CCNP experiment: BGP Confederation Solution

[Lab environment]

The C3640-IK9O3S-M Version 12.4 (10)

[PURPOSE]

BGP Confederation is used to solve the BGP Route black hole problem caused by horizontal segmentation of IBGP.

[Experiment topology]

[Experiment description]

R1, R2, R4, and R5 run the BGP protocol, while R2, R3, and R4 run the OSPF protocol. The objective is to make 1.1.1.1 <-> 5.5.5.5 accessible to each other

The IBGP neighbor relationship is established using the loopback interface.

Use a direct connection interface between R1 <-> R2 and R4 <-> R5 to establish an EBGP relationship

Data-layer BGP routing black hole problem: Since R3 does not run BGP, R2 and R4 do not pass route entries to R3. Therefore, R3 does not have routes 1.1.1.1 and 5.5.5, resulting in a routing black hole. If BGP is run on R3 and an IBGP relationship is established with R2 and R4, the routes of R2 and R4 are not completely learned due to horizontal segmentation of IBGP.

Solution: divide AS 3 into two sub-AS instances and use private bgp as 65011 and 65013. In this case, the relationship between R3 and R4 becomes EBGP, breaking the horizontal division rule of IBGP, to solve the routing black hole, these private AS are called Confederation. Meanwhile, for AS 1 and AS 5, Federation is transparent. In their view, AS 3 is still AS 3.

Federated steps:

1. vrouters are divided into different small

2. Declare the large AS number on the big AS Border Router

3. Establish a federated EBGP relationship between small AS border routers and Peer

Note:

Federated AS is not used AS the BGP routing standard. It is subject to the standard of AS (Federated AS is identified by brackets in the BGP Route table)

Lab procedure]

1. Basic configuration of R1, Port:

!
Interface Loopback0
Ip address 1.1.1.1 255.255.255.0
!
Interface Serial0/0
Ip address 12.0.0.1 255.255.255.0
Clock rate 64000
!

2. Basic R2 configuration, port, and OSPF:

!
Interface Loopback0
Ip address 2.2.2.2 255.255.255.0
!
Interface Serial0/0
Ip address 12.0.0.2 255.255.255.0
!
Interface Serial0/1
Ip address 23.0.0.1 255.255.255.0
Clock rate 64000
!
Router ospf 110
Router-id 2.2.2.2
Network 2.2.2.0 0.0.0.255 area 0
Network 23.0.0.1 0.0.0.0 area 0
!

3. R3 basic configuration, port, and OSPF:

!
Interface Loopback0
Ip address 3.3.3.3 255.255.255.0
!
Interface Serial0/0
Ip address 34.0.0.1 255.255.255.0
Clock rate 64000
!
Interface Serial0/1
Ip address 23.0.0.2 255.255.255.0
!
Router ospf 110
Router-id 3.3.3.3
Network 3.3.3.0 0.0.0.255 area 0
Network 23.0.0.2 0.0.0.0 area 0
Network 34.0.0.1 0.0.0.0 area 0
!

4. basic configuration of R4, port, and OSPF:

!
Interface Loopback0
Ip address 4.4.4.4 255.255.255.0
!
Interface Serial0/0
Ip address 34.0.0.2 255.255.255.0
!
Interface Serial0/1
Ip address 45.0.0.1 255.255.255.0
Clock rate 64000
!
Router ospf 110
Router-id 4.4.4
Network 4.4.4.0 0.0.0.255 area 0
Network 34.0.0.2 0.0.0.0 area 0
!

5. R5 basic configuration, Port:

!
Interface Loopback0
Ip address 5.5.5.5 255.255.255.0
!
Interface Serial0/1
Ip address 45.0.0.2 255.255.255.0
!

6. Create a federal AS 65011 on R2 and R3 to establish an IBGP relationship.

// Create the AS 65011 on R2
Router bgp 65011
No synchronization
Bgp router-id 2.2.2.2
Neighbor 3.3.3.3 remote-as 65011
Neighbor 3.3.3.3 update-source Loopback0
Neighbor 3.3.3.3 next-hop-self
No auto-summary

// Create the AS 65011 on R3
Router bgp 65011
No synchronization
Bgp router-id 3.3.3.3
Neighbor 2.2.2.2 remote-as 65011
Neighbor 2.2.2.2 update-source Loopback0
No auto-summary

7. Create a federated AS 65013 on R4

// Create AS 65013 on R4
Router bgp 65013
No synchronization
Bgp router-id 4.4.4
No auto-summary

8. Declare your big AS on R2, R3, and R4, and then create an EBGP relationship with R1 and R5.

// Configure the Federation statement on R2
Router bgp 65011
Bgp confederation identifier 3
Neighbor 12.0.0.1 remote-as 1

// Configure the Federation statement on R4
Router bgp 65013
Bgp confederation identifier 3
Neighbor 45.0.0.2 remote-as 5

// Configure the federal Declaration on R3
Router bgp 65011
Bgp confederation identifier 3

9. Create an EBGP relationship between the federated AS of R3 and R4 through the loopback interface and refer to the federated Peer

// Configure the EBGP neighbor on R3 and specify the federated Peer
Router bgp 65011
Bgp confederation peers 65013
Neighbor 4.4.4 remote-as 65013
// Because the Back-to-loop port is used to establish a federal EBGP relationship, you need to increase the default TTL value.
Neighbor 4.4.4 ebgp-multihop 2
Neighbor 4.4.4 update-source Loopback0

// Configure the EBGP neighbor on R4 and specify the federated Peer
Router bgp 65013
Bgp confederation peers 65011
Neighbor 3.3.3.3 remote-as 65011
Neighbor 3.3.3.3 ebgp-multihop 2
Neighbor 3.3.3.3 update-source Loopback0
Neighbor 3.3.3.3 next-hop-self

10. view the route table on R3

R3 # sh ip bgp
BGP table version is 4, local router ID is 3.3.3.3
Network Next Hop Metric LocPrf Weight Path
*> I1.1.1.0/24 2.2.2.2 0 100 0 1 I
* 5.5.5.0/24 45.0.0.2 0 100 0 (65013) 5 I

No best found in 5.5.5.0/24, and the next hop address is not reachable. Note the differences here. The next hop of the conventional EBGP is the peer address, but the EBGP between Federation needs to be manually next-hop-self

// Configure the next hop on R3
Router bgp 65013
Neighbor 3.3.3.3 next-hop-self

View route table again

R3 # sh ip bgp
BGP table version is 5, local router ID is 3.3.3.3
Network Next Hop Metric LocPrf Weight Path
*> I1.1.1.0/24 2.2.2.2 0 100 0 1 I
*> 5.5.5.0/24 4.4.4.4 0 100 0 (65013) 5 I

11. Verify the connectivity between R1 and R5 loopback ports.

R1 # ping 5.5.5 so 1.1.1.1
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 276/316/408 MS

12. view the route 5.5.5.0/24 on R2

R2 # sh ip bgp 5.5.5.0/24
BGP routing table entry for 5.5.5.0/24, version 5
Paths: (1 available, best #1, table Default-IP-Routing-Table)
(65013) 5
4.4.4.4 (metric 129) from 3.3.3.3 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, confed-internal, best

13. view the 1.1.1.0/24 route on R4

R4 # sh ip bgp 1.1.1.0/24
BGP routing table entry for 1.1.1.0/24, version 3
Paths: (1 available, best #1, table Default-IP-Routing-Table)
(65011) 1
2.2.2.2 (metric 129) from 3.3.3.3 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, confed-external, best

It is observed that the confed-internal identifier appears in the route attributes learned by the Federation.

14. view the route table on R1 and R5

R1 # sh ip bgp
BGP table version is 5, local router ID is 1.1.1.1
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 0.0.0.0 0 32768 I
*> 5.5.5.0/24 12.0.0.2 0 3 5 I

R5 # sh ip bgp
BGP table version is 4, local router ID is 5.5.5.5
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.0/24 45.0.0.1 0 3 1 I
*> 5.5.5.0/24 0.0.0.0 0 32768 I

It is observed that the Path attributes of the 1.1.1.0/24 and 5.5.5.0/24 routes do not contain the federated AS number, which proves that the Federated AS is transparent to the outside and invisible.