We can run two types of BGP routing on our network:
Internal BGP (iBGP)
iBGP exchanges BGP information within an autonomous system. Internal BGP sounds counterintuitive, since BGP is supposed to be an "external" routing protocol. The point of internal BGP is to distribute your BGP information between your external BGP routers. Your external routers are usually not close together; iBGP allows them to communicate across your internal network. iBGP is necessary in networks that have multiple paths to the Internet. It provides a consistent view of routes to and from the Internet.
External BGP (eBGP)
eBGP distributes your BGP routing information to other autonomous systems. For example, external BGP is used for routing between your local network and two different ISPs.
Many people make BGP out to be the ultimate solution for advanced routing problems. It isn't, and using BGP successfully requires careful planning and design. Therefore, before deciding that you need BGP, you should think carefully about your options and what you're trying to accomplish. Here are some guidelines for when you should avoid BGP:
Once you decide that you need BGP, keep in mind that BGP becomes complex quickly. Keeping things as simple as possible is preferable for both operation and troubleshooting. (Isn't that true for all network protocols?) Furthermore, BGP requires (or demands) that routing policies exist for your network. For example, if you have two ISPs, you need to think about which link to prefer. Should you use the closest link? Should you suppress routes from your ISP? If so, which routes? We examine these configuration items later in this chapter.
10.1.1. How BGP Selects Routes
Before we jump into BGP configuration, you should understand the routing metrics it uses. BGP uses more information than other routing protocols to select routes. The most important parameters that go into route selection are:
Weight
Weight is a purely local measure of which route to prefer. A weight is given to a route on a particular router (via a route map, for example) and is used only within that router. The weight is never given to other routers. The higher the weight of a route, the better the route is. Weight is configurable and can be used to select one route over another.
Local preference
Local preference is another measure of which route to prefer. Unlike weight, local preferences are shared among iBGP routers. However, they are not shared with external BGP routers. The default local preference is 100. As with weight, higher numbers indicate better routes.
Multi-exit discriminator (MED)
MED values describe our routes to external routers. Unlike preference and weight, MED actually leaves our network and tells our neighbor routers which link we want them to talk to. And unlike the other metric values, the lower the MED value, the better the route. The default MED value is zero (0).
The name "multi-exit discriminator" is unfortunate and makes the concept unnecessarily confusing. The BGP designers were thinking from the point of view of your ISP: which exit from the ISP's network should be used to reach you? As a result, the MED will make much more sense if you turn it around and think of it as a "multi-entrance discriminator." That is, you use the MED to tell your ISPs which of several entrances to your network they should use. You should use MED values only if you are multihomed to a single provider.
AS path
BGP routing is based on the list of autonomous systems that are traversed in order to reach a destination. This list is called an AS path. Shorter AS paths are preferred, but there are many ways to filter routes based on their AS paths. AS paths allow BGP to detect routing loops.
BGP selects only one route for a destination; this route is added to the route table and distributed to BGP peers. Here's the process by which a route is selected:
10.1.2. Basic Configuration Commands
Basic configuration relies on a number of familiar commands, such as router, network, and neighbor. However, the BGP versions of these commands are a little more complex than for other routing protocols. This section covers the basic configuration items.
10.1.2.1. The router and network commands
We start our configuration by giving our autonomous system number in the router bgp command. Here, 500 is our AS number:
router bgp 500 network 10.0.0.0
In other protocols, such as EIGRP and OSPF, we chose the AS numbers pretty much however we pleasedwe were required only to be consistent within our own network. In fact, although they are frequently called AS numbers, the numbers associated with EIGRP and OSPF routing processes are really just process IDs. With BGP, you're dealing with true AS numbers, and each AS number must fit into the rest of the global BGP design. This number is given to you by your service provider and must be used appropriately.
In this example, we'll advertise a route to the network 10.10.2.0. This network doesn't have to be directly connected to the router in order for us to advertise it. We don't provide a network mask, as BGP assumes the old classful addressing scheme when a mask isn't provided explicitly. If this is not what you want, you need to add the mask option to specify a classless network. The following network command advertises the network 10.10.2.0/23:
router bgp 500 network 10.10.2.0 mask 255.255.254.0
10.1.2.2. The neighbor command
Next, we need to define our routing peers with the neighbor command. This step also defines whether we are using iBGP or eBGP. If our neighbor router has the same AS number, we are using iBGP. If our neighbor has a different AS number, we are configuring eBGP. In this case, we configured a neighbor with a different AS number, meaning that we are using eBGP. Most configurations will have several neighbor commands.
router bgp 500 neighbor 192.168.1.5 remote-as 400
Neighbors don't have to be in an equivalent network statement. For example, we can have the neighbor 192.168.1.5 and not have a network equivalent or subnet of 192.168.1.0/24. Our IGP routing protocol might have the route we need to access that neighbor. We are using the neighbor command only to specify our peers.
When configuring BGP, you often need to list several neighbor commands for each neighboring router. The neighbor command can take a number of optional keywords, including default-originate and next-hop-self, both of which are discussed later.
|
10.1.2.3. Local-AS numbers
Just as there are private Class C IP addresses (e.g., 10.0.0.0/8 and 192.168.0.0/16), there are private AS numbers to be used for internal networks. This means that it is possible to use BGP for internal routing or routing between you and your ISP even if you're not involved with the Internet backbone. Situations in which you'd want to do this are rare, but you might consider it if you were managing an extremely large network with a number of connections to a single ISP. The AS numbers reserved for local use range from 64512 to 65535. Just as with private IP addresses, your network provider should filter these AS numbers so that they never appear outside your network.
10.1.2.4. Synchronization
In BGP , synchronization means that a BGP router is not allowed to advertise a route that is learned from another BGP peer until the router knows about the route via an IGP. Synchronization can take time, and in most cases it isn't needed. Disabling synchronization removes this rule. Although disabling synchronization adds the possibility of dropped packets, it can improve convergence time for your routers. To disable synchronization, add the command no synchronization to the BGP configuration.
Synchronization can be disabled safely under either of two conditions: if your network doesn't pass traffic from one AS to another (i.e., other networks do not route their traffic through you), or if all your border routers are running BGP. Disabling synchronization is an absolute must for running iBGP, which is described in the next few sections.
10.1.2.5. Automatic summary
By default, BGP summarizes routes on class boundaries. There are many situations in which you don't want summarization to follow class boundaries. For example, say you're given the IP address space of 172.30.5.0/24, 172.30.6.0/24, and 172.30.7.0/24. When BGP announces your route, it will try to summarize the route to the classful route 172.30.0.0/16. This behavior is almost certainly not what you want.
If your ISP is worth anything, it will block announcements from you that don't match your network. However, you shouldn't rely on your ISP to prevent you from advertising misleading information. Configuring no auto-summary disables automatic summarization.
10.1.2.6. default-originate
default-originate (a keyword that can be appended to the neighbor command) causes the BGP router to advertise a default route to other BGP routers, even if it doesn't have a default route defined for itself. (A default route has the address 0.0.0.0 0.0.0.0.)
10.1.2.7. next-hop-self
When an iBGP router advertises a route, it advertises the next hop of the route as it learned it. The next-hop-self keyword (used with the neighbor command) tells the router to rewrite the route's next hop as itself. For example, if you have next-hop-self configured from Router 1 to Router 2, Router 1 tells Router 2 that it is the next hop for the routes that it sends to Router 2.
10.1.2.8. BGP route dampening
Route dampening controls the effect that a flapping route has on the network. Route flapping occurs when a route changes state (up to down, or down to up) repeatedly. This can happen when a router has a bad interface or some other problem exists. Flapping is a problem for any routing protocol, BGP included: when a route changes state, BGP tries to propagate this information to the other routers, consuming a lot of CPU time and network bandwidth in addition to distributing unreliable information.
BGP handles route flapping with the bgp dampening command. When this feature is activated, the router tolerates only a certain number of state changes for a route within a certain amount of time. If the state-change threshold (tolerance) is reached, the route is placed in a hold-down (ignored) state for a period. After the hold-down time passes, the route is again allowed into the routing table to see if it behaves. Dampening doesn't stop the route from receiving unstable routes; rather, it prevents the routing from forwarding what it considers to be unstable routes.
You can set the hold-down time and tolerance values with the dampening command; if these values are not set, the router uses default values.
10.1.2.9. iBGP checklist
There are two ways to get iBGP to work correctly. The first is to redistribute all external routes into all of your iBGP routers . This method is not a good idea; the routing table might be large, and some of your routers may not be able to handle it. A much better way to implement iBGP is to:
The example in the next section takes care of all three requirements.
Getting Started
IOS Images and Configuration Files
Basic Router Configuration
Line Commands
Interface Commands
Networking Technologies
Access Lists
IP Routing Topics
Interior Routing Protocols
Border Gateway Protocol
Quality of Service
Dial-on-Demand Routing
Specialized Networking Topics
Switches and VLANs
Router Security
Troubleshooting and Logging
Quick Reference
Appendix A Network Basics
Index