Internet Routing Architectures (CISCO):Configurinbg Effective Internet Routing Policies

Table of Contents

RTD is a border router for confederation 3. RTD is running EBGP with RTH in AS2 and a full IBGP mesh with routers RTE and RTF in sub-AS65060. RTD has all its interfaces in area 0. RTD is not running OSPF on the external link to AS2. This is why the next hop of external updates coming to RTD has to be set to self before the routes are propagated to RTF and RTE.

RTD configuration:

   router ospf 10
    network 172.16.0.0 0.0.255.255 area 0.0.0.0

   router bgp 65060
    no synchronization
    bgp confederation identifier 3
    network 172.16.90.0 mask 255.255.255.0
    network 172.16.30.0 mask 255.255.255.0
    neighbor 172.16.25.2 remote-as 65060
    neighbor 172.16.25.2 next-hop-self
    neighbor 172.16.30.1 remote-as 65060
    neighbor 172.16.30.1 next-hop-self
    neighbor 192.68.20.2 remote-as 2
    neighbor 172.16.20.2 filter-list 10 out
    no auto-summary

    ip as-path access-list 10 permit ^$

RTE has all its interfaces in OSPF area 5 and is running a full IBGP mesh with RTF and RTD.

RTE configuration:

   router ospf 10
    network 172.16.0.0 0.0.255.255 area 5

   router bgp 65060
    no synchronization
    bgp confederation identifier 3
    network 172.16.60.0 mask 255.255.255.0
    network 172.16.25.0 mask 255.255.255.0
    neighbor 172.16.25.1 remote-as 65060
    neighbor 172.16.30.2 remote-as 65060
    no auto-summary

RTH is a BGP border router in AS2 that is running EBGP with AS1 and AS3. RTH has no visibility to the sub-AS in confederation 3.

RTH configuration:

    router bgp 2
    network 192.68.222.0
    neighbor 192.68.6.2 remote-as 1
    neighbor 192.68.20.1 remote-as 3
    no auto-summary

Let us look at some excerpts from the BGP tables:

Note how RTH sees all routes via two paths—one via AS1 and one via AS3. As you can see, all the sub-ASs are hidden from RTH.

    RTH#show ip bgp
    BGP table version is 477, local router ID is 192.68.222.1
    Status codes: s suppressed, * valid, > best, i - internal
    Origin codes: i - IGP, e - EGP, ? - incomplete
     Network          Next Hop     Metric LocPrf Weight Path
    *> 172.16.25.0/24   192.68.20.1           0 3 i
    *                   192.68.6.2        0 1 3 i
    *> 172.16.30.0/24   192.68.20.1    0      0 3 i
    *                   192.68.6.2        0 1 3 i
    *> 172.16.50.0/24   192.68.20.1           0 3 i
    *                   192.68.6.2        0 1 3 i
    *> 172.16.60.0/24   192.68.20.1           0 3 i
    *                   192.68.6.2        0 1 3 i
    *> 172.16.70.0/24   192.68.20.1           0 3 i
    *                   192.68.6.2        0 1 3 i
    *> 172.16.90.0/24   192.68.20.1   0       0 3 i
    *                   192.68.6.2        0 1 3 i
    *> 172.16.65.0/26   192.68.20.1           0 3 i
    *                   192.68.6.2        0 1 3 i
    *> 172.16.112.0/24  192.68.20.1           0 3 i
    *                   192.68.6.2        0 1 3 i
    *> 172.16.220.0/24  192.68.20.1           0 3 i
    *                   192.68.6.2        0 1 3 i
    *> 192.68.11.0      192.68.6.2    0       0 1 i
    *                   192.68.20.1       0 3 1 i
    *> 192.68.222.0     0.0.0.0      0   32768 i

Looking at RTA's BGP table, all the sub-ASs are indicated between parentheses (). Any path taken between sub-ASs has a length of 0. Note how prefix 192.68.222.0/24 is learned via two paths, one internal via (65060) 2, and the other external via 1 2. The path length of the internal route via (65060) 2 is considered to be shorter because the sub-ASs are not counted in calculating the path length. This is why the internal path has been chosen over the external path.

    RTA#show ip bgp
    BGP table version is 13, local router ID is 172.16.220.1
    Status codes: s suppressed, d damped, h history,
    * valid, > best,
    i - internal Origin codes: i - IGP, e - EGP, ? - incomplete
      Network           Next Hop     Metric LocPrf Weight Path
    *>i172.16.25.0/24  172.16.50.1       0    100  0(65060) i
    *>i172.16.30.0/24  172.16.50.1       0    100  0(65060) i
    *>i172.16.50.0/24  172.16.70.2       0    100  0 i
    *>i172.16.60.0/24  172.16.50.1       0    100  0(65060) i
    *> 172.16.70.0/24  0.0.0.0           0    32768 i
    * i             172.16.70.2       0    100   0 i
    *>i172.16.90.0/24  172.16.50.1        0   100   0(65060) i
    *>i172.16.65.0/26  172.16.50.1        0   100   0(65060) i
    *>i172.16.112.0/24 172.16.70.2         0   100  0 i
    *> 172.16.220.0/24  0.0.0.0       0         32768 i
    *> 192.68.11.0     172.16.20.1      0           0 1 i
    * 192.68.222.0        172.16.20.1                 0 1 2 i
    *>i        172.16.50.1            100      0(65060) 2 i

Note how the following excerpt shows how RTF considers all routes coming from sub-AS65050 as being confederation external routes (confed-external). BGP performs its decision process within a confederation in the following manner: EBGP is more preferred than confed-external, which is more preferred than internal.

    RTF#show ip bgp 172.16.220.0
    BGP routing table entry for 172.16.220.0/24, version 22
    Paths: (1 available, best #1, advertised over IBGP)
    (65050)
    172.16.50.2 from 172.16.50.2 (172.16.112.1)
    Origin IGP, metric 0, localpref 100, valid, confed-external, best

Table of Contents