Border Gateway Protocol (BGP) is an exterior gateway protocol (EGP). It is called internal BGP (IBGP) when it runs within an AS and called external BGP (EBGP) when it runs between ASs. The current version in use is BGP-4 (RFC 4271).

BGP characteristics

BGP has the following characteristics:

· Focuses on route control and selection rather than route discovery and calculation.

· Uses TCP to enhance reliability.

· Measures the distance of a route by using a list of ASs that the route must travel through to reach the destination. BGP is also called a path-vector protocol.

· Supports CIDR.

· Reduces bandwidth consumption by advertising only incremental updates. BGP is very suitable to advertise large numbers of routes on the Internet.

· Eliminates routing loops by adding AS path information to BGP route updates.

· Uses policies to implement flexible route filtering and selection.

· Has good scalability.

BGP speaker and BGP peer

A router running BGP is a BGP speaker. A BGP speaker establishes peer relationships with other BGP speakers to exchange routing information over TCP connections.

BGP peers include the following types:

· IBGP peers—Reside in the same AS as the local router.

· EBGP peers—Reside in different ASs from the local router.

BGP message types

BGP uses the following message types:

· OPEN—After establishing a TCP connection, BGP sends an OPEN message to establish a session to the peer.

· UPDATE—BGP sends UPDATE messages to exchange routing information between peers. Each UPDATE message can advertise a group of feasible routes with identical attributes and multiple withdrawn routes.

· KEEPALIVE—BGP sends KEEPALIVE messages between peers to maintain connectivity.

· ROUTE-REFRESH—BGP sends a ROUTE-REFRESH message to request the routing information for a specific address family from a peer.

· NOTIFICATION—BGP sends a NOTIFICATION message upon detecting an error and immediately closes the connection.

BGP message formats

A BGP message consists of message header and message content. The five BGP messages have the same message header, but the content of each message differs.

BGP message header

The format of the BGP message header is as shown in Figure 1. For more information about fields in the BGP message header, see Table 1.

Figure 1 BGP message header

‌

Table 1 Fields in the BGP message header

Field	Length (in bytes)	Description
Marker	16	Synchronization state of the BGP connection. If the value of this field is not a hexadecimal string that contains only Fs, the BGP connection has a synchronization error.
Length	2	Total length of the BGP message, including the message header. The length range is 19 to 4096 bytes.
Type	1	BGP message type: · 1 —OPEN · 2—UPDATE · 3—NOTIFICATION · 4—KEEPALIVE · 5—ROUTE-REFRESH

‌

OPEN message

OPEN messages are used for BGP connection establishment and BGP capability negotiation. The format of OPEN messages is as shown in Figure 2. For more information about fields in an OPEN message, see Table 2.

Figure 2 OPEN message

‌

Table 2 Fields in an OPEN message

Field	Length (in bytes)	Description
Version	1	BGP version number.
My Autonomous System	2	AS number of the message sender.
Hold Time	2	Hold timer set for the message sender, in seconds. This timer is for peer connection maintenance purposes, and specifies the interval for sending KEEPALIVE or UPDATE messages. After both parties in a BGP session receive the hold timer set for the other, they use the smaller timer.
BGP Identifier	4	Router ID of the message sender.
Opt Parm Len	1	Total length of the Optional Parameters field, in bytes. A value of 0 indicates that they message does not contain optional parameters.
Option Parameters	Variable	Optional parameters, each of which is a unit in TLV format. They are typically used to list the capabilities that the message sender can negotiate.

‌

UPDATE message

UPDATE messages are used for route advertisement. The format of UPDATE messages is as shown in Figure 3. For more information about fields in an UPDATE message, see Table 3.

Figure 3 UPDATE message

‌

Table 3 Fields in an UPDATE message

Field	Length (in bytes)	Description
Withdrawn Routes Length	2	Total length of the Withdrawn Routes field, in bytes. A value of 0 indicates that they message does not contain routes being withdrawn.
Withdrawn Routes	Variable	List of routes being withdrawn. Each route is represented by the following fields: · Length—Length of the IP address prefix. This field is one byte long. · Prefix—IP address prefix of the route. This field is variable.
Total Path Attribute Length	2	Total length of the Path Attributes field, in bytes.
Path Attributes	Variable	List of path attributes carried by routes in the message. Those attributes are list in ascending order of their type numbers and each of them are encoded in TLV format. The Type field indicates the type of a route attribute. It is two bytes long and consists of the Attr.Flag and Attr.Type Code subfields. · Attr.Flag: Type flags of the route attribute: ¡ O —Indicates whether the route attribute is a well-known attribute. If the route attribute is well-known, this flag is set to 0. If the route attribute is optional, this flag is set to 1. ¡ T—Indicates whether the route attribute is a transitive attribute. If the route attribute is transitive, this flag is set to 1. If not, this flag is set to 0. ¡ P—Indicates whether the route attribute is partially effective. If a route attribute has this flag set to 1, it takes effect only within the same AS and will not be transmitted to other ASs. This flag is set to 1 only if the route attribute is an optional transitive attribute. ¡ E—Indicates whether the Length field of the route attribute needs to be extended. If field extension is required, this flag is set to 1, and the Length field occupies two bytes. If field extension is not required, this flag is not set, and the Length field occupies only one byte. ¡ U —This flag is reserved and thus set to 0. · Attr.Type Code: Type code of the route attribute, which indicates the type of the route attribute. ¡ 1—ORIGIN ¡ 2—AS_PATH ¡ 3—NEXT_HOP ¡ 4—MED ¡ 5—LOCAL_PREF ¡ 6—ATOMIC_AGGREGATE ¡ 7—AGGREGATOR ¡ 8—COMMUNITY ¡ 9—ORIGINATOR_ID ¡ 10—CLUSTER_LIST ¡ 14—MP_REACH_NLRI ¡ 15—MP_UNREACH_NLRI ¡ 16—EXT-COMMUNITY The Length field indicates the length of the route attribute, in bytes. The Value field indicates the content of the route attribute.
Network Layer Reachability Information (NLRI)	Variable	List of routes to be updated. Each route is represented by the following fields: · Length—Length of the IP address prefix. This field is one byte long. · Prefix—IP address prefix of the route. This field is variable.

‌

NOTIFICATION message

NOTIFICATION messages are used to notify BGP session errors. The format of NOTIFICATION messages is as shown in Figure 4. For more information about fields in a NOTIFICATION message, see Table 4.

Figure 4 NOTIFICATION message

‌

Table 4 Fields in a NOTIFICATION message

Field	Length (in bytes)	Description
Error Code	1	E rror code.
Error SubCode	1	Error subcode.
Data	Variable	Detailed error information.

‌

Table 5 introduces supported e rror codes and subcodes.

Table 5 Error codes and subcodes

Error code/subcode	Reason for peer disconnection	Description
1/1	connection not synchronized	The two ends of the connection were not synchronized. The current implementation is that the first 16 bytes of the received message's header do not contain only Fs.
1/2	bad message length	Invalid message length.
1/3	bad message type	Invalid message type.
3/1	the withdrawn length is too large	The length of routing information to be withdrawn was too long.
	the attribute length is too large	The attribute length was too long.
	one attribute appears more than once	A path attribute appeared multiple times in an UPDATE message.
	the attribute length is too small	The attribute length was less than two bytes.
	exntended length field is less than two octets	The attribute length was extensible, but it was less than two bytes.
	the length field is less than one octet	The attribute length was not extensible, but it was less than one byte.
	link-state attribute error	The link-state attribute was in incorrect form.
3/2	unrecognized well-known attribute	Unknown well-known attribute.
3/3	attribute-type attribute missed	The attribute-type attribute was lost. The values for the attribute-type argument include: · ORIGIN · AS_PATH · LOCAL_PREF · NEXT_HOP
3/4	attribute flags error	Incorrect attribute flags.
3/5	attribute-type attribute length error	The length of the attribute-type attribute was invalid. The values for the attribute-type argument include: · AS_PATH · AS4_PATH · CLUSTER_LIST · AGGREGATOR · AS4_AGGREGATOR · ORIGIN · NEXT_HOP · MED · LOCAL_PREF · ATOMIC_AGGREGATE · ORIGINATOR_ID · MP_REACH_NLRI · COMMUNITIES · EXT-COMMUNITIES
3/5	attribute length exceeds	The attribute length crossed the limit.
3/6	i nvalid ORIGIN attribute	Invalid ORIGIN attribute.
3/8	invalid NEXT_HOP attribute	Invalid NEXT_HOP attribute.
3/9	invalid nexthop length in MP_REACH_NLRI (address-family)	The Nexthop length in the MP_REACH_NLRI attribute was invalid for the address-family address family. The values for the address-family argument include: · 4u —IPv4 unicast address family. · IPv4 Flowspec—IPv4 flowspec address family. · MPLS—MPLS address family. · VPNv4—VPNv4 address family. · 6u—IPv6 unicast address family. · VPNv6—VPNv6 address family. · L2VPN—L2VPN address family.
	the length of MP_UNREACH_NLRI is too small	The length of the MP_UNREACH_NLRI attribute was less than three bytes.
	the MP NLRI attribute length exceeds	The length of the MP_REACH_NLRI or MP_UNREACH_NLRI attribute crossed the limit.
	erroneous MP NLRI attribute end position	The reachable or unreachable prefix and the path attribute ended at different positions.
3/10	invalid network field	Invalid network field.
3/11	malformed AS_PATH	The AS_PATH attribute was malformed.
4/0	Keepalive last triggered time	Most recent time when KEEPALIVE message sending was triggered.
	Keepalive last sent time	Most recent time when a KEEPALIVE message was sent.
	Update last sent time	Most recent time when an UPDATE message was sent.
	EPOLLOUT last occurred time	Most recent time when an EPOLLOUT event occurred.
	Keepalive last received time	Most recent time when a KEEPALIVE message was received.
	Update last received time	Most recent time when an UPDATE message was received.
	EPOLLIN last occurred time	Most recent time when an EPOLLIN event occurred.
5/0	connection retry timer expires	The ConnectRetry timer expired.
	TCP_CR_Acked event received	A TCP_CR_Acked event was received.
	TCP_Connection_Confirmed event received	A TCP_Connection_Confirmed event was received.
5/3	open message received	An OPEN message was received.
6/0	manualstop event received	A manualstop event was received.
	physical interface configuration changed	Physical configurations changed, such as interface settings.
	session down event received from BFD	A BFD session down event was received.
6/1	maximum number of prefixes reached	The number of route prefixes has exceeded the upper limit specified by using the peer route-limit command.
6/1	maximum number of address-family prefixes reached	The number of route prefixes in the address-family address family has exceeded the upper limit specified by using the peer route-limit command. The values for the address-family argument include: · IPv4 unicast—IPv4 unicast address family. · IPv6 unicast—IPv6 unicast address family. · VPNv4—VPNv4 address family. · VPNv6—VPNv6 address family.
6/2	configuration of peer ignore changed	The peer ignore command was configured.
6/3	address family deleted	An address family was deleted.
6/3	peer disabled	A peer was disabled.
6/4	administrative reset	The BGP session was reset because of the reset bgp command or configuration changes.
6/5	connection rejected	The connection request was rejected.
6/6	other configuration change	Other configurations changed.
6/7	connection collision resolution	A connection conflict occurred.
6/7	two connections exist and MD5 authentication is configured for the neighbor	Two connections existed and MD5 authentication was configured for one of them.
6/8	no memory to process the attribute	The memory was insufficient for attribute parsing.
	no memory for the route	Failed to obtain memory resources for route or label block generation.
	no memory to generate unreachable NLRI	Failed to obtain memory resources for MP_UNREACH_NLRI encapsulation.
	no memory to generate a message	Failed to obtain memory resources for message encapsulation.
	can't get the VPN RD	Failed to obtain RDs upon prefix parsing.
	can't get the VPN routing table	Failed to obtain the VPN routing table upon prefix parsing.
	can't get the attributes	Failed to obtain attributes upon prefix parsing.
	entered severe memory state	A severe memory usage alarm was triggered.
	entered critical memory state	A critical memory usage alarm was triggered.

‌

KEEPALIVE message

KEEPALIVE messages are transmitted between BGP peers to maintain connectivity. The format of KEEPALIVE messages is as shown in Figure 5. For more information about fields in a KEEPALIVE message, see Table 6.

Figure 5 KEEPALIVE message

‌

Table 6 Fields in a KEEPALIVE message

Field	Length (in bytes)	Description
Marker	16	This field indicates the completeness of information synchronization between BGP peers, and can be used for BGP authentication. When BGP authentication is not configured, the value for this field is a hexadecimal string that contains only Fs.
Length	2	Total length of the KEEPALIVE message, in bytes.
Type	1	BGP message type. The type value is 4 for KEEPALIVE messages.

‌

ROUTE-REFRESH message

BGP sends a ROUTE-REFRESH message to request the routing information of a specific address family from a peer. On receipt of the message, the peer re-advertises routes in the specified address family. The format of ROUTE-REFRESH messages is as shown in Figure 6. For more information about fields in a ROUTE-REFRESH message, see Table 7.

Figure 6 ROUTE-REFRESH message

‌

Table 7 Fields in a ROUTE-REFRESH message

Field	Length (in bytes)	Description
AFI	2	Identifier of the address family.
Reserved	1	Reserved field.
SAFI	1	Identifier of the subsequent address family.

‌

B GP finite state machine

During session establishment, the devices at the two ends transition between different BGP states, as shown in Figure 7.

Figure 7 BGP finite state machine

‌

Idle

This state is the initial BGP state. In this state, BGP rejects any connection requests. Only upon receiving a Start event, the device assigns resources to BGP, and attempts to establish a TCP connection and transition to Connect state.

BGP transitions to Idle state from the remaining states upon a TCP disconnection error, packet error, connection closed due to configuration issues, and reception of a NOTIFICATION message.

Connect

In this state, BGP starts a Connect Retry timer and waits for TCP connection establishment to be completed.

· If TCP connection establishment succeeds before the Connect Retry timer expires, BGP closes the Connect Retry timer, sends an OPEN message to the peer, and transitions to OpenSent state.

· If TCP connection establishment fails before the Connect Retry timer expires, BGP transitions to Active state.

· If the Connect Retry timer expires, and no connection response is received, BGP resets the Connect Retry timer, tries to establish a TCP connection with the peer again, and stays in Connect state.

Active

In this state, BGP continuously attempts to establish a TCP connection.

· If TCP connection establishment succeeds, BGP closes the Connect Retry timer, sends an OPEN message to the peer, and transitions to OpenSent state.

· If TCP connection establishment fails, BGP resets the Connect Retry timer and stays in Active state.

· If the Connect Retry timer expires and no connection response is received, BGP resets the Connect Retry timer and transitions to Connect state.

OpenSent

In this state, BGP waits for an OPEN message from the peer, and checks the BGP version number and AS number in the OPEN message.

· If the OPEN message is correct, BGP sends a KEEPALIVE message to the peer, and transitions to OpenConfirm state.

· If the OPEN message is incorrect, BGP sends a NOTIFICATION message to the peer, and transitions to Idle state.

If the TCP connection is disconnected in this state, BGP resets the Connect Retry timer, transitions to Active state, and tries to establish a TCP connection again.

OpenConfirm

In this state, BGP waits for a KEEPALIVE or NOTIFICATION message.

· Upon receiving a KEEPALIVE message, BGP transitions to Established state.

· Upon receiving a NOTIFICATION message, BGP transitions to Idle state.

Established

In this state, BGP can exchange UPDATE, KEEPALIVE, ROUTE-REFRESH, and NOTIFICATION messages with the peer.

· Upon receiving a correct UPDATE or KEEPALIVE message, BGP stays in Established state.

· Upon receiving an incorrect UPDATE or KEEPALIVE message, BGP sends a NOTIFICATION message to the peer and transitions to Idle state.

· Upon receiving a ROUTE-REFRESH message, BGP does not change its state.

· Upon receiving a NOTIFICATION message, BGP transitions to Idle state.

B GP path attributes

BGP uses the following path attributes in UPDATE messages for route filtering and selection:

ORIGIN

The ORIGIN attribute specifies the origin of BGP routes. This attribute has the following types:

· IGP—Has the highest priority. Routes generated in the local AS have the IGP attribute.

· EGP—Has the second highest priority. Routes obtained through EGP have the EGP attribute.

· INCOMPLETE—Has the lowest priority. The source of routes with this attribute is unknown. Routes redistributed from other routing protocols have the INCOMPLETE attribute.

AS_PATH

The AS_PATH attribute identifies the ASs through which a route has passed. Before advertising a route to another AS, BGP adds the local AS number into the AS_PATH attribute, so the receiver can determine ASs to route the message back.

The AS_PATH attribute has the following types:

· AS_SEQUENCE—Arranges AS numbers in sequence. As shown in Figure 8, the number of the AS closest to the receiver's AS is leftmost.

· AS_SET—Arranges AS numbers randomly.

Figure 8 AS_PATH attribute

‌

BGP uses the AS_PATH attribute to implement the following functions:

· Avoid routing loops—A BGP router does not receive routes containing the local AS number to avoid routing loops.

· Affect route selection—BGP gives priority to the route with the shortest AS_PATH length if other factors are the same. As shown in Figure 8, the BGP router in AS 50 gives priority to the route passing AS 40 for sending data to the destination 8.0.0.0.

NEXT_HOP

The NEXT_HOP attribute may not be the IP address of a directly connected router. Its value is determined as follows:

· When a BGP speaker advertises a self-originated route to a BGP peer, it sets the address of the sending interface as the NEXT_HOP.

· When a BGP speaker sends a received route to an EBGP peer, it sets the address of the sending interface as the NEXT_HOP.

· When a BGP speaker sends a route received from an EBGP peer to an IBGP peer, it does not modify the NEXT_HOP attribute.

Figure 9 NEXT_HOP attribute

‌

MED (MULTI_EXIT_DISC)

BGP advertises the MED attribute between two neighboring ASs, each of which does not advertise the attribute to any other AS.

Similar to metrics used by IGPs, MED is used to determine the optimal route for traffic going into an AS. When a BGP router obtains multiple routes to the same destination but with different next hops, it selects the route with the smallest MED value as the optimal route. As shown in Figure 10, traffic from AS 10 to AS 20 travels through Router B that is selected according to MED.

Figure 10 MED attribute

‌

Generally BGP only compares MEDs of routes received from the same AS.

LOCAL_PREF

The LOCAL_PREF attribute is exchanged between IBGP peers only, and is not advertised to any other AS. It indicates the priority of a BGP router.

BGP uses LOCAL_PREF to determine the optimal route for traffic leaving the local AS. When a BGP router obtains multiple routes to the same destination but with different next hops, it selects the route with the highest LOCAL_PREF value as the optimal route. As shown in Figure 11, traffic from AS 20 to AS 10 travels through Router C that is selected according to LOCAL_PREF.

Figure 11 LOCAL_PREF attribute

‌

4-byte AS numbers

In earlier BGP versions, each AS number was 2 bytes long and was in the range of 1 to 65535. However, as the network size grew, 2-byte AS numbers became insufficient. To avoid AS number exhaustion, AS numbers were lengthened to 4 bytes and their value range became 1 to 4294967295.

Before establishing a session using 4-byte AS numbers, two devices must negotiate with each other about the 4-byte AS number capability through OPEN messages. The session can be established successfully only if both devices support 4-byte AS numbers and the capability negotiation succeeds. During the capability negotiation, the format of OPEN messages is as shown in Figure 12. The My Autonomous System field does not support 4-byte AS numbers because the formats of fields in the OPEN message header are fixed. Therefore, a device using a 4-byte AS number inserts AS number 23456 into the My Autonomous System field, and places the real 4-byte AS number in the Optional Parameters field. With this approach, two peering devices can determine whether the other supports 4-byte AS numbers and obtain the other's 4-byte AS number during capability negotiation.

Figure 12 Format of OPEN messages used for 4-byte AS number capability negotiation

‌

BGP route processing mechanism

Figure 13 shows how BGP routes are generated, redistributed, and advertised.

Figure 13 BGP route processing mechanism

‌

Route redistribution

BGP cannot discover routes by itself. To have BGP generate and advertise routes, you must redistribute routes from other protocols into the routing table of BGP. BGP supports the following route redistribution methods:

· Per-protocol redistribution—This method redistributes routes in bulk on a per routing protocol basis into the routing table of BGP. The routes that can be redistributed include IGP routes, direct routes, and static routes.

· Per-route redistribution—This method can identify a specific route by its prefix and redistribute it into the routing table of BGP.

Route summarization

Route summarization can summarize multiple routes into one summary route. This method can shrink the BGP routing table, because BGP only advertises summary routes rather than summarized routes to peers.

The system supports both manual and automatic route summarization.

· Automatic summarization—Summarizes routes redistributed into BGP according to natural network segments. After automatic summarization, BGP suppresses the summarized routes.

· Manual summarization—Summarizes BGP routes according to the user-defined summarization settings. This method allows you to determine the attribute of a summary route and whether to advertise the summarized routes.

BGP route selection

BGP discards routes with unreachable NEXT_HOPs. If multiple routes to the same destination are available, BGP selects the optimal route in the following sequence:

1. The route with the highest Preferred_value.

2. The route with the highest LOCAL_PREF.

3. The route generated by the network command, the route redistributed by the import-route command, or the summary route in turn.

4. The route with the shortest AS_PATH.

5. The IGP, EGP, or INCOMPLETE route in turn.

6. The route with the lowest MED value.

7. The route learned from EBGP, confederation EBGP, confederation IBGP, or IBGP in turn.

8. The route with the smallest IGP metric.

9. The route with the smallest recursion depth.

10. If a route received from an EBGP peer is the current optimal route, BGP does not change the optimal route when it receives routes from other EBGP peers.

11. The route advertised by the router with the smallest router ID.

12. The route advertised by the peer with the lowest IP address.

BGP route advertisement rules

BGP follows these rules for route advertisement:

· When multiple feasible routes to a destination exist, BGP advertises only the optimal route to its peers.

· BGP advertises only routes that it uses.

· BGP advertises routes learned from an EBGP peer to all BGP peers, including both EBGP and IBGP peers.

· BGP advertises routes learned from an IBGP peer to EBGP peers, rather than other IBGP peers.

· After establishing a session to a new BGP peer, BGP advertises all the routes matching the above rules to the peer. After that, BGP advertises only incremental updates to the peer.

Route reflector

IBGP peers must be fully meshed to maintain connectivity. If n routers exist in an AS, the number of IBGP connections is n(n-1)/2. If a large number of IBGP peers exist, large amounts of network and CPU resources are consumed to maintain sessions.

Using route reflectors can solve this issue. In an AS, a router acts as a route reflector, and other routers act as clients connecting to the route reflector. The route reflector forwards routing information received from a client to other clients. In this way, all clients can receive routing information from one another without establishing BGP sessions.

A router that is neither a route reflector nor a client is a non-client, which, as shown in Figure 14, must establish BGP sessions to the route reflector and other non-clients.

Figure 14 Network diagram for a route reflector

‌

The route reflector and clients form a cluster. Typically a cluster has one route reflector. The ID of the route reflector is the Cluster_ID. You can configure more than one route reflector in a cluster to improve availability, as shown in Figure 15. The configured route reflectors must have the same cluster_ID to avoid routing loops.

Figure 15 Network diagram for route reflectors

‌

When the BGP routers in an AS are fully meshed, route reflection is unnecessary because it consumes more bandwidth resources. You can use commands to disable route reflection between clients instead of modifying the network configuration or changing the network topology.

NOTE:

After route reflection is disabled between clients, routes can still be reflected between a client and a non-client.

‌

Settlements for problems in large-scale BGP networks

You can use the following methods to facilitate management and improve route distribution efficiency on a large-scale BGP network.

Route summarization

Route summarization can reduce the BGP routing table size by advertising summary routes rather than more specific routes.

The system supports both manual and automatic route summarization. Manual route summarization allows you to determine the attribute of a summary route and whether to advertise more specific routes.

Peer group

You can organize BGP peers with the same attributes into a group to simplify their configurations.

When a peer joins the peer group, the peer obtains the same configuration as the peer group. If the configuration of the peer group is changed, the configuration of group members is changed.

MP-BGP

Supported address families

BGP-4 can only advertise IPv4 unicast routing information. Multiprotocol Extensions for BGP-4 (MP-BGP) can advertise routing information for the following address families:

· Only IPv6 unicast address family is supported.

MP-BGP extended attributes

Prefixes and next hops are key routing information. BGP-4 uses UPDATE messages to carry the following information:

· Feasible route prefixes in the Network Layer Reachability Information (NLRI) field.

· Unfeasible route prefixes in the withdrawn routes field.

· Next hops in the NEXT_HOP attribute.

BGP-4 cannot carry routing information for multiple network layer protocols.

To support multiple network layer protocols, MP-BGP defines the following path attributes:

· MP_REACH_NLRI—Carries feasible route prefixes and next hops for multiple network layer protocols.

· MP_UNREACH_NLRI—Carries unfeasible route prefixes for multiple network layer protocols.

MP-BGP uses these two attributes to advertise feasible and unfeasible routes for different network layer protocols. BGP speakers not supporting MP-BGP ignore updates containing these attributes and do not forward them to its peers.

Address family

MP-BGP uses address families and subsequent address families to identify different network layer protocols for routes contained in the MP_REACH_NLRI and MP_UNREACH_NLRI attributes. For example, an Address Family Identifier (AFI) of 2 and a Subsequent Address Family Identifier (SAFI) of 1 identify IPv6 unicast routing information carried in the MP_REACH_NLRI attribute. For address family values, see RFC 1700.

Exchanging IPv4 and IPv6 routes in both IPv4 and IPv6 address families

MP-BGP supports IPv4 route exchange between IPv6 peers and IPv6 route exchange between IPv4 peers as follows:

· When the next hop of an IPv6 route is an IPv4 address, MP-BGP maps the IPv4 address to an IPv6 address encapsulated in the NEXT_HOP attribute of update messages.

· When the next hop of an IPv4 route is an IPv6 address, BGP negotiates the extended next hop encoding capability with its peer. Then, BGP encapsulates the IPv4 NLRI in the MP_REACH_NLRI attribute of update messages.

Figure 16 Exchanging IPv4 and IPv6 routes in both IPv4 and IPv6 address families

‌

As shown in Figure 16, an IPv6 BGP peer relationship is established between Device A and Device B, between Device B and Device C, and between Device C and Device D. An IPv4 BGP peer relationship is established between Device A and Device B and between Device C and Device D. Device A and Device D can learn both IPv4 and IPv6 routes from each other and traffic is forwarded correctly in both IPv4 and IPv6 address families.

BGP multi-instance

A BGP router can run multiple BGP processes. Each BGP process corresponds to a BGP instance. BGP maintains an independent routing table for each BGP instance.

When you create multiple BGP instances, follow these restrictions and guidelines:

· On the public network, a peer address can establish a session to only one BGP instance. Multiple BGP instances cannot synchronously establish sessions to the same peer address.

· Different BGP instances can have the same AS number but cannot have the same name.

Protocols and standards

· RFC 1700, ASSIGNED NUMBERS

· RFC 1997, BGP Communities Attribute

· RFC 2439, BGP Route Flap Damping

· RFC 2545, Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing

· RFC 2918, Route Refresh Capability for BGP-4

· RFC 3107, Carrying Label Information in BGP-4

· RFC 4271, A Border Gateway Protocol 4 (BGP-4)

· RFC 4275, BGP-4 MIB Implementation Survey

· RFC 4277, Experience with the BGP-4 Protocol

· RFC 4360, BGP Extended Communities Attribute

· RFC 4451, BGP MULTI_EXIT_DISC (MED) Consideration

· RFC 4456, BGP Route Reflection: An Alternative to Full Mesh Internal BGP

· RFC 4486, Subcodes for BGP Cease Notification Message

· RFC 4724, Graceful Restart Mechanism for BGP

· RFC 4760, Multiprotocol Extensions for BGP-4

· RFC 5004, Avoid BGP Best Path Transitions from One External to Another

· RFC 5065, Autonomous System Confederations for BGP

· RFC 5668, 4-Octet AS Specific BGP Extended Community

· RFC 6608, Subcodes for BGP Finite State Machine Error

· RFC 6793, BGP Support for Four-Octet Autonomous System (AS) Number Space

Building basic BGP networks

Basic BGP network configuration tasks at a glance (IPv4 unicast)

To build basic BGP networks for the IPv4 unicast address family, perform the following tasks:

1. Configuring basic BGP

a. Enabling BGP

b. Configuring a BGP peer

c. Configuring dynamic BGP peers

d. Configuring an IBGP peer group

Configure BGP peer groups on large-scale BGP networks for easy configuration and maintenance.

e. Configuring an EBGP peer group

Configure BGP peer groups on large-scale BGP networks for easy configuration and maintenance.

f. (Optional.) Specifying the source address of TCP connections

2. Controlling BGP route generation

Choose the following tasks as needed:

¡ Injecting a local network

¡ Redistributing IGP routes

¡ (Optional.) Configuring BGP route summarization

¡ (Optional.) Advertising a default route to a peer or peer group

3. (Optional.) Controlling BGP route advertisement

¡ Advertising optimal routes in the IP routing table

¡ Configuring BGP route distribution filtering policies

¡ Configuring BGP route update delay

4. (Optional.) Controlling BGP route reception

¡ Limiting routes received from a peer or peer group

¡ Configuring BGP route reception filtering policies

¡ Configuring the SoO attribute

5. (Optional.) Configuring BGP timers

¡ Configuring the keepalive interval and hold time

¡ Setting the session retry timer

¡ Configuring the interval for sending updates for the same route

¡ Setting an update delay for local MPLS labels

6. (Optional.) Configuring BGP logging and notifications

¡ Enabling logging for session state changes

¡ Configuring BGP network management

Basic BGP network configuration tasks at a glance (IPv6 unicast)

To build basic BGP networks for the IPv6 unicast address family, perform the following tasks:

1. Configuring basic BGP

a. Enabling BGP

b. Configuring a BGP peer

c. Configuring dynamic BGP peers

d. Configuring an IBGP peer group

Configure BGP peer groups on large-scale BGP networks for easy configuration and maintenance.

e. Configuring an EBGP peer group

Configure BGP peer groups on large-scale BGP networks for easy configuration and maintenance.

f. (Optional.) Specifying the source address of TCP connections

2. Controlling BGP route generation

Choose the following tasks as needed:

¡ Injecting a local network

¡ Redistributing IGP routes

¡ (Optional.) Configuring BGP route summarization

¡ (Optional.) Advertising a default route to a peer or peer group

3. (Optional.) Controlling BGP route advertisement

¡ Advertising optimal routes in the IP routing table

¡ Configuring BGP route distribution filtering policies

¡ Configuring BGP route update delay

4. (Optional.) Controlling BGP route reception

¡ Limiting routes received from a peer or peer group

¡ Configuring BGP route reception filtering policies

¡ Configuring the SoO attribute

5. (Optional.) Configuring BGP timers

¡ Configuring the keepalive interval and hold time

¡ Setting the session retry timer

¡ Configuring the interval for sending updates for the same route

¡ Setting an update delay for local MPLS labels

6. (Optional.) Configuring BGP logging and notifications

¡ Enabling logging for session state changes

¡ Configuring BGP network management

Configuring basic BGP

Enabling BGP

Restrictions and guidelines

A router ID is the unique identifier of a BGP router in an AS.

· To ensure the uniqueness of a router ID and enhance availability, specify in BGP instance view the IP address of a local loopback interface as the router ID. Different BGP instances can have the same router ID.

· If no router ID is specified in BGP instance view, the global router ID is used.

· To modify a non-zero router ID of a BGP instance , use the router-id command in BGP instance view, rather than the router id command in system view.

· If you specify a router ID in BGP instance view and then remove the interface that owns the router ID, the router does not select a new router ID. To select a new router ID, use the undo router-id command in BGP instance view.

Procedure

1. Enter system view.

system-view

2. Configure a global router ID.

router id router-id

By default, no global router ID is configured.

If no global router ID is configured, the following rules apply:

¡ If loopback interfaces configured with an IP address exist, BGP uses the highest loopback interface IP address as the router ID.

¡ If no loopback interface IP address is available, BGP uses the highest physical interface IP address as the route ID regardless of the interface status.

3. Enable BGP and enter BGP instance view.

bgp as-number [ instance instance-name ]

By default, BGP is disabled and no BGP instances exist.

4. (Optional.) Configure a router ID for the BGP instance.

router-id router-id

By default, no router ID is configured for a BGP instance, and the BGP instance uses the global router ID configured by the router-id command in system view.

Configuring a BGP peer

Restrictions and guidelines

A BGP peer at an IPv6 link-local address must be directly connected to the local router. On the local router, you must use the peer connect-interface command to specify the interface directly connected to the BGP peer as the source interface of TCP connections.

Procedure (Exchanging IPv4 unicast routes with IPv4 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an IPv4 BGP peer and specify its AS number.

peer ipv4-address as-number as-number

4. (Optional.) Configure a description for a peer.

peer ipv4-address description text

By default, no description is configured for a peer.

5. Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

6. Enable the router to exchange IPv4 unicast routing information with the specified peer.

peer ipv4-address enable

By default, the router cannot exchange IPv4 unicast routing information with the peer.

Procedure (Exchanging IPv6 unicast routes with IPv4 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an IPv4 BGP peer and specify its AS number.

peer ipv4-address as-number as-number

4. (Optional.) Configure a description for the IPv4 peer.

peer ipv4-address description text

By default, no description is configured for an IPv4 peer.

5. Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

6. Enable BGP to exchange IPv6 unicast routing information with the IPv4 peer.

peer ipv4-address enable

By default, BGP cannot exchange IPv6 unicast routing information with an IPv4 peer.

Procedure (Exchanging IPv6 unicast routes with IPv6 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an IPv6 BGP peer and specify its AS number.

peer ipv6-address as-number as-number

4. (Optional.) Configure a description for a peer.

peer ipv6-address description text

By default, no description is configured for a peer.

5. Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

6. Enable the router to exchange IPv6 unicast routing information with the specified peer.

peer ipv6-address enable

By default, the router cannot exchange IPv6 unicast routing information with the peer.

Procedure (Exchanging IPv4 unicast routes with IPv6 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an IPv6 BGP peer and specify its AS number.

peer ipv6-address as-number as-number

4. (Optional.) Configure a description for the IPv6 peer.

peer ipv6-address description text

By default, no description is configured for an IPv6 peer.

5. Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

6. Enable BGP to exchange IPv4 unicast routing information with the IPv6 peer.

peer ipv6-address enable

By default, BGP cannot exchange IPv4 unicast routing information with an IPv6 peer.

Configuring dynamic BGP peers

About this task

This feature enables BGP to establish dynamic BGP peer relationships with devices in a network. BGP accepts connection requests from the network but it does not initiate connection requests to the network.

After a device in the network initiates a connection request, BGP establishes a dynamic peer relationship with the device.

If multiple BGP peers reside in the same network, you can use this feature to simplify BGP peer configuration.

Restrictions and guidelines

For a remote device to establish a peer relationship with the local device, you must specify the IP address of the local device on the remote device.

Procedure (Exchanging IPv4 unicast routes with dynamic IPv4 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Specify devices in a network as dynamic BGP peers and specify an AS number for the peers.

peer ipv4-address mask-length as-number as-number

4. (Optional.) Configure a description for dynamic BGP peers.

peer ipv4-address mask-length description text

By default, no description is configured for dynamic BGP peers.

5. Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

6. Enable BGP to exchange IPv4 unicast routing information with dynamic BGP peers in the specified network.

peer ipv4-address mask-length enable

By default, BGP cannot exchange IPv4 unicast routing information with dynamic BGP peers.

Procedure (Exchanging IPv6 unicast routes with dynamic IPv4 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Specify devices in an IPv4 network as dynamic IPv4 BGP peers and specify an AS number for the peers.

peer ipv4-address mask-length as-number as-number

4. (Optional.) Configure a description for the IPv4 peer.

peer ipv4-address mask-length description text

By default, no description is configured for dynamic peers.

5. Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

6. Enable BGP to exchange IPv6 unicast routing information with the dynamic IPv4 peers.

peer ipv4-address mask-length enable

By default, BGP cannot exchange IPv6 unicast routing information with dynamic IPv4 peers.

Procedure (Exchanging IPv6 unicast routes with dynamic IPv6 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Specify devices in a network as dynamic BGP peers and specify an AS number for the peers.

peer ipv6-address prefix-length as-number as-number

4. (Optional.) Configure a description for dynamic BGP peers.

peer ipv6-address prefix-length description text

By default, no description is configured for dynamic BGP peers.

5. Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

6. Enable BGP to exchange IPv6 unicast routing information with dynamic BGP peers in the specified network.

peer ipv6-address prefix-length enable

By default, BGP cannot exchange IPv6 unicast routing information with dynamic BGP peers.

Procedure (Exchanging IPv4 unicast routes with dynamic IPv6 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Specify devices in an IPv6 network as dynamic IPv6 BGP peers and specify an AS number for the peers.

peer ipv6-address prefix-length as-number as-number

4. (Optional.) Configure a description for the dynamic IPv6 peers.

peer ipv6-address prefix-length description text

By default, no description is configured for dynamic peers.

5. Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

6. Enable BGP to exchange IPv4 unicast routing information with dynamic IPv6 peers.

peer ipv6-address prefix-length enable

By default, BGP cannot exchange IPv4 unicast routing information with dynamic IPv6 peers.

Configuring an IBGP peer group

About this task

A peer group is an IBGP peer group if peers in it belong to the same AS as the local router.

After you create an IBGP peer group and then add a peer into it, the system creates the peer in BGP instance view and specifies the local AS number for the peer.

Restrictions and guidelines

If you configure a BGP setting at both the peer group and the peer level, the most recent configuration takes effect on the peer.

Procedure (Exchanging IPv4 unicast routes with IPv4 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an IBGP peer group.

group group-name [ internal ]

4. Add a peer into the IBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the local AS number.

5. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

6. Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

7. Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv4 unicast routing information with the peers.

Procedure (Exchanging IPv6 unicast routes with IPv4 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an IBGP peer group.

group group-name [ internal ]

4. Add an IPv4 peer into the IBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the local AS number.

5. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

6. Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

7. Enable BGP to exchange IPv6 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv6 unicast routing information with peers in a peer group.

Procedure (Exchanging IPv6 unicast routes with IPv6 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an IBGP peer group.

group group-name [ internal ]

4. Add a peer into the IBGP peer group.

peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the local AS number.

5. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

6. Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

7. Enable the router to exchange IPv6 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv6 unicast routing information with the peers.

Procedure (Exchanging IPv4 unicast routes with IPv6 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an IBGP peer group.

group group-name [ internal ]

4. Add an IPv6 peer into the IBGP peer group.

peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the local AS number.

5. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

6. Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

7. Enable BGP to exchange IPv4 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv4 unicast routing information with peers in a peer group.

Configuring an EBGP peer group

About this task

A peer group is an EBGP peer group if peers in it belong to different ASs.

If peers in an EBGP group belong to the same external AS, the EBGP peer group is a pure EBGP peer group. If not, it is a mixed EBGP peer group.

Restrictions and guidelines

Use one of the following methods to configure an EBGP peer group:

· Method 1—Create an EBGP peer group, specify its AS number, and add peers into it. All the added peers have the same AS number. All peers in the peer group have the same AS number as the peer group. You can specify an AS number for a peer before adding it into the peer group. The AS number must be the same as that of the peer group.

· Method 2—Create an EBGP peer group, specify an AS number for a peer, and add the peer into the peer group. Peers added in the group can have different AS numbers.

· Method 3—Create an EBGP peer group and add a peer with an AS number into it. Peers added in the group can have different AS numbers.

If you configure a BGP setting at both the peer group and the peer level, the most recent configuration takes effect on the peer.

Configuring an EBGP peer group by using Method 1 (Exchanging IPv4 unicast routes with IPv4 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an EBGP peer group.

group group-name external

4. Specify the AS number of the group.

peer group-name as-number as-number

By default, no AS number is specified.

If a peer group contains peers, you cannot remove or change its AS number.

5. Add a peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer group-name as-number as-number command.

6. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

7. Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

8. Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv4 unicast routing information with the peers.

Configuring an EBGP peer group by using Method 2 (Exchanging IPv4 unicast routes with IPv4 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an EBGP peer group.

group group-name external

4. Create an IPv4 BGP peer and specify its AS number.

peer ipv4-address [ mask-length ] as-number as-number

5. Add the peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer ipv4-address [ mask-length ] as-number as-number command.

6. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

7. Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

8. Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv4 unicast routing information with the peers.

Configuring an EBGP peer group by using Method 3 (Exchanging IPv4 unicast routes with IPv4 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an EBGP peer group.

group group-name external

4. Add a peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name as-number as-number

5. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

6. Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

7. Enable the router to exchange IPv4 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv4 unicast routing information with the peers.

Configuring an EBGP peer group by using Method 1 (Exchanging IPv6 unicast routes with IPv4 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an EBGP peer group.

group group-name external

4. Specify an AS number for the peer group.

peer group-name as-number as-number

By default, no AS number is specified for a peer group.

If a peer group contains peers, you cannot remove or change its AS number.

5. Add an IPv4 peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer group-name as-number as-number command.

6. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

7. Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

8. Enable BGP to exchange IPv6 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv6 unicast routing information with peers in a peer group.

Configuring an EBGP peer group by using Method 2 (Exchanging IPv6 unicast routes with IPv4 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an EBGP peer group.

group group-name external

4. Create an IPv4 BGP peer and specify its AS number.

peer ipv4-address [ mask-length ] as-number as-number

5. Add the IPv4 peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer ipv4-address [ mask-length ] as-number as-number command.

6. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

7. Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

8. Enable BGP to exchange IPv6 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv6 unicast routing information with peers in a peer group.

Configuring an EBGP peer group by using Method 3 (Exchanging IPv6 unicast routes with IPv4 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an EBGP peer group.

group group-name external

4. Add an IPv4 peer into the EBGP peer group.

peer ipv4-address [ mask-length ] group group-name as-number as-number

5. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

6. Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

7. Enable BGP to exchange IPv6 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv6 unicast routing information with peers in a peer group.

Configuring an EBGP peer group by using Method 1 (Exchanging IPv6 unicast routes with IPv6 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an EBGP peer group.

group group-name external

4. Specify the AS number of the group.

peer group-name as-number as-number

By default, no AS number is specified.

If a peer group contains peers, you cannot remove or change its AS number.

5. Add a peer into the EBGP peer group.

peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer group-name as-number as-number command.

6. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

7. Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

8. Enable the router to exchange IPv6 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv6 unicast routing information with the peers.

Configuring an EBGP peer group by using Method 2 (Exchanging IPv6 unicast routes with IPv6 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an EBGP peer group.

group group-name external

4. Create an IPv6 BGP peer and specify its AS number.

peer ipv6-address [ prefix-length ] as-number as-number

5. Add the peer into the EBGP peer group.

peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer ipv6-address [ prefix-length ] as-number as-number command.

6. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

7. Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

8. Enable the router to exchange IPv6 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv6 unicast routing information with the peers.

Configuring an EBGP peer group by using Method 3 (Exchanging IPv6 unicast routes with IPv6 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an EBGP peer group.

group group-name external

4. Add a peer into the EBGP peer group.

peer ipv6-address [ prefix-length ] group group-name as-number as-number

5. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for the peer group.

6. Create the BGP IPv6 unicast address family and enter its view.

address-family ipv6 [ unicast ]

7. Enable the router to exchange IPv6 unicast routing information with peers in the specified peer group.

peer group-name enable

By default, the router cannot exchange IPv6 unicast routing information with the peers.

Configuring an EBGP peer group by using Method 1 (Exchanging IPv4 unicast routes with IPv6 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an EBGP peer group.

group group-name external

4. Specify an AS number for the peer group.

peer group-name as-number as-number

By default, no AS number is specified for a peer group.

If a peer group contains peers, you cannot remove or change its AS number.

5. Add an IPv6 peer into the EBGP peer group.

peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer group-name as-number as-number command.

6. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

7. Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

8. Enable BGP to exchange IPv4 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv4 unicast routing information with peers in a peer group.

Configuring an EBGP peer group by using Method 2 (Exchanging IPv4 unicast routes with IPv6 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an EBGP peer group.

group group-name external

4. Create an IPv6 BGP peer and specify its AS number.

peer ipv6-address [ prefix-length ] as-number as-number

5. Add the IPv6 peer into the EBGP peer group.

peer ipv6-address [ prefix-length ] group group-name [ as-number as-number ]

The as-number as-number option must specify the same AS number as the peer ipv6-address [ prefix-length ] as-number as-number command.

6. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

7. Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

8. Enable BGP to exchange IPv4 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv4 unicast routing information with peers in a peer group.

Configuring an EBGP peer group by using Method 3 (Exchanging IPv4 unicast routes with IPv6 peers)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Create an EBGP peer group.

group group-name external

4. Add an IPv6 peer into the EBGP peer group.

peer ipv6-address [ prefix-length ] group group-name as-number as-number

5. (Optional.) Configure a description for the peer group.

peer group-name description text

By default, no description is configured for a peer group.

6. Create the BGP IPv4 unicast address family and enter its view.

address-family ipv4 [ unicast ]

7. Enable BGP to exchange IPv4 unicast routing information with peers in the peer group.

peer group-name enable

By default, BGP cannot exchange IPv4 unicast routing information with peers in a peer group.

Specifying the source address of TCP connections

About this task

BGP uses TCP as the transport layer protocol. Perform this task in the following scenarios to specify the source address or source interface of TCP connections to a peer or peer group:

· The peer's IPv4/IPv6 address does not belong to the interface directly connected to the local router. To ensure successful TCP connection establishment, use one of the following methods:

¡ Specify the interface to which the IPv4/IPv6 address belongs as the source interface on the peer.

¡ Specify the IPv4/IPv6 address of the interface directly connected to the local router as the source address on the peer.

· A BGP peer at an IPv6 link-local address must be directly connected to the local router. On the local router, you must use the peer connect-interface command to specify the interface directly connected to the BGP peer as the source interface of TCP connections.

· On a BGP router that has multiple links to a peer, the source interface for TCP connection changes because the primary source interface fails. To avoid this problem, specify a loopback interface as the source interface or specify the IP address of a loopback interface as the source address.

· You want to establish multiple BGP sessions to a router. In this case, BGP might fail to determine the source address for each TCP connection based on the optimal route to the peer. To prevent this problem, use one of the following methods:

¡ If the BGP sessions use IP addresses of different interfaces, specify a source interface or source address for each session.

¡ If the BGP sessions use different IP addresses of the same interface, specify a source address for each session.

Restrictions and guidelines

BGP immediately tears down the session to an IBGP peer or peer group when the following conditions exist:

· The source interface of TCP connections to the IBGP peer or peer group is a physical interface.

· The source interface fails and the link to the IBGP peer or peer group goes down.

Procedure (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Specify the source address or source interface of TCP connections to a peer or peer group.

¡ Specify the source address of TCP connections to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } source-address source-ipv4-address

¡ Specify the source interface of TCP connections to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } connect-interface interface-type interface-number

By default, BGP uses the primary IPv4 address of the output interface in the optimal route to a peer or peer group as the source address of TCP connections to the peer or peer group.

Procedure (IPv6 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Specify the source IPv6 address or source interface of TCP connections to a peer or peer group.

¡ Specify the source IPv6 address of TCP connections to a peer or peer group.

peer { group-name | ipv6-address [ prefix-length ] } source-address source-ipv6-address

¡ Specify the source interface of TCP connections to a peer or peer group.

peer { group-name | ipv6-address [ prefix-length ] } connect-interface interface-type interface-number

By default, BGP uses the IPv6 address of the output interface in the optimal route to the BGP peer or peer group as the source address of TCP connections to the peer or peer group.

Controlling BGP route generation

Injecting a local network

About this task

Perform this task to inject a network in the local routing table to the BGP routing table, so BGP can advertise the network to BGP peers. The ORIGIN attribute of BGP routes advertised in this way is IGP.

The specified network must be available and active in the local IP routing table.

Procedure (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv4 unicast address family view.

address-family ipv4 [ unicast ]

4. Configure BGP to advertise a local network.

network ipv4-address [ mask-length | mask ]

By default, BGP does not advertise local networks.

Procedure (IPv6 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv6 unicast address family view.

address-family ipv6 [ unicast ]

4. Configure BGP to advertise a local network.

network ipv6-address prefix-length

By default, BGP does not advertise local networks.

Redistributing IGP routes

About this task

Perform this task to configure route redistribution from an IGP to BGP.

By default, BGP does not redistribute default IGP routes. You can use the default-route imported command to redistribute default IGP routes into the BGP routing table.

The ORIGIN attribute of BGP routes redistributed from IGPs is INCOMPLETE.

Only active routes can be redistributed. To view route state information, use the display ip routing-table protocol or display ipv6 routing-table protocol command. For more information about the commands, see Network Connectivity Command Reference.

If you execute the import-route command multiple times for an IGP process, the most recent configuration takes effect. To redistribute more routes from an IGP process without overwriting the routes redistributed before, use the import-route-append command.

如果均指定了引入路由的MED度量值，以import-route-append命令的配置为准。

Procedure (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv4 unicast address family view.

address-family ipv4 [ unicast ]

4. Enable route redistribution from the specified IGP into BGP.

¡ Redistribute IS-IS, OSPF, or RIP routes.

import-route { isis | ospf | rip } [ { process-id | all-processes } [ allow-direct | med med-value ] * ]

¡ Redistribute direct, guard, or static routes.

import-route { direct | guard | static } [ med med-value ] *

By default, BGP does not redistribute IGP routes.

5. (Optional.) Redistribute routes from an IGP without overwriting the routes redistributed by the import-route command.

¡ Redistribute IS-IS, OSPF, or RIP routes.

import-route-append { isis | ospf | rip } [ { process-id | all-processes } [ allow-direct | med med-value ] * ]

¡ Redistribute direct or static routes.

import-route-append { direct | static } [ med med-value ] *

By default, BGP does not redistribute IGP routes.

6. (Optional.) Enable default route redistribution into BGP.

default-route imported

By default, BGP does not redistribute default routes.

Procedure (IPv6 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv6 unicast address family view.

address-family ipv6 [ unicast ]

4. Enable route redistribution from the specified IGP into BGP.

¡ Redistribute IPv6 IS-IS, OSPFv3, or RIPng routes.

import-route { isisv6 | ospfv3 | ripng } [ { process-id | all-processes } [ allow-direct | med med-value ] * ]

¡ Redistribute direct, guard, or static routes.

import-route { direct | guard | static } [ med med-value ] *

By default, BGP does not redistribute IGP routes.

5. (Optional.) Redistribute routes from an IGP without overwriting the routes redistributed by the import-route command.

¡ Redistribute IPv6 IS-IS, OSPFv3, or RIPng routes.

import-route-append { isisv6 | ospfv3 | ripng } [ { process-id | all-processes } [ allow-direct | med med-value ] * ]

¡ Redistribute direct or static routes.

import-route-append { direct | static } [ med med-value ] *

By default, BGP does not redistribute IGP routes.

6. (Optional.) Enable default route redistribution into BGP.

default-route imported

By default, BGP does not redistribute default routes.

Configuring BGP route summarization

About this task

Route summarization can reduce the number of redistributed routes and the routing table size. IPv4 BGP supports automatic route summarization and manual route summarization. Manual summarization takes precedence over automatic summarization. IPv6 BGP supports only manual route summarization.

Automatic route summarization enables BGP to summarize IGP subnet routes redistributed by the import-route command, so BGP advertises only natural network routes.

By configuring manual route summarization, you can do the following:

· Summarize both redistributed routes and routes injected using the network command.

· Determine the mask length for a summary route.

Restrictions and guidelines for configuring BGP route summarization

The output interface of a BGP summary route is Null 0 on the originating router. Therefore, a summary route must not be an optimal route on the originating router. Otherwise, BGP will fail to forward packets matching the route. If a summarized specific route has the same mask as the summary route, but has a lower priority, the summary route becomes the optimal route. To ensure correct packet forwarding, change the priority of the summary or specific route to make the specific route the optimal route.

Configuring automatic route summarization (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv4 unicast address family view.

address-family ipv4 [ unicast ]

4. Configure automatic route summarization.

summary automatic

By default, automatic route summarization is not configured.

Configuring manual route summarization (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv4 unicast address family view.

address-family ipv4 [ unicast ]

4. Create a summary route in the BGP routing table.

aggregate ipv4-address { mask-length | mask } [ as-set| detail-suppressed ] *

By default, no summary routes are configured.

Configuring BGP manual route summarization (IPv6 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv6 unicast address family view.

address-family ipv6 [ unicast ]

4. Create a summary route in the IPv6 BGP routing table.

aggregate ipv6-address prefix-length [ as-set | detail-suppressed ] *

By default, no summary routes are configured.

Advertising a default route to a peer or peer group

About this task

Perform this task to advertise a default BGP route with the next hop being the advertising router to a peer or peer group.

Procedure (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv4 unicast address family view.

address-family ipv4 [ unicast ]

4. Advertise a default route to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } default-route-advertise

By default, no default route is advertised.

The ipv6-address [ prefix-length ] argument is supported only in BGP IPv4 unicast address family view.

Procedure (IPv6 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv6 unicast address family view.

address-family ipv6 [ unicast ]

4. Advertise a default route to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } default-route-advertise

By default, no default route is advertised.

The ipv4-address [ mask-length ] argument is supported only in BGP IPv6 unicast address family view.

Controlling BGP route advertisement

Advertising optimal routes in the IP routing table

About this task

By default, BGP advertises optimal routes in the BGP routing table, which may not be optimal in the IP routing table. This task allows you to advertise BGP routes that are optimal in the IP routing table.

Procedure (IPv4 unicast)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enable BGP to advertise optimal routes in the IP routing table.

advertise-rib-active

By default, BGP advertises optimal routes in the BGP routing table.

4. Enter BGP IPv4 unicast address family view.

address-family ipv4 [ unicast ]

5. Enable BGP to advertise optimal routes in the IP routing table of the address family in the VPN instance.

advertise-rib-active

By default, the setting is the same as that in BGP instance view.

Procedure (IPv6 unicast)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enable BGP to advertise optimal routes in the IPv6 routing table.

advertise-rib-active

By default, BGP advertises optimal routes in the BGP routing table.

4. Enter BGP IPv6 unicast address family view.

address-family ipv6 [ unicast ]

5. Enable BGP to advertise optimal routes in the IPv6 routing table of the address family in the VPN instance.

advertise-rib-active

By default, the setting is the same as that in BGP instance view.

Configuring BGP route distribution filtering policies

About this task

To configure BGP route distribution filtering policies, use the following methods:

· Use an ACL or prefix list to filter routing information advertised to all peers.

· Use an ACL or route sending conditions to filter routing information advertised to a peer or peer group.

If you configure multiple filtering policies, apply them in the following sequence:

1. peer filter-policy export

2. filter-policy export

Only routes passing all the configured policies can be advertised.

Prerequisites

Before you configure BGP route distribution filtering policies, configure ACLs as needed. For more information about ACLs, see Security Configuration Guide.

Restrictions and guidelines

When you specify an ACL or prefix list as a BGP route filtering policy (for example, use filter-policy export to specify an ACL for route filtering), the following rules apply:

· BGP routes can pass the filtering policy only when one of the following conditions exists:

¡ They match a permit rule in the specified ACL.

¡ They match a permit item in the specified prefix list.

When the ACL has only deny rules or the prefix list has only deny items, no BGP routes can pass the filtering policy.

· When the ACL match order is config, BGP routes match against rules in ascending order of rule ID. When BGP routes match against the items of the prefix list, an item with a smaller index number is matched first.

In either of the match modes above, a BGP route does not match against the next ACL rule or prefix list item when it already matches the current ACL rule or prefix list item. To avoid wasting filter resources, set a small match range for each ACL rule or prefix list item when you configure multiple ACL rules or prefix list items for an ACL or prefix list.

· You can use the rule [ rule-id ] permit ip source sour-addr sour-wildcard destination dest-addr dest-wildcard command to create a rule for an advanced ACL to match specific routes. The source sour-addr option represents the destination network address and the destination dest-addr option represents the mask in dotted decimal notation. For example, to match route 3.3.3.0/24, the rule configuration should be rule [ rule-id ] permit ip source 3.3.3.0 0.0.0.255 destination 255.255.255.0 0.0.0.255.

Procedure (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv4 unicast address family view.

address-family ipv4 [ unicast ]

4. Configure BGP route distribution filtering policies. Choose the options to configure as needed:

¡ Reference an ACL or IP prefix list to filter advertised BGP routes.

filter-policy { ipv4-acl-number } export [ direct | { isis | ospf | rip } process-id | static ]

¡ Reference an ACL to filter BGP routes advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } filter-policy { ipv4-acl-number } export

By default, no BGP distribution filtering policy is configured.

Procedure (IPv6 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv6 unicast address family view.

address-family ipv6 [ unicast ]

4. Configure BGP route distribution filtering policies. Choose the options to configure as needed:

¡ Reference an ACL or IPv6 prefix list to filter advertised BGP routes.

filter-policy { ipv6-acl-number } export [ direct | { isisv6 | ospfv3 | ripng } process-id | static ]

¡ Reference an ACL to filter BGP routes advertised to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } filter-policy { ipv6-acl-number } export

By default, no BGP distribution filtering policy is configured.

Configuring BGP route update delay

About this task

This task reduces traffic loss. With this task performed, BGP delays sending route updates when it restores after a device reboot. During the delay time, BGP finishes learning all routes from other peers, and then selects the optimal route. After the delay time elapses, BGP will advertise the optimal route.

You can specify a prefix list and enable BGP to immediately send route updates for routes that match the prefix list.

Procedure

1. ‍Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Configure BGP to delay sending route updates when it restores after a device reboot.

bgp update-delay on-startup seconds

By default, BGP immediately sends route updates to BGP peers in established state when it restores after a device reboot.

4. (Optional.) Configure BGP to immediately send route updates for routes that match a prefix list.

bgp update-delay on-startup prefix-list ipv4-prefix-list-name

By default, no prefix list is specified to filter routes.

Controlling BGP route reception

Limiting routes received from a peer or peer group

About this task

This feature can prevent attacks that send a large number of BGP routes to the router.

If the number of routes received from a peer or peer group exceeds the upper limit, the router takes one of the following actions based on your configuration:

· Tears down the BGP session to the peer or peer group and does not attempt to re-establish the session.

· Continues to receive routes from the peer or peer group and generates a log message.

· Retains the session to the peer or peer group, but it discards excess routes and generates a log message.

· Tears down the BGP session to the peer or peer group and, after a specific period of time, re-establishes a BGP session to the peer or peer group.

You can specify a percentage threshold for the router to generate a log message. When the ratio of the number of received routes to the maximum number reaches the percentage value, the router generates a log message.

Procedure (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv4 unicast address family view.

address-family ipv4 [ unicast ]

4. Specify the maximum number of routes that a router can receive from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } route-limit prefix-number [ { alert-only | discard | reconnect reconnect-time } | percentage-value ] *

By default, the number of routes that a router can receive from a peer or peer group is not limited.

The ipv6-address [ prefix-length ] argument is supported only in BGP IPv4 unicast address family view.

Procedure (IPv6 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv6 unicast address family view.

address-family ipv6 [ unicast ]

4. Specify the maximum number of routes that a router can receive from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } route-limit prefix-number [ { alert-only | discard | reconnect reconnect-time } | percentage-value ] *

By default, the number of routes that a router can receive from a peer or peer group is not limited.

The ipv4-address [ mask-length ] argument is supported only in BGP IPv6 unicast address family view.

Configuring BGP route reception filtering policies

About this task

You can use the following methods to configure BGP route reception filtering policies:

· Use an ACL or prefix list to filter routing information received from all peers.

· Use an ACL to filter routing information received from a peer or peer group.

If you configure multiple filtering policies, apply them in the following sequence:

1. peer filter-policy import

2. filter-policy import

Only routes passing all the configured policies can be received.

Prerequisites

Before you configure BGP routing filtering policies, configure ACLs as needed. For more information about ACLs, see Security Configuration Guide.

Restrictions and guidelines

When you specify an ACL or prefix list as a BGP route filtering policy (for example, use filter-policy import to specify an ACL for route filtering), the following rules apply:

· BGP routes can pass the filtering policy only when one of the following conditions exists:

¡ They match a permit rule in the specified ACL.

¡ They match a permit item in the specified prefix list.

When the ACL has only deny rules or the prefix list has only deny items, no BGP routes can pass the filtering policy.

Procedure (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv4 unicast address family view.

address-family ipv4 [ unicast ]

4. Configure BGP route reception filtering policies. Choose the options to configure as needed:

¡ Reference an ACL or IP prefix list to filter BGP routes received from all peers.

filter-policy { ipv4-acl-number } import

¡ Reference an ACL to filter BGP routes received from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } filter-policy { ipv4-acl-number } import

By default, no route reception filtering is configured.

The ipv6-address [ prefix-length ] argument is supported only in BGP IPv4 unicast address family view.

Procedure (IPv6 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv6 unicast address family view.

address-family ipv6 [ unicast ]

4. Configure BGP route reception filtering policies. Choose the options to configure as needed:

¡ Reference ACL or IPv6 prefix list to filter BGP routes received from all peers.

filter-policy { ipv6-acl-number} import

¡ Reference an ACL to filter BGP routes received from a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } filter-policy { ipv6-acl-number } import

By default, no route reception filtering is configured.

Configuring the SoO attribute

About this task

After you configure the SoO attribute for a BGP peer or peer group, BGP adds the SoO attribute into the route updates received from the BGP peer or peer group. In addition, before advertising route updates to the peer or peer group, BGP checks the SoO attribute of the route update against the configured SoO attribute. If they are the same, BGP does not advertise the route updates to the BGP peer or peer group.

Procedure (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv4 unicast address family view.

address-family ipv4 [ unicast ]

4. Configure the SoO attribute for a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } soo site-of-origin

By default, no SoO attribute is configured for a peer or peer group.

The ipv6-address [ prefix-length ] argument is supported only in BGP IPv4 unicast address family view.

Procedure (IPv6 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enter BGP IPv6 unicast address family view.

address-family ipv6 [ unicast ]

4. Configure the SoO attribute for a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] | ipv6-address [ prefix-length ] } soo site-of-origin

By default, no SoO attribute is configured for a peer or peer group.

The ipv4-address [ mask-length ] argument is supported only in BGP IPv6 unicast address family view.

Configuring BGP timers

Configuring the keepalive interval and hold time

About this task

BGP sends KEEPALIVE messages regularly to keep the BGP session between two routers.

If a router receives no KEEPALIVE or UPDATE message from a peer within the hold time, it tears down the session.

You can configure the keepalive interval and hold time globally or for a peer or peer group. The individual settings take precedence over the global settings.

The actual keepalive interval and hold time are determined as follows:

· If the hold time settings on the local and peer routers are different, the smaller setting is used. If the hold time is 0, BGP does not send KEEPALIVE messages to its peers and never tears down the session.

· If the keepalive interval is not 0, the actual keepalive interval is the smaller one between 1/3 of the hold time and the keepalive interval.

Restrictions and guidelines

The hold time must be a minimum of three times the keepalive interval.

You can perform this task for all BGP peers or for a specific BGP peer or peer group. For a BGP peer or peer group, the configuration of the peer timer command takes precedence over that of the timer command. If you do not configure the peer timer command for the peer or peer group, the configuration of the timer command takes effect on the peer or peer group.

Procedure (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Configure the keepalive interval and hold time.

¡ Configure the global keepalive interval and hold time.

timer keepalive keepalive hold holdtime

This command takes effect for new BGP sessions and does not affect existing sessions.

¡ Configure the keepalive interval and hold time for a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } timer keepalive keepalive hold holdtime

By default, the keepalive interval is 60 seconds, and hold time is 180 seconds.

The timers configured with the timer and peer timer commands do not take effect until a session is re-established (for example, a session is reset).

Procedure (IPv6 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Configure the keepalive interval and hold time.

¡ Configure the global keepalive interval and hold time.

timer keepalive keepalive hold holdtime

This command takes effect for new BGP sessions and does not affect existing sessions.

¡ Configure the keepalive interval and hold time for a peer or peer group.

peer { group-name | ipv6-address [ prefix-length ] } timer keepalive keepalive hold holdtime

By default, the keepalive interval is 60 seconds, and hold time is 180 seconds.

The timers configured with the timer and peer timer commands do not take effect until a session is re-established (for example, a session is reset).

Setting the session retry timer

About this task

To speed up session establishment to a peer or peer group and route convergence, set a small session retry timer. If the BGP session flaps, you can set a large session retry timer to reduce the impact.

Restrictions and guidelines

The timer set by the peer timer connect-retry command takes precedence over the timer set by the timer connect-retry command.

Procedure (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Set the session retry timer.

¡ Set the session retry timer for all peers or peer groups.

timer connect-retry retry-time

¡ Set the session retry timer for a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } timer connect-retry retry-time

By default, the session retry timer is 32 seconds for a peer or peer group.

Procedure (IPv6 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Set the session retry timer.

¡ Set the session retry timer for all peers or peer groups.

timer connect-retry retry-time

¡ Set the session retry timer for a peer or peer group.

peer { group-name | ipv6-address [ prefix-length ] } timer connect-retry retry-time

By default, the session retry timer is 32 seconds for a peer or peer group.

Configuring the interval for sending updates for the same route

About this task

A BGP router sends an UPDATE message to its peers when a route is changed. If the route changes frequently, the BGP router keeps sending updates for the same route, resulting route flapping. To prevent this situation, perform this task to configure the interval for sending updates for the same route to a peer or peer group.

This feature does not take effect on withdrawn routes. For withdrawn routes, BGP sends the withdrawal messages immediately.

Procedure (IPv4 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Configure the interval for sending updates for the same route to a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } route-update-interval interval

By default, the interval is 15 seconds for an IBGP peer and 30 seconds for an EBGP peer.

Procedure (IPv6 unicast address family)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Configure the interval for sending updates for the same route to a peer or peer group.

peer { group-name | ipv6-address [ prefix-length ] } route-update-interval interval

By default, the interval is 15 seconds for an IBGP peer and 30 seconds for an EBGP peer.

Setting an update delay for local MPLS labels

About this task

BGP includes local MPLS labels in advertised labeled IPv6 unicast routes, and labeled IPv4 unicast routes.

When a local label is changed, BGP removes the old label and advertises the new label. Traffic interruption occurs if BGP peers use the old label to forward packets before they learn the new label. To resolve this issue, set an update delay for local MPLS labels. BGP does not remove the old label before the update delay timer expires.

Procedure

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Set an update delay for local MPLS labels.

retain local-label retain-time

By default, the update delay is 60 seconds.

Configuring BGP logging and notifications

Enabling logging for session state changes

About this task

Perform this task to enable BGP to log BGP session establishment and disconnection events. To display the log information, use the display bgp peer ipv4 unicast log-info command or the display bgp peer ipv6 unicast log-info command. The logs are sent to the information center. The output rules of the logs (whether to output the logs and where to output) are determined by the information center configuration.

For more information about information center configuration, see System Management Configuration Guide.

Procedure (IPv4 unicast)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enable logging for session state changes globally.

log-peer-change

By default, logging for session state changes is enabled globally.

4. Enable logging for session state changes for a peer or peer group.

peer { group-name | ipv4-address [ mask-length ] } log-change

By default, logging for session state changes is enabled for all peers and peer groups.

Procedure (IPv6 unicast)

1. Enter system view.

system-view

2. Enter BGP instance view.

bgp as-number [ instance instance-name ]

3. Enable logging for session state changes globally.

log-peer-change

By default, logging for session state changes is enabled globally.

4. Enable logging for session state changes for a peer or peer group.

peer { group-name | ipv6-address [ prefix-length ] } log-change

By default, logging for session state changes is enabled for all peers and peer groups.

Configuring BGP network management

About this task

After you enable SNMP notifications for BGP, the device generates a notification when a BGP neighbor state change occurs. The notification includes the neighbor address, the error code and subcode of the most recent error, and the current neighbor state. For BGP notifications to be sent correctly, you must also configure SNMP on the device.

BGP does not know the BGP instance to which a managed MIB node belongs. To resolve this issue, configure different SNMP contexts for different BGP instances.

The device selects a MIB for an SNMP packet according to the context (for SNMPv3) or community name (for SNMPv1/v2c) in the following ways:

· For an SNMPv3 packet:

¡ The device selects the MIB of the default BGP instance if the packet does not carry a context and no SNMP context is configured for the default BGP instance.

¡ The device selects the MIB of a BGP instance if the packet meets the following conditions:

- Carries a context that is configured with the snmp-agent context command in system view.

- Matches the context of the BGP instance.

¡ The device does not process any MIBs in other situations.

· For an SNMPv1/v2c packet:

¡ The device selects the MIB of the default BGP instance if the following conditions are met:

- No community name-to-SNMP context mapping is configured with the snmp-agent community-map command in system view.

- No SNMP context is configured for the default BGP instance.

¡ The device selects the MIB of a BGP instance if the community name is mapped to an SNMP context and the context matches the context of the BGP instance.

¡ The device does not process any MIBs in other situations.

For more information about SNMP contexts and community names, see SNMP configuration in Network Management and Monitoring Configuration Guide.

Procedure

1. Enter system view.

system-view

2. Enable SNMP notifications for BGP.

snmp-agent trap enable bgp [ instance instance-name ]

By default, SNMP notifications for BGP are enabled.

3. Enter BGP instance view.

bgp as-number [ instance instance-name ]

4. Configure an SNMP context for the BGP instance.

snmp context-name context-name

By default, no SNMP context is configured for the BGP instance.

Display and maintenance commands for basic BGP network building

Displaying BGP

Execute display commands in any view.

Displaying BGP (IPv4 unicast address family)

Task	Command
Display BGP IPv4 unicast peer group information.	display bgp [ instance instance-name ] group ipv4 [ unicast ] [ group-name group-name ]
Display information about routes advertised by the network command.	display bgp [ instance instance-name ] network ipv4 [ unicast ]
Display BGP IPv4 unicast peer or peer group information.	display bgp [ instance instance-name ] peer ipv4 [ unicast ] [ ipv4-address mask-length \| { ipv4-address \| group-name group-name } log-info \| [ ipv4-address ] verbose ] display bgp [ instance instance-name ] peer ipv4 [ unicast ] [ ipv6-address prefix-length \| ipv6-address log-info \| [ ipv6-address ] verbose ]
Display BGP IPv4 unicast route flapping statistics.	display bgp [ instance instance-name ] routing-table flap-info ipv4 [ unicast ] [ ipv4-address [ { mask-length \| mask } [ longest-match ] ] \| as-path-acl as-path-acl-number ]
Display BGP IPv4 unicast routing information.	display bgp [ instance instance-name ] routing-table ipv4 [ unicast ] [ ipv4-address [ { mask-length \| mask } [ longest-match ] ] \| ipv4-address [ mask-length \| mask ] advertise-info \| as-path-acl as-path-acl-number \| community-list { { basic-community-list-number \| comm-list-name } [ whole-match ] \| adv-community-list-number } \| peer { ipv4-address \| ipv6-address } { advertised-routes \| received-routes } [ ipv4-address [ mask-length \| mask ] \| statistics ] \| statistics ]
Display BGP IPv4 unicast address family update group information.	display bgp [ instance instance-name ] update-group ipv4 [ unicast ] [ ipv4-address ] display bgp [ instance instance-name ] update-group ipv4 [ unicast ] [ ipv6-address ]
Display information about all BGP instances.	display bgp instance-info

‌

Displaying BGP (IPv6 unicast address family)

Task	Command
Display BGP IPv6 unicast peer group information.	display bgp [ instance instance-name ] group ipv6 [ unicast ] [ group-name group-name ]
Display information about routes advertised by the network command.	display bgp [ instance instance-name ] network ipv6 [ unicast ]
Display BGP IPv6 unicast peer or peer group information.	display bgp [ instance instance-name ] peer ipv6 [ unicast ] [ ipv6-address prefix-length \| { ipv6-address \| group-name group-name } log-info \| [ ipv6-address ] verbose ] display bgp [ instance instance-name ] peer ipv6 [ unicast ] [ ipv4-address mask-length \| ipv4-address log-info \| [ ipv4-address ] verbose ]
Display BGP IPv6 unicast route flapping statistics.	display bgp [ instance instance-name ] routing-table flap-info ipv6 [ unicast ] [ ipv6-address prefix-length \| as-path-acl as-path-acl-number ]
Display BGP IPv6 unicast routing information.	display bgp [ instance instance-name ] routing-table ipv6 [ unicast ] [ ipv6-address prefix-length [ advertise-info ] \| as-path-acl as-path-acl-number \| community-list { { basic-community-list-number \| comm-list-name } [ whole-match ] \| adv-community-list-number } \| peer ipv6-address { advertised-routes \| received-routes } [ ipv6-address prefix-length \| statistics ] \| statistics ] display bgp [ instance instance-name ] routing-table ipv6 [ unicast ] peer ipv4-address { advertised-routes \| received-routes } [ ipv6-address prefix-length \| statistics ]
Display BGP IPv6 unicast address family update group information.	display bgp [ instance instance-name ] update-group ipv6 [ unicast ] [ ipv4-address \| ipv6-address ]
Display information about all BGP instances.	display bgp instance-info

‌

Resetting BGP sessions

CAUTION:

A reset operation tears down BGP sessions for a short period of time.

‌

Execute reset commands in user view.

Task	Command
Reset BGP sessions for IPv4 unicast address family.	reset bgp [ instance instance-name ] { as-number \| ipv4-address [ mask-length ] \| all \| external \| group group-name \| internal } ipv4 [ unicast ] reset bgp [ instance instance-name ] ipv6-address [ prefix-length ] ipv4 [ unicast ]
Reset BGP sessions for IPv6 unicast address family.	reset bgp [ instance instance-name ] { as-number \| ipv6-address [ prefix-length ] \| all \| external \| group group-name \| internal } ipv6 [ unicast ] reset bgp [ instance instance-name ] ipv4-address [ mask-length ] ipv6 [ unicast ]
Reset all BGP sessions.	reset bgp [ instance instance-name ] all

‌

Clearing BGP information

Execute reset commands in user view.

Task	Command
Clear flap information for BGP IPv4 unicast routes.	reset bgp [ instance instance-name ] flap-info ipv4 [ unicast ] [ ipv4-address [ mask-length \| mask ] \| as-path-acl as-path-acl-number \| peer ipv4-address [ mask-length ] ]
Clear flap information for BGP IPv6 unicast routes.	reset bgp [ instance instance-name ] flap-info ipv6 [ unicast ] [ ipv6-address prefix-length \| as-path-acl as-path-acl-number \| peer ipv6-address [ prefix-length ] ]

‌

Restrictions and guidelines

By default, the route reflector does not change the attributes of routes before route reflection to avoid routing loops. When you replan network traffic, you can perform this task to allow the route reflector to change the attributes of the routes to be reflected.

After using the reflect change-path-attribute command, you can use the peer route-policy export command to apply a routing policy that can change the attributes of the routes to be reflected. The following apply commands can define how the routing policy modifies route attributes:

· Use apply origin to change the ORIGIN attribute of routes.

· Use apply ip-address next-hop or apply ipv6 next-hop to change the NEXT_HOP attribute of routes.

· Use apply cost to change the MED attribute of routes.

· Use apply local-preference to change the local preference for routes.

· Use apply community to configure the COMMUNITY attribute of routes. For BGP to advertise the COMMUNITY attribute to a peer or peer group, use the peer advertise-community command.

· Use apply comm-list delete to delete COMMUNITY attribute values from routes.

· Use apply extcommunity to configure the RT extended community attribute of routes. For BGP to advertise the extended community attribute to a peer or peer group, use the peer advertise-ext-community command.

· Use apply extcommunity color to configure the color extended community attribute of routes.

For more information about the apply commands, see routing policy commands in Layer 3—IP Routing Command Reference.

05-Network Connectivity

BGP overview

Idle

Connect

Active

OpenSent

OpenConfirm

Established

BGP path attributes

ORIGIN

AS_PATH

NEXT_HOP

MED (MULTI_EXIT_DISC)

LOCAL_PREF

Settlements for problems in large-scale BGP networks

Route summarization

Peer group

Supported address families

MP-BGP extended attributes

Address family

Exchanging IPv4 and IPv6 routes in both IPv4 and IPv6 address families

Building basic BGP networks

Configuring basic BGP

Enabling BGP

Restrictions and guidelines

Procedure

Specifying the source address of TCP connections

Procedure (IPv6 unicast address family)

Configuring BGP route summarization

Configuring BGP manual route summarization (IPv6 unicast address family)

Procedure (IPv6 unicast address family)

About this task

Procedure

Procedure (IPv6 unicast address family)

B GP path attributes