BGP is a routing protocol that is used by ISPs on the internet to communicate routing information, and if you want to connect to more than one ISP, chances are you'll need to run it.
If you want to multi-home to two or more ISPs, you will need to run BGP, and to run BGP, you need to get an Autonomous System Number (ASN). ARIN allocates ASNs, and you'll need to download and complete the form at ftp://ftp.arin.net/templates/asntemplate.txt to get allocated one. There is a fee, and ARIN will not release the ASN number until they are paid. ASNs are simply a number between 1 and 65355. For instance BBNPlanet is AS 1, UUNet is 701, Sprint is 1239 and MCI is 3561.
Let's assume that you are allocated AS 65301 and that your network is 10.1.2.0/24. For our example we'll assume that you're connecting to Savvis (AS 6347) and Sprint (AS 1239). Say that the serial port addresses for Savvis as 10.6.6.2 on the near side and 10.6.6.3 on the Savvis side and for Sprint we'll use 10.25.9.109 on the near side and 10.25.9.110 on Sprint's side.
Let's say we have a Cisco 4700 - to run BGP you'll need to generally have at least 64M of ram.
First we'll create an as-path access-list for using as a filter for our announcements to both carriers.
cisco# config term Enter configuration commands, one per line. End with CNTL/Z. cisco(config)# ip as-path access-list 1 permit ^$ cisco(config)# ip bgp new cisco(config)# ^Z cisco#as-path access lists are regexp filters on AS patches, the above access lists matches only on an empty AS path, which is a way of saying only our internal routes.
I generally use a BGP community mechanism in addition to simple AS-PATH
filters (or instead of, in more complex installations). I use the community
AS:100 (in this case 65301:100) to mark routes originating from this AS, and
then AS: There's other commands we can run now too.. say for instance we want to know
information about the network 4.0.0.0/8 we can run the command: If we want to look at routes coming from certain AS's, we can use the show
ip bgp reg command:
cisco# config term
Enter configuration commands, one per line. End with CNTL/Z.
cisco(config)# route-map ORIGINATE permit 10
cisco(config-route-map)# set community 65301:100
cisco(config-route-map)# ^Z
cisco#
we want to create a community access-list to further restrict outbound
announcements. cisco# config term
Enter configuration commands, one per line. End with CNTL/Z.
cisco(config)# ip community-list 1 permit 65301:100
cisco(config)# ^Z
cisco#
now we'll want to create incoming and outbound route-maps for each of our
carriers. cisco# config term
Enter configuration commands, one per line. End with CNTL/Z.
cisco(config)# route-map SAVVIS-IN permit 10
cisco(config-route-map)# set community 65301:6347
cisco(config-route-map)# exit
cisco(config)# route-map SAVVIS-OUT permit 10
cisco(config-route-map)# match community 1
cisco(config-route-map)# exit
cisco(config)# route-map SPRINT-IN permit 10
cisco(config-route-map)# set community 65301:1239
cisco(config-route-map)# exit
cisco(config)# route-map SPRINT-OUT permit 10
cisco(config-route-map)# match community 1
cisco(config-route-map)# exit
cisco(config)# ^Z
cisco#
and now we bring it all together with our BGP section: cisco# config term
Enter configuration commands, one per line. End with CNTL/Z.
cisco(config)# router bgp 65301
cisco(config-router)# no sync
cisco(config-router)# network 10.3.2.0 mask 255.255.255.0 route-map ORIGINATE
cisco(config-router)#
cisco(config-router)# neighbor 10.6.6.3 remote-as 6347
cisco(config-router)# neighbor 10.6.6.3 filter 1 out
cisco(config-router)# neighbor 10.6.6.3 route-map SAVVIS-IN in
cisco(config-router)# neighbor 10.6.6.3 route-map SAVVIS-OUT out
cisco(config-router)# neighbor 10.25.9.110 remote-as 1239
cisco(config-router)# neighbor 10.25.9.110 filer 1 out
cisco(config-router)# neighbor 10.25.9.110 route-map SPRINT-IN in
cisco(config-router)# neighbor 10.25.9.110 route-map SPRINT-OUT out
cisco(config-router)# ^Z
cisco#
and that's it! Now we want to see if the sessions come up - run the
command 'show ip bgp sum' (the log below is from a router on which the
bgp sessions have been established for some time). cisco# show ip bgp sum
BGP table version is 356818164, main routing table version 356818164
53010 network entries (103119/159030 paths) using 11296252 bytes of memory
14595 BGP path attribute entries using 2061148 bytes of memory
20122 BGP route-map cache entries using 321952 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.6.6.3 4 6347 486782 15121 356818164 0 0 5d14h 52402
10.25.9.110 4 1239 218911 8176 356818164 0 0 5d16h 50715
cisco#
in this case, the two peers have been established for over 5 days.. in the
state field on the far left, you will see 'Active' or 'OpenSent' or
'OpenConfirm' until the session is established. In older versions of IOS the
State field will be blank. In some newer versions you'll see the PfxRcd in the
header, and that will show the number of prefix's (routes) recieved from that
neighbor.
cisco#show ip bgp 4.0.0.0
BGP routing table entry for 4.0.0.0/8, version 356594030
Paths: (2 available, best #2)
1239 1
10.25.9.110 from 10.25.9.110
Origin IGP, localpref 100, valid, internal, best
Community: 65301:1239
6347 1239 1
10.6.6.3 from 10.6.6.3 (206.129.255.1)
Origin IGP, localpref 100, valid, internal
Community: 65301:6347
cisco#
cisco#show ip route 4.0.0.0
Routing entry for 4.0.0.0/8, Hash 1088
Known via "bgp 65301", distance 20, metric 0
Tag 1239, type external
Last update from 10.25.9.110 5d22h ago
Routing Descriptor Blocks:
* 10.25.9.110, from 10.25.9.110, 5d22h ago
Route metric is 0, traffic share count is 1
AS Hops 3
cisco#show ip bgp 4.0.0.0 255.0.0.0 lo
BGP table version is 357082275, local router ID is 10.3.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i4.0.0.0 10.25.9.110 100 0 1239 1 i
* i 10.6.6.3 100 0 6347 1239 1 i
cisco#
You can see the details of this networks bgp attributes in the show ip
bgp output, the details of the routing information in the show ip
route output and an overview of the BGP information in the second show ip
bgp. In the BGP section we can see our two paths, one for each ISP, and we
can see that the sprint path (via AS 1239) gets chosen because it has a shorter
AS path (this is easier to see on the brief show ip bgp output on the
right side).
cisco#show ip bgp reg _7224$
BGP table version is 357084193, local router ID is 209.43.147.112
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i204.177.154.0/23 204.201.48.10 100 0 1239 701 7224 i
*>i 204.201.48.6 100 0 6347 701 7224 i
* i208.192.208.0/22 204.201.48.10 100 0 1239 701 7224 i
*>i 204.201.48.6 100 0 6347 701 7224 i
* i208.202.218.0/23 204.201.48.10 100 0 1239 701 7224 i
*>i 204.201.48.6 100 0 6347 701 7224 i
* i208.216.180.0/22 204.201.48.10 100 0 1239 701 7224 i
*>i 204.201.48.6 100 0 6347 701 7224 i
* i208.226.120.0/22 204.201.48.10 100 0 1239 701 7224 i
*>i 204.201.48.6 100 0 6347 701 7224 i
* i209.191.164.0/23 204.201.48.10 100 0 1239 701 6993 7224 i
*>i 204.201.48.6 100 0 6347 701 6993 7224 i
cisco#
This shows us all routes that originate in AS 7224 (amazon.com). We used a
regular expresion to match on the AS path - any normal regular expression can be
used which gives us a fair amount of flexibility.
Last Updated: Mon Oct 12 13:38:32 PDT 1998
This is part of Nik's website - email me with
questions or comments at nikm@cyberflunk.com.