classa

10.0.0.0
10.0.0.0/8
classb
172.16.0.0through172.31.0.0
172.16.0.0/12
classc
192.168.0.0through192.168.255.0
192.168.0.0/16

theseaddresswontbeallocatedinthepublicinternet
0.0.0.0/8
usedforselfidentificationonlocalsubnet
127.0.0.0/8
loopbacktesting
169.254.0.0/16
ipv4addresswhenthedhcpfails
192.0.2.0/24
reservedforuseindocumentationandexamplecode
198.18.0.0/15
benchmarktestingforinternetdevices

=====================================================================

bgpbasics
whentwoispconnect,theytypicallyusebgptoexchangeroutinginformation
collectively,theispsoftheworldexchangeinternetsroutingtableusingbgp
bgpestablishesneighborrelationshipbeforeexchangingtopologyinfo
keyfacts
bgpdoesnotrequireneighborstobeattachedtothesamesubnet
neighborsipaddressisexplicitlyconfigured,maynotbeoncommonsubnet
bgproutersuseatcpconnection(port179)topassbgpmessages
bgpadvertisesprefix/lengthcallednetworklayerreachabilityinfo(nlri)
bgpexchangespathattributes(
pa
)inroutingupdatessoitcanchoosebestroutes.
bgpispathvectorprotocol(similartodistancevector)

as_path=pa,withas_seqbeingitsmaincomponent
bydefaultifnobgppahasbeenexplicitlyset,bgproutersusethebgp
as_path
(autonomoussystempath)pawhenchoosingthebestrouteamongmany.
themaincomponentofas_pathisthe
as_seq
(as_sequence)

as_pathislikethis:ifyouusethispath(route)thepathwillgothroughthislistofASNs
bgpusesas_pathtoperformtwokeyfunctions:
choosethebestroutebasedonshortestas_path(fewestnumberofASNslisted).
preventroutingloops.
preventsroutingloops
b/cwhenarouterreceivesarouteadvertisementwhichlistsan
as_pathwithitsownASN,therouterignoresthatroute.

ibgpandebgp
dependsonwhethertheneighborisinthesameASN(iBGP)ordifferentASN(eBGP).
whenarouteradvertisestoanibgp,itdoesntupdatetheas_path.
whenarouteradvertisestoanebgp,itdoesupdatetheas_path.

publicASNassignmentmadebyIANA
0
reserved
1~64,511
assignablebyIANAforpublicuse
64,496~64,511
reservedforuseindocumentation
64,512~65,534
privateuse
65,535
reserved

====================================================================

defaultroutesvsbgp
defaultrouteisbetterwhenwehaveonly1connectionouttotheinternet.
bgpisbetterwhenwehaveatleast2connectionstotheinternetandwanttoinfluence
onepathoveranother.

singlehomed
=
1linkperisp,1isp
dualhomed
=
2+linksperisp,1isp
singlemultihomed =
1linkperisp,2+isp
dualmultihomed
=
2+linksperisp,2+isp

singlehomed

SinglehomeddesignsoftenuseoneoftwooptionsforroutingtoandfromtheInternet:
Usestaticroutes(defaultintheenterprise,andastaticroutefortheenterprisespublic
addressrangeattheISP).
UseBGP,butonlytoexchangeadefaultroute(ISPtoenterprise)andarouteforthe
enterprisespublicprefix(enterprisetoISP).
Forthissecondoption(usingbgp):
TheISProuterusesBGPtoadvertiseadefaultroutetotheenterprise.
YoumustconfiguretheIGPontheenterprisesInternetfacingroutertoflooda
defaultroute(typicallyonlyifthedefaultrouteexistsinthatroutersroutingtable).
YoumustconfigureBGPontheenterpriserouterandadvertisetheenterprises
publicprefixtowardtheISP.

dualhomed

twooptionswhenwehavetwoenterpriseroutersconnectingto1isp(ispcouldhave
1ormorerouters):
a. onepreferedpathoveranothertoalldestinations.
b. bothpathstreatedasequalandfailingoveroneiftheotheronefails.


a. preferringonepathoveranotherforalldestinations
bgpcanbeusedbutisnotrequired,wecouldusedefaultroutesinstead.
onewayisredistributingadefaultrouteintotheenterprisewiththenexthop
being
theispsrouter(usingeigrpinthisexample):
iproute0.0.0.00.0.0.0nexthop
routereigrp1
redistributestaticmetric10000125511500
andthen..intheotherenterpriserouter,haveanotherdefaultroutewithhigher
metric,thisone,thefirstoneisalwaysgonnabetheprefered:
iproute0.0.0.00.0.0.0nexthop
routereigrp1
redistributestaticmetric1000010000025511500

usingbgp
sohereswhereitgetstricky,routersinenterpriseneedtoadvertise
ibgp
routes
to
otherenterpriserouters,thenwhenitgetstotheborderrouterbetween
enterprise
andisp,theenterpriseborderrouterneedstouseits
ebgp
routeandsendto
closestisprouter(closesttodesireddestination).
ofcourse,ispneedstoadvertisetotheenterprisetheroutesplayingwiththe
path
attributes
sothatenterpriseroutersknowbestwaytodesireddestinations.
bgp
needstoberunonwan/coreenterpriserouterscausetheyneedtoknow
whichborderroutertosendthetrafficto,otherwiseaborderroutercouldsend
trafficbacktowan/corerouterandcreateloops(unlesstheresadirect
connection
betweenallborderenterpriserouters).

bgpfull/partialupdates
someISPsgiveyouthreeoptionsforwhatbgproutestheylladvertisetoyou:
defaultrouteonly:
ispadvertisesadefaultroutewithbgp,thatsit.
fullupdates:
ispsendsyoutheentirebgptable
partialupdates:
ispsendsyouroutesforprefixesthatmightbebetter
reachedthroughthatisp,butnotallroutes,plusadefaultroute.

singlemultihomed

1singlelinkperisp,withatleasttwoISPs
couldbe1enterpriserouterwithonelinktoisp1andonelinktoisp2or
couldbe2enterpriserouterswithonelinkeachtoisp1andips2correspondingly.


dualmultihomed

twoormoreISPs,withtwoormoreconnectionsperISP,thismeansmuchredundancy.
thisredundancycanbeusedforbackup,butmostoftenbgpisusedtomakebestsome
decisionsaboutthebestpathtoreachvariousdestinations.
==================================================================

externalbgpforenterprises
formneighborrelationshipwithpeers.
learnsinformationfromitsneighbors.
placesinformationinbgptable.
analyzesbgptabletochoosebestworkingrouteforeachprefixinthetable.
placesbestworkingroutesintotheiproutingtable.

ebgpneighborconfiguration
useswellknowndestinationport179
ataminimum,abgpparticipatingroutermustconfigure:
routersownASNwith
config#routerbgpasn
theipaddrofeachneighborandthatneighborsASNwith
confrtr#neighborneiipremoteasremoteasn

requirementstoformneighborship:
localroutersasnmustmatchneighboringneighborremoteasasnnumber.
bgprouterIDs(RID)ofthetworoutersmustnotbethesame:
configurewith
configrtr#bgprouteridid
orletitbechosenbyhighestloopback>highestotherinterface
ifconfigured,authenticationmustpass:
configurewith
confrtr#neineiippasswkey
eachroutermustbepartofatcpconnectionwiththeotherrouter..?

configuringneighborshipwith
loopback
assourceforthetcpsession:
(thisavoidstcpsessionfalldownandprovideloadbalancewhenwehavemorethan1
link
betweenneighbors)
configrtr#neineiloopbupdatesourcelocallooint
!statesthatneiconnectionshouldbemadewithlocalloo
configrtr#neineiloopbremoteas
configrtr#neineiloopbebgpmultihophops
!thisiscausebydefault,ebgppeeringttl=1
!rememberweneedtohavearoutetoneisloopbackfor
forthistowork.

bgpinternalsandverifyingebgpneighbors
1. routerestablishesdestport179tcpconnectionwithaddresslistedinneighbor
command.
2. after3wayhandshake,routersendsOpenmessage.
3. afteropenmessagehasbeensentandreceivedneighborshipreachesEstablished
state.

bgpneighborstates
idlebgpprocesseitheradministrativelydownorawaitingnextretryattempt.
connectbgpprocesswaitingforthetcpconnectiontobecompleted.
activetcpconnectioncompletedbutnobgpmessageshavebeensenttopeer.
opensenttcpconnectioncompletedbutnomatchingOpenmessagefrompeer.
openconfirmallsetbutwaitingforkeepalivemessagetoconfirmparameters.
establishedallneighborparametersmatch,cannowexchangeupdates.

verifywith
showipbgp
showipbgpsummary
theState/PfxRcdcouldbeeithertheneighborsstateorthenumberof
prefixesreceivedfromthatneighbor,anumericvalueunderthisheading
impliesaneighborstateofEstablished!
showipbgpneighborsneighborid
herewecansee:
neighborsRID
ebgpmultihopsetting
localandremotetcpsocket
plusmuchmuchmoreinformation
showtcpbrief
debugipbgp

wecanadministrativelyshutdownorbringupanybgpneighborwith:
configrtr#neighborneiipshutdown
andbringitbackupwith:
configrtr#noneighborneiipshutdown

bgpmessagetypes
openforestablishingneirelationshipandexchangeparameterslikeasn/auth.

keepaliveperiodicallysenttomaintainneirelationship(atleast1perhold
timer).
updateusedtoexchangePAsandassociatedprefix/length.
notificationusedtosignalabgperror,typicallyresultsinaneirelationshipreset.

====================================================================

verifyingbgptable

updatemessage
(2Byteswide)
whenarouterreachesEstablishediswhenitstartssendingUpdatemessages.
therouterreceivinganUpdateplacesthoselearnedprefixesintobgptable.
thenbgpprocessesallpotentialroutestochoosethebestoneforeachprefix.
bgpusesUpdatestobothannounceandwithdraw(whenaroutefails)routes.

notes:
weightcolumnisanother
PA
,justlikeas_seq
pathcolumnistheas_pah
PA
.
lastrowshowsablankunderNetworkcolumn,meaningtheabovenetworkprefix
(192.135.250.0/28)canbereachedwith2differentnexthops.

otherpossibleshowcommandsforbgptable:
showipbgp0.0.0.00.0.0.0
!listpossibledefaultroutes
showipbgpprefix[mask]
!listpossibleroutes,perprefix
showipbgpneighborsipaddrreceivedroutes
!listrouteslearnedfromoneneighborbeforeinboundfilteringisapplied
showipbgpneighborsipaddrroutes
!listrouteslearnedfromaneighborthatpassedanyinboundfilters
showipbgpneighborsipaddradvertisedroutes
!listroutesadvertisedtoaneighborafterapplyingoutboundfiltering
showipbgpsummary
!listthenumberofprefixeslearnedperneighbor

==================================================================

injectingroutesintobgpforadvertisementtotheISPs
sonowtheenterpriseroutersaregonnaadvertisetheirroutes(publicipaddressspace)
totheISPsrouters(assumingthechoiceofusingbgphasalreadybeenmade).
twochoices:
bgp
network
command
redistribution
fromanIGP

usingnetworkcommand

(noautosummaryisdefault)
LookforarouteintherouterscurrentIProutingtablethatexactlymatchesthe
parametersofthenetworkcommandifarouteforthatexactprefix/lengthexists,
puttheequivalentprefix/lengthintothelocalBGPtable.
config#routerbgpasn
configrtr#network128.107.0.0mask255.255.224.0
!ifnomaskparameter,IOSassumesclassfulmask

saywehavesubsetsofnetworksonourroutingtablebutdonthavethe
summarizedroutethatwewouldliketoadvertisetotheISP,forthis,wehave
twooptions:
staticsummarizedroutewithoutintnull0oninternetfacingrouter.
IGPsummarizationtocreateasummaryrouteforentireprefix.

caveat:
if
autosummary
ison,andthe
network
command
omits
the
mask
parameter,therouterwillonlyaddtherouteforthatclassfulnetwork
tothebgptableunderoneoftheseconditions:

iftheexactclassfulrouteisintheiproutingtable.
ifanysubsetroutesofthatclassfulnetworkareintherouting
table.

usingredistribution

config#routerbgpasn
configrtr#redistribospfasnroutemapmapname
!thiscaseusingroutemaptomatchonlypublicroutes
config#routemapnamepermit
matchipaddressprefix/aclname
soifwewanttoachieveadvertisingonlyasummarizedrouteofourpublicroutes
totheISProuters,wecansummarizeintheIGPandthenredistributetoBGP
onlythesummarizedpublicroute,or..wecouldconfigureanullstaticroutefor
the
summarizedrouteontheinternetconnectedrouter,or:
configurebgproutesummarizationlikethis:
config#routerbgpasn
configrtr#aggregateaddrnetipmasksummaryonly
thesummaryonlykeywordtellsIOStosupresstheadvertisementofthe
subsetroutes(meaningwellstillseethesubsetroutesinlocalbgptable,
buttheywontbeadvertised)

===================================================================

ADVANCEDBGPCONCEPTS

==========================================

configuringibgp
config#routerbgpasn
configrtr#neighborneiipremoteasasn
!inthiscasetheasnwouldbethesameasthelocalrouter

now if we want to use loopback instead of the interface ip addr to create the
neighborship
(maybecausewehaveredundancybetweenthetwointernetfacingroutersandifone
link fails we need to keep having the neighborshipup),the configwouldbethesameas
withebgp,exceptthattheresnoneedtosetthettlmultihop:

configuringibgpneighborswithloopbacks
configrtr#neineilooipupdatesourcelocalintf
configrtr#neineilooipremoteasasn
!makesuretheresaroutetoeachothersloopbacks


tworulesabouthowbgpoperates:
onlyadvertisethebestrouteinanyBGPUpdate.
donotadvertiseiBGPlearnedroutestoiBGPpeers.

nexthopreachabilityissueswithibgp

thelasthighlightedline,means:
1.1.1.1
=
nexthopoftheroute
10.100.1.1
=
theneighborfromwhichtheroutewaslearned(in
nei
command)
11.11.11.11 =
neighborsbgprouterid

so basically when advertising ebgp routes, the nexthopaddrwillbetheebgpneighborsaddr

as listed in the
neighborremoteascommand,butwhenadvertisingibgproutes,theadvertiser
routerdoesnotchangethenexthopaddr.
wecanhavestaticroutessothatroutersknowhowtoreachnexthopsofftheirconnected
networksofwecouldchangethewayroutersadvertisetheiriBGProutes:

usingnexthopselftochangenexthopaddress
configrtr#neineiipnexthopself
!makestherouteradvertiseibgprouteswithitsown
sourceipaddr
asthenexthop

===================================================================

IGPredistributionandbgpsynchronization
synchronization:
DonotconsideraniBGPlearnedrouteasbestunlesstheexactprefixwaslearned
throughanIGPandiscurrentlyintheIProutingtable.
configrtr#synchronizationornosynchronization
==================================================================

routefilteringandclearingbgppeers
routefiltering
wecanmatchtherouteswewanttofilterbyalargersetofbgppathattributes.
filtercantbeappliedtoallin/outbound,insteadmustapplytospecificneiswithbgp.

i.e.
config#ipprefixlistnamepermit128.107.0.0/19

!allotherswillbedeniedcauseoftheimplieddeny
config#routerbgp11
configrtr#nei1.1.1.1prefixlistnameout
configrtr#end
r1#clearipbgp1.1.1.1
!weneedtoclearthebgpbeforethefilterisapplied
r1#showipbgpnei1.1.1.1advertisedroutes
!showsthebgptablefor1.1.1.1afterfiltersapplied

clearingbgpneighbors

=====================================================================

peergroups
logicallygroupneighborsthathavesimilarconfiguredparametersintoabgppeergroup.
asingleroutercanhavemultiplepeergroups,eachwithseparatesetofparameters.

configrtr#neighborgroupnamepeergroup
configrtr#neighborgroupnameprefixlistnamein
configrtr#nei198.51.100.2remoteasasn
configrtr#nei198.51.100.2peergroupgroupname
!

config#ipprefixlistnameseq5deny...
config#ipprefixlistnameseq10permit...

=====================================================================

pathattributesandbestpathalgorithm

pathattributes
as_path,as_pathlength,next_hop
weightisnotaPA.

bestpathalgorithminorder
N
nexthop
ifnoroutetoreachnext_hop,routercannotusethisroute
W
weight
biggerisbetter
L
local_pref
biggerisbetter
L
localinjectedroutes localinjectedisbetterthanibgp/ebgplearned

A
as_pathlength
smallerisbetter
O
origin
prefer
i
(IGP)over
e
(EGP),prefer
e
over
?
(undetermined)
M
med(metric)
smallerisbetter
N
neighbortype
preferebgpoveribgp
I
igpmetrictonh
smallerisbetter

ifafterthelaststeptheresatie,therouterwillbreakthetie(becauseit
only
advertises
thebestroutetoitsneighbor)likethis:
oldest(longestknown)ebgproute
lowestneighborbgprid
lowestneighboripaddress

onlysomeofthebgpbestpathattributesneedtobeconsideredfortheenginer:
weight(step1)
local_pref(step2)
as_path_length(step4)
med(oftencalledmetric)(step6)

=====================================================================

influencinganenterprisesoutboundroutes
threefeaturesthatcaninfluencetheoutboundroutes:
weight
local_pref
as_pathlength

weight

whenarouterreceivesabgpupdate,thatroutercansettheweighteitherselectively,
perrouteusingaroutemap,orforallrouteslearnedfromasingleneighbor.
weightcaninfluenceonlythatonerouter,becausetheweightcannotbecommunicated
to other neighboring bgp routers, so to use the weight, a router must be configured to
examineincomingupdatestosettheweight.

weight:
itsnotaPA,itsciscoproprietary
defaultis0forlearnedroutes,32,768forlocallyinjectedroutes
doesntsupportanewdefault
identifiesasingleroutersbestroute
setininboundrouteupdatesinfluencesonlythatonerouterschoice
rangesfrom0~65,535(2**161)
biggervaluesarebetter
configurewith:
neighborroutemap
(perprefix)

neighborweight
(allrouteslearnedfromthisneighbor)

weightusingroutemap:
config#ipprefixlistprefixnamepermit181.0.0.0/8
config#routemapmapnamepermitseq
matchipaddrprefixlistprefixname
setweight50
config#routemalmapnamepermitseq2
!causetheresnomatch,allowstherestoftheroutes
config#routerbgpasn
configrtr#nei192.168.1.2routemapmapnamein

weightusingneighborcommand:
setsweightforallrouteslearnedfromaneighbor
config#routerbgpasn
configrtr#nei1.1.1.1weight60
!doesntusein/outcauseweightcanonlybein

local_pref

gives routers inside a single AS a value that they can set perroute to advertise to all
iBGP
routers inside the AS, so that all routers in the AS agree about which router is the best
exit
pointforpacketsdestinedforthatprefix.
bydesign,local_prefcanbesetbyroutersthatreceiveeBGProutes,andthenthose
routersadvertisethelocal_prefiniBGPupdates,resultinginallroutersinthesameAS
agreeinginwhichrouteisbesttoexittheASforeachprefix.

INTERNETCONNECTEDROUTERRECEIVESEBGPROUTEWITHNO
LOCAL_PREF,THENTHISROUTERADVERTISESIBGPROUTESWITHA
SETLOCAL_PREFORDEFAULTTO100

local_pre
itisaPA
identifiesthebestexitpointfromtheAStoreachagivenprefix
affectstheASinwhichitwasset,itisnotadvertisedtoeBGPpeers
0through4,294,967,295(2**231)
highervaluesarebetter
defaultis100
changedefaultwithbgpdefaultlocalpreferencevaluebgpsubcommand
itisconfiguredusingneighborroutemapincommand

i.e.
config#ipprflistpreflistseq5permit184.0.0.0/8
config#ipprflistpreflist2seq5permit185.0.0.0/8
config#routemapmapnamepermit10
matchipaddrpreflistpreflist2
setlocalpreference150
config#routemapmapnamepermit15
matchipaddrpreflistpreflist
setlocalpreference50
config#routemapmapnamepermit20
config#routerbgpasn
configrtr#nei1.1.1.1routemapmapnamein

====================================================================
routingtablemanager(RTM)
afterthebgpbestpathalgorithmisdone,thebestrouteitsnotgiventotheiprouting
table,beforeitgoestotheroutingtable,itgoestotheciscoiosroutingtablemanager
(rtm), which chooses the best route among many competing sources (igp, bgp,
connected,
static,etc).

sothertmgetsforeachspecificprefix:
bestrouteofigproutes
bestrouteofbgproutes
connectedroutes
staticroutes
andpullsouttheresults(basedonadministrativedistances)totheiproutingtable
againadministrativedistancesare:
connected
0
static
1
eigrpsummary
5
ebgp
20
eigrpinternal
90
igrp
100
ospf
110
isis
115
rip
120
odr
160
eigrpexternal
170
ibgp
200
unreachable
255
showipbgpribfailures

showsroutesthatbgphaschosenasbestbutthertm
functionhasnotplacedintotheroutingtable.


====================================================================

increasingas_pathwithas_pathprepend
as_pathisthenumberofautonomoussystemsbeforethedestination
as_pathisthe4thattributethatthebestpathalgorithmanalyses

config#routemapmapnamepermitseq
setaspathprependasnasnasn
!asmanyasnaswewant,thisiswhatincreasesas_path
!justmakesuretouseanasnalreadyintheas_path
config#routerbgpasn
configrtr#neineiiproutemapmapnamein/out

=====================================================================
med(multiexitdiscriminator)
itisapathattribute
allowsanAStotellaneighboringASthebestwaytoforwardpacketsintothefirstAS.
advertisedbyoneASintoanother,propagatedinsidetheASbutnotsenttootherASs.
0through4,294,967,295(2**231)
smallerMEDisbetter
defaultis0
6thstepinthebestpathalgorithm
tellstheispwhichlinkINTOtheenterprisetouse

configrtr#neineiiproutemapmapnameout
config#ipprefixlistlistpermit128.107.0.0/19
config#routemapmapnamepermitseq
matchipaddrprefixlistlist
setmetric10

checkwith
showipbgpsubnet/length
showipbgpsubnet/lengthlongerprefixes