NextGenNetworking: BGP

Saturday, 1 February 2020

BGP Communities

Here to demolish this community attribute am going to take R6 from our example

Lets check what all the prefixes R6 sending to its eBGP peer.

R6#sh ip bgp reg ^$

BGP table version is 91, local router ID is 150.6.6.6

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 6.1.0.0/16 0.0.0.0 0 32768 i

*> 6.2.0.0/16 0.0.0.0 0 32768 i

*> 6.3.0.0/16 0.0.0.0 0 32768 i

Lets add the NO EXPORT community in all the prefixes is sending to eBGP peer R1.

Before adding the community NO-EXPORT we should send the community to its neighbor.

R6(config)#router bgp 600

R6(config-router)#neighbor 155.1.16.1 send-community

Now lets add the NO-EXPORT community

R6(config)#route-map noexport

R6(config-route-map)#set community no-export

R6(config)#router bgp 600

R6(config-router)#neighbor 155.1.16.1 route-map noexport out.

Lets check whether the community NO-EXPORT field added in the prefixes.

R1#sh ip bgp 6.1.0.1

BGP routing table entry for 6.1.0.0/16, version 98

Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to EBGP peer)

Advertised to update-groups:

600

155.1.16.6 from 155.1.16.6 (150.6.6.6)

Origin IGP, metric 0, localpref 100, valid, external, best

Community: no-export

Here we verified the community NO-EXPORT is added

Lets see on R5 the prefixes from R6 should not be advertised out of its AS rite?

R5#sh ip bgp

BGP table version is 111, local router ID is 150.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

* 6.1.0.0/16 150.4.4.4 4294967295 0 500 500 500 500 400 100 600 i

*> 155.1.35.3 4294967295 0 100 600 i

* 6.2.0.0/16 150.4.4.4 4294967295 0 500 500 500 500 400 100 600 i

*> 155.1.35.3 4294967295 0 100 600 i

* 6.3.0.0/16 150.4.4.4 4294967295 0 500 500 500 500 400 100 600 i

*> 155.1.35.3 4294967295 0 100 600 i

What??? We are getting here that too out of the AS 100. but howwwww????

Lets check the community NO-EXPORT is present in the prefixes.

R5#sh ip bgp 6.1.0.0

BGP routing table entry for 6.1.0.0/16, version 117

Paths: (3 available, best #1, table Default-IP-Routing-Table)

Flag: 0x4840

Advertised to update-groups:

100 600

155.1.57.7 from 155.1.57.7 (155.1.123.7)

Origin IGP, metric 50, localpref 100, valid, external, best

500 500 500 500 400 100 600

150.4.4.4 (metric 2297856) from 150.4.4.4 (150.4.4.4)

Origin IGP, metric 4294967295, localpref 100, valid, external

100 600

155.1.35.3 from 155.1.35.3 (150.3.3.3)

Origin IGP, metric 4294967295, localpref 100, valid, external

Huh the community NO-EXPORT is gone lets check on R3 and R7. see whether they have the community or not.

R3#sh ip bgp 6.1.0.0

BGP routing table entry for 6.1.0.0/16, version 70

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Advertised to update-groups:

600

155.1.16.6 (metric 65) from 150.1.1.1 (150.1.1.1)

Origin IGP, metric 0, localpref 100, valid, internal, best

Hello where is the community NO-EXPORT.

Yeah you are rite its because we didn't send the community to R3 from R1. Lets send the community

R1(config)#router bgp 100

R1(config-router)#neighbor 150.3.3.3 send-community

R1(config-router)#neighbor 150.7.7.7 send-community

Now lets verify it.

R3#sh ip bgp 6.1.0.0

BGP routing table entry for 6.1.0.0/16, version 73

Paths: (1 available, best #1, table Default-IP-Routing-Table, not advertised to EBGP peer)

Flag: 0x880

Not advertised to any peer

600

155.1.16.6 (metric 65) from 150.1.1.1 (150.1.1.1)

Origin IGP, metric 0, localpref 100, valid, internal, best

Community: no-export

Now lets have a look on R5.

R5#sh ip bgp 6.1.0.1

% Network not in table

Now lets have a look for another community LOCAL-AS.

Here am going to configure LOCAL-AS on R5.

R4(config)#router bgp 400

R4(config-router)#neighbor 155.1.34.3 send-community

R4(config)#route-map localas

R4(config-route-map)#set community local-AS

R4(config)#router bgp 400

R4(config-router)#neighbor 155.1.34.3 route-map localas in

R5#sh ip bgp

BGP table version is 150, local router ID is 150.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 150.1.1.0/24 155.1.57.7 50 0 100 i

* 155.1.35.3 4294967295 0 100 i

*> 150.2.2.0/24 155.1.57.7 50 0 100 i

* 155.1.35.3 4294967295 0 100 i

*> 150.3.3.0/24 155.1.57.7 50 0 100 i

See R4 not sending the update to R5 because its local to that particular AS 400.

Now am going to configure match the community and set the attributes according to that community.

R6(config)#route-map addcommunity

R6(config-route-map)#set community 600:6

R6(config)#router bgp 600

R6(config-router)#neighbor 155.1.16.1 route-map addcommunity out

See R1 whether getting the community or not

R1#sh ip bgp 6.1.0.1

BGP routing table entry for 6.1.0.0/16, version 113

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Flag: 0x880

Advertised to update-groups:

2 3

600

155.1.16.6 from 155.1.16.6 (150.6.6.6)

Origin IGP, metric 0, localpref 100, valid, external, best

Community: 39321606

See its sending the community in decimal format.

R1(config)#ip community-list standard 600:6 permit 600:6

R1(config)#route-map R6

R1(config-route-map)#match community 600:6 600:6

R1(config-route-map)#set as-path prepend 600 600

R1(config)#router bgp 100

R1(config-router)#neighbor 155.1.16.6 route-map R6 in

R1#sh ip bgp

BGP table version is 116, local router ID is 150.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 6.1.0.0/16 155.1.16.6 0 0 600 600 600 i

*> 6.2.0.0/16 155.1.16.6 0 0 600 600 600 i

*> 6.3.0.0/16 155.1.16.6 0 0 600 600 600 i

Community Name	Working
No-Export	It will not send the prefixes out of the AS but it will send to the sub AS That means it wont be propagated to true eBGP peers.
Local AS	It will not send out of the AS not even to sub AS

Multi-Exit Discriminator

Here R5 getting updates from R3 , R4 and as well as R1.

R5#sh ip bgp

BGP table version is 66, local router ID is 150.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

* 6.1.0.0/16 155.1.57.7 0 100 600 i

*> 155.1.35.3 0 100 600 i

* 150.4.4.4 0 500 500 500 500 400 100 600 i

* 6.2.0.0/16 155.1.57.7 0 100 600 i

*> 155.1.35.3 0 100 600 i

* 150.4.4.4 0 500 500 500 500 400 100 600 i

* 6.3.0.0/16 155.1.57.7 0 100 600 i

*> 155.1.35.3 0 100 600 i

* 150.4.4.4 0 500 500 500 500 400 100 600 i

But why R5 choosing R3 as it best and valid path. Lets shutdown the neighbor R3 and lets wait for sometime

R5(config)#router bgp 500

R5(config-router)#neighbor 155.1.35.3 shutdown

R5#sh ip bgp su

BGP router identifier 150.5.5.5, local AS number 500

BGP table version is 23, main routing table version 23

12 network entries using 1404 bytes of memory

17 path entries using 884 bytes of memory

11/4 BGP path/bestpath attribute entries using 1364 bytes of memory

9 BGP AS-PATH entries using 248 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 3900 total bytes of memory

BGP activity 58/46 prefixes, 187/170 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

150.4.4.4 4 400 524 588 23 0 0 00:07:57 8

155.1.35.3 4 100 519 582 0 0 0 00:00:18 Idle (Admin)

155.1.57.7 4 100 209 201 23 0 0 00:08:00 6

Now lets re enable the neighborship.

R5#sh ip bgp

BGP table version is 26, local router ID is 150.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

* 6.1.0.0/16 155.1.35.3 0 100 600 i

*> 155.1.57.7 0 100 600 i

* 150.4.4.4 0 500 500 500 500 400 100 600 i

* 6.2.0.0/16 155.1.35.3 0 100 600 i

*> 155.1.57.7 0 100 600 i

* 150.4.4.4 0 500 500 500 500 400 100 600 i

* 6.3.0.0/16 155.1.35.3 0 100 600 i

*> 155.1.57.7 0 100 600 i

* 150.4.4.4 0 500 500 500 500 400 100 600 i

Now its using R7 route as best and valid path but why????

BGP path selection process

Highest Weight

Highest Local Preference

Router originator routes

Shortest AS path

Origin code

Lowest MED

eBGP over iBGP

Shortest IGP metric Note for iBGP

Oldest Path Note for eBGP ==========> Here the tie breaker.

R5#sh ip bgp su

BGP router identifier 150.5.5.5, local AS number 500

BGP table version is 26, main routing table version 26

12 network entries using 1404 bytes of memory

25 path entries using 1300 bytes of memory

11/4 BGP path/bestpath attribute entries using 1364 bytes of memory

9 BGP AS-PATH entries using 248 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 4316 total bytes of memory

BGP activity 58/46 prefixes, 195/170 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

150.4.4.4 4 400 535 599 26 0 0 00:13:48 8

155.1.35.3 4 100 538 600 26 0 0 00:05:40 8

155.1.57.7 4 100 217 211 26 0 0 00:13:51 6

So here we are going to change the metric MED value.

R5#sh ip bgp

BGP table version is 32, local router ID is 150.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 6.1.0.0/16 155.1.35.3 0 100 600 i

* 155.1.57.7 50 0 100 600 i

* 150.4.4.4 0 500 500 500 500 400 100 600 i

*> 6.2.0.0/16 155.1.35.3 0 100 600 i

* 155.1.57.7 50 0 100 600 i

* 150.4.4.4 0 500 500 500 500 400 100 600 i

*> 6.3.0.0/16 155.1.35.3 0 100 600 i

* 155.1.57.7 50 0 100 600 i

* 150.4.4.4 0 500 500 500 500 400 100 600 i

Now R5 started to select R3 as its beat and valid path because the metric MED its getting form R7 is 50 and from R3 its 0 since the lowest metric MED we are getting via R3.

Now look on R7 advertising the prefixes with the metric NULL .

This NULL metric MED is treated 2 ways.

Lets have a look each of them

R5#sh ip bgp

BGP table version is 32, local router ID is 150.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 6.1.0.0/16 155.1.35.3 0 100 600 i

* 155.1.57.7 50 0 100 600 i

* 150.4.4.4 0 500 500 500 500 400 100 600 i

*> 6.2.0.0/16 155.1.35.3 0 100 600 i

* 155.1.57.7 50 0 100 600 i

* 150.4.4.4 0 500 500 500 500 400 100 600 i

*> 6.3.0.0/16 155.1.35.3 0 100 600 i

* 155.1.57.7 50 0 100 600 i

* 150.4.4.4 0 500 500 500 500 400 100 600 i

By default BGP taking the NULL metric MED as Missing MED as best MED.

Now lets change the missing MED as the worst metric.

R5(config)#router bgp 500

R5(config-router)#bgp bestpath med missing-as-worst

R5#sh ip bgp

BGP table version is 37, local router ID is 150.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 6.1.0.0/16 155.1.57.7 50 0 100 600 i

* 155.1.35.3 4294967295 0 100 600 i

* 150.4.4.4 4294967295 0 500 500 500 500 400 100 600 i

*> 6.2.0.0/16 155.1.57.7 50 0 100 600 i

* 155.1.35.3 4294967295 0 100 600 i

* 150.4.4.4 4294967295 0 500 500 500 500 400 100 600 i

*> 6.3.0.0/16 155.1.57.7 50 0 100 600 i

* 155.1.35.3 4294967295 0 100 600 i

* 150.4.4.4 4294967295 0 500 500 500 500 400 100 600 i

Note the metric is changed to the maximum value (i.e) 4294967295