Tags

,

Junos_sw_logo

Time for some eBGP between Juniper devices

Ebgp J to J

Ok, time for some eBGP configurations.  Of course, first thing we need to do – reset to the rescue/base configs.  You can do that now.

 

We will create an iBGP session between J1 and R4 using ASN 14 and we will also create an iBGP session between J2 and J3 using ASN 23.

 

R4 up first:

R4(config)#router bgp 14

R4(config-router)#nei 192.168.14.1 remote-as 14

R4(config-router)#nei 192.168.14.1 soft-reconfiguration inbound

R4(config-router)#net 4.4.4.4 mask 255.255.255.255

R4(config-router)#^Z

R4#

 



 

Now onto J1:

[edit]

jfry@J1# set routing-options autonomous-system 14

 

Create our prefix list to advertise our Loopback address:

[edit]

jfry@J1# set policy-options prefix-list Loopback 1.1.1.1/32

 

Create our policy to permit the loopbackL

[edit]

jfry@J1# set policy-options policy-statement ibgp term 1 from prefix-list Loopback             

 

[edit]

jfry@J1# set policy-options policy-statement ibgp term 1 then accept

 

Now configure our iBGP peering:

[edit]

jfry@J1# edit protocols bgp group ibgp

 

[edit protocols bgp group ibgp]

jfry@J1# set type internal

 

[edit protocols bgp group ibgp]

jfry@J1# set peer-as 14   

 

[edit protocols bgp group ibgp]

jfry@J1# set neighbor 192.168.14.4

 

And finally what we are going to Export to BGP:

[edit protocols bgp group ibgp]

jfry@J1# set export ibgp

 

[edit protocols bgp group ibgp]

jfry@J1# show

type internal;

export ibgp;

peer-as 14;

neighbor 192.168.14.4;

 

[edit protocols bgp group ibgp]

jfry@J1# commit and-quit

commit complete

Exiting configuration mode

 

jfry@J1>

 

 

Quick check on R4:

R4#sh ip route

Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP

       D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area

       N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

       E1 – OSPF external type 1, E2 – OSPF external type 2

       i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2

       ia – IS-IS inter area, * – candidate default, U – per-user static route

       o – ODR, P – periodic downloaded static route

 

Gateway of last resort is not set

 

     1.0.0.0/32 is subnetted, 1 subnets

B       1.1.1.1 [200/0] via 192.168.14.1, 00:02:05

C    192.168.14.0/24 is directly connected, Ethernet0

     4.0.0.0/32 is subnetted, 1 subnets

C       4.4.4.4 is directly connected, Loopback0

R4#ping 1.1.1.1 so l0

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:

Packet sent with a source address of 4.4.4.4

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/8 ms

R4#

 

Good, now onto J2:

jfry@J2> edit

Entering configuration mode

 

[edit]

jfry@J2# set routing-options autonomous-system 23

 

[edit]

jfry@J2# set policy-options prefix-list Loopback 2.2.2.2/32

 

[edit]

jfry@J2# set policy-options policy-statement ibgp term 1 from prefix-list Loopback             

 

[edit]

jfry@J2# set policy-options policy-statement ibgp term 1 then accept

 

[edit]

jfry@J2# edit protocols bgp group ibgp

 

 

[edit protocols bgp group ibgp]

jfry@J2# set type internal

 

[edit protocols bgp group ibgp]

jfry@J2# set peer-as 23

 

[edit protocols bgp group ibgp]

jfry@J2# set neighbor 192.168.23.3

 

[edit protocols bgp group ibgp]

jfry@J2# set export ibgp

 

[edit protocols bgp group ibgp]

jfry@J2# commit and-quit

jfry@J2>

 

and finally J3:

jfry@J3> edit

Entering configuration mode

 

[edit]

jfry@J3# set routing-options autonomous-system 23

 

[edit]

jfry@J3# edit protocols bgp group ibgp

 

[edit protocols bgp group ibgp]

jfry@J3# set type internal

 

[edit protocols bgp group ibgp]

jfry@J3# set peer-as 23

 

[edit protocols bgp group ibgp]

jfry@J3# set neighbor 192.168.23.2

 

[edit protocols bgp group ibgp]

jfry@J3# set export Loopback

 

[edit protocols bgp group ibgp]

jfry@J3# top

 

[edit]

jfry@J3# set policy-options prefix-list Loobacks 3.3.3.3/32

 

[edit]

jfry@J3# set policy-options policy-statement ibgp term 1 from prefix-list Loopbacks        

 

[edit]

jfry@J3# set policy-options policy-statement ibgp term 1 then accept

 

[edit]

jfry@J3# commit and-quit

commit complete

Exiting configuration mode

 

All good!

 

Back to J2 to see what BGP and routing looks like:

jfry@J2> show bgp summary

Groups: 1 Peers: 1 Down peers: 0

Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending

inet.0              

                       1          1          0          0          0          0

Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped…

192.168.23.3             23         27         26       0       0       10:29 1/1/1/0              0/0/0/0

 

jfry@J2>

 

And now to PING:

jfry@J2> ping 3.3.3.3 source 2.2.2.2 rapid   

PING 3.3.3.3 (3.3.3.3): 56 data bytes

!!!!!

— 3.3.3.3 ping statistics —

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max/stddev = 2.424/2.734/3.358/0.345 ms

 

jfry@J2>

 

Great, we have iBGP working between J2 and J3 as well as J1 and R4.  Now we can move onto eBGP!

 

J1 up first!

We will create a new policy-statement called ebgp and advertise our loopbacks

 

jfry@J1> edit

Entering configuration mode

 

[edit]

jfry@J1# set policy-options policy-statement ebgp term 1 from prefix-list Loopback

 

[edit]

jfry@J1# set policy-options policy-statement ebgp term 1 then accept

 

 

 

Now we will create a new bgp group and call it ebgp

[edit]

jfry@J1# edit protocols bgp group ebgp

 

Set the type to External

[edit protocols bgp group ebgp]

jfry@J1# set type external

 

Set the peer-as for ASN23

[edit protocols bgp group ebgp]

jfry@J1# set peer-as 23

 

Identify our neighbor:

[edit protocols bgp group ebgp]

jfry@J1# set neighbor 192.168.12.2

 

And then set our export policy:

[edit protocols bgp group ebgp]

jfry@J1# set export ebgp

 

[edit protocols bgp group ebgp]

jfry@J1# commit and-quit

 

 

And now for J2:

[edit]

jfry@J2# set policy-options policy-statement ebgp term 1 from prefix-list Loopback              

 

[edit]

jfry@J2# set policy-options policy-statement ebgp term 1 then accept

 

[edit]

jfry@J2# edit protocols bgp group ebgp

 

[edit]

jfry@J2# set type external

 

[edit]

jfry@J2# set peer-as 14

 

[edit]

jfry@J2# set neighbor 192.168.12.1

 

[edit]

jfry@J2# set export ebgp

 

[edit]

jfry@J2# commit and-quit

commit complete

Exiting configuration mode

 

There, all done.  Time to check J2 to see if we neighbored up:

jfry@J2> show bgp summary    

Groups: 2 Peers: 2 Down peers: 0

Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending

inet.0              

                       3          3          0          0          0          0

Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped…

192.168.12.1             14          7          8       0       0        2:12 2/2/2/0              0/0/0/0

192.168.23.3             23        147        148       0       0     1:04:32 1/1/1/0              0/0/0/0

 

jfry@J2>

 

Ok, time to look at the routing table on J2:

 

jfry@J2> show route

 

inet.0: 8 destinations, 8 routes (8 active, 0 holddown, 0 hidden)

+ = Active Route, – = Last Active, * = Both

 

1.1.1.1/32         *[BGP/170] 00:04:19, localpref 100

                      AS path: 14 I

                    > to 192.168.12.1 via ge-0/0/0.0

2.2.2.2/32         *[Direct/0] 09:39:16

                    > via lo0.0

3.3.3.3/32         *[BGP/170] 01:06:39, localpref 100

                      AS path: I

                    > to 192.168.23.3 via ge-0/0/1.0

4.4.4.4/32         *[BGP/170] 00:04:19, localpref 100

                      AS path: 14 I

                    > to 192.168.12.1 via ge-0/0/0.0

192.168.12.0/24    *[Direct/0] 09:38:13

                    > via ge-0/0/0.0

192.168.12.2/32    *[Local/0] 09:38:18

                      Local via ge-0/0/0.0

192.168.23.0/24    *[Direct/0] 09:38:14

                    > via ge-0/0/1.0

192.168.23.2/32    *[Local/0] 09:38:17

                      Local via ge-0/0/1.0

                                       

jfry@J2>

 

Good, we have routes there!  Let’s look at J3

jfry@J3> show route 

 

inet.0: 8 destinations, 8 routes (6 active, 0 holddown, 2 hidden)

+ = Active Route, – = Last Active, * = Both

 

2.2.2.2/32         *[BGP/170] 01:05:11, localpref 100

                      AS path: I

                    > to 192.168.23.2 via fe-0/0/1.0

3.3.3.3/32         *[Direct/0] 09:38:58

                    > via lo0.0

192.168.13.0/24    *[Direct/0] 09:37:09

                    > via fe-0/0/2.0

192.168.13.3/32    *[Local/0] 09:38:31

                      Local via fe-0/0/2.0

192.168.23.0/24    *[Direct/0] 09:36:44

                    > via fe-0/0/1.0

192.168.23.3/32    *[Local/0] 09:38:32

                      Local via fe-0/0/1.0

 

jfry@J3>

 

Hmm, we are  missing routes to J1 and R4. 

Time to check to see what routes R2 is sending us.

jfry@J3> show route receive-protocol bgp 192.168.23.2 all

 

inet.0: 8 destinations, 8 routes (6 active, 0 holddown, 2 hidden)

  Prefix                  Nexthop              MED     Lclpref    AS path

  1.1.1.1/32              192.168.12.1                 100        14 I

* 2.2.2.2/32              192.168.23.2                 100        I

  4.4.4.4/32              192.168.12.1                 100        14 I

 

__juniper_private1__.inet.0: 7 destinations, 9 routes (7 active, 0 holddown, 0 hidden)

 

__juniper_private2__.inet.0: 1 destinations, 1 routes (0 active, 0 holddown, 1 hidden)

 

jfry@J3>

 

We are getting them, but wait – the next hop is 192.168.12.1.  We don’t have a route to that network, ahh. 

 

So, we have two choices here – we can either advertise the 192.168.12.x/24 network OR we can configure J2 with next-hop-self.  Let’s do the next-hop-self here.

 



 

Back to J2:

jfry@J2> edit

Entering configuration mode

 

What we are going to do is add a second term (term 2) for all other routes.  Term 1 is addressing our loopback, so we don’t need to worry about that.

[edit]

jfry@J2# set policy-options policy -statement ibgp term 2 then next-hop self                     

 

[edit]

jfry@J2# set policy-options policy-statement ibgp term 2 then accept

 

[edit]

jfry@J2#

 

Ok, quick check on J3 for bgp routes:

jfry@J3> show route | match bgp

1.1.1.1/32         *[BGP/170] 00:02:27, localpref 100

2.2.2.2/32         *[BGP/170] 01:12:04, localpref 100

4.4.4.4/32         *[BGP/170] 00:02:27, localpref 100

192.168.12.0/24    *[BGP/170] 00:02:27, localpref 100

                    [BGP/170] 00:02:27, localpref 100

 

jfry@J3>

 

There they are!

 

This means that we also need to do this on R1.  So let’s check R4 received routes from J1:

R4#sh ip bgp neighbors 192.168.14.1 received-routes

BGP table version is 31, local router ID is 4.4.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,

              r RIB-failure, S Stale

Origin codes: i – IGP, e – EGP, ? – incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

*>i1.1.1.1/32       192.168.14.1                  100      0 i

* i2.2.2.2/32       192.168.12.2                  100      0 23 i

* i3.3.3.3/32       192.168.12.2                  100      0 23 i

 

Total number of prefixes 3

R4#

 

Yup, same problem.  Our next hop is 192.168.12.2, J2’s interface.  Let’s do the same here and set J1 as next-hop-self.

jfry@J1> edit

Entering configuration mode

 

[edit]

jfry@J1# set policy-options policy-statement ibgp term 2 then next-hop self                     

 

[edit]

jfry@J1# set policy-options policy-statement ibgp term 2 then accept

 

[edit]

jfry@J1# commit and-quit

 

Now we can check R4 routing table:

R4#sh ip route

Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP

       D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area

       N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

       E1 – OSPF external type 1, E2 – OSPF external type 2

       i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2

       ia – IS-IS inter area, * – candidate default, U – per-user static route

       o – ODR, P – periodic downloaded static route

 

Gateway of last resort is not set

 

B    192.168.12.0/24 [200/0] via 192.168.14.1, 00:00:49

     1.0.0.0/32 is subnetted, 1 subnets

B       1.1.1.1 [200/0] via 192.168.14.1, 00:53:08

B    192.168.13.0/24 [200/0] via 192.168.14.1, 00:00:49

     2.0.0.0/32 is subnetted, 1 subnets

B       2.2.2.2 [200/0] via 192.168.14.1, 00:00:50

C    192.168.14.0/24 is directly connected, Ethernet0

     3.0.0.0/32 is subnetted, 1 subnets

B       3.3.3.3 [200/0] via 192.168.14.1, 00:00:50

     4.0.0.0/32 is subnetted, 1 subnets

C       4.4.4.4 is directly connected, Loopback0

R4#

 

And we have all the routes. Time to check R4 loopback to R3 loopback connectivity:

R4# ping 3.3.3.3 so l0

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:

Packet sent with a source address of 4.4.4.4

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

R4#

 

Bingo, it all works!