Basic BGP

Written on by admin on. Posted in BGP

Hi everybody! This is first lab from BGP series and here I would like to talk about basic bgp configuration. If you are new to bgp you need to know that each BGP router belong only to one Autonomous System (AS), and BGP neighbors can be of two types:

  • IBGP neighbors – when two neighbors are in the same AS;
  • EBGP neighbors – when two neighbors belong to different AS.

IBGP means Internal BGP, and EBGP means External BGP. In this article we’ll build a simple BGP scenario in GNS3 on Cisco devices, where will  configure both types of BGP neighbor relationships. See below the scenario I have prepared.

Basic-BGP

 From picture you can see that R1 with BORDER_1 and R2 with BORDER_2 are IBGP neighbors while BORDER_1 with BORDER_2 are EBGP neighbors (because they belong to different AS).

 To configure BGP start with router bgp AS which enters you to BGP configuration mode. Here AS represents Autonomous System to which the router belongs.
Take note that a router can belong only to one BGP Autonomous System

Next, configure bgp neighbors with neighbor (ip-address | peer-group-name) remote-as AS  command. In this lab will set neighbors based on ip address not on peer groups. To tell the router what to advertise use this command: network network-number [mask network-mask] [ route-map map-tag]. In this lab will not use route maps.

Now, let’s return to our scenario. Below you see configurations according to our topology and commands described above.

R1

R1(config)#interface fa0/0
R1(config-if)#ip address 192.168.0.2 255.255.255.0
R1(config-if)#no shutdown 

R1(config)#router bgp 64520 
R1(config-router)#neighbor 192.168.0.1 remote-as 64520

BORDER_1

BORDER_1(config)#interface fastEthernet 0/0
BORDER_1(config-if)#ip address 10.0.0.1 255.255.255.0
BORDER_1(config-if)#no shutdown 
BORDER_1(config-if)#interface fastethernet 0/1
BORDER_1(config-if)#ip address 192.168.0.1 255.255.255.0
BORDER_1(config-if)#no shutdown 

BORDER_1(config)#router bgp 64520
BORDER_1(config-router)#neighbor 192.168.0.2 remote-as 64520
BORDER_1(config-router)#neighbor 10.0.0.2 remote-as 64530
BORDER_1(config-router)#network 192.168.0.0 mask 255.255.255.0

BORDER_2

BORDER_2(config)#interface fastEthernet 0/0
BORDER_2(config-if)#ip address 10.0.0.2 255.255.255.0
BORDER_2(config-if)#no shutdown
BORDER_2(config-if)#interface fa0/1
BORDER_2(config-if)#ip address 192.168.100.1 255.255.255.0
BORDER_2(config-if)#no shutdown

BORDER_2(config)#router bgp 64530
BORDER_2(config-router)#neighbor 10.0.0.1 remote-as 64520
BORDER_2(config-router)#neighbor 192.168.100.2 remote-as 64530
BORDER_2(config-router)#network 192.168.100.0 mask 255.255.255.0

R2

R2(config)#interface fastEthernet 0/0
R2(config-if)#ip address 192.168.100.2 255.255.255.0
R2(config-if)#no shutdown

R2(config)#router bgp 64530
R2(config-router)#neighbor 192.168.100.1 remote-as 64530
Note that if you use the mask in network command then the network in routing table must match network from this command. Also note that you can advertise any network that resides in routing table and is not necessary to be directly connected.

You have few tools to verify bgp status:

  • show ip bgp;
  • show ip bgp summary;
  • show ip bgp neighbors;
  • show ip bgp rib-failure.

Also you can use debug command. Let’s  show BGP neighbors on BORDER_1:

BORDER_1#show ip bgp neighbors 
BGP neighbor is 10.0.0.2,  remote AS 64530, external link
  BGP version 4, remote router ID 192.168.100.1
  BGP state = Established, up for 00:20:11

... output ommited ...

BGP neighbor is 192.168.0.2,  remote AS 64520, internal link
  BGP version 4, remote router ID 192.168.0.2
  BGP state = Established, up for 00:28:42

As you see we have two neighbors with BORDER_1 one internal and one external. Let’s see the results of show ip route on R1:

R1#show ip route 
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.0.0/24 is directly connected, FastEthernet0/0
R1#

Hmmm … !  As you have seen on R1 we don’t have external route to 192.168.100.0/24 which is expected to be. This is because routing updates sent by BORDER_2, which is an external router, have address 10.0.0.2 as source ip address, but in this case R1 doesn’t have any idea how to get to 10.0.0.0 network and that’s why BGP on R1 doesn’t put in routing table a route to 192.168.100.0/24 but keep it only in BGP table (you can check it with show ip bgp command). To overcome this we have to add on R1 this command: BORDER_1(config-router)#neighbor 192.168.0.2 next-hop-self, which will change source ip address of routing updates sent to R1 (will change to its fa0/1 ip address).

BORDER_1(config-router)#neighbor 192.168.0.2 next-hop-self

The same you need to do on BORDER_2 to change update source to neighbor R1.

BORDER_1(config-router)#neighbor 192.168.100.2 next-hop-self

And now let’s see again routing table on R1

R1#show ip route 
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C    192.168.0.0/24 is directly connected, FastEthernet0/0
B    192.168.100.0/24 [200/0] via 192.168.0.1, 00:02:42
R1#
And a ping from R1 to R2
R1#ping 192.168.100.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.100.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/69/92 ms
Whew! We have done it! This was a basic BGP example. For more examples browse through our labs. See You!
57749 views

Comments (38)

  • prash

    |

    In the above scenario why we can’t ping 10.0.0.0/30 from R1 and R2 . when we can ping R1 from R2 and viseversa

    Reply

    • admin

      |

      Hi! Well, you can’t ping 10.0.0.0/30 from R1 and R2 because there is not a route in routing table of R1 and R2 to 10.0.0.0/30 network. This prefix (10.0.0.0/30) is not advertised in BGP neither in a IGP. You can ping 192.168.100.0/24 from R1 and 192.168.0.0/24 from R2 because those prefixes are advertised by BGP. If you need to have access to 10.0.0.0/30 network you will need to setup a IGP like OSPF or EIGRP, or by putting a static route for this prefix on R1 and R2.
      Cheers!

      Reply

      • KEITH

        |

        THANKS A LOT DUDE

        Reply

      • rs

        |

        Can u explain the way to put a static route on R1 and R2 . i would appreciate if u explain command here

        Reply

      • rs

        |

        Sorry , i got it
        ip route 10.0.0.0 255.255.255.0 192.168.0.1 on R1
        am i right ?

        Reply

        • admin

          |

          Yes, a route to 10.0.0.0/30 if you need to reach it from R1 and R2. Or you might advertise it through an IGP like OSPF.

          Reply

  • prash

    |

    Hi admin ! thanks for your valuable reply. i did configured a static route and it worked. thanks a lot.

    Reply

    • admin

      |

      It was my pleasure!

      Reply

  • siti

    |

    can u show me how to setup ospf or eigrp on R1 n R2

    Reply

    • admin

      |

      Actually, you can use this topology without OSPF or EIGRP. You could check OSPF or EIGRP tutorials for details.

      Reply

  • siti

    |

    hi admin..
    actually i’m looking for a configuration regarding BASIC BGP CONFIGURATION IN IPV6.
    do u have any that can help me with my project.

    Reply

  • avantel

    |

    Why can’t ABR2 ping R1 f0/0 and ABR1 ping R2 f0/0?

    BORDER_1#sho ip route
    Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
    D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
    N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
    E1 – OSPF external type 1, E2 – OSPF external type 2
    i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
    ia – IS-IS inter area, * – candidate default, U – per-user static route
    o – ODR, P – periodic downloaded static route

    Gateway of last resort is not set

    10.0.0.0/24 is subnetted, 1 subnets
    C 10.0.0.0 is directly connected, FastEthernet0/0
    C 192.168.0.0/24 is directly connected, FastEthernet0/1
    B 192.168.100.0/24 [20/0] via 10.0.0.2, 00:17:43
    BORDER_1#

    Reply

    • admin

      |

      Hi,
      the reason for this is that when you ping R2 from BORDER_1 and R1 from BORDER_2 you issue ping with source interface fa 0/0 which is in 10.0.0.0/30 subnet. R1 and R2 have no route to 10.0.0.0/30 so they can’t answer to these pings. Try instead to ping with source interface fa 0/1 and will see that ping works ” BORDER_1#ping 192.168.100.2 source fastEthernet 0/1 “,
      BR

      Reply

  • saran

    |

    Hi,

    First of all, thanks for writing these great tutorials. I typed out all the config’s of the routers and for some reason without using the next-hop-self I had all the routes and could ping 192.168.100.2 from 192.168.0.2. Ironically when I added the next-hop-self it stopped working. Do you think this something wrong with the config I have typed or a bug with GNS3?

    Reply

    • admin

      |

      Hi,

      Could you share router configs?

      Reply

  • Tselvan

    |

    yes u can…but if u share ur network is not secure now…

    Reply

  • Mithil

    |

    After executing the command: ‘BORDER_1(config-router)#neighbor 192.168.0.2 next-hop-self’ , you have written to do “The same you need to do on BRANCH_2 to change update source to neighbor R1”. what exactly needs to be done here? Which is branch_2 and what command needs to be done, i’m not getting ping because of it. Please help

    Reply

    • admin

      |

      I’m sorry, I meant to say BORDER_2. You need to add on BORDER_2 the same command, i.e., to advertise to R2 routes learned from external peers (in this case BORDER_1), but with BORDER_2 being the source in advertisements. BORDER_1(config-router)#neighbor 192.168.100.2 next-hop-self

      Reply

  • kyaw Myo

    |

    Please Let me know why do we use bgp? advantage and disadvantage of bgp. what are bgp different other protocols.

    Reply

  • Sunny

    |

    please explain when to use network command and when to use neighbor command as i am not getting by just a line.Can i also use network and neighbor command on same network?

    Reply

    • admin

      |

      Hi Sunny,
      commands neighbor (ip-address | peer-group-name) remote-as AS and network network-number [mask network-mask] [ route-map map-tag] have different meaning and purpose.

      First command, neighbor (ip-address | peer-group-name) remote-as AS is used to establish neighbor relationship with other BGP enabled router. Then, network network-number [mask network-mask] [ route-map map-tag] command is used to advertise specified network to BGP neighbors specified in neighbor (ip-address | peer-group-name) remote-as AS.
      So, if you want to advertise routes through BGP you need to setup neighbor relationships between routers, then use network network-number [mask network-mask] [ route-map map-tag] to advertise networks between routers. When you advertise networks in BGP, only BGP neighbors will receive those network routes updates.

      I hope I was clear. If you need more details, please specify. Best Regards.

      Reply

  • Sayed

    |

    Thanks mr admin

    Reply

  • Selim Azad

    |

    R1

    !
    interface GigabitEthernet0/0
    ip address 10.0.0.1 255.255.255.252
    duplex auto
    speed auto
    !
    interface GigabitEthernet0/1
    ip address 192.168.0.1 255.255.255.0
    duplex auto
    speed auto
    !
    interface Vlan1
    no ip address
    shutdown
    !
    router bgp 100
    bgp router-id 10.0.0.100
    bgp log-neighbor-changes
    no synchronization
    neighbor 10.0.0.2 remote-as 200
    neighbor 192.168.0.2 remote-as 200
    network 192.168.0.0

    =============================
    R2

    !
    interface GigabitEthernet0/0
    ip address 10.0.0.1 255.255.255.252
    duplex auto
    speed auto
    !
    interface GigabitEthernet0/1
    ip address 192.168.0.1 255.255.255.0
    duplex auto
    speed auto
    !
    interface Vlan1
    no ip address
    shutdown
    !
    router bgp 100
    bgp router-id 10.0.0.100
    bgp log-neighbor-changes
    no synchronization
    neighbor 10.0.0.2 remote-as 200
    neighbor 192.168.0.2 remote-as 200
    network 192.168.0.0

    I don’t know how to conf BGP , this situation i can’t ping 192.168.0.0/24
    to 192.168.100.0/24
    what can i do?

    Reply

    • admin

      |

      Hi Selim,
      could you specify where is 192.168.100.0 attached? is R1 connected with R2 on both Ge1 and Ge2?

      Reply

  • selim.azad

    |

    R1

    interface GigabitEthernet0/1
    ip address 192.168.0.1

    ===========
    R2

    interface GigabitEthernet0/1
    ip address 192.168.100.1

    Reply

    • admin

      |

      Hi,
      I see in your first comment that both routers (R1 and R2) have identical IP addresses for interfaces and the same BGP configuration. I think you posted wrong config for one of the routers. Could you check?

      Reply

      • selim.azad

        |

        Thanks admin
        I faced this problem for Packet Tracer.

        Packet Tracer does not support internal BGP

        Thanks again

        Reply

  • Aaqib Inam

    |

    Please guide me how to add a route on R1 so that i may reach from R1 to R2.

    Please guide step by step i am a new one. I have connected two pcs on R1 and G1 respectivly and want to ping from PC1 to PC2 via R1, R2 to G2, G1 and PC2 respectivly and vice-versa. My Configurations are:

    R1 Configuration
    ——————
    interface FastEthernet0/0
    ip address 192.168.20.1 255.255.255.0
    duplex half
    !
    interface Serial1/0
    ip address 1.1.1.2 255.0.0.0
    serial restart-delay 0
    !
    interface Serial1/1
    no ip address
    serial restart-delay 0
    !
    interface Serial1/2
    no ip address
    serial restart-delay 0
    !
    interface Serial1/3
    no ip address
    shutdown
    serial restart-delay 0
    !
    router bgp 64520
    no synchronization
    bgp log-neighbor-changes
    neighbor 1.1.1.1 remote-as 64520
    no auto-summary
    !

    R2 Configuration

    ————————-

    interface FastEthernet0/0
    no ip address
    duplex half
    !
    interface Serial1/0
    ip address 1.1.1.1 255.0.0.0
    serial restart-delay 0
    !
    interface Serial1/1
    ip address 10.10.10.1 255.0.0.0
    serial restart-delay 0
    !
    interface Serial1/2
    no ip address
    shutdown
    serial restart-delay 0
    !
    interface Serial1/3
    no ip address
    shutdown
    serial restart-delay 0
    !
    router bgp 64520
    no synchronization
    bgp log-neighbor-changes
    network 192.168.0.0
    neighbor 1.1.1.2 remote-as 64520
    neighbor 10.10.10.2 remote-as 64530
    no auto-summary
    !

    G2 Configuration
    —————————-
    interface FastEthernet0/0
    no ip address
    shutdown
    duplex half
    !
    interface Serial1/0
    ip address 3.3.3.1 255.0.0.0
    serial restart-delay 0
    !
    interface Serial1/1
    ip address 2.2.2.2 255.0.0.0
    serial restart-delay 0
    !
    interface Serial1/2
    no ip address
    shutdown
    serial restart-delay 0
    !
    interface Serial1/3
    no ip address
    shutdown
    serial restart-delay 0
    !
    router bgp 64530
    no synchronization
    bgp log-neighbor-changes
    network 2.0.0.0
    neighbor 2.2.2.1 remote-as 64520
    neighbor 3.3.3.2 remote-as 64530
    no auto-summary
    !

    G1 configuration
    ——————————
    interface FastEthernet0/0
    ip address 192.168.30.1 255.255.255.0
    duplex half
    !
    interface Serial1/0
    ip address 3.3.3.2 255.0.0.0
    serial restart-delay 0
    !
    interface Serial1/1
    ip address 5.2.2.2 255.0.0.0
    serial restart-delay 0
    !
    interface Serial1/2
    ip address 10.10.10.2 255.0.0.0
    serial restart-delay 0
    !
    interface Serial1/3
    no ip address
    shutdown
    serial restart-delay 0
    !
    router bgp 64530
    no synchronization
    bgp log-neighbor-changes
    neighbor 3.3.3.1 remote-as 64530
    neighbor 5.5.5.1 remote-as 64530
    no auto-summary
    !

    Reply

  • Venkatesh

    |

    I am getting the issue is that ..in R1 & R4 ..rib-failure ..While using # sh ip bgp ..command. ..
    Please help me

    Reply

    • admin

      |

      Hi Venkatesh,

      If you mean current lab, you should see rib failure (r flag) only for local attached routes, while using sh ip bgp.

      On R1:
      R1#show ip bgp
      BGP table version is 4, local router ID is 192.168.0.2
      Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
      r RIB-failure, S Stale
      Origin codes: i - IGP, e - EGP, ? - incomplete

      Network Next Hop Metric LocPrf Weight Path
      r>i192.168.0.0 192.168.0.1 0 100 0 i
      *>i192.168.100.0 192.168.0.1 0 100 0 64530 i

      On R2:
      R2#show ip bgp
      BGP table version is 4, local router ID is 192.168.100.2
      Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
      r RIB-failure, S Stale
      Origin codes: i - IGP, e - EGP, ? - incomplete

      Network Next Hop Metric LocPrf Weight Path
      *>i192.168.0.0 192.168.100.1 0 100 0 64520 i
      r>i192.168.100.0 192.168.100.1 0 100 0 i

      So, when you see a route with status code “r”, it means that the route is not placed in RIB (Routing Information Base) table. To find the reason why a route was not placed in the RIB, use show ip bgp rib-failure

      On R1:
      R1#show ip bgp rib-failure
      Network Next Hop RIB-failure RIB-NH Matches
      192.168.0.0 192.168.0.1 Higher admin distance n/a

      On R2:
      R2#show ip bgp rib-failure
      Network Next Hop RIB-failure RIB-NH Matches
      192.168.100.0 192.168.100.1 Higher admin distance n/a

      As you can see, the reason for RIB failure in our case is a higher administrative distance, and that is true because directly connected routes have admin distance of 0.

      Best Regards

      Reply

  • venkatesh

    |

    Thanks for your quick response..and in future
    while pinging also i am getting packet loss…in GNS3 lab from R1- to-R4 , can you explain me ? what is reason

    Reply

  • jidesh

    |

    link to the ios image u have used plzz

    Reply

  • santosh sharma

    |

    awsome lab. if i connect 2 more routers towards r1 then i think i need to add next-hop-self for 2nd last and for last i need to create static route. as i done this and working fine. tell me if it can be done without static route.

    Reply

    • admin

      |

      Hi,

      Yeah, you’re right. You’ll need to add next-hop-self for the other one as well.
      To avoid the mess with static routes, better setup a dynamic IGP (for example OSPF). If you do so, you can advertise in IGP even the subnet connected to provider (in our case 10.0.0.0/30) and you will not even need next-hop-self.

      Regards.

      Reply

  • Kerry

    |

    I set up the lab in gns3 using 7200 series routers and could not ping from R1 to R2 and visa versa.

    Reply

  • D.P

    |

    Yeah, RIP_failure cases, is that BGP route is not able to insert into ip routing table due higher administrative distance. MEANS,
    On R1 and R2, if you run command,
    # show ip route 192.168.0.0
    out put from this coomand will tell you “directly connected ” with AD of 0, due to lower AD of locally connected route, GBP route for 192.168.0.0 with higher AD hasbeen ignord and not inserted into ip rouitng table. hence Reason for RIP-failure or REST IN PEASE the route 192.168.0.0. LOL

    Reply

  • hernan

    |

    Dear Admin: good afternoon: I’d like to have the command which we need to put on Border_2 to change update source to neighbor R1. In your example you put the command for Border_1.

    Thanks and hope to hearing from you.

    Reply

  • admin

    |

    Hi, this command will do it:

    neighbor 192.168.100.2 next-hop-self

    updated the article as well
    Regards

    Reply

Leave a comment


4 × three =