BGP I – Lab guide for LAB 1
Lab Steps
LAB1: iBGP and eBGP Neighbor Adjacencies (R1 ibgp R2 ebgp R3)
⦁ Objectives:
⦁ Establish eBGP peer
⦁ Establish iBGP peer
⦁ Playing with Peering Attributes
TASK1 – Explore lab environment
⦁ From all three routers: show cdp neighbor, show ip int brief
⦁ Verify IP addresses of each devices
⦁ From R1, ping R2.
⦁ From R2, ping R1 and R2
⦁ From R3, ping R2
⦁ From R1, ping R3 (it won’t work, for now)
TASK2 – Establish eBGP Peer
⦁ Verify output of show ip bgp summary
⦁ From R1:
router bgp 1111
neighbor 9.9.12.2 remote-as 2323
⦁ Verify output of show ip bgp summary
⦁ On R1:
debug ip tcp packet port 179
⦁ On R2:
debug ip bgp
router bgp 2323
neighbor 9.9.12.1 remote-as 1111
⦁ Who was initiator? R2
⦁ What TCP ports were used for the BGP peering? 179
⦁ Look in the debugs for an OPEN / UPDATE / KEEPALIVE message.
⦁ Track the neighbor states from IDLE to ESTABLISHED (look for “went from” in debugs)
⦁ Verify with show commands:
show ip bgp summary
show ip bgp neighbors
⦁ What is the Router ID for both peers? R1 = 9.9.12.1 R2 = 9.9.12.2
⦁ What is the negotiated hold time? 180
⦁ What IP addresses are being used for the BGP messages? interface ip
⦁ What is the outgoing TTL for packets sent from each peer? sh ip bgp nei Outgoing TTL 1
TASK3 – Establish iBGP Peer
⦁ Verify output of show ip bgp summary
⦁ From R2:
router bgp 2323
neighbor 9.9.23.3 remote-as 2323
⦁ Verify output of show ip bgp summary
⦁ On R2:
debug ip tcp packet port 179
⦁ On R3:
debug ip bgp
router bgp 2323
neighbor 9.9.23.2 remote-as 2323
⦁ Who was initiator? R2
⦁ What TCP ports were used for the iBGP peering? 179
⦁ Look in the debugs for an OPEN / UPDATE / KEEPALIVE message.
⦁ Track the neighbor states from IDLE to ESTABLISHED (look for “went from” in debugs)
*Dec 10 07:43:34.302: BGP: ses global 9.9.23.2 (0xF3F67F0:0) pas Adding topology IPv4 Unicast:base
*Dec 10 07:43:34.302: BGP: ses global 9.9.23.2 (0xF3F67F0:0) pas Send OPEN
*Dec 10 07:43:34.303: BGP: ses global 9.9.23.2 (0xF3F67F0:0) pas Building Enhanced Refresh capability
*Dec 10 07:43:34.303: BGP: 9.9.23.2 passive went from Connect to OpenSent
*Dec 10 07:43:34.303: BGP: 9.9.23.2 passive sending OPEN, version 4, my as: 2323, holdtime 180 seconds , ID 9091703
*Dec 10 07:43:34.304: BGP: 9.9.23.2 passive went from OpenSent to OpenConfirm
*Dec 10 07:43:34.314: BGP: 9.9.23.2 passive went from OpenConfirm to Established
*Dec 10 07:43:34.314: BGP: ses global 9.9.23.2 (0xF3F67F0:1) pas Assigned ID
⦁ Verify with show commands:
show ip bgp summary
show ip bgp neighbors
R3#sh ip bgp sum
BGP router identifier 9.9.23.3, local AS number 2323
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
9.9.23.2 4 2323 9 9 1 0 0 00:04:56 0
R3#
R3# sh ip bgp nei
R3# sh ip bgp neighbors
BGP neighbor is 9.9.23.2, remote AS 2323, internal link
BGP version 4, remote router ID 9.9.23.2
BGP state = Established, up for 00:04:59
Last read 00:00:25, last write 00:00:06, hold time is 180, keepalive interval is 60 seconds
Neighbor sessions:
1 active, is not multisession capable (disabled)
Neighbor capabilities:
Route refresh: advertised and received(new)
Four-octets ASN Capability: advertised and received
Address family IPv4 Unicast: advertised and received
Enhanced Refresh Capability: advertised and received
Multisession Capability:
Stateful switchover support enabled: NO for session 1
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 1 1
Keepalives: 7 7
Route Refresh: 0 0
Total: 9 9
Do log neighbor state changes (via global configuration)
Default minimum time between advertisement runs is 0 seconds
For address family: IPv4 Unicast
Session: 9.9.23.2
BGP table version 1, neighbor version 1/0
Output queue size : 0
Index 2, Advertise bit 0
2 update-group member
Slow-peer detection is disabled
Slow-peer split-update-group dynamic is disabled
Sent Rcvd
Prefix activity: ---- ----
Prefixes Current: 0 0
Prefixes Total: 0 0
Implicit Withdraw: 0 0
Explicit Withdraw: 0 0
Used as bestpath: n/a 0
Used as multipath: n/a 0
Outbound Inbound
Local Policy Denied Prefixes: -------- -------
Total: 0 0
Number of NLRIs in the update sent: max 0, min 0
Last detected as dynamic slow peer: never
Dynamic slow peer recovered: never
Refresh Epoch: 1
Last Sent Refresh Start-of-rib: never
Last Sent Refresh End-of-rib: never
Last Received Refresh Start-of-rib: never
Last Received Refresh End-of-rib: never
Sent Rcvd
Refresh activity: ---- ----
Refresh Start-of-RIB 0 0
Refresh End-of-RIB 0 0
Address tracking is enabled, the RIB does have a route to 9.9.23.2
Connections established 1; dropped 0
Last reset never
Interface associated: (none) (peering address in same link)
Transport(tcp) path-mtu-discovery is enabled
Graceful-Restart is disabled
SSO is disabled
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 255
Local host: 9.9.23.3, Local port: 179
Foreign host: 9.9.23.2, Foreign port: 57926
Connection tableid (VRF): 0
Maximum output segment queue size: 50
Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes)
Event Timers (current time is 0x2C3A0F):
Timer Starts Wakeups Next
Retrans 8 0 0x0
TimeWait 0 0 0x0
AckHold 8 5 0x0
SendWnd 0 0 0x0
KeepAlive 0 0 0x0
GiveUp 0 0 0x0
PmtuAger 0 0 0x0
DeadWait 0 0 0x0
Linger 0 0 0x0
ProcessQ 0 0 0x0
iss: 584355350 snduna: 584355564 sndnxt: 584355564
irs: 1603633096 rcvnxt: 1603633310
sndwnd: 16171 scale: 0 maxrcvwnd: 16384
rcvwnd: 16171 scale: 0 delrcvwnd: 213
SRTT: 656 ms, RTTO: 2806 ms, RTV: 2150 ms, KRTT: 0 ms
minRTT: 5 ms, maxRTT: 1000 ms, ACK hold: 200 ms
uptime: 299485 ms, Sent idletime: 6413 ms, Receive idletime: 6204 ms
Status Flags: passive open, gen tcbs
Option Flags: nagle, path mtu capable
IP Precedence value : 6
Datagrams (max data segment is 1460 bytes):
Rcvd: 18 (out of order: 0), with data: 9, total data bytes: 213
Sent: 17 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 9, total data bytes: 213
Packets received in fast path: 0, fast processed: 0, slow path: 0
fast lock acquisition failures: 0, slow path: 0
TCP Semaphore 0x0CAEC1AC FREE
⦁ What is the Router ID for both iBGP peers?
⦁ What is the negotiated hold time? 180s
⦁ What IP addresses are being used for the BGP messages?
⦁ What is the outgoing TTL for packets sent from each peer? Outgoing TTL 255
TASK4 – Modifying Router-ID
⦁ Verify Router-ID for R1/R2/R3 using show ip bgp neighbors
⦁ What is R1’s RID? How was it chosen? Interface associated: GigabitEthernet0/0 (peering address in same link)
⦁ What is R2’s RID? How was it chosen?
⦁ What is R3’s RID? How was it chosen?
⦁ On each Router, create a Loopback address:
⦁ On R1:
interface loopback0
ip address 9.1.1.1 255.255.255.224
⦁ On R2:
interface loopback0
ip address 9.2.2.2 255.255.255.224
⦁ On R3:
interface loopback0
ip address 9.3.3.3 255.255.255.224
⦁ Verify Router-ID for R1/R2/R3 using show ip bgp neighbors | inc ID|^BGP
⦁ Did anything change? Why or Why not? no
⦁ Clear the BGP sessions on each router
⦁ On reach router: clear ip bgp *
⦁ Verify Router-ID for R1/R2/R3 using show ip bgp neighbors | inc ID|^BGP
⦁ Did anything change? Why or Why not?
⦁ On each Router, configure a Router-ID:
⦁ On R1:
router bgp 1111
bgp router-id 1.1.1.1
⦁ On R2:
router bgp 2323
bgp router-id 2.2.2.2
⦁ On R3:
router bgp 2323
bgp router-id 3.3.3.3
⦁ Verify Router-ID for R1/R2/R3 using show ip bgp neighbors | inc ID|^BGP
⦁ Did anything change? Why or Why not? changed
⦁ From R2, ping Router IDs for R1 and R3
⦁ On R2:
ping 1.1.1.1
ping 3.3.3.3
⦁ Did it work? no
⦁ Note that the Router-ID does not have to be an accessible IP address
TASK5 – Modifying Timers
⦁ Verify current / default hold timer for iBGP
⦁ On R2
show ip bgp neighbors 9.9.23.3
⦁ On R3
show ip bgp neighbors 9.9.23.2
⦁ Set hold timer to 90s and keepalive timer to 30s on iBGP neighbors
⦁ On R2:
router bgp 2323
neighbor 9.9.23.3 timers 30 90
⦁ On R3:
router bgp 2323
neighbor 9.9.23.2 timers 30 90
⦁ Verify current hold timer:
⦁ On R2/R3
show ip bgp neighbors | inc ^BGP|keep
⦁ Did anything change? Why not? no
⦁ Reset BGP Peer on R3:
clear ip bgp 9.9.23.2
⦁ When adjacency comes back up, verify on R2/R3
show ip bgp neighbors | inc ^BGP|keep
⦁ Notice additional configuration lines
⦁ Set keepalive / hold time to 10/30 on R1
⦁ On R1:
⦁ show ip bgp neighbors | inc ^BGP|keep
⦁ On R1:
router bgp 1111
neighbor 9.9.12.2 timers 10 30
end
clear ip bgp 9.9.12.2
⦁ Verify hold/time on both eBGP peers
⦁ On R1:
show ip bgp neighbors | inc ^BGP|keep
⦁ On R2:
show ip bgp neighbors 9.9.12.1 | inc ^BGP|keep
⦁ Notice difference between configured and negotiated timers
⦁ Protect R2 by setting a minimum accepted hold time
⦁ On R2
router bgp 2323
neighbor 9.9.12.1 timers 30 90 60
⦁ Did the eBGP session come up? Why?
⦁ Update R1 to an acceptable hold timer
⦁ On R1:
router bgp 1111
neighbor 9.9.12.2 timers 20 60
end
clear ip bgp 9.9.12.2
⦁ Did the eBGP session come up?
⦁ Verify hold/time on both eBGP peers
⦁ On R1:
show ip bgp neighbors | inc ^BGP|keep
⦁ On R2:
show ip bgp neighbors 9.9.12.1 | inc ^BGP|keep
⦁ Notice difference between configured and negotiated timers
TASK6 – Modifying Update-source
⦁ Very peer IPs:
⦁ On R2/R3
show ip bgp summary
show ip int br | ex unassigned
⦁ Verify connectivity via loopback
⦁ On R2:
ping 9.3.3.3
⦁ On R3:
ping 9.2.2.2
⦁ (both should fail)
⦁ Enable connectivity via loopbacks
⦁ Add static routes for loopback addresses to iBGP peers
⦁ On R2
ip route 9.3.3.3 255.255.255.255 9.9.23.3
⦁ On R3:
ip route 9.2.2.2 255.255.255.255 9.9.23.2
⦁ Verify connectivity on R2:
ping 9.3.3.3
⦁ Verify connectivity on R3
ping 9.2.2.2
⦁ Change iBGP peers to use Loopback addresses
⦁ On R2
show run | section router bgp
configure terminal
router bgp 2323
neighbor 9.3.3.3 remote-as 2323
neighbor 9.3.3.3 timers 30 90
neighbor 9.3.3.3 update-source Loopback0
no neighbor 9.9.23.3
⦁ Did peer come up? Why not? (other side must match)
⦁ On R3:
show run | section router bgp
configure terminal
router bgp 2323
neighbor 9.2.2.2 remote-as 2323
neighbor 9.2.2.2 timers 30 90
neighbor 9.2.2.2 update-source Loopback0
no neighbor 9.9.23.2
⦁ Did peer come up?
⦁ Very peer IPs:
⦁ On R2/R3
show ip bgp summary
show ip int br | ex unassigned
R2#sh ip bgp sum
BGP router identifier 2.2.2.2, local AS number 2323
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
9.3.3.3 4 2323 4 5 1 0 0 00:00:25 0
9.9.12.1 4 1111 23 24 1 0 0 00:06:05 0
R2#show ip int br | ex unassigned
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 9.9.12.2 YES manual up up
GigabitEthernet0/1 9.9.23.2 YES manual up up
Loopback0 9.2.2.2 YES manual up up
R3#show ip int br | ex unassigned
Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 9.9.23.3 YES manual up up
Loopback0 9.3.3.3 YES manual up up
TASK7 – Configuring eBGP Multihop
⦁ Verify connectivity between R1 and R3
⦁ On R1:
ping 9.9.23.3
⦁ On R3:
ping 9.9.12.1
⦁ (should fail)
⦁ Enable connectivity between R1 and R3
⦁ On R1:
ip route 9.9.23.0 255.255.255.0 9.9.12.2
⦁ On R3:
ip route 9.9.12.0 255.255.255.0 9.9.23.2
⦁ Verify connectivity on R1:
ping 9.9.23.3
⦁ Verify connectivity on R3:
ping 9.9.12.1
⦁ Configure eBGP peering between R1 and R3
⦁ On R1:
router bgp 1111
neighbor 9.9.23.3 remote-as 2323
⦁ On R3:
router bgp 2323
neighbor 9.9.12.1 remote-as 1111
⦁ Did peer come up? Why or why not? no ttl
⦁ Set eBGP multi-hop on R1 and R3
⦁ On R1:
router bgp 1111
neighbor 9.9.23.3 ebgp-multihop 2
⦁ On R3:
router bgp 2323
neighbor 9.9.12.1 ebgp-multihop 2
⦁ Did peer come up?
⦁ Verify adjacency status
⦁ On R1/R2
show ip bgp summary
show ip bgp neighbors | inc ^BGP|TTL|hops
R1#show ip bgp neighbors | inc ^BGP|TTL|hops
BGP neighbor is 9.9.12.2, remote AS 2323, external link
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
BGP neighbor is 9.9.23.3, remote AS 2323, external link
External BGP neighbor may be up to 2 hops away.
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 2
R1#
R2#show ip bgp neighbors | inc ^BGP|TTL|hops
BGP neighbor is 9.3.3.3, remote AS 2323, internal link
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 255
BGP neighbor is 9.9.12.1, remote AS 1111, external link
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
R2#
可以看到 EBGPTTL 默認是1, 必須修改才能工作,iBGP 默認是TTL255,另外BGP是工作在TCP以上的,
當然我們工作中看到的一般都是跑OSPF,BGP 就跑在OSPF或者 EIGRP上面的,老卵啊。