What is BGP and why to use it?
Border Gateway Protocol (BGP) is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. The Border Gateway Protocol makes routing decisions based on paths, network policies, or rule-sets configured by a network administrator and is involved in making core routing decisions. BGP may be used for routing within an autonomous system. In this application it is referred to as Interior Border Gateway Protocol, Internal BGP, or iBGP. In contrast, the Internet application of the protocol may be referred to as Exterior Border Gateway Protocol, External BGP, or eBGP.
In the network below there are a total of five routers and one end-user computer. In real world deployments a network could have dozens or hundreds of routers or devices depending on the scale of the network. Regardless of the network complexity dynamic routing serves the same role in that its purpose is to share routes with other routers so devices know how to transverse networks and remote devices can return traffic back to the requester. Hence, the creation of dynamic routing.
Steps to configure BGP
Step 1: Configure all applicable router interfaces.
R1(config)#interface FastEthernet0/0 R1(config-if)#ip address 188.8.131.52 255.255.255.252 ! R1(config)#interface FastEthernet1/0 R1(config-if)#ip address 10.253.0.1 255.255.255.252 ! R1(config)#interface FastEthernet1/1 R1(config-if)#ip address 10.251.0.1 255.255.255.252
Step 2: Enable a BGP routing process with each router having a unique AS number, enable BGP routing on all applicable IP networks, and configure static neighbors.
R1(config)#router bgp 65011 R1(config-router)#network 184.108.40.206 mask 255.255.255.252 R1(config-router)#network 10.251.0.0 mask 255.255.255.252 R1(config-router)#network 10.253.0.0 mask 255.255.255.252 R1(config-router)#neighbor 220.127.116.11 remote-as 65021 R1(config-router)#neighbor 10.251.0.2 remote-as 65012 R1(config-router)#neighbor 10.253.0.2 remote-as 65013
Step 3: Enable a maximum of two paths to be installed into the routing table when multiple paths are available.
R1(config)#router bgp 65011 R1(config-router)#maximum-paths 2 R1(config-router)#bgp bestpath as-path multipath-relax
In addition to the above, I recommend performing a few additional configurations for troubleshooting and security purposes. This prevents the possibility of rogue routers from forming an adjacency and protect the routing table from willful or accidental corruption.
Step 4: Log neighbor up/down and reset reasons.
R1(config)#router bgp 65011 R1(config-router)#bgp log-neighbor-changes
Step 5: Enable BGP neighbors for soft-reconfiguration. This feature provides a way to initiate non-disruptive routing policy changes by allowing the dynamic exchange of route refresh requests between BGP routers.
R1(config)#router bgp 65011 R1(config-router)#neighbor 18.104.22.168 soft-reconfiguration inbound R1(config-router)#neighbor 10.251.0.2 soft-reconfiguration inbound R1(config-router)#neighbor 10.253.0.2 soft-reconfiguration inbound
Step 6: Configure BGP peer authentication used to form an adjacency.
R1(config)#router bgp 65011 R1(config-router)#neighbor 22.214.171.124 password bgp-peer-password R1(config-router)#neighbor 10.251.0.2 password bgp-peer-password R1(config-router)#neighbor 10.253.0.2 password bgp-peer-password
Caution: When peer authentication is added to the interface of a router, that router stops receiving routing messages from its peers until they are also configured for authentication. This does interrupt routing communications on your network.
Step 7: Configure password encryption on your routers so the passwords are not shown in the configuration in clear text.
Step 8: Repeat the same steps on all remaining routers with the applicable interface and routing configurations.
Verify the configuration
Now that the configuration is finished lets verify our neighbors and routes. Using the show ip bgp summary and show ip route commands you can verify the remote routers to which your router has formed and adjacency and verify the expected routes are being advertised. Use the ping command to verify connectivity.