(05) Foundation: Establishing A BGP Session

With An ISP (Part 2)

All right. It's going to start getting really good here. I just finished putting together all of
the topics that I wanted to discuss, and they're not going to fit. I totally know that. We're
going to move on to Part, 3 maybe even Part 4, depending on what we've got. But this is just,
I really wanted to go practical one you with BGP, to say OK, here's what we want, and here's
how to do it. And just kind of show you one thing after another. And I just started building a
list. I literally have this big notepad file list over here. I can show it you, just with all kinds of
cool stuff that I was like, oh, I want to show this and that. And I eventually had to draw the line
and say OK, we've got to cover some more concepts before we go this far. But I've got a lot of
stuff to cover with you before then. So I'm going to pick up right where the last Nugget left off,
which was right about here. We had just built a connection to ISP1. So that was kind of the
pinnacle of the last Nugget.

What we have done in the last nugget.

I showed adding the neighbor with the remote AS command. We got this guy up and
running. We added a description to him, talked about Shut Down, got into the show IPBGP
summary. Matter of fact, let me bring that back in, review that a little bit. Bring Router 1 into
the picture here. So assuming all is still good, let me do a Show IPBGP Summary. There it is.
Good. We still have that one neighbor 151.1.1. And that's ISP1. The big thing that we said we
wanted to see is the state slash prefix received. And never have a word here. If it's anything
like idle, or active, or anything other than a number, something is usually wrong. So we want
to see the number of prefixes that are received. And that's around where we left off in the last
Nugget. So where I want to pick up here is just actually starting off with another Show
command. I'm going to do a Show IPBGP. Now, show. IPBGP Summary I told you was the MVP
command of BGP. Huge for troubleshooting, primarily because of the neighbor report that it's
going to give.

Show IP BGP
Show IP BGP shows the BGP Topology Table. Let me explain that for a second. When
BGP receives routes, this guy's going to receive, oh let's say, the whole Internet Routing Table
from ISP1. He's also going to receive the whole Internet Routing Table from ISP2. And before
he puts them into a Routing Table-- if you want to about three tables, we've got the Neighbor
table. We've got the Topology Table. And we have the Routing Table. It's kind of the order of
events-- forms neighbors, pulls the routes from those neighbors, puts them in this big
Topology Table, picks the best of those routes, and then throws them into the Routing Table.
And that's what the router uses for routing. So we've seen the Neighbor Table. That's our
Show IPBGP Summary. Show IPBGP will give us the Topology Table. And expect it to be huge

when you get to the real world. It's going to be big because you're going to see the entire
Internet Routing Table.

BGP Looking Glass

As a matter of fact, hang on one second. Have you heard of a BGP Looking Glass? Let
me show one to you. A BGP Looking Glass is somebody who has made their router available
on the Internet for you to do you Show IPBGP commands and actually see the Internet Routing
Table. I'm just going to go to Google-- I've got it over here on the side-- and type in BGP
Looking Glass. And I put telnet, because I want to be able to telnet to one. The most common
place people go is right here, which is cool because they give you a whole ton of options. They
show all these different servers. I could go to Hong Kong, Japan, Netherlands. Hey, there's my
hometown-- Romania, Romania. Chara. It's a Romanian name. So I could click on this, and for
instance, looks like this group gives us the ability to do pings and trace routes. The reason
these are, here by the way, is because it's very useful when you start using BGP and
advertising your own networks, like let's say I start advertising to 200 network to the world,
200.1.1.0. I want to see when it shows up in Romania. I want to see what path the Romania
people are taking to get to my network, so I can try and manipulate and see if I can get them
to take a better path. And I'll talk about doing that later on. Gets really cool. But the problem
with that first site and the most common site, is most of them are these web interfaces, where
it's like OK, you can do this or that. They don't let you do a real Show IPBGP. Like if you try to
just submit like a blank one, they're like, ah, we'll resolve it for, this is for instance my IP
Address. They're like, we'll resolve it for your network. Look we see this network in our table. It
kind of gives us the information. But if you actually go back-- hang on, let me close this. And
go to, here's one of them. I just clicked on this "Network World" article from the field. And I
was looking in here. Here's like oh, this is an explanation of what a BGP Looking Glass is. But
right there, it gave the host name for a server-- route-server.IP.att.net. So let me actually bring
that up. Do a little quick connect. Let's go telnet, route-server.IP.att.net. Is that it? OK, there
we go. So we're actually telnetted here to AT&T's route service monitor. And they're saying,
hey, we've got these peers set up. And notice, there's EBGP peers with all of these different
routers that it's receiving routes from. It says hey, you can log in with this user name
"ourviews," and no password required. Now check this out. I'm going to do a Show IPBGP. This
is a real Internet router. Actually, I'm really curious-- Show Version. Oh, denied. I wanted to see
what kind of router it was, but it looks like they're locking it down to what commands we can
do. I'm going to do a Show IPBGP. And look at this. This is the 1 network. Let's start with 1.
And you can see the /22. And it shows we've got this network has all of these. This is 1
network-- right-- 10.1.-- or something. Why am I saying ten? 1.0.4.0/22. And then look at this.
It's saying I can get to that network through this guy, this guy, this guy, this guy, this guy, du,
du, du, du, du, du-- all the way down. Oh, and here's the network, next network 1.0.16/23.
Now I mean, check this out. I could hold down the space bar-- matter of fact, I will, which will
probably cause a lot of processor load on whatever router that is. I'm just letting it go, just
going. And this is the 1 network. That that's, we-- Yeah. So going down this list-- now I want
my nice output back that wasn't wrapping around. There we go. So we've got 1.68 that I'm
scrolling through. So a couple things while I'm here. Let me take this one, because I got a full
output right here. Notice that we've got 1.72.0.0. It's saying I can reach that network on the
Internet through this next hop. I have a redundant next hop. I have a redundant next hop. I
have a redundant next hop. All this. You see all these little stars? That means that is a valid
route. Meaning I know how to get to that next hop. Because there's times, and we'll see them
throughout this series. There's times where you might get a route in the Routing Table from a
peer, but you don't know how to reach its next hop. So it'll say I know about it, but the star
won't be there, because it's not a valid route. Now come across here. You can see we've got
the metric of that route, the Local Preference. We're going to talk about all this stuff, the
Weight. But one I want to talk about right now is the path. This is that AS path. You might
remember from the Foundations Nugget, a couple of nuggets ago, I talked about this. This is
the little passport. Meaning this route, this network 1.72.0.0 originated internally from
somebody's network, and that was probably autonomous system 9605. They passed it to
2904. They passed it to 7018. And there it is. And that's by the way, most of time why you see

all this wrapping, is the AS path gets so long. You can see right there. It originated in "I." It
went to 4760. And it just keeps going and then wraps around over here-- de dut, de dut, de
dut. Now whoa, whoa, whoa.

AS-Path Prepending
Wait a sec. See that? 4760, 4760, 4760-- what's up with that? And then 4760. That's
where it started. What's going on? What that is is, that is the feature called AS Path Prepending. It's trying to make a route not look as good. And we'll again, we'll talk a lot about
this. It's just a view of the table. I just wanted to give you a big picture view, and then show
you one more thing while we're on this BGP Looking Glass-- that one.
That little caret right there says OK, I had all of these paths-- that one's the best. You
might be saying, well, why'd it choose that one? Because. We're going to talk about it. But for
now, I just wanted to give you that view of that's the BGP Looking Glass. I stopped the output.
But that's just the 1 network that we scrolled through 50 pages of. That's going to be your
routing. I wonder if they let you do a Show IP Route? Oh, yeah, it's typing slow now. I probably
bogged it down. So look at this. Imagine having a Routing Table like this. Yeah, it's big. So
anyway, enough drooling at this BGP Looking Glass. I mean, check it out. Go for it yourself. It's
fun-- fun for me. So looking at our little, it kind of puts this in perspective. We're like, lame.
Where's the networks? So but this is our little ISP scenario right here. We've peered with one
ISP, and that happens to be ISP1 over here on the left-hand side. Now we're going to bring up
a peer. I should mention, it received all these routes. Notice when I look at the AS path, it said
it originated from, I don't know where. Not too sure. And then it went through Autonomous
System, on the left, Autonomous System 1.1.1. So that is probably the person that originated
those routes. So now let me bring up the peer to ISP2. They're going to be 150.1.1.5 in
Autonomous System 222. I got to stop trying to draw with my mouse. 222. There we go. So a
little review here. I'm going to go into global config mode. Let's do router BGP 500. That's our
Autonomous System. I'm going to do neighbor 150.1.1.5, Remote AS. and I will say the
Autonomous system is going to be 222. Enter. I'm going to do a Show IPBGP Summery. Let's
see if I can beat it there. So we've got idle. Notice it shows-- went from idle to active. OK.
Active, so it's trying to actively form. Oh, I left the Debug on. Look at that. So we went from
passive, we went from active, from idle, to connect. So active is saying OK, I'm looking at the
Routing Table. I'm trying to find a path to them. Went through and I actually did this in the last
one, exchanged its capabilities, sent the open message. Moved from open to open confirm,
and then establish. We the neighbor's gone up. Now when I do that same Show command and
I see, op, I received six prefixes from him as well. Now here's what I want to show you. Let's
get back to the Show IPBGP. This is my secondary MVP command because it shows that whole
Routing Table. And by the way you can imagine, there's a lot of filtering options on that. I
mean, all of these. Those are just ways to filter that output. Because as you just saw, it gets
quite enormous from the Internet-based router. So I do my Show IPBGP. I see all of the routes
that I've received. Now I started adding in a couple secondary routes, because I wanted to
show this to you. We've got 153.1.1.0 and 153.2.2.0. And what I said was, these are part of
some other autonomous system over here on the left-hand side. That's where those came
from. So I wanted to have some routes that didn't originate just from this and just from this,
so this guy could have some competing choices. So we look at this and we go OK. We've got
153.1.1.0. You following? We've got, I received it from ISP2. There's our 2222. I received it
from ISP1. He chose the best one to be ISP1. And same thing down here. I see I received this
network from ISP2, ISP1. He chose the best to be ISP1. So I can guarantee you if I go and do a
Show IP Route, that's going to be the route that's in the Routing Table. So I look for 153, right
there at the top. And you can see, it's using the next hop of that ISP1. That was the best one
that was chosen.

BGP Path Selection Process

So now let's talk about this. Why did it choose that route to be the best? Well that
comes into the world of the BGP metric. And I mean, you can't even call it a metric because
it's just a big blah. Cisco calls it a Route Selection Criteria. But it really is just-- well, let's look
at it together. There it is-- blah-- the BGP Path Selection Process. So here's how BGP picks the
route. So it received all of these routes. Or you could pull up that AT&T router again and say,
show me all that. It received all of these millions or hundreds of thousands of routes-- well,
actually into the millions for that AT&T router because of all the peers. How did it pick the
best? Well what it does is, it receives the route list. Let's just grab one of them 153.1.1.0. That
was one of the ones that I'm looking at on the right there. So I've got this route. First thing it's
going to do is, I received it from multiple sources. Let me see. Which one has the largest
Weight? Does one have a Weight higher than another? Matter of fact, let me just bring this
back over here. That Show IPBGP-- you notice right here when I did this, one of the columns
was the Weight. And every single one of them was 0, 0, 0, 0, 0, all the way down. So it says
OK, well, looks like that's tied. Let's move on. Let's check the Local Preference. Does anyone
have a higher Local Preference than the other? Again, coming back to this table, look over
there to the left. There's a column, Local Preference. It's all blank, blank, blank, blank. It's not
zero because there's actually a different default. I'm going to tell you that a little while. But it's
going to go through. So what it's going to do is go through this list and pick, based on
whichever one breaks the tie first, breaks the tie. I mean, I tried to word these in as plain of-if you type in-- go to Google. Type in BGP Path Selection Process. You'll see this same list, but
it'll be a lot more techie language from Cisco. I tried to word it as straight up as I could. So it's
going to prefer highest Weight, Local Preference. We don't know what those are yet. That's
OK. It says I'm going to prefer locally originated routes, meaning routes that I generated. So
for instance, if Router 1 came up with any of these routes, like it's like, oh, oh, I made that
one. It's going to say well, that's what I prefer. Then now notice the next one down in the list.

This one's huge-- shortest AS path. That is probably the strongest manipulation that you have
on choosing the best path. It's a very strong attribute. I mean if you look, you have Weight.
You have Local Preference. What are they? They are administratively set, administratively
controlled by you. So if you didn't set the Weight, if you didn't set the Local Preference, then
they're always going to be blank. They're always going to be zero and this is little blank for
the Local Preference. They're always going to be that way. So the next one is routes the router
originated, which there's not going to be that many of those. So this right here, this AS path,
is extremely-- people call it a strong attribute. It is one of the biggest influencing attributes of
why BGP will choose the best path. And that goes back to the very beginning of this whole
series, when I said BGP by default will pick the best path based on autonomous system hops,
where it says OK, one hop, two hop, I'm there. OK, I've reached it. That's the best path. And
then so, that's one of the strongest ones that we can originate. But you can go, it says OK,
well if that one's tied, let's go to the origin type and says well, let's look at where this route
came from. Internal routes are a little more favorable than external routes, are a little more
favorable than question mark. And again at this point, it's I'm showing you this list, but I'm
kind of like, just kind of take this with a grain of salt right now. Because I'm really like, this is
Nugget 5, Nugget 6, Nugget 7. I mean, we're going to go through and break down each one of
these. And there's a full explanation of when, and why, and how. And you'll eventually see
that there shouldn't be anything that has an E route. There's nothing that originates using
BGP. But you noticed, all of our routes came in with an incomplete. It doesn't know where they
came from. That's where that comes in from. So it's saying, I'm not too sure where that came
from. It is considered incomplete. So that is less preferred than E. That is less prefer than I.
And it goes down in this list. Let me just hop there. OK. Blah, blah, blah, blah. Right here we
come to a big kind of bracket that I put in-- Maximum Paths Check. Here's what that means.
BGP by default will load balance nothing. So if I have for instance ISP1 and ISP2. And I receive
the same routes from them. And everything's tied. It's like tie, tie, tie, tie, tie, tie. They're
totally equal. BGP will say no, I must pick the best. I will not choose one-- sorry, I will not use
both and load balance over them. I must pick one. Now that is a setting. That is its default
setting. It's saying, no I must pick the best. So if maximum path-- it's actually a configuration
command-- is set to one, that means I will only allow one path in my Routing Table. So if one
path is allowed, now it's going to go for some sure-fire tiebreaker. It's going to say OK,
chances are one of these routes was learned before the other. I'm going to pick the older
route. And that will 99% of time break the tie. But you know what, it just so happens the
moon's aligned, woo, coyote howled-- something was like OK, the same millisecond those
routes came in, it's going to say all right, I'm just going to pick whoever gave me the route,
whoever had the lower router ID, they're the winner. Let's go. Alex, I choose that one. And so
it's going to put that one in the Routing Table. Now if you choose and you say well let's do a
little load balancing action. I'm going to set the maximum paths to two. Then at that point, if
the routes are tied all the way down, they reach this point. It goes OK. All things considered, I
would say those routes are pretty well equal. Use them both. And that's where you put them
both in the Routing Table. It won't actually use these last two, because those are surefire ways
to break any tie. You're going to see that slide again, and again, and again, and again, and
again, and again. It's going to be one of those things I'll say, if you're certification prepping,
it's one of the things you'll want to commit to memory. And I'll show you kind of where the
line-- you don't have to memorize all of it, just most of it-- where the line is drawn on that. So
last thing I want to show you here before I kind of put a dividing line and then get into another
topic in the next Nugget, is just how we can start influencing things. How to start modifying
things, and making decisions. Let's just start really simple. I'm going to start with that major
attribute. It was attribute number one. Who remembers what it was? It's like one of those
memory tests. What was the number one way BGP uses to pick routes? Weight-- the ones with
the highest Weight. And wouldn't you know it, that's a Cisco proprietary attribute. Just like
Cisco to make theirs the like number one tie breaker, right. But it's actually not that bad. The
Weight is probably the simplest, easiest attribute that you can use. And it's OK that its
proprietary, because the router never tells anyone what its Weights are. It's not something
that's-- Like for instance, normally when you're like proprietary, you're like OK, Router 1 and
Router 2, they got to be Cisco. ISPs, they got to be Cisco routers, too, because you're using

the Weight. And every route that you're sending is going to be tagged with this little
proprietary Weight flag, and nobody else [INAUDIBLE]. Ah, nope, nope, nope. That's not how it
works. The way the Weight works is, it's all the local to the router. When I set a Weight on
Router 1, it will influence Router 1 in a major way, in a heavy way. That's a good way to
remember it, in a heavy way. But it's not going to be told to anybody else. Router 1 will just
pick the best routes based on that. Let me show you. I'm going to do, just in this Nugget,
because it's kind of like our intro into BGP. And here I'm just going to do a very simple way of
setting the Weights. We saw-- let me bring this back in here-- we saw when I did a Show IPBGP
that Router 1 it was preferring this guy to reach. Now again, now let's look at this table. It's
saying now I have two paths to the 153.1.1.0. I can get there through this one, which is ISP2.
Or I can get there through ISP1. That's this little blank gap right here. But it says I chose ISP1
as the best. That's why this little caret is right here. Because he's the best. And now looking at
that little table, we can say well I know why that is. It's because it worked its way down
through the list and this guy happened to be the oldest route. It was the one that was learned
about first. Or it was the one with the lower router ID. I'm not too sure which one broke the tie.
I would chances are, oldest route since, we just set this guy up in this Nugget. But that's why
it chose it. But I might say, well you know what? ISP2 is better. They're cheaper. They're faster.
They're better. I want to prefer them and use ISP1 as a backup. Here is an easy way to do
that. I'm going to do a Show Run, Section Router BGP. If you haven't seen that Section
command before, you are missing life in the Cisco world. I'm going to go into Global Config,
Router BGP 500. And I'm going to tweak with this. I'm going to go in and say OK, for the
neighbor, 150.1.1.5, right click on that. I'm going to say, you can you see one of the options.
You have a bunch of options that I could say. But I'm just going to say the Weight-- look a this-the default Weight for routes from this neighbor-- you know where I'm going now-- the Weight
is going to be five. That's it. I'm saying that guy's heavier that the other guys. Now when I go
back and do a Show IPBGP, I know what you're thinking. You're like it's going to change. no
No, it's not. It's not broken don't worry. Any time you change a filter-- this is considered a
filter-- or something in BGP, I have to clear the session. Now let me show you. If you work for a
service writer, it's your last day. You're like I just want to go out with a bang. Here's how you
do it. Bang. Run. Really quietly, grab your bag. Just run for the door. Alarms are going to go
off. Things are going to sound. In a major ISP, like take AT&T that router that we were just on
with the BGP table. And it had what was that? Just silly. It was like 12 different BGP peers it
showed on that log on banner that for AT&T. Now I'm going to go back and look. If you were to
do that command, that would tear down all 12 of them and incompletely flush every route.
Now that's hundreds, and thousands, and millions of routes that just got flushed. Will BGP
recover? Yes. Now I mean and you look right here. Well that wasn't too bad. That wasn't too
long. Well yeah. It's not too long because it's two tiny ISPs with very, very few routes that are
actually coming from them. But when you're a size of that AT&T router, you not only have to
restore all those neighbors. I would say that probably would happen in one to two minutes.
But then you have to receive all of those routes from all of those neighbors, process through
all of those routes from all those neighbors, I mean, you could be looking at a five at the low
side, five to maybe 10, 15, 20-minute outage, depending on the speed of the routers, and the
links, and all that, that you could cause by doing that. Now you notice, you can see it. You saw
it before, before I did that clear, none of the Weights had adjusted themselves. But now that I
cleared it, the neighbor's reestablished. It resent those routes. All of routes from ISP2 are
coming in flagged with this weight of five. And you notice these little pointers? What have
they done? They've all dropped down, and they're now pointing to ISP2 as the favored one,
because it has a higher Weight. Now that was a broad, sweeping change which would change
every single route. ISP2 will always be the preferred for every single route that it has a path
to. So looking at that Show IP Route, all of those are now in the Routing Table as the best route
to reach that conflicting network, the one that they both had a route to. This is good stuff
definitely. I would say syntax wise, we didn't see a ton of new syntax, new commands, and all
that. But conceptually I would just sit down right now and relax, have an ice cream cone, think
about route selection process. Just kind of start churning that over your mind. Because
conceptually, I think I just talked about some of the biggest concepts that we will cover in

BGP. And we're going to be spending the rest of the series breaking each one of those down.
For now, I hope this has been informative for you. And I'd like to thank you for viewing.