Configuring BGP with CLI

This section provides information to configure BGP using the command line interface.

Topics in this section include:

BGP Configuration Overview

Preconfiguration Requirements

Before BGP can be implemented, the following entities must be configured:

  1. the autonomous system (AS) number for the router
    An AS number is a globally unique value that associates a router with a specific autonomous system. This number is used to exchange exterior routing information with neighboring ASs and as an identifier of the AS itself. Each router participating in BGP must have an AS number specified.
    In order to implement BGP, the AS number must be specified in the config>router context.
  2. the router ID
    The router ID is the IP address of the local router. The router ID identifies a packet’s origin. The router ID must be a valid host address.

BGP Hierarchy

BGP is configured in the config>router>bgp context. Three hierarchical levels are included in BGP configurations:

  1. global level
  2. group level
  3. neighbor level

Commands and parameters configured at the global level are inherited by the group and neighbor levels, although parameters configured at the group and neighbor levels take precedence over global configurations.

Internal and External BGP Configurations

A BGP domain is composed of ASs that share network reachability information. Network reachability information is shared throughout the BGP domain by BGP speakers. BGP speakers can belong to the same or different AS. BGP supports two types of routing information exchanges.

  1. Internal BGP (IBGP) is used within an AS. An IBGP speaker peers to the same AS and typically does not share a subnet. Neighbors (peers) do not have to be directly connected to each other. Since IBGP neighbors are not required to be directly connected, IBGP uses the IGP path (the IP next hop learned from the IGP) to reach an IBGP neighbor for its peering connection.
    The 7705 SAR supports IBGP — for MP-BGP purposes — only within the router context.
  2. External BGP (EBGP) is used between ASs. EBGP speakers peer to different ASs and typically share a subnet. In an external group, the next hop is dependent upon the interface shared between the external peer and the local one. The multihop command must be specified if an EBGP peer is more than one hop away from the local router. The next hop to the peer must be configured so that the two EBGP speakers can establish a BGP session.
    The 7705 SAR supports EBGP within the router context and VPRN context. For information on configuring EBGP within the VPRN context, refer to the 7705 SAR OS Services Guide, “VPRN Services”.

BGP Route Reflectors

In a standard BGP configuration, all BGP speakers within an AS must have a full BGP mesh to ensure that all externally learned routes are redistributed through the entire AS. IBGP speakers do not readvertise routes learned from one IBGP peer to another IBGP peer. If a network grows, scaling issues could emerge because of the full mesh configuration requirement. Route reflection circumvents the full mesh requirement but still maintains the full distribution of external routing information within an AS.

Autonomous systems using route reflection arrange BGP routers into groups called clusters. Each cluster contains at least one route reflector that is responsible for redistributing route updates to all clients. Route reflector clients do not need to maintain a full peering mesh between each other. They only require a peering to the route reflector(s) in their cluster. The route reflectors must maintain a full peering mesh between all non-clients within the AS.

Each route reflector must be assigned a cluster ID and specify which neighbors are clients and which are non-clients to determine which neighbors should receive reflected routes and which should be treated as a standard IBGP peer. Additional configuration is not required for the route reflector except for the typical BGP neighbor parameters.

Figure 16 illustrates an autonomous system with clusters.

Figure 16:  Route Reflection Network Diagram Example 

The following configuration example shows the minimum BGP configuration for routers in Cluster 1.1.1.1, shown in Figure 16.

ALU-A
    config router bgp
        group cluster1
            peer-as 100
            cluster 1.1.1.1
            neighbor 2.2.2.2
            exit
            neighbor 3.3.3.3
            exit
            neighbor 4.4.4.4
            exit
        exit
        group RRs
            peer-as 100
            neighbor 5.5.5.5
            exit
            neighbor 9.9.9.9
            exit
        exit
    exit
ALU-B
    config router bgp
        group cluster1
            peer-as 100
            neighbor 1.1.1.1
            exit
        exit
  exit
ALU-C
    config router bgp
        group cluster1
            peer-as 100
            neighbor 1.1.1.1
            exit
        exit
    exit
ALU-D
    config router bgp
        group cluster1
            peer-as 100
            neighbor 1.1.1.1
            exit
        exit
    exit

Basic BGP Configuration

This section provides information to configure BGP and configuration examples of common configuration tasks. The minimum BGP parameters that must be configured are:

  1. an autonomous system number for the router
  2. a router ID
  3. a BGP peer group
  4. a BGP neighbor with which to peer
  5. a BGP peer-AS that is associated with the above peer
Note:

If a new or different router ID value is entered in the BGP context, the new value takes precedence and overwrites the router-level router ID.

The BGP configuration commands have three primary configuration levels:

  1. global configuration (config>router>bgp)
  2. BGP group configuration (config>router>bgp>group)
  3. BGP neighbor configuration (config>router>bgp>group>neighbor)

Within the three levels, many of the configuration commands are repeated. For the repeated commands, the command that is most specific to the neighboring router is in effect; that is, neighbor settings have precedence over group settings, which have precedence over BGP global settings.

The following is a sample configuration that includes the parameters in the list above. The other parameters shown below are optional:

info
#--------------------------------------------------
echo "IP Configuration"
#--------------------------------------------------
...
    autonomous-system 200
    router-id 10.10.10.103
#--------------------------------------------------
...
#--------------------------------------------------
echo "BGP Configuration"
#--------------------------------------------------
    bgp
        graceful-restart
        exit
        cluster 0.0.0.100
        damping
        export "direct2bgp"
        router-id 10.0.0.12
        group "Group1"
            connect-retry 20
            damping
            hold-time 90
            keepalive 30
            local-preference 100
            multihop 3
            remove-private
            peer-as 200
            ttl-security 10
            neighbor 10.0.0.8
                connect-retry 20
                damping
                hold-time 90
                keepalive 30
                local-address 10.0.0.12
                multihop 3
                passive
                preference 99
                peer-as 200
                ttl-security 10
            exit
        exit
        group "Group2"
            connect-retry 20
            damping
            hold-time 90
            keepalive 30
            local-preference 100
            remove-private
            peer-as 200
            neighbor 10.0.3.10
                description "To_Router C - IBGP Peer"
                connect-retry 20
                damping
                hold-time 90
                keepalive 30
                peer-as 200
            exit
        exit
        group "Group3"
            connect-retry 20
            damping
            hold-time 30
            keepalive 30
            local-preference 100
            peer-as 200
            neighbor 10.0.0.15
                description "To_Router E - IBGP Peer"
                connect-retry 20
                damping
                hold-time 90
                keepalive 30
                local-address 10.0.0.12
                peer-as 200
            exit
        exit
    exit

Common Configuration Tasks

This section provides a brief overview of the tasks that must be performed to configure BGP and provides the CLI commands. In order to enable BGP, one AS must be configured and at least one group must be configured that includes neighbor (system or IP address) and peering information (AS number).

BGP is configured hierarchically; the global level applies to all peers, the group level applies to all peers in a group, and the neighbor level only applies to a specified peer. By default, group members inherit the group’s configuration parameters, although a parameter can be modified on a per-member basis without affecting the group-level parameters.

Many of the hierarchical BGP commands can be used at different levels. The most specific value is used. That is, a BGP group-specific command takes precedence over a global BGP command. A neighbor-specific command takes precedence over a global BGP or group-specific command.

All BGP instances must be explicitly created on each 7705 SAR. Once created, BGP is administratively enabled.

Configuration planning is essential to organize ASs and the 7705 SARs within the ASs, and to determine the internal and external BGP peering. To configure a basic autonomous system, perform the following tasks.

  1. Prepare a plan detailing the autonomous systems, the 7705 SAR belonging to each group, group names, and peering connections.
  2. Associate each 7705 SAR with an autonomous system number.
  3. Configure each 7705 SAR with a router ID.
  4. Associate each 7705 SAR with a peer group name.
  5. Specify the local IP address that will be used by the group or neighbor when communicating with BGP peers.
  6. Specify neighbors.
  7. Specify the autonomous system number associated with each neighbor.

Creating an Autonomous System

Before BGP can be configured, the autonomous system must be configured. In BGP, routing reachability information is exchanged between autonomous systems (ASs). An AS is a group of networks that share routing information. The autonomous-system command associates an autonomous system number with the 7705 SAR being configured. A 7705 SAR can only belong to one AS. The autonomous-system command is configured in the config>router context.

Note:

The 7705 SAR supports 4-byte AS numbers, as defined in RFC 4893, BGP Support for Four-octet AS Number Space. This allows up to 4 294 967 295 unique AS numbers.

Use the following CLI syntax to associate a 7705 SAR with an autonomous system:

CLI Syntax:
config>router# autonomous-system as-number

The following example displays autonomous system configuration command usage:

Example:
config>router# autonomous-system 100

The following example displays the autonomous system configuration:

ALU-B>config>router# info
#------------------------------------------
# IP Configuration
#------------------------------------------
    interface "system"
        address 10.10.10.104/32
    exit
    interface "to-103"
        address 10.0.0.104/24
        port 1/1/1
    exit
    autonomous-system 100
#------------------------------------------
ALU-B>config>router#

Configuring a Router ID

In BGP, routing information is exchanged between autonomous systems. The BGP router ID, expressed as an IP address, uniquely identifies the router. It can be set to be the same as the loopback address.

If a new or different router ID value is entered in the BGP context, the new router ID value is used instead of the router ID configured on the router level, system interface level, or inherited from the MAC address. The router-level router ID value remains intact.

A router ID can be derived by:

  1. defining the value in the config>router context, using the router-id command
  2. defining the system interface in the config>router>interface ip-int-name context
  3. inheriting the last four bytes of the MAC address
  4. defining the value within the BGP protocol level. The router ID can be defined in the config>router>bgp context, using the router-id command, and is only used within BGP.

When configuring a new router ID, protocols are not automatically restarted with the new router ID. The next time a protocol is initialized or reinitialized, the new router ID is used. An interim period of time can occur when different protocols use different router IDs. To force the new router ID, issue the shutdown and no shutdown commands for each protocol that uses the router ID or restart the entire router.

Use the following CLI syntax to configure the router ID:

CLI Syntax:
config>router# router-id ip-address

The following example displays router ID configuration command usage:

Example:
config>router# router-id 10.10.10.104

The following example displays the router ID configuration:

ALU-B>config>router# info
----------------------------------------------
# IP Configuration
#------------------------------------------
    interface "system"
        address 10.10.10.104/32
    exit
    interface "to-103"
        address 10.0.0.104/24
        port 1/1/1
    exit
    autonomous-system 100
    router-id 10.10.10.104
#------------------------------------------
ALU-B>config>router#

BGP Components

Use the CLI syntax displayed below to configure the following BGP attributes:

Configuring BGP

Once the BGP protocol instance is created, the no shutdown command is not required since BGP is administratively enabled upon creation. Minimally, to enable BGP on a router, you must associate an autonomous system number for the router, have a preconfigured router ID or system interface, create a peer group, neighbor, and associate a peer AS number. There are no default groups or neighbors. Each group and neighbor must be explicitly configured.

All parameters configured for BGP are applied to the group and are inherited by each peer, but a group parameter can be overridden on a specific basis. BGP command hierarchy consists of three levels:

  1. the global level
  2. the group level
  3. the neighbor level

For example:

CLI Syntax:
config>router# bgp (global level)
group (group level)
neighbor (neighbor level)
Note:

Careful planning is essential to implement commands that can affect the behavior of global, group, and neighbor levels. Because the BGP commands are hierarchical, analyze the values that can disable features on a particular level.

The following example displays the basic BGP configuration:

ALU-B>config>router# info
#------------------------------------------
# BGP Configuration
#------------------------------------------
#------------------------------------------
# BGP
#------------------------------------------
    bgp
    exit
#------------------------------------------
ALU-B>config>router#

Configuring Group Attributes

A group is a collection of related BGP peers. The group name should be a descriptive name for the group. Follow your group, name, and ID naming conventions for consistency and to help when troubleshooting faults. All parameters configured for a peer group are applied to the group and are inherited by each peer (neighbor), but a group parameter can be overridden on a specific neighbor-level basis.

The following example displays group configuration command usage:

Example:
config>router# bgp
config>router>bgp# group headquarters1
config>router>bgp>group# description “HQ execs”
config>router>bgp>group# multihop 3
config>router>bgp>group# med-out 100
config>router>bgp>group# ttl-security 10
config>router>bgp>group# local-address 10.0.0.104
config>router>bgp>group# disable-communities standard
config>router>bgp>group# exit

The following example displays the BGP group configuration:

ALU-B>config>router>bgp# info
----------------------------------------------
...
    group "headquarters1"
        description "HQ execs"
        multihop 3
        med-out 100
        local-address 10.0.0.104
        disable-communities standard
        ttl-security 10
        exit
    exit
...
----------------------------------------------

Configuring Neighbor Attributes

After you create a group name and assign options, add neighbors within the same autonomous system to create IBGP connections. All parameters configured for the peer group level are applied to each neighbor, but a group parameter can be overridden on a specific neighbor basis.

The following example displays neighbor configuration command usage:

Example:
config>router# bgp
config>router>bgp# group headquarters1
config>router>bgp>group# neighbor 10.0.0.5
config>router>bgp>group# multihop 3
config>router>bgp>group# peer-as 100
config>router>bgp>group# passive
config>router>bgp>group# ttl-security 10
config>router>bgp>group# exit
config>router>bgp>group# neighbor 10.10.10.103
config>router>bgp>group# multihop 255
config>router>bgp>group# med-out 100
config>router>bgp>group# peer-as 100
config>router>bgp>group# exit
config>router>bgp>group# neighbor 17.5.0.2
config>router>bgp>group>neighbor$ hold-time 90
config>router>bgp>group>neighbor$ keepalive 30
config>router>bgp>group>neighbor$ min-as-origination 15
config>router>bgp>group>neighbor$ local-preference 170
config>router>bgp>group# multihop 255
config>router>bgp>group# med-out 100
config>router>bgp>group>neighbor$ peer-as 100
config>router>bgp>group>neighbor$ exit
config>router>bgp>group# neighbor 17.5.1.2
config>router>bgp>group>neighbor$ hold-time 90
config>router>bgp>group>neighbor$ keepalive 30
config>router>bgp>group>neighbor$ min-as-origination 15
config>router>bgp>group>neighbor$ local-preference 100
config>router>bgp>group>neighbor$ min-route-advertisement 30
config>router>bgp>group>neighbor$ preference 170
config>router>bgp>group# multihop 255
config>router>bgp>group# med-out 100
config>router>bgp>group>neighbor$ peer-as 100
config>router>bgp>group>neighbor$ exit
config>router>bgp>group# exit

The following example displays neighbors configured in group “headquarters1”.

ALU-B>config>router>bgp# info
----------------------------------------------
...
    group "headquarters1"
        description "HQ execs"
        local-address 10.0.0.104
        disable-communities standard extended
        neighbor 10.0.0.5
            multihop 3 
            med-out 100 
            peer-as 100 
            passive    
            ttl-security 10    
        exit
        neighbor 10.0.0.106
            peer-as 100 
        exit
        neighbor 17.5.0.2
            hold-time 90
            keepalive 30
            min-as-origination 15
            local-preference 170
            multihop 255 
            med-out 100 
            peer-as 100 
        exit
        neighbor 17.5.1.2
            hold-time 90
            keepalive 30
            min-as-origination 15
            local-preference 100
            min-route-advertisement 30
            preference 170
            multihop 255 
            med-out 100 
            peer-as 100 
        exit
    exit
...
----------------------------------------------
ALU-B>config>router>bgp#

Configuring Route Reflection

Route reflection can be implemented in autonomous systems with a large internal BGP mesh to reduce the number of IBGP sessions required. One or more routers can be selected to act as focal points for internal BGP sessions. Several BGP speaking routers can peer with a route reflector. A route reflector forms peer connections to other route reflectors. A router assumes the role as a route reflector by configuring the cluster cluster-id command. No other command is required unless you want to disable reflection to specific peers.

If you configure the cluster command at the global level, then all subordinate groups and neighbors are members of the cluster. The route reflector cluster ID is expressed in dotted- decimal notation. The ID should be a significant topology-specific value. No other command is required unless you want to disable reflection to specific peers.

If a route reflector client is fully meshed, the disable-client-reflect command can be enabled to stop the route reflector from reflecting redundant route updates to a client.

The following example displays route reflection configuration command usage:

Example:
config>router# bgp
config>router>bgp# cluster 0.0.0.100
config>router>bgp# group “Santa Clara”
config>router>bgp>group$ local-address 10.0.0.103
config>router>bgp>group# neighbor 10.0.0.91
config>router>bgp>group>neighbor$ peer-as 100
config>router>bgp>group>neighbor# exit
config>router>bgp>group# neighbor 10.0.0.92
config>router>bgp>group>neighbor$ peer-as 100
config>router>bgp>group>neighbor# exit
config>router>bgp>group# neighbor 10.0.0.93
config>router>bgp>group>neighbor$ disable-client-refl
config>router>bgp>group>neighbor# peer-as 100
config>router>bgp>group>neighbor# exit

The following example displays a route reflection configuration:

ALU-B>config>router>bgp# info
---------------------------------------------
    cluster 0.0.0.100
    group "Santa Clara"
        local-address 10.0.0.103
        neighbor 10.0.0.91
            peer-as 100
        exit
        neighbor 10.0.0.92
            peer-as 100
        exit
        neighbor 10.0.0.93
            disable-client-reflect
            peer-as 100
        exit
    exit
---------------------------------------------
ALU-B>config>router>bgp#

BGP Configuration Management Tasks

This section discusses the following BGP configuration management tasks:

Modifying an AS Number

You can modify an AS number on a 7705 SAR but the new AS number will not be used until the BGP instance is restarted either by administratively disabling or enabling the BGP instance, or by rebooting the system with the new configuration.

Since the AS number is defined in the config>router context, not in the BGP configuration context, the BGP instance is not aware of the change. Re-examine the plan detailing the autonomous systems, the 7705 SARs belonging to each group, group names, and peering connections.

Note:

Changing an AS number on a 7705 SAR could cause configuration inconsistencies if associated peer-as values are not also modified as required. At the group and neighbor levels, BGP will re-establish the peer relationships with all peers in the group with the new AS number.

Use the following CLI syntax to change an autonomous system number:

CLI Syntax:
config>router# autonomous-system as-number
config>router# bgp
group name
neighbor ip-addr
peer-as as-number
Example:
config>router# autonomous-system 400
config>router# bgp
config>router>bgp# group headquarters1
config>router>bgp>group# neighbor 10.10.10.103
config>router>bgp>group# peer-as 400
config>router>bgp>group# exit

Modifying the BGP Router ID

Changing the router ID number in the BGP context causes the new value to overwrite the router ID configured on the router level, system interface level, or the value inherited from the MAC address.

Note:

Changing the router ID on a router could cause configuration inconsistencies if associated values are not also modified.

When configuring a new router ID, protocols are not automatically restarted with the new router ID. The next time a protocol is initialized or reinitialized, the new router ID is used.

To force the new router ID for BGP, issue the shutdown and no shutdown commands or restart the router.

Example:
config>router>bgp# router-id 10.0.0.104
config>router>bgp# shutdown
config>router>bgp# router-id 10.0.0.123
config>router>bgp# no shutdown

This example displays the BGP configuration with the BGP router ID specified:

ALU-B>config>router>bgp# info detail
----------------------------------------------
    no shutdown
    no description
    no always-compare-med
    ibgp-multipath load-balance
. . .
    router-id 10.0.0.123
----------------------------------------------
ALU-B>config>router>bgp#

Modifying the Router-Level Router ID

Changing the router ID number in the config>router context causes the new value to overwrite the router ID configured on the protocol level, system interface level, or the value inherited from the MAC address.

Note:

Changing the router ID on a router could cause configuration inconsistencies if associated values are not also modified.

When configuring a new router ID, protocols are not automatically restarted with the new router ID. The next time a protocol is initialized or reinitialized, the new router ID is used. An interim period of time can occur when different protocols use different router IDs. To force the new router ID, issue the shutdown and no shutdown commands for each protocol that uses the router ID or restart the entire router.

Use the following CLI syntax to change a router ID:

CLI Syntax:
config>router# router-id ip-address
Example:
config>router# router-id 10.10.10.104
config>router# no shutdown
config>router>bgp# shutdown
config>router>bgp# no shutdown

The following example displays the router ID configuration:

ALU-A>config>router# info
#------------------------------------------
# IP Configuration
#------------------------------------------
    interface "system"
        address 10.10.10.104/32
    exit
    interface "to-103"
        address 10.0.0.104/24
        port 1/1/1
    exit
    autonomous-system 100
    router-id 10.10.10.104
#------------------------------------------
ALU-B>config>router#

Deleting a Neighbor

In order to delete a neighbor, you must shut down the neighbor before issuing the no neighbor ip-addr command.

Use the following CLI syntax to delete a neighbor:

CLI Syntax:
config>router# bgp
group name
neighbor ip-address
     shutdown
exit
          no neighbor ip-address
Example:
config>router# bgp
config>router>bgp# group headquarters1
config>router>bgp>group# neighbor 10.0.0.103
config>router>bgp>group>neighbor# shutdown
config>router>bgp>group>neighbor# exit
config>router>bgp>group# no neighbor 10.0.0.103

The following example displays the “headquarters1” configuration with the neighbor 10.0.0.103 removed.

ALU-B>config>router>bgp# info
----------------------------------------------
    group "headquarters1"
        description “HQ execs”
            local-address 10.0.0.104
            neighbor 10.0.0.5
                passive
                peer-as 300
            exit
        exit
----------------------------------------------
ALU-B>config>router>bgp#

Deleting Groups

In order to delete a group, the neighbor configurations must be shut down first. After each neighbor is shut down, you must shut down the group before issuing the no group name command.

Use the following CLI syntax to shut down a peer and neighbor and then delete a group:

CLI Syntax:
config>router# bgp
group name
neighbor ip-address
          shutdown
               exit
neighbor ip-address
          shutdown
               exit
          shutdown
          exit
     no group name
Example:
config>router# bgp
config>router>bgp# group headquarters1
config>router>bgp>group# neighbor 10.0.0.105
config>router>bgp>group>neighbor# shutdown
config>router>bgp>group>neighbor# exit
config>router>bgp>group# neighbor 10.0.0.103
config>router>bgp>group>neighbor# shutdown
config>router>bgp>group>neighbor# exit
config>router>bgp>group# shutdown
config>router>bgp>group# exit
config>router>bgp# no group headquarters1

If you try to delete the group without shutting it down first, the following message appears:

ALU-B>config>router>bgp# no group headquarters1
MINOR: CLI BGP Peer Group should be shutdown before deleted. BGP Peer Group not deleted.

Editing BGP Parameters

You can change existing BGP parameters in the CLI. The changes are applied immediately.

CLI Syntax:
config>router# bgp
group name
. . .
neighbor ip-address
. . .
Example:
config>router# bgp

Refer to BGP Components for a complete list of BGP parameters.