BGP Confederation and Communities Labb

BGP Confederation and Communities Lab
Lab Objectives
Intro
AS 500 is a transit AS for AS 1011 and AS 12. AS 500 has multiple iBGP peering and requires the use of
confederation along with Route Reflectors to scale their AS. Within AS 500:
● R1 is a RR in sub-AS 65123
● Routers in sub-AS only peer with RR
Basic config
- Configure IP addressing and loopbacks as indicated in the diagram
- for example: R1's loopback should be 10.2.1.1/32 its link to R2 should be 10.1.12.1/24
- 172.16.1.0/24 in Sub-AS 65789 is a loopback attached to R9 do not advertise into IGP
- 172.16.2.0/24 in Sub-AS 65789 is a loopback attached to R7 do not advertise into IGP
- AS 500 uses OSPF as the IGP with all links as P2P
- Advertise all external links into the IGPs ensuring no routing adjacencies will form on
these links
- AS 1011 uses EIGRP (named mode) as IGP
- Advertise all external links into the IGPs ensuring no routing adjacencies will form on
these links.
- Advertise the following networks into BGP
- AS 1011
- 10.10.1.0/24; 11.11.1.0/24, 100.1.1.0/24
- AS500
- 172.16.1.0/24
- 172.16.2.0/24
- AS 12
- 12.12.1.0/24; 12.12.2.0/24
Routing
Task 1
- The 172.16.1.0/24 network is a loopback on R9 and should only be advertised within AS500.
- Do not use prefix-list or an access-list to do this.
- Only make changes on R9.
Task 2
- The 172.16.2.0/24 network should not be advertised outside Sub-AS 65789
Task 3
- R1, R4, and R7 attach community 1:1, 4:4, or 7:7 respectively to 172.16.1.0/24 if they advertise
them to other neighbors.
- The prefix should still be bound to the advertisement scope as previously stated
- Make sure R2 and R3 always choose R7’s path as best path to reach 172.16.1.0/24
- You cannot use prefix-lists, ip as-path access-lists, access-lists, or modify any
BGP attributes to achieve this.
Task 4
- AS 500 needs to provide traffic engineering capabilities using communities for AS 1011 and 12.
- Community 500:90 should set the local preference to 90 on AS 500 edge routers
Task 5
- Traffic to 100.1.1.0/24 in AS 1011 should always enter on R11
- Do not modify AS_PATH, MED, or Origin
Task 6
Task 7
- Traffic to 10.10.1.0/24 in AS 1011 should enter on R11
Task 8
- Traffic to 12.12.1.0/24 in AS 12 should enter F1/0 on R12
- Do not modify AS_PATH or ORIGIN
- Do not use communities
Task 9
- Do not modify AS_PATH

SOLUTION
The key to this lab is that all routers need to be configured to send communities to the other
routers. If this is not done, then the community strings will be stripped off before being sent
between routers.

Task 1
- The 172.16.1.0/24 network is a loopback on R9 and should only be advertised within AS500.
Explanation:
This task requires use of the NO EXPORT well-known community. The NO EXPORT
well-known community will automatically prevent routers in AS 500 from advertising routes
tagged with that community to any eBGP neighbors.
The community value must be applied on the network command on R9 to prevent it from
advertising the community to its eBGP neighbor R10.
Configuration:
R9:
route-map NO_EXPORT permit 10

set community no-export
!
router bgp 65789

network 172.16.1.0 mask 255.255.255.0 route-map NO_EXPORT
Task 2
- The 172.16.2.0/24 network should not be advertised outside Sub-AS 65789
Explanation
This task makes use of the LOCAL AS well-known community. The LOCAL AS well-known
community will cause the router not to advertise the prefix tagged with this community to any
neighbor outside of its own sub-AS.
The community value must be applied on the network command on R7 to prevent it from
advertising it to its confederation eBGP peers R4 and R1.
Configuration:
R7:
route-map LOCAL_AS permit 10

set community local-AS
!
router bgp 65789
network 172.16.2.0 mask 255.255.255.0 route-map LOCAL_AS
Task 3
- R1, R4, and R7 attach community 1:1, 4:4, or 7:7 respectively to 172.16.1.0/24 if they advertise
them to other neighbors.
- The prefix should still be bound to the advertisement scope as previously stated
- Make sure R2 and R3 always choose R7’s path as best path to reach 172.16.1.0/24
- You cannot use prefix-lists, ip as-path access-lists, access-lists, or modify any
BGP attributes to achieve this.
Explanation:
The key to this task is making use of the additive keyword when marking prefixes with
communities. Without the additive keyword, the router will remove all of the community values
attached to a prefix with the communities set in the set community clause of the route map.
The last part of this objective requires setting the BGP router-id of R7 to a lower value than R1
and R4. When R4 and R1 compare routes, all attributes will tie and because the routes are all
considered internal routes, the tie-breaker will be lowest RID. Setting R7’s lowest ensures that
R4 and R1 choose R7’s route over each other’s. This ensures the most optimal path is taken to
reach 172.16.1.0/24.
Configuration:
R7:
ip prefix-list TAG seq 5 permit 172.16.1.0/24
!
route-map TAG permit 10
match ip address prefix-list TAG
set community 7:7 additive
!
router bgp 65789
bgp router-id 7.7.7.7
neighbor PEERS route-map TAG out
neighbor 10.2.1.1 route-map TAG out
R4:
ip prefix-list TAG permit 172.16.1.0/24

!
match ip address prefix TAG
!
router bgp 65456
R1:
ip prefix-list TAG permit 172.16.1.0/24

!
match ip address prefix TAG
!
router bgp 65123
Task 4
- AS 500 needs to provide traffic engineering capabilities using communities for AS 1011 and 12.
Explanation:
AS 500 needs to set up special route-maps to match the community values specified and set
the local preference accordingly. These route maps need to be applied inbound on all external
peerings, specifically between R3 and R11, R6 and R12, R8 and R12, and finally between R9
and R10.
R3:
ip community-list standard 500:110 permit 500:110

!
route-map SET_LOCAL_PREF permit 10
match community 500:90
set local-preference 90
!
router bgp 65123
neighbor 200.113.1.11 route-map SET_LOCAL_PREF in
R6:

!
!
router bgp 65456
R8:

!
!
router bgp 65789
R9:

!
!
router bgp 65789
Task 5
Explanation:
This task takes advantage of the Community strings provided by AS 500 to its customers. By
sending the 100.1.1.0/24 prefix to AS 500 from R11 with a the community value 500:110, R3 will
set the local preference for that route to 110--higher than the default 100. This forces AS 500 to
send traffic for that prefix outbound towards R11.
Configuration:
R11:
ip prefix-list PREFER seq 5 permit 100.1.1.0/24

!
route-map SET_PREF permit 10
match ip address prefix-list PREFER
set community 500:110
!
router bgp 1011
bgp log-neighbor-changes
neighbor 200.113.1.3 route-map SET_PREF out
Task 6
Explanation:
sending the 11.11.1.0/24 prefix to AS 500 from R10 with a the community value 500:110, R9 will
set the local preference for that route to 110--higher than the default 100. This forces AS 500 to
send traffic for that prefix outbound towards R10.
Configuration:
R10:

!
match ip address prefix-list PREFER
set community 500:110
!
router bgp 1011
neighbor 200.110.1.9 route-map SET_PREF out
Task 7
- Traffic to 10.10.1.0/24 in AS 1011 should enter on R11
Explanation:
sending the 10.10.10.0/24 prefix to AS 500 from R11 with a the community value 500:110, R3
will set the local preference for that route to 110--higher than the default 100. This forces AS
500 to send traffic for that prefix outbound towards R11.
Configuration:
R11:
Task 8
Explanation:
This task takes advantage of MED to influence AS 500’s routing decision to AS 120. By sending
its prefix 12.12.1.0/24 from R12 to R6 with a MED value of 1 and to R8 with a MED value of 0,
AS 500 will prefer to route traffic to this prefix to R12’s F1/0 interface.
Configuration:
R12:
ip prefix-list SET_MED_1 seq 5 permit 12.12.1.0/24

!
route-map SET_MED_2 permit 10
match ip address prefix-list SET_MED_1
set metric 1
!
set metric 0
!
router bgp 12
neighbor 200.126.1.6 route-map SET_MED_1 out
neighbor 200.128.1.8 route-map SET_MED_2 out
Task 9
Explanation:
Using the previous solution as a base, simply creating a second prefix-list and adding an
additional route-map statement to the appropriate route-maps will provide the opposite behavior
as the previous task. AS 500 will prefer to route traffic to 12.12.2.0/24 to F1/1 on R12.
Configuration:
R12:
ip prefix-list SET_MED_2 seq 5 permit 12.12.2.0/24

!

set metric 0
!
set metric 1

BGP Confederation and Communities Labb

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

BGP Confederation and Communities Labb

Uploaded by

Copyright:

Available Formats

BGP Confederation and Communities Lab

route-map NO_EXPORT permit 10

router bgp 65789

route-map LOCAL_AS permit 10

ip prefix-list TAG seq 5 permit 172.16.1.0/24

ip prefix-list TAG permit 172.16.1.0/24

ip prefix-list TAG permit 172.16.1.0/24

ip community-list standard 500:110 permit 500:110

ip community-list standard 500:110 permit 500:110

ip community-list standard 500:110 permit 500:110

ip community-list standard 500:110 permit 500:110

ip prefix-list PREFER seq 5 permit 100.1.1.0/24

ip prefix-list PREFER seq 5 permit 11.11.1.0/24

ip prefix-list PREFER seq 10 permit 10.10.1.0/24

ip prefix-list SET_MED_1 seq 5 permit 12.12.1.0/24

ip prefix-list SET_MED_2 seq 5 permit 12.12.2.0/24

route-map SET_MED_2 permit 20

You might also like