BGP uses path attributes for several purposes. PAs define information about a path, or route, through a network. Some BGP PAs describe information that can be useful in choosing the best BGP route, using the best-path algorithm. BGP also uses some PAs for purposes other than choosing the best path.
By default, if no BGP PAs have been explicitly set, BGP routers use the BGP AS_PATH (autonomous system path) PA when choosing the best route among many competing routes.
The integer BGP ASN uniquely identifies one organization that considers itself autonomous from other organizations. Each company whose enterprise network connects to the Internet can be considered to be an autonomous system and can be assigned a BGP ASN. (IANA/ICANN also assigns globally unique ASNs.) Additionally, each ISP has an ASN, or possibly several, depending on the size of the ISP.
When a router uses BGP to advertise a route, the prefix/length is associated with a set of PAs, including the AS_PATH. The AS_PATH PA associated with a prefix/length lists the ASNs that would be part of an end-to-end route for that prefix as learned using BGP. In a way, the AS_PATH implies information like this: “If you use this path (route), the path will go through this list of ASNs.”
BGP uses the AS_PATH to perform two key functions:
* Choose the best route for a prefix based on the shortest AS_PATH (fewest number of ASNs listed).
* Prevent routing loops.
R1#ping 10.3.3.1 source 10.1.1.1 // R1 CAN STILL REACH 10.3.3.3
By default, if no BGP PAs have been explicitly set, BGP routers use the BGP AS_PATH (autonomous system path) PA when choosing the best route among many competing routes.
The integer BGP ASN uniquely identifies one organization that considers itself autonomous from other organizations. Each company whose enterprise network connects to the Internet can be considered to be an autonomous system and can be assigned a BGP ASN. (IANA/ICANN also assigns globally unique ASNs.) Additionally, each ISP has an ASN, or possibly several, depending on the size of the ISP.
When a router uses BGP to advertise a route, the prefix/length is associated with a set of PAs, including the AS_PATH. The AS_PATH PA associated with a prefix/length lists the ASNs that would be part of an end-to-end route for that prefix as learned using BGP. In a way, the AS_PATH implies information like this: “If you use this path (route), the path will go through this list of ASNs.”
BGP uses the AS_PATH to perform two key functions:
* Choose the best route for a prefix based on the shortest AS_PATH (fewest number of ASNs listed).
* Prevent routing loops.
R1#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R1(config)#interface
loop 0
R1(config-if)#
*Jul 15
21:19:21.480: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0,
changed state to up
R1(config-if)#ip
address 10.1.1.1 255.255.255.0
R1(config-if)#
R1(config-if)#interface
serial 2/0
R1(config-if)#ip
address 192.168.1.5 255.255.255.252
R1(config-if)#no
shut
R1(config-if)#
*Jul 15
21:19:53.632: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
R1(config-if)#
*Jul 15
21:19:54.640: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to up
R1(config-if)#end
R1#
R2#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R2(config)#interface
loop 0
R2(config-if)#
*Jul 15
21:20:21.496: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0,
changed state to up
R2(config-if)#ip
address 10.2.2.1 255.255.255.0
R2(config-if)#
R2(config-if)#interface
serial 2/0
R2(config-if)#ip
address 192.168.1.6 255.255.255.252
R2(config-if)#no
shut
R2(config-if)#
*Jul 15
21:20:54.584: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
R2(config-if)#
*Jul 15
21:20:55.592: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to up
R2(config-if)#do
ping 192.168.1.5
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 192.168.1.5, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 20/27/56 ms
R2(config-if)#
R2(config-if)#interface
serial 2/1
R2(config-if)#ip
address 172.24.1.17 255.255.255.252
R2(config-if)#no
shut
R2(config-if)#
*Jul 15
21:21:27.196: %LINK-3-UPDOWN: Interface Serial2/1, changed state to up
R2(config-if)#
*Jul 15
21:21:28.204: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/1,
changed state to up
R2(config-if)#end
R2#
R3#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R3(config)#interface
loop 0
R3(config-if)#
*Jul 15
21:22:01.020: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0,
changed state to up
R3(config-if)#
R3(config-if)#ip
address 10.3.3.1 255.255.255.0
R3(config-if)#
R3(config-if)#interface
serial 2/1
R3(config-if)#ip
address 172.24.1.18 255.255.255.252
R3(config-if)#no
shut
R3(config-if)#
*Jul 15
21:23:37.440: %LINK-3-UPDOWN: Interface Serial2/1, changed state to up
R3(config-if)#
*Jul 15
21:23:38.448: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/1,
changed state to up
R3(config-if)#do
ping 172.24.1.17
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 172.24.1.17, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 20/27/36 ms
R3(config-if)#end
R3#
R1#conf t // CONFIGURE BGP
Enter
configuration commands, one per line.
End with CNTL/Z.
R1(config)#router
bgp 100
R1(config-router)#neighbor
192.168.1.6 remote-as 300
R1(config-router)#network
10.1.1.0 mask 255.255.255.0
R1(config-router)#end
R1#
*Jul 15 21:41:36.960:
%BGP-5-ADJCHANGE: neighbor 192.168.1.6 Up
R2#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R2(config)#router
bgp 300
R2(config-router)#neighbor
192.168.1.5 remote-as 100
R2(config-router)#
*Jul 15 21:41:37.600:
%BGP-5-ADJCHANGE: neighbor 192.168.1.5 Up
R2(config-router)#
R2(config-router)#neighbor
172.24.1.18 remote-as 65000
R2(config-router)#network
10.2.2.0 mask 255.255.255.0
R2(config-router)#end
R2#
*Jul 15
21:43:26.312: %BGP-5-ADJCHANGE: neighbor 172.24.1.18 Up
R3#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R3(config)#router
bgp 65000
R3(config-router)#neighbor
172.24.1.17 remote-as 300
R3(config-router)#
*Jul 15 21:43:15.372:
%BGP-5-ADJCHANGE: neighbor 172.24.1.17 Up
R3(config-router)#
R3(config-router)#network
10.3.3.0 mask 255.255.255.0
R3(config-router)#end
R3#
R1#show ip bgp neighbors // VERIFY ESTABLISHED EBGP NEIGHBORS
BGP neighbor is
192.168.1.6, remote AS 300, external
link
BGP version 4, remote router ID 10.2.2.1
BGP state = Established, up for 00:04:16
Last read 00:00:38, last write 00:00:51, hold
time is 180, keepalive interval is 60 seconds
Neighbor sessions:
1 active, is not multisession capable
(disabled)
Neighbor capabilities:
Route refresh: advertised and received(new)
Four-octets ASN Capability: advertised and
received
Address family IPv4 Unicast: advertised and
received
Enhanced Refresh Capability: advertised and
received
Multisession Capability:
Stateful switchover support enabled: NO for
session 1
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 2 3
Keepalives: 6 5
Route Refresh: 0 0
Total: 9 9
Default minimum time between advertisement
runs is 30 seconds
For address family: IPv4 Unicast
Session: 192.168.1.6
BGP table version 4, neighbor version 4/0
Output queue size : 0
Index 1, Advertise bit 0
1 update-group member
Slow-peer detection is disabled
Slow-peer split-update-group dynamic is
disabled
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 1 2 (Consumes 128 bytes)
Prefixes Total: 1 2
Implicit Withdraw: 0 0
Explicit Withdraw: 0 0
Used as bestpath: n/a 2
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: --------
-------
Bestpath from this peer: 2 n/a
Total: 2 0
Number of NLRIs in the update sent: max 1,
min 0
Last detected as dynamic slow peer: never
Dynamic slow peer recovered: never
Refresh Epoch: 1
Last Sent Refresh Start-of-rib: never
Last Sent Refresh End-of-rib: never
Last Received Refresh Start-of-rib: never
Last Received Refresh End-of-rib: never
Sent Rcvd
Refresh activity: ---- ----
Refresh Start-of-RIB 0 0
Refresh End-of-RIB 0 0
Address tracking is enabled, the RIB does
have a route to 192.168.1.6
Connections established 1; dropped 0
Last reset never
Transport(tcp) path-mtu-discovery is enabled
Graceful-Restart is disabled
Connection
state is ESTAB, I/O status: 1, unread input bytes: 0
Connection
is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
Local
host: 192.168.1.5, Local port: 33345
Foreign
host: 192.168.1.6, Foreign port: 179
Connection
tableid (VRF): 0
Maximum
output segment queue size: 50
Enqueued
packets for retransmit: 0, input: 0
mis-ordered: 0 (0 bytes)
Event
Timers (current time is 0x2C5C2E0):
Timer Starts Wakeups Next
Retrans 8 0 0x0
TimeWait 0 0 0x0
AckHold 8 5 0x0
SendWnd 0 0 0x0
KeepAlive 0 0 0x0
GiveUp 0 0 0x0
PmtuAger 1 0 0x2CAFF14
DeadWait 0 0 0x0
Linger 0 0 0x0
ProcessQ 0 0 0x0
iss:
2293136873 snduna: 2293137122 sndnxt: 2293137122
irs: 966563251
rcvnxt: 966563532
sndwnd: 16136
scale: 0 maxrcvwnd:
16384
rcvwnd: 16104
scale: 0 delrcvwnd:
280
SRTT: 656
ms, RTTO: 2806 ms, RTV: 2150 ms, KRTT: 0 ms
minRTT:
12 ms, maxRTT: 1000 ms, ACK hold: 200 ms
Status
Flags: active open
Option
Flags: nagle, path mtu capable
IP
Precedence value : 6
Datagrams
(max data segment is 1460 bytes):
Rcvd: 16
(out of order: 0), with data: 9, total data bytes: 280
Sent: 17
(retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with
data: 8, total data bytes: 248
Packets received in fast path: 0, fast
processed: 0, slow path: 0
fast lock acquisition failures: 0, slow path:
0
TCP
Semaphore 0x6A3AF708 FREE
R2#show ip bgp neighbors
BGP neighbor is
172.24.1.18, remote AS 65000, external
link
BGP version 4, remote router ID 10.3.3.1
BGP state = Established, up for 00:01:21
Last read 00:00:21, last write 00:00:21, hold
time is 180, keepalive interval is 60 seconds
Neighbor sessions:
1 active, is not multisession capable
(disabled)
Neighbor capabilities:
Route refresh: advertised and received(new)
Four-octets ASN Capability: advertised and
received
Address family IPv4 Unicast: advertised and
received
Enhanced Refresh Capability: advertised and
received
Multisession Capability:
Stateful switchover support enabled: NO for
session 1
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 4 2
Keepalives: 2 2
Route Refresh: 0 0
Total: 9 5
Default minimum time between advertisement
runs is 30 seconds
For address family: IPv4 Unicast
Session: 172.24.1.18
BGP table version 4, neighbor version 4/0
Output queue size : 0
Index 1, Advertise bit 0
1 update-group member
Slow-peer detection is disabled
Slow-peer split-update-group dynamic is
disabled
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 3 1 (Consumes 64 bytes)
Prefixes Total: 4 1
Implicit Withdraw: 1 0
Explicit Withdraw: 0 0
Used as bestpath: n/a 1
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: --------
-------
Bestpath from this peer: 1 n/a
Total: 1 0
Number of NLRIs in the update sent: max 1,
min 0
Last detected as dynamic slow peer: never
Dynamic slow peer recovered: never
Refresh Epoch: 1
Last Sent Refresh Start-of-rib: 00:01:21
Last Sent Refresh End-of-rib: 00:01:21
Refresh-Out took 0 seconds
Last Received Refresh Start-of-rib: never
Last Received Refresh End-of-rib: never
Sent Rcvd
Refresh activity: ---- ----
Refresh Start-of-RIB 1 0
Refresh End-of-RIB 1 0
Address tracking is enabled, the RIB does
have a route to 172.24.1.18
Connections established 1; dropped 0
Last reset never
Transport(tcp) path-mtu-discovery is enabled
Graceful-Restart is disabled
Connection
state is ESTAB, I/O status: 1, unread input bytes: 0
Connection
is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
Local
host: 172.24.1.17, Local port: 64695
Foreign
host: 172.24.1.18, Foreign port: 179
Connection
tableid (VRF): 0
Maximum
output segment queue size: 50
Enqueued
packets for retransmit: 0, input: 0
mis-ordered: 0 (0 bytes)
Event
Timers (current time is 0x2C49DA8):
Timer Starts Wakeups Next
Retrans 6 0 0x0
TimeWait 0 0 0x0
AckHold 3 0 0x0
SendWnd 0 0 0x0
KeepAlive 0 0 0x0
GiveUp 0 0 0x0
PmtuAger 1 0 0x2CC8770
DeadWait 0 0 0x0
Linger 0 0 0x0
ProcessQ 0 0 0x0
iss:
1213187745 snduna: 1213188066 sndnxt: 1213188066
irs:
2304873157 rcvnxt: 2304873330
sndwnd: 16064
scale: 0 maxrcvwnd:
16384
rcvwnd: 16212
scale: 0 delrcvwnd:
172
SRTT: 551
ms, RTTO: 3075 ms, RTV: 2524 ms, KRTT: 0 ms
minRTT: 8
ms, maxRTT: 1000 ms, ACK hold: 200 ms
Status
Flags: active open
Option
Flags: nagle, path mtu capable
IP
Precedence value : 6
Datagrams
(max data segment is 1460 bytes):
Rcvd: 10
(out of order: 0), with data: 4, total data bytes: 172
Sent: 10
(retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with
data: 6, total data bytes: 320
Packets received in fast path: 0, fast
processed: 0, slow path: 0
fast lock acquisition failures: 0, slow path:
0
TCP
Semaphore 0x6A39DFF0 FREE
BGP neighbor is
192.168.1.5, remote AS 100, external
link
BGP version 4, remote router ID 10.1.1.1
BGP state = Established, up for 00:03:10
Last read 00:00:34, last write 00:00:21, hold
time is 180, keepalive interval is 60 seconds
Neighbor sessions:
1 active, is not multisession capable
(disabled)
Neighbor capabilities:
Route refresh: advertised and received(new)
Four-octets ASN Capability: advertised and
received
Address family IPv4 Unicast: advertised and
received
Enhanced Refresh Capability: advertised and
received
Multisession Capability:
Stateful switchover support enabled: NO for
session 1
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 3 2
Keepalives: 4 5
Route Refresh: 0 0
Total: 8 8
Default minimum time between advertisement
runs is 30 seconds
For address family: IPv4 Unicast
Session: 192.168.1.5
BGP table version 4, neighbor version 4/0
Output queue size : 0
Index 1, Advertise bit 0
1 update-group member
Slow-peer detection is disabled
Slow-peer split-update-group dynamic is
disabled
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 3 1 (Consumes 64 bytes)
Prefixes Total: 4 1
Implicit Withdraw: 1 0
Explicit Withdraw: 0 0
Used as bestpath: n/a 1
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: --------
-------
Bestpath from this peer: 1 n/a
Total: 1 0
Number of NLRIs in the update sent: max 1,
min 0
Last detected as dynamic slow peer: never
Dynamic slow peer recovered: never
Refresh Epoch: 1
Last Sent Refresh Start-of-rib: never
Last Sent Refresh End-of-rib: never
Last Received Refresh Start-of-rib: never
Last Received Refresh End-of-rib: never
Sent Rcvd
Refresh activity: ---- ----
Refresh Start-of-RIB 0 0
Refresh End-of-RIB 0 0
Address tracking is enabled, the RIB does
have a route to 192.168.1.5
Connections established 1; dropped 0
Last reset never
Transport(tcp) path-mtu-discovery is enabled
Graceful-Restart is disabled
Connection
state is ESTAB, I/O status: 1, unread input bytes: 0
Connection
is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
Local
host: 192.168.1.6, Local port: 179
Foreign
host: 192.168.1.5, Foreign port: 33345
Connection
tableid (VRF): 0
Maximum
output segment queue size: 50
Enqueued
packets for retransmit: 0, input: 0
mis-ordered: 0 (0 bytes)
Event
Timers (current time is 0x2C49DAC):
Timer Starts Wakeups Next
Retrans 7 0 0x0
TimeWait 0 0 0x0
AckHold 6 3 0x0
SendWnd 0 0 0x0
KeepAlive 0 0 0x0
GiveUp 0 0 0x0
PmtuAger 0 0 0x0
DeadWait 0 0 0x0
Linger 0 0 0x0
ProcessQ 0 0 0x0
iss: 966563251
snduna: 966563513 sndnxt:
966563513
irs:
2293136873 rcvnxt: 2293137103
sndwnd: 16123
scale: 0 maxrcvwnd:
16384
rcvwnd: 16155
scale: 0 delrcvwnd:
229
SRTT: 607
ms, RTTO: 2949 ms, RTV: 2342 ms, KRTT: 0 ms
minRTT:
16 ms, maxRTT: 1000 ms, ACK hold: 200 ms
Status
Flags: passive open, gen tcbs
Option
Flags: nagle, path mtu capable
IP
Precedence value : 6
Datagrams
(max data segment is 1460 bytes):
Rcvd: 15
(out of order: 0), with data: 7, total data bytes: 229
Sent: 14
(retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with
data: 8, total data bytes: 261
Packets received in fast path: 0, fast
processed: 0, slow path: 0
fast lock acquisition failures: 0, slow path:
0
TCP
Semaphore 0x6A39E0D0 FREE
R3#show ip bgp neighbors
BGP neighbor is
172.24.1.17, remote AS 300, external
link
BGP version 4, remote router ID 10.2.2.1
BGP state = Established, up for 00:03:22
Last read 00:00:38, last write 00:00:39, hold
time is 180, keepalive interval is 60 seconds
Neighbor sessions:
1 active, is not multisession capable
(disabled)
Neighbor capabilities:
Route refresh: advertised and received(new)
Four-octets ASN Capability: advertised and
received
Address family IPv4 Unicast: advertised and
received
Enhanced Refresh Capability: advertised and
received
Multisession Capability:
Stateful switchover support enabled: NO for
session 1
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 2 4
Keepalives: 4 4
Route Refresh: 0 0
Total: 7 11
Default minimum time between advertisement
runs is 30 seconds
For address family: IPv4 Unicast
Session: 172.24.1.17
BGP table version 4, neighbor version 4/0
Output queue size : 0
Index 1, Advertise bit 0
1 update-group member
Slow-peer detection is disabled
Slow-peer split-update-group dynamic is
disabled
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 1 2 (Consumes 128 bytes)
Prefixes Total: 1 2
Implicit Withdraw: 0 0
Explicit Withdraw: 0 0
Used as bestpath: n/a 2
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: --------
-------
AS_PATH loop: n/a 1
Bestpath from this peer: 2 n/a
Total: 2 1
Number of NLRIs in the update sent: max 1,
min 0
Last detected as dynamic slow peer: never
Dynamic slow peer recovered: never
Refresh Epoch: 2
Last Sent Refresh Start-of-rib: never
Last Sent Refresh End-of-rib: never
Last Received Refresh Start-of-rib: 00:03:22
Last Received Refresh End-of-rib: 00:03:22
Refresh-In took 0 seconds
Sent Rcvd
Refresh activity: ---- ----
Refresh Start-of-RIB 0 1
Refresh End-of-RIB 0 1
Address tracking is enabled, the RIB does
have a route to 172.24.1.17
Connections established 1; dropped 0
Last reset never
Transport(tcp) path-mtu-discovery is enabled
Graceful-Restart is disabled
Connection
state is ESTAB, I/O status: 1, unread input bytes: 0
Connection
is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
Local
host: 172.24.1.18, Local port: 179
Foreign
host: 172.24.1.17, Foreign port: 64695
Connection
tableid (VRF): 0
Maximum
output segment queue size: 50
Enqueued
packets for retransmit: 0, input: 0
mis-ordered: 0 (0 bytes)
Event
Timers (current time is 0x2C62FCC):
Timer Starts Wakeups Next
Retrans 5 0 0x0
TimeWait 0 0 0x0
AckHold 7 5 0x0
SendWnd 0 0 0x0
KeepAlive 0 0 0x0
GiveUp 0 0 0x0
PmtuAger 0 0 0x0
DeadWait 0 0 0x0
Linger 0 0 0x0
ProcessQ 0 0 0x0
iss:
2304873157 snduna: 2304873368 sndnxt: 2304873368
irs:
1213187745 rcvnxt: 1213188104
sndwnd: 16174
scale: 0 maxrcvwnd:
16384
rcvwnd: 16026
scale: 0 delrcvwnd:
358
SRTT: 487
ms, RTTO: 3168 ms, RTV: 2681 ms, KRTT: 0 ms
minRTT:
12 ms, maxRTT: 1000 ms, ACK hold: 200 ms
Status
Flags: passive open, gen tcbs
Option
Flags: nagle, path mtu capable
IP
Precedence value : 6
Datagrams
(max data segment is 1460 bytes):
Rcvd: 14
(out of order: 0), with data: 8, total data bytes: 358
Sent: 14
(retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with
data: 6, total data bytes: 210
Packets received in fast path: 0, fast
processed: 0, slow path: 0
fast lock acquisition failures: 0, slow path:
0
TCP
Semaphore 0x6A3BF310 FREE
R1#show
ip route // VERIFY RECEIVED BGP ROUTES
Codes: L
- local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route, H - NHRP, l - LISP
+ - replicated route, % - next hop
override
Gateway
of last resort is not set
10.0.0.0/8 is variably subnetted, 4
subnets, 2 masks
C 10.1.1.0/24 is directly connected,
Loopback0
L 10.1.1.1/32 is directly connected,
Loopback0
B 10.2.2.0/24 [20/0] via 192.168.1.6,
00:05:40
B 10.3.3.0/24 [20/0] via 192.168.1.6,
00:03:24
192.168.1.0/24 is variably subnetted, 2
subnets, 2 masks
C 192.168.1.4/30 is directly connected,
Serial2/0
L 192.168.1.5/32 is directly connected,
Serial2/0
R1#ping
10.3.3.1 // NO RETURN ROUTE TO R1 192.168.1.5 SOURCE IP FROM R3
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 10.3.3.1, timeout is 2 seconds:
.....
Success
rate is 0 percent (0/5)
R1#ping
10.3.3.1 source 10.1.1.1 // R3 HAS A RETURN ROUTE TO 10.1.1.0/24
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 10.3.3.1, timeout is 2 seconds:
Packet
sent with a source address of 10.1.1.1
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 8/39/64 ms
R1#traceroute
10.3.3.1 source 10.1.1.1
Type
escape sequence to abort.
Tracing
the route to 10.3.3.1
VRF info:
(vrf in name/id, vrf out name/id)
1 192.168.1.6 16 msec 16 msec 20 msec
2 172.24.1.18 20 msec 68 msec 12 msec
R1#show
ip bgp
BGP table
version is 4, local router ID is 10.1.1.1
Status
codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m
multipath, b backup-path, f RT-Filter,
x best-external, a
additional-path, c RIB-compressed,
Origin
codes: i - IGP, e - EGP, ? - incomplete
RPKI
validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>
10.1.1.0/24 0.0.0.0 0 32768 i
*>
10.2.2.0/24 192.168.1.6 0 0 300 i
*>
10.3.3.0/24 192.168.1.6 0 300 65000 i // HAS PRIVATE ASN
R2#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R2(config)#router
bgp 300
R2(config-router)#neighbor
192.168.1.5 ?
activate Enable the Address Family for
this Neighbor
advertise Advertise to this neighbor
advertise-map specify route-map for conditional
advertisement
advertisement-interval Minimum interval between sending BGP routing
updates
allowas-in Accept as-path with my AS
present in it
capability Advertise capability to the peer
default-originate Originate default route to this
neighbor
description Neighbor specific description
disable-connected-check one-hop away EBGP peer using loopback address
distribute-list Filter updates to/from this neighbor
dmzlink-bw Propagate the DMZ link bandwidth
ebgp-multihop Allow EBGP neighbors not on
directly connected
networks
fall-over session fall on peer route lost
filter-list Establish BGP filters
ha-mode high availability mode
inherit Inherit a template
local-as Specify a local-as number
maximum-prefix Maximum number of prefixes accepted
from this peer
next-hop-self Disable the next hop calculation
for this neighbor
next-hop-unchanged Propagate next hop unchanged for iBGP
paths to this
neighbor
password Set a password
peer-group Member of the peer-group
prefix-list Filter updates to/from this
neighbor
remote-as Specify a BGP neighbor
remove-private-as Remove
private AS number from outbound updates
route-map Apply route map to neighbor
route-reflector-client Configure a neighbor as Route Reflector
client
route-server-client Configure a neighbor as Route Server
client
send-community Send Community attribute to this
neighbor
send-label Send NLRI + MPLS Label to this
peer
shutdown Administratively shut down
this neighbor
slow-peer Configure slow-peer
soft-reconfiguration Per neighbor soft reconfiguration
soo Site-of-Origin extended
community
timers BGP per neighbor timers
translate-update Translate Update to MBGP format
transport Transport options
ttl-security BGP ttl security check
unsuppress-map Route-map to selectively unsuppress
suppressed
routes
update-source Source of routing updates
version Set the BGP version to match
a neighbor
weight Set default weight for
routes from this neighbor
R2(config-router)#neighbor
192.168.1.5 remove-private-as // CONFIGURE R2 (ISP) TO STRIP PRIVATE ASN
R2(config-router)#end
R2#
*Jul 15
21:50:59.708: %SYS-5-CONFIG_I: Configured from console by console
R2#clear ip bgp * soft // FORCE BGP NEIGHBOR TO RESEND BGP TABLE UPDATE (NON-DISRUPTIVE)
R1#show
ip route
Codes: L
- local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route, H - NHRP, l - LISP
+ - replicated route, % - next hop
override
Gateway
of last resort is not set
10.0.0.0/8 is variably subnetted, 4
subnets, 2 masks
C 10.1.1.0/24 is directly connected,
Loopback0
L 10.1.1.1/32 is directly connected,
Loopback0
B 10.2.2.0/24 [20/0] via 192.168.1.6,
00:09:23
B 10.3.3.0/24 [20/0] via 192.168.1.6,
00:00:27
192.168.1.0/24 is variably subnetted, 2
subnets, 2 masks
C 192.168.1.4/30 is directly connected,
Serial2/0
L 192.168.1.5/32 is directly connected,
Serial2/0
R1#ping 10.3.3.1 source 10.1.1.1 // R1 CAN STILL REACH 10.3.3.3
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 10.3.3.1, timeout is 2 seconds:
Packet
sent with a source address of 10.1.1.1
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 12/39/72 ms
R1#show
ip bgp
BGP table
version is 5, local router ID is 10.1.1.1
Status
codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m
multipath, b backup-path, f RT-Filter,
x best-external, a
additional-path, c RIB-compressed,
Origin
codes: i - IGP, e - EGP, ? - incomplete
RPKI
validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>
10.1.1.0/24 0.0.0.0 0 32768 i
*>
10.2.2.0/24 192.168.1.6 0 0 300 i
*>
10.3.3.0/24 192.168.1.6 0 300 i // PRIVATE ASN FILTERED
R2#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R2(config)#ip
a?
access-list accounting-list accounting-threshold accounting-transits
address-pool admission alias arp
as-path auth-proxy
R2(config)#ip
as-path ?
access-list
Specify an access list number
R2(config)#ip
as-path access-list ?
<1-500>
AS path access list number
R2(config)#ip
as-path access-list 1 ?
deny
Specify packets to reject
permit
Specify packets to forward
R2(config)#ip
as-path access-list 1 deny ?
LINE A
regular-expression to match BGP AS paths. Use "ctrl-v ?" to enter
"?"
R2(config)#ip as-path
access-list 1 deny ^100$ // AS PATH ACL; SIMILAR TO NORMAL ACL; MATCH AS 100
R2(config)#ip as-path
access-list 1 permit .* //PERMIT ANY
R2(config)#
R2(config)#router
bgp 300
R2(config-router)#neighbor
172.24.1.18 ?
activate Enable the Address Family for
this Neighbor
advertise Advertise to this neighbor
advertise-map specify route-map for conditional
advertisement
advertisement-interval Minimum interval between sending BGP routing
updates
allowas-in Accept as-path with my AS
present in it
capability Advertise capability to the peer
default-originate Originate default route to this
neighbor
description Neighbor specific description
disable-connected-check one-hop away EBGP peer using loopback address
distribute-list Filter updates to/from this neighbor
dmzlink-bw Propagate the DMZ link bandwidth
ebgp-multihop Allow EBGP neighbors not on
directly connected
networks
fall-over session fall on peer route lost
filter-list Establish BGP filters
ha-mode high availability mode
inherit Inherit a template
local-as Specify a local-as number
maximum-prefix Maximum number of prefixes accepted
from this peer
next-hop-self Disable the next hop calculation
for this neighbor
next-hop-unchanged Propagate next hop unchanged for iBGP
paths to this
neighbor
password Set a password
peer-group Member of the peer-group
prefix-list Filter updates to/from this
neighbor
remote-as Specify a BGP neighbor
remove-private-as Remove private AS number from outbound
updates
route-map Apply route map to neighbor
route-reflector-client Configure a neighbor as Route Reflector
client
route-server-client Configure a neighbor as Route Server
client
send-community Send Community attribute to this
neighbor
send-label Send NLRI + MPLS Label to this
peer
shutdown Administratively shut down
this neighbor
slow-peer Configure slow-peer
soft-reconfiguration Per neighbor soft reconfiguration
soo Site-of-Origin extended
community
timers BGP per neighbor timers
translate-update Translate Update to MBGP format
transport Transport options
ttl-security BGP ttl security check
unsuppress-map Route-map to selectively unsuppress
suppressed
routes
update-source Source of routing updates
version Set the BGP version to match
a neighbor
weight Set default weight for
routes from this neighbor
R2(config-router)#neighbor
172.24.1.18 filter-list ?
<1-500>
AS path access list
R2(config-router)#neighbor
172.24.1.18 filter-list 1 ?
in
Filter incoming routes
out
Filter outgoing routes
R2(config-router)#neighbor
172.24.1.18 filter-list 1 out // APPLY AS PATH ACL
R2(config-router)#end
R2#
*Jul 15
21:57:13.076: %SYS-5-CONFIG_I: Configured from console by console
R2#clear
ip bgp * soft
R2#show
ip route
Codes: L
- local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route, H - NHRP, l - LISP
+ - replicated route, % - next hop
override
Gateway
of last resort is not set
10.0.0.0/8 is variably subnetted, 4
subnets, 2 masks
B 10.1.1.0/24 [20/0] via 192.168.1.5,
00:15:58
C 10.2.2.0/24 is directly connected,
Loopback0
L 10.2.2.1/32 is directly connected,
Loopback0
B 10.3.3.0/24 [20/0] via 172.24.1.18,
00:13:09
172.24.0.0/16 is variably subnetted, 2
subnets, 2 masks
C 172.24.1.16/30 is directly connected,
Serial2/1
L 172.24.1.17/32 is directly connected,
Serial2/1
192.168.1.0/24 is variably subnetted, 2
subnets, 2 masks
C 192.168.1.4/30 is directly connected,
Serial2/0
L 192.168.1.6/32 is directly connected,
Serial2/0
R3#show
ip route // 10.1.1.0/24 IS FILTERED
Codes: L
- local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route, H - NHRP, l - LISP
+ - replicated route, % - next hop
override
Gateway
of last resort is not set
10.0.0.0/8 is variably subnetted, 3
subnets, 2 masks
B 10.2.2.0/24 [20/0] via 172.24.1.17,
00:13:23
C 10.3.3.0/24 is directly connected,
Loopback0
L 10.3.3.1/32 is directly connected,
Loopback0
172.24.0.0/16 is variably subnetted, 2
subnets, 2 masks
C 172.24.1.16/30 is directly connected,
Serial2/1
L 172.24.1.18/32 is directly connected,
Serial2/1
R2#show
ip bgp ?
A.B.C.D Network in the BGP routing table to
display
A.B.C.D/nn IP prefix
<network>/<length>, e.g., 35.0.0.0/8
all All address families
cidr-only Display only routes with non-natural
netmasks
community Display routes matching the
communities
community-list Display routes matching the community-list
dampening Display detailed information about
dampening
extcommunity-list Display routes matching the extcommunity-list
filter-list Display routes conforming to the
filter-list
import Display route topology import /
export activity
inconsistency Display all inconsistent paths
inconsistent-as Display only routes with inconsistent
origin ASs
injected-paths Display all injected paths
ipv4 Address family
ipv6 Address family
l2vpn Address family
labels Display Labels for IPv4 NLRI
specific information
neighbors Detailed information on TCP and BGP
neighbor connections
nexthops Nexthop address table
nsap Address family
oer-paths Display all oer controlled paths
paths Path information
peer-group Display information on peer-groups
pending-prefixes Display prefixes pending deletion
prefix-list Display routes matching the prefix-list
quote-regexp Display routes matching the AS path
"regular expression"
regexp Display routes
matching the AS path regular expression
replication Display replication status of
update-group(s)
rib-failure Display bgp routes that failed to
install in the routing
table (RIB)
route-map Display routes matching the route-map
route-server Route server information
rpki Display RPKI Neighbor Cache
rtfilter Address family
summary Summary of BGP neighbor status
template Display peer-policy/peer-session
templates
topology Routing topology instance
update-group Display information on update-groups
update-sources Update source interface table
va Display virtual aggregation
prefixes
version Display prefixes with matching
version numbers
vpnv4 Address family
vpnv6 Address family
| Output modifiers
<cr>
R2#show
ip bgp regexp ?
LINE A
regular-expression to match BGP AS paths. Use "ctrl-v ?" to enter
"?"
R2#show ip bgp regexp ^100$ // VERIFY BGP REGEX FILTERING
BGP table
version is 4, local router ID is 10.2.2.1
Status
codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m
multipath, b backup-path, f RT-Filter,
x best-external, a
additional-path, c RIB-compressed,
Origin
codes: i - IGP, e - EGP, ? - incomplete
RPKI
validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>
10.1.1.0/24 192.168.1.5 0 0 100 i
R2#tclsh
R2(tcl)#foreach
address {
+>(tcl)#10.1.1.1
+>(tcl)#10.2.2.1
+>(tcl)#10.3.3.1
+>(tcl)#192.168.1.5
+>(tcl)#192.168.1.6
+>(tcl)#172.24.1.17
+>(tcl)#172.24.1.18
+>(tcl)#}
{
+>(tcl)#ping
$address }
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 10.1.1.1, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 16/21/36 ms
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 10.2.2.1, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 10.3.3.1, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 8/12/20 ms
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 192.168.1.5, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 8/18/24 ms
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 192.168.1.6, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 32/40/44 ms
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 172.24.1.17, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 16/20/24 ms
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 172.24.1.18, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 4/8/12 ms
No comments:
Post a Comment