module 6."— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Configuring Basic BGP BSCI Module 6.

Similar presentations

Presentation on theme: "© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Configuring Basic BGP BSCI Module 6."— Presentation transcript:

Similar presentations

About project

Feedback