blob: 63834600a18da70d1ba29c9e073930875102dd5f [file] [log] [blame]
paul718e3742002-12-13 20:15:29 +00001@c -*-texinfo-*-
paul7190f4e2003-08-12 12:40:20 +00002@c This is part of the Quagga Manual.
paul76b89b42004-11-06 17:13:09 +00003@c @value{COPYRIGHT_STR}
4@c See file quagga.texi for copying conditions.
paul718e3742002-12-13 20:15:29 +00005@node BGP
paul718e3742002-12-13 20:15:29 +00006@chapter BGP
7
paulaa5943f2005-11-04 21:53:59 +00008@acronym{BGP} stands for a Border Gateway Protocol. The lastest BGP version
paul718e3742002-12-13 20:15:29 +00009is 4. It is referred as BGP-4. BGP-4 is one of the Exterior Gateway
10Protocols and de-fact standard of Inter Domain routing protocol.
paulaa5943f2005-11-04 21:53:59 +000011BGP-4 is described in @cite{RFC1771, A Border Gateway Protocol
paul718e3742002-12-13 20:15:29 +0000124 (BGP-4)}.
13
paulaa5943f2005-11-04 21:53:59 +000014Many extensions have been added to @cite{RFC1771}. @cite{RFC2858,
15Multiprotocol Extensions for BGP-4} provides multiprotocol support to
16BGP-4.
paul718e3742002-12-13 20:15:29 +000017
18@menu
19* Starting BGP::
20* BGP router::
21* BGP network::
22* BGP Peer::
23* BGP Peer Group::
24* BGP Address Family::
25* Autonomous System::
26* BGP Communities Attribute::
27* BGP Extended Communities Attribute::
28* Displaying BGP routes::
29* Capability Negotiation::
30* Route Reflector::
31* Route Server::
32* How to set up a 6-Bone connection::
33* Dump BGP packets and table::
paulaa5943f2005-11-04 21:53:59 +000034* BGP Configuration Examples::
paul718e3742002-12-13 20:15:29 +000035@end menu
36
paul76b89b42004-11-06 17:13:09 +000037@node Starting BGP
paul718e3742002-12-13 20:15:29 +000038@section Starting BGP
39
40Default configuration file of @command{bgpd} is @file{bgpd.conf}.
41@command{bgpd} searches the current directory first then
42@value{INSTALL_PREFIX_ETC}/bgpd.conf. All of bgpd's command must be
43configured in @file{bgpd.conf}.
44
45@command{bgpd} specific invocation options are described below. Common
46options may also be specified (@pxref{Common Invocation Options}).
47
48@table @samp
49@item -p @var{PORT}
50@itemx --bgp_port=@var{PORT}
51Set the bgp protocol's port number.
52
53@item -r
54@itemx --retain
55When program terminates, retain BGP routes added by zebra.
56@end table
57
paul76b89b42004-11-06 17:13:09 +000058@node BGP router
paul718e3742002-12-13 20:15:29 +000059@section BGP router
60
61 First of all you must configure BGP router with @command{router bgp}
62command. To configure BGP router, you need AS number. AS number is an
63identification of autonomous system. BGP protocol uses the AS number
64for detecting whether the BGP connection is internal one or external one.
65
66@deffn Command {router bgp @var{asn}} {}
67Enable a BGP protocol process with the specified @var{asn}. After
68this statement you can input any @code{BGP Commands}. You can not
69create different BGP process under different @var{asn} without
70specifying @code{multiple-instance} (@pxref{Multiple instance}).
71@end deffn
72
73@deffn Command {no router bgp @var{asn}} {}
74Destroy a BGP protocol process with the specified @var{asn}.
75@end deffn
76
77@deffn {BGP} {bgp router-id @var{A.B.C.D}} {}
78This command specifies the router-ID. If @command{bgpd} connects to @command{zebra} it gets
79interface and address information. In that case default router ID value
80is selected as the largest IP Address of the interfaces. When
81@code{router zebra} is not enabled @command{bgpd} can't get interface information
82so @code{router-id} is set to 0.0.0.0. So please set router-id by hand.
83@end deffn
84
85@menu
86* BGP distance::
87* BGP decision process::
Alexandre Chappuis99dc8692011-09-11 16:54:11 +040088* BGP route flap dampening::
paul718e3742002-12-13 20:15:29 +000089@end menu
90
paul76b89b42004-11-06 17:13:09 +000091@node BGP distance
paul718e3742002-12-13 20:15:29 +000092@subsection BGP distance
93
94@deffn {BGP} {distance bgp <1-255> <1-255> <1-255>} {}
95This command change distance value of BGP. Each argument is distance
96value for external routes, internal routes and local routes.
97@end deffn
98
99@deffn {BGP} {distance <1-255> @var{A.B.C.D/M}} {}
100@deffnx {BGP} {distance <1-255> @var{A.B.C.D/M} @var{word}} {}
101This command set distance value to
102@end deffn
103
paul76b89b42004-11-06 17:13:09 +0000104@node BGP decision process
paul718e3742002-12-13 20:15:29 +0000105@subsection BGP decision process
106
107@table @asis
108@item 1. Weight check
109
110@item 2. Local preference check.
111
112@item 3. Local route check.
113
114@item 4. AS path length check.
115
116@item 5. Origin check.
117
118@item 6. MED check.
119@end table
120
hasso68118452005-04-08 15:40:36 +0000121@deffn {BGP} {bgp bestpath as-path confed} {}
122This command specifies that the length of confederation path sets and
123sequences should should be taken into account during the BGP best path
124decision process.
125@end deffn
126
Alexandre Chappuis99dc8692011-09-11 16:54:11 +0400127@node BGP route flap dampening
128@subsection BGP route flap dampening
129
130@deffn {BGP} {bgp dampening @var{<1-45>} @var{<1-20000>} @var{<1-20000>} @var{<1-255>}} {}
131This command enables BGP route-flap dampening and specifies dampening parameters.
132
133@table @asis
134@item @asis{half-life}
135Half-life time for the penalty
136@item @asis{reuse-threshold}
137Value to start reusing a route
138@item @asis{suppress-threshold}
139Value to start suppressing a route
140@item @asis{max-suppress}
141Maximum duration to suppress a stable route
142@end table
143
144The route-flap damping algorithm is compatible with @cite{RFC2439}. The use of this command
145is not recommended nowadays, see @uref{http://www.ripe.net/ripe/docs/ripe-378,,RIPE-378}.
146@end deffn
147
paul76b89b42004-11-06 17:13:09 +0000148@node BGP network
paul718e3742002-12-13 20:15:29 +0000149@section BGP network
150
151@menu
152* BGP route::
153* Route Aggregation::
154* Redistribute to BGP::
155@end menu
156
paul76b89b42004-11-06 17:13:09 +0000157@node BGP route
paul718e3742002-12-13 20:15:29 +0000158@subsection BGP route
159
160@deffn {BGP} {network @var{A.B.C.D/M}} {}
161This command adds the announcement network.
162@example
163@group
164router bgp 1
165 network 10.0.0.0/8
166@end group
167@end example
168This configuration example says that network 10.0.0.0/8 will be
169announced to all neighbors. Some vendors' routers don't advertise
Paul Jakma41367172007-08-06 15:24:51 +0000170routes if they aren't present in their IGP routing tables; @code{bgpd}
paul718e3742002-12-13 20:15:29 +0000171doesn't care about IGP routes when announcing its routes.
172@end deffn
173
174@deffn {BGP} {no network @var{A.B.C.D/M}} {}
175@end deffn
176
paul76b89b42004-11-06 17:13:09 +0000177@node Route Aggregation
paul718e3742002-12-13 20:15:29 +0000178@subsection Route Aggregation
179
180@deffn {BGP} {aggregate-address @var{A.B.C.D/M}} {}
181This command specifies an aggregate address.
182@end deffn
183
184@deffn {BGP} {aggregate-address @var{A.B.C.D/M} as-set} {}
185This command specifies an aggregate address. Resulting routes inlucde
186AS set.
187@end deffn
188
189@deffn {BGP} {aggregate-address @var{A.B.C.D/M} summary-only} {}
190This command specifies an aggregate address. Aggreated routes will
191not be announce.
192@end deffn
193
194@deffn {BGP} {no aggregate-address @var{A.B.C.D/M}} {}
195@end deffn
196
paul76b89b42004-11-06 17:13:09 +0000197@node Redistribute to BGP
paul718e3742002-12-13 20:15:29 +0000198@subsection Redistribute to BGP
199
200@deffn {BGP} {redistribute kernel} {}
201Redistribute kernel route to BGP process.
202@end deffn
203
204@deffn {BGP} {redistribute static} {}
205Redistribute static route to BGP process.
206@end deffn
207
208@deffn {BGP} {redistribute connected} {}
209Redistribute connected route to BGP process.
210@end deffn
211
212@deffn {BGP} {redistribute rip} {}
213Redistribute RIP route to BGP process.
214@end deffn
215
216@deffn {BGP} {redistribute ospf} {}
217Redistribute OSPF route to BGP process.
218@end deffn
219
paul76b89b42004-11-06 17:13:09 +0000220@node BGP Peer
paul718e3742002-12-13 20:15:29 +0000221@section BGP Peer
222
223@menu
224* Defining Peer::
225* BGP Peer commands::
226* Peer filtering::
227@end menu
228
paul76b89b42004-11-06 17:13:09 +0000229@node Defining Peer
paul718e3742002-12-13 20:15:29 +0000230@subsection Defining Peer
231
232@deffn {BGP} {neighbor @var{peer} remote-as @var{asn}} {}
233Creates a new neighbor whose remote-as is @var{asn}. @var{peer}
234can be an IPv4 address or an IPv6 address.
235@example
236@group
237router bgp 1
238 neighbor 10.0.0.1 remote-as 2
239@end group
240@end example
241In this case my router, in AS-1, is trying to peer with AS-2 at
24210.0.0.1.
243
244This command must be the first command used when configuring a neighbor.
245If the remote-as is not specified, @command{bgpd} will complain like this:
246@example
247can't find neighbor 10.0.0.1
248@end example
249@end deffn
250
paul76b89b42004-11-06 17:13:09 +0000251@node BGP Peer commands
paul718e3742002-12-13 20:15:29 +0000252@subsection BGP Peer commands
253
254In a @code{router bgp} clause there are neighbor specific configurations
255required.
256
257@deffn {BGP} {neighbor @var{peer} shutdown} {}
258@deffnx {BGP} {no neighbor @var{peer} shutdown} {}
259Shutdown the peer. We can delete the neighbor's configuration by
260@code{no neighbor @var{peer} remote-as @var{as-number}} but all
261configuration of the neighbor will be deleted. When you want to
262preserve the configuration, but want to drop the BGP peer, use this
263syntax.
264@end deffn
265
266@deffn {BGP} {neighbor @var{peer} ebgp-multihop} {}
267@deffnx {BGP} {no neighbor @var{peer} ebgp-multihop} {}
268@end deffn
269
270@deffn {BGP} {neighbor @var{peer} description ...} {}
271@deffnx {BGP} {no neighbor @var{peer} description ...} {}
272Set description of the peer.
273@end deffn
274
275@deffn {BGP} {neighbor @var{peer} version @var{version}} {}
276Set up the neighbor's BGP version. @var{version} can be @var{4},
277@var{4+} or @var{4-}. BGP version @var{4} is the default value used for
278BGP peering. BGP version @var{4+} means that the neighbor supports
279Multiprotocol Extensions for BGP-4. BGP version @var{4-} is similar but
280the neighbor speaks the old Internet-Draft revision 00's Multiprotocol
281Extensions for BGP-4. Some routing software is still using this
282version.
283@end deffn
284
285@deffn {BGP} {neighbor @var{peer} interface @var{ifname}} {}
286@deffnx {BGP} {no neighbor @var{peer} interface @var{ifname}} {}
Paul Jakma825cd492006-05-23 22:20:34 +0000287When you connect to a BGP peer over an IPv6 link-local address, you
288have to specify the @var{ifname} of the interface used for the
289connection. To specify IPv4 session addresses, see the
290@code{neighbor @var{peer} update-source} command below.
291
292This command is deprecated and may be removed in a future release. Its
293use should be avoided.
paul718e3742002-12-13 20:15:29 +0000294@end deffn
295
296@deffn {BGP} {neighbor @var{peer} next-hop-self} {}
297@deffnx {BGP} {no neighbor @var{peer} next-hop-self} {}
298This command specifies an announced route's nexthop as being equivalent
299to the address of the bgp router.
300@end deffn
301
Paul Jakma466c9652006-06-26 12:55:58 +0000302@deffn {BGP} {neighbor @var{peer} update-source @var{<ifname|address>}} {}
paul718e3742002-12-13 20:15:29 +0000303@deffnx {BGP} {no neighbor @var{peer} update-source} {}
Paul Jakma825cd492006-05-23 22:20:34 +0000304Specify the IPv4 source address to use for the @acronym{BGP} session to this
305neighbour, may be specified as either an IPv4 address directly or
306as an interface name (in which case the @command{zebra} daemon MUST be running
307in order for @command{bgpd} to be able to retrieve interface state).
308@example
309@group
310router bgp 64555
311 neighbor foo update-source 192.168.0.1
312 neighbor bar update-source lo0
313@end group
314@end example
paul718e3742002-12-13 20:15:29 +0000315@end deffn
316
317@deffn {BGP} {neighbor @var{peer} default-originate} {}
318@deffnx {BGP} {no neighbor @var{peer} default-originate} {}
319@command{bgpd}'s default is to not announce the default route (0.0.0.0/0) even it
320is in routing table. When you want to announce default routes to the
321peer, use this command.
322@end deffn
323
324@deffn {BGP} {neighbor @var{peer} port @var{port}} {}
325@deffnx {BGP} {neighbor @var{peer} port @var{port}} {}
326@end deffn
327
328@deffn {BGP} {neighbor @var{peer} send-community} {}
329@deffnx {BGP} {neighbor @var{peer} send-community} {}
330@end deffn
331
332@deffn {BGP} {neighbor @var{peer} weight @var{weight}} {}
333@deffnx {BGP} {no neighbor @var{peer} weight @var{weight}} {}
334This command specifies a default @var{weight} value for the neighbor's
335routes.
336@end deffn
337
338@deffn {BGP} {neighbor @var{peer} maximum-prefix @var{number}} {}
339@deffnx {BGP} {no neighbor @var{peer} maximum-prefix @var{number}} {}
340@end deffn
341
paul76b89b42004-11-06 17:13:09 +0000342@node Peer filtering
paul718e3742002-12-13 20:15:29 +0000343@subsection Peer filtering
344
345@deffn {BGP} {neighbor @var{peer} distribute-list @var{name} [in|out]} {}
346This command specifies a distribute-list for the peer. @var{direct} is
347@samp{in} or @samp{out}.
348@end deffn
349
350@deffn {BGP command} {neighbor @var{peer} prefix-list @var{name} [in|out]} {}
351@end deffn
352
353@deffn {BGP command} {neighbor @var{peer} filter-list @var{name} [in|out]} {}
354@end deffn
355
356@deffn {BGP} {neighbor @var{peer} route-map @var{name} [in|out]} {}
357Apply a route-map on the neighbor. @var{direct} must be @code{in} or
358@code{out}.
359@end deffn
360
361@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000362@node BGP Peer Group
paul718e3742002-12-13 20:15:29 +0000363@section BGP Peer Group
364
365@deffn {BGP} {neighbor @var{word} peer-group} {}
366This command defines a new peer group.
367@end deffn
368
369@deffn {BGP} {neighbor @var{peer} peer-group @var{word}} {}
370This command bind specific peer to peer group @var{word}.
371@end deffn
372
paul76b89b42004-11-06 17:13:09 +0000373@node BGP Address Family
paul718e3742002-12-13 20:15:29 +0000374@section BGP Address Family
375
paul718e3742002-12-13 20:15:29 +0000376@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000377@node Autonomous System
paul718e3742002-12-13 20:15:29 +0000378@section Autonomous System
379
paulaa5943f2005-11-04 21:53:59 +0000380The @acronym{AS,Autonomous System} number is one of the essential
381element of BGP. BGP is a distance vector routing protocol, and the
382AS-Path framework provides distance vector metric and loop detection to
383BGP. @cite{RFC1930, Guidelines for creation, selection, and
384registration of an Autonomous System (AS)} provides some background on
385the concepts of an AS.
paul718e3742002-12-13 20:15:29 +0000386
paulaa5943f2005-11-04 21:53:59 +0000387The AS number is a two octet value, ranging in value from 1 to 65535.
388The AS numbers 64512 through 65535 are defined as private AS numbers.
389Private AS numbers must not to be advertised in the global Internet.
paul718e3742002-12-13 20:15:29 +0000390
391@menu
392* AS Path Regular Expression::
393* Display BGP Routes by AS Path::
394* AS Path Access List::
395* Using AS Path in Route Map::
396* Private AS Numbers::
397@end menu
398
paul76b89b42004-11-06 17:13:09 +0000399@node AS Path Regular Expression
paul718e3742002-12-13 20:15:29 +0000400@subsection AS Path Regular Expression
401
paulaa5943f2005-11-04 21:53:59 +0000402AS path regular expression can be used for displaying BGP routes and
paul718e3742002-12-13 20:15:29 +0000403AS path access list. AS path regular expression is based on
404@code{POSIX 1003.2} regular expressions. Following description is
405just a subset of @code{POSIX} regular expression. User can use full
406@code{POSIX} regular expression. Adding to that special character '_'
407is added for AS path regular expression.
408
409@table @code
410@item .
411Matches any single character.
412@item *
413Matches 0 or more occurrences of pattern.
414@item +
415Matches 1 or more occurrences of pattern.
416@item ?
417Match 0 or 1 occurrences of pattern.
418@item ^
419Matches the beginning of the line.
420@item $
421Matches the end of the line.
422@item _
423Character @code{_} has special meanings in AS path regular expression.
424It matches to space and comma , and AS set delimiter @{ and @} and AS
425confederation delimiter @code{(} and @code{)}. And it also matches to
426the beginning of the line and the end of the line. So @code{_} can be
427used for AS value boundaries match. @code{show ip bgp regexp _7675_}
428matches to all of BGP routes which as AS number include @var{7675}.
429@end table
430
paul76b89b42004-11-06 17:13:09 +0000431@node Display BGP Routes by AS Path
paul718e3742002-12-13 20:15:29 +0000432@subsection Display BGP Routes by AS Path
433
paulaa5943f2005-11-04 21:53:59 +0000434To show BGP routes which has specific AS path information @code{show
paul718e3742002-12-13 20:15:29 +0000435ip bgp} command can be used.
436
437@deffn Command {show ip bgp regexp @var{line}} {}
438This commands display BGP routes that matches AS path regular
439expression @var{line}.
440@end deffn
441
paul76b89b42004-11-06 17:13:09 +0000442@node AS Path Access List
paul718e3742002-12-13 20:15:29 +0000443@subsection AS Path Access List
444
paulaa5943f2005-11-04 21:53:59 +0000445AS path access list is user defined AS path.
paul718e3742002-12-13 20:15:29 +0000446
447@deffn {Command} {ip as-path access-list @var{word} @{permit|deny@} @var{line}} {}
448This command defines a new AS path access list.
449@end deffn
450
451@deffn {Command} {no ip as-path access-list @var{word}} {}
452@deffnx {Command} {no ip as-path access-list @var{word} @{permit|deny@} @var{line}} {}
453@end deffn
454
paul76b89b42004-11-06 17:13:09 +0000455@node Using AS Path in Route Map
paul718e3742002-12-13 20:15:29 +0000456@subsection Using AS Path in Route Map
457
458@deffn {Route Map} {match as-path @var{word}} {}
459@end deffn
460
461@deffn {Route Map} {set as-path prepend @var{as-path}} {}
462@end deffn
463
paul76b89b42004-11-06 17:13:09 +0000464@node Private AS Numbers
paul718e3742002-12-13 20:15:29 +0000465@subsection Private AS Numbers
466
paul718e3742002-12-13 20:15:29 +0000467@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000468@node BGP Communities Attribute
paul718e3742002-12-13 20:15:29 +0000469@section BGP Communities Attribute
470
paulaa5943f2005-11-04 21:53:59 +0000471BGP communities attribute is widely used for implementing policy
paul718e3742002-12-13 20:15:29 +0000472routing. Network operators can manipulate BGP communities attribute
473based on their network policy. BGP communities attribute is defined
paulaa5943f2005-11-04 21:53:59 +0000474in @cite{RFC1997, BGP Communities Attribute} and
475@cite{RFC1998, An Application of the BGP Community Attribute
paul718e3742002-12-13 20:15:29 +0000476in Multi-home Routing}. It is an optional transitive attribute,
477therefore local policy can travel through different autonomous system.
478
paulaa5943f2005-11-04 21:53:59 +0000479Communities attribute is a set of communities values. Each
paul718e3742002-12-13 20:15:29 +0000480communities value is 4 octet long. The following format is used to
481define communities value.
482
483@table @code
484@item AS:VAL
485This format represents 4 octet communities value. @code{AS} is high
486order 2 octet in digit format. @code{VAL} is low order 2 octet in
487digit format. This format is useful to define AS oriented policy
488value. For example, @code{7675:80} can be used when AS 7675 wants to
489pass local policy value 80 to neighboring peer.
490@item internet
491@code{internet} represents well-known communities value 0.
492@item no-export
493@code{no-export} represents well-known communities value @code{NO_EXPORT}@*
494@r{(0xFFFFFF01)}. All routes carry this value must not be advertised
495to outside a BGP confederation boundary. If neighboring BGP peer is
496part of BGP confederation, the peer is considered as inside a BGP
497confederation boundary, so the route will be announced to the peer.
498@item no-advertise
499@code{no-advertise} represents well-known communities value
500@code{NO_ADVERTISE}@*@r{(0xFFFFFF02)}. All routes carry this value
501must not be advertise to other BGP peers.
502@item local-AS
503@code{local-AS} represents well-known communities value
504@code{NO_EXPORT_SUBCONFED} @r{(0xFFFFFF03)}. All routes carry this
505value must not be advertised to external BGP peers. Even if the
506neighboring router is part of confederation, it is considered as
507external BGP peer, so the route will not be announced to the peer.
508@end table
509
510 When BGP communities attribute is received, duplicated communities
511value in the communities attribute is ignored and each communities
512values are sorted in numerical order.
513
514@menu
515* BGP Community Lists::
516* Numbered BGP Community Lists::
517* BGP Community in Route Map::
518* Display BGP Routes by Community::
519* Using BGP Communities Attribute::
520@end menu
521
paul76b89b42004-11-06 17:13:09 +0000522@node BGP Community Lists
paul718e3742002-12-13 20:15:29 +0000523@subsection BGP Community Lists
524
525 BGP community list is a user defined BGP communites attribute list.
526BGP community list can be used for matching or manipulating BGP
527communities attribute in updates.
528
paulaa5943f2005-11-04 21:53:59 +0000529There are two types of community list. One is standard community
paul718e3742002-12-13 20:15:29 +0000530list and another is expanded community list. Standard community list
531defines communities attribute. Expanded community list defines
532communities attribute string with regular expression. Standard
533community list is compiled into binary format when user define it.
534Standard community list will be directly compared to BGP communities
535attribute in BGP updates. Therefore the comparison is faster than
536expanded community list.
537
538@deffn Command {ip community-list standard @var{name} @{permit|deny@} @var{community}} {}
539This command defines a new standard community list. @var{community}
540is communities value. The @var{community} is compiled into community
541structure. We can define multiple community list under same name. In
542that case match will happen user defined order. Once the
543community list matches to communities attribute in BGP updates it
544return permit or deny by the community list definition. When there is
545no matched entry, deny will be returned. When @var{community} is
546empty it matches to any routes.
547@end deffn
548
549@deffn Command {ip community-list expanded @var{name} @{permit|deny@} @var{line}} {}
550This command defines a new expanded community list. @var{line} is a
551string expression of communities attribute. @var{line} can include
552regular expression to match communities attribute in BGP updates.
553@end deffn
554
555@deffn Command {no ip community-list @var{name}} {}
556@deffnx Command {no ip community-list standard @var{name}} {}
557@deffnx Command {no ip community-list expanded @var{name}} {}
558These commands delete community lists specified by @var{name}. All of
559community lists shares a single name space. So community lists can be
560removed simpley specifying community lists name.
561@end deffn
562
563@deffn {Command} {show ip community-list} {}
564@deffnx {Command} {show ip community-list @var{name}} {}
565This command display current community list information. When
566@var{name} is specified the specified community list's information is
567shown.
568
569@example
570# show ip community-list
571Named Community standard list CLIST
572 permit 7675:80 7675:100 no-export
573 deny internet
574Named Community expanded list EXPAND
575 permit :
576
577# show ip community-list CLIST
578Named Community standard list CLIST
579 permit 7675:80 7675:100 no-export
580 deny internet
581@end example
582@end deffn
583
paul76b89b42004-11-06 17:13:09 +0000584@node Numbered BGP Community Lists
paul718e3742002-12-13 20:15:29 +0000585@subsection Numbered BGP Community Lists
586
paulaa5943f2005-11-04 21:53:59 +0000587When number is used for BGP community list name, the number has
paul718e3742002-12-13 20:15:29 +0000588special meanings. Community list number in the range from 1 and 99 is
589standard community list. Community list number in the range from 100
590to 199 is expanded community list. These community lists are called
591as numbered community lists. On the other hand normal community lists
592is called as named community lists.
593
594@deffn Command {ip community-list <1-99> @{permit|deny@} @var{community}} {}
595This command defines a new community list. <1-99> is standard
596community list number. Community list name within this range defines
597standard community list. When @var{community} is empty it matches to
598any routes.
599@end deffn
600
601@deffn Command {ip community-list <100-199> @{permit|deny@} @var{community}} {}
602This command defines a new community list. <100-199> is expanded
603community list number. Community list name within this range defines
604expanded community list.
605@end deffn
606
607@deffn Command {ip community-list @var{name} @{permit|deny@} @var{community}} {}
608When community list type is not specifed, the community list type is
609automatically detected. If @var{community} can be compiled into
610communities attribute, the community list is defined as a standard
611community list. Otherwise it is defined as an expanded community
612list. This feature is left for backward compability. Use of this
613feature is not recommended.
614@end deffn
615
paul76b89b42004-11-06 17:13:09 +0000616@node BGP Community in Route Map
paul718e3742002-12-13 20:15:29 +0000617@subsection BGP Community in Route Map
618
paulaa5943f2005-11-04 21:53:59 +0000619In Route Map (@pxref{Route Map}), we can match or set BGP
paul718e3742002-12-13 20:15:29 +0000620communities attribute. Using this feature network operator can
621implement their network policy based on BGP communities attribute.
622
paulaa5943f2005-11-04 21:53:59 +0000623Following commands can be used in Route Map.
paul718e3742002-12-13 20:15:29 +0000624
625@deffn {Route Map} {match community @var{word}} {}
626@deffnx {Route Map} {match community @var{word} exact-match} {}
627This command perform match to BGP updates using community list
628@var{word}. When the one of BGP communities value match to the one of
629communities value in community list, it is match. When
630@code{exact-match} keyword is spcified, match happen only when BGP
631updates have completely same communities value specified in the
632community list.
633@end deffn
634
635@deffn {Route Map} {set community none} {}
636@deffnx {Route Map} {set community @var{community}} {}
637@deffnx {Route Map} {set community @var{community} additive} {}
638This command manipulate communities value in BGP updates. When
639@code{none} is specified as communities value, it removes entire
640communities attribute from BGP updates. When @var{community} is not
641@code{none}, specified communities value is set to BGP updates. If
642BGP updates already has BGP communities value, the existing BGP
643communities value is replaced with specified @var{community} value.
644When @code{additive} keyword is specified, @var{community} is appended
645to the existing communities value.
646@end deffn
647
648@deffn {Route Map} {set comm-list @var{word} delete} {}
649This command remove communities value from BGP communities attribute.
650The @var{word} is community list name. When BGP route's communities
651value matches to the community list @var{word}, the communities value
652is removed. When all of communities value is removed eventually, the
653BGP update's communities attribute is completely removed.
654@end deffn
655
paul76b89b42004-11-06 17:13:09 +0000656@node Display BGP Routes by Community
paul718e3742002-12-13 20:15:29 +0000657@subsection Display BGP Routes by Community
658
paulaa5943f2005-11-04 21:53:59 +0000659To show BGP routes which has specific BGP communities attribute,
paul718e3742002-12-13 20:15:29 +0000660@code{show ip bgp} command can be used. The @var{community} value and
661community list can be used for @code{show ip bgp} command.
662
663@deffn Command {show ip bgp community} {}
664@deffnx Command {show ip bgp community @var{community}} {}
665@deffnx Command {show ip bgp community @var{community} exact-match} {}
666@code{show ip bgp community} displays BGP routes which has communities
667attribute. When @var{community} is specified, BGP routes that matches
668@var{community} value is displayed. For this command, @code{internet}
669keyword can't be used for @var{community} value. When
670@code{exact-match} is specified, it display only routes that have an
671exact match.
672@end deffn
673
674@deffn Command {show ip bgp community-list @var{word}} {}
675@deffnx Command {show ip bgp community-list @var{word} exact-match} {}
676This commands display BGP routes that matches community list
677@var{word}. When @code{exact-match} is specified, display only routes
678that have an exact match.
679@end deffn
680
paul76b89b42004-11-06 17:13:09 +0000681@node Using BGP Communities Attribute
paul718e3742002-12-13 20:15:29 +0000682@subsection Using BGP Communities Attribute
683
paulaa5943f2005-11-04 21:53:59 +0000684Following configuration is the most typical usage of BGP communities
paul718e3742002-12-13 20:15:29 +0000685attribute. AS 7675 provides upstream Internet connection to AS 100.
686When following configuration exists in AS 7675, AS 100 networks
687operator can set local preference in AS 7675 network by setting BGP
688communities attribute to the updates.
689
690@example
691router bgp 7675
692 neighbor 192.168.0.1 remote-as 100
693 neighbor 192.168.0.1 route-map RMAP in
694!
695ip community-list 70 permit 7675:70
696ip community-list 70 deny
697ip community-list 80 permit 7675:80
698ip community-list 80 deny
699ip community-list 90 permit 7675:90
700ip community-list 90 deny
701!
702route-map RMAP permit 10
703 match community 70
704 set local-preference 70
705!
706route-map RMAP permit 20
707 match community 80
708 set local-preference 80
709!
710route-map RMAP permit 30
711 match community 90
712 set local-preference 90
713@end example
714
paulaa5943f2005-11-04 21:53:59 +0000715Following configuration announce 10.0.0.0/8 from AS 100 to AS 7675.
paul718e3742002-12-13 20:15:29 +0000716The route has communities value 7675:80 so when above configuration
717exists in AS 7675, announced route's local preference will be set to
718value 80.
719
720@example
721router bgp 100
722 network 10.0.0.0/8
723 neighbor 192.168.0.2 remote-as 7675
724 neighbor 192.168.0.2 route-map RMAP out
725!
726ip prefix-list PLIST permit 10.0.0.0/8
727!
728route-map RMAP permit 10
729 match ip address prefix-list PLIST
730 set community 7675:80
731@end example
732
paulaa5943f2005-11-04 21:53:59 +0000733Following configuration is an example of BGP route filtering using
paul718e3742002-12-13 20:15:29 +0000734communities attribute. This configuration only permit BGP routes
735which has BGP communities value 0:80 or 0:90. Network operator can
736put special internal communities value at BGP border router, then
737limit the BGP routes announcement into the internal network.
738
739@example
740router bgp 7675
741 neighbor 192.168.0.1 remote-as 100
742 neighbor 192.168.0.1 route-map RMAP in
743!
744ip community-list 1 permit 0:80 0:90
745!
746route-map RMAP permit in
747 match community 1
748@end example
749
paulaa5943f2005-11-04 21:53:59 +0000750Following exmaple filter BGP routes which has communities value 1:1.
paul718e3742002-12-13 20:15:29 +0000751When there is no match community-list returns deny. To avoid
752filtering all of routes, we need to define permit any at last.
753
754@example
755router bgp 7675
756 neighbor 192.168.0.1 remote-as 100
757 neighbor 192.168.0.1 route-map RMAP in
758!
759ip community-list standard FILTER deny 1:1
760ip community-list standard FILTER permit
761!
762route-map RMAP permit 10
763 match community FILTER
764@end example
765
paulaa5943f2005-11-04 21:53:59 +0000766Communities value keyword @code{internet} has special meanings in
paul718e3742002-12-13 20:15:29 +0000767standard community lists. In below example @code{internet} act as
768match any. It matches all of BGP routes even if the route does not
769have communities attribute at all. So community list @code{INTERNET}
770is same as above example's @code{FILTER}.
771
772@example
773ip community-list standard INTERNET deny 1:1
774ip community-list standard INTERNET permit internet
775@end example
776
paulaa5943f2005-11-04 21:53:59 +0000777Following configuration is an example of communities value deletion.
paul718e3742002-12-13 20:15:29 +0000778With this configuration communities value 100:1 and 100:2 is removed
779from BGP updates. For communities value deletion, only @code{permit}
780community-list is used. @code{deny} community-list is ignored.
781
782@example
783router bgp 7675
784 neighbor 192.168.0.1 remote-as 100
785 neighbor 192.168.0.1 route-map RMAP in
786!
787ip community-list standard DEL permit 100:1 100:2
788!
789route-map RMAP permit 10
790 set comm-list DEL delete
791@end example
792
793@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000794@node BGP Extended Communities Attribute
paul718e3742002-12-13 20:15:29 +0000795@section BGP Extended Communities Attribute
796
paulaa5943f2005-11-04 21:53:59 +0000797BGP extended communities attribute is introduced with MPLS VPN/BGP
paul718e3742002-12-13 20:15:29 +0000798technology. MPLS VPN/BGP expands capability of network infrastructure
799to provide VPN functionality. At the same time it requires a new
800framework for policy routing. With BGP Extended Communities Attribute
801we can use Route Target or Site of Origin for implementing network
802policy for MPLS VPN/BGP.
803
paulaa5943f2005-11-04 21:53:59 +0000804BGP Extended Communities Attribute is similar to BGP Communities
paul718e3742002-12-13 20:15:29 +0000805Attribute. It is an optional transitive attribute. BGP Extended
806Communities Attribute can carry multiple Extended Community value.
807Each Extended Community value is eight octet length.
808
paulaa5943f2005-11-04 21:53:59 +0000809BGP Extended Communities Attribute provides an extended range
paul718e3742002-12-13 20:15:29 +0000810compared with BGP Communities Attribute. Adding to that there is a
811type field in each value to provides community space structure.
812
paulaa5943f2005-11-04 21:53:59 +0000813There are two format to define Extended Community value. One is AS
paul718e3742002-12-13 20:15:29 +0000814based format the other is IP address based format.
815
816@table @code
817@item AS:VAL
818This is a format to define AS based Extended Community value.
819@code{AS} part is 2 octets Global Administrator subfield in Extended
820Community value. @code{VAL} part is 4 octets Local Administrator
821subfield. @code{7675:100} represents AS 7675 policy value 100.
822@item IP-Address:VAL
823This is a format to define IP address based Extended Community value.
824@code{IP-Address} part is 4 octets Global Administrator subfield.
825@code{VAL} part is 2 octets Local Administrator subfield.
826@code{10.0.0.1:100} represents
827@end table
828
829@menu
830* BGP Extended Community Lists::
831* BGP Extended Communities in Route Map::
832@end menu
833
paul76b89b42004-11-06 17:13:09 +0000834@node BGP Extended Community Lists
paul718e3742002-12-13 20:15:29 +0000835@subsection BGP Extended Community Lists
836
paulaa5943f2005-11-04 21:53:59 +0000837Expanded Community Lists is a user defined BGP Expanded Community
paul718e3742002-12-13 20:15:29 +0000838Lists.
839
840@deffn Command {ip extcommunity-list standard @var{name} @{permit|deny@} @var{extcommunity}} {}
841This command defines a new standard extcommunity-list.
842@var{extcommunity} is extended communities value. The
843@var{extcommunity} is compiled into extended community structure. We
844can define multiple extcommunity-list under same name. In that case
845match will happen user defined order. Once the extcommunity-list
846matches to extended communities attribute in BGP updates it return
847permit or deny based upon the extcommunity-list definition. When
848there is no matched entry, deny will be returned. When
849@var{extcommunity} is empty it matches to any routes.
850@end deffn
851
852@deffn Command {ip extcommunity-list expanded @var{name} @{permit|deny@} @var{line}} {}
853This command defines a new expanded extcommunity-list. @var{line} is
854a string expression of extended communities attribute. @var{line} can
855include regular expression to match extended communities attribute in
856BGP updates.
857@end deffn
858
859@deffn Command {no ip extcommunity-list @var{name}} {}
860@deffnx Command {no ip extcommunity-list standard @var{name}} {}
861@deffnx Command {no ip extcommunity-list expanded @var{name}} {}
862These commands delete extended community lists specified by
863@var{name}. All of extended community lists shares a single name
864space. So extended community lists can be removed simpley specifying
865the name.
866@end deffn
867
868@deffn {Command} {show ip extcommunity-list} {}
869@deffnx {Command} {show ip extcommunity-list @var{name}} {}
870This command display current extcommunity-list information. When
871@var{name} is specified the community list's information is shown.
872
873@example
874# show ip extcommunity-list
875@end example
876@end deffn
877
paul76b89b42004-11-06 17:13:09 +0000878@node BGP Extended Communities in Route Map
paul718e3742002-12-13 20:15:29 +0000879@subsection BGP Extended Communities in Route Map
880
881@deffn {Route Map} {match extcommunity @var{word}} {}
882@end deffn
883
884@deffn {Route Map} {set extcommunity rt @var{extcommunity}} {}
885This command set Route Target value.
886@end deffn
887
888@deffn {Route Map} {set extcommunity soo @var{extcommunity}} {}
889This command set Site of Origin value.
890@end deffn
891
892@c -----------------------------------------------------------------------
paul76b89b42004-11-06 17:13:09 +0000893@node Displaying BGP routes
paul718e3742002-12-13 20:15:29 +0000894@section Displaying BGP Routes
895
896@menu
897* Show IP BGP::
898* More Show IP BGP::
899@end menu
900
paul76b89b42004-11-06 17:13:09 +0000901@node Show IP BGP
paul718e3742002-12-13 20:15:29 +0000902@subsection Show IP BGP
903
904@deffn {Command} {show ip bgp} {}
905@deffnx {Command} {show ip bgp @var{A.B.C.D}} {}
906@deffnx {Command} {show ip bgp @var{X:X::X:X}} {}
907This command displays BGP routes. When no route is specified it
908display all of IPv4 BGP routes.
909@end deffn
910
911@example
912BGP table version is 0, local router ID is 10.1.1.1
913Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
914Origin codes: i - IGP, e - EGP, ? - incomplete
915
916 Network Next Hop Metric LocPrf Weight Path
917*> 1.1.1.1/32 0.0.0.0 0 32768 i
918
919Total number of prefixes 1
920@end example
921
paul76b89b42004-11-06 17:13:09 +0000922@node More Show IP BGP
paul718e3742002-12-13 20:15:29 +0000923@subsection More Show IP BGP
924
925@deffn {Command} {show ip bgp regexp @var{line}} {}
926This command display BGP routes using AS path regular expression (@pxref{Display BGP Routes by AS Path}).
927@end deffn
928
929@deffn Command {show ip bgp community @var{community}} {}
930@deffnx Command {show ip bgp community @var{community} exact-match} {}
931This command display BGP routes using @var{community} (@pxref{Display
932BGP Routes by Community}).
933@end deffn
934
935@deffn Command {show ip bgp community-list @var{word}} {}
936@deffnx Command {show ip bgp community-list @var{word} exact-match} {}
937This command display BGP routes using community list (@pxref{Display
938BGP Routes by Community}).
939@end deffn
940
941@deffn {Command} {show ip bgp summary} {}
942@end deffn
943
944@deffn {Command} {show ip bgp neighbor [@var{peer}]} {}
945@end deffn
946
947@deffn {Command} {clear ip bgp @var{peer}} {}
948Clear peers which have addresses of X.X.X.X
949@end deffn
950
951@deffn {Command} {clear ip bgp @var{peer} soft in} {}
952Clear peer using soft reconfiguration.
953@end deffn
954
Alexandre Chappuis99dc8692011-09-11 16:54:11 +0400955@deffn {Command} {show ip bgp dampened-paths} {}
956Display paths suppressed due to dampening
957@end deffn
958
959@deffn {Command} {show ip bgp flap-statistics} {}
960Display flap statistics of routes
961@end deffn
962
paul718e3742002-12-13 20:15:29 +0000963@deffn {Command} {show debug} {}
964@end deffn
965
966@deffn {Command} {debug event} {}
967@end deffn
968
969@deffn {Command} {debug update} {}
970@end deffn
971
972@deffn {Command} {debug keepalive} {}
973@end deffn
974
975@deffn {Command} {no debug event} {}
976@end deffn
977
978@deffn {Command} {no debug update} {}
979@end deffn
980
981@deffn {Command} {no debug keepalive} {}
982@end deffn
983
paul76b89b42004-11-06 17:13:09 +0000984@node Capability Negotiation
paul718e3742002-12-13 20:15:29 +0000985@section Capability Negotiation
986
paulaa5943f2005-11-04 21:53:59 +0000987When adding IPv6 routing information exchange feature to BGP. There
988were some proposals. @acronym{IETF,Internet Engineering Task Force}
989@acronym{IDR, Inter Domain Routing} @acronym{WG, Working group} adopted
990a proposal called Multiprotocol Extension for BGP. The specification
991is described in @cite{RFC2283}. The protocol does not define new protocols.
992It defines new attributes to existing BGP. When it is used exchanging
993IPv6 routing information it is called BGP-4+. When it is used for
994exchanging multicast routing information it is called MBGP.
paul718e3742002-12-13 20:15:29 +0000995
paulaa5943f2005-11-04 21:53:59 +0000996@command{bgpd} supports Multiprotocol Extension for BGP. So if remote
997peer supports the protocol, @command{bgpd} can exchange IPv6 and/or
998multicast routing information.
paul718e3742002-12-13 20:15:29 +0000999
paulaa5943f2005-11-04 21:53:59 +00001000Traditional BGP did not have the feature to detect remote peer's
1001capabilities, e.g. whether it can handle prefix types other than IPv4
1002unicast routes. This was a big problem using Multiprotocol Extension
1003for BGP to operational network. @cite{RFC2842, Capabilities
1004Advertisement with BGP-4} adopted a feature called Capability
1005Negotiation. @command{bgpd} use this Capability Negotiation to detect
1006the remote peer's capabilities. If the peer is only configured as IPv4
1007unicast neighbor, @command{bgpd} does not send these Capability
1008Negotiation packets (at least not unless other optional BGP features
1009require capability negotation).
paul718e3742002-12-13 20:15:29 +00001010
paulaa5943f2005-11-04 21:53:59 +00001011By default, Quagga will bring up peering with minimal common capability
1012for the both sides. For example, local router has unicast and
1013multicast capabilitie and remote router has unicast capability. In
1014this case, the local router will establish the connection with unicast
1015only capability. When there are no common capabilities, Quagga sends
1016Unsupported Capability error and then resets the connection.
paul718e3742002-12-13 20:15:29 +00001017
paulaa5943f2005-11-04 21:53:59 +00001018If you want to completely match capabilities with remote peer. Please
paul718e3742002-12-13 20:15:29 +00001019use @command{strict-capability-match} command.
1020
1021@deffn {BGP} {neighbor @var{peer} strict-capability-match} {}
1022@deffnx {BGP} {no neighbor @var{peer} strict-capability-match} {}
1023Strictly compares remote capabilities and local capabilities. If capabilities
1024are different, send Unsupported Capability error then reset connection.
1025@end deffn
1026
paulaa5943f2005-11-04 21:53:59 +00001027You may want to disable sending Capability Negotiation OPEN message
paul718e3742002-12-13 20:15:29 +00001028optional parameter to the peer when remote peer does not implement
1029Capability Negotiation. Please use @command{dont-capability-negotiate}
1030command to disable the feature.
1031
1032@deffn {BGP} {neighbor @var{peer} dont-capability-negotiate} {}
1033@deffnx {BGP} {no neighbor @var{peer} dont-capability-negotiate} {}
1034Suppress sending Capability Negotiation as OPEN message optional
1035parameter to the peer. This command only affects the peer is configured
1036other than IPv4 unicast configuration.
1037@end deffn
1038
paulaa5943f2005-11-04 21:53:59 +00001039When remote peer does not have capability negotiation feature, remote
1040peer will not send any capabilities at all. In that case, bgp
1041configures the peer with configured capabilities.
paul718e3742002-12-13 20:15:29 +00001042
paulaa5943f2005-11-04 21:53:59 +00001043You may prefer locally configured capabilities more than the negotiated
1044capabilities even though remote peer sends capabilities. If the peer
1045is configured by @command{override-capability}, @command{bgpd} ignores
1046received capabilities then override negotiated capabilities with
1047configured values.
paul718e3742002-12-13 20:15:29 +00001048
1049@deffn {BGP} {neighbor @var{peer} override-capability} {}
1050@deffnx {BGP} {no neighbor @var{peer} override-capability} {}
1051Override the result of Capability Negotiation with local configuration.
1052Ignore remote peer's capability value.
1053@end deffn
1054
paul76b89b42004-11-06 17:13:09 +00001055@node Route Reflector
paul718e3742002-12-13 20:15:29 +00001056@section Route Reflector
1057
1058@deffn {BGP} {bgp cluster-id @var{a.b.c.d}} {}
1059@end deffn
1060
1061@deffn {BGP} {neighbor @var{peer} route-reflector-client} {}
1062@deffnx {BGP} {no neighbor @var{peer} route-reflector-client} {}
1063@end deffn
1064
paul76b89b42004-11-06 17:13:09 +00001065@node Route Server
paul718e3742002-12-13 20:15:29 +00001066@section Route Server
1067
1068At an Internet Exchange point, many ISPs are connected to each other by
1069external BGP peering. Normally these external BGP connection are done by
paulaa5943f2005-11-04 21:53:59 +00001070@samp{full mesh} method. As with internal BGP full mesh formation,
paul718e3742002-12-13 20:15:29 +00001071this method has a scaling problem.
1072
1073This scaling problem is well known. Route Server is a method to resolve
1074the problem. Each ISP's BGP router only peers to Route Server. Route
1075Server serves as BGP information exchange to other BGP routers. By
1076applying this method, numbers of BGP connections is reduced from
1077O(n*(n-1)/2) to O(n).
1078
1079Unlike normal BGP router, Route Server must have several routing tables
1080for managing different routing policies for each BGP speaker. We call the
1081routing tables as different @code{view}s. @command{bgpd} can work as
1082normal BGP router or Route Server or both at the same time.
1083
1084@menu
1085* Multiple instance::
1086* BGP instance and view::
1087* Routing policy::
1088* Viewing the view::
1089@end menu
1090
paul76b89b42004-11-06 17:13:09 +00001091@node Multiple instance
paul718e3742002-12-13 20:15:29 +00001092@subsection Multiple instance
1093
1094To enable multiple view function of @code{bgpd}, you must turn on
1095multiple instance feature beforehand.
1096
1097@deffn {Command} {bgp multiple-instance} {}
1098Enable BGP multiple instance feature. After this feature is enabled,
1099you can make multiple BGP instances or multiple BGP views.
1100@end deffn
1101
1102@deffn {Command} {no bgp multiple-instance} {}
1103Disable BGP multiple instance feature. You can not disable this feature
1104when BGP multiple instances or views exist.
1105@end deffn
1106
1107When you want to make configuration more Cisco like one,
1108
1109@deffn {Command} {bgp config-type cisco} {}
1110Cisco compatible BGP configuration output.
1111@end deffn
1112
1113When bgp config-type cisco is specified,
1114
1115``no synchronization'' is displayed.
Ivan Moskalyov2b09e212010-03-11 17:14:35 +03001116``no auto-summary'' is displayed.
paul718e3742002-12-13 20:15:29 +00001117
1118``network'' and ``aggregate-address'' argument is displayed as
1119``A.B.C.D M.M.M.M''
1120
paul7190f4e2003-08-12 12:40:20 +00001121Quagga: network 10.0.0.0/8
paul718e3742002-12-13 20:15:29 +00001122Cisco: network 10.0.0.0
1123
paul7190f4e2003-08-12 12:40:20 +00001124Quagga: aggregate-address 192.168.0.0/24
paul718e3742002-12-13 20:15:29 +00001125Cisco: aggregate-address 192.168.0.0 255.255.255.0
1126
1127Community attribute handling is also different. If there is no
1128configuration is specified community attribute and extended community
1129attribute are sent to neighbor. When user manually disable the
1130feature community attribute is not sent to the neighbor. In case of
paulaa5943f2005-11-04 21:53:59 +00001131@command{bgp config-type cisco} is specified, community attribute is not
paul718e3742002-12-13 20:15:29 +00001132sent to the neighbor by default. To send community attribute user has
paulaa5943f2005-11-04 21:53:59 +00001133to specify @command{neighbor A.B.C.D send-community} command.
paul718e3742002-12-13 20:15:29 +00001134
paulaa5943f2005-11-04 21:53:59 +00001135@example
paul718e3742002-12-13 20:15:29 +00001136!
1137router bgp 1
1138 neighbor 10.0.0.1 remote-as 1
1139 no neighbor 10.0.0.1 send-community
1140!
paul718e3742002-12-13 20:15:29 +00001141router bgp 1
1142 neighbor 10.0.0.1 remote-as 1
1143 neighbor 10.0.0.1 send-community
1144!
paulaa5943f2005-11-04 21:53:59 +00001145@end example
paul718e3742002-12-13 20:15:29 +00001146
1147@deffn {Command} {bgp config-type zebra} {}
paul7190f4e2003-08-12 12:40:20 +00001148Quagga style BGP configuration. This is default.
paul718e3742002-12-13 20:15:29 +00001149@end deffn
1150
paul76b89b42004-11-06 17:13:09 +00001151@node BGP instance and view
paul718e3742002-12-13 20:15:29 +00001152@subsection BGP instance and view
1153
1154BGP instance is a normal BGP process. The result of route selection
1155goes to the kernel routing table. You can setup different AS at the
1156same time when BGP multiple instance feature is enabled.
1157
1158@deffn {Command} {router bgp @var{as-number}} {}
1159Make a new BGP instance. You can use arbitrary word for the @var{name}.
1160@end deffn
1161
1162@example
1163@group
1164bgp multiple-instance
1165!
1166router bgp 1
1167 neighbor 10.0.0.1 remote-as 2
1168 neighbor 10.0.0.2 remote-as 3
1169!
1170router bgp 2
1171 neighbor 10.0.0.3 remote-as 4
1172 neighbor 10.0.0.4 remote-as 5
1173@end group
1174@end example
1175
1176BGP view is almost same as normal BGP process. The result of
1177route selection does not go to the kernel routing table. BGP view is
1178only for exchanging BGP routing information.
1179
1180@deffn {Command} {router bgp @var{as-number} view @var{name}} {}
1181Make a new BGP view. You can use arbitrary word for the @var{name}. This
1182view's route selection result does not go to the kernel routing table.
1183@end deffn
1184
1185With this command, you can setup Route Server like below.
1186
1187@example
1188@group
1189bgp multiple-instance
1190!
1191router bgp 1 view 1
1192 neighbor 10.0.0.1 remote-as 2
1193 neighbor 10.0.0.2 remote-as 3
1194!
1195router bgp 2 view 2
1196 neighbor 10.0.0.3 remote-as 4
1197 neighbor 10.0.0.4 remote-as 5
1198@end group
1199@end example
1200
paul76b89b42004-11-06 17:13:09 +00001201@node Routing policy
paul718e3742002-12-13 20:15:29 +00001202@subsection Routing policy
1203
1204You can set different routing policy for a peer. For example, you can
1205set different filter for a peer.
1206
1207@example
1208@group
1209bgp multiple-instance
1210!
1211router bgp 1 view 1
1212 neighbor 10.0.0.1 remote-as 2
1213 neighbor 10.0.0.1 distribute-list 1 in
1214!
1215router bgp 1 view 2
1216 neighbor 10.0.0.1 remote-as 2
1217 neighbor 10.0.0.1 distribute-list 2 in
1218@end group
1219@end example
1220
1221This means BGP update from a peer 10.0.0.1 goes to both BGP view 1 and view
12222. When the update is inserted into view 1, distribute-list 1 is
1223applied. On the other hand, when the update is inserted into view 2,
1224distribute-list 2 is applied.
1225
paul76b89b42004-11-06 17:13:09 +00001226@node Viewing the view
paul718e3742002-12-13 20:15:29 +00001227@subsection Viewing the view
1228
1229To display routing table of BGP view, you must specify view name.
1230
1231@deffn {Command} {show ip bgp view @var{name}} {}
1232Display routing table of BGP view @var{name}.
1233@end deffn
1234
paul76b89b42004-11-06 17:13:09 +00001235@node How to set up a 6-Bone connection
paul718e3742002-12-13 20:15:29 +00001236@section How to set up a 6-Bone connection
1237
paul6a22b1f2004-11-07 19:39:13 +00001238
paul718e3742002-12-13 20:15:29 +00001239@example
1240@group
1241zebra configuration
1242===================
1243!
1244! Actually there is no need to configure zebra
1245!
1246
1247bgpd configuration
1248==================
1249!
1250! This means that routes go through zebra and into the kernel.
1251!
1252router zebra
1253!
1254! MP-BGP configuration
1255!
1256router bgp 7675
1257 bgp router-id 10.0.0.1
1258 neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 remote-as @var{as-number}
1259!
1260 address-family ipv6
1261 network 3ffe:506::/32
1262 neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 activate
1263 neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 route-map set-nexthop out
1264 neighbor 3ffe:1cfa:0:2:2c0:4fff:fe68:a231 remote-as @var{as-number}
1265 neighbor 3ffe:1cfa:0:2:2c0:4fff:fe68:a231 route-map set-nexthop out
1266 exit-address-family
1267!
1268ipv6 access-list all permit any
1269!
1270! Set output nexthop address.
1271!
1272route-map set-nexthop permit 10
1273 match ipv6 address all
1274 set ipv6 nexthop global 3ffe:1cfa:0:2:2c0:4fff:fe68:a225
1275 set ipv6 nexthop local fe80::2c0:4fff:fe68:a225
1276!
1277! logfile FILENAME is obsolete. Please use log file FILENAME
paul7190f4e2003-08-12 12:40:20 +00001278
paul718e3742002-12-13 20:15:29 +00001279log file bgpd.log
1280!
1281@end group
1282@end example
1283
paul76b89b42004-11-06 17:13:09 +00001284@node Dump BGP packets and table
paul718e3742002-12-13 20:15:29 +00001285@section Dump BGP packets and table
1286
1287@deffn Command {dump bgp all @var{path}} {}
1288@deffnx Command {dump bgp all @var{path} @var{interval}} {}
1289Dump all BGP packet and events to @var{path} file.
1290@end deffn
1291
1292@deffn Command {dump bgp updates @var{path}} {}
1293@deffnx Command {dump bgp updates @var{path} @var{interval}} {}
1294Dump BGP updates to @var{path} file.
1295@end deffn
1296
1297@deffn Command {dump bgp routes @var{path}} {}
1298@deffnx Command {dump bgp routes @var{path}} {}
1299Dump whole BGP routing table to @var{path}. This is heavy process.
1300@end deffn
paulaa5943f2005-11-04 21:53:59 +00001301
1302@node BGP Configuration Examples
1303@section BGP Configuration Examples
1304
1305Example of a session to an upstream, advertising only one prefix to it.
1306
1307@example
1308router bgp 64512
1309 bgp router-id 10.236.87.1
1310 network 10.236.87.0/24
1311 neighbor upstream peer-group
1312 neighbor upstream remote-as 64515
1313 neighbor upstream capability dynamic
1314 neighbor upstream prefix-list pl-allowed-adv out
1315 neighbor 10.1.1.1 peer-group upstream
1316 neighbor 10.1.1.1 description ACME ISP
1317!
1318ip prefix-list pl-allowed-adv seq 5 permit 82.195.133.0/25
1319ip prefix-list pl-allowed-adv seq 10 deny any
1320
1321@end example
1322
1323A more complex example. With upstream, peer and customer sessions.
1324Advertising global prefixes and NO_EXPORT prefixes and providing
1325actions for customer routes based on community values. Extensive use of
1326route-maps and the 'call' feature to support selective advertising of
1327prefixes. This example is intended as guidance only, it has NOT been
1328tested and almost certainly containts silly mistakes, if not serious
1329flaws.
1330
1331@example
1332router bgp 64512
1333 bgp router-id 10.236.87.1
1334 network 10.123.456.0/24
1335 network 10.123.456.128/25 route-map rm-no-export
1336 neighbor upstream capability dynamic
1337 neighbor upstream route-map rm-upstream-out out
1338 neighbor cust capability dynamic
1339 neighbor cust route-map rm-cust-in in
1340 neighbor cust route-map rm-cust-out out
1341 neighbor cust send-community both
1342 neighbor peer capability dynamic
1343 neighbor peer route-map rm-peer-in in
1344 neighbor peer route-map rm-peer-out out
1345 neighbor peer send-community both
1346 neighbor 10.1.1.1 remote-as 64515
1347 neighbor 10.1.1.1 peer-group upstream
1348 neighbor 10.2.1.1 remote-as 64516
1349 neighbor 10.2.1.1 peer-group upstream
1350 neighbor 10.3.1.1 remote-as 64517
1351 neighbor 10.3.1.1 peer-group cust-default
1352 neighbor 10.3.1.1 description customer1
1353 neighbor 10.3.1.1 prefix-list pl-cust1-network in
1354 neighbor 10.4.1.1 remote-as 64518
1355 neighbor 10.4.1.1 peer-group cust
1356 neighbor 10.4.1.1 prefix-list pl-cust2-network in
1357 neighbor 10.4.1.1 description customer2
1358 neighbor 10.5.1.1 remote-as 64519
1359 neighbor 10.5.1.1 peer-group peer
1360 neighbor 10.5.1.1 prefix-list pl-peer1-network in
1361 neighbor 10.5.1.1 description peer AS 1
1362 neighbor 10.6.1.1 remote-as 64520
1363 neighbor 10.6.1.1 peer-group peer
1364 neighbor 10.6.1.1 prefix-list pl-peer2-network in
1365 neighbor 10.6.1.1 description peer AS 2
1366!
1367ip prefix-list pl-default permit 0.0.0.0/0
1368!
1369ip prefix-list pl-upstream-peers permit 10.1.1.1/32
1370ip prefix-list pl-upstream-peers permit 10.2.1.1/32
1371!
1372ip prefix-list pl-cust1-network permit 10.3.1.0/24
1373ip prefix-list pl-cust1-network permit 10.3.2.0/24
1374!
1375ip prefix-list pl-cust2-network permit 10.4.1.0/24
1376!
1377ip prefix-list pl-peer1-network permit 10.5.1.0/24
1378ip prefix-list pl-peer1-network permit 10.5.2.0/24
1379ip prefix-list pl-peer1-network permit 192.168.0.0/24
1380!
1381ip prefix-list pl-peer2-network permit 10.6.1.0/24
1382ip prefix-list pl-peer2-network permit 10.6.2.0/24
1383ip prefix-list pl-peer2-network permit 192.168.1.0/24
1384ip prefix-list pl-peer2-network permit 192.168.2.0/24
1385ip prefix-list pl-peer2-network permit 172.16.1/24
1386!
1387ip as-path access-list asp-own-as permit ^$
1388ip as-path access-list asp-own-as permit _64512_
1389!
1390! #################################################################
1391! Match communities we provide actions for, on routes receives from
1392! customers. Communities values of <our-ASN>:X, with X, have actions:
1393!
1394! 100 - blackhole the prefix
1395! 200 - set no_export
1396! 300 - advertise only to other customers
1397! 400 - advertise only to upstreams
1398! 500 - set no_export when advertising to upstreams
1399! 2X00 - set local_preference to X00
1400!
1401! blackhole the prefix of the route
1402ip community-list standard cm-blackhole permit 64512:100
1403!
1404! set no-export community before advertising
1405ip community-list standard cm-set-no-export permit 64512:200
1406!
1407! advertise only to other customers
1408ip community-list standard cm-cust-only permit 64512:300
1409!
1410! advertise only to upstreams
1411ip community-list standard cm-upstream-only permit 64512:400
1412!
1413! advertise to upstreams with no-export
1414ip community-list standard cm-upstream-noexport permit 64512:500
1415!
1416! set local-pref to least significant 3 digits of the community
1417ip community-list standard cm-prefmod-100 permit 64512:2100
1418ip community-list standard cm-prefmod-200 permit 64512:2200
1419ip community-list standard cm-prefmod-300 permit 64512:2300
1420ip community-list standard cm-prefmod-400 permit 64512:2400
1421ip community-list expanded cme-prefmod-range permit 64512:2...
1422!
1423! Informational communities
1424!
1425! 3000 - learned from upstream
1426! 3100 - learned from customer
1427! 3200 - learned from peer
1428!
1429ip community-list standard cm-learnt-upstream permit 64512:3000
1430ip community-list standard cm-learnt-cust permit 64512:3100
1431ip community-list standard cm-learnt-peer permit 64512:3200
1432!
1433! ###################################################################
1434! Utility route-maps
1435!
1436! These utility route-maps generally should not used to permit/deny
1437! routes, i.e. they do not have meaning as filters, and hence probably
1438! should be used with 'on-match next'. These all finish with an empty
1439! permit entry so as not interfere with processing in the caller.
1440!
1441route-map rm-no-export permit 10
1442 set community additive no-export
1443route-map rm-no-export permit 20
1444!
1445route-map rm-blackhole permit 10
1446 description blackhole, up-pref and ensure it cant escape this AS
1447 set ip next-hop 127.0.0.1
1448 set local-preference 10
1449 set community additive no-export
1450route-map rm-blackhole permit 20
1451!
1452! Set local-pref as requested
1453route-map rm-prefmod permit 10
1454 match community cm-prefmod-100
1455 set local-preference 100
1456route-map rm-prefmod permit 20
1457 match community cm-prefmod-200
1458 set local-preference 200
1459route-map rm-prefmod permit 30
1460 match community cm-prefmod-300
1461 set local-preference 300
1462route-map rm-prefmod permit 40
1463 match community cm-prefmod-400
1464 set local-preference 400
1465route-map rm-prefmod permit 50
1466!
1467! Community actions to take on receipt of route.
1468route-map rm-community-in permit 10
1469 description check for blackholing, no point continuing if it matches.
1470 match community cm-blackhole
1471 call rm-blackhole
1472route-map rm-community-in permit 20
1473 match community cm-set-no-export
1474 call rm-no-export
1475 on-match next
1476route-map rm-community-in permit 30
1477 match community cme-prefmod-range
1478 call rm-prefmod
1479route-map rm-community-in permit 40
1480!
1481! #####################################################################
1482! Community actions to take when advertising a route.
1483! These are filtering route-maps,
1484!
1485! Deny customer routes to upstream with cust-only set.
1486route-map rm-community-filt-to-upstream deny 10
1487 match community cm-learnt-cust
1488 match community cm-cust-only
1489route-map rm-community-filt-to-upstream permit 20
1490!
1491! Deny customer routes to other customers with upstream-only set.
1492route-map rm-community-filt-to-cust deny 10
1493 match community cm-learnt-cust
1494 match community cm-upstream-only
1495route-map rm-community-filt-to-cust permit 20
1496!
1497! ###################################################################
1498! The top-level route-maps applied to sessions. Further entries could
1499! be added obviously..
1500!
1501! Customers
1502route-map rm-cust-in permit 10
1503 call rm-community-in
1504 on-match next
1505route-map rm-cust-in permit 20
1506 set community additive 64512:3100
1507route-map rm-cust-in permit 30
1508!
1509route-map rm-cust-out permit 10
1510 call rm-community-filt-to-cust
1511 on-match next
1512route-map rm-cust-out permit 20
1513!
1514! Upstream transit ASes
1515route-map rm-upstream-out permit 10
1516 description filter customer prefixes which are marked cust-only
1517 call rm-community-filt-to-upstream
1518 on-match next
1519route-map rm-upstream-out permit 20
1520 description only customer routes are provided to upstreams/peers
1521 match community cm-learnt-cust
1522!
1523! Peer ASes
1524! outbound policy is same as for upstream
1525route-map rm-peer-out permit 10
1526 call rm-upstream-out
1527!
1528route-map rm-peer-in permit 10
1529 set community additive 64512:3200
1530@end example