Thursday, February 19, 2015

Configuring IBGP and EBGP Sessions, Local Preference and MED

I only did a basic BGP lab on my last blog post. This is the continuation of my BGP lab, but this time I manipulated its various attributes. I usually don't configure or troubleshoot BGP most of the time in our production network. It's one of those routing protocols that once you've setup correctly, you virtually don't have to deal with it again (unless there's an outage).


ISP(config)#interface loopback0
ISP(config-if)#
*Jan  3 09:41:48.663: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
ISP(config-if)#ip address 192.168.100.1 255.255.255.0
ISP(config-if)#interface s0/0/0
ISP(config-if)#ip address 192.168.1.5 255.255.255.252
ISP(config-if)#clock rate 128000
ISP(config-if)#no shutdown
ISP(config-if)#
*Jan  3 09:42:29.367: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to down
ISP(config-if)#interface s0/0/1
ISP(config-if)#ip address 192.168.1.1 255.255.255.252
ISP(config-if)#no shutdown
ISP(config-if)#
*Jan  3 09:42:53.707: %LINK-3-UPDOWN: Interface Serial0/0/1, changed state to down


SanJose1(config)#interface loopback0
SanJose1(config-if)#
*Jan  3 08:25:31.687: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
SanJose1(config-if)#ip address 172.16.64.1 255.255.255.0
SanJose1(config-if)#interface s0/0/0
SanJose1(config-if)#ip address 192.168.1.6 255.255.255.252
SanJose1(config-if)#no shutdown
SanJose1(config-if)#
*Jan  3 08:26:03.563: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to up
*Jan  3 08:26:04.563: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
SanJose1(config-if)#do ping 192.168.1.5

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
SanJose1(config-if)#interface s0/0/1
SanJose1(config-if)#ip address 172.16.1.1 255.255.255.0
SanJose1(config-if)#clock rate 128000
SanJose1(config-if)#no shutdown
SanJose1(config-if)#
*Jan  3 08:26:32.963: %LINK-3-UPDOWN: Interface Serial0/0/1, changed state to up
*Jan  3 08:26:33.963: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/1, changed state to up


SanJose2(config)#interface loopback0
SanJose2(config-if)#
*Jan  3 09:04:26.239: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
SanJose2(config-if)#ip address 172.16.32.1 255.255.255.0
SanJose2(config-if)#interface s0/0/0
SanJose2(config-if)#ip address 192.168.1.2 255.255.255.252
SanJose2(config-if)#clock rate 128000
SanJose2(config-if)#no shutdown
SanJose2(config-if)#
*Jan  3 09:05:07.603: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to up
*Jan  3 09:05:08.603: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
SanJose2(config-if)#do ping 192.168.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
SanJose2(config-if)#interface s0/0/1
SanJose2(config-if)#ip address 172.16.1.2 255.255.255.0
SanJose2(config-if)#no shutdown
SanJose2(config-if)#do ping 172.16.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms


SanJose1(config)#router eigrp 64512
SanJose1(config-router)#no auto-summary
SanJose1(config-router)#network 172.16.0.0


SanJose2(config)#router eigrp 64512
SanJose2(config-router)#no auto-summary
SanJose2(config-router)#network 172.16.0.0
SanJose2(config-router)#
*Jan  3 09:07:14.023: %DUAL-5-NBRCHANGE: IP-EIGRP(0) 64512: Neighbor 172.16.1.1 (Serial0/0/1) is up:

new adjacency
SanJose2(config-router)#end
SanJose2#
*Jan  3 09:07:27.687: %SYS-5-CONFIG_I: Configured from console by console
SanJose2#show ip eigrp neighbors
IP-EIGRP neighbors for process 64512
H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq
                                            (sec)         (ms)       Cnt Num
0   172.16.1.1              Se0/0/1           12 00:00:20   12   300  0  3


SanJose1(config)#router bgp 64512
SanJose1(config-router)#neighbor 172.16.32.1 remote-as 64512   // SAME ASN FOR IBGP PEER
SanJose1(config-router)#neighbor 172.16.32.1 update-source ?
  Async               Async interface
  Auto-Template       Auto-Template interface
  BVI                 Bridge-Group Virtual Interface
  CDMA-Ix             CDMA Ix interface
  CTunnel             CTunnel interface
  Dialer              Dialer interface
  FastEthernet        FastEthernet IEEE 802.3
  Lex                 Lex interface
  Loopback            Loopback interface
  MFR                 Multilink Frame Relay bundle interface
  Multilink           Multilink-group interface
  Null                Null interface
  SSLVPN-VIF          SSLVPN Virtual Interface
  Serial              Serial
  Tunnel              Tunnel interface
  Vif                 PGM Multicast Host interface
  Virtual-Dot11Radio  Virtual dot11 interface
  Virtual-PPP         Virtual PPP interface
  Virtual-Template    Virtual Template interface
  Virtual-TokenRing   Virtual TokenRing
  vmi                 Virtual Multipoint Interface

SanJose1(config-router)#neighbor 172.16.32.1 update-source loopback0   // USE LOOPBACK 0 AS THE SOURCE IP ADDRESS FOR ALL BGP MESSAGES IF MULTIPLE PATHS EXIST TO THE BGP NEIGHBOR

SanJose2(config)#router bgp 64512
SanJose2(config-router)#neighbor 172.16.64.1 remote-as 64512
SanJose2(config-router)#neighbor 172.16.64.1 update-source loopback0
SanJose2(config-router)#
*Jan  3 09:11:22.983: %BGP-5-ADJCHANGE: neighbor 172.16.64.1 Up


SanJose2#show ip bgp neighbors
BGP neighbor is 172.16.64.1,  remote AS 64512, internal link   
  BGP version 4, remote router ID 172.16.64.1
  BGP state = Established, up for 00:00:23
  Last read 00:00:23, last write 00:00:23, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
    Route refresh: advertised and received(new)
    New ASN Capability: advertised and received
    Address family IPv4 Unicast: advertised and received
  Message statistics:
    InQ depth is 0
    OutQ depth is 0

                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                0          0
    Keepalives:             1          1
    Route Refresh:          0          0
    Total:                  2          2
  Default minimum time between advertisement runs is 0 seconds

 For address family: IPv4 Unicast
  BGP table version 1, neighbor version 0/0
  Output queue size : 0
  Index 1, Offset 0, Mask 0x2
  1 update-group member
                                 Sent       Rcvd
  Prefix activity:               ----       ----
    Prefixes Current:               0          0
    Prefixes Total:                 0          0
    Implicit Withdraw:              0          0
    Explicit Withdraw:              0          0
    Used as bestpath:             n/a          0
    Used as multipath:            n/a          0

                                   Outbound    Inbound
  Local Policy Denied Prefixes:    --------    -------
    Total:                                0          0
  Number of NLRIs in the update sent: max 0, min 0

  Address tracking is enabled, the RIB does have a route to 172.16.64.1
  Connections established 1; dropped 0
  Last reset never
  Transport(tcp) path-mtu-discovery is enabled
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 255
Local host: 172.16.32.1, Local port: 179
Foreign host: 172.16.64.1, Foreign port: 44852
Connection tableid (VRF): 0

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0x10DF68):
Timer          Starts    Wakeups            Next
Retrans             3          0             0x0
TimeWait            0          0             0x0
AckHold             2          1             0x0
SendWnd             0          0             0x0
KeepAlive           0          0             0x0
GiveUp              0          0             0x0
PmtuAger            0          0             0x0
DeadWait            0          0             0x0
Linger              0          0             0x0
ProcessQ            0          0             0x0

iss: 3034847281  snduna: 3034847354  sndnxt: 3034847354     sndwnd:  16312
irs: 4118955732  rcvnxt: 4118955805  rcvwnd:      16312  delrcvwnd:     72

SRTT: 99 ms, RTTO: 1539 ms, RTV: 1440 ms, KRTT: 0 ms
minRTT: 8 ms, maxRTT: 300 ms, ACK hold: 200 ms
Status Flags: passive open, gen tcbs
Option Flags: nagle, path mtu capable
IP Precedence value : 6

Datagrams (max data segment is 536 bytes):
Rcvd: 5 (out of order: 0), with data: 2, total data bytes: 72
Sent: 4 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 2, total

data bytes: 72
 Packets received in fast path: 0, fast processed: 0, slow path: 0
 fast lock acquisition failures: 0, slow path: 0


ISP(config)#router bgp 200
ISP(config-router)#neighbor 192.168.1.6 remote-as 64512   // DIFFERENT ASN FOR EBGP PEER
ISP(config-router)#neighbor 192.168.1.2 remote-as 64512   // NO NEED FOR update-source SINCE THERE'S ONLY ONE PATH AVAILABLE

EXIST TO BGP PEER
ISP(config-router)#network 192.168.100.0


SanJose1(config)#ip route 172.16.0.0 255.255.0.0 null0
SanJose1(config)#router bgp 64512
SanJose1(config-router)#neighbor 192.168.1.5 remote-as 200
SanJose1(config-router)#network 172.16.0.0
SanJose1(config-router)#
*Jan  3 08:37:41.055: %BGP-5-ADJCHANGE: neighbor 192.168.1.5 Up

SanJose1#show ip bgp neighbors
BGP neighbor is 172.16.32.1,  remote AS 64512, internal link
  BGP version 4, remote router ID 172.16.32.1
  BGP state = Established, up for 00:03:54
  Last read 00:00:57, last write 00:00:17, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
    Route refresh: advertised and received(new)
    New ASN Capability: advertised and received
    Address family IPv4 Unicast: advertised and received
  Message statistics:
    InQ depth is 0
    OutQ depth is 0

                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                1          0
    Keepalives:             4          4
    Route Refresh:          0          0
    Total:                  6          5
  Default minimum time between advertisement runs is 0 seconds

 For address family: IPv4 Unicast
  BGP table version 2, neighbor version 2/0
  Output queue size : 0
  Index 1, Offset 0, Mask 0x2
  1 update-group member
                                 Sent       Rcvd
  Prefix activity:               ----       ----
    Prefixes Current:               1          0
    Prefixes Total:                 1          0
    Implicit Withdraw:              0          0
    Explicit Withdraw:              0          0
    Used as bestpath:             n/a          0
    Used as multipath:            n/a          0

                                   Outbound    Inbound
  Local Policy Denied Prefixes:    --------    -------
    Total:                                0          0
  Number of NLRIs in the update sent: max 1, min 1

  Address tracking is enabled, the RIB does have a route to 172.16.32.1
  Connections established 1; dropped 0
  Last reset never
  Transport(tcp) path-mtu-discovery is enabled
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 255
Local host: 172.16.64.1, Local port: 44852
Foreign host: 172.16.32.1, Foreign port: 179
Connection tableid (VRF): 0

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0x143C14):
Timer          Starts    Wakeups            Next
Retrans             7          0             0x0
TimeWait            0          0             0x0
AckHold             6          2             0x0
SendWnd             0          0             0x0
KeepAlive           0          0             0x0
GiveUp              0          0             0x0
PmtuAger            1          0        0x19B684
DeadWait            0          0             0x0
Linger              0          0             0x0
ProcessQ            0          0             0x0

iss: 4118955732  snduna: 4118955916  sndnxt: 4118955916     sndwnd:  16201
irs: 3034847281  rcvnxt: 3034847430  rcvwnd:      16236  delrcvwnd:    148

SRTT: 182 ms, RTTO: 1073 ms, RTV: 891 ms, KRTT: 0 ms
minRTT: 8 ms, maxRTT: 300 ms, ACK hold: 200 ms
Status Flags: active open
Option Flags: nagle, path mtu capable
IP Precedence value : 6

Datagrams (max data segment is 536 bytes):
Rcvd: 12 (out of order: 0), with data: 6, total data bytes: 148
Sent: 10 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 6, total

data bytes: 183
 Packets received in fast path: 0, fast processed: 0, slow path: 0
 fast lock acquisition failures: 0, slow path: 0

BGP neighbor is 192.168.1.5,  remote AS 200, external link  
  BGP version 4, remote router ID 192.168.100.1
  BGP state = Established, up for 00:00:27
  Last read 00:00:27, last write 00:00:27, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
    Route refresh: advertised and received(new)
    New ASN Capability: advertised and received
    Address family IPv4 Unicast: advertised and received
  Message statistics:
    InQ depth is 0
    OutQ depth is 0

                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                1          0
    Keepalives:             2          1
    Route Refresh:          0          0
    Total:                  4          2
  Default minimum time between advertisement runs is 30 seconds

 For address family: IPv4 Unicast
  BGP table version 3, neighbor version 3/0
  Output queue size : 0
  Index 2, Offset 0, Mask 0x4
  2 update-group member
                                 Sent       Rcvd
  Prefix activity:               ----       ----
    Prefixes Current:               1          1
    Prefixes Total:                 1          1
    Implicit Withdraw:              0          0
    Explicit Withdraw:              0          0
    Used as bestpath:             n/a          0
    Used as multipath:            n/a          0

                                   Outbound    Inbound
  Local Policy Denied Prefixes:    --------    -------
    Bestpath from this peer:              1        n/a
    Total:                                1          0
  Number of NLRIs in the update sent: max 1, min 1

  Address tracking is enabled, the RIB does have a route to 192.168.1.5
  Connections established 1; dropped 0
  Last reset never
  Transport(tcp) path-mtu-discovery is enabled
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
Local host: 192.168.1.6, Local port: 48273
Foreign host: 192.168.1.5, Foreign port: 179
Connection tableid (VRF): 0

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0x147674):
Timer          Starts    Wakeups            Next
Retrans             3          0             0x0
TimeWait            0          0             0x0
AckHold             3          1             0x0
SendWnd             0          0             0x0
KeepAlive           0          0             0x0
GiveUp              0          0             0x0
PmtuAger            1          0        0x1D0754
DeadWait            0          0             0x0
Linger              0          0             0x0
ProcessQ            0          0             0x0

iss: 1364026979  snduna: 1364027124  sndnxt: 1364027124     sndwnd:  16240
irs: 1747390620  rcvnxt: 1747390766  rcvwnd:      16239  delrcvwnd:    145

SRTT: 99 ms, RTTO: 1539 ms, RTV: 1440 ms, KRTT: 0 ms
minRTT: 8 ms, maxRTT: 300 ms, ACK hold: 200 ms
Status Flags: active open
Option Flags: nagle, path mtu capable
IP Precedence value : 6

Datagrams (max data segment is 1460 bytes):
Rcvd: 6 (out of order: 0), with data: 4, total data bytes: 145
Sent: 7 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 4, total

data bytes: 144
 Packets received in fast path: 0, fast processed: 0, slow path: 0
 fast lock acquisition failures: 0, slow path: 0


SanJose1#show ip bgp summary
BGP router identifier 172.16.64.1, local AS number 64512
BGP table version is 3, main routing table version 3
2 network entries using 264 bytes of memory
2 path entries using 104 bytes of memory
3/2 BGP path/bestpath attribute entries using 504 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 2) using 64 bytes of memory
BGP using 960 total bytes of memory
BGP activity 2/0 prefixes, 2/0 paths, scan interval 60 secs

Neighbor        V          AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
172.16.32.1     4      64512       7       7        3    0    0 00:05:06        0
192.168.1.5     4        200       4       5        3    0    0 00:01:28        1


SanJose2(config)#ip route 172.16.0.0 255.255.0.0 null0
SanJose2(config)#router bgp 64512
SanJose2(config-router)#neighbor 192.168.1.1 remote-as 200
SanJose2(config-router)#network 172.16.0.0
SanJose2(config-router)#
*Jan  3 09:17:21.507: %BGP-5-ADJCHANGE: neighbor 192.168.1.1 Up

SanJose2#show ip bgp summary
BGP router identifier 172.16.32.1, local AS number 64512
BGP table version is 5, main routing table version 5
2 network entries using 264 bytes of memory
4 path entries using 208 bytes of memory
5/2 BGP path/bestpath attribute entries using 840 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 2) using 64 bytes of memory
BGP using 1400 total bytes of memory
BGP activity 2/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor        V          AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
172.16.64.1     4      64512       9       9        5    0    0 00:06:24        2
192.168.1.1     4        200       5       4        4    0    0 00:00:25        1


ISP#clear ip bgp *
ISP#
*Jan  3 09:59:21.235: %BGP-5-ADJCHANGE: neighbor 192.168.1.2 Down User reset
*Jan  3 09:59:21.239: %BGP-5-ADJCHANGE: neighbor 192.168.1.6 Down User reset
*Jan  3 09:59:25.547: %BGP-5-ADJCHANGE: neighbor 192.168.1.6 Up
*Jan  3 09:59:34.763: %BGP-5-ADJCHANGE: neighbor 192.168.1.2 Up
ISP#ping 172.16.64.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.64.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
ISP#ping 172.16.1.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
ISP#ping 172.16.32.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.32.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
ISP#ping 172.16.1.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms


ISP#show ip bgp
BGP table version is 3, local router ID is 192.168.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.0.0       192.168.1.2              0             0 64512 i   // SanJose2 WAS CHOSEN AS NEXT HOP DUE TO LOWER ROUTER ID 172.16.32.1 VS SanJose1 ROUTER ID 172.16.64.1 IF ALL PATH ATTRIBUTES ARE EQUAL
*                   192.168.1.6              0             0 64512 i
*> 192.168.100.0    0.0.0.0                  0         32768 i


ISP#ping 172.16.1.1 source 192.168.100.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.100.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/21/24 ms

ISP#ping 172.16.32.1 source 192.168.100.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.32.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.100.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms

ISP#ping 172.16.1.2 source 192.168.100.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:
Packet sent with a source address of 192.168.100.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms

ISP#ping 172.16.64.1 source 192.168.100.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.64.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.100.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/21/24 ms


ISP(config)#router bgp 200
ISP(config-router)#network 192.168.1.0 mask 255.255.255.252
ISP(config-router)#network 192.168.1.4 mask 255.255.255.252
ISP(config-router)#do show ip bgp
BGP table version is 5, local router ID is 192.168.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.0.0       192.168.1.2              0             0 64512 i
*                   192.168.1.6              0             0 64512 i
*> 192.168.1.0/30   0.0.0.0                  0         32768 i
*> 192.168.1.4/30   0.0.0.0                  0         32768 i
*> 192.168.100.0    0.0.0.0                  0         32768 i


SanJose1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
D       172.16.32.0/24 [90/2297856] via 172.16.1.2, 00:20:13, Serial0/0/1
S       172.16.0.0/16 is directly connected, Null0
C       172.16.1.0/24 is directly connected, Serial0/0/1
C       172.16.64.0/24 is directly connected, Loopback0
     192.168.1.0/30 is subnetted, 2 subnets
B       192.168.1.0 [20/0] via 192.168.1.5, 00:00:55  
C       192.168.1.4 is directly connected, Serial0/0/0
B    192.168.100.0/24 [20/0] via 192.168.1.5, 00:07:59


SanJose2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
C       172.16.32.0/24 is directly connected, Loopback0
S       172.16.0.0/16 is directly connected, Null0
C       172.16.1.0/24 is directly connected, Serial0/0/1
D       172.16.64.0/24 [90/2297856] via 172.16.1.1, 00:20:49, Serial0/0/1
     192.168.1.0/30 is subnetted, 2 subnets
C       192.168.1.0 is directly connected, Serial0/0/0
B       192.168.1.4 [20/0] via 192.168.1.1, 00:01:00   
B    192.168.100.0/24 [20/0] via 192.168.1.1, 00:08:35


SanJose2#show ip bgp
BGP table version is 10, local router ID is 172.16.32.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.0.0       0.0.0.0                  0         32768 i
* i                 172.16.64.1              0    100      0 i
r i192.168.1.0/30   192.168.1.5              0    100      0 200 i
r>                  192.168.1.1              0             0 200 i
* i192.168.1.4/30   192.168.1.5              0    100      0 200 i
*>                  192.168.1.1              0             0 200 i
* i192.168.100.0    192.168.1.5              0    100      0 200 i
*>                  192.168.1.1              0             0 200 i


SanJose2(config)#router bgp 64512
SanJose2(config-router)#neighbor 172.16.64.1 ?
  activate                 Enable the Address Family for this Neighbor
  advertise-map            specify route-map for conditional advertisement
  advertisement-interval   Minimum interval between sending BGP routing updates
  allowas-in               Accept as-path with my AS present in it
  capability               Advertise capability to the peer
  default-originate        Originate default route to this neighbor
  description              Neighbor specific description
  disable-connected-check  one-hop away EBGP peer using loopback address
  distribute-list          Filter updates to/from this neighbor
  dmzlink-bw               Propagate the DMZ link bandwidth
  ebgp-multihop            Allow EBGP neighbors not on directly connected
                           networks
  fall-over                session fall on peer route lost
  filter-list              Establish BGP filters
  inherit                  Inherit a template
  local-as                 Specify a local-as number
  maximum-prefix           Maximum number of prefixes accepted from this peer
  next-hop-self            Disable the next hop calculation for this neighbor
  next-hop-unchanged       Propagate next hop unchanged for iBGP paths to this
                           neighbor
  password                 Set a password
  peer-group               Member of the peer-group
  prefix-list              Filter updates to/from this neighbor
  remote-as                Specify a BGP neighbor
  remove-private-as        Remove private AS number from outbound updates
  route-map                Apply route map to neighbor
  route-reflector-client   Configure a neighbor as Route Reflector client
  send-community           Send Community attribute to this neighbor
  send-label               Send NLRI + MPLS Label to this peer
  shutdown                 Administratively shut down this neighbor
  soft-reconfiguration     Per neighbor soft reconfiguration
  timers                   BGP per neighbor timers
  translate-update         Translate Update to MBGP format
  transport                Transport options
  ttl-security             BGP ttl security check
  unsuppress-map           Route-map to selectively unsuppress suppressed
                           routes
  update-source            Source of routing updates
  version                  Set the BGP version to match a neighbor
  weight                   Set default weight for routes from this neighbor

SanJose2(config-router)#neighbor 172.16.64.1 next-hop-self   // SET THE IP ADDRESS OF THE BORDER ROUTER IN DIFFERENT ASN; NOT MODIFIED FOR IBGP PEER


SanJose1(config)#router bgp 64512
SanJose1(config-router)#neighbor 172.16.32.1 next-hop-self

SanJose1#clear ip bgp 172.16.32.1
SanJose1#
*Jan  3 08:54:54.947: %BGP-5-ADJCHANGE: neighbor 172.16.32.1 Down User reset
*Jan  3 08:54:55.311: %BGP-5-ADJCHANGE: neighbor 172.16.32.1 Up


SanJose2#show ip bgp
BGP table version is 10, local router ID is 172.16.32.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i172.16.0.0       172.16.64.1              0    100      0 i
*>                  0.0.0.0                  0         32768 i
r i192.168.1.0/30   172.16.64.1              0    100      0 200 i
r>                  192.168.1.1              0             0 200 i
* i192.168.1.4/30   172.16.64.1              0    100      0 200 i
*>                  192.168.1.1              0             0 200 i
* i192.168.100.0    172.16.64.1              0    100      0 200 i
*>                  192.168.1.1              0             0 200 i


SanJose1#show ip bgp
BGP table version is 8, local router ID is 172.16.64.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i172.16.0.0       172.16.32.1              0    100      0 i
*>                  0.0.0.0                  0         32768 i
* i192.168.1.0/30   172.16.32.1              0    100      0 200 i
*>                  192.168.1.5              0             0 200 i
r i192.168.1.4/30   172.16.32.1              0    100      0 200 i
r>                  192.168.1.5              0             0 200 i
* i192.168.100.0    172.16.32.1              0    100      0 200 i
*>                  192.168.1.5              0             0 200 i


SanJose2#show ip bgp
BGP table version is 10, local router ID is 172.16.32.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i172.16.0.0       172.16.64.1              0    100      0 i
*>                  0.0.0.0                  0         32768 i
r i192.168.1.0/30   172.16.64.1              0    100      0 200 i
r>                  192.168.1.1              0             0 200 i
* i192.168.1.4/30   172.16.64.1              0    100      0 200 i
*>                  192.168.1.1              0             0 200 i
* i192.168.100.0    172.16.64.1              0    100      0 200 i
*>                  192.168.1.1              0             0 200 i


SanJose1(config)#route-map PRIMARY_T1_IN permit 10
SanJose1(config-route-map)#set ?
  as-path           Prepend string for a BGP AS-path attribute
  automatic-tag     Automatically compute TAG value
  clns              OSI summary address
  comm-list         set BGP community list (for deletion)
  community         BGP community attribute
  dampening         Set BGP route flap dampening parameters
  default           Set default information
  extcomm-list      Set BGP/VPN extended community list (for deletion)
  extcommunity      BGP extended community attribute
  global            Set to global routing table
  interface         Output interface
  ip                IP specific information
  ipv6              IPv6 specific information
  level             Where to import route
  local-preference  BGP local preference path attribute
  metric            Metric value for destination routing protocol
  metric-type       Type of metric for destination routing protocol
  mpls-label        Set MPLS label for prefix
  nlri              BGP NLRI type
  origin            BGP origin code
  tag               Tag value for destination routing protocol
  traffic-index     BGP traffic classification number for accounting
  vrf               Define VRF name
  weight            BGP weight for routing table

SanJose1(config-route-map)#set local-preference ?
  <0-4294967295>  Preference value
  <cr>

SanJose1(config-route-map)#set local-preference 150   // ADVERTISED BETWEEN IBGP PEER FOR OUTBOUND TRAFFIC; DEFAULT VALUE IS 100
SanJose1(config-route-map)#exit
SanJose1(config)#router bgp 64512
SanJose1(config-router)#neighbor 192.168.1.5 route-map PRIMARY_T1_IN in


SanJose2(config)#route-map SECONDARY_T1_IN permit 10
SanJose2(config-route-map)#set local-preference 125
SanJose2(config-route-map)#exit
SanJose2(config)#router bgp 64512
SanJose2(config-router)#neighbor 192.168.1.1 route-map SECONDARY_T1_IN in


SanJose1#clear ip bgp * soft

SanJose2#clear ip bgp * soft


SanJose1#show ip bgp
BGP table version is 11, local router ID is 172.16.64.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i172.16.0.0       172.16.32.1              0    100      0 i
*>                  0.0.0.0                  0         32768 i
*> 192.168.1.0/30   192.168.1.5              0    150      0 200 i
r> 192.168.1.4/30   192.168.1.5              0    150      0 200 i
*> 192.168.100.0    192.168.1.5              0    150      0 200 i


SanJose2#show ip bgp
BGP table version is 16, local router ID is 172.16.32.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i172.16.0.0       172.16.64.1              0    100      0 i
*>                  0.0.0.0                  0         32768 i
r>i192.168.1.0/30   172.16.64.1              0    150      0 200 i
r                   192.168.1.1              0    125      0 200 i
*>i192.168.1.4/30   172.16.64.1              0    150      0 200 i
*                   192.168.1.1              0    125      0 200 i
*>i192.168.100.0    172.16.64.1              0    150      0 200 i
*                   192.168.1.1              0    125      0 200 i


ISP#show ip bgp
BGP table version is 5, local router ID is 192.168.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.0.0       192.168.1.2              0             0 64512 i
*                   192.168.1.6              0             0 64512 i
*> 192.168.1.0/30   0.0.0.0                  0         32768 i
*> 192.168.1.4/30   0.0.0.0                  0         32768 i
*> 192.168.100.0    0.0.0.0                  0         32768 i


SanJose2#ping
Protocol [ip]:
Target IP address: 192.168.100.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 172.16.32.1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]: record   // RECORDS PACKET'S HOP/IP ADDRESS
Number of hops [ 9 ]:
Loose, Strict, Record, Timestamp, Verbose[RV]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.32.1
Packet has IP options:  Total option bytes= 39, padded length=40
 Record route: <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)

Reply to request 0 (20 ms).  Received packet has options
 Total option bytes= 40, padded length=40
 Record route:
   (172.16.1.2)  SanJose2 S0/0/1
   (192.168.1.6)  SanJose1 S0/0/0
   (192.168.100.1) ISP LOOPBACK0
   (192.168.1.1)   ISP S0/0/0
   (172.16.32.1) <*>   SanJose2 LOOPBACK2   // RETURN TRAFFIC PREFERS SanJose2
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
 End of list

Reply to request 1 (20 ms).  Received packet has options
 Total option bytes= 40, padded length=40
 Record route:
   (172.16.1.2)
   (192.168.1.6)
   (192.168.100.1)
   (192.168.1.1)
   (172.16.32.1) <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
 End of list

Reply to request 2 (24 ms).  Received packet has options
 Total option bytes= 40, padded length=40
 Record route:
   (172.16.1.2)
   (192.168.1.6)
   (192.168.100.1)
   (192.168.1.1)
   (172.16.32.1) <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
 End of list

Reply to request 3 (20 ms).  Received packet has options
 Total option bytes= 40, padded length=40
 Record route:
   (172.16.1.2)
   (192.168.1.6)
   (192.168.100.1)
   (192.168.1.1)
   (172.16.32.1) <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
 End of list

Reply to request 4 (20 ms).  Received packet has options
 Total option bytes= 40, padded length=40
 Record route:
   (172.16.1.2)
   (192.168.1.6)
   (192.168.100.1)
   (192.168.1.1)
   (172.16.32.1) <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
 End of list

Success rate is 100 percent (5/5), round-trip min/avg/max = 20/20/24 ms


SanJose1(config)#route-map PRIMARY_T1_MED_OUT permit 10
SanJose1(config-route-map)#set ?
  as-path           Prepend string for a BGP AS-path attribute
  automatic-tag     Automatically compute TAG value
  clns              OSI summary address
  comm-list         set BGP community list (for deletion)
  community         BGP community attribute
  dampening         Set BGP route flap dampening parameters
  default           Set default information
  extcomm-list      Set BGP/VPN extended community list (for deletion)
  extcommunity      BGP extended community attribute
  global            Set to global routing table
  interface         Output interface
  ip                IP specific information
  ipv6              IPv6 specific information
  level             Where to import route
  local-preference  BGP local preference path attribute
  metric            Metric value for destination routing protocol
  metric-type       Type of metric for destination routing protocol
  mpls-label        Set MPLS label for prefix
  nlri              BGP NLRI type
  origin            BGP origin code
  tag               Tag value for destination routing protocol
  traffic-index     BGP traffic classification number for accounting
  vrf               Define VRF name
  weight            BGP weight for routing table

SanJose1(config-route-map)#set metric ?
  +/-<metric>     Add or subtract metric
  <0-4294967295>  Metric value or Bandwidth in Kbits per second

SanJose1(config-route-map)#set metric 50   // BGP MED (LOWER IS BETTER); ADVERTISED TO EBGP PEER FOR INBOUND TRAFFIC
SanJose1(config-route-map)#exit
SanJose1(config)#router bgp 64512
SanJose1(config-router)#neighbor 192.168.1.5 route-map PRIMARY_T1_MED_OUT ?
  in   Apply map to incoming routes
  out  Apply map to outbound routes

SanJose1(config-router)#neighbor 192.168.1.5 route-map PRIMARY_T1_MED_OUT out  // POLICY TO FORCE ISP ROUTER TO RETURN TRAFFIC VIA SanJose1


SanJose2(config)#route-map SECONDARY_T1_MED_OUT permit 10
SanJose2(config-route-map)#set metric 75
SanJose2(config-route-map)#exit
SanJose2(config)#router bgp 64512
SanJose2(config-router)#neighbor 192.168.1.1 route-map SECONDARY_T1_MED_OUT out


SanJose1#clear ip bgp * soft

SanJose2#clear ip bgp * soft


ISP#show ip bgp
BGP table version is 6, local router ID is 192.168.100.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*  172.16.0.0       192.168.1.2             75             0 64512 i    // SanJose2 HOP
*>                  192.168.1.6             50             0 64512 i    // SanJose1 HOP
*> 192.168.1.0/30   0.0.0.0                  0         32768 i
*> 192.168.1.4/30   0.0.0.0                  0         32768 i
*> 192.168.100.0    0.0.0.0                  0         32768 i


SanJose1#show ip bgp   // MED REFLECTED ON ISP/UPSTREAM ROUTER
BGP table version is 11, local router ID is 172.16.64.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
* i172.16.0.0       172.16.32.1              0    100      0 i
*>                  0.0.0.0                  0         32768 i
*> 192.168.1.0/30   192.168.1.5              0    150      0 200 i
r> 192.168.1.4/30   192.168.1.5              0    150      0 200 i
*> 192.168.100.0    192.168.1.5              0    150      0 200 i


SanJose2#ping
Protocol [ip]:
Target IP address: 192.168.100.1
Repeat count [5]:
Datagram size [100]:
Timeout in seconds [2]:
Extended commands [n]: y
Source address or interface: 172.16.32.1
Type of service [0]:
Set DF bit in IP header? [no]:
Validate reply data? [no]:
Data pattern [0xABCD]:
Loose, Strict, Record, Timestamp, Verbose[none]: record
Number of hops [ 9 ]:
Loose, Strict, Record, Timestamp, Verbose[RV]:
Sweep range of sizes [n]:
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.32.1
Packet has IP options:  Total option bytes= 39, padded length=40
 Record route: <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)

Reply to request 0 (48 ms).  Received packet has options
 Total option bytes= 40, padded length=40
 Record route:
   (172.16.1.2)
   (192.168.1.6)
   (192.168.100.1)     ISP LOOPBACK0 IP ADDRESS
   (192.168.1.5)       ISP S0/0/0
   (172.16.1.1)        SanJose1 S0/0/1    // ISP NOW PREFERS SanJose1 FOR RETURN TRAFFIC
   (172.16.32.1) <*>   SanJose2 LOOPBACK0 IP ADDRESS 
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
 End of list

Reply to request 1 (28 ms).  Received packet has options
 Total option bytes= 40, padded length=40
 Record route:
   (172.16.1.2)
   (192.168.1.6)
   (192.168.100.1)
   (192.168.1.5)
   (172.16.1.1)
   (172.16.32.1) <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
 End of list

Reply to request 2 (32 ms).  Received packet has options
 Total option bytes= 40, padded length=40
 Record route:
   (172.16.1.2)
   (192.168.1.6)
   (192.168.100.1)
   (192.168.1.5)
   (172.16.1.1)
   (172.16.32.1) <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
 End of list

Reply to request 3 (28 ms).  Received packet has options
 Total option bytes= 40, padded length=40
 Record route:
   (172.16.1.2)
   (192.168.1.6)
   (192.168.100.1)
   (192.168.1.5)
   (172.16.1.1)
   (172.16.32.1) <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
 End of list

Reply to request 4 (32 ms).  Received packet has options
 Total option bytes= 40, padded length=40
 Record route:
   (172.16.1.2)
   (192.168.1.6)
   (192.168.100.1)
   (192.168.1.5)
   (172.16.1.1)
   (172.16.32.1) <*>
   (0.0.0.0)
   (0.0.0.0)
   (0.0.0.0)
 End of list

Success rate is 100 percent (5/5), round-trip min/avg/max = 28/33/48 ms


SanJose1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set  

     172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
D       172.16.32.0/24 [90/2297856] via 172.16.1.2, 00:58:53, Serial0/0/1
S       172.16.0.0/16 is directly connected, Null0
C       172.16.1.0/24 is directly connected, Serial0/0/1
C       172.16.64.0/24 is directly connected, Loopback0
     192.168.1.0/30 is subnetted, 2 subnets
B       192.168.1.0 [20/0] via 192.168.1.5, 00:39:35
C       192.168.1.4 is directly connected, Serial0/0/0
B    192.168.100.0/24 [20/0] via 192.168.1.5, 00:46:39


SanJose1(config)#ip default-network 192.168.100.0
SanJose1(config)#end
SanJose1#show ip route
*Jan  3 09:29:16.403: %SYS-5-CONFIG_I: Configured from console by console
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.1.5 to network 192.168.100.0  

     172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks
D       172.16.32.0/24 [90/2297856] via 172.16.1.2, 00:59:23, Serial0/0/1
S       172.16.0.0/16 is directly connected, Null0
C       172.16.1.0/24 is directly connected, Serial0/0/1
C       172.16.64.0/24 is directly connected, Loopback0
     192.168.1.0/30 is subnetted, 2 subnets
B       192.168.1.0 [20/0] via 192.168.1.5, 00:40:04
C       192.168.1.4 is directly connected, Serial0/0/0
B*   192.168.100.0/24 [20/0] via 192.168.1.5, 00:47:09   


ISP#tclsh
ISP(tcl)#foreach address {
+>192.168.100.1
+>172.16.64.1
+>172.16.32.1
+>192.168.1.1
+>192.168.1.2
+>192.168.1.5
+>192.168.1.6
+>172.16.1.1
+>172.16.1.2
+>} {
+>ping $address }

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.64.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/13/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.32.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms

Sunday, February 15, 2015

Configuring BGP with Default Routing

I recently configured a multihomed BGP site at work and I had fun doing BGP configuration and troubleshooting with Telstra. It was quite a challenging setup since we're doing BGP over IPsec VPN.

The BGP labs in CCNP ROUTE helped me understand and made me confident in dealing with this massive external gateway protocol. This was the initial BGP lab I did for ROUTE and played around with its attributes on succeeding labs.


ISP1(config)#interface loopback0
ISP1(config-if)#
*Jan  2 23:55:28.143: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
ISP1(config-if)#description ISP1 Internet Network
ISP1(config-if)#ip address 10.1.1.1 255.255.255.0
ISP1(config-if)#interface s0/0/0
ISP1(config-if)#description ISP1 --> Int'l Travel Agency
ISP1(config-if)#ip address 10.0.0.1 255.255.255.252
ISP1(config-if)#clock rate 128000
ISP1(config-if)#no shutdown
ISP1(config-if)#
*Jan  2 23:56:39.903: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to down


ITA(config)#interface loopback0
ITA(config-if)#
*Jan  2 22:39:17.939: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
ITA(config-if)#description Core Router network Link 1
ITA(config-if)#ip address 192.168.0.1 255.255.255.0
ITA(config-if)#interface loopback1
ITA(config-if)#
*Jan  2 22:39:53.035: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1, changed state to up
ITA(config-if)#description Core router network Link 2
ITA(config-if)#ip address 192.168.1.1 255.255.255.0
ITA(config-if)#interface s0/0/0
ITA(config-if)#description Int'l Travel Agency --> ISP1
ITA(config-if)#ip address 10.0.0.2 255.255.255.252
ITA(config-if)#no shutdown
ITA(config-if)#
*Jan  2 22:40:49.115: %LINK-3-UPDOWN: Interface Serial0/0/0, changed state to up
*Jan  2 22:40:50.115: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
ITA(config-if)#do ping 10.0.0.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
ITA(config-if)#interface s0/0/1
ITA(config-if)#description Int'l Travel Agency --> ISP2
ITA(config-if)#ip address 172.16.0.2 255.255.255.252
ITA(config-if)#clock rate 128000
ITA(config-if)#no shutdown
ITA(config-if)#
*Jan  2 22:41:30.147: %LINK-3-UPDOWN: Interface Serial0/0/1, changed state to up
*Jan  2 22:41:31.147: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/1, changed state to up


ISP2(config)#interface loopback0
ISP2(config-if)#
*Jan  2 23:19:32.215: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up
ISP2(config-if)#description ISP2 Internet Network
ISP2(config-if)#ip address 172.16.1.1 255.255.255.0
ISP2(config-if)#interface s0/0/1
ISP2(config-if)#description ISP2 --> Int'l Travel Agency
ISP2(config-if)#ip address 172.16.0.1 255.255.255.252
ISP2(config-if)#no shutdown
ISP2(config-if)#do ping 172.16.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms


ISP1(config)#router bgp 200
ISP1(config-router)#?
Router configuration commands:
  address-family       Enter Address Family command mode
  aggregate-address    Configure BGP aggregate entries
  auto-summary         Enable automatic network number summarization
  bgp                  BGP specific commands
  default              Set a command to its defaults
  default-information  Control distribution of default information
  default-metric       Set metric of redistributed routes
  distance             Define an administrative distance
  distribute-list      Filter networks in routing updates
  exit                 Exit from routing protocol configuration mode
  help                 Description of the interactive help system
  maximum-paths        Forward packets over multiple paths
  neighbor             Specify a neighbor router
  network              Specify a network to announce via BGP
  no                   Negate a command or set its defaults
  redistribute         Redistribute information from another routing protocol
  synchronization      Perform IGP synchronization
  table-map            Map external entry attributes into routing table
  template             Enter template command mode
  timers               Adjust routing timers

ISP1(config-router)#neighbor ?
  A.B.C.D     Neighbor address
  WORD        Neighbor tag
  X:X:X:X::X  Neighbor IPv6 address

ISP1(config-router)#neighbor 10.0.0.2 ?
  activate                 Enable the Address Family for this Neighbor
  advertise-map            specify route-map for conditional advertisement
  advertisement-interval   Minimum interval between sending BGP routing updates
  allowas-in               Accept as-path with my AS present in it
  capability               Advertise capability to the peer
  default-originate        Originate default route to this neighbor
  description              Neighbor specific description
  disable-connected-check  one-hop away EBGP peer using loopback address
  distribute-list          Filter updates to/from this neighbor
  dmzlink-bw               Propagate the DMZ link bandwidth
  ebgp-multihop            Allow EBGP neighbors not on directly connected
                           networks
  fall-over                session fall on peer route lost
  filter-list              Establish BGP filters
  inherit                  Inherit a template
  local-as                 Specify a local-as number
  maximum-prefix           Maximum number of prefixes accepted from this peer
  next-hop-self            Disable the next hop calculation for this neighbor
  next-hop-unchanged       Propagate next hop unchanged for iBGP paths to this
                           neighbor
  password                 Set a password
  peer-group               Member of the peer-group
  prefix-list              Filter updates to/from this neighbor
  remote-as                Specify a BGP neighbor
  remove-private-as        Remove private AS number from outbound updates
  route-map                Apply route map to neighbor
  route-reflector-client   Configure a neighbor as Route Reflector client
  send-community           Send Community attribute to this neighbor
  send-label               Send NLRI + MPLS Label to this peer
  shutdown                 Administratively shut down this neighbor
  soft-reconfiguration     Per neighbor soft reconfiguration
  timers                   BGP per neighbor timers
  translate-update         Translate Update to MBGP format
  transport                Transport options
  ttl-security             BGP ttl security check
  unsuppress-map           Route-map to selectively unsuppress suppressed
                           routes
  update-source            Source of routing updates
  version                  Set the BGP version to match a neighbor
  weight                   Set default weight for routes from this neighbor

ISP1(config-router)#neighbor 10.0.0.2 remote-as ?
  <1-65535>    AS of remote neighbor
  <1.0-XX.YY>  4 octets AS of remote neighbor

ISP1(config-router)#neighbor 10.0.0.2 remote-as 100
ISP1(config-router)#network ?
  A.B.C.D  Network number

ISP1(config-router)#network 10.1.1.0 ?
  backdoor   Specify a BGP backdoor route
  mask       Network mask
  nlri       Specify nlri type for network
  route-map  Route-map to modify the attributes
  <cr>

ISP1(config-router)#network 10.1.1.0 mask ?
  A.B.C.D  Network mask

ISP1(config-router)#network 10.1.1.0 mask 255.255.255.0


ISP2(config)#router bgp 300
ISP2(config-router)#neighbor 172.16.0.2 remote-as 100
ISP2(config-router)#network 172.16.1.0 mask 255.255.255.0


ITA(config)#router bgp 100
ITA(config-router)#neighbor 10.0.0.1 remote-as 200
ITA(config-router)#
*Jan  2 22:46:42.867: %BGP-5-ADJCHANGE: neighbor 10.0.0.1 Up  
ITA(config-router)#neighbor 172.16.0.1 remote-as 300
ITA(config-router)#
*Jan  2 22:46:59.227: %BGP-5-ADJCHANGE: neighbor 172.16.0.1 Up  
ITA(config-router)#network 192.168.0.0
ITA(config-router)#network 182.168.1.0


ITA#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:00:04   // TOOK FEW SECONDS TO SHOW IN ROUTING TABLE
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:00:04  
C       10.0.0.0/30 is directly connected, Serial0/0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1


ITA#tclsh
ITA(tcl)#foreach address {
+>10.0.0.1
+>10.0.0.2
+>10.1.1.1
+>172.16.0.1
+>172.16.0.2
+>172.16.1.1
+>192.168.0.1
+>192.168.1.1
+>} {
+>ping $address }

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/13/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms


ITA#show ip bgp
BGP table version is 4, local router ID is 192.168.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.1.1.0/24      10.0.0.1                 0             0 200 i    //  * INDICATES VALID ROUTE; > INDICATES BEST ROUTE  
*> 172.16.1.0/24    172.16.0.1               0             0 300 i
*> 192.168.0.0      0.0.0.0                  0         32768 i


ISP1#show ip bgp
BGP table version is 4, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 10.1.1.0/24      0.0.0.0                  0         32768 i
*> 172.16.1.0/24    10.0.0.2                               0 100 300 i
*> 192.168.0.0      10.0.0.2                 0             0 100 i


ISP1(config)#interface loopback0
ISP1(config-if)#shutdown
ISP1(config-if)#
*Jan  3 00:11:18.987: %LINK-5-CHANGED: Interface Loopback0, changed state to administratively down
*Jan  3 00:11:19.987: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to down


ITA#show ip bgp
BGP table version is 5, local router ID is 192.168.1.1    // BGP TABLE VERSION INCREMENTED BY 1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 172.16.1.0/24    172.16.0.1               0             0 300 i
*> 192.168.0.0      0.0.0.0                  0         32768 i


ISP1(config-if)#no shutdown
ISP1(config-if)#
*Jan  3 00:13:42.099: %LINK-3-UPDOWN: Interface Loopback0, changed state to up
*Jan  3 00:13:43.099: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up


ITA#show ip bgp neighbors
BGP neighbor is 10.0.0.1,  remote AS 200, external link
  BGP version 4, remote router ID 10.1.1.1
  BGP state = Established, up for 00:09:24
  Last read 00:00:24, last write 00:00:24, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
    Route refresh: advertised and received(new)
    New ASN Capability: advertised and received
    Address family IPv4 Unicast: advertised and received
  Message statistics:
    InQ depth is 0
    OutQ depth is 0

                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                5          3
    Keepalives:             9          9
    Route Refresh:          0          0
    Total:                 15         13
  Default minimum time between advertisement runs is 30 seconds

 For address family: IPv4 Unicast
  BGP table version 6, neighbor version 6/0
  Output queue size : 0
  Index 1, Offset 0, Mask 0x2
  1 update-group member
                                 Sent       Rcvd
  Prefix activity:               ----       ----
    Prefixes Current:               3          1 (Consumes 52 bytes)
    Prefixes Total:                 4          2
    Implicit Withdraw:              0          0
    Explicit Withdraw:              1          1
    Used as bestpath:             n/a          1
    Used as multipath:            n/a          0

                                   Outbound    Inbound
  Local Policy Denied Prefixes:    --------    -------
    Total:                                0          0
  Number of NLRIs in the update sent: max 1, min 0

  Address tracking is enabled, the RIB does have a route to 10.0.0.1
  Connections established 1; dropped 0
  Last reset never
  Transport(tcp) path-mtu-discovery is enabled
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
Local host: 10.0.0.2, Local port: 179
Foreign host: 10.0.0.1, Foreign port: 48476
Connection tableid (VRF): 0

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0x199E0C):
Timer          Starts    Wakeups            Next
Retrans            14          0             0x0
TimeWait            0          0             0x0
AckHold            13         10             0x0
SendWnd             0          0             0x0
KeepAlive           0          0             0x0
GiveUp              0          0             0x0
PmtuAger            0          0             0x0
DeadWait            0          0             0x0
Linger              0          0             0x0
ProcessQ            0          0             0x0

iss:  975151708  snduna:  975152167  sndnxt:  975152167     sndwnd:  15926
irs: 2048523709  rcvnxt: 2048524069  rcvwnd:      16025  delrcvwnd:    359

SRTT: 254 ms, RTTO: 619 ms, RTV: 365 ms, KRTT: 0 ms
minRTT: 8 ms, maxRTT: 300 ms, ACK hold: 200 ms
Status Flags: passive open, gen tcbs
Option Flags: nagle, path mtu capable
IP Precedence value : 6

Datagrams (max data segment is 1460 bytes):
Rcvd: 24 (out of order: 0), with data: 13, total data bytes: 359
Sent: 24 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 13, total data bytes: 458
 Packets received in fast path: 0, fast processed: 0, slow path: 0
 fast lock acquisition failures: 0, slow path: 0

BGP neighbor is 172.16.0.1,  remote AS 300, external link 
  BGP version 4, remote router ID 172.16.1.1
  BGP state = Established, up for 00:09:14   
  Last read 00:00:21, last write 00:00:31, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
    Route refresh: advertised and received(new)
    New ASN Capability: advertised and received
    Address family IPv4 Unicast: advertised and received
  Message statistics:
    InQ depth is 0
    OutQ depth is 0

                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                5          1
    Keepalives:             9         10
    Route Refresh:          0          0
    Total:                 15         12
  Default minimum time between advertisement runs is 30 seconds

 For address family: IPv4 Unicast
  BGP table version 6, neighbor version 6/0
  Output queue size : 0
  Index 1, Offset 0, Mask 0x2
  1 update-group member
                                 Sent       Rcvd
  Prefix activity:               ----       ----
    Prefixes Current:               3          1 (Consumes 52 bytes)
    Prefixes Total:                 4          1
    Implicit Withdraw:              0          0
    Explicit Withdraw:              1          0
    Used as bestpath:             n/a          1
    Used as multipath:            n/a          0

                                   Outbound    Inbound
  Local Policy Denied Prefixes:    --------    -------
    Total:                                0          0
  Number of NLRIs in the update sent: max 1, min 0

  Address tracking is enabled, the RIB does have a route to 172.16.0.1
  Connections established 1; dropped 0
  Last reset never
  Transport(tcp) path-mtu-discovery is enabled
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
Local host: 172.16.0.2, Local port: 32730
Foreign host: 172.16.0.1, Foreign port: 179
Connection tableid (VRF): 0

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0x19B6D4):
Timer          Starts    Wakeups            Next
Retrans            14          0             0x0
TimeWait            0          0             0x0
AckHold            11         10             0x0
SendWnd             0          0             0x0
KeepAlive           0          0             0x0
GiveUp              0          0             0x0
PmtuAger            1          0        0x1A5C68
DeadWait            0          0             0x0
Linger              0          0             0x0
ProcessQ            0          0             0x0

iss: 3823006640  snduna: 3823007099  sndnxt: 3823007099     sndwnd:  15926
irs:  124273748  rcvnxt:  124274046  rcvwnd:      16087  delrcvwnd:    297

SRTT: 254 ms, RTTO: 619 ms, RTV: 365 ms, KRTT: 0 ms
minRTT: 8 ms, maxRTT: 300 ms, ACK hold: 200 ms
Status Flags: active open
Option Flags: nagle, path mtu capable
IP Precedence value : 6

Datagrams (max data segment is 1460 bytes):
Rcvd: 25 (out of order: 0), with data: 12, total data bytes: 297
Sent: 25 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 13, total data bytes: 458
 Packets received in fast path: 0, fast processed: 0, slow path: 0
 fast lock acquisition failures: 0, slow path: 0



ISP2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
C       172.16.1.0/24 is directly connected, Loopback0
     10.0.0.0/24 is subnetted, 1 subnets
B       10.1.1.0 [20/0] via 172.16.0.2, 00:02:38   // ITA ADVERTISES ISP1 NETWORK, ISP2 MIGHT MIGHT ROUTE TRANSIT TO ITA
B    192.168.0.0/24 [20/0] via 172.16.0.2, 00:10:31


ITA(config)#access-list 1 permit 192.168.0.0 0.0.1.255
ITA(config)#router bgp 100
ITA(config-router)#neighbor 10.0.0.1 ?
  activate                 Enable the Address Family for this Neighbor
  advertise-map            specify route-map for conditional advertisement
  advertisement-interval   Minimum interval between sending BGP routing updates
  allowas-in               Accept as-path with my AS present in it
  capability               Advertise capability to the peer
  default-originate        Originate default route to this neighbor
  description              Neighbor specific description
  disable-connected-check  one-hop away EBGP peer using loopback address
  distribute-list          Filter updates to/from this neighbor
  dmzlink-bw               Propagate the DMZ link bandwidth
  ebgp-multihop            Allow EBGP neighbors not on directly connected
                           networks
  fall-over                session fall on peer route lost
  filter-list              Establish BGP filters
  inherit                  Inherit a template
  local-as                 Specify a local-as number
  maximum-prefix           Maximum number of prefixes accepted from this peer
  next-hop-self            Disable the next hop calculation for this neighbor
  next-hop-unchanged       Propagate next hop unchanged for iBGP paths to this
                           neighbor
  password                 Set a password
  peer-group               Member of the peer-group
  prefix-list              Filter updates to/from this neighbor
  remote-as                Specify a BGP neighbor
  remove-private-as        Remove private AS number from outbound updates
  route-map                Apply route map to neighbor
  route-reflector-client   Configure a neighbor as Route Reflector client
  send-community           Send Community attribute to this neighbor
  send-label               Send NLRI + MPLS Label to this peer
  shutdown                 Administratively shut down this neighbor
  soft-reconfiguration     Per neighbor soft reconfiguration
  timers                   BGP per neighbor timers
  translate-update         Translate Update to MBGP format
  transport                Transport options
  ttl-security             BGP ttl security check
  unsuppress-map           Route-map to selectively unsuppress suppressed
                           routes
  update-source            Source of routing updates
  version                  Set the BGP version to match a neighbor
  weight                   Set default weight for routes from this neighbor

ITA(config-router)#neighbor 10.0.0.1 distribute-list ?
  <1-199>      IP access list number
  <1300-2699>  IP access list number (expanded range)
  WORD         IP Access-list name

ITA(config-router)#neighbor 10.0.0.1 distribute-list 1 ?
  in   Filter incoming updates
  out  Filter outgoing updates

ITA(config-router)#neighbor 10.0.0.1 distribute-list 1 out    // ROUTE FILTER TO ADVERTISE ITA NETWORKS ONLY
ITA(config-router)#neighbor 172.16.0.1 distribute-list 1 out  


ISP2#show ip route   // NETWORK TO 10.1.1.0 WAS GONE AND NO NEED TO ISSUE clear ip bgp COMMAND; CURRENT IOS SUPPORTS ROUTE REFRESH CAPABILITY THAT REPLACES INBOUND SOFT RECONFIGURATION FEATURE
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
C       172.16.1.0/24 is directly connected, Loopback0
B    192.168.0.0/24 [20/0] via 172.16.0.2, 00:15:29


ISP1#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C       10.1.1.0/24 is directly connected, Loopback0
C       10.0.0.0/30 is directly connected, Serial0/0/0
B    192.168.0.0/24 [20/0] via 10.0.0.2, 00:17:32


ITA#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set  

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:18:52
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:10:59
C       10.0.0.0/30 is directly connected, Serial0/0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1


ITA(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.1 210
ITA(config)#ip route 0.0.0.0 0.0.0.0 172.16.0.1 220
ITA(config)#do show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.0.1 to network 0.0.0.0  

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:19:57
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:12:04
C       10.0.0.0/30 is directly connected, Serial0/0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
S*   0.0.0.0/0 [210/0] via 10.0.0.1   


ISP1(config)#interface loopback 100 
ISP1(config-if)#
*Jan  3 00:26:18.527: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback100, changed state to up
ISP1(config-if)#ip address 192.168.100.1 255.255.255.0     // UNADVERTISED NETWORK


ITA#show ip route    // 192.168.100.0/24  DOESN'T SHOW ON THE ROUTING TABLE
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.0.1 to network 0.0.0.0

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:21:31
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:13:37
C       10.0.0.0/30 is directly connected, Serial0/0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
S*   0.0.0.0/0 [210/0] via 10.0.0.1

ITA#ping 192.168.100.1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms

ITA#traceroute 192.168.100.1

Type escape sequence to abort.
Tracing the route to 192.168.100.1

  1 10.0.0.1 4 msec *  4 msec    // HOPS VIA ISP1


ITA(config)#no ip route 0.0.0.0 0.0.0.0 10.0.0.1 210
ITA(config)#no ip route 0.0.0.0 0.0.0.0 172.16.0.1 220


ISP1(config)#router bgp 200
ISP1(config-router)#network 192.168.100.0   // ADVERTISE NEW NETWORK VIA BGP


ITA#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set  

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:06:20
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:06:20
C       10.0.0.0/30 is directly connected, Serial0/0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
B    192.168.100.0/24 [20/0] via 10.0.0.1, 00:03:21  


ITA(config)#ip default-network 192.168.100.0
ITA(config)#do show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.0.1 to network 192.168.100.0   // USED ONLY WITH CLASSFUL NETWORKS

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:07:06
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:07:06
C       10.0.0.0/30 is directly connected, Serial0/0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
B*   192.168.100.0/24 [20/0] via 10.0.0.1, 00:04:07


ITA(config)#ip route 0.0.0.0 0.0.0.0 172.16.0.1 220    // ISP2 AS BACKUP ROUTE
ITA(config)#do show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.0.1 to network 192.168.100.0

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:08:50
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:08:50
C       10.0.0.0/30 is directly connected, Serial0/0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
B*   192.168.100.0/24 [20/0] via 10.0.0.1, 00:05:51    // NEED TO ISSUE clear ip bgp
S*   0.0.0.0/0 [220/0] via 172.16.0.1   

ITA#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 172.16.0.1 to network 0.0.0.0  

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:10:47
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:00:04
C       10.0.0.0/30 is directly connected, Serial0/0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
B    192.168.100.0/24 [20/0] via 10.0.0.1, 00:00:04
S*   0.0.0.0/0 [220/0] via 172.16.0.1  

ITA#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.0.1 to network 192.168.100.0   

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:12:07
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:01:24
C       10.0.0.0/30 is directly connected, Serial0/0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
B*   192.168.100.0/24 [20/0] via 10.0.0.1, 00:01:24   // PREFERRED ROUTE SINCE EBGP ADMIN DISTANCE IS 20
S*   0.0.0.0/0 [220/0] via 172.16.0.1    //  STILL SHOWS UP IN ROUTING TABLE; WILL ACT AS THE DEFAULT BACKUP ROUTE ONLY IF THE 192.168.100.0/24 NETWORK IS UNAVAILABLE DUE TO FAULT OR MISCONFIG OR WHILE BGP RESYNC WITH ISP1


ITA#tclsh
ITA(tcl)#foreach address {
+>10.0.0.1
+>10.0.0.2
+>10.1.1.1
+>172.16.0.1
+>172.16.0.2
+>172.16.1.1
+>192.168.0.1
+>192.168.1.1
+>192.168.100.1
+>} {
+>ping $address }

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/13/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/28 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/15/16 ms


ITA(config)#ip default-network 192.168.100.0

ITA#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 172.16.0.1 to network 0.0.0.0

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:20:51
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:00:49
C       10.0.0.0/30 is directly connected, Serial0/0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
B    192.168.100.0/24 [20/0] via 10.0.0.1, 00:00:49
S*   0.0.0.0/0 [220/0] via 172.16.0.1


ISP1(config)#router bgp 200
ISP1(config-router)#neighbor 10.0.0.2 default-originate    // ALTERNATE OPTION INJECTING DEFAULT ROUTE IN BGP

ISP1#clear ip bgp 10.0.0.2
ISP1#
*Jan  3 00:57:18.111: %BGP-5-ADJCHANGE: neighbor 10.0.0.2 Down User reset
*Jan  3 00:57:22.743: %BGP-5-ADJCHANGE: neighbor 10.0.0.2 Up


ITA#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 10.0.0.1 to network 0.0.0.0  

     172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C       172.16.0.0/30 is directly connected, Serial0/0/1
B       172.16.1.0/24 [20/0] via 172.16.0.1, 00:22:17
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [20/0] via 10.0.0.1, 00:00:15
C       10.0.0.0/30 is directly connected, Serial0/0/0
C    192.168.0.0/24 is directly connected, Loopback0
C    192.168.1.0/24 is directly connected, Loopback1
B    192.168.100.0/24 [20/0] via 10.0.0.1, 00:00:15
B*   0.0.0.0/0 [20/0] via 10.0.0.1, 00:00:15