BGP Workbook

@:mim f! (fl.
bJJill{j
JOOillr;)W @ill o©
'BG'P
'Workbook
www .noasolutions.com
NOA solutions, N.K Arcade, 2nd & 3rd floor,Opposite to banjara function hall,Banjarahills Road-no-
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions. com Page 1
About the Author
Sikandar Shaik, a dual CCIE (RS/SP# 35012), is a highly experienced and extremely driven senior technical
instructor and network consultant. He has been training networking courses for more than 10 years, teaching on
a wide range of topics including Routing and Switching, Service Provider and Security (CCNA to CCIE). In
addition, he has been developing and updating the content for these courses. He has assisted many engineers in
passing out the lab examinations and securing certifications.
Sikandar Shaik is highly skilled at designing, planning, coordinating, maintaining, troubleshooting and
implementing changes to various aspects of multi-scaled, multi-platform, multi-protocol complex networks as
well as course development and instruction for a technical workforce in a varied networking environment. His
experience includes responsibilities ranging from operating and maintaining PC's and peripherals to network
control programs for multi-faceted data communication networks in LAN, MAN and WAN environments.
Sikandar Shaik has delivered instructor led trainings in several states in India as well as in abroad in countries like
China, Kenya and UAE. He has also worked as a Freelance Cisco Certified Instructor globally for Corporate
Major Clients.
Acknowledgment
First and foremost I would like to thank the Almighty for his continued blessings and for always being there for
me. You have given me the power and confidence to believe in myself and pursue my dreams. I could never
have done this without the faith I have in you. Secondly I would like to thank my family for understanding my
long nights at the computer. I have spent a lot of time on preparing workbooks and this workbook would not
have been possible without their support and encouragement. I would also like to recognize the cooperation of
my students who took my trainings and workbooks. I believe my workbooks have helped them in upskilling
themselves with respect to the subject and technologies and I will continue preparing workbooks for the
updated technology versions.
Shaik Gouse Moinuddin Sikandar
CCIE x 2 (RS/SP)
Feedback
Please send feedback if there are any issues with respect to the content of this workbook. I would also
appreciate suggestions from you which can improve this workbook further. Kindly send your feedback and
suggestions at info@noasolutions.com
INDEX
BGP Concepts & Terminology..............................................................................................6
Types of ISP Connections 12
Options of BGP connecting to Internet.....................................................................................15
BGP Neighbors 17
LAB: Basic IBGP Peering 20
BGP Split Horizon Rule 24
LAB: IBGP Peering using loopbacks 27
Configuring BGP Authentication on Cisco IOS: 38
Peer groups 41
Lab - Peer Groups 42
Route reflector 46
Lab : route reflector 49
Lab: route reflector usinglooback 52
Lab : route reflector with two servers for redundancy..................................... 54
EBGP Configuration ................ .................. ...... ........................ .................. ... 59
BGP next hop behavior 60
LAB: Basic EBGP Configuration & Verify Next-hop Behavior 63
LAB : EBGP peering using Loopback Interfaces (using EBGP multihop): .... ... ... ..... 66
Synchronization rule: ......................................................................... 71
LAB: Verify BGP Synchronization Rule 73
BGP Attributes overview............................................................................ 80
AS-path /next-hop/Orgin attributes ............. ...... ........................ .................. ... 81
Weight Attribute.........................................................................................................................88
Lab: Using Weight Attribute 91
Clearing the BGP Session 99
Lab : Weight Attribute using Route-maps ...................................................... 102
Understanding In/out .... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ..... 105
Local Preference.............................................................................................................................. 109
Lab: Using Local Preference ....................................................................... 111
Lab : Local preference using Route-maps
118
BGP Path Selection Process
127
AS-Path prepending...................................................................................................................129
Lab: AS-path Prepending
134
Multi-Exit Discriminator (Metric) .............................................................
139
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions. Page 3
com

com
Lab : Multi-Exit Discriminator (Metric) . ... ... ... ... ... ... ... ... .................................. 142
BGP always compare MED . ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... .. 151
BGP Summarization ( Aggregation): ............................................................... 154
LAB : BGP Summarization (Aggregation): ......................................................... 161
BGP Summarization AS-SET option : ............................................................. 165
Suppress-Map : 174
Unsuppress-Map: .... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ......... 176
BGP route Filtering . ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... 179
BGP Filtering Using ACL 182
BGP Filtering Using Prefix-list . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . .. . . . . ... . . 188
AS-PATH filters using Regular Expressions........................................................ 201
LAB : AS-PATH filters using Regular expression 206
BGP Communities............................................................... ..................... 219
Lab: Commuities Well Known.............................................................. 223
Community no-advertise
226
No- Export well known Community Attribute:
229
Using Local-AS
232
User Defined BGP Community:
237
LAB : User Defined BGP Community:
240
BGP Confederations: .... ...................... .................................................... 252
LAB: BGP Confederations 256
Verify BGP local-AS community Attribute (inside Confederations) ........................ 259
Route Reflector Clusters
261
LAB : Route Reflector Clusters
266
BGP Route-Dampening
275
LAB : BGP Route-Dampening ......................... .................. ................... 276
BGP Route-Dampening using Route-maps .......... ........................ .................. .. 280
Removing Private AS Numbers 282
BGP Hide Local-Autonomous System . ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... .. 292
BGP Hide Local-Autonomous System (No-prepend).......................................... 297
BGP Support for Dual AS Configuration for Network AS Migrations..................... 299
BGP allowas-in
302
1Pv6 BGP
306
LAB: lpv6 IBGP And EBGP Configurations
310
LAB : IPV6 IBGP & EBGP Advance Configurations
315
com

com
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www.noasolutions.com Page 5
BGP Concepts and Terminology
What we Learn
► Autonomous Systems.
► IGP & EGP
► Basic BGP features
► BGP's loop prevention mechanism
► When to use BGP
► When not to use BGP
BGP Autonomous
Systems
EGPs: BGP
!
Autonomous System 100 Autonomous System 200
► An AS is a collection of networks under a single technical administration .

► IGPs operate within an AS.
► BGP is used between autonomous systems.
► Exchange of loop-free routing information is guaranteed.
IGP-EGP
EGPs: BGP
!
Autonomous System 100 Autonomous System 200
IGP operates within the Same Autonomous Sytem
EBGP operates in between Multiple Autonomous

Sytem
BGP Features
► Open Standard
► Exterior Gateway protocol
► Designed for Inter-AS Domain Routing
► Designed to scale huge inter-network like internet.
► Classless.
0
Support FLSM, VLSM, CIDR, auto and manual summary (BGP-4)
► Updates are incremental and trigger

► Path vector protocol
Path Vector
10.1.1.
0
"' 6
400
10 .1.1.0 10.1.1.0
AS65200 65300 6 AS 65300 S
00
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions. com Page
B
BGP - AS Path Advertisement
20.2.2.0
AS
65444
20.2.2.0 20.2.2.0
AS 65222 65333 AS 65333
65444 65444
BGP Features (Contd)

► It send updates to manually defined neighbor as unicast
► BGP is application layer protocol uses TCP for reliability , TCP port 179
► Metric = Attributes
► Administrative distance
20 External updates ( EBGP)
200 Internal updates ( IBGP)
9
BGP's loop prevention mechanism
Network 10.10.200.0/ Z4 As· lh : 300 1000
-+-----+, eBGP sus.ion.s

Figure A.8: BGP loop prevention mechanism between external AS
172 .31 254

°"23
AS-P ti 725
172.31.254 °"23
AS-PathEmpty
172 31.254 0123 172 31 254 0/23

AS-P 7 2S 10 6'9 AS•P...th 7 25
10
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions.com Page
1O
AS-Path loop detection
140.10.0.0/1 6 500 300

170.10.0.0/16 500 300 200
180.10.0.0/16 is not accepted

by AS100 as the prefix has
AS100 in its AS-PATH - this is
loop detection in action
180.10.0.0/16 300 200 100
170.10.0.0/1 6 300 200
When to use BGP

0
A.S. working as transit A.S. (Ex. ISP)
0
A.S. connected to multiple A.S (when the AS is multi-homed) Data traffic path
entering or leaving A.S. need to manipulated
When not to use BGP

0
If it is Single-home A.S
0 Lack of recourses like memory and less processing power in routers
0
Limited understanding about BGP route filtering and path selection processes
Types of ISP Connections
0
Single Homed
0
Dual-homed site
0
Multi-homing
0
Dual Multi-homed
Connecting to the Internet with BGP
0
Default route from provider(s)
0
Some routes + default route -
0
All routes (full table) -
Types of ISP Connections
► Single Homed
► Dual-homed site
► Multi-homing
► Dual Multi-homed
Single homed site
► A site with a single ISP connection is single-homed.

► This is fine for a site that does not depend heavily on Internet or WAN connectivity.
► Either use static routes, or advertise the site routes to the ISP and receive a default
route from the ISP.
ASN80 ASN 1, ISP 1
Dual-homed site
ASN80 ASN 1, ISP 1
► A dual-homedsite has two

connections to the same ISP,
either from one router or two
routers . ASN 1, ISP 1
► One link might be primary and the
other backup, or the site might
load balance over both links.
► Either static or dynamic routing
would work in this case.
ASN80 ASN 1, ISP 1
Multi-homing
► Multi-homing means connecting to

more than one ISP at the same time. ASN80 ASN 1, ISP 1
► It is done for redundancy and backup if

one ISP fails and for better
performance if one ISP provides a
better path to frequently used ASN 2, ISP 2
networks.
► This also gives you an ISP
independent solution.
► BGP is typically used with multihomed
connections. ASN 1, ISP 1
Dual Multi-homed
► You can take multi-homing a step ASN80
ASN 1, ISP 1
further and be dual-multi-homed,
with two connections to multiple
ISPs.
► This gives the most redundancy.
► BGP is used with the ISPs and
can be used internally also.
ASN 1, ISP 1
Connecting to the Internet
with BGP Route reception options:
► Default route from provider(s)

• Easy on resources, internal traffic routed to nearest BGP router
► Some routes+ default route -
• Allows for selection of some paths with others falling back to a default route
► All routes (full table) -
• Hard on resources, but guarantees the most direct path is taken
Example: Default Routes from All

Providers
AS 64520 172.16.0.0/16
ISP ISP
AS 65000
0.0.0.0
Router C chooses
the lowest IGP
metric to reach the
default network.
Default Routes from All Providers and Partial Table
Default AS 64520 AS 64100

- Partial Table
ISPA
AS 65000
Router C uses the Router C uses the

default route to get to specific BGP routes
networks in AS that it has learned to
64100 and all other get to networks
autonomous systems owned by AS 65000,
not shown. AS 64900, and
AS 64520.
Full Routes from All Providers
AS 64100
Passes All ISPB

Prefixes AS 64900
to AS 64500
AS 64500
path selection
process can exit to
either AS 65000 or
AS 64900 for
any network.
BGP Neighbors ( IBGP/EBGP)
BGP Neighbors
► BGP neighbors are routers forming TCP connection for exchanging BGP updates.
► Also called as BGP Peers or BGP Speakers.
► Two type of BGP neighbor relationship .
IBGP (Internal BGP)
• EBGP (external BGP)
IBGP neighbors
IBGP Neighbors
EBGP Neighbors
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions.com Page 1B
BGP Databases ( BGP tables)
Neighbor table
0
A list of all configured BGP neighbors.
0
Has to be manually configured using neighbor command
0
# show ip bgp summary
0
# show ip bgp neighbors
BGP forwarding table/database

0 A list of networks known by BGP, along with their paths and attributes.
0
# show ip bgp
IP routing table
0
List of best paths to destination networks
0
# Sh ip route
Configuring BGP Routing Protocol

Router(config)# router bgp <AS no.>
Router(config-router)# network <network ID> [mask <subnet
mask>
Router(config-router) " ·-, --•- •- - -- -•- • -• -•--- router bgp 65102
- neighbor 192.168.1.2 remote-as 65101
2.168.1.2
2.168.1.1
router bgp 65101

neighbor 192.168.1.1 remote-as 65102
IBGP Configuration Example
R1(config-router)#network10.0.0.0
R1(config-router)# network 1.0.0.0
R1(config-router)#network 11.0.0.0 mask 255.255.255.0
R1(config-router)# exit
LAB: IBGP Peering
"' \
/
/
I \
I
(!..,,.., AS 500 .. 1/,.\I

\
I
\
I
/
" '-...
- ---
_.,,/
TASK:
• Configure IBGP peering AS 500 as per the diagram using directly connected Interfaces.
• Make sure that all the routers should be able to see the routes from other routers in the routing
table through BGP
Rl(config)#router bgp 500

Rl(config-router)# neighbor 1.1.1.2 remote-as 500
Rl(config-router)#network 10.0.0.0
Rl(config-router)# network 1.0.0.0
Rl(config-router)#network 11.0.0.0 mask 255.255.255.0
Rl(config-router)# no auto-summary
Rl(config-router)# no synchronization
Rl(config-router)# exit
NOTE:
• To advertise with default mask value ex: 10.0.0.0/8 no need to use mask
• to advertise with exact mask other than default like 11.0.0.0/24
• make sure that the mask on the interface( shown in routing table as connected) and in the network
command should be same in order to advertise Routes in BGP.
Example: BGP network Command
Router(config-router)# network 192.168.1.1 mask 255.255.255.0

• The router looks for exactly 192.168.1.1/24 in the routing table, but cannot find it, so it will not announce
anything.
Router(config-router)# network 192.168.0.0 mask 255.255.0.0
• The router looks for exactly 192.168.0.0/16 in the routing table.

• If the exact route is not in the table, you can add a static route to null0 so that the route can be announced.
R2(config)#router bgp 500

R2(config-router)# neighbor 1.1.1.1 remote-as 500
R2(config-router)# no auto-summary
R2(config-router)# no synchronization
R2(config-router)# end

R3 (config-router)# neighbor 2.2.2.1 remote-as 500
R3 (config-router)# network 30.0.0.0
R3 (config-router)# no auto-summary
R3 (config-router)# no synchronization
R3 (config-router)# end
R4(config)#Router bgp 500

R4(config-router)#neighbor 3.3.3.1 remote-as 500
Rl#sh ip bgp summary

Neighbor V AS MsgRcvd MsgSent TblVer lnQ OutQ Up/Down State/PfxRcd
1.1.1.2 4 500 5 5 9 0 0 00:01:40 3
4.4.4.1 4 500 5 5 9 0 0 00:01:17 3
R3#sh ip bgp summary
2.2.2.1 4 500 6 6 8 0 0 00:02:41 3
3.3.3.2 4 500 6 6 8 0 0 00:02:12 3
R-l#sh ip route bgp

B 2.0.0.0/8 [200/0] via 1.1.1.2, 00:03:00
B 3.0.0.0/8 [200/0] via 4.4.4.1, 00:02:46
B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:03:00
B 40.0.0.0/8 [200/0] via 4.4.4.1, 00:02:46
No network 30.0.0.0 in the routing table
R-2#sh ip route bgp

B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:03:46
B 4.0.0.0/8 [200/0] via 1.1.1.1, 00:03:51
B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:03:51
11.0.0.0/24 is subnetted, 1 subnets
B 11.0.0.0 [200/0] via 1.1.1.1, 00:03:51
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:03:46
Here there is No network 40.0.0.0 in the routing table because of BGP SPLIT HORIZON RULE
R3#sh ip route bgp

B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:02:10
B 4.0.0.0/8 [200/0] via 3.3.3.2, 00:02:10
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:02:10
B 40.0.0.0/8 [200/0] via 3.3.3.2, 00:02:10
R4#sh ip route bgp

B 1.0.0.0/8 [200/0] via 4.4.4.2, 00:02:15
B 2.0.0.0/8 [200/0] via 3.3.3.1, 00:02:14
B 10.0.0.0/8 [200/0] via 4.4.4.2, 00:02:15
B 11.0.0.0 [200/0] via 4.4.4.2, 00:02:15
B 30.0.0.0/8 [200/0] via 3.3.3.1, 00:02:14
BGP Split horizon rule
► An update send by one IBGP neighbor should not be send back to another
IBGP neighbor
► Prevents Routing loops within an same AS.
RT RT
1 2
AS
65001
Solution for BGP Split horizon

rule
1. full mesh neighborship
0
every router should be a neighbor of every other router with in the AS
2. Use Route Reflector
..- -- - ··- ·«>- -· --

· --....
/
/
---- . .-
o
0
'-
'--
/
/
, .. "\
/ Y.;-1.., .0 \
I -
..
\
AS 500
( 01.1.1/ .,,-:,.,.,R3
\
\ I
\
" '--
/
/
·-...._ /
·--....
··-··-··-··-- ---
BGP SPLIT HORIZON RULE
• An update send by one IBGP neighbor should not be send back to another IBGP neighbor
• BGP split-horizon is necessary to ensure that routing loops are not started within an AS full-mesh IBGP
peering is required within an AS for all the routers within the AS to learn about the BGP routes.
AS 65001
Why have these restrictions?

• No mechanism to detect an UPDATE loop exists in iBGP.
• What may be the consequences of not having a full iBGP mesh?
• Black holes and routing loops. UPDATE loops.
Solution:
1. full mesh neighbor ship (means every router should be a neighbor of every other router with in the
AS.)
Note: IBGP neighbors need not to be directly connected ( but they must be reachable to each other)
Rl(config)#Router bgp 500

Rl(config-router)#Neighbor 2.2.2.2 remote-as 500
Rl (config-router)#end

R2(config-router)#Neighbor 3.3.3.2 remote-as 500
R2(config-router)#end

R3 (config-router)#Neighbor 1.1.1.1 remote-as 500
R3 (config-router)#end

R4(config-router)#Neighbor 2.2.2.1 remote-as 500
R-l#sh ip bgp summary

1.1.1.2 4 500 20 20 11 0 0 00:16:29 3
2.2.2.2 4 500 3 5 11 0 0 00:00:09 3
4.4.4.1 4 500 20 20 11 0 0 00:15:24 3
1.1.1.1 4 500 6 6 36 0 0 00:01:44 4
2.2.2.1 4 500 11 11 36 0 0 00:07:33 3
3.3.3.2 4 500 11 11 36 0 0 00:07:05 3
R-l#sh ip route bgp

B 2.0.0.0/8 [200/0] via 1.1.1.2, 00:16:19
B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:00:51
B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:16:19
B 40.0.0.0/8 [200/0] via 4.4.4.1, 00:16:05
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:00:51
R-2#sh ip route bgp

B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:16:42
B 4.0.0.0/8 [200/0] via 1.1.1.1, 00:16:48
B 40.0.0.0/8 [200/0] via 3.3.3.2, 00:00:57
B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:16:48
B 11.0.0.0 [200/0] via 1.1.1.1, 00:16:48
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:16:42
R3#sh ip route bgp

B 1.0.0.0/8 [200/0] via 1.1.1.1, 00:00:00
B 4.0.0.0/8 [200/0] via 1.1.1.1, 00:00:00
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:06:49
B 40.0.0.0/8 [200/0] via 3.3.3.2, 00:06:49
B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:00:00
B 11.0.0.0 [200/0] via 1.1.1.1, 00:00:00
R4#sh ip route bgp

B 1.0.0.0/8 [200/0] via 4.4.4.2, 00:07:04
B 2.0.0.0/8 [200/0] via 2.2.2.1, 00:00:01
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:00:01
B 10.0.0.0/8 [200/0] via 4.4.4.2, 00:07:04
B 11.0.0.0 [200/0] via 4.4.4.2, 00:07:04
B 30.0.0.0/8 [200/0] via 3.3.3.1, 00:07:04
IBGP Peering using loopbacks Interfaces
Provides Neighbor Redundancy --....

··-........
·"-.
\\
1 3 .0 . : J \
Lo o p b a ck O •,
AS 500
- - -3 8 )R3 /
..." ..:,-:,,''b
.,. j
\ .'\
R1(config)#router bgp 500 ·."-
R1(config-router)#neighbor 12.0.0.1 remote-as 50°'-._
R1(config-router)#neighbor 13.0.0.1 remote-as 500 '- _
R1(config-router)#neighbor 14.0.0.1 remote-as 500 - --- --- -----
R1(config-router)#network 10.0.0.0
R1(config-router)#exit
BGP Active State Troubleshooting
Active:
The router has sent an open packet and is waiting for a response.
The state may cycle between active and idle.
The neighbor may not know how to get back to this router because of the
following reasons:
0
Neighbor is peering with the wrong address .
0
Neighbor does not have a neighbor statement for this router.
0 AS number is misconfiguration.
0
Neighbor does not have a route to the source IP address of the BGP open packet
generated by this router.
0
Any extra command missing.(update source)
Issues with IBGP peering using Loopbacks
Loopbacks must be Reachable / /

/ -- •
0
--- -·- -;,,- ----
1.oopbac lr: 0
12 . 0 . 0 . 1
,o ,.,
- '-..
to send unicast BGP open messages.

Advertise Loopback interface inside IGP /
I '>''\,'
,,
.... .
R2
;.,.,.....o
.
"\ \
(OSPF/EIGRP/RIP) ........,
'-. Loopback 0
13.0.0.l \
Problem with Source

Default Source will be exit interface
AS 500
.,. R3
30. 1, s )
I
► "'":,-:.''b
Change source address to loopback
\
i
address I
\ /
"
"-
'-.
- - --- -- ,/'
/
/
LAB: IBGP Peering USING LOOPBACKS
,,,,,,- ..
12 . 0 . 0 .1
- ---- '----
Loopback 0
/
/
/ "'--
I
/
"' \ \
13. -
..,;,
' ·..,;,/o Loopback 0
·..,;,
/ Loopback O
: 11 . 0 . 0 . 1
,. d'
\'
I
j
'
I AS 500
'
:
'
\ 0 . 1. 1.
I
/
1/ ·,r
\ ·..,;>,. d'
,r
I
F0/0 ·,r /
\ -
I
,o
'b
\
"' "'
'I-t?,·
'?,·
/
'
'?,· ,
/
'--..
_,,.,,, /
-
TASK:
• Remove the BGP configurations in the previous lab.
• Configure IBGP AS 500 as per the diagram using directly Loopback Interfaces.
• Make sure that IBGP neighbor relationship should not be affected by the physical status of the link
• Make sure that all the routers should be able to see the routes from other routers in the BGP table
On Rl, R2 R3 R4
Rx(config)# No Router bgp 500
Rl
Rl(config-router)#neighbor 12.0.0.1 remote-as 500
Rl(config-router)#no auto-summary
Rl(config-router)#no sync
Rl (config-router)#exit
WAN interfaces not preferably advertised in real networks ( It makes your BGP or routing table more big).
R2(config-router)#no auto-summary
R2(config-router)#no sync

R3 (config-router)#neighbor 12.0.0.1 remote-as 500
R3 (config-router)#network 30.0.0.0
R3 (config-router)#no auto-summary
R3 (config-router)#no sync
R3 (config-router)#exit


12.0.0.1 4 500 0 0 0 0 0 never Active
13.0.0.1 4 500 0 0 0 0 0 never Active
14.0.0.1 4 500 0 0 0 0 0 never Active

11.0.0.1 4 500 0 0 0 0 0 never Active
12.0.0.1 4 500 0 0 0 0 0 never Active
14.0.0.1 4 500 0 0 0 0 0 never Active

11.0.0.1 4 500 0 0 0 0 0 never Active
13.0.0.1 4 500 0 0 0 0 0 never Active
14.0.0.1 4 500 0 0 0 0 0 never Active
11.0.0.1 4 500 0 0 0 0 0 never Active
12.0.0.1 4 500 0 0 0 0 0 never Active
13.0.0.1 4 500 0 0 0 0 0 never Active
Active means its actively trying to establish the neighbor ship (still trying)
BGP Active State Troubleshooting
Active: The router has sent an open packet and is waiting for a response. The state may cycle between active
and idle. The neighbor may not know how to get back to this router because of the following reasons:
1. Neighbor is peering with the wrong address.
2. Neighbor does not have a neighbor statement for this router.
3. AS number is misconfiguration.
4. Neighbor does not have a route to the source IP address of the BGP open packet generated by
this router.
5. Any extra command missing
Sample output of AS number misconfiguration:
At the router with the wrong remote AS number:

%BGP-3-NOTIFICATION: sent to neighbor 172.31.1.3 2/2 (peer in wrong AS) 2 bytes FDE6
FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 FDE6 00B4 AClF 0203 1002 060104000100
0102 0280 0002 0202 00
At the remote router:
%BGP-3-NOTIFICATION: received from neighbor 172.31.1.1 2/2 (peer in wrong AS) 2 bytes FDE6
To troubleshoot BGP neighborship
First step: Make sure that there is a connectivity to neighbor
R-l#ping 12.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.0.0.1, timeout is 2 seconds:
Success rate is O percent (0/5)
R-l#ping 13.0.0.1
Success rate is 0 percent (0/5)
R-l#ping 14.0.0.1
R-l#sh ip route
Gateway of last resort is not set
C 1.0.0.0/8 is directly connected, Seriall/0

C 10.0.0.0/8 is directly connected, FastEthernet0/0
C 11.0.3.0 is directly connected, Loopback3
C 11.0.1.0 is directly connected, Loopbackl
No entry of the neighbor address (12.0.0.1, 13.0.0.1, 14.0.0.1)

• Here the router Rl don't know how to reach neighbor address ( 12.0.0.1 ,13.0.0.1 , 14.0.0.1 )
• To learn about those neighbors BGP relies on IGP protocol ( RIP/EIGRP/OSPF) running inside the AS
Here is the issue is with Routing. To fix it Configure RIP, OSPF, EIGRP any one and make sure that you also
advertise the loopback interface used for IBGP peering.
Rl(config)#router ospf 1
Rl(config-router)#net 10.0.0.0 0.255.255.255 area 0
R2(config)#router ospf 1
R2(config-router)#network 20.0.0.0 0.255.255.255 area 0

12.0.0.1 4 500 0 0 0 0 0 never Active
13.0.0.1 4 500 0 0 0 0 0 never Active
14.0.0.1 4 500 0 0 0 0 0 never Active
Make sure that there is connectivity between neighbors
R-l#ping 12.0.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/56/80 ms
R-l#ping 13.0.0.1
!!!!!
R-l#ping 14.0.0.1
!!!!!
Step-2 the other issue can be Problem with source address.
BGP Issues with Source IP Address

• When creating a BGP packet, the neighbor statement defines the destination IP address and the
outbound interface defines the source IP address.
• When a BGP packet is received for a new BGP session, the source address of the packet is compared to
the list of neighbor statements:
• If a match is found, a relationship is established.
• If no match is found, the packet is ignored.
• Make sure that the source IP address matches the address that the other router has in its neighbor
statement.
Loopback 0
2.2.2.2
10.1.1.1 10.2.2.4
Loopback 0 Loopback 0
1.1.1.1 4.4.4.4
AS 65102
Loopback 0
3.3.3.3
To establish the IBGP session between router A and

router D, which neighbor addresses should be used?
What IP address should router A What IP address should router D
use for peering with router D? use for peering with router A?
10.4.4.4 10.1.1.1
10.2.2.4 10.3.3.1
4.4.4.4 1.1.1.1
• Update-source command allows the BGP process to use the IP address of a specified interface as the source
IP address of all BGP updates to that neighbor.
• A loopback interface is usually used, because it will be available as long as the router is operational.
• The IP address used in the neighbor command on the other router will be the destination IP address of all
BGP updates and should be the loopback interface of this router.
• The neighbor update-source command is normally used only with IBGP neighbors.
• The address of an EBGP neighbor must be directly connected by default; the loopback of an EBGP neighbor
is not directly connected.
Example: BGP Using Loopback Addresses
AS 65101
AS 65100 AS 65102
10.1.1.1 10.1.1.2
10.2.2.1 10.2.2.2
2.2.2.2Loo . .
router bgp 65101 router bgp 65101

neighbor 172.16.1.1 remote-as 65100 neighbor 192.168.1.1 remote-as 65102
neighbor 3.3.3.3 remote-as 65101 neighbor neighbor 2.2.2.2 remote-as 65101
3.3.3.3 update-source Loopback0 neighbor 2.2.2.2 update-source Loopback0
! !
router eigrp 1 router eigrp 1
network 10.0.0.0 network 10.0.0.0
network 2.0 .0.0 network 3.0.0.0
Rl(config)#Router bgp 500
Rl(config-router)#Neighbor 12.0.0.1 update-source loop 0
Rl(config-router)#end

R2(config-router)#Neighbor 11.0.0.1 update-source loop 0

R3 (config-router)#Neighbor 12.0.0.1 update-source loop 0


Neighbor AS MsgRcvd MsgSent TblVer lnQ OutQ Up/Down State/PfxRcd
V
12.0.0.1 4 500 7 7 8 0 0 00:02:04 1
13.0.0.1 4 500 6 6 8 0 0 00:01:39 1
14.0.0.1 4 500 6 6 8 0 0 00:01:52 1

11.0.0.1 4 500 5 6 8 0 0 00:00:21 1
13.0.0.1 4 500 5 5 8 0 0 00:00:40 1
14.0.0.1 4 500 5 5 8 0 0 00:00:33

11.0.0.1 4 500 6 6 8 0 0 00:01:42 1
12.0.0.1 4 500 6 6 8 0 0 00:01:43 1
14.0.0.1 4 500 6 6 8 0 0 00:01:20

11.0.0.1 4 500 8 8 8 0 0 00:03:19 1
12.0.0.1 4 500 8 8 8 0 0 00:03 :03
13.0.0.1 4 500 7 7 8 0 0 00:02:58
Rl#sh ip route ospf

0 2.0.0.0/8 [110/128] via 1.1.1.2, 00:14:46, Seriall/0
0 3.0.0.0/8 [110/128] via 4.4.4.1, 00:14:46, Seriall/1
0 20.0.0.0/8 [110/65] via 1.1.1.2, 00:14:46, Seriall/0
0 40.0.0.0/8 [110/65] via 4.4.4.1, 00:14:46, Seriall/1
0 12.0.1.1 [110/65] via 1.1.1.2, 00:14:46, Seriall/0
0 12.0.0.1 [110/65] via 1.1.1.2, 00:14:46, Seriall/0
0 12.0.3.1 [110/65] via 1.1.1.2, 00:14:46, Seriall/0
0 12.0.2.1 [110/65] via 1.1.1.2, 00:14:46, Seriall/0
0 13.0.0.1 [110/129] via 4.4.4.1, 00:14:46, Seriall/1
[110/129] via 1.1.1.2, 00:14:46, Seriall/0
0 13.0.1.1 [110/129] via 4.4.4.1, 00:14:46, Seriall/1
[110/129] via 1.1.1.2, 00:14:46, Seriall/0
0 13.0.2.1 [110/129] via 4.4.4.1, 00:14:46, Seriall/1
[110/129] via 1.1.1.2, 00:14:46, Seriall/0
0 13.0.3.1 [110/129] via 4.4.4.1, 00:14:46, Seriall/1
[110/129] via 1.1.1.2, 00:14:46, Seriall/0
0 14.0.3.1 [110/65] via 4.4.4.1, 00:14:47, Seriall/1
0 14.0.2.1 [110/65] via 4.4.4.1, 00:14:47, Seriall/1
0 14.0.1.1 [110/65] via 4.4.4.1, 00:14:47, Seriall/1
0 14.0.0.1 [110/65] via 4.4.4.1, 00:14:47, Seriall/1
0 30.0.0.0/8 [110/129] via 4.4.4.1, 00:14:47, Seriall/1
[110/129] via 1.1.1.2, 00:14:47, Seriall/0
Rl(config)#int sl/0
R1(config-it)#shutdown

12.0.0.1 4 500 6 7 10 0 0 00:01:15 1
13.0.0.1 4 500 6 6 10 0 0 00:01:44
14.0.0.1 4 500 6 6 10 0 0 00:01:48
Rl#sh ip int brief

Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 10.1.1.1 YES NVRAM up up
FastEthernet0/1 unassigned YES NVRAM administratively down down
Seriall/0 1.1.1.1 YES NVRAM administratively down down
Seriall/1 4.4.4.2 YES NVRAM up up
Seriall/2 unassigned YES NVRAM administratively down down
Seriall/3 unassigned YES NVRAM administratively down down
Loopback0 11.0.0.1 YES NVRAM up up
Loopbackl 11.0.1.1 YES NVRAM up up
Rl#sh ip route ospf

0 2.0.0.0/8 [110/192] via 4.4.4.1, 00:12:27, Seriall/1
0 3.0.0.0/8 [110/128] via 4.4.4.1, 00:12:27, Seriall/1
0 20.0.0.0/8 [110/193] via 4.4.4.1, 00:12:27, Seriall/1
0 40.0.0.0/8 [110/65] via 4.4.4.1, 00:12:27, Seriall/1
0 12.0.1.1 [110/193] via 4.4.4.1, 00:12:27, Seriall/1
0 12.0.0.1 [110/193] via 4.4.4.1, 00:12:27, Seriall/1
0 12.0.3.1 [110/193] via 4.4.4.1, 00:12:27, Seriall/1
0 12.0.2.1 [110/193] via 4.4.4.1, 00:12:27, Seriall/1
0 13.0.0.1 [110/129] via 4.4.4.1, 00:12:27, Seriall/1
0 13.0.1.1 [110/129] via 4.4.4.1, 00:12:27, Seriall/1
0 13.0.2.1 [110/129] via 4.4.4.1, 00:12:27, Seriall/1
0 13.0.3.1 [110/129] via 4.4.4.1, 00:12:27, Seriall/1
0 14.0.3.1 [110/65] via 4.4.4.1, 00:12:27, Seriall/1
0 14.0.2.1 [110/65] via 4.4.4.1, 00:12:27, Seriall/1
0 14.0.1.1 [110/65] via 4.4.4.1, 00:12:27, Seriall/1
0 14.0.0.1 [110/65] via 4.4.4.1, 00:12:27, Seriall/1
0 30.0.0.0/8 [110/129] via 4.4.4.1, 00:12:27, Seriall/1

12.0.0.1 4 500 7 8 12 0 0 00:02:24 1
13.0.0.1 4 500 7 7 12 0 0 00:02:53
14.0.0.1 4 500 7 7 12 0 0 00:02:57
Rl(config)#int sl/0
Rl(config-if)#no shutdown
Configuring BGP Authentication on Cisco IOS:

• Border Gateway Protocol (BGP) supports authentication mechanism using Message Digest 5 (MD5)
algorithm.
• When authentication is enabled, any Transmission Control Protocol (TCP) segment belonging to BGP
exchanged between the peers is verified and accepted only if authentication is successful.
• For authentication to be successful, both the peers must be configured with the same password.
• If authentication fails, the BGP neighbor relationship is not be established.
Router(config-router)# neighbor {ip-address I peer-group-name} <password string>
AS 65000

neighbor 10.64.0.2 remote-as 65500 neighbor 10.64.0.2 neighbor 10.64.0.1 remote-as 65000 neighbor 10.64.0.1
password v6lne0qkel33& password v6lne0qkel33& 8•
BGP Authentication -- --- --- -VJ- --

/ .,..,..-·· Loopbac lr. O
--
1::2 . 0 . 0 . 1
------ '--
'-.,.
"\
\
L o o pback 0
, ,, , 3;;;.l. I /8 )
I
j
R1(config)# router bgp 500 \
R1(config-router)# neighbor 12.0.0.1 passwor cisco123 I
R1(config-router)# neighbor 13.0.0.1 password co123 /
/
R1(config-router)# neighbor 14.0.0.1 password /
_,,,,,.
cisc o.1 23
, · ---- - - - - ---
R1(config-router)# neighbor 12.0.0.1 version 4 -- --
R1(config-router)# neighbor 13.0.0.1 version 4
TASK
• Make sure that the authentication is established between all the peers and they should use password as
cisco123.
• The peering should establish only if both the routers runs BGP v4
Rl(config)# router bgp 500

Rl(config-router)# neighbor 12.0.0.1 password cisco123
Rl(config-router)# neighbor 12.0.0.1 version 4
Rl(config-router)# end
R2(config)# router bgp 500

R2(config-router)# neighbor 11.0.0.1 password cisco123

R3 (config-router)# neighbor 12.0.0.1 version 4


12.0.0.1 4 500 7 7 8 0 0 00:02:04 1
13.0.0.1 4 500 6 6 8 0 0 00:01:39 1
14.0.0.1 4 500 6 6 8 0 0 00:01:52 1

11.0.0.1 4 500 5 6 8 0 0 00:00:21 1
13.0.0.1 4 500 5 5 8 0 0 00:00:40 1
14.0.0.1 4 500 5 5 8 0 0 00:00:33

11.0.0.1 4 500 6 6 8 0 0 00:01:42 1
12.0.0.1 4 500 6 6 8 0 0 00:01:43
14.0.0.1 4 500 6 6 8 0 0 00:01:20

11.0.0.1 4 500 8 8 8 0 0 00:03:19 1
12.0.0.1 4 500 8 8 8 0 0 00:03:03
13.0.0.1 4 500 7 7 8 0 0 00:02:58 1
BGP- Peer-groups
Apply same policies to multiple neighbors
• useful when many neighbors have the
same policies.
• Updates are generated once per peer
group.
• Configuration is simplified.
....
.... - --- ---
---- ----
BGP- Peer-groups · configuration
/ Loopback o
,' 11.0 .0 . 1
R1(con fig)#router bgp 500

R1(config-router)# neighbor CCIE peer-group \ 0.1.1.11
R1(config-router)# neighbor CCIE remote-as 500 \
R1(config-router)# neighbor CCIE update-source loop ack
0
R1(config-router)# neighbor CCIE version 4 \.
R1(config-router)# neighbor CCIE password cisco123
R1(config-router)# neighbor 12.0.0.1 peer-group CCIE

". ...
----
LAB - PEER GROUPS
- - - - - ----- ----
·=- -
'-...
/ ---- Loopback 0
12 .0 .0 . 1
, / "-
I
, /
"' \
I \
i ··:
,? ..,
·,? /0 Loopback 0
·,?
/Loopback 0
: 11.0.0.1
,. d'
\
AS 500
.
I \
F0/0
.
0.1.1.1/
.., I.
·,r
\ ·,?
I
,. d'
,r ..,
\ .,,
-
..,
I
\ /
"' /
"
/
'-...
TASK:
- --
Configure peering between Rl R2 R3 R4 with the below configurations:
• Peering to be established using the loop O ip address ( X. 0.0.1) of every router
• Make sure that the authentication is established between all the peers and they should use password as
cisco123.
• The peering should establish only if both the routers runs BGP v4
• Use minimum commands as possible (peer groups).
• Configure IGP as OSPF area O to Provide reachability between loopbacks
• Advertise only LAN network only in BGP
Rl(config)#router ospf 1

Rl(config-router)# neighbor CCIE peer-group
Rl(config-router)# neighbor CCIE remote-as 500

Rl(config-router)# neighbor CCIE update-source loopback 0
Rl(config-router)# neighbor CCIE version 4
Rl(config-router)# neighbor CCIE password cisco123
Rl(config-router)# neighbor 12.0.0.1 peer-group CCIE

Rl(config-router)# net 10.0.0.0


R2(config-router)# neighbor CCIE peer-group
R2(config-router)# neighbor CCIE remote-as 500

R2(config-router)# neighbor CCIE update-source loopback 0
R2(config-router)# neighbor CCIE version 4
R2 (config-router)#
R2 (config-router)# neighbor 11.0.0.1 peer-group CCI E
R2 (config-router)# neighbor 14.0.0.1 peer-group CCI E
R2(config-router)#net 20.0.0.0

R3 (config-router)# neighbor CCIE peer-group
R3 (config-router)# neighbor CCIE remote-as 500
R3 (config-router)# neighbor CCIE update-source loopback 0
R3 (config-router)# neighbor 12.0.0.1 peer-group CCIE
R3 (config-router)#net 30.0.0.0
R3 (config-router)# no synchronization

R4(config-router)# neighbor CCIE update-source loopback 0
R4(config-router)#net 40.0.0.0

12.0.0.1 4 500 7 7 8 0 0 00:02:04 1
13.0.0.1 4 500 6 6 8 0 0 00:01:39 1
14.0.0.1 4 500 6 6 8 0 0 00:01:52 1

11.0.0.1 4 500 5 6 8 0 0 00:00:21 1
13.0.0.1 4 500 5 5 8 0 0 00:00:40
14.0.0.1 4 500 5 5 8 0 0 00:00:33

11.0.0.1 4 500 6 6 8 0 0 00:01:42 1
12.0.0.1 4 500 6 6 8 0 0 00:01:43 1
14.0.0.1 4 500 6 6 8 0 0 00:01:20

11.0.0.1 4 500 8 8 8 0 0 00:03:19 1
12.0.0.1 4 500 8 8 8 0 0 00:03 :03
13.0.0.1 4 500 7 7 8 0 0 00:02:58
Rl#sh ip bgp
Network Next Hop Metric LocPrf Weight Path
'>
0
'
0.0.0.0 0 32768 i
10.0.0.0
r>i20.0.0.0 12.0.0.1 0 100 0i
r>i30.0.0.0 13.0.0.1 0 100 Oi
r>i40.0.0.0 14.0.0.1 0 100 Oi
BGP Split Horizon Rule : Review
► An update send by one IBGP neighbor should not be send back to another IBGP
neighbor
► BGP split-horizon is necessary to ensure that routing loops are not started within an
AS
AS 65001
Solution:
1. full mesh neighborship
means every router should be a neighbor of every other router with in AS.
iBGP Full Mesh Scalability

Concerns
Administration
° Configuration management on increasingly large number of routers.
Number of TCP Sessions
0
Total number of sessions = n(n-1)/2
0
Maintaining extreme numbers of TCP sessions creates
0
Extra overhead.
BGP Table Size
0
A higher number of neighbors generally translate to a higher number of paths for each route.
0
Memory consumption.
Route Reflector
► Scalable alternative to an iBGP full mesh.
► Allows a router (route reflector - RR) to advertise routes received from an iBGP peer
to other iBGP peers.
► Client updates server.
► Server updates to all the remaining clients.
/
I
\
•.Rl
'---' •• _
ASSOO
---R3
RR _91e,lr.°'
ao_3
RRCUenta - - --. _ _ _ __ _ _ __
_
it /
• All Clients should establish neighbor with only servers

• Clients will not establish neighbor with any other client
• In case if you have 2 servers (server establish neighbor with other servers & clients)
AS 500
j
\ RRnrNr
/
/
/
_ .
• All Clients should establish neighbor with only servers

• Clients will not establish neighbor with any other client
In case if you have 2 servers (server establish neighbor with other servers & clients)
LAB: ROUTE REFLECTOR
"
(
/ RR Server
"' \
\
ASSOO ••-·:
0 . 1:
/
--------
R3 _/
---
- - -........R. l
RR Clients
-- ...
RR
_9J.ien&
---------··
TASK
• Configure IBGP AS 500 as per the diagram
• Make sure that all the routers should be able to see the routes from other routers in the routing table
through BGP. Do not use full mesh peering

Rl(config-router)# exit



1.1.1.1 4 500 7 7 6 0 0 00:03:37 2
2.2.2.2 4 500 7 7 6 0 0 00:03:24 2
R2#sh ip bgp
,., il.0.0.0 1.1.1.1 0 100 0i
'''> 0.0.0.0 0 32768 i
,., i2.0.0.0 2.2.2.2 0 100 0i
'''> 0.0.0.0 0 32768 i
' > il0 .0.0.0 1.1.1.1 0 100 0i
0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > i30.0.0.0 2.2.2.2 0 100 0i

0
'
Rl#sh ip bgp
,., il.0.0.0 1.1.1.2 0 100 0i
'''> 0.0.0.0 0 32768 i
' > i2.0.0.0 1.1.1.2 0 100 0i
0
'
' > 10.0.0.0 0.0.0.0 0 32768 i

0
'
' > i20.0.0.0 1.1.1.2 0 100 0i

0
'
R3#sh ip bgp
' > il. 0.0.0 2.2.2.1 0 100 0i
0
'
,., i2.0.0.0 2.2.2.1 0 100 0i

'''> 0.0.0.0 0 32768 i
' > i20.0.0.0 2.2.2.1 0 100 0i
0
'
' > 30.0.0.0 0.0.0.0 0 32768 i

0
'
Rl and R3 cannot see each other routes in their respective BGP table because of split horizon rule
In order to get the routes to be learned we have two Solutions:

1. Full mesh neighborship ( which the requirement says not to use here )
2. Route reflector
To Configure Route-reflector
• All Clients should establish neigbbor with only servers
• Clients will not establish neigbor with any other clinet
• In case if you have 2 servers ( server establish neigbbor with other servers and clients)

R2(config-router)# neighbor 1.1.1.1 route-reflector-client
R2(config-router)# neighbor 2.2.2.2 route-reflector-client
Rl#sh ip bgp
' > 10.0.0.0
0
'
0.0.0.0 0 32768 i
' > i20.0.0.0
0
'
1.1.1.2 0 100 0i
* i30.0.0.0 2.2.2.2 0 100 0i
R3#sh ip bgp
* >il0.0.0.0 1.1.1.1 0 100 0i
' > i20.0.0.0
0
'
2.2.2.1 0 100 0i
'>
0
'
0.0.0.0 0 32768 i
30.0.0.0
LAB: ROUTE REFLECTOR USING LOOBACK
/"
= . "' \
/, R2
RR Server
0 ..,,,q,
/ Loopback 0 ..,,V...,,y
\ 11.0.0.1 V 13.0.0.l /
ASS00
- .
30 . 1. 1 , 78
R3 _,,-,/
- --
RR Clie n t s·- - -
_. ,R-R- _glienG
-
TASK:
• Configure BGP AS 500 as per the diagram using Loopnback Interfaces.
• To provide Reachability configure RIPv2 as IGP protocol inside AS 500

Rl(config-router)#neighbor 12.0.0.1 update-source loopback 0
Rl(config-router)#no synchronization
Rl (config-router)#no auto-summary

R2(config-router)#neighbor 11.0.0.1 update-source loopback 0
R2(config-router)#no synchronization

R3 (config-router)#neighbor 12.0.0.1 update-source loopback 0
R3 (config-router)#no synchronization
11.0.0.1 4 500 6 6 6 0 0 00:01:03 1
13.0.0.1 4 500 8 8 6 0 0 00:03:32
Rl#show ip bgp summary
12.0.0.1 4 500 6 6 4 0 0 00:01:55 1

12.0.0.1 4 500 9 9 4 0 0 00:04:57 1
Rl#show ip bgp
'>
0
'
0.0.0.0 0 32768 i
10.0.0.0 12.0.0.1 0 100 0i
r>i20.0.0.0
Rl Do Not Have R3 Routes (30.0.0.0) Because Of Split Horizon Rule
R3#sh ip bgp
Network
r>i20.0.0.0 Next Hop Metric LocPrf Weight Path
'>
0
'
12.0.0.1 0 100 0i
30.0.0.0 0.0.0.0 0 32768 i
R3 do not have Rl routes (10.0.0.0) because of split Horizon rule
TASK: Configure R2 as RR Server and Rl and R3 as RR Clients

R2(config-router)#neighbor 11.0.0.1 route-reflector-client
Rl#show ip bgp
'>
0
'
0.0.0.0 0 32768 i
10.0.0.0
r>i20.0.0.0 12.0.0.1 0 100 0i
r>i30.0.0.0 13.0.0.1 0 100 0i
R3#sh ip bgp
r>il0.0.0.0 11.0.0.1 0 100 0i
r>i20.0.0.0 12.0.0.1 0 100 0i
*> 30.0.0.0 0.0.0.0 0 32768 i
LAB: ROUTE REFLECTOR WITH TWO SERVERS FOR REDUNDANCY
.... _...-, - -.----·- ·;,,-- -- ---

..-- Loopback O
12.0.0.1
- o
f,..
·--......
...........
0
/
I
,
I RR server
\
/1.oopback 0
: 11.0.0.1
ASSOO
\
I
!
\ RR server
"
--
........... _...,.,,,,
TASK:
• Configure RIPv2 to provide Reachability between BGP peers
• Configure R2/R4 as RR Server and R1/R3 as Clients
Rl(config)#router rip
Rl(config-router)# version 2
R2(config)#router rip
R2(config-router)# version
2
R2(config-router)# no auto-
summary R2(config-router)#
R3(config-router)# version 2
R3#
R4(config-router)# version 2
R4#
R4#sh ip route rip

R 1.0.0.0/8 [120/1] via 4.4.4.2, 00:00:09, Seriall/1
R 2.0.0.0/8 [120/1] via 3.3.3.1, 00:00:09, Seriall/0
R 20.0.0.0/8 [120/2] via 4.4.4.2, 00:00:09, Seriall/1
[120/2] via 3.3.3.1, 00:00:09, Seriall/0
R 10.0.0.0/8 [120/1] via 4.4.4.2, 00:00:09, Seriall/1
R 11.0.3.0 [120/1] via 4.4.4.2, 00:00:09, Seriall/1
R 11.0.2.0 [120/1] via 4.4.4.2, 00:00:09, Seriall/1
R 11.0.1.0 [120/1] via 4.4.4.2, 00:00:09, Seriall/1
R 11.0.0.0 [120/1] via 4.4.4.2, 00:00:09, Seriall/1
R 12.0.0.0 [120/2] via 4.4.4.2, 00:00:09, Seriall/1
[120/2] via 3.3.3.1, 00:00:09, Seriall/0
R 12.0.1.0 [120/2] via 4.4.4.2, 00:00:09, Seriall/1
[120/2] via 3.3.3.1, 00:00:09, Seriall/0
R 12.0.2.0 [120/2] via 4.4.4.2, 00:00:09, Seriall/1
[120/2] via 3.3.3.1, 00:00:09, Seriall/0
R 12.0.3.0 [120/2] via 4.4.4.2, 00:00:09, Seriall/1
[120/2] via 3.3.3.1, 00:00:11, Seriall/0
R 13.0.1.0 [120/1] via 3.3.3.1, 00:00:11, Seriall/0
R 13.0.0.0 [120/1] via 3.3.3.1, 00:00:11, Seriall/0
R 13.0.3.0 [120/1] via 3.3.3.1, 00:00:11, Seriall/0
R 13.0.2.0 [120/1] via 3.3.3.1, 00:00:12, Seriall/0
R 30.0.0.0/8 [120/1] via 3.3.3.1, 00:00:12, Seriall/0
Rl (RR CLIENT)


Rl (config-router)#no synchronization
R3 (RR CLIENT)


R2 (RR SERVER)


R4 (RR server)




BGP router identifier 12.0.3.1, local AS number 500
BGP table version is 8, main routing table version 8
4 network entries using 468 bytes of memory
6 path entries using 312 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
2 BGP rrinfo entries using 48 bytes of memory
0 BGP route-map cache entries using O bytes of memory
0 BGP filter-list cache entries using O bytes of memory
BGP using 1200 total bytes of memory
BGP activity 4/0 prefixes, 6/0 paths, scan interval 60 secs

11.0.0.1 4 500 5 8 8 0 0 00:01:55 1
13.0.0.1 4 500 7 10 8 0 0 00:01:34 1
14.0.0.1 4 500 8 8 8 0 0 00:00:08 3

0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory

11.0.0.1 4 500 5 8 8 0 0 00:00:36 1
12.0.0.1 4 500 8 8 8 0 0 00:00:29 3
13.0.0.1 4 500 5 8 8 0 0 00:00:54 1


12.0.0.1 4 500 9 6 8 0 0 00:02:27 3
14.0.0.1 4 500 8 5 8 0 0 00:00:47 3
Rl#sh ip bgp
BGP table version is 8, local router ID is 11.0.3.1
Status codes: s suppressed, d damped, h history, ,., valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
r i20.0.0.0 12.0.0.1 0 100 0i

r>i 12.0.0.1 0 100 0i
r i30.0.0.0 13.0.0.1 0 100 0i
r>i 13.0.0.1 0 100 0i
r i40.0.0.0 14.0.0.1 0 100 0i
r>i 14.0.0.1 0 100 0i
EBGP basic configuration
R2(config}#router bgp 500
RR aerver
RR Client
·. Rl
'-... AS 500
__
..............

R1(config-router)# neighbor 1.1.1.2 remote-as 500 R3(config)#router bgp 600
R1(config-router)# network 10.0.0.0 R3(config-router)# neighbor 2.2.2.1 remote-as 500
BGP next hop behavior

► BGP is an AS-by-AS routing protocol, not a router-by-router routing protocol.
► In BGP, the next hop does not mean the next router; it means the IP address to reach
the next AS.
When EBGP - EBGP neighbor (changes the next hop)

When IBGP - IBGP neighbor (the next hop remains same) (unchanged)
AS 200 192 .10.1.0/30

150.10.0.0/16 .1
Network Next-Hop Path

160.10.0.0/16 192.20.2.1 100
• Next hop to reach a network

• Usually a local network is the next
AS 100 hop in eBGP session
160.10.0.0/16
AS 300
AS 200 192 .10.1.0/30 140.10.0.0/16
150.10.0.0/16 .1
Network Next-HopPath
150.10.0.0/16 192.10 .1.1200
Nex1so .10.o.0116 192.10.1.1200 100
• Usually a loc al network is the nex t
hop in eBGP sessio n

AS 100
160.10.0.0/16
• Next Hop updated betwee n
e
B
G
P
P
e
e
r
s
Networ1 Next-HopPath
<
150.10.0.0/16 192.10.1.1200
160.10.0.0/16 192.10.1.1200 100
c ange
between iBGP peers
AS 100
160.10.0.0/16 ► well-known, mandatory Attribute.
► BGP is AS by AS routing Protocol
► Next hop 'I next router
► Next hop= IP to reach next AS
172.20.0.0 172.20.10.1 172.20.10.2
• Router A advertises network 172.16.0.0 to router B

in EBGP, with a next hop of 10.10.10.3.
172.16.0.0
• Router B advertises 172.16.0.0 in IBGP to router C,
keeping 10.10.10.3 as the next-hop address .
Default Next-hop Behavior
_.... AS 500
•. Rl
'-
-
......
R1#sh ip bgp
Network
Next Hop Metric LocPrf Weight Path
*>
0.0.0.0 0 32768 i
10.0.0.0
*>i20.0.0.0 1.1.1.2 0 100 0i
* i30.0.0.0 2.2.2.2 0 100 0 600 i
R1#sh ip route bgp

B 20.0.0.0/8 (200/0] via 1.1.1.2, 00:14:13
Using next-hop-self

R2(config-router)# neighbor 1.1.1.1 next-hop-self
R1#sh ip bgp
*> 10.0.0.0 0.0.0.0 0 32768 i
*>i20.0.0.0 1.1.1.2 0 100 0i
*>i30.0.0.0 1.1.1.2 0 100 0 600 i
R1#sh ip route bgp

B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:18:13
B 30.0.0.0/8 [200/0) via 1.1.1.2, 00:00:20
LAB: Basic EBGP Configuration & Verify Next-hop Behavior
R2
AS 50 0
---.
-.... _
_....
_
.. _
-
-



1.1.1.1 4 500 14 17 10 0 0 00:09:08 1
2.2.2.2 4 600 13 15 10 0 0 00:08:51
R2#sh ip bgp
' > il0 .0.0.0
0
'
1.1.1.1 0 100 0i
'>
0
'
0.0.0.0 0 32768 i
20.0.0.0
2.2.2.2 0 0 600 i
'>
0
'
30.0.0.0
R2#sh ip route bgp

B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:01:00
B 30.0.0.0/8 [20/0] via 2.2.2.2, 00:00:50
Rl#sh ip bgp
'>
0
'
0.0.0.0 0 32768 i
10.0.0.0
1.1.1.2 0 100 0i
'
0
2.2.2.2 0 100 0 600 i

'
> i20.0.0.0
* i30.0.0.0
Rl#sh ip route bgp

B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:14:13
30.0.0.0 Network not present in the routing table as the next-hop 2.2.2.2 (due to default next-hop behavior of
BGP) is unreachable
To fix this issue
1. either advertise the wan interfaces
2. change the next-hop address to next router address

• When EBGP ---sends an update to another EBGP neighbor -------------changes the next hop
• When IBGP ---sends an update to another IBGP neighbor------------- the next hop remains same ( not
change)
To change this behavior manually you need to tell to change the next hop ( done on the border routers
pointing to internal BGP neighbors )
Or
• if using Route-Reflector with the AS in that case on server configure next-hop-self poiting to all clients
Router (config-router)# neighbor {ip-address I peer-group-name} next-hop-self
router bgp 65101
neighbor 3.3.3.3 remote-as 65101 neighbor
3.3.3.3 update-source Loopback0 neighbor
3.3.3.3 next-hop-self
!
router eigrp 1
network 10.0.0.0
network 2.0.0.0
AS 65101
AS 65100 AS 65102
1-,:1u1:2i ;..11§ ill f.!.: :.!._-!.:. , 1 ..
6;.111.1 .2.2 .2.2.2
2.2.2Loo 3 .. ..,..
10.0.0.0 10.0.0.0
..10
I 0.0. 0 . :ll
1 _Next-hop= 172.16.1.1 Next-hop= 2.2.2.2 · -

Next-hop= 192.168.1.2 .. ,
• Forces all updates for this neighbor to be advertised with this router as the next hop.
• The IP address used for the next-hop-self option will be the same as the source IP address of the BGP packet.
On R2

R2 (config-router)# neighbor 1.1.1.1 next-hop-self
Rl#sh ip bgp
'>
0
'
0.0.0.0 0 32768 i
10.0.0.0
1.1.1.2 0 100 0i
' > i20.0.0.0
0
1.1.1.2 0 100 0 600 i

'
*>i30.0.0.0
Rl#sh ip route bgp

B 20.0.0.0/8 [200/0] via 1.1.1.2, 00:18:13
B 30.0.0.0/8 [200/0] via 1.1.1.2, 00:00:20
EBGP- Neighbor
Redundancv
'j
Redundant Links o etween two AS ( Ex: ISP).
Loopbaro "' / back0
_ir ;;:\, ,Y
1
Rl µ_, s i- ,i- -zL- ·- -1:.•:-:.' •- -;--7, R2
7'
....._ ....
2 . 2.2 . 1/8 2 . 2 . 2 . 2/ 8
· --.._ ....-
AS 500 AS 600

R1(config-router)# neighbor 12.0.0.1 update-source loopback 0
R1(config-router)# neighbor 12.0.0.1 ebgp-multihop
• increases TTL value.

• default one hop for EBGP
peers.
;;:'.
Loopbaro "' • / backO
R2 2,i :
,
.. ·....._ _ _
....._ .... ....
ASS00 AS600
Reachability between Loopbacks
R-1(config)#ip route 12.0.0.0255.255.255.01.1.1.2
R-1(con fig)#ip route 12.0.0.0 255.255.255.0 2.2.2.2 10
EBGP using Loopbacks
:example
AS 65102
Loopback 0
2.2.2.2
192.168.1.17/28
AS 65101

neighbor 1.1.1.1 remote-as 65101 neighbor 2.2 .2.2 remote-as 65102
neighbor 1.1.1.1 update-source Loopback 0 neighbor 2.2 .2.2 update-source Loopback 0
neighbor 1.1.1.1 ebgp-multihop 2 neighbor 2.2.2.2 ebgp-multihop 2
! !
ip route 1.1.1.1 255.255.255.255 192.168.1.18 ip route 2.2.2.2 255.255.255.255 192.168.1.17
ip route 1.1.1.1 255.255.255.255 192.168.1.34 ip route 2.2.2.2 255.255.255.255 192.168.1.33
I LAB: EBGP NEIGHBOR USING LOOPBACKS
---
Loopbac jcO
s1/0
, _,
I
11.0. ,01 1.1.1.2/8

I
...-
FO/
0.1.1. / F' 0 / 0
S1/1 s1/1 \
2f . 1. 1. 11
2.2.2.1/8 2.2.2.2/8 R2
'- - - _./
ASSOO AS600
TASK
• Configure EBGP peeringbetween Rl and R2 as per the diagram.
• Make sure that EBGP neighbor relationship should not be affected by the physical status of the link
• Configure Static Routing to provide Reachability between Looback interfaces of Rl & R2.

Rl(config-router)# neighbor 12.0.0.1 update-source loopback 0
Rl(config-router)# neighbor 12.0.0.1 ebgp-multihop
Rl(config-router)#no auto
Rl(config-router)#no sync
BGP neighbor ebgp-multihop Command
• This command increases the default of one hop for EBGP peers.
• It allows routes to the EBGP loopback address (which will have a hop count greater than 1).
• Ebgp-multihop tells to neighbor that the 12.0.0.1 is not directly connected and it is multiple hops away
• Increases the default TTL value from 1 to 255

R2 (config-router)# neighbor 11.0.0.1 update-source loopback 0
R2 (config-router)# neighbor 11.0.0.1 ebgp-multihop
R2 (config-router)#network
20.0.0.0 R2(config-router)#no auto

12.0.0.1 4 600 0 0 0 0 0 never Active
R-l#ping 12.0.0.1
From the above ping test we can confirm that there may be either Connectivity or Routing issue.
Rl#ping 1.1.1.2
!!!!!
Rl#ping 2.2.2.2
!!!!!
Rl#sh ip route
C 10.0.0.0/8 is directly connected, FastEthernet0/0
C 11.0.1.0 is directly connected, Loopbackl
• Rl do not have any route for 12.0.0.0 network to which it is peering

• To provide reachability either we can use any dynamic routing or static routing
• In general we prefer to use static routing between different AS ( but dynamic also works in the lab)
R-1(config)#ip route 12.0.0.0 255.255.255.0 1.1.1.2

R-l(config)#ip route 12.0.0.0 255.255.255.0 2.2.2.2 10
R-2 (config)#ip route 11.0.0.0 255.255.255.0 1.1.1.1

R-2 (config)#ip route 11.0.0.0 255.255.255.0 2.2.2.1 10
R-l#ping 12.0.0.1
!!!!!
12.0.0.1 4 600 4 4 1 0 0 00:00:21 1

11.0.0.1 4 500 5 5 3 0 0 00:00:05 1
Rl#sh ip bgp
' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
' > 20.0.0.0 12.0.0.1 0 0 600 i

0
'
Rl#sh ip route bgp

B 20.0.0.0/8 [20/0] via 12.0.0.1, 00:00:33
R2#sh ip bgp
' > 10.0.0.0
0
'
11.0.0.1 0 0 500 i
' > 20.0.0.0
0
'
0.0.0.0 0 32768 i
R2#sh ip route bgp

B 10.0.0.0/8 [20/0] via 11.0.0.1, 00:00:57
Synchronization rule:
Do not use or advertise to an external neighbor a route learned by IBGP until

a matching route has been learned from an IGP
AS 65500 AS 64520
All routers in AS 65500 are running BGP; there are no matching
IGP routes.
► Ensures consistency of information throughout the AS.
► Safe to have it off only if all routers in the transit path in the AS are running
full-mesh IBGP;
► off by default in Cisco IOS software release 12.2(8)T and later
► Router (config-router)# no synchronization

0
The above command Disables BGP synchronization so that a router will advertise
routes in BGP without learning them in an IGP
► Router (config-router)# synchronization

0
The Above Command enables BGP synchronization so that a router will not
advertise routes in BGP until it learns them in an IGP
BGP Synchronization rule : Verification

R1(config-router)# synchronization
R2/R3
R2(config-router)#synchronization
\.
R3
AS 500
R2#sh ip bgp 30.0.0.0
BGP routing table entry for 30.0.0.0/8, version O
Paths: (1 available, no best
path) Not advertised to any
peer Local
2.2.2.2 from 2.2.2.2 (13.0.3.1}
Origin IGP, metric O, localpref 100, valid, internal, not synchronized
R2#sh ip route bgp

B 10.0.0.0/8 [20/0) via 1.1.1.1, 00:04:05
To Fix BGP Synchronization Rule :

► Advertise Interfaces in both IGP and
BGP
► Disable the Synchronization Rule :
R3
R2/R3
Rx(config)# router bgp 600
Rx(config-router)#no synchronization
LAB: VERIFY BGP SYNCHRONIZATION RULE
----- " "

co
. ... -- ------
.-I
--
- :t.,.....
- ./
-,
'\.
'\
er-
·,1 '
.....(.9. '
'
{ \'
'
\ I
\
AS600 :;.°{1,s
.......-_ -- -----. __ __
R3
TASK:
• Configure BGP peering as per the diagram and advertise all the interfaces inside BGP
• Disable Synchronization Rule on all the routers.

Rl (config-router)#network 1.0.0.0
Rl (config-ro uter )# no synchronization

R2 (config-ro uter)# no synchronization

R3(config-ro uter)# no synchronization

1 BGP AS-PATH entries using 24 bytes of memory

1.1.1.1 4 500 5 6 6 0 0 00:01:16 2
2.2.2.2 4 600 4 5 6 0 0 00:00:56 2
R2#sh ip bgp

-;': 1.0.0.0 1.1.1.1 0 0 500 i
'''> 0.0.0.0 0 32768 i
,., i2.0.0.0 2.2.2.2 0 100 0i
'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 1.1.1.1 0 0 500 i
0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > i30.0.0.0 2.2.2.2 0 100 0i

0
'
R3#sh ip bgp

' > il. 0.0.0
2.2.2.1 0 100 0i
'
0
,., i2.0.0.0 2.2.2.1 0 100 0i

'''> 0.0.0.0 0 32768 i
' > il0 .0.0.0 1.1.1.1 0 100 0 500 i
0
'
' > i20.0.0.0 2.2.2.1 0 100 0i

0
'
'
0
' > 30.0.0.0 0.0.0.0 0 32768 i
R3#sh ip route bgp

B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:00:56
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:00:56
B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:00:51
TASK: Enable Synchronization on all the three routers for verification:

Rl (config-router)# synchronization
R2/R3
R2 (config-router)#synchronization
R2#sh ip bgp

' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
1.1.1.1 0 0 500 i
' > 2.0.0.0 0.0.0.0 0 32768 i
0
'
,.,i 2.2.2.2 0 100 0i

' > 10.0.0.0 1.1.1.1 0 0 500 i
0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
,., i30.0.0.0 2.2.2.2 0 100 0i
R2#sh ip bgp 30.0.0.0

BGP routing table entry for 30.0.0.0/8, version 0
Paths: (1 available, no best path)
Not advertised to any peer
Local
2.2.2.2 from 2.2.2.2 (13.0.3.1)
Origin IGP, metric 0, localpref 100, valid, internal, not synchronized
R2#sh ip route bgp

B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:04:05
Rl#sh ip bgp

,., 1.0.0.0
1.1.1.2 0 0 600 i
'> 0.0.0.0 0 32768 i
0
'
' > 2.0.0.0 1.1.1.2 0 0 600 i

0
'
' > 10.0.0.0 0.0.0.0 0 32768 i

0
'
,., > 20.0.0.0 1.1.1.2 0 0 600 i
Rl#sh ip bgp 30.0.0.0

% Network not in table
• R3 advertises 30.0.0.0 to R2
• R2 will not use or advertise this network as synchorization rule is enabled, and as per the rule the same
matching route has to be learned from IGP inside AS 600
• TO fix it, Ensure that all the routes used in BGP has to be advertised in IGP running inside AS Or Disable
Synchorization Rule
TASK:
Configure OSPF area O inside AS 600 and advertise all the interafaces as per the Diagram
R2(config-router)#network 20.0.0.0 0.255.255.255 a 0
R2(config)#
R2#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
13.0.3.1 O FULU - 00:00:32 2.2.2.2 Seriall/1
R2#sh ip route ospf

0 30.0.0.0/8 [110/65] via 2.2.2.2, 00:00:06, Seriall/1
R2#sh ip bgp
r RI 8-failure, S Stale

' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
1.1.1.1 0 0 500 i
' > 2.0.0.0 0.0.0.0 0 32768 i
0
'
,.,i 2.2.2.2 0 100 0i

' > 10.0.0.0 1.1.1.1 0 0 500 i
0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
r>i30.0.0.0 2.2.2.2 0 100 0i
Rl#sh ip bgp

-;': 1.0.0.0 1.1.1.2 0 0 600 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0 1.1.1.2 0 0 600 i
0
'
' > 10.0.0.0 0.0.0.0 0 32768 i

0
'
' > 20.0.0.0 1.1.1.2 0 0 600 i

0
'
' > 30.0.0.0 1.1.1.2 0 600 i

0
'
Rl#sh ip route bgp

B 2.0.0.0/8 [20/0] via 1.1.1.2, 00:02:28
B 20.0.0.0/8 [20/0] via 1.1.1.2, 00:01:58
B 30.0.0.0/8 [20/0] via 1.1.1.2, 00:00:54
TASK:
• Remove the OSPF configurations on R2/R3
• Disable Synchronization Rule on all three Routers (Rl, R2, R3)
R2/R3
R3 (config) # no router ospf 1
R2/R3
Rx(config)# router bgp 600
Rx(config-router)#no synchronization
Rx(config-router)#end
Rl
R2#clear ip bgp *
R2#sh ip bgp

-;':
1.0.0.0 1.1.1.1 0 0 500 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0 0.0.0.0 0 32768 i
0
'
,.,i 2.2.2.2 0 100 0i

' > 10.0.0.0 1.1.1.1 0 0 500 i
0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
'
0
' > i30.0.0.0 2.2.2.2 0 100 0i
R2#sh ip bgp 30.1.1.1

Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
Advertised to update-groups:
1
Local
2.2.2.2 from 2.2.2.2 (13.0.3.1)
Origin IGP, metric 0, localpref 100, valid, internal, best

Flag: 0x820
600
1.1.1.2 from 1.1.1.2 (12.0.3.1)
Origin IGP, localpref 100, valid, external, best
Rl#sh ip bgp
1.0.0.0
-;':
1.1.1.2 0 0 600 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0 1.1.1.2
0
'
0 0 600 i
' > 10.0.0.0 0.0.0.0
0
'
0 32768 i
' > 20.0.0.0 1.1.1.2
0
'
0 0 600 i
' > 30.0.0.0 1.1.1.2 0 600 i
0
'

Flag: 0x820
600
1.1.1.2 from 1.1.1.2 (12.0.3.1)
Rl#sh ip route bgp

B 2.0.0.0/8 [20/0] via 1.1.1.2, 00:00:36
B 20.0.0.0/8 [20/0] via 1.1.1.2, 00:00:36
B 30.0.0.0/8 [20/0] via 1.1.1.2, 00:00:36
Rl#ping 30.1.1.1
!!!!!
BGP Path-Selection Process
- BGP Attributes
BGP Attributes
► BGP chooses a route to a network based on the attributes of its path.

► Four categories of attributes exist as follows:
0 Well-known mandatory:
0 Well-known discretionary :
0 Optional transitive:
0
Optional non-transitiv e:
BO
BGP ATTRIBUTES
OPTIONA
L
MANDATO TRANSillVE NON·TRANSill

RY VE
AS- LOCAL AGGREGAT ME

PATH PREFERENCE OR D
NEXT-HO UTOMIC COMMUNIT ORIGINATO

P AGGREGAT Y R
ORIGIN no- CLUSTER-

export ID
no-
advertise
internet
local-as
Well-known mandatory:
► Must be recognized by all BGP routers.
present in all BGP updates. and passed
on to other BGP routers. MANDATO
RY
► AS path, origin, and next hop.
Well-known discretionary:
► Must be recognized by all BGP routers
and passed on to other BGP routers but
need not be present in an update
► local preference.
e
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions.com Page B1
Optional transitive: BGP ATTRIBUTES
► Might or might not be recognized by a

BGP router but is passed on to other BGP OPTIONAi.
routers.
► If not recognized, it is marked as partial. TRANSmVE NON-TRANSmVE
► Aggregator, community.
AGGREGAT ME
OR D
COMMUN ORIGINAT
Optional non-transitive: nY OR
► If the BGP process does not recognize the no-export CLUSTER-

attribute then it can ignore the update ID
and not advertise the path to its peers
no-advertise
► Multi-Exit Discriminator (MED),
originator ID. intern
et
local-
as
AS-Path Attribute
20.2.2.0
AS 65444
20.2.2.0 20.2.2.0
AS 65222 65333 AS 65333
65444 65444
► AS Path is Well known, mandatory attribute

► List of AS through which updates are coming.
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions.com Page 82
AS-Path Attribute
Path with shortest AS path list is more desirable.
R2
AS200
FQ/01
30.1.,.l/,
AS400
Next-hop Attribute
AS 200 192.10.1.0/30
150.10.0.0/16 .1

150.10.0.0/16 192.10.1.1 200
• 160.10.0.0/16 192.10.1.1 200 100
c ange
between iBGP peers
AS 100
► w ell-know n. mandato ry Att ribute.
160.10.0.0/16
► BGP is AS by AS r outing Pr otocol
► N ext hop -;t,. n ext rout er
► N ext hop = IP to
reach ne xt AS
AS 200 192.10 .1.0/30

150.10.0.0/16 .1

160.10.0.0/16 192.20.2.1 100
• Next hop to reach a network

• Usually a local network is the next
AS 100 hop in eBGP session
160.10.0.0/16
AS 300
AS 200 192.10.1.0/30 140.10.0.0/16
.1
150.10.0.0/16

150.10.0.0/16 192.10 .1.1 200
Nex 200
160.10.0.0116 192.10.1.1
100
Usually a local network is the next
hop in eBGP session

AS 100
160.10.0.0/16
• Next Hop updated between
e
B
G
P
P
e
e
r
s
AS 200 192.10.1.0/30
150.10.0.0/16 .1
Networi( Next-Hop Path

150.10.0.0/16 192.10.1.1 200
• 160.10.0.0/16 192.10.1.1 200 100
c ange
between iBGP
peers
AS 100
160.10.0.0/16
Default Next-hop Behavior
•. Rl
"- ............ A_S

__0_0
5
__ ...
Rl#sh ip bgp
Net wo rk
Next Hop Metric Lo cPrf Weig ht Pat h
*> 10.0.0
0.0.0.0 0 32768 i
.0
*>i20.0.0.0 1.1.1.2 0 100 0i
* i30 .0.0 .0 2.2.2.2 0 100 0 600 i
Rl#sh ip route bgp

B 20.0.0.0/8 [200/0] via 1.1.1.2. 00:14:13
Using next-hop-self

R2 (co nfig-ro ut er)# neighbor 1.1.1.1 next-hop-self
..........
Rl#sh ip bgp ____ ..

Network Next Ho Metric Lo cPrf Weight Path
p
'' > 10.0.0.0 0.0.0.0 0 32768 i
* >i 20 .0 .0 .0 1.1.1.2 0 100 0i
*>i30.0.0.0 1.1.1.2 0 100 0 600 i
Rl#sh ip route bgp

B 20 .0.0.0/8 [200 /0 ] via 1.1.1.2. 00:18:13
B 30.0.0.0/8 [200/0] via 1.1.1.2, 00:00:20
Origin Attribute
► Origin informs all AS in Internetwork how network got introduced into BGP.
0
IGP (i) adve rtised in BGP using network command
0
EGP (e) Re distri but ed from EGP
0 Incomplete (?) Redistributed in to BGP from IGP or static
► well-known, mandatory, and transitive.

► 'T' is better then "E" and "e" is better then "?"
com
RouterA# show ip bgp
Status codes: s suppressed, d damped, h history, * valid , > best, i - internal, r
RIB-failure, S Stale

*> 10.1.0.0/24 0.0.0.0 0 32768 i
* i 10.1.0.2 0 100 0 i
*> 10.1.1.0/24 0.0.0.0 0 32768 i
*>il0.1.2.0/24 10.1.0.2 0 100 0 i
*> 10.97.97.0/24 172.31.1.3 0 64998 64997 i
* 172.31.11.4 0 64999 64997 i
* i 172.31.11.4 0 100 0 64999 64997 i
*> 10.254.0.0/24 172.31.1.3 0 0 64998 i
* 172.31.11.4 0 64999 64998 i
* i 172.31.1.3 0 100 0 64998 i
r> 172.31.1.0/24 172.31.1.3 0 0 64998 ?
r 172.31.11.4 0 64999 64998 i
r i 172.31.1.3 0 100 0 64998 ?
*> 172.31.2.0/24 172.31.1.3 0 0 64998 ?
<output omitted>
com
Weight Attribute
► Weight is Cisco ' s attribute.
► Tells how to exit the AS
► Path with the highest weight is more .
desirable.
- ;
N ,;> ..,._ ...
► Weight is partial attribute.
..
R2
= AS200
► Default weight
0
0 = le a rned routes
F0/01
30.1.1.1/
32.768 = for lo call y i njected
IF0/0
0
routes
r 0 . 1 . 1 . 1/8
Local to the router ( not advertise to the

other ro uters in the AS )
AS 65000 AS 65250 AS 65500

172.20.0.0
Weigh
t
AS = 150
64520
com
Verifying Weight attribute
R-l #sh ip bgp
Network Next Hop Metric LocPrf W eight Path
* 20.0.0.0 4.4.4.1 0 700 600 i
1.1.1.2 0 0 600i
Rl#sh ip route bgp

B 2.0.0.0/ 8 [20/0] via 1.1.1.2, 00: 12:00
B 3.0.0.0 / 8 [20/0] via 1.1.1.2, 00: 10:5B
B 20.0.0.0/B [20/0] via 1.1.1.2, 00:12 :00
B 40.0 .0.0 /B [20 / 0] via 4.4.4.1, 00:10:28
B 30.0.0.0/8 [20/ 0] via 1.1.1.2. 00 :10:5 8
Configure Rt to change the best Route via R4 instead of R2 to reach

any network outside AS
RI(config)#ro ut er bgp 500

RI(config-route r)# neighbor 4.4.4.1 weight 40000
RI(config-rout er)#end
R-l#sh ip bgp
r> 1.0 .0.0 4.4.4 .1 40000 700 600 i /
U?.°i:.,
r 1.1.1.2 0 0 600 i
*> 2.0.0.0 4.4.4.1 40000 700 600 i
* 1.1.1.2 0 0 600 i
*> 3.0 .0.0 4.4 .4.1 0 40000 700 i '-._ ....A_ SS_OO _......
* 1.1.1.2 0 600 i
r> 4.0.0.0 4.4.4.1 0 40000 700 i
r 1.1.1.2 0 600 700 i
*> 20.0.0.0 4.4.4.1 40000 700 600 i
* 1.1.1.2 0 0 600i
*> 30.0.0 .0 4.4.4.1 40000 700 600 i
* 1.1.1.2 0 600 i
*> 40 .0 .0 .0 4.4.4 .1 0 40000 700 i Rl#traceroute 20.1.1.1
* 1.1.1.2 0 600 700 Type escape sequenc e to abort.
i Tracing the route to 20.1.1.1
1 4.4.4.1196 msec 252 msec 36 msec
2 3.3 .3.1 [AS 700] 116 msec 112 msec64 msec
3 2.2.2.1 [AS 600] 368 msec * 216 msec
com
► By default BGP appli es weight to all the routes receiving from the specific neighbor to which it was
configured.
► To apply to specific routes we need to use the route-rr
R-l #sh ip bgp

Network Next Hop Metr ic LocPrf Weight Path
r> 1.0.0.0 4.4.4.1 40000 700 600 i
r 1.1.1.2 0 0 600 i _,,,.,.,,.-- -
* > 2.0.0.0 4.4.4.1 40000 700 600 i / ...
(J
• 1.1.1.2 0 0 600 i ·· .;·/ "
* > 3.0.0.0
•
4.4.4.1
1.1.1.2
0 40000 700 i
0 600 i
.. .,
r> 4 . 0.0.0 4.4.4.1 0 40000 700 i
.. _
,
'-... . .... AS 500
r 1.1.1.2 0 600 700 i
*> 20.0.0.0 4.4.4.1 40000 700 600 i _,..,..,...
• 1.1.1.2 0 0 600 i
* > 30.0.0.0 4.4.4.1 40000 700 600 i
• 1.1.1.2 0 600 i
* > 40 . 0.0 . 0 4.4.4 .1 0 40000 700 i
• 1.1.1.2 0 600 700 i
com
LAB: USING WEIGHT ATTRIBUTE
"' - - AS 600
/ "-
( I ro,o \
\j 0.1.1.1/ J
"- _
.... AS __ _ .
5 00
. <$' • • - - - -- --
_.,,,,,,,.
.(
\
_ _ _ _., , , ,.
TASK:
• Configure basic IBGP and EBGP peering using direcly connected interfaces
• Advertise all the Networks as per the Diagram
• Make sure that the next-hop address should be the next router address

Rl(config-router)# no sync Rl(config-
router)# exit

R2(config-router)# no sync



1.1.1.1 4 500 17 17 10 0 0 00:10:12 4
2.2.2.2 4 600 17 17 10 0 0 00:09:32 5

3.3.3.1 4 600 7 8 9 0 0 00:00:21 7
4.4.4.2 4 500 8 8 9 0 0 00:00:48 7
R4#sh ip bgp

-;':
1.0.0.0 3.3.3.1 0 600 i
'''> 4.4.4.2 0 0 500 i
' > 2.0.0.0 3.3.3.1 0 0 600 i
0
'
-;':
4.4.4.2 0 500 600 i
-;':
3.0.0.0 4.4.4.2 0 500 600 i
-;':
3.3.3.1 0 0 600 i
'''> 0.0.0.0 0 32768 i
' > 4.0.0.0
0.0.0.0 0 32768 i
'
0
-;':
4.4.4.2 0 0 500 i
-;':
10.0.0.0 3.3.3.1 0 600 500 i
'''> 4.4.4.2 0 0 500 i
' ' > 20.0.0.0
0
3.3.3.1 0 600 i
-;':
4.4.4.2 0 500 600 i
30.0.0.0
-;':
4.4.4.2 0 500 600 i
'''> 3.3.3.1 0 0 600 i
' ' > 40.0.0.0
0
0.0.0.0 0 32768 i
R4#
R3#sh ip bgp

-;': 1.0.0.0 3.3.3.2 0 700 500 i
'''>i 2.2.2.1 0100 0i
,., i2.0.0.0 2.2.2.1 0 100 0i
'''> 0.0.0.0 0 32768 i
-;':
3.0.0.0 3.3.3.2 0 0 700 i
'''> 0.0.0.0 0 32768 i
' ' > 4.0.0.0
0
3.3.3.2 0 0 700 i
,.,i 1.1.1.1 0 100 0 500 i
* 10.0.0.0 3.3.3.2 0 700 500 i

*>i 1.1.1.1 0 100 0500i
' ' >i20.0.0.0

0
2.2.2.1 0 100 0i
' ' > 30.0.0.0
0
0.0.0.0 0 32768 i
' ' > 40.0.0.0
0
3.3.3.2 0 0 700 i
R3#sh ip route bgp

B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:23:23
B 4.0.0.0/8 [20/0] via 3.3.3.2, 00:23:10
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:23:23
B 40.0.0.0/8 [20/0] via 3.3.3.2, 00:23:10
B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:01:43
best, i - internal,
R2#sh ip bgp

-;': 1.0.0.0 1.1.1.1 0 0 500 i
'''> 0.0.0.0 0 32768 i
,., i2.0.0.0 2.2.2.2 0 100 0i
'''> 0.0.0.0 0 32768 i
-;':
3.0.0.0 1.1.1.1 0 500 700 i
'''>i 2.2.2.2 0 100 0i
,., i4.0.0.0 3.3.3.2 0 100 0 700 i
'''> 1.1.1.1 0 0 500 i
' > 10.0.0.0 1.1.1.1 0 0 500 i
0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > i30.0.0.0 2.2.2.2 0 100 0i

0
'
* 40.0.0.0 1.1.1.1 0 500 700 i

*>i 3.3.3.2 0 100 0700 i
R2#sh ip route bgp

B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:22:13
B 4.0.0.0/8 [20/0] via 1.1.1.1, 00:23:11
B 40.0.0.0/8 [200/0] via 3.3.3.2, 00:00:18
B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:23:11
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:22:13
To Change The Next Hop Behavior Of The BGP

R2(config-router)#neighbor 2.2.2.2 next-hop-self

R3#sh ip bgp

-;': 1.0.0.0 3.3.3.2 0 700 500 i
'''>i 2.2.2.1 0 100 0i
,., i2.0.0.0 2.2.2.1 0 100 0i
'''> 0.0.0.0 0 32768 i
-;':
3.0.0.0 3.3.3.2 0 0 700 i
'''> 0.0.0.0 0 32768 i
' > 4.0.0.0 3.3.3.2 0 0 700 i
0
'
,.,i 2.2.2.1 0 100 0 500 i

* 10.0.0.0 3.3.3.2 0 700 500 i
*>i 2.2.2.1 0 100 0500 i
' > i20.0.0.0 2.2.2.1 0 100 0i
0
'
' > 30.0.0.0 0.0.0.0 0 32768 i

0
'
' > 40.0.0.0 3.3.3.2 0 0 700 i

0
'
R3#sh ip route bgp

B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:27:35
B 4.0.0.0/8 [20/0] via 3.3.3.2, 00:27:22
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:27:35
B 40.0.0.0/8 [20/0] via 3.3.3.2, 00:27:22
B 10.0.0.0/8 [200/0] via 2.2.2.1, 00:01:56
R3#
R2#sh ip bgp

-;': 1.0.0.0 1.1.1.1 0 0 500 i
'''> 0.0.0.0 0 32768 i
,., i2.0.0.0 2.2.2.2 0 100 0i
'''> 0.0.0.0 0 32768 i
' > i3.0.0.0 2.2.2.2 0 100 0i
0
'
,., i4.0.0.0 2.2.2.2 0 100 0 700 i

'''> 1.1.1.1 0 0 500 i
' > 10.0.0.0 1.1.1.1 0 0 500 i
0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > i30.0.0.0 2.2.2.2 0 100 0i

0
'
-;':
40.0.0.0 1.1.1.1 0 500 700 i
*>i 2.2.2.2 0 100 0700 i
R2#sh ip route bgp

B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:27:48
B 4.0.0.0/8 [20/0] via 1.1.1.1, 00:28:46
B 40.0.0.0/8 [200/0] via 2.2.2.2, 00:02:23
B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:28:46
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:27:48
R2#
TASK:
Configure Rl to prefer exit path via R4 to reach all the Networks.
By default Rl prefer via R2 (1.1.1.2) to reach 20.0.0.0/30.0.0.0 network as it has less number of AS path.
R-l#sh ip bgp
Network Next Hop Metric

,., 1.0.0.0 1.1.1.2
'''> 0.0.0.0
,., 2.0.0.0 4.4.4.1 i
'''> 1.1.1.2
,., 3.0.0.0 4.4.4.1
'''> 1.1.1.2
,., 4.0.0.0 4.4.4.1

'''> 0.0.0.0 0
' > 10.0.0.0
0.0.0.0 0
'
0
* 20.0.0.0 4.4.4.1
*> 1.1.1.2 0 0600i
,., 30.0.0.0 4.4.4.1 0 700600i
'''> 1.1.1.2 0 600 i
,., 40.0.0.0 1.1.1.2 0 600 700 i
'''> 4.4.4.1 0 0 700 i
Rl#sh ip route bgp

B 2.0.0.0/8 [20/0] via 1.1.1.2, 00:12:00
B 3.0.0.0/8 [20/0] via 1.1.1.2, 00:10:58
B 20.0.0.0/8 [20/0] via 1.1.1.2, 00:12:00
B 40.0.0.0/8 [20/0] via 4.4.4.1, 00:10:28
B 30.0.0.0/8 [20/0] via 1.1.1.2, 00:10:58
Rl#ping 20.1.1.1
!!!!!
Rl#traceroute 20.1.1.1
Tracing the route to 20.1.1.1
1.1.1.2 264 msec ,., 92 msec
To change the default preferred route (via R2) to via R4 (4.4.4.1) we need to apply higher weight to R4

Rl(config-router)# neighbor 4.4.4.1 weight 40000
Rl#clear ip bgp * soft

to update the changes.

Flag: 0x820
1
700 600
4.4.4.1 from 4.4.4.1 (14.0.3.1)
Origin IGP, localpref 100, weight 40000, valid, external, best
600
1.1.1.2 from 1.1.1.2 (12.0.3.1)
Origin IGP, metric 0, localpref 100, valid, external
Rl#
R-l#sh ip bgp
4.4.4.1 40000 700 600 i
1.1.1.2 0 0 600 i
'>
0
'
4.4.4.1 40000 700 600 i
2.0.0.0
1.1.1.2 0 0 600 i
-;':
4.4.4.1 0 40000 700 i
'>
0
'
3.0.0.0 1.1.1.2 0 600 i

4.4.4.1 0 40000 700 i
1.1.1.2 0 600 700 i
*> 20.0.0.0 4.4.4.1 40000 700 600 i

* 1.1.1.2 0 0 600 i
' > 30.0.0.0 4.4.4.1 40000 700 600 i
0
'
-;': 1.1.1.2 0 600 i

' > 40.0.0.0 4.4.4.1 0 40000 700 i
0
'
1.1.1.2 0 600 700 i
Rl#sh ip route bgp

B 2.0.0.0/8 [20/0] via 4.4.4.1, 00:00:47
B 3.0.0.0/8 [20/0] via 4.4.4.1, 00:00:47
B 20.0.0.0/8 [20/0] via 4.4.4.1, 00:00:47
B 40.0.0.0/8 [20/0] via 4.4.4.1, 00:00:47
B 30.0.0.0/8 [20/0] via 4.4.4.1, 00:00:47
1 4.4.4.1 196 msec 252 msec 36 msec

2 3.3.3.1 [AS 700] 116 msec 112 msec 64 msec
3 2.2.2.1 [AS 600] 368 msec ,., 216 msec
Note:
• By default BGP applies weight to all the routes receiving from the specific neighbor to which it was
configured.
• To apply to specific routes we need to use the route-maps ( check next lab)
Example: show ip bgp rib-failure Command
Rl#sh ip bgp rib-failure

Network Next Hop RIB-failure RIB-NH Matches
1.0.0.0 4.4.4.1 Higher admin distance n/a
4.0.0.0 4.4.4.1 Higher admin distance n/
• Displays networks that are not installed in the RIB and the reason that they were not installed
Clearing the BGP Session
► Whenever there is an administrative change in routing policy, the BGP session must be
reset before the new policy can take effect.
► You must trigger an update to ensure that the policy is immediately applied to all
affected prefixes and paths.
► Ways to trigger an update:

Hard reset ( Clear ip bgp *)
Soft reset ( Clear ip bgp * soft in/out)
Hard Reset:
router# clear ip bgp *
0
Resets all BGP connections with this router.
0
Entire BGP forwarding table is discarded.
0
BGP session makes the transition from established to idle: (re-establish the peering)
0
everything must be relearned.
0
Processing the full Internet routing table can take a long time. Bandwidth . Resources.
router# clear ip bgp [neighbor-address]

0
Resets only a si ngle neighbor.
0
BGP session makes the transition from established to idle: everything from this neighbor must
be relearned.
0
Less severe than clear ip bgp *.
BGP Soft Reconfiguration
► Soft reconfiguration provides change s in new BGP routing policies w i t h ou t te aring dow n the
sessions.
Router# clear ip bgp {*I neighbor-address} [soft]
Outbound soft reconfiguration
M ore si mp l e
route r resend s all BGP info rmation to the neighbor w ithout resett in g t he conne ctio n( BGP
tab le)
This o p tio n is hig hl y recomme nd ed w hen you are changing o utbo und po li cy.
Alw ays enab led, no t co nfigu rable
The soft out o ptio n does not help if you are changing inbound policy.
Router# clear ip bgp {*Ineighbor-address} (soft out]
A dynamic inbound soft reset

used to generate inbound update s from a ne ighbo r.
Router# clear ip bgp {* Ineighbor-address} [soft in]
0
Inbound soft reconfiguration ( earlier to 12.1 IOS)
M ore co mpl icated
stores the comp l ete BGP tab le of your neighbo r in rout er memory.
Router(config-router)# neighbor [ip-address) so ft-recon figurationinbound
Type of Reset Advantages Disadvantages
Hard reset No memory overhead. The prefixes in the BGP, IP, and FIB
tables that are provided by the
neighbor are lost.
Not recommended.
Outbound soft reset No configuration, no storing of Does not reset inbound routing table
routing table updates. updates.
Dynamic inbound soft Does not clear the BGP session Both BGP routers must support the
reset or cache. route refresh capability (Cisco IOS
Software Release 12.1 and later
Does not require storing of routing releases).
table updates, and has no
memory overhead.
Configured inbound soft Can be used when both BGP Requires preconfiguration.
reset (uses the routers do not support the
neighbor soft- automatic route refresh capability. Stores all received (inbound) routing
reconfiguraiton policy updates without modification,
command) and is thus memory-intensive.
Recommended only when absolutely
necessary.
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions.com Page 1O
1
WEIGHT using Rou te-maps
Rl#sh ip bgp
•
.
12.0.0.0/ 24 4.4.4.1 0 700 600 i
*> 1.1.1.2 0 0 600 i
12.0.1.0/ 24 4.4.4.1 0 700 600 i
*> 1.1.1.2 0 0 600 i
* 12.0.2 .0/ 24 4.4.4.1 0 700 600 i------------------------,/·
*> 1.1.1.2 0 0 600i /' "
* 12.0.3.0/ 24 4.4.4.1 0 700 600 i :
*> 1.1.1.2 0 0 600 i r I
\-J1.1.1/
'-._ . ... AS 5_ 00 _ _ _........
by defau lt Rl prefers via 1.1.1.2 ( R2) to reach the 12.x.x.x Prefixes
12.0.0.0 and 12.0.1.0 prefer via R4

Remaining via R2
Rl(config)# access-list 12 permit 12.0.0.0 0.0.0.255

Rl(config)# access-li st 12 permit 12.0.1.0 0.0.0.255
Rl(config)# route -map WEIGHT permit 10 Rl(config-route-

map)# match ip address 12 Rl(config-route-map)# set
weight 5000
Rl(config-route-map)# exit
Rl(config)# ro ute-map WEIGHT permit 20 Rl(config-route-

map)#exit

Rl(config-router) #neighbor 4.4.4 .1 route-map WEIGHT
in . AS 500 - · · '!,
,,_\',
,,,. '
Rl#sh ip bgp /,',,.,
NetworkNext Hop Metric LocPrf Weight Path
*> 12.0.0.0/244.4.4.1 5000 700600 i , /\ .
AS 700 /
*
*> 12.0.1.0/24
1.1.1.2
4.4.4.1
0 0
5000
600i
700 600 i
·--
*
• 12.0.2.0/ 24
1.1.1.2
4.4.4.1
0
0
0 600i
700 600 i ---
*> 1.1.1.2 0 0 600i
4.4.4.1 0 700 600 i
com
LAB : WEIGHT ATTRIBUTE using Route-maps
(
'
TASK:
• Continue from the previous lab and remove the last task configs
• Advertise the 12.0.0.0 of R2 loopbacks in bgp with exact mask

Rl (config-ro uter)# no neighbor 4.4.4.1 weight 40000
Rl(config-router)#do clear ip bgp * soft

R2(config-router)# network 12.0.0.0 mask 255.255.255.0
Rl#sh ip bgp

' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
4.4.4.1 0 700 600 i
-;':
1.1.1.2 0 0 600 i
-;':
2.0.0.0 4.4.4.1 0 700 600 i
'''> 1.1.1.2 0 0 600 i
-;':
3.0.0.0 4.4.4.1 0 0 700 i
'''> 1.1.1.2 0 600 i
' > 4.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
4.4.4.1 0 0 700 i
' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
* 12.0.0.0/24 4.4.4.1 0 700 600 i

*> 1.1.1.2 0 0600 i
* 12.0.1.0/24 4.4.4.1 0 700 600 i
*> 1.1.1.2 0 0600 i
* 12.0.2.0/24 4.4.4.1 0 700 600 i
*> 1.1.1.2 0 0600i
* 12.0.3.0/24 4.4.4.1 0 700 600 i
*> 1.1.1.2 0 0600i
-;':
20.0.0.0 4.4.4.1 0 700 600 i
'''> 1.1.1.2 0 0 600 i
-;':
30.0.0.0 4.4.4.1 0 700 600 i
'''> 1.1.1.2 0 600 i
' > 40.0.0.0 4.4.4.1 0 0 700 i
0
'
-;':
1.1.1.2 0 600 700 i
Here by default Rl prefers via 1.1.1.2 ( R2) to reach the 12.x.x.x Prefixes .
Rl#sh ip route bgp
B 2.0.0.0/8 [20/0] via 1.1.1.2, 00:11:15
B 3.0.0.0/8 [20/0] via 1.1.1.2, 00:11:15
B 20.0.0.0/8 [20/0] via 1.1.1.2, 00:11:15
B 40.0.0.0/8 [20/0] via 4.4.4.1, 00:11:15
B 12.0.0.0 [20/0] via 1.1.1.2, 00:10:44
B 12.0.1.0 [20/0] via 1.1.1.2, 00:10:44
B 12.0.2.0 [20/0] via 1.1.1.2, 00:10:44
B 12.0.3.0 [20/0] via 1.1.1.2, 00:10:44
B 30.0.0.0/8 [20/0] via 1.1.1.2, 00:11:15
TASK:
• Make sure that only 12.0.0.0 and 12.0.1.0 both networks should prefer via R4 where as the remaining
should use the default route via R2 :
Rl(config)#access-list 12 permit 12.0.0.0 0.0.0.255
Rl(config)# access-list 12 permit 12.0.1.0 0.0.0.255
Rl(config)# route-map WEIGHT permit 10

Rl(config-route-map)# match ip address 12
Rl(config-route-map)# set weight 5000
Rl(config)# route-map WEIGHT permit 20

R1(config-route-map)#end

Rl(config-router)#neighbor 4.4.4.1 route-map ?
WORD Name of route map
Rl(config-router)#neighbor 4.4.4.1 route-map WEIGHT ?

in Apply map to incoming routes
out Apply map to outbound routes
Rl(config-router)#neighbor 4.4.4.1 route-map WEIGHT in
Rl#clear ip bgp *
The WEIGHT attribute is local to the router and does not get exchanged between routers;
therefore it is only effective on inbound route maps
IN Bound Out Bound
• updates received from that specific • ro ute s advertised to that specific

Neighbor Neighbor
• Changes the local Router Path sele ctio n • outbound Ro ut e-maps influence so me
process. other Rou ters Decision
• influence outbound Traffic • influence inbound Traffic
• Weight , Local Preference MED, As-path prepend
Rl#sh ip bgp

-;': 1.0.0.0 4.4.4.1 0 700 600 i
'''> 0.0.0.0 0 32768 i
-;':
1.1.1.2 0 0 600 i
-;':
2.0.0.0 4.4.4.1 0 700 600 i
'''> 1.1.1.2 0 0 600 i
-;':
3.0.0.0 4.4.4.1 0 0 700 i
'''> 1.1.1.2 0 600 i
-;':
4.0.0.0 4.4.4.1 0 0 700 i
'''> 0.0.0.0 0 32768 i
'' > 10.0.0.0 0.0.0.0
0 32768 i
0
*> 12.0.0.0/24 4.4.4.1 5000 700 600 i

* 1.1.1.2 0 0 600 i
*> 12.0.1.0/24 4.4.4.1 5000 700 600 i
ii * 1.1.1.2 0 0 600
-;':
12.0.2.0/24 4.4.4.1 0 700 600
'''> 1.1.1.2 0 0 600 i i
-;':
12.0.3.0/24 4.4.4.1 0 700 600
'''> 1.1.1.2 0 0 600 i
-;':
20.0.0.0 4.4.4.1 0 700 600 i
'''> 1.1.1.2 0 0 600 i
-;':
30.0.0.0 4.4.4.1 0 700 600 i
'''> 1.1.1.2 0 600 i
' > 40.0.0.0 4.4.4.1
0 0 700 i
'
0
-;':
1.1.1.2 0 600 700 i

BGP routing table entry for 12.0.0.0/24, version 48 able)
Paths: (2 available, best #2, table Default-IP-Routing-T
Flag: 0x820
Advertised to update- ups:
gro
1
600 .3.1)
1.1.1.2 from 1.1.1.2 (12.0localpref 100, valid, external
Origin IGP, metric 0,
700 600 .0.3.1) rnal, best
4.4.4.1 from 4.4.4.1 100, weight 5000, valid, exte
(14
NOA solutions,Origin IGP, localpref
N.K Arcade, 2nd & 3rd floor,Opposite to banjara function hall,Banjarahills Road-no-
1
700 600
4.4.4.1 from 4.4.4.1 (14.0.3.1)
600
1.1.1.2 from 1.1.1.2 (12.0.3.1)

2
700 600
4.4.4.1 from 4.4.4.1 (14.0.3.1)
Origin IGP, localpref 100, valid, external
600
1.1.1.2 from 1.1.1.2 (12.0.3.1)
Origin IGP, metric 0, localpref 100, valid, external, best

2
700 600
4.4.4.1 from 4.4.4.1 (14.0.3.1)
600
1.1.1.2 from 1.1.1.2 (12.0.3.1)
Rl#sh ip route bgp
B 2.0.0.0/8 [20/0] via 1.1.1.2, 00:00:20
B 3.0.0.0/8 [20/0] via 1.1.1.2, 00:00:20
B 20.0.0.0/8 [20/0] via 1.1.1.2, 00:00:20
B 40.0.0.0/8 [20/0] via 4.4.4.1, 00:00:20
B 12.0.0.0 [20/0] via 4.4.4.1, 00:00:20
B 12.0.1.0 [20/0] via 4.4.4.1, 00:00:20
B 12.0.2.0 [20/0] via 1.1.1.2, 00:00:20
B 12.0.3.0 [20/0] via 1.1.1.2, 00:00:20
B 30.0.0.0/8 [20/0] via 1.1.1.2, 00:00:20
1 4.4.4.1 68 msec 40 msec 156 msec
2 3.3.3.1 [AS 600] 120 msec 24 msec 8 msec
3 2.2.2.1 [AS 600] 72 msec ,., 116 msec
1 4.4.4.1 144 msec 80 msec 28 msec

2 3.3.3.1 [AS 600] 20 msec 52 msec 36 msec
3 2.2.2.1 [AS 600] 24 msec ,., 152 msec
11.1.1.2132 msec ,., 144 msec
11.1.1.2132 msec ,., 144 msec
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions.com Page 1OB
Local preference Attribute
► Local preference defines how data traffic should exit from an AS.
► Path with highest preference value is more desirable.
► Default value is 100
► Local preference i s well known. discretionary att ribute.
► It i s advertised only to IBGP neighbor within an AS.
AS 65350 +-- +--

AS
65000
vt.:oref
Needs to go to AS 65350
Local Pref = 150
AS
520
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions.com Page
109
Verifying Local preference
All the routes going from AS 600 to reach as -700 ( 40.0.0.0) by
default prefers out via R3
Make sure that R2 and R3 (all the routers in the as 600 should prefer use
path via R2 /R1/R4 using local preference.)
R2#sh ip bgp
Network
* 40.0.0.0
1.1.1.1 0 500 700 i
*>i
2.2.2.2 0 100 0 700i
R3#sh ip bgp
* > 40.0 .0.0 3.3.3.2 0 0 700 i
Verifying Local preference

In order to make sure that all the routers exit AS 600 via R2
we need to change the local-preference value of R2 higher
than defau It
R2(config}#router bgp 600

R2(config-router}#bgp default local-preference 400
R3#sh ip bgp 40.0.0.0

BGP routing table entry for 40.0.0.0/ 8, version 37 /l/
Path s: (2 available. best #1, table Default-IP-Routing-Table) . -.imn

Flag : 0x820 \ 0. 1.1. 1/
Adve rti sed to update-group s: ._'-..
2 · M=
500 700 · -·-
-------
2.2.2.1 from 2.2.2.1 (12.0 .3.l) (
700
Orig in IGP, metric 0, localpref 400, valid, internal, best
\
3.3.3.2 from 3.3.3.2 (14.0.3.1) .'-..
Origin IGP, metric 0, localpref 100. valid. external
R2#sh ip bgp 40.0.0.0 -... - ..---
BGP routing table entry for 40.0.0.ojs, _;ersio n 35
Path s: (l available, best #1, table Default-IP-Ro uting -Tabl e)
Flag: 0x820
Adv ertised to update-group s:
2
500 700
1.1.1.1 from 1.1.1.1 (11.0 .3.1)
Origin IGP. localpref 400, valid, external, best
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions. com Page 11O
LAB: USING LOCAL PREFERENCE
(I
\j
F0/0
0.1.1.
"' ASS00 ../
........ - --- -
1/
,
' 'o
f>t'/,<
( J\,
'
\ AS 700 /
t'/,"'
t'/,"'
Continue the same previous lab just remove the last step of configurations applied so that it uses the default
path selection process without any attributes applied
Rl(config-router)#NO neighbor 4.4.4.1 route-map WEIGHT in

Rl(config-router)#do clear ip bgp *
OR
• IF you start this Lab without any BGP configuration then configure basic IBGP and EBGP as per the diagram
• Verify neighbors and Ensure that it uses the default path selection without any attributes applied
• Ensure that you change the next hop to next Router

router)# exit



1.1.1.1 4 500 17 17 10 0 0 00:10:12 4
2.2.2.2 4 600 17 17 10 0 0 00:09:32 5

3.3.3.1 4 600 7 8 9 0 0 00:00:21 7
4.4.4.2 4 500 8 8 9 0 0 00:00:48 7

TASK:
• All the routes going from AS 600 to reach as -700 ( 40.0.0.0) by default prefers out via R3
• Make sure that R2 and R3 (all the routers in the as 600 should prefer use path via R2 /R1/R4 using local
preference.)
R2#sh ip bgp

1.0.0.0
-;':
1.1.1.1 0 0 500 i
'''> 0.0.0.0 0 32768 i
,., i2.0.0.0 2.2.2.2 0 100 0i
'''> 0.0.0.0 0 32768 i
' > i3.0.0.0 2.2.2.2 0 100 0i
0
'
' > 4.0.0.0 1.1.1.1 0 0 500 i

0
'
,.,i 2.2.2.2 0 100 0 700 i

' > 10.0.0.0 1.1.1.1 0 0 500 i
0
'
' > 12.0.0.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.1.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.2.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.3.0/24 0.0.0.0 0 32768 i

0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > i30.0.0.0 2.2.2.2 0 100 0i

0
'
* 40.0.0.0 1.1.1.1 0 500 700 i

*>i 2.2.2.2
0 100 0700 i
R3#sh ip bgp

' > il. 0.0.0 2.2.2.1 0 100 0i
0
'
,., i2.0.0.0 2.2.2.1 0 100 0i

'''> 0.0.0.0 0 32768 i
-;':
3.0.0.0 3.3.3.2 0 0 700 i
'''> 0.0.0.0 0 32768 i
NOA solutions, N.K Arcade, 2nd & 3rdfloor,Opposite to banjara function hall,Banjarahills Road-no-
,., i4.0.0.0 1.1.1.1 0 100 0 500 i
'''> 3.3.3.2 0 0 700 i
-;':
10.0.0.0 3.3.3.2 0 700 500 i
'''>i 1.1.1.1 0 100 0 500 i
' >il2.0.0.0/ 24 2.2.2.1
0 100 0i
'
0
' >il2.0. 1.0/ 24 2.2.2.1

0 100 0i
'
0
' >il2.0.2.0/ 24 2.2.2.1

0 100 0i
'
0
' > il 2.0.3 .0/ 24 2.2.2.1

0 100 0i
'
0
' >i20.0.0.0 2.2.2.1

0 100 0i
'
0
' ' > 30.0.0.0

0
0.0.0.0 0 32768 i
*> 40.0.0.0 3.3.3.2 0 0700 i
R2#sh ip route bgp

B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:00:21
B 4.0.0.0/8 [20/0] via 1.1.1.1, 00:00:21
B 40.0.0.0/8 [200/0] via 2.2.2.2, 00:00:21
B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:00:21
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:00:21
R3#sh ip route bgp

B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:00:45
B 4.0.0.0/8 [20/0] via 3.3.3.2, 00:01:19
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:00:45
B 40.0.0.0/8 [20/0] via 3.3.3.2, 00:01:19
B 10.0.0.0/8 [200/0] via 2.2.2.1, 00:00:45
B 12.0.0.0 [200/0] via 2.2.2.1, 00:00:45
B 12.0.1.0 [200/0] via 2.2.2.1, 00:00:45
B 12.0.2.0 [200/0] via 2.2.2.1, 00:00:45
B 12.0.3.0 [200/0] via 2.2.2.1, 00:00:45
R2#traceroute 40.1.1.1
1 2.2.2.2 72 msec 148 msec 32 msec
2 3.3.3.2 140 msec ,., 60 msec
1 3.3.3.2 92 msec ,., 168 msec
In order to make sure that all the routers exit AS 600 via R2 we need to change the local-preference value of R2
higher than default
R2(config-router)#bgp default local-preference 400
R2(config-router)#do clear ip bgp * soft
R2#sh ip bgp

* 1.0.0.0 1.1.1.1 0 0500i
'''> 0.0.0.0 0 32768 i
*> 2.0.0.0 0.0.0.0 0 32768 i
,.,i 2.2.2.2 0 100 0i
*> 3.0.0.0 1.1.1.1 0 500 700 i
,.,i 2.2.2.2 0 100 0i
' > 4.0.0.0 1.1.1.1 0 0 500 i
0
'
' > 10.0.0.0 1.1.1.1 0 0 500 i

0
'
' > 12.0.0.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.1.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.2.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.3.0/24 0.0.0.0 0 32768 i

0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' ' > i30.0.0.0

0
2.2.2.2 0 100 0i
*> 40.0.0.0 1.1.1.1 0 500 700 i
R2#sh ip bgp 40.0.0.0

Flag: 0x820
2
500 700
1.1.1.1 from 1.1.1.1 (11.0.3.1)
R3#sh ip bgp 40.0.0.0

Flag: 0x820
2
500 700
2.2.2.1 from 2.2.2.1 (12.0.3.1)
700
3.3.3.2 from 3.3.3.2 (14.0.3.1)
R3#sh ip bgp

*>il.0.0.0 2.2.2.1 0 400 0i
-;':
3.3.3.2 0 700 500 i
* i2.0.0.0 2.2.2.1 0 400 0i
'''> 0.0.0.0 0 32768 i
* i3.0.0.0 2.2.2.1 0 400 0 500 700 i
-;': 3.3.3.2 0 0 700 i
'''> 0.0.0.0 0 32768 i
*>i4.0.0.0 2.2.2.1 0 400 0500 i
-;': 3.3.3.2 0 0 700 i
*>il0.0.0.0 2.2.2.1 0 400 0500 i
-;':
3.3.3.2 0 700 500 i
' > il2.0.0.0/ 24 2.2.2.1 0 400 0i
0
'
' > il2.0. 1.0/ 24 2.2.2.1 0 400 0i

0
'
' > il2.0.2.0/ 24 2.2.2.1 0 400 0i

0
'
' > i12.0.3.0/ 24 2.2.2.1 0 400 0i

0
'
' ' > i20.0.0.0

0
2.2.2.1 0 400 0i
' ' > 30.0.0.0
0
0.0.0.0 0 32768 i
*>i40.0.0.0 2.2.2.1 0 400 0 500 700 i
-;':
3.3.3.2 0 0 700 i
R2#sh ip route bgp

B 3.0.0.0/8 [20/0] via 1.1.1.1, 00:01:34
B 4.0.0.0/8 [20/0] via 1.1.1.1, 00:01:34
B 40.0.0.0/8 [20/0] via 1.1.1.1, 00:01:34
B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:01:34
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:01:35
R3#sh ip route bgp

B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:02:11
B 4.0.0.0/8 [200/0] via 2.2.2.1, 00:02:15
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:02:11
B 40.0.0.0/8 [200/0] via 2.2.2.1, 00:02:15
B 10.0.0.0/8 [200/0] via 2.2.2.1, 00:02:15
B 12.0.0.0 [200/0] via 2.2.2.1, 00:02:11
B 12.0.1.0 [200/0] via 2.2.2.1, 00:02:11
B 12.0.2.0 [200/0] via 2.2.2.1, 00:02:11
B 12.0.3.0 [200/0] via 2.2.2.1, 00:02:11
1 2.2.2.1 116 msec 60 msec 64 msec

2 1.1.1.1 132 msec 128 msec 156 msec
3 4.4.4.1 [AS 500] 180 msec ,., 104 msec
1 1.1.1.1 128 msec 84 msec 76 msec
2 4.4.4.1 [AS 500] 220 msec ,., 132 msec
Local preference using route-map
R3# sh ip b g p
N etwo rk
* > il. 0.0.0 Next Hop Metric LocPti Weig ht Path
• 2.2.2.1 0 400 0i
* i2.0.0.0
3.3.3.2
2.2.2.1 0 400
0 700 500 i
0i _,,,....--
/ "'.;:
-- ..-:/"
** >i3.0.0.0 0.0 .0 .0
2.2.2.1 00 400 327680 i500 700 i
_ (J,.,.,,
•·
• 3.3.3.2 0 0 700 i
*> 0.0.0.0 0 32768 i
* > i4.0.0.0 2.2.2.1 0 400 0500i
• 3.3.3.2 0 0 700 i .....A._ S 500
'-.,. .
* > il0 .0.0.0 2.2.2.1 0 400 0500i _,,,,,,

• 3.3.3.2 0 700 500 i
* > i12.0.0.0/24 2.2.2.1 0 400 0i
* > i12.0.1.0/ 24 2.2.2.1 0 400 0i
* > i12.0.2.0/24 2.2.2.1 0 400 0i
* > i12.0.3.0 / 24 2.2.2.1 0 400 0i
* > i20.0.0.0 2.2.2.1 0 400 0i
* > 30.0.0 .0 0.0.0.0 0 32768 i
* > i40.0.0 .0 2.2.2.1 0 400 0 500 700 i
• 3.3.3.2 0 0 700 i
Configure AS 600 such that only routes ( 14.0.0.0 and 14.0.1.0) both
networks prefer via R2 to exit the AS
All the remaining networks should use the default exit ( via R3)
R2(co nfig)# access-list 14 permit 14.0.0.0

0.0.0.255
R2(co nfig)# access-list 14 permit 14.0.1.0 0.0.0.255
R2(config)# route-map LOCAL permit 10 R2(con fig-

route-map)# match i p add 14
R2(co nfig-route -map)# set local-preference 2000
R2(config-route-map)# exit
R2(config)# route-map LOCAL permit 20 R2(con fig-

route-map)# exit
R2(co nfig)# rou ter bgp 600

R2(config-router)# neighbor 1.1.1.1 route-map LOCAL in
R2(config- router)#end
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions. Page 11B
com
com
R2#sh ip bgp
Network Next Hop
M etric LocPrf Weight Path
* > 14.0.0.0/ 24 1.1.1.1 2000 0 500 700 i
* > 14.0.1.0/24 1.1.1.1 2000 0 500 700 i
* 14.0. 2.0/ 24 1.1.1.1 0 500 700 i
*>i 2.2.2.2 0 100 0 700 i
* 14.0 .3.0/ 24 1.1.1.1 0 500 700 i
*>i 2.2.2.2 0 100 0 700 i
R3#sh ip bgp
Network Next Hop
Metric LocPrf Weight Path
* > i14.0.0.0/24 2.2.2.1 0 2000 0 500700 i
* 3.3.3 .2 0 0 700i
* > i14.0.l. 0/24 2.2.2.1 0 2000 0 500700 i
* 3.3.3.2 0 0 700i
*> 14.0.2.0/ 24 3.3.3.2 0 0 700 i
*> 14.0.3.0/24 3.3.3.2 0 0 700 i
com
com
LAB: LOCAL PREFERENCE USING ROUTE-MAP
, u. ,.,
""'-, AS 600
,
"' ..... AS 500 .,./
R2 loo p backs
14 .0 .0 1 1/ 2 4
14 .0 . l ll / 2 4
14 .0 .2 . 1-( 2 4
14 .0 .3 .1/
TASK:
• Continue with the previous lab configurations
• Only Remove the local preference value on R2
• Advertise the 14.0.0.0 of R4 loopbacks in bgp with exact mask

R2(config-router)# no bgp default local-preference 400
R2(config-router)# do clear ip bgp *

R2#sh ip bgp
' > 1.0.0.0
0
'
0.0.0.0 0 32768 i
-;': 1.1.1.1 ' > 2.0.0.0 0.0.0.0
0
'
0 0 500 i 0 32768 i
,.,i 2.2.2.2 0 100 0i
,., 3.0.0.0 1.1.1.1 0 500 700 i
'''>i 2.2.2.2 0 100 0i
"'
' > 4.0.0.0 1.1.1.1 0 0 500 i
0
'
,.,i 2.2.2.2 0 100 0 700 i

' > 10.0.0.0 1.1.1.1 0 0 500 i
0
'
' > 12.0.0.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.1.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.2.0/24 0.0.0.0 0 32768 i

0
'
'
0
' > 12.0.3.0/24 0.0.0.0 0 32768 i

i * 14.0.0.0/24 1.1.1.1 0 500 700
*>i 2.2.2.2 0 100 0700i
*>i14.0.1.0/24 2.2.2.2 0 100 0 700 i
* 1.1.1.1 0 500 700 i
*>i14.0.2.0/24 2.2.2.2 0 100 0 700
* 1.1.1.1 0 500 700 i
*>i14.0.3.0/24 2.2.2.2 0 100 0 700 i
* 1.1.1.1 0 500 700 i i
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
'
0
' > i30.0.0.0 2.2.2.2 0 100 0i

,., 40.0.0.0 1.1.1.1 0 500 700 i
'''>i 2.2.2.2 0 100 0 700 i
R2#sh ip route bgp

B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:04:38
B 4.0.0.0/8 [20/0] via 1.1.1.1, 00:04:38
B 40.0.0.0/8 [200/0] via 2.2.2.2, 00:04:38
B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:04:38
B 14.0.2.0 [200/0] via 2.2.2.2, 00:00:09
B 14.0.3.0 [200/0] via 2.2.2.2, 00:00:09
B 14.0.0.0 [200/0] via 2.2.2.2, 00:00:40
B 14.0.1.0 [200/0] via 2.2.2.2, 00:00:09
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:04:38
R3#sh ip bgp
' > il. 0.0.0
0
'
2.2.2.1 0 100 0i
3.3.3.2 0 700 500 i
,., i2.0.0.0 2.2.2.1 0 100 0i
'''> 0.0.0.0 0 32768 i
,., 3.0.0.0 3.3.3.2 0 0 700 i
'''> 0.0.0.0 0 32768 i
,., i4.0.0.0 2.2.2.1 0 100 0 500 i
'> 3.3.3.2 *
0
'
3.3.3.2
' > il0 .0.0.0 2.2.2.1
0
' > i12.0.0.0/ 24 2.2.2.1

0
'
'
0 0 700 i
0 100 0 500 i
0 700 500 i
0 100 0i
' > il2.0. l.0/ 24 2.2.2.1 0 100 0i
0
'
' > il2.0.2.0/ 24 2.2.2.1 0 100 0i

0
'
'
0
' > il2.0 .3.0/ 24 2.2.2.1 0 100 0i

*> 14.0.0.0/24 3.3.3.2 0 0700 i
*> 14.0.1.0/24 3.3.3.2 0 0700 i
*> 14.0.2.0/24 3.3.3.2 0 0700 i
*> 14.0.3.0/24 3.3.3.2 0 0700 i
' > i20.0.0.0 2.2.2.1 0 100 0i
0
'
' > 30.0.0.0 0.0.0.0 0 32768 i

0
'
' > 40.0.0.0 3.3.3.2 0 0 700 i

0
'
R3#sh ip route bgp

B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:04:50
B 4.0.0.0/8 [20/0] via 3.3.3.2, 00:05:24
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:04:50
B 40.0.0.0/8 [20/0] via 3.3.3.2, 00:05:24
B 10.0.0.0/8 [200/0] via 2.2.2.1, 00:04:50
B 12.0.0.0 [200/0] via 2.2.2.1, 00:04:50
B 12.0.1.0 [200/0] via 2.2.2.1, 00:04:50
B 12.0.2.0 [200/0] via 2.2.2.1, 00:04:50
B 12.0.3.0 [200/0] via 2.2.2.1, 00:04:50
B 14.0.2.0 [20/0] via 3.3.3.2, 00:00:22
B 14.0.3.0 [20/0] via 3.3.3.2, 00:00:22
B 14.0.0.0 [20/0] via 3.3.3.2, 00:00:52
B 14.0.1.0 [20/0] via 3.3.3.2, 00:00:22
Here by default both R2 and R3 exit the AS from R3 to reach al R4 14.x.x.x Prefixes.
TASK:
• Configure AS 600 such that only routes ( 14.0.0.0 and 14.0.1.0 ) both networks prefer via R2 to exit the AS
• All the remaining networks should use the default exit ( via R3)
R2
R2(config)#access-list 14 permit 14.0.0.0 0.0.0.255
R2 (config)# access-list 14 permit 14.0.1.0 0.0.0.255
R2(config)# route-map LOCAL permit 10

R2(config-route-map)# match ip add 14
R2(config-route-map)# set local-preference 2000
R2 (config-route-map)# exit
R2(config)# route-map LOCAL permit 20
R2 (config-route-map)# exit
R2(config-router)# neighbor 1.1.1.1 route-map LOCAL in
R2#clear ip bgp * soft
R2#sh ip bgp
Network Next Metric LocPrf Weight Path

Hop
0 32768 i
' > 1.0.0.0 0.0.0.0
0
'
0 0 500 i
-;':
1.1.1.1
0 32768 i
' > 2.0.0.0 0.0.0.0
0
'
,., i 0 100 0i
2.2.2.2
0 500 700 i
-;':
3.0.0.0 1.1.1.1
0 100 0i
'''>i 2.2.2.2
0 0 500 i
' > 4.0.0.0 1.1.1.1
0
'
,., i 0 100 0 700 i

2.2.2.2
0 0 500 i
' > 10.0.0.0 1.1.1.1
0
'
' > 12.0.0.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.1.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.2.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.3.0/24 0.0.0.0 0 32768 i

0
'
*> 14.0.0.0/24 1.1.1.1 2000 0 500 700 i

*> 14.0.1.0/24 1.1.1.1 2000 0 500 700 i
-;':
14.0.2.0/24 1.1.1.1 0 500 700 i
'''>i 2.2.2.2 0 100 0 700 i
Network Next Metric LocPrf Weight Path
Hop
0 500 700 i
-;':
14.0.3.0/24 1.1.1.1
'''>i 2.2.2.2 0 100 0 700 i
' > 20.0.0.0 0.0.0.0
0
'
0 32768 i
' > i30.0.0.0 2.2.2.2
0
'
0 100 0i
-;':
40.0.0.0 1.1.1.1 0 500 700 i
'''>i 2.2.2.2 0 100 0 700 i
In bound Route-map Changes the local Router Path selection process.

In Bound Route-maps apply changes to BGP updates recived from that specific Neighbor
Applying inbound influence outbound Traffic
• Once we configure Local preference on R2 (preferred exit router of AS) for neighbor 1.1.1.1 (Rl) with
direction in (apply to receiving routes).
• Routes defined in the Route-maps recidving from that neighbor 1.1.1.1 (Rl) will be applied with local
preference value of 2000
• Routes with local preference value applied will also get advertised to all other routers (R3) inside the AS
600.
R2#sh ip route bgp

B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:10:02
B 4.0.0.0/8 [20/0] via 1.1.1.1, 00:10:02
B 40.0.0.0/8 [200/0] via 2.2.2.2, 00:10:02
B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:10:02
B 14.0.2.0 [200/0] via 2.2.2.2, 00:10:02
B 14.0.3.0 [200/0] via 2.2.2.2, 00:10:02
B 14.0.0.0 [20/0] via 1.1.1.1, 00:10:02
B 14.0.1.0 [20/0] via 1.1.1.1, 00:10:02
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:10:02
R3#sh ip bgp

' > il. 0.0.0 2.2.2.1
0
'
0 100 0i
-;':
3.3.3.2 0 700 500 i
,., i2.0.0.0 2.2.2.1 0 100 0i
'''> 0.0.0.0 0 32768 i
-;':
3.0.0.0 3.3.3.2 0 0 700 i
'''> 0.0.0.0 0 32768 i
,., i4.0.0.0 2.2.2.1 0 100 0 500 i
'''> 3.3.3.2 0 0 700 i
' > il0 .0.0.0 2.2.2.1 0 100 0 500 i
0
'
-;': 3.3.3.2 0 700 500 i

' > i12.0.0.0/ 24 2.2.2.1 0 100 0i
0
'
' > i12.0. 1.0/24 2.2.2.1 0 100 0i

0
'
' > i12.0. 2.0/ 24 2.2.2.1 0 100 0i

0
'
' > i12.0. 3.0/ 24 2.2.2.1 0 100 0i

0
'
*> i14.0.0.0/ 24 2.2.2.1 0 2000 0 500 700 i

* 3.3.3.2 0 0 700 i
*>i14.0.1.0/24 2.2.2.1 0 2000 0 500 700 i
* 3.3.3.2 0 0 700 i
'> 14.0 ' 0.0.0
0 0
' '
14.0.2.0/24 .3.0/ >i

'>
'
0
24 20.
3.3.3.2 0 0 700 i
3.3.3.2 0 0 700 i
2.2.2.1 0 0i
1
0
0
'>
0
'
0.0.0.0 0 32768 i
30.0.0.0
3.3.3.2 0 0 700 i
'>
0
'
40.0.0.0
R3#sh ip route bgp

B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:10:07
B 4.0.0.0/8 [20/0] via 3.3.3.2, 02:50:52
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:10:07
B 40.0.0.0/8 [20/0] via 3.3.3.2, 02:50:52
B 10.0.0.0/8 [200/0] via 2.2.2.1, 00:10:29
B 12.0.0.0 [200/0] via 2.2.2.1, 00:10:07
B 12.0.1.0 [200/0] via 2.2.2.1, 00:10:07
B 12.0.2.0 [200/0] via 2.2.2.1, 00:10:07
B 12.0.3.0 [200/0] via 2.2.2.1, 00:10:07
B 14.0.2.0 [20/0] via 3.3.3.2, 00:18:36
B 14.0.3.0 [20/0] via 3.3.3.2, 00:18:06
B 14.0.0.0 [200/0] via 2.2.2.1, 00:10:29
B 14.0.1.0 [200/0] via 2.2.2.1, 00:10:29
1 1.1.1.1 80 msec 84 msec 120 msec

2 4.4.4.1 [AS 500] 92 msec 124 msec 172 msec
1 1.1.1.1 88 msec 84 msec 44 msec

2 4.4.4.1 [AS 500] 124 msec ,., 112 msec
1 2.2.2.2 164 msec 44 msec 84 msec

2 3.3.3.2 140 msec ,., 224 msec
1 2.2.2.2 132 msec j3f44 msec 64 msec
2 3.3.3.2 188 msec ,., 164 msec
1 2.2.2.1 144 msec 80 msec 44 msec

2 1.1.1.1 80 msec 32 msec 28 msec
3 4.4.4.1 [AS 700] 76 msec ,., 132 msec
1 2.2.2.1 64 msec 104 msec 84 msec

2 1.1.1.1 40 msec 48 msec 36 msec
3 4.4.4.1 [AS 700] 144 msec ,., 168 msec
1 3.3.3.2 268 msec ,., 148 msec
1 3.3.3.2 112 msec ,., 80 msec
BGP Path Selection (order of path selection)
► The BGP forwarding tab le usua lly has mu lt i ple paths fro m which to choose for each
network.
► BGP is not de signed to perform load balanci ng:
0
Paths are chosen because of policy ( att ri butes ).
0
Paths are not chos en based o n bandwidth.
Order of path selection in BGP

NETWOR ONLINE ACADEMY
Co nside r only (synchronized) routes with no AS loo ps and a valid ne xt ho p. and the n:
1. Pre fe r highest weight (lo cal to router).
2. Prefer highest local preference (global within AS).
3. Pre fe r route originated by the local router (ne xt hop = 0 .0 . 0 . 0 ).
4. Pre fe r sho rtest AS path.
5. Prefer lowe st origin code (IGP < EGP < incomplete) i > E > ?
6. Prefer lowe st MED (exchan ged between autonomous systems).
7. Neighbor Type (Prefer eBGP over iBGP)
8. IGP metric to NEXT_ HOP (Sm alle r value prefe rred)
9. Prefer oldest route for EBGP paths.
10. Prefer the path with the lowest neighbor BGP router ID.
11. Prefer the path with the lowe st neighbor IP address.


Short Notes to memorize BGP path
selection process
N Valid Next Hop
WLLA Weight , Local Preference, local Route, AS path
OMNI Origin, MED, neighbor type( EBGP over IBGP)

IGP metric to next-hop
BGP Path-Selection Process
-Advance BGP Attributes
AS-Path Attribute
20.2.2.0
AS 65444
20.2.2.0 20.2.2.0
AS 65222 65333 AS 65333
65444 65444
► AS Path is Well know n, mandato ry attribute

► List of AS through which updates are coming.
AS-Path Attribute
Path with shortest AS path list is more desirable.
R2
AS200
IrFo.01.1/.101• FW O I
3 0. 1.1. 1/,
AS400
AS-Path Prepending
0
Manual manipulation of AS-path length is
called AS-path Prepending.
0
The AS path should be extended with
multiple copies of the AS number of the
sender.
0
AS-path Prepending is used to:
1. Ensure proper return path selection IFO]o

r o.1.1..,.
2. Distrib ute the return traffic load for
multi-homed customers
Result s of AS-path Prepending can be

observed on the receiving router.
com
com
Changing outbound Traffic
By default AS-500 exit via R4/R1 to reach AS 700 route (30.0.0.0) because of shortest AS-path
Configure AS-500 to ensure that all routers in AS 500 should exit Rl to reach AS 700 (30.0 .0.0)
Rl (config)#access-list 1 permit 30.0 .0.0 0.255.255 .255
Rl(co nfig)#ro ute -map CCIERl permit 10

Rl(co nfig-ro ut e-map)# match ip address 1
Rl (co nfig-ro ut e-map)# set lo cal- preference 250 IFWO F
30 .l .
0/
l .l /
t 0 . 1.1.1/8
Rl(co nfig-ro ute-map)#ro ute -map CCIERl permit 20

Rl (config-route-map)#exit
0
Rl (co nfig-ro ut e-map)#r o uter bgp 500
Rl (co nfig-ro ut er)# neighbor 1.1.1.2 route-map CCIERl in
Changing inbound Traffic using AS-path Prepend

Configure AS 500 to ensure that the traffic from 30.0.0.0 to 10.0.0.0 ( return traffic)
should use the same path as forwarding traffic ( R1-R2-R3)
R4(config)#access-list 1 permit 10.0.0 .0 0.255.255.255
R4 (confi g)# route-map CCIE permit 10

R4(config-route-map)# match ip address 1
R4(config-route-map)# set as-path prepend 500 500 500 500
R4(config-route-map)#route-map CCIE permit 20

R4(config-route-map)#exit
R4(config)#router bgp 500 IF0/0
t•·'·'·''"
R4(confi g-router)# neighbor 3.3.3.1 route -map CCIE out
Changing inbound Traffic using AS-path Prepend
R3#sh ip bgp 10.0.0.0
BGP routing table entry for 10.0.0.0/ 8. version 22
Path s: (2 avai lable. best #1. table Default-IP-Rou ting-Table) •,""'°,.. -.
Adv erti sed to update -group s: .,::-·> R2
1
600 500
2.2.2.1 fr o m 2.2.2.1 (12.0.3.1)
Origin IGP, localpref 100 , v alid, externa l, best
500 500 500 500 500
3.3.3.2 from 3.3.3.2 (14.0 .3.1) IPO/OO. J . 1. 1 /9
30 .1.1.l /
Origin IGP, localpref 100. valid. external
LAB : AS-path Prepend
....
.
N
d'
,? : t.,..
·,?
- ...d.. '
R2
AS600
I. F0/0
ro/O
30.1.1.1/
j
0. 1. 1. 1/8
AS700
TASK:
• Configure IBGP & EBGP Peering as per the diagram using directly connected interfaces



R3(config-router)#network
2.0.0.0 R3(config-router)#end

3.0.0.0 R4(config-router)#exit


1.1.1.2 4 600 16 14 9 0 0 00:08:44 4
4.4.4.1 4 500 13 13 9 0 0 00:07:08 5
Rl#sh ip bgp

-;': 1.0.0.0 1.1.1.2 0 0 600 i
'''> 0.0.0.0 0 32768 i
,., i2.0.0.0 3.3.3.1 0 100 0 700 i
'''> 1.1.1.2 0 0 600 i
' > i3.0.0.0 4.4.4.1 0 100 0i
0
'
,., i4.0.0.0 '''> 4.4.4.1 0 100 0i

' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
-;':
30.0.0.0 1.1.1.2
1.1.1.2 0 0 0600
600700
i i
*>i 3.3.3.1 0 100 0700 i
' > i40.0.0.0 4.4.4.1 0 100 0i
0
'

BGP activity 8/0 prefixes, 27 /11 paths, scan interval 60 secs

2.2.2.1 4 600 10 10 14 0 0 00:01:28 7
3.3.3.2 4 500 13 14 14 0 0 00:05:32 6
R3#sh ip bgp

-;':
1.0.0.0 2.2.2.1 0 0 600 i
'''> 3.3.3.2 0 500 i
-;':
2.0.0.0 2.2.2.1 0 0 600 i
'''> 0.0.0.0 0 32768 i
-;':
3.0.0.0 2.2.2.1 0 600 500 i
'''> 0.0.0.0 0 32768 i
-;':
3.3.3.2 0 0 500 i
-;':
4.0.0.0 2.2.2.1 0 600 500 i
'''> 3.3.3.2 0 0 500 i
-;':
10.0.0.0 2.2.2.1 0 600 500 i
'> 3.3.3.2 0 500 ii
' > 20.0.0.0 2.2.2.1 0 0 600 i
0
'
-;': 3.3.3.2 0 500 600 i

' ' > 30.0.0.0
0
0.0.0.0 0 32768 i
-;':
40.0.0.0 2.2.2.1 0 600 500 i
'''> 3.3.3.2 0 0 500 i
TASK:
• By default AS-500 exit via R4/R1 to reach AS 700 route (30.0.0.0) because of shortest AS-path
• Configure AS-500 to ensure that all routers in AS 500 should exit Rl to reach AS 700 (30.0.0.0)

Flag: 0x820
700
3.3.3.1 from 4.4.4.1 (14.0.3.1)
600 700
1.1.1.2 from 1.1.1.2 (12.0.3.1)
1 4.4.4.1 84 msec 40 msec 12 msec

2 3.3.3.1 84 msec ,., 96 msec
Rl(config)#route-map CCIER1 permit 10

Rl(config-route-map)# set local-preference 250
Rl(config-route-map)#route-map CCIER1 permit 20

Rl(config-route-map)#router bgp 500

Rl(config-router)# neighbor 1.1.1.2 route-map CCIER1 in

Flag: 0x820
2
600 700
1.1.1.2 from 1.1.1.2 (12.0.3.1)
1 1.1.1.2 144 msec 76 msec 24 msec

2 2.2.2.2 [AS 600] 72 msec ,., 96 msec
TASK:
• Configure AS 500 to ensure that the traffic from 30.0.0.0 to 10.0.0.0 ( return traffic) should use the same
path as forwarding traffic ( R1-R2-R3)
R3#sh ip bgp 10.0.0.0

1
600 500
2.2.2.1 from 2.2.2.1 (12.0.3.1)
500
3.3.3.2 from 3.3.3.2 (14.0.3.1)
1 3.3.3.2 92 msec 76 msec 24 msec

2 4.4.4.2 [AS 500] 80 msec ,., 56 msec
R4(config)#route-map CCIE permit 10

R4(config-route-map)# match ip address 1
R4(config-route-map)# set as-path prepend 500 500 500 500
R4(config-route-map)#route-map CCIE permit 20


R4(config-router)#neighbor 3.3.3.1 route-map CCIE out
• When you are manually manipulating AS paths, the only valid AS number that you can prepend is the AS
number of the sender.
• Prepending any other AS number will cause problems.

R3#sh ip bgp 10.0.0.0
1
600 500
2.2.2.1 from 2.2.2.1 (12.0.3.1)
500 500 500 500 500
3.3.3.2 from 3.3.3.2 (14.0.3.1)
1 2.2.2.1 80 msec 80 msec 24 msec

2 1.1.1.1 [AS 600] 96 msec ,., 92 msec
MED (Multi Exit Discriminator)
► MED is optional and non tra nsitiv e.
► MED define how the data traffic should AS 65500

enter an AS. 172.20.0.0
MED is used to advertise to EBGP neighbor
o nly .
► The default value of the MED attribute is 0 .
► The MED is called the "metric" in Cisco 105

software.
► A lower MED value means more preferred.
► The MED is not propagated outside of a

receiving AS.
► An AS can specify its preferred entry point

using the MED in outgoing EBGP updates.
Rl#sh ip bgp
BGP table versi on is 15. local router ID i s 11.0.3.1
Status codes: s suppressed. d damped. h history, • vali d. > best, i - inte rnal.
r RIB-failu re. S Stale
O rigin codes: i - IGP. e - EGP. ? - incomplete
..
Netwo rk Next Hop Metric LocPrf Weight Path
* > 1.0.0.0 0.0.0.0 0 32768 i R2
4.4.4.1 0 700 600 i
1.1.1.2 0 0600 i
• 2.0.0.0
*>
4.4.4.1
1.1.1.2 0
0 700 600 i
0600 i .. - L
* 3.0.0.0
*>
*> 4.0.0.0
4.4.4.1
1.1.1.2
0.0.0.0
0
0
0 700 i
0600 i
32768 i
4"
* 4.4.4.1 0 0700 i
*> 10.0.0 .0 0.0 .0.0 0 32768 i
., 20.0.0.0 4.4.4.1 0 700 600 i
*> 1.1.1.2 0 0600i
AS700
com
com
TASK: Configure AS 500 to exit via Rl - R4( AS 700) to reach AS 600
Rl (co nfig)# ro ute r bgp 500

Rl (co nfig -ro ute r)# ne ig hbo r 4.4.4.1 weight 4000
Rl #sh ip bgp
BGP tab le version is 20. local router ID is 11.0.3.1
Status codes: s suppressed. d damped. h history.• valid. > best . i - internal.
R2
r RIB-failure. S Stale
Orig in codes: i - IGP. e - EGP. ? - incomplete
AS600
l
.
* > 1.0.0.0 0.0.0.0 0 32768 i
4.4.4.1 4000 700 600 i
.
* 1.1.1.2 0 0600 i
'' > 2.0.0.0 4.4.4.1 4000 700 600 i AS SOO
..
*> 3.0.0.0 1.1.1.2
4.4.4.1 0 0 0600
4000i 700 i
1.1.1.2 0600 i
*> 4.0.0.0 0.0.0.0 0 32768 i
4.4.4.1 0 4000 700 i AS700
*> 10.0.0.0 0.0.0.0 0 32768 i
*> 20.0.0.0 4.4.4.1 4000 700 600 i
.
1.1.1.2 0 0600 i
*> 30.0.0.0 4.4.4.1 4000 700 600 i
1.1.1.2 0600 i
4.4.4.1 0 4000 700 i
1.1.1.2 0 600 700 i
TASK:
• Configure AS 500 to ensure that the return traffic from AS-600 also should use the same path ( R2-R3-R4) as
exit .
• Path selection from AS-600 ( return traffic) should not be done based on AS-path (instead use MED)
• Do not use local preference or weight in AS 600
Possible solu tio ns :
.
R2
L Using local preference in AS 600 --?J..- o

AS600
2. Modify AS-path
3. Using MED 30 •
R3
AS 500
....,,-,.. ..
Possible solu tio ns using MED : .,.,.. ._\"'
ensure that both sides AS-path same ( prepend on R1-R2) 4 :,,,

and compare MED for external ro utes
i ..
AS700
tell AS-600 to ignore AS- path and use a lwa ys MED( -

metric) for external ro utes
TASK:
• Configure AS 500 to ensure that the return traffic from AS-600 also should use the same path ( R2 -R3 -R4 ) as
exit.
Rl (config)#route-map CCIE permit 10

Rl (config-route-map)# set metric 120
Rl (config-route-map)# set as-path prepend 500 _J
R1(co nfig-ro ute-m ap)#exit 4·
Rl (config)#router bgp 500 ASSOO
Rl (co nfig-ro uter)#neighbo r 1.1.1.2 route-map CCIE out

AS700
Rx(config)#router bgp 600

Rx(config-ro uter )# bgp bestpath as-path ignore
Rx(config-ro uter)# bgp alw ays-co mpare -med
Rx(config-ro uter)# exit
LAB: MULTI-EXIT DISCRIMINATOR (METRIC)
AS600
- 1F0/0
r 0.1.1.1/8
32T
AS 500
R3
f
AS700
TASK:
• Configure basic IBGP and EBGP peering using direcly connected interfaces
• Advertise all the Networks as per the Diagram
• Make sure that the next-hop address should be the next router address

router)# exit



1.1.1.1 4 500 17 17 10 0 0 00:10:12 4
2.2.2.2 4 600 17 17 10 0 0 00:09:32 5

Neighbor V AS MsgRcvd MsgSent
TblVer lnQ OutQ Up/Down State/PfxRcd
3.3.3.1 4 600 7 8 9 0 0 00:00:21 7
4.4.4.2 4 500 8 8 9 0 0 00:00:48 7
R4#sh ip bgp

-;':
1.0.0.0
3.3.3.1 0 600 i
'''> 4.4.4.2 0 0 500 i
' > 2.0.0.0 3.3.3.1 0 0 600 i
0
'
-;':
4.4.4.2 0 500 600 i
-;':
3.0.0.0 4.4.4.2 0 500 600 i
-;':
3.3.3.1 0 0 600 i
'''> 0.0.0.0 0 32768 i
' > 4.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
4.4.4.2 0 0 500 i
-;':
10.0.0.0 3.3.3.1 0 600 500 i
'''> 4.4.4.2 0 0 500 i
' > 20.0.0.0 3.3.3.1 0 600 i
0
'
-;':
4.4.4.2 0 500 600 i
-;':
30.0.0.0 4.4.4.2 0 500 600 i
'''> 3.3.3.1 0 0 600 i
'>
0
'
0.0.0.0 0 32768 i
40.0.0.0
R4#
R3#sh ip bgp

-;': 1.0.0.0 3.3.3.2 0 700 500 i
'''>i 2.2.2.1 0 100 0i
,., i2.0.0.0 2.2.2.1 0 100 0i
'''> 0.0.0.0 0 32768 i
-;':
3.0.0.0 3.3.3.2 0 0 700 i
'''> 0.0.0.0 0 32768 i
' > 4.0.0.0 3.3.3.2 0 0 700 i
0
'
,.,i 1.1.1.1 0 100 0 500 i

* 10.0.0.0 3.3.3.2 0 700 500 i
*>i 1.1.1.1 0 100 0500i
' > i20.0.0.0 2.2.2.1 0 100 0i
0
'
' > 30.0.0.0 0.0.0.0 0 32768 i

0
'
' > 40.0.0.0 3.3.3.2 0 0 700 i

0
'
R3#sh ip route bgp

B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:23:23
B 4.0.0.0/8 [20/0] via 3.3.3.2, 00:23:10
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:23:23
B 40.0.0.0/8 [20/0] via 3.3.3.2, 00:23:10
B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:01:43
R2#sh ip bgp

-;': 1.0.0.0 1.1.1.1 0 0 500 i
'''> 0.0.0.0 0 32768 i
,., i2.0.0.0 2.2.2.2 0 100 0i
'''> 0.0.0.0 0 32768 i
-;':
3.0.0.0 1.1.1.1 0 500 700 i
'''>i 2.2.2.2 0 100 0i
,., i4.0.0.0 3.3.3.2 0 100 0 700 i
'''> 1.1.1.1 0 0 500 i
' > 10.0.0.0
1.1.1.1 0 0 500 i
'
0
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > i30.0.0.0 2.2.2.2 0 100 0i

0
'
-;':
40.0.0.0 1.1.1.1 0 500 700 i
'''>i 3.3.3.2 0 100 0 700 i
R2#sh ip route bgp
B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:22:13
B 4.0.0.0/8 [20/0] via 1.1.1.1, 00:23:11
B 40.0.0.0/8 [200/0] via 3.3.3.2, 00:00:18
B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:23:11
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:22:13


R3#sh ip bgp

-;': 1.0.0.0 3.3.3.2 0 700 500 i
'''>i 2.2.2.1 0 100 0i
,., i2.0.0.0 2.2.2.1 0 100 0i
'''> 0.0.0.0 0 32768 i
-;':
3.0.0.0 3.3.3.2 0 0 700 i
'''> 0.0.0.0 0 32768 i
' > 4.0.0.0 3.3.3.2 0 0 700 i
0
'
,.,i 2.2.2.1 0 100 0 500 i

-;':
10.0.0.0 3.3.3.2 0 700 500 i
'''>i 2.2.2.1 0 100 0 500 i
' > i20.0.0.0 2.2.2.1 0 100 0i
0
'
' > 30.0.0.0 0.0.0.0 0 32768 i

0
'
' > 40.0.0.0 3.3.3.2 0 0 700 i

0
'
R3#sh ip route bgp

B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:27:35
B 4.0.0.0/8 [20/0] via 3.3.3.2, 00:27:22
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:27:35
B 40.0.0.0/8 [20/0] via 3.3.3.2, 00:27:22
B 10.0.0.0/8 [200/0] via 2.2.2.1, 00:01:56
R2#sh ip bgp

-;':
1.0.0.0 1.1.1.1 0 0 500 i
'''> 0.0.0.0 0 32768 i
,., i2.0.0.0 2.2.2.2 0 100 0i
'''> 0.0.0.0 0 32768 i
' > i3.0.0.0 2.2.2.2 0 100 0i
0
'
,., i4.0.0.0 2.2.2.2 0 100 0 700 i

'''> 1.1.1.1 0 0 500 i
' > 10.0.0.0 1.1.1.1 0 0 500 i
0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > i30.0.0.0 2.2.2.2 0 100 0i

0
'
-;':
40.0.0.0 1.1.1.1 0 500 700 i
'''>i 2.2.2.2 0 100 0 700 i
R2#sh ip route bgp

B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:27:48
B 4.0.0.0/8 [20/0] via 1.1.1.1, 00:28:46
B 40.0.0.0/8 [200/0] via 2.2.2.2, 00:02:23
B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:28:46
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:27:48
TASK: Configure AS 500 to exit via Rl- R4( AS 700) to reach AS 600
Rl#sh ip bgp

' > 1.0.0.0
0.0.0.0 0 32768 i
'
0
-;':
4.4.4.1 0 700 600 i
-;': 1.1.1.2 0 0 600 i
-;':
2.0.0.0 4.4.4.1 0 700 600 i
'''> 1.1.1.2 0 0 600 i
-;':
3.0.0.0 4.4.4.1 0 0 700 i
'''> 1.1.1.2 0 600 i
' > 4.0.0.0
0.0.0.0 0 32768 i
'
0
-;':
4.4.4.1 0 0 700 i
' > 10.0.0.0
0.0.0.0 0 32768 i
'
0
-;':
20.0.0.0 4.4.4.1 0 700 600 i
*> 1.1.1.2 0 0600i
-;':
30.0.0.0 4.4.4.1 0 700 600 i
'''>
' > 40.0.0.0 1.1.1.2 0 600 i
4.4.4.1 0 0 700 i
'
0
-;':
1.1.1.2 0 600 700 i
700 600
4.4.4.1 from 4.4.4.1 (14.0.3.1)
600
1.1.1.2 from 1.1.1.2 (12.0.3.1)

Flag: 0x820
1
700 600
4.4.4.1 from 4.4.4.1 (14.0.3.1)
600
1.1.1.2 from 1.1.1.2 (12.0.3.1)
1 1.1.1.2 152 msec ,., 56 msec
1 1.1.1.2 48 msec 40 msec 24 msec

2 2.2.2.2 [AS 600] 56 msec ,., 56 msec

Rl(config-router)#neighbor 4.4.4.1 weight 4000
Rl(config-router)#do clear ip bgp * soft
Rl#sh ip bgp

' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
4.4.4.1 4000 700 600 i
-;': 1.1.1.2 0 0 600 i
' > 2.0.0.0 4.4.4.1 4000 700 600 i
0
'
-;': 1.1.1.2 0 0 600 i

' > 3.0.0.0 4.4.4.1 0 4000 700 i
0
'
-;': 1.1.1.2 0 600 i

' > 4.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
4.4.4.1 0 4000 700 i
' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
*> 20.0.0.0 4.4.4.1 4000 700 600 i

-;': 1.1.1.2 0 0 600 i
' > 30.0.0.0 4.4.4.1 4000 700 600 i
0
'
-;':
1.1.1.2 0 600 i
' > 40.0.0.0 4.4.4.1 0 4000 700 i
0
'
-;': 1.1.1.2 0 600 700 i

Flag: 0x820
1
700 600
4.4.4.1 from 4.4.4.1 (14.0.3.1)
600
1.1.1.2 from 1.1.1.2 (12.0.3.1)

Flag: 0x820
1
700
4.4.4.1 from 4.4.4.1 (14.0.3.1)
Origin IGP, metric 0, localpref 100, weight 4000, valid, external, best
600 700
1.1.1.2 from 1.1.1.2 (12.0.3.1)
TASK:
• Configure AS 500 to ensure that the return traffic from AS-600 also should use the same path ( R2-R3-R4) as
exit.
R2#sh ip bgp
Network 2 0.0
,., 1.0.0.0 .
'''> 0
'> .
0
'
Next Hop 1.1.1.1 M
0.0.0.0 e
0.0.0.0 t
r
i
c
L
o
c
P
r
f
W
e
i
g
h
t
P
a
t
h
5
0
0
i
0
32768 i
0
32768
i
,.,i
2.2.2.2 0 100 0i
,., 3.0.0.0 1.1.1.1 0 500 700 i
'''>i 2.2.2.2 0 100 Oi
' > 4.0.0.0
0
'
1.1.1.1 0 0 500 i
,.,i
2.2.2.2 0 100 0 700 i
'>
0
'
1.1.1.1 0 0 500 i
10.0.0.0 0.0.0.0 0 32768 i
'>
0
'
2.2.2.2 0 100 0i
20.0.0.0 1.1.1.1 0 500 700 i
' > i30.0.0.0 2.2.2.2
0
'
0 100 0 700 i
,., 40.0.0.0
'''>i
1 1.1.1.1 84 msec ,., 56 msec
R3#sh ip bgp 10.0.0.0

2
700 500
3.3.3.2 from 3.3.3.2 (14.0.3.1)
500
2.2.2.1 from 2.2.2.1 (12.0.3.1)
1 2.2.2.1 104 msec 36 msec 24 msec

2 1.1.1.1 48 msec ,., 96 msec
• AS 600 is exiting via R2 as per the based on default AS path ( shortest AS- path) to reach AS 500 (10.0.0.0)
• In order to ensure that we can ask AS 600 to configure local preference higher on R3( exit router) to prefer.
Possible solutions :
1. Using local preference in AS 600 ( But here we cannot use local preference or weight inside AS 600 as per
the requirement).
2. Modify AS-path ( Alternate solution will be , on AS 500 we can modify the AS-path and increase the AS
path while advertising to R2 ( AS 600) .
3. Using MED ( here our requirment is modify the return traffic based on Metric and not based on AS-path)
possible solutions using MED :

1. ensure that both sides AS-path same ( preprend on R1-R2) and compare MED for external routes
2. tell AS-600 to ignore AS-path and use always MED( metric) for external routes
R3#sh ip bgp 10.0.0.0
2
700 500
3.3.3.2 from 3.3.3.2 (14.0.3.1)
500
2.2.2.1 from 2.2.2.1 (12.0.3.1)
R3#
Rl(config)#route-map CCIE permit 10

Rl(config-route-map)# set metric 120
Rl(config-route-map)# set as-path prepend 500

Rl(config-router)#neighbor 1.1.1.2 route-map CCIE out
R2#sh ip bgp

1.0.0.0
-;':
1.1.1.1 120 0 500 500 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0 0.0.0.0 0 32768 i
0
'
,.,i 2.2.2.2 0 100 0i

-;':
3.0.0.0 1.1.1.1 120 0 500 500 700 i
'''>i 2.2.2.2 0 100 0i
,., 4.0.0.0 1.1.1.1 120 0 500 500 i
'''>i 2.2.2.2 0 100 0 700 i
* il0.0.0.0 2.2.2.2 0 100 0 700 500 i
*> 1.1.1.1 120 0 500 500 i
' > 20.0.0.0 0.0.0.0 0 32768 i
0
'
' > i30.0.0.0 2.2.2.2 0 100 0i

0
'
,., 40.0.0.0 1.1.1.1 120 0 500 500 700 i

'''>i 2.2.2.2 0 100 0 700 i
R2#sh ip bgp 10.0.0.0

Flag: 0x820
2
700 500
2.2.2.2 from 2.2.2.2 (13.0.3.1)
Origin IGP, metric 0, localpref 100, valid, internal
500 500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
• R2 is still prefering from Rl to exit AS..

• BGP best path is calculated based on EBGP prefered over IBGP( not using MED)
• MED value even though applied but it is ignored the reason is MED value is compared only for IBGP learend
routes not for EBGP by default
• In order to compare MED values for EBGP learned routes we need to add comand BGP always compare
MEd
BGP always compare MED
• You should use the MED in the route selection process only if both (all) paths come from the same AS.
• Use the bgp always-compare-med command to force the router to compare the MED even if the paths come
from different autonomous systems.
• You need to enable this option in the entire AS; otherwise, routing loops can occur.
R3#sh ip bgp 10.0.0.0

1
700 500
3.3.3.2 from 3.3.3.2 (14.0.3.1)
500 500
2.2.2.1 from 2.2.2.1 (12.0.3.1)
R2/R3
Rx(config-ro uter)# bgp always-compare-med
Rx(config-router)#exit
R3#sh ip bgp 10.0.0.0

1
700 500
3.3.3.2 from 3.3.3.2 (14.0.3.1)
500 500
2.2.2.1 from 2.2.2.1 (12.0.3.1)
R2#sh ip bgp 10.0.0.0

Flag: 0x820
700 500
2.2.2.2 from 2.2.2.2 (13.0.3.1)
500 500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
1 2.2.2.2 44 msec 88 msec 40 msec

2 3.3.3.2 44 msec 48 msec 48 msec
3 4.4.4.2 [AS 700] 80 msec ,., 96 msec
1 3.3.3.2 36 msec 100 msec 32 msec

2 4.4.4.2 [AS 700] 64 msec ,., 24 msec
TASK:
• Modify the same requirment without using prepending AS-path
Rl#sh run I s route-map

neighbor 1.1.1.2 route-map CCIE out
route-map CCIE permit 10

set metric 120
set as-path prepend 500

Rl (config-ro ute-ma p)#no set as-path prepend 500
R2#sh ip bgp 10.0.0.0

2
500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
R2#
R3#sh ip bgp 10.0.0.0
2
500
2.2.2.1 from 2.2.2.1 (12.0.3.1)
700 500
3.3.3.2 from 3.3.3.2 (14.0.3.1)
• AS-path is compared for BGP path selection and shortest AS-path is prefered in order to ensure that path
selection process to be done based on MED( metric) and not based on AS-path
• we can Configure AS 600 routers to ignore AS-path and compare MED value
• we are assuming that there is no local preference or weight used in AS 600 (incase if weight or
localpreference used in AS 600 then it will not use MED )
• MED is weaker metric than Localpreference or weight
R2/R3

Rx (config-ro uter )# bgp bestpath as-path ignore
Rx (config-ro uter )# bgp always-compare-med
Rx(config-router)# exit
Rx#clear ip bgp * soft

R3#sh ip bgp 10.0.0.0
Flag: 0x820
1
700 500
3.3.3.2 from 3.3.3.2 (14.0.3.1)
R2#sh ip bgp 10.0.0.0

Flag: 0x820
1
700 500
2.2.2.2 from 2.2.2.2 (13.0.3.1)
500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
BGP summarization
SUMMARIZATION
It is the process of combining smaller networks in to single large sub network

(Combining the contagious address into one and send to neighbor.)
► It helps in reducing the size of routing table.
Advantages
► Minimizing the routing table .
► Less use of resources like memo ry, processor, bandwidth.
AS 1
192.168.8.0/22
- - - - ►
so
BGP Summarization (Aggregation)
► It reduces the size of routing table
► It minimizes the number of routing updates.
► More complex than IGP protocols
In order to summarize at least one subnet must be in the BGP table (# sh ip bgp)
AS 1
192 .168 .8 .0/2
2- - - - ►
so
BGP Summarization: Configuration
R2#sh ip bgp I in 13
''> 13.0.0.0/24 2.2.2.2 0 0 300 i
'' > 13.0.1.0/ 24
* > 13.0.2 .0/
2.2.2.2
2.2.2.2
0 0 300 i
0 0 300 i I
24 2.2.2.2 0 0 300 i I
'' > 13.0.3 .0/
24
R3(con fig )# router bgp 300

R3(con fig -ro uter)#aggregate-address 13.0.0.0 255.255 .252.0 R2 _,..,,,, ,,.--- ----
R3 loopbac k -"
R3(con fig -ro uter)#end i) / • ·
.· / -.1,,,.. 13 . 0 . 0 . 1/ 24 '.
AS200
, 'i!,.0 13 .0 . 1.1/ 24 \
13 .0 .2 . 1/ 24
AS \ 1 3. 0. 3. 1/ 2
300
_.,,,..3. 8
"-.:,_ R3 ,'
'' > 1, 3 0.0.0 / 24 2.2.2.2 0 0 300 i
* > 13.,0 ,0 0/ 22 2.,2 2.2 0 0 300 I
'' > 13.0.1.0/ 24 2.2.2.2 0 0 300 i
'' > 13.0.2.0/2 4 2.2.2 .2 0 0 300 i
'' > 13.0.3.0/24 2.2.2.2 0 0 300 i
com
com
R3(config-router)#aggregate-address 13.0.0.0 255.255.252.0 summary-only
BGP tab le version is 16, lo cal router ID
s > 13.0.0.0/24
is 13.0.3 .1
0.0.0.0 0 32768 i I
* > 13.0.0.0/22 0.0.0.0 32768 i I
s > 13.0.1.0/24 0.0.0.0 0 32768 i
s > 13.0.2.0/24 0.0.0.0 0 32768 i
s > 13.0.3 .0/24 0.0.0.0 0 32768 i _ _..,,.. ,,,.,-- -·--. .
/' · R3 loopbac ks"'
AS200 .' f / -1.,,.,.. 13 . 0 . 0 . 1/ 24 '.
, - 0 13 .0 . 1.1/ 24 \
13 .0.2 . 1/ 24
1 3. 0. 3. 1/ 2
FO/
_..,,..3o y .1 8
"-.:,. R3 ••
'' > 13.0 .0 .0/2 2 2.2.2.2 0
0 300 i
BGP summarization: AS-set option

* > 14.0.0 .0 / 242.2 .2.2
' > 14.0 .1.0/ 242.2.2 .2
* > 14 .0 . 2 .0/ 242.2.2 .2
* > 14.0.3.0/242.2.2 .2

R2(con fig-router)#aggregate-address 14.0.0.0 255.255.252.0 summary-
only R2(con fig-rout er)#end
s> 14.0 .0.0/ 24 2.2.2 .2 0 300 400 i
*> 0.0 .0.0 32768 i
14.0.0.0/22
5 > 14. 0. 1.0/24 2.2.2.2 0 300 400 i
s> 14 .0. 2.0/24 2.2.2 .2 0 300 400 i
s> 14.0 . 3.0/24 2.2.2.2 0 300 400 i
com
com
BGP summarization: AS-set option
► Aggregation hides information previous found in the specific prefixes. This includes all
attributes, such as NEXT_HOP, AS_PATH and so on.
► The new prefi x appea rs to be originated from within the local AS.
► may result in the following

Su bo p t i m al ro utin g
Ro uti ng lo op s
Atomic Aggregate Attribute
The Atomic Aggregate is simply a Well-Known

Optional attribute
it indicates that the prefi x has been aggregated ..
that specifies that this is an aggregated route that
might or might-not be originated from the - -· - ..
advertising AS, _/· ., '::,.:,.'
\
1-. - )
:. , .,,,,.-·· - .
_
. ", Rl AS 100/
R2#sh ip bgp 14 .0.0.0/22 ' ··-

BGP rout in g tab le entry for 14.0.0.0/22. versi o n 31
---
Path s: (1 ava il ab le. best #1. table Defaul t-IP-Rout in g-Table)
Flag: 0x820
Adverti sed to update-groups:
1
Local, (aggregated by 200 12 .0 .3.1)
0 . 0 . 0.0 from 0.0.0.0 (12.0.3 .1)
O rigin IGP. localpref 100. we ight 32768. valid. aggregated. local. atom ic-aggrega te, best
com
com
TASK:
• Configure R2 to preserve the AS path information along with agregate address

R2 (config-router)#a ggregate-address 14.0.0.0 255.255.252.0 summary-only as- set
R2#sh ip bgp 14.0.0.0/22

BGP routing table entry for 14.0.0.0/22. version 38.....................--··- -;;
Paths: (1 available. best #1. tab le Default -I P-Rou ting-Table )/ , ,. ' \.
Flag: 0x820 {: v
Advertised to update-groups: . /
1 o. { ,.
300 400, (aggregated by 200 12.0. 3.1) ,::: :;,••/
_
·,
0.0.0.0 from 0.0.0.0 (12.0.3. 1)
Origin IGP. lo calpref 100. weight 32768. valid. aggregated. local. best
0 200 300 400 i
Suppress-map & un-Suppress-map:

► When you specify the summary-only keyword, all
specific prefixes are suppressed.
It is possible to suppress prefixes selectively, using

a route-map associated via the parameter suppress-
map.
The prefixe s permitted by this route-map are

suppressed ; '::.
!!:!: ! !!
prefixes denied by this route-map are NOT ·1
suppressed when performing summarization. 11.0.3.1/24 ,
' ·
, \ .:, /. 1
- .
Suppress-Maps
I
/ -i -- -=.-
• Configure RI to advertise the summary address (11.0 .0 .0/2 2) along with two speciififc prefixes( 11.0 .0.1/2 4,
11.0.1.1/24) 12.0 .0.1, 2 ♦ ••
: !!!::::: \
Rl (config)#access-list 11 permit 11.0.2.0 0.0.0.255 ( M
·. :.,,..,._. ._._,,.. :
I
Rl (config)#access-list 11 permit 11.0 . 3.0 0.0.0.255 ,,$,• · -:.-. /
.._Y '-- J\2- - . .--;; .:;: "\
Rl(config)#route-map SUP permit 10 , · .0:::::!
• 13.0 .0 . l/ :Z4 •.
Rl (config-route-map)#match ip address 11
Rl (config-route-map)#exit - :" .UM ::: · " '
, 13.0.3 . 1/ 24
- ..
11,0 . 1. 1/ 24 •
!!: :i !: :, . ' 30y .1 •
/ .·
/ ,,,,,-:- - _....·
,,,, . . . -- ·· · ·- ---...
0 ,,"• ·- ....... ..
11.:::::S.. V..,, -.;ttt locipHCb R41oop11Mb . \
· •
,, 14 .0 .0 . 1/ 24
14.0.1,1/ :14
12.0.10.1/24
12.0 . 11. 112• :
. 1
\ •• 1 :; 1 4. 0, 2. 1 / 24 1 2, 0 11.1/24 /
i--= 14 . 0.3 . 1 / 24 12.0 . 13.1/24 •·
....... g.................
_ .,,..,....
/
Rl (config-router)#aggregate-address 11.0.0.0 255.255.252.0 suppress-map SUP summary-only
Suppress-Maps
Rl#sh ip bgp I in 11
BGP table version is 69. local ro ut er ID is 1
> 11.0 .0.0/ 24 0.0.0 .0 0
1
-.0.3-. 1-
32768?
*> 11.0.0.0/22 0.0.0.0 32768 i
> 11.0 .1.0/24 0.0.0.0 0 32768?
11.0. 2.0/ 24 0.0.0.0 0 32768 ?
.0. 3.0/24 0.0.0.0 0 32768 ?
s> 12.0. 11.0/24 1.1.1.2 0 200 300 400 i
R2#sh ip bgp in 11
* > 11.0.0.0 /24 1.1.1.1 0 0100?
*> 11.0 .0.0/ 22 1.1.1.1 0 0100 i
* > 11.0. 1.0/24 1.1.1.1 0 0100?
* > 12 .0.11.0/2 4 2.2.2.2 0 300 400 i
1 .1.,,.
RS#sh ip bgp I in 11 i
\' - ..- :.-- ·
'' > 11.0.0.0/ 24 10.1.1.1 0 0100?
''> 11.0.0.0/ 22 10.1.1.1 0 0100 i
*> 11.0. 1.0/24 10.1.1.1 0 0 100?
Un-Suppress-Maps
Confiure Rt to advertise 11.0.0.0/24, 11.0.1.0/24 (unsuppress)

when it adveritse only to R2 along with summary Route.
R l (config)#ip prefix-list CClE permit 11.0.0 .0/2 4 Rl (config )#ip prefix-list CCIE
permit 11.0 .1.0/24
Rl(config)#route-map UN _SUP permit 10

Rl (config -rout e-m ap)#match ip address prefix-list CCIE R1(config-route-
map )#exit
Rl#sh ip bgp neighbors 1.1.1.2 adve rtised-routes I in

11
BGPs>ta11.0.0
ble ve.0/rsio
24 n is 0.0.0.0
77. local router ID is0 11.0 .3.1
32768?
''> 11.0 .0.0/ 22 0.0.0.0 32768 i
s> 11.0.1.0/ 24 0.0.0.0 0 32768?
LAB : BGP Summarization (Aggregation):
--.
,,,..----0 --
I
0f;< . . \
. 0
..
N
-
-
..
_ _,,,, ,,,..---
i> / ' 'R3 loopbac k
y· _13.0.0.1/24 ,
AS 200 \
--
I
:.,..,0, 13 .0 .1. 1 / 24
•il ,·i)_, \
/ -: <P 13.0.2.1/24
\' 13.0.3.1/24
'
) AS300\
TASK:
• configure BGP on R1/R2/R3 as per the diagram
• Advertise the loopback interfaces of R3 in BGP using Network command



R3(config-ro uter)# netw o rk 13.0.0.0 mask 255.255.255. 0
R3(config-ro uter)# netw o rk 13.0.1.0 mask 255.255.255.0


1.1.1.1 4 100 6 9 15 0 0 00:02:38 2
2.2.2.2 4 300 13 14 15 0 0 00:00:07 6
R2#sh ip bgp

-;': 1.0.0.0 1.1.1.1 0 0100 i
'''> 0.0.0.0 0 32768 i
,., 2.0.0.0 2.2.2.2 0 0 300 i
'''>
' > 10.0.0.0 0.0.0.0 0 32768 i
1.1.1.1 0 0100 i
'
0
*> 13.0.0.0/24 2.2.2.2 0 0 300 i

*> 13.0.1.0/24 2.2.2.2 0 0 300 i
*> 13.0.2.0/24 2.2.2.2 0 0 300 i
*> 13.0.3.0/24 2.2.2.2 0 0 300 i
' > 20.0.0.0 0.0.0.0 0 32768 i
0
'
' > 30.0.0.0 2.2.2.2 0 0 300 i

0
'
Rl#sh ip bgp

,., 1.0.0.0
1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0
0
'
' '>
0
1.1.1.2 0 0 200 i
10.0.0.0 0.0.0.0 032768 i
' > 13.0.0.0/24 1.1.1.2 0 200 300 i
0
'
NOA solutions, N.K Arcade, 1.1.1.2

2nd & 3rd 0 200to 300
floor,Opposite i
banjara function hall,Banjarahills Road-no-
' > 13.0.1.0/24
0
'
' > 13.0.2.0/24 1.1.1.2 0 200 300 i
0
'
' > 13.0.3.0/24 1.1.1.2 0 200 300 i

0
'
' > 20.0.0.0 1.1.1.2 0 0 200 i

0
'
'
0
' > 30.0.0.0 1.1.1.2 0 200 300 i
TASK:
• Configure R3 to summarize loopback routes as 13.0.0.0/22
'> 2.2.2.2 0 0 300 i
0
'
13.0.0.0/24 2.2.2.2 0 0 300 i

'> 2.2.2.2 0 0 300 i
0
'
13.0.1.0/24 2.2.2.2 0 0 300 i

'>
0
'
13.0.2.0/24
'>
0
'
13.0.3.0/24

R3(config-ro uter)# aggregate-add ress 13.0.0.0
R3#sh ip bgp

' > 1.0.0.0 2.2.2.1 0 0200 i
0
'
,., 2.0.0.0 2.2.2.1 0 0200 i

'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 2.2.2.1 0 200 100 i
0
'
' > 13.0.0.0/24 0.0.0.0 0 32768 ii

' > 13.0.0.0/22 0.0.0.0 32768 i
0
'
' > 13.0.1.0/24 0.0.0.0 0 32768 ii

' > 13.0.2.0/24 0.0.0.0 0 32768 ii
' > 13.0.3.0/24 0.0.0.0 0 32768 ii
' > 20.0.0.0 2.2.2.1 0 0200 i
0
'
' > 30.0.0.0 0.0.0.0 0 32768 i

0
'
' > 13.0.0.0/24 2.2.2.2 0 0 300 i
0
'
*> 13.0.0.0/22 2.2.2.2 0 0 300 i

' > 13.0.1.0/24 2.2.2.2 0 0 300 i
0
'
' > 13.0.2.0/24 2.2.2.2 0 0 300 i

0
'
' > 13.0.3.0/24

'
0
2.2.2.2 0 0 300 i
• Aggregate-address command advertises the aggregate route along with the individual prefixes.
• if we want to suppress(remove) those individual prefixes and advertise only the summary address we use
summary-only command
R3(config-router)#aggregate-address 13.0.0.0 255.255.252.0?
advertise-map Set condition to advertise attribute
as-set Generate AS set path information
attribute-map Set attributes of aggregate
nlri Nlri aggregate applies to
route-map Set parameters of aggregate
s umma !Y-o n l)'.'. Filter more S Qe cific routes from u date 9
suppress-map Conditionally filter more specific routes from updates
<er>
R3(config-router)#aggregate-address 13.0.0.0 255.255.252.0 summary-only
R3#sh ip bgp 13.0.0.0/22

1
Local, (aggregated by 300 13.0.3.1)
0.0.0.0 from 0.0.0.0 (13.0.3.1)
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, atomic-aggregate, best
• If you didn't specify any additional options to the command, it will create a new prefix in the BGP table,
with an empty AS_PATH.
• It would look like the new prefix was originated in the local AS.
• The new prefix will automatically have the weight value of 32768 and get a special attribute called
ATOMIC_AGGREGATE assigned.
• The ATOMIC AGGREGATE attribute is informational, and tells the other BGP speakers that this prefix is a
result of route aggregation and some information (like AS_PATH or other attributes) from the original
prefixes may be missing.
• BGP attaches another attribute called AGGREGATOR to the summarized prefix. This attribute specifies the
AS number and the BGP router-ID of the aggregating router.
• Just like the ATOMIC_AGGREGATE, the new attribute is also informational.
s> 13.0.0.0/24 0.0.0.0 0 32768 i
*> 13.0.0.0/22 0.0.0.0 32768 i
s> 13.0.1.0/24 0.0.0.0 0 32768 i
s> 13.0.2.0/24 0.0.0.0 0 32768 i
s> 13.0.3.0/24 0.0.0.0 0 32768 i
' > 13.0.0.0/22 2.2.2.2 0 0 300 i
0
'
R2#sh ip bgp 13.0.0.0/22

1
300, (aggregated by 300 13.0.3.1)
2.2.2.2 from 2.2.2.2 (13.0.3.1)
Origin IGP, metric 0, localpref 100, valid, external, atomic-aggregate, best
R2#sh ip bgp

,., 1.0.0.0 1.1.1.1
0 0 100 i
'> 0.0.0.0
0
'
0 32768 i
,., 2.0.0.0 2.2.2.2
0 0 300 i
'> 0.0.0.0 0 32768 i
0
'
' > 13.0.0.0/2 2 2.2.2.2 0 0 300 i

0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > 30.0.0.0 2.2.2.2 0 0 300 i

0
'
AS-SET option :
• Aggregation hides information previous found in the specific prefixes. This includes all attributes, such as
NEXT_HOP, AS_PATH and so on.
• The new prefix appears to be originated from within the local AS.
• This causes no problems if all specific prefixes belong to the local AS.
• However, when you summarize prefixes learned from other ASes, information hiding may result in the
following
1. Suboptimal routing, due to the loss of path information, such as AS_PATH, MED and so on.
2. Routing lo o ps, as removal of AS_PATH attribute and replacement it with an empty list will prevent BGP
loop-detection mechanism from working properly.
• To overcome it, it is possible to insert a special new member into the AS_PATH of the newly created
summary prefix.
• This can be done with an option called AS_SET
• Once we configure AS_SET the AS numbers found in all AS_PATHs of the specific prefixes.
• This list of AS numbers is unordered, unlike the regular AS_SEQUENCE element. It's only use is for routing
loop prevention mechanism.
• when BGP receives a prefix it scans the AS_PATH attribute. If the local AS number is found in any of the
AS_SET or AS_SEQUENCE elements, the prefix is dropped.
• By default, the aggregated address in BGP will not include the AS-Set information.
• In order to force the use of this information, specify the as-set option
o (Config-router)# aggregate-address <subnet> <mask>as-set.
TASK:
• Continue with same configs and add R4 to existing topology
• Configure R4 in AS 400 and advertise loopbacks of R4 in BGP
_ .,..,,,, ......--- ------
-i> / ' ' R3 loopback
, - - _ \P 13.0.0.1/24 ,
:,,,,,,"".: '
, ·,,i)_,0,
13 .0 .1. 1 / 2 4 \
d' 13.0.2.1/24
1 3. 0. 3. 1/ 2 4
\.
.
}
FO/
370 .1 s
,
R3 .,..,,,- -
'--- _
'?,· '.
Rl AS 100/
.....-.-- ---- -
.,..,,,, <?,<· ?,· - - -
R4
\ AS 400
__ .,..
,,,,



2.2.2.1 4 200 20 18 16 0 0 00:11:27 4
3.3.3.2 4 400 5 8 16 0 0 00:00:07 5
R3#sh ip bgp

' > 1.0.0.0 2.2.2.1 0 0200 i
0
'
,., 2.0.0.0 2.2.2.1 0 0200 i

'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 2.2.2.1 0 200 100 i
0
'
s> 13.0.0.0/24 0.0.0.0 0 32768 i

' > 13.0.0.0/22 0.0.0.0 32768 i
0
'
s> 13.0.1.0/24 0.0.0.0 0 32768 i

s> 13.0.2.0/24 0.0.0.0 0 32768 i
s> 13.0.3.0/24 0.0.0.0 0 32768 i
' > 14.0.0.0/24 3.3.3.2 0 0400 i
0
'
' > 14.0.1.0/24 3.3.3.2 0 0400 i

0
'
' > 14.0.2.0/24 3.3.3.2 0 0400 i

0
'
' > 14.0.3.0/24 3.3.3.2 0 0400 i

0
'
' > 20.0.0.0 2.2.2.1 0 0200 i

0
'
' > 30.0.0.0 0.0.0.0 0 32768 i

0
'
'
0
' > 40.0.0.0 3.3.3.2 0 0400 i
TASK: Configure R2 to Summarize the Loopbacks of R4 (14.0.0.0)
' > 14.0.0.0/24 2.2.2.2 0 300 400 i
0
'
' > 14.0.1.0/24 2.2.2.2 0 300 400 i

0
'
' > 14.0.2.0/24 2.2.2.2 0 300 400 i

0
'
'' > 14.0.3.0/24

0
2.2.2.2 0 300 400 i

R2 (config-router)#aggregate-address 14.0.0.0 255.255.252.0 summary-only
s> 14.0.0.0/24 2.2.2.2 0 300 400 i
*> 14.0.0.0/22 0.0.0.0 32768 i
s> 14.0.1.0/24 2.2.2.2 0 300 400 i
s> 14.0.2.0/24 2.2.2.2 0 300 400 i
s> 14.0.3.0/24 2.2.2.2 0 300 400 i
R2#sh ip bgp 14.0.0.0/22

Flag: 0x820
1
0.0.0.0 from 0.0.0.0 (12.0.3.1)
R2#sh ip bgp

-;': 1.0.0.0 1.1.1.1 0 0100 i
'''> 0.0.0.0 0 32768 i
,., 2.0.0.0 2.2.2.2 0 0 300 i
'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 1.1.1.1 0 0100 i
0
'
'
0
' > 13.0.0.0/22 2.2.2.2 0 0 300 i

s> 14.0.0.0/24 2.2.2.2 0 300 400 i
*> 14.0.0.0/22 0.0.0.0 32768 i
s> 14.0.1.0/24 2.2.2.2 0 300 400 i
s> 14.0.2.0/24 2.2.2.2 0 300 400 i
s> 14.0.3.0/24 2.2.2.2 0 300 400 i
' > 20.0.0.0 0.0.0.0 0 32768 i
0
'
' > 30.0.0.0 2.2.2.2 0 0 300 i

0
'
'' > 40.0.0.0

0
2.2.2.2 0 300 400 i
• The Atomic Aggregate is simply a Well-Known Optional attribute

• it indicates that the prefix has been aggregated ..
• that specifies that this is an aggregated route that might or might-not be originated from the advertising AS,
Rl#sh ip bgp

,., 1.0.0.0
1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0
0
'
1.1.1.2 0 0 200 i
' > 10.0.0.0
0
'
0.0.0.0 0 32768 i
'>
0
'
1.1.1.2 0 200 300 i
13.0.0.0/22
*> 14.0.0.0/22 1.1.1.2 0 0 200 i
' > 20.0.0.0 1.1.1.2 0 0 200 i
0
'
' > 30.0.0.0 1.1.1.2 0 200 300 i

0
'
' > 40.0.0.0 1.1.1.2 0 200 300 400 i

0
'
' > 14.0.0.0/24 3.3.3.2 0 0400 i
0
'
*> 14.0.0.0/22 2.2.2.1 0 0200 i
' > 14.0.1.0/24 3.3.3.2 0 0400 i
0
'
' > 14.0.2.0/24 3.3.3.2 0 0400 i

0
'
'
0
' > 14.0.3.0/24 3.3.3.2 0 0400 i
' > 14.0.0.0/24 0.0.0.0 0 32768 i
0
'
*> 14.0.0.0/22 3.3.3.1 0 300 200 i

' > 14.0.1.0/24 0.0.0.0 0 32768 i
0
'
' > 14.0.2.0/24 0.0.0.0 0 32768 i

0
'
' > 14.0.3.0/24 0.0.0.0 0 32768 i

0
'
TASK:
• Configure R2 to preserve the AS path information along with agregate address
R2#sh ip bgp 14.0.0.0/22

Flag: 0x820
1
0.0.0.0 from 0.0.0.0 (12.0.3.1)
R2# ship bgp


,., 1.0.0.0
1.1.1.1 0 0 100 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0
0
'
0.0.0.0 0 32768 i
' > 10.0.0.0
0
'
1.1.1.1 0 0100 i
'>
0
'
2.2.2.2 0 0 300 i
13.0.0.0/22 s> 2.2.2.2 0 300 400 i
14.0.0.0/24
'> 0.0.0.0 32768 i
0
'
14.0.0.0/22
s> 14.0.1.0/24 2.2.2.2 0 300 400 i
s> 14.0.2.0/24 2.2.2.2 0 300 400 i
s> 14.0.3.0/24 2.2.2.2 0 300 400 i
'> 0.0.0.0 0 32768 i

0
'
20.0.0.0 2.2.2.2 0 0 300 i

'> 2.2.2.2 0 300 400 i
0
'
30.0.0.0
'>
0
'
40.0.0.0
Rl#sh ip bgp I in 14.
,., > 14.0.0.0/22 1.1.1.2 0 0 200 i

R2 (config-router)#aggregate-address 14.0.0.0 255.255.252.0 summary-only ?
advertise-map Set condition to advertise attribute
as-set Generate AS set path information
attribute-map Set attributes of aggregate
route-map Set parameters of aggregate
summary-only Filter more specific routes from updates
suppress-map Conditionally filter more specific routes from updates
<er>
R2 (config-router)#aggregate-address 14.0.0.0 255.255.252.0 summary-only as-set

R2#sh ip bgp 14.0.0.0/22

Flag: 0x820
1
300 400, (aggregated by 200 12.0.3.1)
0.0.0.0 from 0.0.0.0 (12.0.3.1)
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, best
Rl#sh ip bgp I in 14.

,., > 14.0.0.0/22 1.1.1.2 0 0 200 300 400 i
TASK: verify AS-set with other example
• Connect RS to Rl and configure BGP as per the diagram
/
\ .'
( I
\
"
10 . 1-.,1. 1/ 8
. _ __ R1 AS
·· - -- --...
"
,o \ 'b
1 00 /
. ,,,
...
0
'!
,,,,.- . -. >•
\ '!,·
loopbacka R4 loopb cka \
'\ .. 0
14 .0 .0 . 1/ 24
14 .0 . 1. 1/ 24
12 .0 . 10 .1 / 2 4
12 .0 . 11 . 1/ 2 4
.......
14 .0 . 3 . 1/ 2 4 12 .0 .13.1/ 2 4,
0
I \.
I'
R4 o 14 .0 .2 . 1/
24 12 .0 .12 .1/ 2 4 /
{ . ----.-..._- f .- .. ,,/
-'-.. i AS400
. .,,,
.
\. RS
ASSOO
/
-- -- --- -·-
.-
'-..
··-
RS(config)#router bgp 500

RS(config-router)#neighbor 10.1.1.1 remote-as 100
RS(config-router)#network 10.0.0.0
RS(config-router)#no auto-summary
RS(config-router)#no synchronization
RS(config-router)#end
TASK:
• Advertise the loopback interfaces of R2 ( 12.0.0.1/24 , 12.0.1.1/24, 12.0.2.1/24, 12.0.3.1/24) in BGP
• Add lopback interfaces on R4 as given and adveritsed them in BGP on R4
• (12.0.10.1/24, 12.0.11.1/24, 12.0.12.1/24, 12.0.103.1/24)

R2 (config-router)#network 12.0.0.0 mask 255.255.255.0
R4(config)#int loop 10
R4(config-if)# ip address 12.0.10.1 255.255.255.0
R4(config-if)# int loop 11
R4(config-if)#exit

TASK:
• Configure Rl to summarize the 12. Networks ( in to one summary address) before it advertises to other
routers (RS)
' > 12.0.0.0/24 0.0.0.0 0 32768 i
0
'
' > 12.0.1.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.2.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.3.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.10.0/24 2.2.2.2 0 300 400 i

0
'
' > 12.0.11.0/24 2.2.2.2 0 300 400 i

0
'
' > 12.0.12.0/24 2.2.2.2 0 300 400 i

0
'
' > 12.0.13.0/24 2.2.2.2 0 300 400 i

0
'
' > 12.0.0.0/24 1.1.1.2 0 0 200 i
0
'
' > 12.0.1.0/24 1.1.1.2 0 0200 i

0
'
' > 12.0.2.0/24 1.1.1.2 0 0 200 i

0
'
' > 12.0.3.0/24 1.1.1.2 0 0 200 i

0
'
' > 12.0.10.0/24 1.1.1.2 0 200 300 400 i

0
'
' > 12.0.11.0/24 1.1.1.2 0 200 300 400 i

0
'
' > 12.0.12.0/24 1.1.1.2 0 200 300 400 i

0
'
'' > 12.0.13.0/24

0
1.1.1.2 0 200 300 400 i

Rl(config-router)#aggregate-address 12.0.0.0 255.255.240.0 summary-only
s> 12.0.0.0/24 1.1.1.2 0 0 200 i
' > 12.0.0.0/20 0.0.0.0 32768 i
0
'
s> 12.0.1.0/24 1.1.1.2 0 0 200 i

s> 12.0.2.0/24 1.1.1.2 0 0 200 i
s> 12.0.3.0/24 1.1.1.2 0 0 200 i
s> 12.0.10.0/24 1.1.1.2 0 200 300 400 i
s> 12.0.11.0/24 1.1.1.2 0 200 300 400 i
s> 12.0.12.0/24 1.1.1.2 0 200 300 400 i
s> 12.0.13.0/24 1.1.1.2 0 200 300 400 i
R5#sh ip bgp

' > 1.0.0.0 10.1.1.1
0
'
0 0100 i
' > 2.0.0.0 10.1.1.1
0
'
0100 200 i
,., 10.0.0.0 10.1.1.1
0 0 100 i
'> 0.0.0.0
0
'
0 32768 i
' > 12.0.0.0/20 10.1.1.1 0 0100 i
0
'
' > 13.0.0.0/22 10.1.1.1 0 100 200 300 i

0
'
' > 14.0.0.0/22 10.1.1.1 0 100 200 300 400 i

0
'
,., > 20.0.0.0 10.1.1.1 0 100 200 i

' > 30.0.0.0 10.1.1.1 0 100 200 300 i
0
'
' > 40.0.0.0 10.1.1.1 0 100 200 300 400 i

0
'
' > 12.0.0.0/20 10.1.1.1
0
'
0 0100 i
TASK:
Confiure Rl to preserve the AS path information when summarizing 12. Networks
s> 12.0.0.0/24 1.1.1.2 0 0 200 i
' > 12.0.0.0/20 0.0.0.0 32768 i
0
'
s> 12.0.1.0/24 1.1.1.2 0 0 200 i

s> 12.0.2.0/24 1.1.1.2 0 0 200 i
s> 12.0.3.0/24 1.1.1.2 0 0 200 i
s> 12.0.10.0/24 1.1.1.2 i 0 200 300 400
s> 12.0.11.0/24 1.1.1.2 i 0 200 300 400
s> 12.0.12.0/24 1.1.1.2 0 200 300 400 i
s> 12.0.13.0/24 1.1.1.2 0 200 300 400
i

Rl(config-router)#aggregate-address 12.0.0.0 255.255.240.0 summary-only as-set
s> 12.0.0.0/24 1.1.1.2 0 0 200 i
'> 0.0.0.0 100 32768 {200,300,400} i
0
'
12.0.0.0/20
s> 12.0.1.0/24 1.1.1.2 0 0 200 i
s> 12.0.2.0/24 1.1.1.2 0 0 200 i
s> 12.0.3.0/24 1.1.1.2 0 0 200 i
s> 12.0.10.0/24 1.1.1.2 0 200 300 400 i
s> 12.0.11.0/24 1.1.1.2 0 200 300 400 i
s> 12.0.12.0/24 1.1.1.2 0 200 300 400 i
s> 12.0.13.0/24 1.1.1.2 0 200 300 400 i
Rl#sh ip bgp 12.0.0.0/20

1
{200,300,400}, (aggregated by 100 11.0.3.1)
0.0.0.0 from 0.0.0.0 (11.0.3.1)
Origin IGP, localpref 100, weight 32768, valid, aggregated, local, best
RS#sh ip bgp I in 12
' > 12.0.0.0/20 10.1.1.1 0 0 100 {200,300,400} i
0
'
SUPPRESS-MAP:
• When you specify the summary-only keyword, all specific prefixes are suppressed.
• It is possible to suppress prefixes selectively, using a route-map associated via the parameter suppress-map.
• The prefixes permitted by this route-map are suppressed; prefixes denied by this route-map are NOT
suppressed when performing summarization.
TASK: BGP Aggreation using Suppress-map

• Adverise the 11. Loopback interfaces through redistribution in to BGP
• Configure Rl to advertise the summary address (11.0.0.0/22) along with two speciififc prefixes( 11.0.0.1/24,
11.0.1.1/24)
• Use BGP Aggregation with suppress map
/ R3loopb cb "'
11.0.0.1/ 24,
( 11.0.1.1/ 24.)
11.0.2.1/24
\ 11.0.3.1/24
/
-'?I•
Rl AS 100
-
. _./
-- -- -. ,o r,\'ti
---- -- :\-' '?,·
-··
< loopbacb R4loopb cb\
(
- -
o 14.0.0.1/ 2412.0.10.1/ 24
--
14.0.1.1/ 2412.0.11.1/24
.
00
' --
R4o-"! 14.0.2.1/ 24 12.0.12.1/24 /
( \ f. ;
14.0.3.1/ 24 12.0.13.1/ 24 ,
,,,-/
. .. g
I - ----"--- -- '- . AS 400
- .-
-..--
Rl(config)#route-map CONNECTED - permit
- - 10
Rl(config-route-map)#match interface loopback 0
- -

Rl(config-router)#redistribute connected route-map CONNECTED
Rl#sh ip bgp I In 11
' > 11.0.0.0/24 0.0.0.0 0 32768?
0
'
' > 11.0.1.0/24 0.0.0.0 0 32768?

0
'
' > 11.0.2.0/24 0.0.0.0 0 32768?

0
'
' > 11.0.3.0/24 0.0.0.0 0 32768?

0
'
s> 12.0.11.0/24 1.1.1.2 0 200 300 400 i

OR
Rl(config)# access-list 11 deny 11.0.1.0 0.0.0.255
Rl(config)# access-list 11 deny 11.0.0.0 0.0.0.255
Rl(config)# access-list 11 permit any
Rl(config)#route-map SUP permit 10

Rl(config-route-map)#match ip address 11

Rl(config-router)#aggregate-address 11.0.0.0 255.255.252.0 suppress-map SUP summary-only
' > 11.0.0.0/24 0.0.0.0 0 32768?
*> 11.0.0.0/22 0.0.0.0 32768 i
' > 11.0.1.0/24 0.0.0.0 0 32768?
11.0.2.0/24 0.0.0.0 0 32768 ?
.0.3.0/24 0.0.0.0 0 32768?
s> 12.0.11.0/24 1.1.1.2 0 200 300 400 i
' > 11.0.0.0/24 1.1.1.1 0 0 100 ?
' > 11.0.0.0/22 1.1.1.1 0 0 100 i
0
'
' > 11.0.1.0/24 1.1.1.1 0 0 100 ?

' > 12.0.11.0/24 2.2.2.2 0 300 400 i
0
'
'> 10.1.1.1 0 0100?
0
'
11.0.0.0/24 10.1.1.1 0 0100 i

'> 10.1.1.1 0 0100?
0
'
11.0.0.0/22
' > 11.0.1.0/24
0
'
UNSUPPRESS-MAP:
• Local networks are advertised into BGP and aggregated by the border BGP speakers.
• It is often desirable to load-balancing traffic ingress to the local AS, so that traffic to some subnets enters via
one BGP peer and the other peer is used as the entry point for other subnets.
• Tto accomplish this, you need to advertise all specific prefixes on both uplinks and use AS_PATH prepending
to modify prefixes preference.
• This scheme implements load balancing and provides backup in case of any uplink failures.
• To implement this technique, you may use the unsuppress-mapBGP feature.

• This feature could be only configured on the router that performs prefix aggregation using the command
aggregate-address ... summary-only.
• The feature uses a special route-map that matches and permits the prefixes need to be unsuppressed. The
feature is applied only on per-neighbor basis
TASK:
• Remove the Aggregation done on the Rl in the previous task.
• Confiure Rl to advertise 11.0.0.0/24, 11.0.1.0/24 (unsuppress) when it adveritse only to R2 along with
summary Route.
• The other neighbors should receive only summary routes and should not recieve the above two
routes mentioned.
Rl(config)#no access-list 11
Rl(config)#no route-map SUP

Rl(config-router)# no no aggregate-address 11.0.0.0 255.255.252.0 summary-only suppress-map SUP
• When the aggregate route is advertised to the selected peer, all the suppressed prefixes found in the local
BGP table are matched against the configured unsuppress-map.
• The matching prefixes are advertised in addition to the summary prefix.
• Other peers or the local BGP table are not affected by this configuration.
Rl#sh ip bgp I
in 11
' > 11.0.0.0/24 0.0.0.0 0 32768?
0
'
' > 11.0.1.0/24 0.0.0.0 0 32768?

0
'
' > 11.0.2.0/24 0.0.0.0 0 32768?

0
'
' > 11.0.3.0/24 0.0.0.0 0 32768?

0
'
s> 12.0.11.0/24 1.1.1.2 0 200 300 400 i
Rl(config)#ip prefix-list CCIE permit

11.0.0.0/24 Rl(config)#ip prefix-list CCIE permit
11.0.1.0/24
Rl(config)#route-map UN_SUP permit 10

Rl(config-route-map)#match ip address prefix-list CCIE

Rl(config-router)#aggregate-address 11.0.0.0 255.255.252.0 summary-only
Rl (config-router)#neighbor 1.1.1.2 unsuppress-map UN _SUP
s> 11.0.0.0/24 0.0.0.0 0 32768?
' > 11.0.0.0/22 0.0.0.0 32768· 1
s> 11.0.1.0/24 0.0.0.0 0 32768?
s> 11.0.2.0/24 0.0.0.0 0 32768?
s> 11.0.3.0/24 0.0.0.0 0 32768?
s> 12.0.11.0/24 1.1.1.2 0 200 300 400 i
Rl#sh ip bgp neighbors 1.1.1.2 advertised-routes I in 11

s> 11.0.0.0/24 0.0.0.0 0 32768?
' > 11.0.0.0/22 s> 11.0.1.0/24 0.0.0.0 32768 i
0
'
0.0.0.0 0 32768?
' > 11.0.0.0/24
0
'
' > 11.0.0.0/22 1.1.1.1 0 0100?

0
'
' > 11.0.1.0/24 1.1.1.1 0 0100 i

0
'
1.1.1.1 0 0100?
' > 12.0.11.0/24 2.2.2.2 0 300 400 i
0
'
Rl#sh ip bgp neighbors 10.1.1.5 advertised-routes I in 11

' > 11.0.0.0/22 0.0.0.0 32768 i
0
'
RS#sh ip bgp I in 11
' > 11.0.0.0/22 10.1.1.1 0 0100 i
0
'
BGP Route-filtering options
using Route-maps. prefix-list. ACL. As-path filters using

regular expressions
Why do we need Route Filtering Methods
► You might need to control exactly which routes are advertised or redistributed, or which paths are
chosen .
► Advertise only some specific Routes to Neighbor (Security reasons)
► Redistribute Specific Routes
► Preventing Routing loops
► Path Manipulation of some specific Routes
► Changing Metric and Metric-type for specific routes
► Changing The Administrative Distance for Specific Routes
► With BGP
• Control li ng routes to be adve rti sed to ISP
• Control routes to g et in to routing table
► Policy Based Routing
com
BGP route Filtering
ASN 80 ASN 1, ISP 1
ASN 2, ISP 2
ASN 1, ISP 1
ASN 80
TASK:
• Configure Rl to block network 20 .0.0 .0 from getting in to its routing/BGP table of Rl
• use Di stribution list / Access-li st.
Rl#sh ip bgp 20 .0.0 .0

BGP rout ing tab le entry for 20.0.0.0/ 8. version 7
Paths: (2 avai lab le, best #1. tab le Default-IP-Routing -Tab le)
Advert ised to update-groups:
1
200
1.1.1.2 from 1.1.1.2 (12.0.3.1) R2
AS200
Or igin IGP, metric O. l oca lpref 100, vali d, external, best
400 300 200
FO/OI
4.4.4.1 from 4.4.4.1 (14.0 .3.1)
Or igin IGP. localpref 100. valid. external

IFO/O
0 . 1 . 1 .1/ 8
3 0 .1.1. 1/
com
TASK:
• Configure Rl to block network 20.0.0 .0 from getting in to its routing/BGP table of Rl
• use Distribution list /Access-list.
Rl (config) #access-list 20 deny 20.0.0.0 0.255.255.255

Rl (config)#access-list 20 permit any
Rl (config)# ro uter bgp 100

R1(config-ro uter) # neig hbo r 1.1.1.2 distribute-list 20 in
R1(config-ro uter) # neig hbo r 4.4.4.1 distribute-list 20 in R2
AS200
Rl (config-ro uter) #end
IPO/O F0/01
3 0 . 1 . 1.1 /
.0 . 1 . 1 1/8

AS400
R2#sh ip bgp neighbors 1.1.1.1 advertised-routes I in 20

'' > 20.0 .0.0 0.0.0.0 0 32768 i
TASK:
• Configure Rl to block network 20.0.0 .0 from getting in to its routing/BGP table of Rl
Rl (config)#ip prefix-list CCIE deny 20.0.0.0/8

Rl (config )# ip prefix-list CCIE permit 0.0.0.0/0 le 32
Rl (co nfig)# ro uter bgp 100

R1(co nfig -ro uter) # neigh bo r 1.1.1.2 prefix-list CCIE in
Rl (config -router) # neigh bo r 4.4.4.1 prefix-list CCIE in R2
AS200
IPO/O PO/OI
30.1 .1 .1 /
.0 . 1 . 1 1/ 8

AS400
Rl#sh ip bgp 20 .0 .0 .0
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions.com Page 1BO
LAB: BGP Filtering Using ACL. Prefix-list. Route-maps
.....
.
N
IS'
-i>
..,
·,i)./
·,i
....d.. '
R2
AS 200
I. F0/0
AS 100 ,.
30.1.1.1/
j
r 0.1.1.1/ 8
AS300
AS400
TASK:
• Configure Basic EBGP configuration as per the diagram
• Advertise all directly connected interfaces as per diagram



1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions.com Page 1B
1



1.1.1.2 4 200 96 96 10 0 0 01:29:05 5
4.4.4.1 4 400 95 95 10 0 0 01:27:41 5
Rl#sh ip bgp

-;': 1.0.0.0 1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
-;':
2.0.0.0 4.4.4.1 0 400 300 i
'''> 1.1.1.2 0 0200 i
' > 3.0.0.0 4.4.4.1 0 0400 i
0
'
-;':
1.1.1.2 0 200 300 i
-;':
4.0.0.0 4.4.4.1 0 0400 i
'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
*> 20.0.0.0 1.1.1.2 0 0200 i

-;':
4.4.4.1 0 400 300 200 i
-;':
30.0.0.0 4.4.4.1 0 400 300 i
'''> 1.1.1.2 0 200 300 i
' > 40.0.0.0 4.4.4.1 0 0400 i
0
'


2.2.2.1 4 200 96 94 12 0 0 01:28:32 6
3.3.3.2 4 400 98 98 12 0 0 01:27:10 6
R3#sh ip bgp

-;':
1.0.0.0 3.3.3.2 0400100 i
'''> 2.2.2.1 0 0200 i
' > 2.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
2.2.2.1 0 0200 i
-;':
3.0.0.0 3.3.3.2 0 0400 i
'''> 0.0.0.0 0 32768 i
' > 4.0.0.0 3.3.3.2 0 0400 i
0
'
-;':
2.2.2.1 0200100 i
-;':
10.0.0.0 3.3.3.2 0400100 i
'''> 2.2.2.1 0200100 i
-;':
20.0.0.0 3.3.3.2 0 400 100 200 i
'''> 2.2.2.1 0 0200 i
' > 30.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
40.0.0.0 2.2.2.1 0 200 100 400 i
'''> 3.3.3.2 0 0400 i
TASK:
• Configure Rl to block network 20.0.0.0 from getting in to its routing/BGP table of Rl
• use Distribution list / Access-list.

1
200
1.1.1.2 from 1.1.1.2 (12.0.3.1)
400 300 200
4.4.4.1 from 4.4.4.1 (14.0.3.1)
Rl#sh ip bgp

-;': 1.0.0.0 1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0 1.1.1.2 0 0200 i
0
'
-;':
4.4.4.1 0 400 300 i
-;':
3.0.0.0 1.1.1.2 0 200 300 i
'''> 4.4.4.1 0 0400 i
-;':
4.0.0.0 4.4.4.1 0 0400 i
'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
' > 20.0.0.0 1.1.1.2 0 0 200 i

0
'
-;':
4.4.4.1 0 400 300 200 i
' > 30.0.0.0 1.1.1.2 0 200 300 i
0
'
-;':
4.4.4.1 0 400 300 i
-;':
40.0.0.0 1.1.1.2 0 200 300 400 i
'''> 4.4.4.1 0 0400 i
To filter Routes either we can configure inbound or outbound direction depending on the router selected to configure .
As per the requirement either we can configure
• On Rl to filter inbound reciveing from both neighbors (
R2/R4) or
• on R2/R4 filter BGP while advertising (outbound)
In this task, the output documented based on the first possible solution( Rl inbound)
Rl(config)#access-list 20 deny 20.0.0.0 0.255.255.255

Rl(config)#access-list 20 permit any

Rl (config-router)#neighbor 1.1.1.2 distribute-list 20 in
Rl (config-router)#neighbor 4.4.4.1 distribute-list 20 in
OR
R2(config)#access-list 20 deny 20.0.0.0 0.255.255.255

R2(config)#access-list 20 permit any

R2 (config-router)#neighbor 1.1.1.1 distribute-list 20 out
R4(config)#access-list 20 deny 20.0.0.0 0.255.255.255

R4(config)#access-list 20 permit any

R4(config-router)#neighbor 4.4.4.2 distribute-list 20 out

R2#sh ip bgp neighbors 1.1.1.1 advertised-routes I in 20

' > 20.0.0.0 0.0.0.0 0 32768 i
0
'
R4#sh ip bgp neighbors 4.4.4.2 advertised-routes

BGP table version is 15, local router ID is
14.0.3.1

' > 1.0.0.0 4.4.4.2 0 0100 i
0
'
' > 2.0.0.0 3.3.3.1 0 0 300 i

0
'
'> 3.0.0.0 0.0.0.0 0 32768 i

0
'
'> 4.0.0.0 0.0.0.0 0 32768 i

0
'
'> 10.0.0.0 4.4.4.2 0 0100 i

0
'
'> 20.0.0.0 3.3.3.1 0 300 200 i

0
'
'> 30.0.0.0 3.3.3.1 0 0 300 i

0
'
'> 40.0.0.0 0.0.0.0 0 32768 i

0
'
Total number of prefixes 8
R4 is advertising 20.0.0.0/8 network to Rl but Rl filters 20.0.0.0 inbound
LAB : BGP filtering using IP prefix-list
R2
AS 200
1- F0/0
F0/0
30.1.1.1/
j
r 0.1.1.1/ 8
AS400
• Continue with same configurations based on previous lab

• Remove the Configuration on Rl done in the previous lab.
• Reconfigure the same requriment using IP prefix-list Instead of ACL

Rl(config-router)#no neighbor 4.4.4.1 distribute-list 20 in
Rl(config-router)#no neighbor 1.1.1.2 distribute-list 20 in
Rl(config)#exit

Flag: 0x820
400 300 200
4.4.4.1 from 4.4.4.1 (14.0.3.1)
200
1.1.1.2 from 1.1.1.2 (12.0.3.1)
Rl(config)#ip prefix-list CCIE deny 20.0.0.0/8

Rl(config)#ip prefix-list CCIE permit 0.0.0.0/0 le 32

Rl(config-router)#neighbor 1.1.1.2 prefix-list CCIE in
Rl (config-router)#neighbor 4.4.4.1 prefix-list CCI E in


Network Next Hop Metric LocPrfWeight Path
' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
' > 2.0.0.0 0.0.0.0 0 32768 i

0
'
' > 3.0.0.0 2.2.2.2 0 0 300 i

0
'
' > 4.0.0.0 1.1.1.1 0 0100 i

0
'
'' > 10.0.0.0

0
1.1.1.1 0 0100 i
'' > 20.0.0.0
0
0.0.0.0 0 32768 i
' > 30.0.0.0 2.2.2.2 0 0 300 i
0
'
' > 40.0.0.0 2.2.2.2 0 300 400 i

0
'

' > 1.0.0.0 4.4.4.2 0 0 100 i
0
'
' > 2.0.0.0 3.3.3.1 0 0 300 i

0
'
' > 3.0.0.0 0.0.0.0 0 32768 i

0
'
' > 4.0.0.0 0.0.0.0 0 32768 i

0
'
' > 10.0.0.0 4.4.4.2 0 0100 i

0
'
' > 20.0.0.0 3.3.3.1 0 300 200 i

0
'
'' > 30.0.0.0

0
3.3.3.1 0 0 300 i
' > 40.0.0.0 0.0.0.0 0 32768 i
0
'

TASK:
• Remove the Prefix-list filter applied on Rl in the previous task
• Reconfigure the same task using route-map statement ( to match either use ACL or prefix-list)
Rl(config)#no ip prefix-list CCIE

Rl(config-router)#no neighbor 1.1.1.2 prefix-list CCIE in
Rl(config-router)#no neighbor 4.4.4.1 prefix-list CCIE in
Rl(config)#end

1
200
1.1.1.2 from 1.1.1.2 (12.0.3.1)
400 300 200
4.4.4.1 from 4.4.4.1 (14.0.3.1)
Rl(config)#route-map CCIE deny 10



Rl(config-router)#neighbor 1.1.1.2 route-map CCIE in
Rl(config-router)#neighbor 4.4.4.1 route-map CCIE in


' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
' > 2.0.0.0 0.0.0.0 0 32768 i

0
'
' > 3.0.0.0 2.2.2.2 0 0 300 i

0
'
' > 4.0.0.0 1.1.1.1 0 0100 i

0
'
'' > 10.0.0.0

0
1.1.1.1 0 0100 i
'' > 20.0.0.0
0
0.0.0.0 0 32768 i
' > 30.0.0.0 2.2.2.2 0 0 300 i
0
'
' > 40.0.0.0 2.2.2.2 0 300 400 i

0
'


' > 1.0.0.0 4.4.4.2 0 0100 i
0
'
' > 2.0.0.0 3.3.3.1 0 0 300 i

0
'
' > 3.0.0.0 0.0.0.0 0 32768 i

0
'
' > 4.0.0.0 0.0.0.0 0 32768 i

0
'
' > 10.0.0.0 4.4.4.2 0 0100 i

0
'
' > 20.0.0.0 3.3.3.1 0 300 200 i

0
'
' > 30.0.0.0 3.3.3.1 0 0 300 i

0
'
' > 40.0.0.0 0.0.0.0 0 32768 i

0
'
TASK: Remove the BGP filtering applied in the previous task.

Rl(config-router)#no neighbor 1.1.1.2 route-map CCIE in
Rl(config-router)#no neighbor 4.4.4.1 route-map CCIE in
Rl(config)#no route-map CCIE

Rl(config)#end

Flag: 0x820
1
400 300 200
4.4.4.1 from 4.4.4.1 (14.0.3.1)
200
1.1.1.2 from 1.1.1.2 (12.0.3.1)
TASK:
• Advertise 12.0.0.0 ( four loopback interfaces) of R2 using BGP network command
• Configure Rl to filter the routes ( 12.0.0.0/24 & 12.0.1.0/24) getting in to BGP table /Routing table
• Configure Prefix-based Based filtering only on Rl
R2 Loopbacks
12 .0 .0 .1 / 24
12 .0 .0 .1 / 24
C'I 12.0.0.1/24
i> .,; 2 .0 .0 .1 / 24
..
·;.> ./
·;.>
,. d'
R2 ,
AS200
-1 F0/0
roto
30 . 1. 1.
j
0. 1. 1.1 /8 1/
AS300
AS400
R2#sh ip bgp
,., 1.0.0.0 1.1.1.1 0 0 100 i
'''> 0.0.0.0 0 32768 i
-;':
2.0.0.0 2.2.2.2 0 0 300 i
'''> 0.0.0.0 0 32768 i
-;':
3.0.0.0 1.1.1.1 0100 400 i
'''> 2.2.2.2 0 0 300 i
' > 4.0.0.0 1.1.1.1 0 0100 i
0
'
-;':
2.2.2.2 0 300 400 i
' > 10.0.0.0 1.1.1.1 0 0100 i
0
'
-;': 2.2.2.2 0 300 400 100 i

' > 12.0.0.0/24 0.0.0.0 0 32768 i
0
'
' > 12.0.1.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.2.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.3.0/24 0.0.0.0 0 32768 i

0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > 30.0.0.0 2.2.2.2 0 0 300 i

0
'
-;':
40.0.0.0 1.1.1.1 0100 400 i
'''> 2.2.2.2 0 300 400 i
Rl#sh ip bgp

-;': 1.0.0.0 1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0 1.1.1.2 0 0200 i
0
'
-;':
4.4.4.1 0 400 300 i
-;':
3.0.0.0 1.1.1.2 0 200 300 i
'''> 4.4.4.1 0 0400 i
-;':
4.0.0.0 4.4.4.1 0 0400 i
'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
12.0.0.0/24 4.4.4.1 0 400 300 200 i
'''> 1.1.1.2 0 0200 i
-;':
12.0.1.0/24 4.4.4.1 0 400 300 200 i
'''> 1.1.1.2 0 0200 i
-;':
12.0.2.0/24 4.4.4.1 0 400 300 200 i
'''> 1.1.1.2 0 0200 i
-;':
12.0.3.0/24 4.4.4.1 0 400 300 200 i
'''> 1.1.1.2 0 0200 i
-;':
20.0.0.0 4.4.4.1 0 400 300 200 i
'''> 1.1.1.2 0 0200 i
' > 30.0.0.0 1.1.1.2 0 200 300 i
0
'
-;':
4.4.4.1 0 400 300 i
-;':
40.0.0.0 1.1.1.2 0 200 300 400 i
'''> 4.4.4.1 0 0400 i

Rl(config)#ip prefix-list CCIE permit 0.0.0.0/0 le 32

Rl(config-router)#neighbor 1.1.1.2 prefix-list CCIE in
Rl (config-router)#neighbor 4.4.4.1 prefix-list CCIE in



1
400 300 200
4.4.4.1 from 4.4.4.1 (14.0.3.1)
200
1.1.1.2 from 1.1.1.2 (12.0.3.1)

1
400 300 200
4.4.4.1 from 4.4.4.1 (14.0.3.1)
200
1.1.1.2 from 1.1.1.2 (12.0.3.1)


' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
' > 2.0.0.0 0.0.0.0 0 32768 i

0
'
'> 3.0.0.0 2.2.2.2 0 0 300 i

0
'
'> 4.0.0.0 1.1.1.1 0 0100 i

0
'
'> 10.0.0.0 1.1.1.1 0 0100 i

0
'
'> 12.0.0.0/24 0.0.0.0 0 32768 i

0
'
'> 12.0.1.0/24 0.0.0.0 0 32768 i

0
'
'> 12.0.2.0/24 0.0.0.0 0 32768 i

0
'
'> 12.0.3.0/24 0.0.0.0 0 32768 i

0
'
'> 20.0.0.0 0.0.0.0 0 32768 i

0
'
'> 30.0.0.0 2.2.2.2 0 0 300 i

0
'
'> 40.0.0.0 2.2.2.2 0 300 400 i

0
'


' > 1.0.0.0
0
'
4.4.4.2 0 0 100 i
' > 2.0.0.0 3.3.3.1 0 0 300 i
0
'
' > 3.0.0.0 0.0.0.0 0 32768 i

0
'
' > 4.0.0.0 0.0.0.0 0 32768 i

0
'
' > 10.0.0.0 4.4.4.2 0 0100 i

0
'
' > 12.0.0.0/24 3.3.3.1 0 300 200 i

0
'
' > 12.0.1.0/24 3.3.3.1 0 300 200 i

0
'
' > 12.0.2.0/24 3.3.3.1 0 300 200 i

0
'
' > 12.0.3.0/24 3.3.3.1 0 300 200 i

0
'
' > 20.0.0.0 3.3.3.1 0 300 200 i

0
'
' > 30.0.0.0 3.3.3.1 0 0 300 i

0
'
' > 40.0.0.0 0.0.0.0 0 32768 i

0
'
TASK:
• Remove the BGP filtering done in the previous task.
Rl(config)#ip prefix-list CCIE

Rl (config-ro uter)# no neighbor 1.1.1.2 prefix-list CCIE in
Rl (config-ro uter)# no neighbor 4.4.4.1 prefix-list CCIE
in Rl (config-router)#end
TASK:
• Configure loopback interfaces with their respective subnet mask given below.
Loopback 10 172.16.0.1/24
Loopback 11 172.16.1.1/25
Loopback 12 172.16.2.1/26
Loopback 13 172.16.3.1/27
Loopback 14 172.16.4.1/28
Loopback 15 172.16.5.1/29
Loopback 16 172.16.6.1/30
• Advertise loopback interfaces on R2 using RIPv2 and redistribute in to BGP
ro,o I
1- F0/0 3 . 1. 1. 1 , /
0.1. 1. 1 / 8 0
AS300
R2 (config)#interface LoopbacklO
R2 (config-if)#interface Loopbackl 1
R2 (config-if)#interface Loopback12
R2 (config-if)#exit
com
R2 (config-router)#ver 2
R2 (config-router)#network
172.16.0.0 R2 (config-router)#exit

R2 (config-router)#redistribute rip
R2#sh ip bgp
Network Next Hop Metric LocPrf Weight Path 0 0

,., 1.0.0.0
1.1.1.1
100 i
'> 0.0.0.0
0
'
0 32768 i
,., 2.0.0.0
2.2.2.2
0 0 300 i
'> 0.0.0.0
0
'
0 32768 i
,., 3.0.0.0
1.1.1.1
0100 400 i
'> 2.2.2.2
0
'
0 0 300 i
' > 4.0.0.0
1.1.1.1
0
'
0 0100 i
* 2.2.2.2 0 300 400 i
' > 10.0.0.0 1.1.1.1 0 0100 i
0
'
' > 12.0.0.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.1.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.2.0/24 0.0.0.0 0 32768 i

0
'
' > 12.0.3.0/24 0.0.0.0 0 32768 i

0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > 30.0.0.0 2.2.2.2 0 0 300 i

0
'
,., 40.0.0.0 1.1.1.1

0100 400 i
'> 2.2.2.2
0
'
0 300 400 i
' > 172.16.0.0/24 ' > 0.0.0.0 0 32768?
0 0
' '
172.16.1.0/25 ' > 172.16.2.0/26 0.0.0.0 0 32768?

0
'
' > 172.16.3.0/27 ' > 0.0.0.0 0 32768?

0 0
' '
172.16.4.0/28 ' > 172.16.5.0/29 0.0.0.0 0 32768?

0
'
' > 172.16.6.0/30 0.0.0.0 0 32768?

0
'
0.0.0.0 0 32768?
TASK: 0.0.0.0 0 32768?
• Configure Rl to fitler BGP routes part of subnet 172.16.0.0 and with subnetmask in between /27- /30
Rl#sh ip bgp
1.0.0.0
-;':
1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
,., 2.0.0.0 4.4.4.1 0 400 300 i
'''> 1.1.1.2 0 0200 i
' > 3.0.0.0
4.4.4.1 0 0400 i
'
0
-;': 1.1.1.2 0 200 300 i

,., 4.0.0.0 4.4.4.1 0 0400 i
'''> 0.0.0.0 0 32768 i
' > 10.0.0.0
0.0.0.0 0 32768 i
'
0
-;':
12.0.0.0/24 4.4.4.1 0 400 300 200 i
'''> 1.1.1.2 0 0200 i
-;':
12.0.1.0/24 4.4.4.1 0 400 300 200 i
'''> 1.1.1.2 0 0200 i
-;':
12.0.2.0/24 4.4.4.1 0 400 300 200 i
'''> 1.1.1.2 0 0200 i
-;':
12.0.3.0/24 4.4.4.1 0 400 300 200 i
'''> 1.1.1.2 0 0200 i
,., 20.0.0.0 4.4.4.1 0 400 300 200 i
'''> 1.1.1.2 0 0200 i
-;':
30.0.0.0 4.4.4.1 0 400 300 i
'''> 1.1.1.2 0 200 300 i
,., 40.0.0.0 1.1.1.2 0 200 300 400 i
'''> 4.4.4.1 0 0400 i
-;':
172.16.0.0/24 4.4.4.1 0 400 300 200?
'''> 1.1.1.2 0 0 200?
-;':
172.16.1.0/25 4.4.4.1 0 400 300 200?
'''> 1.1.1.2 0 0 200?
-;':
172.16.2.0/26 4.4.4.1 0 400 300 200?
'''> 1.1.1.2 0 0 200?
-;':
172.16.3.0/27 4.4.4.1 0 400 300 200?
'''> 1.1.1.2 0 0 200?
-;':
172.16.4.0/28 4.4.4.1 0 400 300 200?
'''> 1.1.1.2 0 0 200?
-;':
172.16.5.0/29 4.4.4.1 0 400 300 200?
'''> 1.1.1.2 0 0 200?
-;':
172.16.6.0/30 4.4.4.1 0 400 300 200?
'''> 1.1.1.2 0 0 200?
Rl(config)#ip prefix-list CCIER1 deny 172.16.0.0/16 ge 27 le 30

Rl(config)#ip prefix-list CCIER1 permit 0.0.0.0/0 le 32

Rl(config-router)#neighbor 4.4.4.1 prefix-list CCIER1 in
- internal, Rl#clear ip bgp * soft

Rl#sh ip bgp

,., 1.0.0.0 1.1.1.2 0 0 200 i
' '>
0.0.0.0 0 32768 i
0
,., 2.0.0.0 4.4.4.1 0 400 300 i

,., > 1.1.1.2 0 0200 i
' > 3.0.0.0
4.4.4.1 0 0400 i
'
0
-;': 1.1.1.2 0 200300i

,., 4.0.0.0 4.4.4.1 0 0400 i
''>
0.0.0.0 0 32768 i
0
' > 10.0.0.0

0.0.0.0 0 32768 i
'
0
,., 12.0.0.0/24 4.4.4.1 0 400 300 200 i

,., > 1.1.1.2 0 0200 i
,., 12.0.1.0/24 4.4.4.1 0 400300200i
,., > 1.1.1.2 0 0200 i
,., 12.0.2.0/24 4.4.4.1 0 400300200i
,., > 1.1.1.2 0 0200 i
,., 12.0.3.0/24 4.4.4.1 0 400300200i
,., > 1.1.1.2 0 0200 i
,., 20.0.0.0 4.4.4.1 0 400 300 200 i
,., > 1.1.1.2 0 0200 i
,., 30.0.0.0 4.4.4.1 0 400300i
,., > 1.1.1.2 0 200300i
,., 40.0.0.0 1.1.1.2 0 200300400i
,., > 4.4.4.1 0 0400 i
,., 172.16.0.0/24 4.4.4.1 0 400300200?
,., > 1.1.1.2 0 0 200?
,., 172.16.1.0/25 4.4.4.1 0 400 300 200?
,., > 1.1.1.2 0 0 200?
,., 172.16.2.0/26 4.4.4.1 0 400 300 200?
,., > 1.1.1.2 0 0 200?
Rl#sh ip bgp 172.16.3.0/27

Rl#sh ip bgp 172.16.4.0/28

Rl#sh ip bgp 172.16.5.0/29

Rl#sh ip bgp 172.16.6.0/30

AS-Path Filtering
► Several scenario s require BGP route filtering based on AS path.
, Announce on ly local route s to the I SP- AS path needs to be empty
0
Select route s based on a sp ecific AS number in the AS path
, Accept rout es for sp ecific AS on ly from so m e BGP neighbors
R2
► AS-pat h fil ter s use regular expressions AS200
IFQ/0
0 . 1 . 1 .1/ 8
R4 #sh ip bgp
BGP table version is 10, local router ID Is 14.0.3.1
Status codes: s suppressed. d damped. h history. * valid. > best. i - internal.
AS400
r RI8-failu re, S Stale
Origin codes: I - !GP. e • EGP. l • In comp lete

*> o.o.o.o 0 32768 i
• 10.0.0.0 3. 3.3.1 0 300 200 100 i
*> 4.4.4.2 0 0 100 i
• 20.0.0 .0 3.3 .3.1 0 300 200 i
*> 4.4.4.2 0100 200i
• 30.0 .0.0 4.4.4.2 0 100 200 300 i
*> 3.3.3.1 0 0 300 i
*> 40.0.0.0 0.0.0.0 0 32768 i
BGP Regular expressi ons

► Used for match based on AS-path information
► Ip as-path access-list
R4#sh ip bgp
BGP table version is 10, local router ID is 14.0.3 .1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

*> 0.0.0.0 0 32768 i
* 10.0.0.0 3.3.3.1 0 300 200 100 i
*> 4.4.4.2 0 0100 i
,, 20.0.0.0 3.3.3.1 0 300 200 i
'' > 4.4.4.2 0 100 200 i
* 30.0.0.0 4.4.4.2 0 100 200 300 i
'' > 3.3.3.1 0 0 300 i
*> 40.0.0.0 0.0.0.0 0 32768 i
..,
com
CHAR USAGE
Start of str i ng
$ End of string
[] Range of characters
Used to specify range ( i.e. [0-9])
() Logical group ing
Any single character
Zero or more instances
+ One or more instance
Zero or one instanc e
Comma, open or close brace, open or close

parentheses, start or
end of string, or space
ip as-path access-list 1 permit 31

100 31 i
200 300 500?
700 231 1 50 I
ip as-path access-list 1 permit 31121
100 131 i
200 300 500?
700 231 1 50 I
123 125 521
# show ip bgp regexp regular-expression

Displays all BGP routes with AS paths matching a regular expression
► A range of characters matches any single character in the range.
• Examp le s: [1234] or [1--4]
► Dot (.) matches any single character
ip as-path access-list 1 permit [1-3].[34]

100 131 i
200 300 500?
700231 150 I
123 125 521
100 131 i
200 300 34 ?
700 224 150 I
ip as-path access-list 1 permit "'21

100 131 i
21 31 41 ?
210 300 500?
211 700 231150 i
ip as-path access-list 1 permit 45$

100131 i
210 300 45 ?
700 231150 i
200 500 7 45 i
Matches any delimiter (beginning, end, white space, tab, comma)
ip as-path access-list 1 permit _100_
200 100 500?
700231100 i
500 2100 200 ?
100 200 300 i
Parentheses can be used to group smaller regular expressions into larger expressions.
ip as-path access-list 1 permit (10I20) _ 500

10 300 400 500 i
2 10 150 211 500 i
520 401 501 i
5 20 401 501 500i
Sample Regular Expressions
100 Going through AS 100

"'100$ Directly connected to AS 100
_100$ Originated in AS 100
"'100 Networks behind AS 100
"' [0-9]+$ AS paths one AS long
"'$ Networks originated in local AS
* Matches everything
String Matching? Repeating Operators
An atom is a single character or a grouping.

* Matches zero or more atoms
EX: _23l78)*_45_
Will match "23 45" or "23 78 45" OR "23 78 78 78 78 45".
? Matches zero or one atom

EX: _23l78)?_45_ Will match "23 45" OR "23 78 45".
+ Matches one or more atoms

EX : _23(_78)+_45 _ = Will match
"23 78 45" OR "23 78 78 78 78 78 78 45".
LAB AS-PATH filters using Regular expression
.
.. d'
. i>
·i) ·i)
,l
.
....
.
R2 N . <..
9
AS200
,
I. F0/0
F0/0
30.1.1.1/
j
r .0 1.1.1/ 8
AS300
TASK:
• Confgure EBGP & advertise all the connected interfaceas per the diagram






2.2.2.1 4 200 9 6 10 0 0 00:02:06 6
3.3.3.2 4 400 12 11 10 0 0 00:00:11 6


1.1.1.2 4 200 9 9 10 0 0 00:02:32 5
4.4.4.1 4 400 9 9 10 0 0 00:01:23 5
Rl#sh ip bgp

,., 1.0.0.0 1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
,., 2.0.0.0 4.4.4.1 0 400 300 i
'''> 1.1.1.2 0 0200 i
' > 3.0.0.0 4.4.4.1 0 0400 i
0
'
1.1.1.2 0 200300i
,., 4.0.0.0 4.4.4.1 0 0400 i
'''> 0.0.0.0 0 32768 i
'> 0.0.0.0 0 32768 i
0
'
10.0.0.0 1.1.1.2 0 0 200 i

'> 4.4.4.1 0 400 300 i
0
'
20.0.0.0 1.1.1.2 0 200 300 i

,., 30.0.0.0
'''>
'> 4.4.4.1 0 0400 i
0
'
40.0.0.0
TASK:
• Configure Rl to recieve/send all prefixes only from R2 ( deny from R4)
• Use AS-path Access-list
Rl#sh ip bgp
Network
-;':
1.0.0.0
1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
-;':
2.0.0.0 4.4.4.1 0 400 300 i
'''> 1.1.1.2 0 0200 i
' > 3.0.0.0 4.4.4.1 0 0400 i
0
'
-;':
1.1.1.2 0 200 300 i
-;':
4.0.0.0 4.4.4.1 0 0400 i
'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
' > 20.0.0.0 1.1.1.2 0 0 200 i

0
'
-;':
30.0.0.0 4.4.4.1 0 400 300 i
'''>
' > 40.0.0.0
'
1.1.1.2
4.4.4.1 0
0 200 300 i
0400 i
0
' >2.0.0.0 4.4.4.1 0 400 300 i

-;':
'
0
3.0.0.0 4.4.4.1 0 0400 i
-;':
4.0.0.0 4.4.4.1 0 0400 i
-;':30.0.0.0 4.4.4.1 0 400 300 i
' ' > 40.0.0.0
0
4.4.4.1 0 0400 i
R4#sh ip bgp

Path
Network Next Hop Metric LocPrf Weight
,., 1.0.0.03.3.3.1 2nd & 3rd floor,Opposite
0 300 to200banjara
i
NOA solutions, N.K Arcade, function hall,Banjarahills Road-no-
'''>
1 Hyderabad, INDIA. 4.4.4.2
' > 2.0.0.0
'
+91 40 65890380, 0+91 7036826345
0 100 i www. noasolutions. com Page 207
3.3.3.1 0 0 300 i
0
4.4.4.2 0 100 200 i

-;':
3.0.0.0 3.3.3.1 0 0 300 i
'''> 0.0.0.0 0 32768 i
' > 4.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
4.4.4.2 0 0100 i
-;':
10.0.0.0 3.3.3.1 0 300 200 100 i
'''> 4.4.4.2 0 0100 i
-;':
20.0.0.0 3.3.3.1 0 300 200 i
'''> 4.4.4.2 0100 200 i
' > 30.0.0.0 3.3.3.1 0 0 300 i
0
'
-;':
4.4.4.2 0 100 200 300 i
' ' > 40.0.0.0
0
0.0.0.0 0 32768 i
By default the prefixes learned from both the neighbors and advertised to both.
1. To filter all the Routes either we can use match ( all prefixes) using ACL or prefix-list and deny them
in/out
Or
2. We can also use AS-path Filtering more efficient and easy way to do ..
Rl(config)#ip as-path access-list?

<1-500> AS path access list number
Rl(config)#ip as-path access-list 1 deny?

LINE A regular-expression to match BGP AS paths. Use "ctrl-v ?" to enter"?"
Rl(config)#ip as-path access-list 1 deny .*

Rl (config-router)#neighbor 4.4.4.1 filter-list ?
<1-500> AS path access list
Rl (config-router)#neighbor 4.4.4.1 filter-list 1 ?

in Filter incoming routes
out Filter outgoing routes
Rl (config-router)#neighbor 4.4.4.1 filter-list 1 in

Rl (config-router)#neighbor 4.4.4.1 filter-list 1 out

Rl#sh ip bgp
Network 3 0
,., 1.0.0.0 . '' > 4.0.0.0
0
'''> 0
' '>
0
.
2.0.0.0 0
' '>
0
.
Next Hop 1.1.1.2 M
0.0.0.0 e
1.1.1.2 t
1.1.1.2 r
0.0.0.0 i
c
L
o
c
P
r
f
W
e
i
g
h
t
P
a
t
h
2
0
0
i
0
32768 i
0
0 200
i
0
2
0
0
3
0
0
i
0
32768
i
'>
0
'
0.0.0.0 0 32768 i
10.0.0.0 1.1.1.2 0 0 200 i
'>
0
'
1.1.1.2 0 200 300 i
20.0.0.0
'>
0
'
30.0.0.0
Rl#sh ip bgp neighbors 4.4.4.1 advertised-routes

R4#sh ip bgp

' > 1.0.0.0
0
'
3.3.3.1 0 300 200 i
' > 2.0.0.0
0
'
3.3.3.1 0 0 300 i
,., 3.0.0.0
3.3.3.1 0 0 300 i
'''> 0.0.0.0 0 32768 i
' > 4.0.0.0
0
'
0.0.0.0 0 32768 i
'>
0
'
3.3.3.1 0 300 200 100 i
10.0.0.0 3.3.3.1 0 300 200 i
'>
0
'
3.3.3.1 0 0 300 i
20.0.0.0 0.0.0.0 0 32768 i
'>
0
'
30.0.0.0
'>
0
'
40.0.0.0
TASK:
• Configure Rl to block all the prefixes originating from AS 300
Rl#sh ip bgp
Network
'
0
Next Hop 1.1.1.2

,., 1.0.0.0 ' 0.0.0.0
'''> 1.1.1.2 0 0 200 i
' > 2.0.0.0 >
0
'
1.1.1.2 0 200 300 i
' > 3.0.0.0
0
'
0.0.0.0 0 32768 i
' ' > 4.0.0.0
0
0.0.0.0 4 0 32768 i
'>
0
0
'
1.1.1.2 0 0 200 i
10.0.0.0 .
1.1.1.2 0 200 300 i
'>
0
0
'
1.1.1.2 0 200 300 400 i
20.0.0.0 .
' '>
0
0
30.0.0.0 .
0
M t ic LocPrf Weight Path 0 0
e r 200 i
0 32768 i
Rl#sh ip bgp regexp?

LINE A regular-expression to match BGP AS paths. Use "ctrl-v ?" to enter"?"
Rl#sh ip bgp regexp _300$

' > 3.0.0.0
0
'
1.1.1.2 0 200 300 i
'> 1.1.1.2 0 200 300 i
0
'
30.0.0.0
Rl(config)#ip as-path access-list 10 deny _300$

Rl(config)#ip as-path access-list 10 permit *
Rl#sh ip as-path-access-list 10
AS path access list 10
deny -300$
permit_,.,

Rl#sh ip bgp

' > 1.0.0.0
0
'
0.0.0.0 0 32768 i
1.1.1.2 0 0 200 i
' > 2.0.0.0
0
'
1.1.1.2 0 0 200 i
' > 4.0.0.0
0
'
0.0.0.0 0 32768 i
'>
0
'
0.0.0.0 0 32768 i
10.0.0.0 1.1.1.2 0 0 200 i
'>
0
'
1.1.1.2 0 200 300 400 i

20.0.0.0
'>
0
'
40.0.0.0

Rl#
TASK: Remove the As-path filter configured in the previous task
Rl(config)#no ip as-path access-list 10

Rl(config-router)#no neighbor 1.1.1.2 filter-list 10 in

' > 3.0.0.0
0
'
1.1.1.2 0 200 300 i
'>
0
'
1.1.1.2 0 200 300 i
30.0.0.0
TASK: Configure Rl to filter routes learned & originating from neighbor AS-200
Rl#sh ip bgp

,., 1.0.0.0 1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
'> 2.0.0.0 1.1.1.2 0 0 200 i
0
'
'> 3.0.0.0 1.1.1.2 0 200 300 i

0
'
'> 4.0.0.0 0.0.0.0 0 32768 i

0
'
'> 10.0.0.0 0.0.0.0 0 32768 i

0
'
'> 20.0.0.0 1.1.1.2 0 0 200 i

0
'
'> 30.0.0.0 1.1.1.2 0 200 300 i

0
'
' '>
0
40.0.0.0 1.1.1.2 0 200 300 400 i
Rl#sh ip bgp regexp "'- 200$


,., 1.0.0.0
1.1.1.2 0 0 200 i
' > 2.0.0.0
0
'
'> 1.1.1.2 0 0 200 i

0
'
20.0.0.0 1.1.1.2 0 0 200 i
Rl(config)#ip as-path access-list 20 deny "'- 200$ ?

LINE <er>
Rl(config)#ip as-path access-list 20 deny "'- 200$

Rl(config)#ip as-path access-list 20 permit *


Rl#sh ip bgp

' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
' > 3.0.0.0 1.1.1.2 0 200 300 i

0
'
' > 4.0.0.0 0.0.0.0 0 32768 i

0
'
' > 10.0.0.0 0.0.0.0 0 32768 i

0
'
' > 30.0.0.0 1.1.1.2 0 200 300 i

0
'
' > 40.0.0.0 1.1.1.2 0 200 300 400 i

0
'
TASK: Remove the previous As-path filter in the previous task.


Rl(config)#end

Rl#sh ip bgp

,., 1.0.0.0 1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
''>
0
2.0.0.0 1.1.1.2 0 0 200 i

'> 3.0.0.0 1.1.1.2 0 200 300 i
0
'
'> 4.0.0.0 0.0.0.0 0 32768 i

0
'
'> 10.0.0.0 0.0.0.0 0 32768 i

0
'
'> 20.0.0.0 1.1.1.2 0 0 200 i

0
'
'> 30.0.0.0 1.1.1.2 0 200 300 i

0
'
' '>
0
40.0.0.0 1.1.1.2 0 200 300 400 i


,., 1.0.0.0
1.1.1.2 0 0 200 i
' > 2.0.0.0
0
'
1.1.1.2 0 0 200 i
'>
0
'
1.1.1.2 0 0 200 i
20.0.0.0
TASK: Configure Rl to deny all the routes moving through AS 300

Rl#sh ip bgp

,., 1.0.0.0
1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0
0
'
1.1.1.2 0 0 200 i
' > 3.0.0.0
0
'
1.1.1.2 0 200 300 i
' > 4.0.0.0
0
'
0.0.0.0 0 32768 i
'>
0
'
0.0.0.0 0 32768 i
10.0.0.0 1.1.1.2 0 0 200 i
'>
0
'
1.1.1.2 0 200 300 i
20.0.0.0 1.1.1.2 0 200 300 400 i
'>
0
'
30.0.0.0
'>
0
'
40.0.0.0
Rl#sh ip bgp regexp _300_


' > 3.0.0.0
0
'
'>
0
'
30.0.0.0 1.1.1.2 0 200 300 i

'> 1.1.1.2 0 200 300 i
0
'
40.0.0.0 1.1.1.2 0 200 300 400 i
Rl#sh ip as-path-access-list
AS path access list 1 deny_,.,
Rl(config)#ip as-path access-list 30 deny 300

Rl(config)#ip as-path access-list 30 permit
*
Rl#sh ip as-path-access-list 30
AS path access list 30
deny _300_
permit_,.,

Rl#sh ip bgp regexp

_300_
Rl#sh ip bgp

,., 1.0.0.0
1.1.1.2 200 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0
0
'
1.1.1.2 0 0 200 i
' > 4.0.0.0
0
'
0.0.0.0 0 32768 i
'>
0
'
0.0.0.0 0 32768 i
10.0.0.0 1.1.1.2 0 0 200 i
'>
0
'
20.0.0.0


Rl#sh ip bgp

,., 1.0.0.0 1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
'> 2.0.0.0
1.1.1.2 0 0 200 i
'
0
'> 3.0.0.0
1.1.1.2 0 200 300 i
'
0
'> 4.0.0.0
0.0.0.0 0 32768 i
'
0
'> 10.0.0.0
0.0.0.0 0 32768 i
'
0
'> 20.0.0.0
1.1.1.2 0 0 200 i
'
0
'> 30.0.0.0
1.1.1.2 0 200 300 i
'
0
'> 40.0.0.0
1.1.1.2 0 200 300 400 i
'
0
TASK:
Configure R2 such that it should not advertise prefixes originating in its own local AS to its neighbor (R3)
R2#sh ip bgp

,., 1.0.0.0 1.1.1.1 0 0 100 i
'''> 0.0.0.0 0 32768 i
,., 2.0.0.0 2.2.2.2 0 0 300 i
'''> 0.0.0.0 0 32768 i
'> 2.2.2.2 0 0 300 i
0
'
3.0.0.0 1.1.1.1 0 0100 i

'>
0
'
4.0.0.0
-;':
2.2.2.2 0 300 400 i
' > 10.0.0.0 1.1.1.1 0 0100 i
0
'
-;': 2.2.2.2 0 300 400 100 i

' > 20.0.0.0 0.0.0.0 0 32768 i
0
'
' > 30.0.0.0 2.2.2.2 0 0 300 i

0
'
'
0
' > 40.0.0.0 2.2.2.2 0 300 400 i
R2#sh ip bgp regexp "'- $


' > 1.0.0.0
0
'
0.0.0.0 0 32768 i
' > 2.0.0.0
0
'
0.0.0.0 0 32768 i
'>
0
'
0.0.0.0 0 32768 i
20.0.0.0


' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
' ' > 2.0.0.0

0
0.0.0.0 0 32768 i
'> 3.0.0.0 2.2.2.2 0 0 300 i
0
'
'> 4.0.0.0 1.1.1.1 0 0100 i

0
'
'
0
'> 10.0.0.0 1.1.1.1 0 0100 i

'
0
'> 20.0.0.0 0.0.0.0 0 32768 i

'> 30.0.0.0 2.2.2.2 0 0 300 i
0
'
'> 40.0.0.0 2.2.2.2 0 300 400 i

0
'
R2(config)# ip as-path access-list 40 deny "'- $

R2(config)#ip as-path access-list 40 permit *

R2 (config-router)#neighbor 2.2.2.2 filter-list 40 out



' > 4.0.0.0
0
'
1.1.1.1 0 0100 i
'>
0
'
1.1.1.1 0 0100 i
10.0.0.0
R3#sh ip bgp

' > 2.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
3.0.0.0 3.3.3.2 0 0400 i
'''> 0.0.0.0 0 32768 i
-;':
4.0.0.0 2.2.2.1 0200100 i
'''> 3.3.3.2 0 0400 i
' > 10.0.0.0 2.2.2.1 0 200 100 i
0
'
' > 30.0.0.0 0.0.0.0 0 32768 i

0
'
'
0
' > 40.0.0.0 3.3.3.2 0 0400 i

R2(config-router)#no neighbor 2.2.2.2 filter-list 40 out
R2(config)#no ip as-path access-list 40

R2(config)#do clear ip bgp * soft


' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
' > 2.0.0.0 0.0.0.0 0 32768 i

0
'
' > 3.0.0.0 2.2.2.2 0 0 300 i

0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > 30.0.0.0 2.2.2.2 0 0 300 i

0
'
' > 40.0.0.0 2.2.2.2 0 300 400 i

0
'
TASK: Configure Rl to block all the prefixes originating in AS 400 moving through AS 300
Rl#sh ip bgp


' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
-;': 1.1.1.2 0 0 200 i

'> 2.0.0.0 1.1.1.2 0 0200 i
0
'
'> 3.0.0.0 1.1.1.2 0 200 300 i

0
'
'> 4.0.0.0 0.0.0.0 0 32768 i

0
'
'> 10.0.0.0 0.0.0.0 0 32768 i

0
'
'
0
'> 20.0.0.0 1.1.1.2 0 0 200 i

'> 30.0.0.0 1.1.1.2 0 200 300 i
0
'
'
0
'> 40.0.0.0 1.1.1.2 0 200 300 400 i
Rl#sh ip bgp regexp _300_400$


'> 1.1.1.2 0 200 300 400 i
0
'
40.0.0.0
Rl(config)#ip as-path access-list 50 deny _300_400$

Rl(config)#ip as-path access-list 50 permit •*


Rl#sh ip bgp regexp _300_400$
Rl#sh ip bgp

' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
-;': 1.1.1.2 0 0 200 i

'> 2.0.0.0 1.1.1.2 0 0200 i
0
'
'> 3.0.0.0 1.1.1.2 0 200 300 i

0
'
'> 4.0.0.0 0.0.0.0 0 32768 i

0
'
'> 10.0.0.0 0.0.0.0 0 32768 i

0
'
'> 20.0.0.0 1.1.1.2 0 0 200 i

0
'
'
0
'> 30.0.0.0 1.1.1.2 0 200 300 i
BGP Communities
Well-Known , user-Defined
BGP Communities
loopbackO
► The community attribute is a 192 .168 ,6 .0 / 24
transitive optional attribute .
► Communities can be used to mark a
set of prefixes that share a common
property .
► Any BGP router can tag routes in

incoming and outgoing routing
updates or when doing 30 . 1 . 1 .
1/8
redistribution.
► Any BGP router can filter routes in

incoming or outgoing updates or
select preferred routes based on
communities.
► By default, communities are stripped

in outgoing BGP updates.
RS
com
BGP community types
Well known (pre-defined)
► Own communities loopback O
192 .
168 .6 .0/24
loopbacll: O
13.0.0.1/24
AS 123
loopback O
11.0.0.1/24
RS
Predefined Well Known Communities
no-export : toopback 0
19'2. 168.6 .0/ 24
Do not advertise to EBGP peers,
keep this route within an AS only.
no-advertise :
Do not advertise this route to any
R2
peer, internal or external.
. . .. .
Internet:
loopback o
Ad vertise this route to the internet loopbacll: 0 13.0.0.1/24
community, 11.0.0.1/24
any router belongs to this

.
AS
,,,
$
,.,,
123
community.
.
.
local-as:
!
use in confederation scenarios
prevent the transmit of packets
outside the local Sub AS.
RS
com
TASK: Community no-advert ise
• R5 advertises network 192.168.5.0/24 to Rl in AS 123 .
• Configure R5 such that Rl should not advertise the same above network (192.168.5.0/24) to any of the IBGP
or EBGP neighbor.
RS(config)#access-list 5 permit 192.168.5.0 0.0.0 .255 oopback 0

192 . 168 .6 .0/24
RS(config)#route-map COMM permit 10

RS(config-route-map)#match ip address 5
RS(config-route-map)#set community no-advertise
RS(config-ro ute -map)#exit

R2
....
RS(config-ro ute -map)#exit
, 30 .1. 1.1/8
RS(config)#router bgp 500 AS 123 loopbackO - ,.)
RS(config-router)#neighbor 10.1.1.1 route-map COMM out 13.0.0.1/24
$$
..,.
,,.,..,.
.
RS (config )# ro uter bgp 500 R5
RS (config-router)#neighbor 10.1.1.1 send-community
Rl#sh ip bgp 192 .168.5.0

BGP routing table entry for 19 2.168.5.0/ 24. versio n 17
Paths: (1 availab le. best #1, tab le Default-IP-Routing-Table, not advertised to any peer)
Flag: 0x880
Not advertised to any peer loopback O
500 192 .
168 .6 .0/24
10.1.1.5 from 10.1.1.5 (192. 168.5.5)
Origin IGP. metric 0, localpref 100, valid, externa l. best
Co mmun ity: no-advertise
R2
R2#sh ip bgp 192.168.5 .0

% Network not in tab le loopbuk 0
AS 123
11.0.0.1/24
R4#sh ip bgp 192.168.5.0

% Network not in tab le
R5
TASK: using NO EXPORT well known Community Attribute:
• By default R6 advertises 192.168.6.0/2 4 to R3 and then R2/R4 and so on

• configure R6 such that the prefix 192.168.6.0/24 should get advertised to R3 and then R3 should
only advertise the same route (192.168.6.0/2 4 ) only to IBGP routers ( not advertised to EBGP
peers) ;
-::
30 . 1. 1.1/1
loopback 0
R6(co n fig)# access-li st 6 permit 192.168.6.0 0.0 .0.255 11.0.0.1/24
AS 123
R6(config)#route-map COM6 permit 10

R6(config-route-map)#match ip address 6
R6(con fig-route -map)# set community no-export
R6(config-route -map )#e xit

R6(config-route-map)# exit

"
"
R6(config-router)#neighbor 30.1.1.1 route-map COM6 out
R6(config-router)#neighbor 30.1.1.1 send-community
R3#sh ip bgp 192.168.6.0

BGP routing table entry for 192.168.6 .0/24 . version 1069
Paths: (1 ava il able. best #1, table Default-IP-Routing-Table. not adve rt ised to EBGP peer)
Flag: 0x880
Adv erti sed to updat e-groups:
1 loopbllclr. 0
600 192 .
168 .6 .0/24
30.1.1.6 from 30.1.1.6 (192.168.6.6)
Origin \GP. metric 0, localpref 100. valid, extern,
Communi : no-ex
()
loopback 0
ll.0.0.1/24 30 . 1. 1.
1/8
AS 123
R5
com
com
LAB: COMMUITIES WELL KNOWN
,,,,.
,,,.. '--
---
I \
(
' loopback 0
\ 11.0.0.1/24
AS123
,,,.- -
-
/Assoo
'
loopbaci 0
92.16sls .0124
'
I
I
TASK:
• Configure Basic IBGP and EBGP configuration as per the diagram
• Advertise all the interfaces in BGP

RS(config-router)#no synchronization
RS(config-router)#neighbor 10.1.1.1 remote-as 123
RS(config-router)#network 192.168.5.0 mask 255.255.255.0

Rl (config-router)#neighbor 1.1.1.2 remote-as 123





Rl(config-router)#neighbor 2.2.2.2 next-hop-self


1.1.1.2 4 123 9 11 15 0 0 00:04:35 3
2.2.2.2 4 123 15 10 15 0 0 00:03:06 6
4.4.4.1 4 400 10 10 15 0 0 00:01:38 3
10.1.1.5 4 500 13 20 15 0 0 00:09:05 2
Rl#sh ip bgp

,., il.0.0.0 1.1.1.2 0 100 0i
'''> 0.0.0.0 0 32768 i
,., i2.0.0.0 2.2.2.2 0 100 0i
'''>i 1.1.1.2 0 100 0i
-;':
3.0.0.0 4.4.4.1 0 0400 i
'''>i 2.2.2.2 0 100 0i
-;':
4.0.0.0 4.4.4.1 0 0400 i
'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
10.1.1.5 0 0 500 i
' > 11.0.0.0/24 0.0.0.0 0 32
0
'
' > i13.0.0.0/ 24 2.2.2.2 0 100 0i

0
'
' > i20.0.0.0 1.1.1.2 0 100 0i

0
'
' > i30.0.0.0 2.2.2.2 0 100 0i

0
'
,., i40.0.0.0 2.2.2.2 0 100 0400 i

'''> 4.4.4.1 0 0400 i
' > 192.168.5.0 10.1.1.5 0 0 500 i
0
'
' > i19 2.168.6.0 2.2.2.2 0 100 0 600 i

0
'
Rl#


1.1.1.1 4 123 14 26 79 0 0 00:04:41 6
2.2.2.1 4 123 10 26 79 0 0 00:05:28 3
3.3.3.2 4 400 12 20 69 0 0 00:03:11 3
30.1.1.6 4 600 9 25 69 0 0 00:04:28 2
R3#sh ip bgp

' > il. 0.0.0 1.1.1.1 0 100 0i
0
'
,.,i 2.2.2.1 0 100 0i

' > 2.0.0.0 0.0.0.0 0 32768 i
0
'
,.,i 2.2.2.1 0 100 0i

-;':
3.0.0.0 3.3.3.2 0 0400 i
'''> 0.0.0.0 0 32768 i
-;':
4.0.0.0 3.3.3.2 0 0400 i
'''>i 1.1.1.1 0 100 0i
' > il0 .0.0.0 1.1.1.1 0 100 0i
0
'
' > i11.0.0.0/ 24 1.1.1.1 0 100 0i

0
'
' > 13.0.0.0/24 0.0.0.0 0 32768 i

0
'
' > i20.0.0.0 2.2.2.1 0 100 0i

0
'
' > 30.0.0.0 0.0.0.0 0 32768 i

0
'
-;':
30.1.1.6 0 0 600 i
,., i40.0.0.0 1.1.1.1 0 100 0400 i
'''> 3.3.3.2 0 0400 i
' > i19 2.168.5.0 1.1.1.1 0 100 0500 i
0
'
' > 192.168.6.0 30.1.1.6 0 0 600 i

0
'
TASK: Community no-advertise

• RS advertises network 192.168.5.0/24 to Rl in AS 123.
• Configure RS such that Rl should not advertise the same above network (192.168.5.0/24) to any of the IBGP
or EBGP neighbor.
R2#sh ip bgp 192.168.5.0

500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
R3#sh ip bgp 192.168.5.0
Flag: 0x820
500
1.1.1.1 (inaccessible) from 1.1.1.1 (11.0.3.1)
RS(config)#access-list 5 permit 192.168.5.0 0.0.0.255

RS(config-route-map)#set community?
<1-4294967295> community number
aa:nn community number in aa:nn format
additive Add to the existing community
internet Internet (well-known community)
local-AS Do not send outside local AS (well-known community)
no-advertise Do not advertise to any peer (well-known community)
no-export Do not export to next AS (well-known community)
none No community attribute
<er>
RS(config)#access-list 5 permit 192.168.5.0 0.0.0.255

RS(config-route-map)#set community no-advertise
RS(config-route-map)#exit

RS(config-route-map)#exit

RS(config-router)#neighbor 10.1.1.1 route-map COMM out
Rl#sh ip bgp 192.168.5.0

1 2
500
10.1.1.5 from 10.1.1.5 (192.168.5.5)
• Community value is not applied on Rl

• RS must use the neighbor send-community BGP subcommand, which tells BGP to include the COMMUNllY
PA in the Update.
• Without that command, the Update does not even include the COMMUNllY PA.
RS(config-router)#neighbor 10.1.1.1 send-community
Rl#sh ip bgp 192.168.5.0

Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to any peer)
Flag: 0x880
500
10.1.1.5 from 10.1.1.5 (192.168.5.5)
Community: no-advertise
R2#sh ip bgp 192.168.5.0

R4#sh ip bgp 192.168.5.0

TASK:
• Remove the Community configs from RS and reconfigure the same task on Rl
RS(config)#no route-map COMM

RS(config)#no access-list 5
RS(config)#end
Rl(config)#route-map COMM permit 10

Rl(config-route-map)# set community no-advertise
Rl(config-route-map)#route-map COMM permit 20

Rl (config-route-map)#!exit

Rl(config-router)#neighbor 10.1.1.5 route-map COMM in
Rl#sh ip bgp 192.168.5.0

Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to any peer)
500
10.1.1.5 from 10.1.1.5 (192.168.5.5)
Community: no-advertise
R2#sh ip bgp 192.168.5.0

% Network not in tabl
R3#sh ip bgp 192.168.5.0

R4#sh ip bgp 192.168.5.0

R3#sh ip bgp 192.168.5.0

TASK: using NO EXPORT well known Community Attribute:
• By default R6 advertises 192.168.6.0/24 to R3 and then R2/R4 and so on

• configure R6 such that the prefix 192.168.6.0/24 should get advertised to R3 and then R3 should only
advertise the same route (192.168.6.0/24 ) only to IBGP routers ( not advertised to EBGP peers)
R3#sh ip bgp 192.168.6.0

1
600
30.1.1.6 from 30.1.1.6 (192.168.6.6)
R4#sh ip bgp 192.168.6.0

1
123 600
4.4.4.2 from 4.4.4.2 (11.0.3.1)
Rl#sh ip bgp 192.168.6.0

1
600
30.1.1.6 from 2.2.2.2 (13.0.3.1)

R6(config-route-map)#set community no-export


R6(config-router)#neighbor 30.1.1.1 route-map COM6 out
R3#sh ip bgp 192.168.6.0

Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to EBGP peer)
Flag: 0x880
1
600
30.1.1.6 from 30.1.1.6 (192.168.6.6)
Communi : no-ex12on
R4#sh ip bgp 192.168.6.0

1
123 600
3.3.3.1 from 3.3.3.1 (13.0.3.1)
123 600
4 4.4.2 from 4.4.4.2 11.0.3.1)
By default the route is learned from both sides ( R3 & Rl)

Community value is not applied to 192.168.6.0 /24 from R3 that the reason the route from R3 is still getting
advertised to EBGP (R4) To apply community no export towards R3 - R4

R3(config-router)# neighbor 3.3.3.2 send-community

R4#sh ip bgp 192.168.6.0
1
123 600
;4.4 .4 .2 from 4.4.4.2 11.0.3.1
• Now the route is learned from only one side ( Rl)

• Shutdown the link between Rl and R4 to verify
R4(config)#int sl/1
R4(config-if)#shutdown
R4(config)#end
R4#sh ip bgp 192.168.6.0

% Network not in tabl
R4#
R4(config)#int sl/1
R4(config-if)#no shutdown
R4(config-if)#end
R4#sh ip bgp 192.168.6.0

Flag: 0x820
123 600
tl-.4.4.2 from 4.4.4.2 (11.0.3.1)
R2#sh ip bgp 192.168.6.0

Flag: 0x820
600
30.1.1.6 from 2.2.2.2 (13.0.3.1)
TASK:
• Remove the previous task configurations from R6 and R3
• Reconfigure the same using no-export attribute on R3

R6(config-router)#no neighbor 30.1.1.1 route-map COM6 out
R6(config-router)#no neighbor 30.1.1.1 send-community
R6(config)#no route-map COM6
R6(config)#no access-list 6
R6(config)#end

R4#sh ip bgp 192.168.6.0

Flag: 0x820
1
123 600
3.3.3.1 from 3.3.3.1 13.0.3.1)
123 600
;4.4 .4 .2 from 4.4.4.2 11.0.3.1
• By default the route is learned from both sides ( R3 & Rl)
R3#sh ip bgp 192.168.6.0

1 3 4
600
30.1.1.6 from 30.1.1.6 192.168.6.6)

R3(config-route-map)#set community no-export


R3(config-router)#neighbor 30.1.1.6 route-map COM36 in

R3#sh ip bgp 192.168.6.0
Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to EBGP peer)
1 4
600
30.1.1.6 from 30.1.1.6 (192.168.6.6)
Communit : no-ex or
R2#sh ip bgp 192.168.6.0

Flag: 0x820
600
30.1.1.6 from 2.2.2.2 (13.0.3.1)


R4#sh ip bgp

-;':
1.0.0.0 3.3.3.1 0 123 i
'''> 4.4.4.2 0 0 123 i
-;':
2.0.0.0 3.3.3.1 0 0123 i
'''> 4.4.4.2 0123 i
-;':
3.0.0.0 4.4.4.2 0 123 i
-;':
3.3.3.1 0 0123 i
'''> 0.0.0.0 0 32768 i
-;':
4.0.0.0 3.3.3.1 0 123 i
-;':
4.4.4.2 0 0123 i
'''> 0.0.0.0 0 32768 i
-;':
10.0.0.0 3.3.3.1 0123 i
'''> 4.4.4.2 0 0 123 i
-;':
11.0.0.0/24 3.3.3.1 0123 i
'''> 4.4.4.2 0 0 123 i
-;':
13.0.0.0/24 4.4.4.2 0123 i
'''> 3.3.3.1 0 0123 i
-;':
20.0.0.0 3.3.3.1 0123 i
'''> 4.4.4.2 0123 i
-;':
30.0.0.0 4.4.4.2 0123 i
'''> 3.3.3.1 0 0123 i
' > 40.0.0.0 0.0.0.0
0 32768 i
' 0
*> 192.168.6.0 4.4.4.2 0123 600 i
R4#sh ip bgp 192.168.6.0

Flag: 0x820
1
123 600
tl-.4.4.2 from 4.4.4.2 (11.0.3.1)
Now the route is learned from only one side ( Rl) Shutdown the link between Rl and R4 to verify
R4(config)#int sl/1
R4(config-if)#end
R4#sh ip bgp 192.168.6.0

R4(config)#int sl/1
R4(config-if)#end
R4#sh ip bgp 192.168.6.0

Flag: 0x820
1
123 600
4.4.4.2 from 4.4.4.2 (11.0.3.1)
TASK: Remove the configs done in the previous task from R3

R3(config-router)#no neighbor 30.1.1.6 route-map COM36 in
R3(config)#no route-map COM36

R3(config)#no access-list 36
R3(config)#end
R4#sh ip bgp 192.168.6.0

Flag: 0x820
1
123 600
3.3.3.1 from 3.3.3.1 13.0.3.1
123 600
4.4.4.2 from 4.4.4.2 (11.0.3.1)
TASK: using Local-AS
• Configure Rl to advertise 11.0.0.0/24 only to all the routes with in the same AS (123).
Rl(config)#route-map COM11 permit 10

R1(config-route-map)#set community local-AS
Rl(config)#route-map COM11 permit 20


Rl(config-router)#no network 11.0.0.0 mask 255.255.255.0
Rl(config-router)#network 11.0.0.0 mask 255.255.255.0 route-map COM11
Rl(config-router)#neighbor 1.1.1.2 send-community

R2#sh ip bgp 11.0.0.0

Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised outside local AS)
Local
1.1.1.1 from 1.1.1.1 (11.0.3.1)
Community: lo cal-AS!

Rl (config-router)#neighbor 2.2.2.2 send-community
R3#sh ip bgp 11.0.0.0

Flag: 0x820
Local
1.1.1.1 (inaccessible) from 1.1.1.1 (11.0.3.1)
Communit : lo cal-AS!
R4#sh ip bgp 11.0.0.0

R6#sh ip bgp 11.0.0.0

R5#sh ip bgp 11.0.0.0

TASK : Remove the configs done in the previos task .

Rl(config-router)#no network 11.0.0.0 mask 255.255.255.0 route-map COM11
Rl(config-router)# network 11.0.0.0 mask 255.255.255.0
Rl(config-router)#no neighbor 1.1.1.2 send-community
Rl(config-router)#no neighbor 2.2.2.2 send-community
Rl(config)#no route-map COM11

Rl(config)#end

R4#sh ip bgp 11.0.0.0
Flag: 0x820
1
123
tl-.4.4.2 from 4.4.4.2 (11.0.3.1)
R6#sh ip bgp 11.0.0.0

Flag: 0x820
123
0.1.1.1 from 30.1.1.1 13.0.3.1)
User-defined communities
Its value is a 32-bit number (range 0 to
4,294,967.200) .
Each network in a BGP routing table can be
...
tagged with a set of communities.
A 32-bit community value is split into two parts:
Cisco 10S parser allows you to specify a 32-bit

community value as:
OSPF area 0
4 •
, [A S- numb er] : [low-o rder-16-bit s]
High-order 16 bits
AS600
, contain the AS number of the AS that defines the
community meaning.
Low-order 16 bits
e
0
lo cal si gnificance.
, Value s of all zeroes and all ones in high-order 16 bits

are reserved.
TASK:
• configure Rl to tag 11.0.0.0/24,11.0.1.0/24 ( looopback 0 & 1) interfaces with community tag 500:10
• configure Rl to tag 11.0 .2.0/2 4,1 1.0.3.0/2 4 ( looopback 2 & 3) interfaces with community tag 500:20 NfTW 0R
• Ensure that Rl should advertise loopbacks to both EBGP neighbors with their respective community.
Rl( co nfig)#access-list 11 permit 11.0 .0 .0 0 .0 .0 .255

Rl (config)#access- list 11 permit 11.0.1.0 0.0.0.255
Rl (co nfig)#access-list 22 permit 11.0.2.0 0 .0.0.255

Rl (co nfig)#access-list 22 permit 11.0.3.0 0.0.0.255
Rl (config)#route-map CCIE permit 10

Rl (confi g-route-map)# match ip address 11
r 1 o.1.1.1,.
Rl( confi g-route-map)# set community 500:10
AS 500
R1(confi g-route-map)#exit
Rl (con fi g)#rou te-map CCIE perm it 20

Rl (con fi g-route-map)# match ip address 22
Rl (confi g-route-map)# set community 500:20
R1(confi g-route-map)#exit
Rl (config)#router bgp 500

Rl (con fi g-router)# neighbor 1.1.1.2 route-map CCIE out
R1(confi g-ro uter)# neighbor1.1.1.2 send-community
R1(con fi g-router)# neighbor 4.4.4.1 route-map CCIE out

R1(con fi g-router)# neighbor 4.4.4.1 send-community
R2# sh ip bg p 11.0.0.0/ 24
BGP rout ing tab le entry for 11.0 .0 .0 / 24, versi on 20
Path s: (2 available, best #2. table Default -IP-Routing-Table)
Flag: 0x880
Advertised to update-group s: R2 (config) #lp bgp-community new-format
2
500
4.4.4.2 (metric 129) from 14.0 .0. 1 (14.0 .3.1)
Or igin IGP. m etric 0, lo calpref 100, va lid , int ernal
500
1.1.1.1 from 1.1.1.1 (11.0.3 .1)
Or igin IGP. metric 0, localpref 100 , v alid , external, best
Community: 32768010
11.0.2.1/24
11.0.3.1/24
R2#sh ip bgp 11.0.0.0/24

BGP ro uting tab le entry fo r 11.0 .0 .0/ 24. versi on 20
r -
lw
Paths: (2 avai lable. best #2, tabl e Default -IP-Rout ing-Table) 01.1.1/
Flag: 0x880
Adverti sed to update-group s:
a
,o
ASSOO
RI
2
500
4.4.4.2 (metric 129) from 14.0 .0 .1 (14 .0.3 .1)
Or igin IGP. m etric 0 . l ocalpr ef 100. valid. interna l
e
0
500
1.1.1.1 from 1.1.1.1 (11.0. 3.1)
Or igin IGP. metric 0 . l ocalpre f 100 . v alid . exte rnal. best
Community: 500:10
TASK:
• Configure AS 600 to ensure that routes with
• community tag 500:10 uses R2 as default ex i·
• community tag 500:20 uses R4 as default exi
• Use local preference attribute.
11.0.2.1/24
11.0.3.1/24
R2(co n fig ) #ip community-list 10 permit 500
:10 R2( config)#route-map CCIER2 permit 10

AS 500
R2(co n fig -route -map) #match community 10
R2(co n fig-route -map) #set local-preference200
R2 (con fig -route -map)# exit
R2(co nfig)#route-map CCIER2 permit 20

R2 (con fig-route -map)#exit
R2(co nfig)#router bgp 600

R2(co n fig-router)# neigh bo r 1.1.1.1 route-map CCIER2 in
R2# sh ip bgp
BGP table version i s 24. local rout er ID is 12.0.3.1
St atu s codes: s supp r essed. d damped. h histo ry. • valid. > best. i - internal.
r RIB-failure. S St ale
Origin codes: i - IGP. e - EGP. ? - inco mplete
Networ k Ne xt Hop Metric LocPrf Weight Path

*> 1.0.0.0 0.0.0.0 0 32768 i
* i2.0.0.0 13.0.0.1 0 100 0i
R2#sh i p bgp 11.0.1.0/ 24
*> 0.0.0.0 0 32768 i
BGP ro uting table entry for 11.0.1.0/ 24. versi on 23
r i3.0.0.0 14.0.0.1 0 100 0i Path s: (1 avai lable. best #1, table Default-IP-Routing- Table)
r>i 13.0.0.1 0 100 0i
Fla g: 0x800
* > i4 14.0.0 .1 0 100 0i Advert ised to update-groups:
.0.0.0
*> 11. 0 .0 . 0/ 1.1.1.1 0 200 0 500 i
2
24 1.1.1.1 0 200 0 500 i 500
*> 11.0.1.0/24
1.1.1.1 from 1.1.1.1 (11.0.3.1)
Origin IGP. metric 0. lo calpr ef 200, valid . external, best
Community: 500:10
R2#sh ip bgp 11. 0 . 2.0/24

BGP ro uting table entry for 11.0 .2.0/24. version 18
Paths: (2 avai lable. best #2. table Default-IP-Routing-Table)
Adve rtised to update-groups:
2
500
4.4.4.2 (metric 129) from 14.0 .0.1 (14.0.3.1)
Origin IGP, metric 0. localpref 100, valid , inte rnal
500
1.1.1.1 from 1.1.1.1 (11.0. 3.1)
Origin IGP. metric 0. localpref 100. valid . exte rnal. best
Community: 500:20
R4(c onfi g)#ip community-list standard CCIER4 permit 500:20
R4(c onfig)# route -map CCIER4 pennit 10

R4(con fig-route -map)# mat ch community CCIER4
R4( config-route-map)#set local-preference 250
R4(c onfi g-route-map)# exit
R4(c onfi g)# router bgp 600

R4( config-router)# neighbor 4.4.4.2 route-mapCCIER4 in
R4(c onfig -router)# end
R4#sh ip bgp
BGP tab le version is 33, local router ID is 14.0 .3.1
St atus codes: s su pp ressed. d damped . h history . • v alid. > best. i - in
ternal. r RIB-fai lure. S Stale
Or igin co d es: i - IGP, e - EGP. ? - inco mpl ete

*>il.0.0.0 12.0.0.1 0 100 0i
r i2.0.0.0 12.0.0.1 0 100 0i
r>i 13.0.0 .1 0 100 0i
*> 3.0 .0.0 0.0 .0.0 0 32768 i
* i 13.0.0 .1 0 100 0i
* > 4.0.0.0 0.0.0.0 0 32768 i
* > it t.0.0.0/2 4 1.1.1.1 0 200 0 500 i
* > it t.0.1.0/2 4 1.1.1.1 0 200 0 500 1
> 11.0.2.0/24 4.4.4.2 0 250 0 500 I
* > 11.0. 3.0/24 4.4.4.2 0 250 0 500 i


LAB: User Defined BGP Community:
...
loopback 0
.0.1
N
1S '
.;, :t .,...
·.;, -t
- ./
....<..9
R2
1 n n , ,,,
loopb 11:0
1 1. 0 . 2 .1 / 24 1
1 1. 0 . 3 .1 / 24 ". 0. C
-1 F0/0
3 8
0.1.1.1/ 8
OSPF area 0
ASSOO
AS600
TASK:
• Configure OSPF as IGP inside AS 600 TO provide reachability:
• Configure IBGP peering using loopback O interfaces inside AS 600 and EBGP using connnected interfaces.
R3#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
12.0.3.1 0 FULU - 00:00:33 2.2.2.1 Seriall/0
14.0.3.1 0 FULU - 00:00:33 3.3.3.2 Seriall/1
R3#sh ip route ospf

0 20.0.0.0/8 [110/65] via 2.2.2.1, 00:00:13, Seriall/0
0 40.0.0.0/8 [110/65] via 3.3.3.2, 00:00:14, Seriall/1
0 12.0.1.1 [110/65] via 2.2.2.1, 00:00:14, Seriall/0
0 12.0.0.1 [110/65] via 2.2.2.1, 00:00:14, Seriall/0
0 12.0.3.1 [110/65] via 2.2.2.1, 00:00:14, Seriall/0
0 12.0.2.1 [110/65] via 2.2.2.1, 00:00:14, Seriall/0
0 14.0.3.1 [110/65] via 3.3.3.2, 00:00:14, Seriall/1
0 14.0.2.1 [110/65] via 3.3.3.2, 00:00:14, Seriall/1
0 14.0.1.1 [110/65] via 3.3.3.2, 00:00:14, Seriall/1
0 14.0.0.1 [110/65] via 3.3.3.2, 00:00:14, Seriall/1






- - 4.- - - - -4 50 0 - 8 9 23 0 0 00:01:58 5
4. - 2
12.0.0.1 4 600 8 10 23 0 0 00:02:29 8
13.0.0.1 4 600 7 10 23 0 0 00:02:32 3
R4#sh ip bgp

' > il. 0.0.0 12.0.0.1 0 100 0i
0
'
r i2.0.0.0 12.0.0.1 0 100 0i

r>i 13.0.0.1 0 100 0i
'>
0
' 3.0.0.0 0.0.0.0 0 32768 i

,., i 13.0.0.1 0 100 0i
'> 4.0.0.0 0.0.0.0 0 32768 i
0
'
'> 10.0.0.0 4.4.4.2 0 0 500 i

0
'
"I 1.1.1.1 0 100 0 500 i

'> 11.0.0.0/24 4.4.4.2 0 0500 i
0
'
"I 1.1.1.1 0 100 0 500 i

'> 11.0.1.0/24 4.4.4.2 0 0 500 i
0
'
"I 1.1.1.1 0 100 0 500 i

'> 11.0.2.0/24 4.4.4.2 0 0 500 i
0
'
,., i
1.1.1.1 0 100 0 500 i
' > 11.0.3.0/24 4.4.4.2 0 0 500 i
0
'
,.,i 1.1.1.1 0 100 0 500 i

r>i20.0.0.0 12.0.0.1 0 100 0i
r>i30.0.0.0 13.0.0.1 0 100 0i
' > 40.0.0.0 0.0.0.0 0 32768 i
0
'


1.1.1.1 4 500 19 18 16 0 0 00:10:46 5
13.0.0.1 4 600 8 9 16 0 0 00:03:39 3
14.0.0.1 4 600 10 8 16 0 0 00:02:58 8
R2#sh ip bgp

' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
,., i2.0.0.0 13.0.0.1 0 100 0i

'''> 0.0.0.0 0 32768 i
r i3.0.0.0 14.0.0.1 0 100 0i
r>i 13.0.0.1 0 100 0i
' > i4.0.0.0
14.0.0.1 0 100 0i
'
0
,., il0.0.0.0 4.4.4.2 0 100 0 500 i

'''> 1.1.1.1 0 0 500 i
,., ill.0.0.0/24 4.4.4.2 0 100 0500 i
'''> 1.1.1.1 0 0 500 i
,., ill.0.1.0/24 4.4.4.2 0 100 0 500 i
'''> 1.1.1.1 0 0 500 i
,., ill.0.2.0/24 4.4.4.2 0 100 0 500 i
'''> 1.1.1.1 0 0 500 i
,., ill.0.3.0/24 4.4.4.2 0 100 0 500 i
'''> 1.1.1.1 0 0 500 i
' > 20.0.0.0
0.0.0.0 0 32768 i
'
0
r>i30.0.0.0 13.0.0.1 0 100 0i

r>i40.0.0.0 14.0.0.1 0 100 0i
TASK:
• Ensure that Rl should advertise loopbacks to both EBGP neighbors with their respective community.

Rl (config)#access-list 11 permit 11.0.1.0 0.0.0.255


Rl(config-route-map)#set community?
aa:nn community number in aa:nn format
additive Add to the existing community
local-AS Do not send outside local AS (well-known community)
no-advertise Do not advertise to any peer (well-known community)
none No community attribute
<er>
Rl(config-route-map)#set community 500:10


Rl(config-route-map)#set community 500:20

Rl(config-router)#neighbor 1.1.1.2 route-map CCIE
out Rl(config-router)#neighbor 1.1.1.2 send-
community
Rl(config-router)#neighbor 4.4.4.1 route-map CCIE out

Rl(config-router)#neighbor 4.4.4.1 send-community

R2#sh ip bgp 11.0.0.0/24
Flag: 0x880
2
500
4.4.4.2 (metric 129) from 14.0.0.1 (14.0.3.1)
500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
Community: 32768010
In Cisco IOS® Software Release 12.0 and later, you can configure communities in three different formats called
decimal, hexadecimal, and AA:NN.
• set community 30:20
• set community 0x1E0014
• set community 1966100
By default, IOS uses the older decimal format.

In order to configure and display in AA:NN, where the first part is the AS number and the second part is a 2-
byte number, issue the ip bgp-community new-format global configuration command.
R2(config)#ip bgp-community new-format

R2 (config)#end
R2#sh ip bgp 11.0.0.0/24

Flag: 0x880
2
500
4.4.4.2 (metric 129) from 14.0.0.1 (14.0.3.1)
500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
Community: 500:10
R2#sh ip bgp 11.0.1.0/24

Flag: 0x880
2
500
4.4.4.2 (metric 129) from 14.0.0.1 (14.0.3.1)
500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
Community: 500:10
R2#sh ip bgp 11.0.2.0/24

Flag: 0x880
2
500
4.4.4.2 (metric 129) from 14.0.0.1 (14.0.3.1)
500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
Community: 500:20
R2#sh ip bgp 11.0.3.0/24

Flag: 0x880
2
500
4.4.4.2 (metric 129) from 14.0.0.1 (14.0.3.1)
500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
Community: 500:20
R4(config)#ip bgp-community new-format

R4(config)#end
R4#sh ip bgp 11.0.0.0/24

Flag: 0x880
1
500
4.4.4.2 from 4.4.4.2 (11.0.3.1)
Community: 500:10
500
1.1.1.1 (metric 129) from 12.0.0.1 (12.0.3.1)
R4#sh ip bgp 11.0.1.0/24

Flag: 0x880
1
500
4.4.4.2 from 4.4.4.2 (11.0.3.1)
Community: 500:10
500
1.1.1.1 (metric 129) from 12.0.0.1 (12.0.3.1)
R4#sh ip bgp 11.0.2.0/24

Flag: 0x880
1
500
4.4.4.2 from 4.4.4.2 (11.0.3.1)
Community: 500:20
500
1.1.1.1 (metric 129) from 12.0.0.1 (12.0.3.1)
R4#sh ip bgp 11.0.3.0/24

Flag: 0x880
1
500
4.4.4.2 from 4.4.4.2 (11.0.3.1)
Community: 500:20
500
1.1.1.1 (metric 129) from 12.0.0.1 (12.0.3.1)
TASK:
• Configure AS 600 to ensure that routes with
• community tag 500:10 uses R2 as default exit path
• community tag 500:20 uses R4 as default exit path
• Use local preference attribute.
R2(config)#ip community-list 10 permit 500:10
R2(config)#route-map CCIER2 permit 10

R2(config-route-map)#match community?
<1-99> Community-list number (standard)
<100-500> Community-list number (expanded)
WORD Community-list name
R2 (config-route-map)#match community 10
R2 (config-route-map)#set local-preference
200 R2 (config-route-map)#exit
R2(config)#route-map CCIER2 permit 20

R2 (config-route-map)#exit

R2(config-router)#neighbor 1.1.1.1 route-map CCIER2 in
R2#sh ip bgp

' > 1.0.0.0
0.0.0.0 0 32768 i
'
0
,., i2.0.0.0 13.0.0.1 0 100 0i

'''> 0.0.0.0 0 32768 i
r i3.0.0.0 14.0.0.1 0 100 0i
r>i 13.0.0.1 0 100 0i
' > i4.0.0.0 14.0.0.1 0 100 0i
0
'
*> 11.0.0.0/24 1.1.1.1 0 200 0500 i

*> 11.0.1.0/24 1.1.1.1 0 200 0500 i
,., ill.0.2.0/24 4.4.4.2 0 100 0 500 i
'''> 1.1.1.1 0 0 500 i
,., ill.0.3.0/24 4.4.4.2 0 100 0 500 i
'''> 1.1.1.1 0 0 500 i
'
0
' > 20.0.0.0 0.0.0.0 0 32768 i
r>i30.0.0.0 13.0.0.1 0 100 0i
r>i40.0.0.0 14.0.0.1 0 100 0i
R2#sh ip bgp 11.0.1.0/24

Flag: 0x800
2
500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
Community: 500:10
R2#sh ip bgp 11.0.2.0/24

2
500
4.4.4.2 (metric 129) from 14.0.0.1 (14.0.3.1)
500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
Community: 500:20
R3#sh ip bgp

' > il. 0.0.0 12.0.0.1 0 100 0i
0
'
,., i2.0.0.0 12.0.0.1 0 100 0i

'''> 0.0.0.0 0 32768 i
,., i3.0.0.0 14.0.0.1 0 100 0i
'''> 0.0.0.0 0 32768 i
' > i4.0.0.0
14.0.0.1 0 100 0i
'
0
' > i11.0.0.0/ 24

1.1.1.1 0 200 0 500 i
'
0
' >i11.0. 1.0/ 24

1.1.1.1 0 200 0 500 i
'
0
,., ill.0.2.0/24 4.4.4.2 0 100 0 500 i

'''>i 1.1.1.1 0 100 0 500 i
,., ill.0.3.0/24 4.4.4.2 0 100 0 500 i
'''>i 1.1.1.1 0 100 0 500 i
r>i20.0.0.0 12.0.0.1 0 100 0i
' > 30.0.0.0 0.0.0.0 0 32768 i
0
'
r>i40.0.0.0 14.0.0.1 0 100 0i
R4#sh ip bgp

' > il. 0.0.0 12.0.0.1 0 100 0i
0
'
r i2.0.0.0 12.0.0.1 0 100 0i

r>i 13.0.0.1 0 100 0i
' > 3.0.0.0 0.0.0.0
0 32768 i
'
0
,.,i 13.0.0.1 0 100 0i

' > 4.0.0.0 0.0.0.0
0 32768 i
'
0
-;':
11.0.0.0/24 4.4.4.2 0 0 500 i
'''>i 1.1.1.1 0 200 0 500 i
-;':
11.0.1.0/24 4.4.4.2 0 0 500 i
'''>i 1.1.1.1 0 200 0 500 i
' > 11.0.2.0/24 4.4.4.2
0 0 500 i
'
0
"I 1.1.1.1 0 100 0 500 i

' > 11.0.3.0/24 4.4.4.2
0 0 500 i
'
0
,.,i 1.1.1.1 0 100 0 500 i

r>i20.0.0.0 12.0.0.1 0 100 0i
r>i30.0.0.0 13.0.0.1 0 100 0i
'
0
' > 40.0.0.0 0.0.0.0 0 32768 i
R4(config)#ip community-list?
<1-99> Community list number (standard)
<100-500> Community list number (expanded)
expanded Add an expanded community-list entry
standard Add a standard community-list entry
R4(config)#ip community-list standard CCIER4?
deny Specify community to reject
permit Specify community to accept
R4(config)#ip community-list standard CCIER4 permit?

aa:nn community number
local-AS Do not send outside local AS (well-known community) no-
advertise Do not advertise to any peer (well-known community)
<er>
R4(config)#ip community-list standard CCIER4 permit
500:20 R4(config)#route-map CCIER4 permit 10

R4(config-route-map)#match community?
<1-99> Community-list number (standard)
<100-500> Community-list number (expanded)
WORD Community-list name
R4(config-route-map)#match community CCIER4

R4(config-route-map)#set local-preference 250

R4(config-router)#neighbor 4.4.4.2 route-map CCIER4
in R4(config-router)#end
R4#sh ip bgp

' > il. 0.0.0 12.0.0.1 0 100 0i
0
'
r i2.0.0.0 12.0.0.1 0 100 0i

r>i 13.0.0.1 0 100 0i
'>
0
' 3.0.0.0 0.0.0.0 0 32768 i

,., i 13.0.0.1 0 100 0i
' > 4.0.0.0 0.0.0.0 0 32768 i
0
'
*>ill.0.0.0/24 1.1.1.1 0 200 0500 i

*>ill.0.1.0/24 1.1.1.1 0 200 0500 i
' > 11.0.2.0/24 4.4.4.2 0 250 0 500· 1
' > 11.0.3.0/24 4.4.4.2 0 250 0 500 ii
r>i20.0.0.0 12.0.0.1 0 100 0i
r>i30.0.0.0 13.0.0.1 0 100 0i
'
0
' > 40.0.0.0 0.0.0.0 0 32768 i
1 3.3.3.1 44 msec 72 msec 60 msec

2 2.2.2.1 44 msec 56 msec 32 msec
3 1.1.1.1 104 msec ,., 144 msec
1 4.4.4.2 100 msec ,., 32 msec
R3#sh ip bgp

' > il. 0.0.0 12.0.0.1 0 100 0i
0
'
,., i2.0.0.0 12.0.0.1 0 100 0i

'''> 0.0.0.0 0 32768 i
,., i3.0.0.0 14.0.0.1 0 100 0i
'''> 0.0.0.0 0 32768 i
' > i4.0.0.0 14.0.0.1 0 100 0i
0
'
' > i11.0.0.0/ 24 1.1.1.1 0 200 0 500 i

0
'
'
0
' > i11.0.l. 0/ 24 1.1.1.1 0 200 0 500 i

' > il l. 0. 2.0/ 24 4.4.4.2 0 250 0 500 ii
' > il l. 0. 3.0/ 24 4.4.4.2 0 250 0 500.
r>i20.0.0.0 12.0.0.1 0 100 0i
' > 30.0.0.0 0.0.0.0 0 32768 i
0
'
r>i40.0.0.0 14.0.0.1 0 100 0i
1 2.2.2.1 28 msec 112 msec 28 msec

2 1.1.1.1 52 msec ,., 56 msec
1 3.3.3.2 76 msec 52 msec 16 msec

2 4.4.4.2 60 msec ,., 60 msec
BGP Advance options
BGP Confederations
Route-reflector Clusters
BGP Dampening
remove-private-as
BGP Confederations NETW

OR
feature is used to split an autonomous system into smaller autonomous systems
-
ASN
123 ASN4
G) Updm: 5
ASJ'
210.0.M
ATH4S
® :;.:
(65003&6001)
45
®!1s °.:tj6500l65001)45
IBGP full mesh issues
R1
With iB G P, every router in the BGP autonomous system must
be fu lly meshed .
La rge number of TCP sessio ns
Unncessa ry d up l icatio n of ro ut i ng traffic
Manua l configuration
Solution:
1. Route Reflector
2. BGP confederations
How confederations works

ASN 123
ASN 45
(j) AUSpd_aP1A: tT2H1.04. .50 M
-
.
'I R45
I
I
I
I
I '
\\ ® :.::
@3 ASY ATH: (IS5001)
1
1
(65001)45
21.0.0.M
!
1
4 5
I '
' '
I
' '
®A': ,(65003 IS5001),s

®!:i A': ,(65002 IS5001l 45
com
com
BGP confederations Facts
► Confederations are usable only for huge autonomous systems where you can afford to
split them into several sub-ASes.
► Each sub-AS in a confederation needs to have its internal iBGP peers either fully
meshed, or use route reflection internally,
► the confederations are not much of an advantage for small ASes having a few BGP
routers. ASN 123
.........•.,
·.,,.,·:.-.·
·ij ASN67
-- ·
ASN45 8
:
®!1i :. fl60)366C01J45
@ :1sf85(l02Mll)l).S
BGP Confederation: Configuration

R1(config-router)# neighbor 4.4.4.1 remote-as 600 R2(config)#router bgp 2300
R2(config-router)# bgp confederation identifier 600
,.,,,-·· - ·· - . .......... R2(config-router)# neighbor 1.1.1.1 remote-as 500
--- -- - -- , R3(config)#router bgp 2300

·, _'- . 1'' R3(config-router)# bgp confederation identifier 600
/ " .
0--1··•=---:-, ) R3(config-router)# bgp confederation peers 4000

R3(co nfig-rout er)# neighbor 3.3.3.2 remote-as 4000
· -
., AS 500
) R4(config)#router bgp 4000

AS 4000 ,'
· - ------/ R4(config-router)# bgp confederation peers 2300
com
com
,/ ·,.
-· ' R3#sh ip bgp
..
'\
(, ; / °'' ·· * i 2.2.2.1 0 100 0i
. - '' ii,
., '-: '-" .
'-
., ..., \ \
'-·.
/.....--- - - l '- .. f '\ ' • 3.0.0.0 3.3.3.2 0 100 0 (4000) i
·.
\
0 '-. _ _..
:;1 '-
' ,.. ...- ,.,,
._\
.\ I
: '
*>
*> 4.0.0.0
•* >10,0,0,0
i
0.0.0.0
3.3.3.2
4.4.4.2
1.1.1.1 0
0
0 100
32768 i
0 4000) i
0100100 0500i
0 (4000) 500 i
-....A_ SIIOO •',• * > i20.0,0,0 2.2.2.1 0 100 0i

,o..;l
!
\ / *> 30,0,0,0 0,0,0,0 0 32768 i
/ i I *> 40,0,0,0 3.3.3.2 0 100 0 (4000) i

I
/ Rl#sh ip bgp
.
_.,,,./ Network Next Hop Metric LocPrf We ight Path
'-
• 1,.0 0, 0 4.4.4.1 0600i
R4#sh ip bgp 1.1.1.2 0 0600i
Netwo rk Next Hop M etr ic LocPrf Weight Path *> 0,0,0,0 0 32768 i
• 1.0, 0 .0 4.4,4.2 0 0 500 i * 2,0,0,0 4.4.4.1
0600i
*> 2.2.2.1 0 100 0 (2300) i *> 1.1.1.2
0 600 i 0
* > 2.0,0,0 3.3.3.1 0 100 0 (2300) i • 3.0.0 .0 4.4.4.1 0 0 600 i
* > 3.0.0.0 0.0.0.0 0 32768 i 1.1.1.2 0 600 i
.
*>
3.3.3.1 0 100 0 (2300) i * 4.0,0.0 1.1.1.2 0600 i
* 4.0.0.0 4.4.4.2 0 0 500 i 4.4,4.1 0 0600 i
*> 0.0.0.0 0 32768 i *> 0.0.0.0 0 32768 i
* > 10,0,0,0 4.4.4.2 0 0500i *> 10.0.0.0 0.0.0.0 0 32768 i
1.1.1.1 0 100 0 (2300) 500 i • 20.0,0,0 4.4.4.1 0600i
1.1.1.2 *> 20.0.0.0 2.2.2.1 0 100 0 (2300) i *> 0 0600i
*> 30.0.0.0 3.3.3.1 0 100 0 (2300) i • 30,0,0,0 4.4.4.1 06
0.0 .0.0 0 32768 i *> 1.1.1.2 0600i
• 40,0,0,0 1.1.1.2 0600 i
*> 4.4.41. 0 0600 i
com
com
LAB: BGP Confederations
/
-- - - -.......... -
\
R2
\
\
"' , AS2300
(1,, ,. "' '

F O' 0
\
I
30 . 1. . 1 8 ,
'
\ r 0. 1.1. 1/ 8
I
"' A S 500
I
I
\
I' I
AS 4000
I
/
/
- -
-- - /
TASK:
• Configure BGP peering using confederations
• Rl in AS 500 should EBGP peer with R2/R4 in AS 600 ( main AS)
• AS 600 is further divided in to two Sub-as 2300, 4000 ( refer the diagram)



R3 (config-router)# bgp confederation identifier 600
R3(config-router)# bgp confederation peers 4000
R3 (config-router)#no auto

R4(config-router)# bgp confederation peers 2300

1.1.1.2 4 600 18 19 9 0 0 00:09:15 7
4.4.4.1 4 600 9 9 9 0 0 00:01:35 7

2.2.2.1 4 2300 12 13 12 0 0 00:05:40 4
3.3.3.2 4 4000 10 10 12 0 0 00:02:14 4
Rl#sh ip bgp
-;':
1.0.0.0 4.4.4.1 0 600 i
-;':
1.1.1.2 0 0 600 i
'''> 0.0.0.0 0 32768 i
-;':
2.0.0.0 4.4.4.1 0 600 i
'''> 1.1.1.2 0 0 600 i
-;':
3.0.0.0 4.4.4.1 0 0 600 i
'''> 1.1.1.2 0 600 i
-;':
4.0.0.0 1.1.1.2 0 600 i
-;':
4.4.4.1 0 0 600 i
'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
,., 20.0.0.0 4.4.4.1 0 600 i
,., > 1.1.1.2
0 0 600 i
,., 30.0.0.0 4.4.4.1 0 600 i
,., > 1.1.1.2
0 600 i
,., 40.0.0.0 1.1.1.2 0 600 i
,., > 4.4.4.1
0 0 600 i
R3#sh ip bgp
' > il. 0.0.0
0
'
2.2.2.1 0 100 0i
' > 2.0.0.0
0
0.0.0.0 0 32768 i
'
,.,i
2.2.2.1 0 100 0i
,., 3.0.0.0
3.3.3.2 0 100 0 (4000) i
'''> 0.0.0.0 0 32768 i
' > 4.0.0.0
0
'
3.3.3.2 0 100 0 (4000) i

* 10.0.0.0 4.4.4.2 0 100 0 (4000) 500 i
'''>i 1.1.1.1 0 100 0 500 i
' > i20.0.0.0
0
'
2.2.2.1 0 100 0i
'>
0
'
0.0.0.0 0 32768 i
30.0.0.0 3.3.3.2 0 100 0 (4000) i
'>
0
'
40.0.0.0
R4#sh ip bgp
4.4.4.2 0 0 500 i
Network
2.2.2.1 0 100 0 (2300) i
,., 1.0.0.0
3.3.3.1 0 100 0 (2300) i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0 3.3.3.1
0
'
0 100 0 (2300) i
' > 3.0.0.0
0
'
4.4.4.2 0 0 500 i
0.0.0.0 0 32768 i
,., 4.0.0.0
4.4.4.2 0 0 500 i
'''> 1.1.1.1 0 100 0 (2300) 500 i
' > 10.0.0.0
0
'
2.2.2.1 0 100 0 (2300) i
3.3.3.1 0 100 0 (2300) i
*> 20.0.0.0 0.0.0.0 0 32768 i
'>
0
'
30.0.0.0
'>
0
'
40.0.0.0
Rl#sh ip route bgp

B 2.0.0.0/8 [20/0] via 1.1.1.2, 00:03:02
B 3.0.0.0/8 [20/0] via 1.1.1.2, 00:02:32
B 20.0.0.0/8 [20/0] via 1.1.1.2, 00:03:02
B 40.0.0.0/8 [20/0] via 4.4.4.1, 00:01:13
B 30.0.0.0/8 [20/0] via 1.1.1.2, 00:02:32
R2#sh ip route bgp

B 3.0.0.0/8 [200/0] via 2.2.2.2, 00:03:01
B 4.0.0.0/8 [200/0] via 3.3.3.2, 00:01:20
B 40.0.0.0/8 [200/0] via 3.3.3.2, 00:01:20
B 10.0.0.0/8 [20/0] via 1.1.1.1, 00:03:09
B 30.0.0.0/8 [200/0] via 2.2.2.2, 00:03:01
R3#sh ip route bgp

B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:03:44
B 4.0.0.0/8 [200/0] via 3.3.3.2, 00:02:03
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:03:44
B 40.0.0.0/8 [200/0] via 3.3.3.2, 00:02:03
B 10.0.0.0/8 [200/0] via 1.1.1.1, 00:03:39
R4#sh ip route bgp

B 1.0.0.0/8 [200/0] via 2.2.2.1, 00:02:35
B 2.0.0.0/8 [200/0] via 3.3.3.1, 00:02:40
B 20.0.0.0/8 [200/0] via 2.2.2.1, 00:02:35
B 10.0.0.0/8 [20/0] via 4.4.4.2, 00:02:40
B 30.0.0.0/8 [200/0] via 3.3.3.1, 00:02:40
TASK: Verify BGP local-AS community Attribute
• Configure Rl to make sure that 10.0.0.0 should be advertised by R2 within the sub-AS ( 2300) and should
not get advertised to other Sub -AS (AS 4000)
• Shutdown he Rl - R4 link for verification..( to make sure that 10.0.0.0 not coming from R1-R4 reaching AS-
2300)
Rl(config)#int sl/1
R1(config-it)#shutdown
Rl(config)#route-map LOCAL permit 10

Rl(config-route-map)#match ip add 11
R1(config-route-map)#set community local-AS
Rl(config)#route-map LOCAL permit 20


Rl(config-router)#neighbor 1.1.1.2 route-map LOCAL out
Rl (config-router)#neighbor 1.1.1.2 send-community
R2#sh ip bgp 10.0.0.0

Flag: 0x880
2
500
1.1.1.1 from 1.1.1.1 (11.0.3.1)
Community: local-AS

R2 (config-router)#neighbor 2.2.2.2 send-community

R3#sh ip bgp 10.0.0.0
Flag: 0x880
2
(4000) 500
4.4.4.2 from 3.3.3.2 (14.0.3.1)
Origin IGP, metric 0, localpref 100, valid, confed-external
500
1.1.1.1 from 2.2.2.1 (12.0.3.1)
Origin IGP, metric 0, localpref 100, valid, confed-internal, best
Community: local-AS

R4#sh ip bgp 10.0.0.0

Once we configure Local preference on R2( preferred exit router of AS) for neighbor 1.1.1.1 (Rl) with direction
in (apply to receiving routes).
• All Routes learned from from that neighbor 1.1.1.1 (Rl) will be applied with local preference value of 400
• Samething will also be advertised to all other routers(R3) inside the AS 600.
R2#sh ip bgp 40.1.1.1

Flag: 0x820
2
500 700
1.1.1.1 from 1.1.1.1 (11.0.3.1)
R2#
R2#
Route Reflector
► Scalable alternative to an iBGP full mesh.
► Allows a router (route reflector - RR) to advertise routes received from an iBGP peer to other iBGP
peers.
► Client updates serve r.
► Server updates to all the remaining clie nts.
_/
/ RR Server
{
\
ASSOO
AS 500
RRsener I
/
.
/
All Clients should establish neighbor with only servers

Clients will not establish neighbo r with any other client
In case if you have 2 servers (server establish neighbor with other servers & clients)
► A group of redundant route reflectors and their clients form a cluster.
► Route reflector rules divide a transit AS into smaller areas (called clusters).
► Each cluster must have a unique cluste r-I D.
Cluster AS21
1 2
Route Reflector
Clusters NETWOR ONLINE ACADEMY
► Each time a route is refle cted , the cluster-ID is added to the cluster-list BGP attribute.
► The route that already contains the local cluster-ID in the cluster-list is not reflected.
► Each cluster contains route reflectors and route reflector clients.
Cluster AS21
1 2
IBGP peering should be ertablished using loopback O interface
Rt should be conngured as: RR server for clients: RS & R4
R3 s:hould be configured as RR server for dients: R6 & R2
IBGP peering should be established only between Rt & R3 to exchange BGP Information between dusters
BGP rooter -id has to be loopback O Ip addres s:.
R4( coofigll routcr bgp 500 ,,,,...-. ·
R4(cooflg-router)l bgp router-Id 14.0.0 .1
/
R4(cooflg-router)l nelghbor 11.0.0.1 remote-as: 500 _. / ·
R4(coofig -router)l nelghbor 11.0.0.1 update-source loopback 0 /
RS(conflg)# router bgp 500 /
RS(config-router)l bgp router-id 15.0.0. 1
RS(config-router)I neighbor 11.0.0. 1 remote-as 500
RS(conflg-router)# neighbor 11.0.0. 1 updat rceloopback0 ,._, ,,
Rl (configll router bgp 500

Rl (conflg -rou ter)l bgp router-ld 11.0.0 .1
Rl (config -rou terJl neighbor 14.0.0.1 remote-as 500 \
Rl(conflg -route r)l nelghbor 14.0.0.1 update-source loopback O" .,:..
Rl( conflg -rou terJl nelgh bor 14.0.0.l route-reflector-dlent
Rl( con flg -rou terJl neighbor 15.0.0.1 remote-as 500
Rl (co nfig -rou ter)l nelgh bor 15.0.0.1 update-source loopbad: 0
Rl (co nflg -rou tcr)# neighbor 15.0.0.1 route-refledor-dient -··- ----··- ··- ·

R3( con fig-rout er) #bgp router-id 13.0.0.1
R3( config-rout er)#neighbor 12.0.0.1 remote-as 500
R3 (config-router)# neighbor 12.0.0.1 update-source loopback 0
,.,. , ,., ----
--- --- --- --- ---
R3(con fig-ro uter) #neighbor 12.0.0.1 route -refl ector-client
/_
R3(con fig-ro uter) #neighbor 16.0.0.1 remote-as 500 ,./ ·
R3(config-rout er)#neighbor 16.0.0.1 update-source loopback .0
R3(config-rout er)#neighbor 16.0.0.1 route-reflector-client /
/
i L,oopke:111 0
,o ./
11 . 0.0 . t t,.U... .. ...
....
&oopkQ--0- _
! I
....
' 11 . 0 .0 . 1/24
R2(config)#router bgp 500 1

10 . 1 . . t / 8 RR
R2( config-router)#bgp router-id 12.0.0.1

\
R2( config-rout er)#neighbor 13.0 .0.1 remote-as 500 \
R2(con fig-router)# neighbor 13.0.0.1 update-source loopback 0\
, I
172 . t . 15 .S/24
ASSOO
/
/
R6(c on fi g-router)# bgp router-id 16.0 .0.1 I RS ..
R6(config-router)# neighbor 13.0.0.1 remote-as 500 50. .1 .1 1/ 8 --- - -- - - • • --
R6(config-router)# neighbor 13.0.0.1 update-source loopback 0 - - - - - - - - - - - - ·• - - --,!- - --
com
com
R2#sh ip bgp 60.0.0.0
BG P r out ing table entry fo r 60 .0.0.0/ 8, versio n 3
_.- --- --- ··- --- - --
Paths: (1 avail able, best #1, table Default-I P-Routing-Table. RIB-failure(17)),-··
_....
Not adve rt ised to any peer /
Local /
16.0 .0.1 (m etric 2300416) from 13.0.0.1 (13.0.0 .1) /
Origin IGP. metric O. loca lpref 100. valid. int ernal, best /
Origin ator : 16.0.0.1, Cluster li st: 13.0 .0 .1 :
/ LoopNck O \0 ../'
; 11 .0 .0 . l !J 1.... .,. y.. - loopk,ckO
_
! ( y 11.0.0.1/24
R3(config)#router bgp 500 /

A8500
/
R3(confi g-router)#neighbor 11.0.0.1 remote-as 500 / /
R3(config-ro uter)#neighbor 11.0.0.1 update-source loopback ... . , ,•, ... _ s _ __.- ...---
R3(con fig-ro uter)#neighbor 11.0.0.1 route-reflector-client - - - - - - - -_- .::--::- --_ _,,
Rl (confi g)#router bgp 500

Rl (confi g-rout er)#neigh bor 13.0 .0.1 remote-as 500
Rl (confi g-rout er) #neighbor 13.0.0.1 update-source loopback 0
Rl (confi g-rout er) #neighbor 13.0 .0.1 route-reflector-client
Rl #sh ip bgp 60.0.0.0

BGP routing table entry for 60.0.0.0/8. version 33
Paths: (1 available. best #1. tabl e Default -IP-Routi ng-Tab le. RIB-failure(17)}
----- --- ··- ·- .. _
Flag: 0x820
Adve rt i sed to update-groups:
1 /
Local, (Received from a RR-client) /
16.0.0.1 (met ri c 2812416) from 13.0.0 .1 (13.0.0 .1)
/
Origin IGP. metric 0. localpref 100. valid. internal. best
Originat o r: 16.0.0.1. Cluster list: 13.0. 0.1 i
:
Loopbad1O
11 .o.o. 1t, 1...
\0 ••-"'
., . . ,."':!_· loo,-dl-0 -
' f .... 11.0.0.1/24
RR
loo pbac k O
13 .0 .0 .1/ 24
RS# sh ip bgp 60.0.0.0

A8500
/ /
BGP routing table entry for 60.0.0.0/8. version 27 /
Paths: (1 available. best #1. table Default -IP-Routin g-Table, RIB -failur e(17.) .. -. ... _.... /
Flag: 0x820
,1
[ ""·',
a -- -- - - ---- --., ,(. - - - - · _ _.-
Notadvertised to any peer

Local
16.0.0.1 (metric 2814976) from 11.0.0. 1 (11.0 .0. 1)
Origin IGP. metr ic 0. localpref 100. valid. internal. best
Ori g in ator : 16.0.0. 1. Clust er li st: 11.0 .0 .1. 13.0.0. 1
com
com
• A group of redundant route reflectors and their clients form a cluster.

• Each cluster must have a unique cluster-ID.
• Each time a route is reflected, the cluster-ID is added to the cluster-list BGP attribute.
• The route that already contains the local cluster-ID in the cluster-list is not reflected.
Originator-ID
• Additional Route Reflector Loop-Prevention Mechanisms
• Every time a route is reflected, the router-ID of the originating IBGP router is stored in the originator-ID BGP
attribute.
• A router receiving an IBGP route with originator-ID set to its own router-ID ignores that route.
• The BGP path selection procedure is modified to take into account cluster-list and originator-ID.
Route reflector rules

• Route reflector rules divide a transit AS into smaller areas (called clusters).
• Each cluster contains route reflectors and route reflector clients.
• Routers that do not support route reflector functionality act as a one-router cluster or as a route reflector
client.
IBGP session rules

• All clients in a cluster must establish I BGP sessions with and only with all route reflectors in the cluster.
• An IBGP full mesh between all route reflectors within the AS is required.
• Routers that are not route reflectors can participate in the I BGP full mesh or be route reflector clients.
LAB : Route Reflector Clusters
--- .......
60.
" '
1. 1 . 1/
AS600
I 172.16.36.6 / 24
\
I
/ Loopback 0
11 .0 .0 .1
I
1
10.1. . 1 / 8
I
\ 172.16 15.1/ 24
I loopback 0
\
13 .0.0 .1 /
24
I
I 0
I
I AS 500
I
RS --....
40 ::;-1
- "'! 1
f;! '"!
I
I • i
\ 50.- 1.- 1. 1/
- 8-
- - - ---- -- -.:::-:::- ::..: =--._ I _ . - - ---
-
................................................... _
TASK:
• configure EIGRP 100 to provide reachablity with in the AS
Rl(config)#router eigrp 100

Rl(config-router)#no auto-
summary Rl(config-
router)#network 10.0.0.0
R2(config)#router eigrp 100

R3 (config)#router eigrp 100

R4(config-router)#no network 1.0.0.0
RS(config)#router eigrp 100

RS(config-router)#exit

Rl#sh ip eigrp neighbors

IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
2 172.16.15.5 Fa0/0 11 00:00:50 68 408 0 3
4.4.4.1 Sel/1 11 00:02:32 125 750 0 13
0 1.1.1.2 Sel/0 12 00:03:39 136 816 0 20
Rl#sh ip route eigrp

D 16.0.0.0 [90/2812416] via 4.4.4.1, 00:24:31, Seriall/1
[90/2812416] via 1.1.1.2, 00:24:31, Seriall/0
D 50.0.0.0/8 [90/156160] via 172.16.15.5, 00:25:00, FastEthernet0/0
D 2.0.0.0/8 [90/2681856] via 1.1.1.2, 00:32:10, Seriall/0
D 3.0.0.0/8 [90/2681856] via 4.4.4.1, 00:32:10, Seriall/1
D 20.0.0.0/8 [90/2172416] via 1.1.1.2, 00:33:37, Seriall/0
D 172.16.36.0 [90/2684416] via 4.4.4.1, 00:32:10, Seriall/1
[90/2684416] via 1.1.1.2, 00:32:10, Seriall/0
D 172.16.37.0 [90/3193856] via 4.4.4.1, 00:32:10, Seriall/1
[90/3193856] via 1.1.1.2, 00:32:10, Seriall/0
D 40.0.0.0/8 [90/2172416] via 4.4.4.1, 00:32:30, Seriall/1
D 12.0.0.0 [90/2297856] via 1.1.1.2, 00:33:29, Seriall/0
D 12.0.1.0 [90/2297856] via 1.1.1.2, 00:33:30, Seriall/0
D 12.0.2.0 [90/2297856] via 1.1.1.2, 00:33:30, Seriall/0
D 12.0.3.0 [90/2297856] via 1.1.1.2, 00:33:34, Seriall/0
13.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
D 13.0.1.0/24 [90/2809856] via 4.4.4.1, 00:32:15, Seriall/1
[90/2809856] via 1.1.1.2, 00:32:15, Seriall/0
D 13.0.0.1/32 [90/2809856] via 4.4.4.1, 00:32:15, Seriall/1
[90/2809856] via 1.1.1.2, 00:32:15, Seriall/0
D 13.0.3.0/24 [90/2809856] via 4.4.4.1, 00:32:15, Seriall/1
[90/2809856] via 1.1.1.2, 00:32:15, Seriall/0
D 13.0.2.0/24 [90/2809856] via 4.4.4.1, 00:32:15, Seriall/1
[90/2809856] via 1.1.1.2, 00:32:15, Seriall/0
D 14.0.2.0 [90/2297856] via 4.4.4.1, 00:32:06, Seriall/1
D 14.0.3.0 [90/2297856] via 4.4.4.1, 00:32:06, Seriall/1
D 14.0.0.0 [90/2297856] via 4.4.4.1, 00:32:06, Seriall/1
D 14.0.1.0 [90/2297856] via 4.4.4.1, 00:32:06, Seriall/1
D 60.0.0.0/8 [90/2812416] via 4.4.4.1, 00:24:28, Seriall/1
[90/2812416] via 1.1.1.2, 00:24:28, Seriall/0
D 30.0.0.0/8 [90/2809856] via 4.4.4.1, 00:01:04, Seriall/1
[90/2809856] via 1.1.1.2, 00:01:04, Seriall/0
D 15.0.0.0 [90/156160] via 172.16.15.5, 00:25:15, FastEthernet0/0
R3#sh ip eigrp neighbors

IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
2 172.16.36.6 Fa0/0 11 00:01:23 66 396 0 3
3.3.3.2 Sel/1 14 00:03:22 83 498 0 12
0 2.2.2.1 Sel/0 14 00:04:15 94 564 0 19
R3#sh ip route eigrp
D 16.0.0.0 [90/156160] via 172.16.36.6, 00:26:20, FastEthernet0/0
D 1.0.0.0/8 [90/2681856] via 2.2.2.1, 00:33:59, Seriall/0
D 50.0.0.0/8 [90/2812416] via 3.3.3.2, 00:26:49, Seriall/1
[90/2812416] via 2.2.2.1, 00:26:49, Seriall/0
D 4.0.0.0/8 [90/2681856] via 3.3.3.2, 00:33:59, Seriall/1
D 20.0.0.0/8 [90/2172416] via 2.2.2.1, 00:34:53, Seriall/0
D 172.16.15.0 [90/2684416] via 3.3.3.2, 00:33:59, Seriall/1
[90/2684416] via 2.2.2.1, 00:33:59, Seriall/0
D 40.0.0.0/8 [90/2172416] via 3.3.3.2, 00:33:59, Seriall/1
D 10.0.0.0/8 [90/2809856] via 3.3.3.2, 00:00:14, Seriall/1
[90/2809856] via 2.2.2.1, 00:00:14, Seriall/0
11.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
D 11.0.3.0/24 [90/2809856] via 3.3.3.2, 00:33:59, Seriall/1
[90/2809856] via 2.2.2.1, 00:33:59, Seriall/0
D 11.0.2.0/24 [90/2809856] via 3.3.3.2, 00:34:01, Seriall/1
[90/2809856] via 2.2.2.1, 00:34:01, Seriall/0
D 11.0.1.0/24 [90/2809856] via 3.3.3.2, 00:34:01, Seriall/1
[90/2809856] via 2.2.2.1, 00:34:01, Seriall/0
D 11.0.0.1/32 [90/2809856] via 3.3.3.2, 00:34:01, Seriall/1
[90/2809856] via 2.2.2.1, 00:34:01, Seriall/0
D 12.0.0.0 [90/2297856] via 2.2.2.1, 00:34:55, Seriall/0
D 12.0.1.0 [90/2297856] via 2.2.2.1, 00:34:55, Seriall/0
D 12.0.2.0 [90/2297856] via 2.2.2.1, 00:34:55, Seriall/0
D 12.0.3.0 [90/2297856] via 2.2.2.1, 00:34:55, Seriall/0
D 14.0.2.0 [90/2297856] via 3.3.3.2, 00:33:52, Seriall/1
D 14.0.3.0 [90/2297856] via 3.3.3.2, 00:33:52, Seriall/1
D 14.0.0.0 [90/2297856] via 3.3.3.2, 00:33:52, Seriall/1
D 14.0.1.0 [90/2297856] via 3.3.3.2, 00:33:52, Seriall/1
D 60.0.0.0/8 [90/156160] via 172.16.36.6, 00:26:14, FastEthernet0/0
D 15.0.0.0 [90/2812416] via 3.3.3.2, 00:27:00, Seriall/1
[90/2812416] via 2.2.2.1, 00:27:00, Seriall/0
TASK:
Configure IBGP peering in AS 500
• IBGP peering should be established using loopback 0 interface
• Rl should be configured as RR server for clients RS & R4
• R3 should be configured as RR server for clients R6 & R2
• IBGP peering should be established only between Rl & R3 to exchange BGP information between clusters
• BGP router-id has to be loopback 0 Ip address.
• advertise only LAN interface in BGP for verification.
Rl (config-ro uter)# bgp router-id 11.0.0.1
Rl (config-ro uter)# neighbor 14.0.0.1 remote-as 500
Rl (config-ro uter)# neighbor 14.0.0.1 update-source loopback 0
Rl (config-ro uter)# neighbor 14.0.0.1 route-reflector-client
Rl (config-router)#neighbor 15.0.0.1 route-reflector-client

R4(config-ro uter)# bgp router-id 14.0.0.1 R4(config-
router)#neighbor 11.0.0.1 remote-as 500
RS(config)# router bgp 500

RS(config-ro uter)# bgp router-id 15.0.0.1
RS(config-router)# neighbor 11.0.0.1 remote-as 500
RS(config-router)# neighbor 11.0.0.1 update-source loopback 0


14.0.0.1 4 500 25 30 11 0 0 00:00:58 1
15.0.0.1 4 500 25 29 11 0 0 00:00:31
Rl#sh ip bgp

' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
r>i40.0.0.0 14.0.0.1 0 100 0i

r>i50.0.0.0 15.0.0.1 0 100 0i

R3(config-ro uter)# bgp router-id 13.0.0.1
R3(config-ro uter)# neighbor 12.0.0.1 remote-as 500
R3(config-ro uter)# neighbor 12.0.0.1 update-source loopback 0
R3(config-ro uter)# neighbor 12.0.0.1 route-reflector-client

R2 (config-ro uter)# bgp router-id 12.0.0.1 R2(config-
router)#neighbor 13.0.0.1 remote-as 500

R6(config-ro uter)# bgp router-id 16.0.0.1
R6(config-router)# neighbor 13.0.0.1 update-source loopback 0


12.0.0.1 4 500 24 29 14 0 0 00:00:44 1
16.0.0.1 4 500 20 26 14 0 0 00:01:24
R3#sh ip bgp

r>i20.0.0.0 12.0.0.1 0 100 0i
'>
0
'
0.0.0.0 0 32768 i
30.0.0.0 16.0.0.1 0 100 0i
r>i60.0.0.0
R3#sh ip bgp 60.0.0.0

Paths: (1 available, best #1, table Default-IP-Routing-Table, RIB-failure(l?))
1
Local, (Received from a RR-client)
16.0.0.1 (metric 156160) from 16.0.0.1 (16.0.0.1)
R2#sh ip bgp 60.0.0.0

Paths: (1 available, best #1, table Default-IP-Routing-Table, RIB-failure(l?))
Local
16.0.0.1 (metric 2300416) from 13.0.0.1 (13.0.0.1)
Originator: 16.0.0.1, Cluster list: 13.0.0.1

R3 (config-router)#neighbor 11.0.0.1 route-reflector-client

Rl(config-router)#neighbor 13.0.0.1 route-reflector-client


13.0.0.1 4 500 10 10 33 0 0 00:00:05 3
14.0.0.1 4 500 45 61 33 0 0 00:20:21
15.0.0.1 4 500 44 59 33 0 0 00:19:54
Rl#sh ip bgp

' > 10.0.0.0 0.0.0.0 0 32768 i
0
'
r>i20.0.0.0 12.0.0.1 0 100 0i

r>i30.0.0.0 13.0.0.1 0 100 0i
r>i40.0.0.0 14.0.0.1 0 100 0i
r>i50.0.0.0 15.0.0.1 0 100 0i
r>i60.0.0.0 16.0.0.1 0 100 0i

Paths: (1 available, best #1, table Default-IP-Routing-Table, RIB-failure(17))
Flag: 0x820
1
Local, (Received from a RR-client)
16.0.0.1 (metric 2812416) from 13.0.0.1 (13.0.0.1)
R5#sh ip bgp 60.0.0.0

Flag: 0x820
Local
16.0.0.1 (metric 2814976) from 11.0.0.1 (11.0.0.1)
Originator: 16.0.0.1, Cluster list: 11.0.0.1, 13.0.0.1
TASK:
• Configure R3 to change the cluser-id to 30.1.1.1

R3 (config-router)#bgp cluster-id ?
<1-4294967295 > Route-Reflector Cluster-id as 32 bit quantity
A.B.C.D Route-Reflector Cluster-id in IP address format
R3 (config-router)#bgp cluster-id 30.1.1.1

R2#sh ip bgp 60.0.0.0

Flag: 0x800
Local
16.0.0.1 (metric 2300416) from 13.0.0.1 (13.0.0.1)
R5#sh ip bgp 60.0.0.0

Flag: 0x800
Local
16.0.0.1 (metric 2814976) from 11.0.0.1 (11.0.0.1)
Originator: 16.0.0.1, Cluster list: 11.0.0.1, 30.1.1.1
BGP Route-Dampening
• Is designed to reduce router processing load caused by unstable routes.

• Each time an eBGP route flaps, it gets 1000 penalty points (This cannot be configured or changed).
• IGBP routes are not dampened.
• The penalty placed on a route decays according to the exponential decay algorithm.
• When the penalty exceeds the suppress limit, the route is dampened (no longer used or propagated
to others)
• A dampened route is propagated again when the penalty drops below the reuse limit.
• A route is never dampened for more time than the maximum suppress limit.
• An unreachable route with a flap history is put in the history state. It stays in the BGP table but only to
maintain the flap history. (marked with 'h' in the BGP table)
• A penalty is applied on the individual path in the BGP table, not on the IP prefix.
#bgp dampening [half-life][reuse][suppress][max-suppress-time] [route-map map-name]
o [half-life] - Decay time in which the penalty is halved (Def = 15min)

o [suppress] - The value at which a route is dampened (Def = 2000)
o [reuse] - The value when the dampened route is reused (Def = 750)
o [max-suppress-time] - Maximum time to suppress the route (Def = 60Min)
o [route-map] - Using route-map to dampen specific routes - Specified without a route-map applies
to all routes
Conft
route-map name -
match ip addess {act}
set dampening [half-life][reuse][suppress][max-suppress-time]
LAB: ROUTE DAMPENING
loopback 0
120.0.1/ 24
..
\
F0/0
- - • loopback 0
11.0.0.1/ 24
f
0.1.1.1/
....._ A S S OO /
TASK: - - - - -·
• Configure IBGP and EBGP peering as per the diagram using connected interfaces
• Advertise Directly connected interfaces ( f0/0 & loopback 0)

Rl(config-router)# network 11.0.0.0 mask 255.255.255.0

R2 (config-router)# bgp log-neighbor-changes
R2 (config-router)# neighbor 1.1.1.1 next-hop-self
R2(config-router)# neighbor 2.2.2.2 advertisement-interval 1
R2(config-router)#no neighbor 2.2.2.2 advertisement-interval 1

R3(config-router)# bgp log-neighbor-changes


1.1.1.1 4 500 127 147 37 0 0 01:56:48 2
2.2.2.2 4 600 136 141 36 0 0 01:56:20 2
R2#sh ip bgp

' > il0 .0.0.0 1.1.1.1 0 100 0i
0
'
' > ill.0.0.0/ 24 1.1.1.1 0 100 0i

0
'
' > 12.0.0.0/24 0.0.0.0 0 32768 i

0
'
' > 13.0.0.0/24 2.2.2.2 0 0600 i

0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
'
0
' > 30.0.0.0 2.2.2.2 0 0 600 i
TASK: Configuree BGP dampening on R2 for all the routes learned

R2 (config-router)#bgp dampening
R2#debug ip bgp dampening

BGP dampening debugging is on for address family: 1Pv4 Unicast
'''Mar 1 01:59:08.111: BGP(0): Created dampening structures with halflife time 15, reuse/suppress 750/2000
R2#
R2#sh ip bgp dampening parameters

dampening 15 750 2000 60 (DEFAULT)
Half-life time : 15 mins Decay Time : 2320 secs
Max suppress penalty: 12000 Max suppress time: 60 mins
Suppress penalty : 2000 Reuse penalty : 750
R3(config)#int loop 0
Give some time for the interface to show console message as down and later use no shutdown command
R2#sh ip bgp

' > il0 .0.0.0 1.1.1.1 0 100 0i
0
'
' > i11.0.0.0/ 24 1.1.1.1 0 100 0i

0
'
'>
0
'
0.0.0.0 0 32768 i
12.0.0.0/24 h 2.2.2.2 0 0 600 i
13.0.0.0/24 0.0.0.0 0 32768 i
' > 20.0.0.0
0
'
2.2.2.2 0 0 600 i
' > 30.0.0.0
0
'
R2#
History state:
► After a single route flap, the route is assigned a penalty, and the dampening state of the route is set to
History.
► The default penalty for a route flap is 1000.
► Each time the route flaps, the penalty increases.
R2#sh ip bgp 13.0.0.0
Flag: 0x820
600 (history entry)
2.2.2.2 from 2.2.2.2 (13.0.3.1)
Origin IGP, metric 0, localpref 100, external
Dampinfo: penalty 988, flapped 1 times in 00:00:17
R2#ping 13.0.0.1 source loopback 0

Packet sent with a source address of 12.0.0.1
!!!!!
R2#sh ip bgp

' > il0 .0.0.0 1.1.1.1 0 100 0i
0
'
' > i11.0.0.0/ 24 1.1.1.1 0 100 0i

0
'
' > 12.0.0.0/24 0.0.0.0 0 32768 i

0
'
*d 13.0.0.0/24 2.2.2.2 0 0 600 i

' > 20.0.0.0 0.0.0.0 0 32768 i
0
'
' > 30.0.0.0 2.2.2.2 0 0 600 i

0
'
Rl#sh ip bgp
Network Next Hop Metric LocPrf Weight Path 0

' > 10.0.0.0
0
'
0.0.0.0 32768 i
'>
0
'
0.0.0.0 0 32768 i
11.0.0.0/24 1.1.1.2 0 100 0i
' > i12.0.0.0/
0
'
1.1.1.2 0 100 0i
24 1.1.1.2 0 100 0 600 i
' > i20.0.0.0
0
'
' > i30.0.0.0

0
'
13.0.0.0 Route is no more advertised by R2 to Rl ( as the route 13.0.0.0 was damped)
R2#sh ip bgp dampening flap-statistics

Network From Flaps Duration Reuse Path

*d 2.2.2.2 3 00:08:34 00:02:29 600
13.0.0.0/24
R2#sh ip bgp 13.0.0.0

Flag: 0x820
600, (suppressed due to dampening)
2.2.2.2 from 2.2.2.2 (13.0.3.1)
Dampinfo: penalty 2269, flapped 3 times in 00:09:02, reuse in 00:01:59
TASK: configure R2 to reset the dampening statistics
R2#clear ip bgp dampening
The above command clears BGP route dampening information and unsuppresses the suppressed routes,
R2#sh ip bgp

' > il0 .0.0.0 1.1.1.1 0 100 0i
0
'
' > ill.0.0.0/ 24 1.1.1.1 0 100 0i

0
'
'' > 12.0.0.0/24

0
0.0.0.0 0 32768 i
*> 13.0.0.0/24 2.2.2.2 0 0 600 i
' > 20.0.0.0 0.0.0.0 0 32768 i
0
'
'' > 30.0.0.0

0
2.2.2.2 0 0 600 i
Rl#sh ip bgp
Network Next Hop Metric LocPrf Weight Path 0

' > 10.0.0.0
0
'
0.0.0.0 32768 i
'>
0
'
0.0.0.0 0 32768 i
11.0.0.0/24 1.1.1.2 0 100 0i
' > il2.0.0.0/
0
'
1.1.1.2 0 100 0 600 i
24 1.1.1.2 0 100 0i
' > i13.0.0.0/
0
'
1.1.1.2 0 100 0 600 i
24
' > i20.0.0.0
0
'
' > i30.0.0.0

0
'
TASK:
• Remove the dampening configured for all routes
• Configuree BGP dampening on R2 for only network 13.0.0.0/24 learned from R3
• Set halftime - 2 , max-supresstime - 8 , remaining default values

R2(config-router)#no bgp dampening

R2(config-route-map)#set dampening 2 ?
<1-20000> penalty to start reusing a route
R2(config-route-map)#set dampening 2 750?

<1-20000> penalty to start suppressing a route
R2(config-route-map)#set dampening 2 750 2000?
<1-255 > Maximum duration to suppress a stable route
R2(config-route-map)#set dampening 2 750 2000 8


R2(config-router)#bgp dampening route-map CCIE
R2#debug ip bgp dampening

'''Mar 1 02:31:09.203: BGP(0): Created dampening structures with halflife time 2, reuse/suppress 750/2000
R2#sh ip bgp dampening parameters

dampening 2 750 2000 8 (route-map CCIE 10)
Half-life time : 2 mins Decay Time : 310 secs
Max suppress penalty: 12000 Max suppress time: 8 mins
Suppress penalty : 2000 Reuse penalty : 750
Verification can be done same as we did in our previous task.
Removing Private AS Numbers
disable the propagation of private AS numbers to EBGP peers in a serv ice provider network.
Private AS numbers should not be advertised into the I nternet .
► The private AS numbers must be removed from the AS path before the customer BGP routes are
advertised to other service providers.
If the customer has been assigned a private AS number, this AS number must never be advertised
by any router to the rest of the I nt ernet .
router(config-router)# neighbor ip-address remove-private-as
PO/
DI
30 . l. l .l , /
R3
AS 300
R3#sh ip bgp
BGP table version is 32 . local router ID is 13.0.3.1
Status codes: s suppr esse d. d d amped. h hi story. • v alid. > best, i - internal. r
RIB-failure. S St ale
Origin code s: i - IGP. e - EGP, ? - incomplete
Network Next Hop M etric Loc Prf Weight Path

*> 1.0.0.0 2.2.2.1 0 0200 i
• 2.0.0.0 2.2.2.1 0 0 200 i
*> 0.0.0 .0 0 32768 i
*> 10.0.0.0 2.2.2.1 0 200 65111 i
*> 20.0 . 0.0 2.2.2.1 0 0200 i
*> 30.0.0 .0 0.0.0.0 0 32768 i
TASK: configure R2 to remove the Private AS (65111) when it advertises to R3
R2(con fi g)#router bgp 200

R2(config-router )# neighbor 2.2.2.2 remove-private-as
R2( config-router)#end R3#sh ip bgp
BGP table version i s 33. local router ID is 13. 0.3.l
Status cod es: s suppre ssed. d damped. h history. • valid. > best. i - internal.
r RIB-fa ilure, S St ale
*> codes: i - IGP. e - EGP. ? - incompl ete
Origin
Network Next Hop M etric LocPrf Weight Path

1.0.0.0 2.2.2.1 0 0200 i
* 2.0.0.0 2.2.2.1 0 0200 i
*> 0.0.0.0 0 32768 i
*> 10.0.0.0 2.2.2.l 0200 i
*> 20.0.0.0 2.2.2.1 0 0200 i
*> 30 .0 .0.0 0.0 .0.0 0 32768 i
NOTE:
Private AS numbers followed by public AS numbers
are not removed because the command's visibility is
o nly o n the last (tail end) AS number.
AS300
R3#sh ip bgp
* > 40.0.0 .0 2.2.2.1 0 200 65 111 400 i
BGP Hide Local-Autonomous System

useful when migrating an autonomous system to a different AS number.
you may reconfigure the lo cal BGP speakers to use the new AS number but ad vertise the o ld AS in BGP
OPEN messages and BGP u pdates.
• AS- 200 is planning to move to AS-222 , Reconfigure R2 to use new AS (222).
R2(co nfig)#ro uter bgp 222

:--'; ,-.
R2 (config-router)#neighbor 1.1.1.1 local-as 200 ,
, · R2
R2 (config-router)#neighbor 2.2.2.2 local-as 200
l
OldAS200
R2 (config-router)#end NewAS222
•.., ,.
""0
AS 100 ,r ool.1
. l. /
.,'\·. '
Rl
AS400
R3#sh ip bgp
BGP tab le version is 18. local ro uter ID is 13.0.3.1
St atu s codes: s sup pr essed. d damped. h hist o ry. • valid. > best. i -
internal. r RIB-failure. S Stale
Origin codes: i - IGP. e - EGP. ? - incomplete
Network Next Hop Metric LocPrf We ight Path

*> 1.0.0.0 2.2.2.1 0 0 200222 i
• 2.0.0.0 2.2.2.l 0 0 200 222 i
.
*> 0.0.0.0 0 32768 i
*> 3.0.0.0 0.0.0.0 0 32768 i
3. 3. 3.2 0 0400 i
*> 10.0.0.0 2.2.2.1 0 200 222 200 100 i
*> 20.0.0.0 2.2.2.l 0 0 200 222 i
AS400
All BGP prefixes advertised to this eBGP peer would have the AS
num bers <OldAS> <NewAS> preprended in front of every BGP
R2
update's AS_PATH attribute Old AS 200
New AS 222
This is needed to avoid BGP ro ut i ng loo ps.
If yo u specify the no-prepend ke ywo rd , then an y routes receivedfrom

the eBGP peer will not have <OldAS> pre pended upon recept io n.
R2(config) #router bgp 222

R2(config-router)#neighbor 1.1.1.1 local-as 200 no-prepend
R2(config-router)#neighbor 2.2 .2.2 local-as 200 no-prepend R2 OldAS200
New AS
222
AS 100
R3#sh ip bgp Rl
BGP table versi on is 24. local router ID is 13.0 .3.1
St atu s code s: s suppressed. d damped. h hist o ry. • valid. > best. i -
internal. r RIB-failure. S St ale AS400
Origin codes: i - IGP. e - EGP. ? - incomplete
Network Next Hop Metric LocPrf We ight Pat h

*> 1.0.0.0 2.2.2.1 0 0200 222 i
• 2.0.0.0 2.2.2.l 0 0 200 222 i
*> 0.0.0.0 0 32768 i
*> 3.0.0 . 0 0.0.0.0 0 32768 i
3.3.3.2 0 0400 i
* > 10.0.0.0 2.2.2.l 0 200222 100 i
* > 20.0 .0.0 2.2.2.1 0 0 200222 i
when co nfigur in g the hide local AS f eatur e. the external peers w o ul d see both the local- NETWDR
AS and the real AS n u mb er prepended in fro nt of the AS_PATH .
Som etime s. it is de sir able to com pl etely hide the " real" AS number (the one config ur ed via
router bgp < RealA S > command ).
To acco mp lish this, use the no-prepend replace-as paramete rs to the l o cal-as com m and .
R2
Old AS 200
New AS 222
"8400
R2(confi g)#router bgp 222

R2(confi g-router) # neighbor 1.1.1.1 local-as 200 no-prepend replace-as
R2(config-router)# neighbor 2.2.2.2 local-as 200 no-prepend replace-as
R2
OldAS:200
New AS 222
AS 100
Rl
R3#sh ip bgp
BGP table versi on i s 30. local router ID is 13.0 .3.l
Status code s: s suppressed. d damped, h histo ry, * valid , > be st , i - inte rnal, "8400
Origin co de s: i - IGP. e - EGP. ? - inco mplete
0
Network Next Hop Metric LocPrf Weight Path f
* > l. 0.0 .0 2.2.2.l 0 0 200i
* 2.0 .0.0 2.2.2.l 0 0200 i
*> 0.0.0.0 0 32768 i
* > 3.0.0.0 0.0.0.0 0 32768 i
* 3.3.3.2 0 0 400 i
*> 2.2.2.l 0200100 i
10.0.0.0 2.2.2.l 0 0200 i
BGP Support for Dual AS Configuration
for Network AS Migrations
► Allows you to merge a secondary AS under a primary AS without disrupting customer peering
sessions
► Allows a router to appear, to external peers, as a member of secondary AS during the AS
migration
► Allows a network operator to merge the autonomous systems and then later migrate customers to
new configurations during normal service windows without disrupting existing peering
arrangements

R2(config-router)#neighbor 2.2.2.2 local-as 200 no-prepend replace-as dual-as
R2(config-router)# neighbor 1.1.1.1 local-as 200 no-prepend replace-as dual-as
LAB: Remove Private-AS
..
..
.
.
d' -- ....
N .......d..
... '
.....
R2
AS200 .
-1 ro/o
30 . 1. 1. 1 /
j
R3
Rl
AS300
F0/0
0 -1. 1.1 /8
TASK: Configure EBGP as per the diagram and advertise connected interfaces





1.1.1.1 4 65111 9 12 27 0 0 00:02:14 2
2.2.2.2 4 300 796 795 27 0 0 01:39:18 2
R2#sh ip bgp

-;':
1.0.0.0 1.1.1.1 0 0 65111 i
'''> 0.0.0.0 0 32768 i
-;':
2.0.0.0 2.2.2.2 0 0 300 i
'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 1.1.1.1 0 0 65111 i
0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > 30.0.0.0 2.2.2.2 0 0 300 i

0
'
R3#sh ip bgp

' > 1.0.0.0
0
'
2.2.2.1 0 0 200 i
,., 2.0.0.0
2.2.2.1 0 0 200 i
'''> 0.0.0.0 0 32768 i
'>
0
'
2.2.2.1 0 200 65111 i
10.0.0.0 2.2.2.1 0 0 200 i
'>
0
'
0.0.0.0 0 32768 i
20.0.0.0
'>
0
'
30.0.0.0
TASK: configure R2 to remove the Private AS (65111) when it advertises to R3

R2 (config-ro uter)# neighbor 2.2.2.2 remove-private-as

R3#sh ip bgp
' > 1.0.0.0
0
'
2.2.2.1 0 0 200 i
,., 2.0.0.0
2.2.2.1 0 0 200 i
'''> 0.0.0.0 0 32768 i
*> 10.0.0.0 2.2.2.1 0200 i
'> 2.2.2.1 0 0200 i
0
'
20.0.0.0 0.0.0.0 0 32768 i

TASK: ' >
0
'
30.0.0.0
• configure EBGP peering between R1-R4 as per the diagram
• advertise connected interfaces of R4 using BGP Network command.
.
.
.. IS
C'I
i> :t,.
. -.. '
...
R2
AS200
"i> .,
, ..I
-1 F0/0
,
30.1.1.1/
.
0.1.1.1/8
R3
AS300




4.4.4.2 4 65111 796 823 43 0 0 00:00:05 5
Rl#sh ip bgp

' > 1.0.0.0 0.0.0.0 0 32768 i
0
'
-;': 1.1.1.2 0 0 200 i

'> 2.0.0.0 1.1.1.2 0 0200 i
0
'
'> 3.0.0.0 4.4.4.1 0 0400 i

0
'
r> 4.0.0.0 4.4.4.1 0 0400 i

'> 10.0.0.0 0.0.0.0 0 32768 i
0
'
'> 20.0.0.0 1.1.1.2 0 0 200 i

0
'
'> 30.0.0.0 1.1.1.2 0 200 300 i

0
'
'
0
'> 40.0.0.0 4.4.4.1 0 0400 i
R2#sh ip bgp

,., 1.0.0.0 1.1.1.1 0 0 65111 i
'''> 0.0.0.0 0 32768 i
,., 2.0.0.0 2.2.2.2 0 0 300 i
'''> 0.0.0.0 0 32768 i
' > 3.0.0.0 1.1.1.1 0 65111 400 i
0
'
' > 4.0.0.0 1.1.1.1 0 65111 400 i

0
'
'> 10.0.0.0 1.1.1.1 0 0 65111 i

0
'
'> 20.0.0.0 0.0.0.0 0 32768 i

0
'
'
0
'> 30.0.0.0 2.2.2.2 0 0 300 i

'
0
'> 40.0.0.0 1.1.1.1 0 65111 400 i
R3#sh ip bgp
Network Next Hop 2.2.2.1

' > 1.0.0.0
0
'
2.2.2.1
,., 2.0.0.0
M
e
t
r
i
c
L
o
c
P
r
f
W
e
i
g
h
t
P
a
t
h
0 0 200 i
'''> 0.0.0.0 0 32768 i
r> 3.0.0.0 2.2.2.1 0 200 65111 400 i
'>
0
'
2.2.2.1 0 200 65111 400 i
4.0.0.0
' > 10.0.0.0 2.2.2.1 0200 ii
'> 2.2.2.1 0 0200 i
0
'
20.0.0.0 0.0.0.0 0 32768 i

'>
0
'
30.0.0.0
'> 2.2.2.1 0 200 65111 400 i
0
'
40.0.0.0
NOTE:
• Private AS numbers followed by public AS numbers are not removed because the command's visibility is only
on the last (tail end) AS number.
• Private AS numbers are removed from the tail of the AS path before the update is sent.
• Private AS numbers followed by a public AS number are not removed.
BGP Hide Local-Autonomous System Feature
• The Hide Local Autonomous System feature could be useful when migrating an autonomous system to a
different AS number. When the AS has multiple eBGP peering links, it may become time consuming to
negotiate the AS number change with all peering partners.
• In this case, you may reconfigure the local BGP speakers to use the new AS number but advertise the old AS
in BGP OPEN messages and BGP updates.
• This can be done per-eBGP peer basis using the command neighbor <IP> local-as <OldAS>
• The local-as <OldAS>command instructs the local router to advertise the <OldAS>number in BGP OPEN
messages instead of the AS number specified with router bgp <NewAS>command
R2
Old AS 200
New AS 222
AS 100 F0/0 .I
-1 ro,o 0 .1. 1. 1 /
0. 1. 1.1 /8
Rl
AS400
TASK: configure EBGP and advertise all connected interfaces as per the diagram






2.2.2.1 4 200 6 7 9 0 0 00:00:44 4
3.3.3.2 4 400 7 9 9 0 0 00:00:10 2

BGP activity 31/27 prefixes, 57 /52 paths, scan interval 60 secs

1.1.1.2 4 200 203 182 86 0 0 00:01:31 3
Rl#sh ip bgp

,., 1.0.0.0 1.1.1.2 0 0 200 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0 1.1.1.2 0 0 200 i
0
'
' > 3.0.0.0 1.1.1.2 0 200 300 i

0
'
' > 10.0.0.0 0.0.0.0 0 32768 i

0
'
' > 20.0.0.0 1.1.1.2 0 0 200 i

0
'
' > 30.0.0.0 1.1.1.2 0 200 300 i

0
'
' ' > 40.0.0.0

0
1.1.1.2 0 200 300 400 i

TASK:
• AS-200 is planning to move to AS-222 , Reconfigure R2 to use new AS (222).
• Do not modify any configuration on other Routers.
R2#sh run I s bgp

router bg 200
no synchronization
bgp log-neighbor-changes
network 1.0.0.0
network 2.0.0.0
network 20.0.0.0
no auto-summary
R2(config)#no router bgp 200



1.1.1.1 4 100 0 0 0 0 0 never Active
2.2.2.2 4 300 0 0 0 0 0 never Active
R2#
'''Mar 118:18:32.339: %BGP-3-NOTIFICATION: received from neighbor 1.1.1.1 2/2 (peer in wrong AS) 2 bytes
00DE
'''Mar 118:18:39.591: %BGP-3-NOTIFICATION: received from neighbor 2.2.2.2 2/2 (peer in wrong AS) 2 bytes
00DE

R2 (config-router)#neighbor 1.1.1.1 local-as 200
R2(config-router)#neighbor 2.2.2.2 local-as 200


1.1.1.1 4 100 109 122 57 0 0 00:00:51 2
2.2.2.2 4 300 126 124 57 0 0 00:00:40 4
R3#sh ip bgp

' > 1.0.0.0 2.2.2.1 0 0 200 222 i
0
'
,., 2.0.0.0 2.2.2.1 0 0 200 222 i

'''> 0.0.0.0 0 32768 i
' > 3.0.0.0 0.0.0.0 0 32768 i
0
'
-;':
3.3.3.2 0 0400 i
*> 10.0.0.0 2.2.2.1 0 200 222 200 100 i
' > 20.0.0.0 2.2.2.1 0 0 200 222 i
0
'
' > 30.0.0.0 0.0.0.0 0 32768 i

0
'
' > 40.0.0.0 3.3.3.2 0 0400 i

0
'
R4#sh ip bgp

' > 1.0.0.0 3.3.3.1 0 300 200 222 i
0
'
' > 2.0.0.0 3.3.3.1 0 0 300 i

0
'
,., 3.0.0.0 3.3.3.1 0 0 300 i

'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 3.3.3.1 0300200222200100i
0
'
' > 20.0.0.0 3.3.3.1 0 300200222 i

0
'
' > 30.0.0.0 3.3.3.1 0 0 300 i

0
'
' ' > 40.0.0.0

0
0.0.0.0 0 32768 i
• All BGP prefixes advertised to this eBGP peer would have the AS numbers <OldAS> <NewAS> preprended
in front of every BGP update's AS_PATH attribute.
• Thus, the external system may continue with the local system using the old AS number. In addition to that,
the external system will see the updates coming from the <OldAS> looking like they first transited
<NewAS>.
• This is needed to avoid BGP routing loops.
• If you specify the no-prepend keyword, then any routes receivedfrom the eBGP peer will not have
<OldAS> prepended upon reception.
• no-prepend feature applies only to inbound learned routes. All externally advertise routes still have the local
as number prepended.
R2#sh ip bgp

-;':
1.0.0.0 1.1.1.1 0 0200100 i
'''> 0.0.0.0 0 32768 i
,., 2.0.0.0 2.2.2.2 0 0 200 300 i
'''> 0.0.0.0 0 32768 i
' > 3.0.0.0 2.2.2.2 0 0 200 300 i
0
'
' > 10.0.0.0 1.1.1.1 0 0 200 100 i

0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > 30.0.0.0 2.2.2.2 0 0 200 300 i

0
'
' > 40.0.0.0 2.2.2.2 0 200 300 400 i

0
'

R2 (config-router)#neighbor 1.1.1.1 local-as 200 no-prepend
R2(config-router)#neighbor 2.2.2.2 local-as 200 no-prepend
R2#sh ip bgp

,., 1.0.0.0 1.1.1.1 0 0 100 i
'''> 0.0.0.0 0 32768 i
,., 2.0.0.0 2.2.2.2 0 0 300 i
'''> 0.0.0.0 0 32768 i
' > 3.0.0.0 2.2.2.2 0 0 300 i
0
'
' > 10.0.0.0 1.1.1.1 0 0100 i

0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > 30.0.0.0 2.2.2.2 0 0 300 i

0
'
' > 40.0.0.0 2.2.2.2 0 300 400 i

0
'
R3#sh ip bgp

' > 1.0.0.0 2.2.2.1 0 0 200 222 i
0
'
-;':
2.0.0.0 2.2.2.1 0 0 200 222 i
'''> 0.0.0.0 0 32768 i
' > 3.0.0.0 0.0.0.0 0 32768 i
0
'
-;': 3.3.3.2 0 0400 i

'> 10.0.0.0 2.2.2.1 0 200 222 100 i
0
'
'> 20.0.0.0 2.2.2.1 0 0 200 222 i

0
'
'> 30.0.0.0 0.0.0.0 0 32768 i

0
'
'
0
'> 40.0.0.0 3.3.3.2 0 0400 i
R4#sh ip bgp

' > 1.0.0.0 3.3.3.1 0 300 200 222 i
0
'
' > 2.0.0.0 3.3.3.1 0 0 300 i

0
'
-;':
3.0.0.0 3.3.3.1 0 0 300 i
'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 3.3.3.1 0 300 200 222 100 i
0
'
' > 20.0.0.0 3.3.3.1 0 300 200 222 i

0
'
' > 30.0.0.0 3.3.3.1 0 0 300 i

0
'
' > 40.0.0.0 0.0.0.0 0 32768 i

0
'
• when configuring the hide local AS feature, the external peers would see both the local-AS and the real AS
number prepended in front of the AS_PATH.
• Sometimes, it is desirable to completely hide the "real" AS number (the one configured via router bgp
<RealAS>command).
• To accomplish this, use the no-prepend replace-as parameters to the local-as command.
• This combination will replace the real AS number with the one specified in the local-ascommand. The
respective neighbor will be completely tricked into thinking that all routers are received from the AS
number configured with the local-ascommand, as this number will appear in the AS_PATH and BGP OPEN
message.
• Keep in mind that such replacement could lead to routing loops, if the original AS was partitioned using two
AS numbers.

R2 (config-router)# neighbor 1.1.1.1 local-as 200 no-prepend replace-as
R2(config-router)# neighbor 2.2.2.2 local-as 200 no-prepend replace-as
R3#sh ip bgp

' > 1.0.0.0 2.2.2.1 0 0200 i
0
'
-;':
2.0.0.0 2.2.2.1 0 0200 i
'''> 0.0.0.0 0 32768 i
' > 3.0.0.0 0.0.0.0 0 32768 i
0
'
-;': 3.3.3.2 0 0400 i

'> 10.0.0.0 2.2.2.1 0 200 100 i
0
'
'> 20.0.0.0 2.2.2.1 0 0200 i

0
'
'> 30.0.0.0 0.0.0.0 0 32768 i

0
'
'
0
'> 40.0.0.0 3.3.3.2 0 0400 i
R4#sh ip bgp

' > 1.0.0.0 3.3.3.1 0 300 200 i
0
'
' > 2.0.0.0 3.3.3.1 0 0 300 i

0
'
-;':
3.0.0.0 3.3.3.1 0 0 300 i
'''> 0.0.0.0 0 32768 i
' > 10.0.0.0 3.3.3.1 0 300 200 100 i
0
'
' > 20.0.0.0 3.3.3.1 0 300 200 i

0
'
' > 30.0.0.0 3.3.3.1 0 0 300 i

0
'
'
0
' > 40.0.0.0 0.0.0.0 0 32768 i
BGP Support for Dual AS Configuration for Network AS Migrations
• Allows you to merge a secondary AS under a primary AS without disrupting customer peering sessions
• Allows a router to appear, to external peers, as a member of secondary AS during the AS migration
• Allows a network operator to merge the autonomous systems and then later migrate customers to new
configurations during normal service windows without disrupting existing peering arrangements
TASK: Reconfigure R2( AS222) to ensure even if we change the EBGP peers ( R1/R3) to form peering with new
AS it should not effect the neighborship between R2 & R1/R3.

R2(config-router)#neighbor 2.2.2.2 local-as 200 no-prepend replace-as dual-as
R2 (config-router)# neighbor 1.1.1.1 local-as 200 no-prepend replace-as dual-as
Configures the EBGP neighbor to establish a peering session using the real AS number(from the local BGP
routing process) or by using the AS number configured with the ipaddressargument (local-as)


1.1.1.1 4 100 217 243 78 0 0 00:00:13 2
2.2.2.2 4 300 239 240 78 0 0 00:01:36 4

Rl(config-router)#no neighbor 1.1.1.2 remote-as 200
Rl (config-ro uter)# neighbor 1.1.1.2 remote-as 222


1.1.1.2
4
R3(config-router)#no neighbor 2.2.2.1 remote-as 200
R3(config-ro uter)# neighbor 2.2.2.1 remote-as 222


2.2.2.1 4 222 9 9 42 0 0 00:00:05 4
3.3.3.2 4 400 49 68 42 0 0 00:42:08 2
R3#sh ip bgp

' > 1.0.0.0 2.2.2.1 0 0 222 i
0
'
-;':
2.0.0.0 2.2.2.1 0 0 222 i
'''> 0.0.0.0 0 32768 i
' > 3.0.0.0 0.0.0.0 0 32768 i
0
'
-;': 3.3.3.2 0 0400 i

'> 10.0.0.0 2.2.2.1 0 222 100 i
0
'
'> 20.0.0.0 2.2.2.1 0 0 222 i

0
'
'> 30.0.0.0 0.0.0.0 0 32768 i

0
'
'
0
'> 40.0.0.0 3.3.3.2 0 0400 i
R4#sh ip bgp
Network 1 .0
' > 1.0.0.0 0
0
'
' > 2.0.0.0 .

0
'
,., 3.0.0.0 0
'''> .
'> 0
0
'
Next Hop 3.3.3.1 Metric
3.3.3.1 LocPrf
3.3.3.1 Weight
0.0.0.0 Path
3.3.3.1 0
30
0
22
2
0
0 300
i
0
0 300
i
0
32768 i
0
300
222
10
0
'>
0
'
3.3.3.1 0 300 222 i
20.0.0.0 3.3.3.1 0 0 300 i
'>
0
'
0.0.0.0 0 32768 i
30.0.0.0
'>
0
'
40.0.0.0
LAB : BGP allowas-in
.
.
N -
i>·i).s-.
,
-
.,,.... d'
R2
..
ASSOO
-1 F0/0
ro10
j
0. 1. 1.1 /8 30 . 1. 1. l /
Rl
AS 1000

Rl(config-router)#exit





2.2.2.1 4 500 6 6 8 0 0 00:00:52 4
3.3.3.2 4 1000 5 7 7 0 0 00:00:12 2


1.1.1.1 4 1000 6 8 8 0 0 00:02:18 2
2.2.2.2 4 500 7 7 8 0 0 00:01:07 4
R2#sh ip bgp

,., 1.0.0.0 1.1.1.1 0 01000 i
'''> 0.0.0.0 0 32768 i
,., i2.0.0.0 2.2.2.2 0 100 0i
'''> 0.0.0.0 0 32768 i
' > i3.0.0.0 2.2.2.2 0 100 0i
0
'
' > 10.0.0.0 1.1.1.1 0 01000 i

0
'
' > 20.0.0.0 0.0.0.0 0 32768 i

0
'
' > i30.0.0.0 2.2.2.2 0 100 0i

0
'
' > i40.0.0.0 3.3.3.2 0 100 01000 i

0
'
Rl#sh ip bgp

,., 1.0.0.0
1.1.1.2 500 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0
0
'
1.1.1.2 0 0 500 i
' > 3.0.0.0
0
'
1.1.1.2 0 500 i
'>
0
'
0.0.0.0 0 32768 i
10.0.0.0 1.1.1.2 0 0 500 i
'>
0
'
1.1.1.2 0 500 i
20.0.0.0
'>
0
'
30.0.0.0
TASK:
• Configure R1/R4 to exchange BGP routes between them without changing AS number (BGP allowas-in)
Rl#sh ip bgp

,., 1.0.0.0
1.1.1.2 500 i
'''> 0.0.0.0 0 32768 i
' > 2.0.0.0
0
'
1.1.1.2 0 0 500 i
' > 3.0.0.0
0
'
1.1.1.2 0 500 i
'>
0
'
0.0.0.0 0 32768 i
10.0.0.0 1.1.1.2 0 0 500 i
'>
0
'
1.1.1.2 0 500 i
20.0.0.0
'>
0
'
30.0.0.0

Rl (config-ro uter)# neighbor 1.1.1.2 allowas-in
Rl#sh ip bgp
Network ' > 2.0.0.0

,., 1.0.0.0 0
' ' > 3.0.0.0

0
'''> ' ' > 10.0.0.0

0
'
'>
0
'
Next Hop Metric LocPrf Weight Path 0 0
20.0.0.0 1.1.1.2 500 i
'>
0
'
0.0.0.0 0 32768 i
30.0.0.0 1.1.1.2 0 0 500 i
'>
0
'
1.1.1.2 0 500 i
40.0.0.0 0.0.0.0 0 32768 i
1.1.1.2 0 0 500 i
1.1.1.2 0 500 i
1.1.1.2 05001000 i
R4#sh ip bgp

' > 1.0.0.0
0
'
3.3.3.1 0 500 i
' > 2.0.0.0
0
'
3.3.3.1 0 0 500 i
,., 3.0.0.0
3.3.3.1 0 0 500 i
'''> 0.0.0.0 0 32768 i
'>
0
'
3.3.3.1 0 500 i
20.0.0.0 3.3.3.1 0 0 500 i
'>
0
'
0.0.0.0 0 32768 i
30.0.0.0
'>
0
'
40.0.0.0

R4 (config-ro uter)# neighbor 3.3.3.1 allowas-in
R4#sh ip bgp
Network Next Hop Metric LocPrf Weight Path 0 500 i

' > 1.0.0.0
0
'
3.3.3.1 0 0 500 i
' > 2.0.0.0
0
'
3.3.3.1 0 0 500 i
,., 3.0.0.0
3.3.3.1 0 32768 i
'''> 0.0.0.0
'>
0
'
3.3.3.1 05001000 i
10.0.0.0 3.3.3.1 0 500 i
'>
0
'
3.3.3.1 0 0 500 i
20.0.0.0 0.0.0.0 0 32768 i
'>
0
'
30.0.0.0
'>
0
'
40.0.0.0
R4#ping 10.1.1.1 source 40.1.1.1

Packet sent with a source address of 40.1.1.1
!!!!!
R4#traceroute 10.1.1.1 source 40.1.1.1

1 3.3.3.1 20 msec 36 msec 20 msec
2 2.2.2.1 [AS 500] 28 msec 68 msec 48 msec
3 1.1.1.1 [AS 500] 48 msec ,., 160 msec
1Pv6 BGP
IPV6-
BGP
► BG P-4 was designed to carry o nly 1Pv4 routing i nfo rmat io n
► T o support multiple network layer p ro to co ls, IETF extended BGP-4 by i ntrod ucing Multip ro toco l
BGP (MP-BGP)
MP-BG P for 1 Pv6 is referred to as 1 Pv6 BGP for short.
► 1 Pv6 BGP puts 1Pv 6 network layer i nfo rmat io n into the attr i b utes of network la yer reachable
information (N LRI) and N EXT _HO P.
► T he N EXT _HO P attribute of 1 Pv6 BGP is identified by an 1 Pv6 unicast address or 1Pv6 lo cal link
add ress.
► 1 Pv6 BGP has the same messaging and routing mechanisms as BG P.
assuming yo u are famil iar with BGP4+ w it h 1 Pv4, 1Pv6 is not so different or any more co mp le x
when getting started
IPV6 IBGP - EBGP
Rl(config)#ipv6 unicast-routing
Rl(config)#router bgp 500 R2

Loopback O
Rl (config-router)#no bgp default ipv4-unicast 200 1::2/ 128
Rl (config-router)#neighbor 2001:12 ::2 remote-as 500

Rl (config-ro uter)#addre ss-family ipv6 unicast
Loopb ack 0
R1(config-ro uter-af)#neighbor 2001:12::2 activate Loopback 0 200 1::3/ 128
...... . ., 2001::1/128
Rl (config-router-af)#netw ork 2001::1/128
R3
R1(co n fig-router-af) #netw ork 2001:12 ::/64 Rl
"8500 AS600

R2(config-router)#no bgp default ipv4-unicast
R2(config-rout er)#neighbor 2001:12 ::1 remote-as 500
R2(config-rout er)#neighbor 2001:23 ::3 remote-as 600
R2(config-rout er)#addre ss-f amily ipv6 unicast R2(config-
router-af)# neighbor 2001:12::1 activate R2(co n fig-
router-af)# neighbor 2001:2 3::3 activate R2(config-
router-af)# netw ork 2001::2/128
R2(config-router-af)# netw ork 2001:12::/64
R2(config-router-af)# netw ork 2001:23::/64
R2#sh ip bgp ipv6 unicast

BGP table version is 6. loca l rou ter ID is 12.0.3.l
Status codes: s suppressed. d damped. h history.* valid. > best. i - internal.
Origin codes: i - IGP, e - EGP. ? - incomplete
R2
Network Next Hop Metric LocPrf Weight
Loopbaclt 0
Path 200 1::2/ 128
*> i2001 ::l /128 2001:12::l 0 100 0i
* > 2001::2/128 .. 0 32768 i
''> 2001::3/128 2001:23::3 0 0600 i Loopb ack 0
200 1::3 / 128
* i2001:12::/ 64 2001:12::1 0 100 Oi
*> .. 0 32768 i
R3
• 2001:23:: / 64 2001:23::3 0 0600 i Rl
*> .. 0 32768 i ASSOO
ASSOO
R2#sh ip bgp ipv6 unicast sum m ary
Neighbor
V AS MsgRcvd MsgSent TblVer lnQ OutQ Up/ Down St ate/ PfxRcd
2001:12::1
4 500 7 7 6 0 0 00:02:31 2
2001:23::3
4 600 5 6 5 0 0 00:00:08 2
Rl #sh ip bgp ipv6 unicast
BGP table versi on is 7. local router ID is 11.0.3.1
Status codes: s suppressed, d damped. h history . • valid, > best. i - internal.
Origin codes: i - \GP. e - EGP. ? - incomplete
R2
N etw ork Next Hop Metric LocPrf Weight Path Loopbaclr: 0
*> 2001::1/128 .. 0 32768 i 200 1::2 / 128
• > i2001::2/ 128 2001:12::2 0 100 0i

* > i2001:: 3/ 128 2001:23::3 0 100 0 600 i
Loopback 0
...... . , 2001::1/128
R3
Rl
ASSOO AS600
R2( config)#router bgp 500

R2(config-router)#addr ess-f amily ipv6 unicast
R2(con fig-router-a f)#neighbor 2001:12 :: 1 next-ho p-
self
IPV6 IBGP &. EBGP Advance Configurations

R2(config-router)# no bgp default ipv4 -unica5t
R2(con fig-router)# neighbor CCIE peer -group R2

Loopback 0
200 1::2/ 128
R2(con fig-ro uter)# neighbor CCIE update -so ur ce loopback0
Loopback 0
AS 500 200 1 0,3/
R2(config-router)# neighbor 2001::1 peer-group CCIE 128
R2(config-router)# neighbor 2001::3 peer-group CCIE
R2(config-router)# address- family ipv6

R2(config-router-af)# neighbor CCIE rout e-reflector-client
R2(config-router-af)# neighbor 2001::1 activate
AS 600 R4 L<>opb a c k O
R2(config-router-af)# network 2001::2/128 200 1::4 / 128
R2(config-router-af)# network 2001:12::/64
R2(config-router-af)# network 2001:23 ::/64
R2(config-router-af)# exit-address-family
IPV6 - EBGP using Loopbacks

Rl( config-ro uter)#neighbor 2001::4 remote-as 600
Rl (config-ro uter)#neighbor2001:: 4 update-source loopback 0
Rl (config-ro uter)#neighbor 2001::4 ebgp-multihop
Rl (co nfig-ro uter)#neighbor2001::4 password cisco123
Rl (config-ro uter)# address-family ipv6 unicast AS 600 R4 Loopback O
Rl (co nfig-ro uter-af)#neighbor2001::4 200 l ee4 / 128
activate R1(config-ro uter-af)#network

2001:14::/64
IPV6 BGP - Path Manipulation
R2
Loopback 0
2001::2/ 128
Loopback O
AS 500 200 1 ee3/
128
Rl ( con fi g) # route-map LOCAL permit 10

Rl (config-route-map) # set local-preference 200
Rl (con fi g-route- map) # exit
Rl (config) # router bgp 500

Rl (config -route r)# address-family ipv6 unicast AS 600 R4 Loopback O
200 1 :: 4 / 128
Rl (con fi g-route r-af)# neighbor 2001::4 route-me
LAB : Basic IPV6 IBGP and EBGP configurations
Loopback 0
2001::2/ 128
Loopback 0
Loopback 0 2001::3/128
2001::1/128
R3
Rl
ASSOO AS 600
TASK:
• IPV6 addressing is preconfigured as per the diagram
• Configure IBGP and EBGPpeering using directly connected interfaces
• Adveritse all connected interfaces inside BGP as per the diagram.
Rl#sh ipv int brief

FastEthernet0/0 [up/up]
Seriall/0 [up/up]
FE80::CE01:1EFF:FED0:0
2001:12::1
Seriall/1 [up/up]
2001:14::1
Seriall/2 [administratively down/down]
Loopback0 [up/up]
2001::1
Loopbackl [up/up]
Loopback2 [up/up]
Loopback3 [up/up]
R2#sh ipv int brief

Seriall/0 [up/up]
2001:12::2
Seriall/1 [up/up]
2001:23::2
Loopback0 [up/up]
2001::2
Loopbackl [up/up]
Loopback2 [up/up]
Loopback3 [up/up]
R3#sh ipv int brief

Seriall/0 [up/up]
2001:23::3
Seriall/1 [up/up]
2001:34::3
Loopback0 [up/up]
2001::3
Loopbackl [up/up]
Loopback2 [up/up]
Loopback3 [up/up]
R1(config)#ipv6 unicast-routing

Rl(config-router)#no bgp default ipv4-unicast
Rl(config-router)#neighbor 2001:12::2 remote-as 500
Rl (config-ro uter)# add ress-family ipv6 unicast
Rl(config-router-af)#neighbor 2001:12::2 activate
Rl(config-router-af)#network 2001::1/128
Rl(config-router-af)#network 2001:12::/64
Rl (config-router-af)#exit

R2(config-router)#no bgp default ipv4-unicast
R2(config-router)#neighbor 2001:12::1 remote-as 500
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions.com Page 31O
R2(config-router)#neighbor 2001:23::3 remote-as 600
R2 (config-ro uter)# add ress-family ipv6 unicast
R2(config-router-af)#neighbor 2001:12::1 activate
R2(config-router-af)#neighbor 2001:23::3 activate
R2(config-router-af)#network 2001::2/128
R2(config-router-af)#network 2001:12::/64
R2 (config-router-af)#exit
R3(config)# ipv6 unicast-routing

R3(config-router)# no bgp default ipv4-unicast
R3(config-router)# neighbor 2001:23::2 remote-as 500
R3(config-router)# address-family ipv6 unicast
R3(config-router-af)# neighbor 2001:23::2 activate
R3(config-router-af)#end
R2#sh ip bgp ipv6 unicast summary


2001:12::1 4 500 7 7 6 0 0 00:02:31 2
2001:23::3 4 600 5 6 5 0 0 00:00:08 2


'
0
'
2001:12::1 0 100 0i
> i2001::1/128
0
' > 2001::2/128 .. 0 32768 i

'
' > 2001::3/128 2001:23::3 0 0 600 i

0
'
,., i2001:12::/64 2001:12::1 0 100 0i

'''> . 0 32768 i
.
-;':
2001:23::/64 2001:23::3 0 0 600 i
'''> . 0 32768 i
.
Rl#sh ip bgp ipv6 unicast


' >
0
'
2001::1/128 '
0
'
> i2001::2/128 '

0 32768 i
' > i2001::3/128
0
2001:12::2 0 100 0i
' ' > 2001:23::3
0
0 100 0 600 i
2001:12::/64 .. 0 32768 i
,., i 2001:12::2 0 100 0i
' > i2001:23::/ 64 2001:12::2 0 100 0i
0
'
TASK
• Configure R2 to change the Next-hop address to its own address when it sends update to Internal routers
(Rl)


' >
0
'
2001::1/128 '
0
'
> i2001::2/128 '

0 32768 i
' > i2001::3/128
0
2001:12::2 0 100 0i
' > 2001:23::3 0 100 0 600 i
0
'
2001:12::/64 .. 0 32768 i
,., i 2001:12::2 0 100 0i
' > i2001:23::/ 64 2001:12::2 0 100 0i
0
'

R2 (config-router)#address-family ipv6 unicast
R2 (config-ro uter-a f)# neighbor 2001:12::1 next-hop-self
R2 (config-router-af)#end


' >
0
'
2001::1/128 '
0
'
> i2001::2/128 '

0 32768 i
' > i2001::3/128
0
2001:12::2 0 100 0i
' > 2001:12::2 0 100 0 600 i
0
'
2001:12::/64 .. 0 32768 i
,., i 2001:12::2 0 100 0i
' > i2001:23::/ 64 2001:12::2
0
'
0 100 0i
Rl#sh ipv6 route bgp

1Pv6 Routing Table - 10 entries
Codes: C - Connected, L - Local, S - Static, R - RIP, B - BGP
U - Per-user Static route
11 - ISIS Ll, 12 - ISIS L2, IA - ISIS interarea, IS - ISIS summary
0 - OSPF intra, 01 - OSPF inter, OEl - OSPF ext 1, OE2 - OSPF ext 2
ONl - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
B 2001::2/128 [200/0]
via 2001:12::2
B 2001::3/128 [200/0]
via 2001:12::2
B 2001:23::/64 [200/0]
via 2001:12::2
Rl#ping 2001::3
Sending 5, 100-byte ICMP Echos to 2001::3, timeout is 2 seconds:
!!!!!
Rl#ping 2001::2
!!!!!
LAB: IPV6 IBGP & EBGP Advance Configurations
R2
Loopback 0
2001::2/128
RIPng
Loopback 0
AS 500 200 1::3 / 12 8
AS600 R4 Loopback 0
2001::4/128
TASK:
• IPV6 addressing is preconfigured as per the diagram
• Configure RIPng as IGP protocol inside AS 500 to provide NLRI between loopbacks
• Configure IBGP using following parameters inside AS 500
1. Do not use full mesh ( use Route Reflector R2 as server R1/R3 as Clients)
2. Configure Authentication between iBGP peers using password cisco123.
3. Use minimum number of commands possible ( use Peer groups)
R1(config)#ipv6 router rip
CCIE Rl(config-rtr)#exit
Rl(config)#int sl/0
R1(config-if)#ipv6 rip CCIE enable
Rl (config-if)#exit
Rl(config)#int loop 0
Rl (config-if)#exit
R2(config)#ipv6 router rip CCIE
R2 (config-rtr)#exit
R2(config)#int sl/0
R2 (config-if)#int sl/1
R2(config-if)#ipv6 rip CCIE
enable R2(config-if)#int loop 0
R2 (config-if)#end
R3(config)#ipv6 router rip CCIE
R3(config-rtr)#exit
R3(config)#int sl/0
enable R3(config-if)#int loop 0
enable R3(config-if)#end
R3#sh ipv6 route rip

0 - OSPF intra, 01 - OSPF inter, OEl - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
R 2001::/64 [120/2]
via FE80::CE02:1EFF:FED0:0, Seriall/0
R 2001::1/128 [120/3]
R 2001::2/128 [120/2]
R 2001:12::/64 [120/2]
Rl#sh ipv6 route rip

0 - OSPF intra, 01 - OSPF inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
R 2001::/64 [120/2]
R 2001::2/128 [120/2]
R 2001::3/128 [120/3]
R 2001:23::/64 [120/2]
Rl#ping 2001::2 source loopback 0

Packet sent with a source address of 2001::1
!!!!!

!!!!!
TASK:
• Configure IBGP using following parameters inside AS 500
• Do not use full mesh ( use Route Reflector R2 as server R1/R3 as Clients)
• Configure Authentication between iBGP peers using password cisco123.
• Use minimum number of commands possible ( use Peer groups)


R2(config-router)# neighbor CCIE update-source Loopback0

R2(config-router)# address-family ipv6

R2 (config-router-af)# neighbor CCI E route-reflector-client
R2(config-router-af)# network 2001::2/128
R2 (config-router-af)# exit-address-family

Rl(config-router)# no bgp default ipv4-unicast
Rl(config-router)# neighbor CCIE peer-group
Rl(config-router)# neighbor CCIE remote-as 500

Rl(config-router)# neighbor CCIE password cisco123
Rl(config-router)# neighbor CCIE update-source Loopback0
Rl(config-router)# neighbor 2001::2 peer-group CCIE
Rl(config-router)# address-family ipv6

Rl(config-router-af)# neighbor 2001::2 activate
Rl(config-router-af)# network 2001::1/128
Rl(config-router-af)# network 2001:12::/64
R1(config-router-af)# exit-address-family

R3(config-router)# neighbor CCI E peer-group
R3(config-router)# neighbor CCI E remote-as 500

R3(config-router)# neighbor CCI E update-source Loopback0
R3(config-router)# address-family ipv6

R3(config-router-af)# neighbor 2001::2
activate R3(config-router-af)#network
2001::3/128 R3(config-router-af)#network
2001:23::/64


2001::1 4 500 9 11 6 0 0 00:04:43 2
2001::3 4 500 7 8 6 0 0 00:01:19 2


' > i2001::1/128 2001::1 0 100 0i
0
'
'
0
' > 2001::2/128 .. 0 32768 i

' > i2001::3/128 2001::3 0 100 0i
0
'
,., i2001:12::/64 2001::1 0 100 0i

'''> .. 0 32768 i
,., i2001:23::/64 2001::3 0 100 0i
'''> .. 0 32768 i


' ' > 2001::1/128
0
.. 0 32768 i
' > i2001::2/128 2001::2 0 100 0i
0
'
' > i2001::3/128 2001::3 0 100 0i

0
'
,., i2001:12::/64 2001::2 0 100 0i

'''> . 0 32768 i
.
' > i2001:23::/ 64 2001::2 0 100 0i
0
'

Network ' 001::1/128

>
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions. com Page 31B
Next Hop 2001::1 M
e
t
r
i
c
L
o
c
P
r
f
W
e
i
g
h
t
P
a
t
h
1
0
0
1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions. com Page 31B
' > i2001::2/128 2001::2 0100 0i
0
'
' ' > 2001::3/128

0
.. 0 32768 i
' > i2001:12::/64 2001::2 0 100 0i
0
'
' > 2001:23::/64 .. 0 32768 i

0
'
,.,i 2001::2 0 100 0i

TASK:
• Configure EBGP perering using Loopback 0 interfaces.
• Configure Authentication between EBGP peers using password cisco123.
• Configure Static routing between loopback 0 to provide Reachability.
R4(config)#ipv6 route 2001::1/128 2001:14::1
R4(config)#end
Rl(config)#ipv6 route 2001::4/128 2001:14::4

!!!!!

R3(config)#end
R3#ping 2001::4 source 2001::3

!!!!!

R3(config-router)# neighbor 2001::4 remote-as 600
R3(config-router)# neighbor 2001::4 update-source loopback 0
R3(config-router)# neighbor 2001::4 ebgp-multihop
R3(config-router)# neighbor 2001::4 password cisco123
Rl(config-router)#neighbor 2001::4 remote-as 600
Rl(config-router)#neighbor 2001::4 update-source loopback 0
Rl(config-router)#neighbor 2001::4 ebgp-multihop
Rl(config-router)#neighbor 2001::4 password cisco123
Rl (config-ro uter)# add ress-family ipv6 unicast
Rl(config-router-af)#neighbor 2001::4 activate
Rl(config-router-af)#network 2001:14::/64
Rl (config-router-af)#end



R4(config-router-af)#exit


2001::1 4 500 6 7 9 0 0 00:00:34 7
2001::3 4 500 6 7 9 0 0 00:00:07 7

2001::1/128
-;':
2001::3 0 500 i
'''> 2001::1 0 500 i
0
-;':
2001::2/128 2001::3 0 500 i
'''> 2001::1 0 500 i
-;':
2001::3/128 2001::3 0 0 500 i
'''> 2001::1 0 500 i
' > 2001::4/128 .. 0 32768 i
0
'
-;':
2001:12::/64 2001::3 0 500 i
2001::1 0 0 500 i
,., 2001:14::/64 2001::3 0 500 i
0 32768 i
2001::1 0 0 500 i
,., 2001:23::/64 2001::3 0 0500 i
2001::1 0 500 i
,., 2001:34::/64 2001::3 0 0500 i
0 32768 i
2001::1 0 500 i
Rl#sh ip bgp ipv6 unicast 2001::4/128

BGP routing table entry for 2001::4/128, version 9
Paths: (1 available, best #1, table Global-1Pv6-Table)
1
600
2001::4 from 2001::4 (14.0.3.1)
R2#sh ip bgp ipv6 unicast 2001::4/128

600, (Received from a RR-client)
2001::4 (inaccessible) from 2001::1 (11.0.3.1)
2001::4 (inaccessible) from 2001::3 (13.0.3.1)
TASK: Congiure R1/R3 to change the next-hop when they advertise to IBGP neighbors:
Rl#sh run I s bgp

router bgp 500
no bgp default ipv4-unicast
neighbor CCIE peer-group
neighbor CCIE remote-as 500
neighbor CCIE password cisco123
neighbor CCIE update-source Loopback0
neighbor 2001::2 peer-group CCIE
neighbor 2001::4 remote-as 600
neighbor 2001::4 ebgp-multihop 255
neighbor 2001::4 password cisco123
neighbor 2001::4 update-source Loopback0
address-family ipv6
neighbor 2001::2 activate
network 2001::1/128
network 2001:12::/64
network 2001:14::/64
exit-address-family

Rl(config-router)#neighbor CCIE next-hop-self
% Policy commands not allowed without an address family
Rl(config-ro uter) #addre ss- family ipv6 unicast

R1(config-router-af)#neighbor CCIE next-hop-self
Rl (config-router-af)#end
R3#sh run I s bgp

router bgp 500
no bgp default ipv4-unicast
neighbor CCIE peer-group
neighbor CCIE remote-as 500
neighbor CCIE password cisco123
neighbor CCIE update-source Loopback0
neighbor 2001::4 remote-as 600
neighbor 2001::4 ebgp-multihop 255
neighbor 2001::4 password cisco123
neighbor 2001::4 update-source Loopback0
address-family ipv6
network 2001::3/128
network 2001:23::/64
network 2001:34::/64
exit-address-family

R3(config-router)#address-family ipv6 unicast
R3(config-router-af)#neighbor CCI E next-hop-self

1
2001::1 (metric 2) from 2001::1 (11.0.3.1)
2001::3 (metric 2) from 2001::3 (13.0.3.1)
TASK:
• Configure AS 500 to ensure that Rl should be preferred exit path to reach AS 600

1
600
2001::1 (metric 3) from 2001::2 (12.0.3.1)
600
2001::4 from 2001::4 (14.0.3.1)
Rl(config)# route-map LOCAL permit 10

Rl(config-route-map)# set local-preference 200

Rl(config-router)# address-family ipv6 unicast
Rl(config-router-af)# neighbor 2001::4 route-map LOCAL in
Rl(config-router-af)#exit
Rl#clear ip bgp * ipv6 unicast soft


' > 2001::1/128
0
'
.. 0 32768 i
' 2001::2 0 100 0i
0
'
> i2001::2/128 ' 2001::3 0 100 0i

' > i2001::3/128 2001::4 0 200 0 600 i
0
' >
0
'
0 100 0i
2001::4/128 0 32768 i
,., i2001:12::/64 2001::2 0 200 0 600 i
'''> .. 0 32768 i
-;':
2001:14::/64 2001::4
'''> ..
' > i2001:23::/ 64
0
'
2001::2 0 100 0i
' > 2001:34::/64 2001::4 0 200 0 600 i
0
'

1
2001::1 (metric 2) from 2001::1 (11.0.3.1)

2
600
2001::1 (metric 3) from 2001::2 (12.0.3.1)
600
2001::4 from 2001::4 (14.0.3.1)


'
0
'
2001::1 0 100 0i
> i2001::1/128 '
2001::2 0 100 0i
' > i2001::2/128
0
0 32768 i
' >
0
'
2001::3/128
' > i2001::4/128 2001::1 0 200 0 600 i
0
'
,., 2001::4 0 0 600 i

' > i2001:12::/ 64 2001::2 0 100 0i
0
'
,., 2001:14::/64 2001::4 0 0 600 i

2001::1 0 100 0i
' > 2001:23::/64 .. 0 32768 i
0
'
,., i 2001::2 0 100 0i

,., i2001:34::/64 2001::1 0 200 0 600 i
,., 2001::4 0 0 600 i
0 32768 i

BGP Workbook

Uploaded by

Copyright:

Available Formats

You might also like

BGP Workbook

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BGP Workbook

Uploaded by

Copyright:

Available Formats

@:mim f! (fl.

1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions. Page 4

1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 www. noasolutions. Page 6

► An AS is a collection of networks under a single technical administration .

IGP operates within the Same Autonomous Sytem

EBGP operates in between Multiple Autonomous

► Designed to scale huge inter-network like internet.

► Updates are incremental and trigger

BGP Features (Contd)

200 Internal updates ( IBGP)

Network 10.10.200.0/ Z4 As· lh : 300 1000

-+-----+, eBGP sus.ion.s

BGP's loop prevention mechanism

172 .31 254

172 31.254 0123 172 31 254 0/23

AS-Path loop detection

140.10.0.0/1 6 500 300

180.10.0.0/16 is not accepted

When to use BGP

When not to use BGP

Types of ISP Connections

► A site with a single ISP connection is single-homed.

ASN80 ASN 1, ISP 1

► A dual-homedsite has two

ASN80 ASN 1, ISP 1

► Multi-homing means connecting to

► It is done for redundancy and backup if

► Default route from provider(s)

Example: Default Routes from All

Default AS 64520 AS 64100

Router C uses the Router C uses the

Full Routes from All Providers

Passes All ISPB

BGP forwarding table/database

Configuring BGP Routing Protocol

router bgp 65101

(!..,,.., AS 500 .. 1/,.\I

Rl(config)#router bgp 500

Example: BGP network Command

Router(config-router)# network 192.168.1.1 mask 255.255.255.0

Router(config-router)# network 192.168.0.0 mask 255.255.0.0

• The router looks for exactly 192.168.0.0/16 in the routing table.

R2(config)#router bgp 500

R3(config)#router bgp 500

R4(config)#Router bgp 500

Rl#sh ip bgp summary

R-l#sh ip route bgp

No network 30.0.0.0 in the routing table

R-2#sh ip route bgp

R3#sh ip route bgp

R4#sh ip route bgp

Solution for BGP Split horizon

2. Use Route Reflector

..- -- - ··- ·«>- -· --

Why have these restrictions?

Rl(config)#Router bgp 500

R2(config)#Router bgp 500

R3(config)#Router bgp 500

R4(config)#Router bgp 500