Base BGP Session Configuration! - Ep.6: Understanding BGP

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

at this point all the bgp politics should be handled it's now time to configure the base bgp session by the time you're done here you will understand how to implement and verify the base bgp carrier configuration i want to start with a picture of what we're building here we are using a block of ip addresses assigned from the level 3 carrier which used to be only handled through a static route from them to us the problem with that is if that one connection goes down we lose 256 ip addresses thus a ton of services that are tied to those not good so we want to advertise that network to these other carriers using bgp so that if level 3 goes down the world can still reach these services through other carriers and the best place to start when bringing up that bgp relationship is with the primary carrier task number one will be to convert this from a static route into a bgp session then we can turn our attention to these other carriers and add them in let me also say that this is a real world series as in we're going to be doing this on some real equipment and some of it is already done i wouldn't have been able to show you the letter of authorization and the politics that everybody went through to establish this session if i hadn't already set it up i'll tell you where i'm at today right now which is november 15th at 6 50 in the morning i already have a bgp session configured from this router to this router i also have a bgp session configured from this router to this router this friday at 9 30 at night i'll be adding bgp configuration that allows this advertisement to go out through the i o data blend so some of the things i'm going to show you are already in place like this this is how i established the initial session to the level 3 carrier now item of note i'm actually using brocade devices which i know for some of you that know me from the cisco world are like traitor how can you do such a thing well the truth be told there's a lot of great devices out there and because cisco is awesome everybody's operating system kind of copies them well everybody except juniper they went a little different route so you may see some slight tweaks but it's kind of like butter and i can't believe it's not butter they look the same they taste the same only someone with refined butter taste can tell the difference so these are the core bgp commands used to initiate the session and keep in mind the commands are easy they always are it's everything around those commands that gets difficult like in order to type those commands i had to be at the data center because the way the folks at centurylink worked it was to remove the static route then to establish the bgp session well as soon as they remove that static route i lose access remotely to that device so i had to be plugged into it in an outage window late at night just prepare yourself that's probably going to be what you do here now remember in terms of ip addresses our routers.202 this is.201 so we went in started the bgp process for autonomous system 19468. that is us that's the autonomous system i registered at aaron centurylink is autonomous system 209 and that's always the first command that we need to type in when establishing that neighbor session neighbors in bgp are statically configured they don't dynamically discover each other and we have to identify them with a remote autonomous system number some carriers will require you to use a password which actually becomes an md5 hash which will be attached to every single message exchanged between those two routers to keep it a little more secure other carriers like cogent did not want a password on there as a matter of fact they preferred i didn't have a password on there i said well don't you want one and they go no we don't really want one i said okay and that's okay because this is a private link between both of those this last command down here i typed to change the keep alive timer there is no standard it's not like you can go to rfc xxx and find out what the keep alive timers are they can be different on every single router vendor deployment to bgp i set it to send a keep alive to make sure the neighbor is there once every 30 seconds with a hold down timer of 120 that's a dead timer meaning if this router goes offline my router will know about it within 120 seconds two minutes at that point we'll jump over and prefer one of the other bgp neighbors so here's what i want to do i'm taking you over to our data center where i'm telling it into both of our public edge routers you can see brocade 1 brocade 2. regardless of what vendor platform you're using there's about two or three primary bgp commands that you're going to want to know and again these are the same commands on cisco as they are on brocade as they are on anybody else that copies the cisco ios and doesn't get sued for it the first one is show ipbgp summary love this command this is a summary of the neighbor status that's because if you type in show ipbgp neighbor you get all kinds of data that you're not really concerned about so let me clear that off and just show the summary data right here you can see the local autonomous system number we're configured for and you can see two different neighbors that we have this one is cogent this one is centurylink notice the two different states right here first off i see the remote autonomous system 209 this one is established and it's been that way for 54 days i can see that i've received one route and i've sent one route this one is still in a connecting state and it's been that way for 49 days and i just have one route waiting to send to that neighbor now what's the deal with this well remember this is the real world we just have a single connection to level 3 and we have a single connection to cogent so to balance that redundancy we decided to split which routers used them this one has a session configured for cogent so if this router or this connection or whatever the case is goes down we can do a cold swap we can move that cable over and by the way i would do that via switch vlans i wouldn't run to the data center and actually physically move a cable unless i had to we can move that connection over to here and i've already got the configuration on there that it would establish and start exchanging routes with cogent vice versa i've got this one configured for level 3 but it would also be staying in that connecting state because it doesn't actually have the physical connection plugged into it the second command that you always type on a bgp router is show ipbgp which shows the bgp routing table keep in mind your router will generate a bgp routing table kind of internally and then flush that into the real routing table the reason this command is so handy is you can see what routes you're sending what routes you're receiving and all the information about them now this screen might lead you to a little bit of confusion what's all this stuff well that's jeremy's bad configuration that we're going to fix in a couple nuggets because i didn't filter my routes properly i'll explain that when we talk about prefix lists and route maps and all that kind of stuff by the time it's said done we will see only two routes in this table that'll be the default route coming from centurylink notice this one it's it's saying this is a default route it was received from this which is centurylink and you can see the path is through autonomous system 209 and then internal all of these routes are routes that i locally originated as in they came from my router the only one that should be in this list if i was doing proper filtering is this one this represents the network that i wanted to advertise out to the rest of the world now if i wanted to see what routes were coming from a specific neighbor is the other bgp command i use all the time show ipbgp oops not neighbors routes for the neighbor and then we type in the ip address of the neighbor that we want to see hit the enter key and right there i can see there's only one route that i'm receiving from centurylink and that is the default i mentioned in an earlier nugget that you'll have the choice when you form that neighbor relationship to either receive all internet routes some internet routes or a default only well in our case i don't really care about getting the entire internet routing table on my route as a matter of fact i don't even know if these routers can handle the entire internet routing table i'm just using bgp to advertise my network out to the rest of the world for redundancy purposes so it's totally fine for me just to receive a default last thing i want to show you is flipping over to brocade 2 i'll do a show ipbgp summary and just verify that this is as i was mentioning exactly the flip configuration cogent is established on a secondary router establish route sent and centurylink is the one that's in the state of connecting because again i don't have that physical connection plugged into this router if this was a perfect world and i had a ton of money i would have full redundancy between all of these carriers six total connections in place but as it stands right now i just have two at least until friday when i'm going to be adding in one additional leg of redundancy on each router from the i o data network okay one last show command i want to show you that i do use all the time i showed you just a moment ago the show ipbgp where it shows all of the routes sitting in the bgp routing table you can see that we're receiving a default route from cogent as well i told you that all these should not be there they're there because i did my filtering wrong but not entirely wrong let me show you one more show ipbgp neighbor hit the question mark i'll say i want to focus in on this neighbor right here which is cogent and i want to see the advertised routes meaning the routes that i'm sending to them i see all of these in my bgp table but what am i actually telling cogent about by the way before i hit the enter key you can also use received routes to see just the routes you're receiving from that neighbor i showed a version of that to you earlier i'll press the enter key and look at this the only thing that i'm sending to them is just that class c network or i should say class c subnet all of these more detailed routes are filtered out so yes jeremy made a mistake all these little routes should not be sitting in the bgp table and i'm gonna fix that but at least i cleaned up my mistake in such a way that i'm only advertising this one network to the neighbors ah something else showed up in my head i can't stop talking last thing i want to say you might be wondering if you messed up jeremy and had all those little subnets in the table and you advertise those to the neighbors will they have filters that filter out the little subnets and just allow the big subnet through probably yes the carriers are going to be smart and they're going to manage that untrust well they're going to put filters in place that only allow certain subnet advertisements to come across but it's just bad form to do it that way don't send all your junk over there it's like going to a baseball game and just leaving your trash all over the seat i see people do all the time hot dog wrappers everything else it's like come on man clean up your mess don't make the workers have to pick up your junk same thing here don't make cogent filter out your stuff because you did a poor configuration filter it for them do it well all right now i'm really done you now know how to implement and verify the base bgp carrier configuration i hope this has been informative for you and i'd like to thank you for viewing you

Info

Channel: Viatto

Views: 6,448

Rating: undefined out of 5

Keywords: BGP configuration, Configuration, tutorial, How to use BGP, BGP Tutorial, Jeremy Cioara, BGP, Border Gateway Protocol, IT, Information Technology, Tutorial, How To, Keeping IT Simple, KITS, Technology, carriers, multi carriers, Network Install, Business Network install, networking, business netowrk, IP Addresses

Id: fHfeBUnE0YY

Channel Id: undefined

Length: 11min 37sec (697 seconds)

Published: Thu Sep 10 2020