Friday, July 15, 2011

notes: BGP Peering

The command 'neighbor 1.2.3.4 remote-as 100' explained
- The local router listens for the address 1.2.3.4 starting a TCP session to destination (dst) port 179
or the local router could initiate a TCP session to 1.2.3.4 on dst port 179.
- By default the source (src) IP is the IP configured on the outgoing interface.
- This is called the BGP update source, and can be manually configured "neighbor update-source" command.
- Recursive lookups are used to determine the outgoing interface to the destination.
- Unexpected BGP session will be refused, which includes the src/dst IP address, dst port, AS-number and authentication.
- If AS-numbers match between peers, the session according to Cisco IOS is iBGP, else it is eBGP. (Different to vendor 'J')

Note:  peering between 2 peers  the direction is from higher IP address to Lower IP Address

2.2.2.2(1024>)----->1.1.1.1(179)

- The IDLE state indicates that the router is currently not attempting any connection establishments.

- The BGP states are:
Idle
Active
OpenSent
OpenConfirm
Established

- The BGP Open message contains the following fields:

BGP version number - Has to match between neighbors.
Local AS number - Has to match between neighbors.
Holdtime - Routers agree on lowest suggested value between neighbors.
BGP router identifier (RID)
Optional parameters
- Test a connection between peers to confirm connectivity, by using "telnet {dst-ip} 179 /source-interface" .

-----------
COMMANDS
-----------

- Good for testing connectivity between peers

 telnet {peer ip} {port-179} {/source} 



- Good for seeing the TCP session being build, with src and dst IP's and ports

debug ip tcp packet detail

- Displays all TCP transactions (start of session, session errors, etc.)

debug ip tcp transactions

- Displays the BGP state transitions

debug ip bgp events 

- Debugs BGP keepalive packets

debug ip bgp keepalives

 - Displays all incoming or outgoing BGP updates (!!USE WITH CAUTION!!)

debug ip bgp updates [acl]

- Displays all BGP updates received from or sent to a BGP neighbor
[acl] Optionally matching an IP access-list. (Recommended)

debug ip bgp [ip] updates [acl]

- enabling bgp
AS - 16 bit
64512-65535 (Private)
router bgp {asn}


- Defines an external/internal neighbor as per their ASN

neighbor {ip|peer-group} remote-as {asn}

- Assigns a description to an external neighbor. Text can be up to 80 characters

neighbor {ip|peer-group} description {text}

 - Disables communication with a BGP neighbor
    Recommended while doing extensive modification to routing policies

neighbor {ip|peer-group} shutdown

- Specifies the source interface for the TCP session that

neighbor {ip|peer-group} update-source {int}

No comments:

Post a Comment