Two PE Routers – PE1 and PE2. They are connected with the 10.0.0.0/24 network. PE1 has a loopback of 1.1.1.1 and PE2 has 2.2.2.2. This Provider network could easily be increased in size and number of devices. Most labs will use OSPF or EIGRP for the Provider network with a BGP connection between the specific provider edge devices connecting to the client.
C-1-1 Configuration
hostname C-1-1
!
interface Loopback0
ip address 11.11.11.11 255.255.255.255
!
interface GigabitEthernet0/0
ip address 192.168.1.2 255.255.255.0
ip ospf 1 area 0
duplex auto
speed auto
media-type rj45
!
router ospf 1
router-id 11.11.11.11
C-1-2 Configuration
hostname C-1-2
!
interface Loopback0
ip address 12.12.12.12 255.255.255.255
!
interface GigabitEthernet0/0
ip address 192.168.2.2 255.255.255.0
ip ospf 1 area 0
duplex auto
speed auto
media-type rj45
!
router ospf 1
router-id 12.12.12.12
!
C-2-1 Configuration
hostname C-2-1
!
interface Loopback0
ip address 21.21.21.21 255.255.255.255
!
interface GigabitEthernet0/1
ip address 172.16.1.2 255.255.255.0
ip ospf 1 area 0
duplex auto
speed auto
media-type rj45
!
router ospf 1
router-id 21.21.21.21
!
C-2-2 Configuration
hostname C-2-2
!
interface Loopback0
ip address 22.22.22.22 255.255.255.255
!
interface GigabitEthernet0/1
ip address 172.16.2.2 255.255.255.0
ip ospf 2 area 0
duplex auto
speed auto
media-type rj45
!
router ospf 2
router-id 22.22.22.22
!
PE1
hostname PE1
!
ip vrf Client1
rd 65000:1
route-target export 65000:1
route-target import 65000:1
!
ip vrf Client2
rd 65000:2
route-target export 65000:1
route-target import 65000:1
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface GigabitEthernet0/0
ip vrf forwarding Client1
ip address 192.168.1.1 255.255.255.0
ip ospf 1 area 0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
ip vrf forwarding Client2
ip address 172.16.1.1 255.255.255.0
ip ospf 2 area 0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/2
ip address 10.0.0.1 255.255.255.0
duplex auto
speed auto
media-type rj45
mpls ip
!
router ospf 1 vrf Client1
router-id 192.168.1.1
redistribute bgp 65000 subnets
!
router ospf 2 vrf Client2
router-id 172.16.1.1
redistribute bgp 65000 subnets
!
router bgp 65000
bgp router-id 1.1.1.1
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 65000
neighbor 2.2.2.2 update-source Loopback0
!
address-family ipv4
neighbor 2.2.2.2 activate
exit-address-family
!
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf Client1
redistribute ospf 1
exit-address-family
!
address-family ipv4 vrf Client2
redistribute ospf 2
exit-address-family
!
ip route 2.2.2.2 255.255.255.255 10.0.0.2
PE2 Configuration
hostname PE2
!
ip vrf Client1
rd 65000:1
route-target export 65000:1
route-target import 65000:1
!
ip vrf Client2
rd 65000:2
route-target export 65000:2
route-target import 65000:2
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface GigabitEthernet0/0
ip vrf forwarding Client1
ip address 192.168.2.1 255.255.255.0
ip ospf 1 area 0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
ip vrf forwarding Client2
ip address 172.16.2.1 255.255.255.0
ip ospf 2 area 0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/2
ip address 10.0.0.2 255.255.255.0
duplex auto
speed auto
media-type rj45
mpls ip
!
router ospf 1 vrf Client1
router-id 192.168.2.1
redistribute bgp 65000 subnets
!
router ospf 2 vrf Client2
router-id 172.16.2.1
redistribute bgp 65000 subnets
!
router bgp 65000
bgp router-id 2.2.2.2
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 65000
neighbor 1.1.1.1 update-source Loopback0
!
address-family ipv4
neighbor 1.1.1.1 activate
exit-address-family
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf Client1
redistribute ospf 1
exit-address-family
!
address-family ipv4 vrf Client2
redistribute ospf 2
exit-address-family
!
ip route 1.1.1.1 255.255.255.255 10.0.0.1
NOTE: THIS LAB IS NOT COMPLETE IT IS SETUP SO BGP GOES DOWN DUE TO AN ISSUE WITH KEEP ALIVES. EVERY 3 MINUTES BGP WILL GO DOWN AND THEN THE DYNAMIC ROUTING PROTOCOL WILL TAKE PLACE. AFTER THIS BGP WILL COME UP AGAIN FOR ANOTHER 3 MINUTES AND KEEP REPEATING. THIS IS AN EXAMPLE OF WHY YOU USE STATIC ROUTING ACROSS EXTERNAL PEERS. THERE ARE OTHER SOLUTIONS..FIND THEM!
BGP’s primary purpose is to interconnect autonomous systems.
Autonomous system (ASN) – Networks or a group of networks under the same administrations control and have a common routing policy.
BGP is the glue that holds the internet together!
BGP is designed to carry large amounts of routes.
BGP removes the strain of carrying large amounts for IGPs.
ISP speak ‘customer routes’
External and Internal BGP use different policies.
IBGP is not able to replace IGP’s. IBGP is meant to work alongside an IGP to create an efficient network.
External BGP
External peers must be directly connected.
TTL of 1 is given
Time-to-live (TTL) tells a router whether or not the packet has been in the network too long and should be discarded – it times out at 0 and is discarded. Each hop is -1.
This is to avoid long peering from occurring.
TTL-Security is used to provide security to make sure neighbors are directly connected. This works by using a TTL of 255. This must be enabled on both peers (routers).
BGP Configuration Categories
Configuration consists of two categories.
Session commands tell BGP how to create the session.
session commands can be global or per address family(Apply to all address families or just one)
Policy commands control the routes.
Policy commands are ALWAYS per address family.
Internal Peering
No requirement for direct connectivity when doing iBGP.
Huh?
After the configuration has been completed and we have verified R2 and R4’s loopbacks are being advertised to one another we check the BGP table and find something interesting.
RIB-failure!!?? Normally failure is never a good thing but in this case we can see that we have an internal route that’s not being added to our routing table.
We can check to see if their is a better route for our destination and we certainly see that the route is being learned VIA OSPF which has a lower admin distance than iBGP – thus winning the route.
vIOS1 Configuration
vIOS1#sh runn
Building configuration…
Current configuration : 3589 bytes
!
! Last configuration change at 15:13:59 UTC Sat Mar 13 2021
!
version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname vIOS1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
ethernet lmi ce
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 192.168.0.1 255.255.255.255
ip ospf 1 area 0
!
interface GigabitEthernet0/0
ip address 192.168.69.1 255.255.255.0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/2
ip address 192.168.26.1 255.255.255.0
ip ospf 1 area 0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/3
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
!
router eigrp 69
network 192.168.0.0
network 192.168.69.0
!
router ospf 1
!
router bgp 600
bgp log-neighbor-changes
neighbor 192.168.0.2 remote-as 900
neighbor 192.168.0.2 ebgp-multihop 255
neighbor 192.168.0.2 update-source Loopback0
neighbor 192.168.0.4 remote-as 600
neighbor 192.168.0.4 update-source Loopback0
!
address-family ipv4
neighbor 192.168.0.2 activate
neighbor 192.168.0.2 send-community
neighbor 192.168.0.4 activate
neighbor 192.168.0.4 send-community
exit-address-family
!
ip forward-protocol nd
!
ip bgp-community new-format
!
no ip http server
no ip http secure-server
!
vIOS2 Configuration
vIOS2#sh runn
Building configuration…
Current configuration : 3368 bytes
!
! Last configuration change at 15:19:15 UTC Sat Mar 13 2021
!
version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname vIOS2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
ethernet lmi ce
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 192.168.0.2 255.255.255.255
!
interface GigabitEthernet0/0
ip address 192.168.69.2 255.255.255.0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/3
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
!
router eigrp 69
network 192.168.0.0
network 192.168.69.0
!
router bgp 900
bgp log-neighbor-changes
neighbor 192.168.0.1 remote-as 600
neighbor 192.168.0.1 ebgp-multihop 255
!
address-family ipv4
network 192.168.0.2 mask 255.255.255.255
neighbor 192.168.0.1 activate
neighbor 192.168.0.1 send-community
exit-address-family
!
ip forward-protocol nd
!
ip bgp-community new-format
!
no ip http server
no ip http secure-server
vIOS4 Configuration
vIOS4#sh runn
Building configuration…
Current configuration : 3363 bytes
!
! Last configuration change at 15:18:58 UTC Sat Mar 13 2021
!
version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname vIOS4
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
ethernet lmi ce
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 192.168.0.4 255.255.255.255
ip ospf 1 area 0
!
interface GigabitEthernet0/0
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/2
ip address 192.168.26.2 255.255.255.0
ip ospf 1 area 0
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/3
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
router ospf 1
!
router bgp 600
bgp log-neighbor-changes
neighbor 192.168.0.1 remote-as 600
neighbor 192.168.0.1 update-source Loopback0
!
address-family ipv4
network 192.168.0.4 mask 255.255.255.255
neighbor 192.168.0.1 activate
neighbor 192.168.0.1 send-community
exit-address-family
!
ip forward-protocol nd
!
ip bgp-community new-format
!
no ip http server
no ip http secure-server
iBGP Split Horizon – When an iBGP speaker learns of an iBGP Prefix it will not send the prefix to another iBGP speaker.
This means you will need to configure either a full mesh of iBGP peerings or use a function like route reflection or confederation to work around this rule.
eBGP Peering – Peering between different Autonymous Systems.
eBGP multi-hop – Used whenever you want to peer between loopback addresses between eBGP peers.
eBGP Multi-hop Lab
Configure the BGP topology given in the diagram.
All peering should be formed between loopback addresses.
Do not form an iBGP peering between R2 and R3.
Allowed to create static routes in AS 400 and AS 500 if needed.
