Configuring EGP
| You can configure EGP on a router in four basic steps:
The first three steps are demonstrated in the first case study, along with several approaches to Step 4. Case Study: An EGP Stub GatewayFigure 1-10 shows an EGP stub gateway in AS 65502, connected to a core gateway in AS 65501. The IGP of the stub AS is RIP. Figure 1-10. EGP Stub Gateway Advertises the Interior Networks of AS 65502 to the Core Gateway Example 1-7 shows the initial configuration of the stub gateway. Example 1-7 Stub Gateway Configuration for Figure 1-10autonomous-system 65502 ! router rip redistribute connected redistribute egp 65501 metric 5 network 172.16.0.0 ! router egp 65501 neighbor 192.168.16.1 Notice that the local AS (LAS) is specified by the autonomous-system statement, and the far AS (FAS) is specified by the router egp statement. An EGP process cannot be configured until the LAS is configured. The EGP process is told where to find its peer by the neighbor statement. Buster's routing table (see Example 1-8) contains both EGP route entries learned from the core gateway and RIP entries learned from the interior neighbors. Example 1-8 Buster's Routing Table Shows Entries Learned from the EGP Neighbor and from the Interior RIP Neighbors Buster# show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default Gateway of last resort is not set E 10.0.0.0 [140/4] via 192.168.16.1, 00:02:12, Serial3 C 192.168.16.0 is directly connected, Serial3 R 192.168.17.0 [120/1] via 172.16.1.2, 00:00:05, Ethernet0 E 192.168.19.0 [140/4] via 192.168.16.1, 00:02:13, Serial3 E 192.168.20.0 [140/4] via 192.168.16.1, 00:02:13, Serial3 E 192.168.21.0 [140/4] via 192.168.16.1, 00:02:13, Serial3 E 192.168.22.0 [140/4] via 192.168.16.1, 00:02:13, Serial3 172.16.0.0 255.255.255.0 is subnetted, 2 subnets C 172.16.1.0 is directly connected, Ethernet0 R 172.16.2.0 [120/1] via 172.16.1.2, 00:00:05, Ethernet0 R 172.17.0.0 [120/1] via 172.16.1.2, 00:00:05, Ethernet0 Buster# The EGP-learned routes are being redistributed into RIP with a metric of 5 (see Example 1-9). Notice that directly connected networks are also being redistributed into RIP. This configuration is necessary to advertise network 192.168.16.0 into the LAS; split horizon prevents Stan from advertising the network to Buster via EGP. An alternative configuration is to add a network 192.168.16.0 statement to the RIP configuration, along with a passive-interface statement to keep RIP broadcasts off of the inter-AS link. Example 1-9 Routing Table from a Router Interior to AS 65502 Shows the Redistributed EGP Routes Charlie# show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default Gateway of last resort is not set R 10.0.0.0 [120/5] via 172.16.1.1, 00:00:13, Ethernet0 R 192.168.16.0 [120/1] via 172.16.1.1, 00:00:13, Ethernet0 C 192.168.17.0 is directly connected, Ethernet3 R 192.168.19.0 [120/5] via 172.16.1.1, 00:00:13, Ethernet0 R 192.168.20.0 [120/5] via 172.16.1.1, 00:00:13, Ethernet0 R 192.168.21.0 [120/5] via 172.16.1.1, 00:00:13, Ethernet0 R 192.168.22.0 [120/5] via 172.16.1.1, 00:00:13, Ethernet0 172.16.0.0 255.255.255.0 is subnetted, 2 subnets C 172.16.1.0 is directly connected, Ethernet0 C 172.16.2.0 is directly connected, Ethernet1 172.17.0.0 255.255.255.0 is subnetted, 1 subnets C 172.17.3.0 is directly connected, Ethernet2 Charlie# As Buster's EGP configuration stands so far, network information is being received from the core, but no interior networks are being advertised to the core (see Example 1-10). Example 1-10 Stan's Routing Table Shows That None of the Interior Networks from AS 65502 Are Being Learned from Buster Stan# show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default Gateway of last resort is not set E 10.0.0.0 [140/4] via 192.168.18.2, 00:01:56, Serial1 C 192.168.16.0 is directly connected, Serial0 C 192.168.18.0 is directly connected, Serial1 E 192.168.19.0 [140/1] via 192.168.18.2, 00:01:57, Serial1 E 192.168.20.0 [140/4] via 192.168.18.2, 00:01:57, Serial1 E 192.168.21.0 [140/4] via 192.168.18.2, 00:01:57, Serial1 E 192.168.22.0 [140/1] via 192.168.18.2, 00:01:57, Serial1 Stan# One option for configuring EGP to advertise the interior networks is to add a redistribute rip statement. However, there are hazards associated with mutual redistribution. The danger is more pronounced when there are topological loops or multiple redistribution points, but even a simple design like the one in Figure 1-10 can be vulnerable to route feedback. For safety, route filters should always be used with mutual redistribution configurations to ensure that no interior network addresses are accepted from the exterior gateway, and no exterior addresses are advertised to the exterior gateway. The problems associated with mutual redistribution are introduced in Routing TCP/IP, Volume I and are discussed in further detail in Chapter 2, "Introduction to Border Gateway Protocol 4," and Chapter 3, "Configuring and Troubleshooting Border Gateway Protocol 4," of this book. A better approach to configuring EGP to advertise interior networks is to use the network statement. When used with EGP or BGP, the network statement has a different function from when used with an IGP configuration. For example, the network 172.16.0.0 statement under Buster's RIP configuration instructs the router to enable RIP on any interface that has an IP address in the major network 172.16.0.0. When used in conjunction with an inter-AS protocol, the network statement tells the protocol what network addresses to advertise. Example 1-11 shows Buster's configuration to advertise all the networks in AS 65502. Example 1-11 Buster Configuration to Advertise All Networks in AS 65502autonomous-system 65502 ! router rip redistribute connected redistribute egp 65501 metric 5 network 172.16.0.0 ! router egp 65501 network 172.16.0.0 network 172.17.0.0 network 192.168.17.0 neighbor 192.168.16.1 Example 1-12 shows Stan's routing table after the network statements have been added to Buster's EGP configuration. The advantage of using the network statement under EGP rather than redistribution is somewhat akin to the advantage of using static routes rather than a dynamic routing protocol: Both allow precise control over network reachability. In the case of EGP, the precision is limited by EGP's classfulness. Although you can keep a major network "private" by not specifying it in a network statement, the same cannot be said of individual subnets. Refer back to Example 1-8, which shows that Buster's routing table contains subnets 172.16.1.0/24 and 172.16.2.0/24. Reexamining the EGP Update message format in Figure 1-8, you will recall that the Update carries only the major class portion of the IP network: the first octet of a Class A network, the first two octets of a Class B network, and the first three octets of a Class C network. Therefore, the network statement under EGP can specify only major networks. Example 1-12 Buster Is Now Advertising the Interior Networks of AS 65502 to Stan Stan# show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default Gateway of last resort is not set E 10.0.0.0 [140/4] via 192.168.18.2, 00:00:27, Serial1 C 192.168.16.0 is directly connected, Serial0 E 192.168.17.0 [140/1] via 192.168.16.2, 00:01:38, Serial0 C 192.168.18.0 is directly connected, Serial1 E 192.168.19.0 [140/1] via 192.168.18.2, 00:00:27, Serial1 E 192.168.20.0 [140/4] via 192.168.18.2, 00:00:27, Serial1 E 192.168.21.0 [140/4] via 192.168.18.2, 00:00:27, Serial1 E 192.168.22.0 [140/1] via 192.168.18.2, 00:00:27, Serial1 E 172.16.0.0 [140/1] via 192.168.16.2, 00:01:39, Serial0 E 172.17.0.0 [140/1] via 192.168.16.2, 00:01:39, Serial0 Stan# Case Study: An EGP Core GatewayBy definition, an EGP core gateway can peer with multiple neighbors within multiple far autonomous systems and can pass network information from one FAS to another FAS. Because of this, the configuration of a core gateway differs slightly. Figure 1-11 shows a core router, Stan, which is peered with a router in a FAS (Buster) and a router within its LAS (Ollie). Figure 1-11. Core Router Stan Must Peer with Both Remote Neighbor Buster and Local Neighbor Ollie Example 1-13 demonstrates the EGP configuration of Stan in Figure 1-11 . Example 1-13 Core Gateway Configuration for Network Topology in Figure 1-11autonomous-system 65501 ! router egp 0 network 192.168.16.0 neighbor any The LAS is still specified with the autonomous-system command, but the FAS is not specified by the router egp command. Instead, an AS number of 0 is used to specify any AS. Likewise, neighbors are specified with a neighbor any command, to respond to any neighbor that sends Acquisition messages. The neighbor any command implicitly configures neighbors, whereas the neighbor command explicitly configures neighbors. Core gateways can have explicitly configured neighbors, but the implicit neighbor any makes life simpler when there are a large number of neighbors, as might be expected at a core gateway. Of course, at least one neighbor must have an explicit neighbor configuration; two neighbors cannot discover each other if they both have a neighbor any command. Example 1-14 shows the configuration for the neighbor Ollie in Figure 1-11. Example 1-14 Neighbor Configuration for Ollie in the Network Topology of Figure 1-11autonomous-system 65501 ! router egp 0 network 192.168.19.0 neighbor 192.168.18.1 neighbor any Although Ollie still picks up its external neighbors with the neighbor any command, Stan's address is explicitly configured. If it were not, Stan and Ollie would be unaware of each other's existence. With the configuration in Example 1-14, the core gateway will pass reachability information about networks external to its own AS to every other external AS. The core gateway will not, however, pass information about the networks in its own AS. You can see in Buster's routing table of Example 1-8, for instance, that there is no entry for network 192.168.18.0. If the interior networks are to be advertised, Stan must have a network statement for each network to be advertised. The only network statement shown is for 192.168.16.0, which allows Ollie to receive information about that network. Look again at Buster's routing table. Notice that there is an entry for network 192.168.19.0. This entry is the result of the network 192.168.19.0 statement in Ollie's configuration in Example 1-14. What happens if a core should not peer with every EGP-speaking neighbor? In Figure 1-12, the three routers in AS 65506 are all running EGP, but Stan should peer with only Spanky and Buckwheat. Alfalfa should peer with Ollie. Of course, the core administrator could trust the administrator of AS 65506 to set up the correct peering with neighbor statements, but trust is seldom good enough in inter-AS routing. Figure 1-12. Spanky and Buckwheat Must Peer Only with Stan, Whereas Alfalfa Must Peer Only with Ollie In this example, all three gateways in AS 65506 have neighbor statements for both Stan and Ollie. To regulate the peering, an access list is used with the neighbor any statement, as demonstrated in the configuration for Stan in Example 1-15. Example 1-15 Regulating Peering with Access Lists Using the neighbor any Commandautonomous-system 65501 ! router egp 0 network 192.168.16.0 neighbor any 10 ! access-list 10 deny 172.20.1.2 access-list 10 permit any In Example 1-15, the neighbor any statement contains a reference to access list 10, which denies Alfalfa (172.20.1.2) and permits all other neighbors. A similar configuration at Ollie denies Spanky and Buckwheat and permits all other neighbors. Example 1-16 shows the results of this configuration. Example 1-16 The show ip egp Command Displays Information About EGP NeighborsStan# show ip egp Local autonomous system is 65501 EGP Neighbor FAS/LAS State SndSeq RcvSeq Hello Poll j/k Flags *192.168.18.2 65501/65501 UP 10 3 4 60 180 4 Temp, Act *192.168.16.2 65502/65501 UP 3:20 39 39 60 180 4 Temp, Act *172.20.1.1 65506/65501 UP 4 2 2 60 180 4 Temp, Act *172.20.1.3 65506/65501 UP 10 4 4 60 180 4 Temp, Act Stan# _______________________________________________________________________ Ollie# show ip egp Local autonomous system is 65501 EGP Neighbor FAS/LAS State SndSeq RcvSeq Hello Poll j/k Flags *192.168.18.1 65501/65501 UP 9 4 3 60 180 4 Perm, Pass *172.20.1.2 65506/65501 UP 13 5 5 60 180 4 Temp, Act Ollie# Using the show ip egp command with Stan and Ollie shows that Ollie is peered with Alfalfa and Stan is peered with Spanky and Buckwheat. NOTE The details of the fields displayed by the show ip egp command are discussed in the section "Troubleshooting EGP." For now, the addresses of the neighbors are of interest. Case Study: Indirect NeighborsIn Figure 1-13, three stub gateways (Groucho, Harpo, and Chico) are connected to the core gateway named Ollie. Groucho and Harpo, in separate autonomous systems, share a common Ethernet and can therefore be configured as indirect or third-party neighbors. Figure 1-13. EGP Indirect Neighbors Groucho and Harpo cannot exchange EGP information directly, but they can route packets directly to each other if Ollie advertises them as indirect neighbors. Example 1-17 shows the configuration for Ollie. Example 1-17 Advertising Indirect EGP Neighbors to One Another Enables the Routing of Packets Between Indirect EGP Neighborsautonomous-system 65501 ! router egp 0 network 192.168.19.0 network 192.168.22.0 network 192.168.18.0 neighbor 192.168.19.3 neighbor 192.168.19.3 third-party 192.168.19.2 neighbor 192.168.19.2 neighbor 192.168.19.2 third-party 192.168.19.3 neighbor 192.168.18.1 neighbor any In the configuration in Example 1-17, Groucho and Harpo are explicitly configured as neighbors. Following the neighbor statements for the two routers are neighbor third-party statements. These entries specify the neighbor in question and then specify that gateway's indirect neighbor on the shared Ethernet. Notice that Chico, which is not on the shared Ethernet, falls under the neighbor any statement. Example 1-18 shows the core gateway's indirect neighbors recorded as Third Party. Example 1-18 Displaying Core Gateway Indirect Neighbors Ollie# show ip egp Local autonomous system is 65501 EGP Neighbor FAS/LAS State SndSeq RcvSeq Hello Poll j/k Flags *192.168.19.3 65504/65501 UP 5TE 8 249 60 180 4 Perm, Act *192.168.19.2 65503/65501 UP 5TE 8 3177 60 180 4 Perm, Act *192.168.18.1 65501/65501 UP 5TE 9 3192 60 180 4 Perm, Pass *192.168.22.2 65505/65501 UP 5TE 5 3170 60 180 4 Temp, Act EGP Neighbor Third Party *192.168.19.3 192.168.19.2 *192.168.19.2 192.168.19.3 Ollie# Ollie's EGP neighbor table indicates that Groucho and Harpo (192.168.19.2 and 192.168.19.3, respectively) have been configured as indirect neighbors of each other. Harpo's routing table (see Example 1-19) shows the results of the indirect neighbor configuration. Rather than pointing to the core gateway as the next hop to network 192.168.20.0 in AS 65503, the next hop points directly to Groucho (192.168.19.2). Example 1-19 Routing Table Displays Next-Hop Routes to Indirect NeighborsHarpo# show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default Gateway of last resort is not set E 10.0.0.0 [140/4] via 192.168.19.1, 00:02:21, Ethernet0 E 192.168.16.0 [140/4] via 192.168.19.1, 00:02:21, Ethernet0 E 192.168.17.0 [140/4] via 192.168.19.1, 00:02:21, Ethernet0 E 192.168.18.0 [140/1] via 192.168.19.1, 00:02:21, Ethernet0 C 192.168.19.0 is directly connected, Ethernet0 E 192.168.20.0 [140/4] via 192.168.19.2, 00:02:21, Ethernet0 E 192.168.21.0 [140/4] via 192.168.19.1, 00:02:22, Ethernet0 E 192.168.22.0 [140/1] via 192.168.19.1, 00:02:22, Ethernet0 E 172.16.0.0 [140/4] via 192.168.19.1, 00:02:22, Ethernet0 E 172.17.0.0 [140/4] via 192.168.19.1, 00:02:22, Ethernet0 172.18.0.0 255.255.255.0 is subnetted, 1 subnets C 172.18.1.0 is directly connected, Loopback0 Harpo# Harpo's routing table in Example 1-19 shows that network 192.168.20.0 is directly reachable via next hop 192.168.19.2. Without the indirect neighbor configuration, Harpo would have to use 192.168.19.1 as the next hop. Case Study: Default RoutesEGP can be configured to advertise a default route in addition to more specific routes. If an AS has only a single exterior gateway, a default route is usually more efficient than a full list of exterior routes. Memory and processing cycles are conserved on the router, and bandwidth is saved on the link. To advertise a default route into AS 65502, as illustrated previously in Figure 1-13, you configure Stan as demonstrated in Example 1-20. Example 1-20 Advertising a Default Routerouter egp 0 network 192.168.16.0 neighbor any default-information originate distribute-list 20 out Serial0 ! access-list 20 permit 0.0.0.0 The default-information originate command is used to generate the default route. Unlike in other protocols, when the command is used with EGP, there are no optional statements. Notice, too, that a route filter has been added, which permits only the default route to be advertised out of Stan's S0 interface to AS 65502. Without this filter, the default and all more-specific networks would be advertised. Example 1-21 shows the results of the configuration. Example 1-21 192.168.20.1 Is Reachable as a Result of the Default RouteBuster# show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default Gateway of last resort is 192.168.16.1 to network 0.0.0.0 C 192.168.16.0 is directly connected, Serial3 R 192.168.17.0 [120/1] via 172.16.1.2, 00:00:20, Ethernet0 172.16.0.0 255.255.255.0 is subnetted, 2 subnets C 172.16.1.0 is directly connected, Ethernet0 R 172.16.2.0 [120/1] via 172.16.1.2, 00:00:21, Ethernet0 R 172.17.0.0 [120/1] via 172.16.1.2, 00:00:21, Ethernet0 E* 0.0.0.0 0.0.0.0 [140/4] via 192.168.16.1, 00:00:46, Serial3 Buster# ping 192.168.20.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 64/66/76 ms Buster# The routing table of AS 65502's exterior gateway shows that the core gateway is advertising only a default route, by which all the exterior networks in Figure 1-13 are reached. |
![Routing TCP[s]IP (Vol. 22001)](/icons/blank_book.jpg "Routing TCP[s]IP (Vol. 22001)"){kind=icon}