Difference between revisions of "Cisco BGP"

From HackerNet
Jump to: navigation, search
Line 26: Line 26:
  
 
=Konfiguration=
 
=Konfiguration=
 +
För att byta från NLRI-format till AFI-format i konfigurationen
 +
bgp upgrade-cli
 +
 +
===Neighbors===
 
  router bgp [ASN]
 
  router bgp [ASN]
 
  no auto-summary
 
  no auto-summary
 
  router-id [loopback-adress]
 
  router-id [loopback-adress]
 
Best practice
 
ip bgp community new-format
 
  
 
iBGP eller eBGP
 
iBGP eller eBGP
 
  neighbor 1.1.1.1 remote-as 65001
 
  neighbor 1.1.1.1 remote-as 65001
 
  neighbor 1.1.1.1 description Other side
 
  neighbor 1.1.1.1 description Other side
neighbor 1.1.1.1 password 7 110B1E15
 
  
 
Addess family
 
Addess family
Line 51: Line 51:
 
eBGP om det ej är directly connected, t.ex. loopback
 
eBGP om det ej är directly connected, t.ex. loopback
 
  neighbor [ip-address] ebgp-multihop 2
 
  neighbor [ip-address] ebgp-multihop 2
 
Ändra så att annonserade uppdateringar har den egna IP-adressen istället för det som står i uppdateringen från den granne man har lärt sig nätverket av.
 
neighbor [ip-address] next-hop-self
 
  
 
Nätverk som ska annonseras
 
Nätverk som ska annonseras
Line 63: Line 60:
 
Send default route
 
Send default route
 
  default-information originate
 
  default-information originate
 
Preference
 
bgp default local-preference 100
 
  
 
Synchronization is enabled by default in Cisco IOS Software Release prior to 12.2(8)T.  
 
Synchronization is enabled by default in Cisco IOS Software Release prior to 12.2(8)T.  
Line 72: Line 66:
 
Timers
 
Timers
 
  tim bg 10 30 20
 
  tim bg 10 30 20
 
Don't wait for the hold-down timer (180 sec) to expire.
 
bgp fast-external-fallover  #Global
 
ip bgp fast-external-fallover  #Per interface
 
 
För att byta från NLRI-format till AFI-format i konfigurationen
 
bgp upgrade-cli
 
  
 
===Peer Group===
 
===Peer Group===
Line 84: Line 71:
 
  neighbor GROUP01 peer-group
 
  neighbor GROUP01 peer-group
 
  neighbor 1.1.1.1 peer-group GROUP01
 
  neighbor 1.1.1.1 peer-group GROUP01
 +
 +
===Passive Peer===
 +
 +
===Dynamic Peering===
 +
 +
===Next Hop===
 +
Ändra så att annonserade uppdateringar har den egna IP-adressen istället för det som står i uppdateringen från den granne man har lärt sig nätverket av.
 +
neighbor [ip-address] next-hop-self
 +
 +
===NLRI===
 +
 +
===Summarization===
 +
aggregate-address, null route automatically installed
 +
aggregate-address 10.0.0.0 255.0.0.0 [summary-only]
 +
summary-only, suppress detailed routes
  
 
===Route Reflector===
 
===Route Reflector===
Line 91: Line 93:
 
  neighbor [ip-address] route-reflector-client
 
  neighbor [ip-address] route-reflector-client
  
===Community===
+
===Communities===
 +
Best practice
 +
ip bgp community new-format
 
Skicka standard och extended
 
Skicka standard och extended
 
  neighbor [ip-address] send-community both
 
  neighbor [ip-address] send-community both
 +
 +
===Filtering===
 +
 +
===AS-path manipulation===
 +
 +
===Convergence===
 +
Don't wait for the hold-down timer (180 sec) to expire.
 +
bgp fast-external-fallover  #Global
 +
ip bgp fast-external-fallover  #Per interface
  
 
===Dampening===
 
===Dampening===
Line 129: Line 142:
  
 
==Local Preference==
 
==Local Preference==
 +
Preference
 +
bgp default local-preference 100
 +
 
Högst preference vinner
 
Högst preference vinner
 
  route-map LOCALPREF permit 10
 
  route-map LOCALPREF permit 10

Revision as of 19:30, 6 December 2015

Border Gateway Protocol (RFC 4271) är ett path vector routing protokoll. Det kommunicerar på TCP port 179 så routing måste vara på plats, man kan nästan se det som ett L4-protokoll. BGP kan få många vägar till samma destination. Bästa vägen väljs utifrån en algoritm. http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13753-25.html

States

TCP

Idle State

ConnectRetry timer 120 sekunder

Active State

BGP speaker försöker nå peer med TCP

Connect State

TCP session established

BGP

OpenSent State

BGP version, AS number, hold time, BGP ID
Börja skicka keepalives

OpenConfirm State

Response recieved

Established State

Skicka uppdateringar
Neighbor up

Konfiguration

För att byta från NLRI-format till AFI-format i konfigurationen

bgp upgrade-cli 

Neighbors

router bgp [ASN]
no auto-summary
router-id [loopback-adress]

iBGP eller eBGP

neighbor 1.1.1.1 remote-as 65001
neighbor 1.1.1.1 description Other side

Addess family

address-family ipv4
 network 10.0.0.0
 redistribute isis level-2
 neighbor 1.1.1.1 activate
 neighbor 1.1.1.1 send-community both
exit-address-family

Loopback. When configuring iBGP always use loopbacks (advertised by your IGP) for peering.

neighbor [ip-address] update-source [interface]

eBGP om det ej är directly connected, t.ex. loopback

neighbor [ip-address] ebgp-multihop 2

Nätverk som ska annonseras

network [ip-address] mask [subnet-mask]

Soft

neighbor 1.1.1.1 soft-reconfiguration inbound

Send default route

default-information originate

Synchronization is enabled by default in Cisco IOS Software Release prior to 12.2(8)T.

no synchronization

Timers

tim bg 10 30 20

Peer Group

För att förenkla konfen kan man gruppera flera grannar i så kallade peer groups.

neighbor GROUP01 peer-group
neighbor 1.1.1.1 peer-group GROUP01

Passive Peer

Dynamic Peering

Next Hop

Ändra så att annonserade uppdateringar har den egna IP-adressen istället för det som står i uppdateringen från den granne man har lärt sig nätverket av.

neighbor [ip-address] next-hop-self

NLRI

Summarization

aggregate-address, null route automatically installed

aggregate-address 10.0.0.0 255.0.0.0 [summary-only]

summary-only, suppress detailed routes

Route Reflector

Routes lärda av iBGP skickas ej vidare till iBGP-grannar per default. En route reflector bryter denna regel.
Route Reflector:

address-family ipv4
neighbor [ip-address] route-reflector-client

Communities

Best practice

ip bgp community new-format

Skicka standard och extended

neighbor [ip-address] send-community both

Filtering

AS-path manipulation

Convergence

Don't wait for the hold-down timer (180 sec) to expire.

bgp fast-external-fallover  #Global
ip bgp fast-external-fallover  #Per interface

Dampening

route-map selective_dampening permit 10
set dampening 5 1900 2000 10

5=half-life, 1900=reuse-limit, 2000=suppress-limit, 10 max-suppress-limit

router bgp [ASN]
bgp dampening route-map selective_dampening

Route flap

show ip bgp flap-statistics

Show

show ip bgp summary
show bgp ipv4 unicast 
show ip bgp neighbor
show ip bgp paths
show ip bgp rib-failure

Routes som skickas

sh ip bgp vrf Name neighbors 10.10.10.10 advertised-routes 

Reset

clear ip bgp *
clear ip bgp <address> soft

Debug

debug ip bgp events

MED

multi-exit discriminator

ip access-list standard MED
 permit 1.1.1.0 0.0.0.255
route-map MED_50 permit 10
 match ip address MED
 set metric 50

Local Preference

Preference

bgp default local-preference 100

Högst preference vinner

route-map LOCALPREF permit 10
 set local-preference 500
neighbor 1.1.1.1 route-map LOCALPREF in

BMP

The BGP Monitoring Protocol (BMP) feature supports the following functionality to monitor Border Gateway Protocol (BGP) neighbors

router bgp 65000
neighbor 30.1.1.1 bmp-activate server 1
bmp server 1
 activate

Show

show ip bgp bmp server 1
show ip bgp bmp server summary