RRTC Live Stream! BGP Deep Dive

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

what's going on everybody good afternoon hello hello hello hopefully everybody is doing well for those of you that have jumped on here with me thanks for stopping by and hanging out with me we're going to be doing a bgp dive this week gets us out of the igp and keeps us moving forward with what we're going to be talking about as we move forward with the ccmp stuff so i'm pretty excited so for those of you that have ever wanted to dive into bgp that's basically what we're going to be doing today i'm gonna get you guys acclimated to some of the concepts of bgp and stuff like that so good stuff so i'm gonna go ahead and kick us off we're going to go ahead and we have our topology that we've been using and stuff like that so we're going to get this bad boy started what's going on everyone hello hello hello thanks for stopping by um i'm gonna dive right into it i'm gonna do some recording as we go along so if it sounds like i'm recording a video it's because i am so um we'll go from there if you guys have any questions feel free to ask them in the chat i will do my best to answer them to the best of my ability go from there so how's it going everybody in this video we're going to be going ahead and taking a look at an overview of bgp so this is part of a live stream as well so if i'm answering questions or i'm back and forth there's a reason for that so bgp it's actually a rather involved protocol if you weren't already aware of how bgp works um there's a lot that goes into it so one of the things that you really need to understand in terms of how bgp works is what bgp is and how it comes into play so bgp in and of itself is another writing protocol that you could use but you don't use bgp internally um there are some i guess you could debate it a little bit you know i can use bgp internally you kind of sort of can but it's just not a smart move to do because bgp was never designed to replace your interior gateway protocol or your igp like osp fbi grp rip that's not its goal or its intention bgp pardon me bgp is designed to route very large routing tables based on the way it's developed so it is designed to allow one autonomous system and another autonomous system to form connectivity with each other and then do round route exchange now bgp is actually an application and not a writing protocol it's a reachability protocol and this is one of those things that i've as you start diving into how bgp works and stuff like that it isn't set up like an igp it's not set up or going to work the same way that igp does so let's talk about that for just a second what does a igp do well on igp rip ospf eigrp isis we're going to remove isis from the conversation right now because it's technically a layer 2 protocol rip ospf eigrp those protocols themselves use link local multicast between a couple of routers on the same subnet to discover each other dynamically right so they're going to send hellos to a link local multicast address they're going to listen back and forth for each other they're going to discover each other they're going to form a dynamic adjacency which is going to continue to use the hellos to make sure that adjacency stays online and then you're going to do route exchange with each other right now bgp doesn't do that bgp is a manual configuration there are there is one scenario where bgp is not manually set up with what they refer to as dynamic neighbors dynamic neighbors uh allows you to scale bgp dynamically so for example if you have a very large wan connect connection setup where you've got like a couple of hubs you've got multiple spokes and you're doing something like dmvpn or flex vpn those scenarios do come into play or for one other example that i um that you could use is a very large service provider if you've got a very large mpl solar 3 vpn and you or a very large just regular internet route uh internet service provider using bgp you could use dynamic neighbors to bring on new provider edges but that's that's a specific use case you're looking to dynamically add hosts or spokes as you grow there's nothing wrong with that but that's not the goal of bgp right bgp is manually configured and once it's manually configured basically what you're doing is you've got two different neighbors that want to form a peering with each other i say peering but it's got to be manually set up so you have your peering that's set up between two different routers and you once your peering is up and running then you have the ability of propagating routes so bgp for those of you that are not familiar with it is the protocol that runs the internet so if you're trying to go to facebook if you're trying to go to google if you're trying to go to twitter snapchat whatever particular endpoint you're trying to reach or service you're trying to connect to bgp is going to play a part in getting you there so as soon as you leave your home network or your company's network and you try to go anywhere on the internet bgp is how you're going to get there so that's one of those key things that a lot of people especially when they're brand new to it they know that bgp is an exterior gateway protocol but they don't realize that bgp is the protocol that runs the internet so if bgp wasn't around the internet would not be around because you need some way to scale the internet connectivity because right the last time i checked there were the neighborhood of almost 800 000 routes in the bgp table that's a lot of routes so yes it can scale pretty dramatically but it's also one of those things where when you start diving into how it works you have the the process of setting up your peering and then doing the route propagation so the cool thing about is bgp can scale and scale very very large now one of the other things that i like about bgp is unlike a igp where if you're going to have a bunch of routers all peering with each other forming dynamic adjacencies and stuff like that what you'll end up getting is oh thanks thompson lover too i appreciate that man thanks for becoming a member you'll have the adjacencies come online and routes will be propagated right but if something happens with that link what'll end up happening is the protocol will automatically remove that route from the routing table and during that time frame between the route flapping and then the reconvergence and stuff like that that particular protocol is going through convergence right that's figuring itself out bgp is never going to be 100 convergent this is never going to happen where igp works best when it's 100 converged if there's a convergence event in any one of the protocols uh rep eigrp ospf you're going to have to reconverge around that failure figure out whatever path you need to take in order to get to where you got to go why that's a big deal is because in with igp you're dependent on the direction that you're going to be taking your path so for example if we were to look here between router 5 and router 6 what ends up happening is if this link goes down that um the way that igp calculates the routes and figures out where to go is based off of all known links so if i do any traffic engineering with any igp rip grp ospf i'm modifying values at the link level so for example rip is a little bit different because it goes based on a hop count so oh thank you appreciate the shirt compliment you do the um you add in a hop count so forget the actual modification you have to do under the protocol but you have to modify rip to the hop count so you basically have to i forget the actual syntax because i don't deal with very often the um ospf you go to the link level and you modify the cost right so if you adjust the cost on a link that would normally be the primary path and you adjust that cost to be higher than another path then that link is no longer going to be used in the forwarding of that traffic another link will be eigrp same thing whether you modify the delay or the bandwidth that particular path that you were taking if you modified at the link level you're affecting all traffic that flows over that link so when you get into a situation like that that makes the link dictate how the protocol will forward traffic bgp doesn't do that because the link itself bgp doesn't care about bgp is looking at attributes of the route itself so um sure thing no problem zaheed when you look at the the attributes there's a number of them 12 or 13 off top my head and those attributes are what help bgp figure out where it's going to go and how it's going to get to where it's going to go now in a situation like that if i look at igp again you're dependent on the link so if you make a modification at the link level it's going to affect all traffic that flows over that link or bgp you can affect things at the autonomous system level so you can say for example with an as path list you can say any routes that are received in from this as path or this autonomous system number you want to associate this particular attribute to that it could be local preference it could be med it could be aspas prepending it really depends on how you want to affect um how bgp works where i could also take that those same attributes and i don't have to associate them directly to an autonomous system i thought i autonomous systems are kind of are more generic because the fact that you are being specific to an autonomous system but you're also any routes that come from that autonomous system are going to be affected by that attribute modification where if i go in and i do a modification at the the prefix level meaning the actual subnet itself i'm associating that path attribute to that particular prefix or i can do it from the neighbor so if i whatever routes i receive from a particular neighbor or set of neighbors i can affect those particular routes received from that neighbor with those path attributes that's where this real power of bgb comes into play is you're not if a bgp doesn't affect the underlying riding protocol it affects the routes that are coming in so whatever routes i'm receiving in i can apply path attributes to those specific routes and or any uh to the routes that are being learned whether it's coming from the autonomous system the route itself or from the neighbor the the routes are coming from that really gives me a lot of flexibility where igp i don't have that capability i can't go to igp and say for a particular prefix i only want to take this particular path it's very very difficult to pull that off if it's not impossible so these are some things that do come into play that it's a big differentiator between igp and bgp this is something that i see a lot of folks that get into bgp initially they're they don't they don't get that that's all out of the gate that's why i'm talking about it so we have that bgp does support both ipv4 and ipv6 it also supports several what they call subsequent address family identifiers or safis so there's two main afi's address family identifiers the first one is going to be ipv4 the second is going to be ipv6 so literally one is ipv4 and two is ipv6 then you have a multiple sub afi's so you have unicast multicast vpn before mvpn mdt so on and so forth there's a number of them out there we're going to be taking a look at some of the basic stuff here we'll take a look at ipv4 unicast ipv6 unicast we will be taking a look at um vpn b4 and vpn v6 when we get into mpls vpns we'll be taking a look at vpn or ipv4 and ipv6 multicast once we get into the multicast section i will be taking advantage of bgp to do the route propagation for multicast routes because it can do that as well some of the ones we won't be taking a look at are going to be like your vpn b or your later 2 vpn evpn or vp ls we're not going to do any layer 2 vpn we're not going to be looking at uh vxlan evpn we're using bgp as a control plane for the mac address propagation we're not going to be doing any of that stuff here i will be taking a look at those if you want to know more about layer 2 vpns go check out the server spreader stuff that i've already done on the channel check out the service writer playlist on the channel and that will go into those details i did a pretty deep dive on layer 3 and layer 2 vpns so if that's something you want to know about go check those out i haven't covered vxlan in any real depth on the channel yet i plan on doing that in the near future but right now i'm trying to work my way through this very large series of videos there's a lot of content to create so i'm slowly working my way through it now um bg again bgp is not a protocol it's an application used for reachability so you form appearing between a couple of routers and you propagate routes fairly simple stuff as long as you keep it pretty simple bgp is actually very very easy to work with and my goal here is to keep things simple i'm not going to go into any super deep dives on some really oddball routing designs or anything like that where we're having to make lots of modifications to the routing topology in order to get things to work if i'm not trying to do a super deep ccie deep dive i'm trying to keep it more geared to those of you that are looking to get your ccnps and stuff like that but because the fact that this series focuses on encore as well as in rc we'll be taking on some of the more complicated aspects of it we'll dive into those deeper concepts but i'm not going to go into any super crazy um overly complicated bgp implementations although the reality of it is if you take bgp and you were to like for those of you that are familiar with it and what the what an accordion is you know when you have an accordion when it's not being used it's completely collapsed but if you take an accordion and you stretch it out you know you get that little flexible piece in the middle there stretches out right well if you take bgp and you expand all of its different features and capabilities well that's basically what i'm going to try to walk you guys through is if you were to look at you know how to get the route the the the peerings up and running how do you how do you do configuration scalability uh through uh peer groups and templates and then doing route reflectors and confederations and things like that and then do your route propagation how do you do that communities aggregation stuff like that uh then the bgp best pass selection process communities i don't know if i already said that or not but when you start taking bgp and you start expanding it and you start to kind of untwist it and understand all the different capabilities that it has you realize how involved it can be but then you can break it down into chunks you can chunk it out and be like okay i'm going to focus on this particular part of bgp then we're going to work our way into the other ones and it makes it bg makes bgp that much easier to deal with because when you really break it down into what you're trying to accomplish it makes bgp actually fairly easy to understand and you're like well bgp isn't that complicated so it's when you start chunking it up it makes it bgp easy to approach so there's a couple different things that come into play when it comes to how bgp works bgp has a couple different ways of taking the routes that you actually want to advertise and actually advertising them the first of which is going to be provider independent where i'm sorry we'll start with provider aggregateable provider aggregatable means that you are buying access from a service provider that has their own bgp implementation and you're basically going to let them advertise your address space and that's what you're going to let them do you're going to let them advertise the address space that you're using so for those of you that have home internet right now and like i have my home internet right now that i'm using the stream the stream from i don't have a bgb peering to my provider i have a i have an internet connection at my house and that internet connection allows me to reach the internet but what's actually happening with that that connection is i have a public ip address range that i've got and what ends up happening is the provider has appearing to other bgp peers and the subnet that has been allocated to my internet service is advertised into bgp by the provider right so what ends up happening is all the other internet routers in the in the internet now know about my public address space because of the fact that my i have an asa firewall that terminates my internet my asa firewall has a public ip associated to it when that public ip address is advertised out into the internet traffic on the internet knows how to get back to me because remember the routing is bidirectional so you need to be able to get out and back in order to get to where you got to go if you can't get back or you can't you know that that's a bad thing you know then the path is broken think of it like if you were to be at your home and you want to go to the grocery store or you want to go to the movies or you want to go to some destination routing is destination based so wherever i am to wherever i want to go there's got to be some sort of path from me to the destination that i want to reach and there's going to be a return path it could be a different set of of roads that you travel or a different set of internet links that you flow through maybe a different set of service providers you pass through but whether you go you know one two three four or two four five eight doesn't really make much of a difference as long as both ways you can get back to where you are starting from that's the key thing writing is bi-directional you go out you come i gotta be able to come back that capability and that understanding really ties into how internet riding comes into play so as long as the provider is pro is advertising your internet circuits for you you're in good shape now this means that you're just getting internet service from them now can you form a bgp period with the provider and then have still have them advertise the routes for you you can absolutely i've had many many customers do that now the other side of the fence is what happens if you want to go own your own address space let's say you go out and you have your own slash 24 or your own 16 or whatever size 7 that you need is that possible 100 percent you can go out there and there's a number of auction sites on the internet that you can go and put down a bid for an address block that happens to be opened up and you can go through the process of going from the auction site and then going through uh iana and going into your account and then having that particular address space that belongs to somebody else that gets transferred into your address space or into your account and become you become the owner of that editor space and then from there you can go to the provider whoever you want to appear with and be like okay i want to use my address block and i want to go ahead and set up a bgp pairing with you and then i'm going to advertise that route on behalf myself i'm going to go in there i'm going to say the network statements but i need you the provider to go into your filtering rules and allow those routes to get propagated because the provider is going to have their own set of filters in place when it comes to allowing that stuff to happen they're not just going to allow you to advertise whatever like you can't advertise rfc 1918 address space the the 10 net the 172 net the nets you can't advertise those on the internet so providers are going to have like a front-end filter that are going to block those subnets from being advertised and because of that you're going to have to make sure that they're only pro propagating what it is that you need to send now i've worked with some providers in the past where they've gone ahead and you're propagating the you advertise say your slash 24 you configure one at your interface with an ip address in that slash 24 range the provider's got their ip address that you basically give them that they're going to configure on their device you form your bgb peering and then the route gets advertised fairly straightforward concept everything works great if something happens the providers kind of um they're only responsible for the peering right on their side you're responsible for your appearing if there's no reachability the provider is not on the hook for that because they can't they're not in control of your equipment they're not in control of your environment right and that's where the autonomous system concept comes into play what exactly is an autonomous system an autonomous system is a administrative boundary or domain that's the way i like to reference it so liking we talked about eigrp and the autonomous system the eigrp autonomous system is going to be used to dictate the flooding domain or how far a particular route will flow well that's similar to how bgp works but also different a bgp autonomous system number one router can exist in a bgp autonomous system number and is completely okay but it can form peerings with other bgp routers and other autonomous systems eigrp you can't do that you can't be on router 1 and be autonomous system 1 and be on router 2 and be an as2 and form an eigrp period that will not work you have to be on the same autonomous system number with eigrp bgp you don't have to do that in the internet you're going to have lots and lots of autonomous system numbers or asn's they come in two different values you have the two byte value which is 16 bits long which are going to be let me go ahead and start taking some of these specific details and draw them out here and i did get some feedback to not use red anymore because apparently it's too uh it's hard to see so i will go to white based off of some feedback that i had so with the autonomous system values with the asn's you have zero through i'm sorry let's go technically it's 65535 is going to be your range value your public asn's are going to be 1 through 6 d 4 5 11 and then your so this is going to be public and your private is going to be 64 512 through 6 5 5 3 5 right so you're going to go ahead and you're going to want to get an address range if you're going to be riding on the public internet in this range right here that's what you're going to want to grab now what happens if you've got 64 512-65535 can you still use it on the internet you can the only difference is with this one here the provider is going to have to add in a command on your neighbor can your neighbor statement that's going to be remove remove private as so if you peer with them what they say is 65535 for example and they're 2178 which i don't know why that number came out off top my head but 2178 is the provider that you might be appearing to they're going to receive your routes in so if you advertise the subnet in of say 101.6 and the source dot of a system number is 65535 and you're peering to 2178 what will end up happening is 2178 will receive this prefix from this source autonomous system number what will end up happening is this as number will actually get stripped off and the route right here will actually get advertised as 2178 to the rest of the internet that's how you can poor you can appear to the public internet with the private as and the provider is still able to propagate your routes for you that's one way of getting around it the other one is going to be the 4 byte you have the 4 byte so this is this is 2 byte then you have 4 byte 4 byte is take 2 byte and multiply it by 2. so you've got zero through six five five three five dot zero through six five five three five so this is gonna be 32 bits because it's 40 oh it's four bytes and what you end up doing is you get what they refer to as a s dot and what that a s dot comes into play is it will on older routers which you'll end up getting is a i believe it's a two three four five six if you're on a router that doesn't support a s dot capability or doesn't doesn't understand the four byte autonomous system number you end up getting uh that value where when you have a router that does support a s dot you can go onto the router and type in in global config as notation dot on ios and i forget what the other the xr variation of that is i'll have to look i think i might that might be as notation dot um but the the purpose of this is to give you more scalability with your as note your autonomous system numbers so if you do if you're doing the non-as.format this i don't know how the correlation comes into play where you get like you know 61 5 27 3 this could this would be like 21.12 right now i'm not saying that's the exact correlation to it but um if this is your uh this is your non-as.format and this is going to be your as.format then how that com how cor how it's added in i honestly don't know i never read into that because i honestly not that i didn't care just i didn't understand it so if you are going to be using a four byte autonomous system number it's a really good idea to make sure that all routers in your administrative domain your autonomous system are configured to view the autonomous system that's being received as asdot that's going to make it easier down the road in the long term for you to get everything up and running so that's that's so just some high level details on how uh that comes into play now i'm going to clear the screen and we'll talk about a different type a couple different types of ib or bgb pairings the peering types there's two you have ibgp which is going to be referred to as internal bgp and on a cisco router that's going to be an autonomous system or an administrative distance of 200 and this is going to be a peering from one router to another router in the same as so same asn peering so if i'm on r1 and i want to connect to r2 and r1 is in as120 and r2 is an as120 and they form appearing with each other this is an ibgp period this is very common in if you want to do bgp as your overarching writing protocol this is a very common thing to do there's a couple different ways to pull that off we'll talk about those here in a few minutes the other part of this is going to be ebgp this is going to be external bgp and if i am using this it's going to be an autonomous or administrative distance of 200 where it's going to be different asn appearing and the concept here would be if i am doing r1 to r2 this guy would be one this guy would be two and we're forming a peering between each other this is ebgp this is where the exterior gateway protocol concept comes into play and that's the real differentiator between the two once you understand that you understand the basic constructs of how bgp works that's really the the main differentiator between the two and the administrative distance it goes into with that now as we get further into the meat and taters of how bgp works we're going to talk about how the um the propagation works how to set the peerings and all that type of stuff that comes into play so that is the beginning part of the the breakdown that i wanted to cover in terms of how it works and stuff like that so what we're going to go do is i am going to um stop this recording real quick because we're done at this point so thanks so much for stopping by guys and we'll catch you guys in the next video so um the the next topic that we're going to bring up is going to be how would you go about setting up a peering and what would that process look like so let me go ahead and start the next video real quick how's it going everybody in this video we're going to go ahead and talk about the different bgp peering types and how you would set those up so the concept is actually relatively straightforward if i am sitting here on we have a couple of different autonomous systems we're going to be working with we have this autonomous system right here and we have this autonomous system right here and i built it these two out specifically for this setup so and i'm going to draw these out in different colors so i'm going to choose let's go sky blue will be this will be all of my high bgb bearings right ibgp ibgp ibgp ibgp this will work just like that and that's basically where that will come into play same thing up here um now i'm going to do a full mesh over here so this will be a full mesh and then over here we're going to do a rot reflector design where we're actually going to take autonomous system 100 and i'm going to make this will be the what the public sees we're going to break this down into two different confederations i'm gonna have confederation one here which will be one three six one three six the atomic the router numbers and over here we're gonna have another confederation this would be two four five okay what we're going to do is this guy right here and this guy right here will both be rot reflectors now we haven't talked about route reflection but we're going to that's going to allow these guys to to connect to here and here like so and then here and here like so and then any routes that are taken from this guy and propagated outbound are going to be propagated to this guy and then sent down to here again we haven't talked about rot reflection yet in much detail but we will all this stuff internally is ibgb peerings now another thing that we'll do is we will do appearing between six and five this will also be in an ibgp appearing but it'll also be referred to as a confederation ebgb bearing because we're going to be comparing between two different confederations in the setup we'll do the same thing over here so we have all that connectivity up and running now i'm going to switch over to let me go to yellow green between the providers we're going to have this one link right here right this guy right here will be an ebgp bearing meaning we're going to be appearing from one provider to the other and getting all that squared away now any connectivity that we do between the providers is going to be ebgp one autonomous system to the other i'm going to have an ebgp pairing from here to here i'm going to have an ebgp pairing from here to here and then i'm going to have an ebgb peering on 45 we'll do one to xr21 and then this one here we're not going to appear this one here we're not going to do a peering i'm going to simply take this particular prefix the 200.8.46 subnet i'm going to advertise it into bgp for reachability because we don't have to form a bgb peering in order to propagate the route because all we have to do is have something that's directly attached to us and advertise that into bgp and that's going to provide the reachability basically how we're going to accomplish that so that's basically where that will come into play i'm going to first start off with this guy here in the middle so let's talk about that real quick if you guys have any questions on anything that i'm doing let me know and i will answer any questions in the live stream in the chat but i'm actually going to clear the screen off now that you know what we're going to be doing we're going to talk about the different how you can set up ibgb pairings because we're going to spend some time breaking that down and then going through the actual configuration steps let me go ahead and clear the screen off real quick and talk about how that will come into play and we switch back over to white so when we talk about ibgb pairings we have a couple different variations that we need to understand the first one is going to be a full mesh because we have this some rules that we have to understand about how bgp works with full mesh you have in order for rust to get propagated a an ibgp route can only be propagated one hop and then it will no longer be able to be sent any further into the network so for example if i have r1 here i have r2 here i have r3 here if i form an ibdp period between these two guys and i have let's say r1 has an ebgb peering somewhere over here on the internet what are you using for your lab no that is uh it's even g that's what i'm using for the lab um if i learn a route in on r1 from an ebgp pier that route will get propagated down to r2 and r2 has an iagp so let's say ospf here period r3 that route will not get propagated down to r3 now if i have an ibtp appearing here to this guy will this route get propagated down it will or i'm sorry it won't be and the reason why i won't is because the propagation is in full mesh which r2 and r3 don't have a don't have a propagation so actually another thing about this one probably will this one will but if i had a any other way it would not so if i try if i wanted to do a connection where r2 has a bgp peering to r3 but r3 does not have appearing to r1 then it wouldn't receive anything from r1 so full mesh gets a little quack a little quirky so where i have a setup where we have i think it's r7 xr 22 r8 and then we have xr21 we have a full link connectivity we're going to do a full match so everybody will have appearing to everybody else so i'm going to show you the right way to do stuff and how to get it up and running to eliminate any potential problem that you might have of getting connectivity up and running so this is one of those things where knowing that you need to have it there will automatically help you understand and i troubleshoot the problem where if you have a b2b peer that you have in your environment that isn't full measure fully meshed into the environment if you're not doing route reflection then you need to have you need to be pure with everybody else it's that's simply just the way it's got to be there's you know you can read up on bgp in more detail but that's basically what needs to happen i am a big proponent of rock reflection and the reason why i'm a big proponent of it is because it cuts out down on the amount of full mesh connectivity so if i start advertising getting all these links up and running and i start doing all these peerings as you can see these pairings start to get a little ridiculous right and i come up here and then i do connection back this way and connection back this way that's a lot of bgb pairings for not a lot of gain right now if i have an a ebgb peering to somebody else so let's say this goes to uh r6 over here i got an ebgb peering here if i receive a route in from r6 xr22 is going to propagate it this way i'm going to propagate down to r8 it's going to propagate it down to xr21 which is what we want to do we want it to do all that and then they'll be able to propagate it to all of their peers so on and so forth so we'll have full mesh connectivity that's really really important when it comes to how bgb propagates routes now another variation of this is going to be with route reflection route reflection allows us to eliminate a lot of those full mesh capabilities so we have i'm going to do say r1 r2 r3 then r4 r5 and r6 this guy right here will be a rot reflector and this guy right here will be a route reflector what does route reflection do well as the name states he receives a route in and then reflects the route back out look i mean the name dictates what the operation is doing so what i do from the route reflector is i form a peering to us to a particular set of routers so r5 will form with its peers and then we'll be good to go there if i go and i um i'm going to be doing a confederation so i'll be so this right here will be the sub a s here will be um we'll say 101 and this sub a s will be 102 what will end up happening with rot reflection just between these guys right here is i if i have an ebgb route learned from here and an ebgp route learned here what will end up happening is i will learn that route in i will reflect it to r2 r2 will take that route and then reflect it down to r1 r1 receives a route in from ebgp it takes that route propagates it to r2 r2 then reflects it down to r3 and everybody's happy that's the point of route reflection if insane the same thing would happen if i had um because these are guys are going to be ibgb peered so r2 will form appearing with r1 and r3 r1 and r3 will not peer with each other not directly so any rots we need to propagate will be propagated between the rot reflectors the rock reflectors will not be peered to each other so we're not going to do this that will not happen so we're going to eliminate that right away and we will be doing appearing between r1 and r4 and r3 and r6 that's supposed to be a 6. we'll do that and this will be considered to be a confederation ebgb pairing because we're preparing between the different confederations now with that being said we're going to talk about the last one which is going to be the confederation the confederation in its simplest terms let me go ahead and get out of the way a confederation is taking a very large autonomous system and breaking it down into smaller autonomous systems so if we have r1 r2 r3 r4 r5 and then r6 and we all belong to the same autonomous system that means that i either need to do a full mesh of connectivity like this which is just ridiculous no one's going to do this this is just not going to happen this is a bad idea what i recommend what willing to actually end up happening is what you can do is what we're going to be doing down here where we if this was well if this was not a a confederation if this was just a single autonomous system we could take r2 and r5 make these guys our rot reflectors and then we could peer down to all of our pe routers or the routers that connect to other autonomous systems and we could set this up like this so that would be connectivity where all the rock reflectors would have peerings down to other routers and we'd be in really really good shape and then if you know if we have ebgp routes being learned in from r3 and r6 that information will be propagated to two into five respectively and then propagate it down from r2 and r5 to r1 and r4 that would get that would work all day long we're going to be doing some something very similar down here where we're going to put these guys in their own sub-autonomous system numbers so you guys can see how that works and then we're going to make these guys rot reflectors so that we're going to be doing confederations with rot reflectors inside of it to get everything working when you break down a or you start breaking it down into sub-asses what you're basically doing is kind of like what you do with ospf you take like area 0 and then you connect off into area one and then you connect down into area two and then off this one here you've got area three and so on and so forth and that's really where the power of confederation comes into play because it allows you to break up your bgp domain and give you a lot more scalability so it's meant to help control the raw propagation and give you easier traffic engineering and stuff like that so that's basically how that comes into play so what i'm going to go ahead and do now is i'm going to dive right into the config and we're going to go ahead and get this process started let me go ahead and bring up the cli and we're going to start over here on uh autonomous system 200 autonomous system 200 will be started and we're going to go in here and we're going to form full mesh connectivity with everybody so first thing i have to do though is i have to make sure that i can reach everything so i should be able to reach the loopbacks of everyone see seven and eight are not um front and i'll see eighths loop back let me uh oh somehow it got wiped i don't know how that happened but um i will work on the other ones i'll get eight up and running here it won't take that long to do so on router seven i'm gonna go to global config type in router bgp and this case here's gonna be 200 now when you do this there's going to be the default um the ipv4 unicast address family is going to be turned on by default where what will end up happening is we're going to form a ipv4 unicast peering to every router that we're appeared to or that we set up if you don't want that to be on by default you can turn it off i'm going to keep it on for right now but i'm going to turn it off in subsequent setups just so you guys can see the difference so i'm going to type in a neighbor and i need to appear to 202 021 so 200.2.0.21 and the reason why i'm going to go loop back to loopback is because if i don't then if i appear directly to this link so 207.21 if i appear directly to the link and this link dies so is my vgb peering so i'm going to do that i'm going to type in remote is going to be 200. i'm also going to say that the update source is going to be loopback 0. because i want to go loop back to loopback peering i'm going to do hit the up arrow and i'm going to go type in 22 to appear to xr22 and do the same thing here get that all squared away so there we have that and then on router 8 i'm going to go ahead and throw the commands in there but i had to go configure router 8 real quick and get him squared away so let me go ahead and do that real quick on router 8 that won't take me long at all oh it's not even done running yet let me go to xr21 and get him squared away we'll go to global config and what i'm going to do is i'm going to type in router bgp 200 and i'm going to type in neighbor in this case here it's going to be 200.2.0.7 type in remote as is going to be 200. the address family is going to be ipv4 unicast and i'm going to set the up actually backup one up the update source is going to be loopback zero and one of the things i have to do underneath bgp is i need to turn the address family of ipv4 unicast on in order for that to work if i do a show config you can see my syntax i turned the address family on and then i also got the peering started to that particular router now i can basically grab this information right here i can basically copy this and hit the up arrow a few times and go to the the neighbor config which is right here and go to uh the 21 has it's set up so i'm going to go type in 8 and then copy and paste the config in there like so it makes it pretty simple to do the config like that now i'm on 21 do i want to form appearing with 22 i'm going to do it just because of the fact that i can i'm just going to show you that i don't need to be directly connected to it because ibgp has a ttl value of 255 which means i can be basically across the world and still form a bgp pairing with you so i'll do 22 copy and paste that config in we do a quick show config and there's our syntax pretty straightforward stuff i'm going to go ahead and i'm going to commit that config and then what you'll see is eventually router 7 will form a bgb peering with xr21 so that's all we've configured as of right now router 8 is ready to go so i'm going to go ahead and quickly configure him if we look at router 7 we can see that we're we have our bgp appearing up and running it's an ibgb peering we go to router right real quick and host name is going to be ios 8 and then on interface gig 0 0 ip address will be 200.8.21.8 24. we're gonna no shut that guy go to gig one and we'll do 22 no shut and then interface gig zero slash four give that a couple seconds for the interface drivers to detect the up and then we're gonna go to here and do a 7.8.8 and then a no shut there so there we have that and then we're going to have an interface loopback zero ip address will be 200 let me move this over just a little bit so i can see it 2.2.0.8 32. and i'm going to go to router rip version 2 no auto summary and we're going to type in network of 200 across the board that will get us adjacencies with everybody and i'm going to go ahead and save that config right there so we don't run into this problem in the future next thing i'm going to do once that's done writing the config is i'm going to give that a second to finish do show ip route rip do show ip interface brief did i not know shut the interfaces oh they just haven't started advertising rats yet if i look at the show ip route the routing protocol hasn't kicked in yet to advertise the routes momentarily it will rip just takes a minute to do its thing so but i'm going to go back to 21 21 has a bgp peering up which we can see that and i'm going to go to 22 and i'm going to configure him real quick to do the same thing now what's cool is on 21 i can do show run router bgp and i can literally just take the syntax i can copy it out of the router i can pull up notepad and i can just dump this config into notepad and make the little edits that i need to make so instead of going i'll go to 21 and then do all this go to 22 log in real quick go to global config and then paste that syntax in and commit it there we go so once router 8 is online i'm just waiting for it to why is that not working ios 7. do show run section rip that should be working by now oh okay apparently i have to do these other network statements so let me go ahead and just throw them in real quick um well that's right because we're calling we're ipv we're in class c ranges we have to throw in those extra statements so network of um network 200.2.0.0 we'll do uh 7.8.0 we'll do uh 8.21.0 and then 8.22 i forgot about that so we'll be good to go there and then do show ip route there we are so now we have everything in play i'm going to go ahead and save that config now router 7 i'm going to go do show run section uh bgp and we're going to go ahead and take the syntax that's right here and we're going to copy it into here and we'll go ahead and we'll remove this guy and say this will be seven and this will be seven and then we'll just copy keeps the bgb appearing pretty simple right and then on router eight we'll go to router eight copy paste and then we'll form ibgb pairings with everybody else that we're appeared to fairly straightforward stuff so we're good to go there all right so now we have all those pairings up and running from from rotter eight i'll do a show ipbgp summary i have three peerings up one to seven one to twenty one one to twenty two and i'm in really really good shape now let's move on to our little bit more advanced config so i'm going to start off with a configuration where we do the the confederation and this is going to take a little bit more time because in fact we have more routers and we also have to do the um the route reflection once we get that in play we'll then be able to move on to our ebgb pairings and get them all squared away so that'll be pretty straightforward so on router 1 we'll go in here we have to verify that the underline the underlying routing table so we'll do a show iprout eigrp make sure that we have all of our loopback addresses advertised so we have i can reach uh two three four five and six which is going to be needed because those are gonna be the loopback addresses i'm gonna be appearing to i'm gonna go to global config here and instead of doing the bgb period that i did a minute ago i'm going to use a different variation of it so in this case here's gonna be router bgp and then um we're gonna use 100 but underneath here it's having no bgp default ipv4 which is going to turn off the ipv4 unicast connectivity that's going to happen automatically and what we'll do is we'll have to manually turn on the or manually activate the neighbor adjacencies that we're going to be forming and what i'm going to go ahead and do is i'm going on here what's having confederation or i'm sorry bgp and then confederation confederation and then i'm going to put the identifier on this guy as going to be 136 and the pier that i'm going to be appearing to i'm going to be using the pyramid connecting 2 is going to be 2 4 5 which is going to be r1 is going to be period to xor 2. can we have the left file on task for practice if you become a member you can download all that right away so i'm going to go ahead and do the same configuration on router 6 and router 5 just so you guys can see that process so on router router 5 we'll go to router bgp 100 and then we're going to type in no bgp default ipv4 and then we're going to type in the bgp confederation identifier in this case it'll be 245 because we're on router 5 245 and the bgp confederation pier will be this case here would be one three six and that's that i'm gonna do the same thing on router six we're gonna type in the router bgp 100 uh no bgp default ipv4 and then we're going to specify bgp confederation identifier of 136 and then the bgp confederation pier will be 245. now that i had that in play let's go over to xr2 and do the same thing over here on xr2 i'm going to go ahead and log in go to global config type in router bgp 100 and underneath here i need to specify bgp and then the same process applies to your configuration and i need to specify the identifier for xr2 will be 245 and my peer will be one three six fairly simple stuff i'm going to type in address family ipv4 unicast so that's going to be the address family that we're going to be using and then we're going to go ahead and begin our configuration of xr3 and r4 so on our forums where i'm going to start i'm going to go to global config here type in router bgp 100 and i'm going to type in bgp confederation identifier is going to be 245. i'm going to specify that i'm going to use a configuration enhancement so the way that we can do this on ios is we have a couple different options we can either use the peer group the bgp peer group command oh what's that command uh i'm sorry it's neighbor and then we specify uh we'll say uh ibgp and then we can say peer group and and then underneath this guy we can populate it with the details we can type in the remote as in this particular case we're going to appear inside of the identifier the configuration identifier in this case here in router 4 it'll be 245 because we're forming an ibgb peering inside of the confederation so we have that and we can say the update dash sources will be loopback zero and that's all we're going to do for right now we don't need to do anything else for the peer group and i'm going to type in neighbor and the ip address we're going to appear to is we're going to say for 100.1.0.2 we're going to say peer group is going to be ibgp and uh and then the same thing for 5. and if we go to address family ipv4 unicast we're gonna have to go underneath each one of these guys type in activate and we'll do five here okay i don't know what this is all about but i'm going to remove it because if someone's trying to troll me do that and then i'm also going to if when we do that we do a show run section bgp what you'll see is the peer group configuration will also be added underneath the the address family here and what we need to do underneath here would be the neighbor 100.1.0.2 and we're going to type in pure i'm sorry we'll type in ibgp and we'll type in route reflector client bigger pardon not an internal cl neighbor can i and can we put this person in let's say timeout yeah i can put i put that person in timeout so oh i see what the problem is so we can't use the configuration identifier we have to use the 100 that's my fault i forgot about that so neighbor ibgp remote as of 100 and then address family ipv4 then neighbor ibgp rot reflector client there we go and then we'll go underneath uh do show run section bgp again just to verify the config and what i need to go do is because we're underneath the peer group we'll automatically get the that propagate the rot reflection pro but because we're underneath the peer group the route reflection capability will automatically be associated to this particular neighbor and then what i'm going to do is jump onto r5 and i'm going to type in neighbor of 100.1.0. remote as of 100 and then the address family ipb4 go ahead and just activate that adjacency or i should say activate that peering so that will bring that peering up and running for us there it goes do show run section bgp and while i can literally just copy and paste this i can edit it a little bit and put this on 1 and 6 to get it going so i'm literally just going to do this config right here going to pull up notepad one more time and we'll be able to say the neighbor that we're going to be appearing to 2 is going to be 3. so i'll change this over to be 3. and three here and i'll be able to copy and paste this into uh one and six respectively so let me go to router 1 and i'll paste this in and go to router 6 and paste this in and then i'm going to go to xr6 i'm sorry xr3 xr3 i have to go ahead and log in and then router bgp 100 address family ipv4 unit cast and then we're going to say that the uh bgp confederation identifier is going to be 245. i'm sorry this here 136. 136 here and we're going to type in the neighbor statement neighbor of 100.1.0.1 remote as of 100 update source is going to be loopback zero and then address family ipv4 unicast we'll type in rot reflector client so show config you can automate the config on xr as well through a neighbor group or a session group i'm just not i'm choosing not to do that right now we'll go to router 6 paste that in like that and then i'm going to go ahead and commit that config we'll give that a couple seconds to form its peering and then one and six should form a peerings with router three here momentarily which i just did so one and three are now up and running which is what i want to have all right so the last step for me to go do if we on uh xr3 if we were to do show bgp ipv4 unicast summary we would see that i have two peerings here if we look at router 4 and do show bgp ipv4 unicast summary i have router 2 is not up yet i haven't configured two that's why so let me go underneath here and type in uh neighbor of 100.1.0.4 remote as of 100. update dash source is loopback zero address family ipv4 intercast commit that config that will get router 4 and router 2 operational and then once that process is complete we'll have all of our ibgb peerings done inside the confederations there we go the next thing for me to go do is compare router 1 to router to xr2 so on router 1 i'm going to type in neighbor neighbor of uh 100.1.0.2 remote as of 100 and then address payment under the update source is going to update source is going to be back zero and then address family ipv4 gonna activate it and then xr2 same thing neighbor of uh 100.1.0.1 from mode as of 100 update source loopback zero address family ipv4 unicast commit that config now i'm going to go over to do the same thing on five and six and on here the neighbor of 100.1.0.5 i'm sorry six remote as of 100 the update source be loopback 0 address family ipv4 go ahead and activate it and then on 6 same thing neighbor 100.1.0.5 remote as100 update source is loopback zero address family ipv4 and then activate alright so we've got all of our steps in place now and we should start to form appearings there router 1 and 2 are now up which is what we want now that i have all that in play now we need to do our ebgb pairings the ebgp is relatively straightforward i'm going to go ahead and i'm going to stop this video because we've gotten to the point where we have everything up and running so the ebgp side will take care of in the next next video so until next time guys thanks for stopping by i'll catch you guys in the next video all right let me take one second here how's it going everybody in this video we're going to go ahead and take a look at setting up ebgp between all of our neighbors and getting all that squared away and then do the wrap propagation so configuration wise pretty straightforward stuff i'm going to go to start on ios 6 actually you know what i'm going to do 5 to 17 first i'm going to get this propagation to happen so on 5 since we're the provider we're going to start here i'm going to go in here i'm going to type in underneath router 5 i'm going to type in neighbor of 100.5.17.17 remote as of 65100 and address family ipv4 go ahead and activate it okay now on 17 come over here show ip interface brief we've got this guy right here we're going to go to global config router bgp uh in this case here 65 100. i'll type in neighbor of 100.5.17.5 remote as of 100. now after a couple seconds we should get a what happened there so what it's basically telling me is that the config is wrong did i do show run section bgp did i accidentally put in 100 now listen 65 100 why is five giving me let me just go ahead and say no bg no no router bgp six five one hundred that should not have happened why is this giving me a hard time do show run section bgp that sorry to hear that man that sucks so let's do ping 100.5.17.17. i can ping it why is that i wonder if 17 was giving me the squawk because this guy right here is telling me i hope it's not telling me that they can identify her do i have them reversed i hope i don't we go to the calculator you can calculate what the information is giving it to you um if you go to i think it's scientific no it is programming yes and you plug in this value right here you do zero zero f5 so i need to go to hex and it's clear it's zero zero f five okay so the identifier is i got it backwards so it's it's supposed to be in not that big of a deal i can i can fix that so i had it reversed that's okay i can deal with that on uh here i'll type in router bgp and it's supposed to be i'm supposed to technically supposed to have them reversed so what basically is happening that's my mistake instead of having this is supposed to be your public autonomous system number or sorry your uh your identifier is actually supposed to be your actual public ip or public autonomous system number this value right here is supposed to be your your confederation number but i always thought that was reversed but uh because right now 17 is saying well you should be in uh one 245 but you're not you're telling me you're 100. so i can just change that around a little bit so ryder bgp 65 100 type in neighbor of 100.5.17.5 remote as of 245. that should get the peering up there it goes so that was my mistake i had it reversed but um no big deal so that gets that peering up and running and what i'm gonna go do is a do show run or i'm going to do a network command underneath here 100.5.17.0 mask 24. so that'll get the route propagated to five and if i do show i p bgp summary i'm learning a route in from router five and you can see that it's coming in at six five one hundred that should get learned by four and it is i'm learning it from four now if i go over to six do show ipbgp summary i'm learning it in and you'll notice that it's coming across which is what i want to see and everything's looking pretty good there so if i look at xr3 and hit the up arrow i am did i not update it right writer 6 is receiving it in why is it not showing your break i'm receiving the route in but xr is do show iprout it's not installing it now let's use it as an eigrp route oh that's why because it sees as an internal route how did that happen how did i learn it that way i wonder if five accidentally has it set up this way so do show run section eigrp i wonder if that's what happened that's what happened i've got eigrp enabled on every interface starting with 100. so i need to go on underneath eigrp underneath this guy and i'm going to type in af interface is going to be gig 0 slash 2 af interfere is going to be passive interface so that should take that propagation down so if i go to 6 now when i do show ipbgp it should not be learned via eigrp anymore hopefully 517 so right now this particular network right here is actually being advertised into eigrp and that's why we had to it should get removed the passive interface command should take care of that for me by having it there so let me go to five and let me exit out real quick and i'll type in network statements for what i need to have in there instead of doing the broad statements so i'll specify i need to go network of 45 100.4.5.0 0.0.0.255. and then 5.6 and then network of 100.1.0.0.0.0.0.0. uh 255. do show run section eigrp when you do when you make mistakes like that that could potentially cause you a lot of headaches so i'm going to remove that broad network statement pull this network statement out the 100 all and then that should remove the propagation from here there it is now it's being learned via bgp right there xr3 should now be learning it in why is he not learning it in that's really weird six is receiving it do show ipbgp summary am i not advertising it show ipbgp uh what is the command i'm looking for i want to see advertised routes neighbors and then 100.1.0.3 and then advertise routes i'm not advertising any routes to him why am i not advertising any routes to him now he's not a writers xr3 should be set up as a rock reflector so do show run um bgp he is set up correctly i believe and then six should be appearing show run section bgp not sure why it's failing let me see here i may need to do we're not doing any mpls so i don't need to advertise mpls with it um wonder if that has something to do with it 136 and 245. let me pull this command out real quick i don't know why that's there it shouldn't be peering with myself do show run section bgp unless i need to set the next top that might be part of the problem let me see if that fixes the problem why am i not advertising any neighbor 1.0.5 receive routes okay i need to do the software configuration inbound should have known about that let me go ahead and soft reconfiguration inbound and let's do a clear ipvgp soft and hit that up arrow if you receive routes okay i'm receiving that prefix and if i do the advertised routes why am i not advertising it i don't understand why i'm not advertising it oh i know why so the reason why i'm advertising is the next hop is wrong so my next stop is pointing it towards um 17 so i need to change uh router 5 needs to be the next top self so that's what i forgot to do so do show run section bgp that's right i can i forgot about that so these are why i'm glad i run into these problems i know how to fix it just a matter of analyzing the problem so right now on six i'm just peering with it so let me go ahead and just grab this config let me say next top self because basically what's happening is on router six aside he's receiving any seeing i'm receiving the route but you're telling me that i because it's an ibgp update you're basically telling me that 17 is how i get there and i don't know how to get there so if i do a show ipbgp if i do a clear ipbgp star soft i think 5 has to push it do clear ipbgp star soft go to 6 now it changes it so now if i go to the advertise routes that should change it to now 3 should be receiving it show bgp summary that's really weird why is it i know how to reach it now let's do a clear ipbgp starsoft do an update i'm not advertising it to him not that big of a deal but it kind of is so what i need to go do now is configure the reverse way so six show run section bgp i need to configure uh five and six accordingly so i need to go over here to five and type in next top self and do clear ipbgp star soft because i'm going to have to go set up appearing let me let me do the peering between xr2 and 16 first so on x on 16 show ip interface brief this guy not set up yet that's okay let me just go ahead and i uh host name is ios 16 uh interface gig zero slash one ip address is gonna be 100.2.16 24. no shut it and for a uh for uh ebgp you're correct but not for ibgp so we're going to go ahead and router bgp 65100 we're going to type in neighbor of 100.2.616.2 remote as of and i have to remember the uh the confederation id in this case here i'm going to reverse that and then network of 100.2.16.0 mask 24. then on xr2 oh let me do this cisco cisco go to global config and then uh router bgp in this case here 100 i'm going to specify a neighbor of 100.2.16.16 remote as of uh 65100 address family ipv4 unicast now in order for these routes to be learned or accepted anyway i need to create a route policy to accept the routes so i'll type in route dash policy i don't have one created so i'm just going to call it rpl ebgp i'm sorry i need to type in uh what is the command it is uh pass and then accept and do a show config and i need to take this guy again underneath here type in route dash policy uh rpl ebgp in and out and that'll be the config that i need to process so just do a show config real quick the rpl is needed in order to accept the routes but this that's for ebgb peers so i'm going to go ahead and i'm going to commit that config and we should get a bgp peering to [Music] 16 here momentarily which we do so now i should have an xr2 do show bgp summary i am learning routes from from four i'm learning those routes in which is what i want to see which is awesome now i get to go to six show ipbgp currently i'm not learning anything from 16 yet that's okay though and what i'm gonna go do let's see if five learning anything do show ip bgp i'm learning it from this guy now i if we go to six eventually i'll start learning stuff from five because i should and then what we'll do is jump over to i can do the peering here part of me is thinking i should just rip out the the confederation convey and circle back to that i think that's what i might do might be just easier to do that than it is to continue to try to do the bgp the peerings the way that they are but i'll do that in a different video i kind of need to uh because things are kind of broken right now i think they get federation of the reasons behind it but let's look at it's receiving that route in five is seeing both it comes in oh i know so i need to do the um uh the same thing on xr so on xr2 underneath this appearing to r4 so i need to exit out of here real quick and do show run router bgp what i need to do on four let me grab this guy right here underneath the the address family config underneath here i need to come underneath here and say next top self and commit that as well so now with that being pushed five should now see it coming in as dot two six should see it hopefully clear ipbgp star soft i'm not sure why he's not does force propagating it show ipbgp let me go to five and do the same thing that i did towards six so do show run section bgp i need to do the next top self on that one as well give that a second to prop to do its thing and then i will grab this and then next top self do clear ipbgp star soft so now that's there go back to five i'm sorry uh show ipvgp so i'm learning that in from 2 now now 16 or 6 should be seeing it now and it's weird that it's not all right so now it's now it's seeing where it's coming from which is what i wanted to see i've got the next top set correctly so 5 is seeing it xr2 should be seeing 17 so show bgp summary and i'm seeing those updates i've got those updates set up correctly and now i should be able to go to six show iprout why is this not sending it the way that i need it to am i accidentally sending now i know xr is specific to eigrp is only doing these peerings on these interfaces so i'm actually not sure why it's giving me a hard time kind of perplexed at the moment but it's not that big of a deal i'm going to go between xr21 and ios 6 i'm going to go ahead and set those b2b peerings up and get them squared away show ipbgp summary i should be learning something from let me just double check to see if there's anything going on with one there's some syntax that i need to throw in here so show run section bgp so the peering to two into three i need to set the next top cell phone underneath the address family config so let me go ahead and just do that real quick next top self and the three do clear ipbgp star soft and xr2 i believe i show run router bgp i think i did it to everybody but i'll onto one i did not so let me go ahead and do that to one real quick get that squared away uh next top self in mpls vpn you don't need to do this in regular internet routing you do because there's no labeling you don't have a label switch path so things are a little bit different so six is xr was router one learning the routes do show ipvgp summary i'm learning a route from [Music] these guys from one but xorth he's not learning anything from either one of those which is really weird am i [Music] should i be route i should have reachability to these guys which i do let's see there's nothing spectacular about the setup either but i'm not receiving any routes from one i wonder if let me take a look at the syntax again i'm half attempted to update source rock reflector client they're ibgb peers there's no doubt about that if they weren't ibgp then the route reflector client config would fail so um let's look at six but i'm only receiving one route in why is he not seeing 102 sorry i'm looking at i'm sorry i need to look at this one here oh you know what um i know what the problem is and it would cause it would take a fair amount of reconfiguration to do this i would need to flip-flop the um pull out the configuration stuff and then i would need to do bgb uh so what's happening here now that i'm thinking about it is confederations changes the way that bgp operates so right now i have a route reflector client here to here and here to here but technically these are confederations and it's failing to to work the way that i needed to so a solution would be to remove the confederations and circle back to that at a later point in time and then two to four i'm sorry from four to six and three set up wrong reflector clients this way do something like this so xr3 so the rock reflector clients of each other and then the that would fix the problem so that's what i'm gonna go do and uh i'm gonna rip out the confederation config and then i'm going to set up a peering to each one of the rock reflectors that should eliminate the problem because right now because it's not a full mesh it's giving the problem that i was trying to avoid but we can fix this so you're going to see me live troubleshoot it so let me go to here and pull out the bg the confederation syntax so no confederation here and no configuration here and i'm going to take these two lines of config and do something like this let me go over here to um xr3 go to global config actually go to router 6 because i'm in the same path router bgp 100 and just type those both in router 5. get rid of the config configuration configure as well and router bgp 100 and pull the syntax out i'll come back to that at a later point in time and then on 4 i'll do the same thing are not very common to mine to my knowledge i have never seen one in production so it's um not exactly applicable here for the rotting and switching track or for enterprise it's more of a service spreader thing so let's go to xr2 and go to global config router bgp 100 and pull those pieces of config out real quick and get this back on track real quick and then xr3 i think i just have the and then what i'm going to do is on r1 since i'm right here i'll just type in neighbor of 100.1.0.4 remote as of 100 the uh update source is gonna be loopback zero did i forget to do that for 100.3 i think i might have and the address family ipv4 neighbor of 100.1.0.4 activate and then next top self i don't technically need that but well i will because it's going to be evgp updates but um i'm going to do that real quick and i'll do the same thing for six grab six real quick um do show run section bgp and i will add a neighbor statement to how do i forget the date source to to three that's weird i could have swore i had that in there but that's okay um we're gonna do neighbor to 100.1.0.4 remote as 100 and then update source loop loopback loopback zero address family ipv4 and then go ahead and activate that one and we'll do a next top self just for good measure and that should get us squared away we have to go to four and add those routes so type in neighbor of 100.1.0.1 remote as or sorry peergroup is ibgp because i didn't remove the i needed to remove that command here we're going to say no and pull out the confederation identifier that's not needed anymore and i 17 the peering drop nope they're still up there which is good four and then we'll do the same thing to 6 address family ipv4 and that pops up right away which is good now i get to go the same thing two and five so underneath xr2 we're gonna go to um neighbor of 100.1.0.3 from remote as of 100 update dash dash sources loopback zero address family ipv4 unicast and then uh next top self for this case commit and then we'll do the same thing for uh four is already in place so we don't need to worry about that one and then we'll do the same thing on five we'll type in neighbor of 100.1.0.3 remote as 100 update dash source is loopback zero address family ipv4 activate and then next top self we're going to go to 3 and do show run router bgp i've got one and six in here i need to add uh two and five so neighbor of 100.1.0.2 remote as of 100 update dash sources loopback zero i just family ipv4 unicast rot reflector client show config and i'm just going to copy and paste this in after i hit the neighbor statement uh that'll be five and commit that all right so now that's been removed and we've updated the config that should take care of any problems we potentially might have in terms of the operations so we go back to five and we do a show ipbgp summary we're receiving the routes we got the correct updates if we go to six show ipbgp and there we go so i'm learning it in which is what i needed to have do a show ipe route bgp routes are being learned let's do a quick bgp we see the routes are being propagated which is solves our problem now the next one we're going to do is we're going to go 6 to xr21 so on router 6 we're going to go to global config router bgp 100 we'll type in neighbor of 12.6.21 remote as of 200 and then address family ipv4 do i have to do the activate i do uh we'll do 21 we'll do activate and then we're going to go over to um 21 come up here i'm going to create the rpl right away so i'll route dash policy rpl ebgp type in pass keep it very very simple router bgp 200 neighbor of 12.6.21.6 remote as of 100 up and then address family ipv4 unicast and then we're typing route dash policy um rpl ebgpn in and out and commit so momentarily we should get a bgb peering to router 6. which we do and we jump out of here and do a show bgp we should receive both of those prefixes we have 2 16 and 5 17. i'm going to go ahead and on xr21 i'm going to go back to global config router bgp 200 underneath address family ipv4 unicast and i'm going to advertise this 201 200 2145 so i'm going to type in a network of 200.21.45.0 24. i'm going to go ahead and i'm going to commit that i'm going to go take a look at xr2 and do a show bgp i should have that prefix show up here momentarily it'll take some time for it to propagate six should see it right away uh let's see here 21 and since it's attached to 21. i already did enable the address family the address family's already been enabled man so do show bgp the route is there now six should start seeing it there it goes it just took a couple seconds for it to propagate and then xr2 should see it he does and which is what i want to see and then 16 should have it um and i think my peering might have gone down because i changed well no it should be okay or no you know what uh show ippgp summary yeah my peering went down so let me go ahead and fix that router bgp 65100 we're gonna do show run section bgp and then we're going to go and i'm going to pull this command out neighbor of 100.2.16.2 remote as of 100. that should get us adjacency back up or appearing i keep saying adjacency when i'm going to say peering um there it goes and show ippgp i get 2200 2145 receive back in same thing with 17 because my autonomous system changed on the other side i'm gonna go router bgp 65100 and we'll get that guy squared away i'm just going to pull this command out i'll come back and do confederations at a later point in time type in the neighbor command but i'll do it to 100 and that will bring appearing up now the last i'm gonna now that that's up do show i p bgp beautiful everything's working out there i'm gonna go ahead and clear the screen off i'm to go ahead and set up 8 to 46 so on router 8 if i go in here show ipbgp i should be receiving those routes but you'll notice that on here it says 12 621.6 i need to go to xr21 and do show run router bgp underneath these pairings i need to go ahead and add in next top self underneath the address families so what i got to do is um grab the neighbor statement real quick then address family ipv4 unicast and then next top self do something for 8 and then 22. go ahead and i'm going to commit that config on 21 now i'm going to go right over to router 8 and now that they've been updated to the loopback address that they can reach now we're in good shape i'm going to go over to here and type in router bgp 200 type in neighbor of 200.8.46.46 remote as of 65103 and then i'm going to go over here to 46 pardon me i'm going to type in router bgp 65103 and then neighbor of 200.8.46 dot eight remote a s of uh 200 and then i'm going to type in network of 200.8.46.0 mask 24. just like that now on 8 i have to go back to do show run section bgp and i have to set the next top self command on all of my adjacencies as well or on my peerings because right now they're not set so underneath here i have to say next top self on 21 and then 22 respectively and do clear ipbgp star soft alright so now if i go to now that that's in play i should be able to go to xr2 and after it propagates this will take a minute or so so don't be surprised if it doesn't show up right away if i show ipbgp i'm directly wired to it so i should see this propagate here momentarily if i do a summary i am at an idol why am i an idol my peering has not come up yet why did it not come up yet duping 2.8.46.8 that would be why let's go check out router 8 show ip interface brief and i don't have that interface configured yet that would be a good reason let's go to interface gig 0 2 ip address of 200.8.46.8 24. no shut it and i'm gonna do right and save the config okay now that we've got that in play our bgb appearing should come online here momentarily and it does do show ipbgp the route gets advertised from 65103 xr2 sees it almost right away so i should have reachability from 16 to 46 so let's go to 16 and there it is so we're going to ping 200.8.46.46 let's make sure that 46 can see the return path show ip bgp show ip route i have 100 to 16 in the writing table so why am i not able to reach it just because you have control plane reachability doesn't mean you're going to have data plane reachability so why is that so we're going to go take a look at this in a little more detail and figure out why we're not able to get to where we need to be so i'm going to go ahead and scoot this down just a little bit so 46 i look at it i have reachability to 16 16 should have reachability to [Music] um 46. if i do a trace route to uh 200.8.46.46 numerically oh that's not good what's that tell me i have a loop so i jump into the service spreader network i hit router 2 then i go to router 4 then i go to router 3. i jump over to router 1. some reason router 1 takes me that path takes me back to router 1 then it tells me to go back to router 3. that's an internal routing issue on inside of this core and the reason why that's happening is if we look at router 1 and do a show ip route eigrp you'll notice that we have a default route in the routing table because we don't actually know how to reach that particular prefix we don't know where to go with it we have no idea how to reach the 200 network so what i've got to go do is on i think it's router 5 i am show ip or show run section eigrp i'm advertising a default route and this becomes part of the problem with reachability issues so what i'm gonna go do is underneath this guy right here i'm going to remove this default route no summary address that's going to resynchronize those adjacencies and remove the default route so now i'm going to go back to 16 and run that traceroute again and now i get to router 3 router 3 is like i don't know what to do with it so router 3 is like well what gives now we could wait for it to figure itself out if we go to xr3 and we look in the routing table show route we look in the riding table whoops let me scoot this up we look in the rib we don't have no clue how to reach anything 200 right and that's that's one of those things where when you're dealing with this connect this type of routing this is the more complicated routing to go through than it would be if you're dealing with mpl's vpn you wouldn't have this problem with npls vpn because you would have a label switch path to tie to and you'd be using ldp to get from the ingress pe to the egress pe all that stuff would be figured out for you we'll talk about that in a different set of videos but the problem we have right now is xr3 is like well i have no idea what to do i've got a couple routes advertised right i've got 100 here um but i don't i've got 105 17. i've got that advertised from router 5. but if we look at the show route bgp we see 100 216 but we have no idea what to do with the rest of it so that's that's a problem right so if we look at router 6 who are receiving the 200 rounding from right to a show ip bgp we can see that we're receiving those prefixes in from a next top right we look at router 5 show ipbgp we're receiving those routes in from the loopback address of router 6 xr3 if we show ipbgp summary we're receiving stuff in from six specifically if we look at this we can see we're receiving it in but it's just like oh notice that it doesn't know how to xr3 doesn't how to reach that particular next top so we have to do is back on 6 show run section bgp i'm pretty sure that on the peering to that connection pardon me i didn't want to blow your eardrums out we are not doing next top self on the three network so we have to go up here router bgp 100 address family ipv4 and on this adjacency or this peering i should say is set next top self do clear ipbgp star soft so now we've done that if we look back at xr3 we can see now those routes are there and if we go back to 16 let's try that again we're able to get there all day long so because the fact that we don't need to redistribute any of the bgp routes into our internal routing we just need to have a path from when we get to the ingress router on xr2 we look at xr2 we know what next hot to point towards so here we have the loopback address of router 6. so i'm going to actually stop this video and i'm going to walk you guys step by step through the bgp data plane path verification because that's a really big one it's this goes to show you that you can have control plane reachability but data plane is is just dead in the water right i'm going to show you how to do the recursion process so i'm going to start the next video up here in just a second give me one second hopefully you guys are getting something out of this how's it going everybody in this video we're going to go ahead and take a look at bgp data plane verification so walk you step by step through the recursion process and how bdp figures out how to send traffic so um the way that this works is it's actually pretty straightforward but you definitely have to understand how bgp ties to the writing uh bgp and igp work together in this particular situation so if i am if i'm on 16 and i do a show ip route well i'm glad it's helpful for you there anthony i'm glad that you i'm glad that works for you um if i want to get to this particular next top or i'm sorry this particular prefix i need to know how to get there right remember i was talking about earlier i don't know if you were uh those of you that were are just joining or if you've been here for a little bit that in order for you to get to where you need to go there's you need a way there and a way back right so what we do is on 16 we know that we're going to go to a next hop of 100 216 2 okay 100 216 2 gets us to xr2 okay xr2 when we look at the bgp table we look at this for the same prefix it says 10106 okay when we go in the as path we can see that um the original as that originated this was 65103 in this case here that's going to be router 46 that's the autonomous system number he sits inside of you have as200 is the the first as that he passes through so that's a this is a transit as this is the originating autonomous system this is your transit autonomous system when you look at 16 and we do a show ipbgp we're going to have three autonomous systems we're going to have the originating autonomous system and then the transit autonomous system of 200 and the transit atomic system of 100. so 100 and 200 are both transit as's we're using those to get from one source to one destination on xr2 we can see in order to get there we have 10106 so but if we look at the bgp table show iprout bgp we have no idea how to get there right bgp is completely unaware of how or what 10106 is it's oblivious right so how do we fix that how do we get to where we need to be well the simple answer is we have to look at the igp writing table this is the key reason why you would never use bgp to replace your igp so for those of you that you know like so that i don't want to say necessarily argue but debate igp versus bgp internally this is why you don't use bdp internally could you advertise these routes and make it happen you can but it's awfully dirty it's not a good idea so if we look at the show route eigrp because we know eigrp is our internal writing protocol we're going to find 10106 and we're going to know how to reach it by these two different ways which means that from a routing perspective internally in order to reach the loopback of router 6 i need to either send traffic this way or send traffic this way that gets the job done right and then if you were to go to router 1 and do the same lookup it would tell you to go this direction if you were to look at router 4 it would tell you to go this direction or this direction xr3 is going to tell you to go here ios 5 is going to tell you to go this direction right so they all point they all they know how to get to where we want to go and that's why when you do an internal trace route for example let me go back to the pen the pencil if you trace route 100.1.0.6 from a source of 100.1.0.2 numerically you need to have a igp known path on how to get there that's a really really important thing as long as you can you know that you're in good shape now that gets us to x ios 6. ios 6 is where that ebgp route is learned from right so we take this and we do a show ipbgp we know how to reach 20846 from 12 6 21 21 right that's going to be the as path or the next uh direction we need to go in order to reach where we're trying to go which is xr21 as an ebgp peer we know that because our internal our bgp autonomous system number is 100 theirs is 200 we know it's an ebgp route so what we get to go do is we get to go jump over to xr21 we'll go ahead and log in we'll do a show bgp we know that 208 46 is uh internally known via ibgp we know that because it's right there and we have a loopback address that we're going to be using to point towards it's a public ip in normal terms but we get to where we got to go from there so how do we know how to reach 200 208 show route bgp well we certainly don't know how to reach via this there's no route to that destination here if we do a show route rip we're going to see 20208 here by a gig zero zero zero so we know we need to recurse that way in order to get to where we got to go and that's basically where that process comes into play the next step for us to go do is to jump over to router 8 show ippgp we are we see 200 846 right here now this r right here means a couple different things it means that this route is learned by another path not bgp so it could be learned through an igp with a better administrative distance so anything better than 200 or what ibgp uses number two it's directly connected to us it's one of those two things so if we look here do a show ip interface brief ta-da gig zero two is two hundred eight four uh eight forty six so we know that's going to be the cat or the kicker here when we do this so with that being said when the recursion comes into play we go to rudder 46 and we do a show ipbgp while receiving a bunch of routes we can see where traffic is being originated from and going to we can see that 221.45 is there so if i was to ping 200.21.45.45 got another problem no reachability there how what do we have to do to fix that one on quite a rate when we look back here remember that we said that um we advertise this link in here so the problem is is that a router 45 we're trying to ping it if we look at router 45 you're going to be like oh that makes so much sense show ip route number one we don't have any idea how to reach 208.4846 meaning that we need to just do a default route for example so if we were to configure a default route zero to zero to iprout to zero zero zero zero to zero here to 200.21.45.21 now we have a default route we go back to router 46 hit the up arrow bam we can rock towards it so that's where that type of stuff comes into play as long as you can you have a pointer if the provider is doing provider aggregation meaning they're advertising the prefix for you your router needs to have a default route pointed to it as the provider in the event that the customer is doing their own route advertisement so for example in this case your router 46 is doing his own round advertisement he's got a peering up he's doing his own broad advertisement then you don't have to worry about that because you're automatically propagating the route for it but since we're not doing that on router 45 we have to have a pointer on 45 back to the provider now what if we wanted to have high availability what if we wanted to have a this connection here also added we could do that as well we could go over to router 6 and we could go show run section bgp we can add 100 645 here and go underneath router bgp 100 address family ipv4 and type in network of 100.6.45.0 with a slash 24 mask we've got that going on for us now so now i could go to ios 45 and i can put this default route in here and point it to this guy and type in 100.6 but i can put an administrative distance on this of say i don't know 10. the cool thing about this now is this is now a backup route so do show run or sorry do show run type include iprout what we just added to the setup is a level of high availability so the connection goes down towards xr21 i have a backup route towards router 6 on a different autonomous system number so that gives me flexibility there so that's basically how you would want to go about getting all this stuff squared away and operational so let's just go ahead and make sure that we have reachability from everywhere to everywhere before we cut out and end the stream so 45 from here i'm going to do a ping to 100.2.16.16. i'm going to do 17 5.17.17 i can reach that and i can ping 200.8.46.46 i can reach that so because i have connectivity via bgp everywhere that means that when i go in to do other things like for example d and vpn or flex ppn because 45 and 46 will be our dmv piano flex vpn spokes we'll be able to reach them we'll be able to get there all day long with that being said ladies and gentlemen that is it so we are good to go there so because the fact that we have reachability everywhere proves that the connectivity is where we need it to be and all that good stuff kind of glad you guys got to see me troubleshoot a little bit and work my way through the problem have to first identify the problem and then secondly you have to be able to work around the problem so those are some pretty big deals in terms of the the day-to-day if you run into problems you need to i need to know how to identify what the problem is and how to figure it out so it took me a few minutes there to figure it out but once i was able to pin it down it was pretty easy for me to um to rectify it so i jumped again a little bit with the confederations no big deal we can always circle back to those at a later point in time but that ladies and gentlemen is bgp so i want to thank you guys for hanging out with me in the stream today it was uh it was awesome having everybody here and i will be doing uh this as we move forward i'm trying to get the videos done as quickly as i can for actually let me go ahead and start the recording i'm trying to get the uh the videos recorded as quickly as i can so that i can get them out to you i've slowed my uh instead of doing a bunch of videos at one time i'm releasing them one day at a time which actually gives me more time because it keeps the view counts higher and stuff like that so um so yeah good stuff if there's something you'd like to see in a stream in the future please uh either send me a mat uh you're probably best bet is to send me a message on twitter or something along those lines or post a comment on one of the videos and be like hey can you cover this but um pretty much that's what i wanted to cover in this video until next time guys you guys have a nice day and i will catch all of you next sunday if something pops up i'll let you know but uh i should be on stream next actually hold on a second will i be available to stream um that'll be the 22nd so yeah i should be able to um yeah i should be able to anyway you guys have a nice day i will see all of you next time and thanks for stopping by take your easy all

Info

Channel: Rob Riker's Tech Channel

Views: 2,819

Rating: undefined out of 5

Keywords:

Id: YiKQ0CfvTNA

Channel Id: undefined

Length: 135min 40sec (8140 seconds)

Published: Mon Nov 16 2020