Configuring BGP

Published by Joe Conklin on

What is BGP and why to use it?

Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. The Border Gateway Protocol makes routing decisions based on paths, network policies, or rule-sets configured by a network administrator and is involved in making core routing decisions. BGP may be used for routing within an autonomous system. In this application it is referred to as Interior Border Gateway Protocol, Internal BGP, or iBGP. In contrast, the Internet application of the protocol may be referred to as Exterior Border Gateway Protocol, External BGP, or eBGP.

In the network below there are a total of five routers and one end-user computer. In real world deployments a network could have dozens or hundreds of routers or devices depending on the scale of the network. Regardless of the network complexity dynamic routing serves the same role in that its purpose is to share routes with other routers so devices know how to transverse networks and remote devices can return traffic back to the requester. Hence, the creation of dynamic routing.

Steps to configure BGP

Step 1: Configure all applicable router interfaces.

R1(config)#interface FastEthernet0/0
R1(config-if)#ip address 1.1.1.2 255.255.255.252
!
R1(config)#interface FastEthernet1/0
R1(config-if)#ip address 10.253.0.1 255.255.255.252
!
R1(config)#interface FastEthernet1/1
R1(config-if)#ip address 10.251.0.1 255.255.255.252

Step 2: Enable a BGP routing process with each router having a unique AS number, enable BGP routing on all applicable IP networks, and configure static neighbors.

R1(config)#router bgp 65011
R1(config-router)#network 1.1.1.0 mask 255.255.255.252
R1(config-router)#network 10.251.0.0 mask 255.255.255.252
R1(config-router)#network 10.253.0.0 mask 255.255.255.252
R1(config-router)#neighbor 1.1.1.1 remote-as 65021
R1(config-router)#neighbor 10.251.0.2 remote-as 65012
R1(config-router)#neighbor 10.253.0.2 remote-as 65013

Step 3: Enable a maximum of two paths to be installed into the routing table when multiple paths are available.

R1(config)#router bgp 65011
R1(config-router)#maximum-paths 2
R1(config-router)#bgp bestpath as-path multipath-relax

In addition to the above, I recommend performing a few additional configurations for troubleshooting and security purposes. This prevents the possibility of rogue routers from forming an adjacency and protect the routing table from willful or accidental corruption.

Step 4: Log neighbor up/down and reset reasons.

R1(config)#router bgp 65011
R1(config-router)#bgp log-neighbor-changes

Step 5: Enable BGP neighbors for soft-reconfiguration. This feature provides a way to initiate non-disruptive routing policy changes by allowing the dynamic exchange of route refresh requests between BGP routers.

R1(config)#router bgp 65011
R1(config-router)#neighbor 1.1.1.1 soft-reconfiguration inbound
R1(config-router)#neighbor 10.251.0.2 soft-reconfiguration inbound
R1(config-router)#neighbor 10.253.0.2 soft-reconfiguration inbound

Step 6: Configure BGP peer authentication used to form an adjacency.

R1(config)#router bgp 65011
R1(config-router)#neighbor 1.1.1.1 password bgp-peer-password
R1(config-router)#neighbor 10.251.0.2 password bgp-peer-password
R1(config-router)#neighbor 10.253.0.2 password bgp-peer-password

Caution: When peer authentication is added to the interface of a router, that router stops receiving routing messages from its peers until they are also configured for authentication. This does interrupt routing communications on your network.

Step 7: Configure password encryption on your routers so the passwords are not shown in the configuration in clear text.

R1(config)#service password-encryption

Step 8: Repeat the same steps on all remaining routers with the applicable interface and routing configurations.

Verify the configuration

Now that the configuration is finished lets verify our neighbors and routes. Using the show ip bgp summary and show ip route commands you can verify the remote routers to which your router has formed and adjacency and verify the expected routes are being advertised. Use the ping command to verify connectivity.

 

Categories: Cisco NetworkingCisco RoutingDynamic RoutingInternet Routing

Related Posts

Cisco Networking

BGP Load Sharing

Load balancing with BGP is not possible in a multihomed environment with two ISPs. BGP selects only the single best path to a destination among the BGP paths that are learned from different ASs, which Read more…

Cisco Firewall

Configuring Dynamic Multipoint VPN and Zone Based Firewall

DMVPN provides the capability for creating a dynamic-mesh VPN network without having to pre-configure (static) all possible tunnel end-point peers, including IPsec (Internet Protocol Security) and ISAKMP (Internet Security Association and Key Management Protocol) peers. Read more…

Cisco Networking

Configuring Layer 2 MPLS VPN

Layer 2 VPNs are a type of Virtual Private Network (VPN) that uses MPLS labels to transport data. The communication occurs between routers that are known as Provider Edge routers (PEs), as they sit on Read more…