Tuesday, November 11, 2008

BGP Lab 2

After a little delay, now it's time to do another BGP lab!
Here the topology:

Each ISP declare only his own /16 network and must suppress more detailed routes coming from customers.
With this lab we can try different Customer configuration, let's start with:


1) CUSTOMER1 (CON14):

Static routing with ISP2. (Easy!)
on Client side, no special configuration is required, just a default route to the ISP interface...

CON14#
interface FastEthernet0/0
description Link CON14 <-> CON13 Service Provider
ip address 150.20.1.14 255.255.255.252
duplex auto
speed auto
!
ip route 0.0.0.0 0.0.0.0 FastEthernet0/0

On the provider side, no BGP neighboring is established with the customer, but the customer's prefixes are statically routed and declared into BGP process.
CON13#
router bgp 2
no synchronization
bgp log-neighbor-changes
redistribute static route-map Comm_no_export
neighbor 10.31.0.1 remote-as 2
neighbor 10.31.0.1 update-source Loopback1
neighbor 10.31.0.1 send-community
neighbor 10.31.0.6 remote-as 2
neighbor 10.31.0.6 update-source Loopback1
neighbor 10.31.0.6 send-community
no auto-summary
!
ip route 150.20.5.0 255.255.255.0 Vlan16
!
route-map Comm_no_export permit 100
set community no-export
!


Here I used "redistribute static" statement into the bgp process, using a route-map that sets community "no-export" to the client's prefixes. (so the prefixes will never be advertised to EBGP neighbors).
With this configuration, additional "single homed" customers can be added simply adding more static routes, that are automatically redistributed into the bgp process. (be careful, maybe they don't ,-) )
But why set the no-export community? Maybe the service provider want to summarize the routes before sending to other service providers, so the customers prefixes will be suppressed.

2) CUSTOMER 2 (CON2): Load Balancing with BGP
Here the recommended configuration is to use a single EBGP session between loopbacks and two static routes to instruct how to reach loopbacks using two links. There are no reason here to use two different EBGP connections and maximum-paths =2, we are using a single router to terminate both circuits.
Customer has a BGP connection to declare his own prefixes, but don't need the full internet bgp table... just only a default route.
So on CON1 the configuration will be:
CON1# sh run | begin router bgp
router bgp 2
no synchronization
bgp log-neighbor-changes
neighbor 10.31.0.6 remote-as 2
neighbor 10.31.0.6 description iBGP CON6
neighbor 10.31.0.6 update-source Loopback1
neighbor 10.31.0.13 remote-as 2
neighbor 10.31.0.13 description iBGP CON13
neighbor 10.31.0.13 update-source Loopback1
neighbor 172.16.0.2 remote-as 65200
neighbor 172.16.0.2 description Customer 2 EBGP
neighbor 172.16.0.2 ebgp-multihop 2
neighbor 172.16.0.2 update-source Loopback1
neighbor 172.16.0.2 default-originate
neighbor 172.16.0.2 prefix-list default-only out
no auto-summary
!
ip route 172.16.0.2 255.255.255.255 150.20.1.6
ip route 172.16.0.2 255.255.255.255 150.20.1.10
!
ip prefix-list default-only seq 5 permit 0.0.0.0/0

From customer's point of view:
CON2#sh ip bgp
BGP table version is 3, local router ID is 172.16.0.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 10.31.0.1 0 2 i
*> 150.20.6.0/24 0.0.0.0 0 32768 i


No comments: