Border Gateway Protocol (BGP) is not merely a protocol—it’s the backbone of the...
2.9 Bgpd Configuration
For IRP to inject the improved prefixes to the routing tables, proper iBGP sessions have to be configured between the edge routers and the IRP. The IRP BGP daemon acts similarly to a route-reflector-client.
Following criteria need to be met:
- An internal BGP session using the same autonomous system number (ASN) must be configured between each edge router and the IRP. BGP sessions must not be configured with next-hop-self (route reflectors can’t be used to inject routes with modified next-hop) – the next-hop parameter advertised by IRP Bgpd should be distributed to other iBGP neighbors.
- route-reflector-client must be enabled for the routes advertised by IRP Bgpd to be distributed to all non-client neighbors.
- Routes advertised by IRP Bgpd must have a higher preference over routes received from external BGP neighbors.
This can be done by different means, on the IRP or on the router side:
→ Local-pref can be set to a reasonably high value in the Bgpd configuration
→ Communities can be appended to prefixes advertised by Bgpd
Avoid collisions of localpref or communities values assigned to IRP within both its configuration and/or on customer’s network.→ Multi-exit-discriminator(MED) can be changed to affect the best-path selection algorithm
→ Origin of the advertised route can be left unchanged or overridden to a specific value (incomplete, IGP, EGP)
LocalPref, MED and Origin attribute values are set with the first nonempty value in this order: 1) value from configuration or 2) value taken from incoming aggregate or 3) default value specified in RFC4271.
Communities attribute value concatenates the value taken from incoming aggregate with configuration value. The router should be configured to send no Communities attribute in case it is required that IRP announces Communities attribute that contain only the configured value. - BGP next-hop must be configured for each provider configured in IRP (please refer to Providers configuration and Provider)
Special attention is required if edge routers are configured to announce prefixes with empty AS-Path. In some cases, improvements announced by Bgpd may have an empty AS-Path. Thus, when edge router does not have any prefix-list filtering enforced, all the current improvements can be improperly advertised to routers – this may lead to policy violations and session reset. Refer to AS-Path behavior in IRP Bgpd regarding the way to disallow announcements with empty AS-Path.None of the improvements advertised by IRP should be advertised to your external peers (refer to bgpd.no_export).
We recommend the routes to be injected into the edge router which runs the BGP session with the provider. This ensures that the routes are properly redistributed across the network.
For example, there are two routers: R1 and R2. R1 runs a BGP session with Level3 and R2 with Cogent. The current route is x.x.x.x/24 with the next-hop set to Level3 and all the routers learn this route via R1. The system injects the x.x.x.x/24 route to R2 with the next-hop updated to Cogent. In this case the new route is installed on the routing table and it will be properly propagated to R1 (and other routers) via iBGP.
However if the system injects the new route to R1 instead of R2, the route’s next-hop will point to R2 while R2 will have the next-hop pointing to R1 as long as the injected route is propagated over iBGP to other routers. In this case a routing loop will occur.
In the following BGP session configuration example, the IRP server with IP
10.0.0.2 establishes an iBGP session to the edge router (IP: 10.0.0.1). The local-pref parameter for the prefixes advertised by IRP is set to 190. BGP monitoring (see BGP Monitoring, Bgpd settings) is enabled.bgpd.peer.R1.as = 65501 bgpd.peer.R1.our_ip = 10.0.0.2 bgpd.peer.R1.master_peer_ip = 10.0.0.1 bgpd.peer.R1.listen = 1 bgpd.peer.R1.localpref = 190 bgpd.peer.R1.shutdown = 0
Vendor-specific router-side iBGP session configuration examples: #
Vyatta routers: #
set protocols bgp 65501 neighbor 10.0.0.2 remote-as '65501' set protocols bgp 65501 neighbor 10.0.0.2 route-reflector-client set protocols bgp 65501 parameters router-id '10.0.0.1'
delete system ipv6 disable-forwarding commit set protocols bgp 65501 neighbor 2001:db8:2::2 remote-as '65501' set protocols bgp 65501 neighbor 2001:db8:2::2 route-reflector-client set protocols bgp 65501 neighbor 2001:db8:2::2 address-family 'ipv6-unicast' set protocols bgp 65501 parameters router-id '10.0.0.1'
set protocols bgp 65501 neighbor 10.0.0.2 route-map import 'RM-IRP-IN' set policy route-map RM-IRP-IN rule 10 action 'permit' set policy route-map RM-IRP-IN rule 10 set local-preference '190'
set protocols bgp 65501 neighbor 2001:db8:2::2 route-map import 'RM-IRP-IN' set policy route-map RM-IRP-IN rule 10 action 'permit' set policy route-map RM-IRP-IN rule 10 set local-preference '190'
Cisco routers: #
router bgp 65501 neighbor 10.0.0.2 remote-as 65501 neighbor 10.0.0.2 send-community neighbor 10.0.0.2 route-reflector-client
router bgp 65501 neighbor 2001:db8:2::2 remote-as 65501 neighbor 2001:db8:2::2 send-community neighbor 2001:db8:2::2 route-reflector-client or router bgp 65501 neighbor 2001:db8:2::2 remote-as 65501 no neighbor 2001:db8:2::2 activate address-family ipv6 neighbor 2001:db8:2::2 activate neighbor 2001:db8:2::2 send-community neighbor 2001:db8:2::2 route-reflector-client
router bgp 65501 neighbor 10.0.0.2 route-map RM-IRP-IN input route-map RM-IRP-IN permit 10 set local-preference 190
router bgp 65501 neighbor 2001:db8:2::2 route-map RM-IRP-IN input route-map RM-IRP-IN permit 10 set local-preference 190
router bgp 65501 neighbor 10.0.0.2 maximum-prefix 10000
router bgp 65501 neighbor 2001:db8:2::2 maximum-prefix 10000
Juniper equipment: #
The Cluster ID must be unique in multi-router configuration. Otherwise improvements will not be redistributed properly. Cluster ID is optional for single router networks.[edit]
routing-options {
autonomous-system 65501;
router-id 10.0.0.1;
}
protocols {
bgp {
group 65501 {
type internal;
cluster 0.0.0.1;
family inet {
unicast;
}
peer-as 65501;
neighbor 10.0.0.2;
}
}
}
[edit]
routing-options {
autonomous-system 65501;
router-id 10.0.0.1;
}
protocols {
bgp {
group 65501 {
type internal;
cluster 0.0.0.1;
family inet6 {
any;
}
peer-as 65501;
neighbor 2001:db8:2::2;
}
}
}
[edit]
routing-options {
autonomous-system 65501;
router-id 10.0.0.1;
}
protocols {
bgp {
group 65501 {
type internal;
peer-as 65501;
neighbor 10.0.0.2 {
preference 190;
}
}
}
}