Basic Configuration Commands to Connect to Another Autonomous System

14 Mar

Basic Configuration Commands to Connect to Another Autonomous System
To connect to another autonomous system, it is necessary to configure required commands. You can also configure optional commands based on the needs of your network environment. The next sections discuss both required and optional commands.

Configuring Required BGP Commands
To connect to another autonomous system, you need to configure the following items:

■ The start of the routing process
■ The BGP neighbor with which the routing process will synchronize routing tables over a TCP session

Starting the Routing Process
The command to configure the routing process is the same command as that for the interior routing protocols. The syntax is as follows:

Router(config)#router bgp autonomous-system-number

Identifying Neighbors and Defining Peer Groups
A peer group is a group of neighbors that share the same update policy. This is the mechanism by which routers are grouped to simplify configuration.

A peer group also eases the overhead on the network, because the iBGP routers do not need to be fully meshed. When the network is fully meshed, the maintenance of all the neighbor relationships can place strain on your network.

All the members of the peer group will inherit the characteristic configured with the following command. The use of peer-group-name allows the identification of the router as a member of a peer group:

Router(config-router)#neighbor peer-group-name peer-group

Once the peer group has been defined, it is possible to define neighbors for all the members of the peer group.

Router(config-router)#neighbor ip-address | peer-group-name remote-as
autonomous-system- number

In iBGP, the remote autonomous system numbers that are defined for the BGP peers and for this BGP routing process are the same; in eBGP, these numbers differ.

Figure 15-7 is the topology map for Example 15-1. This figure shows the basic configuration commands required to make eBGP operate between autonomous systems.

Figure 15-7 Topology for Example 15-1

532 Chapter 15: Connecting to Other Autonomous Systems—The Basics of BGP

In Example 15-1, Router A in AS100 connects to routers in AS100, AS200, AS300, AS400, and AS500.

Example 15-1 Basic Configuration of eBGP on Router A

Configuring Optional BGP Commands
The following sections describe optional commands in the basic configuration of BGP. These commands are related to the following tasks:
■ Defining the networks to be advertised
■ Forcing the next-hop address
■ Aggregating routes

Defining the Networks to Be Advertised
To define the network that is to be advertised for this autonomous system, use the following command (each network requires a separate command):

Router(config-router)#network network-number mask network-mask

The network command determines the networks that are originated by this router. This is a different use of the network command than you are accustomed to configuring with EIGRP, OSPF, and RIP. This command is not identifying the interfaces upon which to run BGP; instead, it is stating the networks that are to be advertised by BGP. The network command must include all the networks in the autonomous system to be advertised, not just those that are directly connected to the router. The
mask portion is used because BGP can handle subnetting and supernetting. The mask used is a network mask.

Forcing the Next-Hop Address
On a multiaccess network, the rule is that the source address of a packet is that of the router that originated the packet onto the network. This can cause problems on an NBMA network that appears to be a multiaccess network, but that in reality might not have full connectivity to all the routers on the network. If the source address is the address of the initiating router, the other routers might not have a path to this next hop, and packets will be dropped. (This issue was described earlier in this chapter in the section “The Next-Hop Attribute and a Broadcast Multiaccess Network.”) To overcome this problem, the next-hop address can be configured to be that of the transmitting router. The syntax of the command is as follows:

Router(config-router)#neighbor { ip-address | peer-group} next-hop-self

Aggregating Routes
To summarize or aggregate routes within the BGP domain, use the following command from configrouter mode:

Router(config-router)#aggregate-address ip-address mask [summary-only] [as-set]

If the parameter summary-only is used, then the specific routes are suppressed, and the summary route is the only one propagated. If the parameter as-set is used, then all the autonomous systems that have been traversed will be recorded in the update message. The as-path attributes of the prefixes that make up the aggregate are placed in the as-set attribute of the update.

Because it might be necessary to redistribute BGP into the IGP, care must be taken to avoid routing loops and not to overwhelm the routing tables. The administrative distance of BGP helps prevent this problem (see Figure 15-8).

Example 15-2 is a BGP configuration using the aggregate-address command with the summarization parameter. In this example, any routes with a longer prefix than /16 are summarized, if possible, into the routes specified. In this way, the route 10.20.35.8/29 is not seen in BGP updates because it is summarized into the address 10.20.0.0/16. Any route that does not summarize into those specified in the example is listed individually. Summarization reduces the overhead on the network and simplifies system administration.

Example 15-2 The aggregate-address Command with the Summarization Parameter

In Figure 15-8, because iBGP has an administrative distance of 200, it is effectively the last choice. Router C will always choose the direct path to 10.0.0.0 through Router A because it has an administrative distance of 20. The route through D and B to find network 10.0.0.0 will have an administrative distance of 110 (OSPF) or 200 (iBGP), depending on the configuration.

Managing and Verifying the BGP Configuration
After configuration changes in BGP, it is necessary to reset the TCP session between neighbors. This can be forced with the following command:

Router(config-router)#clear ip bgp {* | address}[soft [in | out]]

This command disconnects the session between the neighbors and reestablishes it using the new configuration that has been entered. The soft option does not tear down the sessions, but it resends the updates. The in and out options allow the configuration of inbound or outbound soft updates. The default is for both.

NOTE The clear ip bgp command is an executive command executed at the privileged level. It is not a configuration command.

The show commands for BGP are comprehensive and give clear information about the BGP sessions and routing options. These informative commands and their functions are as follows:

■ show ip bgp —Displays the BGP routing table.
■ show ip bgp paths —Displays the topology table.
■ show ip bgp summary —Displays information about the TCP sessions.
■ show ip bgp neighbors —Displays information about the TCP connections to neighbors. When the connection is established, the neighbors can exchange updates.
■ show processes cpu —Displays active processes and is useful to identify any process that is using excessive resources.

Another command that helps to troubleshoot any implementation and should be considered in the BGP configuration is the debug command. An entire book in the IOS documentation set is devoted to this command. For BGP, debug is a very useful command. It is shown here with all the possible options:

Router#debug ip bgp [dampening | events | keepalives | updates]

This command displays live information of events as they occur. The options available display dampening information, events, keepalives to maintain the TCP session with the peer, and routing updates as they are sent or received. Route dampening is a mechanism to minimize the instability caused by route flapping. By counting the number of times the identified route fails and applying apenalty to the route for each flap, BGP categorizes the route as well-behaved or ill-behaved. Depending on its reputation, BGP suppresses the route by not advertising it in routing updates. The route can redeem itself by remaining up. Once there is some confidence that the route is stable, BGP
reinstates and advertises it once more.

Given its complexity and role in internetworking, BGP is seldom used by private organizations. To handle the rush to connect to expanding Internet resources, service providers emerged to set up and manage the connection. This is advantageous for everyone. For a small fee, the organization or individual has a complex connection created and maintained. The burden on the Internet is also eased, because its limited space is taken by large corporations and organizations rather than millions
of individual users. Because ISPs handle BGP, information on troubleshooting BGP is not covered in as much detail as has been done in previous chapters for other technologies.

Alternative Methods of Connecting to Another Autonomous System
If BGP is unnecessary in your network, consider the other possibilities for connecting to another autonomous system. If you do not have BGP running in your organization, you most likely are connecting to an ISP. This section is primarily concerned with connecting your company to the Internet through an ISP. The different methods include the following:

■ A default route into the autonomous system and a static route from the autonomous system into the organization.
■ A routing protocol into the autonomous system, making the autonomous system part of your autonomous system. The autonomous system will be using redistribution within its domain, and it is advisable for the organization to use some form of security, such as an access list or a firewall.

Typically, your ISP gives you a written sheet explaining the required configuration, or it requests access to your autonomous system boundary router (ASBR) so that it can configure the router itself. Either way, it is useful to be cognizant about the procedure.

There are too many variations in configuring an internal routing protocol to detail in this chapter. Refer to Chapter 1, “IP Routing Principles,” for coverage of static and default routes; Chapter 3, “Designing IP Networks,” for connecting to the outside world with NAT; and Chapter 17, “Implementing Redistribution and Controlling Routing Updates,” for redistribution.

The use of default and static routes is an alternative to BGP that has been implemented for years in connecting remote satellite networks, particularly those connected by a dialup link.

The solution is simple: The smaller network defines a default route that it propagates throughout the domain. The default route points to the network that connects to the ISP. The larger autonomous system—in this case, the ISP—configures static routes to its customer. The ISP’s routing table summarizes the static routes to the IANA classful address and propagates the summarized routes throughout the ISP’s network, eventually advertising them into the Internet. Thus, the smaller organization is connected into the global internetwork. Figure 15-9 illustrates the use of default and static routes and shows how they are propagated.

Figure 15-9 Default and Static Route Configuration into the Internet

The command syntax to configure a static route is as follows:

Router(config)#ip route prefix mask { interface | ip-address} [ distance]

It is possible to specify either the outgoing interface or the IP address of the next logical hop. If you specify the outgoing interface, the routing table considers the route to be directly connected. The default administrative distance of a directly connected link is 0. This is only appropriate for pointto- point links where there is no choice in the destination address. If the next hop IP address is configured, the route is given the administrative distance of 1.

In either case, the administrative distance ensures that this path is chosen above all others. If this static route is a redundant link into the ISP configured as a backup resource, it might be necessary to change the administrative distance.

To propagate the static routes throughout the domain, it is necessary to redistribute them in to the appropriate routing protocol.

Foundation Summary
The “Foundation Summary” section of each chapter lists the most important facts from the chapter. Although this section does not list every fact from the chapter that will be on your exam, a wellprepared candidate should, at a minimum, know all the details in each “Foundation Summary” before going to take the exam.

The key features of BGP include the following:
■ BGP is an enhanced path vector protocol.
■ BGP supports VLSM, CIDR, and summarization.
■ BGP creates and maintains connections between peers, using the destination TCP port 179 to initiate the connection.
■ The connection is maintained by periodic keepalives.
■ The failure to see a keepalive, an update, or the receipt of a notification is the means by which destination networks and paths to those destinations are tracked. Any change in the network results in a triggered update.
■ The metric used in BGP is intricate and is the source of its complexity and its strength. The metric, referred to as attributes, allows great granularity in path selection.
■ The use of hierarchical addressing and the capability to manipulate traffic flow results in a network that is designed to grow.
■ BGP has its own routing table, although it is capable of both sharing and inquiring about the interior IP routing table.
■ It is possible to manipulate the traffic flow by using the complex metric called attributes. Despite the complexity offered in path selection using policy-based routing, the traffic is still forwarded using the hop-by-hop paradigm. This means that no router can send traffic on a route that the next-hop router would not choose for itself.

Table 15-5 explains the four categories of attributes.
Table 15-5 The Four Categories of Attributes

The attributes are appropriately carried in the updates that inform the routers of the routes.

540 Chapter 15: Connecting to Other Autonomous Systems—The Basics of BGP
The attributes and a description of their characteristics are shown in Table 15-6.
Table 15-6 The BGP Attributes

Table 15-6 The BGP Attributes (Continued)

542 Chapter 15: Connecting to Other Autonomous Systems—The Basics of BGP
Table 15-6 The BGP Attributes (Continued)

Figure 15-10 shows the logic of the path selection used in BGP.
Use Figure 15-10 in association with the following list of the selection process steps:
1. If the router has a valid route to the destination, use that route.
2. If there is more than one valid route to the destination, take the route with the highest weight (Cisco proprietary).
3. If the weights are the same, select the route with the highest local preference.
4. If the routes have the same local preference, prefer the route that originated on the local router.
5. If there are no routes that originated on the router, examine the AS_Path and select the shortest path.
6. If the AS_Path is the same, examine and choose the lowest origin code.
7. If the origin codes are the same, select the path with the lowest MED (the MED values must have been sent from the same neighboring autonomous system).

Figure 15-10 Path Selection in BGP

544 Chapter 15: Connecting to Other Autonomous Systems—The Basics of BGP

8. If the MED values are the same, choose an external BGP route over an internal BGP route.
9. If there is no external route, choose the path with the lowest IGP metric or cost to the next-hop router for iBGP.
10. If the paths are equal, select the oldest path.
11. If all else fails, choose the router with the lowest BGP router ID. The router ID is either the highest IP address, with preference given to the loopback interface, or manually configured.

Table 15-7 summarizes the commands covered in this chapter.
Table 15-7 Summary of BGP Commands

Q&A
As mentioned in the introduction, you have two choices for review questions. The questions that follow next give you a bigger challenge than the exam itself by using an open-ended question format. By reviewing now with this more difficult question format, you can exercise your memory better and prove your conceptual and factual knowledge of this chapter. The answers to these questions are found in Appendix A.

For more practice with examlike question formats, including questions using a router simulator and multichoice questions, use the exam engine on the CD-ROM.

1. If the weight attribute is used, is a higher or lower weight preferred?
2. What is an alternative to using BGP as the method of connection to the ISP?
3. What does the command clear ip bgp * achieve, and why should it be used cautiously?
4. Give three situations in which you should not use BGP to connect to the Internet.
5. Explain the use of the command neighbor 10.10.10.10 remote-as 250 .
6. Explain briefly the purpose of the community attribute.
7. In the route selection process, place the following in order of preference: origin code, weight, local preference, and MED. State the method of selection for the individual attributes themselves.
8. What is a mandatory attribute?
9. What type of routing protocol is BGP classified as, and what does this mean?
10. Explain how static routes can be used as an alternative to configuring BGP to connect to another autonomous system.
11. Explain how a default route can be used as an alternative to configuring BGP to connect to another autonomous system.
12. State two attributes of BGP.
13. State four message types of BGP.
14. What is policy-based routing?
15. What do the letters MED represent? Give a brief explanation of what MED does.
16. What is a community in BGP?
17. Give two reasons why BGP peer groups are useful.
18. What is the difference between a peer and a neighbor?
19. In BGP, describe the purpose of the network command.
20. Explain the command neighbor {ip-address | peer-group-name} next-hop-self .

Scenarios
The following scenarios and questions are designed to draw together the content of the chapter and to exercise your understanding of the concepts. There is not necessarily a right answer. The thought process and practice in manipulating the concepts are the goals of this section. The answers to the scenario questions are found at the end of this chapter.

Scenario 15-1
The company Humugos is waiting for the consultant to configure the network. The requirement is to give each country in which Humugos operates its own autonomous system number. The countries will be connected via eBGP and will use leased lines. The autonomous system numbers are private because the connection to the Internet is dealt with by an ISP at each local site. For the first phase of the switchover, EIGRP is removed from the connections between the countries, and the BGP configuration needs to be implemented to ensure a smooth transition. The intention is for each country to have the same configuration to ease management and troubleshooting.

1. Using the diagram in Figure 15-11 as a reference, issue the commands that need to be configured at each country or autonomous system. The private autonomous system numbers range from 64,512 to 65,535.

Figure 15-11 has been simplified and does not contain 250 autonomous systems, as the case study suggests.

2. The BGP network is a full-mesh network. Are there going to be any scaling problems ensuing from this?
3. What commands would indicate that there was a problem of scaling?

548 Chapter 15: Connecting to Other Autonomous Systems—The Basics of BGP
Figure 15-11 Diagram for Scenario 15-1

Scenario 15-2
A small company called Insolvent, Inc., has a main office in Chicago and satellite offices on the West Coast of the United States. The company has recently changed its routing protocol to OSPF.

Insolvent has a connection to the Internet from each site, over which it does all its business. The link is a fractional T1 at the satellite offices and a full T1 at the main office. The network administrator at the main office is responsible for the corporate network and is currently trying to recruit staff to manage the local networks. The network administrator was advised at a technical seminar that BGP is what is needed to connect to the Internet. Figure 15-12 shows the network.

1. Given the description of the company and with reference to Figure 15-12, do you agree that BGP is a requirement for this network? Give reasons for your answer.
2. What alternatives are available?
3. Give the alternative configuration commands for the satellite site to connect to Internet.
4. What commands would show that the link is up and operational?

Figure 15-12 Diagram for Scenario 15-2

Scenario 15-3
Review the output in Example 15-3, and answer the following questions.
Example 15-3 Scenario 15-3 Output

550 Chapter 15: Connecting to Other Autonomous Systems—The Basics of BGP
Example 15-3 Scenario 15-3 Output (Continued)

Example 15-3 Scenario 15-3 Output (Continued)

1. How many sessions are active?
2. What is the state of the sessions, and what do the states mean?

Scenario Answers
The answers provided in this section are not necessarily the only possible answers to the questions. The questions are designed to test your knowledge and to give practical exercise in certain key areas. This section is intended to test and exercise skills and concepts detailed in the body of this chapter.

If your answer is different, ask yourself whether it follows the tenets explained in the answers provided. Your answer is correct not if it matches the solution provided in the book, but rather if it has included the principles of design laid out in the chapter.

In this way, the testing provided in these scenarios is deeper: It examines not only your knowledge, but also your understanding and ability to apply that knowledge to problems.

If you do not get the correct answer, refer back to the text and review the subject tested. Be certain to also review your notes on the question to ensure that you understand the principles of the subject.

Scenario 15-1 Answers
1. Using the diagram in Figure 15-11 as a reference, issue the commands that need to be configured at each country or autonomous system.

The commands configured at each country or autonomous system would be the same structurally, although the details, such as the IP addresses and the autonomous system numbers, would change.

Example 15-4 shows the configuration of the autonomous system 64522, which is the San Francisco router. It has been assigned network 10.2.0.0.
Example 15-4 Scenario 15-1 Configuration

Example 15-4 Scenario 15-1 Configuration (Continued)

The protocol has had the neighbors in each autonomous system defined with their next-hop IP address and the number of the autonomous system to which they are connecting. The no autosummary command is used to ensure that the subnets of network 10.0.0.0 are advertised; otherwise, each subnet would need to be defined as a network command.

2. The BGP network is a full-mesh network. Are there going to be any scaling problems ensuing from this?

There should not be a problem with this design. Although there is an enormous number of TCP connections, the traffic is minimal, particularly if aggregation is configured. Also, BGP sends only triggered updates, so if the network is stable and route aggregation is configured, bandwidth should not be a concern. However, considering the propagation delays, the BGP timers might need to be reviewed. Regarding CPU, a high-power router should be used for this purpose. Each time a new BGP neighbor is added, there will be an increasing number of eBGP peer configurations for the network administrator.

3. What commands would indicate that there was a problem of scaling?

The commands that should be used to determine whether there is a problem are as follows:
— show ip bgp neighbors
— show ip bgp paths
— show ip bgp neighbors
— show ip bgp summary
— show ip bgp
— show processes cpu

Scenario 15-2 Answers
1. Given the description of the company and with reference to Figure 15-12, do you agree that BGP is a requirement for this network? Give reasons for your answer.

Because the company is small and has only a single connection per site into the Internet, it would be too complex to configure and maintain BGP when there simply are not enough resources. The bandwidth is inadequate for the task, and the administrative expertise is already overstretched. It would be far better to configure one or two static/default routes to the Internet and to redistribute these routes into the IGP running within the autonomous system.

554 Chapter 15: Connecting to Other Autonomous Systems—The Basics of BGP

2. What alternatives are available?

The only real alternative is the one already mentioned: to configure a default route into the Internet from every location and to redistribute this default route into the IGP for the autonomous system.

3. Give the alternative configuration commands for the satellite site to connect to Internet.

Each site would have the same configuration structure, although the details might differ:

The first line configures the default route. The second line turns on the OSPF process 100. The third line identifies which interfaces are participating in OSPF and what area they are in. The fourth line propagates the default route into the network, whether or not the advertising router has a path to the network.

4. What commands would show that the link is up and operational?

The commands to prove that the link is up and operational would be the show ip route command and the ping and traceroute commands. Refer to the Cisco web site or the ICND course for more details on these commands.

Scenario 15-3 Answers
1. How many sessions are active?
There are two active sessions. In reading the large amount of information on the show ip bgp neighbor command, there is a line at the beginning of each session identifying the neighboring peer. The lines in this output screen are as follows:

Both the peers have established sessions. This means that they have a TCP session between them. They are now in a position to exchange routing tables and to synchronize their databases. The rest of the line indicates how many times the table has been updated and how long the session has been maintained. In this example, the first peer has had a session with the local router for one week and five days, while the second peer has been up for exactly two weeks.

There are three autonomous systems in this configuration. The first peer belongs to autonomous system 2914, and the second belongs to 701. Because both of these neighbors belonging to their autonomous systems have an external BGP session, there must be a third autonomous system, within which the local router resides.

No comments yet

Leave a Reply

You must be logged in to post a comment.