Re: BGP Peer session template

From: Narbik Kocharians (narbikk@gmail.com)
Date: Thu Feb 05 2009 - 05:20:56 ARST

* *
*Sorry for the long post. You should try this lab, hopefully it will help.*

* *

*
*

* *
*Lab Setup:*

X R1, R2, R3 and R4 are connected to the same Ethernet segment.

X The F0/0 interface of these four routers should be configured in VLAN
100.

X Configure the routers according to the following IP addressing chart:

  *IP Addressing chart:*

*R1:*

F0/0 = 10.1.1.1 /24

Lo0 = 1.1.1.1 /8

Lo1 = 192.168.1.1 /24

*R2:*

F0/0 = 10.1.1.2 /24

Lo0 = 2.2.2.2 /8

Lo1 = 192.168.2.2 /24

*R3:*

F0/0 = 10.1.1.3 /24

Lo0 = 3.3.3.3 /8

Lo1 = 192.168.3.3 /24

*R4:*

F0/0 = 10.1.1.4 /24

Lo0 = 4.4.4.4 /8

Lo1 = 192.168.4.4 /24

* *
*Task 1* Configure these routers in AS 100, these routers should create an
IBGP peer sessions between them, ensure that these routers advertise their
Loopback 0 interface in this AS.

* *

*On R1*

R1(config)#router bgp 100

R1(config-router)#neighbor 10.1.1.2 remote-as 100

R1(config-router)#neighbor 10.1.1.3 remote-as 100

R1(config-router)#neighbor 10.1.1.4 remote-as 100

R1(config-router)#no syn

R1(config-router)#network 1.0.0.0

*On R2*

R2(config)#router bgp 100

R2(config-router)#neighbor 10.1.1.1 remote-as 100

R2(config-router)#neighbor 10.1.1.3 remote-as 100

R2(config-router)#neighbor 10.1.1.4 remote-as 100

R2(config-router)#no syn

R2(config-router)#network 2.0.0.0

*On R3*

R3(config)#router bgp 100

R3(config-router)#neighbor 10.1.1.1 remote-as 100

R3(config-router)#neighbor 10.1.1.2 remote-as 100

R3(config-router)#neighbor 10.1.1.4 remote-as 100

R3(config-router)#no syn

R3(config-router)#network 3.0.0.0

*On R4*

R1(config)#router bgp 100

R4(config-router)#neighbor 10.1.1.1 remote-as 100

R4(config-router)#neighbor 10.1.1.2 remote-as 100

R4(config-router)#neighbor 10.1.1.3 remote-as 100

R4(config-router)#no syn

R4(config-router)#network 4.0.0.0

* *

*To verify the configuration:*

* *

* *

* *

*On R1*

*R1#Show ip bgp*

* *

BGP table version is 5, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

      Network Next Hop Metric LocPrf Weight Path

*> 1.0.0.0 0.0.0.0 0
32768 i

*>i2.0.0.0 10.1.1.2 0 100
0 i

*>i3.0.0.0 10.1.1.3 0 100
0 i

*>i4.0.0.0 10.1.1.4 0 100
0 i

***

Valid Table Entry.

*> *

The best entry for the Prefix.

*s*

The entry is suppressed.

*i*

The entry was learned via an IBGP, this is the "i" to the left of the
network column. The letter "i" under the path column, specifies the origin
of the route.

*Network*

Prefix entry for the network, if the mask is omitted, the default mask is
assumed.

*Next Hop*

The next hop's IP address to get to the specified network address, if it is
0.0.0.0 it is a prefix that is advertised by the local router.

*Metric*

This is the Inter-as metric, or the MED attribute which is 0 by default.

*LocPrf*

This is the local preference attribute, used in the route selection process
carried within the local AS ONLY. With the local-pref attribute the higher
value has more preference. The prefixes that are received from a peer AS are
tagged with a local-pref value of 100; this value can be changed to
influence the best path selection process. The changed value is only
advertised to IBGP peers. When the local router advertises a prefix, no
local-pref value is seen in the output of the "Show ip bgp" command. The
default value of 100 can be changed by the *"BGP default
local-preference"*command.

*Weight*

The prefixes that are received via a neighbor (IBGP or EBGP) will have a
weight of 0, but the prefixes that are originated by the local router will
have a weight value of 32768. This attribute overrides any other attribute
for performing best path determination.

*Path*

If the prefixes were originated or learned via an IBGP neighbor, the path
column will have the letter "i" without any ASN. If the prefix was learned
through another AS, then this column will have the AS number/s followed by
the letter i, the ASNs indicate the ASes that a prefix has traversed. The
maximum number of ASes that a prefix can traverse through is 255.

      * *

*Task 3*

Reconfigure the routers in AS 100; use the following policy for their IBGP
peer sessions:

X Authentication must be enabled between the peers using "cisco" as the
password.

X The peer session must be established based on the Loopback 0's IP
address.

X These routers should ONLY advertise their Loopback 1 in BGP.

X Provide NLRI to Loopback0 interface using RIPv2.

X The peer session between the routers should only be established if
they are running BGP version 4.

X Use peer-groups to accomplish this task.

* *

*Cisco's implementation of BGP in IOS 12.0(5)T or earlier releases supports
BGP versions 2, 3, and 4, with dynamic negotiation down to Version 2. But in
IOS version 12.0(6)T or later, Cisco routers only support version 4 and they
do not support dynamic negotiation down to Version 2. The reason you may see
the "Neighbor version" command configured on some Cisco routers is because
may be the router is connecting and establishing a peer session with a
Non-Cisco router. *

* *

*On R1*

* *

R1(config)#router bgp 100

R1(config-router)#no au

R1(config-router)#net 192.168.1.0

R1(config-router)#neighbor *TST* peer-group

R1(config-router)#neighbor *TST* remote-as 100

R1(config-router)#neighbor *TST* update-source lo0

R1(config-router)#neighbor *TST* version 4

R1(config-router)#neighbor *TST* password cisco

R1(config-router)#neighbor 2.2.2.2 peer-group *TST*

R1(config-router)#neighbor 3.3.3.3 peer-group *TST*

R1(config-router)#neighbor 4.4.4.4 peer-group *TST*

R1(config-router)#router rip

R1(config-router)#no au

R1(config-router)#ver 2

R1(config-router)#netw 10.0.0.0

R1(config-router)#netw 1.0.0.0

*On R2*

R2(config)#router bgp 100

R2(config-router)#no au

R2(config-router)#netw 192.168.2.0

R2(config-router)#neighbor *TST* peer-group

R2(config-router)#neighbor *TST* remote-as 100

R2(config-router)#neighbor *TST* update-source lo0

R2(config-router)#neighbor *TST* version 4

R2(config-router)#neighbor *TST* password cisco

R2(config-router)#neighbor 1.1.1.1 peer-group *TST*

R2(config-router)#neighbor 3.3.3.3 peer-group *TST*

R2(config-router)#neighbor 4.4.4.4 peer-group *TST*

R2(config-router)#router rip

R2(config-router)#no au

R2(config-router)#ver 2

R2(config-router)#netw 10.0.0.0

R2(config-router)#netw 2.0.0.0

*On R3*

R3(config)#router bgp 100

R3(config-router)#no au

R3(config-router)# network 192.168.3.0

R3(config-router)#neighbor *TST* peer-group

R3(config-router)#neighbor *TST* remote-as 100

R3(config-router)#neighbor *TST* update-source lo0

R3(config-router)#neighbor *TST* version 4

R3(config-router)#neighbor *TST* password cisco

R3(config-router)#neighbor 1.1.1.1 peer-group *TST*

R3(config-router)#neighbor 2.2.2.2 peer-group *TST*

R3(config-router)#neighbor 4.4.4.4 peer-group *TST*

R3(config-router)#router rip

R3(config-router)#no au

R3(config-router)#ver 2

R3(config-router)#netw 10.0.0.0

R3(config-router)#netw 3.0.0.0

* *

*On R4*

R4(config)#router bgp 100

R4(config-router)#no au

R4(config-router)# network 192.168.4.0

R4(config-router)#neighbor *TST* peer-group

R4(config-router)#neighbor *TST* remote-as 100

R4(config-router)#neighbor *TST* update-source lo0

R4(config-router)#neighbor *TST* version 4

R4(config-router)#neighbor *TST* password cisco

R4(config-router)#neighbor 1.1.1.1 peer-group *TST*

R4(config-router)#neighbor 2.2.2.2 peer-group *TST*

R4(config-router)#neighbor 3.3.3.3 peer-group *TST*

R4(config-router)#router rip

R4(config-router)#no au

R4(config-router)#ver 2

R4(config-router)#netw 10.0.0.0

R4(config-router)#netw 4.0.0.0

*To verify the configuration:*

* *

*On R1*

*R1#Show ip bgp*

BGP table version is 7, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

      Network Next Hop Metric LocPrf Weight Path

*> 192.168.1.0 0.0.0.0 0 32768 i

*>i192.168.2.0 2.2.2.2 0 100 0 i

*>i192.168.3.0 3.3.3.3 0 100 0 i

*>i192.168.4.0 4.4.4.4 0 100 0 i

* *

*To verify the configuration:*

* *

*On R1*

*R1#Show ip bgp peer-group*

BGP peer-group is *TST*, *remote AS 100*

* BGP version 4*

  Default minimum time between advertisement runs is 0 seconds

 For address family: IPv4 Unicast

  BGP neighbor is TST, peer-group internal, members:

* 2.2.2.2 3.3.3.3 4.4.4.4*

  Index 0, Offset 0, Mask 0x0

  Update messages formatted 0, replicated 0

  Number of NLRIs in the update sent: max 0, min 0

* *

*Note the output of the "Show ip bgp peer-group" reveals the ip address of
the members of the peer-group.*

* *

*Some of the benefits of peer-groups:*

* *

X *Peer-groups provide optimization of BGP convergence, Let's say a BGP
speaker has 10 IBGP peers that exchange full BGP routing (200,000 prefixes),
without the creation of a peer-group, the local router has to go through 2
million prefixes, whereas, if the same router was configured with a
peer-group, the router would only go through 200,000 prefixes.*

* *

X *It provides a mechanism for peers that have an identical
outboundpolicy.
*

* *

X *Another benefit of peer-groups is that it can reduce the
administrative overhead by cutting down redundant configuration on the
routers.*

*Task 4* * *

Remove the BGP configuration from the routers and reconfigure the routers in
AS 100 using *peer-session templates*; you should configure the following
two templates to accomplish this task:

X *Common Template*: This template should contain the "*Neighbor version
4*" and "*Neighbor password*" command, this template should be applied to
all neighbors.

X *IBGP Template*: This template should contain the "*Neighbor
Update-source*" and "*Neighbor remote-as*" commands. This template should be
applied to all IBGP neighbors.

You should advertise Loopback1 interface in BGP and Loopback0 should be used
as the IP address for establishing the peer sessions. DO NOT remove RIPv2's
configuration.

* *

*On R1*

R1(config)#router bgp 100

R1(config-router)#no au

R1(config-router)#network 192.168.1.0

R1(config-router)#template peer-session *Common*

R1(config-router-stmp)#*password cisco*

R1(config-router-stmp)#*version 4*

R1(config-router-stmp)#exit-peer-session

R1(config-router)#template peer-session *IBGP*

R1(config-router-stmp)#*inherit peer-session Common*

R1(config-router-stmp)#*update-source lo0*

R1(config-router-stmp)#*remote-as 100*

R1(config-router-stmp)#exit-peer-session

R1(config-router)#neighbor 2.2.2.2 inherit peer-session *IBGP*

R1(config-router)#neighbor 3.3.3.3 inherit peer-session *IBGP*

R1(config-router)#neighbor 4.4.4.4 inherit peer-session *IBGP*

*On R2*

R2(config)#router bgp 100

R2(config-router)#no au

R2(config-router)#network 192.168.2.0

R2(config-router)#template peer-session *Common*

R2(config-router-stmp)#password cisco

R2(config-router-stmp)#version 4

R2(config-router-stmp)#exit-peer-session

R2(config-router)#template peer-session *IBGP*

R2(config-router-stmp)#inherit peer-session *Common*

R2(config-router-stmp)#update-source lo0

R2(config-router-stmp)#remote-as 100

R2(config-router-stmp)#exit-peer-session

R2(config-router)#neighbor 1.1.1.1 inherit peer-session *IBGP*

R2(config-router)#neighbor 3.3.3.3 inherit peer-session *IBGP*

R2(config-router)#neighbor 4.4.4.4 inherit peer-session *IBGP*

*On R3*

R3(config)#router bgp 100

R3(config-router)#no au

R3(config-router)#network 192.168.3.0

R3(config-router)#template peer-session *Common*

R3(config-router-stmp)#password cisco

R3(config-router-stmp)#version 4

R3(config-router-stmp)#exit-peer-session

R3(config-router)#template peer-session *IBGP*

R3(config-router-stmp)#inherit peer-session *Common*

R3(config-router-stmp)#update-source lo0

R3(config-router-stmp)#remote-as 100

R3(config-router-stmp)#exit-peer-session

R3(config-router)#neighbor 1.1.1.1 inherit peer-session *IBGP*

R3(config-router)#neighbor 2.2.2.2 inherit peer-session *IBGP*

R3(config-router)#neighbor 4.4.4.4 inherit peer-session *IBGP*

*On R4*

R4(config)#router bgp 100

R4(config-router)#no au

R4(config-router)#network 192.168.4.0

R4(config-router)#template peer-session *Common*

R4(config-router-stmp)#password cisco

R4(config-router-stmp)#version 4

R4(config-router-stmp)#exit-peer-session

R4(config-router)#template peer-session *IBGP*

R4(config-router-stmp)#inherit peer-session *Common*

R4(config-router-stmp)#update-source lo0

R4(config-router-stmp)#remote-as 100

R4(config-router-stmp)#exit-peer-session

R4(config-router)#neighbor 1.1.1.1 inherit peer-session *IBGP*

R4(config-router)#neighbor 2.2.2.2 inherit peer-session *IBGP*

R4(config-router)#neighbor 3.3.3.3 inherit peer-session *IBGP*

*To verify the configuration:*

* *

*On R1*

* *

* *

*R1#Show ip bgp*

* *

BGP table version is 5, local router ID is 192.168.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

     Network Next Hop Metric LocPrf Weight Path

*> 192.168.1.0 0.0.0.0 0 32768 i

*>i192.168.2.0 2.2.2.2 0 100 0 i

*>i192.168.3.0 3.3.3.3 0 100 0 i

*>i192.168.4.0 4.4.4.4 0 100 0 i

X *Peer-session template can be used to apply session specific
configuration commands to a group of neighbors that share a common session
configuration.*

* *

X *Peer-session templates can be reused and they support inheritance of
another peer-session template/s, this means that nested peer-sessions can
also be used.*

* *

X *Peer-session templates support session specific commands ONLY. *

Remember, do the configurations without applying the password, once you get
the routers up, then, apply the password.

Peer-policy is identical to the peer-session but it contains commands that
are used to apply policy instead of session establishment commands.

Hope this helped.

On Wed, Feb 4, 2009 at 1:57 PM, ALL From_NJ <all.from.nj@gmail.com> wrote:

> Is this the link you used? (watch the ugly word wrap ...)
>
>
>
http://www.cisco.com/en/US/docs/ios/iproute/configuration/guide/irp_bgp_basic
_net_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1057358
>
> There is almost too much info listed ... , what helped me to understand
> these better was to do these configs a few times.
>
> What is also cool about these, is that you can configure many peer options
> without using the neighbor command, and any new peer can quickly be
> customized via applying the template.
>
> IMO, these are applicable to both enterprise and sp; I think both.
>
> Have you tried it, and did everything work ok? HTH,
>
> Andrew Lee Lissitz
>
>
>
> On Wed, Feb 4, 2009 at 1:29 PM, Mohamed Zeavudeen <mohd.zea@gmail.com
> >wrote:
>
> > Any Good reference for studying BGP Peer session template, DOC CD is not
> > very clear.
> >
> > How important this topic for R&S, looks like SP Stuff.
> >
> > Kind regards,
> > Z
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
> >
>
>
> --
> Andrew Lee Lissitz
> all.from.nj@gmail.com
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
> 

--
Narbik Kocharians
CCSI#30832, CCIE# 12410 (R&S, SP, Security)
www.MicronicsTraining.com
www.Net-Workbooks.com
Sr. Technical Instructor

Blogs and organic groups at http://www.ccie.net

This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:10 ARST