blob: 5eb08510c340d8719e967bdddf8ac42778c60af6 [file] [log] [blame]
paul718e3742002-12-13 20:15:29 +00001@c -*-texinfo-*-
paul7190f4e2003-08-12 12:40:20 +00002@c This is part of the Quagga Manual.
paul76b89b42004-11-06 17:13:09 +00003@c @value{COPYRIGHT_STR}
4@c See file quagga.texi for copying conditions.
paul718e3742002-12-13 20:15:29 +00005@node BGP
paul718e3742002-12-13 20:15:29 +00006@chapter BGP
7
paulaa5943f2005-11-04 21:53:59 +00008@acronym{BGP} stands for a Border Gateway Protocol. The lastest BGP version
paul718e3742002-12-13 20:15:29 +00009is 4. It is referred as BGP-4. BGP-4 is one of the Exterior Gateway
10Protocols and de-fact standard of Inter Domain routing protocol.
paulaa5943f2005-11-04 21:53:59 +000011BGP-4 is described in @cite{RFC1771, A Border Gateway Protocol
paul718e3742002-12-13 20:15:29 +0000124 (BGP-4)}.
13
paulaa5943f2005-11-04 21:53:59 +000014Many extensions have been added to @cite{RFC1771}. @cite{RFC2858,
15Multiprotocol Extensions for BGP-4} provides multiprotocol support to
16BGP-4.
paul718e3742002-12-13 20:15:29 +000017
18@menu
19* Starting BGP::
20* BGP router::
21* BGP network::
22* BGP Peer::
23* BGP Peer Group::
24* BGP Address Family::
25* Autonomous System::
26* BGP Communities Attribute::
27* BGP Extended Communities Attribute::
28* Displaying BGP routes::
29* Capability Negotiation::
30* Route Reflector::
31* Route Server::
32* How to set up a 6-Bone connection::
33* Dump BGP packets and table::
paulaa5943f2005-11-04 21:53:59 +000034* BGP Configuration Examples::
paul718e3742002-12-13 20:15:29 +000035@end menu
36
paul76b89b42004-11-06 17:13:09 +000037@node Starting BGP
paul718e3742002-12-13 20:15:29 +000038@section Starting BGP
39
40Default configuration file of @command{bgpd} is @file{bgpd.conf}.
41@command{bgpd} searches the current directory first then
42@value{INSTALL_PREFIX_ETC}/bgpd.conf. All of bgpd's command must be
43configured in @file{bgpd.conf}.
44
45@command{bgpd} specific invocation options are described below. Common
46options may also be specified (@pxref{Common Invocation Options}).
47
48@table @samp
49@item -p @var{PORT}
50@itemx --bgp_port=@var{PORT}
51Set the bgp protocol's port number.
52
53@item -r
54@itemx --retain
55When program terminates, retain BGP routes added by zebra.
56@end table
57
paul76b89b42004-11-06 17:13:09 +000058@node BGP router
paul718e3742002-12-13 20:15:29 +000059@section BGP router
60
61 First of all you must configure BGP router with @command{router bgp}
62command. To configure BGP router, you need AS number. AS number is an
63identification of autonomous system. BGP protocol uses the AS number
64for detecting whether the BGP connection is internal one or external one.
65
66@deffn Command {router bgp @var{asn}} {}
67Enable a BGP protocol process with the specified @var{asn}. After
68this statement you can input any @code{BGP Commands}. You can not
69create different BGP process under different @var{asn} without
70specifying @code{multiple-instance} (@pxref{Multiple instance}).
71@end deffn
72
73@deffn Command {no router bgp @var{asn}} {}
74Destroy a BGP protocol process with the specified @var{asn}.
75@end deffn
76
77@deffn {BGP} {bgp router-id @var{A.B.C.D}} {}
78This command specifies the router-ID. If @command{bgpd} connects to @command{zebra} it gets
79interface and address information. In that case default router ID value
80is selected as the largest IP Address of the interfaces. When
81@code{router zebra} is not enabled @command{bgpd} can't get interface information
82so @code{router-id} is set to 0.0.0.0. So please set router-id by hand.
83@end deffn
84
85@menu
86* BGP distance::
87* BGP decision process::
Alexandre Chappuisc31e5722011-09-11 16:54:11 +040088* BGP route flap dampening::
paul718e3742002-12-13 20:15:29 +000089@end menu
90
paul76b89b42004-11-06 17:13:09 +000091@node BGP distance
paul718e3742002-12-13 20:15:29 +000092@subsection BGP distance
93
94@deffn {BGP} {distance bgp <1-255> <1-255> <1-255>} {}
95This command change distance value of BGP. Each argument is distance
96value for external routes, internal routes and local routes.
97@end deffn
98
99@deffn {BGP} {distance <1-255> @var{A.B.C.D/M}} {}
100@deffnx {BGP} {distance <1-255> @var{A.B.C.D/M} @var{word}} {}
101This command set distance value to
102@end deffn
103
paul76b89b42004-11-06 17:13:09 +0000104@node BGP decision process
paul718e3742002-12-13 20:15:29 +0000105@subsection BGP decision process
106
107@table @asis
108@item 1. Weight check
109
110@item 2. Local preference check.
111
112@item 3. Local route check.
113
114@item 4. AS path length check.
115
116@item 5. Origin check.
117
118@item 6. MED check.
119@end table
120
hasso68118452005-04-08 15:40:36 +0000121@deffn {BGP} {bgp bestpath as-path confed} {}
122This command specifies that the length of confederation path sets and
123sequences should should be taken into account during the BGP best path
124decision process.
125@end deffn
126
Pradosh Mohapatra2fdd4552013-09-07 07:02:36 +0000127@deffn {BGP} {bgp bestpath as-path multipath-relax} {}
128This command specifies that BGP decision process should consider paths
129of equal AS_PATH length candidates for multipath computation. Without
130the knob, the entire AS_PATH must match for multipath computation.
131@end deffn
132
Alexandre Chappuisc31e5722011-09-11 16:54:11 +0400133@node BGP route flap dampening
134@subsection BGP route flap dampening
135
136@deffn {BGP} {bgp dampening @var{<1-45>} @var{<1-20000>} @var{<1-20000>} @var{<1-255>}} {}
137This command enables BGP route-flap dampening and specifies dampening parameters.
138
139@table @asis
140@item @asis{half-life}
141Half-life time for the penalty
142@item @asis{reuse-threshold}
143Value to start reusing a route
144@item @asis{suppress-threshold}
145Value to start suppressing a route
146@item @asis{max-suppress}
147Maximum duration to suppress a stable route
148@end table
149
150The route-flap damping algorithm is compatible with @cite{RFC2439}. The use of this command
151is not recommended nowadays, see @uref{http://www.ripe.net/ripe/docs/ripe-378,,RIPE-378}.
152@end deffn
153
paul76b89b42004-11-06 17:13:09 +0000154@node BGP network
paul718e3742002-12-13 20:15:29 +0000155@section BGP network
156
157@menu
158* BGP route::
159* Route Aggregation::
160* Redistribute to BGP::
161@end menu
162
paul76b89b42004-11-06 17:13:09 +0000163@node BGP route
paul718e3742002-12-13 20:15:29 +0000164@subsection BGP route
165
166@deffn {BGP} {network @var{A.B.C.D/M}} {}
167This command adds the announcement network.
168@example
169@group
170router bgp 1
171 network 10.0.0.0/8
172@end group
173@end example
174This configuration example says that network 10.0.0.0/8 will be
175announced to all neighbors. Some vendors' routers don't advertise
Paul Jakma41367172007-08-06 15:24:51 +0000176routes if they aren't present in their IGP routing tables; @code{bgpd}
paul718e3742002-12-13 20:15:29 +0000177doesn't care about IGP routes when announcing its routes.
178@end deffn
179
180@deffn {BGP} {no network @var{A.B.C.D/M}} {}
181@end deffn
182
paul76b89b42004-11-06 17:13:09 +0000183@node Route Aggregation
paul718e3742002-12-13 20:15:29 +0000184@subsection Route Aggregation
185
186@deffn {BGP} {aggregate-address @var{A.B.C.D/M}} {}
187This command specifies an aggregate address.
188@end deffn
189
190@deffn {BGP} {aggregate-address @var{A.B.C.D/M} as-set} {}
191This command specifies an aggregate address. Resulting routes inlucde
192AS set.
193@end deffn
194
195@deffn {BGP} {aggregate-address @var{A.B.C.D/M} summary-only} {}
196This command specifies an aggregate address. Aggreated routes will
197not be announce.
198@end deffn
199
200@deffn {BGP} {no aggregate-address @var{A.B.C.D/M}} {}
201@end deffn
202
paul76b89b42004-11-06 17:13:09 +0000203@node Redistribute to BGP
paul718e3742002-12-13 20:15:29 +0000204@subsection Redistribute to BGP
205
206@deffn {BGP} {redistribute kernel} {}
207Redistribute kernel route to BGP process.
208@end deffn
209
210@deffn {BGP} {redistribute static} {}
211Redistribute static route to BGP process.
212@end deffn
213
214@deffn {BGP} {redistribute connected} {}
215Redistribute connected route to BGP process.
216@end deffn
217
218@deffn {BGP} {redistribute rip} {}
219Redistribute RIP route to BGP process.
220@end deffn
221
222@deffn {BGP} {redistribute ospf} {}
223Redistribute OSPF route to BGP process.
224@end deffn
225
paul76b89b42004-11-06 17:13:09 +0000226@node BGP Peer
paul718e3742002-12-13 20:15:29 +0000227@section BGP Peer
228
229@menu
230* Defining Peer::
231* BGP Peer commands::
232* Peer filtering::
233@end menu
234
paul76b89b42004-11-06 17:13:09 +0000235@node Defining Peer
paul718e3742002-12-13 20:15:29 +0000236@subsection Defining Peer
237
238@deffn {BGP} {neighbor @var{peer} remote-as @var{asn}} {}
239Creates a new neighbor whose remote-as is @var{asn}. @var{peer}
240can be an IPv4 address or an IPv6 address.
241@example
242@group
243router bgp 1
244 neighbor 10.0.0.1 remote-as 2
245@end group
246@end example
247In this case my router, in AS-1, is trying to peer with AS-2 at
24810.0.0.1.
249
250This command must be the first command used when configuring a neighbor.
251If the remote-as is not specified, @command{bgpd} will complain like this:
252@example
253can't find neighbor 10.0.0.1
254@end example
255@end deffn
256
paul76b89b42004-11-06 17:13:09 +0000257@node BGP Peer commands
paul718e3742002-12-13 20:15:29 +0000258@subsection BGP Peer commands
259
260In a @code{router bgp} clause there are neighbor specific configurations
261required.
262
263@deffn {BGP} {neighbor @var{peer} shutdown} {}
264@deffnx {BGP} {no neighbor @var{peer} shutdown} {}
265Shutdown the peer. We can delete the neighbor's configuration by
266@code{no neighbor @var{peer} remote-as @var{as-number}} but all
267configuration of the neighbor will be deleted. When you want to
268preserve the configuration, but want to drop the BGP peer, use this
269syntax.
270@end deffn
271
272@deffn {BGP} {neighbor @var{peer} ebgp-multihop} {}
273@deffnx {BGP} {no neighbor @var{peer} ebgp-multihop} {}
274@end deffn
275
276@deffn {BGP} {neighbor @var{peer} description ...} {}
277@deffnx {BGP} {no neighbor @var{peer} description ...} {}
278Set description of the peer.
279@end deffn
280
281@deffn {BGP} {neighbor @var{peer} version @var{version}} {}
282Set up the neighbor's BGP version. @var{version} can be @var{4},
283@var{4+} or @var{4-}. BGP version @var{4} is the default value used for
284BGP peering. BGP version @var{4+} means that the neighbor supports
285Multiprotocol Extensions for BGP-4. BGP version @var{4-} is similar but
286the neighbor speaks the old Internet-Draft revision 00's Multiprotocol
287Extensions for BGP-4. Some routing software is still using this
288version.
289@end deffn
290
291@deffn {BGP} {neighbor @var{peer} interface @var{ifname}} {}
292@deffnx {BGP} {no neighbor @var{peer} interface @var{ifname}} {}
Paul Jakma825cd492006-05-23 22:20:34 +0000293When you connect to a BGP peer over an IPv6 link-local address, you
294have to specify the @var{ifname} of the interface used for the
295connection. To specify IPv4 session addresses, see the
296@code{neighbor @var{peer} update-source} command below.
297
298This command is deprecated and may be removed in a future release. Its
299use should be avoided.
paul718e3742002-12-13 20:15:29 +0000300@end deffn
301
Timo Teräs9e7a53c2014-04-24 10:22:37 +0300302@deffn {BGP} {neighbor @var{peer} next-hop-self [all]} {}
303@deffnx {BGP} {no neighbor @var{peer} next-hop-self [all]} {}
paul718e3742002-12-13 20:15:29 +0000304This command specifies an announced route's nexthop as being equivalent
Timo Teräs9e7a53c2014-04-24 10:22:37 +0300305to the address of the bgp router if it is learned via eBGP.
306If the optional keyword @code{all} is specified the modifiation is done
307also for routes learned via iBGP.
paul718e3742002-12-13 20:15:29 +0000308@end deffn
309
Paul Jakma466c9652006-06-26 12:55:58 +0000310@deffn {BGP} {neighbor @var{peer} update-source @var{<ifname|address>}} {}
paul718e3742002-12-13 20:15:29 +0000311@deffnx {BGP} {no neighbor @var{peer} update-source} {}
Paul Jakma825cd492006-05-23 22:20:34 +0000312Specify the IPv4 source address to use for the @acronym{BGP} session to this
313neighbour, may be specified as either an IPv4 address directly or
314as an interface name (in which case the @command{zebra} daemon MUST be running
315in order for @command{bgpd} to be able to retrieve interface state).
316@example
317@group
318router bgp 64555
319 neighbor foo update-source 192.168.0.1
320 neighbor bar update-source lo0
321@end group
322@end example
paul718e3742002-12-13 20:15:29 +0000323@end deffn
324
325@deffn {BGP} {neighbor @var{peer} default-originate} {}
326@deffnx {BGP} {no neighbor @var{peer} default-originate} {}
327@command{bgpd}'s default is to not announce the default route (0.0.0.0/0) even it
328is in routing table. When you want to announce default routes to the
329peer, use this command.
330@end deffn
331
332@deffn {BGP} {neighbor @var{peer} port @var{port}} {}
333@deffnx {BGP} {neighbor @var{peer} port @var{port}} {}
334@end deffn
335
336@deffn {BGP} {neighbor @var{peer} send-community} {}
337@deffnx {BGP} {neighbor @var{peer} send-community} {}
338@end deffn
339
340@deffn {BGP} {neighbor @var{peer} weight @var{weight}} {}
341@deffnx {BGP} {no neighbor @var{peer} weight @var{weight}} {}
342This command specifies a default @var{weight} value for the neighbor's
343routes.
344@end deffn
345
346@deffn {BGP} {neighbor @var{peer} maximum-prefix @var{number}} {}
347@deffnx {BGP} {no neighbor @var{peer} maximum-prefix @var{number}} {}
348@end deffn
349
Andrew Certain5aebb9c2012-11-07 23:50:09 +0000350@deffn {BGP} {neighbor @var{peer} local-as @var{as-number}} {}
351@deffnx {BGP} {neighbor @var{peer} local-as @var{as-number} no-prepend} {}
352@deffnx {BGP} {neighbor @var{peer} local-as @var{as-number} no-prepend replace-as} {}
353@deffnx {BGP} {no neighbor @var{peer} local-as} {}
354Specify an alternate AS for this BGP process when interacting with the
355specified peer. With no modifiers, the specified local-as is prepended to
356the received AS_PATH when receiving routing updates from the peer, and
357prepended to the outgoing AS_PATH (after the process local AS) when
358transmitting local routes to the peer.
359
360If the no-prepend attribute is specified, then the supplied local-as is not
361prepended to the received AS_PATH.
362
363If the replace-as attribute is specified, then only the supplied local-as is
364prepended to the AS_PATH when transmitting local-route updates to this peer.
365
366Note that replace-as can only be specified if no-prepend is.
367
368This command is only allowed for eBGP peers.
369@end deffn
370
Pradosh Mohapatra5d804b42013-09-12 03:37:07 +0000371@deffn {BGP} {neighbor @var{peer} ttl-security hops @var{number}} {}
372@deffnx {BGP} {no neighbor @var{peer} ttl-security hops @var{number}} {}
373This command enforces Generalized TTL Security Mechanism (GTSM), as
374specified in RFC 5082. With this command, only neighbors that are the
375specified number of hops away will be allowed to become neighbors. This
376command is mututally exclusive with @command{ebgp-multihop}.
377@end deffn
378
paul76b89b42004-11-06 17:13:09 +0000379@node Peer filtering
paul718e3742002-12-13 20:15:29 +0000380@subsection Peer filtering
381
382@deffn {BGP} {neighbor @var{peer} distribute-list @var{name} [in|out]} {}
383This command specifies a distribute-list for the peer. @var{direct} is
384@samp{in} or @samp{out}.
385@end deffn
386
387@deffn {BGP command} {neighbor @var{peer} prefix-list @var{name} [in|out]} {}
388@end deffn
389
390@deffn {BGP command} {neighbor @var{peer} filter-list @var{name} [in|out]} {}
391@end deffn
392
393@deffn {BGP} {neighbor @var{peer} route-map @var{name} [in|out]} {}
394Apply a route-map on the neighbor. @var{direct} must be @code{in} or
395@code{out}.
396@end deffn
397
398@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000399@node BGP Peer Group
paul718e3742002-12-13 20:15:29 +0000400@section BGP Peer Group
401
402@deffn {BGP} {neighbor @var{word} peer-group} {}
403This command defines a new peer group.
404@end deffn
405
406@deffn {BGP} {neighbor @var{peer} peer-group @var{word}} {}
407This command bind specific peer to peer group @var{word}.
408@end deffn
409
paul76b89b42004-11-06 17:13:09 +0000410@node BGP Address Family
paul718e3742002-12-13 20:15:29 +0000411@section BGP Address Family
412
paul718e3742002-12-13 20:15:29 +0000413@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000414@node Autonomous System
paul718e3742002-12-13 20:15:29 +0000415@section Autonomous System
416
paulaa5943f2005-11-04 21:53:59 +0000417The @acronym{AS,Autonomous System} number is one of the essential
418element of BGP. BGP is a distance vector routing protocol, and the
419AS-Path framework provides distance vector metric and loop detection to
420BGP. @cite{RFC1930, Guidelines for creation, selection, and
421registration of an Autonomous System (AS)} provides some background on
422the concepts of an AS.
paul718e3742002-12-13 20:15:29 +0000423
paulaa5943f2005-11-04 21:53:59 +0000424The AS number is a two octet value, ranging in value from 1 to 65535.
425The AS numbers 64512 through 65535 are defined as private AS numbers.
426Private AS numbers must not to be advertised in the global Internet.
paul718e3742002-12-13 20:15:29 +0000427
428@menu
429* AS Path Regular Expression::
430* Display BGP Routes by AS Path::
431* AS Path Access List::
432* Using AS Path in Route Map::
433* Private AS Numbers::
434@end menu
435
paul76b89b42004-11-06 17:13:09 +0000436@node AS Path Regular Expression
paul718e3742002-12-13 20:15:29 +0000437@subsection AS Path Regular Expression
438
paulaa5943f2005-11-04 21:53:59 +0000439AS path regular expression can be used for displaying BGP routes and
paul718e3742002-12-13 20:15:29 +0000440AS path access list. AS path regular expression is based on
441@code{POSIX 1003.2} regular expressions. Following description is
442just a subset of @code{POSIX} regular expression. User can use full
443@code{POSIX} regular expression. Adding to that special character '_'
444is added for AS path regular expression.
445
446@table @code
447@item .
448Matches any single character.
449@item *
450Matches 0 or more occurrences of pattern.
451@item +
452Matches 1 or more occurrences of pattern.
453@item ?
454Match 0 or 1 occurrences of pattern.
455@item ^
456Matches the beginning of the line.
457@item $
458Matches the end of the line.
459@item _
460Character @code{_} has special meanings in AS path regular expression.
461It matches to space and comma , and AS set delimiter @{ and @} and AS
462confederation delimiter @code{(} and @code{)}. And it also matches to
463the beginning of the line and the end of the line. So @code{_} can be
464used for AS value boundaries match. @code{show ip bgp regexp _7675_}
465matches to all of BGP routes which as AS number include @var{7675}.
466@end table
467
paul76b89b42004-11-06 17:13:09 +0000468@node Display BGP Routes by AS Path
paul718e3742002-12-13 20:15:29 +0000469@subsection Display BGP Routes by AS Path
470
paulaa5943f2005-11-04 21:53:59 +0000471To show BGP routes which has specific AS path information @code{show
paul718e3742002-12-13 20:15:29 +0000472ip bgp} command can be used.
473
474@deffn Command {show ip bgp regexp @var{line}} {}
475This commands display BGP routes that matches AS path regular
476expression @var{line}.
477@end deffn
478
paul76b89b42004-11-06 17:13:09 +0000479@node AS Path Access List
paul718e3742002-12-13 20:15:29 +0000480@subsection AS Path Access List
481
paulaa5943f2005-11-04 21:53:59 +0000482AS path access list is user defined AS path.
paul718e3742002-12-13 20:15:29 +0000483
484@deffn {Command} {ip as-path access-list @var{word} @{permit|deny@} @var{line}} {}
485This command defines a new AS path access list.
486@end deffn
487
488@deffn {Command} {no ip as-path access-list @var{word}} {}
489@deffnx {Command} {no ip as-path access-list @var{word} @{permit|deny@} @var{line}} {}
490@end deffn
491
paul76b89b42004-11-06 17:13:09 +0000492@node Using AS Path in Route Map
paul718e3742002-12-13 20:15:29 +0000493@subsection Using AS Path in Route Map
494
495@deffn {Route Map} {match as-path @var{word}} {}
496@end deffn
497
498@deffn {Route Map} {set as-path prepend @var{as-path}} {}
Paul Jakma5e4ba812014-10-20 17:49:44 +0100499Prepend the given string of AS numbers to the AS_PATH.
500@end deffn
501
502@deffn {Route Map} {set as-path prepend last-as @var{num}} {}
503Prepend the existing last AS number (the leftmost ASN) to the AS_PATH.
paul718e3742002-12-13 20:15:29 +0000504@end deffn
505
paul76b89b42004-11-06 17:13:09 +0000506@node Private AS Numbers
paul718e3742002-12-13 20:15:29 +0000507@subsection Private AS Numbers
508
paul718e3742002-12-13 20:15:29 +0000509@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000510@node BGP Communities Attribute
paul718e3742002-12-13 20:15:29 +0000511@section BGP Communities Attribute
512
paulaa5943f2005-11-04 21:53:59 +0000513BGP communities attribute is widely used for implementing policy
paul718e3742002-12-13 20:15:29 +0000514routing. Network operators can manipulate BGP communities attribute
515based on their network policy. BGP communities attribute is defined
paulaa5943f2005-11-04 21:53:59 +0000516in @cite{RFC1997, BGP Communities Attribute} and
517@cite{RFC1998, An Application of the BGP Community Attribute
paul718e3742002-12-13 20:15:29 +0000518in Multi-home Routing}. It is an optional transitive attribute,
519therefore local policy can travel through different autonomous system.
520
paulaa5943f2005-11-04 21:53:59 +0000521Communities attribute is a set of communities values. Each
paul718e3742002-12-13 20:15:29 +0000522communities value is 4 octet long. The following format is used to
523define communities value.
524
525@table @code
526@item AS:VAL
527This format represents 4 octet communities value. @code{AS} is high
528order 2 octet in digit format. @code{VAL} is low order 2 octet in
529digit format. This format is useful to define AS oriented policy
530value. For example, @code{7675:80} can be used when AS 7675 wants to
531pass local policy value 80 to neighboring peer.
532@item internet
533@code{internet} represents well-known communities value 0.
534@item no-export
535@code{no-export} represents well-known communities value @code{NO_EXPORT}@*
536@r{(0xFFFFFF01)}. All routes carry this value must not be advertised
537to outside a BGP confederation boundary. If neighboring BGP peer is
538part of BGP confederation, the peer is considered as inside a BGP
539confederation boundary, so the route will be announced to the peer.
540@item no-advertise
541@code{no-advertise} represents well-known communities value
542@code{NO_ADVERTISE}@*@r{(0xFFFFFF02)}. All routes carry this value
543must not be advertise to other BGP peers.
544@item local-AS
545@code{local-AS} represents well-known communities value
546@code{NO_EXPORT_SUBCONFED} @r{(0xFFFFFF03)}. All routes carry this
547value must not be advertised to external BGP peers. Even if the
548neighboring router is part of confederation, it is considered as
549external BGP peer, so the route will not be announced to the peer.
550@end table
551
552 When BGP communities attribute is received, duplicated communities
553value in the communities attribute is ignored and each communities
554values are sorted in numerical order.
555
556@menu
557* BGP Community Lists::
558* Numbered BGP Community Lists::
559* BGP Community in Route Map::
560* Display BGP Routes by Community::
561* Using BGP Communities Attribute::
562@end menu
563
paul76b89b42004-11-06 17:13:09 +0000564@node BGP Community Lists
paul718e3742002-12-13 20:15:29 +0000565@subsection BGP Community Lists
566
567 BGP community list is a user defined BGP communites attribute list.
568BGP community list can be used for matching or manipulating BGP
569communities attribute in updates.
570
paulaa5943f2005-11-04 21:53:59 +0000571There are two types of community list. One is standard community
paul718e3742002-12-13 20:15:29 +0000572list and another is expanded community list. Standard community list
573defines communities attribute. Expanded community list defines
574communities attribute string with regular expression. Standard
575community list is compiled into binary format when user define it.
576Standard community list will be directly compared to BGP communities
577attribute in BGP updates. Therefore the comparison is faster than
578expanded community list.
579
580@deffn Command {ip community-list standard @var{name} @{permit|deny@} @var{community}} {}
581This command defines a new standard community list. @var{community}
582is communities value. The @var{community} is compiled into community
583structure. We can define multiple community list under same name. In
584that case match will happen user defined order. Once the
585community list matches to communities attribute in BGP updates it
586return permit or deny by the community list definition. When there is
587no matched entry, deny will be returned. When @var{community} is
588empty it matches to any routes.
589@end deffn
590
591@deffn Command {ip community-list expanded @var{name} @{permit|deny@} @var{line}} {}
592This command defines a new expanded community list. @var{line} is a
593string expression of communities attribute. @var{line} can include
594regular expression to match communities attribute in BGP updates.
595@end deffn
596
597@deffn Command {no ip community-list @var{name}} {}
598@deffnx Command {no ip community-list standard @var{name}} {}
599@deffnx Command {no ip community-list expanded @var{name}} {}
600These commands delete community lists specified by @var{name}. All of
601community lists shares a single name space. So community lists can be
602removed simpley specifying community lists name.
603@end deffn
604
605@deffn {Command} {show ip community-list} {}
606@deffnx {Command} {show ip community-list @var{name}} {}
607This command display current community list information. When
608@var{name} is specified the specified community list's information is
609shown.
610
611@example
612# show ip community-list
613Named Community standard list CLIST
614 permit 7675:80 7675:100 no-export
615 deny internet
616Named Community expanded list EXPAND
617 permit :
618
619# show ip community-list CLIST
620Named Community standard list CLIST
621 permit 7675:80 7675:100 no-export
622 deny internet
623@end example
624@end deffn
625
paul76b89b42004-11-06 17:13:09 +0000626@node Numbered BGP Community Lists
paul718e3742002-12-13 20:15:29 +0000627@subsection Numbered BGP Community Lists
628
paulaa5943f2005-11-04 21:53:59 +0000629When number is used for BGP community list name, the number has
paul718e3742002-12-13 20:15:29 +0000630special meanings. Community list number in the range from 1 and 99 is
631standard community list. Community list number in the range from 100
632to 199 is expanded community list. These community lists are called
633as numbered community lists. On the other hand normal community lists
634is called as named community lists.
635
636@deffn Command {ip community-list <1-99> @{permit|deny@} @var{community}} {}
637This command defines a new community list. <1-99> is standard
638community list number. Community list name within this range defines
639standard community list. When @var{community} is empty it matches to
640any routes.
641@end deffn
642
643@deffn Command {ip community-list <100-199> @{permit|deny@} @var{community}} {}
644This command defines a new community list. <100-199> is expanded
645community list number. Community list name within this range defines
646expanded community list.
647@end deffn
648
649@deffn Command {ip community-list @var{name} @{permit|deny@} @var{community}} {}
650When community list type is not specifed, the community list type is
651automatically detected. If @var{community} can be compiled into
652communities attribute, the community list is defined as a standard
653community list. Otherwise it is defined as an expanded community
654list. This feature is left for backward compability. Use of this
655feature is not recommended.
656@end deffn
657
paul76b89b42004-11-06 17:13:09 +0000658@node BGP Community in Route Map
paul718e3742002-12-13 20:15:29 +0000659@subsection BGP Community in Route Map
660
paulaa5943f2005-11-04 21:53:59 +0000661In Route Map (@pxref{Route Map}), we can match or set BGP
paul718e3742002-12-13 20:15:29 +0000662communities attribute. Using this feature network operator can
663implement their network policy based on BGP communities attribute.
664
paulaa5943f2005-11-04 21:53:59 +0000665Following commands can be used in Route Map.
paul718e3742002-12-13 20:15:29 +0000666
667@deffn {Route Map} {match community @var{word}} {}
668@deffnx {Route Map} {match community @var{word} exact-match} {}
669This command perform match to BGP updates using community list
670@var{word}. When the one of BGP communities value match to the one of
671communities value in community list, it is match. When
672@code{exact-match} keyword is spcified, match happen only when BGP
673updates have completely same communities value specified in the
674community list.
675@end deffn
676
677@deffn {Route Map} {set community none} {}
678@deffnx {Route Map} {set community @var{community}} {}
679@deffnx {Route Map} {set community @var{community} additive} {}
680This command manipulate communities value in BGP updates. When
681@code{none} is specified as communities value, it removes entire
682communities attribute from BGP updates. When @var{community} is not
683@code{none}, specified communities value is set to BGP updates. If
684BGP updates already has BGP communities value, the existing BGP
685communities value is replaced with specified @var{community} value.
686When @code{additive} keyword is specified, @var{community} is appended
687to the existing communities value.
688@end deffn
689
690@deffn {Route Map} {set comm-list @var{word} delete} {}
691This command remove communities value from BGP communities attribute.
692The @var{word} is community list name. When BGP route's communities
693value matches to the community list @var{word}, the communities value
694is removed. When all of communities value is removed eventually, the
695BGP update's communities attribute is completely removed.
696@end deffn
697
paul76b89b42004-11-06 17:13:09 +0000698@node Display BGP Routes by Community
paul718e3742002-12-13 20:15:29 +0000699@subsection Display BGP Routes by Community
700
paulaa5943f2005-11-04 21:53:59 +0000701To show BGP routes which has specific BGP communities attribute,
paul718e3742002-12-13 20:15:29 +0000702@code{show ip bgp} command can be used. The @var{community} value and
703community list can be used for @code{show ip bgp} command.
704
705@deffn Command {show ip bgp community} {}
706@deffnx Command {show ip bgp community @var{community}} {}
707@deffnx Command {show ip bgp community @var{community} exact-match} {}
708@code{show ip bgp community} displays BGP routes which has communities
709attribute. When @var{community} is specified, BGP routes that matches
710@var{community} value is displayed. For this command, @code{internet}
711keyword can't be used for @var{community} value. When
712@code{exact-match} is specified, it display only routes that have an
713exact match.
714@end deffn
715
716@deffn Command {show ip bgp community-list @var{word}} {}
717@deffnx Command {show ip bgp community-list @var{word} exact-match} {}
718This commands display BGP routes that matches community list
719@var{word}. When @code{exact-match} is specified, display only routes
720that have an exact match.
721@end deffn
722
paul76b89b42004-11-06 17:13:09 +0000723@node Using BGP Communities Attribute
paul718e3742002-12-13 20:15:29 +0000724@subsection Using BGP Communities Attribute
725
paulaa5943f2005-11-04 21:53:59 +0000726Following configuration is the most typical usage of BGP communities
paul718e3742002-12-13 20:15:29 +0000727attribute. AS 7675 provides upstream Internet connection to AS 100.
728When following configuration exists in AS 7675, AS 100 networks
729operator can set local preference in AS 7675 network by setting BGP
730communities attribute to the updates.
731
732@example
733router bgp 7675
734 neighbor 192.168.0.1 remote-as 100
735 neighbor 192.168.0.1 route-map RMAP in
736!
737ip community-list 70 permit 7675:70
738ip community-list 70 deny
739ip community-list 80 permit 7675:80
740ip community-list 80 deny
741ip community-list 90 permit 7675:90
742ip community-list 90 deny
743!
744route-map RMAP permit 10
745 match community 70
746 set local-preference 70
747!
748route-map RMAP permit 20
749 match community 80
750 set local-preference 80
751!
752route-map RMAP permit 30
753 match community 90
754 set local-preference 90
755@end example
756
paulaa5943f2005-11-04 21:53:59 +0000757Following configuration announce 10.0.0.0/8 from AS 100 to AS 7675.
paul718e3742002-12-13 20:15:29 +0000758The route has communities value 7675:80 so when above configuration
759exists in AS 7675, announced route's local preference will be set to
760value 80.
761
762@example
763router bgp 100
764 network 10.0.0.0/8
765 neighbor 192.168.0.2 remote-as 7675
766 neighbor 192.168.0.2 route-map RMAP out
767!
768ip prefix-list PLIST permit 10.0.0.0/8
769!
770route-map RMAP permit 10
771 match ip address prefix-list PLIST
772 set community 7675:80
773@end example
774
paulaa5943f2005-11-04 21:53:59 +0000775Following configuration is an example of BGP route filtering using
paul718e3742002-12-13 20:15:29 +0000776communities attribute. This configuration only permit BGP routes
777which has BGP communities value 0:80 or 0:90. Network operator can
778put special internal communities value at BGP border router, then
779limit the BGP routes announcement into the internal network.
780
781@example
782router bgp 7675
783 neighbor 192.168.0.1 remote-as 100
784 neighbor 192.168.0.1 route-map RMAP in
785!
786ip community-list 1 permit 0:80 0:90
787!
788route-map RMAP permit in
789 match community 1
790@end example
791
paulaa5943f2005-11-04 21:53:59 +0000792Following exmaple filter BGP routes which has communities value 1:1.
paul718e3742002-12-13 20:15:29 +0000793When there is no match community-list returns deny. To avoid
794filtering all of routes, we need to define permit any at last.
795
796@example
797router bgp 7675
798 neighbor 192.168.0.1 remote-as 100
799 neighbor 192.168.0.1 route-map RMAP in
800!
801ip community-list standard FILTER deny 1:1
802ip community-list standard FILTER permit
803!
804route-map RMAP permit 10
805 match community FILTER
806@end example
807
paulaa5943f2005-11-04 21:53:59 +0000808Communities value keyword @code{internet} has special meanings in
paul718e3742002-12-13 20:15:29 +0000809standard community lists. In below example @code{internet} act as
810match any. It matches all of BGP routes even if the route does not
811have communities attribute at all. So community list @code{INTERNET}
812is same as above example's @code{FILTER}.
813
814@example
815ip community-list standard INTERNET deny 1:1
816ip community-list standard INTERNET permit internet
817@end example
818
paulaa5943f2005-11-04 21:53:59 +0000819Following configuration is an example of communities value deletion.
paul718e3742002-12-13 20:15:29 +0000820With this configuration communities value 100:1 and 100:2 is removed
821from BGP updates. For communities value deletion, only @code{permit}
822community-list is used. @code{deny} community-list is ignored.
823
824@example
825router bgp 7675
826 neighbor 192.168.0.1 remote-as 100
827 neighbor 192.168.0.1 route-map RMAP in
828!
829ip community-list standard DEL permit 100:1 100:2
830!
831route-map RMAP permit 10
832 set comm-list DEL delete
833@end example
834
835@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000836@node BGP Extended Communities Attribute
paul718e3742002-12-13 20:15:29 +0000837@section BGP Extended Communities Attribute
838
paulaa5943f2005-11-04 21:53:59 +0000839BGP extended communities attribute is introduced with MPLS VPN/BGP
paul718e3742002-12-13 20:15:29 +0000840technology. MPLS VPN/BGP expands capability of network infrastructure
841to provide VPN functionality. At the same time it requires a new
842framework for policy routing. With BGP Extended Communities Attribute
843we can use Route Target or Site of Origin for implementing network
844policy for MPLS VPN/BGP.
845
paulaa5943f2005-11-04 21:53:59 +0000846BGP Extended Communities Attribute is similar to BGP Communities
paul718e3742002-12-13 20:15:29 +0000847Attribute. It is an optional transitive attribute. BGP Extended
848Communities Attribute can carry multiple Extended Community value.
849Each Extended Community value is eight octet length.
850
paulaa5943f2005-11-04 21:53:59 +0000851BGP Extended Communities Attribute provides an extended range
paul718e3742002-12-13 20:15:29 +0000852compared with BGP Communities Attribute. Adding to that there is a
853type field in each value to provides community space structure.
854
paulaa5943f2005-11-04 21:53:59 +0000855There are two format to define Extended Community value. One is AS
paul718e3742002-12-13 20:15:29 +0000856based format the other is IP address based format.
857
858@table @code
859@item AS:VAL
860This is a format to define AS based Extended Community value.
861@code{AS} part is 2 octets Global Administrator subfield in Extended
862Community value. @code{VAL} part is 4 octets Local Administrator
863subfield. @code{7675:100} represents AS 7675 policy value 100.
864@item IP-Address:VAL
865This is a format to define IP address based Extended Community value.
866@code{IP-Address} part is 4 octets Global Administrator subfield.
867@code{VAL} part is 2 octets Local Administrator subfield.
868@code{10.0.0.1:100} represents
869@end table
870
871@menu
872* BGP Extended Community Lists::
873* BGP Extended Communities in Route Map::
874@end menu
875
paul76b89b42004-11-06 17:13:09 +0000876@node BGP Extended Community Lists
paul718e3742002-12-13 20:15:29 +0000877@subsection BGP Extended Community Lists
878
paulaa5943f2005-11-04 21:53:59 +0000879Expanded Community Lists is a user defined BGP Expanded Community
paul718e3742002-12-13 20:15:29 +0000880Lists.
881
882@deffn Command {ip extcommunity-list standard @var{name} @{permit|deny@} @var{extcommunity}} {}
883This command defines a new standard extcommunity-list.
884@var{extcommunity} is extended communities value. The
885@var{extcommunity} is compiled into extended community structure. We
886can define multiple extcommunity-list under same name. In that case
887match will happen user defined order. Once the extcommunity-list
888matches to extended communities attribute in BGP updates it return
889permit or deny based upon the extcommunity-list definition. When
890there is no matched entry, deny will be returned. When
891@var{extcommunity} is empty it matches to any routes.
892@end deffn
893
894@deffn Command {ip extcommunity-list expanded @var{name} @{permit|deny@} @var{line}} {}
895This command defines a new expanded extcommunity-list. @var{line} is
896a string expression of extended communities attribute. @var{line} can
897include regular expression to match extended communities attribute in
898BGP updates.
899@end deffn
900
901@deffn Command {no ip extcommunity-list @var{name}} {}
902@deffnx Command {no ip extcommunity-list standard @var{name}} {}
903@deffnx Command {no ip extcommunity-list expanded @var{name}} {}
904These commands delete extended community lists specified by
905@var{name}. All of extended community lists shares a single name
906space. So extended community lists can be removed simpley specifying
907the name.
908@end deffn
909
910@deffn {Command} {show ip extcommunity-list} {}
911@deffnx {Command} {show ip extcommunity-list @var{name}} {}
912This command display current extcommunity-list information. When
913@var{name} is specified the community list's information is shown.
914
915@example
916# show ip extcommunity-list
917@end example
918@end deffn
919
paul76b89b42004-11-06 17:13:09 +0000920@node BGP Extended Communities in Route Map
paul718e3742002-12-13 20:15:29 +0000921@subsection BGP Extended Communities in Route Map
922
923@deffn {Route Map} {match extcommunity @var{word}} {}
924@end deffn
925
926@deffn {Route Map} {set extcommunity rt @var{extcommunity}} {}
927This command set Route Target value.
928@end deffn
929
930@deffn {Route Map} {set extcommunity soo @var{extcommunity}} {}
931This command set Site of Origin value.
932@end deffn
933
934@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000935@node Displaying BGP routes
paul718e3742002-12-13 20:15:29 +0000936@section Displaying BGP Routes
937
938@menu
939* Show IP BGP::
940* More Show IP BGP::
941@end menu
942
paul76b89b42004-11-06 17:13:09 +0000943@node Show IP BGP
paul718e3742002-12-13 20:15:29 +0000944@subsection Show IP BGP
945
946@deffn {Command} {show ip bgp} {}
947@deffnx {Command} {show ip bgp @var{A.B.C.D}} {}
948@deffnx {Command} {show ip bgp @var{X:X::X:X}} {}
949This command displays BGP routes. When no route is specified it
950display all of IPv4 BGP routes.
951@end deffn
952
953@example
954BGP table version is 0, local router ID is 10.1.1.1
955Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
956Origin codes: i - IGP, e - EGP, ? - incomplete
957
958 Network Next Hop Metric LocPrf Weight Path
959*> 1.1.1.1/32 0.0.0.0 0 32768 i
960
961Total number of prefixes 1
962@end example
963
paul76b89b42004-11-06 17:13:09 +0000964@node More Show IP BGP
paul718e3742002-12-13 20:15:29 +0000965@subsection More Show IP BGP
966
967@deffn {Command} {show ip bgp regexp @var{line}} {}
968This command display BGP routes using AS path regular expression (@pxref{Display BGP Routes by AS Path}).
969@end deffn
970
971@deffn Command {show ip bgp community @var{community}} {}
972@deffnx Command {show ip bgp community @var{community} exact-match} {}
973This command display BGP routes using @var{community} (@pxref{Display
974BGP Routes by Community}).
975@end deffn
976
977@deffn Command {show ip bgp community-list @var{word}} {}
978@deffnx Command {show ip bgp community-list @var{word} exact-match} {}
979This command display BGP routes using community list (@pxref{Display
980BGP Routes by Community}).
981@end deffn
982
983@deffn {Command} {show ip bgp summary} {}
984@end deffn
985
986@deffn {Command} {show ip bgp neighbor [@var{peer}]} {}
987@end deffn
988
989@deffn {Command} {clear ip bgp @var{peer}} {}
990Clear peers which have addresses of X.X.X.X
991@end deffn
992
993@deffn {Command} {clear ip bgp @var{peer} soft in} {}
994Clear peer using soft reconfiguration.
995@end deffn
996
Alexandre Chappuisc31e5722011-09-11 16:54:11 +0400997@deffn {Command} {show ip bgp dampened-paths} {}
998Display paths suppressed due to dampening
999@end deffn
1000
1001@deffn {Command} {show ip bgp flap-statistics} {}
1002Display flap statistics of routes
1003@end deffn
1004
paul718e3742002-12-13 20:15:29 +00001005@deffn {Command} {show debug} {}
1006@end deffn
1007
1008@deffn {Command} {debug event} {}
1009@end deffn
1010
1011@deffn {Command} {debug update} {}
1012@end deffn
1013
1014@deffn {Command} {debug keepalive} {}
1015@end deffn
1016
1017@deffn {Command} {no debug event} {}
1018@end deffn
1019
1020@deffn {Command} {no debug update} {}
1021@end deffn
1022
1023@deffn {Command} {no debug keepalive} {}
1024@end deffn
1025
paul76b89b42004-11-06 17:13:09 +00001026@node Capability Negotiation
paul718e3742002-12-13 20:15:29 +00001027@section Capability Negotiation
1028
paulaa5943f2005-11-04 21:53:59 +00001029When adding IPv6 routing information exchange feature to BGP. There
1030were some proposals. @acronym{IETF,Internet Engineering Task Force}
1031@acronym{IDR, Inter Domain Routing} @acronym{WG, Working group} adopted
1032a proposal called Multiprotocol Extension for BGP. The specification
1033is described in @cite{RFC2283}. The protocol does not define new protocols.
1034It defines new attributes to existing BGP. When it is used exchanging
1035IPv6 routing information it is called BGP-4+. When it is used for
1036exchanging multicast routing information it is called MBGP.
paul718e3742002-12-13 20:15:29 +00001037
paulaa5943f2005-11-04 21:53:59 +00001038@command{bgpd} supports Multiprotocol Extension for BGP. So if remote
1039peer supports the protocol, @command{bgpd} can exchange IPv6 and/or
1040multicast routing information.
paul718e3742002-12-13 20:15:29 +00001041
paulaa5943f2005-11-04 21:53:59 +00001042Traditional BGP did not have the feature to detect remote peer's
1043capabilities, e.g. whether it can handle prefix types other than IPv4
1044unicast routes. This was a big problem using Multiprotocol Extension
1045for BGP to operational network. @cite{RFC2842, Capabilities
1046Advertisement with BGP-4} adopted a feature called Capability
1047Negotiation. @command{bgpd} use this Capability Negotiation to detect
1048the remote peer's capabilities. If the peer is only configured as IPv4
1049unicast neighbor, @command{bgpd} does not send these Capability
1050Negotiation packets (at least not unless other optional BGP features
1051require capability negotation).
paul718e3742002-12-13 20:15:29 +00001052
paulaa5943f2005-11-04 21:53:59 +00001053By default, Quagga will bring up peering with minimal common capability
1054for the both sides. For example, local router has unicast and
1055multicast capabilitie and remote router has unicast capability. In
1056this case, the local router will establish the connection with unicast
1057only capability. When there are no common capabilities, Quagga sends
1058Unsupported Capability error and then resets the connection.
paul718e3742002-12-13 20:15:29 +00001059
paulaa5943f2005-11-04 21:53:59 +00001060If you want to completely match capabilities with remote peer. Please
paul718e3742002-12-13 20:15:29 +00001061use @command{strict-capability-match} command.
1062
1063@deffn {BGP} {neighbor @var{peer} strict-capability-match} {}
1064@deffnx {BGP} {no neighbor @var{peer} strict-capability-match} {}
1065Strictly compares remote capabilities and local capabilities. If capabilities
1066are different, send Unsupported Capability error then reset connection.
1067@end deffn
1068
paulaa5943f2005-11-04 21:53:59 +00001069You may want to disable sending Capability Negotiation OPEN message
paul718e3742002-12-13 20:15:29 +00001070optional parameter to the peer when remote peer does not implement
1071Capability Negotiation. Please use @command{dont-capability-negotiate}
1072command to disable the feature.
1073
1074@deffn {BGP} {neighbor @var{peer} dont-capability-negotiate} {}
1075@deffnx {BGP} {no neighbor @var{peer} dont-capability-negotiate} {}
1076Suppress sending Capability Negotiation as OPEN message optional
1077parameter to the peer. This command only affects the peer is configured
1078other than IPv4 unicast configuration.
1079@end deffn
1080
paulaa5943f2005-11-04 21:53:59 +00001081When remote peer does not have capability negotiation feature, remote
1082peer will not send any capabilities at all. In that case, bgp
1083configures the peer with configured capabilities.
paul718e3742002-12-13 20:15:29 +00001084
paulaa5943f2005-11-04 21:53:59 +00001085You may prefer locally configured capabilities more than the negotiated
1086capabilities even though remote peer sends capabilities. If the peer
1087is configured by @command{override-capability}, @command{bgpd} ignores
1088received capabilities then override negotiated capabilities with
1089configured values.
paul718e3742002-12-13 20:15:29 +00001090
1091@deffn {BGP} {neighbor @var{peer} override-capability} {}
1092@deffnx {BGP} {no neighbor @var{peer} override-capability} {}
1093Override the result of Capability Negotiation with local configuration.
1094Ignore remote peer's capability value.
1095@end deffn
1096
paul76b89b42004-11-06 17:13:09 +00001097@node Route Reflector
paul718e3742002-12-13 20:15:29 +00001098@section Route Reflector
1099
1100@deffn {BGP} {bgp cluster-id @var{a.b.c.d}} {}
1101@end deffn
1102
1103@deffn {BGP} {neighbor @var{peer} route-reflector-client} {}
1104@deffnx {BGP} {no neighbor @var{peer} route-reflector-client} {}
1105@end deffn
1106
paul76b89b42004-11-06 17:13:09 +00001107@node Route Server
paul718e3742002-12-13 20:15:29 +00001108@section Route Server
1109
1110At an Internet Exchange point, many ISPs are connected to each other by
1111external BGP peering. Normally these external BGP connection are done by
paulaa5943f2005-11-04 21:53:59 +00001112@samp{full mesh} method. As with internal BGP full mesh formation,
paul718e3742002-12-13 20:15:29 +00001113this method has a scaling problem.
1114
1115This scaling problem is well known. Route Server is a method to resolve
1116the problem. Each ISP's BGP router only peers to Route Server. Route
1117Server serves as BGP information exchange to other BGP routers. By
1118applying this method, numbers of BGP connections is reduced from
1119O(n*(n-1)/2) to O(n).
1120
1121Unlike normal BGP router, Route Server must have several routing tables
1122for managing different routing policies for each BGP speaker. We call the
1123routing tables as different @code{view}s. @command{bgpd} can work as
1124normal BGP router or Route Server or both at the same time.
1125
1126@menu
1127* Multiple instance::
1128* BGP instance and view::
1129* Routing policy::
1130* Viewing the view::
1131@end menu
1132
paul76b89b42004-11-06 17:13:09 +00001133@node Multiple instance
paul718e3742002-12-13 20:15:29 +00001134@subsection Multiple instance
1135
1136To enable multiple view function of @code{bgpd}, you must turn on
1137multiple instance feature beforehand.
1138
1139@deffn {Command} {bgp multiple-instance} {}
1140Enable BGP multiple instance feature. After this feature is enabled,
1141you can make multiple BGP instances or multiple BGP views.
1142@end deffn
1143
1144@deffn {Command} {no bgp multiple-instance} {}
1145Disable BGP multiple instance feature. You can not disable this feature
1146when BGP multiple instances or views exist.
1147@end deffn
1148
1149When you want to make configuration more Cisco like one,
1150
1151@deffn {Command} {bgp config-type cisco} {}
1152Cisco compatible BGP configuration output.
1153@end deffn
1154
1155When bgp config-type cisco is specified,
1156
1157``no synchronization'' is displayed.
Ivan Moskalyov2b09e212010-03-11 17:14:35 +03001158``no auto-summary'' is displayed.
paul718e3742002-12-13 20:15:29 +00001159
1160``network'' and ``aggregate-address'' argument is displayed as
1161``A.B.C.D M.M.M.M''
1162
paul7190f4e2003-08-12 12:40:20 +00001163Quagga: network 10.0.0.0/8
paul718e3742002-12-13 20:15:29 +00001164Cisco: network 10.0.0.0
1165
paul7190f4e2003-08-12 12:40:20 +00001166Quagga: aggregate-address 192.168.0.0/24
paul718e3742002-12-13 20:15:29 +00001167Cisco: aggregate-address 192.168.0.0 255.255.255.0
1168
1169Community attribute handling is also different. If there is no
1170configuration is specified community attribute and extended community
1171attribute are sent to neighbor. When user manually disable the
1172feature community attribute is not sent to the neighbor. In case of
paulaa5943f2005-11-04 21:53:59 +00001173@command{bgp config-type cisco} is specified, community attribute is not
paul718e3742002-12-13 20:15:29 +00001174sent to the neighbor by default. To send community attribute user has
paulaa5943f2005-11-04 21:53:59 +00001175to specify @command{neighbor A.B.C.D send-community} command.
paul718e3742002-12-13 20:15:29 +00001176
paulaa5943f2005-11-04 21:53:59 +00001177@example
paul718e3742002-12-13 20:15:29 +00001178!
1179router bgp 1
1180 neighbor 10.0.0.1 remote-as 1
1181 no neighbor 10.0.0.1 send-community
1182!
paul718e3742002-12-13 20:15:29 +00001183router bgp 1
1184 neighbor 10.0.0.1 remote-as 1
1185 neighbor 10.0.0.1 send-community
1186!
paulaa5943f2005-11-04 21:53:59 +00001187@end example
paul718e3742002-12-13 20:15:29 +00001188
1189@deffn {Command} {bgp config-type zebra} {}
paul7190f4e2003-08-12 12:40:20 +00001190Quagga style BGP configuration. This is default.
paul718e3742002-12-13 20:15:29 +00001191@end deffn
1192
paul76b89b42004-11-06 17:13:09 +00001193@node BGP instance and view
paul718e3742002-12-13 20:15:29 +00001194@subsection BGP instance and view
1195
1196BGP instance is a normal BGP process. The result of route selection
1197goes to the kernel routing table. You can setup different AS at the
1198same time when BGP multiple instance feature is enabled.
1199
1200@deffn {Command} {router bgp @var{as-number}} {}
1201Make a new BGP instance. You can use arbitrary word for the @var{name}.
1202@end deffn
1203
1204@example
1205@group
1206bgp multiple-instance
1207!
1208router bgp 1
1209 neighbor 10.0.0.1 remote-as 2
1210 neighbor 10.0.0.2 remote-as 3
1211!
1212router bgp 2
1213 neighbor 10.0.0.3 remote-as 4
1214 neighbor 10.0.0.4 remote-as 5
1215@end group
1216@end example
1217
1218BGP view is almost same as normal BGP process. The result of
1219route selection does not go to the kernel routing table. BGP view is
1220only for exchanging BGP routing information.
1221
1222@deffn {Command} {router bgp @var{as-number} view @var{name}} {}
1223Make a new BGP view. You can use arbitrary word for the @var{name}. This
1224view's route selection result does not go to the kernel routing table.
1225@end deffn
1226
1227With this command, you can setup Route Server like below.
1228
1229@example
1230@group
1231bgp multiple-instance
1232!
1233router bgp 1 view 1
1234 neighbor 10.0.0.1 remote-as 2
1235 neighbor 10.0.0.2 remote-as 3
1236!
1237router bgp 2 view 2
1238 neighbor 10.0.0.3 remote-as 4
1239 neighbor 10.0.0.4 remote-as 5
1240@end group
1241@end example
1242
paul76b89b42004-11-06 17:13:09 +00001243@node Routing policy
paul718e3742002-12-13 20:15:29 +00001244@subsection Routing policy
1245
1246You can set different routing policy for a peer. For example, you can
1247set different filter for a peer.
1248
1249@example
1250@group
1251bgp multiple-instance
1252!
1253router bgp 1 view 1
1254 neighbor 10.0.0.1 remote-as 2
1255 neighbor 10.0.0.1 distribute-list 1 in
1256!
1257router bgp 1 view 2
1258 neighbor 10.0.0.1 remote-as 2
1259 neighbor 10.0.0.1 distribute-list 2 in
1260@end group
1261@end example
1262
1263This means BGP update from a peer 10.0.0.1 goes to both BGP view 1 and view
12642. When the update is inserted into view 1, distribute-list 1 is
1265applied. On the other hand, when the update is inserted into view 2,
1266distribute-list 2 is applied.
1267
paul76b89b42004-11-06 17:13:09 +00001268@node Viewing the view
paul718e3742002-12-13 20:15:29 +00001269@subsection Viewing the view
1270
1271To display routing table of BGP view, you must specify view name.
1272
1273@deffn {Command} {show ip bgp view @var{name}} {}
1274Display routing table of BGP view @var{name}.
1275@end deffn
1276
paul76b89b42004-11-06 17:13:09 +00001277@node How to set up a 6-Bone connection
paul718e3742002-12-13 20:15:29 +00001278@section How to set up a 6-Bone connection
1279
paul6a22b1f2004-11-07 19:39:13 +00001280
paul718e3742002-12-13 20:15:29 +00001281@example
1282@group
1283zebra configuration
1284===================
1285!
1286! Actually there is no need to configure zebra
1287!
1288
1289bgpd configuration
1290==================
1291!
1292! This means that routes go through zebra and into the kernel.
1293!
1294router zebra
1295!
1296! MP-BGP configuration
1297!
1298router bgp 7675
1299 bgp router-id 10.0.0.1
1300 neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 remote-as @var{as-number}
1301!
1302 address-family ipv6
1303 network 3ffe:506::/32
1304 neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 activate
1305 neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 route-map set-nexthop out
1306 neighbor 3ffe:1cfa:0:2:2c0:4fff:fe68:a231 remote-as @var{as-number}
1307 neighbor 3ffe:1cfa:0:2:2c0:4fff:fe68:a231 route-map set-nexthop out
1308 exit-address-family
1309!
1310ipv6 access-list all permit any
1311!
1312! Set output nexthop address.
1313!
1314route-map set-nexthop permit 10
1315 match ipv6 address all
1316 set ipv6 nexthop global 3ffe:1cfa:0:2:2c0:4fff:fe68:a225
1317 set ipv6 nexthop local fe80::2c0:4fff:fe68:a225
1318!
1319! logfile FILENAME is obsolete. Please use log file FILENAME
paul7190f4e2003-08-12 12:40:20 +00001320
paul718e3742002-12-13 20:15:29 +00001321log file bgpd.log
1322!
1323@end group
1324@end example
1325
paul76b89b42004-11-06 17:13:09 +00001326@node Dump BGP packets and table
paul718e3742002-12-13 20:15:29 +00001327@section Dump BGP packets and table
1328
Alexis Fasqueldbe99e02015-11-16 13:55:16 -05001329@deffn Command {dump bgp all @var{path} [@var{interval}]} {}
1330@deffnx Command {dump bgp all-et @var{path} [@var{interval}]} {}
1331@deffnx Command {no dump bgp all [@var{path}] [@var{interval}]} {}
paul718e3742002-12-13 20:15:29 +00001332Dump all BGP packet and events to @var{path} file.
Alexis Fasqueldbe99e02015-11-16 13:55:16 -05001333If @var{interval} is set, a new file will be created for echo @var{interval} of seconds.
1334The path @var{path} can be set with date and time formatting (strftime).
1335The type ‘all-et’ enables support for Extended Timestamp Header (@pxref{Packet Binary Dump Format}).
1336(@pxref{Packet Binary Dump Format})
paul718e3742002-12-13 20:15:29 +00001337@end deffn
1338
Alexis Fasqueldbe99e02015-11-16 13:55:16 -05001339@deffn Command {dump bgp updates @var{path} [@var{interval}]} {}
1340@deffnx Command {dump bgp updates-et @var{path} [@var{interval}]} {}
1341@deffnx Command {no dump bgp updates [@var{path}] [@var{interval}]} {}
1342Dump only BGP updates messages to @var{path} file.
1343If @var{interval} is set, a new file will be created for echo @var{interval} of seconds.
1344The path @var{path} can be set with date and time formatting (strftime).
1345The type ‘updates-et’ enables support for Extended Timestamp Header (@pxref{Packet Binary Dump Format}).
paul718e3742002-12-13 20:15:29 +00001346@end deffn
1347
Alexis Fasqueldbe99e02015-11-16 13:55:16 -05001348@deffn Command {dump bgp routes-mrt @var{path}} {}
1349@deffnx Command {dump bgp routes-mrt @var{path} @var{interval}} {}
1350@deffnx Command {no dump bgp route-mrt [@var{path}] [@var{interval}]} {}
paul718e3742002-12-13 20:15:29 +00001351Dump whole BGP routing table to @var{path}. This is heavy process.
Alexis Fasqueldbe99e02015-11-16 13:55:16 -05001352The path @var{path} can be set with date and time formatting (strftime).
1353If @var{interval} is set, a new file will be created for echo @var{interval} of seconds.
paul718e3742002-12-13 20:15:29 +00001354@end deffn
paulaa5943f2005-11-04 21:53:59 +00001355
Alexis Fasqueldbe99e02015-11-16 13:55:16 -05001356Note: the interval variable can also be set using hours and minutes: 04h20m00.
1357
1358
paulaa5943f2005-11-04 21:53:59 +00001359@node BGP Configuration Examples
1360@section BGP Configuration Examples
1361
1362Example of a session to an upstream, advertising only one prefix to it.
1363
1364@example
1365router bgp 64512
1366 bgp router-id 10.236.87.1
1367 network 10.236.87.0/24
1368 neighbor upstream peer-group
1369 neighbor upstream remote-as 64515
1370 neighbor upstream capability dynamic
1371 neighbor upstream prefix-list pl-allowed-adv out
1372 neighbor 10.1.1.1 peer-group upstream
1373 neighbor 10.1.1.1 description ACME ISP
1374!
1375ip prefix-list pl-allowed-adv seq 5 permit 82.195.133.0/25
1376ip prefix-list pl-allowed-adv seq 10 deny any
1377
1378@end example
1379
1380A more complex example. With upstream, peer and customer sessions.
1381Advertising global prefixes and NO_EXPORT prefixes and providing
1382actions for customer routes based on community values. Extensive use of
1383route-maps and the 'call' feature to support selective advertising of
1384prefixes. This example is intended as guidance only, it has NOT been
1385tested and almost certainly containts silly mistakes, if not serious
1386flaws.
1387
1388@example
1389router bgp 64512
1390 bgp router-id 10.236.87.1
1391 network 10.123.456.0/24
1392 network 10.123.456.128/25 route-map rm-no-export
1393 neighbor upstream capability dynamic
1394 neighbor upstream route-map rm-upstream-out out
1395 neighbor cust capability dynamic
1396 neighbor cust route-map rm-cust-in in
1397 neighbor cust route-map rm-cust-out out
1398 neighbor cust send-community both
1399 neighbor peer capability dynamic
1400 neighbor peer route-map rm-peer-in in
1401 neighbor peer route-map rm-peer-out out
1402 neighbor peer send-community both
1403 neighbor 10.1.1.1 remote-as 64515
1404 neighbor 10.1.1.1 peer-group upstream
1405 neighbor 10.2.1.1 remote-as 64516
1406 neighbor 10.2.1.1 peer-group upstream
1407 neighbor 10.3.1.1 remote-as 64517
1408 neighbor 10.3.1.1 peer-group cust-default
1409 neighbor 10.3.1.1 description customer1
1410 neighbor 10.3.1.1 prefix-list pl-cust1-network in
1411 neighbor 10.4.1.1 remote-as 64518
1412 neighbor 10.4.1.1 peer-group cust
1413 neighbor 10.4.1.1 prefix-list pl-cust2-network in
1414 neighbor 10.4.1.1 description customer2
1415 neighbor 10.5.1.1 remote-as 64519
1416 neighbor 10.5.1.1 peer-group peer
1417 neighbor 10.5.1.1 prefix-list pl-peer1-network in
1418 neighbor 10.5.1.1 description peer AS 1
1419 neighbor 10.6.1.1 remote-as 64520
1420 neighbor 10.6.1.1 peer-group peer
1421 neighbor 10.6.1.1 prefix-list pl-peer2-network in
1422 neighbor 10.6.1.1 description peer AS 2
1423!
1424ip prefix-list pl-default permit 0.0.0.0/0
1425!
1426ip prefix-list pl-upstream-peers permit 10.1.1.1/32
1427ip prefix-list pl-upstream-peers permit 10.2.1.1/32
1428!
1429ip prefix-list pl-cust1-network permit 10.3.1.0/24
1430ip prefix-list pl-cust1-network permit 10.3.2.0/24
1431!
1432ip prefix-list pl-cust2-network permit 10.4.1.0/24
1433!
1434ip prefix-list pl-peer1-network permit 10.5.1.0/24
1435ip prefix-list pl-peer1-network permit 10.5.2.0/24
1436ip prefix-list pl-peer1-network permit 192.168.0.0/24
1437!
1438ip prefix-list pl-peer2-network permit 10.6.1.0/24
1439ip prefix-list pl-peer2-network permit 10.6.2.0/24
1440ip prefix-list pl-peer2-network permit 192.168.1.0/24
1441ip prefix-list pl-peer2-network permit 192.168.2.0/24
1442ip prefix-list pl-peer2-network permit 172.16.1/24
1443!
1444ip as-path access-list asp-own-as permit ^$
1445ip as-path access-list asp-own-as permit _64512_
1446!
1447! #################################################################
1448! Match communities we provide actions for, on routes receives from
1449! customers. Communities values of <our-ASN>:X, with X, have actions:
1450!
1451! 100 - blackhole the prefix
1452! 200 - set no_export
1453! 300 - advertise only to other customers
1454! 400 - advertise only to upstreams
1455! 500 - set no_export when advertising to upstreams
1456! 2X00 - set local_preference to X00
1457!
1458! blackhole the prefix of the route
1459ip community-list standard cm-blackhole permit 64512:100
1460!
1461! set no-export community before advertising
1462ip community-list standard cm-set-no-export permit 64512:200
1463!
1464! advertise only to other customers
1465ip community-list standard cm-cust-only permit 64512:300
1466!
1467! advertise only to upstreams
1468ip community-list standard cm-upstream-only permit 64512:400
1469!
1470! advertise to upstreams with no-export
1471ip community-list standard cm-upstream-noexport permit 64512:500
1472!
1473! set local-pref to least significant 3 digits of the community
1474ip community-list standard cm-prefmod-100 permit 64512:2100
1475ip community-list standard cm-prefmod-200 permit 64512:2200
1476ip community-list standard cm-prefmod-300 permit 64512:2300
1477ip community-list standard cm-prefmod-400 permit 64512:2400
1478ip community-list expanded cme-prefmod-range permit 64512:2...
1479!
1480! Informational communities
1481!
1482! 3000 - learned from upstream
1483! 3100 - learned from customer
1484! 3200 - learned from peer
1485!
1486ip community-list standard cm-learnt-upstream permit 64512:3000
1487ip community-list standard cm-learnt-cust permit 64512:3100
1488ip community-list standard cm-learnt-peer permit 64512:3200
1489!
1490! ###################################################################
1491! Utility route-maps
1492!
1493! These utility route-maps generally should not used to permit/deny
1494! routes, i.e. they do not have meaning as filters, and hence probably
1495! should be used with 'on-match next'. These all finish with an empty
1496! permit entry so as not interfere with processing in the caller.
1497!
1498route-map rm-no-export permit 10
1499 set community additive no-export
1500route-map rm-no-export permit 20
1501!
1502route-map rm-blackhole permit 10
1503 description blackhole, up-pref and ensure it cant escape this AS
1504 set ip next-hop 127.0.0.1
1505 set local-preference 10
1506 set community additive no-export
1507route-map rm-blackhole permit 20
1508!
1509! Set local-pref as requested
1510route-map rm-prefmod permit 10
1511 match community cm-prefmod-100
1512 set local-preference 100
1513route-map rm-prefmod permit 20
1514 match community cm-prefmod-200
1515 set local-preference 200
1516route-map rm-prefmod permit 30
1517 match community cm-prefmod-300
1518 set local-preference 300
1519route-map rm-prefmod permit 40
1520 match community cm-prefmod-400
1521 set local-preference 400
1522route-map rm-prefmod permit 50
1523!
1524! Community actions to take on receipt of route.
1525route-map rm-community-in permit 10
1526 description check for blackholing, no point continuing if it matches.
1527 match community cm-blackhole
1528 call rm-blackhole
1529route-map rm-community-in permit 20
1530 match community cm-set-no-export
1531 call rm-no-export
1532 on-match next
1533route-map rm-community-in permit 30
1534 match community cme-prefmod-range
1535 call rm-prefmod
1536route-map rm-community-in permit 40
1537!
1538! #####################################################################
1539! Community actions to take when advertising a route.
1540! These are filtering route-maps,
1541!
1542! Deny customer routes to upstream with cust-only set.
1543route-map rm-community-filt-to-upstream deny 10
1544 match community cm-learnt-cust
1545 match community cm-cust-only
1546route-map rm-community-filt-to-upstream permit 20
1547!
1548! Deny customer routes to other customers with upstream-only set.
1549route-map rm-community-filt-to-cust deny 10
1550 match community cm-learnt-cust
1551 match community cm-upstream-only
1552route-map rm-community-filt-to-cust permit 20
1553!
1554! ###################################################################
1555! The top-level route-maps applied to sessions. Further entries could
1556! be added obviously..
1557!
1558! Customers
1559route-map rm-cust-in permit 10
1560 call rm-community-in
1561 on-match next
1562route-map rm-cust-in permit 20
1563 set community additive 64512:3100
1564route-map rm-cust-in permit 30
1565!
1566route-map rm-cust-out permit 10
1567 call rm-community-filt-to-cust
1568 on-match next
1569route-map rm-cust-out permit 20
1570!
1571! Upstream transit ASes
1572route-map rm-upstream-out permit 10
1573 description filter customer prefixes which are marked cust-only
1574 call rm-community-filt-to-upstream
1575 on-match next
1576route-map rm-upstream-out permit 20
1577 description only customer routes are provided to upstreams/peers
1578 match community cm-learnt-cust
1579!
1580! Peer ASes
1581! outbound policy is same as for upstream
1582route-map rm-peer-out permit 10
1583 call rm-upstream-out
1584!
1585route-map rm-peer-in permit 10
1586 set community additive 64512:3200
1587@end example