From: Ravi Singh (way2ccie@googlemail.com)
Date: Thu Feb 05 2009 - 05:48:26 ARST
Infact, this is what I was trying to do over the past few days. I have also
been trying to find out some other reference material for peer templates but
couldn't really find a good one. Then I labbed it up with dynamips and
things got much clearer. So, Andrew is right. Lab this up and fiddle with
it. Then when you go back to the documentation a lot of things will get
easier to understand. And what's better than Narbik's Lab example to try
this.
P.S - Make sure you use a recent version of the IOS as this is a pretty new
feature. I am using 12.4(23).
Reagrds,
Ravi
On Thu, Feb 5, 2009 at 7:20 AM, Narbik Kocharians <narbikk@gmail.com> wrote:
> * *
> *Sorry for the long post. You should try this lab, hopefully it will help.*
>
> * *
>
> *
> *
>
> * *
> *Lab Setup:*
>
> X R1, R2, R3 and R4 are connected to the same Ethernet segment.
>
>
>
> X The F0/0 interface of these four routers should be configured in VLAN
> 100.
>
>
>
> X Configure the routers according to the following IP addressing chart:
>
>
> *IP Addressing chart:*
>
>
>
> *R1:*
>
> F0/0 = 10.1.1.1 /24
>
> Lo0 = 1.1.1.1 /8
>
> Lo1 = 192.168.1.1 /24
>
>
>
> *R2:*
>
> F0/0 = 10.1.1.2 /24
>
> Lo0 = 2.2.2.2 /8
>
> Lo1 = 192.168.2.2 /24
>
>
>
> *R3:*
>
> F0/0 = 10.1.1.3 /24
>
> Lo0 = 3.3.3.3 /8
>
> Lo1 = 192.168.3.3 /24
>
>
>
> *R4:*
>
> F0/0 = 10.1.1.4 /24
>
> Lo0 = 4.4.4.4 /8
>
> Lo1 = 192.168.4.4 /24
>
> * *
> *Task 1* Configure these routers in AS 100, these routers should create
> an
> IBGP peer sessions between them, ensure that these routers advertise their
> Loopback 0 interface in this AS.
>
> * *
>
> *On R1*
>
>
>
> R1(config)#router bgp 100
>
> R1(config-router)#neighbor 10.1.1.2 remote-as 100
>
> R1(config-router)#neighbor 10.1.1.3 remote-as 100
>
> R1(config-router)#neighbor 10.1.1.4 remote-as 100
>
> R1(config-router)#no syn
>
> R1(config-router)#network 1.0.0.0
>
>
>
> *On R2*
>
>
>
> R2(config)#router bgp 100
>
> R2(config-router)#neighbor 10.1.1.1 remote-as 100
>
> R2(config-router)#neighbor 10.1.1.3 remote-as 100
>
> R2(config-router)#neighbor 10.1.1.4 remote-as 100
>
> R2(config-router)#no syn
>
> R2(config-router)#network 2.0.0.0
>
>
>
> *On R3*
>
>
>
> R3(config)#router bgp 100
>
> R3(config-router)#neighbor 10.1.1.1 remote-as 100
>
> R3(config-router)#neighbor 10.1.1.2 remote-as 100
>
> R3(config-router)#neighbor 10.1.1.4 remote-as 100
>
> R3(config-router)#no syn
>
> R3(config-router)#network 3.0.0.0
>
>
>
> *On R4*
>
>
>
> R1(config)#router bgp 100
>
> R4(config-router)#neighbor 10.1.1.1 remote-as 100
>
> R4(config-router)#neighbor 10.1.1.2 remote-as 100
>
> R4(config-router)#neighbor 10.1.1.3 remote-as 100
>
> R4(config-router)#no syn
>
> R4(config-router)#network 4.0.0.0
>
> * *
>
> *To verify the configuration:*
>
> * *
>
> * *
>
> * *
>
> *On R1*
>
>
>
> *R1#Show ip bgp*
>
> * *
>
> BGP table version is 5, local router ID is 1.1.1.1
>
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal,
>
> r RIB-failure, S Stale
>
> Origin codes: i - IGP, e - EGP, ? - incomplete
>
>
>
> Network Next Hop Metric LocPrf Weight Path
>
> *> 1.0.0.0 0.0.0.0 0
> 32768 i
>
> *>i2.0.0.0 10.1.1.2 0 100
> 0 i
>
> *>i3.0.0.0 10.1.1.3 0 100
> 0 i
>
> *>i4.0.0.0 10.1.1.4 0 100
> 0 i
>
>
>
> ***
>
> Valid Table Entry.
>
> *> *
>
> The best entry for the Prefix.
>
> *s*
>
> The entry is suppressed.
>
> *i*
>
> The entry was learned via an IBGP, this is the "i" to the left of the
> network column. The letter "i" under the path column, specifies the origin
> of the route.
>
> *Network*
>
> Prefix entry for the network, if the mask is omitted, the default mask is
> assumed.
>
> *Next Hop*
>
> The next hop's IP address to get to the specified network address, if it is
> 0.0.0.0 it is a prefix that is advertised by the local router.
>
> *Metric*
>
> This is the Inter-as metric, or the MED attribute which is 0 by default.
>
> *LocPrf*
>
> This is the local preference attribute, used in the route selection process
> carried within the local AS ONLY. With the local-pref attribute the higher
> value has more preference. The prefixes that are received from a peer AS
> are
> tagged with a local-pref value of 100; this value can be changed to
> influence the best path selection process. The changed value is only
> advertised to IBGP peers. When the local router advertises a prefix, no
> local-pref value is seen in the output of the "Show ip bgp" command. The
> default value of 100 can be changed by the *"BGP default
> local-preference"*command.
>
>
> *Weight*
>
> The prefixes that are received via a neighbor (IBGP or EBGP) will have a
> weight of 0, but the prefixes that are originated by the local router will
> have a weight value of 32768. This attribute overrides any other attribute
> for performing best path determination.
>
> *Path*
>
> If the prefixes were originated or learned via an IBGP neighbor, the path
> column will have the letter "i" without any ASN. If the prefix was learned
> through another AS, then this column will have the AS number/s followed by
> the letter i, the ASNs indicate the ASes that a prefix has traversed. The
> maximum number of ASes that a prefix can traverse through is 255.
>
>
>
> * *
>
> *Task 3*
>
>
>
> Reconfigure the routers in AS 100; use the following policy for their IBGP
> peer sessions:
>
>
>
> X Authentication must be enabled between the peers using "cisco" as the
> password.
>
> X The peer session must be established based on the Loopback 0's IP
> address.
>
> X These routers should ONLY advertise their Loopback 1 in BGP.
>
> X Provide NLRI to Loopback0 interface using RIPv2.
>
> X The peer session between the routers should only be established if
> they are running BGP version 4.
>
> X Use peer-groups to accomplish this task.
>
>
>
> * *
>
> *Cisco's implementation of BGP in IOS 12.0(5)T or earlier releases supports
> BGP versions 2, 3, and 4, with dynamic negotiation down to Version 2. But
> in
> IOS version 12.0(6)T or later, Cisco routers only support version 4 and
> they
> do not support dynamic negotiation down to Version 2. The reason you may
> see
> the "Neighbor version" command configured on some Cisco routers is because
> may be the router is connecting and establishing a peer session with a
> Non-Cisco router. *
>
> * *
>
> *On R1*
>
> * *
>
> R1(config)#router bgp 100
>
> R1(config-router)#no au
>
> R1(config-router)#net 192.168.1.0
>
>
>
> R1(config-router)#neighbor *TST* peer-group
>
> R1(config-router)#neighbor *TST* remote-as 100
>
> R1(config-router)#neighbor *TST* update-source lo0
>
> R1(config-router)#neighbor *TST* version 4
>
> R1(config-router)#neighbor *TST* password cisco
>
>
>
> R1(config-router)#neighbor 2.2.2.2 peer-group *TST*
>
> R1(config-router)#neighbor 3.3.3.3 peer-group *TST*
>
> R1(config-router)#neighbor 4.4.4.4 peer-group *TST*
>
>
>
> R1(config-router)#router rip
>
> R1(config-router)#no au
>
> R1(config-router)#ver 2
>
> R1(config-router)#netw 10.0.0.0
>
> R1(config-router)#netw 1.0.0.0
>
>
>
> *On R2*
>
>
>
> R2(config)#router bgp 100
>
> R2(config-router)#no au
>
> R2(config-router)#netw 192.168.2.0
>
>
>
> R2(config-router)#neighbor *TST* peer-group
>
> R2(config-router)#neighbor *TST* remote-as 100
>
> R2(config-router)#neighbor *TST* update-source lo0
>
> R2(config-router)#neighbor *TST* version 4
>
> R2(config-router)#neighbor *TST* password cisco
>
>
>
> R2(config-router)#neighbor 1.1.1.1 peer-group *TST*
>
> R2(config-router)#neighbor 3.3.3.3 peer-group *TST*
>
>
>
>
>
> R2(config-router)#neighbor 4.4.4.4 peer-group *TST*
>
>
>
> R2(config-router)#router rip
>
> R2(config-router)#no au
>
> R2(config-router)#ver 2
>
> R2(config-router)#netw 10.0.0.0
>
> R2(config-router)#netw 2.0.0.0
>
>
>
> *On R3*
>
>
>
> R3(config)#router bgp 100
>
> R3(config-router)#no au
>
> R3(config-router)# network 192.168.3.0
>
>
>
> R3(config-router)#neighbor *TST* peer-group
>
> R3(config-router)#neighbor *TST* remote-as 100
>
> R3(config-router)#neighbor *TST* update-source lo0
>
> R3(config-router)#neighbor *TST* version 4
>
> R3(config-router)#neighbor *TST* password cisco
>
>
>
> R3(config-router)#neighbor 1.1.1.1 peer-group *TST*
>
> R3(config-router)#neighbor 2.2.2.2 peer-group *TST*
>
> R3(config-router)#neighbor 4.4.4.4 peer-group *TST*
>
>
>
> R3(config-router)#router rip
>
> R3(config-router)#no au
>
> R3(config-router)#ver 2
>
> R3(config-router)#netw 10.0.0.0
>
> R3(config-router)#netw 3.0.0.0
>
> * *
>
> *On R4*
>
>
>
> R4(config)#router bgp 100
>
> R4(config-router)#no au
>
> R4(config-router)# network 192.168.4.0
>
>
>
> R4(config-router)#neighbor *TST* peer-group
>
> R4(config-router)#neighbor *TST* remote-as 100
>
> R4(config-router)#neighbor *TST* update-source lo0
>
> R4(config-router)#neighbor *TST* version 4
>
> R4(config-router)#neighbor *TST* password cisco
>
>
>
> R4(config-router)#neighbor 1.1.1.1 peer-group *TST*
>
> R4(config-router)#neighbor 2.2.2.2 peer-group *TST*
>
> R4(config-router)#neighbor 3.3.3.3 peer-group *TST*
>
>
>
> R4(config-router)#router rip
>
> R4(config-router)#no au
>
> R4(config-router)#ver 2
>
> R4(config-router)#netw 10.0.0.0
>
> R4(config-router)#netw 4.0.0.0
>
>
>
> *To verify the configuration:*
>
> * *
>
> *On R1*
>
>
>
> *R1#Show ip bgp*
>
>
>
> BGP table version is 7, local router ID is 1.1.1.1
>
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal,
>
> r RIB-failure, S Stale
>
> Origin codes: i - IGP, e - EGP, ? - incomplete
>
>
>
> Network Next Hop Metric LocPrf Weight Path
>
> *> 192.168.1.0 0.0.0.0 0 32768 i
>
> *>i192.168.2.0 2.2.2.2 0 100 0 i
>
> *>i192.168.3.0 3.3.3.3 0 100 0 i
>
> *>i192.168.4.0 4.4.4.4 0 100 0 i
>
> * *
>
> *To verify the configuration:*
>
> * *
>
> *On R1*
>
>
>
> *R1#Show ip bgp peer-group*
>
>
>
> BGP peer-group is *TST*, *remote AS 100*
>
> * BGP version 4*
>
> Default minimum time between advertisement runs is 0 seconds
>
>
>
> For address family: IPv4 Unicast
>
> BGP neighbor is TST, peer-group internal, members:
>
> * 2.2.2.2 3.3.3.3 4.4.4.4*
>
> Index 0, Offset 0, Mask 0x0
>
> Update messages formatted 0, replicated 0
>
> Number of NLRIs in the update sent: max 0, min 0
>
> * *
>
> *Note the output of the "Show ip bgp peer-group" reveals the ip address of
> the members of the peer-group.*
>
> * *
>
> *Some of the benefits of peer-groups:*
>
> * *
>
> X *Peer-groups provide optimization of BGP convergence, Let's say a BGP
> speaker has 10 IBGP peers that exchange full BGP routing (200,000
> prefixes),
> without the creation of a peer-group, the local router has to go through 2
> million prefixes, whereas, if the same router was configured with a
> peer-group, the router would only go through 200,000 prefixes.*
>
> * *
>
> X *It provides a mechanism for peers that have an identical
> outboundpolicy.
> *
>
> * *
>
> X *Another benefit of peer-groups is that it can reduce the
> administrative overhead by cutting down redundant configuration on the
> routers.*
>
>
>
> *Task 4* * *
>
> Remove the BGP configuration from the routers and reconfigure the routers
> in
> AS 100 using *peer-session templates*; you should configure the following
> two templates to accomplish this task:
>
>
>
> X *Common Template*: This template should contain the "*Neighbor
> version
> 4*" and "*Neighbor password*" command, this template should be applied to
> all neighbors.
>
>
>
> X *IBGP Template*: This template should contain the "*Neighbor
> Update-source*" and "*Neighbor remote-as*" commands. This template should
> be
> applied to all IBGP neighbors.
>
>
>
> You should advertise Loopback1 interface in BGP and Loopback0 should be
> used
> as the IP address for establishing the peer sessions. DO NOT remove RIPv2's
> configuration.
>
> * *
>
> *On R1*
>
>
>
> R1(config)#router bgp 100
>
> R1(config-router)#no au
>
> R1(config-router)#network 192.168.1.0
>
>
>
> R1(config-router)#template peer-session *Common*
>
> R1(config-router-stmp)#*password cisco*
>
> R1(config-router-stmp)#*version 4*
>
> R1(config-router-stmp)#exit-peer-session
>
>
>
> R1(config-router)#template peer-session *IBGP*
>
> R1(config-router-stmp)#*inherit peer-session Common*
>
> R1(config-router-stmp)#*update-source lo0*
>
> R1(config-router-stmp)#*remote-as 100*
>
> R1(config-router-stmp)#exit-peer-session
>
>
>
> R1(config-router)#neighbor 2.2.2.2 inherit peer-session *IBGP*
>
> R1(config-router)#neighbor 3.3.3.3 inherit peer-session *IBGP*
>
> R1(config-router)#neighbor 4.4.4.4 inherit peer-session *IBGP*
>
>
>
> *On R2*
>
>
>
> R2(config)#router bgp 100
>
> R2(config-router)#no au
>
> R2(config-router)#network 192.168.2.0
>
>
>
> R2(config-router)#template peer-session *Common*
>
> R2(config-router-stmp)#password cisco
>
> R2(config-router-stmp)#version 4
>
> R2(config-router-stmp)#exit-peer-session
>
>
>
> R2(config-router)#template peer-session *IBGP*
>
> R2(config-router-stmp)#inherit peer-session *Common*
>
> R2(config-router-stmp)#update-source lo0
>
> R2(config-router-stmp)#remote-as 100
>
> R2(config-router-stmp)#exit-peer-session
>
>
>
> R2(config-router)#neighbor 1.1.1.1 inherit peer-session *IBGP*
>
> R2(config-router)#neighbor 3.3.3.3 inherit peer-session *IBGP*
>
> R2(config-router)#neighbor 4.4.4.4 inherit peer-session *IBGP*
>
>
>
> *On R3*
>
>
>
>
>
>
>
> R3(config)#router bgp 100
>
> R3(config-router)#no au
>
> R3(config-router)#network 192.168.3.0
>
>
>
> R3(config-router)#template peer-session *Common*
>
> R3(config-router-stmp)#password cisco
>
> R3(config-router-stmp)#version 4
>
> R3(config-router-stmp)#exit-peer-session
>
>
>
> R3(config-router)#template peer-session *IBGP*
>
> R3(config-router-stmp)#inherit peer-session *Common*
>
> R3(config-router-stmp)#update-source lo0
>
> R3(config-router-stmp)#remote-as 100
>
> R3(config-router-stmp)#exit-peer-session
>
>
>
> R3(config-router)#neighbor 1.1.1.1 inherit peer-session *IBGP*
>
> R3(config-router)#neighbor 2.2.2.2 inherit peer-session *IBGP*
>
> R3(config-router)#neighbor 4.4.4.4 inherit peer-session *IBGP*
>
>
>
> *On R4*
>
>
>
> R4(config)#router bgp 100
>
> R4(config-router)#no au
>
> R4(config-router)#network 192.168.4.0
>
>
>
> R4(config-router)#template peer-session *Common*
>
> R4(config-router-stmp)#password cisco
>
> R4(config-router-stmp)#version 4
>
> R4(config-router-stmp)#exit-peer-session
>
>
>
> R4(config-router)#template peer-session *IBGP*
>
> R4(config-router-stmp)#inherit peer-session *Common*
>
> R4(config-router-stmp)#update-source lo0
>
> R4(config-router-stmp)#remote-as 100
>
> R4(config-router-stmp)#exit-peer-session
>
>
>
> R4(config-router)#neighbor 1.1.1.1 inherit peer-session *IBGP*
>
> R4(config-router)#neighbor 2.2.2.2 inherit peer-session *IBGP*
>
> R4(config-router)#neighbor 3.3.3.3 inherit peer-session *IBGP*
>
>
>
> *To verify the configuration:*
>
> * *
>
> *On R1*
>
>
>
> * *
>
> * *
>
> *R1#Show ip bgp*
>
> * *
>
> BGP table version is 5, local router ID is 192.168.1.1
>
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal,
>
> r RIB-failure, S Stale
>
> Origin codes: i - IGP, e - EGP, ? - incomplete
>
>
>
> Network Next Hop Metric LocPrf Weight Path
>
> *> 192.168.1.0 0.0.0.0 0 32768 i
>
> *>i192.168.2.0 2.2.2.2 0 100 0 i
>
> *>i192.168.3.0 3.3.3.3 0 100 0 i
>
> *>i192.168.4.0 4.4.4.4 0 100 0 i
>
>
>
> X *Peer-session template can be used to apply session specific
> configuration commands to a group of neighbors that share a common session
> configuration.*
>
> * *
>
> X *Peer-session templates can be reused and they support inheritance of
> another peer-session template/s, this means that nested peer-sessions can
> also be used.*
>
> * *
>
> X *Peer-session templates support session specific commands ONLY. *
>
>
>
> Remember, do the configurations without applying the password, once you get
> the routers up, then, apply the password.
>
>
>
> Peer-policy is identical to the peer-session but it contains commands that
> are used to apply policy instead of session establishment commands.
>
>
>
> Hope this helped.
>
>
> On Wed, Feb 4, 2009 at 1:57 PM, ALL From_NJ <all.from.nj@gmail.com> wrote:
>
> > Is this the link you used? (watch the ugly word wrap ...)
> >
> >
> >
>
> http://www.cisco.com/en/US/docs/ios/iproute/configuration/guide/irp_bgp_basic
> _net_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1057358<http://www.cisco.com/en/US/docs/ios/iproute/configuration/guide/irp_bgp_basic%0A_net_ps6350_TSD_Products_Configuration_Guide_Chapter.html#wp1057358>
> >
> > There is almost too much info listed ... , what helped me to understand
> > these better was to do these configs a few times.
> >
> > What is also cool about these, is that you can configure many peer
> options
> > without using the neighbor command, and any new peer can quickly be
> > customized via applying the template.
> >
> > IMO, these are applicable to both enterprise and sp; I think both.
> >
> > Have you tried it, and did everything work ok? HTH,
> >
> > Andrew Lee Lissitz
> >
> >
> >
> > On Wed, Feb 4, 2009 at 1:29 PM, Mohamed Zeavudeen <mohd.zea@gmail.com
> > >wrote:
> >
> > > Any Good reference for studying BGP Peer session template, DOC CD is
> not
> > > very clear.
> > >
> > > How important this topic for R&S, looks like SP Stuff.
> > >
> > > Kind regards,
> > > Z
> > >
> > >
> > > Blogs and organic groups at http://www.ccie.net
> > >
> > > _______________________________________________________________________
> > > Subscription information may be found at:
> > > http://www.groupstudy.com/list/CCIELab.html
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> >
> >
> > --
> > Andrew Lee Lissitz
> > all.from.nj@gmail.com
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
> >
>
>
> --
> Narbik Kocharians
> CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> www.MicronicsTraining.com
> www.Net-Workbooks.com
> Sr. Technical Instructor
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sun Mar 01 2009 - 09:44:10 ARST