You can also redistribute BGP routes into the IGP to solve the routing loop problem. This solution prevents the routing loop by giving the internal enterprise routers knowledge of the best exit point for each known Internet destination.
Although this solves the problem, particularly when just learning with lab gear at home, redistribution of BGP routes into an IGP is generally not recommended. This redistribution requires a relatively large amount of memory and a relatively large amount of processing by an IGP with the much larger number of routes to process. Redistributing all the routes in the full Internet BGP table could crash the IGP routing protocols.
Although not recommended, the idea of redistributing eBGP-learned Internet routes into the enterprise IGP needs to be discussed as a backdrop to discuss a related BGP feature called synchronization, or sync . The term refers to the idea that the iBGP-learned routes must be synchronized with IGP-learned routes for the same prefix before they can be used. In other words, if an iBGP-learned route is to be considered to be a usable route, that same prefix must be in the IP routing table and learned using some IGP protocol such as EIGRP or OSPF. More formally, the synchronization features tells a BGP router the following:
Do not consider an iBGP-learned route as “best” unless the exact prefix was learned
through an IGP and is currently in the IP routing table.
Later Cisco IOS versions default to disable synchronization, because most sites avoid redistributing routes from BGP into an IGP when using BGP for Internet routes, instead preferring iBGP meshes (or alternatives) to avoid these routing black holes. The setting is applied to the entire BGP process, with the synchronization command enabling synchronization and the no synchronization command (default) disabling it.
Although this solves the problem, particularly when just learning with lab gear at home, redistribution of BGP routes into an IGP is generally not recommended. This redistribution requires a relatively large amount of memory and a relatively large amount of processing by an IGP with the much larger number of routes to process. Redistributing all the routes in the full Internet BGP table could crash the IGP routing protocols.
Although not recommended, the idea of redistributing eBGP-learned Internet routes into the enterprise IGP needs to be discussed as a backdrop to discuss a related BGP feature called synchronization, or sync . The term refers to the idea that the iBGP-learned routes must be synchronized with IGP-learned routes for the same prefix before they can be used. In other words, if an iBGP-learned route is to be considered to be a usable route, that same prefix must be in the IP routing table and learned using some IGP protocol such as EIGRP or OSPF. More formally, the synchronization features tells a BGP router the following:
Do not consider an iBGP-learned route as “best” unless the exact prefix was learned
through an IGP and is currently in the IP routing table.
Later Cisco IOS versions default to disable synchronization, because most sites avoid redistributing routes from BGP into an IGP when using BGP for Internet routes, instead preferring iBGP meshes (or alternatives) to avoid these routing black holes. The setting is applied to the entire BGP process, with the synchronization command enabling synchronization and the no synchronization command (default) disabling it.
R1#conf t // CONFIGURE ISP 1
Enter
configuration commands, one per line.
End with CNTL/Z.
R1(config)#interface
loop 0
R1(config-if)#
*Jul 18
09:42:44.559: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0,
changed state to up
R1(config-if)#ip
address 10.0.0.1 255.255.255.0
R1(config-if)#
R1(config-if)#interface
loop 1
R1(config-if)#
*Jul 18
09:43:06.855: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1,
changed state to up
R1(config-if)#ip
address 10.1.0.1 255.255.0.0
R1(config-if)#
R1(config-if)#interface
serial 2/0
R1(config-if)#ip
address 192.168.1.1 255.255.255.252
R1(config-if)#no
shut
R1(config-if)#
*Jul 18
09:43:37.139: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
R1(config-if)#
*Jul 18
09:43:38.147: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to up
R1(config-if)#
R1(config-if)#router
bgp 65100
R1(config-router)#?
Router
configuration commands:
address-family Enter Address Family command mode
aggregate-address Configure BGP aggregate entries
auto-summary Enable automatic network number
summarization
bgp BGP specific commands
default Set a command to its defaults
default-information Control distribution of default information
default-metric Set metric of redistributed routes
distance Define an administrative distance
distribute-list Filter networks in routing updates
exit Exit from routing protocol
configuration mode
help Description of the
interactive help system
maximum-paths Forward packets over multiple paths
neighbor Specify a neighbor router
network Specify a network to announce
via BGP
no Negate a command or set its
defaults
redistribute Redistribute information from another
routing protocol
route-server-context Enter route server context command mode
scope Enter scope command mode
snmp Modify snmp parameters
synchronization Perform IGP synchronization
table-map Map external entry attributes into
routing table
template Enter template command mode
timers Adjust routing timers
R1(config-router)#bgp
?
additional-paths Additional paths in the BGP table
advertise-best-external Advertise best external path to internal
peers
aggregate-timer Configure Aggregation Timer
always-compare-med Allow comparing MED from different
neighbors
asnotation Change the default asplain
notation
bestpath Change the default bestpath
selection
bestpath Change the default bestpath
selection
client-to-client Configure client to client route
reflection
cluster-id Configure Route-Reflector
Cluster-id (peers may
reset)
confederation AS confederation parameters
consistency-checker Consistency-checker
dampening Enable route-flap dampening
default Configure BGP defaults
deterministic-med Pick the best-MED path among paths
advertised from
the neighboring AS
dmzlink-bw Use DMZ Link Bandwidth as weight
for BGP multipaths
enforce-first-as Enforce the first AS for EBGP
routes(default)
fast-external-fallover Immediately reset session if a link to a
directly
connected external
peer goes down
graceful-restart Graceful restart capability parameters
inject-map Routemap which specifies
prefixes to inject
listen Neighbor subnet range
listener
log-neighbor-changes Log neighbor up/down and reset reason
maxas-limit Allow AS-PATH attribute from any
neighbor imposing a
limit on number of
ASes
nexthop Nexthop tracking commands
nopeerup-delay Set how long BGP will wait for the
first peer to
come up before
beginning the update delay or
graceful restart
timers (in seconds)
recursion recursion rule for the nexthops
redistribute-internal Allow redistribution of iBGP into IGPs
(dangerous)
refresh refresh
regexp Select regular expression
engine
route-map route-map control commands
router-id Override configured router
identifier (peers will
reset)
scan-time Configure background scanner
interval
slow-peer Configure slow-peer
soft-reconfig-backup Use soft-reconfiguration inbound only when
route-refresh is not
negotiated
suppress-inactive Suppress routes that are not in the
routing table
transport global enable/disable transport
session parameters
update-delay Set the max initial delay for
sending update
upgrade-cli Upgrade to hierarchical AFI mode
*Jul 18
09:44:02.907: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to down
R1(config-router)#bgp
router-id 10.0.0.1
R1(config-router)#neighbor
192.168.1.2 ?
activate Enable the Address Family for
this Neighbor
advertise Advertise to this neighbor
advertise-map specify route-map for conditional
advertisement
advertisement-interval Minimum interval between sending BGP routing
updates
allowas-in Accept as-path with my AS
present in it
capability Advertise capability to the peer
default-originate Originate default route to this
neighbor
description Neighbor specific description
disable-connected-check one-hop away EBGP peer using loopback address
distribute-list Filter updates to/from this neighbor
dmzlink-bw Propagate the DMZ link bandwidth
ebgp-multihop Allow EBGP neighbors not on
directly connected
networks
fall-over session fall on peer route lost
filter-list Establish BGP filters
ha-mode high availability mode
inherit Inherit a template
local-as Specify a local-as number
maximum-prefix Maximum number of prefixes accepted
from this peer
next-hop-self Disable the next hop calculation
for this neighbor
next-hop-unchanged Propagate next hop unchanged for iBGP
paths to this
neighbor
password Set a password
peer-group Member of the peer-group
prefix-list Filter updates to/from this
neighbor
remote-as Specify a BGP neighbor
remove-private-as Remove private AS number from outbound
updates
route-map Apply route map to neighbor
route-reflector-client Configure a neighbor as Route Reflector
client
route-server-client Configure a neighbor as Route Server
client
send-community Send Community attribute to this
neighbor
send-label Send NLRI + MPLS Label to this
peer
shutdown Administratively shut down
this neighbor
slow-peer Configure slow-peer
soft-reconfiguration Per neighbor soft reconfiguration
soo Site-of-Origin extended
community
timers BGP per neighbor timers
translate-update Translate Update to MBGP format
transport Transport options
ttl-security BGP ttl security check
unsuppress-map Route-map to selectively unsuppress
suppressed
routes
update-source Source of routing updates
version Set the BGP version to match
a neighbor
weight Set default weight for
routes from this neighbor
R1(config-router)#neighbor
192.168.1.2 remote-as 65000
R1(config-router)#network
10.1.0.0 mask 255.255.0.0
R1(config-router)#end
R1#
R2#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R2(config)#interface
loop 0
R2(config-if)#
*Jul 18
09:46:14.523: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0,
changed state to up
R2(config-if)#ip
address 172.17.2.1 255.255.255.0
R2(config-if)#
R2(config-if)#interface
loop 1
R2(config-if)#
*Jul 18
09:46:42.019: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1,
changed state to up
R2(config-if)#ip
address 172.16.2.1 255.255.255.0
R2(config-if)#
R2(config-if)#interface
serial 2/0
R2(config-if)#ip
address 192.168.1.2 255.255.255.252
R2(config-if)#no
shut
R2(config-if)#
*Jul 18
09:47:14.487: %LINK-3-UPDOWN: Interface Serial2/0, changed state to up
R2(config-if)#
*Jul 18
09:47:15.495: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/0,
changed state to up
R2(config-if)#
R2(config-if)#do
ping 192.168.1.1
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 16/19/24 ms
R2(config-if)#
R2(config-if)#interface
serial 2/1
R2(config-if)#ip
address 172.16.1.1 255.255.255.252
R2(config-if)#no
shut
R2(config-if)#
*Jul 18
09:48:31.959: %LINK-3-UPDOWN: Interface Serial2/1, changed state to up
R2(config-if)#
*Jul 18
09:48:32.967: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/1,
changed state to up
R2(config-if)#end
R2#
R3#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R3(config)#interface
loop 0
R3(config-if)#
*Jul 18
09:49:09.655: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0,
changed state to up
R3(config-if)#ip
address 172.17.3.1 255.255.255.0
R3(config-if)#
R3(config-if)#interface
loop 1
R3(config-if)#
*Jul 18
09:49:34.391: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1,
changed state to up
R3(config-if)#ip
address 172.16.3.1 255.255.255.0
R3(config-if)#
R3(config-if)#interface
serial 2/1
R3(config-if)#ip
address 172.16.1.2 255.255.255.252
R3(config-if)#no
shut
R3(config-if)#
*Jul 18
09:50:33.539: %LINK-3-UPDOWN: Interface Serial2/1, changed state to up
R3(config-if)#
*Jul 18
09:50:34.547: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/1,
changed state to up
R3(config-if)#
R3(config-if)#do
ping 172.16.1.1
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 16/17/20 ms
R3(config-if)#
R3(config-if)#interface
serial 2/2
R3(config-if)#ip
address 172.16.1.5 255.255.255.252
R3(config-if)#no
shut
R3(config-if)#end
R3#
R4#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R4(config)#interface
loop 0
R4(config-if)#
*Jul 18
09:52:39.779: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0,
changed state to up
R4(config-if)#ip
address 172.17.4.1 255.255.255.0
R4(config-if)#
R4(config-if)#interface
loop 1
R4(config-if)#
*Jul 18
09:54:25.795: %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback1,
changed state to up
R4(config-if)#ip
address 172.16.4.1 255.255.255.0
R4(config-if)#
R4(config-if)#interface
serial 2/2
R4(config-if)#ip
address 172.16.1.6 255.255.255.252
R4(config-if)#no
shut
R4(config-if)#
*Jul 18
09:54:59.731: %LINK-3-UPDOWN: Interface Serial2/2, changed state to up
R4(config-if)#
*Jul 18
09:55:00.739: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial2/2,
changed state to up
R4(config-if)#do
ping 172.16.1.5
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 172.16.1.5, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 16/20/24 ms
R4(config-if)#end
R4#
R2#conf t // CONFIGURE EIGRP IN CUSTOMER NETWORK
Enter
configuration commands, one per line.
End with CNTL/Z.
R2(config)#router
eigrp 1
R2(config-router)#?
Router
configuration commands:
address-family Enter Address Family command mode
auto-summary Enable automatic network number
summarization
bfd BFD configuration commands
default Set a command to its defaults
default-information Control distribution of default information
default-metric Set metric of redistributed routes
distance Define an administrative distance
distribute-list Filter entries in eigrp updates
eigrp EIGRP specific commands
exit Exit from routing protocol
configuration mode
maximum-paths Forward packets over multiple paths
metric Modify metrics and parameters
for advertisement
neighbor Specify a neighbor router
network Enable routing on an IP network
no Negate a command or set its
defaults
offset-list Add or subtract offset from EIGRP
metrics
passive-interface Suppress routing updates on an interface
redistribute Redistribute IPv4 routes from another
routing protocol
shutdown Shutdown this instance of EIGRP
summary-metric Specify summary to apply
metric/filtering
timers Adjust routing timers
traffic-share How to compute traffic share over
alternate paths
variance Control load balancing variance
R2(config-router)#eigrp
?
event-log-size Set EIGRP maximum event log entries
log-neighbor-changes Enable/Disable EIGRP neighbor logging
log-neighbor-warnings Enable/Disable EIGRP neighbor warnings
router-id router id for this EIGRP process
stub Set address-family in
stubbed mode
R2(config-router)#eigrp
router-id ?
A.B.C.D
EIGRP Router-ID in IP address format
R2(config-router)#eigrp
router-id 1.1.1.1
R2(config-router)#network
172.16.0.0
R2(config-router)#network
172.17.0.0
R2(config-router)#end
R2#
*Jul 18 09:57:58.943:
%DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 172.16.1.2 (Serial2/1) is up: new
adjacency
R3#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R3(config)#router
eigrp 1
R3(config-router)#eigrp
router-id 2.2.2.2
R3(config-router)#network
172.16.0.0
R3(config-router)#
*Jul 18 09:57:58.963:
%DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 172.16.1.1 (Serial2/1) is up: new
adjacency
R3(config-router)#network
172.17.0.0
R3(config-router)#end
R3#
*Jul 18 09:59:25.167:
%DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 172.16.1.6 (Serial2/2) is up: new
adjacency
R4#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R4(config)#router
eigrp 1
R4(config-router)#eigrp
router-id 3.3.3.3
R4(config-router)#network
172.16.0.0
R4(config-router)#
*Jul 18 09:59:54.979:
%DUAL-5-NBRCHANGE: EIGRP-IPv4 1: Neighbor 172.16.1.5 (Serial2/2) is up: new
adjacency
R4(config-router)#network
172.17.0.0
R4(config-router)#end
R4#
R4#ping
172.16.2.1 source 172.16.4.1
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds:
Packet
sent with a source address of 172.16.4.1
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 16/36/64 ms
R2#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R2(config)#router
bgp 65000
R2(config-router)#bgp
router-id 1.1.1.1
R2(config-router)#neighbor
192.168.1.1 remote-as 65100 // CONFIGURE EBGP WITH ISP 1
R2(config-router)#
*Jul 18
10:02:32.827: %BGP-5-ADJCHANGE: neighbor 192.168.1.1 Up
R2(config-router)#neighbor
172.17.4.1 remote-as 65000
R2(config-router)#neighbor
172.17.4.1 update-source loop 0
R2(config-router)#network
172.16.2.0 mask 255.255.255.0
R2(config-router)#end
R2#
*Jul 18 10:04:27.575:
%BGP-5-ADJCHANGE: neighbor 172.17.4.1 Up
R1#
*Jul 18 10:02:22.423:
%BGP-5-ADJCHANGE: neighbor 192.168.1.2 Up
R4#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R4(config)#router
bgp 65000
R4(config-router)#bgp
router-id 3.3.3.3
R4(config-router)#neighbor
172.17.2.1 remote-as 65000 // CONFIGURE IBGP
R4(config-router)#
*Jul 18 10:04:57.411:
%BGP-5-ADJCHANGE: neighbor 172.17.2.1 Up
R4(config-router)#neighbor
172.17.2.1 update-source loop 0
R4(config-router)#network
172.16.4.0 mask 255.255.255.0
R4(config-router)#end
R4#
R2#show
ip bgp // VERIFY BGP TABLE
BGP table
version is 4, local router ID is 1.1.1.1
Status
codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m
multipath, b backup-path, f RT-Filter,
x best-external, a
additional-path, c RIB-compressed,
Origin
codes: i - IGP, e - EGP, ? - incomplete
RPKI
validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>
10.1.0.0/16 192.168.1.1 0 0 65100 i
*>
172.16.2.0/24 0.0.0.0 0 32768 i
r>i 172.16.4.0/24 172.17.4.1 0 100
0 i
R2#show
ip bgp rib-failure // VERIFY CAUSE OF RIB FAILURE
Network Next Hop RIB-failure RIB-NH Matches
172.16.4.0/24 172.17.4.1 Higher admin
distance n/a
R2#show
ip route
Codes: L
- local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route, H - NHRP, l - LISP
+ - replicated route, % - next hop
override
Gateway
of last resort is not set
10.0.0.0/16 is subnetted, 1 subnets
B 10.1.0.0 [20/0] via 192.168.1.1,
00:05:55
172.16.0.0/16 is variably subnetted, 7
subnets, 3 masks
C 172.16.1.0/30 is directly connected,
Serial2/1
L 172.16.1.1/32 is directly connected,
Serial2/1
D 172.16.1.4/30 [90/2681856] via
172.16.1.2, 00:10:27, Serial2/1
C 172.16.2.0/24 is directly connected,
Loopback1
L 172.16.2.1/32 is directly connected,
Loopback1
D 172.16.3.0/24 [90/2297856] via
172.16.1.2, 00:10:27, Serial2/1
D 172.16.4.0/24 [90/2809856] via
172.16.1.2, 00:09:03, Serial2/1 // PREFER EIGRP AD 90 VS IBGP AD 200
172.17.0.0/16 is variably subnetted, 4
subnets, 2 masks
C 172.17.2.0/24 is directly connected,
Loopback0
L 172.17.2.1/32 is directly connected,
Loopback0
D 172.17.3.0/24 [90/2297856] via
172.16.1.2, 00:10:25, Serial2/1
D 172.17.4.0/24 [90/2809856] via
172.16.1.2, 00:08:54, Serial2/1
192.168.1.0/24 is variably subnetted, 2
subnets, 2 masks
C 192.168.1.0/30 is directly connected,
Serial2/0
L 192.168.1.2/32 is directly connected,
Serial2/0
R2#ping
10.1.0.1 // VERIFY ISP CONNECTIVITY
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 8/9/12 ms
R4#show
ip route // THE 10.1.0.0/16 NETWORK IS NOT IN ROUTING TABLE SINCE R4 DON'T HAVE A ROUTE TO 192.168.1.1 (ISP)
Codes: L
- local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route, H - NHRP, l - LISP
+ - replicated route, % - next hop
override
Gateway
of last resort is not set
172.16.0.0/16 is variably subnetted, 7
subnets, 3 masks
D 172.16.1.0/30 [90/2681856] via
172.16.1.5, 00:10:45, Serial2/2
C 172.16.1.4/30 is directly connected,
Serial2/2
L 172.16.1.6/32 is directly connected,
Serial2/2
D 172.16.2.0/24 [90/2809856] via
172.16.1.5, 00:10:45, Serial2/2
D 172.16.3.0/24 [90/2297856] via
172.16.1.5, 00:10:45, Serial2/2
C 172.16.4.0/24 is directly connected,
Loopback1
L 172.16.4.1/32 is directly connected,
Loopback1
172.17.0.0/16 is variably subnetted, 4
subnets, 2 masks
D 172.17.2.0/24 [90/2809856] via
172.16.1.5, 00:10:45, Serial2/2
D 172.17.3.0/24 [90/2297856] via
172.16.1.5, 00:10:45, Serial2/2
C 172.17.4.0/24 is directly connected,
Loopback0
L 172.17.4.1/32 is directly connected,
Loopback0
R4#show
ip bgp // ROUTES LEARNED VIA IBGP ARE NEVER PROPAGATED TO OTHER IBGP PEERS
BGP table
version is 3, local router ID is 3.3.3.3
Status
codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m
multipath, b backup-path, f RT-Filter,
x best-external, a
additional-path, c RIB-compressed,
Origin
codes: i - IGP, e - EGP, ? - incomplete
RPKI
validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* i 10.1.0.0/16 192.168.1.1 0 100
0 65100 i
r>i 172.16.2.0/24 172.17.2.1 0 100
0 i
*>
172.16.4.0/24 0.0.0.0 0 32768 i
R2#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R2(config)#router
bgp 65000
R2(config-router)#neighbor
172.17.4.1 next-hop-self // USE R2 TO REACH EXTERNAL ROUTE 10.1.0.0/16
R2(config-router)#end
R2#
R4#conf t // TO THE SAME FOR R4 FOR CONSISTENT CONFIG
Enter
configuration commands, one per line.
End with CNTL/Z.
R4(config)#router
bgp 65000
R4(config-router)#neighbor
172.17.2.1 next-hop-self
R4(config-router)#end
R4#
R4#show
ip bgp // NOTE > AND NEXT HOP FOR 10.1.0.0/16
BGP table
version is 4, local router ID is 3.3.3.3
Status
codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m
multipath, b backup-path, f RT-Filter,
x best-external, a
additional-path, c RIB-compressed,
Origin
codes: i - IGP, e - EGP, ? - incomplete
RPKI
validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 10.1.0.0/16 172.17.2.1 0 100
0 65100 i
r>i 172.16.2.0/24 172.17.2.1 0 100
0 i
*>
172.16.4.0/24 0.0.0.0 0 32768 i
R4#show
ip route // 10.1.0.0/16 IS NOW IN THE ROUTING TABLE
Codes: L
- local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route, H - NHRP, l - LISP
+ - replicated route, % - next hop
override
Gateway
of last resort is not set
10.0.0.0/16 is subnetted, 1 subnets
B 10.1.0.0 [200/0] via 172.17.2.1,
00:02:07
172.16.0.0/16 is variably subnetted, 7
subnets, 3 masks
D 172.16.1.0/30 [90/2681856] via
172.16.1.5, 00:16:37, Serial2/2
C 172.16.1.4/30 is directly connected,
Serial2/2
L 172.16.1.6/32 is directly connected,
Serial2/2
D 172.16.2.0/24 [90/2809856] via
172.16.1.5, 00:16:37, Serial2/2
D 172.16.3.0/24 [90/2297856] via
172.16.1.5, 00:16:37, Serial2/2
C 172.16.4.0/24 is directly connected,
Loopback1
L 172.16.4.1/32 is directly connected,
Loopback1
172.17.0.0/16 is variably subnetted, 4
subnets, 2 masks
D 172.17.2.0/24 [90/2809856] via
172.16.1.5, 00:16:37, Serial2/2
D 172.17.3.0/24 [90/2297856] via
172.16.1.5, 00:16:37, Serial2/2
C 172.17.4.0/24 is directly connected,
Loopback0
L 172.17.4.1/32 is directly connected,
Loopback0
R4#ping
10.1.0.1
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
UUUUU
Success
rate is 0 percent (0/5)
R4#
R4#ping
10.1.0.1 source 172.16.4.1
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
Packet
sent with a source address of 172.16.4.1
UUUUU
Success
rate is 0 percent (0/5)
R3#show
ip route // NO 10.1.0.0/16 NETWORK IN ROUTING TABLE
Codes: L
- local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route, H - NHRP, l - LISP
+ - replicated route, % - next hop
override
Gateway
of last resort is not set
172.16.0.0/16 is variably subnetted, 8
subnets, 3 masks
C 172.16.1.0/30 is directly connected,
Serial2/1
L 172.16.1.2/32 is directly connected,
Serial2/1
C 172.16.1.4/30 is directly connected,
Serial2/2
L 172.16.1.5/32 is directly connected,
Serial2/2
D 172.16.2.0/24 [90/2297856] via
172.16.1.1, 00:20:42, Serial2/1
C 172.16.3.0/24 is directly connected,
Loopback1
L 172.16.3.1/32 is directly connected,
Loopback1
D 172.16.4.0/24 [90/2297856] via
172.16.1.6, 00:19:17, Serial2/2
172.17.0.0/16 is variably subnetted, 4
subnets, 2 masks
D 172.17.2.0/24 [90/2297856] via
172.16.1.1, 00:20:42, Serial2/1
C 172.17.3.0/24 is directly connected,
Loopback0
L 172.17.3.1/32 is directly connected,
Loopback0
D 172.17.4.0/24 [90/2297856] via
172.16.1.6, 00:19:09, Serial2/2
R4#conf t // BGP SYNC RULE: A ROUTER WILL NOT INCLUDE IN ITS ROUTING TABLE NOR ADVERTISE ROUTES LEARN VIA IBGP UNLESS THAT ROUTE IS DIRECTLY CONNECTED OR LEARNED FROM IGP
Enter
configuration commands, one per line.
End with CNTL/Z.
R4(config)#router
bgp 65000
R4(config-router)#synchronization // DEFAULT no sync IN IOS 12.2(8)T; NOT A BEST PRACTICE TO REDISTRIBUTE EBGP ROUTES INTO AN IGP DUE TO LARGE INTERNET ROUTING TABLE SIZE, HIGH MEMORY AND CPU USE
R4(config-router)#end
R4#
*Jul 18
10:21:02.471: %SYS-5-CONFIG_I: Configured from console by console
R4#clear
ip bgp * soft // NEED A 'HARD' BGP RESET FOR BGP SYNC TO TAKE EFFECT
R4#
R4#show
ip bgp
BGP table
version is 4, local router ID is 3.3.3.3
Status
codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m
multipath, b backup-path, f RT-Filter,
x best-external, a
additional-path, c RIB-compressed,
Origin
codes: i - IGP, e - EGP, ? - incomplete
RPKI
validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 10.1.0.0/16 172.17.2.1 0 100
0 65100 i
r>i 172.16.2.0/24 172.17.2.1 0 100
0 i
*>
172.16.4.0/24 0.0.0.0 0 32768 i
R4#clear ip bgp *
R4#
*Jul 18
10:21:46.487: %BGP-5-ADJCHANGE: neighbor 172.17.2.1 Down User reset
*Jul 18
10:21:46.491: %BGP_SESSION-5-ADJCHANGE: neighbor 172.17.2.1 IPv4 Unicast
topology base removed from session User
reset
*Jul 18
10:21:47.087: %BGP-5-ADJCHANGE: neighbor 172.17.2.1 Up
R4#
R4#show
ip bgp
BGP table
version is 4, local router ID is 3.3.3.3
Status
codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m
multipath, b backup-path, f RT-Filter,
x best-external, a
additional-path, c RIB-compressed,
Origin
codes: i - IGP, e - EGP, ? - incomplete
RPKI
validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
* i 10.1.0.0/16 172.17.2.1 0 100
0 65100 i
r>i 172.16.2.0/24 172.17.2.1 0 100
0 i
R4#show
ip route // 10.1.0.0/16 IS REMOVED IN ROUTING TABLE SINCE IT DIDN'T LEARN THIS ROUTE VIA IGP (EIGRP)
Codes: L
- local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route, H - NHRP, l - LISP
+ - replicated route, % - next hop
override
Gateway
of last resort is not set
172.16.0.0/16 is variably subnetted, 7
subnets, 3 masks
D 172.16.1.0/30 [90/2681856] via
172.16.1.5, 00:22:48, Serial2/2
C 172.16.1.4/30 is directly connected,
Serial2/2
L 172.16.1.6/32 is directly connected,
Serial2/2
D 172.16.2.0/24 [90/2809856] via
172.16.1.5, 00:22:48, Serial2/2
D 172.16.3.0/24 [90/2297856] via
172.16.1.5, 00:22:48, Serial2/2
C 172.16.4.0/24 is directly connected,
Loopback1
L 172.16.4.1/32 is directly connected,
Loopback1
172.17.0.0/16 is variably subnetted, 4
subnets, 2 masks
D 172.17.2.0/24 [90/2809856] via
172.16.1.5, 00:22:48, Serial2/2
D 172.17.3.0/24 [90/2297856] via
172.16.1.5, 00:22:48, Serial2/2
C 172.17.4.0/24 is directly connected,
Loopback0
L 172.17.4.1/32 is directly connected,
Loopback0
R4#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R4(config)#router
bgp 65000
R4(config-router)#no
synchronization
R4(config-router)#end
R4#
*Jul 18
10:24:04.955: %SYS-5-CONFIG_I: Configured from console by console
R4#clear ip bgp *
R4#
*Jul 18
10:24:09.171: %BGP-5-ADJCHANGE: neighbor 172.17.2.1 Down User reset
*Jul 18
10:24:09.171: %BGP_SESSION-5-ADJCHANGE: neighbor 172.17.2.1 IPv4 Unicast
topology base removed from session User
reset
*Jul 18
10:24:09.443: %BGP-5-ADJCHANGE: neighbor 172.17.2.1 Up
R4#
R4#show
ip bgp
BGP table
version is 3, local router ID is 3.3.3.3
Status
codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m
multipath, b backup-path, f RT-Filter,
x best-external, a
additional-path, c RIB-compressed,
Origin
codes: i - IGP, e - EGP, ? - incomplete
RPKI
validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 10.1.0.0/16 172.17.2.1 0 100
0 65100 i
r>i 172.16.2.0/24 172.17.2.1 0 100
0 i
R4#
R4#show
ip route
Codes: L
- local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route, H - NHRP, l - LISP
+ - replicated route, % - next hop
override
Gateway
of last resort is not set
10.0.0.0/16 is subnetted, 1 subnets
B 10.1.0.0 [200/0] via 172.17.2.1,
00:00:06
172.16.0.0/16 is variably subnetted, 7
subnets, 3 masks
D 172.16.1.0/30 [90/2681856] via
172.16.1.5, 00:24:21, Serial2/2
C 172.16.1.4/30 is directly connected,
Serial2/2
L 172.16.1.6/32 is directly connected,
Serial2/2
D 172.16.2.0/24 [90/2809856] via
172.16.1.5, 00:24:21, Serial2/2
D 172.16.3.0/24 [90/2297856] via
172.16.1.5, 00:24:21, Serial2/2
C 172.16.4.0/24 is directly connected,
Loopback1
L 172.16.4.1/32 is directly connected,
Loopback1
172.17.0.0/16 is variably subnetted, 4
subnets, 2 masks
D 172.17.2.0/24 [90/2809856] via
172.16.1.5, 00:24:21, Serial2/2
D 172.17.3.0/24 [90/2297856] via
172.16.1.5, 00:24:21, Serial2/2
C 172.17.4.0/24 is directly connected,
Loopback0
L 172.17.4.1/32 is directly connected,
Loopback0
R3#conf t // ENSURE FULL MESH IBGP ON ALL IBGP PEERS (R2, R3, R4) IN TRANSIT PATH (IF USING no sync)
Enter
configuration commands, one per line.
End with CNTL/Z.
R3(config)#router
bgp 65000
R3(config-router)#bgp
router-id 2.2.2.2
R3(config-router)#neighbor
172.17.2.1 remote-as 65000
R3(config-router)#neighbor
172.17.2.1 update-source loop 0
R3(config-router)#neighbor
172.17.4.1 remote-as 65000
R3(config-router)#neighbor
172.17.4.1 update-source loop 0
R3(config-router)#end
R3#
*Jul 18 11:59:39.119:
%BGP-5-ADJCHANGE: neighbor 172.17.2.1 Up
R3#
*Jul 18 12:00:55.903:
%BGP-5-ADJCHANGE: neighbor 172.17.4.1 Up
R2#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R2(config)#router
bgp 65000
R2(config-router)#neighbor
172.17.3.1 remote-as 65000
R2(config-router)#
*Jul 18 11:59:39.151:
%BGP-5-ADJCHANGE: neighbor 172.17.3.1 Up
R2(config-router)#neighbor
172.17.3.1 update-source loop 0
R2(config-router)#neighbor
172.17.3.1 next-hop-self
R2(config-router)#end
R2#
R4#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R4(config)#router
bgp 65000
R4(config-router)#neighbor
172.17.3.1 remote-as 65000
R4(config-router)#
*Jul 18 12:01:25.767:
%BGP-5-ADJCHANGE: neighbor 172.17.3.1 Up
R4(config-router)#neighbor
172.17.3.1 update-source loop 0
R4(config-router)#neighbor
172.17.3.1 next-hop-self
R4(config-router)#end
R4#
R1#show
bgp summary // VERIFY BGP NEIGHBOR ADJACENCY
BGP
router identifier 10.0.0.1, local AS number 65100
BGP table
version is 8, main routing table version 8
3 network
entries using 444 bytes of memory
3 path
entries using 192 bytes of memory
3/3 BGP
path/bestpath attribute entries using 408 bytes of memory
1 BGP
AS-PATH entries using 24 bytes of memory
0 BGP
route-map cache entries using 0 bytes of memory
0 BGP
filter-list cache entries using 0 bytes of memory
BGP using
1068 total bytes of memory
BGP
activity 5/2 prefixes, 5/2 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer
InQ OutQ Up/Down State/PfxRcd
192.168.1.2 4
65000 137 137
8 0 0 02:00:30 2
R2#show
bgp summary
BGP
router identifier 1.1.1.1, local AS number 65000
BGP table
version is 8, main routing table version 8
3 network
entries using 444 bytes of memory
3 path
entries using 192 bytes of memory
3/3 BGP
path/bestpath attribute entries using 408 bytes of memory
1 BGP
AS-PATH entries using 24 bytes of memory
0 BGP
route-map cache entries using 0 bytes of memory
0 BGP
filter-list cache entries using 0 bytes of memory
BGP using
1068 total bytes of memory
BGP
activity 5/2 prefixes, 5/2 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer
InQ OutQ Up/Down State/PfxRcd
172.17.3.1 4
65000 8 14
8 0 0 00:03:52 0
172.17.4.1 4
65000 113 115
8 0 0 01:39:52 1
192.168.1.1 4
65100 137 137
8 0 0 02:00:59 1
R3#show
bgp summary
BGP
router identifier 2.2.2.2, local AS number 65000
BGP table
version is 4, main routing table version 4
3 network
entries using 444 bytes of memory
3 path
entries using 192 bytes of memory
2/2 BGP
path/bestpath attribute entries using 272 bytes of memory
1 BGP
AS-PATH entries using 24 bytes of memory
0 BGP
route-map cache entries using 0 bytes of memory
0 BGP
filter-list cache entries using 0 bytes of memory
BGP using
932 total bytes of memory
BGP
activity 3/0 prefixes, 3/0 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer
InQ OutQ Up/Down State/PfxRcd
172.17.2.1 4
65000 15 8
4 0 0 00:04:26 2
172.17.4.1 4
65000 13 9
4 0 0 00:03:10 1
R4#show
bgp summary
BGP
router identifier 3.3.3.3, local AS number 65000
BGP table
version is 4, main routing table version 4
3 network
entries using 444 bytes of memory
3 path
entries using 192 bytes of memory
3/3 BGP
path/bestpath attribute entries using 408 bytes of memory
1 BGP
AS-PATH entries using 24 bytes of memory
0 BGP
route-map cache entries using 0 bytes of memory
0 BGP
filter-list cache entries using 0 bytes of memory
BGP using
1068 total bytes of memory
BGP
activity 9/6 prefixes, 9/6 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer
InQ OutQ Up/Down State/PfxRcd
172.17.2.1 4
65000 116 114
4 0 0 01:40:48 2
172.17.3.1 4
65000 9 13
4 0 0 00:03:31 0
R3#show
ip bgp // VERIFY R3 HAS 10.1.0.0/16 ROUTE
BGP table
version is 4, local router ID is 2.2.2.2
Status
codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m
multipath, b backup-path, f RT-Filter,
x best-external, a
additional-path, c RIB-compressed,
Origin
codes: i - IGP, e - EGP, ? - incomplete
RPKI
validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 10.1.0.0/16 172.17.2.1 0 100
0 65100 i
r>i 172.16.2.0/24 172.17.2.1 0 100
0 i
r>i 172.16.4.0/24 172.17.4.1 0 100
0 i
R3#
R3#show
ip route bgp
Codes: L
- local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route, H - NHRP, l - LISP
+ - replicated route, % - next hop
override
Gateway
of last resort is not set
10.0.0.0/16 is subnetted, 1 subnets
B 10.1.0.0 [200/0] via 172.17.2.1,
00:04:29
R4#show
ip bgp // VERIFY R4 HAS 10.1.0.0/16 ROUTE
BGP table
version is 4, local router ID is 3.3.3.3
Status
codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m
multipath, b backup-path, f RT-Filter,
x best-external, a
additional-path, c RIB-compressed,
Origin
codes: i - IGP, e - EGP, ? - incomplete
RPKI
validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 10.1.0.0/16 172.17.2.1 0 100
0 65100 i
r>i 172.16.2.0/24 172.17.2.1 0 100
0 i
*>
172.16.4.0/24 0.0.0.0 0 32768 i
R4#
R4#show
ip route bgp
Codes: L
- local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O -
OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 -
OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF
external type 2
i - IS-IS, su - IS-IS summary, L1 -
IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate
default, U - per-user static route
o - ODR, P - periodic downloaded static
route, H - NHRP, l - LISP
+ - replicated route, % - next hop
override
Gateway
of last resort is not set
10.0.0.0/16 is subnetted, 1 subnets
B 10.1.0.0 [200/0] via 172.17.2.1,
01:41:54
R4#ping
10.1.0.1 source 172.16.4.1 // R4 <> R1 (ISP) HAS FULL CONNECTIVITY
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
Packet
sent with a source address of 172.16.4.1
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 40/59/64 ms
R1#ping
172.16.4.1 source 10.1.0.1
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 172.16.4.1, timeout is 2 seconds:
Packet
sent with a source address of 10.1.0.1
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 28/33/44 ms
R2#conf t
Enter
configuration commands, one per line.
End with CNTL/Z.
R2(config)#
R2(config)#router
bgp 65000
R2(config-router)#neighbor
192.168.1.1 ?
activate Enable the Address Family for
this Neighbor
advertise Advertise to this neighbor
advertise-map specify route-map for conditional
advertisement
advertisement-interval Minimum interval between sending BGP routing
updates
allowas-in Accept as-path with my AS
present in it
capability Advertise capability to the peer
default-originate Originate default route to this
neighbor
description Neighbor specific description
disable-connected-check one-hop away EBGP peer using loopback address
distribute-list Filter updates to/from this neighbor
dmzlink-bw Propagate the DMZ link bandwidth
ebgp-multihop Allow EBGP neighbors not on
directly connected
networks
fall-over session fall on peer route lost
filter-list Establish BGP filters
ha-mode high availability mode
inherit Inherit a template
local-as Specify a local-as number
maximum-prefix Maximum number of prefixes accepted
from this peer
next-hop-self Disable the next hop calculation
for this neighbor
next-hop-unchanged Propagate next hop unchanged for iBGP
paths to this
neighbor
password Set a password
peer-group Member of the peer-group
prefix-list Filter updates to/from this
neighbor
remote-as Specify a BGP neighbor
remove-private-as Remove private AS number from outbound
updates
route-map Apply route map to neighbor
route-reflector-client Configure a neighbor as Route Reflector
client
route-server-client Configure a neighbor as Route Server
client
send-community Send Community attribute to this
neighbor
send-label Send NLRI + MPLS Label to this
peer
shutdown Administratively shut down
this neighbor
slow-peer Configure slow-peer
soft-reconfiguration Per neighbor soft reconfiguration
soo Site-of-Origin extended
community
timers BGP per neighbor timers
translate-update Translate Update to MBGP format
transport Transport options
ttl-security BGP ttl security check
unsuppress-map Route-map to selectively unsuppress
suppressed
routes
update-source Source of routing updates
version Set the BGP version to match
a neighbor
weight Set default weight for
routes from this neighbor
R2(config-router)#neighbor
192.168.1.1 filter-list ?
<1-500>
AS path access list
R2(config-router)#neighbor
192.168.1.1 filter-list 1 ?
in
Filter incoming routes
out
Filter outgoing routes
R2(config-router)#neighbor
192.168.1.1 filter-list 1 out // CONFIGURE AS-PATH FILTER TO AVOID ASN 65000 BECOME A TRANSIT AS
R2(config-router)#exit
R2(config)#ip
a?
access-list accounting-list accounting-threshold accounting-transits
address-pool admission alias arp
as-path auth-proxy
R2(config)#ip
as-path ?
access-list
Specify an access list number
R2(config)#ip
as-path acess-list ?
%
Unrecognized command
R2(config)#ip
as-path access-list ?
<1-500>
AS path access list number
R2(config)#ip
as-path access-list 1 ?
deny
Specify packets to reject
permit
Specify packets to forward
R2(config)#ip
as-path access-list 1 permit ?
LINE A
regular-expression to match BGP AS paths. Use "ctrl-v ?" to enter
"?"
R2(config)#ip as-path
access-list 1 permit ^$ // MATCH ROUTES THAT ARE LOCAL OR DON'T CONTAIN AS IN ITS AS-PATH
R2(config)#end
R2#
*Jul 18
12:12:42.411: %SYS-5-CONFIG_I: Configured from console by console
R2#clear ip bgp * soft
R4#ping
10.1.0.1 source 172.16.4.1 // R4 <> R1 (ISP) STILL HAS FULL CONNECTIVITY
Type
escape sequence to abort.
Sending
5, 100-byte ICMP Echos to 10.1.0.1, timeout is 2 seconds:
Packet
sent with a source address of 172.16.4.1
!!!!!
Success
rate is 100 percent (5/5), round-trip min/avg/max = 48/60/68 ms
No comments:
Post a Comment