BGP
advertisement
SVC-EDINET Learning Materials BGP – Basic Routing and Route Optimization Version 1.1.2 Abstract Students will be able to configure basic BGP on Cisco routers, understand difference between Internal and External BGP and be able to interpret routing information passed between BGP routers. Students will also be able to optimize routes using Local Preference, AS-path and weight attributes and summarize prefixes propagated from some AS to the another AS. SVC-EDINET Learning materials This learning material is supported by VŠB - Technical University Ostrava 2 Version 1.1.2 SVC-EDINET Learning materials 1. BGP – Basic Routing and Route Optimization Learning Objectives Students will learn How to configure External BGP with loopback interfaces How to configure Internal BGP AS-path, weight and local preference attribute usage How to summarize IP prefixes propagated to neighbor AS Prerequisites good IP routing knowledge (including OSPF) basic knowledge of BGP routing protocol and BGP attributes processing Cisco IOS CLI knowledge Required Time 8 hours Aditional Learning Sources Basic BGP overview: http://en.wikipedia.org/wiki/Border_Gateway_Protocol BGP attributes: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm BGP configuration on Cisco routers: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ics/icsbgp4.htm 3 Version 1.1.2 SVC-EDINET Learning materials Scenario You have to configure BGP routing protocol among three autonomous systems AS100, AS200 and AS300. Routers RA and RG in AS100 use OSPF as internal routing protocol and also establish IBGP session. Among all autonomous systems are EBGP relations established. After the basic configuration (i.e. neighbor and network configuration) we will make some additional steps : Reconfigure AS100 as non-transit AS. Change AS100 configuration that way traffic to AS200 and AS300 will flow by RG-RD link. Try to accomplish the same goal (RG-RD link preference) by configuration change in AS200 instead in AS100. Propagate only summarized route 172.16.0.0 from AS100 to neighboring AS, no individual subnets. Make second line between RG and RD operational. Use weight BGP attribute and set second line as preferred. First line will function as a backup now. 4 Version 1.1.2 SVC-EDINET Learning materials Topology Diagram 5 Version 1.1.2 SVC-EDINET Learning materials Addressing scheme Router name / Interface Router RA / Loopback 1 Router RA / Loopback 2 Router RA / Loopback 0 Router RA / Ethernet 0 Router RA / Serial 0 Router RG / Loopback 1 Router RG / Loopback 2 Router RG / Loopback 0 Router RG / Ethernet 0 Router RG / Serial 0 Router RG / Serial 1 Router RC / Loopback 1 Router RC / Ethernet 0 Router RC / Serial 0 Router RD / Loopback 1 Router RD / Ethernet 0 Router RD / Serial 0 Router RD / Serial 1 Table 1. IP address 172.16.10.1 172.16.11.1 172.16.100.1 172.16.1.1 200.1.1.1 172.16.20.1 172.16.21.1 172.16.100.2 172.16.1.2 200.1.2.1 200.1.2.5 192.168.10.1 200.1.3.1 200.1.1.2 192.168.20.1 200.1.3.2 200.1.2.2 200.1.2.6 Network Mask 255.255.255.0 255.255.255.0 255.255.255.255 255.255.255.0 255.255.255.252 255.255.255.0 255.255.255.0 255.255.255.255 255.255.255.0 255.255.255.252 255.255.255.252 255.255.255.0 255.255.255.252 255.255.255.252 255.255.255.0 255.255.255.252 255.255.255.252 255.255.255.252 6 Version 1.1.2 SVC-EDINET Learning materials Configuration Guide Step 1 (basic IP addressing, will be pre-configured in all routers before beginning) We use loopback interfaces for local LAN simulation, because Cisco 2501 routers used in this lab has insufficient number of interfaces. Second line between RG and RD will not be used initially. Router RA int loo0 ip address int loo1 ip address int loo2 ip address int e0 ip address int s0 ip address clock rate 172.16.100.1 255.255.255.255 172.16.10.1 255.255.255.0 172.16.11.1 255.255.255.0 172.16.1.1 255.255.255.0 200.1.1.1 255.255.255.252 2000000 Router RG int loo0 ip address int loo1 ip address int loo2 ip address int e0 ip address int s0 ip address int s1 ip address shutdown 172.16.100.2 255.255.255.255 172.16.20.1 255.255.255.0 172.16.21.1 255.255.255.0 172.16.1.2 255.255.255.0 200.1.2.1 255.255.255.252 200.1.2.5 255.255.255.252 Router RC int loo1 ip address 192.168.10.1 255.255.255.0 int e0 ip address 200.1.3.1 255.255.255.252 int s0 ip address 200.1.1.2 255.255.255.252 Router RD int loo1 ip address 192.168.20.1 255.255.255.0 int e0 ip address 200.1.3.2 255.255.255.252 7 Version 1.1.2 SVC-EDINET Learning materials int s0 ip address clock rate int s1 ip address clock rate shutdown 200.1.2.2 255.255.255.252 125000 200.1.2.6 255.255.255.252 125000 Step 2 (OSPF, basic BGP neighbor and advertised network configuration) OSPF routing protocol will be configured inside AS100. IBGP session between RA and RG will be configured on loopback interface addresses, so you have to use ...update-source command. Using loopback interfaces is useful if there is more redundant paths between RA and RG. Because we do not advertise lines between autonomous systems into OSPF, we have to use …nexthop-self command in BGP. Otherwise router inside AS100 will not be able to find path to next hop in neighboring AS. IGP synchronization and route summarization are probably turned off by default (it is IOS version dependent). If not, turn it off manually. Router RA router ospf 1 network 172.16.0.0 0.0.255.255 area 0 router bgp 100 no synchronization network 172.16.1.0 mask 255.255.255.0 network 172.16.10.0 mask 255.255.255.0 network 172.16.11.0 mask 255.255.255.0 network 172.16.20.0 mask 255.255.255.0 network 172.16.21.0 mask 255.255.255.0 neighbor 172.16.100.2 remote-as 100 neighbor 172.16.100.2 update-source loo0 neighbor 172.16.100.2 next-hop-self neighbor 200.1.1.2 remote-as 200 no auto-summary Router RG router ospf 1 network 172.16.0.0 0.0.255.255 area 0 router bgp 100 no synchronization network 172.16.1.0 mask 255.255.255.0 network 172.16.10.0 mask 255.255.255.0 8 Version 1.1.2 SVC-EDINET Learning materials network 172.16.11.0 mask 255.255.255.0 network 172.16.20.0 mask 255.255.255.0 network 172.16.21.0 mask 255.255.255.0 neighbor 172.16.100.1 remote-as 100 neighbor 172.16.100.1 update-source loo0 neighbor 172.16.100.1 next-hop-self neighbor 200.1.2.2 remote-as 300 no auto-summary Router RC router bgp 200 network 192.168.10.0 neighbor 200.1.1.1 remote-as 100 neighbor 200.1.3.2 remote-as 300 no auto-summary Router RD router bgp 300 network 192.168.20.0 neighbor 200.1.2.1 remote-as 100 neighbor 200.1.3.1 remote-as 200 no auto-summary Step 3 (function verification) Use these commands to verify proper routing protocol function. The same commands you will use in all subsequent steps : sh sh sh sh sh ip ip ip ip ip debug debug debug debug bgp summary bgp neighbors bgp bgp 172.16.20.0 route ip ip ip ip verify BGP neighbor relationship verify entire BGP table verify details for one BGP prefix verify IP routing table bgp bgp <neighbor_ip> bgp events bgp updates After each configuration modification it is necessary to reset BGP relationship between routers by issuing command clear ip bgp * or clear ip bgp <neighbor_ip> 9 Version 1.1.2 SVC-EDINET Learning materials Step 4 (make AS100 non-transit) Only routes with empty AS_path attribute will be advertised from AS100 to both neighboring autonomous systems (it is filtered by regular expression ^$). Router RG router bgp 100 neighbor 200.1.2.2 filter-list 10 out ip as-path access-list 10 permit ^$ Router RA will need similar configuration. You can verify this by sh ip bgp 192.168.20.0 on RC. Step 5 (change AS100 configuration so that traffic to both AS200 and AS300 will flow preferably by RG-RD link) We will make RG-RD link more attractive by setting local preference attribute for prefixes advertised from RD to 200, which is better then default value 100. Router RG router bgp 100 neighbor 200.1.2.2 route-map setloc in route-map setloc permit 10 set local-preference 200 Verify by sh ip bgp 192.168.10.0 or sh ip route 192.168.10.0 or trace on RA. 192.168.10.1 Step 6 (try to accomplish the same goal by configuration change in AS200, not in AS100) We will make AS-path thru RC artificially longer then path thru RD by prepending AS200 two times. Result is that way through AS300 (RG-RD) has shorter AS-path now and will be preferred. Don’t forget to undo changes made in step 5. Verification steps are the same as in Step 5. Router RC router bgp 200 neighbor 200.1.1.1 route-map appendas out route-map appendas permit 10 set as-path prepend 200 200 If you want to prepend as-path only to 192.168.10.0 prefix, you can modify route-map this way : access-list 1 permit 192.168.10.0 0.0.0.255 route-map appendas permit 10 match ip address 1 10 Version 1.1.2 SVC-EDINET Learning materials set as-path prepend 200 200 route-map appendas permit 20 Note the permit 20 line. If it is missing, only 192.168.10.0 prefix will be propagated. Step 7 (Propagate only summarized route 172.16.0.0 from AS100 to neighboring AS, no individual subnets) Undo changes made in step 6. Both router RA and RG router bgp 100 aggregate-adress 172.16.0.0 255.255.0.0 summary-only Note the value of Aggregator and Atomic-aggregate attributes on RC and RD routers in sh ip bgp 172.16.0.0 listing. You can accomplish the same result by modifying prefixes advertised to neighboring BGP routers. Other network commands and also aggregate-address from router bgp 100 should by deleted. Static route directed to null 0 is necessary, because BGP will not advertise prefixes, which it does not have in local routing table. Both router RA and RG router bgp 100 network 172.16.0.0 ip route 172.16.0.0 255.255.0.0 null0 Step 8 (make second line between RG and RD operational; use weight BGP attribute and set second line as preferred) Issue no shutdown command on both sides of second RA-RG line. Establish second BGP session between them and use weight BGP attribute to set it as a preferred line. Higher weight will be preferred. Router RG router bgp 100 neighbor 200.1.2.6 remote-as 300 neighbor 200.1.2.6 weight 100 neighbor 200.1.2.2 weight 10 Router RD router bgp 300 neighbor 200.1.2.5 remote-as 100 neighbor 200.1.2.5 weight 100 neighbor 200.1.2.1 weight 10 11 Version 1.1.2 SVC-EDINET Learning materials Again, verify by sh ip bgp 172.16.0.0 and sh ip route 172.16.0.0. Knowledge-assesment 1) Q: In which order will following BGP attributes be used in the decision process ? Weight, MED, AS path, Local Preference A: Weight, Local Preference, AS Path, MED 2) Q: What is the purpose of MED BGP attribute ? Where is it propagated to? A: MED is a hint for a neighbor AS, which path I prefer for traffic routed into my AS. It is propagated only into neighbor AS,not further. 3) Q: What is the type the following attributes:(well-known mandatory, well-known discretionary, optionall transitive, optional nontransitive) ? a) b) c) d) e) Next Hop Local Preference AS Path MED Origin A:a) b) c) d) e) well-known mandatory well-known discretionary well-known mandatory optional nontransitive well-known mandatory 4) Q: What does it mean BGP synchronization and why is it used ? A: Synchronization means, that BGP will not use nor propagate network prefixes, if they are not known in IGP. Purpose is to avoid situation, when IGP-only routers will receive packets with destination address not known in IGP. 5) Q: Why is it necessary to make a full-mesh of IBGP peers ? A: It is necessary because prefixes learnt by IBGP are not propagated by IBGP. 6) Q: How we can make information passing from internal routing protocols to the BGP ? A: We have several possibilities: - statically propagate network prefix via "network" command - propagate summarized prefixes as "aggregate-address" from IGP to BGP - redistribute prefixes directly from IGP to BGP 12 Version 1.1.2 SVC-EDINET Learning materials Final Configuration (after all steps has been completed) Router RA int loo0 ip address 172.16.100.1 255.255.255.255 int loo1 ip address 172.16.10.1 255.255.255.0 int loo2 ip address 172.16.11.1 255.255.255.0 int e0 ip address 172.16.1.1 255.255.255.0 int s0 ip address 200.1.1.1 255.255.255.252 clock rate 2000000 router ospf 1 network 172.16.0.0 0.0.255.255 area 0 router bgp 100 no synchronization network 172.16.1.0 mask 255.255.255.0 network 172.16.10.0 mask 255.255.255.0 network 172.16.11.0 mask 255.255.255.0 network 172.16.20.0 mask 255.255.255.0 network 172.16.21.0 mask 255.255.255.0 neighbor 172.16.100.2 remote-as 100 neighbor 172.16.100.2 update-source loo0 neighbor 172.16.100.2 next-hop-self neighbor 200.1.1.2 remote-as 200 neighbor 200.1.1.2 filter-list 10 out no auto-summary aggregate-adress 172.16.0.0 255.255.0.0 summary-only ip as-path access-list 10 permit ^$ Router RG int loo0 ip address int loo1 ip address int loo2 ip address int e0 ip address int s0 ip address clock rate int s1 ip address clock rate router ospf 1 172.16.100.2 255.255.255.255 172.16.20.1 255.255.255.0 172.16.21.1 255.255.255.0 172.16.1.2 255.255.255.0 200.1.2.1 255.255.255.252 128000 200.1.2.5 255.255.255.252 128000 13 Version 1.1.2 SVC-EDINET Learning materials network 172.16.0.0 0.0.255.255 area 0 router bgp 100 no synchronization network 172.16.1.0 mask 255.255.255.0 network 172.16.10.0 mask 255.255.255.0 network 172.16.11.0 mask 255.255.255.0 network 172.16.20.0 mask 255.255.255.0 network 172.16.21.0 mask 255.255.255.0 neighbor 172.16.100.1 remote-as 100 neighbor 172.16.100.1 update-source loo0 neighbor 172.16.100.1 next-hop-self neighbor 200.1.2.2 remote-as 300 neighbor 200.1.2.2 filter-list 10 out neighbor 200.1.2.2 route-map setloc in neighbor 200.1.2.2 weight 10 neighbor 200.1.2.6 remote-as 300 neighbor 200.1.2.6 weight 100 no auto-summary aggregate-adress 172.16.0.0 255.255.0.0 summary-only ip as-path access-list 10 permit ^$ route-map setloc permit 10 set local-preference 200 Router RC int loo1 ip address 192.168.10.1 255.255.255.0 int e0 ip address 200.1.3.1 255.255.255.252 clock rate 2000000 int s0 ip address 200.1.1.2 255.255.255.252 router bgp 200 network 192.168.10.0 neighbor 200.1.1.1 remote-as 100 neighbor 200.1.3.2 remote-as 300 no auto-summary Router RD int loo1 ip address 192.168.20.1 255.255.255.0 int e0 ip address 200.1.3.2 255.255.255.252 int s0 ip address 200.1.2.2 255.255.255.252 int s1 ip address 200.1.2.6 255.255.255.252 router bgp 300 14 Version 1.1.2 SVC-EDINET Learning materials network 192.168.20.0 neighbor 200.1.2.1 remote-as 100 neighbor 200.1.2.1 weight 10 neighbor 200.1.3.1 remote-as 200 neighbor 200.1.2.5 remote-as 100 neighbor 200.1.2.5 weight 100 no auto-summary 15 Version 1.1.2
