You are on page 1of 66

CHAPTE R 1 2

Using the Border Gateway Protocol for
Interdomain Routing
The Border Gateway Protocol (BGP), defined in RFC 1771, provides loop-free interdomain routing
between autonomous systems. (An autonomous system [AS] is a set of routers that operate under the
same administration.) BGP is often run among the networks of Internet service providers (ISPs). This
case study examines how BGP works and how you can use it to participate in routing with other
networks that run BGP. The following topics are covered:
• BGP Fundamentals
• BGP Decision Algorithm
• Controlling the Flow of BGP Updates
• Practical Design Example

Note The version of BGP described in this case study is BGP Version 4.

BGP Fundamentals
This section presents fundamental information about BGP, including the following topics:
• Internal BGP
• External BGP
• BGP and Route Maps
• Advertising Networks
Routers that belong to the same AS and exchange BGP updates are said to be running internal BGP
(IBGP), and routers that belong to different ASs and exchange BGP updates are said to be running
external BGP (EBGP). With the exception of the neighbor ebgp-multihop router configuration
command (described in the section “External BGP” later in this chapter), the commands for
configuring EBGP and IBGP are the same. This case study uses the terms EBGP and IBGP as a
reminder that, for any particular context, routing updates are being exchanged between ASs (EBGP)
or within an AS (IBGP).
Figure 12-1 shows a network that demonstrates the difference between EBGP and IBGP.

Using the Border Gateway Protocol for Interdomain Routing 12-1

BGP Fundamentals

Figure 12-1 EBGP, IBGP, and Multiple ASs

AS 100 AS 300

Router A Router D
129.213.1.2 192.208.10.1

EBGP EBGP

129.213.1.1 192.208.10.2
IBGP
Router B Router C
175.220.212.1 175.220.1.2

S4574
AS 200

Before it exchanges information with an external AS, BGP ensures that networks within the AS are
reachable. This is done by a combination of internal BGP peering among routers within the AS and
by redistributing BGP routing information to Interior Gateway Protocols (IGPs) that run within the
AS, such as Interior Gateway Routing Protocol (IGRP), Intermediate System-to-Intermediate
System (IS-IS), Routing Information Protocol (RIP), and Open Shortest Path First (OSPF).
BGP uses the Transmission Control Protocol (TCP) as its transport protocol (specifically port 179).
Any two routers that have opened a TCP connection to each other for the purpose of exchanging
routing information are known as peers or neighbors. In Figure 12-1, Routers A and B are BGP
peers, as are Routers B and C, and Routers C and D. The routing information consists of a series of
AS numbers that describe the full path to the destination network. BGP uses this information to
construct a loop-free map of ASs. Note that within an AS, BGP peers do not have to be directly
connected.
BGP peers initially exchange their full BGP routing tables. Thereafter, BGP peers send incremental
updates only. BGP peers also exchange keepalive messages (to ensure that the connection is up) and
notification messages (in response to errors or special conditions).
In Figure 12-1, the following commands configure BGP on Router A:
router bgp 100
neighbor 129.213.1.1 remote-as 200

The following commands configure BGP on Router B:
router bgp 200
neighbor 129.213.1.2 remote-as 100
neighbor 175.220.1.2 remote-as 200

The following commands configure BGP on Router C:
router bgp 200
neighbor 175.220.212.1 remote-as 200
neighbor 192.208.10.1 remote-as 300

The following commands configure BGP on Router D:
router bgp 300
neighbor 192.208.10.2 remote-as 200

The router bgp global configuration command enables a BGP routing process and assigns to it an
AS number.

12-2 Internetworking Case Studies

BGP Fundamentals

The neighbor remote-as router configuration command adds an entry to the BGP neighbor table
specifying that the peer identified by a particular IP address belongs to the specified AS. For routers
that run EBGP, neighbors are usually directly connected, and the IP address is usually the IP address
of the interface at the other end of the connection. (For the exception to this rule, see the section
“EBGP Multihop,” later in this chapter.) For routers that run IBGP, the IP address can be the IP
address of any of the router’s interfaces.
Note the following about the ASs shown in Figure 12-1:
• Routers A and B are running EBGP, and Routers B and C are running IBGP. Note that the EBGP
peers are directly connected and that the IBGP peers are not. As long as there is an IGP running
that allows the two neighbors to reach one another, IBGP peers do not have to be directly
connected.
• All BGP speakers within an AS must establish a peer relationship with each other. That is, the
BGP speakers within an AS must be fully meshed logically. BGP4 provides two techniques that
alleviate the requirement for a logical full mesh: confederations and route reflectors. For
information about these techniques, see the sections “Confederations” and “Route Reflectors,”
later in this chapter.
• AS 200 is a transit AS for AS 100 and AS 300—that is, AS 200 is used to transfer packets
between AS 100 and AS 300.
To verify that BGP peers are up, use the show ip bgp neighbors EXEC command. Following is the
output of this command on Router A:
RouterA# show ip bgp neighbors
BGP neighbor is 129.213.1.1, remote AS 200, external link
BGP version 4, remote router ID 175.220.212.1
BGP state = established, table version = 3, up for 0:10:59
Last read 0:00:29, hold time is 180, keepalive interval is 60 seconds
Minimum time between advertisement runs is 30 seconds
Received 2828 messages, 0 notifications, 0 in queue
Sent 2826 messages, 0 notifications, 0 in queue
Connections established 11; dropped 10

Anything other than state = established indicates that the peers are not up. The remote router ID is
the highest IP address on that router (or the highest loopback interface, if there is one). Notice the
table version number: each time the table is updated by new incoming information, the table version
number increments. A table version number that continually increments is an indication that a route
is flapping, thereby causing routes to be updated continually.

Note When you make a configuration change with respect to a neighbor for which a peer
relationship has been established, be sure to reset the BGP session with that neighbor. To reset the
session, at the system prompt, issue the clear ip bgp EXEC command specifying the IP address of
that neighbor.

Internal BGP
Internal BGP (IBGP) is the form of BGP that exchanges BGP updates within an AS. Instead of
IBGP, the routes learned via EBGP could be redistributed into IGP within the AS and then
redistributed again into another AS. However, IBGP is more flexible, provides more efficient ways
of controlling the exchange of information within the AS, and presents a consistent view of the AS
to external neighbors. For example, IBGP provides ways to control the exit point from an AS.
Figure 12-2 shows a topology that demonstrates IBGP.

Using the Border Gateway Protocol for Interdomain Routing 12-3

10. Router A would send updates from Router B to Router E but not to Router D.10.20.1 Router A IBGP Router B 170.10.1 remote-as 100 neighbor 190. via IBGP).0 When a BGP speaker receives an update from other BGP speakers in its own AS (that is.1 190. the receiving BGP speaker uses EBGP to forward the update to external BGP speakers only.1 remote as 100 network 190.10.10.40.2 remote-as 100 network 175. 12-4 Internetworking Case Studies .10.10.10.1 remote-as 100 neighbor 175.10.30.0.10.10.10.1 AS 100 Router D IBGP 150.50.30.10.0.2 remote-as 300 network 150. in Figure 12-2.40.10.30.10.10.50.10. and Router C in AS 400: !Router A router bgp 100 neighbor 180.10.30.1 remote-as 100 neighbor 170.30.20.40.1 remote-as 400 neighbor 180.BGP Fundamentals Figure 12-2 Internal BGP Example 180.1 remote-as 100 network 190.0 !Router B router bgp 100 neighbor 150.20.0 !Router D router bgp 100 neighbor 150.1 remote-as 100 neighbor 190.40.0.0 175.2 175.50. This behavior of IBGP is why it is necessary for BGP speakers within an AS to be fully meshed.1 175. if there were no IBGP session between Routers B and D.2 170.0 The following commands configure Routers A and B in AS 100.10. Router B must be configured so that Router D is a BGP peer.30.10.0.0.0 !Router C router bgp 400 neighbor 175. If you want Router D to receive updates from Router B.50.10.1 Router E Router C AS 300 AS 400 S4582 AS 500 170. For example.10.

Figure 12-3 shows a network in which using the loopback interface is advantageous.1.212.212.1 remote-as 100 The following commands configure Router B for BGP: !Router B loopback interface 0 ip address 150.11. BGP does not have to rely on the availability of a particular interface for making TCP connections. Figure 12-3 Use of Loopback Interfaces Loopback interface 0: 150.212.225.225. This use of the loopback interface requires that the configuration of Router B include the neighbor update-source router configuration command.1 E0 IBGP E1 Router A Router B 190.225.1.1 E3 E2 AS 100 S4576 In Figure 12-3. therefore. Routers A and B are running IBGP within AS 100. 2. The advantage of using loopback interfaces is that they eliminate a dependency that would otherwise occur when you use the IP address of a physical interface to configure BGP.11.1 255. and if the specified interface were to become unavailable. Note Loopback interfaces are rarely between EBGP peers because EBGP peers are usually directly connected and.1 remote-as 100 neighbor 190.1.1 update-source loopback 0 Router A specifies the IP address of the loopback interface (150. When the loopback interface is used. the source of BGP TCP connections for the specified neighbor is the IP address of the loopback interface instead of the IP address of a physical interface. Router A would not be able to establish a TCP connection with Router B. depend on a particular physical interface for connectivity. 1.255. Using the Border Gateway Protocol for Interdomain Routing 12-5 .0.0 ! router bgp 100 neighbor 190. BGP Fundamentals Loopback Interfaces Loopback interfaces are often used by IBGP peers.212. Router A specifies the IP address of the loopback interface that Router B defines. When the neighbor update-source command is used. Instead. If Router A were to specify the IP address of Ethernet interface 0. or 3 in the neighbor remote-as router configuration command.11. The following commands configure Router A for BGP: !Router A router bgp 100 neighbor 150.1.1) of Router B in the neighbor remote-as router configuration command.

they are said to be running EBGP.1.213.225.1. In this special case.213.3).BGP Fundamentals External BGP When two BGP speakers that are not in the same AS run BGP to exchange routing information. The following commands configure Router B: !Router B loopback interface 0 ip address 180.11.1 129. Because Router A references an external neighbor by an address that is not directly connected. and the neighbor ebgp-multihop router configuration command enables EGBP multihop.1 remote-as 300 neighbor 180. This section describes commands that solve configuration problems that arise when BGP routing updates are exchanged between different ASs: • EBGP Multihop • EBGP Load Balancing • Synchronization EBGP Multihop Usually.1 update-source loopback 0 The neighbor remote-as router configuration command specifies the IP address of an interface that is an extra hop away (180.1 ebgp-multihop neighbor 180.225. Sometimes.11.1.225.213.1 ! router bgp 100 neighbor 180. they cannot be directly connected. over a wide-area network [WAN] connection).2 129.11.1.11. the neighbor ebgp-multihop router configuration command is used.1. the two EBGP speakers are directly connected (for example.1 instead of 129.225. Figure 12-4 illustrates a topology in which the neighbor ebgp-multihop command is useful. but not for IBGP.213.225.11. Figure 12-4 EBGP Multihop Loopback interface 0: Loopback interface 0: 129. its configuration must include static routes or must enable an IGP so that the neighbors can reach each other.1 180.225.1 12-6 Internetworking Case Studies .11.3 Router A Router B EBGP S4577 AS 100 AS 300 The following commands configure Router A to run EBGP: !Router A loopback interface 0 ip address 129.213. however. Note Multihop is used only for EBGP.

0 255. Static routes are used to introduce two equal-cost paths to the destination.10. Figure 12-5 Load Balancing over Parallel Serial Lines Loopback interface 0: 150. which allows load balancing to occur.0 255.1 1.0.0 1.10.1.0.10.0 ! router bgp 100 neighbor 160.10.2.2.0.1 remote-as 100 neighbor 150.2 Router A 2.10.1.255.0.1 Router B 2.255.255.10.1. The following commands configure load balancing for Router A: !Router A interface loopback 0 ip address 150.0 ! ip route 150.2.1 update-source loopback 0 EBGP Load Balancing The neighbor ebgp-multihop router configuration command and loopback interfaces are also useful for configuring load balancing between two ASs over parallel serial lines.255. BGP Fundamentals router bgp 300 neighbor 129.10.1 The neighbor ebgp-multihop and neighbor update-source router configuration commands have the effect of making the loopback interface the next hop for EBGP.0 2.213.1.1.2.1 Loopback interface 0: 160.255.1 255.10.2.10.10.1 1.10.1 ebgp-multihop neighbor 160.0 2.1.255.0 160.0 1.1. BGP would not perform load balancing in Figure 12-5.2.0.10.1 ebgp-multihop neighbor 129.0.1 255.10.1. but with the neighbor ebgp-multihop command on each router.1.0.1 update-source loopback 0 network 160. (The same effect Using the Border Gateway Protocol for Interdomain Routing 12-7 .0 Without the neighbor ebgp-multihop command on each router.1 ebgp-multihop neighbor 150.2 AS 100 AS 200 S4578 150.0.10.2.0.255.1.10.0.1.0 255.0 255. BGP uses both serial lines.0.1.1 update-source loopback 0 network 150.10.1.255.1.1.1.213.0.2.213.1 ip route 150.1.10.10.1. as shown in Figure 12-5.0 ! router bgp 200 neighbor 150.2 The following commands configure load balancing for Router B: !Router B interface loopback 0 ip address 160.1.1 remote-as 200 neighbor 160.2 ip route 160.0 ! ip route 160.1.1.1 remote-as 100 neighbor 129.

10.0.1 in two ways: via 1. traffic coming from Router D to Router B with a destination of 170.10. Router B can reach the next hop of 150. it sends traffic to Router E.) Router A can reach the next hop of 160.10. Router C sends updates about network 170.1 and via 2.0. but it might result in dropped transit packets.10. This situation is handled by the synchronization rule of BGP.1.0.0.10.10. In some cases.0 into an IGP.0 to Router A.2.0 via an IGP before it sends an update to Router D.0 before Router E learns about the network via IGP. AS 100) have learned about the route via an IGP.2. so Router B receives updates about network 170.2 2.2.2.1 Router C Router D AS 300 S4589 170.10.2.0. Routers A and B are running IBGP.0 will flow to Router E and be dropped.1.10. Likewise. Disabling synchronization allows BGP to converge more quickly. Router B waits to hear about network 170.2 and via 2.0 via IBGP.10.2.2.1. You can disable synchronization if one of the following conditions is true: • Your AS does not pass traffic from one AS to another AS.0 Router E IGP IGP Router A IBGP Router B 2.1 in two ways: via 1.0. Router E has no way of knowing that network 170. 12-8 Internetworking Case Studies .0. which states that if an AS (such as AS 100 in Figure 12-6) passes traffic from one AS to another AS. Synchronization When an AS provides transit service to other ASs and if there are non-BGP routers in the AS.0. transit traffic might be dropped if the intermediate non-BGP routers have not learned routes for that traffic via an IGP. If Router A does not redistribute network 170.2. In this case.1. The BGP synchronization rule states that if an AS provides transit service to another AS. • All the transit routers in your AS run BGP.BGP Fundamentals could also be accomplished by using an IGP.0.0.1. Figure 12-6 Synchronization AS 100 150.0 AS 400 In Figure 12-6. you might want to disable synchronization. BGP should not advertise a route until all of the routers within the AS have learned about the route via an IGP.1. If Router B wants to reach network 170.10. The topology shown in Figure 12-6 demonstrates the synchronization rule. BGP does not advertise a route before all routers within the AS (in this case.0 exists and will drop the packets.1.10.0.2. If Router B advertises to AS 400 that it can reach 170.10.

B.0.0.0. and C: !Router A network 150.2.0 neighbor 3.3.2 remote-as 400 neighbor 3.3.0 The following commands configure Routers A. The format of a route map is as follows: route-map map-tag [[permit | deny] | [sequence-number]] The map tag is a name that identifies the route map. BGP and Route Maps Figure 12-7 shows a topology in which it is desirable to disable synchronization.3 remote-as 100 no synchronization !Router D router bgp 400 neighbor 1.4 remote-as 100 neighbor 2. BGP and Route Maps Route maps are used with BGP to control and modify routing information and to define the conditions by which routes are redistributed between routing domains.0.10.2 2.0 in its IP routing table and advertise it to Router D without learning network 170. and the sequence number indicates the position that an instance of the route map is to have in relation to other instances of the same route map.10.2.0.1 2.10.1.10.3. (Instances are ordered sequentially.3.3 3.2.2.10.2.0. Figure 12-7 Disabled Synchronization AS 100 150.1.) Using the Border Gateway Protocol for Interdomain Routing 12-9 .1 remote-as 300 no synchronization !Router B router bgp 100 network 150.1 remote-as 100 network 175.2 Router C Router D AS 300 AS 400 S4590 170.0 The no synchronization router configuration command causes Router B to put 170.0 IBGP Router A Router B 3.10.10.0.0.3.0 neighbor 1.2.1.0 via an IGP.1.3.0 175.1.1.1.3.1 1.4 1.10.3.1.

or there are no more sets of conditions to apply.3. the update is not redistributed or controlled.3.0 12-10 Internetworking Case Studies . The match and set route map configuration commands are used to define the condition portion of a route map.1. When BGP applies MYMAP to routing updates.3 Router C AS 300 S4579 170.1.2.3.4 Router A Router B 2. however.2.2 AS 100 EBGP 150.10. and breaks out of the list of route-map instances. and so on. it applies the lowest instance first (in this case. use route maps to filter outgoing BGP updates based on IP address. BGP breaks out of the list of instances.3 RIP 3.2.3. Figure 12-8 shows a topology that demonstrates the use of route maps.1 set metric 5 When an update matches IP address 1. and so on. and the route map specifies the deny keyword. instance 10).0.1. until either a set of conditions has been met. BGP applies the next instance of the route map to the update. and the set command specifies an action that is to be taken if the routing update meets the condition defined by the match command. The match command specifies a criteria that must be matched.2. sends the update (because of the permit keyword).1.1.0 2. Figure 12-8 Route Map Example 3. Note Route maps cannot be used to filter incoming BGP updates based on IP address. the second instance is applied. or there are no more route map instances to apply. you might use the following commands to define a route map named MYMAP: route-map MYMAP permit 10 ! First set of conditions goes here. route-map MYMAP permit 20 ! Second set of conditions goes here. When an update does not meet the criteria of an instance. until an action is taken. Following is an example of a simple route map: route-map MYMAP permit 10 match ip address 1. You can. and the update is not redistributed or controlled. If the update does not meet any criteria.0. BGP sets the metric for the update to 5. When an update meets the match criteria. If the first set of conditions is not met.10.BGP and Route Maps For example.

255.0 and permits updates for any other network.10.0.2. Routers A and B run RIP with each other.0 0.0.0.0.2 remote-as 100 neighbor 2.10.0.0 ! route-map SETMETRIC permit 10 match ip-address 1 set metric 2 ! route-map SETMETRIC permit 20 set metric 5 ! access-list 1 permit 170. use the following commands for Router A: !Router A router rip network 3.2.2. BGP and Route Maps In Figure 12-8.0 network 150.0.0.0.0. If you want Router A to redistribute routes from 170.0 neighbor 2.3 remote-as 300 network 150.0.0 with a metric of 2 and to redistribute all other routes with a metric of 5. the AS advertises them. and the route is redistributed. its metric is set to 5. BGP provides three ways for an AS to advertise the networks that it originates: • Redistributing Static Routes • Redistributing Dynamic Routes • Using the network Command Using the Border Gateway Protocol for Interdomain Routing 12-11 . When a route does not match the IP address 170.10.0.10. it is redistributed with a metric of 2.0 255. Assume that on Router C you want to set to 300 the community attribute of outgoing updates for network 170.0.0.0 passive-interface serial 0 redistribute bgp 100 route-map SETMETRIC ! router bgp 100 neighbor 2. Advertising Networks A network that resides within an AS is said to originate from that network.0.0.0.255 Access list 1 denies any update for network 170.10.0.2.2. To inform other ASs about its networks. and Routers A and C run BGP with each other.10.2 route-map SETCOMMUNITY out ! route-map SETCOMMUNITY permit 10 match ip address 1 set community 300 ! access-list 1 permit 0.10.255.0.2.255 When a route matches the IP address 170.10.0.255.0 network 2. The following commands apply a route map to outgoing updates on Router C: !Router C router bgp 300 network 170.10.

1.255.2. see the section “Origin Attribute.255 null 0 The redistribute router configuration command and the static keyword cause all static routes to be redistributed into BGP.BGP and Route Maps Note It is important to remember that routes advertised by the techniques described in this section are advertised in addition to other BGP routes that a BGP-configured router learns from its internal and external neighbors.220.1.0 0.1.1.0 2. (For a discussion of other values that can be assigned to the origin attribute.1 1.0 into BGP. BGP sets the origin attribute of updates for the route to Incomplete.220.0.220.0.1 remote-as 300 redistribute static ! ip route 175.) To configure Router C in Figure 12-9 to originate network 175. The only difference between advertising a static route and advertising a dynamic route is that when you redistribute a static route. BGP always passes on information that it learns from one peer to other peers.1. 12-12 Internetworking Case Studies . use these commands: !Router C router bgp 200 neighbor 1. The difference is that routes generated by the network and redistribute router configuration commands specify the AS of the router as the originating AS for the network. This section uses the topology shown in Figure 12-9 to demonstrate how networks that originate from an AS can be advertised.1.1.0.213.0.2 Router A Router B Router C IBGP 175.2 129.” later in this chapter. Figure 12-9 Network Advertisement Example 1 AS 300 Router D 1.2.0 S4580 AS 100 AS 200 Redistributing Static Routes One way to advertise that a network or a subnet originates from an AS is to redistribute static routes into BGP.

you redistribute IGP routes (such as Enhanced IGRP. Some of your IGP routes might have been learned from BGP. BGP and Route Maps The ip route global configuration command establishes a static route for network 175.0. such as network 129.220. If possible.220. (Normally.0. and RIP routes) into BGP. and the router will send it out the appropriate interface. IS-IS. Access list 1 specifies that network 175. distributing BGP into IGP should be avoided because too many routes would be injected into the AS.1 (that is.220.0. OSPF.” later in this chapter) or redistribute static routes instead of redistributing dynamic routes.1. Typically. Using the Border Gateway Protocol for Interdomain Routing 12-13 .) The neighbor distribute-list router configuration command applies access list 1 to outgoing advertisements to the neighbor whose IP address is 1.0 0.1. Note Regardless of route type (static or dynamic).1 distribute-list 1 out redistribute eigrp 10 ! access-list 1 permit 175.255 The redistribute router configuration command with the eigrp keyword redistributes Enhanced IGRP routes for process ID 10 into BGP.0.255.220.0 as originating from AS 200.213. In theory. Redistributing Dynamic Routes Another way to advertise networks is to redistribute dynamic routes.213. The access list prevents network 129. The following commands configure Router C: !Router C router eigrp 10 network 175.2.1.0.0 from being injected back into BGP as if it originated from AS 200.0.1.0. and that Router B is redistributing 129.213.1.1 remote-as 300 neighbor 2.0 redistribute bgp 200 redistributed connected default-metric 1000 100 250 100 1500 ! router bgp 200 neighbor 1.0 is to be advertised.220.220.2 remote-as 200 neighbor 1. Router D). Redistributing a static route is the best way to advertise a supernet because it prevents the route from flapping.0.1. and allows BGP to advertise network 175.0.213.2.1.0 to be discarded. that Router C is learning 129. All other networks.1. there will be a more specific match for the packet than 175.0 back into Enhanced IGRP. are implicitly prevented from being advertised. the specification of the null 0 interface would cause a packet destined for network 175.1.220.0. the redistribute router configuration command is the only way to inject BGP routes into an IGP. Note Redistribution of dynamic routes requires careful use of access lists to prevent updates from being injected back into BGP.1. you should use the network command (described in the section “Using the network Command. In practice.0.0 via BGP. so you need to use access lists to prevent the redistribution of routes back into BGP. IGRP. Assume that in Figure 12-9 Routers B and C are running IBGP.

20.20.0: !Router C router bgp 200 neighbor 1.2 160.10.0 !Router B router bgp 200 neighbor 160.1 remote-as 300 network 175.20. When used with BGP.0.20. The following commands configure Router C to advertise network 175.0.0 !Router C router bgp 300 neighbor 150.0 Router A Router B 150.10.10.0 The network router configuration command causes Router C to generate an entry in the BGP routing table for network 175.1 remote-as 100 neighbor 160.10.0. Figure 12-10 Network Advertisement Example 2 AS 100 AS 200 150.10.20.1 150.10.) The network command works for networks that the router learns dynamically or that are configured as static routes.0 The following configurations use the network command to configure the routers shown in Figure 12-10: !Router A router bgp 100 neighbor 150.0 12-14 Internetworking Case Studies .0.1.10.220.0 160.20.0.0.220.1 remote-as 200 network 170.2 remote-as 300 network 160.1.2 remote-as 300 network 150.10.0. Figure 12-10 shows another topology that demonstrates the effects of the network command.0.BGP and Route Maps Using the network Command Another way to advertise networks is to use the network router configuration command.10.2 Router C AS 300 S4581 170.220. the network command specifies the networks that the AS originates.10.10.10.20.1 160. (By way of contrast.0.10. the network command identifies the interfaces on which the IGP is to run.20.0. when used with an IGP such as RIP.10. The origin attribute of routes that are injected into BGP by means of the network command is set to IGP.

BGP does not accept updates that originated from its own AS. and path length) that the update contains and other BGP-configurable factors.10.10.0.0 with the origin set to AS 100 and sends it to Router C. which will recognize that the update originated from its own AS and will ignore it.10. BGP Decision Algorithm When a BGP speaker receives updates from multiple ASs that describe different paths to the same destination. BGP prepends its AS number to the update.0 Using the Border Gateway Protocol for Interdomain Routing 12-15 .0. in Figure 12-10.0 Router C AS 300 S4583 180. administrative weights. Consider the network shown in Figure 12-11. The AS_path attribute is the list of AS numbers that an update has traversed in order to reach a destination. The decision is based on the value of attributes (such as next hop. An AS-SET is a mathematical set of all the ASs that have been traversed. This section describes the following attributes and factors that BGP uses in the decision-making process: • AS_path Attribute • Origin Attribute • Next Hop Attribute • Weight Attribute • Local Preference Attribute • Multi-Exit Discriminator Attribute • Community Attribute AS_path Attribute Whenever an update passes through an AS. For example. BGP Decision Algorithm To ensure a loop-free interdomain topology. Once chosen. local preference.0. the origin of the route. if Router A generates an update for network 150. it must choose the single best path for reaching that destination. Router C will pass the update to Router B with the origin still set to AS 100.10. BGP propagates the best path to its neighbors.10.0 Router A Router B AS 100 170. Figure 12-11 AS_path Attribute AS 200 190. Router B will send the update (with the origin still set to AS 100) to Router A.

0. • Incomplete—The origin of the route is unknown or learned in some other way. Origin Attribute The origin attribute provides information about the origin of the route. 100.0.10.10. The IGP origin type is represented by the letter i in the output of the show ip bgp EXEC command.BGP Decision Algorithm In Figure 12-11.255.10. An origin of Incomplete occurs when a route is redistributed into BGP.0 in AS 200 with an AS_path of 200. the AS_path attribute for reaching network 190. Router C prepends its own AS number to it. 200.10.1 Router A IBGP Router B 170.1 remote-as 100 neighbor 170. That is. The EGP origin type is represented by the letter e in the output of the show ip bgp EXEC command.1 175. two AS numbers have been attached to it: 200 and then 300.0 255.0.0. Figure 12-12 shows a network that demonstrates the value of the origin attribute. Figure 12-12 Origin Attribute AS 100 150.10.10.0. When the update for 190.0.10.2 190. Likewise. Router B advertises network 190.10.40.30.10.10.0 from Router A is 300.0 null 0 12-16 Internetworking Case Studies .0 from Router B is 300.20.10. The Incomplete origin type is represented by the ? symbol in the output of the show ip bgp EXEC command. The origin of a route can be one of three values: • IGP—The route is interior to the originating AS.10. This value is set when the network router configuration command is used to inject the route into BGP.20.2 Router E AS 300 S4584 170.0 redistribute static ! ip route 190.10.10. so when the update reaches Router A. • EGP—The route is learned via the Exterior Gateway Protocol (EGP).20.0 traverses AS 300.50. the AS_path attribute for reaching network 170.0 The following commands configure the routers shown in Figure 12-12: !Router A router bgp 100 neighbor 190.50.0.2 remote-as 300 network 150.0.1 EBGP 170.

0.2 Router C AS 300 S4585 170.10.1 remote-as 100 network 190.0.0.0.) Consider the network shown in Figure 12-13. the following is true: • From Router A.20.20.0 has an AS_path of 300 and an origin attribute of IGP.10. in which case. For EBGP. the next hop is usually the IP address of the neighbor specified by the neighbor remote-as router configuration command.50.10. the route for reaching 190.1 EBGP 170.10.10.0.0 !Router E router bgp 300 neighbor 170. • From Router E.0 has an AS_path of 100 and an origin attribute of Incomplete (because 190. (The exception is when the next hop is on a multiaccess media.10.10.1 remote-as 100 network 170. • From Router A. Figure 12-13 Next Hop Attribute AS 100 150.10.30.20.50. the route for reaching 170.10.10.50.0.10.30.0 Using the Border Gateway Protocol for Interdomain Routing 12-17 .10.1 Router A Router B 170.10.0 has an empty AS_path (the route is in the same AS as Router A) and an origin attribute of IGP.10. Next Hop Attribute The BGP next hop attribute is the IP address of the next hop that is going to be used to reach a certain destination.0 is a redistributed route). the route for reaching 190.0. • From Router E.0 150.1 IBGP 150.0 Given these configurations. the next hop could be the IP address of the router in the same subnet. BGP Decision Algorithm !Router B router bgp 100 neighbor 150. the route for reaching 150.10.0 has an AS_path of 100 and an origin attribute of IGP.

20.0 to Router B with a next hop attribute of 170.10.10. and Router A advertises 170.10.0.10. if Router B runs IGRP.10.10.0.10.1 remote-as 100 network 150.20. 12-18 Internetworking Case Studies .20. Router A should run IGRP on network 170. Router A advertises 170.0 to Router A with a next hop attribute of 170.20. The following commands configure the routers shown in Figure 12-13: !Router A router bgp 100 neighbor 170.10. BGP specifies that the next hop of EBGP-learned routes should be carried without modification into IBGP. the configuration must ensure that Router B can reach 170. and Router A advertises network 150.2.10.10.0. For that reason. Router B will drop packets destined for 170.10.20.0.10. such as Ethernet.1.20.20.BGP Decision Algorithm In Figure 12-13.0 to Router C with a next hop attribute of 170.10.2.0. Router C advertises network 170. Because of that rule.0.1 remote-as 100 !Router C router bgp 300 neighbor 170. Otherwise.1 remote-as 100 network 170. The next hop of EBGP-learned routes is passed to the IBGP neighbor. instead of 150.0 because the next hop address is inaccessible. As a result.2 via an IGP.0.0 to Router A with a next hop attribute of 170.0 to its IBGP peer (Router B) with a next hop attribute of 170.0 is 170.30.20.2.2.10.20.0.10. the next hop to reach 170.10.2.1.0 Note Router C advertises 170.0. Next Hop Attribute and Multiaccess Media BGP might set the value of the next hop attribute differently on multiaccess media.0.10. For example.10. according to Router B.10.10.2 remote-as 300 neighbor 150. You might want to make IGRP passive on the link to Router C so that only BGP updates are exchanged.0 !Router B router bgp 100 neighbor 150.0. Consider the network shown in Figure 12-14.10.30.10.50.

20.0. instead of its own IP address (170. Router C can reach network 180. The problem is that Router A does not have a direct permanent virtual Using the Border Gateway Protocol for Interdomain Routing 12-19 .20.0.1 AS 100 150.20.10. it sets the next hop attribute to 170.10.2 170. use a common media such as Frame Relay (or any NBMA cloud). Router C advertises 180.10. Router C is running BGP with Router A.20.10.10.10.3.1 Router A Router B 170.20.10. just as it would do if the common media were Ethernet. B. Next Hop Attribute and Nonbroadcast Media Access In Figure 12-15.20.20.10. Routers C and D in AS 300 are running OSPF.0.10.0. and D.30.10.0 If Routers A.20.30.1 Router A Router B 170. three networks are connected by a nonbroadcast media access (NBMA) cloud.0 to Router A with a next hop of 170.20.20.0.10.20.1 150. When Router C sends a BGP update to Router A regarding 180.10.3 Router C Router D 180.20. BGP Decision Algorithm Figure 12-14 Next Hop Attribute and Multiaccess Media 150.2 170.0 via 170.0.10.50. and C are in the same subnet.10.3.50.3.0 170.0.0 150.1 150. Figure 12-15 Next Hop Attribute and Nonbroadcast Media Access AS 100 150.0 S4586 AS 300 In Figure 12-14.20.10. C.1 PVC PVC 170. such as Frame Relay.20.20.2).3 Router C Router D S4587 AS 300 180. This is because Routers A.10.0. and it makes more sense for Router A to use Router D as the next hop rather than taking an extra hop via Router C.

you set the weight of the updates coming in from Router A to be higher than the updates coming in from Router B.0 from AS 400. so routing will fail. Figure 12-16 Weight Example AS 100 AS 400 AS 200 170.0 and has to decide which route to use. Router C has two routes for reaching 175.0.0.0 Router A Router D Router B 1.0. The weight attribute is local to the router on which it is assigned.0. and each propagates the update to Router C.1.2 175.10.10. the weight attribute is 32768 for paths that the router originates and zero for other paths.0 190.0. There are three ways to set the weight for updates coming in from Router A: • Using an Access List to Set the Weight Attribute • Using a Route Map to Set the Weight Attribute • Using the neighbor weight Command to Set the Weight Attribute 12-20 Internetworking Case Studies .2.0.0 175.20. Weight Attribute The weight attribute is a special Cisco attribute that is used in the path selection process when there is more than one route to the same destination.0 with the next hop attribute set to 170.1 next-hop-self The neighbor next-hop-self command causes Router C to advertise 180.10.10. Router C will use Router A as the next hop to reach network 175.20.10.1 Router D 2. To remedy this situation.0.10.20.0. By default.1 remote-as 100 neighbor 170.2.0.10.10. on Router C.0 Router C S4591 AS 300 In Figure 12-16.2. Routers A and B learn about network 175. Routes with a higher weight are preferred when there are multiple routes to the same destination.BGP Decision Algorithm connection (PVC) to Router D and cannot reach the next hop.10. as shown in the following configuration for Router C: !Router C router bgp 300 neighbor 170. If. Consider the network shown in Figure 12-16.0 175.10.20. and it is not propagated in routing updates.0.1.10. use the neighbor next-hop-self router configuration command.

2 that are permitted by access list 6.1 that are permitted by access list 5.2 route-map SETWEIGHTIN in ! ip as-path access-list 5 permit ^100$ ! route-map SETWEIGHTIN permit 10 match as-path 5 set weight 2000 route-map SETWEIGHTIN permit 20 set weight 1000 This first instance of the SETWEIGHTIN route map assigns 2000 to any route update from AS 100.1.2.2 remote-as 200 neighbor 2.1.2. this configuration assigns 2000 to the weight attribute of all route updates received from AS 100 and assigns 1000 to the weight attribute of all route updates from AS 200. Access list 5 permits updates whose AS_path attribute starts with 100 (as specified by ^) and ends with 100 (as specified by $). This example also assigns 1000 to the weight attribute of updates from the neighbor at IP address 2. 2000 is assigned to the weight attribute of updates from the neighbor at IP address 1.1. For a complete explanation of regular expressions.1. Using a Route Map to Set the Weight Attribute The following commands on Router C use a route map to assign a weight to route updates: !Router C router bgp 300 neighbor 1. Access list 6 permits updates whose AS_path attribute starts with 200 and ends with 200.2. and the second instance of the SETWEIGHTIN route map assigns 1000 to route updates from any other AS.2 filter-list 6 weight 1000 ! ip as-path access-list 5 permit ^100$ ip as-path access-list 6 permit ^200$ In this example.1 remote-as 100 neighbor 1. BGP Decision Algorithm Using an Access List to Set the Weight Attribute The following commands on Router C use access lists and the value of the AS_path attribute to assign a weight to route updates: !Router C router bgp 300 neighbor 1.2.2. In effect.1.1.1.2 remote-as 200 neighbor 2.2 remote-as 200 neighbor 2.1 route-map SETWEIGHTIN in neighbor 2.1 remote-as 100 neighbor 1.1 filter-list 5 weight 2000 neighbor 2.1.1.2.2.1.1 weight 2000 neighbor 2.2. (The ^ and $ symbols are used to form regular expressions.2.2.1.2. Using the neighbor weight Command to Set the Weight Attribute The following configuration for Router C uses the neighbor weight router configuration command: !Router C router bgp 300 neighbor 1.1.2.2.1.1 remote-as 100 neighbor 1.2. see the appendix on regular expressions in the Cisco Internetwork Operating System (Cisco IOS) software configuration guides and command references.1.2 weight 1000 Using the Border Gateway Protocol for Interdomain Routing 12-21 .

Unlike the weight attribute.0. Figure 12-17 Local Preference 170. the local preference attribute indicates the preferred path.1.3 128.1 remote-as 100 neighbor 128. The network shown in Figure 12-17 demonstrates the local preference attribute.0 from AS 100 and AS 300.0 AS 100 AS 300 Router A Router B 1.3. The path with the higher preference is preferred (the default value of the local preference attribute is 100). and the weight of all route updates coming from AS 200 to 1000.213.11. AS 256 receives route updates for network 170.0.213.2 remote-as 256 bgp default local-preference 150 12-22 Internetworking Case Studies . the local preference attribute is part of the routing update and is exchanged among routers in the same AS.11.BGP Decision Algorithm This configuration sets the weight of all route updates from AS 100 to 2000.3.1 128.10.3.4 1.213.1.1.2 3.11.2 Router C IBGP Router D AS 34 S4592 AS 256 In Figure 12-17. There are two ways to set local preference: • Using the bgp default local-preference Command • Using a Route Map to Set Local Preference Using the bgp default local-preference Command The following configurations use the bgp default local-preference router configuration command to set the local preference attribute on Routers C and D: !Router C router bgp 256 neighbor 1. The higher weight assigned to route updates from AS 100 causes Router C to send traffic through Router A.1 3. Local Preference Attribute When there are multiple paths to the same destination.10.1. which is only relevant to the local router.1.3.1.

10. the MED is reset to 0. all traffic in AS 256 destined for network 170. If you want MED attributes from neighbors in other ASs to be compared. MED is known as Inter-AS_Metric. Note In BGP Version 3.213.0 is sent to Router D as the exit point. the router compares MED attributes for paths from external neighbors that are in the same AS. Multi-Exit Discriminator Attribute The multi-exit discriminator (MED) attribute is a hint to external neighbors about the preferred path into an AS when there are multiple entry points into the AS.0. BGP Decision Algorithm !Router D router bgp 256 neighbor 3.4 remote-as 300 neighbor 128. As a result. The following configuration uses a route map to set the local preference attribute on Router D specifically for updates regarding AS 300: !Router D router bgp 256 neighbor 3.10. When BGP sends that update to another AS. Using the Border Gateway Protocol for Interdomain Routing 12-23 . the local preference attribute of all updates received by Router D will be set to 200. Instance 20 of the SETLOCALIN route map accepts all other routes. that value is used for decision making within the AS. both Routers C and D determine that updates regarding network 170.3.3. Because local preference is exchanged within the AS. you must configure the bgp always-compare-med command.3.3. but a MED attribute that comes into an AS does not leave the AS. Unless otherwise specified. When an update enters the AS with a certain MED value.4 remote-as 300 route-map SETLOCALIN in neighbor 128. When the bgp default local-preference command is used on Router D in Figure 12-17.11. Using a Route Map to Set Local Preference Route maps provide more flexibility than the bgp default local-preference router configuration command. Unlike local preference.213. the MED attribute is exchanged between ASs. including updates from AS 34. The default value of the MED attribute is 0.1 remote-as 256 bgp default local-preference 200 The configuration for Router C causes it to set the local preference of all updates from AS 300 to 150. the local preference attribute of any update coming from AS 300 is set to 200. A lower MED value is preferred over a higher MED value.11.0 have a higher local preference when they come from AS 300 than when they come from AS 100.0.1 remote-as 256 ! ip as-path 7 permit ^300$ route-map SETLOCALIN permit 10 match as-path 7 set local-preference 200 ! route-map SETLOCALIN permit 20 With this configuration. and the configuration for Router D causes it to set the local preference for all updates from AS 100 to 200.

BGP Decision Algorithm

The network shown in Figure 12-18 demonstrates the use of the MED attribute.

Figure 12-18 MED Example

AS 100 AS 400
170.10.0.0 180.10.0.0
MED = 50
4.4.4.4
4.4.4.3
Router A 3.3.3.2 Router B
2.2.2.2 5.5.5.5

180.10.0.0
180.10.0.0
MED = 200
MED = 120
2.2.2.1 5.5.5.4

3.3.3.3
Router C Router D
1.1.1.1 1.1.1.2
AS 300

S4593
180.10.0.0

In Figure 12-18, AS 100 receives updates regarding network 180.10.0.0 from Routers B, C, and D.
Routers C and D are in AS 300, and Router B is in AS 400.
The following commands configure Routers A, B, C, and D:
!Router A
router bgp 100
neighbor 2.2.2.1 remote-as 300
neighbor 3.3.3.3 remote-as 300
neighbor 4.4.4.3 remote-as 400

!Router B
router bgp 400
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 route-map SETMEDOUT out
neighbor 5.5.5.4 remote-as 300
!
route-map SETMEDOUT permit 10
set metric 50

!Router C
router bgp 300
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 route-map SETMEDOUT out
neighbor 5.5.5.5 remote-as 400
neighbor 1.1.1.2 remote-as 300
!
route-map SETMEDOUT permit 10
set metric 120

!Router D
router bgp 300
neighbor 3.3.3.2 remote-as 100
neighbor 3.3.3.2 route map SETMEDOUT out
neighbor 1.1.1.1 remote-as 300
route-map SETMEDOUT permit 10
set metric 200

12-24 Internetworking Case Studies

BGP Decision Algorithm

By default, BGP compares the MED attributes of routes coming from neighbors in the same external
AS (such as AS 300 in Figure 12-18). Router A can only compare the MED attribute coming from
Router C (120) to the MED attribute coming from Router D (200) even though the update coming
from Router B has the lowest MED value.
Router A will choose Router C as the best path for reaching network 180.10.0.0. To force Router A
to include updates for network 180.10.0.0 from Router B in the comparison, use the
bgp always-compare-med router configuration command, as in the following modified
configuration for Router A:
!Router A
router bgp 100
neighbor 2.2.2.1 remote-as 300
neighbor 3.3.3.3 remote-as 300
neighbor 4.4.4.3 remote-as 400
bgp always-compare-med

Router A will choose Router B as the best next hop for reaching network 180.10.0.0 (assuming that
all other attributes are the same).
You can also set the MED attribute when you configure the redistribution of routes into BGP. For
example, on Router B you can inject the static route into BGP with a MED of 50 as in the following
configuration:
!Router B
router bgp 400
redistribute static
default-metric 50
!
ip route 160.10.0.0 255.255.0.0 null 0

The preceding configuration causes Router B to send out updates for 160.10.0.0 with a MED
attribute of 50.

Community Attribute
The community attribute provides a way of grouping destinations (called communities) to which
routing decisions (such as acceptance, preference, and redistribution) can be applied.
Route maps are used to set the community attribute. A few predefined communities are listed in
Table 12-1.

Table 12-1 Predefined Communities

Community Meaning
no-export Do not advertise this route to EBGP peers.
no-advertise Do not advertise this route to any peer.
internet Advertise this route to the internet community; all routers in the network belong to it.

The following route maps set the value of the community attribute:
route-map COMMUNITYMAP
match ip address 1
set community no-advertise
!
route-map SETCOMMUNITY
match as-path 1
set community 200 additive

Using the Border Gateway Protocol for Interdomain Routing 12-25

Controlling the Flow of BGP Updates

If you specify the additive keyword, the specified community value is added to the existing value
of the community attribute. Otherwise, the specified community value replaces any community
value that was set previously.
To send the community attribute to a neighbor, you must use the neighbor send-community router
configuration command, as in the following example:
router bgp 100
neighbor 3.3.3.3 remote-as 300
neighbor 3.3.3.3 send-community
neighbor 3.3.3.3 route-map setcommunity out

For examples of how the community attribute is used to filter updates, see the section “Community
Filtering,” later in this chapter.

Summary of the BGP Path Selection Process
BGP selects only one path as the best path. When the path is selected, BGP puts the selected path in
its routing table and propagates the path to its neighbors. BGP uses the following criteria, in the order
presented, to select a path for a destination:
1 If the path specifies a next hop that is inaccessible, drop the update.
2 Prefer the path with the largest weight.
3 If the weights are the same, prefer the path with the largest local preference.
4 If the local preferences are the same, prefer the path that was originated by BGP running on this
router.
5 If no route was originated, prefer the route that has the shortest AS_path.
6 If all paths have the same AS_path length, prefer the path with the lowest origin type (where IGP
is lower than EGP, and EGP is lower than Incomplete).
7 If the origin codes are the same, prefer the path with the lowest MED attribute.
8 If the paths have the same MED, prefer the external path over the internal path.
9 If the paths are still the same, prefer the path through the closest IGP neighbor.
10 Prefer the path with the lowest IP address, as specified by the BGP router ID.

Controlling the Flow of BGP Updates
This section describes techniques for controlling the flow of BGP updates. The techniques include
the following:
• Administrative Distance
• BGP Filtering
• BGP Peer Groups
• CIDR and Aggregate Addresses
• Confederations
• Route Reflectors
• Route Flap Dampening

12-26 Internetworking Case Studies

3. Usually when a route is learned via EBGP. or OSPF). Table 12-2 BGP Default Distances Distance Default Value Function External 20 Applied to routes learned from EBGP Internal 200 Applied to routes learned from IBGP Local 200 Applied to routes originated by the router Note Distance does not influence the BGP path selection algorithm. Figure 12-19 Back Door Example AS 100 AS 200 150.0 160. Using the Border Gateway Protocol for Interdomain Routing 12-27 . 100. The route with the lowest administrative distance is installed in the IP routing table. respectively. Enhanced IGRP. Administrative distance is used to discriminate between routes learned from more than one protocol.1 Router C AS 300 S4588 170. as are Routers B and C. it is installed in the IP routing table because of its distance (20).10. however. Usually.3. BGP uses the administrative distances shown in Table 12-2. All of these default distances are higher than the default distance of EBGP (which is 20).3 EBGP EBGP 2. 90.2. Routers A and B are running an IGP (such as RIP.10. IGRP.2. the route with the lowest distance is preferred.3.2.0 IGP Router A Router B 2. The network in Figure 12-19 shows this situation. two ASs have an IGP-learned backdoor route and an EBGP-learned route. Sometimes. Enhanced IGRP.0. IGRP.2.1 3.2 3. and 110. Their policy might be to use the IGP-learned path as the preferred path and to use the EBGP-learned path when the IGP path is down. and OSPF are 120. By default. but it does influence whether BGP-learned routes are installed in the IP routing table. Routers A and C are running EBGP.3. a route could be learned via more than one protocol. Controlling the Flow of BGP Updates Administrative Distance Normally. The default distances for RIP.0.0 In Figure 12-19.10.0.

0. Note Although BGP treats network 160.0 router bgp 100 neighbor 2.10. BGP Filtering You can control the sending and receiving of updates by using the following filtering methods: • Prefix Filtering • AS_path Filtering • Route Map Filtering • Community Filtering Each method can be used to achieve the same result—the choice of method depends on the specific network configuration. so the Enhanced IGRP route is successfully installed in the IP routing table and is used to forward traffic. The filter consists of an access list that is applied to updates to or from a neighbor. The network shown in Figure 12-20 demonstrates the usefulness of prefix filtering.1 remote-as 300 network 160.0 from Router B (IGP).0 as a local entry.10. use the network backdoor router configuration command.0.0. 12-28 Internetworking Case Studies . (Recommended) To establish a BGP back door.10.0 from two routing protocols: EBGP and an IGP. Router A treats the EBGP-learned route as local and installs it in the IP routing table with a distance of 200. you could use one of the following techniques: • Change the external distance of EBGP.10. (Not recommended because the distance will affect all updates.) • Change the distance of the IGP.2. which might lead to undesirable behavior when multiple routing protocols interact with one another. If you want Router A to learn about 160. The network is also learned via Enhanced IGRP (with a distance of 90). which might lead to undesirable behavior when multiple routing protocols interact with one another. you can filter based on routing updates to or from a particular neighbor. (Not recommended because the distance will affect all updates.Controlling the Flow of BGP Updates Router A receives updates about 160.0 backdoor With the network backdoor command.0. Because the default distance for EBGP is lower than the default distance of the IGP.0 as it normally would advertise a local entry. it does not advertise network 160.2. Prefix Filtering To restrict the routing information that the router learns or advertises.10. The following commands configure Router A in Figure 12-19: !Router A router eigrp 10 network 150.0. Router A will choose the EBGP-learned route from Router C.) • Establish a BGP back door. the EBGP-learned route will be installed in the IP routing table and used to forward traffic.0.10. If the Enhanced IGRP-learned route goes down.

0.0.0.255.10.0 0.255.3.0.0.2.0/8.0 0. that Router B in Figure 12-20 has different subnets of 160. If you want to prevent Router C from propagating updates for network 160. Controlling the Flow of BGP Updates Figure 12-20 Route Filtering AS 100 AS 200 150.0.2.0.1 3. 160.255.3.2.0.0.2 remote-as 100 neighbor 2.10.255 255.0. as demonstrated by the following configuration for Router C: !Router C router bgp 300 network 170. Assume.10.10. and you want to advertise 160.2 distribute-list 1 out ! access-list 1 deny 160.3. The following access list would permit 160.0 neighbor 3. such as the following: access-list 101 permit ip 160.0 160.2.0 when it sends routing updates to neighbor 2.x.0.0.3 160.0.0.0. Using access lists to filter supernets is a bit trickier.2.0.0.1 Router C S4594 AS 300 170.0.0 In Figure 12-20.10.255.0.2.2. Using the Border Gateway Protocol for Interdomain Routing 12-29 .2.0.0. The network shown in Figure 12-21 demonstrates the usefulness of AS_path filters.10.0. the combination of the neighbor distribute-list router configuration command and access list 1 prevents Router C from propagating routes for network 160.255 In the preceding configuration.2.0 to AS 100.0.2. Router B is originating network 160.0 0.2 (Router A). and so on: access-list 1 permit 160.10.3 remote-as 200 neighbor 2.3.10.2 3.0.0/8 only.0 Router A Router B 2.255 To restrict the update to 160.0.0 AS_path Filtering You can specify an access list on both incoming and outgoing updates based on the value of the AS_path attribute.0.0 160.0/8 only. you have to use an extended access list.3.10.255 access-list 1 permit 0. for example.0.10.0 255.0.0 and sending it to Router C.10.0 0.0 2.255.0.255. you can apply an access list to filter those updates when Router C exchanges updates with Router A.255.0/9.x.3.

0 2. If you want to verify that your regular expressions work as intended.* matches any value of the AS_path attribute.0.0.3.2. such updates will match the access list and will be denied.3 160.10.) symbol means any character. . updates from AS 400 would be denied.2. If the access list specified ^200 as the regular expression. which in effect permits any update that has not been denied by the previous access-list statement.0.10.3 remote-as 200 neighbor 2.1 3.10.0 AS 400 Router A Router B 2.0 160. Because Router B sends updates about 160. the period (.Controlling the Flow of BGP Updates Figure 12-21 AS_path Filtering AS 100 AS 200 150. In the second access-list statement. Note The neighbor route-map command has no effect on incoming updates when matching is based on IP address.3. and the asterisk (*) symbol means a repetition of that character.0. 12-30 Internetworking Case Studies .2 remote-as 100 neighbor 2. Together.* In this example. the access list permits updates from AS 400 (whose AS_path attribute is 200.2 filter-list 1 out ! ip as-path access-list 1 deny ^200$ ip as-path access-list 1 permit .2.0 whose AS_path attributes start with 200 and end with 200.2. 400). Route Map Filtering The neighbor route-map router configuration command can be used to apply a route map to incoming and outgoing routes.2.10.2 3.3. use the following EXEC command: show ip bgp regexp regular-expression The router displays all of the paths that match the specified regular expression.0.2.2. access list 1 denies any update whose AS_path attribute starts with 200 (as specified by ^) and ends with 200 (as specified by $).0 !Router C neighbor 3.2.3.3.0 160. The network shown in Figure 12-22 demonstrates using route maps to filter BGP updates.0.3.10.1 Router C AS 300 S4595 170. By specifying that the update must also end with 200.10.

• Accept any other updates and change their weight attribute to 10.3.3.10.1 3.0.3.3 remote-as 200 neighbor 3. you do not want Router C to learn about AS 100.10.3. All other updates are denied and dropped.3. Assume that in Figure 12-22.3.0.3.3 route-map STAMP in Using the Border Gateway Protocol for Interdomain Routing 12-31 . The following configuration for Router C accomplishes this goal: !Router C router bgp 300 network 170.2. access list 1 permits any update whose AS_path attribute begins with 200 and ends with 200 (that is.0 Router A Router B 2.3 2.0 neighbor 3.2.10. The weight attribute of the permitted updates is set to 20.3.0 Assume that in Figure 12-22.2. you want Router C to do the following: • Accept updates that originate from AS 200 and change their weight attribute to 20.0. The following configuration for Router C accomplishes this goal: !Router C router bgp 300 network 170. you want the weight attribute to be set to 20.0. Controlling the Flow of BGP Updates Figure 12-22 BGP Route Map Filtering AS 600 190.10.0 neighbor 3.2.3.3.0 160.0 AS 400 AS 100 AS 200 150. (That is. access list 1 permits updates that originate in AS 200).) Also.0. you want Router C to learn about networks that are local to AS 200 only. AS 400.3 remote-as 200 neighbor 3.3. on those routes that Router C accepts from AS 200.10.10.3 route-map STAMP in ! route-map STAMP permit 10 match as-path 1 set weight 20 ! ip as-path access-list 1 permit ^200$ In the preceding configuration.3. or AS 600 from AS 200.0.2 3.1 Router C AS 300 S4597 170. • Deny updates that contain AS 400.

10.2.Controlling the Flow of BGP Updates route-map STAMP permit 10 match as-path 1 set weight 20 ! route-map STAMP permit 20 match as-path 2 ! route-map STAMP permit 30 set weight 10 ! ip as-path access-list 1 permit ^200$ ip as-path access-list 2 deny _400_ In the preceding configuration. 300) and via AS 400 with an AS_path attribute of (400.0 that AS 600 receives via AS 400 (400.2.0.0 arrive in AS 600. the routers in AS 600 will pick the shortest AS_path attribute: the route through AS 100. access list 1 permits updates that originate in AS 200).10. as in the following configuration: !Router C router bgp 300 network 170.0 that AS 600 receives via AS 100 will be 100. you can do so by prepending extra AS numbers to the AS_path attribute for routes that Router C advertises to AS 100. 12-32 Internetworking Case Studies . When updates about network 170. All other updates will have a weight of 10 (by means of instance 30 of the STAMP route map) and will be permitted. 300.2.0. Access list 2 denies updates whose AS_path attribute contains 400. 300) as the better path.0.10. 200. Assuming that the values of all other attributes are the same. Community Filtering The network shown in Figure 12-23 demonstrates the usefulness of community filters. 300).2. 300. The weight attribute of the permitted updates is set to 20. As a result.2 (Router A). If you want to use the configuration of Router C to influence the choice of paths in AS 600.2 route-map SETPATH out ! route-map SETPATH permit 10 set as-path prepend 300 300 The set as-path route map configuration command with the prepend keyword causes Router C to prepend 300 twice to the value of the AS_path attribute before it sends updates to the neighbor at IP address 2.0) to AS 100 and AS 200. 300. the AS_path attribute of updates for network 170. 300).10.0 neighbor 2. 200. 200. A common practice is to repeat the AS number. Suppose that in Figure 12-22 Router C advertises its own network (170.10. which is longer than the value of the AS_path attribute of updates for network 170.2. access list 1 permits any update whose AS_path attribute begins with 200 and ends with 200 (that is. AS 600 will choose (400.0.2. the routers in AS 600 will have network reachability information via two routes: via AS 100 with an AS_path attribute of (100.2 remote-as 100 neighbor 2.0.

3.1 route-map SETCOMMUNITY out ! route-map SETCOMMUNITY permit 10 match ip address 1 set community no-export ! route-map SETCOMMUNITY permit 20 ! access list 1 permit 0.2.10.3.3.1 route-map SETCOMMUNITY out ! route-map SETCOMMUNITY permit 10 match ip address 2 set community 100 200 additive Using the Border Gateway Protocol for Interdomain Routing 12-33 .2. The SETCOMMUNITY route map sets the community attribute of any update (by means of access list 1) destined for 3.1 remote-as 300 neighbor 3.3.0 neighbor 3.3.0 160.2.0. You can do this by setting the community attribute on updates that Router B sends to Router C.1 (Router C).3.10.1 remote-as 300 neighbor 3.0.10.3.3.10.0 Assume that you do not want Router C to propagate routes learned from Router B to Router A. The neighbor send-community router configuration command is required to include the community attribute in updates sent to the neighbor at IP address 3.3. Assume that Router B has been configured as follows: !Router B router bgp 200 network 160.255 For routes that are sent to the neighbor at IP address 3.3.10.0.3.0 Router A Router B 2. Another way to filter updates based on the value of the community attribute is to use the ip community-list global configuration command.0.1 Router C 3.2 3.3.3.1 send-community neighbor 3.1 send-community neighbor 3.3.0.3. Router B applies the route map named SETCOMMUNITY.0 neighbor 3.1.3 2.3.1 to no-export.3.3. Controlling the Flow of BGP Updates Figure 12-23 Community Filtering AS 100 AS 200 150.1 AS 300 S4596 170.0 255. When Router C receives the updates from Router B. it does not propagate them to Router A because the value of the community attribute is no-export. as in the following configuration for Router B: !Router B router bgp 200 network 160.0.255.3.2.3.3.3.0.255.

3.3. you define a peer group name and assign policies to the peer group. Members of a peer group inherit all of the configuration options of the peer group. In the last community list (list 3) the use of the internet keyword permits all other updates without changing the value of an attribute.255. Router B adds 100 and 200 to the community value of any update destined for the neighbor at IP address 3. any route that has 100 in its community attribute matches community list 1 and has its weight set to 20. and filter lists. Peer group members can also be configured to override configuration options if the options do not affect outgoing updates.3. The use of BGP peer groups is demonstrated by the network shown in Figure 12-24.0 255.3 remote-as 200 neighbor 3.) BGP Peer Groups A BGP peer group is a group of BGP neighbors that share the same update policies.0.3. 12-34 Internetworking Case Studies . That is.255.255 In the preceding configuration. (The internet keyword specifies all routes because all routes are members of the internet community. Update policies are usually set by route maps. use the following configuration: !Router C router bgp 300 neighbor 3.3 route-map check-community in ! route-map check-community permit 10 match community 1 set weight 20 ! route-map check-community permit 20 match community 2 exact set weight 10 ! route-map check-community permit 30 match community 3 ! ip community-list 1 permit 100 ip community-list 2 permit 200 ip community-list 3 permit internet In the preceding configuration. distribution lists.0.Controlling the Flow of BGP Updates route-map SETCOMMUNITY permit 20 ! access list 2 permit 0.3. you can only override options that are set for incoming updates. Instead of defining the same policies for each individual neighbor. To configure Router C to use the ip community-list global configuration command to set the value of the weight attribute based on whether the community attribute contains 100 or 200.3.1. Any route whose community attribute is only 200 (by virtue of the exact keyword) matches community list 2 and has its weight set to 10.

3.2 peer-group EXTERNALMAP neighbor 4.1 1. F.2 4.2.3.1 Router G AS 300 S4598 6.2.2 (Router E). 200.2.2.3.0.1.4.2. and G.2 1.5.2 Router E 2.6. This filter list can only be used to override options that affect incoming updates.2 peer-group INTERNALMAP neighbor 6. and 600: !Router C router bgp 300 neighbor EXTERNALMAP peer-group neighbor EXTERNALMAP route-map SETMED neighbor EXTERNALMAP filter-list 1 out neighbor EXTERNALMAP filter-list 2 in neighbor 2. Controlling the Flow of BGP Updates Figure 12-24 BGP Peer Groups AS 100 AS 600 AS 200 150.5.2 remote-as 600 Using the Border Gateway Protocol for Interdomain Routing 12-35 .1 5.3.1 6.5.2 filter-list 3 in The preceding configuration defines the following policies for the internalmap peer group: • A route map named INTERNAL • A filter list for outgoing updates (filter list 1) • A filter list for incoming updates (filter list 2) The configuration applies the peer group to all internal neighbors—Routers E. The following commands configure a BGP peer group named EXTERNALMAP on Router C and apply it to routers in AS 100.1.10.5.0 Router A Router H Router B 2.3.3. The configuration also defines a filter list for incoming updates from the neighbor at IP address 3.6.2 remote-as 100 neighbor 2.4.2 170.2 peer-group INTERNALMAP neighbor 3.4.2.2.4.2 3.6.2 Router C Router F 5.5.1.6.3.0.3.6.5.0 The following commands configure a BGP peer group named INTERNALMAP on Router C and apply it to the other routers in AS 300: !Router C router bgp 300 neighbor INTERNALMAP peer-group neighbor INTERNALMAP remote-as 300 neighbor INTERNALMAP route-map INTERNAL out neighbor INTERNALMAP filter-list 1 out neighbor INTERNALMAP filter-list 2 in neighbor 5.6.1.10.2 peer-group INTERNALMAP neighbor 3.2.

0.1.0. Class B.213.3. is a legal supernet when it is represented in CIDR notation as 192.0 160.4.0/16.0.10.0.1.0.1. which is an illegal Class C network number.3 2.0 255.2.0 to Router A.213. For example.0. Aggregation is the process of combining several different routes in such a way that a single route can be advertised.Controlling the Flow of BGP Updates neighbor 4.2 remote-as 200 neighbor 1. To configure Router C to propagate the aggregate address 160.0/8) and all of the more specific routes.0 3.213.2.2.11. use the following commands: !Router C router bgp 300 neighbor 3. which can be used to override configuration options for incoming updates from the neighbor at IP address 1.0/16 is similar to 192.3.3.2 2.3.0.2 filter-list 3 in In the preceding configuration.0.213.0.) CIDR is a new way of looking at IP addresses that eliminates the concept of classes (Class A.0.0 aggregate-address 160. and so on).2 remote-as 100 network 160.3. Also note that this configuration defines filter list 3.1. network 192.3 remote-as 200 neighbor 2.1.0. which minimizes the size of routing tables. 160.0 160.1.1 3.2 peer-group EXTERNALMAP neighbor 1.11.2.0 Router A Router B 160.0.0.1.2.2. The /16 indicates that the subnet mask consists of 16 bits (counting from the left).0. which is a major improvement over BGP3. (CIDR is also known as supernetting. 192. Figure 12-25 Aggregation AS 100 AS 200 150.0.2 (Router B).1 Router C AS 300 S4600 160.0. the neighbor remote-as router configuration commands are placed outside of the neighbor peer-group router configuration commands because different external ASs have to be defined.0. 12-36 Internetworking Case Studies .0.0 In Figure 12-25.10.1. Consider the network shown in Figure 12-25.0.0 and advertising it to Router C in AS 300. CIDR and Aggregate Addresses BGP4 supports classless interdomain routing (CIDR).0.255.0.10.4.3.0. Therefore.0 255. CIDR makes it easy to aggregate routes.2 peer-group EXTERNALMAP neighbor 1.10.0 The aggregate-address router configuration command advertises the prefix route (in this case.0. Router B in AS 200 is originating network 160.

0.255. even if you specify the summary-only keyword with the aggregate-address router configuration command.0.0.255.0.0.2.0. use the following command: aggregate-address 160.0. Controlling the Flow of BGP Updates Note A router cannot aggregate an address if it does not have a more specific route of that address in the BGP routing table. use an attribute map. If you want Router C to propagate the prefix route only.0. If.0. use the following commands: !Router C router bgp 300 neighbor 3. as demonstrated by the following commands: route-map SETORIGIN permit 10 set origin igp ! aggregate-address 160.20.255. you want Router C in Figure 12-25 to aggregate 160.0.0 255.0 and suppress the specific route 160.0.3. you can define a route map and apply it to the aggregate.3 remote-as 200 neighbor 2.0.0/8) and suppresses any more specific routes that the router may have in its BGP routing table.0 aggregate-address 160.0.255 access-list 1 permit 0.0 255.20. the entry for that network is always injected into BGP updates.2 remote-as 100 network 160.0 summary-only This command propagates the prefix (160.0 255. but propagate route 160. for example.0.0. If you want to suppress specific routes when aggregating routes.255 If you want the router to set the value of an attribute when it propagates the aggregate route.0.2. Using the Border Gateway Protocol for Interdomain Routing 12-37 .0 suppress-map CHECK ! route-map CHECK permit 10 match ip address 1 ! access-list 1 deny 160.0.0 0.0.0.0. can be redistributed from an IGP.0.10. Note If you use the network command to advertise a network.0.0. or can be established by the network router configuration command.10.0 attribute-map SETORIGIN Aggregation and Static Routes The network shown in Figure 12-26 demonstrates how static routes can be used to generate aggregates. and you do not want it to propagate a more specific route.0.3.0. The more specific route can be injected in the BGP routing table by incoming updates from other ASs.0 255.

0. The network shown in Figure 12-27 demonstrates the use of AS-SET when aggregating addresses.2. you want Router B to advertise the prefix 160.0 3.0.2. the AS_path attributes of the more specific routes are combined to form a set called the AS-SET.Controlling the Flow of BGP Updates Figure 12-26 CIDR Aggregation Example AS 100 AS 200 150.0.2.3.1 remote-as 300 redistribute static ! ip route 160.0 will be set to IGP instead of Incomplete.0.1 remote-as 300 ! ip route 160.0.0.0.0 mask 255.0 neighbor 3.1 3.0 Router A Router B 160.0 160.0.10.0.2 2.0 In Figure 12-26.3.1 Router C AS 300 S4601 170.0.0.3. Router B advertises the aggregate with an origin attribute whose value is Incomplete.0.2.10.0.0.3.3 2.0. Using the network router command instead of the redistribute command.0.0. has the same effect as the preceding configuration except that the origin attribute of updates for network 160.0.0.0 null 0 As a result of this configuration. Aggregation and AS-SET When aggregates are generated from more specific routes. !Router B router bgp 200 network 160.3.3.10.0 and suppress all of the more specific routes. as in the following configuration.0. This set is useful for preventing routing information loops.3.3.0 255.0 null 0 Note The use of static routes (as shown in these two examples) is the preferred method of injecting an aggregate route because using static routes avoids unnecessary route flaps. 12-38 Internetworking Case Studies .0.0 255. The following configuration for Router B redistributes a static aggregate route into BGP: !Router B router bgp 200 neighbor 3.

Consider the network shown in Figure 12-28.0/8 and sends updates for it to Router D.20.0.0 from Router B.2.0.0 160.4 remote-as 400 aggregate-address 160.2.4. Using the Border Gateway Protocol for Interdomain Routing 12-39 . use the aggregate-address router configuration command with the as-set keyword. Router C is receiving updates about network 160.0.0.3 remote-as 200 neighbor 2.0.0.0. Confederations A confederation is a technique for reducing the IBGP mesh inside the AS.3.0 AS 300 S4602 160.3.0.0/8 that include information indicating that network 160.4. the set of 100 and 200).3.3.2.0 belongs to a set (in this case.30. If Router C aggregates network 160.0 Router B 2.0.2.4.0. To prevent this problem.3.0 255.1 4.0.0.0.10.0.0. the updates from AS 300 may cause a routing loop.20.0. If Router D has another route to AS 100.10.0.0 Router A 160.2 remote-as 100 neighbor 4.0 AS 400 In Figure 12-27.3.2 3. Controlling the Flow of BGP Updates Figure 12-27 CIDR Aggregation Example with AS-SET AS 100 AS 200 160.2.10.2.4 Router C Router D 160.3 2.0 as-set The as-set keyword causes Router C to generate updates for network 160.0.0 from Router A and is receiving updates about network 160.0.1 3. the AS_path attribute of those updates will indicate that AS 300 is the origin of network 160.0 160.0.0.4.20. as in the following configuration for Router C: !Router C neighbor 3.0.

11.6.6 AS65070 5. as shown in Figure 12-28.1 Router C 128.10. for a total of nine peers for each router.5.30.213.Controlling the Flow of BGP Updates Figure 12-28 Confederations AS 100 AS 600 Router A 5.210. and each router would need to connect to an external AS and run EBGP.5 6.213.210.213.1 S4603 AS 500 In Figure 12-28.5. Each mini-AS has a connection to the other mini-ASs within the confederation.1 remote-as 65050 neighbor 128.210. and IBGP is run among its members. Even though the mini-ASs have EBGP peers to ASs within the confederation. each router would need to run IBGP with each of the other eight routers. Each mini-AS is fully meshed.1 Router D 135.2 128.4 129.20. MED.1 remote-as 65060 12-40 Internetworking Case Studies . they exchange routing updates as if they were using IBGP—that is. and local preference information is preserved. the confederation looks like a single AS. The following commands configure Router C: !Router C router bgp 65050 bgp confederation identifier 500 bgp confederation peers 65060 65070 neighbor 128.20. Confederations reduce the number of peers within the AS.6.212.10.30.1 AS65050 AS65060 128.213.5.1 remote-as 65050 neighbor 128. Without confederations.14. BGP would require that the routers in AS 500 be fully meshed.11.1 129.5. To the outside world. AS 500 consists of nine BGP speakers (although there might be other routers that are not configured for BGP). That is.213. You use confederations to divide the AS into multiple mini-ASs and assign the mini-ASs to a confederation. the next hop.

Using the Border Gateway Protocol for Interdomain Routing 12-41 . The first two neighbor remote-as router configuration commands establish IBGP connections to the other two routers within AS 65050.5.6.212. The following commands configure Router D: !Router D router bgp 65060 bgp confederation identifier 500 bgp confederation peers 65050 65070 neighbor 129. As described earlier in the section “Synchronization. Controlling the Flow of BGP Updates neighbor 135. Route reflectors ease this limitation and allow a router to advertise (reflect) IBGP-learned routes to other IBGP speakers. The network shown in Figure 12-29 demonstrates how route reflectors work.14.14.6 remote-as 600 The router bgp global configuration command specifies that Router D belongs to AS 65060.1 remote-as 65070 neighbor 5.1 remote-as 65050 neighbor 135.30.30.4 remote-as 500 The neighbor remote-as command establishes an EBGP connection with Router C. The bgp confederation identifier router configuration command specifies that Router D belongs to confederation 500. The second two neighbor remote-as commands establish BGP connections with confederation peers 65050 and 65070. or AS 65070.213.” a BGP speaker does not advertise a route learned from another IBGP speaker to a third IBGP speaker. The following commands configure Router A: !Router A router bgp 100 neighbor 5.6. AS 65060. The last neighbor remote-as command establishes an EBGP connection with AS 600. The last neighbor remote-as command establishes an EBGP connection with external AS 100. The second two neighbor remote-as commands establish BGP connections with confederation peers 65060 and 65070.212. thereby reducing the number of IBGP peers within an AS. Router A only has knowledge of AS 500. The bgp confederation identifier router configuration command specifies that Router C belongs to confederation 500.210. Router A is unaware of AS 65050.5.2 remote-as 65060 neighbor 128.5 remote-as 100 The router bgp global configuration command specifies that Router C belongs to AS 50.5.1 remote-as 65070 neighbor 6.5. The first neighbor remote-as router configuration command establishes an IBGP connection to the other router within AS 65060. Route Reflectors Route reflectors are another solution for the explosion of IBGP peering within an AS.

2 route-reflector-client The router whose configuration includes neighbor route-reflector-client router configuration commands is the route reflector.1.1. An AS can have more than one route reflector.2. To configure Router C as a route reflector.2.1. with each cluster having one route reflector.1. 12-42 Internetworking Case Studies .1 2.2.1. There can be more than one route reflector in a cluster. the network shown in Figure 12-29 would require a full IBGP mesh (that is. the route reflector and its clients are called a cluster. In the advanced configuration shown in Figure 12-30.2. and there can be more than one cluster in an AS. When considered as a whole.2.2 remote-as 100 neighbor 2. each route reflector treats other route reflectors as normal IBGP speakers.2 Router B S4604 Without a route reflector. Router A would have to be a peer of Router B). IBGP peering between Routers A and B is not required because Router C will reflect updates from Router A to Router B and from Router B to Router A.2. When an AS has more than one route reflector. The routers identified by the neighbor route-reflector-client commands are clients of the route reflector. Note Route reflector clients should not establish peer relationships with IBGP speakers outside of their cluster.Controlling the Flow of BGP Updates Figure 12-29 Simple Route Reflector Example AS100 Router C Route reflector Router A 1. If Router C is configured as a route reflector.1 remote-as 100 neighbor 1.1 route-reflector-client neighbor 2.1. Each route reflector is configured as a nonclient peer of each other route reflector in a fully meshed topology. use the following commands: !Router C router bgp 100 neighbor 1. the AS is divided into multiple clusters. Other IBGP peers of the route reflector that are not clients are called nonclients.

7 remote-as 100 neighbor 4.2.2. Routers A. Note that Routers C.2 1.8 Router G Route 7.5. B.5. • Update from a client peer—Send the update to all nonclient peers and to all client peers. Controlling the Flow of BGP Updates Figure 12-30 Advanced Route Reflectors Example AS 200 8.7.2.4.8.6.12 AS 300 In Figure 12-30.2.1. D. it takes the following actions. Router G forms a third cluster.1.4.4 3.8. and G are fully meshed and that the routers within a cluster are not fully meshed.2.12.6 5. Routers D.8. • Update from EBGP peer—Send the update to all nonclient peers and to all client peers. depending on the type of peer that sent the update: • Update from a nonclient peer—Send the update to all clients in the cluster.7.1.6.4 remote-as 100 neighbor 8.3.7 reflector Route 4.1.1.1 remote-as 100 neighbor 1.3 Router D Router C reflector 6. of which Router D is the route reflector.7.8 remote-as 200 Using the Border Gateway Protocol for Interdomain Routing 12-43 .12.1.2. When a route reflector in Figure 12-30 receives an update. and C form a cluster.1 route-reflector-client neighbor 2.1 Router E Router F Router A Router B S4605 AS 100 12. and F form a second cluster.7. The following configurations establish the route reflectors in AS 100: !Router C router bgp 100 neighbor 1.5 2. and Router C is the route reflector.4. E.2 remote-as 100 neighbor 2.4.2 route-reflector-client neighbor 7.8.3.

6 remote-as 100 neighbor 6. If Router D goes down.12.7. the neighbor next-hop-self command only affects the next hop of EBGP-learned routes when used with route reflectors.6. 12-44 Internetworking Case Studies . because of poor configuration. the cluster is identified by the router ID of the route reflector. Another automatic restriction concerns the neighbor next-hop-self router configuration command. Note that Routers D and H maintain a fully meshed peering relationship with the other route reflectors in AS 100 (that is.12 remote-as 300 !Router D router bgp 100 neighbor 5.6. the update comes back to the originator.6. Router H is prepared to take its place.7 remote-as 100 If a set clause is used to modify an attribute.3 remote-as 100 neighbor 12. Because the next hop of reflected routes should not be changed. E.7. When a route reflector sends a route from its clients to nonclients outside of the cluster.5. and H belong to the same cluster. a routing loop may occur when the IBGP-learned routes are reflected.Controlling the Flow of BGP Updates !Router B router bgp 100 neighbor 3.5.5.5 route-reflector-client neighbor 6. To increase redundancy and avoid single points of failure. a cluster might have more than one route reflector. In Figure 12-31. If the route reflector receives an update whose cluster list contains the local cluster ID. it appends the local cluster ID to the cluster list.5. all of the route reflectors in the cluster need to be configured with a 4-byte cluster ID. Two techniques prevent routing loops in route reflector configurations: • Using an Originator ID • Using a Cluster List Using an Originator ID The originator ID is a 4-byte BGP attribute that is created by the route reflector. with Routers C and G). Routers D.6.3 remote-as 100 neighbor 7.3. If.3.12.6 route-reflector-client neighbor 3. Routers D and H are route reflectors for the same cluster. This attribute carries the router ID of the originator of the route in the local AS. The cluster ID allows route reflectors to recognize updates from other route reflectors in the same cluster.3. When a cluster has more than one route reflector. in which case.5 remote-as 100 neighbor 5.3. the originator ignores it. Using a Cluster List Usually a cluster has a single route reflector. A cluster list is a sequence of cluster IDs that an update has traversed. BGP automatically prevents the set clause of outgoing route maps from affecting routes reflected to IBGP peers. the update is ignored. F.

1.4 remote-as 100 neighbor 7.6 Router H 10.1.5 Router F AS 100 13.8.1.5.7 remote-as 100 neighbor 11.3.1.6.10 2.4.7 remote-as 100 neighbor 10.1.2.11 9.8.6.6.9. Controlling the Flow of BGP Updates Figure 12-31 Route Reflectors and Cluster Lists AS 400 AS 300 AS 200 11.7.7.3 Route reflector Router D Router C reflector Route reflector 6.3 remote-as 100 neighbor 7.1 remote-as 100 neighbor 1.9 8.10.5.6 remote-as 100 neighbor 6. D.13 S4606 AS 500 The following commands configure Routers C.6.2.13.2 route-reflector-client neighbor 4.8 remote-as 200 !Router D neighbor 10.4.9.2 1.7 Router G Route reflector Route 4.5.11.5 remote-as 100 neighbor 5.6.2. F.10.7.10.11.11.2.7.2.8.11.10.1 Router E Router A Router B 5.2 remote-as 100 neighbor 2.10 remote-as 100 neighbor 8.11 remote-as 400 bgp cluster-id 10 Using the Border Gateway Protocol for Interdomain Routing 12-45 .13.6.6 route-reflector-client neighbor 3.4 3.10 remote-as 100 neighbor 5.1.5 route-reflector-client neighbor 6.1 route-reflector-client neighbor 2.4.7.2.5.10.8.3.7.5. and H: !Router C router bgp 100 neighbor 1.3.10.3.4.5.8 7.

12-46 Internetworking Case Studies .5 route-reflector-client neighbor 6.10 remote-as 100 neighbor 4. and Routers A.3.4.5.6 remote-as 100 neighbor 6.7.7 remote-as 100 neighbor 3.13. Routers D.9.3.4.5.3 remote-as 100 neighbor 9.13 remote-as 500 !Router H router bgp 100 neighbor 4. In Figure 12-32.13. Route Reflectors and Conventional BGP Speakers It is normal for an AS in which route reflectors are configured to have BGP speakers that do not support route reflection.6. which sets the cluster ID to 10.6 route-reflector-client neighbor 7.6.9. and C are conventional BGP speakers.5 remote-as 100 neighbor 5.10.7.4 remote-as 100 neighbor 5. The configuration for Router C does not include the bgp cluster-id command because Router C is the only route reflector in its cluster.Controlling the Flow of BGP Updates !Router F router bgp 100 neighbor 10.4.6. B.10.9 remote-as 300 bgp cluster-id 10 The configurations for Routers D and H include the bgp cluster-id router configuration command. Such routers are known as conventional BGP speakers.5.5. and F form a route reflector cluster.4.6. E.4 remote-as 100 neighbor 13.

5.1 remote-as 100 neighbor 13.3 Route reflector Router D Router C 6. B.6.3 remote-as 100 neighbor 2.4.2.13.3.3.6.8 4.13.8 remote-as 200 !Router D router bgp 100 neighbor 6.5. and C are peered among each other.14 S4607 AS 400 In Figure 12-32.8.14.2.1. and Routers A and B can be its clients. and Routers A.1.6.2.6. Using the Border Gateway Protocol for Interdomain Routing 12-47 . each conventional BGP speaker is peered with the route reflector (Router D).2 remote-as 100 neighbor 1.4.1 remote-as 100 neighbor 8.4 3.8.2.2.13 8.5.5 route-reflector-client neighbor 3.1.2 1.6 route-reflector-client neighbor 5.4. Router C can be configured to be the route reflector.6.5 2.13.3.14. The following commands configure Routers C and D: !Router C router bgp 100 neighbor 4.3.13.1.2.5.6.13 remote-as 300 When it is time to make the conventional BGP speakers members of a cluster.5 remote-as 100 neighbor 5.8.1.5.6 5.8.6 remote-as 100 neighbor 6.5.4 remote-as 100 neighbor 2.1.1 Router E Router F Router A Router B AS 100 14. Controlling the Flow of BGP Updates Figure 12-32 Route Reflectors and Conventional BGP Speakers AS 300 AS 200 13.4.2 remote-as 100 neighbor 1.

15. The network shown in Figure 12-33 demonstrates route flap dampening. The following terms are used to describe route flap dampening: • Penalty—A numeric value that is assigned to a route when it flaps.10.0) is a mechanism for minimizing the instability caused by route flapping. the route is advertised again (if it is still up). Note Dampening is not applied to routes that are learned via IBGP. A route is suppressed if the penalty is more than the suppressed limit. A route that is flapping receives a penalty of 1000 for each flap. • History entry—An entry that is used to store flap information about a route that is down.10.174 S0/0 Router B 192. • Reuse limit—A configurable numeric value that is compared with the penalty. BGP suppresses advertisement of the route even if the route is up.252 12-48 Internetworking Case Studies .250. • Half-life time—A configurable numeric value that describes the time required to reduce the penalty by one half. • Suppressed—A route that is not advertised even though it is up. When the accumulated penalty reaches a configurable limit.Controlling the Flow of BGP Updates Route Flap Dampening Route flap dampening (introduced in Cisco Internetwork Operating System [Cisco IOS] Release 11.208. The accumulated penalty is decremented by the half-life time. If the penalty is greater than the suppress limit. Figure 12-33 Route Flap Dampening 203. This restriction avoids forwarding loops and prevents IBGP peers from having a higher penalty for routes that are external to the AS.15.208.255. If the penalty is less than the reuse limit. • Suppress limit—A numeric value that is compared with the penalty. When the accumulated penalty is less than the reuse limit.255.208.10. the route is suppressed.6 AS 100 Loopback interface 0: 192.2 S0 Router A S1 192.250.5 S4619 AS 300 The following commands configure Routers A and B: !RouterA hostname RouterA ! interface serial 0 ip address 203. a suppressed route that is up will no longer be suppressed.2 255.

no best path) 300 (history entry) 192.208.255.10.10.10.208. d damped.0 is as follows: RouterA# show ip bgp 192.incomplete Network Next Hop Metric LocPrf Weight Path h 192.15.255.10.10.internal Origin codes: i .5 255. The output of the show ip bgp EXEC command for network 192.10. enter this command on Router B: clear ip bgp 192.208.2 Status codes: s suppressed.252 ! router bgp 300 network 192.10.0.2 Status codes: s suppressed.IGP.208.0.0 192. has flapped.10. e . version 25 Paths: (1 available. i . the BGP table on Router A looks like this: RouterA# show ip bgp table version is 24. i . d damped.208.174) Origin IGP.5 255.250. ? .0 0 32768 i Because the route for 192.255.174 255.6 Now.10.192 ! interface serial 0/0 ip address 192.208. Assuming that the EBGP link to Router B is stable.250.5 0 0 300 i *> 203.10.0 has been withdrawn and put into the history state.208.0.10. > best.252 ! router bgp 100 bgp dampening network 203.10. > best.208.10.5 (192.10.EGP.5 from 192.255.0 192.0 0.0.0 0 32768 i To simulate a route flap.255.0.10.0.0 neighbor 192.255.10. the BGP entry for 192. flapped 1 times in 0:02:03 Using the Border Gateway Protocol for Interdomain Routing 12-49 .incomplete Network Next Hop Metric LocPrf Weight Path *> 192.250. local router ID is 203.6 255.208.6 remote-as 100 Router A is configured for route dampening. h history.250. h history.IGP.208.5 0 0 300 i *> 203.208.208. metric 0.0 0. Controlling the Flow of BGP Updates interface serial 1 ip address 192.15.internal Origin codes: i .0 neighbor 192.208.15. e .10.208. * valid.EGP.15. * valid.208.10.208. the BGP table on Router A looks like this: RouterB# show ip bgp table version is 24.5 remote-as 300 !RouterB hostname RouterB ! interface loopback 0 ip address 192.208.208.208.10.250. local router ID is 203.255.0 BGP routing table entry for 192. ? .15.255. external Dampinfo: penalty 1000.

208. d damped. 12-50 Internetworking Case Studies .incomplete Network Next Hop Metric LocPrf Weight Path *d 192.250. no best path) 300.15. The dampening information will be purged when the penalty becomes less than half of the reuse limit (750/2 = 350).10.208.208. i .0 is as follows: RouterA# show ip bgp 192. h history. The route will be reused when the penalty reaches the reuse limit (default 750). If the route flaps a few more times.255. > best.10.5 255.208. external Dampinfo: penalty 2615.208.internal Origin codes: i .0 192.Practical Design Example The route has been given a penalty (1000) for flapping but the penalty is still below the suppress limit (default 2000).5 (192.10.208. metric 0. flapped 3 times in 0:05:18.0 0.EGP. the show ip bgp command displays the following: RouterA# show ip bgp table version is 32. it is suppressed. e . ? . Practical Design Example Figure 12-34 shows a BGP network that demonstrates the types of topologies that are typical among ISPs. reuse in 0:27:00 The route is up.174) Origin IGP.255.2 Status codes: s suppressed. Because the route is down. version 32 Paths: (1 available.15.10.10.208. (suppressed due to dampening) 192. * valid.0.0 0 32768 i The output of the show ip bgp command for network 192.0. local router ID is 203.IGP.10.10. it is marked as a history entry.208.0.10.5 from 192. but because the penalty is greater than the suppress limit.0 BGP routing table entry for 192.250.5 0 0 300 i *> 203.

1 E0 203.10.1 S1 192.X.63.1 S0 203. “Final Configurations.” later in this chapter.200.213.208.1 255.2 AS 300 128.250.174 S1 195.1 AS 500 195.250.X.63.208.5 128.14. The following configurations are preliminary configurations for the routers shown in Figure 12-34.252 ! router ospf 10 network 203.X S0 192. The following configurations for the routers shown in Figure 12-34 run OSPF as the IGP and run IBGP between Routers A and B inside AS 100.41 Router A Router B S0 128.211.X.250.213.255 area 0 Using the Border Gateway Protocol for Interdomain Routing 12-51 .0 ! interface serial 0 ip address 128.0.255. see the section.X 203.208.2 Loopback interface 0: IBGP 203.10. IBGP should be run within the AS for better control over routes.250. Practical Design Example Figure 12-34 Practical Design Example for ISPs E0 AS 100 203.208.250.208.1 255.15.15.63.255.250. For the complete configurations.213.211.255.174 AS 200 S2/0 128.255.0 0.211.0.10.0 ! interface ethernet 0 ip address 203.1 Loopback interface 0: Router G 195.63.200.2 Router E Loopback interface 0: 200.255. !Router A hostname RouterA ! interface loopback 0 ip address 203.10.5 S0/1 192.X Whenever an AS is connected to two ISPs via EBGP.41 255.2 S0/0 192.6 Loopback interface 0: S2/1 128.63.1 AS 400 S4608 200.63.14.13.13.X.213.6 S1 S0 195.14.10.211. These preliminary configurations are incomplete so that BGP troubleshooting techniques can be demonstrated.250.10.X 192.213.250.10.10.10.130 Loopback interface 0: Router C Router D 192.X.213.250.X 128.2 Router F S1 203.255.213.208.255.

0 neighbor 128.10.6 255.213.63.Practical Design Example router bgp 100 network 203.1 remote-as 500 neighbor 192.0 neighbor 128.255.174 255.255.255.208.255.10.255.208.2 update-source loopback 0 !Router B hostname RouterB ! interface serial 0 ip address 203.0 neighbor 192.15.0 mask 255.250.255.0.213.10.255.252 ! router bgp 300 network 192.250.1 255.2 remote-as 100 neighbor 203.13.15.10.63.0 mask 255.63.15.15.255.255.5 255.6 remote-as 400 !Router D hostname RouterD ! interface loopback 0 ip address 192.6 remote-as 100 !Router E hostname RouterE ! interface loopback 0 ip address 200.63.255.10.63.252 ! interface serial 0/0 ip address 192.252 ! interface serial 2/1 ip address 128.252 ! router ospf 10 network 203.255.250.10.14.41 remote-as 100 !Router C hostname RouterC ! interface loopback 0 ip address 128.192 ! interface serial 0/0 ip address 192.63.255.5 remote-as 300 neighbor 203.13.0 neighbor 192.10.255.250.2 remote-as 200 neighbor 203.213.255.250.255.255.0.1 remote-as 100 neighbor 128.252 ! interface serial 1 ip address 192.250.213.0.5 255.255.255.213.0 12-52 Internetworking Case Studies .200.5 255.213.255.208.208.252 ! router bgp 200 network 128.208.250.208.192 ! interface serial 2/0 ip address 128.2 255.255.10.250.255.213.255.208.255.10.0 network 203.130 255.255 area 0 ! router bgp 100 network 203.208.0 0.2 255.

211.250.211.0 0 32768 i Using the Border Gateway Protocol for Interdomain Routing 12-53 . as shown in the examples in this section.255.1 255.0 128.0 203.255.1 255.0 128.41 0 100 0 i *> 203.200.10.13.14.255.250. This method also avoids route flaps. Practical Design Example interface serial 0 ip address 195.10.63.0.0 0.15.255.211.252 ! interface serial 1 ip address 195.250.10. * valid.213.10.2 0 100 0 200 i *i192.211.0 neighbor 192. ? . h history.211.213.14.0 0.213.211.255.255.192 ! interface serial 0 ip address 192.63.208.10.10.41 0 100 0 i *>i203.internal Origin codes: i .0. i .6 255.255.63. > best.252 ! router bgp 500 network 195.2 100 0 200 400 i *>i203.incomplete Network Next Hop Metric LocPrf Weight Path *i128.255. Determining the State of BGP Assume that in Figure 12-34 the connection between Routers B and D is down.0.10.255.13.213. it is always better to advertise routes by using the network router configuration command or by redistributing static routes.213.250.200.250.250.1 255. The following information is displayed when you enter the show ip bgp EXEC command on Router B: RouterB# show ip bgp table version is 4.0 203.63.255. you need to control the routes that are injected into BGP. local router ID is 203.0 128. For that reason.2 100 0 200 400 500 300 i *i195.2 Status codes: s suppressed.208.250.211.252 ! interface serial 1 ip address 128.255.2 remote-as 300 neighbor 195.2 255.213.15.10.0.2 remote-as 400 When you redistribute IGP routes into BGP.250.2 255.0 ! interface serial 1 ip address 203.1 remote-as 500 !Router F hostname RouterF ! interface ethernet 0 ip address 203.63.10.250.255.15.0 128.13.213.255.252 ! router bgp 400 network 200.10.208.2 100 0 200 400 500 i *i200.0.252 ! router ospf 10 network 203.255.174 255.10.63.0 neighbor 128. e .255 area 0 !Router G hostname RouterG ! interface loopback 0 ip address 195. d damped.255.5 remote-as 200 neighbor 195.EGP.IGP.10.

IA .63.63. Following is the contents of the IP routing table on Router B: RouterB# show ip route Codes: C .0 via OSPF.0. O .IS-IS.250.213.255.1 255. The > symbol indicates that BGP has chosen the best route based on the decision steps described in the section “Summary of the BGP Path Selection Process.252 ! router ospf 10 passive-interface serial 0 network 203.13.15.IGRP. M .255.255.213. E2 . 02:50:45.1.250.0 255.static.mobile.0 has a next hop of 0. such as 203.candidate default Gateway of last resort not set 203.0. BGP picks only the one route that it determines to be the best route. This is because there is no way to reach that next hop via the IGP (in this case.EIGRP external.BGP D .0 0. This way. * . which is the EBGP next hop carried into IBGP.41 [110/75] via 203. S .13.255 is subnetted.0 mask 255.255.250.213.14.connected.2.2) is unreachable.255. I . 1 subnets C 203.213. B .2.250.250. One problem is that the next hop for these entries (128.252 is subnetted.0.250. Serial0 203. L1 .255.0 12-54 Internetworking Case Studies .IS-IS level-2.15.255.250.0 is learned via path 200 and has a next hop of 128. Note that any locally generated entry.1 255. OSPF).0 ! interface ethernet 0 ip address 203. The first entry reads as follows: Network 128. • On Router A.255.0 0. run OSPF on interface serial 0 and make it passive.63.213.OSPF external type 2.255 area 0 ! router bgp 100 network 203.0.255.255.255 area 0 network 128. Serial0 O 203.IS-IS level-1.63.OSPF. Note the next hop attribute of 128. Correcting Next Hop Problems For the network shown in Figure 12-34.Practical Design Example The letter i at the beginning of a line means that the entry was learned via an internal BGP peer.” earlier in this chapter.0. Router B has not learned about 128. EX . use the neighbor next-hop-self router configuration command to change the next hop between Router A and Router B.250. The letter i at the end of a line indicates that the path information comes from an IGP.EIGRP.255.EGP i . E .RIP. It installs this route in the IP routing table and advertises it to other BGP peers.1.255.0 is directly connected.250.213. Serial0 Note than none of the BGP entries appears in the IP routing table.41 255. L2 .0 ! interface serial 0 ip address 128. The following configuration for Router A runs OSPF on interface serial 0 and makes it passive: !Router A hostname RouterA ! interface loopback 0 ip address 203.63.250.213.2.255.14.0 [110/74] via 203.250.15. 1 subnets O 203.13.0 255.250.13.0.213. 02:40:46.255.15.0.0. Router B will know how to reach the next hop 128. R .OSPF inter area E1 .OSPF external type 1.63.15. the next hop problem can be corrected in one of two ways: • On Router A.

250.2 remote-as 200 neighbor 203.mobile. R .IGP.14. Using the Border Gateway Protocol for Interdomain Routing 12-55 .15.200.1.208.41 0 100 0i *> 203.250.211. EX .0.10.15.2 100 0 200 400 i *>i203. Serial0 O 203.RIP.0 is now reachable via OSPF.0 0.213. S .28. Router F is not aware of networks 192.63. Practical Design Example network 203. I .255.63.255 is subnetted.2 100 0 200 400 500 300 i *>i195.63. 1 subnets O 203.250. Serial0 203.0 128.63.15.internal Origin codes: i .15.13. L1 .14.10. and it does not send the entries in BGP updates.63.252 is subnetted.connected. E .255. E2 . 00:04:46.15.IS-IS level-1.250.13. O .0 0 32768 i Note that a > symbol appears in all of the entries.250.1.OSPF external type 1.213.15.13. e .0 128.0 203.2 0 100 0 200 i *>i192. i . 00:04:47.IS-IS.candidate default Gateway of last resort not set 203.0 [110/74] via 203.0 neighbor 128. IA .0 255.213.63.250.2 remote-as 100 neighbor 203. h history.OSPF.IS-IS level-2.0 255. Now the IP routing table on Router B contains the following routes: RouterB# show ip route Codes: C .0 128.OSPF inter area E1 .2 update-source loopback 0 Now the BGP neighbor table on Router B contains the following routes: RouterB# show ip bgp table version is 10.211.252 is subnetted. 1 subnets O 1.EIGRP. M .213.EGP.250.250.255.0 255.0 is directly connected.0 203. d damped.15.13.250.2 Status codes: s suppressed.208. The only difference is that 128. L2 .255.213. The problem is synchronization: BGP is not synchronized with the IGP.250.255. Serial 0 Note that the BGP entries still do not appear in the IP routing table. ? . local router ID is 203.1.213.250.13.0 mask 255. B .0.2 100 0 200 400 500 i *>i200.15. * valid.OSPF external type 2.63.EIGRP external.0 [110/138] via 203. which means that BGP is satisfied with the next hop address.250.255.14.213.IGRP.213. so it does not put the entries in the IP routing table.213. 00:04:46.10.255.0 or 195.0 128.BGP D . 1 subnets C 203. Serial0 128.10.250.41 0 100 0i *>i203.10.0.250. > best.250.EGP i .15.250. * .41 [110/75] via 203.0 because BGP routes are not redistributed into OSPF yet.255.static.incomplete Network Next Hop Metric LocPrf Weight Path *>i128.250.0.

OSPF external type 2. L1 . Seriall C 203.250.63.250.255.208. EX . 00:14:15.41 255.IS-IS.41 255. 2 subnets.0 255.250. 00:12:37.250.0 [110/74] via 203.0 255. R .255. L2 .255.250.2. E .213.250.255. so turning off synchronization does not resolve this particular problem.14.0 is directly connected.mobile.EIGRP external.0 [200/0] via 128.0 is variably subnetted. OSPF still needs to be redistributed into BGP on Router A so that Router F learns about BGP routes.0.10.14. 1 subnets C 203. E2 .211.255. S . L2 .10.candidate default Gateway of last resort is not set 203.255.250. 00:01:08 203.0 [200/0] via 128. I .RIP. 1 subnets O 128.IS-IS level-2.255.EIGRP external.OSPF external type 1.0 255.1. you see the following contents of the IP routing table on Router B: RouterB# show ip route Codes: C .213.IS-IS level-1.0 is directly connected. M .0.0 255. 00:12:37.13.0.13.mobile. S .connected. 2 masks O 203.10. IA .255.250.13. 1 subnets O 203.250 14 1.EIGRP. I . 1 subnets C 203. Serial0 O 203.250.0 [200/0] via 128.213. as shown by the following output of the show ip route EXEC command on Router F: RouterF# show ip route Codes: C .0 [200/0] via 203.15.EIGRP. EX .213. they will be dropped.13.15. EthernetO If packets to the BGP network are forwarded to Router F.EGP i .OSPF external type 1.15.213. Serial0 The routing table looks fine. 2 subnets. B .15. EthernetO 203. M .213. 00:01:07 B 192. L1 .IGRP. Redistributing OSPF The following configuration for Router A has been modified to redistribute OSPF (the new command is in bold): !Router A hostname RouterA ! interface loopback 0 ip address 203.255.Practical Design Example Turning Off Synchronization If you enter the no synchronization router configuration command on Router B and then examine the IP routing table on Router B.63.41.15. * .0 12-56 Internetworking Case Studies .0 255.250.63.213.250.213.EGP i .2.IGRP.13. B .0 [110/74] via 203. 00:01:08 O 128.250. 2 masks B 128.63.250.0 is variably subnetted.255 [110/75] via 203. E2 . 00:14:15.252 is subnetted.OSPF inter area E1 .2.255.250.41 [110/11] via 203.63. 00:12:37. O .63.OSPF.OSPF.252 [110/138] via 203.static.14.255.255.13. EthernetO 128.IS-IS. O .200.0 255.RIP.0 255 255.1.static.candidate default Gateway of last resort not set B 200.255.250.BGP D .IS-IS level-2.0 [200/0] via 128. R .252 is subnetted.OSPF inter area E1 .255.OSPF external type 2. Serial0 128.250. 00:01:07 203. IA .252 is subnetted. 00:01:07 B 195.1. E .255.255.0.13.BGP D . * .15.0 is directly connected.255 is subnetted.1. Serial0 B 203.15.2.213.connected.IS-IS level-1.250. but there is no way to reach those networks because Router F in the middle does not know how to reach them.

213. E2 .250. S .0 [110/2000] via 203.IS-IS.1.255 [110/75] via 203.250. 00:00:15.255.0 [110/2000] via 203.0 is variably subnetted.250.250.1. 00:00:16.250.63. 00:00:15.200. synchronization should also be turned off on Router B so that it can advertise network 203.250. Serial0 203. I .0. 00:00:14.41 255. 2 subnets C 203.252 [110/138] via 203.0.250.0 [110/74] via 203. For the same reason.250. 00:00:l5.EIGRP. Serial0 128. B .0.255.10.0 is variably subnetted.10.0 255.250.213. 00:00:15.15.OSPF external type 1.8 is directly connected.0 255. 2 masks O 203.0 [110/2000] via 203.213.255. * .250. Practical Design Example interface ethernet 0 ip address 203.208.255.1 255. Using the Border Gateway Protocol for Interdomain Routing 12-57 .250. Serial0 The BGP entries have disappeared because OSPF has a better distance (110) than IBGP (200).2 remote-as 200 neighbor 203. 2 subnets.255.255.0. EX .255. 00:00:14.IS-IS level-1. Serial0 203.2 remote-as 100 neighbor 203.15.15.213.250.1 255.EIGRP external.0 is directly connected.213. L2 .14.0. R .250.OSPF.255.250.0.250.static. Turning off synchronization on Router A will cause Router A to advertise network 203. OSPF should be enabled on interface serial 1 on Router B and made passive so that Router A learns about next hop 192. 2 masks O E2 128. 2 subnets.15.250.208.250.EGP i .0.connected.1. 00:00:14.63.BGP D . Serial0 O E2 203.5 via an IGP.15.250.15.1.252 ! router ospf 10 redistribute bgp 100 metric 2000 subnets passive-interface serial 0 network 203.IGRP.63.IS-IS level-2.255.0. M . In addition.15.0 255.13.255.250.15.15.0 0.0 [110/2000] via 203.2 update-source loopback 0 Now the routing table looks as follows: RouterB# show ip route Codes: C .0.0.0 mask 255.0.13.0 255.10.mobile.0 [110/2000] via 203. L1 .255 area 0 ! router bgp 100 network 203.0 0.15.250.0 ! interface serial 0 ip address 128.15.250.15. Serial0 O 203. This step is required because Router A will not synchronize with OSPF because of mask differences.213.OSPF external type 2.255.Serial0 O 128.255.13.RIP.1.15.255.255 area 0 network 128.211. Loopbackl C 203. IA . Serial0 O E2 192.candidate default Gateway of last resort not set O E2 200.0 neighbor 128. Serial0 O E2 195. O .1. E .15.10.255.252 is subnetted.1.250.255.255.OSPF inter area E1 .14.1.13.

255.0 128.208.255 area 0 network 192.255.252 ! interface serial 1 ip address 192.255.0.15.255.255.250.213.0.0 192.10.208.15.208.Practical Design Example The modified configurations for Routers A and B are as follows.13.255.0. local router ID is 203.250.13.250.0 0 32768 i *> 203.0 203.250.0. h history.13.255 area 0 ! router bgp 100 network 203.0.0 192. e .41 remote-as 100 Now bring up interface serial 1 on Router B and see what the BGP neighbor table looks like on Router A: RouterA# show ip bgp table version is 117.2 255.255.2 remote-as 200 neighbor 203.10.10.0 0.213.255 area 0 ! router bgp 100 no synchronization network 203. > best.250.255.255 area 0 network 128.213.15.213.252 ! router ospf 10 redistribute bgp 100 metric 2000 subnets passive-interface serial 0 network 203.6 255.0 ! interface serial 0 ip address 128.0.) !Router A hostname RouterA ! interface loopback 0 ip address 203.0.250.255.13.2 0 100 0 i 12-58 Internetworking Case Studies .15.250.0.250.0.255.213.255.208.1 255.0 neighbor 192. * valid.14.63.0.250.250.63.15.2 0 200 400 500 i *> 203.250.252 ! router ospf 10 redistribute bgp 100 metric 1000 subnets passive-interface serial 1 network 203.213.250.63.255.0 0.10.0 0.208.208.255.250.255.10.15.0 0 32768 i *>i203.0.5 0 100 0 300 i *>i195.255. (New commands are in bold.41 255.2 0 100 0 200 i *>i192.13.EGP.255.0 0.2 update-source loopback 0 !Router B hostname RouterB ! interface serial 0 ip address 203.250.0.2 remote-as 100 neighbor 203.5 remote-as 300 neighbor 203.0 network 203.14.1 255.IGP.250.0.0 mask 255.10.14. ? .41 Status codes: s suppressed.0 ! interface ethernet 0 ip address 203.63. i .incomplete Network Next Hop Metric LocPrf Weight Path *> 128.255. d damped.5 100 0 300 500 i * 128.0 0.0 mask 255.0 neighbor 128.250.211.internal Origin codes: i .255.0 0.

OSPF.0 [110/1000] via 203.10 255.5 0 0 300 i *> 195. 2 masks B 128. 00:41:25 C 203. Ethernet0 128.OSPF external type 1.10. Potential asymmetry might occur if traffic going out from Router A comes back via Router B. 2 masks O E2 192.0.208.2.10. R .250.0 is variably subnetted.255.0.213.14. AS 100 could learn partial routes from one of the ISPs and default routes to both ISPs.255.10.208.252 [110/138] via 203.250.63. B .2 Status codes: s suppressed.41 0 100 0i *> 203.EIGRP external.63.0 203. Ethernet0 O 192.candidate default Gateway of last resort not set 192.255. 00:41:25. In this example.BGP D . * .255.0.5 0 300 500 400 i *>i203.208.14. S .EGP i .250.250.10. 00:41:25.OSPF inter area E1 . AS 100 receives partial routes from AS 200 and only local routes from AS 300.0 255.0 128.0 [20/0] via 128.incomplete Network Next Hop Metric LocPrf Weight Path *>i128. E2 . 2 subnets. Practical Design Example Following is the output of the show ip route EXEC command on Router A: RouterA# show ip route Codes: C .14.250.0 192.208. Ethernet0 C 203.0.IS-IS.255.250.250.200.208.14.213. ? . From outside the AS.255.0 [200/0] via 203.15.13. 2 subnets. 00:41:26 C 128.internal Origin codes: i .208.15. * valid.2 0 100 0 200 i * 192.0. EX .250.EGP. 3 subnets.0 is variably subnetted. Ethernet0 B 203.250.250.0 is directly connected. This allows you to balance outgoing traffic between the two ISPs. i . > best. e .0 255.255 [110/75] via 203.14.13.0 203.255.250.255.13. with Router B being the more preferred route because of its lower MED attribute.252 is directly connected. 00:02:38 Following is the output of the show ip bgp EXEC command on Router B: RouterB# show ip bgp table version is 12.5 0 300 500 i *>i200.255. local router ID is 203. M . h history. the networks are reachable via both of the ISPs and either Router A or B could be used to reach them.213.0 192. You might find out that all incoming traffic to your AS is coming via one single point even though you have multiple points to the internetwork.14. Loopback0 203.0 255. 00:41:25.mobile.63.208.10.0.250.213.0 0.41 0 100 0i *>i203.213.0 [20/0] via 128.10.5 0 300 500 400 200 i *> 195.2 100 0 200 400 i *> 192. 3 masks O 203.2.0 0 32768 i Managing Asymmetry There are several ways to design the network for AS 100 to communicate with the ISP networks in AS 200 and AS 300. This might occur if networks are advertised to both of the ISPs.255. L2 .2.10 4 255.10.250.211.0 255. 00:41:25.0 255.255. I .15. Serial0 B* 200.IGP.static.250. L1 .0 255.2. d damped.IGRP.250. E .0.10.10.0 is directly connected.63.2. IA .EIGRP.15.13.IS-IS level-1.213.255.IS-IS level-2.213.15.252 [110/74] via 203.250.213.208.RIP.255.63. O .0 is variably subnetted.15.0. One way is to have a primary ISP and a backup ISP. Both Routers A and B generate default routes into OSPF. Ethernet0 O 203.15.2.0 128.250.255.200. Using the Border Gateway Protocol for Interdomain Routing 12-59 .2.connected.OSPF external type 2.

You might try to affect that decision by using the set as-path route map configuration command with the prepend keyword to prepend AS numbers to your updates to make the AS_path attribute longer.255.0. But.213. Following is the final configuration for Router B.0 as the candidate default route.2 remote-as 200 neighbor 128.255 area 0 network 128. Final Configurations Following is the final configuration for Router A.250.250. For RIP. Also. The configuration also uses the ip default-network global configuration command to specify network 200. with IGRP and Enhanced IGRP.63.250.252 ! router ospf 10 redistribute bgp 100 metric 2000 subnets passive-interface serial 0 network 203.255.Practical Design Example One other potential reason for asymmetry is the different advertised path length to reach your AS.) !Router A hostname RouterA ! interface loopback 0 ip address 203.250. MED attribute.255.) !Router B hostname RouterB ! interface serial 0 ip address 203.255.0 ! route-map setlocalpref permit 10 set local-preference 200 The final configuration for Router A sets the local preference for routes coming from AS 200 to 200.213.252 ! interface serial 1 12-60 Internetworking Case Studies .2 route-map setlocalpref in neighbor 203.1 255.0.13. The ip default-information originate router configuration command is used to inject the default route inside the OSPF domain.0 is automatically redistributed into RIP without additional configuration.0. if AS 400 has somehow set its exit point to be via AS 200 based on attributes such as local preference.0.200.213.14.0 0.41 255. (New or modified commands are in bold.2 remote-as 100 neighbor 203.0. One ISP might be closer to a certain destination than another.255.2 update-source loopback 0 ! ip default-network 200.0 ! interface ethernet 0 ip address 203.200.255.0 0.0 ! interface serial 0 ip address 128. (New or modified commands are in bold.213.15.0.2 255. default information is injected into the IGP domain after BGP is redistributed.63. you can redistribute a static route for 0.255 area 0 default-information originate metric 2000 ! router bgp 100 no synchronization neighbor 128.255.255.255.0. there is nothing you can do.255. weight.0.250.0.15.0.1 255.15. For IGRP and Enhanced IGRP. traffic from AS 400 destined for AS 100 always comes in via Router A because of the shorter path.250. network 0. In this example.0 into the IGP domain.63.

0.208.208.0 neighbor 192. Practical Design Example ip address 192. * valid.0 192.255 area 0 network 192.10.208. you can use ^300_[0-9]* as the regular expression.0.255.252 ! interface serial 2/1 ip address 128.5 route-map LOCALONLY in neighbor 203.internal Origin codes: i .255. 500 to 300. Note that Router B accepts the local routes of AS 300 and AS 500 only.255.130 255. because of the length of the AS_path attribute.5 255. The following is the output of the show ip bgp EXEC command for regular expression ^300$: RouterB# show bgp regexp ^300$ BGP table version is 14. Router B is used to reach routes local to AS 300. which is lower than the local preference of 200 coming in from Router A. Any updates whose AS_path attribute does not match are dropped.10.255. > best. which is higher than the IBGP updates coming in from Router A in AS 100. AS 100 will pick Router B for AS 500’s local routes.255.250.255. (New and modified commands are in bold.255 area 0 default-information originate metric 1000 ! router bgp 100 no synchronization network 203. Any other routes on Router B (if there are any) will be sent internally with a local preference of 100.63.63.incomplete Network Next Hop Metric LocPrf Weight Path *> 192.213. e .63.) !Router C hostname RouterC ! interface loopback 0 ip address 128.252 router ospf 10 redistribute bgp 100 metric 1000 subnets passive-interface serial 1 network 203.0 ip as-path access-list 1 permit ^300 500$ ip as-path access-list 2 permit ^300$ ! route-map LOCALONLY permit 10 match as-path 1 set local-preference 300 ! route-map LOCALONLY permit 20 match as-path 2 The configuration for Router B sets the local preference for updates coming from AS 300 having an AS_path attribute of 300. i .252 ! router bgp 200 network 128.10.5 0 300 0 300 Following is the final configuration for Router C.255. This way.IGP.0.2 255.0 0.0.250.41 remote-as 100 ! ip default-network 192.208.15. This arrangement causes Router A to be preferred.250.EGP. d damped.15.6 255. ? .0 0.250.192 ! interface serial 2/0 ip address 128.0.213.10.208.10.213.213. Further.0 Using the Border Gateway Protocol for Interdomain Routing 12-61 .5 remote-as 300 neighbor 192.28.208. h history.255.13.255.2 Status code: s suppressed. If you want to advertise the local routes and the neighbor routes (customers of the ISP). local router ID is 203.10.255.

255.10.208.0.255 access-list 1 permit any The configuration for Router C aggregates network 128.0.0 ! interface serial 1 ip address 203.10.63.0.0 aggregate-address 200.200.255 area 0 12-62 Internetworking Case Studies .Practical Design Example aggregate-address 128.200.0 0.255. (New or modified commands are in bold.255.213.255.211. If the ISP refuses to do this task.6 remote-as 100 !Router E hostname RouterE ! interface loopback 0 ip address 200.14.1 255.213.255.0/16 and specifies the routes that are to be injected into AS 100.0.250.250.0.213.0 255.0.0/16.252 ! router bgp 300 network 192.63.208.211.255.208.255.) !Router D hostname RouterD ! interface loopback 0 ip address 192.252 ! interface serial 1 ip address 128.0.) !Router F hostname RouterF ! interface ethernet 0 ip address 203.208.255.208. Following are the final configurations for Routers F and G.200.213.0.2 255. Following are the final configurations for Routers D and E.10.255.0.255.255.255. you have to filter routes coming into AS 100 on Router A.213.0.174 255.255.200.213.0 summary-only neighbor 128.10.0 summary-only neighbor 128.0 0.252 ! router ospf 10 network 203.1 remote-as 500 Router E is aggregating network 200.255.0 neighbor 192.255.10.255.255.192 ! interface serial 0/0 ip address 192.15.10.1 255.10.250.6 255.255.255.6 remote-as 400 ! access-list 1 deny 195.255.0 interface serial 0 ip address 195.1 remote-as 100 neighbor 128.2 255.63.1 distribute-list 1 out neighbor 128.10.10.63. (New or modified commands are in bold.213.63.10.252 ! interface serial 0/1 ip address 192.208.5 255.0 255.211.252 ! router bgp 400 network 200.5 remote-as 200 neighbor 195.2 255.1 remote-as 500 neighbor 192.

250.208.10.0 0.incomplete Network Next Hop Metric LocPrf Weight Path *> 128.0. Router D will not export that route to Router B.200.255.0 128. Following is the final content of BGP routing table on Router A: RouterA# show ip bgp table version is 21.10.0 aggregate-address 195.0.2 send-community neighbor 192.255.0.192 ! interface serial 0 ip address 192.211.10. i . e .255.0 0.0.0 0.0 192.15.0 255.0.10.0/16 128.0 summary-only neighbor 192.208.255.211.255.10.0. > best.208.250.252 ! interface serial 1 ip address 195.211.2 200 0 200 400 i *> 203.14.2 remote-as 300 neighbor 192.63.255.0.0/16 that are sent to Router D.208.10. h history.EGP.250.255.255 ! route-map setcommunity permit 10 match ip address 101 set community no-export ! route-map setcommunity permit 20 match ip address 2 The configuration for Router G demonstrates the use of community filtering by adding the no-export community to more specific Class C routes of 195.0 0 32768 i *>i203.2 0 200 0 200 i *>i192.213. Practical Design Example !Router G hostname RouterG ! interface loopback 0 ip address 195.internal Origin codes: i .255.211.0 0.250.0.0.2 remote-as 400 ! access-list 2 permit any access-list 101 permit ip 195.10.208.1 255.213.0.211.255.0. d damped. local router ID is 203.2 0 100 0 i Using the Border Gateway Protocol for Interdomain Routing 12-63 .10.0.174 255.2 route-map setcommunity out neighbor 195.10.0 0 32768 i *> 203.0.13. ? .211.13. * valid.41 Status codes: s suppressed.211.0 203.213. This way.1 255.252 ! router bgp 500 network 195.15.5 0 300 0 300 i *> 200.10.255.250.255 255.63.IGP.208.

15.200.mobile. 3 subnets.0. M .2. IA . 00:41:26 C 128.mobile.IS-IS level-2.255.0 are to be reached via Router B.213.255.250. such as 200.OSPF inter area E1 . M .OSPF external type 1.14.13. 01:12:09. Serial1 Note that on Router F.1.10.0 [110/1000] via 203.0 192.0.0.2.OSPF external type 2.1.14.static.0.EGP i .0 [200/0] via 203.250.0 255.0.15.EIGRP external.255.63.250. Ethernet0 O 192.0.0 255.255.250.213.208.2 to network 0.255.255.0 255. EX .63. L2 .EIGRP.255. If something happens to the connection between Router B and Router D.252 [110/128] via 203.208.250.IS-IS level-1.connected.0.0 [20/0] via 128.EIGRP.63. E2 .0 0. 2 subnets.0 is variably subnetted. S . Ethernet0 O*E2 0.208.2.0 255.2.0 is variably subnetted.13. * .0 is variably subnetted.2. Serial1 203.10. 2 subnets.0. The gateway of last resort is set to Router B. R .14.213. Ethernet0 128.0.250.255.213.0.0 is directly connected. 00:03:33. Loopback0 203. Serial1 C 203.14.255.4 255.10 255. IA . 01:12:09.213.10. 2 subnets.250.250.IS-IS level-2. Ethernet0 C 203.connected.200.EGP i .252 [110/74] via 203. I .252 [110/138] via 203.250. B .1.0.1.2. E2 .candidate default Gateway of last resort is 128.213. 12-64 Internetworking Case Studies .static.0 255.10 255.0 is directly connected. Ethernet0 128.213. 2 subnets.250. 2 subnets. Other known networks. Ethernet0 B 203.2. 00:02:38 Following is the final content of IP routing table on Router F: RouterF# show ip route Codes: C .255.41 255.0.250.0 [110/2000] via 203.255.250.0.255. 3 masks O 203.208.15. L2 .Practical Design Example Following is the final content of the IP routing table on Router A: RouterA# show ip route Codes: C .250. L1 .0 is variably subnetted.0 is variably subnetted. 00:03:47.OSPF. Serial1 O 192.15.15.14.RIP. B .250.14.EIGRP external. EX .255 [110/75] via 203. Ethernet0 203. 00:41:25.250.0 255.2. 00:41:25.0 255.255.0 [110/1000] via 203.0 is variably subnetted.15.0 255.14.250.0.250.0 255.0.OSPF external type 1.2 to network 200. 2 subnets.10. 2 masks O E2 128.208. 00:48:50. R . Ethernet0 O 203.15.250.0 192.252 is directly connected.2. E .10. the default advertised by Router A will kick in with a MED attribute of 2000.OSPF external type 2.255.250.14.14.0.255.250.255 [110/11] via 203. Ethernet0 O E2 200.255. O .255.15.15. Ethernet0 O E2 203.14.0 255. 00:41:25 C 203. S . 2 masks B 128.15.255 [110/65] via 203.63. Serial0 B* 200.255.IGRP.0 [20/0] via 128. 2 masks O 203.0. 2 masks O E2 192. such as 192.13.208.15. 01:12:09.IS-IS.13.IGRP.10.OSPF.RIP. E .0 is directly connected. 01:12:09. 00:45:01.IS-IS.IS-IS level-1.2.208. O .0.213.2. the routing table indicates that networks local to AS 300. L1 .255.255.250.4 255.250.255.250.BGP D .15.250.0 [110/1000] via 203.255.OSPF inter area E1 . 00:41:25.255.255. 2 masks O E2 192.0 [110/1000] via 203. * .10.255.0 255.255. 2 masks O 203.0 are to be reached via Router A.200.BGP D .250.candidate default Gateway of last resort is 203.255.0. I .250.0 is variably subnetted.200.0 [110/2000] via 203. 00:41:25.

5 0 300 0 300 i *>i200. B .0 [110/2000] via 203.208.255.213.OSPF. and community filtering.208.250.15. 01:15:40.252 is subnetted.0 255.connected. BGP is a powerful tool for providing loop-free interdomain routing within and between ASs.250. Serial0 O 203.5.14.10. such as CIDR aggregation.250.208.0 is variably subnetted.10 Status codes: s suppressed. Serial0 203.255.208.15. Serial1 C 203.63. Serial0 128.1.0.0.255 [110/75] via 203. local router ID is 203. This information is used to construct a graph of AS connectivity from which routing loops are pruned and with which AS-level policy decisions are enforced. 2 subnets.255.255.250.15.10.250.0 203. d damped.0 128.250.4 255.2 0 200 0 200 i *> 192.15. * valid.250.250. Loopback1 C 203.250.208.2 to network 192.13.13.252 is directly connected.0.0 is directly connected.208.2.OSPF external type 2.15.10.10. 01:20:33. path.41 0 100 0i *> 203.0. 2 subnets.0.15.1.200.0 [110/2000] via 203. 2 masks B* 192.255. such as route. ? .10.8 id directly connected.250. M . Summary Following is the final content of BGP routing table on Router B: RouterB# show ip bgp table version is 14.IGRP.10.250. 2 subnets C 203.IS-IS.255.0 is directly connected. and route reflectors.41 255. Serial0 Summary The primary function of a BGP system is to exchange network reachability information with other BGP systems. IA .250.0. Using the Border Gateway Protocol for Interdomain Routing 12-65 .14.255.IS-IS level-2. 2 subnets.13. S .213.EGP i . E .mobile.internal Origin codes: i .EIGRP external.255.15.14.250.41 0 100 0i *>i203.0 [110/74] via 203.213.0 255.255. 2 masks O E2 128.0 [20/0] via 192.static.OSPF external type 1.1. * .255. E2 . It also provides techniques for consolidating routing information.250.0.213.0.213.250.13.0 203.0.10 255.RIP.0 0 32768 i Following is the final content of the IP routing table on Router B: RouterF# show ip route Codes: C .candidate default Gateway of last resort is 203.BGP D .255. h history.0 255. > best. confederations. EX .0 is variably subnetted. L2 .255 [110/65] via 203. 00:46:55.13.IGP. R . 01:20:33.208.0 255. Ethernet0 128. L1 .IS-IS level-1. 2 masks O 203.1. Serial0 O E2 203. 2 masks O 203. 2 subnets. BGP provides a number of techniques for controlling the flow of BGP updates.10. I . 00:50:46 C 192.250.0/16 128. O .2 200 0 200 400 i *>i203.250.0 is variably subnetted.EGP.0 0.incomplete Network Next Hop Metric LocPrf Weight Path *>i128.250. e .15.250.0 192. 01:12:09.213.EIGRP.0 is variably subnetted.OSPF inter area E1 .255.63.15.0 255.15.15.255.250.0 * 192. i . Serial1 203.250.255.15.13.

Summary 12-66 Internetworking Case Studies .