© 2001, cisco systems, inc. multiprotocol bgp. © 2001, cisco systems, inc. multiprotocol bgp-2...

© 2001, Cisco Systems, Inc.

Multiprotocol BGPMultiprotocol BGP

© 2001, Cisco Systems, Inc. Multiprotocol BGP-2

ObjectivesObjectives

Upon completion of this chapter, you will be able to perform the following tasks: • Explain the difference between BGP for unicast IP and

MP-BGP for other protocols

• Describe how routing information for other protocols is carried in MP-BGP updates

• Describe the detailed operation of the route refresh mechanism

• Describe outbound route filters

Standard BGP vs.

Multiprotocol-BGP

Standard BGP vs.

Multiprotocol-BGP

www.cisco.com© 2001, Cisco Systems, Inc. Multiprotocol BGP-3



Upon completion of this section, you will be able to perform the following tasks: • Describe the format of standard and multi-protocol BGP

routing updates

• Explain the purpose of address families

• Describe the BGP capabilities negotiation

• Configure BGP address families on Cisco IOS devices

• Configure and monitor BGP capabilities negotiation on Cisco IOS devices


Overview of Standard BGPv4Overview of Standard BGPv4

• IP-only routing protocol

•Used mainly to exchange routing information between autonomous systems

•Simple BGP Update:

Marker OriginAS

PathNext-hopAddress

... NLRI

AttributesPrefix


Address FamiliesAddress Families

• Address Family is a network layer protocol identifier

• This parameter is used to differentiate routing updates of different protocols carried across the same BGP session

• It is a 16-bit value

• MP-BGP uses an additional sub-address family parameter (8 bits)

• Usual notation AFI/SAFI (i.e. 1/1)


Address Family ValuesAddress Family Values

• Address family values currently used with MP BGP:• 1/1 IP version 4 unicast

• 1/2 IP version 4 multicast

• 1/128 VPN_IP version 4 unicast

• All these protocols are essentially IPv4, but they have to be treated separately because of their differences

• They are regarded as three different protocols by routers


Multiprotocol BGP UpdatesMultiprotocol BGP Updates

•Designed to carry routing information of any layer-3 protocol

•Mostly used internally and not just between autonomous systems

•Multiprotocol BGP update:

Marker OriginAS

PathNext-hopAddress

NLRI

IPv4 Prefix

MP_REACHNLRI

MP_UNREACHNLRI

Reachableprefixes of

other protocols

Unreachableprefixes of

other protocols

Next-hopAddress for

IPv4 Prefixes


MP_REACH_NLRIMP_REACH_NLRI

•Optional non-transitive attribute

• Type code 14

•Contains: – AFI/SAFI to identify the protocol

– Next-hop information

– Network Layer Reachability Information (NLRI or prefix)

•NLRI format depends on the protocol (AFI/SAFI)


MP_UNREACH_NLRIMP_UNREACH_NLRI

•Optional non-transitive attribute

• Type code 15

•Contains: – AFI/SAFI to identify the protocol

– Withdrawn routes


Capabilities NegotiationCapabilities Negotiation

• BGP version 4 session starts with an exchange of OPEN messages

• An OPEN message contains:– BGP version

– AS number

– Hold time

– Router identifier

– Optional parameter (void by default)

• Multiprotocol extensions are negotiated as part of OPEN messages

• Optional parameter with type code 2 is used for negotiation of capabilities

• Capabilities are identified by an 8-bit Capability Code (CC) field


Capability CodesCapability Codes

• Capability Code is an 8-bit field

• CC values 1-127 are assigned by IANA, values 128 255 are vendor specific

• Some capabilities currently supported by different Cisco IOS versions:

– IPv4 unicast (CC=1, AFI=1/1)

– IPv4 multicast (CC=1, AFI=1/2)

– VPNv4 (CC=1, AFI=1/128)

– Standard route refresh (CC=2)

– Old style (Cisco proprietary) route refresh (CC=128)

– Outbound route filtering (CC=129)


BGP Session StartupExample

BGP Session StartupExample

OPEN: BGPv4, AS=1, HT=180, OP=2:

CC=1 AFI=1/1 (IPv4 unicast)CC=128 (old style route-refresh)CC=129 (outbound route filter)

OPEN: BGPv4, AS=2, HT=30, OP=2:

CC=1 AFI=1/1 (IPv4 unicast)CC=1 AFI=1/2 (IPv4 multicast)CC=1 AFI=1/128 (VPNv4)CC=2 (new style route-refresh)CC=128 (old style route-refresh)

AS 1IOS 12.0(14)S

AS 2IOS 12.1(5)T

Unknown capabilities are ignored


Example SummaryExample Summary

• The two routers exchange a different set of capabilities

•Only those capabilities supported by both routers are actually used

• The session may be terminated if one of the routers does not understand the Capabilities optional parameter


Configuring Address FamiliesConfiguring Address Families

address-family ipv4 {unicast | multicast}

router(config-router)#

• This command enters the configuration mode for IPv4 unicast or multicast address family

address-family vpnv4


• This command enters VPNv4 address family configuration mode


Configuring Address Families (cont.)

Configuring Address Families (cont.)

neighbor neighbor activate

router(config-router-af)#

• Enables the negotiation of capability for configured address family

• Only IPv4 unicast address familiy is activated by default

• All other address families are deactivated by default and need to be activated using this command


Disabling Capabilities Negotiation

Disabling Capabilities Negotiation

neighbor neighbor dont-capability-negotiate


• Routers that support capabilities negotiation will automatically use this optional parameter

• Depending on BGP implementation of the neighboring router, it may be impossible to establish a BGP session

• Use this command to disable capability negotiation


Behavior of MP-BGPBehavior of MP-BGP

• Multiple BGP sessions are multiplexed onto one TCP session

• Configuration of MP-BGP for different address families is almost completely separate

• Global commands that define the BGP session apply to all address families and are configured in the global BGP configuration mode:

– “neighbor ip remote-as as”

– “neighbor ip update-source intf”

– “neighbor ip ebgp-multihop”

– “neighbor ip password password”

– “neighbor ip timers keepalive holdtime”

– “neighbor ip version version”

• Other commands that only affect updates are configured in the address family configuration mode


Configuration ExampleConfiguration Example

AS 1 AS 2

router bgp 2 network 10.0.0.0 neighbor 1.0.0.1 remote-as 1 neighbor 1.0.0.1 update-source loopback 0 neighbor 1.0.0.1 next-hop-self neighbor 1.0.0.1 send-community neighbor 1.0.0.1 ebgp-multihop ! address-family vpnv4 neighbor 1.0.0.1 activate neighbor 1.0.0.1 next-hop-self neighbor 1.0.0.1 send-community extended exit-address-family!

If next-hop-self is desired for both IPv4

and VPNv4 it should be entered in the global BGP configuration

mode as well as VPNv4 address family

configuration mode

Remote AS is 1 for both IPv4 and VPNv4 updates.This command can only be entered in global BGP

configuration mode.


Monitoring MP-BGPMonitoring MP-BGP

show ip bgp neighbor [neighbor]

router#

• Shows detailed information about BGP neighbors

Router#show ip bgp neighbor 1.0.0.1BGP neighbor is 1.0.0.1, remote AS 1, external link BGP version 4, remote router ID 192.168.255.66 BGP state = Established, up for 01:48:35 Last read 00:00:28, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old) Address family IPv4 Unicast: advertised and received Address family VPNv4 Unicast: advertised Address family IPv4 Multicast: advertised Received 1388 messages, 0 notifications, 0 in queue Sent 1370 messages, 0 notifications, 0 in queue Route refresh request: received 0, sent 1 Default minimum time between advertisement runs is 30 seconds --More--

Router#show ip bgp neighbor 1.0.0.1BGP neighbor is 1.0.0.1, remote AS 1, external link BGP version 4, remote router ID 192.168.255.66 BGP state = Established, up for 01:48:35 Last read 00:00:28, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received(old) Address family IPv4 Unicast: advertised and received Address family VPNv4 Unicast: advertised Address family IPv4 Multicast: advertised Received 1388 messages, 0 notifications, 0 in queue Sent 1370 messages, 0 notifications, 0 in queue Route refresh request: received 0, sent 1 Default minimum time between advertisement runs is 30 seconds --More--


Monitoring MP-BGP (cont.)Monitoring MP-BGP (cont.)

For address family: IPv4 Unicast BGP table version 84, neighbor version 84 Index 1, Offset 0, Mask 0x2 7 accepted prefixes consume 252 bytes Prefix advertised 0, suppressed 0, withdrawn 0

For address family: VPNv4 Unicast BGP table version 1, neighbor version 0 Index 1, Offset 0, Mask 0x2 Inbound soft reconfiguration allowed Private AS number removed from updates to this neighbor NEXT_HOP is always this router 0 accepted prefixes consume 0 bytes Prefix advertised 0, suppressed 0, withdrawn 0, maximum limit 20 Threshold for warning message 75% Minimum time between advertisement runs is 3 seconds

For address family: IPv4 Multicast BGP table version 1, neighbor version 0 Index 1, Offset 0, Mask 0x2 0 accepted prefixes consume 0 bytes Prefix advertised 0, suppressed 0, withdrawn 0...

For address family: IPv4 Unicast BGP table version 84, neighbor version 84 Index 1, Offset 0, Mask 0x2 7 accepted prefixes consume 252 bytes Prefix advertised 0, suppressed 0, withdrawn 0

For address family: VPNv4 Unicast BGP table version 1, neighbor version 0 Index 1, Offset 0, Mask 0x2 Inbound soft reconfiguration allowed Private AS number removed from updates to this neighbor NEXT_HOP is always this router 0 accepted prefixes consume 0 bytes Prefix advertised 0, suppressed 0, withdrawn 0, maximum limit 20 Threshold for warning message 75% Minimum time between advertisement runs is 3 seconds

For address family: IPv4 Multicast BGP table version 1, neighbor version 0 Index 1, Offset 0, Mask 0x2 0 accepted prefixes consume 0 bytes Prefix advertised 0, suppressed 0, withdrawn 0...


Troubleshooting MP-BGPTroubleshooting MP-BGP

debug ip bgp [events]

router#

• Shows detailed information about BGP session negotiation and other events

Router#debug ip bgpBGP: 192.168.255.65 went from Idle to ActiveBGP: 192.168.255.65 open active, delay 27434msBGP: 192.168.255.65 passive openBGP: 192.168.255.65 went from Active to IdleBGP: 192.168.255.65 went from Idle to ConnectBGP: 192.168.255.65 rcv message type 1, length (excl. header) 38BGP: 192.168.255.65 rcv OPEN, version 4BGP: 192.168.255.65 went from Connect to OpenSentBGP: 192.168.255.65 sending OPEN, version 4, my as: 3BGP: 192.168.255.65 rcv OPEN w/ OPTION parameter len: 28BGP: 192.168.255.65 rcvd OPEN w/ optional parameter type 2 (Capability) len 6BGP: 192.168.255.65 OPEN has CAPABILITY code: 1, length 4BGP: 192.168.255.65 OPEN has MP_EXT CAP for afi/safi: 1/1...

Router#debug ip bgpBGP: 192.168.255.65 went from Idle to ActiveBGP: 192.168.255.65 open active, delay 27434msBGP: 192.168.255.65 passive openBGP: 192.168.255.65 went from Active to IdleBGP: 192.168.255.65 went from Idle to ConnectBGP: 192.168.255.65 rcv message type 1, length (excl. header) 38BGP: 192.168.255.65 rcv OPEN, version 4BGP: 192.168.255.65 went from Connect to OpenSentBGP: 192.168.255.65 sending OPEN, version 4, my as: 3BGP: 192.168.255.65 rcv OPEN w/ OPTION parameter len: 28BGP: 192.168.255.65 rcvd OPEN w/ optional parameter type 2 (Capability) len 6BGP: 192.168.255.65 OPEN has CAPABILITY code: 1, length 4BGP: 192.168.255.65 OPEN has MP_EXT CAP for afi/safi: 1/1... IPv4 unicast


Troubleshooting MP-BGP (cont.)

Troubleshooting MP-BGP (cont.)

BGP: 192.168.255.65 rcvd OPEN w/ optional parameter type 2 (Capability) len 6BGP: 192.168.255.65 OPEN has CAPABILITY code: 1, length 4BGP: 192.168.255.65 OPEN has MP_EXT CAP for afi/safi: 1/128BGP: 192.168.255.65 rcvd OPEN w/ optional parameter type 2 (Capability) len 6BGP: 192.168.255.65 OPEN has CAPABILITY code: 1, length 4BGP: 192.168.255.65 OPEN has MP_EXT CAP for afi/safi: 1/2BGP: 192.168.255.65 rcvd OPEN w/ optional parameter type 2 (Capability) len 2BGP: 192.168.255.65 OPEN has CAPABILITY code: 128, length 0BGP: 192.168.255.65 OPEN has ROUTE-REFRESH capability(old) for all address-familiesBGP: 192.168.255.65 went from OpenSent to OpenConfirmBGP: 192.168.255.65 send message type 1, length (incl. header) 61BGP: 192.168.255.65 send message type 4, length (incl. header) 19BGP: 192.168.255.65 rcv message type 4, length (excl. header) 0BGP: 192.168.255.65 went from OpenConfirm to Established%BGP-5-ADJCHANGE: neighbor 192.168.255.65 UpBGP: 192.168.255.65 send message type 4, length (incl. header) 19BGP: 192.168.255.65 rcv message type 4, length (excl. header) 0BGP: 2.0.0.2 send message type 4, length (incl. header) 19BGP: 2.0.0.2 rcv message type 4, length (excl. header) 0...

BGP: 192.168.255.65 rcvd OPEN w/ optional parameter type 2 (Capability) len 6BGP: 192.168.255.65 OPEN has CAPABILITY code: 1, length 4BGP: 192.168.255.65 OPEN has MP_EXT CAP for afi/safi: 1/128BGP: 192.168.255.65 rcvd OPEN w/ optional parameter type 2 (Capability) len 6BGP: 192.168.255.65 OPEN has CAPABILITY code: 1, length 4BGP: 192.168.255.65 OPEN has MP_EXT CAP for afi/safi: 1/2BGP: 192.168.255.65 rcvd OPEN w/ optional parameter type 2 (Capability) len 2BGP: 192.168.255.65 OPEN has CAPABILITY code: 128, length 0BGP: 192.168.255.65 OPEN has ROUTE-REFRESH capability(old) for all address-familiesBGP: 192.168.255.65 went from OpenSent to OpenConfirmBGP: 192.168.255.65 send message type 1, length (incl. header) 61BGP: 192.168.255.65 send message type 4, length (incl. header) 19BGP: 192.168.255.65 rcv message type 4, length (excl. header) 0BGP: 192.168.255.65 went from OpenConfirm to Established%BGP-5-ADJCHANGE: neighbor 192.168.255.65 UpBGP: 192.168.255.65 send message type 4, length (incl. header) 19BGP: 192.168.255.65 rcv message type 4, length (excl. header) 0BGP: 2.0.0.2 send message type 4, length (incl. header) 19BGP: 2.0.0.2 rcv message type 4, length (excl. header) 0...

VPNv4 unicast

IPv4 multicast

Cisco proprietary route refresh


SummarySummary

After completing this section, you should be able to perform the following tasks:• Describe the format of standard and multi-protocol BGP

routing updates

• Explain the purpose of address families

• Describe the BGP capabilities negotiation

• Configure BGP address families on Cisco IOS devices

• Configure and monitor BGP capabilities negotiation on Cisco IOS devices


Review QuestionsReview Questions

• What is an address family? What is its purpose?

• What are the differences between standard BGPv4 updates and multiprotocol updates?

• What are capabilities?

• What happens if two neighbors have mismatched capabilities?

• What can happen if one of the routers does not understand the optional parameter for capability negotiation?

Route RefreshRoute Refresh




Upon completion of this section, you will be able to perform the following tasks: • Identify the benefits of BGP route refresh extension

• Monitor BGP route refresh operation on Cisco IOS

• Use route refresh capability to force neighbors to resend routing information


Route RefreshRoute Refresh

•Route Refresh is a new BGP capability

• It is used to request a neighbor to resend routing information

• It is typically used after configuration changes to update the BGP table (route map, distribute list, prefix list, filter list, weight, local preference, MED, and so on)

•Traditional way of accomplishing this is to clear the BGP session


Route Refresh OptionsHard Clear

Route Refresh OptionsHard Clear

• Using “clear ip bgp neighbor neighbor” causes a session to close and re establish

• There is a down-time of approximately a minute, because it takes time to re-establish the session and to receive new updates

• After a few “clears”, an upstream ISP may dampen the propagated prefixes for a long time because of route-flap dampening


Route Refresh OptionsSoft Clear

Route Refresh OptionsSoft Clear

•Another option is to use an additional BGP table for each neighbor

•All received updates are stored in this table

• This solution may require a lot more memory in ISP’s routers that carry full Internet routing (around 100,000 networks at the time of writing)


Soft-reconfiguration and Memory Utilization

Soft-reconfiguration and Memory Utilization

100.000100.000

100.000

BGPTable(ISP3)

BGPTable(ISP2)BGP

Table(ISP1) BGP

table

Routingtable

FIBtable

ISP1 ISP2 ISP3

ISP1: 100.000 networksISP2: 100.000 networksISP3: 100.000 networksBGP table: 300.000 pathsRT: 100.000 networksFIB table: 100.000 networks-------------------------------------------Sum: 600.000 networks


Route Refresh CapabilityRoute Refresh Capability

•Does not require the BGP session to close

•Does not require any additional memory

•No down-time

• Two versions:– Cisco proprietary (Capability Code 128; for

all protocols)

– Standard (RFC 2918; Capability Code 2; per address-family refresh)


Route Refresh SpecificationRoute Refresh Specification

• Route refresh is a new BGP message with type code 5

• It contains two parameters:– Address Family Information

– Sub-address Family Information

• Neighbor will only resend routing information for specified address family

• It can only be used if the peer has previously advertised capabilities for Route Refresh and multiprotocol extensions for the requested Address Family


Using Route RefreshUsing Route Refresh

clear ip bgp { * | neighbor neighbor} in

router(config)#

• Sends a route-refresh message to the neighbor(s)• The command only works if the neighbor has

previously advertised the Route Refresh capability


Monitoring Route Refresh Functionality

Monitoring Route Refresh Functionality

show ip bgp neighbor neighbor

router#

• Verify the support for route refresh capability Router#show ip bgp neighbor 5.0.0.2BGP neighbor is 5.0.0.2, remote AS 2, external link Index 2, Offset 0, Mask 0x4 BGP version 4, remote router ID 193.77.3.241 BGP state = Established, table version = 51, up for 22:12:51 Last read 00:00:00, last send 00:00:00 Hold time 3, keepalive interval 1 seconds Configured hold time is 3, keepalive interval is 1 seconds Neighbor NLRI negotiation: Configured for unicast routes only Peer negotiated unicast routes only Exchanging unicast routes only Received route refresh capability(new) from peer ...

Router#show ip bgp neighbor 5.0.0.2BGP neighbor is 5.0.0.2, remote AS 2, external link Index 2, Offset 0, Mask 0x4 BGP version 4, remote router ID 193.77.3.241 BGP state = Established, table version = 51, up for 22:12:51 Last read 00:00:00, last send 00:00:00 Hold time 3, keepalive interval 1 seconds Configured hold time is 3, keepalive interval is 1 seconds Neighbor NLRI negotiation: Configured for unicast routes only Peer negotiated unicast routes only Exchanging unicast routes only Received route refresh capability(new) from peer ...


Troubleshooting Route Refresh

Troubleshooting Route Refresh

Router#debug ip bgp23:54:18: BGP: 5.0.0.2 open active, local address 5.0.0.123:54:18: BGP: 5.0.0.2 sending OPEN, version 423:54:18: BGP: 5.0.0.2 OPEN rcvd, version 423:54:18: BGP: 5.0.0.2 rcv OPEN w/ OPTION parameter len: 2623:54:18: BGP: 5.0.0.2 rcv OPEN w/ option parameter type 2 (Capability) len 623:54:18: BGP: 5.0.0.2 OPEN has CAPABILITY code: 1, length 423:54:18: BGP: 5.0.0.2 OPEN has MP_EXT CAP for afi/safi: 1/123:54:18: BGP: 5.0.0.2 rcv OPEN w/ option parameter type 2 (Capability) len 223:54:18: BGP: 5.0.0.2 OPEN has CAPABILITY code: 128, length 023:54:18: BGP: 5.0.0.2 rcv OPEN w/ option parameter type 2 (Capability) len 223:54:18: BGP: 5.0.0.2 OPEN has CAPABILITY code: 2, length 023:54:18: BGP: 5.0.0.2 rcv OPEN w/ option parameter type 2 (Capability) len 823:54:18: BGP: 5.0.0.2 OPEN has CAPABILITY code: 129, length 623:54:18: BGP: 5.0.0.2 rcv REFRESH_REQ for afi/sfai: 1/123:54:18: BGP: 5.0.0.2 start outbound soft reconfig for afi/safi: 1/1

Router#debug ip bgp23:54:18: BGP: 5.0.0.2 open active, local address 5.0.0.123:54:18: BGP: 5.0.0.2 sending OPEN, version 423:54:18: BGP: 5.0.0.2 OPEN rcvd, version 423:54:18: BGP: 5.0.0.2 rcv OPEN w/ OPTION parameter len: 2623:54:18: BGP: 5.0.0.2 rcv OPEN w/ option parameter type 2 (Capability) len 623:54:18: BGP: 5.0.0.2 OPEN has CAPABILITY code: 1, length 423:54:18: BGP: 5.0.0.2 OPEN has MP_EXT CAP for afi/safi: 1/123:54:18: BGP: 5.0.0.2 rcv OPEN w/ option parameter type 2 (Capability) len 223:54:18: BGP: 5.0.0.2 OPEN has CAPABILITY code: 128, length 023:54:18: BGP: 5.0.0.2 rcv OPEN w/ option parameter type 2 (Capability) len 223:54:18: BGP: 5.0.0.2 OPEN has CAPABILITY code: 2, length 023:54:18: BGP: 5.0.0.2 rcv OPEN w/ option parameter type 2 (Capability) len 823:54:18: BGP: 5.0.0.2 OPEN has CAPABILITY code: 129, length 623:54:18: BGP: 5.0.0.2 rcv REFRESH_REQ for afi/sfai: 1/123:54:18: BGP: 5.0.0.2 start outbound soft reconfig for afi/safi: 1/1

Old style route refresh

New style route refresh

Initialroute refresh

• Debug output after BGP session reset


Troubleshooting Route Refresh (cont.)

Troubleshooting Route Refresh (cont.)

Router#debug ip bgpRouter#debug ip bgp updatesRouter#clear ip bgp 5.0.0.2 in1d00h: BGP: 5.0.0.2 sending REFRESH_REQ(5) for afi/safi: 1/11d00h: BGP: 5.0.0.2 rcv UPDATE w/ attr: nexthop 5.0.0.2, origin i, metric 0, path 21d00h: BGP: 5.0.0.2 rcv UPDATE about 10.0.0.0/81d00h: BGP: bumping version for 10.0.0.0/8 from 0 to 521d00h: BGP: nettable_walker 10.0.0.0/8 calling revise_route1d00h: BGP: revise route installing 10.0.0.0/8 -> 5.0.0.21d00h: BGP: 5.0.0.2 computing updates, neighbor version 51, table version 52, starting at 0.0.0.01d00h: BGP: 5.0.0.2 update run completed, ran for 0ms, neighbor version 51, start version 52, throttled to 52, check point net 0.0.0.01d00h: BGP: 3.0.0.2 computing updates, neighbor version 51, table version 52, starting at 0.0.0.01d00h: BGP: 3.0.0.2 send UPDATE 10.0.0.0/8, next 3.0.0.11d00h: BGP: , metric 0, path 1 21d00h: BGP: 3.0.0.2 1 updates enqueued (average=45, maximum=45)1d00h: BGP: 3.0.0.2 update run completed, ran for 0ms, neighbor version 51, start version 52, throttled to 52, check point net 0.0.0.0

Router#debug ip bgpRouter#debug ip bgp updatesRouter#clear ip bgp 5.0.0.2 in1d00h: BGP: 5.0.0.2 sending REFRESH_REQ(5) for afi/safi: 1/11d00h: BGP: 5.0.0.2 rcv UPDATE w/ attr: nexthop 5.0.0.2, origin i, metric 0, path 21d00h: BGP: 5.0.0.2 rcv UPDATE about 10.0.0.0/81d00h: BGP: bumping version for 10.0.0.0/8 from 0 to 521d00h: BGP: nettable_walker 10.0.0.0/8 calling revise_route1d00h: BGP: revise route installing 10.0.0.0/8 -> 5.0.0.21d00h: BGP: 5.0.0.2 computing updates, neighbor version 51, table version 52, starting at 0.0.0.01d00h: BGP: 5.0.0.2 update run completed, ran for 0ms, neighbor version 51, start version 52, throttled to 52, check point net 0.0.0.01d00h: BGP: 3.0.0.2 computing updates, neighbor version 51, table version 52, starting at 0.0.0.01d00h: BGP: 3.0.0.2 send UPDATE 10.0.0.0/8, next 3.0.0.11d00h: BGP: , metric 0, path 1 21d00h: BGP: 3.0.0.2 1 updates enqueued (average=45, maximum=45)1d00h: BGP: 3.0.0.2 update run completed, ran for 0ms, neighbor version 51, start version 52, throttled to 52, check point net 0.0.0.0

• Debug output after route refresh


SummarySummary

After completing this section, you should be able to perform the following tasks:• Identify the benefits of BGP route refresh extension

• Monitor BGP route refresh operation on Cisco IOS

• Use route refresh capability to force neighbors to resend routing information



• What are the benefits of Route Refresh?

• What command is used to trigger route refresh?

Outbound Route FilteringOutbound Route Filtering




Upon completion of this section, you will be able to perform the following tasks: • Identify the benefits of outbound route filtering

• Explain the outbound route filtering operation

• Use outbound route filtering to optimize inbound filtering of routing updates


Outbound Route FilterOutbound Route Filter

•The purpose of outbound route filtering is to reduce the amount of BGP traffic and CPU use needed to process routing updates

•Routers exchange inbound filter configurations, which are used as outbound filters on neighboring routers

•Filters are described in ORF entries

•ORF entries are part of the Route-Refresh message


Inbound vs. Outbound Filtering

Inbound vs. Outbound Filtering

AS 1 AS 2Standard input

filter

100.000 routesFilterF_IN

100routes

Standard inbound filtering:

AS 1 AS 2Use filter F_IN (route refresh with ORF message)

Outbound route filtering:

100.000routes

FilterF_IN

100 routes

Output filter received from AS 2


ORF MessageORF Message

•ORF message consists of the following fields:• AFI/SAFI

• ORF type

• When to refresh

• List of ORF entries

•ORF entries depend on the ORF type

•ORF capability needs to be negotiated for every supported ORF type


ORF TypesORF Types

ORF types• NLRI (ORF type=1) - filters based on the

prefix

• Communities (ORF type=2) – filters based on standard BGP community attribute

• Extended Communities (ORF type=3) – filters based on the extended BGP community attribute

• Prefix list (ORF type=129) – filters based on Cisco implementation of prefix filtering


ORF ExampleORF Example

•AFI/SAFI is IPv4 Unicast

•ORF type is NLRI• Action: ADD, DELETE or DELETE ALL

• Match: PERMIT or DENY

• Scope: EXACT or REFINE

• NLRI: prefix

• When: IMMEDIATE or DEFER


ORF Example (cont.)ORF Example (cont.)

Anti-spoofing filter (does not accept routes for RFC1918 networks):• AFI/SAFI = 1/1 (IPv4 unicast)

• ORF type = 1 (NLRI)

• When to refresh – IMMEDIATE

• ORF entries:

–ADD DENY REFINE 10.0.0.0/8



–ADD PERMIT REFINE 0.0.0.0/0


ORF Capability Negotiation

neighbor neighbor capability prefix-filter


• Enables negotiation of prefix-list ORF capability during session set-up• ORF-capable BGP speaker will install ORFs per neighbor• Allows a neighbor to send a prefix list in route refresh messages

neighbor neighbor send prefix-filter


• Activates prefix-list ORF for the specified neighbor• Neighbor needs to send prefix-list ORF capability in OPEN message for

this command to take effect


Using Outbound Route Filtering

clear ip bgp neighbor in [prefix-filter]

router#

• Triggers a route-refresh message• Includes a prefix-list in the route-refresh message if

configured and supported on both ends• Prefix list is sent at session set-up• Use the “prefix-filter” option to refresh the

remote filter


Prefix-list ORF ExamplePrefix-list ORF Example

• Command “send prefix-filter” on one router requires “capability prefix filter” on neighboring router

AS 1 AS 2

router bgp 2 neighbor 5.0.0.1 remote-as 1 neighbor 5.0.0.1 capability prefix-filter neighbor 5.0.0.1 send prefix-filter neighbor 5.0.0.1 prefix-list P in!ip prefix-list P seq 5 deny 10.0.0.0/8 le 32ip prefix-list P seq 10 deny 172.16.0.0/12 le 32ip prefix-list P seq 15 deny 192.168.0.0/16 le 32ip prefix-list P seq 20 permit 0.0.0.0/0 le 32

router bgp 1 neighbor 5.0.0.2 remote-as 2 neighbor 5.0.0.2 capability prefix-filter


Monitoring Outbound Route Filtering

Monitoring Outbound Route Filtering

show ip bgp neighbor neighbor

router#

• Verifies the supported capabilitiesRouter#show ip bgp neighbor 5.0.0.1BGP neighbor is 5.0.0.1, remote AS 1, external link Index 1, Offset 0, Mask 0x2 BGP version 4, remote router ID 192.168.255.66 BGP state = Established, table version = 42, up for 00:00:12 Last read 00:00:00, last send 00:00:00 Hold time 3, keepalive interval 1 seconds Neighbor NLRI negotiation: Configured for unicast routes only Peer negotiated unicast routes only Exchanging unicast routes only Received route refresh capability(new) from peer Prefixlist ORF: Capability: advertised; received Filter: sent; Minimum time between advertisement runs is 30 seconds...

Router#show ip bgp neighbor 5.0.0.1BGP neighbor is 5.0.0.1, remote AS 1, external link Index 1, Offset 0, Mask 0x2 BGP version 4, remote router ID 192.168.255.66 BGP state = Established, table version = 42, up for 00:00:12 Last read 00:00:00, last send 00:00:00 Hold time 3, keepalive interval 1 seconds Neighbor NLRI negotiation: Configured for unicast routes only Peer negotiated unicast routes only Exchanging unicast routes only Received route refresh capability(new) from peer Prefixlist ORF: Capability: advertised; received Filter: sent; Minimum time between advertisement runs is 30 seconds...


SummarySummary

After completing this section, you should be able to perform the following tasks:• Identify the benefits of outbound route filtering

• Explain the outbound route filtering operation

• Use outbound route filtering to optimize inbound filtering of routing updates



• What are the benefits of using the outbound route filtering feature?

• How does ORF work?

• List some ORF types

• How is capability negotiation for prefix-list ORFs enabled?

• Which command do you use to filter updates on the remote end of the BGP session?


SummarySummary

After completing this chapter, you should be able to perform the following tasks:• Explain the difference between BGP for unicast IP and

MP-BGP for other protocols

• Describe how routing information for other protocols is carried in MP-BGP updates

• Describe the detailed operation of the route refresh mechanism

• Describe outbound route filters

© 2001, cisco systems, inc. multiprotocol bgp. © 2001, cisco systems, inc. multiprotocol bgp-2...

Documents

multiprotocol bgp slide

multiprotocol bgp updates

bgp session

bgp address families

cisco systems

mpbgp updates

value mpbgp

protocol afisafi slide