A confederacy is a group of cooperating autonomous systems working together as a single AS. Confederacies allow you to divide an AS into smaller, more manageable pieces. The main reason for doing so is the meshing requirement for iBGP. With 10 to 20 routers, meshing is pretty manageable. However, as your network grows larger, managing all the peer relationships can get very complicated. Confederacies allow you to break up your network into little autonomous systems, making it easier to handle. Inside each little AS, all the iBGP routers are fully meshed. Outside, all the little autonomous systems are fully meshed to each other.
Figure 10-4 shows a network on which we'd like to use confederacies . AS 500 has seven BGP routers: R1, R2, R3, R4, R5, R6, and R7. If we didn't use confederacies, all seven routers would have to be fully meshed, or we would have to use route reflectors. In this network, route reflectors would be a problem: we would need more than one reflector, and managing them could easily get out of control. However, we can use confederacies to make a more manageable network. They are particularly important for large ISPs, but can also be useful for very large corporate networks.
We can divide AS 500 into three smaller pieces, each of which is connected to a remote AS. Since they are interconnected as neighbors, they will be able to advertise their routes. Now only our three main routers (R1, R2, and R3) are fully meshed with each other, while all our other BGP routers are meshed within their respective confederacies. Although each confederacy has its own AS number, outside networks still see us as AS 500.
Figure 10-4. BGP confederacies
Here's how to set up confederacies.
On Router 1:
router bgp 10000 bgp confederation identifier 500 bgp confederation peers 10010 10020 neighbor 10.10.2.1 remote-as 10010 neighbor 10.10.3.1 remote-as 10020 neighbor 10.11.1.1 remote-as 600
On Router 2:
router bgp 10010 bgp confederation identifier 500 bgp confederation peers 10000 10020 neighbor 10.10.1.1 remote-as 10000 neighbor 10.10.3.1 remote-as 10020 neighbor 10.12.1.1 remote-as 700
On Router 3:
router bgp 10020 bgp confederation identifier 500 bgp confederation peers 10000 10010 neighbor 10.10.1.1 remote-as 10000 neighbor 10.10.2.1 remote-as 10010 neighbor 10.13.1.1 remote-as 800