CÔNG TY TNHH CÔNG NGHỆ VIỆT THÁI DƯƠNG
Logo CNTTShop.vn

NTT03, Line 1, Thống Nhất Complex, Thanh Xuân, Hà Nội.
Danh mục sản phẩm

Configure BGP Neighbor

Configuration Condition

Before configuring a BGP neighbor, ensure that:

  • The link layer protocol has been configured to ensure normal communication at the link layer.
  • The network layer addresses of the interfaces have been configured so that the adjacent network nodes are reachable at the network layer.

Configure an IBGP Neighbor

Perform basic configuration.

In configuring an IBGP neighbor, you need to set the AS of the neighbor to be the same as the AS of the local device. You can configure a Router ID for a device. The Router ID is used to uniquely identify a BGP device in setting up a BGP session. If no Router ID is configured for a device, the device selects a Router ID from interface addresses. The rules for selection are as follows:

  • Select the biggest IP address from loopback interface IP addresses as the Router ID.
  • If no loopback interface is configured with an IP address, select the biggest IP address from the IP addresses of other interfaces as the Router ID.
  • Only when an interface is in the UP status can the IP address of the interface be elected as the Router ID.

Table 12-2 Configure an IBGP neighbor

Step

Command

Description

Enter the global configuration mode.

configure terminal

-

Enable the BGP protocol and enter the BGP configuration mode.

router bgp autonomous-system

Mandatory.

By default, BGP is disabled.

Configure a Router ID for the BGP device.

bgp router-id router-id

Optional.

By default, the device selects a Router ID from interface addresses. The loopback interface and large IP address have the priorities.

Configure an IBGP neighbor.

neighbor { neighbor-address | peer-group-name } remote-as as-number

Mandatory.

By default, no IBGP neighbor is created.

Activate the capability of an IBGP neighbor in transmitting and receiving IPv4 unicast routes.

neighbor { neighbor-address | peer-group-name } activate

Optional.

By default, the IBGP neighbor's capability in transmitting and receiving IPv4 unicast routes is activated automatically.

Configure a description for an IBGP neighbor.

neighbor { neighbor-address | peer-group-name } description description-string

Optional.

By default, no description is configured for an IBGP neighbor.

Configure the source address of a TCP session.

BGP uses the TCP protocol to transmit packets through service port 179. TCP features reliable transmission, ensuring that BGP protocol packets can be properly transmitted to its neighbors.

Table 12-3 Configure the source address of a TCP session

Step

Command

Description

Enter the global configuration mode.

configure terminal

-

Enable the BGP protocol and enter the BGP configuration mode.

router bgp autonomous-system

-

Configure an IBGP neighbor.

neighbor { neighbor-address | peer-group-name } remote-as as-number

Mandatory.

By default, no IBGP neighbor is created.

Configure the source address of a TCP session of an IBGP neighbor.

neighbor { neighbor-address | peer-group-name } update-source { interface-name | ip-address }

Mandatory.

By default, the TCP session automatically selects the address of a routing output interface as the source address.

note


  • If there are load balancing routes, the source addresses must be configured for TCP sessions of BGP neighbors. If TCP session source addresses are not configured, if the neighbors have different optimal routes, they may use different output interfaces as their source addresses. In this way, BGP sessions may fail to set up within a period of time.

Configure an EBGP Neighbor

Perform basic configuration.

In configuring an EBGP neighbor, you need to set the AS of the neighbor to be different from the AS of the local device.

Table 12-4 Configure an EBGP neighbor

Step

Command

Description

Enter the global configuration mode.

configure terminal

-

Enable the BGP protocol and enter the BGP configuration mode.

router bgp autonomous-system

-

Configure an EBGP neighbor.

neighbor { neighbor-address | peer-group-name } remote-as as-number

Mandatory.

By default, no EBGP neighbor is created.

Configure a non-direct-connect EBGP neighbor

EBGP neighbors are located in different operation networks, and they are usually connected by a direct-connect physical link. Therefore, the default TTL value for the IP packets between EBGP neighbors is 1. In non-direct-connect operation networks, you can use a command to set the TTL value of IP packets so as to set up a BGP connection.

Table 12-5 Configure a non-direct-connect EBGP neighbor

Step

Command

Description

Enter the global configuration mode.

configure terminal

-

Enter the BGP configuration mode.

router bgp autonomous-system

-

Configure an EBGP neighbor.

neighbor { neighbor-address | peer-group-name } remote-as as-number

Mandatory.

By default, no EBGP neighbor is created.

Configure the source address of a TCP session of an EBGP neighbor.

neighbor { neighbor-address | peer-group-name } update-source { interface-name | ip-address }

Optional.

By default, the TCP session automatically selects the address of a routing output interface as the source address.

Allow non-direct-connect EBGP neighbors to set up a connection.

neighbor { neighbor-address | peer-group-name } ebgp-multihop [ ttl-value ]

Mandatory.

By default, non-direct-connect devices are not allowed to form EBGP neighbors.

Configure a BGP Passive Neighbor

In some special application environments, the BGP passive neighbor function is in need. After the passive neighbor function is enabled, the BGP does not initiate the TCP connection request for setting up a BGP neighbor relation; instead, it waits for the neighbor's connection request before setting up a neighbor relation. By default, neighbors initiate connection requests to each other. If connections conflict, they select an optimal TCP connection to form a BGP session. Before configuring a BGP passive neighbor, you need to configure a BGP neighbor.

Table 12-6 Configure a BGP passive neighbor

Step

Command

Description

Enter the global configuration mode.

configure terminal

-

Enter the BGP configuration mode.

router bgp autonomous-system

-

Configure a BGP neighbor.

neighbor { neighbor-address | peer-group-name } remote-as as-number

Mandatory.

By default, no BGP neighbor is created.

Configure a BGP passive neighbor.

neighbor { neighbor-address | peer-group-name } passive

Mandatory.

By default, no passive neighbor is activated.

Configure an MP-BGP Neighbor

By default, BGP neighbors are activated in the IPv4 unicast address family, and they have the capability of transmitting and receiving IPv4 unicast routes. Neighbors need to be enabled by using a command in other address families, such as multicast address family, VRF address family, and LS unicast family, so that they have the capability of transmitting and receiving the required routes. Before configuring an MP-BGP neighbor, you need to configure a BGP neighbor.

Table 12-7 Configure an MP-BGP neighbor

Step

Command

Description

Enter the global configuration mode.

configure terminal

-

Enter the BGP configuration mode.

router bgp autonomous-system

-

Configure a BGP neighbor.

neighbor { neighbor-address | peer-group-name } remote-as as-number

Mandatory.

By default, no BGP neighbor is created.

Enter the BGP IPv4 configuration mode.

address-family ipv4 multicast

Mandatory.

By default, after entering the BGP configuration mode, the user is in unicast address family mode.

Activate neighbors in BGP IPv4 multicast address family.

neighbor { neighbor-address | peer-group-name } activate

Mandatory.

By default, global neighbors are deactivated in multicast address family mode.

Exit the BGP IPv4 configuration mode.

exit-address-family

-

Enter the BGP IPv4 VRF configuration mode.

address-family ipv4 vrf vrf-name

-

Configure neighbors in BGP IPv4 VRF address family mode.

neighbor { neighbor-address | peer-group-name } remote-as as-number

Mandatory.

By default, no BGP neighbor is created.

Activate neighbors in IPv4 VRF address family mode.

neighbor { neighbor-address | peer-group-name } activate

Optional.

By default, neighbors are activated in BGP IPv4 VRF configuration mode.

Exit the BGP IPv4 VRF configuration mode.

exit-address-family

-

Enter the BGP LS config mode.

address-family link-state unicast

-

Activate neighbors in BGP LS unicast address family mode.

neighbor { neighbor-address | peer-group-name } activate

Mandatory.

By default, global neighbors are deactivated in VPN address family mode.

Exit the BGP LS configuration mode. exit-address-family -

note


  • The neighbors that are configured in BGP configuration mode and BGP IPv4 unicast configuration mode are global neighbors, and the neighbors that are configured in BGP IPv4 VRF configuration mode belong only to the VRF address family.

Configure MD5 Authentication for BGP Neighbors

BGP supports configuring MD5 authentication to protect information exchange between neighbors. MD5 authentication is implemented by the TCP protocol. Two neighbors must be configured with the same MD5 authentication password before a TCP connection can be set up; otherwise, if the TCP protocol fails in MD5 authentication, the TCP connection cannot be set up. Before configuring MD5 authentication for BGP neighbors, you need to configure BGP neighbors.

Table 12-8 Configure MD5 authentication for BGP neighbors

Step

Command

Description

Enter the global configuration mode.

configure terminal

-

Enter the BGP configuration mode.

router bgp autonomous-system

-

Configure a BGP neighbor.

neighbor { neighbor-address | peer-group-name } remote-as as-number

Mandatory.

By default, no BGP neighbor is created.

Configure MD5 authentication for BGP neighbors.

neighbor { neighbor-address | peer-group-name } password [ 0 | 7 ] password-string

Mandatory.

By default, no MD5 authentication is started for BGP neighbors.