[Top] [Prev] [Next] [Bottom]
This chapter describes how to configure PortMaster products to route using the Border Gateway Protocol (BGP). Lucent implements version 4 of the protocol, as defined in RFC 1771. Also supported are the BGP communities attribute, defined in RFC 1997; BGP autonomous system confederation, defined in RFC 1965; and BGP route reflection, defined in RFC 1966.
Use this chapter in conjunction with the PortMaster Command Line Administrator's Guide. Refer to the glossary and Chapter 1, "Routing Overview," for definitions of terms and for an explanation of how PortMaster products implement BGP.
Note ¯ BGP runs only on PortMaster IRX Routers and the PortMaster 3. Because a full BGP routing table for the entire Internet requires about 7MB of memory, be sure to upgrade your IRX or PortMaster 3 memory to 16MB.
This chapter discusses the following topics:
This section lists the tasks you must perform to configure BGP on your PortMaster for both a simple and a more complex configuration.
The order of BGP configuration is important. You first enable BGP on the PortMaster, and then complete the configuration steps in order for either a simple or advanced configuration.
A simple multihome configuration for an autonomous system with multiple exit points to the Internet requires only the following key steps:
-
Enable BGP routing-see page 4-4.
-
Set the BGP identifier-see page 4-4.
-
Set the autonomous system identifier-see page 4-4.
-
Save the settings by entering the following command:
Command> save all
-
Add the peers and apply a routing method-see page 4-14.
-
Save the settings and reset BGP-see page 4-23.
If you want more control over your BGP routing, you can create and apply your own propagation filters and routing policies through additional configuration steps:
-
Enable BGP routing-see page 4-4.
-
Set the BGP identifier-see page 4-4.
-
Set the autonomous system identifier-see page 4-4.
-
Save the settings by entering the following command:
Command> save all
-
(Optional) define propagation filters-see page 4-6.
-
(Optional) define propagation rules-see page 4-7.
-
Define BGP policies-see page 4-8.
-
Add peers and apply policies as needed-see page 4-14 and page 4-15.
-
Configure other options as needed-see page 4-16 through page 4-22.
-
Save the settings and reset BGP-see page 4-23.
This section describes how to configure the PortMaster 3 and the PortMaster IRX for BGP routing. Topics include the following:
You must enable BGP routing on the PortMaster before you can configure BGP settings. To enable routing, enter the following commands:
Command> set bgp enable
Command> save all
Command> reboot
The set bgp enable command causes the PortMaster to load BGP software into memory when it is next rebooted. You must save the setting and reboot the PortMaster for the setting to take effect.
You must save all BGP configuration changes into nonvolatile RAM on the PortMaster. You can save after each setting change, or after a series of changes.
To save the settings you have just configured, enter the following command:
Command> save all
The BGP identifier is an IP address on the PortMaster that identifies the PortMaster as a BGP router to other routers. It is usually the IP address of one of the interfaces on the PortMaster.
To set the BGP identifier, enter the following command:
Command> set bgp id Ipaddress
Ipaddress must be specified in dotted decimal notation.
The autonomous system (AS) identifier is the number used to identify the autonomous system to which the router belongs. The autonomous system identifier is supplied by InterNIC.
To set the autonomous system identifier, enter the following command:
Command> set bgp as ASN
If autonomous system confederations are in use, this identifier functions as your confederation's autonomous system number as it appears to peers outside the confederation.
You can avoid the overhead of having all peers within an autonomous system fully meshed by dividing an autonomous system into multiple smaller autonomous systems called confederation member autonomous systems (CMAS). These CMASs are grouped into a single confederation. You specify an identifier for the CMAS. The router advertises this autonomous system identifier to peers that are marked as confederation members in its configuration so that the confederation can be recognized by other confederation members. A confederation appears like a single autonomous system to external autonomous systems.
Subdividing an autonomous system into a confederation changes the peer relationships of confederation members in different CMASs from internal to external. If you confederate an autonomous system, you must ensure that all routers in the autonomous system belong to a CMAS; however, the policies used by BGP peers can change across confederation boundaries.
To set the autonomous system identifier for the BGP confederation member, enter the following command:
Command> set bgp cma ASN
Choosing a value of 0 (zero) disables use of confederations in this router. By default, this parameter is not set.
Confederations are one method for avoiding the overhead of having all peers within an autonomous system fully communicate to-be fully meshed with-each other. Route reflection clusters provide an alternative method, but require the use of identical policies on all peers within the autonomous system.
A cluster is a set of BGP internal peers within an autonomous system. An autonomous system can be divided into many clusters. Each cluster must have one or more internal peers configured as route reflectors. The remaining peers in the cluster are called route reflector clients. Peers configured as route reflectors in an autonomous system are fully meshed with each other and with all other nonreflector clients in the autonomous system. Clients are configured as peers only with route reflectors in their cluster.
Dividing an autonomous system into route reflector clusters results in less network traffic and CPU overhead than a fully meshed system. Route reflector clusters are simpler to configure than confederations but do not allow the degree of policy control that is possible across confederation boundaries. The primary advantage of route reflectors is that they allow the PortMaster to interoperate with BGP peers that cannot be configured into confederations.
All route reflectors within a cluster must be configured with the same cluster ID. The cluster ID is not configured on the route reflector clients in the cluster.
To set the BGP route reflector cluster ID, enter the following command:
Command> set bgp cluster-id Ipaddress
The Ipaddress is in dotted decimal format. It can be any value but is typically the router ID of one of the route reflectors. Setting the value to 0.0.0.0 removes the cluster ID and prevents this router from being a route reflector.
Propagation settings let you specify how routes coming from one routing protocol are translated and advertised by the PortMaster into another routing protocol. You control route propagation in the following ways:
The propagation filter is an IP access filter that you create in the filter table on the PortMaster. It uses source and destination IP prefixes and netmasks to specify protocol translation by route.
To define a propagation filter and specify the route you want to apply protocol translation to, enter the following commands:
Command> add filter Filtername
Command> set filter Filtername RuleNumber permit|deny Prefix(src)/NM Prefix(dest)/NM
Add other keywords and values as needed to the set filter command. For information about setting filters, refer to the Configuration Guide for PortMaster Products.
You define a propagation rule to determine how routes coming into the PortMaster in one protocol are translated and advertised in another protocol. A filter must first be created in the filter table of the PortMaster.
To define a propagation rule, enter the following command:
Command> add propagation Protocol(src) Protocol(dest) Metric Filtername
Use the appropriate keyword-rip, static, ospf, bgp-to designate the source and destination protocols. Metric is a common metric used to translate from one protocol to another. A metric of 0 causes the PortMaster to attempt to build a metric automatically.
Caution ¯ If you plan to use a constant metric instead of the automatically generated metric provided by the ComOS, you run the risk of creating routing loops if you do not provide for filters or policies to screen the route information the PortMaster accepts from each routing protocol.
Each time the propagation rules are changed, you must reset the propagation rules system using the following command:
Command> reset propagation
To delete an existing propagation rule, enter the following command:
Command> delete propagation Protocol(SRC) Protocol(dest)
Follow this procedure to change or delete a propagation rule:
-
Delete the existing propagation rule as follows:
Command> delete propagation Protocol(SRC) Protocol(dest)
-
If you are changing a rule, add the revised propagation rule as follows:
Command> add propagation Protocol(SRC) Protocol(dest) Metric Filtername
-
Reset the propagation rules system as follows:
Command> reset propagation
-
Follow any additional instructions prompted by the PortMaster.
A BGP policy is a list of rules that constrain the BGP routes your PortMaster accepts from its peers, uses, and advertises to its peers. You can use the easy-multihome alternative to policies when you add each BGP peer to your peer group, or you can define your own policies.
A PortMaster uses an acceptance policy to determine whether to admit an IP prefix (received in an update from a BGP peer) into its BGP database for further consideration as a route. If the PortMaster accepts the IP prefix, it uses an injection policy to determine whether to use the route to forward packets, and an advertisement policy to determine whether to advertise the route to its BGP peers.
This section discusses the three types of policies and describes how to create them. Topics include the following:
When the PortMaster learns a route from a peer, it scans the policy list. If a policy is applied to the peer and the route does not match any of the rules, the PortMaster does not use the route. If the list contains a rule whose if criteria match information associated with the route, and the rule says deny, the route is also dropped. If the rule says permit, the route is accepted. If a degree-of-preference metric is specified in the then portion of the rule, the metric is used as the degree of preference for this route.
Summarization reduces the number of advertised routes (see "Advertising with Summarization" on page 4-16). Some BGP routes received by your PortMaster might not be summarized. Unsummarized routes can include IP prefixes containing as many as 32 high-order bits-many specific addresses rather than fewer route summaries. If your BGP policy rules accept such routes into your BGP database, you can propagate extremely large numbers of routes to your BGP peers and possibly overwhelm them. To avoid this problem, use the prefix-longer-than keyword in a BGP acceptance policy to deny IP prefixes with a netmask longer than a particular NM value. You might specify, for example, that prefix-longer-than 16 not be advertised.
You can use policy statements to permit or deny certain routes from being reflected.
For each route for which the PortMaster has determined the best possible route, it scans the policy list. If the route does not appear in a rule, the PortMaster denies the route, and it is not passed to the routing table-displayed with the show route command. If the list contains a rule whose if criteria match the route's IP address prefix and path attribute information, and the rule says deny, the route is also dropped. If the rule says permit, the route is accepted and passed to the routing table.
However, before any BGP route information is propagated into another routing protocol, such as OSPF or RIP, the route information must also pass any propagation filtering rules imposed by the add propagation command. See "Propagating Routing Protocols" on page 4-6 for more information.
An injection policy allows the PortMaster to receive and forward BGP routing information, but to forward packets based on simpler criteria. For example, you might want to forward packets only on routes received from OSPF or on a configured default route.
For each route the PortMaster considers for advertisement, it scans the policy list. If the route does not appear in a rule, the PortMaster denies the route, and it is dropped. If the list contains a rule whose if criteria match the route's IP address prefix and path attribute information, and the rule says deny, the route is also dropped. If the rule says permit, the route is advertised to the peer to which this policy applies. If the rule has any then attributes, these override any path attribute values the PortMaster would otherwise send to the other BGP peer.
You can use policy statements to permit or deny reflection of selected routes.
When a route reflector reflects an internal route (learned from internal peers) either from or to a reflector client, the BGP policies for the cluster change as follows:
To create a BGP policy, enter the following command:
Command> add bgp policy Policyname
You can create any number of policies.
To delete a BGP policy, enter the following command:
Command> delete bgp policy Policyname
The reserved policy name all is a predefined policy you can use as an acceptance, injection, and/or advertisement policy to permit or deny all routes.
You can create any number of acceptance policies, injection policies, or advertisement policies. You can create a single policy that includes all three functions, or you can create separate policies for each function. By avoiding the use of if or then clauses when defining rules, you can create rules that permit or deny all prefixes, with no modification.
The set bgp policy command allows you to define rules that determine how BGP routing information is handled. Table 4-1 describes the three parts of a policy rule-also called a policy statement:
Each then attribute applies to either acceptance or advertisement of the routing information, not to both. No attribute applies to injection of BGP routing information into the IP routing table of the PortMaster. As a result, you can combine acceptance, injection, and advertisement policy rules into one rule if they have the same path attribute and IP prefix criteria and are all either permit or deny rules.
Caution ¯ The creation of long, complex lists of policy rules can adversely affect PortMaster CPU performance.
To define a BGP acceptance policy, use the following command:
To define a BGP injection policy, use the following command:
To define a BGP advertisement policy, use the following command:
After adding or changing a rule in a BGP policy, use one of the following commands to apply and save the modified policy:
To remove a rule, specify only the rule number RuleNumber in the command. For example, the command set bgp policy policyname 1, removes rule number 1 from the BGP policy.
You might want to use a common set of policies to define network routing plans and administrative needs. To create a common BGP policy for inclusion in other BGP policies, follow this procedure:
-
Create and define a common BGP policy with the following commands:
Command> add bgp policy permit1011
Command> set bgp policy permit1011 1 permit if prefix 10.0.0.0/8
Command> set bgp policy permit1011 2 permit if prefix 11.0.0.0/8
-
Include this policy by reference in another policy.
-
For example, to insert the permit1011 policy at line 5 of the policy otherone, enter
the following command:
Command> set bgp policy otherone 5 include permit1011
-
Apply and save the modified policy with the following command:
Command> reset bgp
See the Command Line Administrator's Guide for a details about the set bgp policy command.
BGP peers are pairs of routers that send BGP messages to each other. To pass BGP routing information, you must define the peers for your PortMaster router. You define the peer relationship by setting the IP address of the PortMaster (which will be placed in outgoing packets), the destination address of the peer, and the autonomous system number of the peer.
For example, to add a peer to your PortMaster, you enter the following command:
Command> add bgp peer Ipaddress(src) Ipaddress(dest) ASN
The IP addresses of the peers are specified in dotted decimal notation. The autonomous system number of the peer (ASN) is a 16-bit decimal number ranging from 1 to 65535.
You must define the relationship on the PortMaster for each of its peers. The relationship must also be configured on each peer router.
You must include a routing policy for each peer you define. You can create and apply specific routing policies to the peers you create or, alternatively, specify the
easy-multihome routing method for a peer. If you do not specify a routing policy or method for a peer, all routes from the peer are denied.
The easy-multihome method-the default-is a built-in routing policy that combines the functions of acceptance, injection, and advertisement. It restricts the BGP routing table to accept only paths through the remote autonomous system and, optionally, through one additional autonomous system.
To add or modify (set) a peer and specify the default routing method easy-multihome, enter the following command:
When modifying a peer with the set version of this command, you must re-enter all the keywords and values you want to associate with the peer. See the Command Line Administrator's Guide for a complete description of the add|set bgp peer command.
To apply specific routing policies to BGP peers, use the add bgp peer command. Use the optional keywords and values to control how BGP policies are implemented for route selection.
To modify the characteristics of peers that have already been added to the PortMaster, use the set version of the command. When using this version, you must re-enter keywords and values you want to associate with the peer.
You can specify some combination of acceptance, injection, and advertisement policies. See "Working with BGP Policies" on page 4-8 for descriptions of BGP policies and instructions for defining policies.
To add or modify (set) a peer and specify the routing policy as some combination of acceptance, injection, and advertisement, enter the following command:
Note ¯ If you do not specify a policy, all routes are denied for that policy.
See the Command Line Administrator's Guide for a complete description of the add|set bgp peer command.
BGP advertises to peers only routing information that is explicitly specified. These special advertisements are known as summarizations. BGP summarization entries control how Interior Gateway Protocol (IGP) routing information from OSPF, RIP, or static routing is forwarded into BGP for advertisement to BGP peers.
To add or modify a summarization entry, enter the following command:
Include your local autonomous system number (as ASN) in this list to enable the summarization to go to internal peers. You can list up to 14 autonomous systems. Include your CMAS number (cma ASN) in this list to enable the summarization to go to internal peers in your CMAS.
See the Command Line Administrator's Guide for a complete description of the add|set bgp summarization command.
You can assign an arbitrary rating (multi-exit-disc Number) to an external route for advertisement to external or confederation-member peers only. Number is a 32-bit integer. Lower numbers indicate an increased preference for a specific route.
Use this metric to discriminate among multiple exit or entry points between the same pair of neighboring autonomous systems. If you do not assign a multiexit discriminator, the value 1 is assigned by default.
To explicitly prevent advertisement of a multiexit discriminator for IP prefixes matching this rule, set this keyword to 0 (zero). The PortMaster never forwards a 0 value of this metric to any peer, even if 0 was explicitly received from a peer.
A multiexit discriminator configured in a policy takes precedence over one configured in a route summarization. A decision tree showing the rules for applying a multiexit discriminator is shown in Figure 4-1.
For details about multiexit discriminators (MEDs), input multiexit discriminators (IMEDs), and output multiexit discriminators (OMEDs) refer to the BGP configuration chapter in the Command Line Administrator's Guide.
Figure 4-1 Decision Tree for Multiexit Discriminator (MED) Rules
You can assign an arbitrary rating (local-pref Number) to an external route for advertisement to internal or confederation-member peers only. Number is a 32-bit integer. Higher numbers indicate an increased preference for a specific route when more than one route exists. Use this metric to screen a particular autonomous system from your map of routes, for example.
If you do not assign a local preference rating to the IP prefix, a value is assigned as follows:
Figure 4-2 Decision Tree for Degree of Preference (DOP) Rules
The rules for determining local preference (LP) values to be used for route selection depend on the source of the information, as show in Figure 4-3.
Table 4-3 Decision Tree for Local Preference (LP) Rules
For automatic summarizations from static routes, LP is calculated from the formula
LP = (16 - propagation metric of static route); if the propagation method of static routes is the automatic zero (0), LP is calculated from the formula LP = (16 - hop count metric of static route).
The communities attribute (community Tag) variable lets you group a number of BGP destinations under a single name. By assembling destinations into identifiable communities, BGP peers can base policy decisions on the identity of the group rather than on individual destinations. This attribute simplifies the distribution of routing information by grouping a larger number of individual destinations into a smaller number of communities. The community identifier, which can be either one 32-bit value or two 16-bit values, is advertised in update messages between BGP peers.
The settings for community, local preference, and multiexit discriminator in the summarization command interact with those in advertisement policy definitions in the following ways:
When the source router learns a route from internal peers, it forwards the information to any external peers as soon as possible. Enabling the igp-lockstep feature forces the source router to wait until it finds a suitable IGP route (an OSPF, RIP, or static route, or a static route via RADIUS) that supports the route before advertising it. An IGP route supports a BGP route if it has the same address and prefix as the BGP route.
You enable igp-lockstep only when providing a transit service between two autonomous systems.
To enable or disable IGP lockstep, enter the following command:
Command> set bgp igp-lockstep on|off
You can set the interval after which the source router attempts to open sessions to peers that are not fully established.
To set the connection retry interval, enter the following command:
Command> set bgp connect-retry-interval Seconds
The valid range is from 30 to 1000 seconds. The default is 120 seconds.
Note ¯ You must set the same value on all peers.
You can set the interval after which the source router sends keepalive messages to its peers to let them know it is still reachable.
To set the keepalive timer interval, enter the following command:
Command> set bgp keepalive-timer Seconds
The valid range is from 30 to 1000 seconds. The default is 30 seconds.
Note ¯ You must set the same value on all peers.
You can set the interval the source router waits between keepalive, update, or notification messages from a peer. When the peer is identified as no longer operational, all information learned from that peer is dropped.
To set the hold time interval, enter the following command:
Command> set bgp hold-time Seconds
The valid range is from 30 to 1000 seconds. The default is 90 seconds.
Note ¯ You must set the same value on all peers.
You must save all the peer configuration changes you make and reset BGP routing.
To save configuration settings and reset BGP routing, enter the following commands:
Command> save all
Command> reset bgp [peer Ipaddress]
The reset bgp command causes the PortMaster to delete all currently known BGP information. Configuration information is not deleted. The PortMaster rereads BGP configuration information and reestablishes sessions with peers. This process can take some time. If you enter the command and specify peer Ipaddress, the PortMaster deletes information for that peer only, and resets the configuration with that peer only.
You can display the BGP settings configured on your PortMaster by using the commands described in this section. Table 4-2 lists BGP show commands and definitions
See the Command Line Administrator's Guide for more information on these commands.
Use the set debug command to troubleshoot BGP. To track debug command output, enable the option with the appropriate set debug Option on command. This command sends output to the system console, which you set with the set console command.
After completing the debugging process, disable the debug commands by using the appropriate set debug Option off command.
To set BGP debug options, enter the following command:
Caution ¯ You should use the set debug bgp-max command in limited environments
-for example, when investigating problems of peer interaction. Executing the set debug bgp-max command on a connection where large routing tables are exchanged between peers can create a flood of output that is useless for debugging.
Table 4-3 describes debug keywords.
This section provides the following examples of BGP routing configurations:
Figure 4-4 illustrates a basic multihome policy routing configuration using the default all policy.
Simple Multihome Configuration
Assumptions:
The complete configuration for Router 3 appears in the following box:
The following procedure shows the separate tasks for configuring Router 3:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.5
BGP ID changed from 0.0.0.0 to 192.168.10.5
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Identify Router 1 as an external BGP peer and specify the built-in easy-multihome routing policy:
Command> add bgp peer 192.168.10.5 172.16.96.76 65535 easy-multihome
New BGP peer successfully added
-
Identify Router 4 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.5 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Add summarization for internal routes to be advertised to external peers:
Command> add bgp summarization 192.168.10.0/24 as 65535
BGP summarization successfully added
-
Save the configuration, clear all currently known BGP information, and restart this router with the new configuration:
Command> save all
Command> reset bgp
The complete configuration for Router 4 appears in the following box:
The following procedure shows the separate tasks for configuring Router 4:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.3
BGP ID changed from 0.0.0.0 to 192.168.10.3
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Identify Router 2 as an external BGP peer and specify the built-in easy-multihome routing policy:
Command> add bgp peer 192.168.10.3 10.200.10.3 65155 easy-multihome
New BGP peer successfully added
-
Identify Router 3 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.3 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Add summarization for internal routes to be advertised to external peers:
Command> add bgp summarization 192.168.10.0/24 as 65155
BGP summarization successfully added
-
Save the configuration, clear all currently known BGP information, and restart this router with the new configuration:
Command> save all
Command> reset bgp
Figure 4-5 illustrates a multihome policy routing configuration using the predefined all policy.
Multihome Configuration with Simple Policies
Assumptions:
-
Router 1-an external BGP peer-in autonomous system 65535 advertises routes to Router 3 in autonomous system 64512.
-
Router 2-an external BGP peer-in autonomous system 65155 advertises routes to Router 4 in autonomous system 64512.
-
Routers 3, 4, 5, and 6 are fully meshed PortMaster routers in autonomous system 64512.
Goals:
-
Establish internal BGP peer relationships between Routers 3 and 4, Routers 3 and 5, Routers 3 and 6, Routers 4 and 5, Routers 4 and 6, and Routers 5 and 6.
-
Each router is always the next hop in the BGP path. All routes are permitted to be accepted, injected, and advertised.
The complete configuration for Router 3 appears in the following box:
The following procedure shows the separate tasks for configuring Router 3:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.5
BGP ID changed from 0.0.0.0 to 192.168.10.5
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Identify Router 2 as an external BGP peer and specify the built-in easy-multihome routing policy:
Command> add bgp peer 192.168.10.5 172.16.96.76 65535 easy-multihome
New BGP peer successfully added
-
Identify Router 4 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.5 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Identify Router 5 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.5 192.168.10.6 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Identify Router 6 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.5 192.168.20.4 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Add summarization for internal routes to be advertised to external peers:
Command> add bgp summarization 192.168.10.0/24 as 65535
BGP summarization successfully added
Command> add bgp summarization 192.168.20.0/24 as 65535
BGP summarization successfully added
-
Save the configuration, clear all currently known BGP information, and restart this router with the new configuration:
Command> save all
Command> reset bgp
The complete configuration for Router 4 appears in the following box:
The following procedure shows the separate tasks for configuring Router 4:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the router as a BGP device and set the autonomous system number:
Command> set bgp id 192.168.10.3
BGP ID changed from 0.0.0.0 to 192.168.10.3
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Identify Router 2 as an external BGP peer and specify the built-in easy-multihome routing policy:
Command> add bgp peer 192.168.10.3 10.200.10.3 65155 easy-multihome
New BGP peer successfully added
-
Identify Router 3 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.3 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Identify Router 5 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.3 192.168.10.6 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Identify Router 6 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.3 192.168.20.4 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Add summarization for internal routes to be advertised to external peers:
Command> add bgp summarization 192.168.10.0/24 as 65155
BGP summarization successfully added
Command> add bgp summarization 192.168.20.0/24 as 65155
BGP summarization successfully added
-
Save the configuration, clear all currently known BGP information, and restart this router with the new configuration:
Command> save all
Command> reset bgp
The complete configuration for Router 5 appears in the following box:
The following procedure shows the separate tasks for configuring Router 5:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the router as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.6
BGP ID changed from 0.0.0.0 to 192.168.10.6
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Identify Router 3 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.6 192.168.10.5 64512 accept-policy all
inject-policy all advertise-policy all
New BGP peer successfully added
-
Identify Router 4 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.6 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Identify Router 6 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.6 192.168.20.4 64512 accept-policy all
inject-policy all advertise-policy all
New BGP peer successfully added
-
Save the configuration, clear all currently known BGP information, and restart this router with the new configuration:
Command> save all
Command> reset bgp
The complete configuration for Router 6 appears in the following box:
The following procedure shows the separate tasks for configuring Router 6:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the router as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.20.4
BGP ID changed from 0.0.0.0 to 192.168.20.4
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Identify Router 3 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.20.4 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Identify Router 4 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.20.4 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Identify Router 5 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.20.4 192.168.10.6 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Save the configuration, clear all currently known BGP information, and restart this router with the new configuration:
Command> save all
Command> reset bgp
Figure 4-6 illustrates a fairly complex multihome configuration that establishes advertising policies with community attributes.
Multihome Configuration Using Nondefault Policy
Assumptions:
Routing Preferences
The complete configuration for Router 3 appears in the following box:
The following procedure shows the separate tasks for configuring Router 3:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.5
BGP ID changed from 0.0.0.0 to 192.168.10.5
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Add and set an advertisement policy adtag 105 to label the advertised BGP paths with the community attribute 105:
Command> add bgp policy adtag105
New BGP policy adtag105 successfully added
Command> set bgp policy adtag105 1 permit then community add 105
-
Add and set acceptance policy acdeg10 to assign the degree-of-preference 10 to all accepted BGP paths:
Command> add bgp policy acdeg10
New BGP policy acdeg10 successfully added
Command> set bgp policy acdeg10 1 permit then dop 10
BGP policy acdeg10 updated
-
Set Router 1 as an external peer with appropriate options to control policy implementation:
Command> add bgp peer 192.168.10.5 172.16.96.76 65535 accept-policy acdeg10 inject-policy all
New BGP peer successfully created
-
Set Router 4 and Router 5 as internal peers with appropriate options to control policy implementation:
Command> add bgp peer 192.168.10.5 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy adtag105
New BGP peer successfully created
Command> add bgp peer 192.168.10.5 192.168.10.6 64512 advertise-policy adtag105
New BGP peer successfully created
-
Add summarization for internal routes to be advertised to external peers:
Command> add bgp summarization 192.168.10.0/24 as 65535
BGP summarization successfully created
-
Save the configuration and reset BGP routing on the PortMaster:
Command> save all
Command> reset bgp
The complete configuration for Router 4 appears in the following box:
The following procedure shows the separate tasks for configuring Router 4:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.3
BGP ID changed from 0.0.0.0 to 192.168.10.3
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Add and set an advertisement policy adtag108 to label the advertised BGP paths with a community attribute of 108:
Command> add bgp policy adtag108
New BGP policy acdeg108 successfully added
Command> set bgp policy adtag108 1 permit if prefix 10.108.0.0/16 then community add 108
BGP polity adtag108 updated
-
Add a rule to advertisement policy adtag108 to lower the local preference to 5 on all routes except those included in the IP prefix 10.108.0.0/16:
Command> set bgp policy adtag108 2 permit then lp 5 community add 108
BGP polity adtag108 updated
-
Add and set an acceptance policy acdeg29 to assign a degree of preference of 29 to all accepted BGP paths:
Command> add bgp policy acdeg29
New BGP policy acdeg29 successfully added
Command> set bgp policy acdeg29 1 permit then dop 29
BGP policy acdeg29 updated
-
Set Router 2 as an external peer with appropriate options to control policy implementation:
Command> add bgp peer 192.168.10.3 10.200.10.3 65155 accept-policy acdeg29 inject-policy all
New peer successfully created
-
Set Router 3 and Router 5 as internal peers with appropriate options to control policy implementation:
Command> add bgp peer 192.168.10.3 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy adtag108
New BGP peer successfully created
Command> add bgp peer 192.168.10.3 192.168.10.6 64512 advertise-policy adtag108
New BGP peer successfully created
-
Add summarization for internal routes to be advertised to external providers:
Command> add bgp summarization 192.168.10.0/24 as 65155
BGP summarization successfully created
-
Save the configuration and reset BGP routing on the PortMaster:
Command> save all
Command> reset bgp
The complete configuration for Router 5 appears in the following box:
The following procedure shows the separate tasks for configuring Router 5:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.6
BGP ID changed from 0.0.0.0 to 192.168.10.6
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Set Router 3 and Router 4 as internal peers and specify that they use the predefined all policy to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.6 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully created
Command> add bgp peer 192.168.10.6 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully created
-
Save the configuration and reset BGP routing on the PortMaster:
Command> save all
Command> reset bgp
Figure 4-7 illustrates a BGP configuration using route reflectors.
Route Reflector Configuration
Assumptions:
The complete configuration for Router 3 appears in the following box:
The following procedure shows the separate tasks for configuring Router 3:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.5
BGP ID changed from 0 to 192.168.10.5
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Identify Router 1 as an external BGP peer and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.5 172.16.96.76 65535 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Set the route cluster identifier:
Command> set bgp cluster-id 192.168.10.5
BGP Cluster ID changed from 0.0.0.0 to 192.168.10.5
-
Establish a peer relationship between the two route reflectors:
Command> add bgp peer 192.168.10.5 192.168.10.8 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully created
-
Set the internal peer that is a client to the route reflector:
Command> add bgp peer 192.168.10.5 192.168.10.6 64512 accept-policy all inject-policy all advertise-policy all route-reflector-client
New BGP peer successfully added
-
Add summarization for internal routes to be advertised to external providers:
Command> add bgp summarization 192.168.10.0/24 as 65535
BGP summarization successfully added
-
Save the configuration and reset BGP routing on the PortMaster:
Command> save all
Command> reset bgp
The complete configuration for Router 4 appears in the following box:
The following procedure shows the separate tasks for configuring Router 4:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.8
BGP ID changed from 0 to 192.168.10.8
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Identify Router 2 as an external BGP peer and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.8 10.200.10.3 65155 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Set the route cluster identifier:
Command> set bgp cluster-id 192.168.10.8
BGP Cluster ID changed from 0.0.0.0 to 192.168.10.8
-
Establish a peer relationship between the two route reflectors:
Command> add bgp peer 192.168.10.8 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Set the internal peer that is a client to the route reflector:
Command> add bgp peer 192.168.10.8 192.168.10.10 64512 accept-policy all inject-policy all advertise-policy all route-reflector-client
New BGP peer successfully created
-
Add summarization for internal routes to be advertised to external providers:
Command> add bgp summarization 192.168.10.0/24 as 65155
BGP summarization successfully added
-
Reset BGP routing on the PortMaster:
Command> save all
Command> reset bgp
The complete configuration for Router 5 appears in the following box:
The following procedure shows the separate tasks for configuring Router 5:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.6
BGP ID changed from 0.0.0.0 to 192.168.10.6
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Set the internal peer that is the route reflector for this client router:
Command> add bgp peer 192.168.10.6 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Save the configuration and reset BGP routing on the PortMaster:
Command> save all
Command> reset bgp
The complete configuration for Router 6 appears in the following box:
The following procedure shows the separate tasks for configuring Router 6:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.10
BGP ID changed from 0.0.0.0 to 192.168.10.64
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Set the internal peer that is the route reflector for this client router:
Command> add bgp peer 192.168.10.10 192.168.10.8 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Save the configuration and reset BGP routing on the PortMaster:
Command> save all
Command> reset bgp
Figure 4-8 illustrates a BGP configuration using confederation member autonomous systems (CMAS).
Confederation Configuration
Assumptions:
The complete configuration for Router 3 appears in the following box:
The following procedure shows the separate tasks for configuring Router 3:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.5
BGP ID changed from 0.0.0.0 to 192.168.10.5
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Set Router 1 as an external peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.5 172.16.96.76 65535 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Set membership in CMAS 65105:
Command> set bgp cma 65105
BGP Confederation member AS number changed from 0 to 65105
-
Establish a peer relationship between CMAS 65105 and CMAS 65108:
Command> add bgp peer 192.168.10.5 192.168.10.8 65108 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Establish the internal peer relationship within CMAS 65105:
Command> add bgp peer 192.168.10.5 192.168.10.6 65105 accept-policy all inject-policy all advertise-policy all confederation-member
New BGP peer successfully added
-
Add summarization for internal routes to be advertised to external providers:
Command> add bgp summarization 192.168.10.0/24 as 65535
BGP summarization successfully added
-
Save the configuration and reset BGP routing on the PortMaster:
Command> save all
Command> reset bgp
Configuration of Router 4
The complete configuration for Router 4 appears in the following box:
The following procedure shows the separate tasks for configuring Router 4:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.8
BGP ID changed from 0.0.0.0 to 192.168.10.5
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Set Router 2 as an external peer:
Command> add bgp peer 192.168.10.8 10.200.10.3 65155 accept-policy all inject-policy all advertise-policy all
BGP peer successfully added
-
Set membership in CMAS 65108:
Command> set bgp cma 65108
BGP Confederation member AS number changed from 0 to 65108
-
Establish a peer relationship between CMAS 65108 and CMAS 65105:
Command> add bgp peer 192.168.10.8 192.168.10.5 65105 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
-
Establish the internal peer relationship within CMAS 65108:
Command> add bgp peer 192.168.10.8 192.168.10.10 65108 accept-policy all inject-policy all advertise-policy all confederation-member
New BGP peer successfully added
-
Add summarization for internal routes to be advertised to external providers:
Command> add bgp summarization 192.168.10.0/24 as 65155
BGP summarization successfully added
-
Save the configuration and reset BGP routing on the PortMaster:
Command> save all
Command> reset bgp
The complete configuration for Router 5 appears in the following box:
The following procedure shows the separate tasks for configuring Router 5:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.6
BGP ID changed from 0.0.0.0 to 192.168.10.5
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Set membership in CMAS 65105:
Command> set bgp cma 65105
BGP Confederation member AS number changed from 0 to 65105
-
Establish the internal peer relationship within CMAS 65105:
Command> add bgp peer 192.168.10.6 192.168.10.5 65105 accept-policy all inject-policy all advertise-policy all confederation-member
New BGP peer successfully added
-
Save the configuration and reset BGP routing on the PortMaster:
Command> save all
Command> reset bgp
The complete configuration for Router 6 appears in the following box:
The following procedure shows the separate tasks for configuring Router 6:
-
Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
-
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.10
BGP ID changed from 0.0.0.0 to 192.168.10.10
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
-
Set membership in CMAS 65108:
Command> set bgp cma 65108
BGP Confederation member AS number changed from 0 to 65108
-
Establish the internal peer relationship within CMAS 65108:
Command> add bgp peer 192.168.10.10 192.168.10.8 65108 accept-policy all inject-policy all advertise-policy all confederation-member
New BGP peer successfully added
-
Save the configuration and reset BGP routing on the PortMaster:
Command> save all
Command> reset bgp
[Top] [Prev] [Next] [Bottom]
spider@livingston.com
Copyright © 1998, Lucent Technologies. All rights
reserved.