Cisco BGP Configuration

How to configure BGP peer-session template

contactus@wirethink.com (CiscoNET) — Wed, 20 Jan 2010 17:25:14 +0000

Here is "How to configure BGP peer-session template"

[ Assignement ]

All 4 routers are in AS 100 and linked in same Ethernet segment.
Establish BGP sessions, using Loopback 0 interface. Use RIPv2 as IGP.
Use template name "common" and "ibgp" and follow below guides;

common - verizon 4
password showipbgp

ibgp - remote-as 100
update-source loopback 0

[ IP Address Table ]

Router 1 - FastEthernet0/0 : 192.168.1.1/24
Loopback0 : 1.1.1.1/8
Loopback1 : 10.10.10.0/24

Router 2 - FastEthernet0/0 : 192.168.1.2/24
Loopback0 : 2.2.2.2/8
Loopback1 : 20.20.20.0/24

Router 3 - FastEthernet0/0 : 192.168.1.3/24
Loopback0 : 3.3.3.3/8
Loopback1 : 30.30.30.0/24

Router 4 - FastEthernet0/0 : 192.168.1.4/24
Loopback0 : 4.4.4.4/8
Loopback1 : 40.40.40.0/24

[ Network Outline ]

[ Router 1 ]

router rip
version 2
network 1.0.0.0
network 192.168.1.0
!
router bgp 100
template peer-session common
password showipbgp
version 4
exit-peer-session
!
template peer-session ibgp
remote-as 100
update-source Loopback0
inherit peer-session common
exit-peer-session
!
no synchronization
bgp log-neighbor-changes
network 10.10.10.0 mask 255.255.255.0
neighbor 2.2.2.2 inherit peer-session ibgp
neighbor 3.3.3.3 inherit peer-session ibgp
neighbor 4.4.4.4 inherit peer-session ibgp
no auto-summary

[ Router 2 ]

router rip
version 2
network 2.0.0.0
network 192.168.1.0
!
router bgp 100
template peer-session common
password showipbgp
version 4
exit-peer-session
!
template peer-session ibgp
remote-as 100
update-source Loopback0
inherit peer-session common
exit-peer-session
!
no synchronization
bgp log-neighbor-changes
network 20.20.20.0 mask 255.255.255.0
neighbor 1.1.1.1 inherit peer-session ibgp
neighbor 3.3.3.3 inherit peer-session ibgp
neighbor 4.4.4.4 inherit peer-session ibgp
no auto-summary

[ Router 3 ]

router rip
version 2
network 3.0.0.0
network 192.168.1.0
!
router bgp 100
template peer-session common
password showipbgp
version 4
exit-peer-session
!
template peer-session ibgp
remote-as 100
update-source Loopback0
inherit peer-session common
exit-peer-session
!
no synchronization
bgp log-neighbor-changes
network 30.30.30.0 mask 255.255.255.0
neighbor 1.1.1.1 inherit peer-session ibgp
neighbor 2.2.2.2 inherit peer-session ibgp
neighbor 4.4.4.4 inherit peer-session ibgp
no auto-summary

[ Router 4 ]

router rip
version 2
network 4.0.0.0
network 192.168.1.0
!
router bgp 100
template peer-session common
password showipbgp
version 4
exit-peer-session
!
template peer-session ibgp
remote-as 100
update-source Loopback0
inherit peer-session common
exit-peer-session
!
no synchronization
bgp log-neighbor-changes
network 40.40.40.0 mask 255.255.255.0
neighbor 1.1.1.1 inherit peer-session ibgp
neighbor 2.2.2.2 inherit peer-session ibgp
neighbor 3.3.3.3 inherit peer-session ibgp
no auto-summary

[Verifying]

Router1#sh ip bgp template peer-session ibgp
Template:ibgp, index:2
Local policies:0x81, Inherited polices:0x2
This template inherits:
common index:1 flags:0x0
Locally configured session commands:
remote-as 100
update-source Loopback0
Inherited session commands:
version 4

Router1#sh ip bgp
BGP table version is 15, local router ID is 10.10.10.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.10.10.0/24    0.0.0.0                  0         32768 i
*>i20.20.20.0/24    2.2.2.2                  0    100      0 i
*>i30.30.30.0/24    3.3.3.3                  0    100      0 i
*>i40.40.40.0/24    4.4.4.4                  0    100      0 i
Router1#

Router2#sh ip bgp template peer-session ibgp
Template:ibgp, index:2
Local policies:0x81, Inherited polices:0x2
This template inherits:
common index:1 flags:0x0
Locally configured session commands:
remote-as 100
update-source Loopback0
Inherited session commands:
version 4

Router2#sh ip bgp
BGP table version is 20, local router ID is 20.20.20.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i10.10.10.0/24    1.1.1.1                  0    100      0 i
*> 20.20.20.0/24    0.0.0.0                  0         32768 i
*>i30.30.30.0/24    3.3.3.3                  0    100      0 i
*>i40.40.40.0/24    4.4.4.4                  0    100      0 i
Router2#

Router3#sh ip bgp template peer-session ibgp
Template:ibgp, index:2
Local policies:0x81, Inherited polices:0x2
This template inherits:
common index:1 flags:0x0
Locally configured session commands:
remote-as 100
update-source Loopback0
Inherited session commands:
version 4

Router3#sh ip bgp
BGP table version is 7, local router ID is 30.30.30.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i10.10.10.0/24    1.1.1.1                  0    100      0 i
*>i20.20.20.0/24    2.2.2.2                  0    100      0 i
*> 30.30.30.0/24    0.0.0.0                  0         32768 i
*>i40.40.40.0/24    4.4.4.4                  0    100      0 i
Router3#

Router4#sh ip bgp template peer-session ibgp
Template:ibgp, index:2
Local policies:0x81, Inherited polices:0x2
This template inherits:
common index:1 flags:0x0
Locally configured session commands:
remote-as 100
update-source Loopback0
Inherited session commands:
version 4

Router4#sh ip bgp
BGP table version is 5, local router ID is 40.40.40.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*>i10.10.10.0/24    1.1.1.1                  0    100      0 i
*>i20.20.20.0/24    2.2.2.2                  0    100      0 i
*>i30.30.30.0/24    3.3.3.3                  0    100      0 i
*> 40.40.40.0/24    0.0.0.0                  0         32768 i
Router4#

[Cisco] Shadow connection with BGP

contactus@wirethink.com (CiscoNET) — Tue, 19 May 2009 02:28:02 +0000

It is a one of fail-over solution. Most ISP has this service. For the shadow link, probably you would pay less than primary connection. Only the primary connection processes traffic in a normal operating state. If the primary connection experiences connectivity issues, all traffic is forwarded over the shadow connection until such time as the primary connection again becomes available.

Testing Environment

Same ISP with physically separated two serial connection(T1)
Using BGP
Two WAN goes into a router

Sample configuration

interface Ethernet0
ip address x.x.x.1 255.255.255.0
!
interface Serial0
description primary link
ip address y.y.y.1
!
interface Serial1
description shadow link
ip address z.z.z.1
!
router bgp [Customer ASN]
no synchronization
no bgp log-neighbor-changes
network x.x.x.0 mask 255.255.255.0
neighbor y.y.y.1 [remote-as Other side ASN 1]
neighbor z.z.z.1 [remote-as Other side ASN 2]
neighbor z.z.z.1 route-map shadow in
neighbor z.z.z.1 route-map shadow out
no auto-summary
!
route-map shadow permit 10
set metric 10
!

C isco 2811 Integrated Service Router: 2811 chassis, 64MB Flash (default), 256MB DRAM (defa ult)
Two 1-port T1 WAN Interface Cards (WIC-1DSU-T1-V2)
Cisco IOS version 12 .3.11T2 SP Services

BGP sample configuration guide - Cisco

contactus@wirethink.com (CiscoNET) — Tue, 19 May 2009 02:14:43 +0000

More sample configuration is visit www.showipbgp.com.

www.showIPbgp.com

Here is the BGP configurations for any possible combination of link layout for BGP. One of case in below chat should be match with your current network layout or your network want to be.

Cases	ISP "A" (Line /Router)	ISP "B" (Line /Router)	Uer's Router	IGP/HSRP/NAT	Key Point
Case 1-1	(1/1)	-	1	no/no/no	> Basic BGP with default route
Case 1-2	(1/1)	-	1	no/no/no	> Basic BGP with Metric
Case 1-3	(1/1)	-	1	no/no/no	> Basic BGP with AS prepand
Case 1-4	(1/1)	-	1	no/no/no	> Basic BGP with Community String
Case 1-5	(1/1)	-	1	EIGRP/no/no	> Basic BGP with IGP/EIGRP
Case 1-6	(1/1)	-	1	IBGP/no/no	> Basic BGP with IGP/iBGP
Case 1-7	(1/1)	-	1	no/no/Yes	> Basic BGP with NAT
Case 1-8	(1/1)	-	1	no/no/no	> Basic Multi-hop eBGP
Case 2-1	(2/1)	-	1	no/no/no	> Multi-hop eBGP with load-sharing
Case 2-2	(2/1)	-	1	no/no/no	> Multi-hop eBGP with Community String
Case 3-1	(2/2)	-	1	no/no/no	> Shadow/Fail-over/Local-pref
Case 3-2	(2/2)	-	1	no/no/no	> Dual WAN/Fail-over/AS prepand
Case 3-3	(2/2)	-	1	no/no/no	> Dual WAN/Community String
Case 4-1	(1/1)	(1/1)	1	no/no/no	> Dual homed/AS prepand
Case 4-2	(1/1)	(1/1)	1	no/no/no	> Dual homed/Community String
Case 4-3	(2/2)	-	2	no/HSRP/no	> Dual homed/AS prepand
Case 4-4	(2/2)	-	2	no/HSRP/no	> Dual homed/Community String
Case 5-1	(1/1)	(1/1)	2	no/HSRP/no	> Dual homed/AS prepand
Case 5-2	(1/1)	(1/1)	2	no/HSRP/no	> Dual homed/Community String
Case 6-3	(1/1)	(1/1)	2	EIGRP/no/no	> AS prepand
Case 6-4	(1/1)	(1/1)	2	OSPF/no/no	> AS prepand

**Click Case # in above table in order to see an articles

If you see any problems or questions, please feel free to send email us or use Forum.cisconet.com to get fast response.

BGP sample configuration Case 2-1

contactus@wirethink.com (CiscoNET) — Tue, 19 May 2009 02:08:51 +0000

Here is a sample EBGP configuration for someone who has two connections with an ISP or remote site. It is a called multihoming / multi-hop EBGP. This configuration has been tested and verified at our lab. If you have any questions and problems, try our web BGP tutorial page first. And If you still need further assistance, please feel free to contact us by email or use our Forum.

"List of BGP Sample Configurations"

[Assumption]

1. Device : LAN/WAN ports for BGP.
2. WAN encapsulation : HDLC
3. WAN : 1.1.1.1/30 (mask 255.255.255.252) - assumed public IP here.

Router 1 / Serial 0 = 1.1.1.1/30
Router 1 / Serial 1 = 2.2.2.1/30
Router 1 / Loopback 0 = 3.3.3.3/32
Router 2 / Serial 0 = 1.1.1.2/30
Router 2 / Serial 1 = 2.2.2.2/30
Router 2 / Loopback 0 = 4.4.4.4/32

4. LAN / Ethernet IP : 10.10.10.1/24 (255.255.255.0) - assumed public IP here.
5. Receiving route : Full route from ISP or if partial route, set default route
6. IOS version : Latest and supporting BGP
7. Memory : Full route(recommend 512M), partial route(recommend 128-256M)
8. IGP : None

[Router 1/Customer]

Current configuration:
!
version 12.x
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname Router1
!
enable secret 5 Pl$RwwQMKXmRs8oFcaCCvLxX$1$VG/
!
ip subnet-zero
ip name-server x.x.x.x
ip name-server y.y.y.y
!
interface Loopback0
description to Loopback for BGP
ip address 3.3.3.3 255.255.255.255
no ip directed-broadcast
no ip mroute-cache
!
interface Ethernet0
description to Internal network
ip address 10.10.10.1 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
!
interface Serial0
description to ISP A - Line1
ip address 1.1.1.1 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial1
description to ISP A - Line2
ip address 2.2.2.1 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
router bgp 100
no auto-summary
neighbor 4.4.4.4 remote-as 200
neighbor 4.4.4.4 version 4
neighbor 4.4.4.4 ebgp-multihop 2
neighbor 4.4.4.4 update-source loopback0
neighbor 4.4.4.4 prefix-list 1 out
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0 <----- Default route, if partial routes are receiving from ISP
or you can request ISP to send one thru BGP.
ip route 4.4.4.4 255.255.255.255 Serial0
ip route 4.4.4.4 255.255.255.255 Serial1
!
ip prefix-list 1 description to ISP
ip prefix-list 1 seq 5 permit 10.10.10.0/24 le 32
!
line con 0
line aux 0
line vty 0 4
login
!
end

[Router 2/ ISP]

CCurrent configuration:
!
version 12.x
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname Router2
!
enable secret 5 Pl$RwwQMKXmRs8oFcaCCvLxX$1$VG/
!
ip subnet-zero
ip name-server x.x.x.x
ip name-server y.y.y.y
ip name-server z.z.z.z
!
interface Loopback0
description to Loopback for BGP
ip address 4.4.4.4 255.255.255.255
no ip directed-broadcast
no ip mroute-cache
!
interface POS1/0
description to Uplink
ip address x.x.x.x 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
!
:
:
:
!
interface Serial0
description to customer's line 1
ip address 1.1.1.2 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial1
description to customer's line 2
ip address 2.2.2.2 255.255.255.252
no ip mroute-cache
no ip directed-broadcast
no fair-queue
!
router bgp 200
no auto-summary
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 version 4
neighbor 3.3.3.3 ebgp-multihop 2
neighbor 3.3.3.3 update-source loopback0
neighbor 3.3.3.3 default-originate <--- If customer request to send a default route
neighbor 3.3.3.3 prefix-list 1 in
!
ip classless
ip route 3.3.3.3 255.255.255.255 Serial0
ip route 3.3.3.3 255.255.255.255 Serial1
!
ip prefix-list 2 description from customer or peer
ip prefix-list 2 seq 5 permit 10.10.10.0/24 le 32
!
!
line con 0
line aux 0
line vty 0 4
login
!
end

[Verified]

Router5#sh ip bgp nei 4.4.4.4 ad
BGP table version is 15, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/24 0.0.0.0 0 32768 ?
Router5#

Router6#sh ip bgp neighbors 3.3.3.3 ro
BGP table version is 19, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/24 3.3.3.3 0 0 100 ?

Total number of prefixes 1
Router6#

If you have any questions and problems, try our web BGP tutorial page first. And If you still need further assistance, please feel free to contact us by email or use our Forum.

BGP sample configuration Case 1-4

contactus@wirethink.com (CiscoNET) — Tue, 19 May 2009 02:04:12 +0000

Here is a sample eBGP configuration with Community String option for someone has a single connection with an ISP or remote site. This article will show how to apply BGP Community String option on your router. If you want to see more complex examples(with multiple ISP connections), check a list of BGP sample configuration page. This configuration has been tested and verified at our lab. If you have any questions and problems, try our web BGP tutorial page first. And If you still need further assistance, please feel free to contact us by email or use our Forum.cisconet.com

► Basic eBGP configuration with Community String

[Assumption]

1. Device : Cisco router with LAN/WAN ports
2. IOS version : Latest or at least BGP support
3. WAN encapsulation : HDLC
4. WAN / Serial IP : 1.1.1.1/30 (mask 255.255.255.252) - assumed public IP here.
5. LAN / Ethernet IP : 10.10.10.1/24 (mask 255.255.255.0) - assumed public IP here.
6. Receiving route : Default route + full route from ISP
7. Memory : Full route(recommend 512M), partial route(recommend 128-256M)
8. ASN : If you don't have one, then apply one.

US(ARIN.com), ASIA(APNIC.com), Europe(RIPE.net) and South America(Lacnic.net)
If your all upstream connections are subscribed with only one ISP, contact the ISP to rent free ASN. Again, you won't use the rental ANS for other ISP connection.

9. IGP : None
10. Community String : AS prepending(200:1 = 200, 200:3=200 200, 200:3=200 200 200)
Localpref ( 200:80 = Local pref 80, 200:120 = Local pref 120)

[Router 1/Customer]

Current configuration:
!
version 12.x
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname Router1
!
enable secret 5 Pl$fwmRs8ofaCCvLxf$VG/
!
ip subnet-zero
ip name-server x.x.x.x
ip name-server y.y.y.y
!
interface Ethernet0
description to Internal network
ip address 10.10.10.1 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
!
interface Serial0
description to ISP
ip address 1.1.1.1 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial1
no ip mroute-cache
no ip directed-broadcast
shutdown
!
router bgp 100
no auto-summary
redistribute connected
neighbor 1.1.1.2 remote-as 200 <---- ISP's ASN
neighbor 1.1.1.2 version 4
neighbor 1.1.1.2 send-community
neighbor 1.1.1.2 route-map bgp_community out
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0 <----- Default route, if partial routes are receiving from ISP, you must have this default route statement. You can request ISP to send default route through BGP.
!
ip bgp-community new-format
!
ip prefix-list 1 description announcing routes to ISP
ip prefix-list 1 seq 5 permit 10.10.10.0/24 le 32
!
route-map bgp_community permit 10
match ip address prefix-list 1
set community 200:2 200:120 <---- sending BGP community String
!
line con 0
line aux 0
line vty 0 4
login
!
end

[Router 2/ISP]

Current configuration:
!
version 12.x
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname Router2
!
enable secret 5 Pl$RwwQMKXmRLxX$1$VG/
!
ip subnet-zero
ip name-server x.x.x.x
ip name-server y.y.y.y
!
interface POS1/0
description to Uplink
ip address x.x.x.x 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
!
:
:
:
!
interface Serial0
description to ISP
ip address 1.1.1.2 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial1
no ip mroute-cache
no ip directed-broadcast
shutdown
!
router bgp 200
neighbor 1.1.1.1 remote-as 100 <---- Other side's ASN
neighbor 1.1.1.1 version 4
neighbor 1.1.1.1 default-originate <---- Sending default route to customer through BGP.
neighbor 1.1.1.1 route-map bgp_community in
neighbor 1.1.1.1 prefix-list 2 in
!
ip classless
ip bgp-community new-format
ip community-list 1 permit 200:1
ip community-list 2 permit 200:2
ip community-list 3 permit 200:3
ip community-list 4 permit 200:80
ip community-list 5 permit 200:120
!
ip prefix-list 2 description from customer or peer
ip prefix-list 2 seq 5 permit 10.10.10.0/24 le 32 <---- Accepting smaller block than /24
!
route-map bgp_community permit 10
match community 2 5
set as-patch prepend 200 200
set local-preference 120
!
line con 0
line aux 0
line vty 0 4
login
!
end

[Verified]

Router1# sh ip bgp neighbors 1.1.1.2 ad
BGP table version is 8, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/24 0.0.0.0 0 0 32768 ?
Router1#

Router2#sh ip bgp nei 1.1.1.1 ro
BBGP table version is 245, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/24 1.1.1.1 0 120 200 200 100? <---- AS prepended two times

Total number of prefixes 1

Router1#sh ip bgp neighbors 1.1.1.2 ro <---- Getting default route from ISP
BGP table version is 10, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network NextHop Metric LocPrf Weight Path
*> 0.0.0.0 1.1.1.2 0 200 i

Total number of prefixes 1
Router1#

If you have any questions and problems, try our web BGP tutorial page first. And If you still need further assistance, please feel free to contact us by email or use our Forum.cisconet.com

BGP sample configuration Case 1-3

contactus@wirethink.com (CiscoNET) — Tue, 19 May 2009 01:57:18 +0000

Here is a sample eBGP configuration with AS-path prepend option for someone has a single connection with an ISP or remote site. This article will show how to apply AS-path prepend option on your router. If you want to see more complex examples(with multiple ISP connections), check a list of BGP sample configuration page. This configuration has been tested and verified at our lab. If you have any questions and problems, try our web BGP tutorial page first. And If you still need further assistance, please feel free to contact us by email or use our Forum.cisconet.com

► Basic eBGP configuration with AS-path prepend

[Assumption]

1. Device : Cisco router with LAN/WAN ports.
2. IOS version : Latest or at least BGP support
3. WAN encapsulation : HDLC
4. WAN / Serial IP : 1.1.1.1/30 (mask 255.255.255.252) - assumed public IP here.
5. LAN / Ethernet IP : 10.10.10.1/24 (mask 255.255.255.0) - assumed public IP here.
6. Receiving route : Default route + full route from ISP
7. Memory : Full route(recommend 512M), partial route(recommend 128-256M)
8. ASN : If you don't have one, then apply one.

9. IGP : None

[Router 1/Customer]

Current configuration:
!
version 12.x
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname Router1
!
enable secret 5 Pl$RwwQMKXmRs8oFcaCCvLxX$1$VG/
!
ip subnet-zero
ip name-server x.x.x.x
ip name-server y.y.y.y
ip name-server z.z.z.z
!
!
interface Ethernet0
description to Internal network
ip address 10.10.10.1 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
!
interface Serial0
description to ISP
ip address 1.1.1.1 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial1
no ip mroute-cache
no ip directed-broadcast
shutdown
!
router bgp 100
no auto-summary
redistribute connected
neighbor 1.1.1.2 remote-as 200 <---- 200 is ISP's ASN
neighbor 1.1.1.2 version 4
neighbor 1.1.1.2 route-map To_ISP out
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0 <----- Default route, if partial routes are receiving from ISP, you must have this default route statement. You can request ISP to send default route through BGP.
!
ip prefix-list 1 description announcing routes to ISP
ip prefix-list 1 seq 5 permit 10.10.10.0/24 le 32
!
route-map To_ISP permit 10
match ip address prefix-list 1
set as-path prepend 100 100 100 <---- AS prepended three times
!
line con 0
line aux 0
line vty 0 4
login
!
end

[Router 2/ISP]

Current configuration:
!
version 12.x
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname Router2
!
enable secret 5 Pl$RwwQMKXmRs8oFcaCCvLxX$1$VG/
!
ip subnet-zero
ip name-server x.x.x.x
ip name-server y.y.y.y
ip name-server z.z.z.z
!
!
interface POS1/0
description to Uplink
ip address x.x.x.x 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
!
:
:
:
!
interface Serial0
description to ISP
ip address 1.1.1.2 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial1
no ip mroute-cache
no ip directed-broadcast
shutdown
!
router bgp 200
neighbor 1.1.1.1 remote-as 100 <---- 100 is other side's ASN
neighbor 1.1.1.1 version 4
neighbor 1.1.1.1 default-originate <---- Sending default route to customer through BGP.
neighbor 1.1.1.1 prefix-list 2 in
!
ip classless
!
ip prefix-list 2 description from customer or peer
ip prefix-list 2 seq 5 permit 10.10.10.0/24 le 32 <---- Accepting smaller block than /24
!
line con 0
line aux 0
line vty 0 4
login
!
end

[Verified]

Router2#sh ip bgp neighbors 1.1.1.1 ro
BBGP table version is 245, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/24 1.1.1.1 0 0 100 100 100 100 ? <---- AS prepended three times

Total number of prefixes 1

If you have any questions and problems, try our web BGP tutorial page first. And If you still need further assistance, please feel free to contact us by email or use our Forum.cisconet.com

BGP sample configuration Case 1-2

contactus@wirethink.com (CiscoNET) — Tue, 19 May 2009 01:47:57 +0000

Here is a sample eBGP configuration with Metric option for someone has a single connection with an ISP or remote site. This article will show how to apply Metric option. If you want to see more complex examples(with multiple ISP connections), check a list of BGP sample configuration page. This configuration has been tested and verified at our lab. If you have any questions and problems, try our web BGP tutorial page first. And If you still need further assistance, please feel free to contact us by email or use our Forum.cisconet.com

► Basic eBGP configuration with Local-pref

[Assumption]

9. IGP : None

[Router 1/Customer]

Current configuration:
!
version 12.x
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname Router1
!
enable secret 5 Pl$RwwQMKXmRs8oFcaCCvLxX$1$VG/
!
ip subnet-zero
ip name-server x.x.x.x
ip name-server y.y.y.y
ip name-server z.z.z.z
!
!
interface Ethernet0
description to Internal network
ip address 10.10.10.1 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
!
interface Serial0
description to ISP
ip address 1.1.1.1 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial1
no ip mroute-cache
no ip directed-broadcast
shutdown
!
router bgp 100
no auto-summary
redistribute connected
neighbor 1.1.1.2 remote-as 200 <---- ISP's ASN
neighbor 1.1.1.2 version 4
neighbor 1.1.1.2 route-map To_ISP out
!
ip classless
ip route 0.0.0.0 0.0.0.0 Serial0 <----- Default route, if partial routes are receiving from ISP, you must have this default route statement. You can request ISP to send default route through BGP.
!
ip prefix-list 1 description announcing routes to ISP
ip prefix-list 1 seq 5 permit 10.10.10.0/24 le 32
!
route-map To_ISP permit 10
match ip address prefix-list 1
set metric 300
!
line con 0
line aux 0
line vty 0 4
login
!
end

[Router 2/ISP]

Current configuration:
!
version 12.x
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service udp-small-servers
service tcp-small-servers
!
hostname Router2
!
enable secret 5 Pl$RwwQMKXmRs8oFcaCCvLxX$1$VG/
!
ip subnet-zero
ip name-server x.x.x.x
ip name-server y.y.y.y
ip name-server z.z.z.z
!
!
interface POS1/0
description to Uplink
ip address x.x.x.x 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
!
:
:
:
!
interface Serial0
description to ISP
ip address 1.1.1.2 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
interface Serial1
no ip mroute-cache
no ip directed-broadcast
shutdown
!
router bgp 200
neighbor 1.1.1.1 remote-as 100 <---- Other side's ASN
neighbor 1.1.1.1 version 4
neighbor 1.1.1.1 default-originate <---- Sending default route to customer through BGP.
neighbor 1.1.1.1 prefix-list 2 in
!
ip classless
!
ip prefix-list 2 description from customer or peer
ip prefix-list 2 seq 5 permit 10.10.10.0/24 le 32 <---- Accepting smaller block than /24
!
line con 0
line aux 0
line vty 0 4
login
!
end

[Verified]

Router2#sh ip bgp nei 1.1.1.1 ro
BGP table version is 8, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/24 1.1.1.1 0 300 100 ?

Total number of prefixes 1

Router1#sh ip bgp neighbors 1.1.1.2 ro <---- Getting default route from ISP

BGP table version is 10, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 1.1.1.2 0 200 i

Total number of prefixes 1
Router1#

If you have any questions and problems, try our web BGP tutorial page first. And If you still need further assistance, please feel free to contact us by email or use our Forum.cisconet.com

BGP sample configuration Case 1-1

contactus@wirethink.com (CiscoNET) — Tue, 19 May 2009 01:45:03 +0000

Here is a sample eBGP configuration with default route option for someone has a single connection with an ISP or remote site. If you want to see more complex examples(with multiple ISP connections), check a list of BGP sample configuration page. This configuration has been tested and verified at our lab. If you have any questions and problems, try our web BGP tutorial page first. And If you still need further assistance, please feel free to contact us by email or visit our Forum.cisconet.com.

What is the benefits from it? also what situation we can use it ?

If you have only one ISP connection; you don't have to receive all the routes. It just require more memory one our router and make high CPU on CPE

If you have low memory on your CPE

If you are using Ethernet, you don't want to use static route. B/C most of Ethernet type of ISP links are connected Layer 2 switch at somewhere near your location. Meaning if an outage is occured beyond the swith your Ethernet interface won't be down. So, your Ethernet interface would be up/up while ISP link is having an outage. By default route statement. Your router will keep on sending traffic to the next hop.

► Basic eBGP configuration with default route

Assumption

9. IGP : None

Router 1/Customer

Current configuration:
!
hostname Router1
!
interface Ethernet0
description to Internal network
ip address 10.10.10.1 255.255.255.0
no ip directed-broadcast
no ip mroute-cache
!
interface Serial0
description to ISP
ip address 1.1.1.1 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
router bgp 100
no auto-summary
redistribute connected
neighbor 1.1.1.2 remote-as 200 <------ ISP's ASN
neighbor 1.1.1.2 version 4
neighbor 1.1.1.2 prefix-list 1 out
!
ip classless
!
ip prefix-list 1 description announcing routes to ISP
ip prefix-list 1 seq 5 permit 10.10.10.0/24 le 32
!
line con 0
line aux 0
line vty 0 4
login
!
end

Router 2/ISP A

Current configuration:
!
hostname Router2
!
interface Serial0
description to ISP
ip address 1.1.1.2 255.255.255.252
no ip directed-broadcast
no ip mroute-cache
no fair-queue
!
router bgp 200
neighbor 1.1.1.1 remote-as 100 <---- Other side's ASN
neighbor 1.1.1.1 version 4
neighbor 1.1.1.1 default-originate <---- Sending default route to customer through BGP.
neighbor 1.1.1.1 prefix-list 2 in
!
ip classless
!
ip prefix-list 2 description from customer or peer
ip prefix-list 2 seq 5 permit 10.10.10.0/24 le 32 <---- Accepting smaller block than /24
!
line con 0
line aux 0
line vty 0 4
login
!
end

Verifing output

Router1#sh ip bgp nei 1.1.1.12 ro
BGP table version is 8, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0/24 1.1.1.2 0 0 200 ?

Total number of prefixes 1

If you have any questions and problems, try our web BGP tutorial page first. And If you still need further assistance, please feel free to contact us by email or use our Forum.cisconet.com

[Cisco] BGP md5 authentication configuration

contactus@wirethink.com (CiscoNET) — Tue, 19 May 2009 01:38:04 +0000

Well, in these days, not many people want to setup BGP MD5 for security concerns. Back in 2005, after some guy reported a threat on BGP sessions with ISP. There were rush to setup MD5.

Actually, the MD5 authentication is not on the BGP session. The authentication is on the TCP session. It provides a method by which each of the TCP peers is able to verify with a higher degree of certainty that packets apparently received from the TCP peer actually originated from the TCP peer. This keeps packets which are spoofed into the session from being used as valid packets in the session, so providing another layer of security to the eBGP session.

Below configuration is sample of MD 5 on Cisco router

neighbor xx.xx.xx.xx remote-as
neighbor xx.xx.xx.xx Full-routes
neighbor xx.xx.xx.xx prefix-list < for Inbound route filter> in
neighbor xx.xx.xx.xx password <actual password>
neighbor xx.xx.xx.xx maximum-prefix 1000

And save configuration file.

Configuring a Conditional BGP Advertisement Feature

contactus@wirethink.com (CiscoNET) — Tue, 19 May 2009 01:06:09 +0000

If you have already read article " Major inbound traffic control problem in real ISP market ", you will know why we need this solution. I should say this is NOT the best solution, but you might have this option on your mind in case it's feasible. This option won't fit on certain network condition. I will tell you why through below example.

Basically, whole idea is that once your primary connection goes down, secondary BGP will start announcing your block(ex, 63.55.x.x/24). In another word, whatever reason, primary connection is down, the ip route on the connection would be removed from BGP table, as long as BGP processor has detected the IP route is not on BGP table, it will trigger to second BGP speaker to start announcing the customer's IP block(ex, 63.55.x.x/24).

Attention: Even thought primary BGP session is down, if your primary connection is not down, your secondary BGP speaker won't start announcing the customer IP block (ex, 63.55.x.x/24). B/C, the IP block that is assigned on primary connection is still on BGP table. So, Metro Ethernet, frame-relay, etc, certain condition of circuit type won't do any good job for this solution. Keep in mind and don't blame me.
Also, it will have

See Pic 1.

Pic 1.

Once applied conditional BGP announement solution, only BGP is announcing customer's IP block (63.55.x.x/24). And clearly, all the traffic will go through primary ISP connection.

Whatever reason, primary connection(serial link in this case) is down, Serial IP block(normally /30) will be removed from BGP table. And secondary BGP session will start announcing customer's IP block (63.55.x.x/24) to Tier 2 ISP in this case.

I do see one minor issue would be propagation delay. We can change BGP hold timer to 12 sec (keepalive 4 sec) to fast convergence time. However, still propagation delay while ISP routers learn a new path. If BGP failed over with 1-2 minute down time, it is feasible solution.

Let's see router configurations

Serial IP address with ISP "A" = 10.20.30.0/30
Serial IP address with ISP "tier 2" = 10.20.30.4/30
Customer's route = 65.55.x.x/24

Customer router

interface Serial 1
ip address 10.20.30.1 255.255.255.252

interface Serial 2
ip address 10.20.30.5 255.255.255.252

Customer#sh run | beg bgp
router bgp 10
no synchronization
bgp log-neighbor-changes
redistribute connected
neighbor 10.20.30.2 remote-as 20
neighbor 10.20.30.2 timers 10 30
neighbor 10.20.30.6 remote-as 30
neighbor 10.20.30.6 advertise-map Advertise non-exist-map non_exist

access-list 1 permit 65.55.x.x 0.0.0.255
access-list 2 permit 10.20.30.0 0.0.0.3

route-map non_exist permit 10
match ip address 2
!
route-map Advertise permit 10
match ip address 1

ISP "A" Router

interface Serial 1
ip address 10.20.30.2 255.255.255.252

router bgp 20
no synchronization
bgp log-neighbor-changes
neighbor 10.20.30.1 remote-as 10

ISP (Tier2) Router

interface Serial 1
ip address 10.20.30.6 255.255.255.252

router bgp 30
no synchronization
bgp log-neighbor-changes
neighbor 10.20.30.5 remote-as 10

Reference;
http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080094309.shtml