eBGP_15

From the BGP Intro, here are the points relevant to this post:

  • BGP Peers in the same AS are iBGP (Internal) Peers
  • BGP Peers NOT in the same AS are eBGP (External) Peers
  • The underlying connection that forms BGP Peerings is connection oriented
  • The connection runs on TCP port 179
  • BGP Adjacencies = BGP “Peerings”
  • eBGP is recommended by Cisco to be directly connected devices, while iBGP Peers often are not directly connected devices
  • No information is exchanged between BGP Speakers until they are Peers

With that, since I already have R1 and R5 connected, lets make some eBGP Peers!

R1(config)#router bgp ?
  <1-65535>  Autonomous system number

R1(config)#router bgp 100 ?
  <cr>

R1(config)#router bgp 100
R1(config-router)#

And so it begins! Nothing fancy there, and wanted to show exactly that, with the “router bgp (AS #) command there is no frills but getting into router configuration mode.

So the first step to configuration, is entering a “neighbor” command, which we see here:

R1(config-router)#neighbor ?
  A.B.C.D     Neighbor address
  WORD        Neighbor tag
  X:X:X:X::X  Neighbor IPv6 address

R1(config-router)#neighbor 172.12.15.5 ?
  activate                 Enable the Address Family for this Neighbor
  advertise-map            specify route-map for conditional advertisement
  advertisement-interval   Minimum interval between sending BGP routing updates
  allowas-in               Accept as-path with my AS present in it
  capability               Advertise capability to the peer
  default-originate        Originate default route to this neighbor
  description              Neighbor specific description
  disable-connected-check  One-hop away EBGP peer using loopback address
  distribute-list          Filter updates to/from this neighbor
  dmzlink-bw               Propagate the DMZ link bandwidth
  ebgp-multihop            Allow EBGP neighbors not on directly connected
                           networks
  fall-over                session fall on peer route lost
  filter-list              Establish BGP filters
  inherit                  Inherit a template
  local-as                 Specify a local-as number
  maximum-prefix           Maximum number of prefixes accepted from this peer
  next-hop-self            Disable the next hop calculation for this neighbor
  next-hop-unchanged       Propagate the iBGP paths’s next hop unchanged for
                           this neighbor
  password                 Set a password
  peer-group               Member of the peer-group
  prefix-list              Filter updates to/from this neighbor
  remote-as                Specify a BGP neighbor
  remove-private-as        Remove private AS number from outbound updates
  route-map                Apply route map to neighbor
  route-reflector-client   Configure a neighbor as Route Reflector client
  send-community           Send Community attribute to this neighbor
  shutdown                 Administratively shut down this neighbor
  soft-reconfiguration     Per neighbor soft reconfiguration
  timers                   BGP per neighbor timers
  translate-update         Translate Update to MBGP format
  transport                Transport options
  ttl-security             BGP ttl security check
  unsuppress-map           Route-map to selectively unsuppress suppressed
                           routes
  update-source            Source of routing updates
  version                  Set the BGP version to match a neighbor
  weight                   Set default weight for routes from this neighbor

R1(config-router)#neighbor 172.12.15.5

I stopped the command here to point out, this is not your usual “neighbor …” command, as there is no <cr> at the end here – We have to input something. I took the liberty of highlighting in red the modifier required for initial neighbor configuration:

R1(config-router)#neighbor 172.12.15.5 remote-as ?
  <1-65535>  AS of remote neighbor

R1(config-router)#neighbor 172.12.15.5 remote-as 500 ?
  nlri      Specify nlri type supported by neighbor
  shutdown  Administratively shut down this neighbor
  <cr>

R1(config-router)#neighbor 172.12.15.5 remote-as 500
R1(config-router)#

I just wanted to see what was beyond the neighbor number, I found the “shutdown” command to remotely Administratively shutdown a neighbor was mischievously funny.

So now R1 is set in BGP AS 100 with a Neighbor statement points at R5’s interface IP, so logically if we go do the same thing to R5 we’re in business:

R5(config)#router bgp 500
R5(config-router)#neighbor 172.12.15.1 remote-as 100
R5(config-router)#
*Apr  8 01:50:59.199: %BGP-5-ADJCHANGE: neighbor 172.12.15.1 Up
R5(config-router)#

Success! I didn’t think that simple basic configuration would actually bring up that neighbor relationship, but sure enough it did.

So I’m kind of going off on my own to find some show commands, lets look at some different output of “show” commands to see what we find:

R5#sh bgp ?
  *      All scopes
  all    All address families
  ipv4   Address family
  ipv6   Address family
  l2vpn  Address family
  nsap   Address family
  vpnv4  Address family
  vpnv6  Address family
  vrf    VRF scope

R5#sh ip bgp ?
  A.B.C.D            Network in the BGP routing table to display
  A.B.C.D/nn         IP prefix <network>/<length>, e.g., 35.0.0.0/8
  all                All address families
  cidr-only          Display only routes with non-natural netmasks
  community          Display routes matching the communities
  community-list     Display routes matching the community-list
  dampening          Display detailed information about dampening
  extcommunity-list  Display routes matching the extcommunity-list
  filter-list        Display routes conforming to the filter-list
  import             Display route topology import / export activity
  inconsistent-as    Display only routes with inconsistent origin ASs
  injected-paths     Display all injected paths
  ipv4               Address family
  ipv6               Address family
  l2vpn              Address family
  labels             Display Labels for IPv4 NLRI specific information
  neighbors          Detailed information on TCP and BGP neighbor connections
  nsap               Address family
  oer-paths          Display all oer controlled paths
  paths              Path information
  peer-group         Display information on peer-groups
  pending-prefixes   Display prefixes pending deletion
  prefix-list        Display routes matching the prefix-list
  quote-regexp       Display routes matching the AS path “regular expression”
  regexp             Display routes matching the AS path regular expression
  replication        Display replication status of update-group(s)
  rib-failure        Display bgp routes that failed to install in the routing
                     table (RIB)
  route-map          Display routes matching the route-map
  summary            Summary of BGP neighbor status
  template           Display peer-policy/peer-session templates
  topology           Routing topology instance
  update-group       Display information on update-groups
  version            Display prefixes with matching version numbers
  vpnv4              Address family
  vpnv6              Address family
  |                  Output modifiers
  <cr>

Woah! That right there is “sh bgp” vs “sh ip bgp” which the latter has just a ton more options up front, but also “sh ip bgp” has the <cr> making it by itself a legal command!

So just wanted to demonstrate the difference between those two, I am finding “sh (something)” vs “sh ip (something)” differences to be very useful to know the differences in which command gets you which output.

Moving along, the first full show command to look at your bgp neighbors, is as follows:

R5#sh ip bgp neigh
BGP neighbor is 172.12.15.1,  remote AS 100, external link

  BGP version 4, remote router ID 1.1.1.1

  BGP state = Established, up for 00:07:46

  Last read 00:00:46, last write 00:00:41, hold time is 180, keepalive interval is 60 seconds

  Neighbor sessions:

    1 active, is not multisession capable

  Neighbor capabilities:
    Route refresh: advertised and received(new)
    Four-octets ASN Capability: advertised
    Address family IPv4 Unicast: advertised and received
    Multisession Capability: advertised
  Message statistics:
    InQ depth is 0
    OutQ depth is 0

                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                1          0
    Keepalives:            10         10
    Route Refresh:          0          0
    Total:                 12         11
  Default minimum time between advertisement runs is 30 seconds

 For address family: IPv4 Unicast
  Session: 172.12.15.1
  BGP table version 1, neighbor version 1/0
  Output queue size : 0
  Index 1
  1 update-group member
                                 Sent       Rcvd
  Prefix activity:               —-       —-
    Prefixes Current:               0          0
    Prefixes Total:                 0          0
    Implicit Withdraw:              0          0
    Explicit Withdraw:              0          0
    Used as bestpath:             n/a          0
    Used as multipath:            n/a          0

                                   Outbound    Inbound
  Local Policy Denied Prefixes:    ——–    ——-
    Total:                                0          0
  Number of NLRIs in the update sent: max 0, min 0

  Address tracking is enabled, the RIB does have a route to 172.12.15.1
  Connections established 1; dropped 0
  Last reset never
  Transport(tcp) path-mtu-discovery is enabled
  Graceful-Restart is disabled
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 1
Local host: 172.12.15.5, Local port: 179

Foreign host: 172.12.15.1, Foreign port: 54105
Connection tableid (VRF): 0
Maximum output segment queue size: 50

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0x2B85F0):
Timer          Starts    Wakeups            Next
Retrans            11          0             0x0
TimeWait            0          0             0x0
AckHold             9          8             0x0
SendWnd             0          0             0x0
KeepAlive           0          0             0x0
GiveUp              0          0             0x0
PmtuAger            0          0             0x0
DeadWait            0          0             0x0
Linger              0          0             0x0
ProcessQ            0          0             0x0

iss: 3920965672  snduna: 3920965944  sndnxt: 3920965944     sndwnd:  16113
irs: 4259821679  rcvnxt: 4259821915  rcvwnd:      16149  delrcvwnd:    235

SRTT: 231 ms, RTTO: 769 ms, RTV: 538 ms, KRTT: 0 ms
minRTT: 0 ms, maxRTT: 300 ms, ACK hold: 200 ms
Status Flags: passive open, gen tcbs
Option Flags: nagle, path mtu capable
IP Precedence value : 6

Datagrams (max data segment is 1460 bytes):
Rcvd: 21 (out of order: 0), with data: 10, total data bytes: 235
Sent: 21 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 12, total data bytes: 271
 Packets received in fast path: 0, fast processed: 0, slow path: 0
 fast lock acquisition failures: 0, slow path: 0

R5#

I’ll cut out the unnecessary bottom half of output that we aren’t concerned with (yet) moving forward, but I did want to post the output in it’s entirety. A lot of good information right at the top like the RID, Remote IP, Remote AS #, and updates both sent and received.

Now the status currently shows Active in the above “sh bgp nei” output, but I want to go back in time and look at BGP from R1’s perspective before it formed a Peering with R5:

R5(config)#router bgp 500
R5(config-router)#no neighbor 172.12.15.1 remote-as 100
R5(config-router)#
*Apr  8 02:11:36.307: %BGP_SESSION-5-ADJCHANGE: neighbor 172.12.15.1 IPv4 Unicast topology base removed from session  Neighbor deleted
*Apr  8 02:11:36.307: %BGP-5-ADJCHANGE: neighbor 172.12.15.1 Down Neighbor deleted
R5(config-router)#
ASR#1
[Resuming connection 1 to r1 … ]

*Mar 30 23:03:18.177: %BGP-5-ADJCHANGE: neighbor 172.12.15.5 Down Peer closed the session
R1#sh ip bgp nei
BGP neighbor is 172.12.15.5,  remote AS 500, external link
  BGP version 4, remote router ID 0.0.0.0
  BGP state = Active
  Last read 00:00:40, last write 00:00:40, hold time is 180, keepalive interval is 60 seconds
  Message statistics:
    InQ depth is 0
    OutQ depth is 0
                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                0          1
    Keepalives:            23         25
    Route Refresh:          0          0
    Total:                 24         27
  Default minimum time between advertisement runs is 30 seconds

I stopped the output there, shortly to be touched on again, but let’s compare R5’s up and good state vs R1’s now down and bad state with “sh bgp nei”:

Good

BGP state = Established, up for 00:07:46

Bad

BGP state = Active

The Active state with BGP indicates a BGP Peer connection that doesn’t yet fully exist, and actually I will list off the different states before going any further:

  • Active = (Explained above)
  • Idle = Initial state of BGP Peering, if you see a connection stay in Idle status, make sure the neighbors IP address is correct, and that the local router knows how to reach it
  • Connect = Follows Idle status, in this state a TCP connection request has been sent but a response has not yet been received. If the TCP connection completes BGP moves to an “OpenSent” state, if it does not it goes back to “Active”
  • OpenSent = The BGP speaker has received an “Open” message from the peer, in this state BGP determines if the peer in the same BGP AS or a different (iBGP vs eBGP)
  • OpenConfirm = The BGP speaker is waiting for a keepalive, and when one is received, the state moves to “Established”
  • Established = Peering is complete and update packets are exchanged

That is the order of Peering status from beginning of a connection to the ending (hopefully) of being successful in becoming “Established.”

Now back to the second half of the “sh ip bgp nei” command on R1, I’ll give it the full output as it is much shorter when it’s not established:

R1#sh ip bgp nei
BGP neighbor is 172.12.15.5,  remote AS 500, external link
  BGP version 4, remote router ID 0.0.0.0
  BGP state = Active
  Last read 00:20:53, last write 00:20:53, hold time is 180, keepalive interval is 60 seconds
  Message statistics:
    InQ depth is 0
    OutQ depth is 0
                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                0          1
    Keepalives:            23         25
    Route Refresh:          0          0
    Total:                 24         27
  Default minimum time between advertisement runs is 30 seconds

 For address family: IPv4 Unicast
  BGP table version 1, neighbor version 0/0
 Output queue size : 0
  Index 1, Offset 0, Mask 0x2
  1 update-group member
                                 Sent       Rcvd
  Prefix activity:               —-       —-
    Prefixes Current:               0          0
    Prefixes Total:                 0          0
    Implicit Withdraw:              0          0
    Explicit Withdraw:              0          0
    Used as bestpath:             n/a          0
    Used as multipath:            n/a          0

                                   Outbound    Inbound
  Local Policy Denied Prefixes:    ——–    ——-
    Total:                                0          0
  Number of NLRIs in the update sent: max 0, min 0

  Connections established 1; dropped 1
  Last reset 00:20:57, due to Peer closed the session
  No active TCP connection

R1#

At the very bottom of the output, is very good information, as to when the connection dropped / reason / Any active TCP Connections, so you can see if the router ever “Established” a BGP connection with a BGP Peer.

So I will through the configuration back on R5, and point out one more thing for this small but important start to a lab:

R5(config-router)#neighbor 172.12.15.1 remote-as 100
R5(config-router)#^Z
R5#
*Apr  8 02:42:07.635: %BGP-5-ADJCHANGE: neighbor 172.12.15.1 Up
R5#sh ip bgp nei ?
  A.B.C.D     Neighbor to display information about
  X:X:X:X::X  IPv6 neighbor to display information about
  |           Output modifiers
  <cr>

R5#sh ip bgp nei 172.12.15.1
BGP neighbor is 172.12.15.1,  remote AS 100, external link
  BGP version 4, remote router ID 1.1.1.1
  BGP state = Established, up for 00:00:24
  Last read 00:00:24, last write 00:00:24, hold time is 180, keepalive interval is 60 seconds
  Neighbor sessions:
    1 active, is not multisession capable
  Neighbor capabilities:
    Route refresh: advertised and received(new)
    Four-octets ASN Capability: advertised
    Address family IPv4 Unicast: advertised and received
    Multisession Capability: advertised
  Message statistics:
    InQ depth is 0
    OutQ depth is 0

                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                1          0
    Keepalives:             2          3
    Route Refresh:          0          0
    Total:                  4          4
  Default minimum time between advertisement runs is 30 seconds

I just wanted to point out in red, that the “external link” in this command is going to be how we can tell if it’s eBGP or iBGP is with this command, and also that the command can be narrowed down per neighbor but it is “sh ip bgp nei …” and NOT “sh bgp nei”:

R5#sh bgp neigh ?
% Unrecognized command
R5#sh bgp neigh

This is very important to note, at the top “sh bgp …” leaves a lot of verification and troubleshooting commands to be desired, or hidden behind the initial modifiers. I looked into the show bgp commands and they seemed a bit advanced for what I am studying so I won’t bother going into them beyond that, but important to note if you are typing a verification command it will begin with “sh ip bgp …”

So to summarize what is needed for a eBGP Peering to succeed:

  • “router bgp (local AS #)” in global config
  • “neighbor (IP address) remote-as (Remote AS #)
  • Both routers to know how to reach the other
  • “sh ip bgp nei” for verification

That’s all I got for this beginning lab, next up we will add an iBGP Peer, TGIF!