blob: e7463300a383cdc4f165a2eeeb64f34b86c52395 [file] [log] [blame]
paul718e3742002-12-13 20:15:29 +00001@c -*-texinfo-*-
paul7190f4e2003-08-12 12:40:20 +00002@c This is part of the Quagga Manual.
paul76b89b42004-11-06 17:13:09 +00003@c @value{COPYRIGHT_STR}
4@c See file quagga.texi for copying conditions.
paul718e3742002-12-13 20:15:29 +00005@node BGP
paul718e3742002-12-13 20:15:29 +00006@chapter BGP
7
paulaa5943f2005-11-04 21:53:59 +00008@acronym{BGP} stands for a Border Gateway Protocol. The lastest BGP version
paul718e3742002-12-13 20:15:29 +00009is 4. It is referred as BGP-4. BGP-4 is one of the Exterior Gateway
10Protocols and de-fact standard of Inter Domain routing protocol.
paulaa5943f2005-11-04 21:53:59 +000011BGP-4 is described in @cite{RFC1771, A Border Gateway Protocol
paul718e3742002-12-13 20:15:29 +0000124 (BGP-4)}.
13
paulaa5943f2005-11-04 21:53:59 +000014Many extensions have been added to @cite{RFC1771}. @cite{RFC2858,
15Multiprotocol Extensions for BGP-4} provides multiprotocol support to
16BGP-4.
paul718e3742002-12-13 20:15:29 +000017
18@menu
19* Starting BGP::
20* BGP router::
21* BGP network::
22* BGP Peer::
23* BGP Peer Group::
24* BGP Address Family::
25* Autonomous System::
26* BGP Communities Attribute::
27* BGP Extended Communities Attribute::
28* Displaying BGP routes::
29* Capability Negotiation::
30* Route Reflector::
31* Route Server::
32* How to set up a 6-Bone connection::
33* Dump BGP packets and table::
paulaa5943f2005-11-04 21:53:59 +000034* BGP Configuration Examples::
paul718e3742002-12-13 20:15:29 +000035@end menu
36
paul76b89b42004-11-06 17:13:09 +000037@node Starting BGP
paul718e3742002-12-13 20:15:29 +000038@section Starting BGP
39
40Default configuration file of @command{bgpd} is @file{bgpd.conf}.
41@command{bgpd} searches the current directory first then
42@value{INSTALL_PREFIX_ETC}/bgpd.conf. All of bgpd's command must be
43configured in @file{bgpd.conf}.
44
45@command{bgpd} specific invocation options are described below. Common
46options may also be specified (@pxref{Common Invocation Options}).
47
48@table @samp
49@item -p @var{PORT}
50@itemx --bgp_port=@var{PORT}
51Set the bgp protocol's port number.
52
53@item -r
54@itemx --retain
55When program terminates, retain BGP routes added by zebra.
56@end table
57
paul76b89b42004-11-06 17:13:09 +000058@node BGP router
paul718e3742002-12-13 20:15:29 +000059@section BGP router
60
61 First of all you must configure BGP router with @command{router bgp}
62command. To configure BGP router, you need AS number. AS number is an
63identification of autonomous system. BGP protocol uses the AS number
64for detecting whether the BGP connection is internal one or external one.
65
66@deffn Command {router bgp @var{asn}} {}
67Enable a BGP protocol process with the specified @var{asn}. After
68this statement you can input any @code{BGP Commands}. You can not
69create different BGP process under different @var{asn} without
70specifying @code{multiple-instance} (@pxref{Multiple instance}).
71@end deffn
72
73@deffn Command {no router bgp @var{asn}} {}
74Destroy a BGP protocol process with the specified @var{asn}.
75@end deffn
76
77@deffn {BGP} {bgp router-id @var{A.B.C.D}} {}
78This command specifies the router-ID. If @command{bgpd} connects to @command{zebra} it gets
79interface and address information. In that case default router ID value
80is selected as the largest IP Address of the interfaces. When
81@code{router zebra} is not enabled @command{bgpd} can't get interface information
82so @code{router-id} is set to 0.0.0.0. So please set router-id by hand.
83@end deffn
84
85@menu
86* BGP distance::
87* BGP decision process::
88@end menu
89
paul76b89b42004-11-06 17:13:09 +000090@node BGP distance
paul718e3742002-12-13 20:15:29 +000091@subsection BGP distance
92
93@deffn {BGP} {distance bgp <1-255> <1-255> <1-255>} {}
94This command change distance value of BGP. Each argument is distance
95value for external routes, internal routes and local routes.
96@end deffn
97
98@deffn {BGP} {distance <1-255> @var{A.B.C.D/M}} {}
99@deffnx {BGP} {distance <1-255> @var{A.B.C.D/M} @var{word}} {}
100This command set distance value to
101@end deffn
102
paul76b89b42004-11-06 17:13:09 +0000103@node BGP decision process
paul718e3742002-12-13 20:15:29 +0000104@subsection BGP decision process
105
106@table @asis
107@item 1. Weight check
108
109@item 2. Local preference check.
110
111@item 3. Local route check.
112
113@item 4. AS path length check.
114
115@item 5. Origin check.
116
117@item 6. MED check.
118@end table
119
hasso68118452005-04-08 15:40:36 +0000120@deffn {BGP} {bgp bestpath as-path confed} {}
121This command specifies that the length of confederation path sets and
122sequences should should be taken into account during the BGP best path
123decision process.
124@end deffn
125
paul76b89b42004-11-06 17:13:09 +0000126@node BGP network
paul718e3742002-12-13 20:15:29 +0000127@section BGP network
128
129@menu
130* BGP route::
131* Route Aggregation::
132* Redistribute to BGP::
133@end menu
134
paul76b89b42004-11-06 17:13:09 +0000135@node BGP route
paul718e3742002-12-13 20:15:29 +0000136@subsection BGP route
137
138@deffn {BGP} {network @var{A.B.C.D/M}} {}
139This command adds the announcement network.
140@example
141@group
142router bgp 1
143 network 10.0.0.0/8
144@end group
145@end example
146This configuration example says that network 10.0.0.0/8 will be
147announced to all neighbors. Some vendors' routers don't advertise
Paul Jakma41367172007-08-06 15:24:51 +0000148routes if they aren't present in their IGP routing tables; @code{bgpd}
paul718e3742002-12-13 20:15:29 +0000149doesn't care about IGP routes when announcing its routes.
150@end deffn
151
152@deffn {BGP} {no network @var{A.B.C.D/M}} {}
153@end deffn
154
paul76b89b42004-11-06 17:13:09 +0000155@node Route Aggregation
paul718e3742002-12-13 20:15:29 +0000156@subsection Route Aggregation
157
158@deffn {BGP} {aggregate-address @var{A.B.C.D/M}} {}
159This command specifies an aggregate address.
160@end deffn
161
162@deffn {BGP} {aggregate-address @var{A.B.C.D/M} as-set} {}
163This command specifies an aggregate address. Resulting routes inlucde
164AS set.
165@end deffn
166
167@deffn {BGP} {aggregate-address @var{A.B.C.D/M} summary-only} {}
168This command specifies an aggregate address. Aggreated routes will
169not be announce.
170@end deffn
171
172@deffn {BGP} {no aggregate-address @var{A.B.C.D/M}} {}
173@end deffn
174
paul76b89b42004-11-06 17:13:09 +0000175@node Redistribute to BGP
paul718e3742002-12-13 20:15:29 +0000176@subsection Redistribute to BGP
177
178@deffn {BGP} {redistribute kernel} {}
179Redistribute kernel route to BGP process.
180@end deffn
181
182@deffn {BGP} {redistribute static} {}
183Redistribute static route to BGP process.
184@end deffn
185
186@deffn {BGP} {redistribute connected} {}
187Redistribute connected route to BGP process.
188@end deffn
189
190@deffn {BGP} {redistribute rip} {}
191Redistribute RIP route to BGP process.
192@end deffn
193
194@deffn {BGP} {redistribute ospf} {}
195Redistribute OSPF route to BGP process.
196@end deffn
197
paul76b89b42004-11-06 17:13:09 +0000198@node BGP Peer
paul718e3742002-12-13 20:15:29 +0000199@section BGP Peer
200
201@menu
202* Defining Peer::
203* BGP Peer commands::
204* Peer filtering::
205@end menu
206
paul76b89b42004-11-06 17:13:09 +0000207@node Defining Peer
paul718e3742002-12-13 20:15:29 +0000208@subsection Defining Peer
209
210@deffn {BGP} {neighbor @var{peer} remote-as @var{asn}} {}
211Creates a new neighbor whose remote-as is @var{asn}. @var{peer}
212can be an IPv4 address or an IPv6 address.
213@example
214@group
215router bgp 1
216 neighbor 10.0.0.1 remote-as 2
217@end group
218@end example
219In this case my router, in AS-1, is trying to peer with AS-2 at
22010.0.0.1.
221
222This command must be the first command used when configuring a neighbor.
223If the remote-as is not specified, @command{bgpd} will complain like this:
224@example
225can't find neighbor 10.0.0.1
226@end example
227@end deffn
228
paul76b89b42004-11-06 17:13:09 +0000229@node BGP Peer commands
paul718e3742002-12-13 20:15:29 +0000230@subsection BGP Peer commands
231
232In a @code{router bgp} clause there are neighbor specific configurations
233required.
234
235@deffn {BGP} {neighbor @var{peer} shutdown} {}
236@deffnx {BGP} {no neighbor @var{peer} shutdown} {}
237Shutdown the peer. We can delete the neighbor's configuration by
238@code{no neighbor @var{peer} remote-as @var{as-number}} but all
239configuration of the neighbor will be deleted. When you want to
240preserve the configuration, but want to drop the BGP peer, use this
241syntax.
242@end deffn
243
244@deffn {BGP} {neighbor @var{peer} ebgp-multihop} {}
245@deffnx {BGP} {no neighbor @var{peer} ebgp-multihop} {}
246@end deffn
247
248@deffn {BGP} {neighbor @var{peer} description ...} {}
249@deffnx {BGP} {no neighbor @var{peer} description ...} {}
250Set description of the peer.
251@end deffn
252
253@deffn {BGP} {neighbor @var{peer} version @var{version}} {}
254Set up the neighbor's BGP version. @var{version} can be @var{4},
255@var{4+} or @var{4-}. BGP version @var{4} is the default value used for
256BGP peering. BGP version @var{4+} means that the neighbor supports
257Multiprotocol Extensions for BGP-4. BGP version @var{4-} is similar but
258the neighbor speaks the old Internet-Draft revision 00's Multiprotocol
259Extensions for BGP-4. Some routing software is still using this
260version.
261@end deffn
262
263@deffn {BGP} {neighbor @var{peer} interface @var{ifname}} {}
264@deffnx {BGP} {no neighbor @var{peer} interface @var{ifname}} {}
Paul Jakma825cd492006-05-23 22:20:34 +0000265When you connect to a BGP peer over an IPv6 link-local address, you
266have to specify the @var{ifname} of the interface used for the
267connection. To specify IPv4 session addresses, see the
268@code{neighbor @var{peer} update-source} command below.
269
270This command is deprecated and may be removed in a future release. Its
271use should be avoided.
paul718e3742002-12-13 20:15:29 +0000272@end deffn
273
274@deffn {BGP} {neighbor @var{peer} next-hop-self} {}
275@deffnx {BGP} {no neighbor @var{peer} next-hop-self} {}
276This command specifies an announced route's nexthop as being equivalent
277to the address of the bgp router.
278@end deffn
279
Paul Jakma466c9652006-06-26 12:55:58 +0000280@deffn {BGP} {neighbor @var{peer} update-source @var{<ifname|address>}} {}
paul718e3742002-12-13 20:15:29 +0000281@deffnx {BGP} {no neighbor @var{peer} update-source} {}
Paul Jakma825cd492006-05-23 22:20:34 +0000282Specify the IPv4 source address to use for the @acronym{BGP} session to this
283neighbour, may be specified as either an IPv4 address directly or
284as an interface name (in which case the @command{zebra} daemon MUST be running
285in order for @command{bgpd} to be able to retrieve interface state).
286@example
287@group
288router bgp 64555
289 neighbor foo update-source 192.168.0.1
290 neighbor bar update-source lo0
291@end group
292@end example
paul718e3742002-12-13 20:15:29 +0000293@end deffn
294
295@deffn {BGP} {neighbor @var{peer} default-originate} {}
296@deffnx {BGP} {no neighbor @var{peer} default-originate} {}
297@command{bgpd}'s default is to not announce the default route (0.0.0.0/0) even it
298is in routing table. When you want to announce default routes to the
299peer, use this command.
300@end deffn
301
302@deffn {BGP} {neighbor @var{peer} port @var{port}} {}
303@deffnx {BGP} {neighbor @var{peer} port @var{port}} {}
304@end deffn
305
306@deffn {BGP} {neighbor @var{peer} send-community} {}
307@deffnx {BGP} {neighbor @var{peer} send-community} {}
308@end deffn
309
310@deffn {BGP} {neighbor @var{peer} weight @var{weight}} {}
311@deffnx {BGP} {no neighbor @var{peer} weight @var{weight}} {}
312This command specifies a default @var{weight} value for the neighbor's
313routes.
314@end deffn
315
316@deffn {BGP} {neighbor @var{peer} maximum-prefix @var{number}} {}
317@deffnx {BGP} {no neighbor @var{peer} maximum-prefix @var{number}} {}
318@end deffn
319
paul76b89b42004-11-06 17:13:09 +0000320@node Peer filtering
paul718e3742002-12-13 20:15:29 +0000321@subsection Peer filtering
322
323@deffn {BGP} {neighbor @var{peer} distribute-list @var{name} [in|out]} {}
324This command specifies a distribute-list for the peer. @var{direct} is
325@samp{in} or @samp{out}.
326@end deffn
327
328@deffn {BGP command} {neighbor @var{peer} prefix-list @var{name} [in|out]} {}
329@end deffn
330
331@deffn {BGP command} {neighbor @var{peer} filter-list @var{name} [in|out]} {}
332@end deffn
333
334@deffn {BGP} {neighbor @var{peer} route-map @var{name} [in|out]} {}
335Apply a route-map on the neighbor. @var{direct} must be @code{in} or
336@code{out}.
337@end deffn
338
339@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000340@node BGP Peer Group
paul718e3742002-12-13 20:15:29 +0000341@section BGP Peer Group
342
343@deffn {BGP} {neighbor @var{word} peer-group} {}
344This command defines a new peer group.
345@end deffn
346
347@deffn {BGP} {neighbor @var{peer} peer-group @var{word}} {}
348This command bind specific peer to peer group @var{word}.
349@end deffn
350
paul76b89b42004-11-06 17:13:09 +0000351@node BGP Address Family
paul718e3742002-12-13 20:15:29 +0000352@section BGP Address Family
353
paul718e3742002-12-13 20:15:29 +0000354@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000355@node Autonomous System
paul718e3742002-12-13 20:15:29 +0000356@section Autonomous System
357
paulaa5943f2005-11-04 21:53:59 +0000358The @acronym{AS,Autonomous System} number is one of the essential
359element of BGP. BGP is a distance vector routing protocol, and the
360AS-Path framework provides distance vector metric and loop detection to
361BGP. @cite{RFC1930, Guidelines for creation, selection, and
362registration of an Autonomous System (AS)} provides some background on
363the concepts of an AS.
paul718e3742002-12-13 20:15:29 +0000364
paulaa5943f2005-11-04 21:53:59 +0000365The AS number is a two octet value, ranging in value from 1 to 65535.
366The AS numbers 64512 through 65535 are defined as private AS numbers.
367Private AS numbers must not to be advertised in the global Internet.
paul718e3742002-12-13 20:15:29 +0000368
369@menu
370* AS Path Regular Expression::
371* Display BGP Routes by AS Path::
372* AS Path Access List::
373* Using AS Path in Route Map::
374* Private AS Numbers::
375@end menu
376
paul76b89b42004-11-06 17:13:09 +0000377@node AS Path Regular Expression
paul718e3742002-12-13 20:15:29 +0000378@subsection AS Path Regular Expression
379
paulaa5943f2005-11-04 21:53:59 +0000380AS path regular expression can be used for displaying BGP routes and
paul718e3742002-12-13 20:15:29 +0000381AS path access list. AS path regular expression is based on
382@code{POSIX 1003.2} regular expressions. Following description is
383just a subset of @code{POSIX} regular expression. User can use full
384@code{POSIX} regular expression. Adding to that special character '_'
385is added for AS path regular expression.
386
387@table @code
388@item .
389Matches any single character.
390@item *
391Matches 0 or more occurrences of pattern.
392@item +
393Matches 1 or more occurrences of pattern.
394@item ?
395Match 0 or 1 occurrences of pattern.
396@item ^
397Matches the beginning of the line.
398@item $
399Matches the end of the line.
400@item _
401Character @code{_} has special meanings in AS path regular expression.
402It matches to space and comma , and AS set delimiter @{ and @} and AS
403confederation delimiter @code{(} and @code{)}. And it also matches to
404the beginning of the line and the end of the line. So @code{_} can be
405used for AS value boundaries match. @code{show ip bgp regexp _7675_}
406matches to all of BGP routes which as AS number include @var{7675}.
407@end table
408
paul76b89b42004-11-06 17:13:09 +0000409@node Display BGP Routes by AS Path
paul718e3742002-12-13 20:15:29 +0000410@subsection Display BGP Routes by AS Path
411
paulaa5943f2005-11-04 21:53:59 +0000412To show BGP routes which has specific AS path information @code{show
paul718e3742002-12-13 20:15:29 +0000413ip bgp} command can be used.
414
415@deffn Command {show ip bgp regexp @var{line}} {}
416This commands display BGP routes that matches AS path regular
417expression @var{line}.
418@end deffn
419
paul76b89b42004-11-06 17:13:09 +0000420@node AS Path Access List
paul718e3742002-12-13 20:15:29 +0000421@subsection AS Path Access List
422
paulaa5943f2005-11-04 21:53:59 +0000423AS path access list is user defined AS path.
paul718e3742002-12-13 20:15:29 +0000424
425@deffn {Command} {ip as-path access-list @var{word} @{permit|deny@} @var{line}} {}
426This command defines a new AS path access list.
427@end deffn
428
429@deffn {Command} {no ip as-path access-list @var{word}} {}
430@deffnx {Command} {no ip as-path access-list @var{word} @{permit|deny@} @var{line}} {}
431@end deffn
432
paul76b89b42004-11-06 17:13:09 +0000433@node Using AS Path in Route Map
paul718e3742002-12-13 20:15:29 +0000434@subsection Using AS Path in Route Map
435
436@deffn {Route Map} {match as-path @var{word}} {}
437@end deffn
438
439@deffn {Route Map} {set as-path prepend @var{as-path}} {}
440@end deffn
441
paul76b89b42004-11-06 17:13:09 +0000442@node Private AS Numbers
paul718e3742002-12-13 20:15:29 +0000443@subsection Private AS Numbers
444
paul718e3742002-12-13 20:15:29 +0000445@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000446@node BGP Communities Attribute
paul718e3742002-12-13 20:15:29 +0000447@section BGP Communities Attribute
448
paulaa5943f2005-11-04 21:53:59 +0000449BGP communities attribute is widely used for implementing policy
paul718e3742002-12-13 20:15:29 +0000450routing. Network operators can manipulate BGP communities attribute
451based on their network policy. BGP communities attribute is defined
paulaa5943f2005-11-04 21:53:59 +0000452in @cite{RFC1997, BGP Communities Attribute} and
453@cite{RFC1998, An Application of the BGP Community Attribute
paul718e3742002-12-13 20:15:29 +0000454in Multi-home Routing}. It is an optional transitive attribute,
455therefore local policy can travel through different autonomous system.
456
paulaa5943f2005-11-04 21:53:59 +0000457Communities attribute is a set of communities values. Each
paul718e3742002-12-13 20:15:29 +0000458communities value is 4 octet long. The following format is used to
459define communities value.
460
461@table @code
462@item AS:VAL
463This format represents 4 octet communities value. @code{AS} is high
464order 2 octet in digit format. @code{VAL} is low order 2 octet in
465digit format. This format is useful to define AS oriented policy
466value. For example, @code{7675:80} can be used when AS 7675 wants to
467pass local policy value 80 to neighboring peer.
468@item internet
469@code{internet} represents well-known communities value 0.
470@item no-export
471@code{no-export} represents well-known communities value @code{NO_EXPORT}@*
472@r{(0xFFFFFF01)}. All routes carry this value must not be advertised
473to outside a BGP confederation boundary. If neighboring BGP peer is
474part of BGP confederation, the peer is considered as inside a BGP
475confederation boundary, so the route will be announced to the peer.
476@item no-advertise
477@code{no-advertise} represents well-known communities value
478@code{NO_ADVERTISE}@*@r{(0xFFFFFF02)}. All routes carry this value
479must not be advertise to other BGP peers.
480@item local-AS
481@code{local-AS} represents well-known communities value
482@code{NO_EXPORT_SUBCONFED} @r{(0xFFFFFF03)}. All routes carry this
483value must not be advertised to external BGP peers. Even if the
484neighboring router is part of confederation, it is considered as
485external BGP peer, so the route will not be announced to the peer.
486@end table
487
488 When BGP communities attribute is received, duplicated communities
489value in the communities attribute is ignored and each communities
490values are sorted in numerical order.
491
492@menu
493* BGP Community Lists::
494* Numbered BGP Community Lists::
495* BGP Community in Route Map::
496* Display BGP Routes by Community::
497* Using BGP Communities Attribute::
498@end menu
499
paul76b89b42004-11-06 17:13:09 +0000500@node BGP Community Lists
paul718e3742002-12-13 20:15:29 +0000501@subsection BGP Community Lists
502
503 BGP community list is a user defined BGP communites attribute list.
504BGP community list can be used for matching or manipulating BGP
505communities attribute in updates.
506
paulaa5943f2005-11-04 21:53:59 +0000507There are two types of community list. One is standard community
paul718e3742002-12-13 20:15:29 +0000508list and another is expanded community list. Standard community list
509defines communities attribute. Expanded community list defines
510communities attribute string with regular expression. Standard
511community list is compiled into binary format when user define it.
512Standard community list will be directly compared to BGP communities
513attribute in BGP updates. Therefore the comparison is faster than
514expanded community list.
515
516@deffn Command {ip community-list standard @var{name} @{permit|deny@} @var{community}} {}
517This command defines a new standard community list. @var{community}
518is communities value. The @var{community} is compiled into community
519structure. We can define multiple community list under same name. In
520that case match will happen user defined order. Once the
521community list matches to communities attribute in BGP updates it
522return permit or deny by the community list definition. When there is
523no matched entry, deny will be returned. When @var{community} is
524empty it matches to any routes.
525@end deffn
526
527@deffn Command {ip community-list expanded @var{name} @{permit|deny@} @var{line}} {}
528This command defines a new expanded community list. @var{line} is a
529string expression of communities attribute. @var{line} can include
530regular expression to match communities attribute in BGP updates.
531@end deffn
532
533@deffn Command {no ip community-list @var{name}} {}
534@deffnx Command {no ip community-list standard @var{name}} {}
535@deffnx Command {no ip community-list expanded @var{name}} {}
536These commands delete community lists specified by @var{name}. All of
537community lists shares a single name space. So community lists can be
538removed simpley specifying community lists name.
539@end deffn
540
541@deffn {Command} {show ip community-list} {}
542@deffnx {Command} {show ip community-list @var{name}} {}
543This command display current community list information. When
544@var{name} is specified the specified community list's information is
545shown.
546
547@example
548# show ip community-list
549Named Community standard list CLIST
550 permit 7675:80 7675:100 no-export
551 deny internet
552Named Community expanded list EXPAND
553 permit :
554
555# show ip community-list CLIST
556Named Community standard list CLIST
557 permit 7675:80 7675:100 no-export
558 deny internet
559@end example
560@end deffn
561
paul76b89b42004-11-06 17:13:09 +0000562@node Numbered BGP Community Lists
paul718e3742002-12-13 20:15:29 +0000563@subsection Numbered BGP Community Lists
564
paulaa5943f2005-11-04 21:53:59 +0000565When number is used for BGP community list name, the number has
paul718e3742002-12-13 20:15:29 +0000566special meanings. Community list number in the range from 1 and 99 is
567standard community list. Community list number in the range from 100
568to 199 is expanded community list. These community lists are called
569as numbered community lists. On the other hand normal community lists
570is called as named community lists.
571
572@deffn Command {ip community-list <1-99> @{permit|deny@} @var{community}} {}
573This command defines a new community list. <1-99> is standard
574community list number. Community list name within this range defines
575standard community list. When @var{community} is empty it matches to
576any routes.
577@end deffn
578
579@deffn Command {ip community-list <100-199> @{permit|deny@} @var{community}} {}
580This command defines a new community list. <100-199> is expanded
581community list number. Community list name within this range defines
582expanded community list.
583@end deffn
584
585@deffn Command {ip community-list @var{name} @{permit|deny@} @var{community}} {}
586When community list type is not specifed, the community list type is
587automatically detected. If @var{community} can be compiled into
588communities attribute, the community list is defined as a standard
589community list. Otherwise it is defined as an expanded community
590list. This feature is left for backward compability. Use of this
591feature is not recommended.
592@end deffn
593
paul76b89b42004-11-06 17:13:09 +0000594@node BGP Community in Route Map
paul718e3742002-12-13 20:15:29 +0000595@subsection BGP Community in Route Map
596
paulaa5943f2005-11-04 21:53:59 +0000597In Route Map (@pxref{Route Map}), we can match or set BGP
paul718e3742002-12-13 20:15:29 +0000598communities attribute. Using this feature network operator can
599implement their network policy based on BGP communities attribute.
600
paulaa5943f2005-11-04 21:53:59 +0000601Following commands can be used in Route Map.
paul718e3742002-12-13 20:15:29 +0000602
603@deffn {Route Map} {match community @var{word}} {}
604@deffnx {Route Map} {match community @var{word} exact-match} {}
605This command perform match to BGP updates using community list
606@var{word}. When the one of BGP communities value match to the one of
607communities value in community list, it is match. When
608@code{exact-match} keyword is spcified, match happen only when BGP
609updates have completely same communities value specified in the
610community list.
611@end deffn
612
613@deffn {Route Map} {set community none} {}
614@deffnx {Route Map} {set community @var{community}} {}
615@deffnx {Route Map} {set community @var{community} additive} {}
616This command manipulate communities value in BGP updates. When
617@code{none} is specified as communities value, it removes entire
618communities attribute from BGP updates. When @var{community} is not
619@code{none}, specified communities value is set to BGP updates. If
620BGP updates already has BGP communities value, the existing BGP
621communities value is replaced with specified @var{community} value.
622When @code{additive} keyword is specified, @var{community} is appended
623to the existing communities value.
624@end deffn
625
626@deffn {Route Map} {set comm-list @var{word} delete} {}
627This command remove communities value from BGP communities attribute.
628The @var{word} is community list name. When BGP route's communities
629value matches to the community list @var{word}, the communities value
630is removed. When all of communities value is removed eventually, the
631BGP update's communities attribute is completely removed.
632@end deffn
633
paul76b89b42004-11-06 17:13:09 +0000634@node Display BGP Routes by Community
paul718e3742002-12-13 20:15:29 +0000635@subsection Display BGP Routes by Community
636
paulaa5943f2005-11-04 21:53:59 +0000637To show BGP routes which has specific BGP communities attribute,
paul718e3742002-12-13 20:15:29 +0000638@code{show ip bgp} command can be used. The @var{community} value and
639community list can be used for @code{show ip bgp} command.
640
641@deffn Command {show ip bgp community} {}
642@deffnx Command {show ip bgp community @var{community}} {}
643@deffnx Command {show ip bgp community @var{community} exact-match} {}
644@code{show ip bgp community} displays BGP routes which has communities
645attribute. When @var{community} is specified, BGP routes that matches
646@var{community} value is displayed. For this command, @code{internet}
647keyword can't be used for @var{community} value. When
648@code{exact-match} is specified, it display only routes that have an
649exact match.
650@end deffn
651
652@deffn Command {show ip bgp community-list @var{word}} {}
653@deffnx Command {show ip bgp community-list @var{word} exact-match} {}
654This commands display BGP routes that matches community list
655@var{word}. When @code{exact-match} is specified, display only routes
656that have an exact match.
657@end deffn
658
paul76b89b42004-11-06 17:13:09 +0000659@node Using BGP Communities Attribute
paul718e3742002-12-13 20:15:29 +0000660@subsection Using BGP Communities Attribute
661
paulaa5943f2005-11-04 21:53:59 +0000662Following configuration is the most typical usage of BGP communities
paul718e3742002-12-13 20:15:29 +0000663attribute. AS 7675 provides upstream Internet connection to AS 100.
664When following configuration exists in AS 7675, AS 100 networks
665operator can set local preference in AS 7675 network by setting BGP
666communities attribute to the updates.
667
668@example
669router bgp 7675
670 neighbor 192.168.0.1 remote-as 100
671 neighbor 192.168.0.1 route-map RMAP in
672!
673ip community-list 70 permit 7675:70
674ip community-list 70 deny
675ip community-list 80 permit 7675:80
676ip community-list 80 deny
677ip community-list 90 permit 7675:90
678ip community-list 90 deny
679!
680route-map RMAP permit 10
681 match community 70
682 set local-preference 70
683!
684route-map RMAP permit 20
685 match community 80
686 set local-preference 80
687!
688route-map RMAP permit 30
689 match community 90
690 set local-preference 90
691@end example
692
paulaa5943f2005-11-04 21:53:59 +0000693Following configuration announce 10.0.0.0/8 from AS 100 to AS 7675.
paul718e3742002-12-13 20:15:29 +0000694The route has communities value 7675:80 so when above configuration
695exists in AS 7675, announced route's local preference will be set to
696value 80.
697
698@example
699router bgp 100
700 network 10.0.0.0/8
701 neighbor 192.168.0.2 remote-as 7675
702 neighbor 192.168.0.2 route-map RMAP out
703!
704ip prefix-list PLIST permit 10.0.0.0/8
705!
706route-map RMAP permit 10
707 match ip address prefix-list PLIST
708 set community 7675:80
709@end example
710
paulaa5943f2005-11-04 21:53:59 +0000711Following configuration is an example of BGP route filtering using
paul718e3742002-12-13 20:15:29 +0000712communities attribute. This configuration only permit BGP routes
713which has BGP communities value 0:80 or 0:90. Network operator can
714put special internal communities value at BGP border router, then
715limit the BGP routes announcement into the internal network.
716
717@example
718router bgp 7675
719 neighbor 192.168.0.1 remote-as 100
720 neighbor 192.168.0.1 route-map RMAP in
721!
722ip community-list 1 permit 0:80 0:90
723!
724route-map RMAP permit in
725 match community 1
726@end example
727
paulaa5943f2005-11-04 21:53:59 +0000728Following exmaple filter BGP routes which has communities value 1:1.
paul718e3742002-12-13 20:15:29 +0000729When there is no match community-list returns deny. To avoid
730filtering all of routes, we need to define permit any at last.
731
732@example
733router bgp 7675
734 neighbor 192.168.0.1 remote-as 100
735 neighbor 192.168.0.1 route-map RMAP in
736!
737ip community-list standard FILTER deny 1:1
738ip community-list standard FILTER permit
739!
740route-map RMAP permit 10
741 match community FILTER
742@end example
743
paulaa5943f2005-11-04 21:53:59 +0000744Communities value keyword @code{internet} has special meanings in
paul718e3742002-12-13 20:15:29 +0000745standard community lists. In below example @code{internet} act as
746match any. It matches all of BGP routes even if the route does not
747have communities attribute at all. So community list @code{INTERNET}
748is same as above example's @code{FILTER}.
749
750@example
751ip community-list standard INTERNET deny 1:1
752ip community-list standard INTERNET permit internet
753@end example
754
paulaa5943f2005-11-04 21:53:59 +0000755Following configuration is an example of communities value deletion.
paul718e3742002-12-13 20:15:29 +0000756With this configuration communities value 100:1 and 100:2 is removed
757from BGP updates. For communities value deletion, only @code{permit}
758community-list is used. @code{deny} community-list is ignored.
759
760@example
761router bgp 7675
762 neighbor 192.168.0.1 remote-as 100
763 neighbor 192.168.0.1 route-map RMAP in
764!
765ip community-list standard DEL permit 100:1 100:2
766!
767route-map RMAP permit 10
768 set comm-list DEL delete
769@end example
770
771@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000772@node BGP Extended Communities Attribute
paul718e3742002-12-13 20:15:29 +0000773@section BGP Extended Communities Attribute
774
paulaa5943f2005-11-04 21:53:59 +0000775BGP extended communities attribute is introduced with MPLS VPN/BGP
paul718e3742002-12-13 20:15:29 +0000776technology. MPLS VPN/BGP expands capability of network infrastructure
777to provide VPN functionality. At the same time it requires a new
778framework for policy routing. With BGP Extended Communities Attribute
779we can use Route Target or Site of Origin for implementing network
780policy for MPLS VPN/BGP.
781
paulaa5943f2005-11-04 21:53:59 +0000782BGP Extended Communities Attribute is similar to BGP Communities
paul718e3742002-12-13 20:15:29 +0000783Attribute. It is an optional transitive attribute. BGP Extended
784Communities Attribute can carry multiple Extended Community value.
785Each Extended Community value is eight octet length.
786
paulaa5943f2005-11-04 21:53:59 +0000787BGP Extended Communities Attribute provides an extended range
paul718e3742002-12-13 20:15:29 +0000788compared with BGP Communities Attribute. Adding to that there is a
789type field in each value to provides community space structure.
790
paulaa5943f2005-11-04 21:53:59 +0000791There are two format to define Extended Community value. One is AS
paul718e3742002-12-13 20:15:29 +0000792based format the other is IP address based format.
793
794@table @code
795@item AS:VAL
796This is a format to define AS based Extended Community value.
797@code{AS} part is 2 octets Global Administrator subfield in Extended
798Community value. @code{VAL} part is 4 octets Local Administrator
799subfield. @code{7675:100} represents AS 7675 policy value 100.
800@item IP-Address:VAL
801This is a format to define IP address based Extended Community value.
802@code{IP-Address} part is 4 octets Global Administrator subfield.
803@code{VAL} part is 2 octets Local Administrator subfield.
804@code{10.0.0.1:100} represents
805@end table
806
807@menu
808* BGP Extended Community Lists::
809* BGP Extended Communities in Route Map::
810@end menu
811
paul76b89b42004-11-06 17:13:09 +0000812@node BGP Extended Community Lists
paul718e3742002-12-13 20:15:29 +0000813@subsection BGP Extended Community Lists
814
paulaa5943f2005-11-04 21:53:59 +0000815Expanded Community Lists is a user defined BGP Expanded Community
paul718e3742002-12-13 20:15:29 +0000816Lists.
817
818@deffn Command {ip extcommunity-list standard @var{name} @{permit|deny@} @var{extcommunity}} {}
819This command defines a new standard extcommunity-list.
820@var{extcommunity} is extended communities value. The
821@var{extcommunity} is compiled into extended community structure. We
822can define multiple extcommunity-list under same name. In that case
823match will happen user defined order. Once the extcommunity-list
824matches to extended communities attribute in BGP updates it return
825permit or deny based upon the extcommunity-list definition. When
826there is no matched entry, deny will be returned. When
827@var{extcommunity} is empty it matches to any routes.
828@end deffn
829
830@deffn Command {ip extcommunity-list expanded @var{name} @{permit|deny@} @var{line}} {}
831This command defines a new expanded extcommunity-list. @var{line} is
832a string expression of extended communities attribute. @var{line} can
833include regular expression to match extended communities attribute in
834BGP updates.
835@end deffn
836
837@deffn Command {no ip extcommunity-list @var{name}} {}
838@deffnx Command {no ip extcommunity-list standard @var{name}} {}
839@deffnx Command {no ip extcommunity-list expanded @var{name}} {}
840These commands delete extended community lists specified by
841@var{name}. All of extended community lists shares a single name
842space. So extended community lists can be removed simpley specifying
843the name.
844@end deffn
845
846@deffn {Command} {show ip extcommunity-list} {}
847@deffnx {Command} {show ip extcommunity-list @var{name}} {}
848This command display current extcommunity-list information. When
849@var{name} is specified the community list's information is shown.
850
851@example
852# show ip extcommunity-list
853@end example
854@end deffn
855
paul76b89b42004-11-06 17:13:09 +0000856@node BGP Extended Communities in Route Map
paul718e3742002-12-13 20:15:29 +0000857@subsection BGP Extended Communities in Route Map
858
859@deffn {Route Map} {match extcommunity @var{word}} {}
860@end deffn
861
862@deffn {Route Map} {set extcommunity rt @var{extcommunity}} {}
863This command set Route Target value.
864@end deffn
865
866@deffn {Route Map} {set extcommunity soo @var{extcommunity}} {}
867This command set Site of Origin value.
868@end deffn
869
870@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000871@node Displaying BGP routes
paul718e3742002-12-13 20:15:29 +0000872@section Displaying BGP Routes
873
874@menu
875* Show IP BGP::
876* More Show IP BGP::
877@end menu
878
paul76b89b42004-11-06 17:13:09 +0000879@node Show IP BGP
paul718e3742002-12-13 20:15:29 +0000880@subsection Show IP BGP
881
882@deffn {Command} {show ip bgp} {}
883@deffnx {Command} {show ip bgp @var{A.B.C.D}} {}
884@deffnx {Command} {show ip bgp @var{X:X::X:X}} {}
885This command displays BGP routes. When no route is specified it
886display all of IPv4 BGP routes.
887@end deffn
888
889@example
890BGP table version is 0, local router ID is 10.1.1.1
891Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
892Origin codes: i - IGP, e - EGP, ? - incomplete
893
894 Network Next Hop Metric LocPrf Weight Path
895*> 1.1.1.1/32 0.0.0.0 0 32768 i
896
897Total number of prefixes 1
898@end example
899
paul76b89b42004-11-06 17:13:09 +0000900@node More Show IP BGP
paul718e3742002-12-13 20:15:29 +0000901@subsection More Show IP BGP
902
903@deffn {Command} {show ip bgp regexp @var{line}} {}
904This command display BGP routes using AS path regular expression (@pxref{Display BGP Routes by AS Path}).
905@end deffn
906
907@deffn Command {show ip bgp community @var{community}} {}
908@deffnx Command {show ip bgp community @var{community} exact-match} {}
909This command display BGP routes using @var{community} (@pxref{Display
910BGP Routes by Community}).
911@end deffn
912
913@deffn Command {show ip bgp community-list @var{word}} {}
914@deffnx Command {show ip bgp community-list @var{word} exact-match} {}
915This command display BGP routes using community list (@pxref{Display
916BGP Routes by Community}).
917@end deffn
918
919@deffn {Command} {show ip bgp summary} {}
920@end deffn
921
922@deffn {Command} {show ip bgp neighbor [@var{peer}]} {}
923@end deffn
924
925@deffn {Command} {clear ip bgp @var{peer}} {}
926Clear peers which have addresses of X.X.X.X
927@end deffn
928
929@deffn {Command} {clear ip bgp @var{peer} soft in} {}
930Clear peer using soft reconfiguration.
931@end deffn
932
933@deffn {Command} {show debug} {}
934@end deffn
935
936@deffn {Command} {debug event} {}
937@end deffn
938
939@deffn {Command} {debug update} {}
940@end deffn
941
942@deffn {Command} {debug keepalive} {}
943@end deffn
944
945@deffn {Command} {no debug event} {}
946@end deffn
947
948@deffn {Command} {no debug update} {}
949@end deffn
950
951@deffn {Command} {no debug keepalive} {}
952@end deffn
953
paul76b89b42004-11-06 17:13:09 +0000954@node Capability Negotiation
paul718e3742002-12-13 20:15:29 +0000955@section Capability Negotiation
956
paulaa5943f2005-11-04 21:53:59 +0000957When adding IPv6 routing information exchange feature to BGP. There
958were some proposals. @acronym{IETF,Internet Engineering Task Force}
959@acronym{IDR, Inter Domain Routing} @acronym{WG, Working group} adopted
960a proposal called Multiprotocol Extension for BGP. The specification
961is described in @cite{RFC2283}. The protocol does not define new protocols.
962It defines new attributes to existing BGP. When it is used exchanging
963IPv6 routing information it is called BGP-4+. When it is used for
964exchanging multicast routing information it is called MBGP.
paul718e3742002-12-13 20:15:29 +0000965
paulaa5943f2005-11-04 21:53:59 +0000966@command{bgpd} supports Multiprotocol Extension for BGP. So if remote
967peer supports the protocol, @command{bgpd} can exchange IPv6 and/or
968multicast routing information.
paul718e3742002-12-13 20:15:29 +0000969
paulaa5943f2005-11-04 21:53:59 +0000970Traditional BGP did not have the feature to detect remote peer's
971capabilities, e.g. whether it can handle prefix types other than IPv4
972unicast routes. This was a big problem using Multiprotocol Extension
973for BGP to operational network. @cite{RFC2842, Capabilities
974Advertisement with BGP-4} adopted a feature called Capability
975Negotiation. @command{bgpd} use this Capability Negotiation to detect
976the remote peer's capabilities. If the peer is only configured as IPv4
977unicast neighbor, @command{bgpd} does not send these Capability
978Negotiation packets (at least not unless other optional BGP features
979require capability negotation).
paul718e3742002-12-13 20:15:29 +0000980
paulaa5943f2005-11-04 21:53:59 +0000981By default, Quagga will bring up peering with minimal common capability
982for the both sides. For example, local router has unicast and
983multicast capabilitie and remote router has unicast capability. In
984this case, the local router will establish the connection with unicast
985only capability. When there are no common capabilities, Quagga sends
986Unsupported Capability error and then resets the connection.
paul718e3742002-12-13 20:15:29 +0000987
paulaa5943f2005-11-04 21:53:59 +0000988If you want to completely match capabilities with remote peer. Please
paul718e3742002-12-13 20:15:29 +0000989use @command{strict-capability-match} command.
990
991@deffn {BGP} {neighbor @var{peer} strict-capability-match} {}
992@deffnx {BGP} {no neighbor @var{peer} strict-capability-match} {}
993Strictly compares remote capabilities and local capabilities. If capabilities
994are different, send Unsupported Capability error then reset connection.
995@end deffn
996
paulaa5943f2005-11-04 21:53:59 +0000997You may want to disable sending Capability Negotiation OPEN message
paul718e3742002-12-13 20:15:29 +0000998optional parameter to the peer when remote peer does not implement
999Capability Negotiation. Please use @command{dont-capability-negotiate}
1000command to disable the feature.
1001
1002@deffn {BGP} {neighbor @var{peer} dont-capability-negotiate} {}
1003@deffnx {BGP} {no neighbor @var{peer} dont-capability-negotiate} {}
1004Suppress sending Capability Negotiation as OPEN message optional
1005parameter to the peer. This command only affects the peer is configured
1006other than IPv4 unicast configuration.
1007@end deffn
1008
paulaa5943f2005-11-04 21:53:59 +00001009When remote peer does not have capability negotiation feature, remote
1010peer will not send any capabilities at all. In that case, bgp
1011configures the peer with configured capabilities.
paul718e3742002-12-13 20:15:29 +00001012
paulaa5943f2005-11-04 21:53:59 +00001013You may prefer locally configured capabilities more than the negotiated
1014capabilities even though remote peer sends capabilities. If the peer
1015is configured by @command{override-capability}, @command{bgpd} ignores
1016received capabilities then override negotiated capabilities with
1017configured values.
paul718e3742002-12-13 20:15:29 +00001018
1019@deffn {BGP} {neighbor @var{peer} override-capability} {}
1020@deffnx {BGP} {no neighbor @var{peer} override-capability} {}
1021Override the result of Capability Negotiation with local configuration.
1022Ignore remote peer's capability value.
1023@end deffn
1024
paul76b89b42004-11-06 17:13:09 +00001025@node Route Reflector
paul718e3742002-12-13 20:15:29 +00001026@section Route Reflector
1027
1028@deffn {BGP} {bgp cluster-id @var{a.b.c.d}} {}
1029@end deffn
1030
1031@deffn {BGP} {neighbor @var{peer} route-reflector-client} {}
1032@deffnx {BGP} {no neighbor @var{peer} route-reflector-client} {}
1033@end deffn
1034
paul76b89b42004-11-06 17:13:09 +00001035@node Route Server
paul718e3742002-12-13 20:15:29 +00001036@section Route Server
1037
1038At an Internet Exchange point, many ISPs are connected to each other by
1039external BGP peering. Normally these external BGP connection are done by
paulaa5943f2005-11-04 21:53:59 +00001040@samp{full mesh} method. As with internal BGP full mesh formation,
paul718e3742002-12-13 20:15:29 +00001041this method has a scaling problem.
1042
1043This scaling problem is well known. Route Server is a method to resolve
1044the problem. Each ISP's BGP router only peers to Route Server. Route
1045Server serves as BGP information exchange to other BGP routers. By
1046applying this method, numbers of BGP connections is reduced from
1047O(n*(n-1)/2) to O(n).
1048
1049Unlike normal BGP router, Route Server must have several routing tables
1050for managing different routing policies for each BGP speaker. We call the
1051routing tables as different @code{view}s. @command{bgpd} can work as
1052normal BGP router or Route Server or both at the same time.
1053
1054@menu
1055* Multiple instance::
1056* BGP instance and view::
1057* Routing policy::
1058* Viewing the view::
1059@end menu
1060
paul76b89b42004-11-06 17:13:09 +00001061@node Multiple instance
paul718e3742002-12-13 20:15:29 +00001062@subsection Multiple instance
1063
1064To enable multiple view function of @code{bgpd}, you must turn on
1065multiple instance feature beforehand.
1066
1067@deffn {Command} {bgp multiple-instance} {}
1068Enable BGP multiple instance feature. After this feature is enabled,
1069you can make multiple BGP instances or multiple BGP views.
1070@end deffn
1071
1072@deffn {Command} {no bgp multiple-instance} {}
1073Disable BGP multiple instance feature. You can not disable this feature
1074when BGP multiple instances or views exist.
1075@end deffn
1076
1077When you want to make configuration more Cisco like one,
1078
1079@deffn {Command} {bgp config-type cisco} {}
1080Cisco compatible BGP configuration output.
1081@end deffn
1082
1083When bgp config-type cisco is specified,
1084
1085``no synchronization'' is displayed.
Ivan Moskalyov2b09e212010-03-11 17:14:35 +03001086``no auto-summary'' is displayed.
paul718e3742002-12-13 20:15:29 +00001087
1088``network'' and ``aggregate-address'' argument is displayed as
1089``A.B.C.D M.M.M.M''
1090
paul7190f4e2003-08-12 12:40:20 +00001091Quagga: network 10.0.0.0/8
paul718e3742002-12-13 20:15:29 +00001092Cisco: network 10.0.0.0
1093
paul7190f4e2003-08-12 12:40:20 +00001094Quagga: aggregate-address 192.168.0.0/24
paul718e3742002-12-13 20:15:29 +00001095Cisco: aggregate-address 192.168.0.0 255.255.255.0
1096
1097Community attribute handling is also different. If there is no
1098configuration is specified community attribute and extended community
1099attribute are sent to neighbor. When user manually disable the
1100feature community attribute is not sent to the neighbor. In case of
paulaa5943f2005-11-04 21:53:59 +00001101@command{bgp config-type cisco} is specified, community attribute is not
paul718e3742002-12-13 20:15:29 +00001102sent to the neighbor by default. To send community attribute user has
paulaa5943f2005-11-04 21:53:59 +00001103to specify @command{neighbor A.B.C.D send-community} command.
paul718e3742002-12-13 20:15:29 +00001104
paulaa5943f2005-11-04 21:53:59 +00001105@example
paul718e3742002-12-13 20:15:29 +00001106!
1107router bgp 1
1108 neighbor 10.0.0.1 remote-as 1
1109 no neighbor 10.0.0.1 send-community
1110!
paul718e3742002-12-13 20:15:29 +00001111router bgp 1
1112 neighbor 10.0.0.1 remote-as 1
1113 neighbor 10.0.0.1 send-community
1114!
paulaa5943f2005-11-04 21:53:59 +00001115@end example
paul718e3742002-12-13 20:15:29 +00001116
1117@deffn {Command} {bgp config-type zebra} {}
paul7190f4e2003-08-12 12:40:20 +00001118Quagga style BGP configuration. This is default.
paul718e3742002-12-13 20:15:29 +00001119@end deffn
1120
paul76b89b42004-11-06 17:13:09 +00001121@node BGP instance and view
paul718e3742002-12-13 20:15:29 +00001122@subsection BGP instance and view
1123
1124BGP instance is a normal BGP process. The result of route selection
1125goes to the kernel routing table. You can setup different AS at the
1126same time when BGP multiple instance feature is enabled.
1127
1128@deffn {Command} {router bgp @var{as-number}} {}
1129Make a new BGP instance. You can use arbitrary word for the @var{name}.
1130@end deffn
1131
1132@example
1133@group
1134bgp multiple-instance
1135!
1136router bgp 1
1137 neighbor 10.0.0.1 remote-as 2
1138 neighbor 10.0.0.2 remote-as 3
1139!
1140router bgp 2
1141 neighbor 10.0.0.3 remote-as 4
1142 neighbor 10.0.0.4 remote-as 5
1143@end group
1144@end example
1145
1146BGP view is almost same as normal BGP process. The result of
1147route selection does not go to the kernel routing table. BGP view is
1148only for exchanging BGP routing information.
1149
1150@deffn {Command} {router bgp @var{as-number} view @var{name}} {}
1151Make a new BGP view. You can use arbitrary word for the @var{name}. This
1152view's route selection result does not go to the kernel routing table.
1153@end deffn
1154
1155With this command, you can setup Route Server like below.
1156
1157@example
1158@group
1159bgp multiple-instance
1160!
1161router bgp 1 view 1
1162 neighbor 10.0.0.1 remote-as 2
1163 neighbor 10.0.0.2 remote-as 3
1164!
1165router bgp 2 view 2
1166 neighbor 10.0.0.3 remote-as 4
1167 neighbor 10.0.0.4 remote-as 5
1168@end group
1169@end example
1170
paul76b89b42004-11-06 17:13:09 +00001171@node Routing policy
paul718e3742002-12-13 20:15:29 +00001172@subsection Routing policy
1173
1174You can set different routing policy for a peer. For example, you can
1175set different filter for a peer.
1176
1177@example
1178@group
1179bgp multiple-instance
1180!
1181router bgp 1 view 1
1182 neighbor 10.0.0.1 remote-as 2
1183 neighbor 10.0.0.1 distribute-list 1 in
1184!
1185router bgp 1 view 2
1186 neighbor 10.0.0.1 remote-as 2
1187 neighbor 10.0.0.1 distribute-list 2 in
1188@end group
1189@end example
1190
1191This means BGP update from a peer 10.0.0.1 goes to both BGP view 1 and view
11922. When the update is inserted into view 1, distribute-list 1 is
1193applied. On the other hand, when the update is inserted into view 2,
1194distribute-list 2 is applied.
1195
paul76b89b42004-11-06 17:13:09 +00001196@node Viewing the view
paul718e3742002-12-13 20:15:29 +00001197@subsection Viewing the view
1198
1199To display routing table of BGP view, you must specify view name.
1200
1201@deffn {Command} {show ip bgp view @var{name}} {}
1202Display routing table of BGP view @var{name}.
1203@end deffn
1204
paul76b89b42004-11-06 17:13:09 +00001205@node How to set up a 6-Bone connection
paul718e3742002-12-13 20:15:29 +00001206@section How to set up a 6-Bone connection
1207
paul6a22b1f2004-11-07 19:39:13 +00001208
paul718e3742002-12-13 20:15:29 +00001209@example
1210@group
1211zebra configuration
1212===================
1213!
1214! Actually there is no need to configure zebra
1215!
1216
1217bgpd configuration
1218==================
1219!
1220! This means that routes go through zebra and into the kernel.
1221!
1222router zebra
1223!
1224! MP-BGP configuration
1225!
1226router bgp 7675
1227 bgp router-id 10.0.0.1
1228 neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 remote-as @var{as-number}
1229!
1230 address-family ipv6
1231 network 3ffe:506::/32
1232 neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 activate
1233 neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 route-map set-nexthop out
1234 neighbor 3ffe:1cfa:0:2:2c0:4fff:fe68:a231 remote-as @var{as-number}
1235 neighbor 3ffe:1cfa:0:2:2c0:4fff:fe68:a231 route-map set-nexthop out
1236 exit-address-family
1237!
1238ipv6 access-list all permit any
1239!
1240! Set output nexthop address.
1241!
1242route-map set-nexthop permit 10
1243 match ipv6 address all
1244 set ipv6 nexthop global 3ffe:1cfa:0:2:2c0:4fff:fe68:a225
1245 set ipv6 nexthop local fe80::2c0:4fff:fe68:a225
1246!
1247! logfile FILENAME is obsolete. Please use log file FILENAME
paul7190f4e2003-08-12 12:40:20 +00001248
paul718e3742002-12-13 20:15:29 +00001249log file bgpd.log
1250!
1251@end group
1252@end example
1253
paul76b89b42004-11-06 17:13:09 +00001254@node Dump BGP packets and table
paul718e3742002-12-13 20:15:29 +00001255@section Dump BGP packets and table
1256
1257@deffn Command {dump bgp all @var{path}} {}
1258@deffnx Command {dump bgp all @var{path} @var{interval}} {}
1259Dump all BGP packet and events to @var{path} file.
1260@end deffn
1261
1262@deffn Command {dump bgp updates @var{path}} {}
1263@deffnx Command {dump bgp updates @var{path} @var{interval}} {}
1264Dump BGP updates to @var{path} file.
1265@end deffn
1266
1267@deffn Command {dump bgp routes @var{path}} {}
1268@deffnx Command {dump bgp routes @var{path}} {}
1269Dump whole BGP routing table to @var{path}. This is heavy process.
1270@end deffn
paulaa5943f2005-11-04 21:53:59 +00001271
1272@node BGP Configuration Examples
1273@section BGP Configuration Examples
1274
1275Example of a session to an upstream, advertising only one prefix to it.
1276
1277@example
1278router bgp 64512
1279 bgp router-id 10.236.87.1
1280 network 10.236.87.0/24
1281 neighbor upstream peer-group
1282 neighbor upstream remote-as 64515
1283 neighbor upstream capability dynamic
1284 neighbor upstream prefix-list pl-allowed-adv out
1285 neighbor 10.1.1.1 peer-group upstream
1286 neighbor 10.1.1.1 description ACME ISP
1287!
1288ip prefix-list pl-allowed-adv seq 5 permit 82.195.133.0/25
1289ip prefix-list pl-allowed-adv seq 10 deny any
1290
1291@end example
1292
1293A more complex example. With upstream, peer and customer sessions.
1294Advertising global prefixes and NO_EXPORT prefixes and providing
1295actions for customer routes based on community values. Extensive use of
1296route-maps and the 'call' feature to support selective advertising of
1297prefixes. This example is intended as guidance only, it has NOT been
1298tested and almost certainly containts silly mistakes, if not serious
1299flaws.
1300
1301@example
1302router bgp 64512
1303 bgp router-id 10.236.87.1
1304 network 10.123.456.0/24
1305 network 10.123.456.128/25 route-map rm-no-export
1306 neighbor upstream capability dynamic
1307 neighbor upstream route-map rm-upstream-out out
1308 neighbor cust capability dynamic
1309 neighbor cust route-map rm-cust-in in
1310 neighbor cust route-map rm-cust-out out
1311 neighbor cust send-community both
1312 neighbor peer capability dynamic
1313 neighbor peer route-map rm-peer-in in
1314 neighbor peer route-map rm-peer-out out
1315 neighbor peer send-community both
1316 neighbor 10.1.1.1 remote-as 64515
1317 neighbor 10.1.1.1 peer-group upstream
1318 neighbor 10.2.1.1 remote-as 64516
1319 neighbor 10.2.1.1 peer-group upstream
1320 neighbor 10.3.1.1 remote-as 64517
1321 neighbor 10.3.1.1 peer-group cust-default
1322 neighbor 10.3.1.1 description customer1
1323 neighbor 10.3.1.1 prefix-list pl-cust1-network in
1324 neighbor 10.4.1.1 remote-as 64518
1325 neighbor 10.4.1.1 peer-group cust
1326 neighbor 10.4.1.1 prefix-list pl-cust2-network in
1327 neighbor 10.4.1.1 description customer2
1328 neighbor 10.5.1.1 remote-as 64519
1329 neighbor 10.5.1.1 peer-group peer
1330 neighbor 10.5.1.1 prefix-list pl-peer1-network in
1331 neighbor 10.5.1.1 description peer AS 1
1332 neighbor 10.6.1.1 remote-as 64520
1333 neighbor 10.6.1.1 peer-group peer
1334 neighbor 10.6.1.1 prefix-list pl-peer2-network in
1335 neighbor 10.6.1.1 description peer AS 2
1336!
1337ip prefix-list pl-default permit 0.0.0.0/0
1338!
1339ip prefix-list pl-upstream-peers permit 10.1.1.1/32
1340ip prefix-list pl-upstream-peers permit 10.2.1.1/32
1341!
1342ip prefix-list pl-cust1-network permit 10.3.1.0/24
1343ip prefix-list pl-cust1-network permit 10.3.2.0/24
1344!
1345ip prefix-list pl-cust2-network permit 10.4.1.0/24
1346!
1347ip prefix-list pl-peer1-network permit 10.5.1.0/24
1348ip prefix-list pl-peer1-network permit 10.5.2.0/24
1349ip prefix-list pl-peer1-network permit 192.168.0.0/24
1350!
1351ip prefix-list pl-peer2-network permit 10.6.1.0/24
1352ip prefix-list pl-peer2-network permit 10.6.2.0/24
1353ip prefix-list pl-peer2-network permit 192.168.1.0/24
1354ip prefix-list pl-peer2-network permit 192.168.2.0/24
1355ip prefix-list pl-peer2-network permit 172.16.1/24
1356!
1357ip as-path access-list asp-own-as permit ^$
1358ip as-path access-list asp-own-as permit _64512_
1359!
1360! #################################################################
1361! Match communities we provide actions for, on routes receives from
1362! customers. Communities values of <our-ASN>:X, with X, have actions:
1363!
1364! 100 - blackhole the prefix
1365! 200 - set no_export
1366! 300 - advertise only to other customers
1367! 400 - advertise only to upstreams
1368! 500 - set no_export when advertising to upstreams
1369! 2X00 - set local_preference to X00
1370!
1371! blackhole the prefix of the route
1372ip community-list standard cm-blackhole permit 64512:100
1373!
1374! set no-export community before advertising
1375ip community-list standard cm-set-no-export permit 64512:200
1376!
1377! advertise only to other customers
1378ip community-list standard cm-cust-only permit 64512:300
1379!
1380! advertise only to upstreams
1381ip community-list standard cm-upstream-only permit 64512:400
1382!
1383! advertise to upstreams with no-export
1384ip community-list standard cm-upstream-noexport permit 64512:500
1385!
1386! set local-pref to least significant 3 digits of the community
1387ip community-list standard cm-prefmod-100 permit 64512:2100
1388ip community-list standard cm-prefmod-200 permit 64512:2200
1389ip community-list standard cm-prefmod-300 permit 64512:2300
1390ip community-list standard cm-prefmod-400 permit 64512:2400
1391ip community-list expanded cme-prefmod-range permit 64512:2...
1392!
1393! Informational communities
1394!
1395! 3000 - learned from upstream
1396! 3100 - learned from customer
1397! 3200 - learned from peer
1398!
1399ip community-list standard cm-learnt-upstream permit 64512:3000
1400ip community-list standard cm-learnt-cust permit 64512:3100
1401ip community-list standard cm-learnt-peer permit 64512:3200
1402!
1403! ###################################################################
1404! Utility route-maps
1405!
1406! These utility route-maps generally should not used to permit/deny
1407! routes, i.e. they do not have meaning as filters, and hence probably
1408! should be used with 'on-match next'. These all finish with an empty
1409! permit entry so as not interfere with processing in the caller.
1410!
1411route-map rm-no-export permit 10
1412 set community additive no-export
1413route-map rm-no-export permit 20
1414!
1415route-map rm-blackhole permit 10
1416 description blackhole, up-pref and ensure it cant escape this AS
1417 set ip next-hop 127.0.0.1
1418 set local-preference 10
1419 set community additive no-export
1420route-map rm-blackhole permit 20
1421!
1422! Set local-pref as requested
1423route-map rm-prefmod permit 10
1424 match community cm-prefmod-100
1425 set local-preference 100
1426route-map rm-prefmod permit 20
1427 match community cm-prefmod-200
1428 set local-preference 200
1429route-map rm-prefmod permit 30
1430 match community cm-prefmod-300
1431 set local-preference 300
1432route-map rm-prefmod permit 40
1433 match community cm-prefmod-400
1434 set local-preference 400
1435route-map rm-prefmod permit 50
1436!
1437! Community actions to take on receipt of route.
1438route-map rm-community-in permit 10
1439 description check for blackholing, no point continuing if it matches.
1440 match community cm-blackhole
1441 call rm-blackhole
1442route-map rm-community-in permit 20
1443 match community cm-set-no-export
1444 call rm-no-export
1445 on-match next
1446route-map rm-community-in permit 30
1447 match community cme-prefmod-range
1448 call rm-prefmod
1449route-map rm-community-in permit 40
1450!
1451! #####################################################################
1452! Community actions to take when advertising a route.
1453! These are filtering route-maps,
1454!
1455! Deny customer routes to upstream with cust-only set.
1456route-map rm-community-filt-to-upstream deny 10
1457 match community cm-learnt-cust
1458 match community cm-cust-only
1459route-map rm-community-filt-to-upstream permit 20
1460!
1461! Deny customer routes to other customers with upstream-only set.
1462route-map rm-community-filt-to-cust deny 10
1463 match community cm-learnt-cust
1464 match community cm-upstream-only
1465route-map rm-community-filt-to-cust permit 20
1466!
1467! ###################################################################
1468! The top-level route-maps applied to sessions. Further entries could
1469! be added obviously..
1470!
1471! Customers
1472route-map rm-cust-in permit 10
1473 call rm-community-in
1474 on-match next
1475route-map rm-cust-in permit 20
1476 set community additive 64512:3100
1477route-map rm-cust-in permit 30
1478!
1479route-map rm-cust-out permit 10
1480 call rm-community-filt-to-cust
1481 on-match next
1482route-map rm-cust-out permit 20
1483!
1484! Upstream transit ASes
1485route-map rm-upstream-out permit 10
1486 description filter customer prefixes which are marked cust-only
1487 call rm-community-filt-to-upstream
1488 on-match next
1489route-map rm-upstream-out permit 20
1490 description only customer routes are provided to upstreams/peers
1491 match community cm-learnt-cust
1492!
1493! Peer ASes
1494! outbound policy is same as for upstream
1495route-map rm-peer-out permit 10
1496 call rm-upstream-out
1497!
1498route-map rm-peer-in permit 10
1499 set community additive 64512:3200
1500@end example