Skip to content

Archive

Archive for June 3rd, 2011

BGP Reachability

=================

R1
|
|     
|      
R2—FR CLOUD—R6
|
|
|
R5

Here in the above scenario R1 and R2 both connected to R6 via Frame-relay cloud and OSPF area 0 is running between all of them, and R6 is advertising default route into OSPF domain.R2 is in BGP AS 100,R6 is in BGP AS 200 and R5 is in AS 54.Here BGP is not running on R1.

The above task describes a case where reachabilty is lost to certain BGP networks when the primary Frame Realy connection of R2 is down.When the Frame Relay connection is down,all of R2’s traffic destined to R6 must transit R1.The problem , however is that R1 does not participate in BGP routing.Therefore,although BGP NLRI(Network Layer Reachability Information) is successfully transmitted throughout the network,traffic may be black holed when it reaches R1.

In order to resolve this issue, BGP has been redistributed into OSPF(IGP).R2 has been configured to redistribute all BGP information learned from AS 54 into OSPF.For traffic in the opposite direction, it doesnt matter,since R6 is originating a default route. The syntax of the commands will be:- on R2

router ospf 1 

redistribute bgp 100 subnets route-map BGP2OSPF

 ip as-path access-list 1 permit ^54_

route-map BGP2OSPF permit 10

match as-path 1

>>>Here _ matching everything in between that is starting ^ from 54.

 

BGP Filtering

===========

One of the most important thing in BGP to prevent our own public AS to be used as transit AS for other BGP AS’s. There are several ways to accomplish this as we can also use BGP Communities to accomplish this one simple way that i have found while doing lab today.

 >> Suppose our AS is 300 and we dont want AS 200 to use our AS as transit AS. We can accomplish this by using an “ip as-path access-list”matching the as-path and then filtering it to the specified neighbor by BGP “filter-list”.Here is the example.

>>The syntax of AS-PATH access-list.

 RTC(conf)#ip as-path access-list 13 permit ^$

 Here ^ is matching the begining of the string.

Here $ is matching the end of the string.

>>The syntax of BGP filter-list.

router bgp 300

neighbor[ip address] filter-list 13 out

Therefore by only advertising prefixes that were originated inside AS 300,AS 200 cannot use AS 300 to reach any other ASs like AS 100 in this scenario.In the above solution this is accomplished through the usage of filtering based on AS-PATH information. Since the AS-PATH of a prefix is not added until the prefix leaves the AS,prefixes which have been originated within AS will have an empty AS-PATH.This can be easily matched with a REGULAR EXPRESSION which specifies that the end of the line comes immediately after the start of the line,and is denoted as ^$. We can verify this configuration by the command:-

R1#show ip bgp neighbors [ip address of EBGP Neighbor] advertised-routes