Junos – iBGP | Fryguy's Blog

Tags

Junos_sw_logo

Ok, time for some iBGP!

Ibgp Lab Topology

Ok, BGP time. First thing we need to do is rollback all configs to the base. You should be Ok with doing that now on your own, so I will skip documenting that again here. Again, all configs, J1 – J2 – J3 – J4, are all back at their base/rescue level.

Now we need to configure R4 with a static default route to J1 for this lab.

R4#conf t

Enter configuration commands, one per line. End with CNTL/Z.

R4(config)#ip route 0.0.0.0 0.0.0.0 192.168.14.1

R4(config)#^Z

Now we can configure a static route on J1 to R4 4.4.4.4/32

[edit]

jfry@J1# set routing-options static route 4.4.4.4/32 next-hop 192.168.14.4 install

[edit]

jfry@J1# commit and-quit

And now we can test connectivity to R4 loopback:

jfry@J1> ping 4.4.4.4 rapid

PING 4.4.4.4 (4.4.4.4): 56 data bytes

!!!!!

— 4.4.4.4 ping statistics —

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max/stddev = 3.792/3.996/4.149/0.116 ms

jfry@J1>

Good! Now we can configure iBGP between J1, J2, and J3 using ASN123. We will peer via the connected interfaces on the routers, and then advertise the loopbacks into BGP.

J1:

Ok, time to define our AS. This is done, like router-id, under the routing-options.

[edit]

jfry@J1# set routing-options autonomous-system 123

Now we can configure our BGP neighbors. For this we will use a group called ibgp.

This is done under protocols bgp:

[edit]

jfry@J1# edit protocols bgp group ibgp

We will set this to an internal (ibgp) group:

[edit protocols bgp group ibgp]

jfry@J1# set type internal

Configure our Peer-as:

[edit protocols bgp group ibgp]

jfry@J1# set peer-as 123

Then define our neighbors:

[edit protocols bgp group ibgp]

jfry@J1# set neighbor 192.168.13.3

[edit protocols bgp group ibgp]

jfry@J1# set neighbor 192.168.12.2

Ok, time to head to the top of the stanza and check our config:

[edit protocols bgp group ibgp]

jfry@J1# top

[edit]

jfry@J1# show | compare

[edit routing-options]

+ autonomous-system 123;

[edit]

+ protocols {

+ bgp {

+ group ibgp {

+ type internal;

+ peer-as 123;

+ neighbor 192.168.13.3;

+ neighbor 192.168.12.2;

+ }

[edit]

jfry@J1#

Ok, let’s commit it on J1!

[edit]

jfry@J1# commit and-quit

commit complete

Now onto J2:

[edit]

jfry@J2# set routing-options autonomous-system 123

[edit]

jfry@J2# edit protocols bgp group ibgp

[edit protocols bgp group ibgp]

jfry@J2# set type internal

[edit protocols bgp group ibgp]

jfry@J2# set peer-as 123

[edit protocols bgp group ibgp]

jfry@J2# set neighbor 192.168.12.1

[edit protocols bgp group ibgp]

jfry@J2# set neighbor 192.168.23.3

[edit protocols bgp group ibgp]

jfry@J2# top

[edit]

jfry@J2# commit and-quit

and now J3:

[edit]

jfry@J3# set routing-options autonomous-system 123

[edit]

jfry@J3# edit protocols bgp group ibgp

[edit protocols bgp group ibgp]

jfry@J3# set type internal

[edit protocols bgp group ibgp]

jfry@J3# set peer-as 123

[edit protocols bgp group ibgp]

jfry@J3# set neighbor 192.168.13.1

[edit protocols bgp group ibgp]

jfry@J3# set neighbor 192.168.23.2

[edit protocols bgp group ibgp]

jfry@J3# commit and-quit

commit complete

Ok, that is J1, J2, and J3 configured for BGP. Time to check our bgp summary:

jfry@J1> show bgp summary

Groups: 1 Peers: 2 Down peers: 0

Table Tot Paths Act Paths Suppressed History Damp State Pending

inet.0

0 0 0 0 0 0

Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped…

192.168.12.2 123 11 11 0 0 3:42 0/0/0/0 0/0/0/0

192.168.13.3 123 8 7 0 0 2:23 0/0/0/0 0/0/0/0

Ok, J1 looks good. Time to check J2 quick:

jfry@J2> show bgp summary

Groups: 1 Peers: 2 Down peers: 0

Table Tot Paths Act Paths Suppressed History Damp State Pending

inet.0

0 0 0 0 0 0

Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped…

192.168.12.1 123 11 12 0 0 4:14 0/0/0/0 0/0/0/0

192.168.23.3 123 8 8 0 0 2:52 0/0/0/0 0/0/0/0

jfry@J2>

And J2 has two neighbors.

Ok, let’s take a look at the routing table on J2:

jfry@J2> show route

inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)

+ = Active Route, – = Last Active, * = Both

2.2.2.2/32 *[Direct/0] 00:43:34

> via lo0.0

192.168.12.0/24 *[Direct/0] 00:42:38

> via ge-0/0/0.0

192.168.12.2/32 *[Local/0] 00:42:42

Local via ge-0/0/0.0

192.168.23.0/24 *[Direct/0] 00:42:39

> via ge-0/0/1.0

192.168.23.2/32 *[Local/0] 00:42:42

Local via ge-0/0/1.0

jfry@J2>

Hmm, only local and direct routes. Guess we need to tell BGP what routes it can export to its neighbors! For this lab, we will only advertise loopback addresses from the routers.

First up, J1. (Remember, we also need to advertise R4 loopback)

[edit]

jfry@J1# set policy-options prefix-list Loopbacks 1.1.1.1/32

[edit]

jfry@J1# set policy-options prefix-list Loopbacks 4.4.4.4/32

[edit]

jfry@J1# set policy-options policy-statement Advertise term 1 from prefix-list Loopbacks

[edit]

jfry@J1# set policy-options policy-statement Advertise term 1 then accept

[edit]

jfry@J1# set protocols bgp export Advertise

[edit]

jfry@J1# show | compare

[edit protocols bgp]

+ export Advertise;

[edit]

+ policy-options {

+ prefix-list Loopbacks {

+ 1.1.1.1/32;

+ 4.4.4.4/32;

+ }

+ policy-statement Advertise {

+ term 1 {

+ from {

+ prefix-list Loopbacks;

+ }

+ then accept;

+ }

[edit]

jfry@J1# commit and-quit

commit complete

Now we do J2:

jfry@J2> edit

Entering configuration mode

[edit]

jfry@J2# set policy-options prefix-list Loopbacks 2.2.2.2/32

[edit]

jfry@J2# set policy-options policy-statement Advertise term 1 from prefix-list Loopbacks

[edit]

jfry@J2# set policy-options policy-statement Advertise term 1 then accept

[edit]

jfry@J2# set protocols bgp export Advertise

[edit]

jfry@J2#commit and-quit

Now, J3:

jfry@J3> edit

Entering configuration mode

[edit]

jfry@J3# set protocols bgp export Advertise

[edit]

jfry@J3# set policy-options prefix-list Loopbacks 3.3.3.3/32

[edit]

jfry@J3# set policy-options policy-statement Advertise term 1 from prefix-list Loopbacks

[edit]

jfry@J3# set policy-options policy-statement Advertise term 1 then accept

[edit]

jfry@J3# commit and-quit

Now that is all configured, time to look at J2’s routing table:

jfry@J2> show route

inet.0: 8 destinations, 8 routes (7 active, 0 holddown, 1 hidden)

+ = Active Route, – = Last Active, * = Both

1.1.1.1/32 *[BGP/170] 00:03:07, localpref 100

AS path: I

> to 192.168.12.1 via ge-0/0/0.0

2.2.2.2/32 *[Direct/0] 00:51:52

> via lo0.0

3.3.3.3/32 *[BGP/170] 00:00:22, localpref 100

AS path: I

> to 192.168.23.3 via ge-0/0/1.0

192.168.12.0/24 *[Direct/0] 00:50:56

> via ge-0/0/0.0

192.168.12.2/32 *[Local/0] 00:51:00

Local via ge-0/0/0.0

192.168.23.0/24 *[Direct/0] 00:50:57

> via ge-0/0/1.0

192.168.23.2/32 *[Local/0] 00:51:00

Local via ge-0/0/1.0

jfry@J2>

Hmm, we have a route to all the loopbacks EXCEPT R4. Why?

Well, first we should check to see if R2 is receiving the route. That is done by the command show route receive-protocol bgp neighbor

jfry@J2> show route receive-protocol bgp 192.168.12.1 all

inet.0: 8 destinations, 8 routes (7 active, 0 holddown, 1 hidden)

Prefix Nexthop MED Lclpref AS path

* 1.1.1.1/32 192.168.12.1 100 I

4.4.4.4/32 192.168.14.4 100 I

__juniper_private1__.inet.0: 7 destinations, 9 routes (7 active, 0 holddown, 0 hidden)

__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active, 0 holddown, 1 hidden)

jfry@J2>

We are getting it, so why is it not being installed? Remember, BGP won’t install a route if the Nexthop is not in the local routing table – and for us, 192.168.14.4 is listed as the next hop – and we don’t have a route for that?

So, how do we overcome this problem? Easy, J1 needs to set itself as the next-hop!

So to do this we will edit our existing Advertise statement and add next-hop self.

J1:

jfry@J1# edit policy-options policy-statement Advertise term 1

[edit policy-options policy-statement Advertise term 1]

jfry@J1# set then next-hop self

[edit policy-options policy-statement Advertise term 1]

jfry@J1# commit and-quit

Now we can jump back to J2 and check to see if R4 loopback is listed:

jfry@J2> show route receive-protocol bgp 192.168.12.1 all

inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)

Prefix Nexthop MED Lclpref AS path

* 1.1.1.1/32 192.168.12.1 100 I

* 4.4.4.4/32 192.168.12.1 100 I

__juniper_private1__.inet.0: 7 destinations, 9 routes (7 active, 0 holddown, 0 hidden)

__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active, 0 holddown, 1 hidden)

jfry@J2>

Yup, as you can see the next-hop is now 192.168.12.1

Let’t ping R4 from J2!

jfry@J2> ping 4.4.4.4 source 2.2.2.2 rapid

PING 4.4.4.4 (4.4.4.4): 56 data bytes

!!!!!

— 4.4.4.4 ping statistics —

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max/stddev = 3.807/4.195/4.588/0.283 ms

jfry@J2>

There we go, we can ping R4 loopback!

Share this: