Posts tagged ‘cisco’

« Previous Entries

Configuring Frame-Relay, Part 2

May 30, 2009, 2:51 pm by jlgaddis

In “Configuring Frame-Relay, Part 1″, I demonstrated how to configure a basic frame-relay hub and spoke network.

In Part 2, we have the same three routers with the same physical topology, but we’ll be using point-to-point connections between each of the routers.

Here’s the topology…

…and the walkthrough…

In Part 3, we’ll add another router, R4, to the topology and use a combination of the physical interface and point-to-point subinterface on R1 to demonstrate how to use both simultaneously. We’ll follow that up in Part 4 by adding OSPF to the whole network to show the differences over various types of networks.

Tags: , , , ,  |  2 Comments

Configuring Frame-Relay, Part 1

May 18, 2009, 5:05 am by jlgaddis

In this video, we show how to configure a basic frame-relay network with one hub and two spokes. The configuration is pretty straightforward and simple, and nearly identical on all three routers. As such, a lot of the video is repetitive. It does, however, go from blank configurations to a fully-configured frame-relay hub-and-spoke network with full connectivity.

Here’s the topology:

As you can see, we’re using the 172.16.123.0/24 network and physical interfaces (no sub-interfaces). The DLCI numbers are illustrated in the diagram.

Here’s the video:

Part 2 uses a similar topology but in a full-mesh configuration with point-to-point connections (and sub-interfaces, of course). Part 3 will use a combination of physical interfaces and sub-interfaces to show how to set up both simultaneously. In Part 4, we’ll be configuring OSPF over the network we set up in Part 3, to show the differences in how OSPF works over various types of networks.

Tags: , , , ,  |  3 Comments

Configuring PPP Authentication (CHAP)

March 30, 2009, 11:25 pm by jlgaddis
Tags: , , , ,  |  Comment

Configuring serial and PPP connections

March 29, 2009, 8:22 pm by jlgaddis

A couple of quick videos to show how to configure basic (back-to-back/directly connected) serial and PPP links. Here’s the topology (as basic as it gets):

Configuring a serial connection

Configuring a PPP connection

Tags: , , , ,  |  Comment

BGP load sharing, dual-homed to one SP

March 22, 2009, 7:59 pm by jlgaddis

Here’s another lab that I just made up using dynamips/dynagen. There is a download link to the .net file I used (modify it as needed) at the bottom of this post.

NOTE: See the video demonstration below!

For this lab, here’s the topology we’re working with:

[Network Diagram]

Our scenario here is pretty basic. We are AS 65065 and are dual-homed to our service provider, AS 65001. We have two T-1 connections: R1 to R2 and R1 to R3. We’re running BGP with our service provider and we would like to load share our outgoing traffic over these two T-1 connections. Fortunately, Cisco provides us with an easy way to do this.

As you may already know, BGP will, by default, only install the one best path into the routing table. In our case, that means that we would only be utilizing one connection at a given time. That’s not exactly the best use of our available bandwidth. The “maximum-paths” command is our friend.

From the Cisco IOS IP Command Reference:

“To configure the maximum number of parallel routes that an IP routing protocol will install into the routing table, use the maximum-paths command in router configuration or address family configuration mode. To restore the default value, use the no form of this command.”

Here are our starting configurations for R2 and R3:

R2:

interface fastethernet 0/0
 ip address 172.16.23.2 255.255.255.0
 no shutdown
interface serial 1/1
 ip address 172.16.12.2 255.255.255.0
 no shutdown
router bgp 65001
 network 172.16.12.0 mask 255.255.255.0
 network 172.16.23.0 mask 255.255.255.0
 neighbor 172.16.12.1 remote-as 65065
 neighbor 172.16.23.3 remote-as 65001
 neighbor 172.16.23.3 next-hop-self
end

R3:

interface fastethernet 0/0
 ip address 172.16.23.3 255.255.255.0
 no shutdown
interface serial 1/0
 ip address 172.16.13.3 255.255.255.0
 no shutdown
router bgp 65001
 network 172.16.13.0 mask 255.255.255.0
 network 172.16.23.0 mask 255.255.255.0
 neighbor 172.16.13.1 remote-as 65065
 neighbor 172.16.23.2 remote-as 65001
 neighbor 172.16.23.2 next-hop-self
end

The interface configuration for R1 is pretty standard and simple, with perhaps one exception:

interface serial 1/0
 ip address 172.16.13.1 255.255.255.0
 ip load-sharing per-packet
 no shutdown
interface serial 1/1
 ip address 172.16.12.1 255.255.255.0
 ip load-sharing per-packet
 no shutdown

Note the use of “ip load-sharing per-packet”. Cisco’s default is to use per-destination load sharing. You’ll want to evaluate your network to decide which is best for you.

Now, let’s configure BGP on R1 and we’re practically done:

router bgp 65065
 maximum-paths 2
 neighbor 172.16.12.2 remote-as 65001
 neighbor 172.16.13.3 remote-as 65001

The only thing left to do is test and verify. See how I did it in the video below:

Tags: , , , , ,  |  1 Comment

Allowing customers to manipulate routing using BGP communities

March 20, 2009, 9:10 pm by jlgaddis

UPDATE: I made a video demonstration of this as well. You can find it at the bottom of this post. Let me know what you think! Thanks.

Upon request, and as a sort of “continuation” of a prior post, “Using BGP communities to influence routing“, I’m going to demonstrate how to permit this to occur (and configure it!) from the service provider perspective.

Recall our topology:

For simplicity, I’m only going to deal with the configurations on R1 and R2 in this post (R3’s configuration is nearly identical to R2’s). Also, because I’m doing this on real gear in my lab at work and I’m currently at home, we’ll be using our FastEthernet 0/1 interfaces (instead of FastEthernet 0/0, as depicted in the diagram). IP addresses and such will remain the same.

Remember that R1 has four loopback interfaces (172.31.0.1/24, 172.31.1.1/24, 172.31.2.1/24, and 172.31.3.1/24). R1 and R2’s IP addresses are 172.16.12.1 and 172.16.12.2 (/24), respectively.

First, let’s go ahead and bring up R2’s FastEthernet 0/1 interface:

R2# conf t
R2(config)# interface fa0/1
R2(config-if)# ip address 172.16.12.2 255.255.255.0
R2(config-if)# no shutdown

Let’s configure the interfaces on R1:

R1# conf t
R1(config)# interface loopback 0
R1(config-if)# ip address 172.31.0.1 255.255.255.0
R1(config-if)# interface loopback 1
R1(config-if)# ip address 172.31.1.1 255.255.255.0
R1(config-if)# interface loopback 2
R1(config-if)# ip address 172.31.2.1 255.255.255.0
R1(config-if)# interface loopback 3
R1(config-if)# ip address 172.31.3.1 255.255.255.0
R1(config-if)# interface fa0/1
R1(config-if)# ip address 172.16.12.1 255.255.255.0
R1(config-if)# no shutdown
R1(config-if)# end

Make sure we have connectivity:

R1# ping 172.16.12.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Now we’ll work on setting up R2, the service provider router. Remember that we’re supporting two communities that our customers can send to us:

  • 200: set local preference to 200
  • 500: set local preference to 500

Any routes received without one of these communities will have the local preference set to 150 (this wasn’t in the previous post, but I’m adding it here so we can show off a few things later).

First, we’ll tell R2 that we want to display BGP communities in the “new” AA:NN format:

R2(config)# ip bgp-community new-format

We need to set up two “community lists”. These are what our route maps will match on:

R2(config)# ip community-list 1 permit 65001:200
R2(config)# ip community-list 2 permit 65001:500

Now we can configure our route-map. They should fairly self-explanatory:

R2(config)# route-map CUSTOMER_IN permit 10
R2(config-route-map)# match community 1
R2(config-route-map)# set local-preference 200
R2(config-route-map)# route-map CUSTOMER_IN permit 20
R2(config-route-map)# match community 2
R2(config-route-map)# set local-preference 500
R2(config-route-map)# route-map CUSTOMER_IN permit 30
R2(config-route-map)# set local-preference 150

Can you understand what those do? By this point, hopefully you can!

Let’s go ahead and configure R2’s BGP peering with R1 and apply the CUSTOMER_IN route map to the neighbor:

R2(config)# router bgp 65001
R2(config-router)# neighbor 172.16.12.1 remote-as 65065
R2(config-router)# neighbor 172.16.12.1 soft-reconfiguration inbound
R2(config-router)# neighbor 172.16.12.1 next-hop-self
R2(config-router)# neighbor 172.16.12.1 route-map CUSTOMER_IN in

At this point, we’re all set on the service provider (R2) side. All we need is for the BGP session to come up and R1 to start advertising routes to the service provider. Let’s configure R1 to also display BGP communities in the “new” AA:NN format:

R1(config)# ip bgp-community new-format

Now, before we go messing around with any route-maps on R1, let’s get the BGP session up first:

R1(config)# router bgp 65065
R1(config-router)# neighbor 172.16.12.2 remote-as 65001
R1(config-router)# neighbor 172.16.12.2 soft-reconfiguration inbound
R1(config-router)# neighbor 172.16.12.2 send-community

Verify that BGP is up and running:

R1# show ip bgp summary
BGP router identifier 172.31.3.1, local AS number 65065
BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
172.16.12.2     4 65001       4       4        1    0    0 00:00:21        0

Now let’s go ahead and begin advertising our four (loopback) networks:

R1(config)# router bgp 65065
R1(config-router)# network 172.31.0.0 mask 255.255.255.0
R1(config-router)# network 172.31.1.0 mask 255.255.255.0
R1(config-router)# network 172.31.2.0 mask 255.255.255.0
R1(config-router)# network 172.31.3.0 mask 255.255.255.0

How do things look from the service provider (R2) side of things?

R2# show ip bgp
BGP table version is 5, local router ID is 172.16.12.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 172.31.0.0/24    172.16.12.1              0    150      0 65065 i
*> 172.31.1.0/24    172.16.12.1              0    150      0 65065 i
*> 172.31.2.0/24    172.16.12.1              0    150      0 65065 i
*> 172.31.3.0/24    172.16.12.1              0    150      0 65065 i

Well, there’s our routes. They are most definitely showing up. Notice that R2 has assigned them a local preference of 150 (the default is 100). This is because the routes did not have any communities associated with them, so they “fell through” the route-map on R2 and were “caught” by the last entry (”30″), which assigned them a local preference of 150.

Let’s set up two route maps on R1:

R1(config)# route-map LOCAL_PREF_200 permit 10
R1(config-route-map)# set community 65001:200
R1(config-route-map)# route-map LOCAL_PREF_500 permit 10
R1(config-route-map)# set community 65001:500

Can you figure out what those do? By assigning one of the two route maps here to our BGP adjacency with R2, we’re setting one of the community values that R2 supports.

Let’s apply the LOCALPREF200 route-map and clear our adjacency:

R1(config)# router bgp 65065
R1(config-router)# neighbor 172.16.12.2 route-map LOCAL_PREF_200 out
R1(config-router)# do clear ip bgp 172.16.12.2

Now what do we see on R2?

R2# show ip bgp | in 172.16.12.1
*> 172.31.0.0/24    172.16.12.1              0    200      0 65065 i
*> 172.31.1.0/24    172.16.12.1              0    200      0 65065 i
*> 172.31.2.0/24    172.16.12.1              0    200      0 65065 i
*> 172.31.3.0/24    172.16.12.1              0    200      0 65065 i

Aha! Now R2 has assigned a local preference value of 200 to our routes. Can you guess what will happen if we apply the LOCALPREF500 route-map on R1?

R1(config-router)# no neighbor 172.16.12.2 route-map LOCAL_PREF_200 out
R1(config-router)# neighbor 172.16.12.2 route-map LOCAL_PREF_500 out
R1(config-router)# do clear ip bgp 172.16.12.2

I bet you know what R2’s BGP table is going to look like now, don’t you!?

R2# show ip bgp | in 172.16.12.1
*> 172.31.0.0/24    172.16.12.1              0    500      0 65065 i
*> 172.31.1.0/24    172.16.12.1              0    500      0 65065 i
*> 172.31.2.0/24    172.16.12.1              0    500      0 65065 i
*> 172.31.3.0/24    172.16.12.1              0    500      0 65065 i

Bingo! R2 has now assigned a local preference value of 500 to our advertised routes! See how easy that is? Now go out there and change how your SP routes to you!

Note: If you found this useful, please do leave me a comment below and let me know. Also, if there are specific examples or “how to’s” you’re looking for, let me know that too. I’m always looking for good ideas for things to write about!

Tags: , , , , ,  |  1 Comment

Using BGP communities to influence routing

March 18, 2009, 3:44 pm by jlgaddis

Previously I’ve covered using weight, local preference, and AS path prepending to influence routing between autonomous systems running BGP. Today we’ll look at one of the common methods for influencing routing, and that is BGP community values.

BGP communities are simply values attached to a route that is sent to BGP peers. This values have special meanings to the peers and cause specific actions to be taken, depending upon the values assigned. A customer who is multi-homed to a service provider can often use communities to tell the service provider how to route traffic to the customer autonomous system (AS).

For this example, let’s assume the following topology:

We are the customer (AS 65065) and R1 is our router. We are multi-homed to our service provider (AS 65001) with a 100 Mbit/s connection to R2 and a T-1 connection to R3. R2 and R3 are connected over a 100 Mbit/s connection as well.

Since the IP addresses being used are not illustrated in the diagram, here is a table with the IP addresses we are using:

ROUTER    INTERFACE    IP/MASK
--------------------------------------

R1        Fa0/0        172.16.12.1/24
          Se1/0        172.16.13.1/24
R2        Fa0/0        172.16.12.2/24
          Fa1/0        172.16.23.2/24
R3        Fa0/0        172.16.23.3/24
          Se1/0        172.16.13.3/24

In addition, our router (R1) has four loopback interfaces (Loopback0, Loopback1, Loopback2, and Loopback3) with the following IP addresses assigned, respectively: 172.31.0.1/24, 172.31.1.1/24, 172.31.2.1/24, and 172.31.3.1/24.

Okay, so let’s get our loopbacks configured and IP connectivity up between R1/R2 and R1/R3:

R1# conf t
R1(config)# interface loopback 0
R1(config-if)# ip address 172.31.0.1 255.255.255.0
R1(config-if)# interface loopback 1
R1(config-if)# ip address 172.31.1.1 255.255.255.0
R1(config-if)# interface loopback 2
R1(config-if)# ip address 172.31.2.1 255.255.255.0
R1(config-if)# interface loopback 3
R1(config-if)# ip address 172.31.3.1 255.255.255.0
R1(config-if)# interface fa0/0
R1(config-if)# ip address 172.16.12.1 255.255.255.0
R1(config-if)# no shutdown
R1(config-if)# interface se1/0
R1(config-if)# ip address 172.16.13.1 255.255.255.0
R1(config-if)# no shutdown
R1(config-if)# end

Let’s make sure we can ping both R2 and R3:

R1# ping 172.16.12.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.12.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/12/24 ms
R1# ping 172.16.13.3

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.13.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/12/20 ms

Alright, so far, so good. We have four networks that we want to advertise into BGP — the four /24 subnets assigned to our loopback interfaces. Before we do this, however, let’s take another look at our topology. Recall that we have connections into AS 65001: a 100 Mbit/s connection to 172.16.12.2 and a 1.544 Mbit/s connection to 172.16.13.3. Sure would be nice if we could tell AS 65001 to send our traffic over that 100 Mbit/s connection, wouldn’t it? Well, we can!

Our service provider, AS 65001, allows us to use the communities attribute of BGP to influence how they route our traffic. In this (simplified) example, there are three different communities we can use:

  • 200: set local preference to 200
  • 500: set local preference to 500

If we send routes to AS 65001 with a community of 65001:200, the SP’s routers will set the local preference on those routes to 200. If we send routes to AS 65001 with a community of 65001:500, the SP’s routers will set the local preference on those routes to 500. How handy is that?

Because of how the BGP best path selection algorithm works, we want our SP’s routers to assign a higher local preference to the routes it receives from us over that 100 Mbit/s connection, so we’ll send those routes with a community of 65001:500. Just for good measure, we’ll attach community 65001:200 to the routers we send to 172.16.13.3 over the T-1 connection as well.

Let’s go ahead and set up BGP, but don’t start advertising any routes just yet:

R1(config)# ip bgp-community new-format
R1(config)# router bgp 65065
R1(config-router)# neighbor 172.16.12.2 remote-as 65001
R1(config-router)# neighbor 172.16.12.2 next-hop-self
R1(config-router)# neighbor 172.16.12.2 send-community
R1(config-router)# neighbor 172.16.13.3 remote-as 65001
R1(config-router)# neighbor 172.16.13.3 next-hop-self
R1(config-router)# neighbor 172.16.13.3 send-community

We are all set to begin advertising our routes, with the appropriate communities attached. The next thing we need to do is create a pair of route maps. We’ll apply these route maps outbound to the BGP peers and these are what we will use to attach our communities to the routes:

R1(config)# route-map LOCAL_PREF_200 permit 10
R1(config-route-map)# set community 65001:200
R1(config-route-map)# route-map LOCAL_PREF_500 permit 10
R1(config-route-map)# set community 65001:500

Lookin’ good so far, right? Let’s apply those route map to our BGP peers:

R1(config)# router bgp 65065
R1(config-router)# neighbor 172.16.12.2 route-map LOCAL_PREF_500 out
R1(config-router)# neighbor 172.16.13.3 route-map LOCAL_PREF_200 out

That was easy enough. Now, let’s advertise those loopbacks:

R1(config-router)# network 172.31.0.0 mask 255.255.255.0
R1(config-router)# network 172.31.1.0 mask 255.255.255.0
R1(config-router)# network 172.31.2.0 mask 255.255.255.0
R1(config-router)# network 172.31.3.0 mask 255.255.255.0

Let’s take a look at how the SP sees our routes:

R2# sh ip bgp | in 65065
*> 172.31.0.0/24    172.16.12.1              0    500      0 65065 i
*> 172.31.1.0/24    172.16.12.1              0    500      0 65065 i
*> 172.31.2.0/24    172.16.12.1              0    500      0 65065 i
*> 172.31.3.0/24    172.16.12.1              0    500      0 65065 i
R3# sh ip bgp | in 65065
*>i172.31.0.0/24    172.16.23.2              0    500      0 65065 i
*                   172.16.13.1              0    200      0 65065 i
*>i172.31.1.0/24    172.16.23.2              0    500      0 65065 i
*                   172.16.13.1              0    200      0 65065 i
*>i172.31.2.0/24    172.16.23.2              0    500      0 65065 i
*                   172.16.13.1              0    200      0 65065 i
*>i172.31.3.0/24    172.16.23.2              0    500      0 65065 i
*                   172.16.13.1              0    200      0 65065 i

If we ping/traceroute from R3 to one of R1’s loopbacks, we should see that traffic first passes to R2 before being sent to R1 (which is our goal):

R3# ping 172.31.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.31.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/17/36 ms
R3# traceroute 172.31.0.1

Type escape sequence to abort.
Tracing the route to 172.31.0.1

  1 172.16.23.2 4 msec 12 msec 16 msec
  2 172.16.12.1 16 msec *  32 msec

Success!

Tags: , , , ,  |  4 Comments

Using BGP’s local preference to influence outbound routing

March 7, 2009, 5:42 pm by jlgaddis

At the end of my last article, “Using AS path prepending to influence inbound routing“, I mentioned:

“Notice anything weird there? Yeah, traffic from R6 is first going to R7, then to R9 over that T1 connection, NOT the much faster 100 Mbit/s connection! How can we change that? The next article will continue on from here and we’ll change the configuration of our routers in AS 67 to address that.”

We’re going to continue where we left off and create another route-map, this time to manipulate the local preference value assigned to routes received from one of our BGP neighbors. We want to do this so that the fastest connection out of our AS is the preferred one for outgoing traffic.

Here’s the topology we’re dealing with:

We want all outgoing traffic to exit our AS over the 100 Mbit/s connection between R7 and R8, assuming it is available.

The default local-preference, or “local pref”, value assigned to routes is 100. Let’s look at the BGP table on R7 and examine what paths we have received to get to 172.16.99.0/24 (R9):

R7# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*>i172.16.66.0/24   172.31.67.6              0    100      0 i
*> 172.16.67.0/24   0.0.0.0                  0         32768 i
*> 172.16.88.0/24   172.31.78.8              0             0 88 i
*                   172.31.79.9                            0 99 88 i
* i                 172.31.67.6              0    100      0 88 i
*  172.16.99.0/24   172.31.78.8                            0 88 99 i
*>                  172.31.79.9              0             0 99

We can see that we have received a total of two routes to 172.16.99.0/24, one via R8 in AS 88 and the other from R9 in AS 99. Because the path directly to AS 99 is shorter than the path that traverses AS 88, it has been selected as the best path. Traffic destined to AS 99 will exit our AS over the (slow, in comparison) T-1 connection between R7 and R9. We want to change that and ensure that all traffic exits over our 100 Mbit/s connection into AS 88.

Easy as pie. Just like manipulating the AS Path, we’re going to create a simple route-map that takes care of this for us. The route map sets the local preference of received routes to 500 (remember, the default is 100) — higher local preference values win out. We’ll apply this route map to the BGP session between R7 and R8 and be done with it:

R7(config)# route-map LOCALPREF permit 10
R7(config-route-map)# set local-preference 500
R7(config-route-map)# router bgp 67
R7(config-router)# neighbor 172.31.78.8 route-map LOCALPREF in

Now we need to clear the inbound BGP session with R8. Fortunately, we used the “neighbor soft-reconfiguration inbound” command so we can do a route refresh without having to tear down the BGP session and bring it back up:

R7# clear ip bgp 172.31.78.8 soft in

Let’s look at R7’s BGP table now:

R7# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*>i172.16.66.0/24   172.31.67.6              0    100      0 i
*> 172.16.67.0/24   0.0.0.0                  0         32768 i
*> 172.16.88.0/24   172.31.78.8              0    500      0 88 i
*                   172.31.79.9                            0 99 88 i
*> 172.16.99.0/24   172.31.78.8                   500      0 88 99 i
*                   172.31.79.9              0             0 99 i

Notice that the routes we have received from 172.31.78.8 now have a local preference value of 500 assigned to them. The preferred route to 172.16.99.0/24 is via 172.31.78.8 (R8 in AS 88), even though the AS Path is longer! How cool is that? If we run the same traceroute from R6 to R9 again, we’ll see that the traffic does, indeed, take this new, preferred path:

R6# traceroute 172.16.99.1 source 172.16.66.1

Type escape sequence to abort.
Tracing the route to 172.16.99.1

  1 172.31.67.7 8 msec 4 msec 4 msec
  2 172.31.78.8 4 msec 12 msec 8 msec
  3 172.31.89.9 4 msec *  28 msec

Success!

Tags: , , , ,  |  Comment

Using AS path prepending to influence inbound routing

March 7, 2009, 4:21 pm by jlgaddis

As you may remember, the BGP Best Path Algorithm decides how the best path to an autonomous system is selected. Probably the most common value that is used to determine the best path is the AS Path length. When two or more routes exist to reach a particular prefix the default in BGP is to prefer the route with the shortest AS Path length.

If we are a multi-homed customer of one or more service providers, we may prefer that incoming traffic take a particular path to reach our network. Perhaps we have two connections, but one costs only half as much as the other. Or, we may have one fast connection and another, much slower connection that we really only want to use a “backup” if our primary connection is down. Regardless of your reasons, AS path prepending is probably the easiest method that one can use to influence inbound routing to your autonomous system.

Consider the following topology:

In this example, we are AS 67. We are multi-homed to our service providers, AS 88 and AS 99, and have a T1 connection to each. AS 88 and AS 99 also peer directly with each other, and have a 100 Mbit/s connection between them. Because we have been experiencing growth, we have added a third connection, a 100 Mbit/s link between R7 and R8

Due to this huge increase in bandwidth, we would prefer that all (or, at least, the majority) of our incoming traffic come in over this much faster Ethernet connection. Since we have a connection directly to R9, however, this results in a very short AS Path in the BGP table to our prefixes. AS 99 will, by default, send any traffic for AS 67 over this 1.5 Mbit/s T1 connection.

How can we cause R9 to, instead, send any traffic destined to AS 67 over the 100 Mbit/s connection to AS 88? In addition, how can we cause AS 88 to send any traffic destined to AS 67 over the 100 Mbit/s connection to R7 in AS 67? Remember that BGP, unlike some other routing protocols (e.g. EIGRP), does not take bandwidth into consideration when deciding on the best path.

The answer is to use AS Path prepending. When using AS Path prepending, we artificially lengthen the AS Path that we advertise to a neighbor to make them think that the path much longer than it actually is.

I’ve included here the initial configurations for each of the routers to get us to the point where we have established connectivity between all routers. Instead of explaining all these configurations, however, I’ll be jumping straight to the good stuff. It is assumed that, if you are playing with AS Path prepending, you have the requisite knowledge for understand the initial configurations.

Since the IP addresses being used are not illustrated in the diagram, here is a table with the IP addresses we are using:

ROUTER    INTERFACE    IP/MASK
--------------------------------------

R6        Fa0/0        172.31.67.6/24
          Se1/0        172.31.68.6/24
R7        Fa0/0        172.31.67.7/24
          Fa0/1        172.31.78.7/24
          Se1/0        172.31.79.7/24
R8        Fa0/0        172.31.89.8/24
          Fa0/1        172.31.78.8/24
          Se1/0        172.31.68.8/24
R9        Fa0/0        172.31.89.9/24
          Se1/0        172.31.79.9/24

In addition, each router has a loopback address (with a /24 mask). These /24 networks are being advertised into BGP. The loopback addresses are what we’ll use for testing and verifying proper operation.

Okay, so now that we have basic connectivity, we can get down to the fun stuff. First, let’s get out iBGP adjacency between R6 and R7 up and running and start advertising our loopbacks:

R6(config)# router bgp 67
R6(config-router)# network 172.16.66.0 mask 255.255.255.0
R6(config-router)# neighbor 172.31.67.7 remote-as 67
R6(config-router)# neighbor 172.31.67.7 next-hop-self
R6(config-router)# neighbor 172.31.67.7 soft-reconfiguration inbound
R7(config)# router bgp 67
R7(config-router)# network 172.16.67.0 mask 255.255.255.0
R7(config-router)# neighbor 172.31.67.6 remote-as 67
R7(config-router)# neighbor 172.31.67.6 next-hop-self
R7(config-router)# neighbor 172.31.67.6 soft-reconfiguration inbound

Verification:

R6# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.66.0/24   0.0.0.0                  0         32768 i
*>i172.16.67.0/24   172.31.67.7              0    100      0 i
R7# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*>i172.16.66.0/24   172.31.67.6              0    100      0 i
*> 172.16.67.0/24   0.0.0.0                  0         32768 i

Let’s go ahead and get the eBGP adjacency between R8 and R9 in place:

R8(config)# router bgp 88
R8(config-router)# network 172.16.88.0 mask 255.255.255.0
R8(config-router)# neighbor 172.31.89.9 remote-as 99
R8(config-router)# neighbor 172.31.89.9 soft-reconfiguration inbound
R9(config)# router bgp 99
R9(config-router)# network 172.16.99.0 mask 255.255.255.0
R9(config-router)# neighbor 172.31.89.8 remote-as 88
R9(config-router)# neighbor 172.31.89.8 soft-reconfiguration inbound

Now, let’s establish eBGP between R6 and R8 over the T1 connection:

R6(config)# router bgp 67
R6(config-router)# neighbor 172.31.68.8 remote-as 88
R6(config-router)# neighbor 172.31.68.8 soft-reconfiguration inbound
R8(config)# router bgp 88
R8(config-router)# neighbor 172.31.68.6 remote-as 67
R8(config-router)# neighbor 172.31.68.6 soft-reconfiguration inbound

At this point, if we take a look at R9’s BGP tables, we can see that it now has routes for all of the loopback networks:

R9# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.66.0/24   172.31.89.8                            0 88 67 i
*> 172.16.67.0/24   172.31.89.8                            0 88 67 i
*> 172.16.88.0/24   172.31.89.8              0             0 88 i
*> 172.16.99.0/24   0.0.0.0                  0         32768 i

We can verify that we have connectivity between R6 and R9. First, we’ll ping, then a traceroute:

R9# ping 172.16.67.1 source 172.16.99.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.67.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.99.1 
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/12/20 ms
R9# traceroute 172.16.67.1 source 172.16.99.1

Type escape sequence to abort.
Tracing the route to 172.16.67.1

  1 172.31.89.8 4 msec 4 msec 4 msec
  2 172.31.68.6 8 msec 8 msec 12 msec
  3 172.31.67.7 4 msec *  20 msec

Make a note of how the 172.16.66.0/24 and 172.16.67.0/24 networks appear in R9’s BGP table, specifically, the AS Path (we’ll be coming back to that shortly):

R9# sh ip bgp | in 172.16.6
*> 172.16.66.0/24   172.31.89.8                            0 88 67 i
*> 172.16.67.0/24   172.31.89.8                            0 88 67 i

In order for R9 to reach R7, it must pass traffic off to R8 (in AS 88). R8 then passes the traffic to R6 (in AS 67) and R6 will deliver it on to R7. Let’s bring up BGP over the T1 between R7 and R9 and see what happens:

R7(config)# router bgp 67
R7(config-router)# neighbor 172.31.79.9 remote-as 99
R7(config-router)# neighbor 172.31.79.9 soft-reconfiguration inbound
R9(config)# router bgp 99
R9(config-router)# neighbor 172.31.79.7 remote-as 67
R9(config-router)# neighbor 172.31.79.7 soft-reconfiguration inbound

Now’s let look at the same routes (172.16.66.0/24 and 172.16.67.0/24) in R9’s BGP table:

R9# sh ip bgp | in 172.16.6
*> 172.16.66.0/24   172.31.79.7                            0 67 i
*> 172.16.67.0/24   172.31.79.7              0             0 67 i

Notice the difference in the AS Path? Previously, the best (albeit, only) path R9 had to get to the 172.16.66.0/24 and 172.16.67.0/24 networks was through AS 88. Now there is a direct connection between AS 67 and AS 99 and this new path is shorter (direct, as opposed to traversing AS 88). Because the new path is shorter, it has been identified as the best path. Let’s run that traceroute again and see the difference:

R9# traceroute 172.16.67.1 source 172.16.99.1

Type escape sequence to abort.
Tracing the route to 172.16.67.1

  1 172.31.79.7 4 msec *  28 msec

Now, let’s bring up BGP on the 100 Mbit/s connection between R7 and R8:

R7(config)# router bgp 67
R7(config-router)# neighbor 172.31.78.8 remote-as 88
R7(config-router)# neighbor 172.31.78.8 soft-reconfiguration inbound
R8(config)# router bgp 88
R8(config-router)# neighbor 172.31.78.7 remote-as 67
R8(config-router)# neighbor 172.31.78.7 soft-reconfiguration inbound

All of our BGP adjacencies are up at this point, and traffic is flowing normally. Now it’s time to start making it flow the way we want! Let’s take a look at R8’s BGP table, since it is receiving routes over three connections:

R8# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*  172.16.66.0/24   172.31.78.7                            0 67 i
*                   172.31.89.9                            0 99 67 i
*>                  172.31.68.6              0             0 67 i
*  172.16.67.0/24   172.31.78.7              0             0 67 i
*                   172.31.89.9                            0 99 67 i
*>                  172.31.68.6                            0 67 i
*> 172.16.88.0/24   0.0.0.0                  0         32768 i
*  172.16.99.0/24   172.31.78.7                            0 67 99 i
*                   172.31.68.6                            0 67 99 i
*>                  172.31.89.9              0             0 99 i

Note that AS 88 has two direct paths to AS 67’s advertised networks (172.16.66.0/24 and 172.16.67.0/24). This is evidenced by the AS Path’s for these two routes (”67 i”). AS 88 has picked the path with a next hop of 172.31.68.6, however. Recall that this is the direct T1 connection between R6 and R8. Why did it choose this path instead of the faster (100 Mbit/s) path?

Earlier I stated “…BGP, unlike some other routing protocols (e.g. EIGRP), does not take bandwidth into consideration when deciding on the best path.” Since the two paths are of the same length, R8 continues its way through the “Best Path Selection Algorithm” and eventually chooses the path that was received first. As we were configuring our BGP sessions earlier, we brought up the T1 connection first. AS 88, therefore, received the path from R6 before it did R7. We could bypass this by bringing up the 100 Mbit/s connection first, however this is not always under our control (think about when a router reloads — which connection will come up first? We really don’t know.)

Our best method, then, to influence the routing of traffic coming into our AS (and, indeed, the whole point of this article) is to manipulate the AS Path that we advertise to BGP neighbors. By causing AS 88 to think that the path to AS 67 over the T1 connection is much longer, we can get it to select the path via the 100 Mbit/s connection. We’ll also need to do the same thing to R9 in AS 99. Remember, we want AS 88 to send us traffic over that 100 Mbit/s connection, and we want AS 99 to send us traffic via AS 88.

This is much easier to configure than it might sound. We’ll use a route-map applied to (certain) outbound BGP sessions from AS 67 to do this for us. We’ll create a route-map named “PREPEND” on both R6 and R7 that will prepend our AS number twice to outgoing route advertisements, then apply it to the BGP sessions over the T1 connections (R6 to R8 and R7 to R9):

R6(config)# route-map PREPEND permit 10
R6(config-route-map)# set as-path prepend 67 67
R6(config-route-map)# router bgp 67
R6(config-router)# neighbor 172.31.68.8 route-map PREPEND out
R7(config)# route-map PREPEND permit 10
R7(config-route-map)# set as-path prepend 67 67
R7(config-route-map)# router bgp 67
R7(config-router)# neighbor 172.31.79.9 route-map PREPEND out

That’s all there is to it! Let’s examine R8’s BGP table now:

R8# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.66.0/24   172.31.78.7                            0 67 i
*                   172.31.68.6              0             0 67 67 67 i
*> 172.16.67.0/24   172.31.78.7              0             0 67 i
*                   172.31.68.6                            0 67 67 67 i
*> 172.16.88.0/24   0.0.0.0                  0         32768 i
*  172.16.99.0/24   172.31.78.7                            0 67 99 i
*                   172.31.68.6                            0 67 67 67 99 i
*>                  172.31.89.9              0             0 99 i

Look at the paths for 172.16.66.0/24 and 172.16.67.0/24. Note that the path received from 172.31.68.6 is much longer than the path received from 172.31.78.7. There are three AS numbers in the routes received from 172.31.68.6, even though it is the same AS number. Because this path is now much longer, the shorter path via 172.31.78.7 (our 100 Mbit/s connection) will now be the preferred way to get there.

Let’s see how R9 was affected by all of this:

R9# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*  172.16.66.0/24   172.31.79.7                            0 67 67 67 i
*>                  172.31.89.8                            0 88 67 i
*  172.16.67.0/24   172.31.79.7              0             0 67 67 67 i
*>                  172.31.89.8                            0 88 67 i
*  172.16.88.0/24   172.31.79.7                            0 67 67 67 88 i
*>                  172.31.89.8              0             0 88 i
*> 172.16.99.0/24   0.0.0.0                  0         32768 i

We can see that R9 has received updated routing information as well, evidenced by the paths that are prepended. Now, instead of preferring the direct T1 connection into AS 67, R9 will send any traffic destined for AS 67 to 172.31.89.8 in AS 88. We already know from looking at R8’s BGP table that it will pass the traffic on to AS 67 over the 100 Mbit/s link. Let’s run traceroutes from R9 to verify:

R9# traceroute 172.16.66.1 source 172.16.99.1

Type escape sequence to abort.
Tracing the route to 172.16.66.1

  1 172.31.89.8 4 msec 8 msec 8 msec
  2 172.31.78.7 4 msec 8 msec 8 msec
  3 172.31.67.6 12 msec *  36 msec
R9# traceroute 172.16.67.1 source 172.16.99.1

Type escape sequence to abort.
Tracing the route to 172.16.67.1

  1 172.31.89.8 4 msec 4 msec 8 msec
  2 172.31.78.7 4 msec *  36 msec

This shows us that traffic is behaving exactly as we intended. The first hop after leaving R9 is 172.31.89.8 (R8). It leaves R8 over the 100 Mbit/s connection arrives at 172.31.78.7 (R7). From there it is sent over R7’s 100 Mbit/s connection to R6 (172.31.67.6).

Success! Our job here is done!

Note: One thing that isn’t apparent from this exercise is the path that traffic from R6 (in AS 67) takes to get to R9 (in AS 99). To illustrate, let’s take a look at a traceroute from R6’s loopback to R9’s loopback:

R6# traceroute 172.16.99.1 source 172.16.66.1

Type escape sequence to abort.
Tracing the route to 172.16.99.1

  1 172.31.67.7 4 msec 4 msec 8 msec
  2 172.31.79.9 8 msec *  48 msec

Notice anything weird there? Yeah, traffic from R6 is first going to R7, then to R9 over that T1 connection, NOT the much faster 100 Mbit/s connection! How can we change that? The next article will continue on from here and we’ll change the configuration of our routers in AS 67 to address that.

Tags: , , , ,  |  3 Comments

Advertising a default route over BGP

February 25, 2009, 2:30 am by jlgaddis

After a little hiatus, I’m back with another post. Today (or tonight, in my neck of the woods), I’m writing about how to advertise a default route to a BGP peer. Our topology looks like this:

This is a typical hub-and-spoke frame-relay network, with R3 having a point-to-point connection to each of R4 and R5. For this scenario, let’s assume that R3 is an ISP router and that R4 and R5 each belong to a customer that is single-homed to the ISP. For whatever reason, R4 and R5 has chosen to use BGP for routing, but they do not need (or perhaps cannot handle) the full routing table.

I’m including the initial configurations of the routers for clarity and those who wish to follow along. Explaining them, however, is outside the scope of this article. If you do not understand the frame-relay configurations, you may want to read through my “Basic Frame Relay Lab“.

Let’s get started by configuring the frame-relay connections on the three routers:

R3# conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)# interface serial 0/0
R3(config-if)# no ip address
R3(config-if)# encapsulation frame-relay
R3(config-if)# no frame-relay inverse-arp
R3(config-if)# no shutdown
R3(config-if)# interface serial 0/0.4 point-to-point
R3(config-subif)# frame-relay interface-dlci 304
R3(config-fr-dlci)# ip address 172.16.34.3 255.255.255.0
R3(config-subif)# interface serial 0/0.5 point-to-point
R3(config-subif)# frame-relay interface-dlci 305
R3(config-fr-dlci)# ip address 172.16.35.3 255.255.255.0
R4# conf t
R4(config)# interface serial 0/0
R4(config-if)# no ip address
R4(config-if)# encapsulation frame-relay
R4(config-if)# no frame-relay inverse-arp
R4(config-if)# no shutdown
R4(config-if)# interface serial 0/0.3 point-to-point
R4(config-subif)# frame-relay interface-dlci 403
R4(config-fr-dlci)# ip address 172.16.34.4 255.255.255.0
R5# conf t
R5(config)# interface serial 0/0
R5(config-if)# no ip address
R5(config-if)# encapsulation frame-relay
R5(config-if)# no frame-relay inverse-arp
R5(config-if)# no shutdown
R5(config-if)# interface serial 0/0.3 point-to-point
R5(config-subif)# frame-relay interface-dlci 503
R5(config-fr-dlci)# ip address 172.16.35.5 255.255.255.0

Verify reachability:

R3# ping 172.16.34.4

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.34.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/6/8 ms
R3# ping 172.16.35.5

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.35.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/8 ms
R3#

In addition to the physical networks (172.16.34.0/24 and 172.16.35.0/24), we’re also going to advertise the loopback addresses into BGP, so let’s configure those interfaces now:

R3(config)# interface loopback 0
R3(config-if)# ip address 172.16.33.1 255.255.255.0
R4(config)# interface loopback 0
R4(config-if)# ip address 172.16.44.1 255.255.255.0
R5(config)# interface loopback 0
R5(config-if)# ip address 172.16.55.1 255.255.255.0

Now that we have the basics out of the way, we can bring up our BGP adjacencies. We’re not going to advertise any routes yet, just get the connections up:

R3(config)# router bgp 33
R3(config-router)# neighbor 172.16.34.4 remote-as 44
R3(config-router)# neighbor 172.16.35.5 remote-as 55
R4(config)# router bgp 44
R4(config-router)# neighbor 172.16.34.3 remote-as 33
R5(config)# router bgp 55
R5(config-router)# neighbor 172.16.35.3 remote-as 33

After a moment, you should see syslog messages showing that the adjacencies have come up. Let’s take a look:

R3# sh ip bgp summary
BGP router identifier 172.16.33.1, local AS number 33
BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
172.16.34.4     4    44       7       7        1    0    0 00:03:46        0
172.16.35.5     4    55       5       5        1    0    0 00:01:28        0

Looks like we’re good so far. Let’s advertise the physical networks as well as our loopbacks on each router:

R3(config)# router bgp 33
R3(config-router)# network 172.16.33.0 mask 255.255.255.0
R3(config-router)# network 172.16.34.0 mask 255.255.255.0
R3(config-router)# network 172.16.35.0 mask 255.255.255.0
R4(config)# router bgp 44
R4(config-router)# network 172.16.44.0 mask 255.255.255.0
R5(config)# router bgp 55
R5(config-router)# network 172.16.55.0 mask 255.255.255.0

Give it a moment and let the updates get sent out, then take a look at the BGP tables on R4 and R5:

R4# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.33.0/24   172.16.34.3              0             0 33 i
r> 172.16.34.0/24   172.16.34.3              0             0 33 i
*> 172.16.35.0/24   172.16.34.3              0             0 33 i
*> 172.16.44.0/24   0.0.0.0                  0         32768 i
*> 172.16.55.0/24   172.16.34.3                            0 33 55 i
R5# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.33.0/24   172.16.35.3              0             0 33 i
*> 172.16.34.0/24   172.16.35.3              0             0 33 i
r> 172.16.35.0/24   172.16.35.3              0             0 33 i
*> 172.16.44.0/24   172.16.35.3                            0 33 44 i
*> 172.16.55.0/24   0.0.0.0                  0         32768 i

So we can see that our routes are being propagated via BGP. Notice something, though? Every (non-directly connected) route on R4 and R5 is through R3. Since we have to go through R3 to get to any routes (that aren’t internal), we might as well use R3 as our default gateway and save our router some work, yeah? We can easily replace a few of these routes with a default route (which is the whole point of this article anyway), so let’s do it.

To accomplish this, we tell R3 to originate a default route and advertise it to both R4 and R5. This is easily done with the “neighbor a.b.c.d default-originate” command.

R3(config)# router bgp 33
R3(config-router)# neighbor 172.16.34.4 default-originate
R3(config-router)# neighbor 172.16.35.5 default-originate

Let’s look at our BGP tables on R4 and R5 now:

R4# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          172.16.34.3                            0 33 i
*> 172.16.33.0/24   172.16.34.3              0             0 33 i
r> 172.16.34.0/24   172.16.34.3              0             0 33 i
*> 172.16.35.0/24   172.16.34.3              0             0 33 i
*> 172.16.44.0/24   0.0.0.0                  0         32768 i
*> 172.16.55.0/24   172.16.34.3                            0 33 55 i
R5# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          172.16.35.3                            0 33 i
*> 172.16.33.0/24   172.16.35.3              0             0 33 i
*> 172.16.34.0/24   172.16.35.3              0             0 33 i
r> 172.16.35.0/24   172.16.35.3              0             0 33 i
*> 172.16.44.0/24   172.16.35.3                            0 33 44 i
*> 172.16.55.0/24   0.0.0.0                  0         32768 i

Well, there’s our default route … wait, why are those other routes still there? Well, they are still being advertised by R3 so they end up in our BGP tables. We need to prevent them from getting there in the first place. One way to do this is to filter the routes as they come in (on R4 and R5). This is inefficient, however, as the ISP is still advertising them to us and our router must still receive and process them (before ultimately discarding them). A much better way to handle this is to have the ISP not advertise those routes to us in the first place.

There are (at least) two ways of doing this, from the R3 (ISP) side. The first is to use an as-path filter and the other involves a route-map.

We’ll use “ip as-path” to filter out all routes from being advertised to R4 (note that this does not affect a default route) then clear the BGP connection:

R3(config)# ip as-path access-list 1 deny .*
R3(config)# router bgp 33
R3(config-router)# neighbor 172.16.34.4 filter-list 1 out
R3(config-router)# do clear ip bgp 172.16.34.4

Give the adjacency time to re-establish, then take another look at the BGP table:

R4# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          172.16.34.3                            0 33 i
*> 172.16.44.0/24   0.0.0.0                  0         32768 i

Let’s verify that we can ping R5’s loopback (172.16.55.1) from R4’s (172.16.44.1):

R4# ping 172.16.55.1 source 172.16.44.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.55.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.44.1 
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/9/12 ms

Now, let’s get rid of all those “extras” routes we’re advertising to R5 as well. This time, however, we’ll use an access-list and a route-map to do the job. First, though, let’s verify what routes R3 is actually sending to R5:

R3# sh ip bgp neighbor 172.16.35.5 advertised-routes
BGP table version is 8, local router ID is 172.16.33.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Originating default network 0.0.0.0

   Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.33.0/24   0.0.0.0                  0         32768 i
*> 172.16.34.0/24   0.0.0.0                  0         32768 i
*> 172.16.35.0/24   0.0.0.0                  0         32768 i
*> 172.16.44.0/24   172.16.34.4              0             0 44 i

We can easily see that a total of four BGP routes as well as a default route (”Originating default network 0.0.0.0″) are being advertised. Let’s cut that down to just the default route:

R3(config)# access-list 1 deny any
R3(config)# route-map FILTER_ALL_R5 permit 10
R3(config-route-map)# match ip address 1
R3(config-route-map)# router bgp 33
R3(config-router)# neighbor 172.16.35.5 route-map FILTER_ALL_R5 out
R3(config-router)# do clear ip bgp 172.16.35.5

Again, wait for the adjacency to come up and then let’s take a look at what routes R3 is sending to R5:

R3# sh ip bgp neighbor 172.16.35.5 advertised-routes
BGP table version is 10, local router ID is 172.16.33.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Originating default network 0.0.0.0

   Network          Next Hop            Metric LocPrf Weight Path

Well, lookie there, with the exception of the default route, no routes are being advertised to R5. Let’s take a look at the BGP table from R5’s point of view:

R5# sh ip bgp | be Network
   Network          Next Hop            Metric LocPrf Weight Path
*> 0.0.0.0          172.16.35.3                            0 33 i
*> 172.16.55.0/24   0.0.0.0                  0         32768 i

As you can see, the only routes in the BGP table are the (locally originated) route for 172.16.55.0/24 and the default route. Just for good measure, let’s take a look at the whole routing table:

R5# sh ip route | be Gateway
Gateway of last resort is 172.16.35.3 to network 0.0.0.0

     172.16.0.0/24 is subnetted, 2 subnets
C       172.16.55.0 is directly connected, Loopback0
C       172.16.35.0 is directly connected, Serial0/0.3
B*   0.0.0.0/0 [20/0] via 172.16.35.3, 00:03:07

And there you have it — our directly connected routes and our default route (received via BGP). Let’s verify that we can still have connectivity between R4 and R5’s loopbacks:

R5# ping 172.16.44.1 source 172.16.55.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.44.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.55.1 
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/9/12 ms

w00t!

Tags: , , , ,  |  Comment
« Previous Entries