This chapter describes how to use the Border Gateway Protocol (BGP) using the BGP configuration commands.
This chapter contains the following sections:
BGP is an exterior gateway routing protocol used to exchange network reachability information among autonomous systems. An AS is essentially a collection of routers and end nodes that operate under a single administrative organization. Within each AS, routers and end nodes share routing information using an interior gateway protocol. The interior gateway protocol may be either RIP or OSPF.
BGP was introduced in the Internet in the loop-free exchange of routing information between autonomous systems. Based on Classless Inter-Domain Routing (CIDR), BGP has since evolved to support the aggregation and reduction of routing information.
In essence, CIDR is a strategy designed to address the following problems:
CIDR eliminates the concept of address classes and provides a method for summarizing n different routes into single routes. This significantly reduces the amount of routing information that BGP routers must store and exchange.
| Note: | IBM only supports the latest version of BGP, BGP4, which is defined in RFC 1654. All references to BGP in this chapter and on the interface of IBM's routers are to BGP4, and do not apply to previous versions of BGP. |
BGP is an inter-autonomous system routing protocol. In essence, BGP routers selectively collect and advertise reachability information to and from BGP neighbors in their own and other autonomous systems. Reachability information consists of the sequences of AS numbers that form the paths to particular BGP speakers, and the list of IP networks that can be reached via each advertised path. An AS is an administrative group of networks and routers that share reachability information using one or more Interior Gateway Protocols (IGPs), such as RIP or OSPF.
Routers that run BGP are called BGP speakers. These routers function as servers with respect to their BGP neighbors (clients). Each BGP router opens a passive TCP connection on port 179, and listens for incoming connections from neighbors at this well-known address. The router also opens active TCP connections to enabled BGP neighbors. This TCP connection enables BGP routers to share and update reachability information with neighbors in the same or other autonomous systems.
Connections between BGP speakers in the same AS are called internal BGP (IBGP) connections, while connections between BGP speakers in different autonomous systems are called external BGP (EBGP) connections.
A single AS may have one or many BGP connections to outside autonomous systems. Figure 36 shows two autonomous systems. The BGP speaker in AS1 is attempting to establish a TCP connection with its neighbor in AS2. Once this connection is established, the routers will be able to share reachability information.
Figure 36. BGP Connections between Two Autonomous Systems
|
While the autonomous systems shown in Figure 36 have only one BGP router, each could have multiple connections to other autonomous systems. As an example of this, Figure 37 shows three interconnected autonomous systems. AS1 has three BGP connections to outside autonomous systems: one to AS2, one to AS3 and one to ASx. Similarly, AS3 has connections to AS1, AS2 and to ASy.
Figure 37. BGP Connections among Three Autonomous Systems
 |
Once a TCP connection is established, the BGP speaker shown in Figure 36 can send its entire routing table to its BGP neighbor in AS2. However, for security or other reasons, it may not be desirable to send reachability information on each network to AS2. Similarly, it may not be desirable for AS2 to receive reachability information on each network in AS1.
Decisions on which reachability information to advertise (send), and which to accept (receive) are made on the basis of explicitly defined policy statements. IBM's BGP implementation supports three types of policy statements:
Each send policy statement contains the destination network advertisement classifier and a set of associated actions.
The destination network classification is based on:
The possible actions are:
| Note: | MED and ASpath padding are only applicable to a neighbor based policy.
MED attribute value hints external BGP neighbor about its route preference. Route with the lowest MED attribute value will be preferred. See Route Preference Process for more information. |
Each receive policy statement contains the destination network advertisement classifier and a set of associated actions.
The destination network classification is based on:
The possible actions are:
| Note: | MED, weight, and local preferences are only applicable to a neighbor based
policy.
Weight value hints local BGP router to select the route based on highest weight value and ignores the route preference algorithm. |
BGP routers use four kinds of messages to communicate with their neighbors: OPEN, KEEP ALIVE, UPDATE, and NOTIFICATION messages.
Open messages are the first messages transmitted when a link to a BGP neighbor comes up and establishes a connection.
Keep alive messages are used by BGP routers to inform one another that a particular connection is alive and working.
Update messages contain the interior routing table information. BGP speakers send update messages only when there is a change in their routing tables.
Notification messages are sent whenever a BGP speaker detects a condition that forces it to terminate an existing connection. These messages are advertised before the connection is transmitted.
Setting up BGP involves three basic steps:
Enabling BGP requires you to specify the BGP router's unique AS Number. AS numbers are assigned by Stanford Research Institute Network Information Center.
BGP Neighbors are BGP routers with which a BGP speaker establishes a TCP connection. Once neighbors are defined, connections to them are established by default.
The policies you establish determine which routes will be imported and exported by the BGP speaker. You can set up policies for different purposes. See "Sample Policy Definitions" for more information.
You enable BGP using the enable BGP speaker command as shown.
BGP Config> enable BGP speaker AS [0]? 167 TCP segment size [1024]?
The AS number must be in the range 1 to 65535. The TCP segment size must be in the range 1 to 65535. The default value for TCP segment is 1024. This number represents the maximum segment size BGP will use for passive TCP connections.
After you have issued the enable bgp command you must reboot the device to enable BGP.
After enabling a BGP speaker, you must define its neighbors. BGP neighbors can be internal or external. Internal neighbors exist in the same AS and do not need to have a direct connection to one another. External neighbors exist in different autonomous systems. These must have a direct connection to one another.
To define internal or external BGP neighbors, use the add neighbor command. You must specify the IP address of the neighbor, and assign an AS number to the neighbor as shown below. Internal neighbors must have the same AS number as the BGP speaker.
BGP Config> add neighbor 192.0.190.178 AS [0]? 178 Init timer [12]? 30 Connect timer [120]? Hold timer [90]? 30 TCP segment size [1024]? 512
Use the reset neighbor command to activate the specified BGP neighbor, based on the neighbor configuration parameters stored in the configuration memory.
IBM's BGP implementation supports three policy commands:
If you added or modified a neighbor based policy use the reset neighbor command to activate the neighbor policy. If you added or modified an AS-based policy you must reboot the device.
This section provides a set of examples of some specific policies you can set up for a BGP speaker. All policies are defined using the BGP add command. See "Add" for the syntax of the add command.
This example includes all routes in the BGP speaker's IGP routing table for advertisement. In this sense, you can view this command as the "default" originate policy statement for BGP.
Notice that the command specifies a range of addresses, rather than a single (exact) address.
BGP Config> add originate-policy inclusive Network Prefix [0.0.0.0]? Network Mask [0.0.0.0]? Address Match (Exact/Range) [Exact]? range Tag [0]?
This example also specifies a range, but in this case the goal is to prevent the BGP Speaker from advertising addresses in this range to its neighbors.
This example excludes all routes in the range 194.10.16.0 to 194.10.31.255 from the IGP routing table, which in turn prevents them from being advertised.
BGP Config> add originate-policy exclusive Network Prefix [0.0.0.0]? 194.10.16.0 Network Mask [0.0.0.0]? 255.255.240.0 Address Match (Exact/Range) [Exact]? range Tag [0]?
The tag is the received RIP information. You can select networks based on a particular tag value for advertisement. See the description of the Set command in Configuring and Monitoring IP for information on setting the tag value.
By default, only classfull routes from the BGP speaker's IGP routing table will be selected for advertisement. To select both a classless and classful route for subnet advertisement, use the enable classless-bgp or patch bgp-subnets command.
This example ensures that the BGP speaker will import all routes from all of its neighbors into its IGP routing table.
BGP Config> add receive-policy inclusive Network Prefix [0.0.0.0]? Network Mask [0.0.0.0]? Address Match (Exact/Range) [Exact]? range Originating AS# [0]? Adjacent AS# [0]? IGP-metric [0]?
IGP-metric specifies the metric value with which the accepted routes are imported into the speaker's IGP routing table. You are only prompted to enter a value for IGP-metric only when setting up a policy for route inclusion.
If IGP-metric is -1, these routes will not be imported into IGP; thus, routes are not re-advertisable.
This example will prevent the BGP speaker from importing any routes originating at AS 168 from neighboring AS 165. You might use this command if you do not want the BGP speaker to receive any routes from AS 168 for security reasons.
BGP Config> add receive-policy exclusive Network Prefix [0.0.0.0]? Network Mask [0.0.0.0]? Address Match (Exact/Range) [Exact]? range Originating AS# [0]? 168 Adjacent AS# [0]? 165
This example will prevent the BGP speaker from importing any route that has AS 175 in its ASpath list.
BGP Config> add no-receive Enter AS: [0]? 175
This example will allow you to import all routes from BGP neighbor 192.0.190.178. All routes will have a weight value of 100 and IGP-metric value of 1.
Define the policy list name for receive policy.
BGP Config> add policy-list Name[]?S1_100_r Policy Type(Receive/Send)[Receive]?Receive
Attach the defined receive policy list name to a specific neighbor.
BGP Config> attach policy-to-neighbor Neighbor address [0.0.0.0]?192.0.190.178 First receive policy list name (none for global AS based policy)[]?S1_100_r Second receive policy list name (none for exit)[]?
Add receive policies for neighbor using update and add command.
BGP Config>update policy S1_100_r Policy-list S1_100_r Config>add Policy type (Inclusive/Exclusive) [Exclusive]? inclusive Network Prefix [0.0.0.0]? Network Mask [0.0.0.0]? Address Match (Exact/Range) [Range]? Originating AS# [0]? Any AS# [0]? MED [0]? Weight [0]? 100 Local-Pref [0]? IGP-metric [0]? 1
This example restricts the BGP speaker. The speaker cannot advertise routes in the address range 143.116.0.0 to 143.116.255.255, that originate from AS 165, to autonomous system 168.
BGP Config> add send exclusive Network Prefix [0.0.0.0]? 143.116.0.0 Network Mask [0.0.0.0]? 255.255.0.0 Address Match (Exact/Range) [Exact]? range Tag [0]? 165 Adjacent AS# [0]? 168
This example ensures that the BGP speaker will advertise all routes originated from its IGP, and all routes learned from its neighboring autonomous systems.
BGP Config> add send policy inclusive Network Prefix [0.0.0.0]? Network Mask [0.0.0.0]? Address Match (Exact/Range) [Exact]? range Tag [0]? Adjacent AS# [0]?
This example will allow you to advertise all routes to a BGP neighbor 192.0.190.178. All advertise routes will have a MED value of 100.
Define the policy list name for send policy.
BGP Config> add policy-list Name[]?S1_100_s Policy Type(Receive/Send)[Receive]?Send
Attach the defined send policy list name(s) to a specific neighbor.
BGP Config> attach policy-to-neighbor Neighbor address [0.0.0.0]?192.0.190.178 First send policy list name (none for global AS based policy)[]?S1_100_s Second send policy list name (none for exit)[]?
Add the send policies for neighbor using the update and add commands.
BGP Config>update policy S1_100_s Policy-list S1_100_s Config>add Policy type (Inclusive/Exclusive) [Exclusive]? Network prefix [0.0.0.0]? Network mask [0.0.0.0]? Address match (exact/range) [range]? Originating AS# [0]? TAG [0]? MED [0]? 100 # of AS to pad [0]?
When the BGP speaker receives a path for particular destination from its peer, BGP goes through the following process for selecting a best possible path:
The best path is selected based on the following order: