Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
BGP GR configuration
In Figure 1, run eBGP between Router A and Router B and iBGP between Router B and Router C so that Router C can access the network
8.1.1.0/24 connected to Router A.
Procedure:
1/14
7/5/2019
3. Configure eBGP.
The eBGP peers, Router A and Router B (usually belong to different ISPs), are located in different ASs. Typically, their
loopback interfaces are not reachable to each other, so directly connected interfaces are used for establishing BGP sessions.
To enable Router C to access the network 8.1.1.0/24 connected directly to Router A, inject network 8.1.1.0/24 to the BGP
routing table of Router A.
Configure Router A:
<RouterA> system-view
[RouterA] bgp 65008
[RouterA-bgp] router-id 1.1.1.1
[RouterA-bgp] peer 3.1.1.1 as-number 65009
[RouterA-bgp] network 8.1.1.1 24
[RouterA-bgp] quit
Configure Router B:
[RouterB] bgp 65009
[RouterB-bgp] peer 3.1.1.2 as-number 65008
[RouterB-bgp] quit
Display BGP peer information on Router B:
[RouterB] display bgp peer
2/14
7/5/2019
Display the BGP routing table on Router C:
[RouterC] display bgp routing-table
top
As shown in Figure 2, all devices of company A belong to AS 65008 while all devices of company B belong to AS 65009. AS 65008 and AS
65009 are connected through Router A and Router B. It is required that Router A can access network 9.1.2.0/24 in AS 65009, and Router C
can access network 8.1.1.0/24 in AS 65008.
Procedure:
3/14
7/5/2019
[RouterB-bgp] import-route ospf 1
[RouterB-bgp] quit
[RouterB] ospf 1
[RouterB-ospf-1] import-route bgp
[RouterB-ospf-1] quit
Display the BGP routing table on Router A:
[RouterA] display bgp routing-table
top
As shown in Figure 3, all routers run BGP, and Router A resides in AS 65008, Router B and Router C in AS 65009. Between Router A and
Router B, Router A and Router C are eBGP connections, and between Router B and Router C is an iBGP connection. Two routes are
configured on Router A for load balancing.
4/14
7/5/2019
Procedure:
5/14
7/5/2019
Status codes: * - valid, ^ - VPNv4 best, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
top
As shown in Figure 4, Router B establishes eBGP connections with Router A and Router C. Configure No_Export community attribute on
Router A to make routes from AS 10 not advertised by AS 20 to any other AS.
Procedure:
6/14
7/5/2019
top
Between Router A and Router B is an eBGP connection, and between Router C and Router B, and between Router C and Router D
are iBGP connections.
Router C is a route reflector with clients Router B and D.
Router D can learn route 1.0.0.0/8 from Router C.
Procedure:
7/14
7/5/2019
[RouterC] bgp 200
[RouterC-bgp] peer 193.1.1.2 reflect-client
[RouterC-bgp] peer 194.1.1.2 reflect-client
[RouterC-bgp] quit
4. Verify the configuration.
Display the BGP routing table on Router B:
[RouterB] display bgp routing-table
top
As shown in Figure 6, to reduce iBGP connections in AS 200, split it into three sub-ASs, AS65001, AS65002 and AS65003. Routers in
AS65001 are fully meshed.
Procedure:
8/14
7/5/2019
[RouterB-bgp] confederation peer-as 65001 65003
[RouterB-bgp] peer 10.1.1.1 as-number 65001
[RouterB-bgp] quit
Configure Router C:
<RouterC> system-view
[RouterC] bgp 65003
[RouterC-bgp] router-id 3.3.3.3
[RouterC-bgp] confederation id 200
[RouterC-bgp] confederation peer-as 65001 65002
[RouterC-bgp] peer 10.1.2.1 as-number 65001
[RouterC-bgp] quit
3. Configure iBGP connections in AS65001.
Configure Router A:
[RouterA] bgp 65001
[RouterA-bgp] peer 10.1.3.2 as-number 65001
[RouterA-bgp] peer 10.1.3.2 next-hop-local
[RouterA-bgp] peer 10.1.4.2 as-number 65001
[RouterA-bgp] peer 10.1.4.2 next-hop-local
[RouterA-bgp] quit
Configure Router D:
<RouterD> system-view
[RouterD] bgp 65001
[RouterD-bgp] router-id 4.4.4.4
[RouterD-bgp] confederation id 200
[RouterD-bgp] peer 10.1.3.1 as-number 65001
[RouterD-bgp] peer 10.1.5.2 as-number 65001
[RouterD-bgp] quit
Configure Router E:
<RouterE> system-view
[RouterE] bgp 65001
[RouterE-bgp] router-id 5.5.5.5
[RouterE-bgp] confederation id 200
[RouterE-bgp] peer 10.1.4.1 as-number 65001
[RouterE-bgp] peer 10.1.5.1 as-number 65001
[RouterE-bgp] quit
4. Configure the eBGP connection between AS100 and AS200.
Configure Router A:
[RouterA] bgp 65001
[RouterA-bgp] peer 200.1.1.2 as-number 100
[RouterA-bgp] quit
Configure Router F:
<RouterF> system-view
[RouterF] bgp 100
[RouterF-bgp] router-id 6.6.6.6
[RouterF-bgp] peer 200.1.1.1 as-number 200
[RouterF-bgp] network 9.1.1.0 255.255.255.0
[RouterF-bgp] quit
5. Verify the configuration.
Display BGP routing table information on Router B:
[RouterB] display bgp routing-table
9/14
7/5/2019
From : 10.1.3.1 (1.1.1.1)
Relay Nexthop : 0.0.0.0
Original nexthop: 10.1.3.1
AS-path : 100
Origin : igp
Attribute value : MED 0, localpref 100, pref-val 0, pre 255
State : valid, internal, best,
Not advertised to any peers yet
The output information shows that:
Router F can send route information to Router B and Router C through the confederation by establishing only an eBGP
connection with Router A.
Router B and Router D are in the same confederation, but belong to different sub ASs. They obtain external route information
from Router A and generate the same BGP route entries. It seems like that they reside in the same AS although they have no
direct connection in between.
top
In Figure 7, all routers run BGP. Between Router A and Router B, and between Router A and Router C are eBGP connections.
Between Router B and Router D, and between Router D and Router C are iBGP connections.
OSPF is the IGP protocol in AS 200.
Configure routing policies to make Router D give priority to the route 1.0.0.0/8 learned from Router C.
Procedure:
10/14
7/5/2019
[RouterB-bgp] peer 194.1.1.1 as-number 200
[RouterB-bgp] quit
Configure Router C:
[RouterC] bgp 200
[RouterC-bgp] peer 193.1.1.1 as-number 100
[RouterC-bgp] peer 195.1.1.1 as-number 200
[RouterC-bgp] quit
Configure Router D:
[RouterD] bgp 200
[RouterD-bgp] peer 194.1.1.2 as-number 200
[RouterD-bgp] peer 195.1.1.2 as-number 200
[RouterD-bgp] quit
4. Configure different attribute values for the route 1.0.0.0/8 to make Router D give priority to the route learned from Router C.
Method I: Specify a higher MED value for the route 1.0.0.0/8 advertised to 192.1.1.2 to make Router D give priority to the
route learned from Router C.
Define ACL 2000 to permit the route 1.0.0.0/8:
[RouterA] acl number 2000
[RouterA-acl-basic-2000] rule permit source 1.0.0.0 0.255.255.255
[RouterA-acl-basic-2000] quit
Define routing policy apply_med_50 that sets the MED value of route 1.0.0.0/8 to 50, and routing policy
apply_med_100 that sets the MED value of route 1.0.0.0/8 to 100:
[RouterA] route-policy apply_med_50 permit node 10
[RouterA-route-policy] if-match acl 2000
[RouterA-route-policy] apply cost 50
[RouterA-route-policy] quit
[RouterA] route-policy apply_med_100 permit node 10
[RouterA-route-policy] if-match acl 2000
[RouterA-route-policy] apply cost 100
[RouterA-route-policy] quit
Apply routing policy apply_med_50 to the route advertised to 193.1.1.2 (Router C), and apply routing policy
apply_med_100 to the route advertised to 192.1.1.2 (Router B):
[RouterA] bgp 100
[RouterA-bgp] peer 193.1.1.2 route-policy apply_med_50 export
[RouterA-bgp] peer 192.1.1.2 route-policy apply_med_100 export
[RouterA-bgp] quit
Display the BGP routing table on Router D:
[RouterD] display bgp routing-table
top
BGP GR configuration
Network requirements:
In Figure 8, all are BGP routers. Between Router A and Router B is an eBGP connection. Router B and Router C are connected over an
iBGP connection. Enable GR capability for BGP so that the communication between Router A and Router C cannot be affected when an
active/standby main board switchover occurs on Router B.
11/14
7/5/2019
Procedure:
1. Configure Router A.
Configure IP addresses for interfaces (omitted).
Configure the eBGP connection:
<RouterA> system-view
[RouterA] bgp 65008
[RouterA-bgp] router-id 1.1.1.1
[RouterA-bgp] peer 200.1.1.1 as-number 65009
Inject network 8.0.0.0/8 to the BGP routing table:
[RouterA-bgp] network 8.0.0.0
Enable GR capability for BGP:
[RouterA-bgp] graceful-restart
2. Configure Router B.
Configure IP addresses for interfaces (omitted).
Configure the eBGP connection:
<RouterB> system-view
[RouterB] bgp 65009
[RouterB-bgp] router-id 2.2.2.2
[RouterB-bgp] peer 200.1.1.2 as-number 65008
Configure the iBGP connection:
[RouterB-bgp] peer 9.1.1.2 as-number 65009
Inject networks 200.1.1.0/24 and 9.1.1.0/24 to the BGP routing table:
[RouterB-bgp] network 200.1.1.0 24
[RouterB-bgp] network 9.1.1.0 24
Enable GR capability for BGP:
[RouterB-bgp] graceful-restart
3. Configure Router C.
Configure IP addresses for interfaces (omitted).
Configure the iBGP connection:
<RouterC> system-view
[RouterC] bgp 65009
[RouterC-bgp] router-id 3.3.3.3
[RouterC-bgp] peer 9.1.1.1 as-number 65009
Enable GR capability for BGP:
[RouterC-bgp] graceful-restart
Verification:
Ping Router C on Router A. Meanwhile, perform an active/standby main board switchover on Router B. The ping operation is successful
during the whole switchover process.
top
As shown in Figure 9:
Procedure:
12/14
7/5/2019
[RouterA-bgp] peer 2.0.2.2 as-number 200
[RouterA-bgp] quit
When the two links between Router A and Router C are both up, Router C adopts the link Router A<->Router B<->Router C to
exchange packets with network 1.1.1.0/24. (Set a higher MED value for route 1.1.1.0/24 sent to peer 2.0.2.2 on Router A.)
Create ACL 2000 to permit 1.1.1.0/24 to pass.
[RouterA] acl number 2000
[RouterA-acl-basic-2000] rule permit source 1.1.1.0 24
[RouterA-acl-basic-2000] quit
Create two route policies, apply_med_50 and apply_med_100. Policy apply_med_50 sets the MED for route 1.1.1.0/24 to
50. Policy apply_med_100 sets that to 100.
[RouterA] route-policy apply_med_50 permit node 10
[RouterA-route-policy] if-match acl 2000
[RouterA-route-policy] apply cost 50
[RouterA-route-policy] quit
[RouterA] route-policy apply_med_100 permit node 10
[RouterA-route-policy] if-match acl 2000
[RouterA-route-policy] apply cost 100
[RouterA-route-policy] quit
Apply routing policy apply_med_50 to routes outgoing to peer 3.0.2.2, and apply routing policy apply_med_100 to routes
outgoing to peer 2.0.2.2.
[RouterA] bgp 100
[RouterA-bgp] peer 3.0.2.2 route-policy apply_med_50 export
[RouterA-bgp] peer 2.0.2.2 route-policy apply_med_100 export
Configure BFD over the link to peer 3.0.2.2 so that when the link Router A<->Router B<->Router C fails, BFD can quickly
detect the failure and notify it to BGP, and then the link Router A<->Router D<->Router C takes effect immediately.
[RouterA-bgp] peer 3.0.2.2 bfd
[RouterA-bgp] quit
4. Configure BGP on Router C:
<RouterC> system-view
[RouterC] bgp 100
[RouterC-bgp] peer 3.0.1.1 as-number 200
[RouterC-bgp] peer 3.0.1.1 bfd
[RouterC-bgp] peer 2.0.1.1 as-number 200
[RouterC-bgp] quit
5. Configure BFD parameters (the user can use default BFD parameters instead).
Configure Router A:
[RouterA] bfd session init-mode active
[RouterA] interface gigabitethernet 2/1/2
Configure the minimum interval for transmitting BFD control packets as 500 milliseconds.
[RouterA-Gigabitethernet2/1/2] bfd min-transmit-interval 500
Configure the minimum interval for receiving BFD control packets as 500 milliseconds.
[RouterA-Gigabitethernet2/1/2] bfd min-receive-interval 500
Configure the detect multiplier as 7.
[RouterA-Gigabitethernet2/1/2] bfd detect-multiplier 7
Configure the BFD authentication mode as plain-text authentication, and set the authentication key to ibgpbfd.
[RouterA-Gigabitethernet2/1/2] bfd authentication-mode simple 1 ibgpbfd
[RouterA-Gigabitethernet2/1/2] quit
Configure Router C:
[RouterC] bfd session init-mode active
[RouterC] interface gigabitethernet 2/1
[RouterC-Gigabitethernet2/1] bfd min-transmit-interval 500
[RouterC-Gigabitethernet2/1] bfd min-receive-interval 500
[RouterC-Gigabitethernet2/1] bfd detect-multiplier 7
[RouterC-Gigabitethernet2/1] bfd authentication-mode simple 1 ibgpbfd
[RouterC-Gigabitethernet2/1] return
6. Verify the configuration.
The following operations are made on Router C. Operations on Router A are similar and are thus omitted.
Display detailed BFD session information:
<RouterC> display bfd session verbose
13/14
7/5/2019
Destination: 1.1.1.0/24
Protocol: BGP Process ID: 0
Preference: 0 Cost: 50
NextHop: 3.0.1.1 Interface: GigabitEthernet2/1/1
BkNextHop: 0.0.0.0 BkInterface:
RelyNextHop: 3.0.2.1 Neighbor : 3.0.1.1
Tunnel ID: 0x0 Label: NULL
State: Active Adv Age: 00h08m54s
Tag: 0
Destination: 1.1.1.0/24
Protocol: BGP Process ID: 0
Preference: 0 Cost: 100
NextHop: 2.0.1.1 Interface: GigabitEthernet2/1/2
BkNextHop: 0.0.0.0 BkInterface:
RelyNextHop: 2.0.2.1 Neighbor : 2.0.1.1
Tunnel ID: 0x0 Label: NULL
State: Invalid Adv Age: 00h08m54s
Tag: 0
The output shows that Router C has two routes to reach network 1.1.1.0/24: Router C<—>Router B<—>Router A, which is the active
route; Router C<—>Router D<—>Router A, which is the backup route.
Enable BFD debugging on Router C:
<RouterC> debugging bfd scm
<RouterC> debugging bfd event
<RouterC> debugging bgp bfd
<RouterC> terminal monitor
<RouterC> terminal debugging
The following debugging information shows that: when the link between Router A and Router B fails, Router C can quickly detect the
link failure.
%Nov 5 11:42:24:172 2009 RouterC BFD/5/BFD_CHANGE_FSM:
Sess[3.0.2.2/3.0.1.1,13/17,GE2/1/1,Ctrl], Sta: UP->DOWN, Diag: 1
%Nov 5 11:42:24:172 2009 RouterC BGP/5/BGP_STATE_CHANGED: 3.0.1.1 state is changed from
ESTABLISHED to IDLE.
*Nov 5 11:42:24:187 2009 RouterC RM/6/RMDEBUG: BGP_BFD: Recv BFD DOWN msg, Src IP 3.0.2.2,
Dst IP 3.0.1.1, Instance ID 0.
*Nov 5 11:42:24:187 2009 RouterC RM/6/RMDEBUG: BGP_BFD: Reset BGP session 3.0.1.1 for BFD
session down.
*Nov 5 11:42:24:187 2009 RouterC RM/6/RMDEBUG: BGP_BFD: Send DELETE msg to BFD, Connection
type DIRECT, Src IP 3.0.2.2, Dst IP 3.0.1.1, Instance ID 0.
Display route 1.1.1.0/24 on Router C, and you can see that Router A and Router C communicate through Router D:
<RouterC> display ip routing-table 1.1.1.0 24 verbose
Routing Table : Public
Summary Count : 1
Destination: 1.1.1.0/24
Protocol: BGP Process ID: 0
Preference: 0 Cost: 100
NextHop: 2.0.1.1 Interface: GigabitEthernet2/1/2
BkNextHop: 0.0.0.0 BkInterface:
RelyNextHop: 2.0.2.1 Neighbor : 2.0.1.1
Tunnel ID: 0x0 Label: NULL
State: Active Adv Age: 00h09m54s
Tag: 0
The output shows that Router C has one route to reach network 1.1.1.0/24 (Router C<—>Router D<—>Router A).
top
14/14