bgp _ final jami

BORDER GATEWAY PROTOCOLBGP

TYPES OF ISP CONNECTIONSSingle Homed

TYPES 0F ISP CONNECTIONSDual Homed

TYPES OF ISP CONNECTIONSMulti-homed

TYPES OF ISP CONNECTIONSDual Multi-homed

Lo0: 44.4.4.4/3244.4.4.4AS: 40044.4.4.4AS: 400 300 200

BGP COMMUNITY ATTRIBUTE

BGP Communites No-ExportObjective: Configure AS 2 using the community No-Export so that hosts on R3sEthernet have access to VLANs 5 and 43 but AS 1 and AS 3 cannot reachVLANs 43 and 5 respectively

Directions Configure the topology per the diagram Configure EIGRP AS 2 on the links between R1 & R3 and R2 & R3 Configure BGP on R1, R2, R3, R4, and R5 per the diagram R1 should peer with R4 R2 should peer with R5 R1, R2, and R3 should all peer with each other Advertise R3s Ethernet into BGP on R3 Advertise VLAN 5 into BGP on R5 Advertise VLAN 43 into BGP on R4 Configure the community No-Export on R1 and R2 so that routes coming fromAS 1 are not passed to AS 3 and vice-versa

Final ConfigurationR1:interface FastEthernet0/0ip address 155.1.146.1 255.255.255.0!interface Serial0/1ip address 155.1.13.1 255.255.255.0!router eigrp 2network 155.1.13.1 0.0.0.0no auto-summary!router bgp 2neighbor 155.1.13.3 remote-as 2neighbor 155.1.13.3 next-hop-selfneighbor 155.1.23.2 remote-as 2neighbor 155.1.23.2 next-hop-selfneighbor 155.1.23.2 send-communityneighbor 155.1.146.4 remote-as 3neighbor 155.1.146.4 route-map NO_EXPORT in!route-map NO_EXPORT permit 10set community no-exportR2:interface FastEthernet0/0ip address 192.10.1.2 255.255.255.0!interface Serial0/0encapsulation frame-relay!interface Serial0/0.1 point-to-pointip address 155.1.0.2 255.255.255.0frame-relay interface-dlci 205!interface Serial0/1ip address 155.1.23.2 255.255.255.0router eigrp 2network 155.1.23.2 0.0.0.0no auto-summaryrouter bgp 2neighbor 155.1.0.5 remote-as 1neighbor 155.1.0.5 route-map NO_EXPORT inneighbor 155.1.13.1 remote-as 2neighbor 155.1.13.1 next-hop-selfneighbor 155.1.13.1 send-communityneighbor 155.1.23.3 remote-as 2neighbor 155.1.23.3 next-hop-self!route-map NO_EXPORT permit 10set community no-export

R3:interface Ethernet0/0ip address 155.1.37.3 255.255.255.0!interface Serial1/2ip address 155.1.13.3 255.255.255.0clockrate 64000!interface Serial1/3ip address 155.1.23.3 255.255.255.0clockrate 64000!router eigrp 2network 155.1.13.3 0.0.0.0network 155.1.23.3 0.0.0.0no auto-summary!router bgp 2network 155.1.37.0 mask 255.255.255.0neighbor 155.1.13.1 remote-as 2neighbor 155.1.23.2 remote-as 2R4:interface Ethernet0/0ip address 204.12.1.4 255.255.255.0!interface Ethernet0/1ip address 155.1.146.4 255.255.255.0!router bgp 3network 204.12.1.0neighbor 155.1.146.1 remote-as 2R5:interface Serial0/0ip address 155.1.0.5 255.255.255.0encapsulation frame-relayframe-relay map ip 155.1.0.2 502 broadcast!interface Ethernet0/1ip address 155.1.5.5 255.255.255.0!router bgp 1network 155.1.5.0 mask 255.255.255.0neighbor 155.1.0.2 remote-as 2

VerificationRack1R3#ping 155.1.5.5 source 155.1.37.3Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 155.1.5.5, timeout is 2seconds:Packet sent with a source address of 155.1.37.3!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max =84/86/88 msRack1R5#show ip bgpBGP table version is 3, local router ID is 150.1.5.5Status codes: s suppressed, d damped, h history, * valid, >best, i - internal,r RIB-failure, S StaleOrigin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrfWeight Path*> 155.1.5.0/24 0.0.0.0 0 32768 i*> 155.1.37.0/24 155.1.0.20 2 i

BGP Communites No-AdvertiseObjective: Configure R2 using the community No-Advertise so that hosts on R3sEthernet, VLAN 5, and VLAN 43 all have access to each other but only R2has access to VLAN 58

Directions Configure the topology per the diagram Configure EIGRP AS 2 on the links between R1 & R3 and R2 & R3 Configure BGP on R1, R2, R3, R4, and R5 per the diagram R1 should peer with R4 R2 should peer with R5 R1, R2, and R3 should all peer with each other Advertise R3s Ethernet into BGP on R3 Advertise VLANs 5 and 58 into BGP on R5 Advertise VLAN 43 into BGP on R4 Configure the community No-Advertise on R2 so that VLAN 58 is not advertisedto any neighbor

Final ConfigurationR1:interface FastEthernet0/0ip address 155.1.146.1 255.255.255.0!interface Serial0/1ip address 155.1.13.1 255.255.255.0!router eigrp 2network 155.1.13.1 0.0.0.0no auto-summary!router bgp 2neighbor 155.1.13.3 remote-as 2neighbor 155.1.13.3 next-hop-selfneighbor 155.1.23.2 remote-as 2neighbor 155.1.23.2 next-hop-selfneighbor 155.1.146.4 remote-as 3R2:interface FastEthernet0/0ip address 192.10.1.2 255.255.255.0interface Serial0/0encapsulation frame-relayinterface Serial0/0.1 point-to-pointip address 155.1.0.2 255.255.255.0frame-relay interface-dlci 205interface Serial0/1ip address 155.1.23.2 255.255.255.0router eigrp 2network 155.1.23.2 0.0.0.0no auto-summaryrouter bgp 2neighbor 155.1.0.5 remote-as 1neighbor 155.1.0.5 route-map NO_ADVERTISE inneighbor 155.1.13.1 remote-as 2neighbor 155.1.13.1 next-hop-selfneighbor 155.1.23.3 remote-as 2neighbor 155.1.23.3 next-hop-selfip prefix-list VLAN58 permit 155.1.58.0/24route-map NO_ADVERTISE permit 10match ip address prefix-list VLAN58set community no-advertiseroute-map NO_ADVERTISE permit 20

R3:interface Ethernet0/0ip address 155.1.37.3 255.255.255.0!interface Serial1/2ip address 155.1.13.3 255.255.255.0clockrate 64000!interface Serial1/3ip address 155.1.23.3 255.255.255.0clockrate 64000!router eigrp 2network 155.1.13.3 0.0.0.0network 155.1.23.3 0.0.0.0no auto-summary!router bgp 2network 155.1.37.0 mask 255.255.255.0neighbor 155.1.13.1 remote-as 2neighbor 155.1.23.2 remote-as 2R4:interface Ethernet0/0ip address 204.12.1.4 255.255.255.0!interface Ethernet0/1ip address 155.1.146.4 255.255.255.0!router bgp 3network 204.12.1.0neighbor 155.1.146.1 remote-as 2R5:interface Serial0/0ip address 155.1.0.5 255.255.255.0encapsulation frame-relayframe-relay map ip 155.1.0.2 502 broadcast!interface Ethernet0/0ip address 155.1.58.5 255.255.255.0!interface Ethernet0/1ip address 155.1.5.5 255.255.255.0!router bgp 1network 155.1.5.0 mask 255.255.255.0network 155.1.58.0 mask 255.255.255.0neighbor 155.1.0.2 remote-as 2

VerificationRack1R2#show ip bgp 155.1.58.0BGP routing table entry for 155.1.58.0/24, version 4Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to any peer)Not advertised to any peer1155.1.0.5 from 155.1.0.5 (150.1.5.5)Origin IGP, metric 0, localpref 100, valid, external,bestCommunity: no-advertiseRack1R3#ping 155.1.5.5 source 155.1.37.3Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 155.1.5.5, timeout is 2seconds:Packet sent with a source address of 155.1.37.3!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max =84/87/88 ms

BGP ConfederationObjective: Configure R1, R2, and R3 in confederation so that AS 1 and AS 3 see them as all belonging to AS 2

Directions Configure the topology per the diagram Configure BGP on R1, R2, R3, R4, and R5 per the diagram R1 and R3 should use the private AS 65013 and the public AS 2 R2 should use the private AS 65002 and the public AS 2 R1 should peer with R3 and R4 R2 should peer with R3 and R5 Advertise R3s Ethernet into BGP on R3 Advertise VLAN 5 into BGP on R5 Advertise VLAN 43 into BGP on R4

Final ConfigurationR1:interface FastEthernet0/0ip address 155.1.146.1 255.255.255.0!interface Serial0/1ip address 155.1.13.1 255.255.255.0!router eigrp 2network 155.1.13.1 0.0.0.0no auto-summary!router bgp 65013bgp confederation identifier 2neighbor 155.1.13.3 remote-as 65013neighbor 155.1.13.3 next-hop-selfneighbor 155.1.146.4 remote-as 3R2:interface FastEthernet0/0ip address 192.10.1.2 255.255.255.0interface Serial0/0encapsulation frame-relay!interface Serial0/0.1 point-to-pointip address 155.1.0.2 255.255.255.0frame-relay interface-dlci 205!interface Serial0/1ip address 155.1.23.2 255.255.255.0!router eigrp 2network 155.1.23.2 0.0.0.0network 155.1.0.2 0.0.0.0no auto-summarypassive-interface serial 0/0!router bgp 65002bgp confederation identifier 2bgp confederation peers 65013neighbor 155.1.0.5 remote-as 1neighbor 155.1.23.3 remote-as 65013

R3:interface Ethernet0/0ip address 155.1.37.3 255.255.255.0!interface Serial1/2ip address 155.1.13.3 255.255.255.0clockrate 64000!interface Serial1/3ip address 155.1.23.3 255.255.255.0clockrate 64000!router eigrp 2network 155.1.13.3 0.0.0.0network 155.1.23.3 0.0.0.0no auto-summary!router bgp 65013bgp confederation identifier 2bgp confederation peers 65002network 155.1.37.0 mask 255.255.255.0neighbor 155.1.13.1 remote-as 65013neighbor 155.1.13.1 next-hop-selfneighbor 155.1.23.2 remote-as 65002R4:interface Ethernet0/0ip address 204.12.1.4 255.255.255.0!interface Ethernet0/1ip address 155.1.146.4 255.255.255.0!router bgp 3network 204.12.1.0neighbor 155.1.146.1 remote-as 2R5:interface Serial0/0ip address 155.1.0.5 255.255.255.0encapsulation frame-relayframe-relay map ip 155.1.0.2 502 broadcast!interface Ethernet0/0ip address 155.1.58.5 255.255.255.0!interface Ethernet0/1ip address 155.1.5.5 255.255.255.0!router bgp 1network 155.1.5.0 mask 255.255.255.0neighbor 155.1.0.2 remote-as 2

VerificationRack1R3#ping 155.1.5.5 source 155.1.37.3Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 155.1.5.5, timeout is 2seconds:Packet sent with a source address of 155.1.37.3!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max =72/82/120 msRack1R3#ping 204.12.1.4 source 155.1.37.3Type escape sequence to abort.Sending 5, 100-byte ICMP Echos to 204.12.1.4, timeout is 2seconds:Packet sent with a source address of 155.1.37.3!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max =28/31/32 ms

BGP Communities Local ASObjective: Configure the community Local-AS on R1 so that only R3s Ethernetsegment has reachability to VLAN 43

Directions Configure the topology per the diagram Configure BGP on R1, R2, R3, R4, and R5 per the diagram R1 and R3 should use the private AS 65013 and the public AS 2 R2 should use the private AS 65002 and the public AS 2 R1 should peer with R3 and R4 R2 should peer with R3 and R5 Advertise R3s Ethernet into BGP on R3 Advertise VLAN 5 into BGP on R5 Advertise VLAN 43 into BGP on R4 Configure R1 to set VLAN 43 to the community Local-AS as it is received fromR4

Final ConfigurationR1:interface FastEthernet0/0ip address 155.1.146.1 255.255.255.0!interface Serial0/1ip address 155.1.13.1 255.255.255.0!router eigrp 2network 155.1.13.1 0.0.0.0no auto-summary!router bgp 65013bgp confederation identifier 2neighbor 155.1.13.3 remote-as 65013neighbor 155.1.13.3 next-hop-selfneighbor 155.1.13.3 send-communityneighbor 155.1.146.4 remote-as 3neighbor 155.1.146.4 route-map LOCAL_AS in!route-map LOCAL_AS permit 10set community local-asR2:interface FastEthernet0/0ip address 192.10.1.2 255.255.255.0interface Serial0/0encapsulation frame-relayinterface Serial0/0.1 point-to-pointip address 155.1.0.2 255.255.255.0frame-relay interface-dlci 205interface Serial0/1ip address 155.1.23.2 255.255.255.0router eigrp 2network 155.1.23.2 0.0.0.0no auto-summaryrouter bgp 65002bgp confederation identifier 2bgp confederation peers 65013neighbor 155.1.0.5 remote-as 1neighbor 155.1.23.3 remote-as 65013R3:interface Ethernet0/0ip address 155.1.37.3 255.255.255.0!interface Serial1/2ip address 155.1.13.3 255.255.255.0clockrate 64000!interface Serial1/3ip address 155.1.23.3 255.255.255.0clockrate 64000

router eigrp 2network 155.1.13.3 0.0.0.0network 155.1.23.3 0.0.0.0no auto-summary!router bgp 65013bgp confederation identifier 2bgp confederation peers 65002network 155.1.37.0 mask 255.255.255.0neighbor 155.1.13.1 remote-as 65013neighbor 155.1.13.1 next-hop-selfneighbor 155.1.23.2 remote-as 65002R4:interface Ethernet0/0ip address 204.12.1.4 255.255.255.0!interface Ethernet0/1ip address 155.1.146.4 255.255.255.0router bgp 3network 204.12.1.0neighbor 155.1.146.1 remote-as 2R5:interface Serial0/0ip address 155.1.0.5 255.255.255.0encapsulation frame-relayframe-relay map ip 155.1.0.2 502 broadcast!interface Ethernet0/0ip address 155.1.58.5 255.255.255.0!interface Ethernet0/1ip address 155.1.5.5 255.255.255.0!router bgp 1network 155.1.5.0 mask 255.255.255.0neighbor 155.1.0.2 remote-as 2

VerificationRack1R1#show ip bgp 204.12.1.0BGP routing table entry for 204.12.1.0/24, version 5Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised outside local AS)Advertised to non peer-group peers:155.1.13.33155.1.146.4 from 155.1.146.4 (150.1.4.4)Origin IGP, metric 0, localpref 100, valid, external,bestCommunity: local-ASRack1R3#show ip bgp 204.12.1.0BGP routing table entry for 204.12.1.0/24, version 5Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised outside local AS)Not advertised to any peer3155.1.13.1 from 155.1.13.1 (150.1.1.1)Origin IGP, metric 0, localpref 100, valid, confedinternal,bestCommunity: local-AS

2009 Cisco Systems, Inc. All rights reserved.CIERS-1 v4.04-*

Choosing a Best PathPrerequisite: good next hop, synchronized if necessary.Highest weightHighest local preferenceLocally originatedShortest AS path lengthOrigin codeLowest MEDEBGP over IBGPIf internal, prefer path with lowest IGP metric to next hopIf external, consider multipathIf external, prefer older oneLowest router ID or originator IDMinimum cluster list lengthLowest neighbor address


Path Attributes

CategoriesExamplesWell knownMandatoryOriginAS pathNext hopDiscretionaryLocal preferenceAtomic aggregateOptionalTransitiveCommunityAggregatorNontransitiveOriginator IDCluster listMulti-exit discriminator (MED)


BGP Peering Options Analysis

For any BGP neighbor relationship

Is it an EBGP neighbor relationship?

Is it an IBGP neighbor relationship?

Not directly connected

Directly connected

Confederation

Full mesh?

No full mesh?

Route reflector

Confederation member peering with internal AS

Confederation member peering with external public AS

Confederation member peering with external private AS

neighbor X.X.X.X disable-connected-check

neighbor X.X.X.X ebgp-multihop H

neighbor X.X.X.X update-source Y{z}

333P_050

Combination of route reflectors and confederations


Example: Creating an AggregateR3#sh run | sec router bgprouter bgp 4 aggregate-address 179.200.32.0 255.255.240.0 as-set summary-only neighbor 172.110.123.2 remote-as 44 neighbor 172.110.123.2 ebgp-multihop 255 neighbor 172.120.14.4 remote-as 4[lines removed for brevity]

R3#sh ip bgp[lines removed for brevity]

Network Next Hop Metric LocPrf Weight Path*> 179.200.32.0/20 0.0.0.0 100 32768 9999 is>i179.200.37.0/24 172.120.14.4 0 100 0 9999 is>i179.200.39.0/24 172.120.14.4 0 100 0 9999 is>i179.200.41.0/24 172.120.14.4 0 100 0 9999 is>i179.200.43.0/24 172.120.14.4 0 100 0 9999 i


Originating RoutesUse a network statement:Supports classful and classless routesUses origin code iUse redistribution techniques:Supports connected, static, or dynamic routesUses origin code ?Use aggregation:Summarizes routes by shortening the mask length of an existing route


R2R2AS 4.1AS 44R3R4R3BB1AS 9999.3172.16.14.0.4172.16.123.0IBGPEBGPEBGProuter bgp 44 neighbor 172.110.123.1 remote-as 44 neighbor 172.110.123.3 remote-as 4 neighbor 172.110.123.3 ebgp-multihop 255router bgp 4 neighbor 172.110.123.2 remote-as 44 neighbor 172.110.123.2 ebgp-multihop 255 neighbor 172.120.14.4 remote-as 4router BGP 4 neighbor 150.100.10.10 remote-as 9999 neighbor 172.110.123.3 remote-as 4Example: BGP Peer ConfigurationR4R1IBGPR1router bgp 44 neighbor 172.110.123.1 remote-as 44.2.1






****Should be CIERS110S04L01.ppt slide 15 (replaced R2#show run | beg router bgp with R2#show run | sec router bgp)

**Should be CIERS110S04L01.ppt slide 7 (fixed issue with BB1 label)

bgp _ final jami

Documents