BGP Router Reflection Lab

A
Laboratory Exercises Initial Router Setup
Overview
In these exercises, you will perform initial router configuration, configure the interfaces on your routers and establish IGP connectivity across your core backbone.
Overview of Physical Connectivity in the Laboratory

The laboratory is organized as a number of workgroups connected to two common backbones:
s
ISP exchange point; also called Provider backbone, where two upstream Service Providers are located. Client ISP backbone, where your customer is connected.
Every workgroup has four routers named WGxR1, WGxR2, WGxR3 and WGxR4 where x is the number of the workgroup. There are also three shared routers, called Good, Cheap and Client. Routers in your workgroup are connected according to the setup in Figure 1. You have control over routers WGxR1 WGxR4. You can also telnet to other routers shown in the figure, but you cannot configure them.
Client Client ISP
WGxR3
WGxR4
WGxR2
Frame Relay Switch WGxR1 ISP Exchange Point
Good
Cheap
Figure 1: Physical connectivity
The first serial interface of your router is connected to the Frame Relay switch. The first (fast) Ethernet interface of the router is connected to the LAN segment. All routers including the shared ones (Good, Cheap and Client) have one serial link to the Frame Relay switch.
C-2
Multi-homed Autonomous System
Copyright 2000, Cisco Systems, Inc.
DLCIs are already configured on the Frame Relay switch to give you the logical connectivity displayed in Figure 2.
Client Client ISP
WGxR4
WGxR3
WGxR2
WGxR1 ISP Exchange Point
Good
Cheap
Figure 2: Initial logical connectivity
Chapter Title
C-3
Laboratory Exercise A-1: Initial Router Configuration

Objective:
You will perform initial router configuration and prepare the routers for further exercises. You will configure passwords, serial interfaces and IP addresses. You will also configure IGP in your workgroup.
Task: Initial Router Configuration

Perform initial configuration of your routers using the parameters in Table 1.
Parameter host names Enable password VTY password WAN link encapsulation WAN link clock rate Value Use hostnames as shown in Figure 2 above (x is the number of your workgroup). Cisco Cisco Frame Relay 64 kbps (configured on the Frame Relay switch)
Table 1: Initial router parameters
Task: IP Address and WAN Interface Configuration

Configure two loopback addresses per router with the IP addresses from the following table.
Router WGxR1 WgxR2 WGxR3 WGxR4 Interface Loopback 0 Loopback 1 Loopback 0 Loopback 1 Loopback 0 Loopback 1 Loopback 0 Loopback 1 Address 197.x.1.1 197.x.8.1 197.x.2.1 197.x.3.1 197.x.4.1 197.x.5.1 197.x.6.1 197.x.7.1 Subnet Mask 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0 255.255.255.0
Table 2: Loopback IP address assignment
Configure LAN IP addresses on WGxR1 and WGxR4 using parameters from the following table:
Parameter ISP Exchange point subnet Client ISP subnet 2
C-4 Multi-homed Autonomous System
1
Value 192.168.20.x, subnet mask 255.255.255.0 192.168.21.x, subnet mask 255.255.255.0

Table 3: LAN IP address assignment
Configure point-to-point Frame Relay subinterfaces on the Frame Relay links. The IP addresses to be used on the link as well as the DLCI values for the Frame Relay virtual circuits are shown in Table 4.
First router WGxR1 WGxR2 WGxR3 IP address 192.168.x.1/30 192.168.x.5/30 192.168.x.9/30 Second router WGxR2 WGxR3 WGxR4 IP address 192.168.x.2/30 192.168.x.6/30 192.168.x.10/30 DLCI3 100 101 102
Table 4: WAN subinterface parameters
You should also configure ip host mappings to ease telnet hopping between routers.
Task: Configure IGP in Your Network

Configure any IGP between your routers. Make sure you do not use the IGP on the backbone LANs but do insert those networks into the IGP.
Verification:
s s
All router interfaces should be active (line up, line protocol up). You should be able to telnet and ping between all core routers.
Router Good has IP address 192.168.20.20 and router Cheap has IP address 192.168.20.22. They are shared by all workgroups. Router Client has IP address 192.168.21.99 and is shared by all workgroups. DLCIs have the same value on both ends of the link
Chapter Title C-5
2 3
BGP Setup for Single-homed Autonomous Systems
Overview
In this chapter, you will perform the configuration tasks usually performed by a customer establishing BGP session with a single Service Provider or by a network designer migration his backbone into a BGP-based backbone. The chapter supports the BGP Overview chapter and contains three laboratory exercises covering basic BGP configuration, route redistribution into BGP and BGP aggregation.
Laboratory Exercise B-2: Basic BGP setup

Objective:
You must connect to the Internet using BGP, ensuring that all users in your network will get Internet access. You will connect to a single Service Provider and statically announce the address space the Internet Registry has assigned to you.
Command List:
Use the following commands to complete this exercise:
Command router bgp x neighbor ip-address remote-as as network network [mask mask] ip route network mask show ip bgp summary show ip bgp neighbor show ip bgp Description Start a BGP routing process Start a session with the neighboring autonomous system Announce IP prefixes in BGP Configure a static IP route Verify if the BGP session is up. View detailed information about the neighbor. Inspect the contents of the BGP table.
Table 5: Configuration and monitoring commands used for basic BGP setup
C-2
Visual objective:
The following figure shows the BGP session you have to establish between WGxR1 and the Good service provider.
Client Client ISP
WGxR4
WGxR3
WGxR2
se ss io n BG P
WGxR1 ISP Exchange Point
Good
Cheap
Figure 3: Connecting to single service-provider
Task: Starting a BGP process

Step 1
Start the BGP process on WGxR1. Use your workgroup number as the autonomous system number.
Task: Establishing a BGP peering

Step 2
Configure the Good router to be your BGP neighbor using the following parameters.
Parameter Service Provider IP address Service Providers AS number Table 6: Basic BGP parameters Value 192.168.20.20 20
Chapter Title
C-3
Task: Announcing networks

Step 3
Announce the IP prefix 197.x.0.0/16 by configuring it in the BGP routing process. Also announce network 192.168.x.0/24.
Verification:
Once the BGP process is started and a neighbor is configured you should use the following commands to verify the operation of BGP:
s
Verify that you have established a BGP session. Remember that it may take up to a minute to establish a BGP session.
WG1R1#show ip bgp summary BGP router identifier 192.168.20.1, local AS number 1 BGP table version is 25, main routing table version 25 24 network entries and 24 paths using 3192 bytes of memory 5 BGP path attribute entries using 260 bytes of memory 4 BGP AS-PATH entries using 96 bytes of memory 1 BGP community entries using 250 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP activity 24/0 prefixes, 24/0 paths, scan interval 15 secs Neighbor 192.168.20.20 WG1R1#
s
V 4
AS MsgRcvd MsgSent 20 9 4
TblVer InQ OutQ Up/Down State/PfxR 25 0 0 00:01:31 24
View detailed information about the neighbor.
WG1R1#show ip bgp neighbor 192.168.20.20 BGP neighbor is 192.168.20.20, remote AS 20, external link BGP version 4, remote router ID 199.199.199.199 BGP state = Established, up for 00:19:50 Last read 00:00:50, hold time is 180, keepalive interval is 60 seconds Neighbor capabilities: Route refresh: advertised and received Address family IPv4 Unicast: advertised and received Received 27 messages, 0 notifications, 0 in queue Sent 22 messages, 0 notifications, 0 in queue Route refresh request: received 0, sent 0 Minimum time between advertisement runs is 30 seconds For address family: IPv4 Unicast BGP table version 25, neighbor version 25 Index 1, Offset 0, Mask 0x2 24 accepted prefixes consume 864 bytes Prefix advertised 0, suppressed 0, withdrawn 0 Connections established 1; dropped 0 Last reset never Connection state is ESTAB, I/O status: 1, unread input bytes: 0 Local host: 192.168.20.1, Local port: 179 Foreign host: 192.168.20.20, Foreign port: 18395 Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes) rest deleted
C-4
Inspect the contents of the BGP table on your router. You should see a large number of networks being advertised by the Good provider.
WG1R1#show ip bgp BGP table version is 32, local router ID is 192.168.20.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network 128.20.0.0 128.22.0.0 128.26.0.0 128.37.0.0 128.42.0.0 128.51.0.0 128.213.0.0 128.214.0.0 192.20.11.0 192.22.11.0 192.26.11.0 192.37.11.0 192.42.11.0 192.51.11.0 192.168.1.0 192.168.2.0 192.168.3.2/32 192.168.3.3/32 Network *> 192.168.3.4/32 *> 192.168.3.8/30 *> 192.168.3.12/30 *> 192.168.3.16/30 *> 192.168.3.20/30 *> 192.213.11.0 *> 192.214.11.0 *> 197.1.0.0/16 *> 197.2.0.0/16 WG1R1# *> *> *> *> *> *> *> *> *> *> *> *> *> *> *> *> *> *>
s
Next Hop 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 0.0.0.0 192.168.20.2 192.168.20.3 192.168.20.3 Next Hop 192.168.20.3 192.168.20.3 192.168.20.3 192.168.20.3 192.168.20.3 192.168.20.20 192.168.20.22 0.0.0.0 192.168.20.2
Metric LocPrf Weight Path 0 0 20 i 0 0 20 i 0 0 20 42 26 i 0 0 20 42 37 i 0 0 20 42 i 0 0 20 42 26 51 i 0 0 20 213 i 0 20 22 214 i 0 0 20 i 0 0 20 i 0 0 20 42 26 i 0 0 20 42 37 i 0 0 20 42 i 0 0 20 42 26 51 i 0 32768 i 0 20 2 i 0 20 3 ? 0 20 3 ? Networks originating Metric LocPrf Weight Path in AS 3. 0 20 3 ? Origin code is 0 20 3 ? incomplete because 0 20 3 ? networks are redestributed. 0 20 3 ? 0 20 3 ? 0 0 20 213 i 0 20 22 214 i Network 0 32768 i originating 0 20 2 i in AS 2
Telnet from WGxR1 into the router Good and verify that it is receiving your networks over BGP. Verify that you receive networks announced by other customers. Perform ping and trace from WGxR4 to 192.20.11.1 (an Internet destination announced by router Good).
s s
Review Questions:
s s
What do you need in order to propagate classful networks? What do you need in order to propagate classless networks (supernets or subnets)? Why do some networks, received from router Good, have a next-hop address pointing to other routers? What command would you use to see if a neighbor is sending you any updates and how many?
Chapter Title
C-5
Laboratory Exercise B32: Managing large user networks

Objective:
Your network has grown and you can no longer rely on manually configuring your address space in the BGP process. Use redistribution to announce a large number of networks into the BGP routing process. Use route-maps to set the origin of BGP routes to "IGP" instead of "incomplete".
Command list:
Command router bgp as-number network network [mask mask] route-map name match ip address acl set origin igp redistribute igp pid route-map name show ip bgp Description Enter BGP configuration mode. Announce network in BGP Enter route-map configuration mode Match routes in a route-map Set origin in a route-map Redistribute from your IGP into BGP. Inspect the contents of the BGP table.
Table 7: Configuration and monitoring commands used for basic BGP setup using redistribution
Guidelines:
Remove all networks from your BGP definitions and announce them by using redistribution from your IGP into BGP with a route-map, which sets the origin code to IGP. Make sure that you do not announce 192.168.20.0/24 and 192.168.21.0/24 networks into BGP.
Task: Preparing the lab for this exercise

Step 1
Remove all BGP network statements from the previous exercise.
Verification
s
Telnet to Good router and verify that it no longer receives your networks.
C-6
Task: Configuring a route-map for filtering of redistributed prefixes

Step 2
Configure an access list that permits all your networks except those that are shared among workgroups. Configure a route-map. Use the new access-list with a match command in the route-map. Use the set command in the route-map to set the origin to IGP.
Note Route map names are case sensitive.
Step 3
Task: Enabling route redistribution.

Step 4
Configure redistribution from your IGP into BGP by using a previously configured route map.
Verification:
s
Log into the service-providers router and verify that it receives proper networks from you.
Good>show ip bgp BGP table version is 70, local router ID is 199.199.199.199 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete
Individual subnets are seen if no autosummary command is used in BGP.
Network . . . *> 192.168.1.0/30 *> 192.168.1.0 *> 192.168.1.4/30 *> 192.168.1.8/30 *> 197.1.1.0 *> 197.1.2.0 *> 197.1.3.0 *> 197.1.4.0 *> 197.1.5.0 *> 197.1.6.0 *> 197.1.7.0 *> 197.1.8.0 . . . Good>
s
Next Hop 192.168.20.1 192.168.20.1 192.168.20.1 192.168.20.1 192.168.20.1 192.168.20.1 192.168.20.1 192.168.20.1 192.168.20.1 192.168.20.1 192.168.20.1 192.168.20.1
Metric LocPrf Weight Path 0 0 2681856 3193856 0 2297856 2297856 2809856 2809856 3321856 3321856 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 1 i i i i i i i i i i i i
Make sure you are not originating networks 192.168.20.0/24 and 192.168.21.0/24. Verify that your networks are removed from BGP tables when they become unavailable (try shutting down one of the loopback interfaces).
Review Questions:
s
What is the major difference between this implementation and the previous one? Which is better and why? What precautions do you have to take when using redistribution?
Chapter Title
C-7
Laboratory Exercise B43: End-user Route Aggregation

Objective:
Your ISP has requested that you provide only summarized prefixes for your address range 197.x.0.0. However, due to diagnostic needs, you still need to announce the network 197.x.8.0. Configure BGP aggregation as requested, using the aggregate-address command.
Command List:
Command router bgp x aggregate-address network mask [summaryonly] show ip bgp show ip bgp network Description Enter BGP configuration mode. Create summary prefixes. Use the summary-only keyword to suppress more specific prefixes. Inspect the contents of the BGP table. View detailed information about prefixes (aggregates).
Table 8: Configuration and monitoring commands used for basic BGP setup with aggregation
Task: Creating aggregates in the BGP table

Step 1
Log into the Good router; verify that the ISP sees all your individual loopback networks. Use the aggregate command in your BGP process as needed.
Note Use keyword summary-only if you do not want to announce individual prefixes.
Step 2
Verification:
s s
Check the BGP table on your router WGxR1. Log into the service-providers router and check its BGP table. Suppressed networks should not be visible on router Good. View detailed information about one of the aggregates.
C-8
Review Questions:
s s
Do you see all your prefixes on the provider router? Why? What do you need to be able to generate and propagate aggregates?
Chapter Title
C-9
Overview
The exercises in this chapter give you hands-on experience with topics discussed in the BGP Route Filtering and Route Selection chapter. In this chapter, you will perform the configuration tasks performed by a customer who wants to achieve redundant Internet access by getting Internet connectivity from two independent Internet Service Providers. In the first exercise of this chapter, you will establish a second BGP session with an alternate Internet Service Provider. When an autonomous system is multi-homed it needs to perform filtering in order to avoid becoming itself a transit autonomous system (service provider). The other exercises in this chapter will help you get hands-on experience with AS path filters, prefix-lists and weights. You will also learn how to use inbound soft reconfiguration and limit on the number of received BGP prefixes.
Laboratory Exercise C-5: Basic Multi-homed BGP Setup

Objective:
You have started to provide mission-critical e-commerce services and you must ensure their high availability. You decide to connect to another Internet Service Provider (Cheap), using Cheap as your primary ISP and Good as your backup ISP. Configure a BGP session with the second ISP and configure a routing policy that will result in Cheap being your primary Internet Service Provider.
Command List:
Command router bgp x neighbor ip-address remote-as as neighbor ip-address weight weight show ip bgp summary show ip bgp Task Enter BGP configuration mode. Start BGP session with the neighboring autonomous system. Assign weight to all updates received from the specified neighbor. Verify the state of BGP sessions. Inspect the contents of the BGP table.
Table 9: Configuration and monitoring commands used for multi-homed BGP setup
C-2
Visual Objective:
From the R1 in your workgroup, you will establish the second BGP session with the Cheap provider.
Client Client ISP
WGxR4
WGxR3
WGxR2
WGxR1
BG P se n io ss
BG P
se ss io
Good
Cheap
Figure 4: Connecting to two different service providers
Task: Establishing a peering to another neighbor

Step 3
Configure the second BGP neighbor using the following parameters:

Service provider Provider Cheap Parameter AS number IP address Value 22 192.168.20.22
Table 10: Multi-homed BGP parameters Step 4
Change the default weight on neighbor Cheap to 100 using the neighbor ipaddress weight weight command to give preference to routes announced from router Cheap over those announced from router Good.
Note The BGP weights are covered in more detail in one of the following lab exercises.
Chapter Title
C-3
Verification:
s
Verify that both BGP sessions are up.

WG1R1#sh ip bgp summary BGP router identifier 197.1.8.1, local AS number 1 BGP table version is 49, main routing table version 49 40 network entries and 65 paths using 6220 bytes of memory 22 BGP path attribute entries using 1144 bytes of memory Both sessions are up and 25 prefixes were 13 BGP AS-PATH entries using 312 bytes of memory received from both 1 BGP community entries using 250 bytes of memory neighbors. 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP activity 143/1379 prefixes, 221/144 paths, scan interval 15 secs Neighbor State/PfxR 192.168.20.20 25 192.168.20.22 25 WG1R1# V 4 4 AS MsgRcvd MsgSent 20 22 411 45 412 34 TblVer InQ OutQ Up/Down 49 49 0 0 0 00:07:10 0 00:07:11
Check all the BGP prefixes with two paths to verify that your router prefers the one through router Cheap.
WG1R1#sh ip bgp BGP table version is 49, local router ID is 197.1.8.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network * 128.20.0.0 *> * 128.22.0.0 *> * 128.26.0.0 *> * 128.37.0.0 *> * 128.42.0.0 *> * 128.51.0.0 *> * 128.213.0.0 *> * 128.214.0.0 *> * 192.20.11.0 *> . . . Next Hop 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.20 192.168.20.22 192.168.20.22 192.168.20.20 192.168.20.22 Metric LocPrf Weight Path 0 100 20 i 0 200 22 i 0 100 20 i 0 200 22 i 0 100 20 42 26 i 0 200 22 26 i 0 100 20 42 37 i 0 200 22 26 42 37 i 0 100 20 42 i 0 200 22 26 42 i 0 100 20 42 26 51 i 0 200 22 26 51 i 0 100 20 213 i 200 22 3 20 i 100 20 22 214 i 0 200 22 214 i 0 100 20 i 0 200 22 i
Both paths have the same nexthop address.
Review Questions:
s
What can happen if a multi-homed autonomous system is passing routing information, learned from one neighbor, to another neighbor? Why do some prefixes have two paths but both use the same next-hop address?
C-4
Laboratory Exercise C62: Multi-homed BGP Setup with AS Path Filtering

Objective:
Your Service Providers complain that you propagate routes between them and you could potentially become a transit network. You have also discovered that the Service Provider Cheap does not provide you with good connectivity to your users in AS 213. Therefore you want to accept the routes originating in AS 213 only from the provider Good. Customers in AS 214 request that you use only the Cheap provider to communicate with them due to security reasons. Use AS-path filters to filter incoming routes and to limit propagation of transit routes.
Command List:
Command router bgp x neighbor ip-address filter-list n {in|out} ip as-path access-list n permit regexp show ip bgp show ip bgp regexp regexp show ip bgp filter-list n clear ip bgp neighbor Description Enter BGP configuration mode. Filter incoming or outgoing updates with the specified AS path filter. Specify the AS path filter. Inspect the contents of the BGP table. Use a regular expression to filter the output of show ip bgp command. Use this command to check a filter. Clears the BGP session
Table 11: Configuration and monitoring commands used for advanced multi-homed BGP setup
Chapter Title
C-5
Background Information:
The structure of autonomous systems beyond the AS 20 and AS 22 is shown in the following figure. Use this information in your verifications and during troubleshooting.
Your workgroup AS x Other workgroups Other workgroups
WG x R1
Good
Cheap
AS 213
Good provider AS 20
Cheap provider AS 22
AS 214
AS 37
AS 42
AS 42
AS 51
Figure 5: Structure of autonomous systems beyond your upstream Service Providers
Guidelines:
Select routes between the Good and the Cheap service providers based on the following criteria:
s s s
Accept routes originating in AS 213 only from router Good; Accept routes with AS 214 in the AS PATH only from router Cheap; Ensure that you dont act as transit AS between the two Service Provider routers (Good and Cheap).
Task: Verify Service Provider Claims

Step 1
Log into the Good and Cheap router and verify the Service Provider claims that you propagate the routes between them.
Task: Configuring AS path access lists

Step 2
With the ip as-path access-list command, configure an AS path access list to deny routes that have number 213 as the last number in the AS path. The filter should permit all other routes. Configure another AS path access list to deny routes that contain number 214 in the AS path. The filter should permit all other routes.
Step 3
C-6
Step 4
Configure an AS path access list to permit prefixes originating in your autonomous system and deny all other prefixes.
Task: Applying AS path access lists

Step 5
Apply the AS-path access lists configured in the previous steps to your BGP neighbors.
Verification:
s
Verify that all paths containing AS 214 are received only from router Good and that all paths containing AS 213 are received only from router Cheap.
WG1R1#sh ip bgp BGP table version is 84, local router ID is 197.1.8.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network * 128.20.0.0 *> * 128.22.0.0 *> * 128.26.0.0 *> * 128.37.0.0 *> * 128.42.0.0 *> * 128.51.0.0 *> *> 128.213.0.0 *> 128.214.0.0 * 192.20.11.0 *> * 192.22.11.0 *> * 192.26.11.0 *> * 192.37.11.0 *> * 192.42.11.0 *> * 192.51.11.0 *> . . . * 192.213.11.0 *> 192.214.11.0 . . . WG1R1# Next Hop 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 Metric LocPrf Weight Path 0 20 i 0 22 i 0 20 i 0 22 i 0 20 42 26 i 0 22 26 i 0 20 42 37 i 0 22 26 42 37 i 0 20 42 i 0 22 26 42 i 0 20 42 26 51 i 0 22 26 51 i 0 20 213 i 0 22 214 i 0 20 i 0 22 i 0 20 i 0 22 i 0 20 42 26 i 0 22 26 i 0 20 42 37 i 0 22 26 42 37 i 0 20 42 i 0 22 26 42 i 0 20 42 26 51 i 0 22 26 51 i 0 0 20 213 i 22 214 I
Verify that routers Good and Cheap are not receiving any prefixes that do not originate in your autonomous system.
Good>sh ip bgp reg ^1_ BGP table version is 47, local router ID is 199.199.199.199 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 192.168.1.0/30 Next Hop 192.168.20.1 Metric LocPrf Weight Path 0 0 1 i
Chapter Title C-7
*> 192.168.1.0 *> 192.168.1.4/30 *> 192.168.1.8/30 *> 197.1.0.0/21 *> 197.1.0.0/16 *> 197.1.8.0/22 Good>
192.168.20.1 192.168.20.1 192.168.20.1 192.168.20.1 192.168.20.1 192.168.20.1
0 2681856 3193856
0 0 0 0 0 0
1 1 1 1 1 1
i i i i i i
Review Questions:
s
By this time a BGP table should contain a large number of prefixes. What regular expression would you use with the show ip bgp command on WGxR1 to view prefixes originated by your autonomous system? What regular expression would you use on router Good or Cheap to view prefixes originating in your autonomous system? What regular expression would you use on router Good or Cheap to view prefixes received from your autonomous system? How can you test your AS path filters before applying them and clearing BGP neighbors?
C-8
Laboratory Exercise C-7: Configuring BGP Filters with Prefix Lists

Objective:
The memory consumption on WGxR1 has increased due to the large BGP tables received from your Service Providers. You realize that the Service Providers announce a large number of very small prefixes to you. Some of the announced prefixes are also in private IP address space. In this exercise you will minimize the size of the BGP table on your router with inbound filters implemented with prefix lists. You will also filter any prefixes in private IP address space that you might receive from your Service Providers.
Command List:
Command router bgp x ip prefix-list name [seq n] {permit|deny} prefix/length [ge length | le length] neighbor neighbor prefix-list prefix-list in show ip bgp show ip bgp regexp regexp clear ip bgp neighbor Description Enter BGP configuration mode. Enter a prefix list. Filter incoming prefixes. Inspect the contents of the BGP table. Use a regular expression to filter the output of show ip bgp command. Clears the BGP session
Table 12: Configuration and monitoring commands used with prefix lists
Guidelines:
Your analysis shows that you must perform the following tasks to minimize the size of the BGP table on router WGxR1:
s s s
Do not accept any subnets of class-B networks from router Cheap. Do not accept class-C networks or its subnets from router Good. Do not accept any private networks (RFC 1918) from either neighbor.
Use prefix lists to perform these tasks.
Chapter Title
C-9
Task: Creating prefix lists

Step 6
Create prefix lists to filter incoming updates from router Good and Cheap.
Task: Applying prefix lists

Step 7
Apply the prefix lists you have created to input updates coming from routers Good and Cheap.
Verification:
s
Inspect your BGP table and check the proper operation of your prefix-list filters.
WG1R1#sh ip bgp reg ^20_ BGP table version is 88, local router ID is 197.1.8.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network 128.20.0.0 128.22.0.0 128.26.0.0 128.37.0.0 128.42.0.0 128.51.0.0 128.213.0.0 128.214.0.0 197.2.0.0/16 Next Hop 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.22 192.168.20.2 Metric LocPrf Weight Path 0 20 i 0 20 i 0 20 42 26 i 0 20 42 37 i 0 20 42 i 0 20 42 26 51 i 0 20 213 i 20 22 214 i 20 2 I
* * * * * * *> * *
Review Questions:
s s
Are neighboring workgroups still reachable? Why does router WGxR1 still accept class-B networks from router Cheap?
C-10
Laboratory Exercise C-8: BGP Route Selection with Weights

Objective:
Currently you are using the Service Provider Cheap as your primary provider of Internet connectivity and the Service Provider Good as your backup provider. As the result of this policy, the link toward the Good service provider is underutilized, whereas the link toward the Cheap provider is overloaded. An analysis of the Internet structure beyond your Service Providers indicates that you could improve the link utilization if you send traffic toward AS213 and AS37 directly to the Good service provider. In this exercise, you will improve the simple routing policy created in Laboratory Exercise C -5: Basic Multi-homed BGP Setup by using BGP weights in combination with AS-path access-lists.
Command List:
Command router bgp x neighbor ip-address weight weight neighbor ip-address filter-list n weight weight Description Enter BGP configuration mode. Assign weight to all received updates from specified neighbor. Assign weight to all received updates permitted by the specified AS path filter. This command may no longer be available in newer Cisco IOS releases. Use a route-map to set weight if the above-mentioned command is not available. Verify if both BGP sessions are up. Inspect the contents of the BGP table. Clear the BGP session with your neighbor
route-map name {permit | deny} seq match set weight weight show ip bgp summary show ip bgp clear ip bgp
Table 13: Configuration and monitoring commands used to set weights
Guidelines:
Implement the following routing policy:
s
Prefer routes announced from router Cheap over those announced from router Good. Prefer routes going through or originating in AS 213 or AS 37 from router Good.
Chapter Title C-11
Task: Creating an AS path access list

Step 1
Create an AS path access list that permits AS-numbers 213 and 37 in the AS path.
Task: Setting per-neighbor default weights

Step 2 Step 3
Set default weights for both neighboring routers. Inspect your BGP table to verify that you prefer routes coming from Cheap over routes coming from Good.
Task: Using AS path filters to set weights with filter-list weight command (option 1)
Step 4
Change weights for routes coming from router Good and matching the AS-path access-list you have created.
Note This command may no longer be available in newer Cisco IOS versions. Use option 2 in that case.
Task: Using AS path filters within route maps to set weights (option 2)
Step 5
Create a new route map. Use previously configured AS-path access-list as the match condition in one of the route-map statements and set weight of matched routes as needed. Apply the route map to incoming updates from router Good.
Step 6
Verification:
s
Verify your BGP table to see if all prefixes with two paths prefer the one through router Cheap.
WG1R1#sh ip bgp BGP table version is 49, local router ID is 197.1.8.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete * *> * *> * *> * *> * *> * *> *> *> Network 128.20.0.0 128.22.0.0 128.26.0.0 128.37.0.0 128.42.0.0 128.51.0.0 128.213.0.0 128.214.0.0 Next Hop 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 Metric LocPrf Weight Path 0 100 20 i 0 200 22 i 0 100 20 i 0 200 22 i 0 100 20 42 26 i 0 200 22 26 i 0 300 20 42 37 i 0 200 22 26 42 37 i 0 100 20 42 i 0 200 22 26 42 i 0 100 20 42 26 51 i 0 200 22 26 51 i 0 300 20 213 i 100 20 22 214 i
C-12
* * 192.20.11.0 *> * 192.22.11.0 *> * 192.26.11.0 *> * 192.37.11.0 *> * 192.42.11.0 *> * 192.51.11.0 *> . . . *> 192.213.11.0 *> 192.214.11.0 *> . . . WG1R1#
192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.22 192.168.20.22
0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
200 100 200 100 200 100 200 300 200 100 200 100 200
22 214 i 20 i 22 i 20 i 22 i 20 42 26 i 22 26 i 20 42 37 i 22 26 42 37 i 20 42 i 22 26 42 i 20 42 26 51 i 22 26 51 i
300 20 213 i 300 20 22 214 i 200 22 214 I
Review Questions:
s
Did all paths automatically get weight 100 or 200? Why not? What did you have to do? Name some parameters and attributes used for best-path selection.
Chapter Title
C-13
Laboratory Exercise C910: Using Maximum-prefix command and BGP Soft Reconfiguration
Objective:
You have noticed that one of your upstream Service Providers occasionally announces a very large number of BGP prefixes, resulting in memory and CPU overload on your R1. You suspect that they might have internal problems and would like to be protected against these problems. In the meantime, your customers complain that they are sometimes unable to reach your e-commerce servers. You suspect that the frequent changes in your BGP routing policies might be the reason and you would like to implement a mechanism that enables you to perform non-disruptive changes in routing policies. Unfortunately your Service Providers run an IOS release that does not support BGP route-refresh functionality. In this exercise you will limit the maximum number of BGP prefixes that your Service Providers are allowed to send to your workgroup. You will also configure soft reconfiguration to enable non-disruptive changes in BGP routing policies.
Command List:
Command router bgp x neighbor neighbor soft-reconfiguration inbound neighbor neighbor maximum-prefix max show ip bgp show ip neighbor neighbor show ip neighbor neighbor received-routes show ip bgp regexp regexp Task Enter BGP configuration mode. Enable inbound soft reconfiguration. Specify the allowed maximum number of prefixes. Inspect the contents of the BGP table. Show detailed information about a specific neighbor. View all updates received from the specified neighbor (before filters). Use a regular expression to filter the output of show ip bgp command.
Table 14: Configuration and monitoring commands used with max-prefix and soft reconfiguration
C-14
Guidelines:
Perform the following two tasks on router WGxR1:
s
Enable inbound soft reconfiguration to ease troubleshooting.

Using the neighbor soft-reconfiguration command may require your router to have much more memory than normally needed.
Note
Note
s
Outbound soft reconfiguration does not require any special configuration.
Do not accept more than 15 prefixes from router Cheap.
Task: Enable inbound soft reconfiguration

Step 1
Enable inbound soft reconfiguration on both neighbors.
Task: Limiting the number of allowed prefixes

Step 2
Set a limit to the number of prefixes your router WGxR1 accepts from router Cheap.
Verification:
s
Verify if both neighbors are up. If not, find out why.

22:46:40: %BGP-4-MAXPFX: No. of prefix received from 192.168.20.22 (afi 0) reaches 12, max 15 22:49:00: %BGP-3-MAXPFXEXCEED: No. of prefix received from 192.168.20.22 (afi 0): 16 exceed limit 15 WG1R1#sh ip bgp summary BGP router identifier 197.1.8.1, local AS number 1 BGP table version is 72, main routing table version 72 41 network entries and 41 paths using 5453 bytes of memory 18 BGP path attribute entries using 936 bytes of memory 10 BGP AS-PATH entries using 256 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 5 BGP filter-list cache entries using 60 bytes of memory 16 received paths for inbound soft reconfiguration BGP activity 300/2803 prefixes, 522/469 paths, scan interval 15 secs Neighbor V State/PfxRcd 192.168.20.20 4 192.168.20.22 4 (PfxCt) AS MsgRcvd MsgSent 20 22 1504 1123 1451 1073 TblVer InQ OutQ Up/Down 72 0 0 0 0 00:26:44 10 0 00:00:37 Idle
WG1R1#sh ip bgp neighbor 192.168.20.22 BGP neighbor is 192.168.20.22, remote AS 22, external link BGP version 4, remote router ID 0.0.0.0 BGP state = Idle Last read 00:04:48, hold time is 180, keepalive interval is 60 seconds Received 1123 messages, 0 notifications, 0 in queue Sent 1073 messages, 1 notifications, 0 in queue Route refresh request: received 0, sent 0
Chapter Title
C-15
Minimum time between advertisement runs is 30 seconds Default weight 200 For address family: IPv4 Unicast BGP table version 72, neighbor version 0 Index 2, Offset 0, Mask 0x4 Inbound soft reconfiguration allowed Inbound path policy configured Outbound path policy configured Incoming update prefix filter list is FromCheap Incoming update AS path filter list is 2 Outgoing update AS path filter list is 3, maximum limit 15 Threshold for warning message 75% Connections established 6; dropped 6 Last reset 00:04:48, due to Error during connection collision Peer had exceeded the max. no. of prefixes configured. Reduce the no. of prefix and clear ip bgp 192.168.20.22 to restore peering No active TCP connection WG1R1#
s
Increase the number of allowed prefixes to continue testing. Clear the neighborship with router Cheap afterward. Check the prefix filters from the earlier exercise. Compare output of show ip bgp reg ^20_ and show ip bgp neighbor 192.168.20.20 received-routes. Do the same for router Cheap.
WG1R1#sh ip bgp reg ^20_ BGP table version is 88, local router ID is 197.1.8.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete * * * * * * *> * * Network 128.20.0.0 128.22.0.0 128.26.0.0 128.37.0.0 128.42.0.0 128.51.0.0 128.213.0.0 128.214.0.0 197.2.0.0/16 Next Hop 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.22 192.168.20.2 Metric LocPrf Weight Path 0 20 i 0 20 i 0 20 42 26 i 0 20 42 37 i 0 20 42 i 0 20 42 26 51 i 0 20 213 i 20 22 214 i 20 2 I
WG1R1#sh ip bgp neighbors 192.168.20.20 received-routes BGP table version is 88, local router ID is 197.1.8.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network 128.20.0.0 128.22.0.0 128.26.0.0 128.37.0.0 128.42.0.0 128.51.0.0 128.213.0.0 128.214.0.0 192.20.11.0 192.22.11.0 192.26.11.0 192.37.11.0 192.42.11.0 192.51.11.0 192.168.2.0 Next Hop 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.22 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.20 192.168.20.2 Metric LocPrf Weight Path 0 0 20 i 0 0 20 i 0 0 20 42 26 i 0 0 20 42 37 i 0 0 20 42 i 0 0 20 42 26 51 i 0 0 20 213 i 0 20 22 214 i 0 0 20 i 0 0 20 i 0 0 20 42 26 i 0 0 20 42 37 i 0 0 20 42 i 0 0 20 42 26 51 i 0 20 2 i
* * * * * * *> * * * * * * * *
C-16 Multi-homed Autonomous System
* * * * * * * * * *
192.168.3.2/32 192.168.3.3/32 192.168.3.4/32 192.168.3.8/30 192.168.3.12/30 192.168.3.16/30 192.168.3.20/30 192.213.11.0 192.214.11.0 197.2.0.0/16
192.168.20.3 192.168.20.3 192.168.20.3 192.168.20.3 192.168.20.3 192.168.20.3 192.168.20.3 192.168.20.20 192.168.20.22 192.168.20.2
0 0 0 0 0 0 0 0 0 0
20 20 20 20 20 20 20 20 20 20
3 ? 3 ? 3 i 3 ? 3 ? 3 ? 3 ? 213 i 22 214 i 2 i
Total number of prefixes 26 WG1R1#

s
Verify whether the neighboring workgroups are still reachable using trace or ping from WGxR4.
Chapter Title
C-17
Transit Autonomous System
Overview
This chapter covers BGP setups that are associated with autonomous systems of Tier-1 and Tier-2 service providers. A transit autonomous system is placed between customers and other service providers autonomous systems. In addition it covers BGP mechanisms to increase stability and scalability of the autonomous systems. Exercises in this chapter cover transit autonomous system setup, AS path filters that are usually deployed in Service Provider networks, BGP route reflectors and BGP confederations. This chapter supports the BGP Transit Autonomous System, BGP Route Reflectors and BGP Confederations chapter.
Laboratory Exercise D11: Full-mesh IBGP Transit Autonomous System

Objective:
With the explosion of the Internet, you decide to become an Internet Service Provider and you already have your first customer. Unfortunately, the customer is only willing to pay you for connectivity toward your own network and toward AS37. In this exercise you will transform your network into a transit autonomous system running BGP on all core routers.
Command List:
Command router bgp x neighbor neighbor remote-as x neighbor neighbor update-source interface show ip bgp show ip bgp regexp regexp no synchronization Task Enter BGP configuration mode. Establish an IBGP session by using your workgroup number as the AS number. Use specified interfaces IP address as the source address for the BGP session. Inspect the contents of the BGP table. Use a regular expression to filter the output of show ip bgp command. Disables synchronization of IGP and BGP routes
Table 15: Configuration and monitoring commands used for full-mesh IBGP
C-2
Visual objective:
The following figure displays the required BGP connectivity within your autonomous system as well as the BGP sessions with your customer and your upstream Internet Service Providers.
P G EB
ion ss se
Client
WGxR4
WGxR3
Full mesh of IBGP sessions
WGxR2
G EB
ion ss se
WGxR1E
BG
se
ss
ion
Good
Cheap
Figure 6: Creating a full mesh of IBGP sessions
Guidelines:
This exercise includes the following tasks:
s
Start a BGP process on all routers in your workgroup. Configure a full mesh of IBGP sessions between all routers in your AS. Establish BGP sessions between Loopback0 interfaces. Propagate only your own networks and networks originating in AS 37 to router Client. Make sure you accept only the networks originating in AS 99 from router Client.
Task: Start the BGP process on all routers

Step 1
To clean up your BGP configuration, remove the BGP process and the default route from IGP on WGxR1.
Chapter Title C-3
Step 2 Step 3
Start the BGP process on all routers in your workgroup. Advertise your prefixes (197.x.0.0/16 and 192.168.x.0/24) in BGP on router WGxR1 and WGxR4. Reestablish neighborships to routers Good and Cheap without any filters on router WGxR1. Use the parameters from the following table
Router Good Cheap AS number 20 21 IP address 192.168.20.20 192.168.20.21
Step 4
Table 16: BGP parameters of routers Good and Cheap Step 5
Establish a BGP session with router Client on router WGxR4. Use the parameters from the following table.
Parameter Client IP address Client AS number Value 192.168.21.99 99
Table 17: BGP parameters of your customer Step 6
On every router in your workgroup, configure all routers in your workgroup as IBGP neighbors (IBGP full mesh). Establish IBGP sessions between loopback interfaces.
Verification:
s
Use traceroute from router Client to the loopback interface on router WGxR1 (192.x.1.1). You should see a path similar to the one below:
Client#traceroute 197.1.1.1 Type escape sequence to abort. Tracing the route to 197.1.1.1 1 192.168.21.1 4 msec 4 2 192.168.1.9 [AS 1] 20 3 192.168.1.5 [AS 1] 32 4 192.168.1.1 [AS 1] 44 Client# msec msec msec msec 4 msec 16 msec 16 msec 32 msec 28 msec * 44 msec
Use traceroute from router WGxR1 to the loopback interface on router Client (197.99.1.1). You should see a path similar to the one below:
WG1R1#traceroute 197.99.1.1 Type escape sequence to abort. Tracing the route to 197.99.1.1 1 192.168.1.2 16 msec 16 msec 17 msec 2 192.168.1.6 32 msec 32 msec 28 msec 3 192.168.1.10 44 msec 40 msec 40 msec 4 192.168.21.99 48 msec * 44 msec WG1R1#
Check the BGP table on router Client. How many prefixes coming from your autonomous system are in that BGP table? ____________ Is there any other
C-4
way of discovering how many prefixes youve advertised to the Client router? ________________________________
Task: Establish Filters Toward Your Customer

As the last steps in this exercise, you have to establish route filters toward your customer on WGxR4
Step 7
Create an AS path filter to permit your own networks and networks originating in AS 37. Create an AS path filter to permit networks originating in AS 99. Apply the AS-path filters to your customer.
Step 8 Step 9
Verification:
s
Check to see if router Client is only receiving your networks and those originating in AS 37.
Client#sh ip bgp reg ^1_ BGP table version is 2163, local router ID is 197.99.1.1 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 128.37.0.0 *> 192.37.11.0 *> 192.168.1.0 *> 197.1.1.0 *> 197.1.2.0 *> 197.1.3.0 *> 197.1.4.0 *> 197.1.5.0 *> 197.1.6.0 *> 197.1.7.0 *> 197.1.8.0 Client# Next Hop 192.168.21.1 192.168.21.1 192.168.21.1 192.168.21.1 192.168.21.1 192.168.21.1 192.168.21.1 192.168.21.1 192.168.21.1 192.168.21.1 192.168.21.1 Metric LocPrf Weight 0 0 3193856 0 3321856 0 2809856 0 2809856 0 2297856 0 2297856 0 0 0 0 0 3321856 0 Path 1 20 42 37 i 1 20 42 37 i 1 i 1 i 1 i 1 i 1 i 1 i 1 i 1 i 1 i
Make sure your IGP carries only your internal networks with show ip route ospf command.
Review Questions:
s s
Why did you have to disable synchronization? Why did you have to establish a full mesh of IBGP sessions?
Chapter Title
C-5
Laboratory Exercise D12: BGP Route Reflectors

Objective:
You decide to implement hierarchical BGP route reflectors in your network in order to be prepared for future network expansion. In this exercise, you will replace the IBGP full-mesh with a hierarchy of BGP route reflectors.
Command List:
Command router bgp x bgp cluster-id id neighbor neighbor route-reflector-client Description Enter BGP configuration mode. Specify the Cluster ID. Establish an IBGP session by using your workgroup number as the AS number. Inspect the contents of the BGP table. Use a regular expression to filter the output of show ip bgp command.
show ip bgp show ip bgp regexp regexp
Table 18: Configuration and monitoring commands used with BGP route-reflectors
Guidelines:
Configure IBGP sessions in your autonomous system according to this design:
s
Cluster #1 is your top-level cluster. Within this cluster, router WGxR3 is the router reflector and WGxR2 is the client. WGxR3 is the route reflector in cluster #2 and WGxR1 is its client. Router WGxR4 is not participating in any cluster and needs to be in IBGP full mesh with top-level route reflectors.
s s
C-6
The required IBGP sessions and the cluster structure are outlined in the next figure.
GP EB
s se
n sio
Client
WGxR4
Cluster #1
RR WGxR3
C RR WGxR2
Cluster #2
GP EB
n io ss se
WGxR1E
BG
se
ss io n
Good
Cheap
Figure 7: Implementing a BGP route reflector design
Remove all IBGP sessions that are no longer needed. Configure a cluster ID on all routers that require it. Configure client IBGP sessions.
Task: Configure the Top-Level Route Reflector WGxR3

Step 1
Configure cluster ID 101 on the top-level route reflector WGxR3. Configure the clients on WGxR3 and remove unnecessary IBGP sessions.
Task: Configure the Second-Level Route Reflector WGxR2

Step 2
Configure cluster ID 102 on the WGxR2. Configure the clients of WGxR2 and remove unnecessary IBGP session from WGxR2.
Task: Remove Unnecessary BGP Neighbors

Step 3
Remove the IBGP session that are no longer needed from WGxR1 and WGxR4
Chapter Title
C-7
Verification:
s s
Repeat the tests from the previous exercise. The results should be the same. Check to see if attribute Cluster-list is applied to routes passing through the autonomous system.
WG1R1#sh ip bgp 197.99.1.0 BGP routing table entry for 197.99.1.0/24, version 64 Paths: (1 available, best #1, table Default-IP-Routing-Table) Advertised to non peer-group peers: 192.168.20.20 192.168.20.22 99 192.168.21.99 (metric 3219456) from 197.1.2.1 (197.1.7.1) Origin IGP, metric 0, localpref 100, valid, internal, best Originator: 197.1.7.1, Cluster list: 0.0.0.2, 0.0.0.1 WG1R1#
Review Questions:
s s s
Did this design require you to configure a Cluster ID? What is the default Cluster ID? When do you have to configure a Cluster ID?
C-8
Laboratory Exercise D13: BGP Confederations

Objective:
You want to implement regional routing policies in your network and you decide to use BGP confederations. BGP confederations allow you to implement different routing policies for each member autonomous system based on the intraconfederation portion of the AS-path. In this exercise, you will replace the IBGP full-mesh (or the IBGP setup with BGP route reflectors from the previous exercise) with a BGP confederation.
Command List:
Command router bgp as-number bgp confederation identifier x bgp confederation peers as1 [as2 [as3] ] show ip bgp show ip bgp regexp regexp neighbor ip-address remote-as as-number neighbor ip-address update-source interface neighbor ip-address ebgp-multihop Description Enter BGP configuration mode Specify the real AS number. List the neighboring intra-confederation autonomous systems. Inspect the contents of the BGP table. Use a regular expression to filter the output of show ip bgp command. Configure BGP neighbor Configure the source interface of a BGP session Configure an EBGP session between neighbors that are not directly connected
Table 19: Configuration and monitoring commands used with BGP confederations
Chapter Title
C-9
Visual Objective:
The AS numbers you shall use in your network as well as the BGP sessions you have to established are shown in the figure below
GP EB
ss se
ion
Client
AS x
WGxR4
AS 65003
WGxR3
AS 65002 AS 65001
WGxR2
GP EB
se
io ss
WGxR1E
n
BG
se
ss io n
Good
Cheap
Figure 8: Implementing a BGP Confederation design
Guidelines:
Remove all BGP processes and start new processes with private AS numbers according to the following rules:
s s s
WGxR1 AS 65001 WGxR2 and WGxR3 AS 65002 WGxR4 AS 65003 Routers in member autonomous systems should originate their own networks. The sessions should be established between Loopback0 interfaces as shown in Figure 8. AS 99 should receive only prefixes originating in your AS x and AS 37. You should accept only prefixes originating in AS 99 from router Client.
C-10
Task: Common configuration

Perform the following steps on all routers.
Step 1 Step 2
Remove the BGP process and start a new BGP process with member AS number. Announce networks originating in this sub-autonomous system. Also announce network 192.168.x.0/24. Set the confederation identifier by using your real AS number. List all intra-confederation neighboring autonomous systems by using the bgp confederation peers command. Establish intra-confederation EBGP sessions and IBGP sessions within the member-AS. Use loopback interfaces for all BGP sessions.
Step 3
Step 4
Task: Additional router-specific configuration

Step 5 Step 6 Step 7
On WGxR1, configure routers Good and Cheap as your BGP neighbors. On WGxR4, configure router Client as your BGP neighbor. On WGxR4, apply AS-path filters to incoming and outgoing updates toward router Client.
Note The filter that permits networks originating in your autonomous system needs to be changed to permit all prefixes originating in all intra-confederation autonomous systems.
Verification:
s
Repeat the tests from the previous exercise. The results should be the same.
Review Questions:
s
What additional command did you have to use to establish intra-confederation EBGP sessions between loopback interfaces? Why did you have to change the AS-path filters?
Chapter Title
C-11
Advanced BGP Configuration Exercises
Overview
Typical Service Provider environments require use of advanced BGP attributes, including Local Preference, Multi-Exit Discriminator (MED) and BGP communities. Service Providers also commonly use BGP route flap dampening to increase the stability of their networks. This chapter contains laboratory exercises where Local Preference, Multi-exit discriminator and BGP Communities are used to implement a complex BGP routing policy. The last exercise gives you insight how you can combine BGP communities with BGP route flap dampening to selectively increase the stability of your network. The exercises in this chapter support the Advanced BGP Configuration chapter.
Laboratory Exercise E14: BGP Local Preference

Objectives:
You want to establish two links with the Good Service Provider to increase the reliability of your Internet service. With several links connecting you to the same Service Provider, you must use Local Preference in your autonomous system to ensure consistent AS-wide routing policy. In this exercise, you will establish the second link toward the Good service provider and use the Local Preference attribute to select the newly established link as the preferred exit point from your network.
Command List:
Command router bgp as-number neighbor neighbor route-map name {in|out} Description Enter BGP configuration mode Use this command to apply a route map to incoming or outgoing routing updates. Use this command within a route-map to set the Local Preference attribute. Inspect the contents of the BGP table. Use a regular expression to filter the output of show ip bgp command. Restarts the BGP session with your BGP neighbor
set local-preference num show ip bgp show ip bgp regexp regexp clear ip bgp
Table 20: Configuration and monitoring commands used with Local Preference attribute
C-2
Visual Objective:
The additional link you will establish connects WGxR2 and the Good router through the Frame Relay network. You will configure a BGP session (private peering) between WGxR2 and Good over this link. All traffic from your autonomous system toward Good should flow over this link. The figure below shows you the new physical connectivity, BGP sessions and the expected traffic flow in your network.
Client
WGxR4
WGxR3
Expected traffic flow BGP sessions
WGxR2
link ary Prim
Backup peering
WGxR1
Good
Cheap
Figure 9: BGP Local Preference in a Service Provider network
Guidelines:
Create an additional point-to-point link on WGxR2. Use DLCI 20x and IP address 192.168.3x.1/30. The other side of this PVC is connected to router Good, which is already configured. The BGP routing design contains the following items:
s
AS x should prefer AS 20 as the upstream service provider. Router WGxR2 should be used as the exit point under normal circumstances. Peering to AS 20 through WGxR1 should be used only if the primary link fails.
Chapter Title
C-3
Task: Configure additional IP connectivity

Step 1
Create another point-to-point subinterface on WGxR2 using the parameters from the following table:
Router WGxR2 IP address 192.168.3x.1/30 DLCI 20x
Table 21: WAN subinterface parameters
Task: Establish BGP peering between WGxR2 and router Good.

Step 2
Configure the router Good as the BGP neighbor using the parameters from the following table:
Parameter Service Provider IP address Service Providers AS number Value 192.168.3x.2 20
Table 22: BGP parameters for the second WAN link toward Good
Task: Use Local Preference to ensure AS-wide routing policy

Step 3
Create a new route map on router WGxR2. Within the route-map, set the Local Preference higher than the default value 100. Apply the route map to incoming updates from router Good. Perform soft clearing of the BGP session by using clear ip bgp * [soft] in command.
Step 4 Step 5
Verification:
s s
Use traceroute from router WGxR4 and WGxR1 to 192.20.11.1. Use traceroute from router Good to interface loopback0 on router WGxR4 and WGxR1. Verify that you still propagate routes to your customer by logging into the Client router and examining the BGP table on that router. Compare the two outputs of traceroute to determine if routing is symmetrical. Both traceroute commands should show router WGxR2 in the path.
Review Questions:
s s
Is routing between router WGxR1 and Good symmetrical? Which routers receive the Local Preference attribute?
C-4
Laboratory Exercise E15: BGP Multi-exit Discriminator

Objective:
You have noticed that the traffic from router Good toward your autonomous system sometimes passes through the WGxR1, resulting in asymmetrical routing. You will use the Multi-Exit-Discriminator to indicate to the Good router which exit point it should use. This exercise is a continuation of the BGP Local Preference exercise.
Command List:
Command router bgp as-number set metric metric show ip bgp show ip bgp regexp regexp Description Enter BGP configuration mode Set Multi-exit-discriminator in a routemap Inspect the contents of the BGP table. Use a regular expression to filter the output of show ip bgp command.
Table 23: Configuration and monitoring commands used with MED
Guidelines:
The addition to BGP routing design contains the following item:
s
The implementation should ensure symmetrical routing. Backup peering should be used only when the primary link is down. Use MED to influence the neighboring AS 20 to choose the preferred return path.
Task: Configuring WGxR1 to set MED

Step 6
Create a new route map, which sets the BGP MED to a high value (for example, 200). Apply the route map to outgoing updates toward the router Good.
Chapter Title
C-5
Task: Configuring WGxR2 to set MED

Step 7
Create a new route map, which sets the BGP MED to a low value (for example, 100). Apply the route map to outgoing updates to router Good.
Verification:
s
Check the BGP table on router Good to see if MED is present in BGP updates received from WGxR1 and WGxR2. Use trace from router WGxR4 and WGxR1 to 192.20.11.1. Use trace from router Good to interface loopback0 on router WGxR4 and WGxR1. Compare the two outputs of trace to determine if routing is symmetrical. Both trace commands should show router WGxR2 in the path.
s s
Review Questions:
s
Which parameters and attributes have to be equal before MED is compared to select the best path? What is the default value of MED?
C-6
Laboratory Exercise E16: Advanced BGP Design with BGP Community Attribute
Objective:
You decide to offer additional Internet services to your customers. These services include:
s s
Using your autonomous system as primary or backup AS Using your autonomous system to reach only AS20 or only AS22
You will use BGP communities to give your customers the ability to indicate which services they would like to use in their BGP updates.
Command List:
Command router bgp as-number neighbor neighbor route-map name {in|out} Description Enter BGP configuration mode Use this command to apply a route map to incoming or outgoing routing updates. Use this command in a route-map to match Communities by using a community list. Use this command in a route-map to set Community attributes. Use keyword additive to append Communities instead of replacing them. Use this command to set Local Preference attribute. Use this command to set Multi-exit Discriminator attribute. Use this command to create a community access list. Inspect the contents of the BGP table. Use a regular expression to filter the output of show ip bgp command. Use this command to view BGP routes that have at least on Community attribute or those specified in the command. Use this command to view BGP routes that are permitted by the specified community list.
match community c-acl
set community community [additive]
set local-preference num set metric metric ip community-list num {permit|deny} community show ip bgp show ip bgp regexp regexp show ip bgp community [community [community ]] [exact-match]
show ip bgp community-list c-list [exact-match]
Chapter Title
C-7
Table 24: Configuration and monitoring commands used with advanced BGP configurations
Guidelines:
Your AS should provide the following services to its customers:
s
If a customer sends an update with Community x:22 the route should not be forwarded to AS 22. If a customer sends an update with Community x:20 the route should not be forwarded to AS 20. If a customer sends an update with Community x:80 the route should be marked with Local Preference 80. If a customer sends an update with Community x:120 the route should be marked with Local Preference 120.
Router Client has been preconfigured to send IP prefixes with various combinations of these communities attached to them. Your customer also uses BGP communities to indicate which services it would like to receive from AS 20. These communities have to be propagated to AS 20.
Task: Configure BGP Community Propagation

Step 1
On all routers in your autonomous system, configure BGP community propagation.
Task: Configure WGxR4 to Set Local Preference based on BGP Community

Step 2
Create a community list to match updates carrying BGP community x:80. Create another community list to match updates carrying BGP community x:120. Create a new route map. Match routes with the BGP community x:80 and set Local Preference to 80. Match routes with BGP community x:120 and set Local Preference to 120. Permit all other routes without modifying them. Apply the route map to incoming updates form router Client.
Step 3
Step 4
Task: Configure Outbound Filters on WGxR2

Step 5 Step 6
Create a community list to match updates carrying Community x:20. Create a new statement in the route map already used for outgoing updates to router Good. This statement should filter out all BGP routes carrying communities x:20.
C-8
Task: Configure Outbound Filters on WGxR1

Step 7
Create a community list to match updates carrying Community x:20. Create another community list to match updates carrying Community x:22. Create a new statement in the route map already used for outgoing updates to router Good. This statement should filter out all BGP routes carrying communities x:20. Create a new route map. The first statement should match all BGP routes carrying community x:22 and filter them out. All other routes should be permitted. Apply the new route map to outgoing updates to router Cheap.
Step 8
Step 9
Step 10
Verification:
s
Identify customer networks and their corresponding Community attributes on router WGxR4.
WG4R4>show ip bgp community 4:80 BGP table version is 47, local router ID is 197.4.7.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 197.99.80.0 Next Hop 192.168.21.99 Metric LocPrf Weight Path 0 80 0 99 i
WG4R4>show ip bgp community 4:20 BGP table version is 47, local router ID is 197.4.7.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 197.99.20.0 Next Hop 192.168.21.99 Metric LocPrf Weight Path 0 0 99 i
Log in to router WGxR1 and check whether appropriate action was taken based on the Community values (local preference set to value 120 for networks with community x:120; local preference set to value 80 for networks with community x:80).
WG4R1>show ip bgp community 4:80 BGP table version is 518, local router ID is 197.4.8.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *>i197.99.80.0 Next Hop 192.168.21.99 Metric LocPrf Weight Path 0 80 0 99 i
WG4R1>show ip bgp community 4:120 BGP table version is 518, local router ID is 197.4.8.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *>i197.99.120.0 Next Hop 192.168.21.99 Metric LocPrf Weight Path 0 120 0 99 i
Log in to router Good and check whether appropriate action was taken based on the Community values (routing updates carrying the Community attribute x:20 should not be received from your routers).
Step 1
Find routes carrying community x:20

Chapter Title C-9
WG4R1>show ip bgp community 4:20 BGP table version is 518, local router ID is 197.4.8.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *>i197.99.20.0 Step 2 Next Hop 192.168.21.99 Metric LocPrf Weight Path 0 100 0 99 i
Log into the Good router and inspect the BGP table for routes you have identified in the previous step. Verify that you are not sending these routes to the Good router.
WG4R1>192.168.20.20 Trying 192.168.20.20 ... Open Good>show ip bgp 197.99.20.0 BGP routing table entry for 197.99.20.0/24, version 2235 Paths: (3 available, best #2, table Default-IP-Routing-Table) Advertised to peer-groups: students Advertised to non peer-group peers: 192.168.34.1 2 22 4 99 192.168.20.4 from 192.168.20.2 (197.2.8.1) Origin IGP, localpref 100, valid, external 22 4 99 192.168.20.4 from 192.168.20.22 (192.20.11.1) Origin IGP, localpref 100, valid, external, best 3 22 4 99 192.168.20.4 from 192.168.20.3 (197.3.8.1) Origin IGP, localpref 100, valid, external
Step 3
Examine the routes you are sending to the Good router to verify that all other client routes are still propagated to the Good router.
Good>show ip bgp regexp ^4_ BGP table version is 2235, local router ID is 199.199.199.199 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network * 99.0.0.0 *> *> 192.168.4.0 * *> 197.4.0.0/16 * * 197.99.1.0 *> * 197.99.11.0 *> rest deleted Next Hop 192.168.20.4 192.168.34.1 192.168.34.1 192.168.20.4 192.168.34.1 192.168.20.4 192.168.20.4 192.168.34.1 192.168.20.4 192.168.34.1 Metric LocPrf Weight Path 200 0 4 99 i 25 0 4 99 i 25 0 4 i 200 0 4 i 25 0 4 i 200 0 4 i 200 0 4 99 i 25 0 4 99 i 200 0 4 99 i 25 0 4 99 I
Log in to router Cheap and check whether appropriate action was taken based on the BGP community values (routing updates carrying the Community attribute x:22 should not be received from your routers).
Review Questions:
s s
What do you have to do to enable Community propagation? What mechanisms can you use to match or set Communities?
C-10
Chapter Title
C-11
Laboratory Exercise E17: Using BGP Route-flap Dampening

Objective:
Service Providers usually use BGP route flap dampening to minimize the impact of route flaps in the Internet on the stability of their network. BGP route flap dampening also reduces the CPU load on the routers running BGP. In this exercise you will minimize the impact of flapping routes on your AS and upstream autonomous systems, by implementing graded BGP route flap dampening.
Command List:
Command router bgp as-number bgp dampening route-map route-map match community c-acl Description Enter BGP configuration mode Specify BGP dampening parameters using a route-map Use this command in a route-map to match BGP communities by using a community list. Use this command in a route-map to set BGP community attribute. Use keyword additive to append the communities instead of replacing them. Use this command to create a community access list. Inspect the contents of the BGP table. Use this command to view prefixes that have previously flapped. Use this command to view prefixes that are currently suppressed. Use a regular expression to filter the output of show ip bgp command. Use this command to view BGP routes that have at least one BGP community attribute or those specified in the command. Use this command to view BGP routes that are permitted by the specified community list. Use this command to see major events related to Route-flap Dampening.
set community community [additive]
ip community-list num {permit|deny} community show ip bgp show ip bgp flap-statistics show ip bgp dampened-paths show ip bgp regexp regexp show ip bgp community [community [community ]] [exact-match]
show ip bgp community-list c-list [exact-match]
debug ip bgp dampening
Table 25: Configuration and monitoring commands used with route-flap dampening
C-12
Guidelines:
Configure graded route flap dampening for routes received from the Client router according to the following design:
s
If a prefix contains a Community attribute x:300 the prefix should not be dampened. Prefixes longer than /23 should have a half-time of 20 minutes. Prefixes between /9 and /22 should have a half-time of 15 minutes. Prefixes between /0 and /8 should have a half-time of 10 minutes. Maximum suppression time should be changed to 60 minutes for all prefixes.
s s s s
Task: Creating filters for the dampening route map

Step 1 Step 2 Step 3
Create a community list that matches prefixes carrying BGP community x:300. Create a prefix list that matches all prefixes longer than /23. Create a prefix list that matches all prefixes longer than /8.
Task: Creating a route map for Route-flap Dampening

Step 4
Create a new route-map. The first statement of the new route map should match prefixes carrying BGP community x:300. No RFD parameters need to be set. The second statement should match prefixes longer than /23. Set the half-time to 20 minutes, the maximum suppress time to 60 minutes and use default values for other parameters (reuse-limit 750, suppress-limit 2000). The third statement should match prefixes longer than /8. Set the half-time to 15 minutes, the maximum suppress time to 60 minutes and use default values for other parameters (reuse-limit 750, suppress-limit 2000). The last statement should match all other prefixes (no match command). Set the half-time to 10 minutes, the maximum suppress time to 60 minutes and use default values for other parameters (reuse-limit 750, suppress-limit 2000). Enter BGP configuration mode and start the BGP route flap dampening based on the created route-map with the bgp dampening route-map route-map command.
Step 5
Step 6
Step 7
Step 8
Verification:
s
Shutdown interface Loopback55 on router Client several times to create flaps. Use show ip bgp flap-statistics and show ip bgp dampened-paths to verify the operation of Route-flap Dampening.
Chapter Title
C-13
Review Questions:
s s
What is the purpose of Route-flap dampening? Which routes does the Route-flap dampening affect?
C-14
Notes Pages for Laboratory Exercises
Overview:
Use the following pages for your own notes.
Client
AS x
WGxR4
WGxR3
WGxR2
WGxR1
Good
Cheap
________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________
C-2
Client
AS x
WGxR4
WGxR3
WGxR2
WGxR1
Good
Cheap
________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________
Chapter Title
C-3
Client
AS x
WGxR4
WGxR3
WGxR2
WGxR1
Good
Cheap
________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________
C-4
Client
AS x
WGxR4
WGxR3
WGxR2
WGxR1
Good
Cheap
________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________
Chapter Title
C-5
Client
AS x
WGxR4
WGxR3
WGxR2
WGxR1
Good
Cheap
________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________ ________________________________________________________________
C-6

BGP Router Reflection Lab

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

BGP Router Reflection Lab

Caricato da

Copyright:

Formati disponibili

A

Laboratory Exercises Initial Router Setup

Overview of Physical Connectivity in the Laboratory

Client Client ISP

Frame Relay Switch WGxR1 ISP Exchange Point

Figure 1: Physical connectivity

Multi-homed Autonomous System

Copyright 2000, Cisco Systems, Inc.

Client Client ISP

WGxR1 ISP Exchange Point

Figure 2: Initial logical connectivity

Copyright 2000, Cisco Systems, Inc.

Laboratory Exercise A-1: Initial Router Configuration

Task: Initial Router Configuration

Table 1: Initial router parameters

Task: IP Address and WAN Interface Configuration

Table 2: Loopback IP address assignment

Value 192.168.20.x, subnet mask 255.255.255.0 192.168.21.x, subnet mask 255.255.255.0

Table 3: LAN IP address assignment

Table 4: WAN subinterface parameters

Task: Configure IGP in Your Network

Copyright 2000, Cisco Systems, Inc.

BGP Setup for Single-homed Autonomous Systems

Laboratory Exercise B-2: Basic BGP setup

Multi-homed Autonomous System

Copyright 2000, Cisco Systems, Inc.

Client Client ISP

WGxR1 ISP Exchange Point

Figure 3: Connecting to single service-provider

Task: Starting a BGP process

Task: Establishing a BGP peering

Copyright 2000, Cisco Systems, Inc.

Task: Announcing networks

TblVer InQ OutQ Up/Down State/PfxR 25 0 0 00:01:31 24

View detailed information about the neighbor.

Multi-homed Autonomous System

Copyright 2000, Cisco Systems, Inc.

Copyright 2000, Cisco Systems, Inc.

Laboratory Exercise B32: Managing large user networks

Task: Preparing the lab for this exercise

Remove all BGP network statements from the previous exercise.

Multi-homed Autonomous System

Copyright 2000, Cisco Systems, Inc.

Task: Configuring a route-map for filtering of redistributed prefixes

Task: Enabling route redistribution.

Individual subnets are seen if no autosummary command is used in BGP.

Copyright 2000, Cisco Systems, Inc.

Laboratory Exercise B43: End-user Route Aggregation

Task: Creating aggregates in the BGP table

Multi-homed Autonomous System

Copyright 2000, Cisco Systems, Inc.

Copyright 2000, Cisco Systems, Inc.

Multi-homed Autonomous System

Laboratory Exercise C-5: Basic Multi-homed BGP Setup

Multi-homed Autonomous System

Copyright 2000, Cisco Systems, Inc.

Client Client ISP

Figure 4: Connecting to two different service providers

Task: Establishing a peering to another neighbor

Configure the second BGP neighbor using the following parameters:

Table 10: Multi-homed BGP parameters Step 4

Copyright 2000, Cisco Systems, Inc.

Verify that both BGP sessions are up.

Both paths have the same nexthop address.