Time for some eBGP between Juniper devices
Ok, time for some eBGP configurations. Of course, first thing we need to do – reset to the rescue/base configs. You can do that now.
We will create an iBGP session between J1 and R4 using ASN 14 and we will also create an iBGP session between J2 and J3 using ASN 23.
R4 up first:
R4(config)#router bgp 14
R4(config-router)#nei 192.168.14.1 remote-as 14
R4(config-router)#nei 192.168.14.1 soft-reconfiguration inbound
R4(config-router)#net 4.4.4.4 mask 255.255.255.255
R4(config-router)#^Z
R4#
Now onto J1:
[edit]
jfry@J1# set routing-options autonomous-system 14
Create our prefix list to advertise our Loopback address:
[edit]
jfry@J1# set policy-options prefix-list Loopback 1.1.1.1/32
Create our policy to permit the loopbackL
[edit]
jfry@J1# set policy-options policy-statement ibgp term 1 from prefix-list Loopback
[edit]
jfry@J1# set policy-options policy-statement ibgp term 1 then accept
Now configure our iBGP peering:
[edit]
jfry@J1# edit protocols bgp group ibgp
[edit protocols bgp group ibgp]
jfry@J1# set type internal
[edit protocols bgp group ibgp]
jfry@J1# set peer-as 14
[edit protocols bgp group ibgp]
jfry@J1# set neighbor 192.168.14.4
And finally what we are going to Export to BGP:
[edit protocols bgp group ibgp]
jfry@J1# set export ibgp
[edit protocols bgp group ibgp]
jfry@J1# show
type internal;
export ibgp;
peer-as 14;
neighbor 192.168.14.4;
[edit protocols bgp group ibgp]
jfry@J1# commit and-quit
commit complete
Exiting configuration mode
jfry@J1>
Quick check on R4:
R4#sh ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [200/0] via 192.168.14.1, 00:02:05
C 192.168.14.0/24 is directly connected, Ethernet0
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback0
R4#ping 1.1.1.1 so l0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 ms
R4#
Good, now onto J2:
jfry@J2> edit
Entering configuration mode
[edit]
jfry@J2# set routing-options autonomous-system 23
[edit]
jfry@J2# set policy-options prefix-list Loopback 2.2.2.2/32
[edit]
jfry@J2# set policy-options policy-statement ibgp term 1 from prefix-list Loopback
[edit]
jfry@J2# set policy-options policy-statement ibgp term 1 then accept
[edit]
jfry@J2# edit protocols bgp group ibgp
[edit protocols bgp group ibgp]
jfry@J2# set type internal
[edit protocols bgp group ibgp]
jfry@J2# set peer-as 23
[edit protocols bgp group ibgp]
jfry@J2# set neighbor 192.168.23.3
[edit protocols bgp group ibgp]
jfry@J2# set export ibgp
[edit protocols bgp group ibgp]
jfry@J2# commit and-quit
jfry@J2>
and finally J3:
jfry@J3> edit
Entering configuration mode
[edit]
jfry@J3# set routing-options autonomous-system 23
[edit]
jfry@J3# edit protocols bgp group ibgp
[edit protocols bgp group ibgp]
jfry@J3# set type internal
[edit protocols bgp group ibgp]
jfry@J3# set peer-as 23
[edit protocols bgp group ibgp]
jfry@J3# set neighbor 192.168.23.2
[edit protocols bgp group ibgp]
jfry@J3# set export Loopback
[edit protocols bgp group ibgp]
jfry@J3# top
[edit]
jfry@J3# set policy-options prefix-list Loobacks 3.3.3.3/32
[edit]
jfry@J3# set policy-options policy-statement ibgp term 1 from prefix-list Loopbacks
[edit]
jfry@J3# set policy-options policy-statement ibgp term 1 then accept
[edit]
jfry@J3# commit and-quit
commit complete
Exiting configuration mode
All good!
Back to J2 to see what BGP and routing looks like:
jfry@J2> show bgp summary
Groups: 1 Peers: 1 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0
1 1 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped…
192.168.23.3 23 27 26 0 0 10:29 1/1/1/0 0/0/0/0
jfry@J2>
And now to PING:
jfry@J2> ping 3.3.3.3 source 2.2.2.2 rapid
PING 3.3.3.3 (3.3.3.3): 56 data bytes
!!!!!
— 3.3.3.3 ping statistics —
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 2.424/2.734/3.358/0.345 ms
jfry@J2>
Great, we have iBGP working between J2 and J3 as well as J1 and R4. Now we can move onto eBGP!
J1 up first!
We will create a new policy-statement called ebgp and advertise our loopbacks
jfry@J1> edit
Entering configuration mode
[edit]
jfry@J1# set policy-options policy-statement ebgp term 1 from prefix-list Loopback
[edit]
jfry@J1# set policy-options policy-statement ebgp term 1 then accept
Now we will create a new bgp group and call it ebgp
[edit]
jfry@J1# edit protocols bgp group ebgp
Set the type to External
[edit protocols bgp group ebgp]
jfry@J1# set type external
Set the peer-as for ASN23
[edit protocols bgp group ebgp]
jfry@J1# set peer-as 23
Identify our neighbor:
[edit protocols bgp group ebgp]
jfry@J1# set neighbor 192.168.12.2
And then set our export policy:
[edit protocols bgp group ebgp]
jfry@J1# set export ebgp
[edit protocols bgp group ebgp]
jfry@J1# commit and-quit
And now for J2:
[edit]
jfry@J2# set policy-options policy-statement ebgp term 1 from prefix-list Loopback
[edit]
jfry@J2# set policy-options policy-statement ebgp term 1 then accept
[edit]
jfry@J2# edit protocols bgp group ebgp
[edit]
jfry@J2# set type external
[edit]
jfry@J2# set peer-as 14
[edit]
jfry@J2# set neighbor 192.168.12.1
[edit]
jfry@J2# set export ebgp
[edit]
jfry@J2# commit and-quit
commit complete
Exiting configuration mode
There, all done. Time to check J2 to see if we neighbored up:
jfry@J2> show bgp summary
Groups: 2 Peers: 2 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0
3 3 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped…
192.168.12.1 14 7 8 0 0 2:12 2/2/2/0 0/0/0/0
192.168.23.3 23 147 148 0 0 1:04:32 1/1/1/0 0/0/0/0
jfry@J2>
Ok, time to look at the routing table on J2:
jfry@J2> show route
inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)
+ = Active Route, – = Last Active, * = Both
1.1.1.1/32 *[BGP/170] 00:04:19, localpref 100
AS path: 14 I
> to 192.168.12.1 via ge-0/0/0.0
2.2.2.2/32 *[Direct/0] 09:39:16
> via lo0.0
3.3.3.3/32 *[BGP/170] 01:06:39, localpref 100
AS path: I
> to 192.168.23.3 via ge-0/0/1.0
4.4.4.4/32 *[BGP/170] 00:04:19, localpref 100
AS path: 14 I
> to 192.168.12.1 via ge-0/0/0.0
192.168.12.0/24 *[Direct/0] 09:38:13
> via ge-0/0/0.0
192.168.12.2/32 *[Local/0] 09:38:18
Local via ge-0/0/0.0
192.168.23.0/24 *[Direct/0] 09:38:14
> via ge-0/0/1.0
192.168.23.2/32 *[Local/0] 09:38:17
Local via ge-0/0/1.0
jfry@J2>
Good, we have routes there! Let’s look at J3
jfry@J3> show route
inet.0: 8 destinations, 8 routes (6 active, 0 holddown, 2 hidden)
+ = Active Route, – = Last Active, * = Both
2.2.2.2/32 *[BGP/170] 01:05:11, localpref 100
AS path: I
> to 192.168.23.2 via fe-0/0/1.0
3.3.3.3/32 *[Direct/0] 09:38:58
> via lo0.0
192.168.13.0/24 *[Direct/0] 09:37:09
> via fe-0/0/2.0
192.168.13.3/32 *[Local/0] 09:38:31
Local via fe-0/0/2.0
192.168.23.0/24 *[Direct/0] 09:36:44
> via fe-0/0/1.0
192.168.23.3/32 *[Local/0] 09:38:32
Local via fe-0/0/1.0
jfry@J3>
Hmm, we are missing routes to J1 and R4.
Time to check to see what routes R2 is sending us.
jfry@J3> show route receive-protocol bgp 192.168.23.2 all
inet.0: 8 destinations, 8 routes (6 active, 0 holddown, 2 hidden)
Prefix Nexthop MED Lclpref AS path
1.1.1.1/32 192.168.12.1 100 14 I
* 2.2.2.2/32 192.168.23.2 100 I
4.4.4.4/32 192.168.12.1 100 14 I
__juniper_private1__.inet.0: 7 destinations, 9 routes (7 active, 0 holddown, 0 hidden)
__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active, 0 holddown, 1 hidden)
jfry@J3>
We are getting them, but wait – the next hop is 192.168.12.1. We don’t have a route to that network, ahh.
So, we have two choices here – we can either advertise the 192.168.12.x/24 network OR we can configure J2 with next-hop-self. Let’s do the next-hop-self here.
Back to J2:
jfry@J2> edit
Entering configuration mode
What we are going to do is add a second term (term 2) for all other routes. Term 1 is addressing our loopback, so we don’t need to worry about that.
[edit]
jfry@J2# set policy-options policy -statement ibgp term 2 then next-hop self
[edit]
jfry@J2# set policy-options policy-statement ibgp term 2 then accept
[edit]
jfry@J2#
Ok, quick check on J3 for bgp routes:
jfry@J3> show route | match bgp
1.1.1.1/32 *[BGP/170] 00:02:27, localpref 100
2.2.2.2/32 *[BGP/170] 01:12:04, localpref 100
4.4.4.4/32 *[BGP/170] 00:02:27, localpref 100
192.168.12.0/24 *[BGP/170] 00:02:27, localpref 100
[BGP/170] 00:02:27, localpref 100
jfry@J3>
There they are!
This means that we also need to do this on R1. So let’s check R4 received routes from J1:
R4#sh ip bgp neighbors 192.168.14.1 received-routes
BGP table version is 31, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*>i1.1.1.1/32 192.168.14.1 100 0 i
* i2.2.2.2/32 192.168.12.2 100 0 23 i
* i3.3.3.3/32 192.168.12.2 100 0 23 i
Total number of prefixes 3
R4#
Yup, same problem. Our next hop is 192.168.12.2, J2’s interface. Let’s do the same here and set J1 as next-hop-self.
jfry@J1> edit
Entering configuration mode
[edit]
jfry@J1# set policy-options policy-statement ibgp term 2 then next-hop self
[edit]
jfry@J1# set policy-options policy-statement ibgp term 2 then accept
[edit]
jfry@J1# commit and-quit
Now we can check R4 routing table:
R4#sh ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
B 192.168.12.0/24 [200/0] via 192.168.14.1, 00:00:49
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [200/0] via 192.168.14.1, 00:53:08
B 192.168.13.0/24 [200/0] via 192.168.14.1, 00:00:49
2.0.0.0/32 is subnetted, 1 subnets
B 2.2.2.2 [200/0] via 192.168.14.1, 00:00:50
C 192.168.14.0/24 is directly connected, Ethernet0
3.0.0.0/32 is subnetted, 1 subnets
B 3.3.3.3 [200/0] via 192.168.14.1, 00:00:50
4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback0
R4#
And we have all the routes. Time to check R4 loopback to R3 loopback connectivity:
R4# ping 3.3.3.3 so l0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
R4#
Bingo, it all works!