04-Layer 3—IP Routing Configuration Guide

HomeSupportResource CenterSwitchesH3C S9820 Switch SeriesH3C S9820 Switch SeriesTechnical DocumentsConfigureConfiguration GuidesH3C S9820-8C Switch Configuration Guides-Release 66xx-6W10004-Layer 3—IP Routing Configuration Guide
06-BGP configuration
Title Size Download
06-BGP configuration 1.69 MB

Content

BGP overview·· 1

BGP characteristics· 1

BGP speaker and BGP peer 1

BGP message types· 1

BGP path attributes· 2

BGP route selection· 6

BGP route advertisement rules· 6

BGP load balancing· 7

Settlements for problems in large-scale BGP networks· 8

MP-BGP· 11

BGP multi-instance· 12

BGP configuration views· 13

Protocols and standards· 14

Building basic BGP networks· 1

Restrictions and guidelines: BGP configuration· 1

Basic BGP network configuration tasks at a glance (IPv4 unicast/IPv4 multicast) 1

Basic BGP network configuration tasks at a glance (IPv6 unicast/IPv6 multicast) 2

Configuring basic BGP· 3

Enabling BGP· 3

Configuring a BGP peer 4

Configuring dynamic BGP peers· 7

Configuring an IBGP peer group· 10

Configuring an EBGP peer group· 13

Specifying the source address of TCP connections· 24

Controlling BGP route generation· 26

Injecting a local network· 26

Redistributing IGP routes· 27

Redistributing the local network specified in the public instance or a VPN instance· 29

Configuring BGP route summarization· 29

Advertising a default route to a peer or peer group· 31

Controlling BGP route advertisement 32

Advertising optimal routes in the IP routing table· 32

Enabling prioritized withdrawal of the default route· 33

Enabling prioritized withdrawal of specific routes· 34

Configuring BGP route distribution filtering policies· 35

Setting the BGP route sending rate· 37

Configuring BGP route update delay· 38

Configuring a startup policy for BGP route updates· 38

Controlling BGP route reception· 39

Limiting routes received from a peer or peer group· 39

Configuring BGP route reception filtering policies· 41

Configuring the SoO attribute· 43

Configuring BGP timers· 44

Configuring the keepalive interval and hold time· 44

Setting the session retry timer 45

Configuring the interval for sending updates for the same route· 46

Setting an update delay for local MPLS labels· 47

Configuring BGP logging and notifications· 48

Enabling logging for session state changes· 48

Enabling logging for BGP route flapping· 49

Configuring BGP network management 50

Display and maintenance commands for basic BGP network building· 51

Displaying BGP· 51

Resetting BGP sessions· 55

Clearing BGP information· 56

Basic IPv4 BGP network configuration examples· 56

Example: Configuring basic BGP· 56

Example: Configuring BGP and IGP route redistribution· 61

Example: Configuring dynamic BGP peers· 63

Example: Configuring BGP route summarization· 65

Example: Configuring multicast BGP· 69

Basic IPv6 BGP network configuration examples· 72

Example: Configuring IPv6 BGP basics· 72

Example: Configuring IPv6 multicast BGP· 75

Troubleshooting BGP· 78

State of the connection to a peer cannot become established· 78

Configuring large-scale BGP networks· 1

Large-scale BGP network configuration tasks at a glance· 1

Configuring BGP route dampening· 1

Configuring BGP communities· 2

Configuring BGP route reflection· 4

Configuring a BGP route reflector 4

Ignoring the ORIGINATOR_ID attribute· 5

Configuring BGP confederation settings· 6

About BGP confederation· 6

Configuring a BGP confederation· 6

Configuring confederation compatibility· 7

Display and maintenance commands for large-scale BGP network configuration· 7

Large-scale BGP network configuration examples· 10

Example: Configuring BGP communities· 10

Example: Configuring BGP route reflector 13

Example: Configuring BGP confederation· 15

Controlling BGP path selection· 1

BGP path selection control tasks at a glance· 1

Configuring preferences for BGP routes· 1

Configuring the NEXT_HOP attribute· 3

Setting a preferred value for received routes· 4

Configuring the default local preference· 6

Configuring the AS_PATH attribute· 7

Permitting local AS number to appear in routes from a peer or peer group· 7

Ignoring the AS_PATH attribute during optimal route selection· 8

Advertising a fake AS number to a peer or peer group· 8

Configuring AS number substitution· 9

Removing private AS numbers from sent updates· 10

Ignoring the first AS number of EBGP route updates· 12

Configuring the MED attribute· 13

About the MED attribute· 13

Configuring the default MED value· 13

Enabling MED comparison for routes from different ASs· 14

Enabling MED comparison for routes on a per-AS basis· 14

Enabling MED comparison for routes from confederation peers· 16

Ignoring IGP metrics during optimal route selection· 16

Ignoring router IDs during optimal route selection· 17

Display and maintenance commands for BGP path selection control 17

BGP path selection control configuration examples· 18

Example: Configuring BGP path selection· 18

Tuning and optimizing BGP networks· 1

BGP network tuning and optimization tasks at a glance· 1

Enabling BGP to establish an EBGP session over multiple hops· 1

Enabling immediate re-establishment of direct EBGP connections upon link failure· 2

Enabling BGP ORF capabilities negotiation· 3

About BGP ORF· 3

Restrictions and guidelines· 3

Enabling BGP ORF capabilities negotiation for a peer or peer group· 3

Enabling nonstandard BGP ORF capabilities negotiation for a peer or peer group· 4

Enabling 4-byte AS number suppression· 5

Disabling BGP session establishment 6

About disabling BGP session establishment 6

Restrictions and guidelines· 6

Disabling BGP session establishment with a peer or peer group (IPv4 peers) 6

Disabling BGP session establishment with a peer or peer group (IPv6 peers) 7

Disabling BGP session establishment with all peers or peer groups· 7

Configuring BGP soft-reset 7

About BGP soft-reset 7

Enabling route refresh (IPv4 peers) 8

Enabling route refresh (IPv6 peers) 8

Saving updates (IPv4 unicast/multicast address family) 9

Saving updates (IPv6 unicast/multicast address family) 9

Configuring manual soft-reset (IPv4 unicast/multicast address family) 10

Configuring manual soft-reset (IPv6 unicast/multicast address family) 11

Configuring BGP load balancing· 11

Configuring the BGP Additional Paths feature· 13

Protecting an EBGP peer when memory usage reaches level 2 threshold· 14

Setting a DSCP value for outgoing BGP packets· 15

Disabling route recursion policy control for routes received from a peer or peer group· 15

Flushing the suboptimal BGP route to the RIB· 16

Enabling BGP to not flush specific routes to the routing table· 17

Specifying a label allocation mode· 18

Disabling optimal route selection for labeled routes without tunnel information· 18

Configuring BGP optimal route selection delay· 19

Enabling fast host route update upon user migration· 21

Enabling conversational remote host route learning· 22

Display and maintenance commands for BGP network tuning and optimization· 23

Displaying BGP· 23

Resetting BGP sessions· 24

BGP network tuning and optimization configuration examples· 25

Example: Configuring BGP load balancing· 25

Example: Configuring the BGP Additional Paths feature· 28

Configuring BGP security features· 1

BGP security feature configuration tasks at a glance· 1

Enabling MD5 authentication for BGP peers· 1

Configuring GTSM for BGP· 2

Enabling keychain authentication for BGP peers· 3

Configuring IPsec for IPv6 BGP· 4

Configuring BGP RPKI 4

About BGP RPKI 4

Configuring RPKI connection parameters· 5

Enabling BGP RPKI validation· 6

Applying the BGP RPKI validation state to optimal route selection· 6

Advertising BGP RPKI validation state to a peer or peer group· 7

Resetting BGP RPKI sessions· 9

Display and maintenance commands for BGP security features· 9

IPv4 BGP security feature configuration examples· 9

Example: Configuring BGP RPKI 9

IPv6 BGP security feature configuration examples· 12

Example: Configuring IPsec for IPv6 BGP packets· 12

Example: Configuring BGP RPKI 17

Improving BGP network reliability· 1

BGP network reliability improvement tasks at a glance· 1

Configuring BGP GR· 1

Configuring BGP NSR· 2

Configuring BFD for BGP· 3

Configuring BGP FRR· 4

About BGP FRR· 4

Configuring BGP FRR by using a routing policy (IPv4 unicast address family) 5

Configuring BGP FRR by using a routing policy (IPv6 unicast address family) 6

Configuring BGP FRR through PIC (IPv4 unicast address family) 6

Configuring BGP FRR through PIC (IPv6 unicast address family) 7

Display and maintenance commands for BGP network reliability improvement 7

IPv4 BGP network reliability improvement configuration examples· 8

Example: Configuring BGP GR· 8

Example: Configuring BFD for BGP· 9

Example: Configuring BGP FRR· 13

IPv6 BGP network reliability improvement configuration examples· 17

Example: Configuring BFD for IPv6 BGP· 17

Example: Configuring IPv6 BGP FRR· 21

Configuring extended BGP features· 1

Extended BGP feature configuration tasks at a glance· 1

Configuring BGP policy accounting· 1

Configuring BMP· 2

Configuring BGP LS· 3

About BGP LS· 3

Configuring basic BGP LS· 3

Configuring BGP LS route reflection· 4

Specifying an AS number and a router ID for BGP LS messages· 4

Performing manual soft-reset for BGP sessions of LS address family· 5

Configuring BGP dedicated routes· 5

About BGP dedicated routes· 5

Configuring basic BGP dedicated route settings· 6

Configuring BGP dedicated route reflection· 7

Resetting BGP sessions in dedicated address family· 7

Configuring 6PE· 7

About 6PE· 7

Prerequisites· 8

Configuring basic 6PE· 8

Controlling path selection for 6PE· 9

Controlling 6PE route advertisement and reception· 9

Tuning and optimizing 6PE· 10

Configuring 6PE route reflection· 11

Resetting 6PE connections· 11

Display and maintenance commands for extended BGP features· 11

Displaying BGP· 11

Resetting BGP sessions· 12

Clearing BGP information· 13

Extended BGP feature configuration examples· 13

Example: Configuring BGP LS· 13

Example: Configuring BGP dedicated routes· 16

Example: Configuring 6PE· 19

 


BGP overview

Border Gateway Protocol (BGP) is an exterior gateway protocol (EGP). It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs. The current version in use is BGP-4 (RFC 4271).

BGP characteristics

BGP has the following characteristics:

·           Focuses on route control and selection rather than route discovery and calculation.

·           Uses TCP to enhance reliability.

·           Measures the distance of a route by using a list of ASs that the route must travel through to reach the destination. BGP is also called a path-vector protocol.

·           Supports CIDR.

·           Reduces bandwidth consumption by advertising only incremental updates. BGP is very suitable to advertise large numbers of routes on the Internet.

·           Eliminates routing loops by adding AS path information to BGP route updates.

·           Uses policies to implement flexible route filtering and selection.

·           Has good scalability.

BGP speaker and BGP peer

A router running BGP is a BGP speaker. A BGP speaker establishes peer relationships with other BGP speakers to exchange routing information over TCP connections.

Based on the AS, a BGP peer can be either of the following types:

·           IBGP peer—Resides in the same AS as the local router.

·           EBGP peer—Resides in different ASs from the local router.

Based on the IP version, a BGP peer can be either of the following types:

·           IPv4 peer—Uses an IPv4 address to establish a peer relationship with the local router.

·           IPv6 peer—Uses an IPv6 address to establish a peer relationship with the local router.

BGP message types

BGP uses the following message types:

·           Open—After establishing a TCP connection, BGP sends an OPEN message to establish a session to the peer.

·           Update—BGP sends UPDATE messages to exchange routing information between peers. Each UPDATE message can advertise a group of feasible routes with identical attributes and multiple withdrawn routes.

·           Keepalive—BGP sends KEEPALIVE messages between peers to maintain connectivity.

·           Route-refresh—BGP sends a ROUTE-REFRESH message to request the routing information for a specific address family from a peer.

·           Notification—BGP sends a NOTIFICATION message upon detecting an error and immediately closes the connection.

BGP path attributes

BGP uses the following path attributes in UPDATE messages for route filtering and selection:

ORIGIN

The ORIGIN attribute specifies the origin of BGP routes. This attribute has the following types:

·           IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute.

·           EGP—Has the second highest priority. Routes obtained through EGP have the EGP attribute.

·           INCOMPLETE—Has the lowest priority. The source of routes with this attribute is unknown. Routes redistributed from other routing protocols have the INCOMPLETE attribute.

AS_PATH

The AS_PATH attribute identifies the ASs through which a route has passed. Before advertising a route to another AS, BGP adds the local AS number into the AS_PATH attribute, so the receiver can determine ASs to route the message back.

The AS_PATH attribute has the following types:

·           AS_SEQUENCE—Arranges AS numbers in sequence. As shown in Figure 1, the number of the AS closest to the receiver's AS is leftmost.

·           AS_SET—Arranges AS numbers randomly.

Figure 1 AS_PATH attribute

BGP uses the AS_PATH attribute to implement the following functions:

·           Avoid routing loops—A BGP router does not receive routes containing the local AS number to avoid routing loops.

·           Affect route selection—BGP gives priority to the route with the shortest AS_PATH length if other factors are the same. As shown in Figure 1, the BGP router in AS 50 gives priority to the route passing AS 40 for sending data to the destination 8.0.0.0. In some applications, you can apply a routing policy to control BGP route selection by modifying the AS_PATH length. For more information about routing policy, see "Configuring routing policies."

·           Filter routes—By using an AS path list, you can filter routes based on AS numbers contained in the AS_PATH attribute. For more information about AS path list, see "Configuring routing policies."

NEXT_HOP

The NEXT_HOP attribute may not be the IP address of a directly connected router. Its value is determined as follows:

·           When a BGP speaker advertises a self-originated route to a BGP peer, it sets the address of the sending interface as the NEXT_HOP.

·           When a BGP speaker sends a received route to an EBGP peer, it sets the address of the sending interface as the NEXT_HOP.

·           When a BGP speaker sends a route received from an EBGP peer to an IBGP peer, it does not modify the NEXT_HOP attribute. If load balancing is configured, BGP modifies the NEXT_HOP attribute for the equal-cost routes. For load balancing information, see "BGP load balancing."

Figure 2 NEXT_HOP attribute

MED (MULTI_EXIT_DISC)

BGP advertises the MED attribute between two neighboring ASs, each of which does not advertise the attribute to any other AS.

Similar to metrics used by IGPs, MED is used to determine the optimal route for traffic going into an AS. When a BGP router obtains multiple routes to the same destination but with different next hops, it selects the route with the smallest MED value as the optimal route. As shown in Figure 3, traffic from AS 10 to AS 20 travels through Router B that is selected according to MED.

Figure 3 MED attribute

Generally BGP only compares MEDs of routes received from the same AS. You can also use the compare-different-as-med command to force BGP to compare MED values of routes received from different ASs.

LOCAL_PREF

The LOCAL_PREF attribute is exchanged between IBGP peers only, and is not advertised to any other AS. It indicates the priority of a BGP router.

BGP uses LOCAL_PREF to determine the optimal route for traffic leaving the local AS. When a BGP router obtains multiple routes to the same destination but with different next hops, it selects the route with the highest LOCAL_PREF value as the optimal route. As shown in Figure 4, traffic from AS 20 to AS 10 travels through Router C that is selected according to LOCAL_PREF.

Figure 4 LOCAL_PREF attribute

COMMUNITY

The COMMUNITY attribute identifies the community of BGP routes. A BGP community is a group of routes with the same characteristics. It has no geographical boundaries. Routes of different ASs can belong to the same community.

A route can carry one or more COMMUNITY attribute values (each of which is represented by a 4-byte integer). A router uses the COMMUNITY attribute to determine whether to advertise the route and the advertising scope without using complex filters such as ACLs. This mechanism simplifies routing policy configuration, management, and maintenance.

Well-known COMMUNITY attributes involve the following:

·           INTERNET—By default, all routes belong to the Internet community. Routes with this attribute can be advertised to all BGP peers.

·           NO_EXPORT—Routes with this attribute cannot be advertised out of the local AS or out of the local confederation, but can be advertised to other sub-ASs in the confederation. For confederation information, see "Settlements for problems in large-scale BGP networks."

·           No_ADVERTISE—Routes with this attribute cannot be advertised to other BGP peers.

·           No_EXPORT_SUBCONFED—Routes with this attribute cannot be advertised out of the local AS or other sub-ASs in the local confederation.

You can configure BGP community lists to filter BGP routes based on the BGP COMMUNITY attribute.

Extended community attribute

To meet new demands, BGP defines the extended community attribute. The extended community attribute has the following advantages over the COMMUNITY attribute:

·           Provides more attribute values by extending the attribute length to eight bytes.

·           Allows for using different types of extended community attributes in different scenarios to enhance route filtering and control and simplify configuration and management.

The device supports the route target attribute and Site of Origin (SoO) extended community attribute. For information about route target, see MPLS Configuration Guide.

The SoO attribute specifies the site where the route originated. It prevents advertising a route back to the originating site. If the AS-path attribute is lost, the router can use the SoO attribute to avoid routing loops.

The SoO attribute has the following formats:

·           16-bit AS number:32-bit user-defined number. For example, 100:3.

·           32-bit IP address:16-bit user-defined number. For example, 192.168.122.15:1.

·           32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1.

BGP route selection

BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the optimal route in the following sequence:

1.      The route with the highest Preferred_value.

2.      The route with the highest LOCAL_PREF.

3.      The route generated by the network command, the route redistributed by the import-route command, or the summary route in turn.

4.      The route with the shortest AS_PATH.

5.      The IGP, EGP, or INCOMPLETE route in turn.

6.      The route with the lowest MED value.

7.      The route learned from EBGP, confederation EBGP, confederation IBGP, or IBGP in turn.

8.      The route with the smallest IGP metric.

9.      The route with the smallest recursion depth.

10.    If a route received from an EBGP peer is the current optimal route, BGP does not change the optimal route when it receives routes from other EBGP peers.

11.    The route advertised by the router with the smallest router ID.

If one of the routes is advertised by a route reflector, BGP compares the ORIGINATOR_ID of the route with the router IDs of other routers. Then, BGP selects the route with the smallest ID as the optimal route.

12.    The route with an IPv4 next hop.

13.    The route with the shortest CLUSTER_LIST.

14.    The route advertised by the peer with the lowest IP address.

The CLUSTER_IDs of route reflectors form a CLUSTER_LIST. If a route reflector receives a route that contains its own CLUSTER ID in the CLUSTER_LIST, the router discards the route to avoid routing loops.

If load balancing is configured, the system selects available routes to implement load balancing.

BGP route advertisement rules

BGP follows these rules for route advertisement:

·           When multiple feasible routes to a destination exist, BGP advertises only the optimal route to its peers. If the advertise-rib-active command is configured, BGP advertises the optimal route in the IP routing table. If not, BGP advertises the optimal route in the BGP routing table.

·           BGP advertises only routes that it uses.

·           BGP advertises routes learned from an EBGP peer to all BGP peers, including both EBGP and IBGP peers.

·           BGP advertises routes learned from an IBGP peer to EBGP peers, rather than other IBGP peers.

·           After establishing a session to a new BGP peer, BGP advertises all the routes matching the above rules to the peer. After that, BGP advertises only incremental updates to the peer.

BGP load balancing

BGP load balancing is applicable between EBGP peers, between IBGP peers, and between confederations.

BGP implements load balancing through route recursion and route selection.

BGP load balancing through route recursion

The next hop of a BGP route might not be directly connected. One of the reasons is that the next hop information exchanged between IBGP peers is not modified. The BGP router must find the directly connected next hop through IGP. The matching route with the direct next hop is called the recursive route. The process of finding a recursive route is route recursion.

If multiple recursive routes to the same destination are load balanced, BGP generates the same number of next hops to forward packets.

BGP load balancing based on route recursion is always enabled in the system.

BGP load balancing through route selection

IGP routing protocols, such as RIP and OSPF, can use route metrics as criteria to load balance between routes that have the same metric. BGP cannot load balance between routes by route metrics as an IGP protocol does, because BGP does not have a route computation algorithm.

BGP uses the following load balancing criteria to determine load balanced routes:

·           The routes have the same ORIGIN, LOCAL_PREF, and MED attributes.

·           The routes meet the following requirements on the AS_PATH attribute:

¡  If both the balance as-path-neglect and balance as-path-relax commands are configured or only the balance as-path-neglect command is configured, the routes can have different AS_PATH attributes.

¡  If only the balance as-path-relax command is configured, the routes can have different AS_PATH attributes, but the length of the AS_PATH attributes must be the same.

¡  If neither the balance as-path-neglect nor the balance as-path-relax command is configured, the routes must have the same AS_PATH attribute.

·           The routes have the same MPLS label assignment status (labeled or not labeled).

BGP does not use the route selection rules described in "BGP route selection" for load balancing.

As shown in Figure 5, Router A and Router B are IBGP peers of Router C. Router C allows a maximum number of two ECMP routes for load balancing.

Router D and Router E both advertise a route 9.0.0.0 to Router C. Router C installs the two routes to its routing table for load balancing if the routes meet the BGP load balancing criteria. After that, Router C forwards to Router A and Router B a single route whose attributes are changed as follows:

·           AS_PATH attribute:

¡  If the balance as-path-neglect and balance as-path-relax commands are not configured, the AS_PATH attribute does not change.

¡  If the balance as-path-neglect or balance as-path-relax command is configured, the AS_PATH attribute is changed to the attribute of the optimal route.

·           The NEXT_HOP attribute is changed to the IP address of Router C.

·           Other attributes are changed to be the same as the optimal route.

Figure 5 Network diagram

Settlements for problems in large-scale BGP networks

You can use the following methods to facilitate management and improve route distribution efficiency on a large-scale BGP network.

Route summarization

Route summarization can reduce the BGP routing table size by advertising summary routes rather than more specific routes.

The system supports both manual and automatic route summarization. Manual route summarization allows you to determine the attribute of a summary route and whether to advertise more specific routes.

Route dampening

Route flapping (a route comes up and disappears in the routing table frequently) causes BGP to send many routing updates. It can consume too many resources and affect other operations.

In most cases, BGP runs in complex networks where route changes are more frequent. To solve the problem caused by route flapping, you can use BGP route dampening to suppress unstable routes.

BGP route dampening uses a penalty value to judge the stability of a route. The bigger the value, the less stable the route. Each time a route state changes from reachable to unreachable, or a reachable route's attribute changes, BGP adds a penalty value of 1000 to the route. When the penalty value of the route exceeds the suppress value, the route is suppressed and cannot become the optimal route. When the penalty value reaches the upper limit, no penalty value is added.

If the suppressed route does not flap, its penalty value gradually decreases to half of the suppress value after a period of time. This period is called "Half-life." When the value decreases to the reusable threshold value, the route is usable again.

Figure 6 BGP route dampening

Peer group

You can organize BGP peers with the same attributes into a group to simplify their configurations.

When a peer joins the peer group, the peer obtains the same configuration as the peer group. If the configuration of the peer group is changed, the configuration of group members is changed.

Community

You can apply a community list or an extended community list to a routing policy for route control. For more information, see "BGP path attributes."

Route reflector

IBGP peers must be fully meshed to maintain connectivity. If n routers exist in an AS, the number of IBGP connections is n(n-1)/2. If a large number of IBGP peers exist, large amounts of network and CPU resources are consumed to maintain sessions.

Using route reflectors can solve this issue. In an AS, a router acts as a route reflector, and other routers act as clients connecting to the route reflector. The route reflector forwards routing information received from a client to other clients. In this way, all clients can receive routing information from one another without establishing BGP sessions.

A router that is neither a route reflector nor a client is a non-client, which, as shown in Figure 7, must establish BGP sessions to the route reflector and other non-clients.

Figure 7 Network diagram for a route reflector

The route reflector and clients form a cluster. Typically a cluster has one route reflector. The ID of the route reflector is the Cluster_ID. You can configure more than one route reflector in a cluster to improve availability, as shown in Figure 8. The configured route reflectors must have the same Cluster_ID to avoid routing loops.

Figure 8 Network diagram for route reflectors

When the BGP routers in an AS are fully meshed, route reflection is unnecessary because it consumes more bandwidth resources. You can use commands to disable route reflection instead of modifying network configuration or changing network topology.

After route reflection is disabled between clients, routes can still be reflected between a client and a non-client.

Confederation

Confederation is another method to manage growing IBGP connections in an AS. It splits an AS into multiple sub-ASs. In each sub-AS, IBGP peers are fully meshed. As shown in Figure 9, intra-confederation EBGP connections are established between sub-ASs in AS 200.

Figure 9 Confederation network diagram

A non-confederation BGP speaker does not need to know sub-ASs in the confederation. To the BGP speaker, the confederation is one AS and the confederation ID is the AS number. In the above figure, AS 200 is the confederation ID.

Confederation has a deficiency. When you change an AS into a confederation, you must reconfigure the routers, and the topology will be changed.

In large-scale BGP networks, you can use both route reflector and confederation.

MP-BGP

Supported address families

BGP-4 can only advertise IPv4 unicast routing information. Multiprotocol Extensions for BGP-4 (MP-BGP) can advertise routing information for the following address families:

·           IPv6 unicast address family.

·           IPv4 multicast address family and IPv6 multicast address family.

PIM uses static and dynamic unicast routes to perform RPF check before creating multicast routing entries. When the multicast and unicast topologies are different, you can use MP-BGP to advertise the routes for RPF check. MP-BGP stores the routes in the BGP multicast routing table. For more information about PIM and RPF check, see IP Multicast Configuration Guide.

·           VPNv4 address family and VPNv6 address family.

For more information, see MPLS Configuration Guide.

·           Labeled IPv4 unicast address family and IPv6 unicast address family.

MP-BGP advertises IPv4 unicast/IPv6 unicast routes and MPLS labels assigned for the routes. Labeled IPv4 unicast routes apply to inter-AS Option C for MPLS L3VPN. Labeled IPv6 unicast routes apply to 6PE and inter-AS Option C for MPLS L3VPN. For more information about inter-AS Option C, see MPLS Configuration Guide.

MP-BGP extended attributes

Prefixes and next hops are key routing information. BGP-4 uses UPDATE messages to carry the following information:

·           Feasible route prefixes in the Network Layer Reachability Information (NLRI) field.

·           Unfeasible route prefixes in the withdrawn routes field.

·           Next hops in the NEXT_HOP attribute.

BGP-4 cannot carry routing information for multiple network layer protocols.

To support multiple network layer protocols, MP-BGP defines the following path attributes:

·           MP_REACH_NLRI—Carries feasible route prefixes and next hops for multiple network layer protocols.

·           MP_UNREACH_NLRI—Carries unfeasible route prefixes for multiple network layer protocols.

MP-BGP uses these two attributes to advertise feasible and unfeasible routes for different network layer protocols. BGP speakers not supporting MP-BGP ignore updates containing these attributes and do not forward them to its peers.

Address family

MP-BGP uses address families and subsequent address families to identify different network layer protocols for routes contained in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes. For example, an Address Family Identifier (AFI) of 2 and a Subsequent Address Family Identifier (SAFI) of 1 identify IPv6 unicast routing information carried in the MP_REACH_NLRI attribute. For address family values, see RFC 1700.

Exchanging IPv4 and IPv6 routes in both IPv4 and IPv6 address families

MP-BGP supports IPv4 route exchange between IPv6 peers and IPv6 route exchange between IPv4 peers as follows:

·           When the next hop of an IPv6 route is an IPv4 address, MP-BGP maps the IPv4 address to an IPv6 address encapsulated in the NEXT_HOP attribute of update messages. In this scenario, you must specify a routing policy to change the next hop of the IPv6 route to the IPv6 address of the peer.

·           When the next hop of an IPv4 route is an IPv6 address, BGP negotiates the extended next hop encoding capability with its peer. Then, BGP encapsulates the IPv4 NLRI in the MP_REACH_NLRI attribute of update messages. In this scenario, you must specify a routing policy to change the next hop of the IPv4 route to the IPv4 address of the peer.

Figure 10 Exchanging IPv4 and IPv6 routes in both IPv4 and IPv6 address families

 

As shown in Figure 10, an IPv6 BGP peer relationship is established between Device A and Device B, between Device B and Device C, and between Device C and Device D. An IPv4 BGP peer relationship is established between Device A and Device B and between Device C and Device D. Device A and Device D can learn both IPv4 and IPv6 routes from each other and traffic is forwarded correctly in both IPv4 and IPv6 address families. For Device C to correctly receive IPv4 routes using the IPv6 address of Device B as the next hop, configure a routing policy on Device C. Use the routing policy to change the next hop of these routes to the IPv4 address of Device B.

BGP multi-instance

A BGP router can run multiple BGP processes. Each BGP process corresponds to a BGP instance. BGP maintains an independent routing table for each BGP instance.

BGP configuration views

BGP uses different views to manage routing information for different BGP instances, VPN instances, and address families. Most BGP commands are available in all BGP views. BGP supports multiple VPN instances by establishing a separate routing table for each VPN instance.

Table 1 describes different BGP configuration views.

Table 1 BGP configuration views

View names

Ways to enter the views

Remarks

BGP instance view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc]

You can create a BGP instance and enter its view by specifying the instance keyword in the bgp command.

Configurations in this view apply to all public address families for the specified BGP instance. Some configurations (such as confederation, GR, and logging configurations) also apply to the address families of VPN instances.

BGP IPv4 unicast address family view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] address-family ipv4 unicast

[Sysname-bgp-abc-ipv4]

Configurations in this view apply to public IPv4 unicast routes and peers of the specified BGP instance.

BGP IPv6 unicast address family view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] address-family ipv6 unicast

[Sysname-bgp-abc-ipv6]

Configurations in this view apply to public IPv6 unicast routes and peers of the specified BGP instance.

BGP IPv4 multicast address family view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] address-family ipv4 multicast

[Sysname-bgp-abc-mul-ipv4]

Configurations in this view apply to IPv4 multicast routes and peers of the specified BGP instance.

BGP IPv6 multicast address family view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] address-family ipv6 multicast

[Sysname-bgp-abc-mul-ipv6]

Configurations in this view apply to IPv6 multicast routes and peers of the specified BGP instance.

BGP VPNv4 address family view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] address-family vpnv4

[Sysname-bgp-abc-vpnv4]

Configurations in this view apply to VPNv4 routes and peers of the specified BGP instance.

For more information about BGP VPNv4 address family view, see MPLS Configuration Guide.

BGP VPNv6 address family view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] address-family vpnv6

[Sysname-bgp-abc-vpnv6]

Configurations in this view apply to VPNv6 routes and peers of the specified BGP instance.

For more information about BGP VPNv6 address family view, see MPLS Configuration Guide.

BGP-VPN instance view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] ip vpn-instance vpn1

[Sysname-bgp-abc-vpn1]

Configurations in this view apply to all address families in the specified VPN instance of the specified BGP instance.

For more information about VPN instances, see MPLS L3VPN configuration in MPLS Configuration Guide.

BGP-VPN IPv4 unicast address family view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] ip vpn-instance vpn1

[Sysname-bgp-abc-vpn1] address-family ipv4 unicast

[Sysname-bgp-abc-ipv4-vpn1]

Configurations in this view apply to IPv4 unicast routes and peers in the specified VPN instance of the specified BGP instance.

For more information about VPN instances, see MPLS L3VPN configuration in MPLS Configuration Guide.

BGP-VPN IPv6 unicast address family view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] ip vpn-instance vpn1

[Sysname-bgp-abc-vpn1] address-family ipv6 unicast

[Sysname-bgp-abc-ipv6-vpn1]

Configurations in this view apply to IPv6 unicast routes and peers in the specified VPN instance of the specified BGP instance.

For more information about VPN instances, see MPLS L3VPN configuration in MPLS Configuration Guide.

BGP-VPN VPNv4 address family view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] ip vpn-instance vpn1

[Sysname-bgp-abc-vpn1] address-family vpnv4

[Sysname-bgp-abc-vpnv4-vpn1]

Configurations in this view apply to VPNv4 routes and peers in the specified VPN instance of the specified BGP instance.

For more information about BGP-VPN VPNv4 address family view, see MPLS Configuration Guide.

BGP LS address family view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] address-family link-state

[Sysname-bgp-abc-ls]

Configurations in this view apply to LS messages and peers of the specified BGP instance.

BGP IPv4 RT filter address family view

<Sysname> system-view

[Sysname] bgp 100 instance abc

[Sysname-bgp-abc] address-family ipv4 rtfilter

[Sysname-bgp-abc-rtf-ipv4]

Configurations in this view apply to IPv4 RT filter routes and peers of the specified BGP instance.

For more information about BGP IPv4 RT filter address family view, see MPLS L3VPN Configuration Guide.

Protocols and standards

·           RFC 1700, ASSIGNED NUMBERS

·           RFC 1997, BGP Communities Attribute

·           RFC 2439, BGP Route Flap Damping

·           RFC 2545, Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing

·           RFC 2918, Route Refresh Capability for BGP-4

·           RFC 3107, Carrying Label Information in BGP-4

·           RFC 4271, A Border Gateway Protocol 4 (BGP-4)

·           RFC 4275, BGP-4 MIB Implementation Survey

·           RFC 4277, Experience with the BGP-4 Protocol

·           RFC 4360, BGP Extended Communities Attribute

·           RFC 4364, BGP/MPLS IP Virtual Private Networks (VPNs)

·           RFC 4382, MPLS/BGP Layer 3 Virtual Private Network (VPN) Management

·           RFC 4451, BGP MULTI_EXIT_DISC (MED) Consideration

·           RFC 4456, BGP Route Reflection: An Alternative to Full Mesh Internal BGP

·           RFC 4486, Subcodes for BGP Cease Notification Message

·           RFC 4659, BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN

·           RFC 4684, Constrained Route Distribution for Border Gateway Protocol/MultiProtocol Label Switching (BGP/MPLS) Internet Protocol (IP) Virtual Private Networks (VPNs)

·           RFC 4724, Graceful Restart Mechanism for BGP

·           RFC 4760, Multiprotocol Extensions for BGP-4

·           RFC 4781, Graceful Restart Mechanism for BGP with MPLS

·           RFC 5004, Avoid BGP Best Path Transitions from One External to Another

·           RFC 5065, Autonomous System Confederations for BGP

·           RFC 5082, The Generalized TTL Security Mechanism (GTSM)

·           RFC 5291, Outbound Route Filtering Capability for BGP-4

·           RFC 5292, Address-Prefix-Based Outbound Route Filter for BGP-4

·           RFC 5549, Advertising IPv4 Network Layer Reachability Information with an IPv6 Next Hop

·           RFC 5492, Capabilities Advertisement with BGP-4

·           RFC 5668, 4-Octet AS Specific BGP Extended Community

·           RFC 6037, Cisco Systems' Solution for Multicast in BGP MPLS IP VPNs

·           RFC 6198, Requirements for the Graceful Shutdown of BGP Sessions

·           RFC 6368, Internal BGP as the Provider/Customer Edge Protocol for BGP/MPLS IP

·           RFC 6513, Multicast in MPLS/BGP IP VPNs

·           RFC 6514, BGP Encodings and Procedures for Multicast in MPLS/BGP IP VPNs

·           RFC 6515, IPv4 and IPv6 Infrastructure Addresses in BGP Updates for Multicast VPN

·           RFC 6624, Layer 2 Virtual Private Networks Using BGP for Auto-Discovery and Signaling

·           RFC 6793, BGP Support for Four-Octet Autonomous System (AS) Number Space

·           RFC 7432, BGP MPLS-Based Ethernet VPN

·           RFC 7752, North-Bound Distribution of Link-State and Traffic Engineering (TE) Information Using BGP

·           RFC 7854, BGP Monitoring Protocol (BMP)

·           RFC 7911, Advertisement of Multiple Paths in BGP

 


Building basic BGP networks

Restrictions and guidelines: BGP configuration

You can create multiple public address families for a BGP instance. However, each public address family (except for public IPv4 unicast, IPv6 unicast, VPNv4, and VPNv6 address families) can belong to only one BGP instance.

You can create multiple VPN instances for a BGP instance, and each VPN instance can have multiple address families. A VPN instance can belong to only one BGP instance.

You cannot specify the same peer for the same address family of different BGP instances.

Different BGP instances can have the same AS number but cannot have the same name.

Basic BGP network configuration tasks at a glance (IPv4 unicast/IPv4 multicast)

To build basic BGP networks for the IPv4 unicast or IPv4 multicast address family, perform the following tasks:

1.      Configuring basic BGP

a.    Enabling BGP

b.    Configuring a BGP peer

c.    Configuring dynamic BGP peers

d.    Configuring an IBGP peer group

Configure BGP peer groups on large-scale BGP networks for easy configuration and maintenance.

e.    Configuring an EBGP peer group

Configure BGP peer groups on large-scale BGP networks for easy configuration and maintenance.

f.     (Optional.) Specifying the source address of TCP connections

2.      Controlling BGP route generation

Choose the following tasks as needed:

¡  Injecting a local network

¡  Redistributing IGP routes

¡  Redistributing the local network specified in the public instance or a VPN instance

¡  (Optional.) Configuring BGP route summarization

¡  (Optional.) Advertising a default route to a peer or peer group

3.      (Optional.) Controlling BGP route advertisement

¡  Advertising optimal routes in the IP routing table

BGP cannot advertise optimal routes in the IP routing table for IPv4 multicast address family.

¡  Enabling prioritized withdrawal of the default route

¡  Enabling prioritized withdrawal of specific routes

¡  Configuring BGP route distribution filtering policies

¡  Setting the BGP route sending rate

This task applies only to IPv4 unicast routes.

¡  Configuring BGP route update delay

¡  Configuring a startup policy for BGP route updates

4.      (Optional.) Controlling BGP route reception

¡  Limiting routes received from a peer or peer group

¡  Configuring BGP route reception filtering policies

¡  Configuring the SoO attribute

5.      (Optional.) Configuring BGP timers

¡  Configuring the keepalive interval and hold time

¡  Setting the session retry timer

¡  Configuring the interval for sending updates for the same route

¡  Setting an update delay for local MPLS labels

6.      (Optional.) Configuring BGP logging and notifications

¡  Enabling logging for session state changes

¡  Enabling logging for BGP route flapping

¡  Configuring BGP network management

Basic BGP network configuration tasks at a glance (IPv6 unicast/IPv6 multicast)

To build basic BGP networks for the IPv6 unicast or IPv6 multicast address family, perform the following tasks:

1.      Configuring basic BGP

a.    Enabling BGP

b.    Configuring a BGP peer

c.    Configuring dynamic BGP peers

d.    Configuring an IBGP peer group

Configure BGP peer groups on large-scale BGP networks for easy configuration and maintenance.

e.    Configuring an EBGP peer group

Configure BGP peer groups on large-scale BGP networks for easy configuration and maintenance.

f.     (Optional.) Specifying the source address of TCP connections

2.      Controlling BGP route generation

Choose the following tasks as needed:

¡  Injecting a local network

¡  Redistributing IGP routes

¡  (Optional.) Configuring BGP route summarization

¡  (Optional.) Advertising a default route to a peer or peer group

3.      (Optional.) Controlling BGP route advertisement

¡  Advertising optimal routes in the IP routing table

BGP cannot advertise optimal routes in the IP routing table for IPv6 multicast address family.

¡  Enabling prioritized withdrawal of the default route

¡  Enabling prioritized withdrawal of specific routes

¡  Configuring BGP route distribution filtering policies

¡  Setting the BGP route sending rate

This task applies only to IPv6 unicast routes.

¡  (Optional.) Configuring BGP route update delay

¡  (Optional.) Configuring a startup policy for BGP route updates

4.      (Optional.) Controlling BGP route reception

¡  Limiting routes received from a peer or peer group

¡  Configuring BGP route reception filtering policies

¡  Configuring the SoO attribute

5.      (Optional.) Configuring BGP timers

¡  Configuring the keepalive interval and hold time

¡  Setting the session retry timer

¡  Configuring the interval for sending updates for the same route

¡  Setting an update delay for local MPLS labels

6.      (Optional.) Configuring BGP logging and notifications

¡  Enabling logging for session state changes

¡  Enabling logging for BGP route flapping

¡  Configuring BGP network management

Configuring basic BGP

Enabling BGP

Restrictions and guidelines

A router ID is the unique identifier of a BGP router in an AS.

·           To ensure the uniqueness of a router ID and enhance availability, specify in BGP instance view the IP address of a local loopback interface as the router ID. Different BGP instances can have the same router ID.

·           If no router ID is specified in BGP instance view, the global router ID is used.

·           To modify a non-zero router ID of a BGP instance , use the router-id command in BGP instance view, rather than the router id command in system view.

·           If you specify a router ID in BGP instance view and then remove the interface that owns the router ID, the router does not select a new router ID. To select a new router ID, use the undo router-id command in BGP instance view.

Procedure

1.      Enter system view.

system-view

2.      Configure a global router ID.

router id router-id

By default, no global router ID is configured.

If no global router ID is configured, the following rules apply:

¡  If loopback interfaces configured with an IP address exist, BGP uses the highest loopback interface IP address as the router ID.

¡  If no loopback interface IP address is available, BGP uses the highest physical interface IP address as the route ID regardless of the interface status.

3.      Enable BGP and enter BGP instance view.

bgp as-number [ instance instance-name ]

By default, BGP is disabled and no BGP instances exist.

4.      (Optional.) Configure a router ID for the BGP instance.

router-id router-id

By default, no router ID is configured for a BGP instance, and the BGP instance uses the global router ID configured by the router-id command in system view.

5.      (Optional.) Enter BGP-VPN instance view.

ip vpn-instance vpn-instance-name

The specified VPN instance must have been created and have an RD.

6.      (Optional.) Configure a router ID for the BGP VPN instance.

router-id { router-id | auto-select }

By default, no router ID is configured for a BGP VPN instance.

The BGP VPN instance uses the router ID configured in BGP instance view. If no router ID is configured in BGP instance view, the BGP VPN instance uses the global router ID configured in system view.

Configuring a BGP peer

Restrictions and guidelines

A BGP peer at an IPv6 link-local address must be directly connected to the local router. If you do not specify the interface connected to the peer, you must specify the interface directly connected to the BGP peer as the source interface of TCP connections on the local router.

To exchange IPv4 routes with an IPv6 peer or exchange IPv6 routes with an IPv4 peer, you must configure a routing policy to perform the following tasks:

·           Change the next hop of IPv4 routes received from the IPv6 peer to the IPv4 address of the interface that connects the IPv6 peer to the local router.

·           Change the next hop of IPv6 routes received from the IPv4 peer to the IPv6 address of the interface that connects the IPv4 peer to the local router.

Procedure (Exchanging IPv4 unicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Create an IPv4 BGP peer and specify its AS number.

peer ipv4-address as-number as-number

4.      (Optional.) Configure a description for a peer.

peer ipv4-address description text

By default, no description is configured for a peer.

5.      Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

6.      Enable the router to exchange IPv4 unicast routing information with the specified peer.

peer ipv4-address enable

By default, the router cannot exchange IPv4 unicast routing information with the peer.

Procedure (Exchanging IPv6 unicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an IPv4 BGP peer and specify its AS number.

peer ipv4-address as-number as-number

4.      (Optional.) Configure a description for the IPv4 peer.

peer ipv4-address description text

By default, no description is configured for an IPv4 peer.

5.      Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

6.      Enable BGP to exchange IPv6 unicast routing information with the IPv4 peer.

peer ipv4-address enable

By default, BGP cannot exchange IPv6 unicast routing information with an IPv4 peer.

7.      Use a routing policy to modify the next hop of routes received from the IPv4 peer.

peer ipv4-address route-policy route-policy-name import

Procedure (Exchanging IPv6 unicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Create an IPv6 BGP peer and specify its AS number.

peer { ipv6-address | link-local-address interface interface-type interface-number } as-number as-number

4.      (Optional.) Configure a description for a peer.

peer { ipv6-address | link-local-address interface interface-type interface-number } description text

By default, no description is configured for a peer.

5.      Create the BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

6.      Enable the router to exchange IPv6 unicast routing information with the specified peer.

peer { ipv6-address | link-local-address interface interface-type interface-number } enable

By default, the router cannot exchange IPv6 unicast routing information with the peer.

Procedure (Exchanging IPv4 unicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an IPv6 BGP peer and specify its AS number.

peer ipv6-address as-number as-number

4.      (Optional.) Configure a description for the IPv6 peer.

peer ipv6-address description text

By default, no description is configured for an IPv6 peer.

5.      Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

6.      Enable BGP to exchange IPv4 unicast routing information with the IPv6 peer.

peer ipv6-address enable

By default, BGP cannot exchange IPv4 unicast routing information with an IPv6 peer.

7.      Use a routing policy to modify the next hop of routes received from the IPv6 peer.

peer ipv6-address route-policy route-policy-name import

Procedure (Exchanging IPv4 multicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an IPv4 BGP peer and specify its AS number.

peer ipv4-address as-number as-number

4.      (Optional.) Configure a description for the peer.

peer ipv4-address description text

By default, no description is configured for a peer.

5.      Create the BGP IPv4 multicast address family and enter its view.

address-family ipv4 multicast

6.      Enable the router to exchange IPv4 unicast routing information used for RPF check with the specified peer.

peer ipv4-address enable

By default, the router cannot exchange IPv4 unicast routing information used for RPF check with the peer.

Procedure (Exchanging IPv6 multicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an IPv6 BGP peer and specify its AS number.

peer ipv6-address as-number as-number

4.      (Optional.) Configure a description for the peer.

peer ipv6-address description text

By default, no description is configured for a peer.

5.      Create the BGP IPv6 multicast address family and enter its view.

address-family ipv6 multicast

6.      Enable the router to exchange IPv6 unicast routing information used for RPF check with the specified peer.

peer ipv6-address enable

By default, the router cannot exchange IPv6 unicast routing information used for RPF check with the peer.

Configuring dynamic BGP peers

About this task

This feature enables BGP to establish dynamic BGP peer relationships with devices in a network. BGP accepts connection requests from the network but it does not initiate connection requests to the network.

After a device in the network initiates a connection request, BGP establishes a dynamic peer relationship with the device.

If multiple BGP peers reside in the same network, you can use this feature to simplify BGP peer configuration.

Restrictions and guidelines

For a remote device to establish a peer relationship with the local device, you must specify the IP address of the local device on the remote device.

A BGP peer at an IPv6 link-local address must be directly connected to the local router. If you do not specify the interface connected to the peer, you must specify the interface directly connected to the BGP peer as the source interface of TCP connections on the local router.

To exchange IPv4 routes with an IPv6 peer or exchange IPv6 routes with an IPv4 peer, you must configure a routing policy to perform the following tasks:

·           Change the next hop of IPv4 routes received from the IPv6 peer to the IPv4 address of the interface that connects the IPv6 peer to the local router.

·           Change the next hop of IPv6 routes received from the IPv4 peer to the IPv6 address of the interface that connects the IPv4 peer to the local router.

Procedure (Exchanging IPv4 unicast routes with dynamic IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Specify devices in a network as dynamic BGP peers and specify an AS number for the peers.

peer ipv4-address mask-length as-number as-number

4.      (Optional.) Configure a description for dynamic BGP peers.

peer ipv4-address mask-length description text

By default, no description is configured for dynamic BGP peers.

5.      Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

6.      Enable BGP to exchange IPv4 unicast routing information with dynamic BGP peers in the specified network.

peer ipv4-address mask-length enable

By default, BGP cannot exchange IPv4 unicast routing information with dynamic BGP peers.

Procedure (Exchanging IPv6 unicast routes with dynamic IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Specify devices in an IPv4 network as dynamic IPv4 BGP peers and specify an AS number for the peers.

peer ipv4-address mask-length as-number as-number

4.      (Optional.) Configure a description for the dynamic IPv4 peers.

peer ipv4-address mask-length description text

By default, no description is configured for dynamic IPv4 peers.

5.      Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

6.      Enable BGP to exchange IPv6 unicast routing information with the dynamic IPv4 peers.

peer ipv4-address mask-length enable

By default, BGP cannot exchange IPv6 unicast routing information with dynamic IPv4 peers.

7.      Use a routing policy to modify the next hop of routes received from the dynamic IPv4 peers.

peer ipv4-address mask-length route-policy route-policy-name import

Procedure (Exchanging IPv6 unicast routes with dynamic IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Specify devices in a network as dynamic BGP peers and specify an AS number for the peers.

peer { ipv6-address prefix-length | link-local-address interface interface-type interface-number } as-number as-number

4.      (Optional.) Configure a description for dynamic BGP peers.

peer { ipv6-address prefix-length | link-local-address interface interface-type interface-number } description text

By default, no description is configured for dynamic BGP peers.

5.      Create the BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

6.      Enable BGP to exchange IPv6 unicast routing information with dynamic BGP peers in the specified network.

peer { ipv6-address prefix-length | link-local-address interface interface-type interface-number } enable

By default, BGP cannot exchange IPv6 unicast routing information with dynamic BGP peers.

Procedure (Exchanging IPv4 unicast routes with dynamic IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Specify devices in an IPv6 network as dynamic IPv6 BGP peers and specify an AS number for the peers.

peer ipv6-address prefix-length as-number as-number

4.      (Optional.) Configure a description for the dynamic IPv6 peers.

peer ipv6-address prefix-length description text

By default, no description is configured for dynamic IPv6 peers.

5.      Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

6.      Enable BGP to exchange IPv4 unicast routing information with the dynamic IPv6 peers.

peer ipv6-address prefix-length enable

By default, BGP cannot exchange IPv4 unicast routing information with dynamic IPv6 peers.

7.      Use a routing policy to modify the next hop of routes received from the dynamic IPv6 peers.

peer ipv6-address mask-length route-policy route-policy-name import

Procedure (Exchanging IPv4 multicast routes with dynamic IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Specify devices in a network as dynamic BGP peers and specify an AS number for the peers.

peer ipv4-address mask-length as-number as-number

4.      (Optional.) Configure a description for dynamic BGP peers.

peer ipv4-address mask-length description text

By default, no description is configured for dynamic BGP peers.

5.      Create the BGP IPv4 multicast address family and enter its view.

address-family ipv4 multicast

6.      Enable BGP to exchange IPv4 unicast routing information used for RPF check with dynamic BGP peers in the specified network.

peer ipv4-address mask-length enable

By default, BGP cannot exchange IPv4 unicast routing information used for RPF check with dynamic BGP peers.

Procedure (Exchanging IPv6 multicast routes with dynamic IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Specify devices in a network as dynamic BGP peers and specify an AS number for the peers.

peer ipv6-address prefix-length as-number as-number

4.      (Optional.) Configure a description for dynamic BGP peers.

peer ipv6-address prefix-length description text

By default, no description is configured for dynamic BGP peers.

5.      Create the BGP IPv6 multicast address family and enter its view.

address-family ipv6 multicast

6.      Enable BGP to exchange IPv6 unicast routing information used for RPF check with dynamic BGP peers in the specified network.

peer ipv6-address prefix-length enable

By default, BGP cannot exchange IPv6 unicast routing information used for RPF check with dynamic BGP peers.

Configuring an IBGP peer group

About this task

A peer group is an IBGP peer group if peers in it belong to the same AS as the local router.

After you create an IBGP peer group and then add a peer into it, the system creates the peer in BGP instance view and specifies the local AS number for the peer.

Restrictions and guidelines

A BGP peer at an IPv6 link-local address must be directly connected to the local router. If you do not specify the interface connected to the peer, you must specify the interface directly connected to the BGP peer as the source interface of TCP connections on the local router.

To exchange IPv4 routes with an IPv6 peer or exchange IPv6 routes with an IPv4 peer, you must configure a routing policy to perform the following tasks:

·           Change the next hop of IPv4 routes received from the IPv6 peer to the IPv4 address of the interface that connects the IPv6 peer to the local router.

·           Change the next hop of IPv6 routes received from the IPv4 peer to the IPv6 address of the interface that connects the IPv4 peer to the local router.

If you configure a BGP setting at both the peer group and the peer level, the most recent configuration takes effect on the peer.

Procedure (Exchanging IPv4 unicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Create an IBGP peer group.

group group-name [ internal ]

4.      Add a peer into the IBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the local AS number.

5.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

6.      Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

7.      Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv4 unicast routing information with the peers.

Procedure (Exchanging IPv6 unicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an IBGP peer group.

group group-name [ internal ]

4.      Add an IPv4 peer into the IBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the local AS number.

5.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

6.      Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

7.      Enable BGP to exchange IPv6 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv6 unicast routing information with peers in a peer group.

8.      Use a routing policy to modify the next hop of routes received from peers in the peer group.

peer group-name route-policy route-policy-name import

Procedure (Exchanging IPv4 multicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an IBGP peer group.

group group-name [ internal ]

4.      Add an IPv4 peer into the IBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the local AS number.

5.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

6.      Create the BGP IPv4 multicast address family and enter its view.

address-family ipv4 multicast

7.      Enable the router to exchange IPv4 unicast routing information used for RPF check with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv4 unicast routing information used for RPF check with the peers in the peer group.

Procedure (Exchanging IPv6 unicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Create an IBGP peer group.

group group-name [ internal ]

4.      Add a peer into the IBGP peer group.

peer { ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } group group-name [ as-number as-number ]

The as-number as-number option must specify the local AS number.

5.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

6.      Create the BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

7.      Enable the router to exchange IPv6 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv6 unicast routing information with the peers.

Procedure (Exchanging IPv4 unicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an IBGP peer group.

group group-name [ internal ]

4.      Add an IPv6 peer into the IBGP peer group.

peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the local AS number.

5.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

6.      Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

7.      Enable BGP to exchange IPv4 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv4 unicast routing information with peers in a peer group.

8.      Use a routing policy to modify the next hop of routes received from peers in the peer group.

peer group-name route-policy route-policy-name import

Procedure (Exchanging IPv6 multicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an IBGP peer group.

group group-name [ internal ]

4.      Add a peer into the IBGP peer group.

peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the local AS number.

5.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

6.      Create the BGP IPv6 multicast address family and enter its view.

address-family ipv6 multicast

7.      Enable the router to exchange IPv6 unicast routing information used for RPF check with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv6 unicast routing information used for RPF check with the peers in the peer group.

Configuring an EBGP peer group

About this task

A peer group is an EBGP peer group if peers in it belong to different ASs.

If peers in an EBGP group belong to the same external AS, the EBGP peer group is a pure EBGP peer group. If not, it is a mixed EBGP peer group.

Restrictions and guidelines

Use one of the following methods to configure an EBGP peer group:

·           Method 1—Create an EBGP peer group, specify its AS number, and add peers into it. All the added peers have the same AS number. All peers in the peer group have the same AS number as the peer group. You can specify an AS number for a peer before adding it into the peer group. The AS number must be the same as that of the peer group.

·           Method 2—Create an EBGP peer group, specify an AS number for a peer, and add the peer into the peer group. Peers added in the group can have different AS numbers.

·           Method 3—Create an EBGP peer group and add a peer with an AS number into it. Peers added in the group can have different AS numbers.

To exchange IPv4 routes with an IPv6 peer or exchange IPv6 routes with an IPv4 peer, you must configure a routing policy to perform the following tasks:

·           Change the next hop of IPv4 routes received from the IPv6 peer to the IPv4 address of the interface that connects the IPv6 peer to the local router.

·           Change the next hop of IPv6 routes received from the IPv4 peer to the IPv6 address of the interface that connects the IPv4 peer to the local router.

If you configure a BGP setting at both the peer group and the peer level, the most recent configuration takes effect on the peer.

Configuring an EBGP peer group by using Method 1 (Exchanging IPv4 unicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Create an EBGP peer group.

group group-name external

4.      Specify the AS number of the group.

peer group-name as-number as-number

By default, no AS number is specified.

If a peer group contains peers, you cannot remove or change its AS number.

5.      Add a peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer group-name as-number as-number command.

6.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

7.      Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

8.      Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv4 unicast routing information with the peers.

Configuring an EBGP peer group by using Method 2 (Exchanging IPv4 unicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Create an EBGP peer group.

group group-name external

4.      Create an IPv4 BGP peer and specify its AS number.

peer ipv4-address [ mask-length ] as-number as-number

5.      Add the peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer ipv4-address [ mask-length ] as-number as-number command.

6.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

7.      Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

8.      Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv4 unicast routing information with the peers.

Configuring an EBGP peer group by using Method 3 (Exchanging IPv4 unicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Create an EBGP peer group.

group group-name external

4.      Add a peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name as-number as-number

5.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

6.      Create the BGP IPv4 unicast address family or BGP-VPN IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

7.      Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv4 unicast routing information with the peers.

Configuring an EBGP peer group by using Method 1 (Exchanging IPv6 unicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an EBGP peer group.

group group-name external

4.      Specify an AS number for the peer group.

peer group-name as-number as-number

By default, no AS number is specified for a peer group.

If a peer group contains peers, you cannot remove or change its AS number.

5.      Add an IPv4 peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer group-name as-number as-number command.

6.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

7.      Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

8.      Enable BGP to exchange IPv6 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv6 unicast routing information with peers in a peer group.

9.      Use a routing policy to modify the next hop of routes received from peers in the peer group.

peer group-name route-policy route-policy-name import

Configuring an EBGP peer group by using Method 2 (Exchanging IPv6 unicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an EBGP peer group.

group group-name external

4.      Create an IPv4 BGP peer and specify its AS number.

peer ipv4-address [ mask-length ] as-number as-number

5.      Add the IPv4 peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer ipv4-address [ mask-length ] as-number as-number command.

6.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

7.      Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

8.      Enable BGP to exchange IPv6 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv6 unicast routing information with peers in a peer group.

9.      Use a routing policy to modify the next hop of routes received from peers in the peer group.

peer group-name route-policy route-policy-name import

Configuring an EBGP peer group by using Method 3 (Exchanging IPv6 unicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an EBGP peer group.

group group-name external

4.      Add an IPv4 peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name as-number as-number

5.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

6.      Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

7.      Enable BGP to exchange IPv6 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv6 unicast routing information with peers in a peer group.

8.      Use a routing policy to modify the next hop of routes received from peers in the peer group.

peer group-name route-policy route-policy-name import

Configuring an EBGP peer group by using Method 1 (Exchanging IPv4 multicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an EBGP peer group.

group group-name external

4.      Specify the AS number of the group.

peer group-name as-number as-number

By default, no AS number is specified.

If a peer group contains peers, you cannot remove or change its AS number.

5.      Add an IPv4 BGP peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer group-name as-number as-number command.

6.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

7.      Create the BGP IPv4 multicast address family and enter its view.

address-family ipv4 multicast

8.      Enable the router to exchange IPv4 unicast routing information used for RPF check with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv4 unicast routing information used for RPF check with the peers in the group.

Configuring an EBGP peer group by using Method 2 (Exchanging IPv4 multicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an EBGP peer group.

group group-name external

4.      Create an IPv4 BGP peer and specify its AS number.

peer ipv4-address [ mask-length ] as-number as-number

5.      Add the peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer ipv4-address [ mask-length ] as-number as-number command.

6.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

7.      Create the BGP IPv4 multicast address family and enter its view.

address-family ipv4 multicast

8.      Enable the router to exchange IPv4 unicast routing information used for RPF check with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv4 unicast routing information used for RPF check with the peers in the group.

Configuring an EBGP peer group by using Method 3 (Exchanging IPv4 multicast routes with IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an EBGP peer group.

group group-name external

4.      Add an IPv4 BGP peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name as-number as-number

5.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

6.      Create the BGP IPv4 multicast address family and enter its view.

address-family ipv4 multicast

7.      Enable the router to exchange IPv4 unicast routing information used for RPF check with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv4 unicast routing information used for RPF check with the peers.

Configuring an EBGP peer group by using Method 1 (Exchanging IPv6 unicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Create an EBGP peer group.

group group-name external

4.      Specify the AS number of the group.

peer group-name as-number as-number

By default, no AS number is specified.

If a peer group contains peers, you cannot remove or change its AS number.

5.      Add a peer into the EBGP peer group.

peer { ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer group-name as-number as-number command.

6.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

7.      Create the BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

8.      Enable the router to exchange IPv6 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv6 unicast routing information with the peers.

Configuring an EBGP peer group by using Method 2 (Exchanging IPv6 unicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Create an EBGP peer group.

group group-name external

4.      Create an IPv6 BGP peer and specify its AS number.

peer { ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } as-number as-number

5.      Add the peer into the EBGP peer group.

peer { ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer ipv6-address [ prefix-length ] as-number as-number command.

6.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

7.      Create the BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

8.      Enable the router to exchange IPv6 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv6 unicast routing information with the peers.

Configuring an EBGP peer group by using Method 3 (Exchanging IPv6 unicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Create an EBGP peer group.

group group-name external

4.      Add a peer into the EBGP peer group.

peer { ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } group group-name as-number as-number

5.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

6.      Create the BGP IPv6 unicast address family or BGP-VPN IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

7.      Enable the router to exchange IPv6 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv6 unicast routing information with the peers.

Configuring an EBGP peer group by using Method 1 (Exchanging IPv4 unicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an EBGP peer group.

group group-name external

4.      Specify an AS number for the peer group.

peer group-name as-number as-number

By default, no AS number is specified for a peer group.

If a peer group contains peers, you cannot remove or change its AS number.

5.      Add an IPv6 peer into the EBGP peer group.

peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer group-name as-number as-number command.

6.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

7.      Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

8.      Enable BGP to exchange IPv4 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv4 unicast routing information with peers in a peer group.

9.      Use a routing policy to modify the next hop of routes received from peers in the peer group.

peer group-name route-policy route-policy-name import

Configuring an EBGP peer group by using Method 2 (Exchanging IPv4 unicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an EBGP peer group.

group group-name external

4.      Create an IPv6 BGP peer and specify its AS number.

peer ipv6-address [ prefix-length ] as-number as-number

5.      Add the IPv6 peer into the EBGP peer group.

peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer ipv6-address [ prefix-length ] as-number as-number command.

6.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

7.      Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

8.      Enable BGP to exchange IPv4 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv4 unicast routing information with peers in a peer group.

9.      Use a routing policy to modify the next hop of routes received from peers in the peer group.

peer group-name route-policy route-policy-name import

Configuring an EBGP peer group by using Method 3 (Exchanging IPv4 unicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an EBGP peer group.

group group-name external

4.      Add an IPv6 peer into the EBGP peer group.

peer ipv6-address [ prefix-length ] group group-name as-number as-number

5.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

6.      Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

7.      Enable BGP to exchange IPv4 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv4 unicast routing information with peers in a peer group.

8.      Use a routing policy to modify the next hop of routes received from peers in the peer group.

peer group-name route-policy route-policy-name import

Configuring an EBGP peer group by using Method 1 (Exchanging IPv6 multicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an EBGP peer group.

group group-name external

4.      Specify the AS number of the group.

peer group-name as-number as-number

By default, no AS number is specified.

If a peer group contains peers, you cannot remove or change its AS number.

5.      Add an IPv6 BGP peer into the EBGP peer group.

peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer group-name as-number as-number command.

6.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

7.      Create the BGP IPv6 multicast address family and enter its view.

address-family ipv6 multicast

8.      Enable the router to exchange IPv6 unicast routing information used for RPF check with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv6 unicast routing information used for RPF check with the peers in the group.

Configuring an EBGP peer group by using Method 2 (Exchanging IPv6 multicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an EBGP peer group.

group group-name external

4.      Create an IPv6 BGP peer and specify its AS number.

peer ipv6-address [ prefix-length ] as-number as-number

5.      Add the peer into the EBGP peer group.

peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer ipv6-address [ prefix-length ] as-number as-number command.

6.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

7.      Create the BGP IPv6 multicast address family and enter its view.

address-family ipv6 multicast

8.      Enable the router to exchange IPv6 unicast routing information used for RPF check with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv6 unicast routing information used for RPF check with the peers in the group.

Configuring an EBGP peer group by using Method 3 (Exchanging IPv6 multicast routes with IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Create an EBGP peer group.

group group-name external

4.      Add an IPv6 BGP peer into the EBGP peer group.

peer ipv6-address [ prefix-length ] group group-name as-number as-number

5.      (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

6.      Create the BGP IPv6 multicast address family and enter its view.

address-family ipv6 multicast

7.      Enable the router to exchange IPv6 unicast routing information used for RPF check with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv6 unicast routing information used for RPF check with the peers in the group.

Specifying the source address of TCP connections

About this task

BGP uses TCP as the transport layer protocol. Perform this task in the following scenarios to specify the source address or source interface of TCP connections to a peer or peer group:

·           The peer's IPv4/IPv6 address does not belong to the interface directly connected to the local router. To ensure successful TCP connection establishment, use one of the following methods:

¡  Specify the interface to which the IPv4/IPv6 address belongs as the source interface on the peer.

¡  Specify the IPv4/IPv6 address of the interface directly connected to the local router as the source address on the peer.

·           A BGP peer at an IPv6 link-local address must be directly connected to the local router. If you do not specify the interface connected to the peer, you must specify the interface directly connected to the BGP peer as the source interface of TCP connections on the local router.

·           On a BGP router that has multiple links to a peer, the source interface for TCP connection changes because the primary source interface fails. To avoid this problem, specify a loopback interface as the source interface or specify the IP address of a loopback interface as the source address.

·           You want to establish multiple BGP sessions to a router. In this case, BGP might fail to determine the source address for each TCP connection based on the optimal route to the peer. To prevent this problem, use one of the following methods:

¡  If the BGP sessions use IP addresses of different interfaces, specify a source interface or source address for each session.

¡  If the BGP sessions use different IP addresses of the same interface, specify a source address for each session.

Restrictions and guidelines

BGP immediately tears down the session to an IBGP peer or peer group when the following conditions exist:

·           The source interface of TCP connections to the IBGP peer or peer group is a physical interface.

·           The source interface fails and the link to the IBGP peer or peer group goes down.

Procedure (IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Specify the source address or source interface of TCP connections to a peer or peer group.

¡  Specify the source address of TCP connections to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } source-address source-ipv4-address

¡  Specify the source interface of TCP connections to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } connect-interface interface-type interface-number

By default, BGP uses the primary IPv4 address of the output interface in the optimal route to a peer or peer group as the source address of TCP connections to the peer or peer group.

Procedure (IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Specify the source IPv6 address or source interface of TCP connections to a peer or peer group.

¡  Specify the source IPv6 address of TCP connections to a peer or peer group.

peer { group-name | ipv6-address [ prefix-length ] } source-address source-ipv6-address

¡  Specify the source interface of TCP connections to a peer or peer group.

peer { group-name | ipv6-address [ prefix-length ] } connect-interface interface-type interface-number

By default, BGP uses the IPv6 address of the output interface in the optimal route to the BGP peer or peer group as the source address of TCP connections to the peer or peer group.

Controlling BGP route generation

Injecting a local network

About this task

Perform this task to inject a network in the local routing table to the BGP routing table, so BGP can advertise the network to BGP peers. The ORIGIN attribute of BGP routes advertised in this way is IGP. You can also use a routing policy to control route advertisement.

The specified network must be available and active in the local IP routing table.

Procedure (IPv4 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

¡  Enter BGP IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

¡  Enter BGP IPv4 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 multicast

3.      Configure BGP to advertise a local network.

network ipv4-address [ mask-length | mask ] [ route-policy route-policy-name ]

By default, BGP does not advertise local networks.

Procedure (IPv6 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv6 unicast address family view, BGP-VPN IPv6 unicast address family view, or BGP IPv6 multicast address family view.

¡  Enter BGP IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 [ unicast ]

¡  Enter BGP-VPN IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv6 [ unicast ]

¡  Enter BGP IPv6 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 multicast

3.      Configure BGP to advertise a local network.

network ipv6-address prefix-length [ route-policy route-policy-name ]

By default, BGP does not advertise local networks.

Redistributing IGP routes

About this task

Perform this task to configure route redistribution from an IGP to BGP.

By default, BGP does not redistribute default IGP routes. You can use the default-route imported command to redistribute default IGP routes into the BGP routing table.

The ORIGIN attribute of BGP routes redistributed from IGPs is INCOMPLETE.

Only active routes can be redistributed. To view route state information, use the display ip routing-table protocol or display ipv6 routing-table protocol command. For more information about the commands, see Layer 3—IP Routing Command Reference.

Procedure (IPv4 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

¡  Enter BGP IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

¡  Enter BGP IPv4 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 multicast

3.      Enable route redistribution from the specified IGP into BGP.

¡  Redistribute IS-IS, OSPF, or RIP routes.

import-route { isis | ospf | rip } [ { process-id | all-processes } [ allow-direct | med med-value | route-policy route-policy-name ] * ]

¡  Redistribute direct or static routes.

import-route { direct | static } [ med med-value | route-policy route-policy-name ]

By default, BGP does not redistribute IGP routes.

4.      (Optional.) Enable default route redistribution into BGP.

default-route imported

By default, BGP does not redistribute default routes.

Procedure (IPv6 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv6 unicast address family view, BGP-VPN IPv6 unicast address family view, or BGP IPv6 multicast address family view.

¡  Enter BGP IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 [ unicast ]

¡  Enter BGP-VPN IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv6 [ unicast ]

¡  Enter BGP IPv6 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 multicast

3.      Enable route redistribution from the specified IGP into BGP.

¡  Redistribute IPv6 IS-IS, OSPFv3, or RIPng routes.

import-route { isisv6 | ospfv3 | ripng } [ { process-id | all-processes } [ allow-direct | med med-value | route-policy route-policy-name ] * ]

¡  Redistribute direct or static routes.

import-route { direct | static } [ med med-value | route-policy route-policy-name ]

By default, BGP does not redistribute IGP routes.

4.      (Optional.) Enable default route redistribution into BGP.

default-route imported

By default, BGP does not redistribute default routes.

Redistributing the local network specified in the public instance or a VPN instance

About this task

Perform this task to redistribute the local network specified in the public instance or a VPN instance to the BGP routing table, so BGP can advertise the network. The ORIGIN attribute is IGP for routes advertised in this way.

The local network must exist and be active in the routing table of the public instance or VPN instance.

Procedure

1.      Enter system view.

system-view

2.      Enter public instance IPv4 address family view or VPN instance IPv4 address family view.

¡  Enter public instance IPv4 address family view.

ip public-instance

address-family ipv4

¡  Enter VPN instance IPv4 address family view.

ip vpn-instance vpn-instance-name

address-family ipv4

3.      Specify a local network in the public instance or VPN instance.

network ipv4-address [ mask-length | mask ]

By default, no local network is specified in the public instance or VPN instance.

For more information about this command, see MPLS L3VPN in MPLS Command Reference.

4.      Execute the quit command twice to return to system view.

quit

5.      Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view.

¡  Enter BGP IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

6.      Redistribute the local network specified in the public instance or VPN instance.

import-route local-aggregate [ route-policy route-policy-name ]

By default, BGP does not redistribute the local network specified in the public instance or any VPN instances.

Configuring BGP route summarization

About this task

Route summarization can reduce the number of redistributed routes and the routing table size. IPv4 BGP supports automatic route summarization and manual route summarization. Manual summarization takes precedence over automatic summarization. IPv6 BGP supports only manual route summarization.

Automatic route summarization enables BGP to summarize IGP subnet routes redistributed by the import-route command, so BGP advertises only natural network routes.

By configuring manual route summarization, you can do the following:

·           Summarize both redistributed routes and routes injected using the network command.

·           Determine the mask length for a summary route.

Restrictions and guidelines for configuring BGP route summarization

The output interface of a BGP summary route is Null 0 on the originating router. Therefore, a summary route must not be an optimal route on the originating router. Otherwise, BGP will fail to forward packets matching the route. If a summarized specific route has the same mask as the summary route, but has a lower priority, the summary route becomes the optimal route. To ensure correct packet forwarding, change the priority of the summary or specific route to make the specific route the optimal route.

Configuring automatic route summarization (IPv4 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

¡  Enter BGP IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

¡  Enter BGP IPv4 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 multicast

3.      Configure automatic route summarization.

summary automatic

By default, automatic route summarization is not configured.

Configuring manual route summarization (IPv4 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

¡  Enter BGP IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

¡  Enter BGP IPv4 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 multicast

3.      Create a summary route in the BGP routing table.

aggregate ipv4-address { mask-length | mask } [ as-set | attribute-policy route-policy-name | detail-suppressed | origin-policy route-policy-name | suppress-policy route-policy-name ] *

By default, no summary routes are configured.

Configuring BGP manual route summarization (IPv6 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv6 unicast address family view, BGP-VPN IPv6 unicast address family view, or BGP IPv6 multicast address family view.

¡  Enter BGP IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 [ unicast ]

¡  Enter BGP-VPN IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv6 [ unicast ]

¡  Enter BGP IPv6 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 multicast

3.      Create a summary route in the IPv6 BGP routing table.

aggregate ipv6-address prefix-length [ as-set | attribute-policy route-policy-name | detail-suppressed | origin-policy route-policy-name | suppress-policy route-policy-name ] *

By default, no summary routes are configured.

Advertising a default route to a peer or peer group

About this task

Perform this task to advertise a default BGP route with the next hop being the advertising router to a peer or peer group.

Procedure (IPv4 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

¡  Enter BGP IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

¡  Enter BGP IPv4 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 multicast

3.      Advertise a default route to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } default-route-advertise [ route-policy route-policy-name ]

By default, no default route is advertised.

The ipv6-address [ prefix-length ] option is not supported in BGP IPv4 multicast address family view.

Procedure (IPv6 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv6 unicast address family view, BGP-VPN IPv6 unicast address family view, or BGP IPv6 multicast address family view.

¡  Enter BGP IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 [ unicast ]

¡  Enter BGP-VPN IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv6 [ unicast ]

¡  Enter BGP IPv6 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 multicast

3.      Advertise a default route to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } default-route-advertise [ route-policy route-policy-name ]

By default, no default route is advertised.

The ipv4-address [ mask-length ] and link-local-address interface interface-type interface-number options are not supported in BGP IPv6 multicast address family view.

Controlling BGP route advertisement

Advertising optimal routes in the IP routing table

About this task

By default, BGP advertises optimal routes in the BGP routing table, which may not be optimal in the IP routing table. This task allows you to advertise BGP routes that are optimal in the IP routing table.

Procedure (IPv4 unicast)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Enable BGP to advertise optimal routes in the IP routing table.

advertise-rib-active

By default, BGP advertises optimal routes in the BGP routing table.

4.      Enter BGP IPv4 unicast address family view or BGP-VPN IPv4 unicast address family view.

¡  Enter BGP IPv4 unicast address family view.

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

5.      Enable BGP to advertise optimal routes in the IP routing table of the address family in the VPN instance.

advertise-rib-active

By default, the setting is the same as that in BGP instance view.

Procedure (IPv6 unicast)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Enable BGP to advertise optimal routes in the IPv6 routing table.

advertise-rib-active

By default, BGP advertises optimal routes in the BGP routing table.

4.      Enter BGP IPv6 unicast address family view or BGP-VPN IPv6 unicast address family view.

¡  Enter BGP IPv6 unicast address family view.

address-family ipv6 [ unicast ]

¡  Enter BGP-VPN IPv6 unicast address family view.

ip vpn-instance vpn-instance-name

address-family ipv6 [ unicast ]

5.      Enable BGP to advertise optimal routes in the IPv6 routing table of the address family in the VPN instance.

advertise-rib-active

By default, the setting is the same as that in BGP instance view.

Enabling prioritized withdrawal of the default route

About this task

Typically a BGP router does not send withdrawal messages of the default route prior to other routes to its peers. If the peer relationship is down, the default route cannot be withdrawn first. Traffic interruption might occur. Perform this task to configure BGP to send the withdrawal messages of the default route prior to other routes. This can reduce the traffic interruption time when the peer relationship is down.

Procedure

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Enable BGP to send withdrawal messages of the default route prior to other routes.

default-route update-first

By default, BGP does not send withdrawal messages of the default route prior to other routes.

Enabling prioritized withdrawal of specific routes

About this task

Perform this task to configure BGP to send the withdrawal messages of specific routes prior to other routes. This can achieve fast route switchover and reduce the traffic interruption time.

Procedure (IPv4 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

¡  Enter BGP IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

¡  Enter BGP IPv4 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 multicast

3.      Enable BGP to send withdrawal messages of routes matching the specified routing policy prior to other routes.

update-first route-policy route-policy-name

By default, BGP does not send withdrawal messages of specific routes prior to other routes.

Procedure (IPv6 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv6 unicast address family view, BGP-VPN IPv6 unicast address family view, or BGP IPv6 multicast address family view.

¡  Enter BGP IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 [ unicast ]

¡  Enter BGP-VPN IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv6 [ unicast ]

¡  Enter BGP IPv6 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 multicast

3.      Enable BGP to send withdrawal messages of routes matching the specified routing policy prior to other routes.

update-first route-policy route-policy-name

By default, BGP does not send withdrawal messages of specific routes prior to other routes.

Configuring BGP route distribution filtering policies

About this task

To configure BGP route distribution filtering policies, use the following methods:

·           Use an ACL or prefix list to filter routing information advertised to all peers.

·           Use a routing policy, conditional advertisement policy (existent policy or nonexistent policy), ACL, AS path list, or prefix list to filter routing information advertised to a peer or peer group.

If you configure multiple filtering policies, apply them in the following sequence:

1.      peer prefix-list export

2.      peer as-path-acl export

3.      filter-policy export

4.      peer filter-policy export

5.      peer advertise-policy exist-policy

6.      peer advertise-policy non-exist-policy

7.      peer route-policy export

Only routes passing all the configured policies can be advertised.

Prerequisites

Before you configure BGP routing filtering policies, configure the following filters used for route filtering as needed:

·           ACL (see ACL and QoS Configuration Guide).

·           Prefix list (see "Configuring routing policies").

·           Routing policy (see "Configuring routing policies").

·           AS path list (see "Configuring routing policies").

Procedure (IPv4 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

¡  Enter BGP IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

¡  Enter BGP IPv4 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 multicast

3.      Configure BGP route distribution filtering policies. Choose the options to configure as needed:

¡  Reference an ACL or IP prefix list to filter advertised BGP routes.

filter-policy { ipv4-acl-number | name ipv4-acl-name | prefix-list ipv4-prefix-list-name } export [ direct | { isis | ospf | rip } process-id | static ]

¡  Specify a routing policy as the existent policy to control route advertisement.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise-policy advertise-policy-name exist-policy exist-policy-name

This command is supported only in BGP IPv4 unicast address family view.

¡  Specify a routing policy as the nonexistent policy to control route advertisement.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } advertise-policy advertise-policy-name non-exist-policy non-exist-policy-name

This command is supported only in BGP IPv4 unicast address family view.

¡  Reference a routing policy to filter BGP routes advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } route-policy route-policy-name export

¡  Reference an ACL to filter BGP routes advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } filter-policy { ipv4-acl-number | name ipv4-acl-name } export

¡  Reference an AS path list to filter BGP routes advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } { as-path-acl as-path-acl-number | as-path-acl-name } export

¡  Reference an IPv4 prefix list to filter BGP routes advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } prefix-list ipv4-prefix-list-name export

By default, no BGP distribution filtering policy is configured.

The ipv6-address [ prefix-length ] option is not supported in BGP IPv4 multicast address family view.

Procedure (IPv6 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv6 unicast address family view, BGP-VPN IPv6 unicast address family view, or BGP IPv6 multicast address family view.

¡  Enter BGP IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 [ unicast ]

¡  Enter BGP-VPN IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv6 [ unicast ]

¡  Enter BGP IPv6 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 multicast

3.      Configure BGP route distribution filtering policies. Choose the options to configure as needed:

¡  Reference an ACL or IPv6 prefix list to filter advertised BGP routes.

filter-policy { ipv6-acl-number | name ipv6-acl-name | prefix-list ipv6-prefix-list-name } export [ direct | { isisv6 | ospfv3 | ripng } process-id | static ]

¡  Specify a routing policy as the existent policy to control route advertisement.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } advertise-policy advertise-policy-name exist-policy exist-policy-name

This command is supported only in BGP IPv6 unicast address family view.

¡  Specify a routing policy as the nonexistent policy to control route advertisement.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } advertise-policy advertise-policy-name non-exist-policy non-exist-policy-name

This command is supported only in BGP IPv6 unicast address family view.

¡  Reference a routing policy to filter BGP routes advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } route-policy route-policy-name export

¡  Reference an ACL to filter BGP routes advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } filter-policy { ipv6-acl-number | name ipv6-acl-name } export

¡  Reference an AS path list to filter BGP routes advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } as-path-acl { as-path-acl-number | as-path-acl-name } export

¡  Reference an IPv6 prefix list to filter BGP routes advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } prefix-list ipv6-prefix-list-name export

By default, no BGP distribution filtering policy is configured.

The ipv4-address [ mask-length ] and link-local-address interface interface-type interface-number options are not supported in BGP IPv6 multicast address family view.

Setting the BGP route sending rate

About this task

If a device sends many new routes within a short time period, it might be unable to add the routes to the FIB before the peer device adds them. This might result in traffic forwarding failure. To avoid this problem, you can perform this task to set an appropriate route sending rate for the device.

Restrictions and guidelines

For a device with high performance, you can set a high BGP route sending rate as needed. For a device without high performance, set a relatively low BGP route sending rate as a best practice.

As a best practice to avoid route withdrawal failures, do not set the BGP route sending rate to 0 or a small value when network flapping occurs.

This task applies only to IPv4 unicast routes and IPv6 unicast routes.

Procedure

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Set the BGP route sending rate.

route-rate-limit rate

By default, the BGP route sending rate is not limited.

Configuring BGP route update delay

About this task

Perform this task to configure BGP to delay sending route updates on reboot to reduce traffic loss. With this feature enabled, BGP redistributes all routes from other neighbors on reboot, selects the optimal route, and then advertises it.

You can specify a prefix list and enable BGP to immediately send route updates for routes that match the prefix list.

Procedure

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Configure BGP to delay sending route updates on reboot.

bgp update-delay on-startup seconds

By default, BGP immediately sends route updates on reboot.

4.      (Optional.) Configure BGP to immediately send route updates for routes that match an IPv4 prefix list.

bgp update-delay on-startup prefix-list ipv4-prefix-list-name

By default, no IPv4 prefix list is specified to filter routes.

5.      (Optional.) Configure BGP to immediately send route updates for routes that match an IPv6 prefix list.

bgp update-delay on-startup ipv6-prefix-list ipv6-prefix-list-name

By default, no IPv6 prefix list is specified to filter routes.

Configuring a startup policy for BGP route updates

About this task

Perform this task to configure BGP to send route updates with the specified attributes within the specified period after reboot.

As shown in Figure 11, if Router B restarts and sends route updates before route convergence completes, traffic sent from Router A through Router B might be lost. This feature enables Router B to send route updates with the specified attribute values within the specified period after reboot, so that Router A can forward traffic through Router C.

Figure 11 Network diagram

Procedure

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Specify the period after reboot within which the startup policy is effective.

bgp apply-policy on-startup duration seconds

By default, the startup policy does not take effect.

4.      Specify a MED attribute value in the startup policy.

bgp policy on-startup med med-value

By default, the MED attribute value in the startup policy is 4294967295.

Controlling BGP route reception

Limiting routes received from a peer or peer group

About this task

This feature can prevent attacks that send a large number of BGP routes to the router.

If the number of routes received from a peer or peer group exceeds the upper limit, the router takes one of the following actions based on your configuration:

·           Tears down the BGP session to the peer or peer group and does not attempt to re-establish the session.

·           Continues to receive routes from the peer or peer group and generates a log message.

·           Retains the session to the peer or peer group, but it discards excess routes and generates a log message.

·           Tears down the BGP session to the peer or peer group and, after a specific period of time, re-establishes a BGP session to the peer or peer group.

You can specify a percentage threshold for the router to generate a log message. When the ratio of the number of received routes to the maximum number reaches the percentage value, the router generates a log message.

Procedure (IPv4 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

¡  Enter BGP IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

¡  Enter BGP IPv4 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 multicast

3.      Specify the maximum number of routes that a router can receive from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } route-limit prefix-number [ { alert-only | discard | reconnect reconnect-time } | percentage-value ] *

By default, the number of routes that a router can receive from a peer or peer group is not limited.

The ipv6-address [ prefix-length ] option is not supported in BGP IPv4 multicast address family view.

Procedure (IPv6 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv6 unicast address family view, BGP-VPN IPv6 unicast address family view, or BGP IPv6 multicast address family view.

¡  Enter BGP IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 [ unicast ]

¡  Enter BGP-VPN IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv6 [ unicast ]

¡  Enter BGP IPv6 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 multicast

3.      Specify the maximum number of routes that a router can receive from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } route-limit prefix-number [ { alert-only | discard | reconnect reconnect-time } | percentage-value ] *

By default, the number of routes that a router can receive from a peer or peer group is not limited.

The ipv4-address [ mask-length ] and link-local-address interface interface-type interface-number options are not supported in BGP IPv6 multicast address family view.

Configuring BGP route reception filtering policies

About this task

You can use the following methods to configure BGP route reception filtering policies:

·           Use an ACL or prefix list to filter routing information received from all peers.

·           Use a routing policy, ACL, AS path list, or prefix list to filter routing information received from a peer or peer group.

If you configure multiple filtering policies, apply them in the following sequence:

1.      filter-policy import

2.      peer filter-policy import

3.      peer as-path-acl import

4.      peer prefix-list import

5.      peer route-policy import

Only routes passing all the configured policies can be received.

Prerequisites

Before you configure BGP route reception filtering policies, configure the following filters used for route filtering as needed:

·           ACL (see ACL and QoS Configuration Guide).

·           Prefix list (see "Configuring routing policies").

·           Routing policy (see "Configuring routing policies").

·           AS path list (see "Configuring routing policies").

Procedure (IPv4 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

¡  Enter BGP IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

¡  Enter BGP IPv4 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 multicast

3.      Configure BGP route reception filtering policies. Choose the options to configure as needed:

¡  Reference an ACL or IP prefix list to filter BGP routes received from all peers.

filter-policy { ipv4-acl-number | name ipv4-acl-name | prefix-list ipv4-prefix-list-name } import

¡  Reference a routing policy to filter BGP routes received from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } route-policy route-policy-name import

¡  Reference an ACL to filter BGP routes received from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } filter-policy { ipv4-acl-number | name ipv4-acl-name } import

¡  Reference  an AS path list to filter BGP routes received from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } as-path-acl { as-path-acl-number | as-path-acl-name } import

¡  Reference an IPv4 prefix list to filter BGP routes received from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } prefix-list ipv4-prefix-list-name import

By default, no route reception filtering is configured.

The ipv6-address [ prefix-length ] option is not supported in BGP IPv4 multicast address family view.

Procedure (IPv6 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv6 unicast address family view, BGP-VPN IPv6 unicast address family view, or BGP IPv6 multicast address family view.

¡  Enter BGP IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 [ unicast ]

¡  Enter BGP-VPN IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv6 [ unicast ]

¡  Enter BGP IPv6 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 multicast

3.      Configure BGP route reception filtering policies. Choose the options to configure as needed:

¡  Reference ACL or IPv6 prefix list to filter BGP routes received from all peers.

filter-policy { ipv6-acl-number | name ipv6-acl-name | prefix-list ipv6-prefix-list-name } import

¡  Reference a routing policy to filter BGP routes received from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } route-policy route-policy-name import

¡  Reference an ACL to filter BGP routes received from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } filter-policy { ipv6-acl-number | name ipv6-acl-name } import

¡  Reference an AS path list to filter BGP routes received from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } as-path-acl { as-path-acl-number | as-path-acl-name } import

¡  Reference an IPv6 prefix list to filter BGP routes received from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } prefix-list ipv6-prefix-list-name import

By default, no route reception filtering is configured.

The ipv4-address [ mask-length ] and link-local-address interface interface-type interface-number options are not supported in BGP IPv6 multicast address family view.

Configuring the SoO attribute

About this task

After you configure the SoO attribute for a BGP peer or peer group, BGP adds the SoO attribute into the route updates received from the BGP peer or peer group. In addition, before advertising route updates to the peer or peer group, BGP checks the SoO attribute of the route update against the configured SoO attribute. If they are the same, BGP does not advertise the route updates to the BGP peer or peer group.

Procedure (IPv4 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

¡  Enter BGP IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

¡  Enter BGP IPv4 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 multicast

3.      Configure the SoO attribute for a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } soo site-of-origin

By default, no SoO attribute is configured for a peer or peer group.

The ipv6-address [ prefix-length ] option is not supported in BGP IPv4 multicast address family view.

Procedure (IPv6 unicast/multicast address family)

1.      Enter system view.

system-view

2.      Enter BGP IPv6 unicast address family view, BGP-VPN IPv6 unicast address family view, or BGP IPv6 multicast address family view.

¡  Enter BGP IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 [ unicast ]

¡  Enter BGP-VPN IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv6 [ unicast ]

¡  Enter BGP IPv6 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 multicast

3.      Configure the SoO attribute for a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } soo site-of-origin

By default, no SoO attribute is configured for a peer or peer group.

The ipv4-address [ mask-length ] and link-local-address interface interface-type interface-number options are not supported in BGP IPv6 multicast address family view.

Configuring BGP timers

Configuring the keepalive interval and hold time

About this task

BGP sends KEEPALIVE messages regularly to keep the BGP session between two routers.

If a router receives no KEEPALIVE or UPDATE message from a peer within the hold time, it tears down the session.

You can configure the keepalive interval and hold time globally or for a peer or peer group. The individual settings take precedence over the global settings.

The actual keepalive interval and hold time are determined as follows:

·           If the hold time settings on the local and peer routers are different, the smaller setting is used. If the hold time is 0, BGP does not send KEEPALIVE messages to its peers and never tears down the session.

·           If the keepalive interval is not 0, the actual keepalive interval is the smaller one between 1/3 of the hold time and the keepalive interval.

Restrictions and guidelines

The hold time must be a minimum of three times the keepalive interval.

Procedure (IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Configure the keepalive interval and hold time.

¡  Configure the global keepalive interval and hold time.

timer keepalive keepalive hold holdtime

This command takes effect for new BGP sessions and does not affect existing sessions.

¡  Configure the keepalive interval and hold time for a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } timer keepalive keepalive hold holdtime

By default, the keepalive interval is 60 seconds, and hold time is 180 seconds.

The timers configured with the timer and peer timer commands do not take effect until a session is re-established (for example, a session is reset).

Procedure (IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Configure the keepalive interval and hold time.

¡  Configure the global keepalive interval and hold time.

timer keepalive keepalive hold holdtime

This command takes effect for new BGP sessions and does not affect existing sessions.

¡  Configure the keepalive interval and hold time for a peer or peer group.

peer { group-name | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } timer keepalive keepalive hold holdtime

By default, the keepalive interval is 60 seconds, and hold time is 180 seconds.

The timers configured with the timer and peer timer commands do not take effect until a session is re-established (for example, a session is reset).

Setting the session retry timer

About this task

To speed up session establishment to a peer or peer group and route convergence, set a small session retry timer. If the BGP session flaps, you can set a large session retry timer to reduce the impact.

Restrictions and guidelines

The timer set by the peer timer connect-retry command takes precedence over the timer set by the timer connect-retry command.

Procedure (IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Set the session retry timer.

¡  Set the session retry timer for all peers or peer groups.

timer connect-retry retry-time

¡  Set the session retry timer for a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } timer connect-retry retry-time

By default, the session retry timer is 32 seconds for a peer or peer group.

Procedure (IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view or BGP-VPN instance view.

¡  Enter BGP instance view.

bgp as-number [ instance instance-name ]

¡  Enter BGP-VPN instance view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

3.      Set the session retry timer.

¡  Set the session retry timer for all peers or peer groups.

timer connect-retry retry-time

¡  Set the session retry timer for a peer or peer group.

peer { group-name | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } timer connect-retry retry-time

By default, the session retry timer is 32 seconds for a peer or peer group.

Configuring the interval for sending updates for the same route

About this task

A BGP router sends an UPDATE message to its peers when a route is changed. If the route changes frequently, the BGP router keeps sending update or withdrawal messages for the same route, resulting route flapping. To prevent this situation, perform this task to configure the interval for sending updates for the same route to a peer or peer group.

This feature takes effect on withdrawn routes only after you apply the route update interval setting to withdrawn routes.

Procedure (IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      (Optional.) Apply route update interval setting to withdrawn routes.

route-update-interval withdrawn enable

By default, route update interval setting does not apply to withdrawn routes. BGP sends withdrawal messages for withdrawn routes immediately.

4.      (Optional.) Enter BGP-VPN instance view.

ip vpn-instance vpn-instance-name

5.      Configure the interval for sending updates for the same route to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } route-update-interval interval

By default, the interval is 15 seconds for an IBGP peer and 30 seconds for an EBGP peer.

Procedure (IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      (Optional.) Apply route update interval setting to withdrawn routes.

route-update-interval withdrawn enable

By default, route update interval setting does not apply to withdrawn routes. BGP sends withdrawal messages for withdrawn routes immediately.

4.      (Optional.) Enter BGP-VPN instance view.

ip vpn-instance vpn-instance-name

5.      Configure the interval for sending updates for the same route to a peer or peer group.

peer { group-name | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } route-update-interval interval

By default, the interval is 15 seconds for an IBGP peer and 30 seconds for an EBGP peer.

Setting an update delay for local MPLS labels

About this task

BGP includes local MPLS labels in advertised VPNv4 routes, VPNv6 routes, labeled IPv6 unicast routes, and labeled IPv4 unicast routes.

When a local label is changed, BGP removes the old label and advertises the new label. Traffic interruption occurs if BGP peers use the old label to forward packets before they learn the new label. To resolve this issue, set an update delay for local MPLS labels. BGP does not remove the old label before the update delay timer expires.

Procedure

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Set an update delay for local MPLS labels.

retain local-label retain-time

By default, the update delay is 60 seconds.

Configuring BGP logging and notifications

Enabling logging for session state changes

About this task

Perform this task to enable BGP to log BGP session establishment and disconnection events. To display the log information, use the display bgp peer ipv4 unicast log-info command or the display bgp peer ipv6 unicast log-info command. The logs are sent to the information center. The output rules of the logs (whether to output the logs and where to output) are determined by the information center configuration.

For more information about information center configuration, see Network Management and Monitoring Configuration Guide.

Procedure (IPv4 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Enable logging for session state changes globally.

log-peer-change

By default, logging for session state changes is enabled globally.

4.      (Optional.) Enter BGP-VPN instance view.

ip vpn-instance vpn-instance-name

5.      Enable logging for session state changes for a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } log-change

By default, logging for session state changes is enabled for all peers and peer groups.

Procedure (IPv6 peers)

1.      Enter system view.

system-view

2.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

3.      Enable logging for session state changes globally.

log-peer-change

By default, logging for session state changes is enabled globally.

4.      (Optional.) Enter BGP-VPN instance view.

ip vpn-instance vpn-instance-name

5.      Enable logging for session state changes for a peer or peer group.

peer { group-name | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number } log-change

By default, logging for session state changes is enabled for all peers and peer groups.

Enabling logging for BGP route flapping

About this task

This feature enables BGP to generate logs for BGP route flapping events that trigger log generation. The generated logs are sent to the information center. For the logs to be output correctly, you must also configure information center on the device. For more information about the information center, see Network Management and Monitoring Configuration Guide.

Procedure (IPv4 unicast/IPv4 multicast)

1.      Enter system view.

system-view

2.      Enter BGP IPv4 unicast address family view, BGP-VPN IPv4 unicast address family view, or BGP IPv4 multicast address family view.

¡  Enter BGP IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 [ unicast ]

¡  Enter BGP-VPN IPv4 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv4 [ unicast ]

¡  Enter BGP IPv4 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv4 multicast

3.      Enable logging for BGP route flapping.

log-route-flap monitor-time monitor-count [ log-count-limit | route-policy route-policy-name ] *

By default, logging for BGP route flapping is disabled.

Procedure (IPv6 unicast/IPv6 multicast)

1.      Enter system view.

system-view

2.      Enter BGP IPv6 unicast address family view, BGP-VPN IPv6 unicast address family view, or BGP IPv6 multicast address family view.

¡  Enter BGP IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 [ unicast ]

¡  Enter BGP-VPN IPv6 unicast address family view.

bgp as-number [ instance instance-name ]

ip vpn-instance vpn-instance-name

address-family ipv6 [ unicast ]

¡  Enter BGP IPv6 multicast address family view.

bgp as-number [ instance instance-name ]

address-family ipv6 multicast

3.      Enable logging for BGP route flapping.

log-route-flap monitor-time monitor-count [ log-count-limit | route-policy route-policy-name ] *

By default, logging for BGP route flapping is disabled.

Configuring BGP network management

About this task

After you enable SNMP notifications for BGP, the device generates a notification when a BGP neighbor state change occurs. The notification includes the neighbor address, the error code and subcode of the most recent error, and the current neighbor state. For BGP notifications to be sent correctly, you must also configure SNMP on the device.

BGP does not know the BGP instance to which a managed MIB node belongs. To resolve this issue, configure different SNMP contexts for different BGP instances.

The device selects a MIB for an SNMP packet according to the context (for SNMPv3) or community name (for SNMPv1/v2c) in the following ways:

·           For an SNMPv3 packet:

¡  The device selects the MIB of the default BGP instance if the packet does not carry a context and no SNMP context is configured for the default BGP instance.

¡  The device selects the MIB of a BGP instance if the packet meets the following conditions:

-       Carries a context that is configured with the snmp-agent context command in system view.

-       Matches the context of the BGP instance.

¡  The device does not process any MIBs in other situations.

·           For an SNMPv1/v2c packet:

¡  The device selects the MIB of the default BGP instance if the following conditions are met:

-       No community name-to-SNMP context mapping is configured with the snmp-agent community-map command in system view.

-       No SNMP context is configured for the default BGP instance.

¡  The device selects the MIB of a BGP instance if the community name is mapped to an SNMP context and the context matches the context of the BGP instance.

¡  The device does not process any MIBs in other situations.

For more information about SNMP contexts and community names, see SNMP configuration in Network Management and Monitoring Configuration Guide.

Procedure

1.      Enter system view.

system-view

2.      Enable SNMP notifications for BGP.

snmp-agent trap enable bgp [ instance instance-name ]

By default, SNMP notifications for BGP are enabled.

3.      Enter BGP instance view.

bgp as-number [ instance instance-name ]

4.      Configure an SNMP context for the BGP instance.

snmp context-name context-name

By default, no SNMP context is configured for the BGP instance.

Display and maintenance commands for basic BGP network building

Displaying BGP

Execute display commands in any view.

Displaying BGP (IPv4 unicast address family)

Task

Command

Display BGP IPv4 unicast peer group information.

display bgp [ instance instance-name ] group ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]  [ group-name group-name ]

Display information about routes advertised by the network command and shortcut routes configured by the network short-cut command.

display bgp [ instance instance-name ] network ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]

Display information about a peer or peer group in BGP IPv4 unicast address family.

display bgp [ instance instance-name ] peer ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]  [ ipv4-address mask-length | { ipv4-address | group-name group-name } log-info | [ ipv4-address ] verbose ]

display bgp [ instance instance-name ] peer ipv4 [ unicast ] [ ipv6-address prefix-length | ipv6-address log-info | [ ipv6-address ] verbose ]

display bgp [ instance instance-name ] peer ipv4 [ unicast ] vpn-instance-all [ verbose ]

Display BGP IPv4 unicast route flapping statistics.

display bgp [ instance instance-name ] routing-table flap-info ipv4 [ unicast ] [ vpn-instance vpn-instance-name ] [ ipv4-address [ { mask-length | mask } [ longest-match ] ] | as-path-acl { as-path-acl-number | as-path-acl-name } ]

Display BGP IPv4 unicast routing information.

display bgp [ instance instance-name ] routing-table ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]  [ ipv4-address [ { mask-length | mask } [ longest-match ] ] | ipv4-address [ mask-length | mask ] advertise-info | as-path-acl { as-path-acl-number | as-path-acl-name } | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } | peer { ipv4-address | ipv6-address } { advertised-routes | received-routes } [ ipv4-address [ mask-length | mask ] | statistics ] | statistics ]

Display information about BGP peer relationship down events.

display bgp [ instance instance-name ] troubleshooting [ event-count ] [ reverse ]

Display BGP IPv4 unicast address family update group information.

display bgp [ instance instance-name ] update-group ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]  [ ipv4-address ]

display bgp [ instance instance-name ] update-group ipv4 [ unicast ] [ ipv6-address ]

Display information about all BGP instances.

display bgp instance-info

Displaying BGP (IPv6 unicast address family)

Task

Command

Display BGP IPv6 unicast peer group information.

display bgp [ instance instance-name ] group ipv6 [ unicast ] [ vpn-instance vpn-instance-name ]  [ group-name group-name ]

Display information about routes advertised by the network command and shortcut routes configured by the network short-cut command.

display bgp [ instance instance-name ] network ipv6 [ unicast ] [ vpn-instance vpn-instance-name ]

Display information about a peer or peer group in BGP IPv6 unicast address family.

display bgp [ instance instance-name ] peer ipv6 [ unicast ] [ vpn-instance vpn-instance-name ]  [ ipv6-address prefix-length | { ipv6-address | group-name group-name } log-info | [ ipv6-address ] verbose ]

display bgp [ instance instance-name ] peer ipv6 [ unicast ] link-local-address interface interface-type interface-number { log-info | verbose }

display bgp [ instance instance-name ] peer ipv6 [ unicast ] [ ipv4-address mask-length | ipv4-address log-info | [ ipv4-address ] verbose ]

display bgp [ instance instance-name ] peer ipv6 [ unicast ] vpn-instance-all [ verbose ]

Display BGP IPv6 unicast route flapping statistics.

display bgp [ instance instance-name ] routing-table flap-info ipv6 [ unicast ] [ vpn-instance vpn-instance-name ]  [ ipv6-address prefix-length | as-path-acl { as-path-acl-number | as-path-acl-name } ]

Display BGP IPv6 unicast routing information.

display bgp [ instance instance-name ] routing-table ipv6 [ unicast ] [ vpn-instance vpn-instance-name ]  [ ipv6-address prefix-length [ advertise-info ] | as-path-acl { as-path-acl-number | as-path-acl-name } | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } | peer ipv6-address { advertised-routes | received-routes } [ ipv6-address prefix-length | statistics ] | statistics ]

display bgp [ instance instance-name ] routing-table ipv6 [ unicast ] peer { ipv4-address | link-local-address interface interface-type interface-number  } { advertised-routes | received-routes } [ ipv6-address prefix-length | statistics ]

Display information about BGP peer relationship down events.

display bgp [ instance instance-name ] troubleshooting [ event-count ] [ reverse ]

Display BGP IPv6 unicast address family update group information.

display bgp [ instance instance-name ] update-group ipv6 [ unicast ] [ ipv4-address | ipv6-address ]

display bgp [ instance instance-name ] update-group ipv6 [ unicast ] vpn-instance vpn-instance-name [ ipv6-address ]

Display information about all BGP instances.

display bgp instance-info

Displaying BGP (IPv4 multicast address family)

Task

Command

Display BGP IPv4 multicast peer group information.

display bgp [ instance instance-name ] group ipv4 multicast [ group-name group-name ]

Display information about routes advertised by the network command and shortcut routes configured by the network short-cut command.

display bgp [ instance instance-name ] network ipv4 multicast

Display BGP path attribute information.

display bgp [ instance instance-name ] paths [ as-regular-expression ]

Display BGP IPv4 multicast peer or peer group information.

display bgp [ instance instance-name ] peer ipv4 multicast [ ipv4-address mask-length | { ipv4-address | group-name group-name } log-info | [ ipv4-address ] verbose ]

Display BGP IPv4 multicast route flapping statistics.

display bgp [ instance instance-name ] routing-table flap-info ipv4 multicast [ ipv4-address [ { mask-length | mask } [ longest-match ] ] | as-path-acl { as-path-acl-number  | as-path-acl-name } ]

Display BGP IPv4 multicast routing information.

display bgp [ instance instance-name ] routing-table ipv4 multicast [ ipv4-address [ { mask-length | mask } [ longest-match ] ] | ipv4-address [ mask-length | mask ] advertise-info | as-path-acl { as-path-acl-number | as-path-acl-name } | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } | peer ipv4-address { advertised-routes | received-routes } [ ipv4-address [ mask-length | mask ] | statistics ] | statistics ]

Display information about BGP peer relationship down events.

display bgp [ instance instance-name ] troubleshooting [ event-count ] [ reverse ]

Display BGP IPv4 multicast address family update group information.

display bgp [ instance instance-name ] update-group ipv4 multicast [ ipv4-address ]

Display information about all BGP instances.

display bgp instance-info

Displaying BGP (IPv6 multicast address family)

Task

Command

Display BGP IPv6 multicast peer group information.

display bgp [ instance instance-name ] group ipv6 multicast [ group-name group-name ]

Display information about routes advertised by the network command and shortcut routes configured by the network short-cut command.

display bgp [ instance instance-name ] network ipv6 multicast

Display BGP path attribute information.

display bgp [ instance instance-name ] paths [ as-regular-expression ]

Display BGP IPv6 multicast peer or peer group information.

display bgp [ instance instance-name ] peer ipv6 multicast [ ipv6-address prefix-length | { ipv6-address | group-name group-name } log-info | [ ipv6-address ] verbose ]

Display BGP IPv6 multicast route flapping statistics.

display bgp [ instance instance-name ] routing-table flap-info ipv6 multicast [ ipv6-address prefix-length | as-path-acl { as-path-acl-number | as-path-acl-name } ]

Display BGP IPv6 multicast routing information.

display bgp [ instance instance-name ] routing-table ipv6 multicast [ ipv6-address prefix-length [ advertise-info ] | as-path-acl { as-path-acl-number | as-path-acl-name } | community-list { { basic-community-list-number | comm-list-name } [ whole-match ] | adv-community-list-number } | peer ipv6-address { advertised-routes | received-routes } [ ipv6-address prefix-length | statistics ] | statistics ]

Display information about BGP peer relationship down events.

display bgp [ instance instance-name ] troubleshooting [ event-count ] [ reverse ]

Display BGP IPv6 multicast address family update group information.

display bgp [ instance instance-name ] update-group ipv6 multicast [ ipv6-address ]

Display information about all BGP instances.

display bgp instance-info

Resetting BGP sessions

Execute reset commands in user view.

 

Task

Command

Reset BGP sessions for IPv4 unicast address family.

reset bgp [ instance instance-name ] { as-number | ipv4-address [ mask-length ] | all | external | group group-name | internal } ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]

reset bgp ipv6-address [ mask-length ] ipv4 [ unicast ]

Reset BGP sessions for IPv4 multicast address family.

reset bgp [ instance instance-name ] { as-number | ipv4-address [ mask-length ] | all | external | group group-name | internal } ipv4 multicast

Reset BGP sessions for IPv6 unicast address family.

reset bgp [ instance instance-name ] { as-number | ipv6-address [ prefix-length ] | link-local-address interface interface-type interface-number | all | external | group group-name | internal } ipv6 [ unicast ] [ vpn-instance vpn-instance-name ]

reset bgp ipv4-address [ mask-length ] ipv6 [ unicast ]

Reset BGP sessions for IPv6 multicast address family.

reset bgp [ instance instance-name ] { as-number | ipv6-address [ prefix-length ] | all | external | group group-name | internal } ipv6 multicast

Reset all BGP sessions.

reset bgp [ instance instance-name ] all

Clearing BGP information

Execute reset commands in user view.

 

Task

Command

Clear flap information for BGP IPv4 unicast routes.

reset bgp [ instance instance-name ] flap-info ipv4 [ unicast ] [ vpn-instance vpn-instance-name ]  [ ipv4-address [ mask-length | mask ] | as-path-acl { as-path-acl-number | as-path-acl-name } | peer ipv4-address [ mask-length ] ]

Clear flap information for BGP IPv4 multicast routes.

reset bgp [ instance instance-name ] flap-info ipv4 multicast [ ipv4-address [ mask-length | mask ] | as-path-acl { as-path-acl-number | as-path-acl-name } | peer ipv4-address [ mask-length ] ]

Clear flap information for BGP IPv6 unicast routes.

reset bgp [ instance instance-name ] flap-info ipv6 [ unicast ] [ vpn-instance vpn-instance-name ]  [ ipv6-address prefix-length | as-path-acl { as-path-acl-number | as-path-acl-name } | peer ipv6-address [ prefix-length ] ]

Clear flap information for BGP IPv6 multicast routes.

reset bgp [ instance instance-name ] flap-info ipv6 multicast [ ipv6-address prefix-length | as-path-acl { as-path-acl-number | as-path-acl-name } | peer ipv6-address [ prefix-length ] ]

Basic IPv4 BGP network configuration examples

Example: Configuring basic BGP

Network configuration

As shown in Figure 12, all switches run BGP. Run EBGP between Switch A and Switch B, and run IBGP between Switch B and Switch C to allow Switch C to access network 8.1.1.0/24 connected to Switch A.

Figure 12 Network diagram

Procedure

1.      Configure IP addresses for interfaces. (Details not shown.)

2.      Configure IBGP:

¡  To prevent route flapping caused by port state changes, this example uses loopback interfaces to establish IBGP connections.

¡  Loopback interfaces are virtual interfaces. Therefore, use the peer connect-interface command to specify the loopback interface as the source interface for establishing BGP connections.

¡  Enable OSPF in AS 65009 to ensure that Switch B can communicate with Switch C through loopback interfaces.

# Configure Switch B.

<SwitchB> system-view

[SwitchB] bgp 65009

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 3.3.3.3 as-number 65009

[SwitchB-bgp-default] peer 3.3.3.3 connect-interface loopback 0

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] peer 3.3.3.3 enable

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

[SwitchB] ospf 1

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0

[SwitchB-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] bgp 65009

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 2.2.2.2 as-number 65009

[SwitchC-bgp-default] peer 2.2.2.2 connect-interface loopback 0

[SwitchC-bgp-default] address-family ipv4 unicast

[SwitchC-bgp-default-ipv4] peer 2.2.2.2 enable

[SwitchC-bgp-default-ipv4] quit

[SwitchC-bgp-default] quit

[SwitchC] ospf 1

[SwitchC-ospf-1] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 3.3.3.3 0.0.0.0

[SwitchC-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

[SwitchC] display bgp peer ipv4

 

 BGP local router ID : 3.3.3.3

 Local AS number : 65009

 Total number of peers : 1                 Peers in established state : 1

 

  * - Dynamically created peer

  ^ - Peer created through link-local address

  Peer                    AS  MsgRcvd  MsgSent OutQ PrefRcv Up/Down  State

 

  2.2.2.2              65009        2        2    0       0 00:00:13 Established

The output shows that Switch C has established an IBGP peer relationship with Switch B.

3.      Configure EBGP:

¡  The EBGP peers, Switch A and Switch B (usually belong to different carriers), are located in different ASs. Typically, their loopback interfaces are not reachable to each other, so directly connected interfaces are used for establishing EBGP sessions.

¡  To enable Switch C to access the network 8.1.1.0/24 connected directly to Switch A, inject network 8.1.1.0/24 to the BGP routing table of Switch A.

# Configure Switch A.

<SwitchA> system-view

[SwitchA] bgp 65008

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 3.1.1.1 as-number 65009

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 3.1.1.1 enable

[SwitchA-bgp-default-ipv4] network 8.1.1.0 24

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# Configure Switch B.

[SwitchB] bgp 65009

[SwitchB-bgp-default] peer 3.1.1.2 as-number 65008

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] peer 3.1.1.2 enable

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

# Display BGP peer information on Switch B.

[SwitchB] display bgp peer ipv4

 

 BGP local router ID : 2.2.2.2

 Local AS number : 65009

 Total number of peers : 2                 Peers in established state : 2

 

  * - Dynamically created peer

  ^ - Peer created through link-local address

  Peer                    AS  MsgRcvd  MsgSent OutQ PrefRcv Up/Down  State

 

  3.3.3.3              65009        4        4    0       0 00:02:49 Established

  3.1.1.2              65008        2        2    0       0 00:00:05 Established

The output shows that Switch B has established an IBGP peer relationship with Switch C and an EBGP peer relationship with Switch A.

# Display the BGP routing table on Switch A.

[SwitchA] display bgp routing-table ipv4

 

 Total number of routes: 1

 

 BGP local router ID is 1.1.1.1

 Status codes: * - valid, > - best, d - dampened, h - history,

               s - suppressed, S - stale, i - internal, e - external

               a – additional-path

       Origin: i - IGP, e - EGP, ? - incomplete

 

     Network            NextHop         MED        LocPrf     PrefVal Path/Ogn

 

* >  8.1.1.0/24         8.1.1.1         0                     32768   i

# Display the BGP routing table on Switch B.

[SwitchB] display bgp routing-table ipv4

 

 Total number of routes: 1

 

 BGP local router ID is 2.2.2.2

 Status codes: * - valid, > - best, d - dampened, h - history,

               s - suppressed, S - stale, i - internal, e - external

               a – additional-path

       Origin: i - IGP, e - EGP, ? - incomplete

 

     Network            NextHop         MED        LocPrf     PrefVal Path/Ogn

 

* >e 8.1.1.0/24         3.1.1.2         0                     0       65008i

# Display the BGP routing table on Switch C.

[SwitchC] display bgp routing-table ipv4

 

 Total number of routes: 1

 

 BGP local router ID is 3.3.3.3

 Status codes: * - valid, > - best, d - dampened, h - history,

               s - suppressed, S - stale, i - internal, e - external

               a – additional-path

       Origin: i - IGP, e - EGP, ? - incomplete

 

     Network            NextHop         MED        LocPrf     PrefVal Path/Ogn

 

   i 8.1.1.0/24         3.1.1.2         0          100        0       65008i

The outputs show that Switch A has learned no route to AS 65009, and Switch C has learned network 8.1.1.0, but the next hop 3.1.1.2 is unreachable. As a result, the route is invalid.

4.      Redistribute direct routes:

Configure BGP to redistribute direct routes on Switch B, so that Switch A can obtain the route to 9.1.1.0/24, and Switch C can obtain the route to 3.1.1.0/24.

# Configure Switch B.

[SwitchB] bgp 65009

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] import-route direct

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

# Display the BGP routing table on Switch A.

[SwitchA] display bgp routing-table ipv4

 

 Total number of routes: 4

 

 BGP local router ID is 1.1.1.1

 Status codes: * - valid, > - best, d - dampened, h - history,

               s - suppressed, S - stale, i - internal, e - external

               a – additional-path

       Origin: i - IGP, e - EGP, ? - incomplete

 

     Network            NextHop         MED        LocPrf     PrefVal Path/Ogn

 

* >e 2.2.2.2/32         3.1.1.1         0                     0       65009?

* >e 3.1.1.0/24         3.1.1.1         0                     0       65009?

* >  8.1.1.0/24         8.1.1.1         0                     32768   i

* >e 9.1.1.0/24         3.1.1.1         0                     0       65009?

Two routes, 2.2.2.2/32 and 9.1.1.0/24, have been added in Switch A's routing table.

# Display the BGP routing table on Switch C.

[SwitchC] display bgp routing-table ipv4

 

 Total number of routes: 4

 

 BGP local router ID is 3.3.3.3

 Status codes: * - valid, > - best, d - dampened, h - history,

               s - suppressed, S - stale, i - internal, e - external

               a – additional-path

       Origin: i - IGP, e - EGP, ? - incomplete

 

     Network            NextHop         MED        LocPrf     PrefVal Path/Ogn

 

* >i 2.2.2.2/32         2.2.2.2         0          100        0       ?

* >i 3.1.1.0/24         2.2.2.2         0          100        0       ?

* >i 8.1.1.0/24         3.1.1.2         0          100        0       65008i

* >i 9.1.1.0/24         2.2.2.2         0          100        0       ?

The output shows that the route 8.1.1.0 becomes valid with the next hop as Switch A.

Verifying the configuration

# Verify that Switch C can ping 8.1.1.1.

[SwitchC] ping 8.1.1.1

Ping 8.1.1.1 (8.1.1.1): 56 data bytes, press CTRL_C to break

56 bytes from 8.1.1.1: icmp_seq=0 ttl=254 time=10.000 ms

56 bytes from 8.1.1.1: icmp_seq=1 ttl=254 time=4.000 ms

56 bytes from 8.1.1.1: icmp_seq=2 ttl=254 time=4.000 ms

56 bytes from 8.1.1.1: icmp_seq=3 ttl=254 time=3.000 ms

56 bytes from 8.1.1.1: icmp_seq=4 ttl=254 time=3.000 ms

--- Ping statistics for 8.1.1.1 ---

5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss

round-trip min/avg/max/std-dev = 3.000/4.800/10.000/2.638 ms

Example: Configuring BGP and IGP route redistribution

Network configuration

As shown in Figure 13, all devices of company A belong to AS 65008, and all devices of company B belong to AS 65009.

Configure BGP and IGP route redistribution to allow Switch A to access network 9.1.2.0/24 in AS 65009, and Switch C to access network 8.1.1.0/24 in AS 65008.

Figure 13 Network diagram

Procedure

1.      Configure IP addresses for interfaces. (Details not shown.)

2.      Configure OSPF:

Enable OSPF in AS 65009, so Switch B can obtain the route to 9.1.2.0/24.

# Configure Switch B.

<SwitchB> system-view

[SwitchB] ospf 1

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.2 0.0.0.0

[SwitchB-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] quit

# Configure Switch C.

<SwitchC> system-view

[SwitchC] ospf 1

[SwitchC-ospf-1] import-route direct

[SwitchC-ospf-1] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 9.1.1.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

3.      Configure the EBGP connection:

Configure the EBGP connection and inject network 8.1.1.0/24 to the BGP routing table of Switch A, so that Switch B can obtain the route to 8.1.1.0/24.

# Configure Switch A.

<SwitchA> system-view

[SwitchA] bgp 65008

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 3.1.1.1 as-number 65009

[SwitchA-bgp-default] address-family ipv4 unicast

[SwitchA-bgp-default-ipv4] peer 3.1.1.1 enable

[SwitchA-bgp-default-ipv4] network 8.1.1.0 24

[SwitchA-bgp-default-ipv4] quit

[SwitchA-bgp-default] quit

# Configure Switch B.

[SwitchB] bgp 65009

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 3.1.1.2 as-number 65008

[SwitchB-bgp-default] address-family ipv4 unicast

[SwitchB-bgp-default-ipv4] peer 3.1.1.2 enable

4.      Configure BGP and IGP route redistribution:

¡  Configure BGP to redistribute routes from OSPF on Switch B, so Switch A can obtain the route to 9.1.2.0/24.

¡  Configure OSPF to redistribute routes from BGP on Switch B, so Switch C can obtain the route to 8.1.1.0/24.

# Configure route redistribution between BGP and OSPF on Switch B.

[SwitchB-bgp-default-ipv4] import-route ospf 1

[SwitchB-bgp-default-ipv4] quit

[SwitchB-bgp-default] quit

[SwitchB] ospf 1

[SwitchB-ospf-1] import-route bgp

[SwitchB-ospf-1] quit

# Display the BGP routing table on Switch A.

[SwitchA] display bgp routing-table ipv4

 

 Total number of routes: 3

 

 BGP local router ID is 1.1.1.1

 Status codes: * - valid, > - best, d - dampened, h - history,

               s - suppressed, S - stale, i - internal, e - external

               a – additional-path

       Origin: i - IGP, e - EGP, ? - incomplete

 

     Network            NextHop         MED        LocPrf     PrefVal Path/Ogn

 

* >e 3.3.3.3/32         3.1.1.1         1                     0       65009?

* >  8.1.1.0/24         8.1.1.1         0                     32768   i

* >e 9.1.2.0/24         3.1.1.1         1                     0       65009?

# Display the OSPF routing table on Switch C.

[SwitchC] display ospf routing

 

          OSPF Process 1 with Router ID 3.3.3.3

                   Routing Table

 

 Routing for Network

 Destination        Cost     Type    NextHop         AdvRouter       Area

 9.1.1.0/24         1        Transit 9.1.1.2         3.3.3.3         0.0.0.0

 2.2.2.2/32         1        Stub    9.1.1.1         2.2.2.2         0.0.0.0

 

 Routing for ASEs

 Destination        Cost     Type    Tag         NextHop         AdvRouter

 8.1.1.0/24         1        Type2   1           9.1.1.1         2.2.2.2

 

 Total Nets: 3

 Intra Area: 2  Inter Area: 0  ASE: 1  NSSA: 0

Verifying the configuration

# Use ping for verification.

[SwitchA] ping -a 8.1.1.1 9.1.2.1

Ping 9.1.2.1 (9.1.2.1) from 8.1.1.1: 56 data bytes, press CTRL_C to break

56 bytes from 9.1.2.1: icmp_seq=0 ttl=254 time=10.000 ms

56 bytes from 9.1.2.1: icmp_seq=1 ttl=254 time=12.000 ms

56 bytes from 9.1.2.1: icmp_seq=2 ttl=254 time=2.000 ms

56 bytes from 9.1.2.1: icmp_seq=3 ttl=254 time=7.000 ms

56 bytes from 9.1.2.1: icmp_seq=4 ttl=254 time=9.000 ms

 

--- Ping statistics for 9.1.2.1 ---

5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss

round-trip min/avg/max/std-dev = 2.000/8.000/12.000/3.406 ms

[SwitchC] ping -a 9.1.2.1 8.1.1.1

Ping 8.1.1.1 (8.1.1.1) from 9.1.2.1: 56 data bytes, press CTRL_C to break

56 bytes from 8.1.1.1: icmp_seq=0 ttl=254 time=9.000 ms

56 bytes from 8.1.1.1: icmp_seq=1 ttl=254 time=4.000 ms

56 bytes from 8.1.1.1: icmp_seq=2 ttl=254 time=3.000 ms

56 bytes from 8.1.1.1: icmp_seq=3 ttl=254 time=3.000 ms

56 bytes from 8.1.1.1: icmp_seq=4 ttl=254 time=3.000 ms

 

--- Ping statistics for 8.1.1.1 ---

5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss

round-trip min/avg/max/std-dev = 3.000/4.400/9.000/2.332 ms

Example: Configuring dynamic BGP peers

Network configuration

As shown in Figure 14, Switch A needs to establish IBGP peer relationships with Switch B, Switch C, and Switch D in network 10.1.0.0/16. Configure dynamic BGP peers to simplify the configuration.

Configure Switch A as the route reflector, and configure Switch B, Switch C, and Switch D as its clients.

Figure 14 Network diagram

Procedure

1.      Configure IP addresses for interfaces. (Details not shown.)

2.      Configure IBGP peer relationship:

# Configure Switch A to establish dynamic BGP peer relationships with switches in network 10.1.0.0/16.

<SwitchA> system-view

[SwitchA] bgp 200

[SwitchA-bgp-default] router-id 1.1.1.1

[SwitchA-bgp-default] peer 10.1.0.0 16 as-number 200

[SwitchA-bgp-default] address-family ipv4

[SwitchA-bgp-default-ipv4] peer 10.1.0.0 16 enable

# Configure Switch B to establish an IBGP peer relationship with Switch A.

<SwitchB> system-view

[SwitchB] bgp 200

[SwitchB-bgp-default] router-id 2.2.2.2

[SwitchB-bgp-default] peer 10.1.1.1 as-number 200

[SwitchB-bgp-default] address-family ipv4

[SwitchB-bgp-default-ipv4] peer 10.1.1.1 enable

# Configure Switch C to establish an IBGP peer relationship with Switch A.

<SwitchC> system-view

[SwitchC] bgp 200

[SwitchC-bgp-default] router-id 3.3.3.3

[SwitchC-bgp-default] peer 10.1.2.1 as-number 200

[SwitchC-bgp-default] address-family ipv4

[SwitchC-bgp-default-ipv4] peer 10.1.2.1 enable

# Configure Switch D to establish an IBGP peer relationship with Switch A.

<SwitchD> system-view

[SwitchD] bgp 200

[SwitchD-bgp-default] router-id 4.4.4.4

[SwitchD-bgp-default] peer 10.1.3.1 as-number 200

[SwitchD-bgp-default] address-family ipv4

[SwitchD-bgp-default-ipv4] peer 10.1.3.1 enable

# Display BGP peer information on Switch A. The output shows that Switch A has established IBGP peer relationships with Switch B, Switch C, and Switch D.

[SwitchA] display bgp peer ipv4

 

 BGP local router ID : 1.1.1.1

 Local AS number : 200

 

 Total number of peers : 3                 Peers in established state : 3

 

 * - Dynamically created peer

 ^ - Peer created through link-local address

  Peer                    AS  MsgRcvd  MsgSent OutQ PrefRcv Up/Down  State

 

 *10.1.1.2               200        7       10    0       0 00:06:09 Established

 *10.1.2.2               200        7       10    0       0 00:06:09 Established

 *10.1.3.2               200        7       10    0       0 00:06:09 Established

3.      Configure Switch A as the route reflector, and configure peers in network 10.1.0.0/16 as its clients.

[SwitchA-bgp-default-ipv4] peer 10.1.0.0 16 reflect-client

4.      Configure Switch C to advertise network 9.1.1.0/24.

[SwitchC-bgp-default-ipv4] network 9.1.1.0 24

Verifying the configuration

# Verify that route 9.1.1.0/24 exists in the BGP routing table on Switch A, Switch B, and Switch D. This example uses Switch A.

[SwitchA-bgp-default] display bgp routing-table ipv4

 

 Total Number of Routes: 1

 

 BGP Local router ID is 1.1.1.1

 Status codes: * - valid, > - best, d - dampened, h - history,

               s - suppressed, S - stale, i - internal, e - external

               a – additional-path

       Origin: i - IGP, e - EGP, ? - incomplete

 

     Network            NextHop         MED        LocPrf     PrefVal Path/Ogn

 

  * i 9.1.1.0/24        10.1.2.2        0          100        0       ?

Example: Configuring BGP route summarization

Network configuration

As shown in Figure 15, run EBGP between Switch C and Switch D, so the internal network and external network can communicate with each other.

·           In AS 65106, perform the following configurations so the devices in the internal network can communicate:

¡  Configure static routing between Switch A and Switch B.

¡  Configure OSPF between Switch B and Switch C.

¡  Configure OSPF to redistribute static routes.

·           Configure route summarization on Switch C so BGP advertises a summary route instead of advertising routes to the 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 networks to Switch D.

Figure 15 Network diagram

Procedure

1.      Configure IP addresses for interfaces. (Details not shown.)

2.      Configure static routing between Switch A and Switch B:

# Configure a default route with the next hop 192.168.212.1 on Switch A.

<SwitchA> system-view

[SwitchA] ip route-static 0.0.0.0 0 192.168.212.1

# Configure static routes to 192.168.64.0/24, 192.168.74.0/24, and 192.168.99.0/24 with the same next hop 192.168.212.161 on Switch B.

<SwitchB> system-view

[SwitchB] ip route-static 192.168.64.0 24 192.168.212.161

[SwitchB] ip route-static 192.168.74.0 24 192.168.212.161

[SwitchB] ip route-static 192.168.99.0 24 192.168.212.161

3.      Configure OSPF between Switch B and Switch C and configure OSPF on Switch B to redistribute static routes:

# Configure OSPF to advertise the local network and enable OSPF to redistribute static routes on Switch B.

[SwitchB] ospf

[SwitchB-ospf-1] area 0

[SwitchB-ospf-1-area-0.0.0.0] network 172.17.100.0 0.0.0.255

[SwitchB-ospf-1-area-0.0.0.0] quit

[SwitchB-ospf-1] import-route static

[SwitchB-ospf-1] quit

# Configure OSPF to advertise the local networks on Switch C.

[SwitchC] ospf

[SwitchC-ospf-1] area 0

[SwitchC-ospf-1-area-0.0.0.0] network 172.17.100.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] network 10.220.2.0 0.0.0.255

[SwitchC-ospf-1-area-0.0.0.0] quit

[SwitchC-ospf-1] quit

# Display the IP routing table on Switch C.

[SwitchC] display ip routing-table protocol ospf

 

Summary count : 5

 

OSPF Routing table Status : <Active>

Summary count : 3

 

Destination/Mask    Proto  Pre  Cost         NextHop         Interface

192.168.64.0/24     OSPF   150  1            172.17.100.1    Vlan100

192.168.74.0/24     OSPF   150  1