From: DaveW (kapsi1911@hotmail.com)
Date: Sun Feb 06 2005 - 03:46:28 GMT-3
Tim,
I played around with BGP Policy accounting a bit after I saw your post.
Correct me if I'm wrong, but it sounds like you 're trying to:
1.) track all traffic from AS 200 to any host in AS 100
2.) track all traffic from AS 200 to any host in AS 54
From my understanding of BPA what you trying to do is a bit difficult. The
reason being that your limited to tracking packets using destination IP
address and input interfaces on routers which will perform BPA (when using
the "bgp-policy accounting" command). I understand that in later IOS
releases you can track on output interfaces and source IPs with the
"bgp-policy accounting output source" command. My routers do not support the
source/output command.
Anyway back to the problem.
To track all host traffic from AS200 to hosts in AS100 you could......make
sure that R3 is learning about all destination prefixes of interest from
it's IBGP peers within AS100 and create as-path list 1 with a ^$ string:
route-map account permit 10
match as-path 1
set traffic-index 2
This would match all traffic local to AS100, learned from IBGP peers. Next,
apply the policy with a table-map and do a "clear ip route *" to update the
FIB/RIB. When you do a "show ip cef <prefix>" for any IBGP learned route
(local to AS100), you should see that the prefix is flagged with
"traffic-index 2". Once you see the desired prefix is flagged, make sure
that the "bgp policy-accounting" command is on R3's interface that connects
to R1 (because that's the direction incoming traffic we're interested in
will be entering AS100). Ping the AS100 prefix from AS200. It should track
it.
The only problem is this will also track transit traffic that passes through
AS200 destined for AS100 subnets. If you need more detail or need me to
clarify anything let me know.
DAve
----- Original Message -----
From: "ccie2be" <ccie2be@nyc.rr.com>
To: "Group Study" <ccielab@groupstudy.com>
Sent: Friday, February 04, 2005 8:38 AM
Subject: bgp policy accounting
> Hi guys,
>
> I never configured this before and so far, I'm not able to make this work.
>
> Here's the topology:
>
> AS 200 ---> AS 100 ---> AS 54
>
> I need to keep track of traffic from AS 200.
>
> And, I want to configure AS 100 such that I can count all traffic from AS
200
>
> which is destined to any host in AS 200.
>
> I also want to count all traffic from AS 200 that transits AS 100 on it's
way
> to other hosts.
>
> R3 is in AS 100 and directly connects to R1 in AS 200.
>
> To do this, I followed (I think) the instructions in this link:
>
> http://www.cisco.com/warp/public/459/38.html
>
> Here's my config for R3: ( I also cleared the BGP sessions after doing
this
> config.)
>
> interface Serial1/0 <--- Connects to R1
&
> R2
> ip address 157.1.123.3 255.255.255.0
> bgp-policy accounting <-- per above link
> encapsulation frame-relay
> frame-relay map ip 157.1.123.1 301 broadcast
> frame-relay map ip 157.1.123.2 302 broadcast
> no frame-relay inverse-arp
>
> Rack1R3#;f router bgp
> router bgp 100
> no synchronization
> table-map SET-BUCKET
> bgp router-id 150.1.3.3
> bgp log-neighbor-changes
> neighbor 157.1.35.5 remote-as 100
> neighbor 157.1.35.5 route-reflector-client
> neighbor 157.1.36.6 remote-as 100
> neighbor 157.1.36.6 route-reflector-client
> neighbor 157.1.37.7 remote-as 100
> neighbor 157.1.37.7 route-reflector-client
> neighbor 157.1.123.1 remote-as 200
> no auto-summary
> !
> ip as-path access-list 1 permit ^100$ <-- For traffic to AS 100
> ip as-path access-list 2 permit _54_ <-- For traffic to other AS's
> downstream of AS !00
> !
> !
> route-map SET-BUCKET permit 10
> match as-path 1
> set traffic-index 1
> !
> route-map SET-BUCKET permit 20
> match as-path 2
> set traffic-index 2
>
> First I cleared the BGP session between AS 100 and AS 200 and
>
> then I went to R1 and ping'd various destinations in R1's bgp table:
>
> Rack1R1#sh ip bgp
> BGP table version is 167, local router ID is 150.1.1.1
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal,
> r RIB-failure, S Stale
> Origin codes: i - IGP, e - EGP, ? - incomplete
>
> Network Next Hop Metric LocPrf Weight Path
> *> 28.119.16.0/24 157.1.123.3 0 100 54 i
> *> 28.119.17.0/24 157.1.123.3 0 100 54 i
> *> 112.0.0.0 157.1.123.3 0 100 54 50 60
i
> *> 113.0.0.0 157.1.123.3 0 100 54 50 60
i
> *> 114.0.0.0 157.1.123.3 0 100 54 i
> *> 115.0.0.0 157.1.123.3 0 100 54 i
> *> 116.0.0.0 157.1.123.3 0 100 54 i
> *> 117.0.0.0 157.1.123.3 0 100 54 i
> *> 118.0.0.0 157.1.123.3 0 100 54 i
> *> 119.0.0.0 157.1.123.3 0 100 54 i
> *> 157.1.5.0/24 157.1.123.3 0 100 i
> *> 157.1.7.0/24 157.1.123.3 0 100 i
> Rack1R1#
>
> Rack1R1#;p 116.0.0.0 rep 100
>
> Type escape sequence to abort.
> Sending 100, 100-byte ICMP Echos to 116.0.0.0, timeout is 2 seconds:
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> Success rate is 100 percent (100/100), round-trip min/avg/max = 20/24/44
ms
> Rack1R1#p 157.1.7.0 rep 25
>
> Type escape sequence to abort.
> Sending 25, 100-byte ICMP Echos to 157.1.7.0, timeout is 2 seconds:
> !!!!!!!!!!!!!!!!!!!!!!!!!
> Success rate is 100 percent (25/25), round-trip min/avg/max = 16/18/20 ms
> Rack1R1#
>
> Then I went back to R3 to see if the traffic was counted. It wasn't:
>
> Rack1R3#sh cef inter s1/0 policy-statistics
> Serial1/0 is up (if_number 5)
> Corresponding hwidb fast_if_number 5
> Corresponding hwidb firstsw->if_number 5
> BGP based Policy accounting is enabled
> Index Packets Bytes
> 1 0 0
> 2 0 0
> 3 0 0
> 4 0 0
> 5 0 0
> 6 0 0
> 7 0 0
> 8 0 0
> Rack1R3#
>
> Can anyone see where I'm screwing up?
>
> TIA, Tim
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Thu Mar 03 2005 - 08:51:17 GMT-3