eBGP Peering

eBGP Peering

We can peer with a device in other Autonomous System using eBGP.
The AD(administrative distance) for eBGP peers is 20.
By default the time-to-live(TTL) is set to 1 for eBGP sessions.
If a eBGP session is configured between two non-directly connected peers,the TTL
must be increased or manipulated.
This is also applies when a loopback interface is used to connect two eBGP neighbors.
The common way to increase a eBGP TTL is by using command “ebgp multihop [TTL value]”.

There are Three ways to manipulate TTL field in eBGP sessions.

The syntax for eBGP peering with loopback interfaces is:-
Suppose here in figure R1 is in AS 100 and R2 is in AS 200,and we want to establish
connectivity using there respective loopbacks.
R1(conf)#router bgp 100
R1(config-router)#neighbor remote-as 200
R1(config-router)#neighbor update-source loopback0
R1(config-router)#neighbor ebgp-multihop 2

For R2
R2(conf)#router bgp 200
R2(config-router)#neighbor remote-as 100
R2(config-router)#neighbor update-source loopback0
R2(config-router)#neighbor ebgp-multihop 2

Here in the above scenario “update-source loopback0” command is used because
we are peering with loopback interfaces here and by default BGP takes the
connected interface as update source and if we have not updated the source
of the BGP packets by default it had taken the FastEthernet  interface.
Also we have taken “ebgp-multihop 2” because router counts loopback interface
as hops so the first hop is from R1 FastEthernet  to R2 FastEthernet and then the second
hop as R2 loopback0 interface,thats why we have used “ebgp-multihop 2”.
If we have not-mentioned the hop(2) in the command “ebgp-multihop “the BGP has

taken as maximum hop as 255.

There are two more ways to manipulate TTL field in eBGP,first i have mentioned
as “ebgp-multihop”.
The second is “disable-connected-check” feature,it is mostly used where the eBGP
session between two devices is routed over another transit router,the syntax is:-
R2(config-router)#neighbor disable-connected-check

The third option is “TTL-security hops [hop count]”,the syntax is:-
R2(config-router)#neighbor ttl-security hops 2
The “ttl-security” ,When this feature is enabled, BGP will establish and maintain
the session only if the TTL value in the IP packet header is equal to or greater
than the TTL value configured for the peering session. If the value is less than
the configured value, the packet is silently discarded and no Internet Control
Message Protocol (ICMP) message is generated. This feature is both effective and
easy to deploy.
Here in the above example we are saying to router that the TTL must be equal to
or greater than 2 to establish eBGP peering,if the TTL is less than 2 the
neighborship will not form.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.