BGP is a key Internet protocol that allows access to the providers worldwide. BGP ensures loopsless routing between autonomous systems, “RFC 4271 – A Border Gateway protocol 4 (BGP-4)”. Routers use Interior Gateway Protocols (IGP) within AS, and BGP outside the AS. When BGP runs between routers in the same AS, it is called internal BGP (IBGP). When BGP runs between routers that belong to different autonomous systems, it is called external BGP (EBGP).
BGP uses TCP as the transport protocol (port 179). Two BGP routers establish TCP connection between them. These routers are called neighboring routers. Neighbors exchange information about paths (BGP announcements). EBGP path is a set of AS numbers that should be transited to reach the destination network.
BGP paths are stored in three BGP tables: Adj-RIB-In, Loc-RIB and Adj-RIB-Out. Upon reception of an announcement from neighbor, BGP takes the paths from the announcement and places them in the Adj-RIB-In (Adjacent Routing Information Base, Incoming). Then BGP processes them in compliance with corresponding policies and moves them to the Loc-RIB (Local Routing Information Base). Local paths that are configured by network administrators as well as paths, redistributed from IP routing table routes, are also stored in Loc-RIB. Paths that BGP intends to announce to neighbors are taken from Loc-RIB and placed into Adj-RIB-Out (Outgoing) table.
BGP selects the best path from Loc-RIB and compares the administrative distance (AD) among the other routes to the same network, which are obtained from other protocols, such as OSPF, RIP. The path with the lowest AD is placed in the IP routing table of the router.
Enabling BGP router
BGP router must be enabled to start BGP configuration. It can be done with the following command:
(config)# router bgp <AS>
<AS> – Autonomous System number that the router belongs to.
After entering this command, the router switches to BGP router configuration mode, where the rest BGP router configurations commands can be added.
Example of enabling BGP router, that resides in 65001 autonomous system:
(config)# router bgp 65001
Disable BGP router with the command:
(config) # no router bgp <AS>
BGP router configuration is now removed.
BGP router identifier (router-id)
When the BGP router is enabled, an identifier is created. It is the IP address that matches maximum IP address of router’s interfaces. If there is no IP address on the router, 0.0.0.0 value is assigned for router-id, which must be manually changed. This identifier can be modified with the command:
(config-bgp-65001)# bgp router-id <RID>
<RID> – IP address that will identify the BGP router.
Example of the IP address 192.168.1.1 usage as an identifier:
(config-bgp-65001) # bgp router-id 192.168.1.1
To remove the identifier and return to the default value, use the command:
(config-bgp-65001) # no bgp router-id
Creating BGP session (neighbor)
BGP session is established between two neighbors. To establish a BGP session, both neighbors should be configured with the following command:
(config-bgp-65001)# neighbor <ip>|<group> remote-as <AS>
<ip> – IP-address of the neighboring BGP router. For EBGP connection, this address must reside in directly connected network (this check can be disabled). For IBGP session, a route to this address must exist.
<group> – group name, that neighboring BGP router is in.
<AS> – AS number, that the neighboring BGP router or group belongs to.
Configuration example of EBGP session between neighbor 1 from 65001 AS with the IP address 192.168.1.1, and neighbor 2 from 65002 AS with the IP address 192.168.1.2
Neighbor-1(config-bgp-65001)# neighbor 192.168.1.2 remote-as 65002 Neighbor-2(config-bgp-65002)# neighbor 192.168.1.1 remote-as 65001
To check the possibility of session establishment use ping:
Neighbor-1 # ping 192.168.1.2 source 192.168.1.1
BGP session removal and administrative shutdown
BGP session removal can be accomplished with the command:
(config-bgp-65001)# no neighbor <ip>|<group> remote-as
Thus, all other settings associated with that neighbor will be removed as well. Administrative shutdown command is preferable for temporary session disabling:
(config-bgp-65001)# neighbor <ip>|<group> shutdown
To enable the neighbor back, use the command:
(config-bgp-65001)# no neighbor <ip>|<group> shutdown
Several BGP routers can be bound into a single group, if they are in the same AS. In this case, they will use common group settings. To create a group use the command:
(config-bgp-65001)# neighbor <group> peer-group
<group> – group name.
A router can be added to a group as follow:
(config-bgp-65001)# neighbor <ip> peer-group <group>
<ip> – IP address of the neighbor.
Example of creating “mybgpgroup” peer-group of three BGP routers, located in 65003 AS. Remote AS number for the group must be identified before adding a BGP router to a group, routers can be added after that.
(config-bgp-65001)# neighbor mybgpgroup peer-group(config-bgp-65001)# neighbor mybgpgroup remote-as 65003 (config-bgp-65001)# neighbor 192.168.3.1 peer-group mybgpgroup (config-bgp-65001)# neighbor 192.168.3.2 peer-group mybgpgroup (config-bgp-65001)# neighbor 192.168.3.3 peer-group mybgpgroup
Using a dummy-interface (update-source)
When using a dummy-interface, BGP router informs the neighbor which IP address does not belong to any physical interface, and therefore, does not depend on its state (dummy-interface is always active).
To use a dummy-interface, the following command must be executed:
(config-bgp-65001)# neighbor <ip>|<group> update-source <ip-iface>|<iface>
<ip-iface> – IP address of the dummy-interface.
<iface> – the name of the dummy-interface.
An example of using dummy-interface named dummy0 and IP address 192.168.1.1 as source of BGP updates.
(config)# interface dummy 0(config-if-dummy0)# ip address 192.168.1.1/24 (config-if-dummy0)# enable (config-bgp-65001)# neighbor 220.127.116.11 update-source dummy 0
Cancel dummy-interface use with the command:
(config-bgp-65001)# no neighbor <ip>|<group> update-source
Disable directly connected network check for EBGP (disable-connected-check, enforce-multihop)
In case of EBGP session, BGP router will look for neighbor in one of the directly connected networks.
For instance, when using a connectionless dummy-interface, either this check must be disabled, or the ebgp-multihop command must be used.
Disable checking with the command:
(config-bgp-65001)# neighbor <ip>|<group> disable-connected-check
There is a similar command, enforce-multihop. Under this command, disable-connected-check will still be written in configuration.