Friday, June 14, 2019

Manipulating BGP Next Hop and Synchronization

You can also redistribute BGP routes into the IGP to solve the routing loop problem. This solution prevents the routing loop by giving the internal enterprise routers knowledge of the best exit point for each known Internet destination.

Although this solves the problem, particularly when just learning with lab gear at home, redistribution of BGP routes into an IGP is generally not recommended. This redistribution requires a relatively large amount of memory and a relatively large amount of processing by an IGP with the much larger number of routes to process. Redistributing all the routes in the full Internet BGP table could crash the IGP routing protocols.

Although not recommended, the idea of redistributing eBGP-learned Internet routes into the enterprise IGP needs to be discussed as a backdrop to discuss a related BGP feature called synchronization, or sync . The term refers to the idea that the iBGP-learned routes must be synchronized with IGP-learned routes for the same prefix before they can be used. In other words, if an iBGP-learned route is to be considered to be a usable route, that same prefix must be in the IP routing table and learned using some IGP protocol such as EIGRP or OSPF. More formally, the synchronization features tells a BGP router the following:
 
Do not consider an iBGP-learned route as “best” unless the exact prefix was learned
through an IGP and is currently in the IP routing table.


Later Cisco IOS versions default to disable synchronization, because most sites avoid redistributing routes from BGP into an IGP when using BGP for Internet routes, instead preferring iBGP meshes (or alternatives) to avoid these routing black holes. The setting is applied to the entire BGP process, with the synchronization command enabling synchronization and the no synchronization command (default) disabling it.



R1#conf t     // CONFIGURE ISP 1
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#interface loop 0
R1(config-if)#
*Jul 18 09:42:44.559: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R1(config-if)#ip address 10.0.0.1 255.255.255.0
R1(config-if)#
R1(config-if)#interface loop 1
R1(config-if)#
*Jul 18 09:43:06.855: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up
R1(config-if)#ip address 10.1.0.1 255.255.0.0
R1(config-if)#
R1(config-if)#interface serial 2/0
R1(config-if)#ip address 192.168.1.1 255.255.255.252
R1(config-if)#no shut
R1(config-if)#
*Jul 18 09:43:37.139: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
R1(config-if)#
*Jul 18 09:43:38.147: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
R1(config-if)#
R1(config-if)#router bgp 65100
R1(config-router)#? 
Router configuration commands:
  address-family        Enter Address Family command mode
  aggregate-address     Configure BGP aggregate entries
  auto-summary          Enable automatic network number summarization
  bgp                   BGP specific commands
  default               Set a command to its defaults
  default-information   Control distribution of default information
  default-metric        Set metric of redistributed routes
  distance              Define an administrative distance
  distribute-list       Filter networks in routing updates
  exit                  Exit from routing protocol configuration mode
  help                  Description of the interactive help system
  maximum-paths         Forward packets over multiple paths
  neighbor              Specify a neighbor router
  network               Specify a network to announce via BGP
  no                    Negate a command or set its defaults
  redistribute          Redistribute information from another routing protocol
  route-server-context  Enter route server context command mode
  scope                 Enter scope command mode
  snmp                  Modify snmp parameters
  synchronization       Perform IGP synchronization
  table-map             Map external entry attributes into routing table
  template              Enter template command mode
  timers                Adjust routing timers

R1(config-router)#bgp ?
  additional-paths         Additional paths in the BGP table
  advertise-best-external  Advertise best external path to internal peers
  aggregate-timer          Configure Aggregation Timer
  always-compare-med       Allow comparing MED from different neighbors
  asnotation               Change the default asplain notation
  bestpath                 Change the default bestpath selection
  bestpath                 Change the default bestpath selection
  client-to-client         Configure client to client route reflection
  cluster-id               Configure Route-Reflector Cluster-id (peers may
                           reset)
  confederation            AS confederation parameters
  consistency-checker      Consistency-checker
  dampening                Enable route-flap dampening
  default                  Configure BGP defaults
  deterministic-med        Pick the best-MED path among paths advertised from
                           the neighboring AS
  dmzlink-bw               Use DMZ Link Bandwidth as weight for BGP multipaths
  enforce-first-as         Enforce the first AS for EBGP routes(default)
  fast-external-fallover   Immediately reset session if a link to a directly
                           connected external peer goes down
  graceful-restart         Graceful restart capability parameters
  inject-map               Routemap which specifies prefixes to inject
  listen                   Neighbor subnet range listener
  log-neighbor-changes     Log neighbor up/down and reset reason
  maxas-limit              Allow AS-PATH attribute from any neighbor imposing a
                           limit on number of ASes
  nexthop                  Nexthop tracking commands
  nopeerup-delay           Set how long BGP will wait for the first peer to
                           come up before beginning the update delay or
                           graceful restart timers (in seconds)
  recursion                recursion rule for the nexthops
  redistribute-internal    Allow redistribution of iBGP into IGPs (dangerous)
  refresh                  refresh
  regexp                   Select regular expression engine
  route-map                route-map control commands
  router-id                Override configured router identifier (peers will
                           reset)
  scan-time                Configure background scanner interval
  slow-peer                Configure slow-peer
  soft-reconfig-backup     Use soft-reconfiguration inbound only when
                           route-refresh is not negotiated
  suppress-inactive        Suppress routes that are not in the routing table
  transport                global enable/disable transport session parameters
  update-delay             Set the max initial delay for sending update
  upgrade-cli              Upgrade to hierarchical AFI mode
         
*Jul 18 09:44:02.907: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to down
R1(config-router)#bgp router-id 10.0.0.1
R1(config-router)#neighbor 192.168.1.2 ?     
  activate                 Enable the Address Family for this Neighbor
  advertise                Advertise to this neighbor
  advertise-map            specify route-map for conditional advertisement
  advertisement-interval   Minimum interval between sending BGP routing updates
  allowas-in               Accept as-path with my AS present in it
  capability               Advertise capability to the peer
  default-originate        Originate default route to this neighbor
  description              Neighbor specific description
  disable-connected-check  one-hop away EBGP peer using loopback address
  distribute-list          Filter updates to/from this neighbor
  dmzlink-bw               Propagate the DMZ link bandwidth
  ebgp-multihop            Allow EBGP neighbors not on directly connected
                           networks
  fall-over                session fall on peer route lost
  filter-list              Establish BGP filters
  ha-mode                  high availability mode
  inherit                  Inherit a template
  local-as                 Specify a local-as number
  maximum-prefix           Maximum number of prefixes accepted from this peer
  next-hop-self            Disable the next hop calculation for this neighbor
  next-hop-unchanged       Propagate next hop unchanged for iBGP paths to this
                           neighbor
  password                 Set a password
  peer-group               Member of the peer-group
  prefix-list              Filter updates to/from this neighbor
  remote-as                Specify a BGP neighbor
  remove-private-as        Remove private AS number from outbound updates
  route-map                Apply route map to neighbor
  route-reflector-client   Configure a neighbor as Route Reflector client
  route-server-client      Configure a neighbor as Route Server client
  send-community           Send Community attribute to this neighbor
  send-label               Send NLRI + MPLS Label to this peer
  shutdown                 Administratively shut down this neighbor
  slow-peer                Configure slow-peer
  soft-reconfiguration     Per neighbor soft reconfiguration
  soo                      Site-of-Origin extended community
  timers                   BGP per neighbor timers
  translate-update         Translate Update to MBGP format
  transport                Transport options
  ttl-security             BGP ttl security check
  unsuppress-map           Route-map to selectively unsuppress suppressed
                           routes
  update-source            Source of routing updates
  version                  Set the BGP version to match a neighbor
  weight                   Set default weight for routes from this neighbor
         
R1(config-router)#neighbor 192.168.1.2 remote-as 65000
R1(config-router)#network 10.1.0.0 mask 255.255.0.0
R1(config-router)#end
R1#


R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#interface loop 0
R2(config-if)#
*Jul 18 09:46:14.523: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R2(config-if)#ip address 172.17.2.1 255.255.255.0
R2(config-if)# 
R2(config-if)#interface loop 1
R2(config-if)#
*Jul 18 09:46:42.019: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up
R2(config-if)#ip address 172.16.2.1 255.255.255.0
R2(config-if)#
R2(config-if)#interface serial 2/0
R2(config-if)#ip address 192.168.1.2 255.255.255.252
R2(config-if)#no shut
R2(config-if)#
*Jul 18 09:47:14.487: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
R2(config-if)#
*Jul 18 09:47:15.495: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0, changed state to up
R2(config-if)#
R2(config-if)#do ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/19/24 ms
R2(config-if)#
R2(config-if)#interface serial 2/1
R2(config-if)#ip address 172.16.1.1 255.255.255.252
R2(config-if)#no shut
R2(config-if)#
*Jul 18 09:48:31.959: %LINK-3-UPDOWN: Interface Serial2/1, changed state to up
R2(config-if)#
*Jul 18 09:48:32.967: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/1, changed state to up
R2(config-if)#end
R2#


R3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)#interface loop 0
R3(config-if)#
*Jul 18 09:49:09.655: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R3(config-if)#ip address 172.17.3.1 255.255.255.0
R3(config-if)#
R3(config-if)#interface loop 1
R3(config-if)#
*Jul 18 09:49:34.391: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up
R3(config-if)#ip address 172.16.3.1 255.255.255.0
R3(config-if)#
R3(config-if)#interface serial 2/1
R3(config-if)#ip address 172.16.1.2 255.255.255.252
R3(config-if)#no shut
R3(config-if)#
*Jul 18 09:50:33.539: %LINK-3-UPDOWN: Interface Serial2/1, changed state to up
R3(config-if)#
*Jul 18 09:50:34.547: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/1, changed state to up
R3(config-if)#
R3(config-if)#do ping 172.16.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms
R3(config-if)#
R3(config-if)#interface serial 2/2
R3(config-if)#ip address 172.16.1.5 255.255.255.252
R3(config-if)#no shut
R3(config-if)#end
R3#


R4#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#interface loop 0
R4(config-if)#
*Jul 18 09:52:39.779: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
R4(config-if)#ip address 172.17.4.1 255.255.255.0
R4(config-if)#
R4(config-if)#interface loop 1
R4(config-if)#
*Jul 18 09:54:25.795: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up
R4(config-if)#ip address 172.16.4.1 255.255.255.0
R4(config-if)#
R4(config-if)#interface serial 2/2
R4(config-if)#ip address 172.16.1.6 255.255.255.252
R4(config-if)#no shut
R4(config-if)#
*Jul 18 09:54:59.731: %LINK-3-UPDOWN: Interface Serial2/2, changed state to up
R4(config-if)#
*Jul 18 09:55:00.739: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/2, changed state to up
R4(config-if)#do ping 172.16.1.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/24 ms
R4(config-if)#end
R4#


R2#conf t     // CONFIGURE EIGRP IN CUSTOMER NETWORK
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#router eigrp 1
R2(config-router)#?    
Router configuration commands:
  address-family       Enter Address Family command mode
  auto-summary         Enable automatic network number summarization
  bfd                  BFD configuration commands
  default              Set a command to its defaults
  default-information  Control distribution of default information
  default-metric       Set metric of redistributed routes
  distance             Define an administrative distance
  distribute-list      Filter entries in eigrp updates
  eigrp                EIGRP specific commands
  exit                 Exit from routing protocol configuration mode
  maximum-paths        Forward packets over multiple paths
  metric               Modify metrics and parameters for advertisement
  neighbor             Specify a neighbor router
  network              Enable routing on an IP network
  no                   Negate a command or set its defaults
  offset-list          Add or subtract offset from EIGRP metrics
  passive-interface    Suppress routing updates on an interface
  redistribute         Redistribute IPv4 routes from another routing protocol
  shutdown             Shutdown this instance of EIGRP
  summary-metric       Specify summary to apply metric/filtering
  timers               Adjust routing timers
  traffic-share        How to compute traffic share over alternate paths
  variance             Control load balancing variance

R2(config-router)#eigrp ?
  event-log-size         Set EIGRP maximum event log entries
  log-neighbor-changes   Enable/Disable EIGRP neighbor logging
  log-neighbor-warnings  Enable/Disable EIGRP neighbor warnings
  router-id              router id for this EIGRP process
  stub                   Set address-family in stubbed mode

R2(config-router)#eigrp router-id ?  
  A.B.C.D  EIGRP Router-ID in IP address format

R2(config-router)#eigrp router-id 1.1.1.1
R2(config-router)#network 172.16.0.0
R2(config-router)#network 172.17.0.0
R2(config-router)#end
R2#
*Jul 18 09:57:58.943: %DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 172.16.1.2 (Serial2/1) is up: new adjacency


R3#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)#router eigrp 1
R3(config-router)#eigrp router-id 2.2.2.2
R3(config-router)#network 172.16.0.0
R3(config-router)#
*Jul 18 09:57:58.963: %DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 172.16.1.1 (Serial2/1) is up: new adjacency
R3(config-router)#network 172.17.0.0
R3(config-router)#end
R3#
*Jul 18 09:59:25.167: %DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 172.16.1.6 (Serial2/2) is up: new adjacency


R4#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#router eigrp 1
R4(config-router)#eigrp router-id 3.3.3.3
R4(config-router)#network 172.16.0.0
R4(config-router)#
*Jul 18 09:59:54.979: %DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 172.16.1.5 (Serial2/2) is up: new adjacency
R4(config-router)#network 172.17.0.0
R4(config-router)#end
R4#

R4#ping 172.16.2.1 source 172.16.4.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.4.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/36/64 ms


R2#conf t      
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#router bgp 65000
R2(config-router)#bgp router-id 1.1.1.1
R2(config-router)#neighbor 192.168.1.1 remote-as 65100       // CONFIGURE EBGP WITH ISP 1
R2(config-router)#
*Jul 18 10:02:32.827: %BGP-5-ADJCHANGE: neighbor 192.168.1.1 Up
R2(config-router)#neighbor 172.17.4.1 remote-as 65000
R2(config-router)#neighbor 172.17.4.1 update-source loop 0
R2(config-router)#network 172.16.2.0 mask 255.255.255.0
R2(config-router)#end
R2#
*Jul 18 10:04:27.575: %BGP-5-ADJCHANGE: neighbor 172.17.4.1 Up


R1#
*Jul 18 10:02:22.423: %BGP-5-ADJCHANGE: neighbor 192.168.1.2 Up


R4#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#router bgp 65000
R4(config-router)#bgp router-id 3.3.3.3
R4(config-router)#neighbor 172.17.2.1 remote-as 65000       // CONFIGURE IBGP
R4(config-router)#
*Jul 18 10:04:57.411: %BGP-5-ADJCHANGE: neighbor 172.17.2.1 Up
R4(config-router)#neighbor 172.17.2.1 update-source loop 0
R4(config-router)#network 172.16.4.0 mask 255.255.255.0
R4(config-router)#end
R4#


R2#show ip bgp       // VERIFY BGP TABLE
BGP table version is 4, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>  10.1.0.0/16      192.168.1.1              0             0 65100 i
 *>  172.16.2.0/24    0.0.0.0                  0         32768 i
 r>i 172.16.4.0/24    172.17.4.1               0    100      0 i


R2#show ip bgp rib-failure      // VERIFY CAUSE OF RIB FAILURE
  Network            Next Hop                      RIB-failure   RIB-NH Matches
172.16.4.0/24      172.17.4.1          Higher admin distance              n/a


R2#show ip route       
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      10.0.0.0/16 is subnetted, 1 subnets
B        10.1.0.0 [20/0] via 192.168.1.1, 00:05:55
      172.16.0.0/16 is variably subnetted, 7 subnets, 3 masks
C        172.16.1.0/30 is directly connected, Serial2/1
L        172.16.1.1/32 is directly connected, Serial2/1
D        172.16.1.4/30 [90/2681856] via 172.16.1.2, 00:10:27, Serial2/1
C        172.16.2.0/24 is directly connected, Loopback1
L        172.16.2.1/32 is directly connected, Loopback1
D        172.16.3.0/24 [90/2297856] via 172.16.1.2, 00:10:27, Serial2/1
D        172.16.4.0/24 [90/2809856] via 172.16.1.2, 00:09:03, Serial2/1  // PREFER EIGRP AD 90 VS IBGP AD 200
      172.17.0.0/16 is variably subnetted, 4 subnets, 2 masks
C        172.17.2.0/24 is directly connected, Loopback0
L        172.17.2.1/32 is directly connected, Loopback0
D        172.17.3.0/24 [90/2297856] via 172.16.1.2, 00:10:25, Serial2/1
D        172.17.4.0/24 [90/2809856] via 172.16.1.2, 00:08:54, Serial2/1
      192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.1.0/30 is directly connected, Serial2/0
L        192.168.1.2/32 is directly connected, Serial2/0


R2#ping 10.1.0.1       // VERIFY ISP CONNECTIVITY
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/9/12 ms


R4#show ip route       // THE 10.1.0.0/16 NETWORK IS NOT IN ROUTING TABLE SINCE R4 DON'T HAVE A ROUTE TO 192.168.1.1 (ISP)
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      172.16.0.0/16 is variably subnetted, 7 subnets, 3 masks
D        172.16.1.0/30 [90/2681856] via 172.16.1.5, 00:10:45, Serial2/2
C        172.16.1.4/30 is directly connected, Serial2/2
L        172.16.1.6/32 is directly connected, Serial2/2
D        172.16.2.0/24 [90/2809856] via 172.16.1.5, 00:10:45, Serial2/2
D        172.16.3.0/24 [90/2297856] via 172.16.1.5, 00:10:45, Serial2/2
C        172.16.4.0/24 is directly connected, Loopback1
L        172.16.4.1/32 is directly connected, Loopback1
      172.17.0.0/16 is variably subnetted, 4 subnets, 2 masks
D        172.17.2.0/24 [90/2809856] via 172.16.1.5, 00:10:45, Serial2/2
D        172.17.3.0/24 [90/2297856] via 172.16.1.5, 00:10:45, Serial2/2
C        172.17.4.0/24 is directly connected, Loopback0
L        172.17.4.1/32 is directly connected, Loopback0


R4#show ip bgp       // ROUTES LEARNED VIA IBGP ARE NEVER PROPAGATED TO OTHER IBGP PEERS
BGP table version is 3, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 * i 10.1.0.0/16      192.168.1.1              0    100      0 65100 i
 r>i 172.16.2.0/24    172.17.2.1               0    100      0 i
 *>  172.16.4.0/24    0.0.0.0                  0         32768 i


R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#router bgp 65000
R2(config-router)#neighbor 172.17.4.1 next-hop-self       // USE R2 TO REACH EXTERNAL ROUTE 10.1.0.0/16
R2(config-router)#end
R2#


R4#conf t       // TO THE SAME FOR R4 FOR CONSISTENT CONFIG
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#router bgp 65000
R4(config-router)#neighbor 172.17.2.1 next-hop-self
R4(config-router)#end
R4#


R4#show ip bgp      // NOTE > AND NEXT HOP FOR 10.1.0.0/16
BGP table version is 4, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>i 10.1.0.0/16      172.17.2.1               0    100      0 65100 i
 r>i 172.16.2.0/24    172.17.2.1               0    100      0 i
 *>  172.16.4.0/24    0.0.0.0                  0         32768 i


R4#show ip route        // 10.1.0.0/16 IS NOW IN THE ROUTING TABLE
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      10.0.0.0/16 is subnetted, 1 subnets
B        10.1.0.0 [200/0] via 172.17.2.1, 00:02:07
      172.16.0.0/16 is variably subnetted, 7 subnets, 3 masks
D        172.16.1.0/30 [90/2681856] via 172.16.1.5, 00:16:37, Serial2/2
C        172.16.1.4/30 is directly connected, Serial2/2
L        172.16.1.6/32 is directly connected, Serial2/2
D        172.16.2.0/24 [90/2809856] via 172.16.1.5, 00:16:37, Serial2/2
D        172.16.3.0/24 [90/2297856] via 172.16.1.5, 00:16:37, Serial2/2
C        172.16.4.0/24 is directly connected, Loopback1
L        172.16.4.1/32 is directly connected, Loopback1
      172.17.0.0/16 is variably subnetted, 4 subnets, 2 masks
D        172.17.2.0/24 [90/2809856] via 172.16.1.5, 00:16:37, Serial2/2
D        172.17.3.0/24 [90/2297856] via 172.16.1.5, 00:16:37, Serial2/2
C        172.17.4.0/24 is directly connected, Loopback0
L        172.17.4.1/32 is directly connected, Loopback0


R4#ping 10.1.0.1      
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
UUUUU
Success rate is 0 percent (0/5)
R4#
R4#ping 10.1.0.1 source 172.16.4.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.4.1
UUUUU
Success rate is 0 percent (0/5)


R3#show ip route       // NO 10.1.0.0/16 NETWORK IN ROUTING TABLE
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      172.16.0.0/16 is variably subnetted, 8 subnets, 3 masks
C        172.16.1.0/30 is directly connected, Serial2/1
L        172.16.1.2/32 is directly connected, Serial2/1
C        172.16.1.4/30 is directly connected, Serial2/2
L        172.16.1.5/32 is directly connected, Serial2/2
D        172.16.2.0/24 [90/2297856] via 172.16.1.1, 00:20:42, Serial2/1
C        172.16.3.0/24 is directly connected, Loopback1
L        172.16.3.1/32 is directly connected, Loopback1
D        172.16.4.0/24 [90/2297856] via 172.16.1.6, 00:19:17, Serial2/2
      172.17.0.0/16 is variably subnetted, 4 subnets, 2 masks
D        172.17.2.0/24 [90/2297856] via 172.16.1.1, 00:20:42, Serial2/1
C        172.17.3.0/24 is directly connected, Loopback0
L        172.17.3.1/32 is directly connected, Loopback0
D        172.17.4.0/24 [90/2297856] via 172.16.1.6, 00:19:09, Serial2/2


R4#conf t      // BGP SYNC RULE: A ROUTER WILL NOT INCLUDE IN ITS ROUTING TABLE NOR ADVERTISE ROUTES LEARN VIA IBGP UNLESS THAT ROUTE IS DIRECTLY CONNECTED OR LEARNED FROM IGP
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#router bgp 65000
R4(config-router)#synchronization      // DEFAULT no sync IN IOS 12.2(8)T; NOT A BEST PRACTICE TO REDISTRIBUTE EBGP ROUTES INTO AN IGP DUE TO LARGE INTERNET ROUTING TABLE SIZE, HIGH MEMORY AND CPU USE
R4(config-router)#end
R4#
*Jul 18 10:21:02.471: %SYS-5-CONFIG_I: Configured from console by console
R4#clear ip bgp * soft      // NEED A 'HARD' BGP RESET FOR BGP SYNC TO TAKE EFFECT
R4#
R4#show ip bgp
BGP table version is 4, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>i 10.1.0.0/16      172.17.2.1               0    100      0 65100 i
 r>i 172.16.2.0/24    172.17.2.1               0    100      0 i
 *>  172.16.4.0/24    0.0.0.0                  0         32768 i
R4#clear ip bgp *
R4#
*Jul 18 10:21:46.487: %BGP-5-ADJCHANGE: neighbor 172.17.2.1 Down User reset
*Jul 18 10:21:46.491: %BGP_SESSION-5-ADJCHANGE: neighbor 172.17.2.1 IPv4 Unicast topology base removed from session  User reset
*Jul 18 10:21:47.087: %BGP-5-ADJCHANGE: neighbor 172.17.2.1 Up
R4#
R4#show ip bgp  
BGP table version is 4, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 * i 10.1.0.0/16      172.17.2.1               0    100      0 65100 i
 r>i 172.16.2.0/24    172.17.2.1               0    100      0 i


R4#show ip route       // 10.1.0.0/16 IS REMOVED IN ROUTING TABLE SINCE IT DIDN'T LEARN THIS ROUTE VIA IGP (EIGRP)
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      172.16.0.0/16 is variably subnetted, 7 subnets, 3 masks
D        172.16.1.0/30 [90/2681856] via 172.16.1.5, 00:22:48, Serial2/2
C        172.16.1.4/30 is directly connected, Serial2/2
L        172.16.1.6/32 is directly connected, Serial2/2
D        172.16.2.0/24 [90/2809856] via 172.16.1.5, 00:22:48, Serial2/2
D        172.16.3.0/24 [90/2297856] via 172.16.1.5, 00:22:48, Serial2/2
C        172.16.4.0/24 is directly connected, Loopback1
L        172.16.4.1/32 is directly connected, Loopback1
      172.17.0.0/16 is variably subnetted, 4 subnets, 2 masks
D        172.17.2.0/24 [90/2809856] via 172.16.1.5, 00:22:48, Serial2/2
D        172.17.3.0/24 [90/2297856] via 172.16.1.5, 00:22:48, Serial2/2
C        172.17.4.0/24 is directly connected, Loopback0
L        172.17.4.1/32 is directly connected, Loopback0


R4#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#router bgp 65000
R4(config-router)#no synchronization
R4(config-router)#end
R4#
*Jul 18 10:24:04.955: %SYS-5-CONFIG_I: Configured from console by console
R4#clear ip bgp *
R4#
*Jul 18 10:24:09.171: %BGP-5-ADJCHANGE: neighbor 172.17.2.1 Down User reset
*Jul 18 10:24:09.171: %BGP_SESSION-5-ADJCHANGE: neighbor 172.17.2.1 IPv4 Unicast topology base removed from session  User reset
*Jul 18 10:24:09.443: %BGP-5-ADJCHANGE: neighbor 172.17.2.1 Up
R4#
R4#show ip bgp
BGP table version is 3, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>i 10.1.0.0/16      172.17.2.1               0    100      0 65100 i
 r>i 172.16.2.0/24    172.17.2.1               0    100      0 i
R4#
R4#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      10.0.0.0/16 is subnetted, 1 subnets
B        10.1.0.0 [200/0] via 172.17.2.1, 00:00:06
      172.16.0.0/16 is variably subnetted, 7 subnets, 3 masks
D        172.16.1.0/30 [90/2681856] via 172.16.1.5, 00:24:21, Serial2/2
C        172.16.1.4/30 is directly connected, Serial2/2
L        172.16.1.6/32 is directly connected, Serial2/2
D        172.16.2.0/24 [90/2809856] via 172.16.1.5, 00:24:21, Serial2/2
D        172.16.3.0/24 [90/2297856] via 172.16.1.5, 00:24:21, Serial2/2
C        172.16.4.0/24 is directly connected, Loopback1
L        172.16.4.1/32 is directly connected, Loopback1
      172.17.0.0/16 is variably subnetted, 4 subnets, 2 masks
D        172.17.2.0/24 [90/2809856] via 172.16.1.5, 00:24:21, Serial2/2
D        172.17.3.0/24 [90/2297856] via 172.16.1.5, 00:24:21, Serial2/2
C        172.17.4.0/24 is directly connected, Loopback0
L        172.17.4.1/32 is directly connected, Loopback0


R3#conf t      // ENSURE FULL MESH IBGP ON ALL IBGP PEERS (R2, R3, R4) IN TRANSIT PATH (IF USING no sync)
Enter configuration commands, one per line.  End with CNTL/Z.
R3(config)#router bgp 65000
R3(config-router)#bgp router-id 2.2.2.2
R3(config-router)#neighbor 172.17.2.1 remote-as 65000
R3(config-router)#neighbor 172.17.2.1 update-source loop 0
R3(config-router)#neighbor 172.17.4.1 remote-as 65000    
R3(config-router)#neighbor 172.17.4.1 update-source loop 0
R3(config-router)#end
R3#
*Jul 18 11:59:39.119: %BGP-5-ADJCHANGE: neighbor 172.17.2.1 Up
R3#
*Jul 18 12:00:55.903: %BGP-5-ADJCHANGE: neighbor 172.17.4.1 Up


R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#router bgp 65000
R2(config-router)#neighbor 172.17.3.1 remote-as 65000
R2(config-router)#
*Jul 18 11:59:39.151: %BGP-5-ADJCHANGE: neighbor 172.17.3.1 Up
R2(config-router)#neighbor 172.17.3.1 update-source loop 0
R2(config-router)#neighbor 172.17.3.1 next-hop-self      
R2(config-router)#end
R2#


R4#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R4(config)#router bgp 65000
R4(config-router)#neighbor 172.17.3.1 remote-as 65000
R4(config-router)#
*Jul 18 12:01:25.767: %BGP-5-ADJCHANGE: neighbor 172.17.3.1 Up
R4(config-router)#neighbor 172.17.3.1 update-source loop 0
R4(config-router)#neighbor 172.17.3.1 next-hop-self
R4(config-router)#end
R4#


R1#show bgp summary      // VERIFY BGP NEIGHBOR ADJACENCY
BGP router identifier 10.0.0.1, local AS number 65100
BGP table version is 8, main routing table version 8
3 network entries using 444 bytes of memory
3 path entries using 192 bytes of memory
3/3 BGP path/bestpath attribute entries using 408 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1068 total bytes of memory
BGP activity 5/2 prefixes, 5/2 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
192.168.1.2     4        65000     137     137        8    0    0 02:00:30        2


R2#show bgp summary
BGP router identifier 1.1.1.1, local AS number 65000
BGP table version is 8, main routing table version 8
3 network entries using 444 bytes of memory
3 path entries using 192 bytes of memory
3/3 BGP path/bestpath attribute entries using 408 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1068 total bytes of memory
BGP activity 5/2 prefixes, 5/2 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
172.17.3.1      4        65000       8      14        8    0    0 00:03:52        0
172.17.4.1      4        65000     113     115        8    0    0 01:39:52        1
192.168.1.1     4        65100     137     137        8    0    0 02:00:59        1


R3#show bgp summary
BGP router identifier 2.2.2.2, local AS number 65000
BGP table version is 4, main routing table version 4
3 network entries using 444 bytes of memory
3 path entries using 192 bytes of memory
2/2 BGP path/bestpath attribute entries using 272 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 932 total bytes of memory
BGP activity 3/0 prefixes, 3/0 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
172.17.2.1      4        65000      15       8        4    0    0 00:04:26        2
172.17.4.1      4        65000      13       9        4    0    0 00:03:10        1


R4#show bgp summary
BGP router identifier 3.3.3.3, local AS number 65000
BGP table version is 4, main routing table version 4
3 network entries using 444 bytes of memory
3 path entries using 192 bytes of memory
3/3 BGP path/bestpath attribute entries using 408 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1068 total bytes of memory
BGP activity 9/6 prefixes, 9/6 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
172.17.2.1      4        65000     116     114        4    0    0 01:40:48        2
172.17.3.1      4        65000       9      13        4    0    0 00:03:31        0


R3#show ip bgp       // VERIFY R3 HAS 10.1.0.0/16 ROUTE
BGP table version is 4, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>i 10.1.0.0/16      172.17.2.1               0    100      0 65100 i
 r>i 172.16.2.0/24    172.17.2.1               0    100      0 i
 r>i 172.16.4.0/24    172.17.4.1               0    100      0 i
R3#
R3#show ip route bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      10.0.0.0/16 is subnetted, 1 subnets
B        10.1.0.0 [200/0] via 172.17.2.1, 00:04:29


R4#show ip bgp        // VERIFY R4 HAS 10.1.0.0/16 ROUTE
BGP table version is 4, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>i 10.1.0.0/16      172.17.2.1               0    100      0 65100 i
 r>i 172.16.2.0/24    172.17.2.1               0    100      0 i
 *>  172.16.4.0/24    0.0.0.0                  0         32768 i
R4#
R4#show ip route bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      10.0.0.0/16 is subnetted, 1 subnets
B        10.1.0.0 [200/0] via 172.17.2.1, 01:41:54


R4#ping 10.1.0.1 source 172.16.4.1       // R4 <> R1 (ISP) HAS FULL CONNECTIVITY
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.4.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/59/64 ms


R1#ping 172.16.4.1 source 10.1.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.4.1, timeout is 2 seconds:
Packet sent with a source address of 10.1.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/33/44 ms


R2#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
R2(config)#
R2(config)#router bgp 65000
R2(config-router)#neighbor 192.168.1.1 ?            
  activate                 Enable the Address Family for this Neighbor
  advertise                Advertise to this neighbor
  advertise-map            specify route-map for conditional advertisement
  advertisement-interval   Minimum interval between sending BGP routing updates
  allowas-in               Accept as-path with my AS present in it
  capability               Advertise capability to the peer
  default-originate        Originate default route to this neighbor
  description              Neighbor specific description
  disable-connected-check  one-hop away EBGP peer using loopback address
  distribute-list          Filter updates to/from this neighbor
  dmzlink-bw               Propagate the DMZ link bandwidth
  ebgp-multihop            Allow EBGP neighbors not on directly connected
                           networks
  fall-over                session fall on peer route lost
  filter-list              Establish BGP filters
  ha-mode                  high availability mode
  inherit                  Inherit a template
  local-as                 Specify a local-as number
  maximum-prefix           Maximum number of prefixes accepted from this peer
  next-hop-self            Disable the next hop calculation for this neighbor
  next-hop-unchanged       Propagate next hop unchanged for iBGP paths to this
                           neighbor
  password                 Set a password
  peer-group               Member of the peer-group
  prefix-list              Filter updates to/from this neighbor
  remote-as                Specify a BGP neighbor
  remove-private-as        Remove private AS number from outbound updates
  route-map                Apply route map to neighbor
  route-reflector-client   Configure a neighbor as Route Reflector client
  route-server-client      Configure a neighbor as Route Server client
  send-community           Send Community attribute to this neighbor
  send-label               Send NLRI + MPLS Label to this peer
  shutdown                 Administratively shut down this neighbor
  slow-peer                Configure slow-peer
  soft-reconfiguration     Per neighbor soft reconfiguration
  soo                      Site-of-Origin extended community
  timers                   BGP per neighbor timers
  translate-update         Translate Update to MBGP format
  transport                Transport options
  ttl-security             BGP ttl security check
  unsuppress-map           Route-map to selectively unsuppress suppressed
                           routes
  update-source            Source of routing updates
  version                  Set the BGP version to match a neighbor
  weight                   Set default weight for routes from this neighbor
                   
R2(config-router)#neighbor 192.168.1.1 filter-list ?
  <1-500>  AS path access list

R2(config-router)#neighbor 192.168.1.1 filter-list 1 ?
  in   Filter incoming routes
  out  Filter outgoing routes

R2(config-router)#neighbor 192.168.1.1 filter-list 1 out      // CONFIGURE AS-PATH FILTER TO AVOID ASN 65000 BECOME A TRANSIT AS
R2(config-router)#exit
R2(config)#ip a?
access-list   accounting-list  accounting-threshold  accounting-transits
address-pool  admission        alias                 arp
as-path       auth-proxy      

R2(config)#ip as-path ?
  access-list  Specify an access list number

R2(config)#ip as-path acess-list ?
% Unrecognized command
R2(config)#ip as-path access-list ?
  <1-500>  AS path access list number

R2(config)#ip as-path access-list 1 ?
  deny    Specify packets to reject
  permit  Specify packets to forward

R2(config)#ip as-path access-list 1 permit ?
  LINE  A regular-expression to match BGP AS paths. Use "ctrl-v ?" to enter "?"

R2(config)#ip as-path access-list 1 permit ^$       // MATCH ROUTES THAT ARE LOCAL OR DON'T CONTAIN AS IN ITS AS-PATH
R2(config)#end
R2#
*Jul 18 12:12:42.411: %SYS-5-CONFIG_I: Configured from console by console
R2#clear ip bgp * soft


R4#ping 10.1.0.1 source 172.16.4.1       // R4 <> R1 (ISP) STILL HAS FULL CONNECTIVITY
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.4.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 48/60/68 ms