Tags

, , , ,


BGP, this is where it starts to get different with IOS XR.
First up, configuring an iBGP peering with R2’s 150.1.12.2 in AS1 and advertise our loopback interface.
RP/0/7/CPU0:R1(config)#
RP/0/7/CPU0:R1(config)#router bgp 1
Let’s define the network we want to advertise, under the address family:
RP/0/7/CPU0:R1(config-bgp)#address-family ipv4 unicast
RP/0/7/CPU0:R1(config-bgp-af)#net 1.1.1.1/32
RP/0/7/CPU0:R1(config-bgp-af)#exit
Now, we can configure the neighbor.  Notice all the commands for the neighbor are under the neighbor now – not next to the neighbor.
RP/0/7/CPU0:R1(config-bgp)#nei 150.1.12.2
RP/0/7/CPU0:R1(config-bgp-nbr)#remote-as 1
RP/0/7/CPU0:R1(config-bgp-nbr)#address-family ipv4 unicast
RP/0/7/CPU0:R1(config-bgp-nbr-af)#exit
RP/0/7/CPU0:R1(config-bgp-nbr)#comm
Thu Mar 29 22:47:05.147 UTC
RP/0/7/CPU0:R1(config-bgp)#exit
RP/0/7/CPU0:R1(config)#exit
Now, time to see if we have a neighbor established:
RP/0/7/CPU0:R1#sh bgp nei 150.1.12.2
Thu Mar 29 22:48:13.338 UTC

BGP neighbor is 150.1.12.2
 Remote AS 1, local AS 1, internal link
 Remote router ID 2.2.2.2
  BGP state = Established, up for 00:00:24
  Last read 00:00:24, Last read before reset 00:00:00
  Hold time is 180, keepalive interval is 60 seconds
  Configured hold time: 180, keepalive: 60, min acceptable hold time: 3
  Last write 00:00:24, attempted 19, written 19
  Second last write 00:00:24, attempted 53, written 53
  Last write before reset 00:00:00, attempted 0, written 0
  Second last write before reset 00:00:00, attempted 0, written 0
  Last write pulse rcvd  Mar 29 22:47:49.296 last full not set pulse count 4
  Last write pulse rcvd before reset 00:00:00
  Socket not armed for io, armed for read, armed for write
  Last write thread event before reset 00:00:00, second last 00:00:00
  Last KA expiry before reset 00:00:00, second last 00:00:00
  Last KA error before reset 00:00:00, KA not sent 00:00:00
  Last KA start before reset 00:00:00, second last 00:00:00
  Precedence: internet
  Neighbor capabilities:
    Route refresh: advertised and received
    4-byte AS: advertised and received
    Address family IPv4 Unicast: advertised and received
  Received 2 messages, 0 notifications, 0 in queue
  Sent 2 messages, 0 notifications, 0 in queue
  Minimum time between advertisement runs is 0 secs
 For Address Family: IPv4 Unicast
  BGP neighbor version 0
  Update group: 0.2 Filter-group: 0.1  No Refresh request being processed
  Route refresh request: received 0, sent 0
  0 accepted prefixes, 0 are bestpaths
  Cumulative no. of prefixes denied: 0.
  Prefix advertised 0, suppressed 0, withdrawn 0
  Maximum prefixes allowed 524288
  Threshold for warning message 75%, restart interval 0 min
  AIGP is enabled
  An EoR was not received during read-only mode
  Last ack version 1, Last synced ack version 0
  Outstanding version objects: current 0, max 0
  Additional-paths operation: None
  Connections established 1; dropped 0
  Local host: 150.1.12.1, Local port: 33432
  Foreign host: 150.1.12.2, Foreign port: 179
  Last reset 00:00:00
Cool, neighbor is up and active.
Now, time to check our BGP summary to see what routes we have.
RP/0/7/CPU0:R1#sh ip bgp
Thu Mar 29 22:48:51.876 UTC
BGP router identifier 1.1.1.1, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0xe0000000   RD version: 4
BGP main routing table version 4
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
               i - internal, r RIB-failure, S stale
 Origin codes: i - IGP, e - EGP, ? - incomplete
    Network            Next Hop            Metric LocPrf Weight Path
 *> 1.1.1.1/32         0.0.0.0                  0         32768 i
 *>i2.2.2.2/32         150.1.12.2               0    100      0 i

Processed 2 prefixes, 2 paths
RP/0/7/CPU0:R1#
Cool, we have a route to R2 Loopback interface.  Lets PING it!
RP/0/7/CPU0:R1#ping 2.2.2.2 so l0
Thu Mar 29 22:52:17.899 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/3 ms
RP/0/7/CPU0:R1#
We have connectivity!
Here is the IOS XR Config:
RP/0/7/CPU0:R1#sh run | begin bgp
Thu Mar 29 22:56:17.937 UTC
Building configuration…
router bgp 1
 address-family ipv4 unicast
  network 1.1.1.1/32
 !
 neighbor 150.1.12.2
  remote-as 1
  address-family ipv4 unicast
  !
 !
!
end
RP/0/7/CPU0:R1#
Here is the same IOS config.  With a single neighbor it is pretty simple.
router bgp 1
network 1.1.1.1 mask 255.255.255.255
 neighbor 150.1.12.2 remote-as 1
Now for eBGP – here is where it starts gets interesting!
First we need to configure an IGP so that we can establish Loopback connectivity – for this we will use ISIS:
RP/0/7/CPU0:R1(config)#router ISIS LAB
RP/0/7/CPU0:R1(config-isis)#net 49.0000.0000.0001.00
RP/0/7/CPU0:R1(config-isis)#interface l0
RP/0/7/CPU0:R1(config-isis-if)#address-family ipv4
RP/0/7/CPU0:R1(config-isis-if)#exit
RP/0/7/CPU0:R1(config-isis)#interface g0/3/0/2
RP/0/7/CPU0:R1(config-isis-if)#address-family ipv4
RP/0/7/CPU0:R1(config-isis-if)#exit
RP/0/7/CPU0:R1(config-isis)#is-type level-2
RP/0/7/CPU0:R1(config-isis)#commit
RP/0/7/CPU0:R1(config-isis-if-af)#exit
RP/0/7/CPU0:R1(config-isis-if)#exit
RP/0/7/CPU0:R1(config-isis)#exit
Now we need to configure an interface to advertise via BGP – here we will create Loop100 with an IP of 100.100.100.100/32
RP/0/7/CPU0:R1(config)#int loop100
RP/0/7/CPU0:R1(config-if)#ip add 100.100.100.100/32
RP/0/7/CPU0:R1(config-if)#comm
Thu Mar 29 23:12:31.681 UTC
RP/0/7/CPU0:R1(config-if)#exit
Now to configured eBGP.
We will peer with R2 loopback’s (2.2.2.2) and their remote AS of 2.
First we define our BGP processed (ID 1)
RP/0/7/CPU0:R1(config)#
RP/0/7/CPU0:R1(config-if)#router bgp 1
Define the networks we want to advertise
RP/0/7/CPU0:R1(config-bgp)#address-family ipv4 unicast
RP/0/7/CPU0:R1(config-bgp-af)#net 100.100.100.100/32
RP/0/7/CPU0:R1(config-bgp-af)#exit
Now we can configure our neighbor
RP/0/7/CPU0:R1(config-bgp)#nei 2.2.2.2
RP/0/7/CPU0:R1(config-bgp-nbr)#remote-as 2
RP/0/7/CPU0:R1(config-bgp-nbr)#ebgp-multihop   
RP/0/7/CPU0:R1(config-bgp-nbr)#up loopback 0
RP/0/7/CPU0:R1(config-bgp-nbr)#address-family ipv4 un
And finally commit our changes.
RP/0/7/CPU0:R1(config-bgp-nbr-af)#comm
Thu Mar 29 23:18:06.455 UTC
RP/0/7/CPU0:R1(config-bgp-nbr-af)#exit
RP/0/7/CPU0:R1(config-bgp-nbr)#exit
RP/0/7/CPU0:R1(config-bgp)#exit
RP/0/7/CPU0:R1(config)#exit
RP/0/7/CPU0:R1#
Ok, now that we have that configured – time to look at our routing table, we should see a route to 200.200.200.200/32.
RP/0/7/CPU0:R1#sh ip route
Thu Mar 29 23:24:25.533 UTC
Codes: C – connected, S – static, R – RIP, B – BGP
       D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
       N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
       E1 – OSPF external type 1, E2 – OSPF external type 2, E – EGP
       i – ISIS, L1 – IS-IS level-1, L2 – IS-IS level-2
       ia – IS-IS inter area, su – IS-IS summary null, * – candidate default
       U – per-user static route, o – ODR, L – local, G  – DAGR
       A – access/subscriber, (!) – FRR Backup path
Gateway of last resort is not set
L    1.1.1.1/32 is directly connected, 02:26:47, Loopback0
i L2 2.2.2.2/32 [115/20] via 150.1.12.2, 00:13:05, GigabitEthernet0/3/0/2
L    100.100.100.100/32 is directly connected, 00:11:53, Loopback100
C    150.1.12.0/24 is directly connected, 02:27:12, GigabitEthernet0/3/0/2
L    150.1.12.1/32 is directly connected, 02:26:47, GigabitEthernet0/3/0/2
RP/0/7/CPU0:R1#
Hmm, no route – why is that?  Is the neighbor up?
Lets check:
RP/0/7/CPU0:R1#sh ip bgp summ
Thu Mar 29 23:25:12.041 UTC
BGP router identifier 1.1.1.1, local AS number 1
BGP generic scan interval 60 secs
BGP table state: Active
Table ID: 0xe0000000   RD version: 7
BGP main routing table version 7
BGP scan interval 60 secs
BGP is operating in STANDALONE mode.

Process       RcvTblVer   bRIB/RIB   LabelVer  ImportVer  SendTblVer  StandbyVer
 Speaker               7          7          7          7           7           7

Some configured eBGP neighbors (under default or non-default vrfs)
do not have both inbound and outbound policies configured for IPv4 Unicast
address family. These neighbors will default to sending and/or
receiving no routes and are marked with ‘!’ in the output below.
Use the ‘show bgp neighbor <nbr_address>’ command for details.

Neighbor        Spk    AS MsgRcvd MsgSent   TblVer  InQ OutQ  Up/Down  St/PfxRcd
 2.2.2.2           0     2       7       6        7    0    0 00:03:09          0!

RP/0/7/CPU0:R1#
Yup, we are up for over 3 minutes now – but wait, we have an ! mark there – no routes received.
It says to use the show bgp neighbors address for details.  Let’s see what that says.
RP/0/7/CPU0:R1#sh bgp neighbors 2.2.2.2
Thu Mar 29 23:26:12.572 UTC
BGP neighbor is 2.2.2.2
 Remote AS 2, local AS 1, external link
 Remote router ID 2.2.2.2
  BGP state = Established, up for 00:04:10
  Last read 00:00:05, Last read before reset 00:00:00
  Hold time is 180, keepalive interval is 60 seconds
  Configured hold time: 180, keepalive: 60, min acceptable hold time: 3
  Last write 00:00:05, attempted 19, written 19
  Second last write 00:01:05, attempted 19, written 19
  Last write before reset 00:00:00, attempted 0, written 0
  Second last write before reset 00:00:00, attempted 0, written 0
  Last write pulse rcvd  Mar 29 23:26:07.793 last full not set pulse count 14
  Last write pulse rcvd before reset 00:00:00
  Socket not armed for io, armed for read, armed for write
  Last write thread event before reset 00:00:00, second last 00:00:00
  Last KA expiry before reset 00:00:00, second last 00:00:00
  Last KA error before reset 00:00:00, KA not sent 00:00:00
  Last KA start before reset 00:00:00, second last 00:00:00
  Precedence: internet
  Enforcing first AS is enabled
  Neighbor capabilities:
    Route refresh: advertised and received
    4-byte AS: advertised and received
    Address family IPv4 Unicast: advertised and received
  Received 8 messages, 0 notifications, 0 in queue
  Sent 7 messages, 0 notifications, 0 in queue
  Minimum time between advertisement runs is 30 secs
 For Address Family: IPv4 Unicast
  BGP neighbor version 7
  Update group: 0.2 Filter-group: 0.1  No Refresh request being processed
  eBGP neighbor with no inbound or outbound policy; defaults to ‘drop’
  Route refresh request: received 0, sent 0
  0 accepted prefixes, 0 are bestpaths
  Cumulative no. of prefixes denied: 1.
    No policy: 1, Failed RT match: 0
    By ORF policy: 0, By policy: 0
  Prefix advertised 0, suppressed 0, withdrawn 0
  Maximum prefixes allowed 524288
  Threshold for warning message 75%, restart interval 0 min
  An EoR was not received during read-only mode
  Last ack version 7, Last synced ack version 0
  Outstanding version objects: current 0, max 0
  Additional-paths operation: None
  Connections established 1; dropped 0
  Local host: 1.1.1.1, Local port: 58277
  Foreign host: 2.2.2.2, Foreign port: 179
  Last reset 00:00:00
  External BGP neighbor may be up to 255 hops away.
RP/0/7/CPU0:R1# 
Ahh, the neighbor is up but there is a line that says:
eBGP neighbor with no inbound or outbound policy; defaults to ‘drop’
Here is the first difference with IOS XR – eBGP peers must have a Route-Policy (route-map) configured to permit routes in and out of them.
Instead of a route-map like IOS, IOS XR uses a Route Policy Language (RPL) – that is more powerful and easier than IOS.  Let’s configure a very simple one to pass everything:
RP/0/7/CPU0:R1(config)#route-policy PASS
RP/0/7/CPU0:R1(config-rpl)#pass
RP/0/7/CPU0:R1(config-rpl)#exit
RP/0/7/CPU0:R1(config)#commit
Thu Mar 29 23:28:08.400 UTC
Cool – that was easy.  Now lets apply that to the eBGP neighbor:
RP/0/7/CPU0:R1(config)#router bgp 1
RP/0/7/CPU0:R1(config-bgp)#nei 2.2.2.2
RP/0/7/CPU0:R1(config-bgp-nbr)#address-family ipv4 unicast
RP/0/7/CPU0:R1(config-bgp-nbr-af)#route-policy PASS out
RP/0/7/CPU0:R1(config-bgp-nbr-af)#route-policy PASS in
RP/0/7/CPU0:R1(config-bgp-nbr-af)#commit
Thu Mar 29 23:28:32.865 UTC
Now, lets look at the routing table for BGP
RP/0/7/CPU0:R1#sh route ipv4 bgp
Thu Mar 29 23:29:43.865 UTC
B    200.200.200.200/32 [20/0] via 2.2.2.2, 00:01:06
RP/0/7/CPU0:R1#
Cool, we have a route to R2’s Loopback100 interface.  PING time!
RP/0/7/CPU0:R1#ping 200.200.200.200 sou loop100
Thu Mar 29 23:30:10.013 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 200.200.200.200, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/3/5 ms
RP/0/7/CPU0:R1#
Look at that, we have connectivity!
A similar IOS config would look like this:
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 network 100.100.100.100 mask 255.255.255.255
 neighbor 2.2.2.2 remote-as 2
 neighbor 2.2.2.2 ebgp-multihop 255
 neighbor 2.2.2.2 route-map PASS in
 neighbor 2.2.2.2 route-map PASS out
ip prefix-list PASS seq 5 permit 0.0.0.0/0 le 32
route-map PASS permit 10
 match ip address prefix-list PASS