Beruflich Dokumente
Kultur Dokumente
Summary w/ Subnets
Basic
aggregate-address x.x.x.x x.x.x.x summary-only suppress subnets
config access-list
aggregate-address 172.x.x.x 255.x.x.x suppress-map block_subnets (name)
route-map filter_bgp permit 10 route aggregation
access-list 30 permit 172.0.0.0 0.255.255.255
match ip address 25
route maps route-map block_subnets
neighbor x.x.x.x route-map filter_bgp out supress-map
match ip address 30
can permit deny access lists (reverse logic) Summarizing
neighbor will get subnets
can deny permit access lists (reverse logic) neighbor x.x.x.x unsupress-map block_subnets
Ex. ISP only wants summary.other AS wants more
access-list 30 deny 172.0.0.0 0.0.0.0 (hits just summary)
Control advertising off by default
permit any auto-summary
distribute lists disabled from IOS 12.3 and on
neighbor x.x.x.x distribute-list 30 out
clear ip bgp *
ip prefix-list filter_bgp deny 172.0.0.0/8 le 32
prefix lists
neighbor x.x.x.x prefix-list filter_bgp out
Sync IGP before adv. routes to eBGP
Turn off if for full mesh iBGP or RR
Rule of Sync
on whether redist. into IGP or not
IP of sending Rtr Sync rule will cause BGP table to have no best entries
over shared media: if rcv Rtr is on same subnet, next hop stays the same for all iBGP never sends routes to other iBGP peers
Next hop
Split Horizon
NBMA: might not really be shared Because of this Need Full Mesh
Netxt hop is next AS redist. into IGP
BGP must be Full mesh or..
I (iBGP) RR / Confed
BGP
highest IP of up/up loopback at time BGP process starts
AS path prepending (add AS# to front) BGP Rtr ID
highest IP of another up/up int. at time BGP process starts
route-map: set as-path prepend 7500 7500 7500 pick ip to advertise to neighbor
for Backup ISP neighbor update-source
prepend ur AS, multiple times use a loopback address
dont config a real AS, may cause loop Config Guidelines peer with nei loopback if there are redundant links bgp router-id
With 2 RTRS: each RTR prmiary for some paths, backup for others Load Balancing neighbor command
BGP Neighbors eBGP nei must be directly connected, or use ebgp-multihop
Dont forget permit statement in route-map neighbor password MD5 only
Peer Group
TCP connect. req. with souce IP in a BGP nei. command
ASN must match what nei. has
Open Requirements
BGP RID's must not be the same
Path Attributes (PA) Update
Message types MD5's must match
Keepalive
Notification