[Top] [Prev] [Next] [Bottom]

Configuring BGP Routing 4

This chapter describes how to configure PortMaster products to route using the Border Gateway Protocol (BGP). Lucent implements version 4 of the protocol, as defined in RFC 1771. Also supported are the BGP communities attribute, defined in RFC 1997; BGP autonomous system confederation, defined in RFC 1965; and BGP route reflection, defined in RFC 1966.

Use this chapter in conjunction with the PortMaster Command Line Administrator's Guide. Refer to the glossary and Chapter 1, "Routing Overview," for definitions of terms and for an explanation of how PortMaster products implement BGP.

Note ¯ BGP runs only on PortMaster IRX Routers and the PortMaster 3. Because a full BGP routing table for the entire Internet requires about 7MB of memory, be sure to upgrade your IRX or PortMaster 3 memory to 16MB.

This chapter discusses the following topics:

BGP Configuration Tasks

This section lists the tasks you must perform to configure BGP on your PortMaster for both a simple and a more complex configuration.

The order of BGP configuration is important. You first enable BGP on the PortMaster, and then complete the configuration steps in order for either a simple or advanced configuration.

Simple BGP Configuration

A simple multihome configuration for an autonomous system with multiple exit points to the Internet requires only the following key steps:

Enable BGP routing-see page 4-4.
Set the BGP identifier-see page 4-4.
Set the autonomous system identifier-see page 4-4.
Save the settings by entering the following command:
Command> save all
Add the peers and apply a routing method-see page 4-14.
Save the settings and reset BGP-see page 4-23.

Advanced BGP Configuration

If you want more control over your BGP routing, you can create and apply your own propagation filters and routing policies through additional configuration steps:

Enable BGP routing-see page 4-4.
Set the BGP identifier-see page 4-4.
Set the autonomous system identifier-see page 4-4.
Save the settings by entering the following command:
Command> save all
(Optional) define propagation filters-see page 4-6.
(Optional) define propagation rules-see page 4-7.
Define BGP policies-see page 4-8.
Add peers and apply policies as needed-see page 4-14 and page 4-15.
Configure other options as needed-see page 4-16 through page 4-22.
Save the settings and reset BGP-see page 4-23.

Configuring BGP on the PortMaster

This section describes how to configure the PortMaster 3 and the PortMaster IRX for BGP routing. Topics include the following:

Summarization reduces the number of advertised routes (see "Advertising with Summarization" on page 4-16). Some BGP routes received by your PortMaster might not be summarized. Unsummarized routes can include IP prefixes containing as many as 32 high-order bits-many specific addresses rather than fewer route summaries. If your BGP policy rules accept such routes into your BGP database, you can propagate extremely large numbers of routes to your BGP peers and possibly overwhelm them. To avoid this problem, use the prefix-longer-than keyword in a BGP acceptance policy to deny IP prefixes with a netmask longer than a particular NM value. You might specify, for example, that prefix-longer-than 16 not be advertised.

You can use policy statements to permit or deny certain routes from being reflected.

Understanding Injection Policies

For each route for which the PortMaster has determined the best possible route, it scans the policy list. If the route does not appear in a rule, the PortMaster denies the route, and it is not passed to the routing table-displayed with the show route command. If the list contains a rule whose if criteria match the route's IP address prefix and path attribute information, and the rule says deny, the route is also dropped. If the rule says permit, the route is accepted and passed to the routing table.

However, before any BGP route information is propagated into another routing protocol, such as OSPF or RIP, the route information must also pass any propagation filtering rules imposed by the add propagation command. See "Propagating Routing Protocols" on page 4-6 for more information.

An injection policy allows the PortMaster to receive and forward BGP routing information, but to forward packets based on simpler criteria. For example, you might want to forward packets only on routes received from OSPF or on a configured default route.

Understanding Advertisement Policies

For each route the PortMaster considers for advertisement, it scans the policy list. If the route does not appear in a rule, the PortMaster denies the route, and it is dropped. If the list contains a rule whose if criteria match the route's IP address prefix and path attribute information, and the rule says deny, the route is also dropped. If the rule says permit, the route is advertised to the peer to which this policy applies. If the rule has any then attributes, these override any path attribute values the PortMaster would otherwise send to the other BGP peer.

You can use policy statements to permit or deny reflection of selected routes.

Effects of Route Reflection on BGP Policies

When a route reflector reflects an internal route (learned from internal peers) either from or to a reflector client, the BGP policies for the cluster change as follows:

For advertisement policies, the route reflector ignores then portions and forwards every permitted route as learned. As a result, no modifications are made to the community, next-hop, multiexit discriminator, or local preference values.
For acceptance policies, any multiexit discriminator is advertised as it was originally received and is not modified upon acceptance.
This modified behavior applies only to reflected internal routes learned from other internal peers, and not to routes originating from the route reflector itself. The route reflector can generate routes from locally configured summarizations or from routing information learned via external peers attached to the route reflector.
You can use policy statements to permit or deny certain routes from being reflected. For more information on policies, see "Working with BGP Policies" on page 4-8.

Creating a BGP Policy

To create a BGP policy, enter the following command:

Command> add bgp policy Policyname

You can create any number of policies.

To delete a BGP policy, enter the following command:

Command> delete bgp policy Policyname

The reserved policy name all is a predefined policy you can use as an acceptance, injection, and/or advertisement policy to permit or deny all routes.

Defining BGP Policies

You can create any number of acceptance policies, injection policies, or advertisement policies. You can create a single policy that includes all three functions, or you can create separate policies for each function. By avoiding the use of if or then clauses when defining rules, you can create rules that permit or deny all prefixes, with no modification.

The set bgp policy command allows you to define rules that determine how BGP routing information is handled. Table 4-1 describes the three parts of a policy rule-also called a policy statement:

Table 4-1 Parts of a Policy Rule
Header
The portion of the policy rule that defines the policy list. The header contains the following:
The name of the policy-Policyname.
Sequential location in the list-RuleNumber.
A keyword that indicates whether this rule will permit or deny routing information based on the rule's criteria.
A keyword that allows you to include, which creates nested policies (a policy within a policy). Policy inclusions can be nested to a maximum depth of 10 levels. Any inclusions beyond the 10th level are ignored.

If portion
The path attribute and IP prefix criteria that must be matched to make the current rule applicable.

Then portion
One or more attributes that the PortMaster applies (instead of computed or default parameters) when it accepts or advertises routing information passed by this rule. For example, a rule can specify that a local preference be advertised instead of letting the router compute that preference automatically.

`Table 4-1 Parts of a Policy Rule`
Header	The portion of the policy rule that defines the policy list. The header contains the following: The name of the policy-Policyname. Sequential location in the list-RuleNumber. A keyword that indicates whether this rule will permit or deny routing information based on the rule's criteria. A keyword that allows you to include, which creates nested policies (a policy within a policy). Policy inclusions can be nested to a maximum depth of 10 levels. Any inclusions beyond the 10th level are ignored.
If portion	The path attribute and IP prefix criteria that must be matched to make the current rule applicable.
Then portion	One or more attributes that the PortMaster applies (instead of computed or default parameters) when it accepts or advertises routing information passed by this rule. For example, a rule can specify that a local preference be advertised instead of letting the router compute that preference automatically.

Each then attribute applies to either acceptance or advertisement of the routing information, not to both. No attribute applies to injection of BGP routing information into the IP routing table of the PortMaster. As a result, you can combine acceptance, injection, and advertisement policy rules into one rule if they have the same path attribute and IP prefix criteria and are all either permit or deny rules.

Caution ¯ The creation of long, complex lists of policy rules can adversely affect PortMaster CPU performance.

To define a BGP acceptance policy, use the following command:

Command> set bgp policy PolicyName [before] RuleNumber permit|deny|include Policyname
[if
[prefix [exactly] Prefix/NM]
[prefix-longer-than NM]
[as-path String|empty]
[community Tag]]
[then
[input-multi-exit-disc Number|strip]
[degree-of-preference Number]]

To define a BGP injection policy, use the following command:

Command> set bgp policy PolicyName [before] RuleNumber permit|deny|include Policyname
[if
[prefix [exactly] Prefix/NM]
[as-path String|empty]
[community Tag]]

To define a BGP advertisement policy, use the following command:

Command> set bgp policy PolicyName [before] RuleNumber permit|deny|include Policyname
[if
[prefix [exactly] Prefix/NM]
[as-path String|empty]
[community Tag]]
[then
[local-pref Number]
[output-multi-exit-disc Number]
[next-hop Ipaddress]
[community add|replace|strip Tag]
[ignore community restrictions]]

Applying a Policy

After adding or changing a rule in a BGP policy, use one of the following commands to apply and save the modified policy:

Enter reset bgp peer Ipaddress(dest) to reset only those peers that use a policy.
Enter reset bgp to reset all peers.

Removing a Policy Rule

To remove a rule, specify only the rule number RuleNumber in the command. For example, the command set bgp policy policyname 1, removes rule number 1 from the BGP policy.

Creating a Common Policy

You might want to use a common set of policies to define network routing plans and administrative needs. To create a common BGP policy for inclusion in other BGP policies, follow this procedure:

Create and define a common BGP policy with the following commands:
Command> add bgp policy permit1011
Command> set bgp policy permit1011 1 permit if prefix 10.0.0.0/8
Command> set bgp policy permit1011 2 permit if prefix 11.0.0.0/8
Include this policy by reference in another policy.

For example, to insert the permit1011 policy at line 5 of the policy otherone, enter the following command:

Command> set bgp policy otherone 5 include permit1011

Apply and save the modified policy with the following command:
Command> reset bgp
See the Command Line Administrator's Guide for a details about the set bgp policy command.

Defining BGP Peers

BGP peers are pairs of routers that send BGP messages to each other. To pass BGP routing information, you must define the peers for your PortMaster router. You define the peer relationship by setting the IP address of the PortMaster (which will be placed in outgoing packets), the destination address of the peer, and the autonomous system number of the peer.

For example, to add a peer to your PortMaster, you enter the following command:

Command> add bgp peer Ipaddress(src) Ipaddress(dest) ASN

The IP addresses of the peers are specified in dotted decimal notation. The autonomous system number of the peer (ASN) is a 16-bit decimal number ranging from 1 to 65535.

You must define the relationship on the PortMaster for each of its peers. The relationship must also be configured on each peer router.

You must include a routing policy for each peer you define. You can create and apply specific routing policies to the peers you create or, alternatively, specify the
easy-multihome routing method for a peer. If you do not specify a routing policy or method for a peer, all routes from the peer are denied.

Applying the Easy-Multihome Routing Method to a Peer

The easy-multihome method-the default-is a built-in routing policy that combines the functions of acceptance, injection, and advertisement. It restricts the BGP routing table to accept only paths through the remote autonomous system and, optionally, through one additional autonomous system.

To add or modify (set) a peer and specify the default routing method easy-multihome, enter the following command:

Command> add|set bgp peer Ipaddress(src) Ipaddress(dest) ASN easy-multihome [assume-default [Number]] [confederation-member] [normal] [route-reflector-client] [always-next-hop]

When modifying a peer with the set version of this command, you must re-enter all the keywords and values you want to associate with the peer. See the Command Line Administrator's Guide for a complete description of the add|set bgp peer command.

Applying Policies to Peers

To apply specific routing policies to BGP peers, use the add bgp peer command. Use the optional keywords and values to control how BGP policies are implemented for route selection.

To modify the characteristics of peers that have already been added to the PortMaster, use the set version of the command. When using this version, you must re-enter keywords and values you want to associate with the peer.

You can specify some combination of acceptance, injection, and advertisement policies. See "Working with BGP Policies" on page 4-8 for descriptions of BGP policies and instructions for defining policies.

To add or modify (set) a peer and specify the routing policy as some combination of acceptance, injection, and advertisement, enter the following command:

Command> add|set bgp peer Ipaddress(src) Ipaddress(dest) ASN
[accept-policy Policyname] [inject-policy Policyname]
[advertise-policy Policyname] [assume-default [Number]]
[confederation-member] [normal] [route-reflector-client]
[always-next-hop]

Note ¯ If you do not specify a policy, all routes are denied for that policy.

See the Command Line Administrator's Guide for a complete description of the add|set bgp peer command.

Advertising with Summarization

BGP advertises to peers only routing information that is explicitly specified. These special advertisements are known as summarizations. BGP summarization entries control how Interior Gateway Protocol (IGP) routing information from OSPF, RIP, or static routing is forwarded into BGP for advertisement to BGP peers.

To add or modify a summarization entry, enter the following command:

Command> add|set bgp summarization Prefix/NM [as ASN [off]]
[cma ASN [off]]
[multi-exit-disc Number] [local-pref Number]
[community Tag]

Include your local autonomous system number (as ASN) in this list to enable the summarization to go to internal peers. You can list up to 14 autonomous systems. Include your CMAS number (cma ASN) in this list to enable the summarization to go to internal peers in your CMAS.

See the Command Line Administrator's Guide for a complete description of the add|set bgp summarization command.

Multiexit Discriminator

You can assign an arbitrary rating (multi-exit-disc Number) to an external route for advertisement to external or confederation-member peers only. Number is a 32-bit integer. Lower numbers indicate an increased preference for a specific route.

Use this metric to discriminate among multiple exit or entry points between the same pair of neighboring autonomous systems. If you do not assign a multiexit discriminator, the value 1 is assigned by default.

To explicitly prevent advertisement of a multiexit discriminator for IP prefixes matching this rule, set this keyword to 0 (zero). The PortMaster never forwards a 0 value of this metric to any peer, even if 0 was explicitly received from a peer.

A multiexit discriminator configured in a policy takes precedence over one configured in a route summarization. A decision tree showing the rules for applying a multiexit discriminator is shown in Figure 4-1.

For details about multiexit discriminators (MEDs), input multiexit discriminators (IMEDs), and output multiexit discriminators (OMEDs) refer to the BGP configuration chapter in the Command Line Administrator's Guide.

Figure 4-1 Decision Tree for Multiexit Discriminator (MED) Rules

Local Preference

You can assign an arbitrary rating (local-pref Number) to an external route for advertisement to internal or confederation-member peers only. Number is a 32-bit integer. Higher numbers indicate an increased preference for a specific route when more than one route exists. Use this metric to screen a particular autonomous system from your map of routes, for example.

If you do not assign a local preference rating to the IP prefix, a value is assigned as follows:

If the route comes from an internal peer, the learned local preference number is assigned.
If the route comes from an external peer, Number is based on the autonomous system path length, with a shorter path being preferred.
The rules depend on the source of the information, as shown in Figure 4-2.


Figure 4-2 Decision Tree for Degree of Preference (DOP) Rules

The rules for determining local preference (LP) values to be used for route selection depend on the source of the information, as show in Figure 4-3.

Table 4-3 Decision Tree for Local Preference (LP) Rules For automatic summarizations from static routes, LP is calculated from the formula
LP = (16 - propagation metric of static route); if the propagation method of static routes is the automatic zero (0), LP is calculated from the formula LP = (16 - hop count metric of static route).

Creating BGP Communities

The communities attribute (community Tag) variable lets you group a number of BGP destinations under a single name. By assembling destinations into identifiable communities, BGP peers can base policy decisions on the identity of the group rather than on individual destinations. This attribute simplifies the distribution of routing information by grouping a larger number of individual destinations into a smaller number of communities. The community identifier, which can be either one 32-bit value or two 16-bit values, is advertised in update messages between BGP peers.

The settings for community, local preference, and multiexit discriminator in the summarization command interact with those in advertisement policy definitions in the following ways:

The advertisement policy settings override values for local preference and multi-exit discriminator
If the advertisement policy definition includes an add community, that information is added to the community information specified in the summarization.
If the advertisement policy definition includes a replace community, that information replaces any community information specified in the summarization.
To help provide stability in the Internet, summarizations are advertised only when supported by one or more specific routes that must exist for at least 30 seconds before the summarization is advertised.

Setting IGP Lockstep

When the source router learns a route from internal peers, it forwards the information to any external peers as soon as possible. Enabling the igp-lockstep feature forces the source router to wait until it finds a suitable IGP route (an OSPF, RIP, or static route, or a static route via RADIUS) that supports the route before advertising it. An IGP route supports a BGP route if it has the same address and prefix as the BGP route.

You enable igp-lockstep only when providing a transit service between two autonomous systems.

To enable or disable IGP lockstep, enter the following command:

Command> set bgp igp-lockstep on|off

Setting the Connection Retry Interval

You can set the interval after which the source router attempts to open sessions to peers that are not fully established.

To set the connection retry interval, enter the following command:

Command> set bgp connect-retry-interval Seconds

The valid range is from 30 to 1000 seconds. The default is 120 seconds.

Note ¯ You must set the same value on all peers.

Setting the Keepalive Timer Interval

You can set the interval after which the source router sends keepalive messages to its peers to let them know it is still reachable.

To set the keepalive timer interval, enter the following command:

Command> set bgp keepalive-timer Seconds

The valid range is from 30 to 1000 seconds. The default is 30 seconds.

Note ¯ You must set the same value on all peers.

Setting the Hold Time Interval

You can set the interval the source router waits between keepalive, update, or notification messages from a peer. When the peer is identified as no longer operational, all information learned from that peer is dropped.

To set the hold time interval, enter the following command:

Command> set bgp hold-time Seconds

The valid range is from 30 to 1000 seconds. The default is 90 seconds.

Note ¯ You must set the same value on all peers.

Saving and Resetting BGP Routing

You must save all the peer configuration changes you make and reset BGP routing.

To save configuration settings and reset BGP routing, enter the following commands:

Command> save all
Command> reset bgp [peer Ipaddress]

The reset bgp command causes the PortMaster to delete all currently known BGP information. Configuration information is not deleted. The PortMaster rereads BGP configuration information and reestablishes sessions with peers. This process can take some time. If you enter the command and specify peer Ipaddress, the PortMaster deletes information for that peer only, and resets the configuration with that peer only.

Displaying BGP Settings

You can display the BGP settings configured on your PortMaster by using the commands described in this section. Table 4-2 lists BGP show commands and definitions

Table 4-2 BGP show Commands
Command
Description

show bgp memory
Provides information on BGP memory usage-an important issue when running BGP because of the large number of routes that are stored in the BGP database.

show bgp next-hop
Shows the known BGP next hop addresses and gateways. Use this command to determine where packets go when forwarded. The information displayed is based on entries in the routing table that are used to forward BGP packets to their destinations.

show bgp paths [Prefix/NM [verbose]]
Shows learned BGP path information.

show bgp peers [verbose]
Shows a list of BGP peers.

show bgp policy [Policyname]
Shows BGP policy names and policy definitions.

show bgp summarization [all]
Shows route summaries advertised to BGP peers.

show routes [String|Prefix//NM
Shows the IP routing table.

`Table 4-2 BGP show Commands`
Command	Description
show bgp memory	Provides information on BGP memory usage-an important issue when running BGP because of the large number of routes that are stored in the BGP database.
show bgp next-hop	Shows the known BGP next hop addresses and gateways. Use this command to determine where packets go when forwarded. The information displayed is based on entries in the routing table that are used to forward BGP packets to their destinations.
show bgp paths [Prefix/NM [verbose]]	Shows learned BGP path information.
show bgp peers [verbose]	Shows a list of BGP peers.
show bgp policy [Policyname]	Shows BGP policy names and policy definitions.
show bgp summarization [all]	Shows route summaries advertised to BGP peers.
show routes [String\|Prefix//NM	Shows the IP routing table.

See the Command Line Administrator's Guide for more information on these commands.

Debugging BGP

Use the set debug command to troubleshoot BGP. To track debug command output, enable the option with the appropriate set debug Option on command. This command sends output to the system console, which you set with the set console command.

After completing the debugging process, disable the debug commands by using the appropriate set debug Option off command.

To set BGP debug options, enter the following command:

Caution ¯ You should use the set debug bgp-max command in limited environments
-for example, when investigating problems of peer interaction. Executing the set debug bgp-max command on a connection where large routing tables are exchanged between peers can create a flood of output that is useless for debugging.

Table 4-3 describes debug keywords.
Table 4-3 Debug Keywords
Keyword
Description

bgp-fsm
Displays events that change the state of the BGP session with any peer.

bgp-decision-process
Displays decisions among routes about the best path to a destination.

bgp-opens
Displays open messages sent and received between any peers.

bgp-keepalives
Displays keepalive messages sent and received between any peers.

bgp-updates
Displays update messages sent and received between any peers.

bgp-notifications
Displays notification messages sent and received between any peers.

bgp-errors
Displays protocol errors occurring between BGP peers.

bgp-packets
Displays bgp-opens, bgp-keepalives, bgp-updates, and bgp-notifications outputs.

bgp-max
Displays all BGP debugging output.

`Table 4-3 Debug Keywords`
Keyword	Description
bgp-fsm	Displays events that change the state of the BGP session with any peer.
bgp-decision-process	Displays decisions among routes about the best path to a destination.
bgp-opens	Displays open messages sent and received between any peers.
bgp-keepalives	Displays keepalive messages sent and received between any peers.
bgp-updates	Displays update messages sent and received between any peers.
bgp-notifications	Displays notification messages sent and received between any peers.
bgp-errors	Displays protocol errors occurring between BGP peers.
bgp-packets	Displays bgp-opens, bgp-keepalives, bgp-updates, and bgp-notifications outputs.
bgp-max	Displays all BGP debugging output.

BGP Configuration Examples

This section provides the following examples of BGP routing configurations:

Easy-Multihome-Example 1

Figure 4-4 illustrates a basic multihome policy routing configuration using the default all policy.

Simple Multihome Configuration Assumptions:

Router 1-an external BGP peer-in autonomous system 65535 advertises routes to Router 3 in autonomous system 64512.
Router 2-an external BGP peer-in autonomous system 65155 advertises routes to Router 4 in autonomous system 64512.
Routers 3 and 4 are fully meshed PortMaster routers in autonomous system 64512.
Goals:
Establish internal BGP peer relationships between Routers 3 and 4.
Each router is always the next hop in the BGP path. All routes are permitted to be accepted, injected, and advertised.

Configuration of Router 3

The complete configuration for Router 3 appears in the following box:

The following procedure shows the separate tasks for configuring Router 3:

Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.5
BGP ID changed from 0.0.0.0 to 192.168.10.5
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
Identify Router 1 as an external BGP peer and specify the built-in easy-multihome routing policy:
Command> add bgp peer 192.168.10.5 172.16.96.76 65535 easy-multihome
New BGP peer successfully added
Identify Router 4 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.5 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
Add summarization for internal routes to be advertised to external peers:
Command> add bgp summarization 192.168.10.0/24 as 65535
BGP summarization successfully added
Save the configuration, clear all currently known BGP information, and restart this router with the new configuration:
Command> save all
Command> reset bgp

Configuration of Router 4

The complete configuration for Router 4 appears in the following box:

The following procedure shows the separate tasks for configuring Router 4:

Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.3
BGP ID changed from 0.0.0.0 to 192.168.10.3
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
Identify Router 2 as an external BGP peer and specify the built-in easy-multihome routing policy:
Command> add bgp peer 192.168.10.3 10.200.10.3 65155 easy-multihome
New BGP peer successfully added
Identify Router 3 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.3 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
Add summarization for internal routes to be advertised to external peers:
Command> add bgp summarization 192.168.10.0/24 as 65155
BGP summarization successfully added
Save the configuration, clear all currently known BGP information, and restart this router with the new configuration:
Command> save all
Command> reset bgp

Easy-Multihome-Example 2

Figure 4-5 illustrates a multihome policy routing configuration using the predefined all policy.

Multihome Configuration with Simple Policies Assumptions:

Router 1-an external BGP peer-in autonomous system 65535 advertises routes to Router 3 in autonomous system 64512.
Router 2-an external BGP peer-in autonomous system 65155 advertises routes to Router 4 in autonomous system 64512.
Routers 3, 4, 5, and 6 are fully meshed PortMaster routers in autonomous system 64512.
Goals:
Establish internal BGP peer relationships between Routers 3 and 4, Routers 3 and 5, Routers 3 and 6, Routers 4 and 5, Routers 4 and 6, and Routers 5 and 6.
Each router is always the next hop in the BGP path. All routes are permitted to be accepted, injected, and advertised.

Configuration of Router 3

The complete configuration for Router 3 appears in the following box:

Command> set bgp enable
Command> save all
Command> reboot
Command> set bgp id 192.168.10.5
Command> set bgp as 64512
Command> add bgp peer 192.168.10.5 172.16.96.76 65535 easy-multihome
Command> add bgp peer 192.168.10.5 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy all
Command> add bgp peer 192.168.10.5 192.168.10.6 64512 accept-policy all inject-policy all advertise-policy all
Command> add bgp peer 192.168.10.5 192.168.20.4 64512 accept-policy all inject-policy all advertise-policy all
Command> add bgp summarization 192.168.10.0/24 as 65535
Command> add bgp summarization 192.168.20.0/24 as 65535
Command> save all
Command> reset bgp

The following procedure shows the separate tasks for configuring Router 3:

Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
Identify the PortMaster as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.5
BGP ID changed from 0.0.0.0 to 192.168.10.5
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
Identify Router 2 as an external BGP peer and specify the built-in easy-multihome routing policy:
Command> add bgp peer 192.168.10.5 172.16.96.76 65535 easy-multihome
New BGP peer successfully added
Identify Router 4 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.5 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
Identify Router 5 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.5 192.168.10.6 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
Identify Router 6 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.5 192.168.20.4 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
Add summarization for internal routes to be advertised to external peers:
Command> add bgp summarization 192.168.10.0/24 as 65535
BGP summarization successfully added
Command> add bgp summarization 192.168.20.0/24 as 65535
BGP summarization successfully added
Save the configuration, clear all currently known BGP information, and restart this router with the new configuration:
Command> save all
Command> reset bgp

Configuration of Router 4

Command> set bgp enable
Command> save all
Command> reboot
Command> set bgp id 192.168.10.3
Command> set bgp as 64512
Command> add bgp peer 192.168.10.3 10.200.10.3 65155 easy-multihome
Command> add bgp peer 192.168.10.3 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy all
Command> add bgp peer 192.168.10.3 192.168.10.6 64512 accept-policy all inject-policy all advertise-policy all
Command> add bgp peer 192.168.10.3 192.168.20.4 64512 accept-policy all inject-policy all advertise-policy all
Command> add bgp summarization 192.168.10.0/24 as 65155
Command> add bgp summarization 192.168.20.0/24 as 65155
Command> save all
Command> reset bgp

The complete configuration for Router 4 appears in the following box:

The following procedure shows the separate tasks for configuring Router 4:

Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
Identify the router as a BGP device and set the autonomous system number:
Command> set bgp id 192.168.10.3
BGP ID changed from 0.0.0.0 to 192.168.10.3
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
Identify Router 2 as an external BGP peer and specify the built-in easy-multihome routing policy:
Command> add bgp peer 192.168.10.3 10.200.10.3 65155 easy-multihome
New BGP peer successfully added
Identify Router 3 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.3 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
Identify Router 5 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.3 192.168.10.6 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
Identify Router 6 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.3 192.168.20.4 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
Add summarization for internal routes to be advertised to external peers:
Command> add bgp summarization 192.168.10.0/24 as 65155
BGP summarization successfully added
Command> add bgp summarization 192.168.20.0/24 as 65155
BGP summarization successfully added
Save the configuration, clear all currently known BGP information, and restart this router with the new configuration:
Command> save all
Command> reset bgp

Configuration of Router 5

Command> set bgp enable
Command> save all
Command> reboot
Command> set bgp id 192.168.10.6
Command> set bgp as 64512
Command> add bgp peer 192.168.10.6 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy all
Command> add bgp peer 192.168.10.6 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy all
Command> add bgp peer 192.168.10.6 192.168.20.4 64512 accept-policy all inject-policy all advertise-policy all
Command> save all
Command> reset bgp

The complete configuration for Router 5 appears in the following box:

The following procedure shows the separate tasks for configuring Router 5:

Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
Identify the router as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.10.6
BGP ID changed from 0.0.0.0 to 192.168.10.6
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
Identify Router 3 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.6 192.168.10.5 64512 accept-policy all
inject-policy all advertise-policy all
New BGP peer successfully added
Identify Router 4 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.6 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
Identify Router 6 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.10.6 192.168.20.4 64512 accept-policy all
inject-policy all advertise-policy all
New BGP peer successfully added
Save the configuration, clear all currently known BGP information, and restart this router with the new configuration:
Command> save all
Command> reset bgp

Configuration of Router 6

Command> set bgp enable
Command> save all
Command> reboot
Command> set bgp id 192.168.20.4
Command> set bgp as 64512
Command> add bgp peer 192.168.20.4 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy all
Command> add bgp peer 192.168.20.4 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy all
Command> add bgp peer 192.168.20.4 192.168.10.6 64512 accept-policy all inject-policy all advertise-policy all
Command> save all
Command> reset bgp

The complete configuration for Router 6 appears in the following box:

The following procedure shows the separate tasks for configuring Router 6:

Enable the use of BGP on the PortMaster, save the configuration, and reboot the router for changes to take effect:
Command> set bgp enable
BGP will be enabled on the next reboot
Command> save all
Command> reboot
Identify the router as a BGP router and set the autonomous system number:
Command> set bgp id 192.168.20.4
BGP ID changed from 0.0.0.0 to 192.168.20.4
Command> set bgp as 64512
BGP AS number changed from 0 to 64512
Identify Router 3 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.20.4 192.168.10.5 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
Identify Router 4 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.20.4 192.168.10.3 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
Identify Router 5 as an internal BGP peer, and specify that it use the predefined policy with the name all to permit all routes to be accepted, injected, and advertised:
Command> add bgp peer 192.168.20.4 192.168.10.6 64512 accept-policy all inject-policy all advertise-policy all
New BGP peer successfully added
Save the configuration, clear all currently known BGP information, and restart this router with the new configuration:
Command> save all
Command> reset bgp

Easy-Multihome-Example 3

Figure 4-6 illustrates a fairly complex multihome configuration that establishes advertising policies with community attributes.

Multihome Configuration Using Nondefault Policy Assumptions:

Router 1-an external BGP peer to Router 3-in autonomous system 65535 is advertising five routes to Router 3 in autonomous system 64512.
Router 2-an external BGP peer to Router 4-in autonomous system 65155 is advertising the same five routes to Router 4 in autonomous system 64512.
Routers 3, 4, and 5 are PortMaster routers in autonomous system 64512.
Goals:
Ensure that the five routes advertised by Routers 1 and 2 are accepted by Routers 3 and 4.
Ensure that if one external peer fails, all traffic is routed via the remaining peer. When both external peers are operating again, route preferences resume.
Establish internal BGP peer relationships among Routers 3, 4, and 5.
Determine policies to set the routing preferences shown in Table 4-4.

Route Advertised by External Peers- Prefix/NM	Route Advertised within AS 64512- Prefix/NM	Preferred Routing from within AS 64512
172.32.64.0/24	172.32.64.0/24	via AS 65535
172.80.32.0/24	172.80.32.0/24	via AS 65535
172.112.200.0/24	172.112.200.0/24	via AS 65535
10.108.48.0/24	10.108.0.0/16	via AS 65155
10.108.80.0/24	10.108.0.0/16	via AS 65155