IOS XR – iBGP and eBGP
BGP, this is where it starts to get different with IOS XR.
First up, configuring an iBGP peering with R2’s 150.1.12.2 in AS1 and advertise our loopback interface.
RP/0/7/CPU0:R1(config)#
RP/0/7/CPU0:R1(config)#router bgp 1
Let’s define the network we want to advertise, under the address family:
RP/0/7/CPU0:R1(config-bgp)#address-family ipv4 unicast
RP/0/7/CPU0:R1(config-bgp-af)#net 1.1.1.1/32
RP/0/7/CPU0:R1(config-bgp-af)#exit
Now, we can configure the neighbor. Notice all the commands for the neighbor are under the neighbor now – not next to the neighbor.
RP/0/7/CPU0:R1(config-bgp)#nei 150.1.12.2
RP/0/7/CPU0:R1(config-bgp-nbr)#remote-as 1
RP/0/7/CPU0:R1(config-bgp-nbr)#address-family ipv4 unicast
RP/0/7/CPU0:R1(config-bgp-nbr-af)#exit
RP/0/7/CPU0:R1(config-bgp-nbr)#comm
Thu Mar 29 22:47:05.147 UTC
RP/0/7/CPU0:R1(config-bgp)#exit
RP/0/7/CPU0:R1(config)#exit
Now, time to see if we have a neighbor established:
RP/0/7/CPU0:R1#sh bgp nei 150.1.12.2
Thu Mar 29 22:48:13.338 UTC
BGP neighbor is 150.1.12.2
Remote AS 1, local AS 1, internal link
Remote router ID 2.2.2.2
BGP state = Established, up for 00:00:24
Last read 00:00:24, Last read before reset 00:00:00
Hold time is 180, keepalive interval is 60 seconds
Configured hold time: 180, keepalive: 60, min acceptable hold time: 3
Last write 00:00:24, attempted 19, written 19
Second last write 00:00:24, attempted 53, written 53
Last write before reset 00:00:00, attempted 0, written 0
Second last write before reset 00:00:00, attempted 0, written 0
Last write pulse rcvd Mar 29 22:47:49.296 last full not set pulse count 4
Last write pulse rcvd before reset 00:00:00
Socket not armed for io, armed for read, armed for write
Last write thread event before reset 00:00:00, second last 00:00:00
Last KA expiry before reset 00:00:00, second last 00:00:00
Last KA error before reset 00:00:00, KA not sent 00:00:00
Last KA start before reset 00:00:00, second last 00:00:00
Precedence: internet
Neighbor capabilities:
Route refresh: advertised and received
4-byte AS: advertised and received
Address family IPv4 Unicast: advertised and received
Received 2 messages, 0 notifications, 0 in queue
Sent 2 messages, 0 notifications, 0 in queue
Minimum time between advertisement runs is 0 secs
For Address Family: IPv4 Unicast
BGP neighbor version 0
Update group: 0.2 Filter-group: 0.1 No Refresh request being processed
Route refresh request: received 0, sent 0
0 accepted prefixes, 0 are bestpaths
Cumulative no. of prefixes denied: 0.
Prefix advertised 0, suppressed 0, withdrawn 0
Maximum prefixes allowed 524288
Threshold for warning message 75%, restart interval 0 min
AIGP is enabled
An EoR was not received during read-only mode
Last ack version 1, Last synced ack version 0
Outstanding version objects: current 0, max 0
Additional-paths operation: None
Connections established 1; dropped 0
Local host: 150.1.12.1, Local port: 33432
Foreign host: 150.1.12.2, Foreign port: 179
Last reset 00:00:00
Cool, neighbor is up and active.
Now, time to check our BGP summary to see what routes we have.
RP/0/7/CPU0:R1#sh ip bgp
Thu Mar 29 22:48:51.876 UTC
BGP router identifier 1.1.1.1, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0xe0000000 RD version: 4
BGP main routing table version 4
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best i - internal, r RIB-failure, S stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 1.1.1.1/32 0.0.0.0 0 32768 i *>i2.2.2.2/32 150.1.12.2 0 100 0 i
Processed 2 prefixes, 2 paths
RP/0/7/CPU0:R1#
Cool, we have a route to R2 Loopback interface. Lets PING it!
RP/0/7/CPU0:R1#ping 2.2.2.2 so l0
Thu Mar 29 22:52:17.899 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/3 ms
RP/0/7/CPU0:R1#
We have connectivity!
Here is the IOS XR Config:
RP/0/7/CPU0:R1#sh run | begin bgp
Thu Mar 29 22:56:17.937 UTC
Building configuration…
router bgp 1
address-family ipv4 unicast
network 1.1.1.1/32
!
neighbor 150.1.12.2
remote-as 1
address-family ipv4 unicast
!
!
!
end
RP/0/7/CPU0:R1#
Here is the same IOS config. With a single neighbor it is pretty simple.
router bgp 1
network 1.1.1.1 mask 255.255.255.255
neighbor 150.1.12.2 remote-as 1
Now for eBGP – here is where it starts gets interesting!
First we need to configure an IGP so that we can establish Loopback connectivity – for this we will use ISIS:
RP/0/7/CPU0:R1(config)#router ISIS LAB
RP/0/7/CPU0:R1(config-isis)#net 49.0000.0000.0001.00
RP/0/7/CPU0:R1(config-isis)#interface l0
RP/0/7/CPU0:R1(config-isis-if)#address-family ipv4
RP/0/7/CPU0:R1(config-isis-if)#exit
RP/0/7/CPU0:R1(config-isis)#interface g0/3/0/2
RP/0/7/CPU0:R1(config-isis-if)#address-family ipv4
RP/0/7/CPU0:R1(config-isis-if)#exit
RP/0/7/CPU0:R1(config-isis)#is-type level-2
RP/0/7/CPU0:R1(config-isis)#commit
RP/0/7/CPU0:R1(config-isis-if-af)#exit
RP/0/7/CPU0:R1(config-isis-if)#exit
RP/0/7/CPU0:R1(config-isis)#exit
Now we need to configure an interface to advertise via BGP – here we will create Loop100 with an IP of 100.100.100.100/32
RP/0/7/CPU0:R1(config)#int loop100
RP/0/7/CPU0:R1(config-if)#ip add 100.100.100.100/32
RP/0/7/CPU0:R1(config-if)#comm
Thu Mar 29 23:12:31.681 UTC
RP/0/7/CPU0:R1(config-if)#exit
Now to configured eBGP.
We will peer with R2 loopback’s (2.2.2.2) and their remote AS of 2.
First we define our BGP processed (ID 1)
RP/0/7/CPU0:R1(config)#
RP/0/7/CPU0:R1(config-if)#router bgp 1
Define the networks we want to advertise
RP/0/7/CPU0:R1(config-bgp)#address-family ipv4 unicast
RP/0/7/CPU0:R1(config-bgp-af)#net 100.100.100.100/32
RP/0/7/CPU0:R1(config-bgp-af)#exit
Now we can configure our neighbor
RP/0/7/CPU0:R1(config-bgp)#nei 2.2.2.2
RP/0/7/CPU0:R1(config-bgp-nbr)#remote-as 2
RP/0/7/CPU0:R1(config-bgp-nbr)#ebgp-multihop
RP/0/7/CPU0:R1(config-bgp-nbr)#up loopback 0
RP/0/7/CPU0:R1(config-bgp-nbr)#address-family ipv4 un
And finally commit our changes.
RP/0/7/CPU0:R1(config-bgp-nbr-af)#comm
Thu Mar 29 23:18:06.455 UTC
RP/0/7/CPU0:R1(config-bgp-nbr-af)#exit
RP/0/7/CPU0:R1(config-bgp-nbr)#exit
RP/0/7/CPU0:R1(config-bgp)#exit
RP/0/7/CPU0:R1(config)#exit
RP/0/7/CPU0:R1#
Ok, now that we have that configured – time to look at our routing table, we should see a route to 200.200.200.200/32.
RP/0/7/CPU0:R1#sh ip route
Thu Mar 29 23:24:25.533 UTC
Codes: C – connected, S – static, R – RIP, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP
i – ISIS, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, su – IS-IS summary null, * – candidate default
U – per-user static route, o – ODR, L – local, G – DAGR
A – access/subscriber, (!) – FRR Backup path
Gateway of last resort is not set
L 1.1.1.1/32 is directly connected, 02:26:47, Loopback0
i L2 2.2.2.2/32 [115/20] via 150.1.12.2, 00:13:05, GigabitEthernet0/3/0/2
L 100.100.100.100/32 is directly connected, 00:11:53, Loopback100
C 150.1.12.0/24 is directly connected, 02:27:12, GigabitEthernet0/3/0/2
L 150.1.12.1/32 is directly connected, 02:26:47, GigabitEthernet0/3/0/2
RP/0/7/CPU0:R1#
Hmm, no route – why is that? Is the neighbor up?
Lets check:
RP/0/7/CPU0:R1#sh ip bgp summ
Thu Mar 29 23:25:12.041 UTC
BGP router identifier 1.1.1.1, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0xe0000000 RD version: 7
BGP main routing table version 7
BGP scan interval 60 secs
BGP is operating in STANDALONE mode.
Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer Speaker 7 7 7 7 7 7
Some configured eBGP neighbors (under default or non-default vrfs)
do not have both inbound and outbound policies configured for IPv4 Unicast
address family. These neighbors will default to sending and/or
receiving no routes and are marked with ‘!’ in the output below.
Use the ‘show bgp neighbor <nbr_address>’ command for details.
Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd 2.2.2.2 0 2 7 6 7 0 0 00:03:09 0!
RP/0/7/CPU0:R1#
Yup, we are up for over 3 minutes now – but wait, we have an ! mark there – no routes received.
It says to use the show bgp neighbors address for details. Let’s see what that says.
RP/0/7/CPU0:R1#sh bgp neighbors 2.2.2.2
Thu Mar 29 23:26:12.572 UTC
BGP neighbor is 2.2.2.2
Remote AS 2, local AS 1, external link
Remote router ID 2.2.2.2
BGP state = Established, up for 00:04:10
Last read 00:00:05, Last read before reset 00:00:00
Hold time is 180, keepalive interval is 60 seconds
Configured hold time: 180, keepalive: 60, min acceptable hold time: 3
Last write 00:00:05, attempted 19, written 19
Second last write 00:01:05, attempted 19, written 19
Last write before reset 00:00:00, attempted 0, written 0
Second last write before reset 00:00:00, attempted 0, written 0
Last write pulse rcvd Mar 29 23:26:07.793 last full not set pulse count 14
Last write pulse rcvd before reset 00:00:00
Socket not armed for io, armed for read, armed for write
Last write thread event before reset 00:00:00, second last 00:00:00
Last KA expiry before reset 00:00:00, second last 00:00:00
Last KA error before reset 00:00:00, KA not sent 00:00:00
Last KA start before reset 00:00:00, second last 00:00:00
Precedence: internet
Enforcing first AS is enabled
Neighbor capabilities:
Route refresh: advertised and received
4-byte AS: advertised and received
Address family IPv4 Unicast: advertised and received
Received 8 messages, 0 notifications, 0 in queue
Sent 7 messages, 0 notifications, 0 in queue
Minimum time between advertisement runs is 30 secs
For Address Family: IPv4 Unicast
BGP neighbor version 7
Update group: 0.2 Filter-group: 0.1 No Refresh request being processed
eBGP neighbor with no inbound or outbound policy; defaults to ‘drop’
Route refresh request: received 0, sent 0
0 accepted prefixes, 0 are bestpaths
Cumulative no. of prefixes denied: 1.
No policy: 1, Failed RT match: 0
By ORF policy: 0, By policy: 0
Prefix advertised 0, suppressed 0, withdrawn 0
Maximum prefixes allowed 524288
Threshold for warning message 75%, restart interval 0 min
An EoR was not received during read-only mode
Last ack version 7, Last synced ack version 0
Outstanding version objects: current 0, max 0
Additional-paths operation: None
Connections established 1; dropped 0
Local host: 1.1.1.1, Local port: 58277
Foreign host: 2.2.2.2, Foreign port: 179
Last reset 00:00:00
External BGP neighbor may be up to 255 hops away.
RP/0/7/CPU0:R1#
Ahh, the neighbor is up but there is a line that says:
eBGP neighbor with no inbound or outbound policy; defaults to ‘drop’
Here is the first difference with IOS XR – eBGP peers must have a Route-Policy (route-map) configured to permit routes in and out of them.
Instead of a route-map like IOS, IOS XR uses a Route Policy Language (RPL) – that is more powerful and easier than IOS. Let’s configure a very simple one to pass everything:
RP/0/7/CPU0:R1(config)#route-policy PASS
RP/0/7/CPU0:R1(config-rpl)#pass
RP/0/7/CPU0:R1(config-rpl)#exit
RP/0/7/CPU0:R1(config)#commit
Thu Mar 29 23:28:08.400 UTC
Cool – that was easy. Now lets apply that to the eBGP neighbor:
RP/0/7/CPU0:R1(config)#router bgp 1
RP/0/7/CPU0:R1(config-bgp)#nei 2.2.2.2
RP/0/7/CPU0:R1(config-bgp-nbr)#address-family ipv4 unicast
RP/0/7/CPU0:R1(config-bgp-nbr-af)#route-policy PASS out
RP/0/7/CPU0:R1(config-bgp-nbr-af)#route-policy PASS in
RP/0/7/CPU0:R1(config-bgp-nbr-af)#commit
Thu Mar 29 23:28:32.865 UTC
Now, lets look at the routing table for BGP
RP/0/7/CPU0:R1#sh route ipv4 bgp
Thu Mar 29 23:29:43.865 UTC
B 200.200.200.200/32 [20/0] via 2.2.2.2, 00:01:06
RP/0/7/CPU0:R1#
Cool, we have a route to R2’s Loopback100 interface. PING time!
RP/0/7/CPU0:R1#ping 200.200.200.200 sou loop100
Thu Mar 29 23:30:10.013 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.200.200.200, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/3/5 ms
RP/0/7/CPU0:R1#
Look at that, we have connectivity!
A similar IOS config would look like this:
router bgp 1
no synchronization
bgp log-neighbor-changes
network 100.100.100.100 mask 255.255.255.255
neighbor 2.2.2.2 remote-as 2
neighbor 2.2.2.2 ebgp-multihop 255
neighbor 2.2.2.2 route-map PASS in
neighbor 2.2.2.2 route-map PASS out
ip prefix-list PASS seq 5 permit 0.0.0.0/0 le 32
route-map PASS permit 10
match ip address prefix-list PASS
xcellnt elaboration
xcellnt elaboration