Basic BGP Configuration

Learning Objectives

Configure basic BGP router settings
Set up BGP router ID and AS number
Configure basic BGP neighbors
Understand BGP network advertisements
Configure BGP redistribution

BGP Router Configuration

BGP configuration begins with enabling the BGP routing process and specifying the local AS number. This is the foundation of all BGP operations.

Basic BGP Router Setup

# Enable BGP routing process
router bgp 65001
 bgp router-id 1.1.1.1
 bgp log-neighbor-changes
 
# Configure synchronization (disabled by default in modern IOS)
 no synchronization
 
# Enable BGP best path selection
 bgp deterministic-med
 bgp always-compare-med

Key BGP Configuration Commands

router bgp [AS-number] - Enable BGP and specify AS number
bgp router-id [IP] - Set BGP router identifier
bgp log-neighbor-changes - Log neighbor state changes
no synchronization - Disable IGP synchronization rule
bgp deterministic-med - Enable deterministic MED comparison

BGP Router ID Selection

The BGP router ID is a 32-bit identifier that must be unique within the AS. It's used for loop prevention and neighbor identification.

Router ID Selection Process

Manually configured router ID (highest priority)
Highest IP address on loopback interfaces
Highest IP address on physical interfaces

Router ID Configuration Examples

# Method 1: Manual configuration
router bgp 65001
 bgp router-id 10.1.1.1

# Method 2: Using loopback interface
interface loopback 0
 ip address 10.1.1.1 255.255.255.255
 
router bgp 65001
 # Router ID will be 10.1.1.1 (loopback IP)

Network Advertisement

BGP can advertise networks through network statements or redistribution. The network command requires exact prefix matches in the routing table.

Network Advertisement Methods

router bgp 65001
 # Method 1: Network statement (requires exact match in routing table)
 network 192.168.1.0 mask 255.255.255.0
 network 10.0.0.0 mask 255.0.0.0
 
 # Method 2: Redistribution from IGP
 redistribute ospf 1 route-map OSPF-TO-BGP
 redistribute connected route-map CONNECTED-TO-BGP
 
 # Method 3: Redistribution from static routes
 redistribute static route-map STATIC-TO-BGP

⚠️ Network Statement Requirements

The network statement in BGP requires an exact match in the routing table. If you configure "network 192.168.1.0 mask 255.255.255.0", there must be an exact entry for 192.168.1.0/24 in the routing table.

BGP Neighbor Configuration

BGP neighbors must be explicitly configured. Unlike IGP protocols, BGP does not use multicast for neighbor discovery.

Basic Neighbor Configuration

router bgp 65001
 # Configure external BGP neighbor
 neighbor 203.0.113.1 remote-as 65002
 neighbor 203.0.113.1 description "ISP-A Connection"
 
 # Configure internal BGP neighbor
 neighbor 10.1.1.2 remote-as 65001
 neighbor 10.1.1.2 description "Internal Router R2"
 neighbor 10.1.1.2 update-source loopback 0

BGP Timers

BGP uses keepalive and hold timers to maintain neighbor relationships. Default values are 60 seconds for keepalive and 180 seconds for hold time.

Timer Configuration

router bgp 65001
 # Configure global timers
 timers bgp 30 90
 
 # Configure per-neighbor timers
 neighbor 203.0.113.1 timers 60 180
 neighbor 10.1.1.2 timers 30 90

BGP Timer Guidelines

Keepalive interval is typically 1/3 of hold time
Shorter timers provide faster convergence but increase overhead
Both neighbors must negotiate compatible hold times
Hold time of 0 disables keepalive messages

Complete Basic Configuration Example

Router R1 Configuration

# Basic BGP configuration for Router R1
hostname R1
!
interface loopback 0
 ip address 10.1.1.1 255.255.255.255
!
interface gigabitethernet 0/0
 ip address 192.168.1.1 255.255.255.0
 no shutdown
!
interface serial 0/0
 ip address 203.0.113.2 255.255.255.252
 no shutdown
!
router bgp 65001
 bgp router-id 10.1.1.1
 bgp log-neighbor-changes
 no synchronization
 bgp deterministic-med
 
 # Advertise local networks
 network 192.168.1.0 mask 255.255.255.0
 network 10.1.1.1 mask 255.255.255.255
 
 # External BGP neighbor
 neighbor 203.0.113.1 remote-as 65002
 neighbor 203.0.113.1 description "ISP-A"
 neighbor 203.0.113.1 timers 60 180
 
 # Internal BGP neighbor
 neighbor 10.1.1.2 remote-as 65001
 neighbor 10.1.1.2 description "Internal-R2"
 neighbor 10.1.1.2 update-source loopback 0
 neighbor 10.1.1.2 next-hop-self
!
ip route 0.0.0.0 0.0.0.0 203.0.113.1 name DEFAULT-ROUTE

Practice Exercise

Basic BGP Configuration Lab

Scenario: Configure BGP on a router with AS 65100, router ID 172.16.1.1, advertising network 192.168.10.0/24 to neighbor 10.0.0.2 in AS 65200.

Your Configuration:

iBGP Configuration

Learning Objectives

Configure internal BGP (iBGP) sessions
Understand iBGP full mesh requirements
Configure iBGP with loopback interfaces
Implement next-hop-self for iBGP
Configure iBGP synchronization rules

iBGP Overview

Internal BGP (iBGP) is used between routers within the same AS. iBGP has different rules and behaviors compared to eBGP to prevent routing loops within an AS.

iBGP vs eBGP Comparison

Aspect	iBGP	eBGP
AS Path Modification	No AS prepending	Prepends local AS
Next Hop	Preserved from eBGP	Set to local interface
Administrative Distance	200	20
Loop Prevention	Split horizon rule	AS path loop detection
TTL	Default 255	Default 1

iBGP Full Mesh Requirement

Due to the split horizon rule, iBGP speakers do not advertise routes learned from one iBGP neighbor to another iBGP neighbor. This requires a full mesh of iBGP sessions.

Full Mesh Formula

For n routers in an AS, the number of iBGP sessions required is: n(n-1)/2

3 routers = 3 sessions
4 routers = 6 sessions
5 routers = 10 sessions
10 routers = 45 sessions

Three-Router iBGP Full Mesh

# Router R1 configuration
router bgp 65001
 neighbor 10.1.1.2 remote-as 65001
 neighbor 10.1.1.3 remote-as 65001

# Router R2 configuration  
router bgp 65001
 neighbor 10.1.1.1 remote-as 65001
 neighbor 10.1.1.3 remote-as 65001

# Router R3 configuration
router bgp 65001
 neighbor 10.1.1.1 remote-as 65001
 neighbor 10.1.1.2 remote-as 65001

iBGP with Loopback Interfaces

Using loopback interfaces for iBGP sessions provides stability and redundancy. Loopback interfaces never go down and can be reached through multiple paths.

iBGP with Loopback Configuration

# Configure loopback interfaces
interface loopback 0
 ip address 10.1.1.1 255.255.255.255

# Configure iBGP with update-source
router bgp 65001
 bgp router-id 10.1.1.1
 
 neighbor 10.1.1.2 remote-as 65001
 neighbor 10.1.1.2 update-source loopback 0
 neighbor 10.1.1.2 description "iBGP-R2"
 
 neighbor 10.1.1.3 remote-as 65001
 neighbor 10.1.1.3 update-source loopback 0
 neighbor 10.1.1.3 description "iBGP-R3"

Update-Source Benefits

Session survives physical interface failures
Consistent source IP for BGP sessions
Easier troubleshooting and management
Load balancing across multiple paths

Next-Hop-Self Configuration

When advertising eBGP routes to iBGP neighbors, the next-hop attribute is preserved. This can cause reachability issues if iBGP neighbors cannot reach the original next-hop.

Next-Hop-Self Implementation

# Without next-hop-self (potential issue)
router bgp 65001
 neighbor 10.1.1.2 remote-as 65001
 neighbor 10.1.1.2 update-source loopback 0
 
# With next-hop-self (recommended)
router bgp 65001
 neighbor 10.1.1.2 remote-as 65001
 neighbor 10.1.1.2 update-source loopback 0
 neighbor 10.1.1.2 next-hop-self
 
# Address family configuration
 address-family ipv4 unicast
  neighbor 10.1.1.2 activate
  neighbor 10.1.1.2 next-hop-self

⚠️ Next-Hop Reachability

Always ensure that iBGP neighbors can reach the next-hop IP address. Use next-hop-self or ensure IGP reachability to external next-hops.

iBGP Authentication

Securing iBGP sessions with MD5 authentication prevents unauthorized BGP speakers from joining the AS.

iBGP Authentication Configuration

# Configure MD5 authentication
router bgp 65001
 neighbor 10.1.1.2 remote-as 65001
 neighbor 10.1.1.2 password cisco123
 neighbor 10.1.1.2 update-source loopback 0
 
# Alternative key chain method
key chain BGP-KEYS
 key 1
  key-string cisco123
  accept-lifetime 00:00:00 Jan 1 2024 infinite
  send-lifetime 00:00:00 Jan 1 2024 infinite

router bgp 65001
 neighbor 10.1.1.2 remote-as 65001
 neighbor 10.1.1.2 password key-chain BGP-KEYS

Practice Exercise

iBGP Configuration Lab

Scenario: Configure iBGP full mesh between three routers in AS 65100. Use loopback interfaces and implement next-hop-self.

Router R1 Configuration:

eBGP Configuration

Learning Objectives

Configure external BGP (eBGP) sessions
Understand eBGP multihop configuration
Configure eBGP authentication
Implement eBGP load balancing
Configure eBGP peer groups

eBGP Overview

External BGP (eBGP) is used between routers in different autonomous systems. eBGP sessions are typically established between directly connected networks.

eBGP Characteristics

Attribute	Default Value	Description
Administrative Distance	20	Lower than iBGP (200)
TTL	1	Direct neighbor only
AS Path	Prepends local AS	Loop prevention mechanism
Next Hop	Local interface IP	Sets to outgoing interface

Basic eBGP Configuration

eBGP neighbors are configured using the remote AS number that differs from the local AS. The connection is typically point-to-point.

Simple eBGP Configuration

# Local AS 65001 connecting to AS 65002
router bgp 65001
 bgp router-id 10.1.1.1
 bgp log-neighbor-changes
 
 # eBGP neighbor configuration
 neighbor 203.0.113.1 remote-as 65002
 neighbor 203.0.113.1 description "ISP-A Primary"
 neighbor 203.0.113.1 password MySecretKey
 
 # Network advertisements
 network 192.168.1.0 mask 255.255.255.0
 
 # Address family configuration
 address-family ipv4 unicast
  neighbor 203.0.113.1 activate
  neighbor 203.0.113.1 soft-reconfiguration inbound
  neighbor 203.0.113.1 route-map ISP-A-IN in
  neighbor 203.0.113.1 route-map ISP-A-OUT out

eBGP Multihop Configuration

When eBGP neighbors are not directly connected, multihop configuration is required to increase the TTL value and allow packets to traverse multiple hops.

eBGP Multihop Setup

# eBGP multihop configuration
router bgp 65001
 neighbor 203.0.113.10 remote-as 65002
 neighbor 203.0.113.10 description "ISP-A Loopback"
 neighbor 203.0.113.10 ebgp-multihop 2
 neighbor 203.0.113.10 update-source loopback 0
 
# Static route to reach multihop neighbor
ip route 203.0.113.10 255.255.255.255 203.0.113.1

Multihop Use Cases

eBGP between loopback interfaces
eBGP across a switch or hub
eBGP through a firewall
Load balancing across multiple links

eBGP Load Balancing

BGP can perform load balancing across multiple equal-cost paths. This requires identical path attributes for the routes.

eBGP Load Balancing Configuration

router bgp 65001
 # Enable maximum paths for load balancing
 maximum-paths 4
 
 # Configure multiple eBGP neighbors
 neighbor 203.0.113.1 remote-as 65002
 neighbor 203.0.113.1 description "ISP-A Link-1"
 
 neighbor 203.0.113.5 remote-as 65002
 neighbor 203.0.113.5 description "ISP-A Link-2"
 
 # Ensure consistent path attributes
 address-family ipv4 unicast
  neighbor 203.0.113.1 activate
  neighbor 203.0.113.1 route-map SET-SAME-ATTRIBUTES in
  neighbor 203.0.113.5 activate
  neighbor 203.0.113.5 route-map SET-SAME-ATTRIBUTES in
  
# Route map to normalize path attributes
route-map SET-SAME-ATTRIBUTES permit 10
 set local-preference 100
 set weight 0

eBGP Peer Groups

Peer groups simplify configuration when multiple neighbors share the same policies. They improve router performance and reduce configuration complexity.

eBGP Peer Group Configuration

router bgp 65001
 # Create peer group
 neighbor ISP-A-GROUP peer-group
 neighbor ISP-A-GROUP remote-as 65002
 neighbor ISP-A-GROUP description "ISP-A Connections"
 neighbor ISP-A-GROUP password SharedSecret
 neighbor ISP-A-GROUP timers 30 90
 
 # Assign neighbors to peer group
 neighbor 203.0.113.1 peer-group ISP-A-GROUP
 neighbor 203.0.113.5 peer-group ISP-A-GROUP
 neighbor 203.0.113.9 peer-group ISP-A-GROUP
 
 # Address family configuration
 address-family ipv4 unicast
  neighbor ISP-A-GROUP activate
  neighbor ISP-A-GROUP soft-reconfiguration inbound
  neighbor ISP-A-GROUP route-map ISP-A-IN in
  neighbor ISP-A-GROUP route-map ISP-A-OUT out

Practice Exercise

eBGP Configuration Lab

Scenario: Configure eBGP connection to ISP with AS 65500. Implement authentication, filtering, and load balancing across two links.

Your eBGP Configuration:

BGP Verification

Learning Objectives

Verify BGP neighbor relationships
Examine BGP routing tables
Troubleshoot BGP path selection
Monitor BGP performance
Analyze BGP attributes

BGP Summary Information

The most important command for BGP verification is show ip bgp summary, which provides an overview of all BGP neighbors and their status.

show ip bgp summary

Router# show ip bgp summary
BGP router identifier 10.1.1.1, local AS number 65001
BGP table version is 45, main routing table version 45
10 network entries using 1480 bytes of memory
15 path entries using 1260 bytes of memory
4/3 BGP path/bestpath attribute entries using 544 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 3332 total bytes of memory
BGP activity 20/10 prefixes, 25/10 paths, scan interval 60 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
203.0.113.1     4 65002    1234    1456       45    0    0 2d3h            5
10.1.1.2        4 65001     987     876       45    0    0 1d4h            8
10.1.1.3        4 65001     654     543       45    0    0 12h             3

Summary Fields Explained

State/PfxRcd: Number shows established neighbor with route count
TblVer: BGP table version number
InQ/OutQ: Input/Output queue depths
Up/Down: Time since last state change
MsgRcvd/MsgSent: Message counters

BGP Routing Table

The BGP routing table shows all BGP routes with their attributes and path information.

show ip bgp

Router# show ip bgp
BGP table version is 45, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, 
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, 
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>  192.168.1.0/24   0.0.0.0                  0         32768 i
 *   192.168.2.0/24   203.0.113.1              0             0 65002 i
 *>i                  10.1.1.2                 0    100      0 i
 *>  192.168.3.0/24   203.0.113.1              0             0 65002 65003 i
 *>i 10.0.0.0/8       10.1.1.2                 0    100      0 i
 *>  0.0.0.0          203.0.113.1              0             0 65002 i

Status Codes Explained

*: Valid route
>: Best path (installed in RIB)
i: Internal (iBGP) route
r: RIB failure (not installed)
s: Suppressed route
d: Damped route

BGP Troubleshooting Commands

Essential commands for diagnosing BGP issues.

Troubleshooting Commands

# Clear BGP sessions
clear ip bgp *
clear ip bgp 203.0.113.1
clear ip bgp 203.0.113.1 soft

# Debug BGP (use with caution)
debug ip bgp updates
debug ip bgp keepalives
debug ip bgp events

# Show BGP inconsistencies
show ip bgp inconsistent-as
show ip bgp paths inconsistent

# Verify route maps and filters
show route-map
show ip prefix-list
show ip as-path-access-list

Common Verification Scenarios

BGP Health Check Procedure

Check neighbor status: show ip bgp summary
Verify routes received: show ip bgp neighbors [ip] routes
Check best path selection: show ip bgp [network]
Examine routing table: show ip route bgp
Verify advertisements: show ip bgp neighbors [ip] advertised-routes
Check for issues: show ip bgp inconsistent-as

Practice Exercise

BGP Verification Lab

Scenario: You need to verify BGP operations and troubleshoot a routing issue. Use the appropriate show commands.

Network Topology:

R1 (AS 65001) ↔ R2 (AS 65002) ↔ R3 (AS 65003)

Network 192.168.1.0/24 not appearing in R1's routing table

Troubleshooting Steps:

Previous: BGP Attributes Next: Advanced BGP