- BGP (Border Gateway Protocol) – Port 179

 BGP is exterior gateway protocol (EGP), as opposed to RIP, OSPF, and EIGRP which are interior
gateway protocols (IGP’s).
 BGP Version 4 (BGPv4) is the current standard deployment.
 BGP is a “Path Vector” routing protocol.
 BGP was not built to route within an Autonomous System (AS), but rather to route between
AS’s.
 BGP maintains a separate routing table based on shortest AS Path and various other attributes,
as opposed to IGP metrics like distance or cost.
 BGP is the routing protocol of choice on the Internet. Essentially, the Internet is a collection of
interconnected Autonomous Systems.
 BGP AS Number is a 16-bit number ranging from 1 – 65535.
 A specific subset of this range, 64512 – 65535, has been reserved for private (or internal) use.
 BGP utilizes TCP for reliable transfer of its packets, on port 179.

BGP Peers (Neighbors):

 For BGP to function, BGP routers must form neighbor relationships (called peers).
 There are two types of BGP neighbor relationships:
1) iBGP Peers – BGP neighbors within the same autonomous system.
2) eBGP Peers – BGP neighbors connecting separate autonomous systems.

Note: Do not confuse an IGP, such as OSPF, with iBGP!

 In the above figure, RouterB and RouterC in AS 200 would form an iBGP peer relationship.
 RouterA in AS 100 and RouterB in AS 200 would form an eBGP peering.
 Once BGP peers form a neighbor relationship, they share their full routing table.
 Afterwards, only changes to the routing table are forwarded to neighbour.

 By default, BGP assumes that eBGP peers are a maximum of one hop away.
  This restriction can be bypassed using the ebgp-multihop option with the neighbor command.

 iBGP peers do not have a hop restriction, and are dependent on the underlying IGP of the AS to
connect peers together.
 By default, all iBGP peers must be fully meshed within the Autonomous System.

 A Cisco router running BGP can belong to only one AS. The IOS will only allow one BGP process
to run on a router.

 The AD for eBGP routes is 20, while the AD for iBGP and locally-originated routes is 200.

BGP Messages:
 BGP forms its neighbor relationships through a series of messages.

1) OPEN: First, an OPEN message is sent between peers to initiate the session.
The OPEN message contains several parameters:
 BGP Version – must be the same between BGP peers
 Local AS Number
 BGP Router ID

2) KEEPALIVE: KEEPALIVE messages are sent periodically in every 60 seconds by default, to

ensure that the remote peer is still available.

If a router does not receive a KEEPALIVE from a neighbor for a Hold-time period of 180
seconds by default, the router declares that neighbor dead.

3) UPDATE: UPDATE messages are used to exchange routes between peers.

4) NOTIFICATION: Finally, NOTIFICATION messages are sent when there is a fatal error occur.

If a NOTIFICATION message is sent, the BGP neighbor session is torn down and reset.

BGP States:
  As a BGP peer session is forming, it will pass through several states. This process is known as the
BGP Finite-State Machine (FSM):

1) Idle: the initial BGP state. (No TCP Connection)

2) Connect: BGP waits for a TCP connection with the remote peer. If successful, an OPEN message
is sent. If unsuccessful, the session is placed in an Active state. (Waits for TCP Connection,
Successful-OPEN MSG, Unsuccessful-ACTIVE STATE)

3) Active: BGP attempts to initiate a TCP connection with the remote peer. If successful, an OPEN
message is sent. If unsuccessful, BGP will wait for a ConnectRetry timer to expire, and place the
session back in a Connect State. (Initiate TCP connection, Successful-OPEN MSG, Unsuccessful-
Connect State after timer expired).

4) OpenSent: BGP has both established the TCP connection and sent an OPEN Message, and is
awaiting a reply OPEN Message. Once it receives a reply OPEN Message, the BGP peer will send
a KEEPALIVE message. (TCP Connection Done, OPEN MSG Received, KEEPALIVE SENT)

5) OpenConfirm: BGP listens for a reply KEEPALIVE message. (Listen reply KEEPALIVE)

6) Established: the BGP peer session is fully established. UPDATE messages containing routing
information will now be sent. (BGP Neighborship formed, UPDATE MSG Sent)

If a peer session is stuck in an Active state, potential problems can include: no IP

connectivity, no route to host, an incorrect neighbor statement, or an access-list
filtering TCP port 179.

BGP Neighbor Configuration:

 iBGP:

 RouterB(config)# router bgp 100

 RouterB(config-router)# neighbor 10.1.1.1 remote-as 100

eBGP:

 RouterB(config)# router bgp 100

 RouterB(config-router)# neighbor 172.16.1.2 remote-as 900

 For stability purposes, the source interface used to generate updates to a particular neighbor
can be specified:
 RouterB(config)# router bgp 100
 RouterB(config-router)# neighbor 172.16.1.2 update-source lo0

 RouterC must then point to RouterB’s loopback (assume the address is 1.1.1.1/24) in its
neighbor statement:
 RouterC(config)# router bgp 900
 RouterC(config-router)# neighbor 1.1.1.1 remote-as 100

 RouterC must have a route to RouterB’s loopback in its routing table.

 by default, BGP assumes that external peers are exactly one hop away.
 Using the loopback as a source interface puts RouterB two hops away from RouterC. Thus, the
ebgp-multihop feature must be enabled.
 RouterC(config)# router bgp 900
 RouterC(config-router)# neighbor 1.1.1.1 ebgp-multihop 2

The 2 indicates the number of hops to the eBGP peer. If left blank, the default is 255.

Authentication:
  RouterB(config)# router bgp 100
 RouterB(config-router)# neighbor 172.16.1.2 password CISCO

BGP Timer:
 RouterB(config)# router bgp 100
 RouterB(config-router)# timers bgp 30 90

The above command sets the Keepalive timer to 30 seconds and the Holdtime timer to 90 seconds.

If the configured Hold-time timers between two peers are different, the peer session will still be
established, and the smallest timer value will be used.

 To adjust the timers for a specific neighbor

 RouterB(config)# router bgp 100

 RouterB(config-router)# neighbor 172.16.1.2 timers 30 90

 To view the status of all BGP neighbors:

 RouterB# show ip bgp neighbors

 To view the status of a specific BGP neighbor:

 RouterB# show ip bgp neighbors 172.16.1.2

BGP Synchronization:
  Consider the above example. AS 200 is serving as a transit between AS 100 and AS 300.
 BGP follows a synchronization rule that states that “all routers in a transit AS, including non-BGP
routers, must learn of a route before BGP can advertise it to an external peer”.
Confused?
 In above example, If RouterA advertises a BGP route to RouterB (an eBGP peer) for the
10.5.0.0/16 network, that same BGP route will eventually be forwarded to RouterD (an iBGP
peer).
 However, a blackhole would exist if RouterD then advertised that update to RouterE, as
RouterC would not have the 10.5.0.0/16 network in its routing table.
 If RouterE attempts to reach the 10.5.0.0 network, RouterC will drop the packet.
 BGP’s synchronization rule will force RouterD to wait until RouterC learns the 10.5.0.0/16 route,
before forwarding that route to RouterE.

How will RouterD know when RouterC learns the route?

 Simple! When it receives an update from RouterC via an IGP (such as OSPF), containing that
route.

BGP synchronization can be disabled under two circumstances:

 The local AS is not a transit between two other AS’s

 All routers in the transit AS run iBGP, and are fully meshed.
 RouterD(config)# router bgp 200
 RouterD(config-router)# no synchronization

As of IOS 12.2(8)T, synchronization is disabled by default.

Advertising Prefixes in BGP:
 There are three ways to advertise a prefix into BGP:
1) By using network statements
2) By using aggregate-address statements
3) By redistributing an IGP into BGP

 Using the network statement informs BGP which networks to advertise to eBGP peers.
 The network command can be used to inject any network from the local AS into BGP.
 However, the route must be in the routing table before BGP will advertise the network to an
eBGP peer. This is a fundamental BGP rule.

 RouterB may inject the 10.5.0.0/16 network into BGP using the network command.
 However, unless that route is in the local routing table via IGP, RouterB will not advertise the
route to RouterC.
 Furthermore, the network statement must match the route exactly as it is in the routing table:

 RouterB(config)# router bgp 100

 RouterB(config-router)# neighbor 172.16.1.2 remote-as 900
 RouterB(config-router)# network 10.5.0.0 mask 255.255.0.0

If no mask is specified, a classful mask will be assumed.

BGP Routing Table:
BGP maintains its own separate routing table. This table contains a list of routes that can be advertised
to BGP peers.

 To view the BGP routing table on RouterB:

RouterB# show ip bgp

 The route has been injected into BGP using the network command.
 The Next Hop of 0.0.0.0 indicates that the route was locally originated into BGP.
 The Path is empty, as the route originated in the same AS.

 Notice the Status Codes of “*>”.

 The * indicates that this route is valid.
 The > indicates that this is the best route to the destination.

 BGP will never advertise a route to an eBGP peer unless it is both valid and the best route to
that destination.
 BGP routes that are both valid and best will also added the IP routing table as well.
 To view the BGP routing table on RouterC:

RouterC# show ip bgp

 Notice that AS 100 has been added to the path, and that the Next Hop is now RouterB.
BGP Route-Reflectors:
 BGP requires all iBGP peers to be fully meshed. RouteReflectors allow us to bypass this
restriction.
 Fewer neighbor connections will result in less bandwidth and CPU usage.
 Route-reflector clients form neighbor adjacencies with the route-reflector server.
 BGP updates will flow from the server to the clients, without the clients having to interact with
each other.

 In AS 100, there are three BGP speakers.

 Normally, these iBGP peers must be fully-meshed.
 For example, RouterB would need a neighbor statement for both RouterA and RouterD.

 As an alternative, RouterA can be configured as a route-reflector server. Both RouterB and

RouterD would only need to peer with RouterA.

 All route-reflector specific configuration takes place on the route reflector server:
 RouterA(config)# router bgp 100
 RouterA(config-router)# neighbor 10.2.1.2 remote-as 100
 RouterA(config-router)# neighbor 10.2.1.2 route-reflector-client
 RouterA(config-router)# neighbor 10.1.1.2 remote-as 100
 RouterA(config-router)# neighbor 10.1.1.2 route-reflector-client

Route-reflectors are Cisco’s recommended method of avoid the iBGP full-mesh requirement.
BGP Confederations:
 Confederations are an alternative method to avoid the requirement that all iBGP routers be
fully meshed.
 Confederations are basically AS’s within an AS, and are sometimes referred to as sub-AS’s.

 RouterA belongs to AS 777 and RouterB belongs to AS 888. Both of those AS’s belong to a
parent AS of 300.
 RouterA and RouterB will form an eBGP peer session.

 Configuration is simple:

 RouterB(config)# router bgp 888

 RouterB(config-router)# bgp confederation identifier 300
 RouterB(config-router)# bgp confederation peer 777
 RouterB(config-router)# neighbor 10.1.1.1 remote-as 777
 RouterB(config-router)# neighbor 172.16.1.2 remote-as 500

 RouterC will be unaware of RouterB’s confederation status.

 Thus, RouterC’s neighbor statement will point to AS 300, and not AS 888:

 RouterC(config)# router bgp 500

 RouterC(config-router)# neighbor 172.16.1.1 remote-as 300
BGP Peer-Groups:
 Peer-groups simplify configuration of groups of neighbors, assuming those neighbors share
same settings.
 Additionally, peer-groups conserve processor/memory resources by sending updates to all peer-
group members simultaneously, as opposed to sending individual updates to each neighbor.
 All neighbor parameters are applied to the peer-group itself.

 Router(config)# router bgp 200

 Router(config-router)# neighbor XYZ peer-group
 Router(config-router)# neighbor XYZ remote-as 200
 Router(config-router)# neighbor XYZ update-source lo0
 Router(config-router)# neighbor XYZ route-reflector-client

 The above configuration creates a peer-group named XYZ, and applies the desired settings.

 Next, we must “assign” the appropriate neighbors to the peer-group:

 Router(config-router)# neighbor 10.10.1.1 peer-group XYZ

 Router(config-router)# neighbor 10.10.2.2 peer-group XYZ
 Router(config-router)# neighbor 10.10.3.3 peer-group XYZ

The above neighbors now inherit the settings of the peer-group named XYZ.

 All “members” of a peer-group must exclusively be iBGP peers or eBGP peers.

 A mix of iBGP and eBGP peers is not allowed in a peer-group.

 Outbound route filtering (via a distribution-list, route-map, etc.) must be identical on all
members of a peer-group.
 Inbound route filtering can still be applied on a per-neighbor basis.
BGP Attributes:
BGP uses several attributes to find the best path to a destination.

Well-known attributes are supported by all implementations of BGP.

Optional attributes may not be supported by all BGP-speaking routers.

 Well-known Mandatory: Standard attributes supported by all BGP implementations, and

always included in every BGP update.
 AS-Path
 Next-Hop
 Origin

 Well-known Discretionary: Standard attributes supported by all BGP implementations, and are
optionally included BGP updates.
 Local Preference
 Atomic Aggregate

 Optional Transitive: Optional attribute that may not be supported by all implementations of
BGP. Transitive indicates that a noncompliant BGP router will forward the unsupported
attribute unchanged, when sending updates to peers.
 Aggregator
 Community

 Optional Non-Transitive - Optional attribute that may not be supported by all implementations
of BGP.

Non-Transitive indicates that a non-compliant BGP router will strip out the unsupported
attribute, when sending updates to peers.

 MED (Multi-Exit-Discriminator)

 Each attribute is identified by a code:

o Origin Code 1
o AS-Path Code 2
o Next Hop Code 3
o MED Code 4
o Local Preference Code 5
o Automatic Aggregate Code 6
o Aggregator Code 7
o Community Code 8
The following describes several specific BGP attributes:

 AS-Path: Identifies the list of traversed AS’s to reach a particular destination. (Shortest AS-Path
Preferred).

 Next-Hop: Identifies the next hop IP address to reach a particular destination.

 Origin: Identifies the originator of the route.

 Local Preference: Provides a preference to determine the best path for outbound traffic.
(Highest LP Preferred)

 Atomic Aggregate: Identifies routes that have been summarized, or aggregated.

 Aggregator: Identifies the BGP router that performed an address aggregation.

 Community: Tags routes that share common characteristics into communities.

 MED (Multi-Exit-Discriminator): Provides a preference to eBGP peers to a specific inbound

router. (Lowest MED Preferred).

 Weight (Cisco Proprietary): Similar to Local Preference, provides a local weight to determine the
best path for outbound traffic. (Highest weight Preferred)
Weight:
 The Weight attribute is applied to inbound routes, dictating the best outbound path.
 It is a Cisco-proprietary attribute, and is only locally significant.

 The weight value can range from 0 – 65535, and the highest weight is preferred.
 By default, a route originated on the local router will be assigned a weight of 32768.
 All other routes will be assigned a weight of 0, by default.

 A weight value can be specified for all routes advertised from a specific neighbor:
 RouterA(config)# router bgp 100
 RouterA(config)# neighbor 10.1.1.2 weight 200

 A weight value can also be specified for specific routes from a particular neighbor.
 First, the prefixes must be identified:

 RouterA(config)# ip prefix-list XYZ 192.168.1.0/24

 Then, a route-map is used to apply the appropriate weight:

 RouterA(config)# route-map ABC permit 10

 RouterA(config-route-map)# match ip address prefix-list XYZ
 RouterA(config-route-map)# set weight 200
 RouterA(config-route-map)# route-map ABC permit 20

 Finally, the route-map is applied to the preferred neighbor:

 RouterA(config)# router bgp 100

 RouterA(config)# neighbor 10.1.1.2 route-map ABC in
Local Preference:
 The Local Preference attribute is applied to inbound external routes, dictating the best
outbound path.
 Unlike the Weight attribute, Local Preference is passed on to iBGP peers when sending updates.
 Local Preference informs iBGP routers how to exit the AS, if multiple paths exist.

 Local Preference is a 32-bit number, and can range from 0 to 4294967295.

 The highest Local Preference is preferred, and the default preference is 100.

 The LP value can be specified for all inbound external routes, on a global basis for BGP:

 RouterB(config)# router bgp 100

 RouterB(config-router)# bgp default local-preference 200

 RouterD(config)# router bgp 100

 RouterD(config-router)# bgp default local-preference 300

 Both RouterB and RouterD will include the LP attribute in updates to iBGP neighbors.
 Thus, RouterA (and RouterB) will now prefer the route through RouterD to reach any
destination outside the local AS.

 Local Preference can be applied on a per-route basis:

 RouterD(config)# ip prefix-list XYZ 192.168.1.0/24

 RouterD(config)# route-map ABC permit 10

 RouterD(config-route-map)# match ip address prefix-list XYZ
 RouterD(config-route-map)# set local-preference 300

 RouterD(config)# router bgp 10

 RouterD(config)# neighbor 172.17.1.2 route-map ABC in
AS-Path Prepend:
 The AS-Path attribute is applied to outbound routes, dictating the best inbound path.
 Two things can be accomplished with the AS-Path attribute, prepend or filter.

 To prepend to (or add to) the existing AS-Path results in a longer AS-Path, which makes the
route less desirable for inbound traffic:

 RouterB(config)# access-list 5 permit 10.5.0.0 0.0.255.255

 RouterB(config)# route-map ABC permit 10

 RouterB(config-route-map)# match ip address 5
 RouterB(config-route-map)# set as-path prepend 200 200
 RouterB(config-route-map)# route-map ABC permit 20

 RouterB(config)# router bgp 100

 RouterB(config-router)# neighbor 172.16.1.2 route-map ABC out

 The artificial AS-Path information is not added to a route until it is advertised to an eBGP peer.
 RouterC’s BGP routing table will now look as follows:

 RouterC# show ip bgp

 Notice the inflated AS-Path through RouterB.

 RouterC will prefer the path through RouterD to reach the 10.5.0.0/16 network.
Additionally, routes can be filtered based on AS-Path values, using an aspath access-list. This requires
the use of regular expressions:

 The following examples illustrate the use of regular expressions:

 To configure RouterF to only accept routes that originated from AS100:

 RouterF(config)# ip as-path access-list 15 permit _100$

 RouterF(config)# route-map ABC permit 10

 RouterF(config-route-map)# match as-path 15

 RouterF(config)# router bgp 50

 RouterF(config-router)# neighbor 10.5.1.1 route-map ABC in

RouterF# show ip bgp regexp _100$

Origin:

 The Origin attribute identifies the originating source of the route.

 The origin codes are as follows (listed in order of preference for route selection):

1) i --- (IGP):- Originated from an IGP, such as OSPF.

This usually indicates the route was injected into BGP via the network command under the BGP
process.

An origin code of “i” is most preferred.

2) e --- (EGP):- Originated from an external gateway protocol.

3) ? --- (incomplete):- Unknown origin.

This usually indicates the route was redistributed into BGP (from either connected, static, or
IGP routes).

An origin code of “?” is the least preferred.

 When viewing the BGP routing table, the origin code is listed at the end of each line in the table:

 RouterB# show ip bgp

 The i at the end of the first routing entry indicates the 10.5.0.0 network was originated via an
IGP, probably with the BGP network command.
  The 192.168.1.0 network was most likely redistributed into BGP in AS 900, as evidenced by the ?
at the end of that routing entry

MED (MultiExit Discriminator):

 The MED attribute is applied to outbound routes, dictating the best inbound path into the AS
(assuming multiple paths exist).
 The MED is identified as the BGP metric when viewing the BGP routing table.
 A lower metric is preferred, and the default MED value is 0.

 There are two entry points into AS 100.

 To force AS 900 to prefer that path through RouterD to reach the 10.5.0.0/16 network, the set
metric command can be used with a route-map:

 RouterB(config)# access-list 5 permit 10.5.0.0 0.0.255.255

 RouterB(config)# route-map XYZ permit 10

 RouterB(config-route-map)# match ip address 5
 RouterB(config-route-map)# set metric 200

 RouterB(config)# router bgp 100

 RouterB(config-router)# neighbor 172.16.1.2 route-map XYZ out

 RouterC will now have two entries for the 10.5.0.0/16 route:

 Notice that the route from RouterB has a higher metric, and thus is less preferred.
 Note specifically the lack of a > on the route with a higher metric.

 The MED value is exchanged from one AS to another, but will never be advertised further than
that.
  Thus, the MED value is passed from AS 100 to all BGP routers in AS 900, but the metric will be
reset to 0 if the route is advertised beyond AS 900.

 If BGP contains multiple routes to the same destination, it compares the routes in pairs.
 Starting with the newest entries and working towards the oldest entries.
 This can lead to sub-optimal routing, depending on the order of routes in the BGP routing table.
 BGP provides two MED-related commands to alleviate sub-optimal routing selections.

 1) bgp deterministic-med
 2) bgp always-compare-med

 The bgp deterministic-med command forces the MED value to be compared, when multiple
routes to the same network are received via multiple routers from the same AS.

 RouterE(config)# router bgp 100

 RouterE(config-router)# bgp deterministic-med
The bgp deterministic-med command is disabled by default. If used, the command should be enabled on
all routers within the AS.

 The bgp always-compare-med command forces the MED value to be compared, when multiple
routes to the same network are received via multiple routers from different AS’s.

 RouterE(config)# router bgp 100

 RouterE(config-router)# bgp always-compare-med
The bgp always-compare-med command is disabled by default. Thus, by default, the MED value is not
compared between paths from different AS’s.
  The MED metric on routes sent to eBGP neighbors can be dynamically set to the actual metric
of an IGP (such as OSPF).
 This is accomplished using the set metric-type internal command with a route-map:

 RouterB(config)# access-list 5 permit 10.5.0.0 0.0.255.255

 RouterB(config)# route-map XYZ permit 10

 RouterB(config-route-map)# match ip address 5
 RouterB(config-route-map)# set metric-type internal

 RouterB(config)# router bgp 100

 RouterB(config-router)# neighbor 172.17.1.2 route-map XYZ out

If the 10.5.0.0/16 network originated in OSPF, the link-state cost metric for that route will be applied as
the MED metric.

Attribute Applied On Applied For Command

weight Inbound Routes Outbound Path In
Local Preference Inbound External Routes Outbound Path In
AS-Path Outbound Routes Inbound Path Out
MED Outbound Routes Inbound Path Out
Communities:

 BGP allows routes to be placed into certain Communities.

 BGP routers can make route policy decisions based on a route’s community membership.
 BGP communities can be assigned using one of three 32-bit formats:
 Decimal (1000000)
 Hexadecimal (0x1A2B3C)
 AA:NN (100:20)

 The AA:NN format specifies a 16-bit AS number (the AA), and a 16-bit generic community
identifier (the NN).
 By default, the decimal format for communities will be displayed when viewing a route.
 To force the router to display the AA:NN format:

 RouterA(config)# ip bgp-community new-format

 Additionally, there are four well-known communities that can be referenced by name:

1) No-export:- prevents the route from being advertised outside the local AS to eBGP peers.

2) No-advertise:– prevents the route from being advertised to either internal or external
peers.

3) Internet:- allows the route to be advertised outside the local AS.

4) Local-AS:- prevents the route from being advertised outside the local AS to either eBGP or
confederate peers.
 To set the community for a specific route, using a route-map:

 RouterB(config)# access-list 5 permit 10.5.0.0 0.0.255.255

 RouterB(config)# route-map XYZ permit 10

 RouterB(config-route-map)# match ip address 5
 RouterB(config-route-map)# set community no-export
 RouterB(config)# route-map XYZ permit 20

 RouterB(config)# router bgp 100

 RouterB(config-router)# neighbor 172.16.1.2 send-community
 RouterB(config-router)# neighbor 172.16.1.2 XYZ out

 The community attribute will not be advertised to a neighbor unless the send-community
parameter is applied to the neighbor command

 The above configuration will place the 10.5.0.0/16 route into the no-export community once it
is advertised into AS 900.
 RouterC will advertise this network to all iBGP peers, but the community attribute will prevent
RouterC (and all iBGP peers) from advertising the route outside of AS 900.

 By default, the set community route-map command will overwrite any existing community
parameters for a route.
 To instead configure additional community values, the additive parameter must be specified:

 RouterB(config)# route-map XYZ permit 10

 RouterB(config-route-map)# match ip address 5
 RouterB(config-route-map)# set community no-export additive
 RouterB(config)# route-map XYZ permit 20
BGP Summarization:
 Routes that are redistributed into BGP are automatically summarized.
 To disable auto-summary:

 Router(config)# router bgp 100

 Router(config-router)# no auto-summary

 To manually create a summary address for the following group of networks:

 172.16.0.0/24
 172.16.1.0/24
 172.16.2.0/24
 172.16.3.0/24
The aggregate-address command must be used:

 Router(config)# router bgp 100

 Router(config-router)# aggregate-address 172.16.0.0 255.255.252.0

 BGP’s default configuration is to send both the summary address and the more specific
individual routes.
 To only send the summary route:

 Router(config)# router bgp 100

 Router(config-router)# aggregate-address 172.16.0.0 255.255.252.0 summaryonly

 To suppress (or summarize) only specific routes, instead of all routes, a route-map must be
used:

 Router(config)# access-list 5 permit 172.16.0.0 0.0.0.255

 Router(config)# access-list 5 permit 172.16.1.0 0.0.0.255

 Router(config)# route-map XYZ permit 10

 Router(config-route-map)# match ip address 5

 Router(config)# router bgp 100

 Router(config-router)# aggregate-address 172.16.0.0 255.255.252.0 summaryonly
suppress-map XYZ

 The access-list details the routes that should be suppressed. To allow the summarized routes to
retain their AS-Path information:

 Router(config)# router bgp 100

  Router(config-router)# aggregate-address 172.16.0.0 255.255.252.0 summaryonly
suppress-map XYZ as-set

BGP Route Dampening:

 Route dampening “suppresses” routes that are flapping.

 It is minimizing unnecessary convergence and updates.
 If a route flaps (goes up and down), it is assigned a penalty (default is 1000).
 All routes start with a penalty of 0, and the local router maintains a history of routes that have
flapped.

 Once the penalty reaches a specific threshold, the route is suppressed.

 When a route is suppressed, it is neither advertised nor used locally on the router.

 First, the routes to be “observed” must be identified using an access-list or prefix-list:

 Router(config)# ip prefix-list XYX seq 10 permit 10.1.0.0/16

 Router(config)# ip prefix-list XYZ seq 20 permit 10.2.0.0/16

 Next, dampening values must be configured using a route-map:

 Router(config)# route-map ABC permit 10

 Router(config-route-map)# match ip address prefix-list XYZ
 Router(config-route-map)# set dampening 15 750 2000 60

 The above values for the set dampening command represent the defaults.

 The 15 (measured in minutes) indicates the half-life timer. If a route is assigned a penalty, half
of the penalty will decay after this timer expires.

 The 750 (arbitrary penalty measurement) indicates the bottom threshold. Once a penalized
route falls below this threshold, it will no longer be suppressed.

 The 2000 (arbitrary penalty measurement) indicates the top threshold. If a route flaps to the
point that its penalty exceeds this threshold, it is suppressed.

 The 60 (measured in minutes) indicates the maximum amount of time a route can be
suppressed.

 Finally, route-dampening must be enabled under the BGP process:

 Router(config)# router bgp 100

 Router(config-router)# bgp dampening route-map ABC
BGP Next-Hop-Self:

 If RouterC sends the 192.168.1.0/24 route to its eBGP peer RouterB, the Next Hop for that route
will be through RouterC:

 RouterB# show ip bgp

 A serious problem arises when RouterB sends this route to its iBGP peers (RouterA and
RouterD). The Next Hop value is not changed:

 RouterA# show ip bgp

 Notice the lack of >, indicating this is no longer the best route to the destination. This is because
RouterA has no route to the next hop address.
 There are two workarounds:
 Either the 172.16.0.0/16 network must be added to RouterA’s and RouterD’s routing
tables.
 Or the Next-Hop field must be adjusted to identify RouterB as the next hop.

The configuration is simple, and is completed on RouterB:

 RouterB(config)# router bgp 200

 RouterB(config-router)# neighbor 10.1.1.1 next-hop-self
 RouterB(config-router)# neighbor 10.2.1.2 next-hop-self

 RouterB now advertises itself as the next hop for all eBGP routes it learns:

 RouterA# show ip bgp

 Interview Q&A
What is BGP ?
Ans.
 BGP is exterior gateway protocol (EGP), as opposed to RIP, OSPF, and EIGRP which are interior
gateway protocols (IGP’s).
 BGP Version 4 (BGPv4) is the current standard deployment.
 BGP is a “Path Vector” routing protocol.
 BGP was not built to route within an Autonomous System (AS), but rather to route between
AS’s.
 BGP maintains a separate routing table based on shortest AS Path and various other attributes,
as opposed to IGP metrics like distance or cost.
 BGP is the routing protocol of choice on the Internet. Essentially, the Internet is a collection of
interconnected Autonomous Systems.
 BGP AS Number is a 16-bit number ranging from 1 – 65535.
 A specific subset of this range, 64512 – 65535, has been reserved for private (or internal) use.
 BGP utilizes TCP for reliable transfer of its packets, on port 179.
 .
What is the purpose of bgp ?
Ans.
 BGP was not built to route within an Autonomous System (AS), but rather to route between
AS’s.
 BGP is the routing protocol of choice on the Internet. Essentially, the Internet is a collection of
interconnected Autonomous Systems.

What is the Port Number of BGP?

Ans. TCP port no. 179
Can I run two BGP process on single router?
Ans. No, you cannot run two BGP process on a Single Router.
Can I use BGP instead of any IGP?
Ans. No, because BGP works between autonomous systems & IGP works inside of autonomous
systems
.
What is route reflector and why it is required?
Ans.

 BGP requires all iBGP peers to be fully meshed. RouteReflectors allow us to bypass this
restriction.
 Route-reflector clients form neighbor adjacencies with the route-reflector server.
 BGP updates will flow from the server to the clients, without the clients having to interact
with each other
 It will result in less bandwidth and CPU usage.
What is the BGP path selection criteria?
Ans. BGP tries to narrow its path selection down to one best path; it does not load balance by default.

 First, It Choose the route with the highest weight. (weight is zero for learned routes and
32768 for locally injected routes.)
 If weight is not set, choose the route with the highest local preference.
 Choose routes that this router originated.
 Choose the path with the shortest AS-Path.
 Choose the path with the lowest origin code (i is lowest, e is next, ? is last).
 Choose the route with the lowest MED, if the same Autonomous System advertises the
possible routes.
 Choose an EBGP route over an IBGP route
 Choose the route through the nearest IGP neighbor as determined by the lowest IGP metric
 Choose the oldest route
 Choose a path through the neighbor with the lowest router ID.
 Choose a path through the neighbor with the lowest IP address.

What formats can I use to configure the BGP community attribute?

 BGP allows routes to be placed into certain Communities.

 BGP routers can make route policy decisions based on a route’s community membership.
 BGP communities can be assigned using one of three 32-bit formats:
 Decimal (1000000)
 Hexadecimal (0x1A2B3C)
 AA:NN (100:20)

 The AA:NN format specifies a 16-bit AS number (the AA), and a 16-bit generic community
identifier (the NN).
 By default, the decimal format for communities will be displayed when viewing a route.
 To force the router to display the AA:NN format:
 RouterA(config)# ip bgp-community new-format

 Additionally, there are four well-known communities that can be referenced by name:
1) No-export:- prevents the route from being advertised outside the local AS to
eBGP peers.
2) No-advertise:– prevents the route from being advertised to either internal or
external peers.
3) Internet:- allows the route to be advertised outside the local AS.

4) Local-AS:- prevents the route from being advertised outside the local AS to
either eBGP or confederate peers.

Define various BGP path attributes.

 Well-known Mandatory: Standard attributes supported by all BGP implementations, and
always included in every BGP update. Eg. AS-Path, Next-Hop, Origin.

 Well-known Discretionary: Standard attributes supported by all BGP implementations, and are
optionally included BGP updates. Eg. Local Preference, Atomic Aggregate.

 Optional Transitive: Optional attribute that may not be supported by all implementations of
BGP. Transitive indicates that a noncompliant BGP router will forward the unsupported
attribute unchanged, when sending updates to peers. Eg. Aggregator, Community.

 Optional Non-Transitive - Optional attribute that may not be supported by all implementations
of BGP.

Non-Transitive indicates that a non-compliant BGP router will strip out the unsupported
attribute, when sending updates to peers. Eg. MED (Multi-Exit-Discriminator).

What does a next hop of 0.0.0.0 mean in the show ip bgp command output?

Ans. A network in the BGP table with a next hop address of 0.0.0.0 means that the network is
locally originated via redistribution of IGP into BGP.
or via a network or aggregate command in the BGP configuration.
What is synchronization, and how does it influence BGP routes installed in the IP routing
table?
Ans.

 If your AS passes traffic from another AS to a third AS, BGP should not advertise a route
before all routers in your AS learn about the route via IGP.
 BGP waits until IGP propagates the route within the AS and then advertises it to external
peers.
 A BGP router with synchronization enabled does not install iBGP learned routes into its
routing table if it is not able to validate those routes in its IGP.
 We can use no synchronization command to disable synchronization.
How do I configure BGP with the use of a loopback address?

 First The use of a loopback interface ensures that the neighbor stays up and is not affected by
malfunctioning hardware.
 BGP peer as the source address when it establishes the BGP peering session, by default. Issue
the neighbor <ip address> update-source <interface> command in order to change this
behavior and configure the BGP that speaks to the router to establish peering with the use of
a loopback address as the source address.
What is the default BGP ConnectRetry timer, and is it possible to tune the BGP ConnectRetry
timer?

 The default BGP ConnectRetry timer is 120 seconds.

 Only after this time passes does the BGP process check to see if the passive TCP session is
established. If the passive TCP session is not established, then the BGP process starts a new
active TCP attempt to connect to the remote BGP speaker. During this idle 120 seconds of
the ConnectRetry timer, the remote BGP peer can establish a BGP session to it.
 Presently, the Cisco IOS ConnectRetry timer cannot be changed from its default of 120
seconds.

What additional command do you have to use to establish intraconfederation EBGP

sessions between loopback interfaces?
Ans. To establish intraconfederation EBGP sessions between loopback interfaces, you must
specify ebgp-multihop on the intraconfederation EBGP neighbor.

What is the purpose of route dampening ?<

Route dampening minimizes the impact of route flaps in downstream autonomous systems upon
local and upstream autonomous systems.

In general which routes will affect by route dampening?

Route dampening affects only EBGP routes.
Do internal BGP (iBGP) sessions modify the next hop?

 iBGP sessions preserve the next hop attribute learned from eBGP peers. This is why it is
important to have an internal route to the next hop. The BGP route is otherwise
unreachable.
 In order to make sure you can reach the eBGP next hop, include the network that the next
hop belongs to in the IGP or issue the next-hop-self neighbor command to force the
router to advertise itself, rather than the external peer, as the next hop.