Exactly. BGP is a TCP application and this is why it can connect with not
directly connected "hosts" without tricks like virtual links or tunnels.
On 9 November 2010 20:56, Matt Sherman <matt.sherman2_at_gmail.com> wrote:
> Thanks everyone! This is all good info. I never knew that there was a
> client / server relationship between BGP peers and knowing that you can
> adjust who's who is good to know as well.
>
>
>
> On Tue, Nov 9, 2010 at 5:48 PM, Narbik Kocharians <narbikk_at_gmail.com>
> wrote:
>
> > We can use the "Neighbor x.x.x.x transport connection-mode
> passive/Active"
> > command, the passive will be the server and the active will be the
> client.
> > Is this what you guys are looking for?
> >
> >
> > On Tue, Nov 9, 2010 at 2:42 PM, Adam Booth <adam.booth_at_gmail.com> wrote:
> >
> >> My understanding is that within the BGP peering relationship - initially
> >> the
> >> neighbor with the highest IP address will initially attempt to connect
> to
> >> the neighbor with the lowest IP address - the destination port is TCP
> 179
> >> but the source port is TCP 1024+
> >>
> >> Given enough time without a BGP session established (around 5 minutes or
> >> so), the peer neighbor with the lowest IP address will eventually
> attempt
> >> to
> >> start the BGP conversation.
> >>
> >> It is enough to have a single line in the acl for BGP - however having
> the
> >> ACL support both directions ensures a relatively fast BGP session setup
> >> without having to specifically think about which side has the higher or
> >> lower IP.
> >>
> >> Cheers,
> >> Adam
> >>
> >> On Wed, Nov 10, 2010 at 5:08 AM, Ryan West <rwest_at_zyedge.com> wrote:
> >>
> >> > Matt,
> >> >
> >> > One side is server and one side is client.
> >> >
> >> > The statement should read:
> >> >
> >> >
> >> > permit tcp host 192.168.67.7 eq bgp host 192.168.67.6*
> >> >
> >> > permit tcp host 192.168.67.7 host 192.168.67.6 eq bgp*
> >> >
> >> > That would cover the local router acting as server or client.
> >> >
> >> > -ryan
> >> >
> >> > -----Original Message-----
> >> > From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf
> Of
> >> > Matt Sherman
> >> > Sent: Tuesday, November 09, 2010 2:01 PM
> >> > To: Cisco certification
> >> > Subject: BGP ACL
> >> >
> >> > Hello,
> >> >
> >> > If I need to permit inbound BGP peering from R7 with an ACL on R6, the
> >> > syntax i always see is what's pasted below. The first permit
> statement
> >> > seems to do the trick just fine and the second doesn't make sense to
> me
> >> as
> >> > R6 wouldn't see BGP messages sourced from itself (192.168.67.6). Can
> >> > anyone explain the purpose of the second statement? Thanks
> >> >
> >> > AS 6 AS 7
> >> > (R6) S1/0 ---- 192.168.67.0 ---- S1/0 (R7)
> >> >
> >> >
> >> >
> >> > *R6*
> >> >
> >> > *ip access-list extended BGP*
> >> >
> >> > * **permit tcp host 192.168.67.7 eq bgp host 192.168.67.6*
> >> >
> >> > * permit tcp host 192.168.67.6 host 192.168.67.7 eq bgp*
> >> >
> >> > *!*
> >> >
> >> > *int s1/0*
> >> >
> >> > *** ip access-group BGP in*
> >> >
> >> >
> >> > Blogs and organic groups at http://www.ccie.net
> >> >
> >> >
> _______________________________________________________________________
> >> > Subscription information may be found at:
> >> > http://www.groupstudy.com/list/CCIELab.html
> >> >
> >> >
> >> > Blogs and organic groups at http://www.ccie.net
> >> >
> >> >
> _______________________________________________________________________
> >> > Subscription information may be found at:
> >> > http://www.groupstudy.com/list/CCIELab.html
> >>
> >>
> >> Blogs and organic groups at http://www.ccie.net
> >>
> >> _______________________________________________________________________
> >> Subscription information may be found at:
> >> http://www.groupstudy.com/list/CCIELab.html
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >
> >
> > --
> > *Narbik Kocharians
> > *CCSI#30832, CCIE# 12410 (R&S, SP, Security)
> > www.MicronicsTraining.com <http://www.micronicstraining.com/>
> > Sr. Technical Instructor
> > *Ask about our FREE Lab Voucher with our Boot Camps*
> > YES! We take Cisco Learning Credits!
> > Training & Remote Racks available
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Wed Nov 10 2010 - 00:19:42 ART
This archive was generated by hypermail 2.2.0 : Sun Dec 05 2010 - 22:14:55 ART