eBGP (3.5)
In this section, you implement eBGP in a single-homed remote-access network.
BGP Overview (3.5.1)
In this topic, you learn about the basic BGP features.
IGP and EGP Routing Protocols (3.5.1.1)
RIP, EIGRP, and OSPF are Interior Gateway Protocols (IGPs). ISPs and their customers, such as corporations and other enterprises, usually use an IGP to route traffic within their networks. IGPs are used to exchange routing information within a company network or an autonomous system (AS).
Border Gateway Protocol (BGP) is an Exterior Gateway Protocol (EGP) used for the exchange of routing information between autonomous systems, such as ISPs, companies, and content providers (such as YouTube and Netflix).
In BGP, every AS is assigned a unique 16-bit or 32-bit AS number (ASN), which uniquely identifies it on the Internet. Figure 3-26 shows an example of how IGPs are interconnected using BGP.
Figure 3-26 IGP and EGP Routing Protocols
Internal routing protocols use a specific metric, such as OSPF’s cost, for determining the best paths to destination networks. BGP does not use a single metric like IGPs. BGP routers exchange several path attributes including a list of AS numbers (hop by hop) necessary to reach a destination network.
For example, in Figure 3-26, AS 65002 may use the AS-path of 65003 and 65005 to reach a network within the content provider AS 65005. BGP is known as a path vector routing protocol.
BGP updates are encapsulated over TCP on port 179. Therefore, BGP inherits the connection-oriented properties of TCP, which ensures that BGP updates are transmitted reliably.
IGP routing protocols are used to route traffic within the same organization and administered by a single organization. In contrast, BGP is used to route between networks administered by two different organizations. An AS uses BGP to advertise its networks and, in some cases, networks that it learned about from other autonomous systems, to the rest of the Internet.
eBGP and iBGP (3.5.1.2)
Two routers exchanging BGP routing information are known as BGP peers. As shown in Figure 3-27, there are two types of BGP, as described in the list that follows.
Figure 3-27 eBGP and iBGP Comparison
External BGP (eBGP): External BGP is a BGP configuration between two routers in different autonomous systems. For example, eBGP would be used to connect an enterprise AS to a service provider AS.
Internal BGP (iBGP): Internal BGP is a BGP configuration between two routers in the same autonomous systems. For example, iBGP would be used between routers in a service provider AS.
This course focuses on eBGP only.
BGP Design Considerations (3.5.2)
In this topic, you learn about BGP design considerations.
When to Use BGP (3.5.2.1)
The use of BGP is most appropriate when an AS has connections to multiple autonomous systems. This is known as multihomed. Each AS in Figure 3-28 is multihomed because each AS has connections to at least two other autonomous systems or BGP peers.
Figure 3-28 Multihomed
When Not to Use BGP (3.5.2.2)
BGP should not be used when at least one of the following conditions exist:
There is a single connection to the Internet or another AS. This is known as single-homed. In this case, Company-A may run an IGP with the ISP, or Company-A and the ISP each use static routes, as shown in Figure 3-29. Although it is recommended only in unusual situations, for the purposes of this course, you will configure single-homed BGP.
There is a limited understanding of BGP. A misconfiguration of a BGP router can have far-reaching effects beyond the local AS, negatively impacting routers throughout the Internet.
Figure 3-29 Single-Homed
BGP Options (3.5.2.3)
BGP is used by autonomous systems to advertise networks that originated within their AS or, in the case of ISPs, the networks that originated from other autonomous systems.
For example, a company connecting to its ISP using BGP would advertise its network addresses to the ISP. The ISP would then advertise these networks to other ISPs (BGP peers). Eventually, all other autonomous systems on the Internet would learn about the networks initially originated by the company.
An organization can choose to implement BGP in a multihomed environment in three common ways.
Default Route Only
ISPs advertise a default route to Company-A, as shown in Figure 3-30.
Figure 3-30 Default Route Only
The arrows indicate that the default is configured on the ISPs, not on Company-A. This is the simplest method to implement BGP; however, because the company receives only a default route from both ISPs, suboptimal routing may occur. For example, Company-A may choose to use ISP-1’s default route when sending packets to a destination network in ISP-2’s AS.
Default Route and ISP Routes
ISPs advertise their default route and their network to Company-A, as shown in Figure 3-31.
Figure 3-31 Default Route and ISP Routes
This option allows Company-A to forward traffic to the appropriate ISP for networks advertised by that ISP. For example, Company-A would choose ISP-1 for networks advertised by ISP-1. For all other networks, one of the two default routes can be used, which means suboptimal routing may still occur for all other Internet routes.
All Internet Routes
ISPs advertise all Internet routes to Company-A, as shown in Figure 3-32.
Figure 3-32 All Internet Routes
Because Company-A receives all Internet routes from both ISPs, Company-A can determine which ISP to use as the best path to forward traffic for any network. Although this approach solves the issue of suboptimal routing, the BGP router would require sufficient resources to maintain well over 500,000 Internet networks.
eBGP Branch Configuration (3.5.3)
In this topic, you configure an eBGP branch connection.
Steps to Configure eBGP (3.5.3.1)
To implement eBGP for this course, you need to complete the following tasks:
Step 1. Enable BGP routing.
Step 2. Configure BGP neighbor(s) (peering).
Step 3. Advertise network(s) originating from this AS.
Table 3-2 lists the command syntax and a description for basic eBGP configuration.
Table 3-2 BGP Configuration Commands
Command | Description |
---|---|
Router(config)# router bgp as-number | Enables a BGP routing process and places the router in router configuration mode. |
Router(config-router)# neighbor ip-address remote-as as-number | Specifies a BGP neighbor. The as-number is the neighbor’s AS number. |
Router(config-router)# network network-address [mask network-mask] | Advertises a network address to an eBGP neighbor as being originated by this AS. The network-mask is the subnet mask of the network. |
BGP Sample Configuration (3.5.3.2)
In this single-homed BGP topology, Company-A in AS 65000 uses eBGP to advertise its 198.133.219.0/24 network to ISP-1 at AS 65001. ISP-1 advertises a default route in its eBGP updates to Company-A.
Figure 3-33 shows the BGP configuration topology.
Figure 3-33 BGP Configuration Topology
Example 3-16 shows the BGP configuration for Company-A and ISP-1. Customers typically use private IPv4 address space for internal devices within their own network. Using Network Address Translation (NAT), the Company-A router translates these private IPv4 addresses to one of its public IPv4 addresses, advertised by BGP to the ISP.
Example 3-16 Company-A and ISP BGP Configuration
Company-A(config)# router bgp 65000 Company-A(config-router)# neighbor 209.165.201.1 remote-as 65001 Company-A(config-router)# network 198.133.219.0 mask 255.255.255.0 ISP-1(config)# router bgp 65001 ISP-1(config-router)# neighbor 209.165.201.2 remote-as 65000 ISP-1(config-router)# network 0.0.0.0
The router bgp global configuration command enables BGP and identifies the AS number for Company-A. A router can belong to only a single AS, so only a single BGP process can run on a router.
The neighbor router configuration command identifies the BGP peer IP address and AS number. Notice that the ISP AS number is different than the Company-A AS number. This informs the BGP process that the neighbor is in a different AS and is therefore an external BGP neighbor.
The network network-address [mask network-mask] router configuration command enters the network-address into the local BGP table. The BGP table contains all routes learned via BGP or advertised using BGP. eBGP will then advertise the network-address to its eBGP neighbors.
The mask network-mask command parameter must be used when the network advertised is different from its classful equivalent. In this example, the 198.133.219.0/24 is equivalent to a class C network. Class C networks have a /24 subnet mask, so in this case the mask option is not required. If Customer-A were advertising the 198.133.0.0/16 network, the mask option would be required. Otherwise, BGP would advertise the network with a /24 classful mask.
The eBGP commands on the ISP-1 router are similar to the configuration on Company-A. Notice how the network 0.0.0.0 router configuration command is used to advertise a default network to Company-A.
Verify eBGP (3.5.3.3)
You can use three commands to verify eBGP, as described in Table 3-3.
Table 3-3 BGP Verification Commands
Command | Description |
---|---|
Router# show ip route | Verify routes advertised by the BGP neighbor are present in the IPv4 routing table |
Router# show ip bgp | Verify that received and advertised IPv4 networks are in the BGP table |
Router# show ip bgp summary | Verify IPv4 BGP neighbors and other BGP information |
Example 3-17 shows the output for Company-A’s IPv4 routing table. Notice how the origin code B identifies that the route was learned using BGP. Specifically, in this example, Company-A has received a BGP advertised default route from ISP-1.
Example 3-17 Verifying BGP Routes Are in the Table
Company-A# show ip route | include Gateway Gateway of last resort is 209.165.201.1 to network 0.0.0.0 B* 0.0.0.0/0 [20/0] via 209.165.201.1, 00:36:03 10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks C 198.133.219.0/24 is directly connected, GigabitEthernet0/0 L 198.133.219.1/32 is directly connected, GigabitEthernet0/0 209.165.201.0/24 is variably subnetted, 2 subnets, 2 masks C 209.165.201.0/27 is directly connected, GigabitEthernet0/1 L 209.165.201.2/32 is directly connected, GigabitEthernet0/1 Company-A#
Example 3-18 shows the output of Company-A’s BGP table.
Example 3-18 Verifying BGP
Company-A# show ip bgp BGP table version is 3, local router ID is 209.165.201.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 0.0.0.0 209.165.201.1 0 0 65001 i *> 198.133.219.0/24 0.0.0.0 0 32768 i Company-A#
The first entry 0.0.0.0 with a next hop of 209.165.201.1 is the default route advertised by ISP-1. The AS path displays the single AS of 65001 because the 0.0.0.0/0 network advertised by ISP-1 originated from the same AS. Most BGP table entries show multiple autonomous system numbers in the path, listing the sequence of AS numbers required to reach the destination network.
The second entry 198.133.219.0/24 is the network advertised by the Company-A router to ISP-1. The next hop address of 0.0.0.0 indicates that the 198.133.219.0/24 network originated from this router.
Example 3-19 displays the status of BGP connection on Company-A. The first line displays the local IPv4 address used to peer with another BGP neighbor and this router’s local AS number. The address and AS number of the remote BGP neighbor are shown at the bottom of the output.
Example 3-19 Verify BGP Summary
Company-A# show ip bgp summary BGP router identifier 209.165.201.2, local AS number 65000 BGP table version is 3, main routing table version 3 2 network entries using 288 bytes of memory 2 path entries using 160 bytes of memory 2/2 BGP path/bestpath attribute entries using 320 bytes of memory 1 BGP AS-PATH entries using 24 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 792 total bytes of memory BGP activity 2/0 prefixes, 2/0 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 209.165.201.1 4 65001 66 66 3 0 0 00:56:11 1 Company-A#