Avaya Ethernet Routing Switch 8800/8600 Configuration BGP Services

Transcription

1 Avaya Ethernet Routing Switch 8800/8600 Configuration BGP Services Release 7.2 NN Issue October 2014

2 2014 Avaya Inc. All Rights Reserved. Notice While reasonable efforts have been made to ensure that the information in this document is complete and accurate at the time of printing, Avaya assumes no liability for any errors. Avaya reserves the right to make changes and corrections to the information in this document without the obligation to notify any person or organization of such changes. Documentation disclaimer Documentation means information published by Avaya in varying mediums which may include product information, operating instructions and performance specifications that Avaya may generally make available to users of its products and Hosted Services. Documentation does not include marketing materials. Avaya shall not be responsible for any modifications, additions, or deletions to the original published version of documentation unless such modifications, additions, or deletions were performed by Avaya. End User agrees to indemnify and hold harmless Avaya, Avaya's agents, servants and employees against all claims, lawsuits, demands and judgments arising out of, or in connection with, subsequent modifications, additions or deletions to this documentation, to the extent made by End User. Link disclaimer Avaya is not responsible for the contents or reliability of any linked websites referenced within this site or documentation provided by Avaya. Avaya is not responsible for the accuracy of any information, statement or content provided on these sites and does not necessarily endorse the products, services, or information described or offered within them. Avaya does not guarantee that these links will work all the time and has no control over the availability of the linked pages. Warranty Avaya provides a limited warranty on Avaya hardware and software. Refer to your sales agreement to establish the terms of the limited warranty. In addition, Avaya s standard warranty language, as well as information regarding support for this product while under warranty is available to Avaya customers and other parties through the Avaya Support website: or such successor site as designated by Avaya. Please note that if you acquired the product(s) from an authorized Avaya Channel Partner outside of the United States and Canada, the warranty is provided to you by said Avaya Channel Partner and not by Avaya. Licenses THE SOFTWARE LICENSE TERMS AVAILABLE ON THE AVAYA WEBSITE, OR SUCH SUCCESSOR SITE AS DESIGNATED BY AVAYA, ARE APPLICABLE TO ANYONE WHO DOWNLOADS, USES AND/OR INSTALLS AVAYA SOFTWARE, PURCHASED FROM AVAYA INC., ANY AVAYA AFFILIATE, OR AN AVAYA CHANNEL PARTNER (AS APPLICABLE) UNDER A COMMERCIAL AGREEMENT WITH AVAYA OR AN AVAYA CHANNEL PARTNER. UNLESS OTHERWISE AGREED TO BY AVAYA IN WRITING, AVAYA DOES NOT EXTEND THIS LICENSE IF THE SOFTWARE WAS OBTAINED FROM ANYONE OTHER THAN AVAYA, AN AVAYA AFFILIATE OR AN AVAYA CHANNEL PARTNER; AVAYA RESERVES THE RIGHT TO TAKE LEGAL ACTION AGAINST YOU AND ANYONE ELSE USING OR SELLING THE SOFTWARE WITHOUT A LICENSE. BY INSTALLING, DOWNLOADING OR USING THE SOFTWARE, OR AUTHORIZING OTHERS TO DO SO, YOU, ON BEHALF OF YOURSELF AND THE ENTITY FOR WHOM YOU ARE INSTALLING, DOWNLOADING OR USING THE SOFTWARE (HEREINAFTER REFERRED TO INTERCHANGEABLY AS YOU AND END USER ), AGREE TO THESE TERMS AND CONDITIONS AND CREATE A BINDING CONTRACT BETWEEN YOU AND AVAYA INC. OR THE APPLICABLE AVAYA AFFILIATE ( AVAYA ). Avaya grants You a license within the scope of the license types described below, with the exception of Heritage Nortel Software, for which the scope of the license is detailed below. Where the order documentation does not expressly identify a license type, the applicable license will be a Designated System License. The applicable number of licenses and units of capacity for which the license is granted will be one (1), unless a different number of licenses or units of capacity is specified in the documentation or other materials available to You. Software means Avaya s computer programs in object code, provided by Avaya or an Avaya Channel Partner, whether as stand-alone products, pre-installed, or remotely accessed on hardware products, and any upgrades, updates, bug fixes, or modified versions thereto. Designated Processor means a single stand-alone computing device. Server means a Designated Processor that hosts a software application to be accessed by multiple users. Instance means a single copy of the Software executing at a particular time: (i) on one physical machine; or (ii) on one deployed software virtual machine ( VM ) or similar deployment. Copyright Except where expressly stated otherwise, no use should be made of materials on this site, the Documentation, Software, Hosted Service, or hardware provided by Avaya. All content on this site, the documentation, Hosted Service, and the Product provided by Avaya including the selection, arrangement and design of the content is owned either by Avaya or its licensors and is protected by copyright and other intellectual property laws including the sui generis rights relating to the protection of databases. You may not modify, copy, reproduce, republish, upload, post, transmit or distribute in any way any content, in whole or in part, including any code and software unless expressly authorized by Avaya. Unauthorized reproduction, transmission, dissemination, storage, and or use without the express written consent of Avaya can be a criminal, as well as a civil offense under the applicable law. Third Party Components Third Party Components mean certain software programs or portions thereof included in the Software or Hosted Service may contain software (including open source software) distributed under third party agreements ( Third Party Components ), which contain terms regarding the rights to use certain portions of the Software ( Third Party Terms ). As required, information regarding distributed Linux OS source code (for those Products that have distributed Linux OS source code) and identifying the copyright holders of the Third Party Components and the Third Party Terms that apply is available in the Documentation or on Avaya s website at: support.avaya.com/copyright or such successor site as designated by Avaya. You agree to the Third Party Terms for any such Third Party Components. Preventing Toll Fraud Toll Fraud is the unauthorized use of your telecommunications system by an unauthorized party (for example, a person who is not a corporate employee, agent, subcontractor, or is not working on your company's behalf). Be aware that there can be a risk of Toll Fraud associated with your system and that, if Toll Fraud occurs, it can result in substantial additional charges for your telecommunications services. Avaya Toll Fraud intervention If you suspect that you are being victimized by Toll Fraud and you need technical assistance or support, call Technical Service Center Toll Fraud Intervention Hotline at for the United States and Canada. For additional support telephone numbers, see the Avaya Support website: or such successor site as designated by Avaya. Suspected security vulnerabilities with Avaya products should be reported to Avaya by sending mail to: securityalerts@avaya.com. Trademarks The trademarks, logos and service marks ( Marks ) displayed in this site, the Documentation, Hosted Service(s), and Product(s) provided by Avaya are the registered or unregistered Marks of Avaya, its affiliates, or other third parties. Users are not permitted to use such Marks without prior written consent from Avaya or such third party which may own the Mark. Nothing contained in this site, the Documentation, Hosted Service(s) and Product(s) should be construed as granting, by implication, estoppel, or otherwise, any license or right in and to the Marks without the express written permission of Avaya or the applicable third party. Avaya is a registered trademark of Avaya Inc.

3 All non-avaya trademarks are the property of their respective owners. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries. Downloading Documentation For the most current versions of Documentation, see the Avaya Support website: or such successor site as designated by Avaya. Contact Avaya Support See the Avaya Support website: for Product or Hosted Service notices and articles, or to report a problem with your Avaya Product or Hosted Service. For a list of support telephone numbers and contact addresses, go to the Avaya Support website: (or such successor site as designated by Avaya), scroll to the bottom of the page, and select Contact Avaya Support.

4 Contents Chapter 1: Introduction... 8 Purpose of this document... 8 Related resources... 8 Documentation... 8 Training... 8 Avaya Mentor videos... 8 Support... 9 Chapter 2: New in this release Chapter 3: BGP fundamentals Autonomous systems byte AS numbers Internal and external BGP routing BGP speaker Transit AS Stub and multihomed autonomous systems Peers Supernet advertisements Bandwidth and maintenance reduction Routing information consolidation CIDR and aggregate addresses Confederations Route reflectors Confederation and route reflector considerations BGP communities BGP path attributes BGP route selection BGP and dampened routes BGP updates Withdrawn Routes Length Withdrawn Routes Total Path Attributes Length Path Attributes Network Layer Reachability Information Equal-cost multipath MD5 message authentication MD5 signature generation MD5 signature verification BGP and route redistribution Circuitless IP Configuration BGP Services October 2014

5 Contents BGP and IP VPN BGP IP VPN parameters IP VPN BGP route preference and selection BGP BGP+ tunnel configurations Limitations BGP configuration considerations and limitations BGP implementation guidelines Configuration guidelines BGP neighbor Maximum Prefix configuration BGP and OSPF interaction Chapter 4: BGP configuration using Enterprise Device Manager Logging in to a VRF instance Configuring BGP globally Configuring 4-byte AS numbers Configuring aggregate routes Configuring aggregate IPv6 routes Configuring allowed networks Configuring allowed IPv6 networks Configuring BGP peers Configuring peer groups Viewing BGP summary route information Viewing IPv6 BGP+ summary route information Displaying dampened routes information Configuring redistribution to BGP for VRF Configuring a prefix list Configuring an IPv6 prefix list Configuring an AS path list Configuring a community access list Configuring an extended community list Chapter 5: BGP configuration using the CLI Configuring BGP globally Configuring 4 byte AS numbers Configuring BGP confederations Configuring BGP peers or peer groups Configuring redistribution to BGP for VRF Configuring redistribution to BGP+ for VRF Configuring a prefix list Configuring an IPv6 prefix list Configuring AS path lists Configuring community lists Configuring extended community lists BGP show commands October 2014 Configuration BGP Services 5

6 Contents Viewing BGP aggregate information Viewing BGP+ aggregate information Viewing CIDR routes Viewing flap-dampened routes Viewing global flap-dampening configurations Viewing imported routes Viewing imported IPv6 routes Viewing BGP network configurations Viewing IPv6 BGP+ network configurations Viewing BGP peer information Viewing BGP peer group information Viewing BGP IP VPN routes Viewing BGP routes Viewing IPv6 BGP+ routes Viewing all BGP configuration information Viewing all IPv6 BGP+ configuration information Viewing a summary of BGP configurations Chapter 6: BGP configuration using the ACLI Configuring BGP globally Configuring 4 byte AS numbers Configuring BGP peers or peer groups Configuring a BGP peer or peer group password Configuring redistribution to BGP for VRF Configuring redistribution to BGP+ for VRF Configuring a prefix list Configuring an IPv6 prefix list Configuring AS path lists Configuring community lists Configuring extended community lists BGP show commands Viewing BGP aggregate information Viewing IPv6 BGP+ aggregate information Viewing CIDR routes Viewing flap-dampened routes Viewing global flap-dampening configurations Viewing imported routes Viewing imported IPv6 routes Viewing BGP network configurations Viewing IPv6 BGP+ network configurations Viewing BGP peer information Viewing BGP peer group information Viewing BGP IP VPN routes Viewing BGP routes Configuration BGP Services October 2014

7 Contents Viewing IPv6 BGP+ routes Viewing a summary of BGP configurations Appendix A: BGP+ tunnel configuration examples IPv6 Tunnel configurations for BGP Scenario 1: ebgp+ peership between two ERS 8800/8600s with IPv6 Tunneling R1 configuration R2 configuration Scenario 2: ibgp+ peership on CLIP between two ERS 8800/8600s with IPv6 Tunneling R1 configuration R2 configuration Important notes Appendix B: Cisco Systems to Avaya command equivalents BGP configuration commands BGP configuration command interpretation BGP operational commands BGP operational command interpretation Route preference mapping Appendix C: Juniper Networks to Avaya command equivalents BGP configuration commands BGP configuration command interpretation BGP operational commands BGP operational command interpretation Route preference mapping October 2014 Configuration BGP Services 7

8 Chapter 1: Introduction Purpose of this document This document provides instructions for configuring Border Gateway Protocol (BGP) services for the Avaya Ethernet Routing Switch 8800/8600. For information about configuring IP VPN with BGP, see Avaya Ethernet Routing Switch 8800/8600 Configuration IP VPN, NN Related resources Documentation See the Avaya Ethernet Routing Switch 8800/8600 Documentation Roadmap, NN , for a list of the documentation for this product. Training Ongoing product training is available. For more information or to register, you can access the website at Avaya Mentor videos Avaya Mentor videos provide technical content on how to install, configure, and troubleshoot Avaya products. About this task Videos are available on the Avaya Support website, listed under the video document type, and on the Avaya-run channel on YouTube. 8 Configuration BGP Services October 2014

9 Support Procedure To find videos on the Avaya Support website, go to select the product name, and check the videos checkbox to see a list of available videos. To find the Avaya Mentor videos on YouTube, go to and perform one of the following actions: Enter a key word or key words in the Search Channel to search for a specific product or topic. Scroll down Playlists, and click the name of a topic to see the available list of videos posted on the site. Note: Videos are not available for all products. Support Visit the Avaya Support website at for the most up-to-date documentation, product notices, and knowledge articles. You can also search for release notes, downloads, and resolutions to issues. Use the online service request system to create a service request. Chat with live agents to get answers to questions, or request an agent to connect you to a support team if an issue requires additional expertise. October 2014 Configuration BGP Services 9

10 Chapter 2: New in this release There are no new updates to Avaya Ethernet Routing Switch 8800/8600 Configuration BGP Services, NN for Release Configuration BGP Services October 2014

11 Chapter 3: BGP fundamentals BGP is an inter-domain routing protocol that provides loop-free inter-domain routing between autonomous systems (ASs) or within an AS. BGP systems can exchange network layer reachability information (NLRI) with other BGP systems for the purpose of constructing a graph of AS connectivity. BGP uses this information to prune routing loops and enforce AS-level policy decisions. BGP provides features that allow you to consolidate routing information and to control the flow of BGP updates. To use BGP, you must have the Advanced Routing License. For more information about licensing, see Avaya Ethernet Routing Switch 8800/8600 Administration, NN The following sections provide an overview of BGP and includes descriptions of features you can use to optimize your BGP system. For information about how to use the command line interface (CLI), the Avaya command line interface (ACLI), the Web management interface, Enterprise Device Manager, see Avaya Ethernet Routing Switch 8800/8600 User Interface Fundamentals, NN IP VPN (also called BGP/MPLS VPN) uses Border Gateway Protocol (BGP) extensions to distribute VPN and virtual routing and forwarding (VRF) routing information. It uses MPLS for packet transportation. Multiple VPN sites can be connected using IP VPNs in the enterprise or carriermanaged networks. Three major components are used by IP VPNs: MPLS, VRF Lite, and Multiprotocol internal BGP (MP-iBGP). For information about MP-iBGP and IP VPN, see Avaya Ethernet Routing Switch 8800/8600 Configuration IP VPN, NN For information about VRF Lite, see Avaya Ethernet Routing Switch 8800/8600 Configuration IP Routing, NN Autonomous systems An AS is a group of routers and hosts run by a single technical administrator that has a single, clearly defined routing policy. Each autonomous system has its own unique AS number assigned by the appropriate Internet Registry entity. LANs and WANs interconnected by IP routers form a group of networks called an internetwork. For administrative purposes, internetworks are divided into boundaries known as autonomous systems. The following figure shows a sample internetwork segmented into three autonomous systems. October 2014 Configuration BGP Services 11

12 BGP fundamentals Figure 1: Internetwork segmented into three autonomous systems BGP exchanges information between ASs as well as between routers within the same AS. As shown in the previous figure, routers that are members of the same AS and exchange BGP updates run internal BGP (IBGP), and routers that are members of different ASs and exchange BGP updates run external BGP (EBGP). 4-byte AS numbers Each Autonomous System (AS) must have its own unique number. In previous releases, BGP used two bytes to assign a number to an AS. This 2-byte AS numbering scheme is no longer able to meet the demand so Avaya now supports 4-byte AS numbers. In release 7.1, the Ethernet Routing Switch 8800/8600 supports both 2-byte and 4-byte AS numbers. The 4-byte AS number is a limited deployment for BGP. You can configure a BGP peer to operate in the old 2-byte AS mode or in the new 4-byte mode, not both. BGP supports communication between peers of the same type only. If a new 4 byte AS has to communicate with an old 2-byte AS, assign a 2-byte AS number to the new AS. To summarize, BGP currently supports communication between the following peer types only: 2-byte peer to 2-byte peer 4-byte peer to 4-byte peer 12 Configuration BGP Services October 2014

13 Autonomous systems Important: Attention: Do not assign as an AS number. The Internet Assigned Numbers Authority (IANA) reserved this number for the AS_TRANS attribute and BGP uses it to facilitate communication between peer modes. AS_TRANS uses a 2-byte AS format to represent a 4- byte AS number. The Ethernet Routing Switch interprets the AS_TRANS attribute and propagates it to other peers. The 4-byte AS number feature does not in any way restrict the use or change the way you configure 2-byte AS numbers. You can also configure 2-byte AS or 4 byte AS numbers in AS path lists, community lists, and route policies. Note: BGP 4-byte AS is not supported with confederations. There are discrepancies between the CLI and EDM in how you configure BGP 4-byte AS when the as-dot flag is enabled. The CLI allows you to enter the AS number in plain format or in as-dot format. EDM allows you to enter the AS number in AS-dot format only. The CLI accepts a blank value for an AS number and assigns the default value of zero. For example, if instead of entering "x.y" you only enter "x. ", the CLI assigns 0 for the y value (x. 0). EDM requires both an x and y value. Internal and external BGP routing Avaya supports both Internal BGP (IBGP) intra-as routing and External BGP (EBGP) external-as routing. With IBGP, each router within an AS runs an interior gateway protocol (IGP), such as routing information protocol (RIP), and open shortest path first (OSPF). The IBGP information, along with the IGP route to the originating BGP border router, determines the next hop to use for exchanging information with an external AS. Each router uses IBGP exclusively to determine reachability to external ASs. When a router receives an IBGP update that is destined for an external AS, the update is passed to IP for inclusion in the routing table only if a viable IGP route to the correct border gateway is available. EBGP is used to communicate routing information between BGP speakers that are in different ASs. BGP speaker BGP routers employ an entity within the router, referred to as a BGP speaker, which transmits and receives BGP messages and acts upon them. BGP speakers communicate with other BGP speakers by establishing a peer-to-peer session. All BGP speakers within an AS must be fully meshed (see the following figure). October 2014 Configuration BGP Services 13

14 BGP fundamentals Figure 2: BGP networks Transit AS An AS with more than one BGP speaker can use IBGP to provide a transit service for networks located outside the AS. An AS that provides this service is called a transit AS. As shown in Figure 2: BGP networks on page 14, AS 40 is the transit AS. It provides information about its internal networks, as well as transit networks, to the remaining ASs. The IBGP connections between routers D, E, and F provide consistent routing information to the ASs. 14 Configuration BGP Services October 2014

15 Autonomous systems Stub and multihomed autonomous systems As shown in Figure 2: BGP networks on page 14, an AS can include one or more BGP speakers that establish peer-to-peer sessions with BGP speakers in other ASs to provide external route information for the networks within the AS. A stub AS has a single BGP speaker that establishes a peer-to-peer session with one external BGP speaker. In this case, the BGP speaker provides external route information only for the networks contained within its own AS. A multihomed AS has multiple BGP speakers. Peers The transport protocol used with BGP is Transmission Control Protocol (TCP). When any two routers open a TCP connection to each other for the purpose of exchanging routing information, they form a peer-to-peer relationship. In Figure 2: BGP networks on page 14, Routers A and D are BGP peers, as are Routers B and E, C and E, F and G, and Routers D, E, and F. Although Routers A and D are running EBGP, Routers D, E, and F within AS 40 are running IBGP. The EBGP peers are directly connected, while the IBGP peers are not. As long as an IGP is running that allows any two neighbors to logically communicate, the IBGP peers do not require a direct connection. Because all BGP speakers within an AS must be fully meshed logically, the IBGP mesh can grow to large proportions and become difficult to manage. You can reduce the number of peers within an AS by creating confederations and route reflectors. BGP peers exchange complete routing information only after the peer connection is established. Thereafter, BGP peers exchange routing updates. An update message consists of a network number, a list of autonomous systems that the routing information passed through (the AS path), and other path attributes that describe the route to a set of destination networks. When multiple paths are available, BGP compares the path attributes to choose the preferred path. Even when BGP is disabled, all BGP peer connection requests are logged. For more information about update messages, see BGP updates on page 28. Supernet advertisements BGP has no concept of address classes. Each network listed in the network layer reachability information (NLRI) portion of an update message contains a prefix length field, which describes the length of the mask associated with the network. The prefix length field allows for both supernet and subnet advertisement. The supernet advertisement is what makes classless interdomain routing (CIDR) possible (see CIDR and aggregate addresses on page 16). October 2014 Configuration BGP Services 15

16 BGP fundamentals Bandwidth and maintenance reduction BGP also provides two features that reduce the high bandwidth and maintenance costs associated with a large full-mesh topology: Confederations Route reflectors Confederations and route reflectors are discussed in the following sections. Routing information consolidation Use the information in this section to help you understand how to reduce the size of routing tables. CIDR and aggregate addresses Classless interdomain routing (CIDR) is an addressing scheme (also known as supernetting) that eliminates the concept of classifying networks into class types. Earlier addressing schemes identified five classes of networks: Class A, Class B, Class C, Class D, and Class E. Classes D (used for multicast) and E (reserved and currently not used) are not discussed in this book. For example, network , an illegal Class C network number, becomes a legal supernet when it is represented in CIDR notation as /16. The /16 is called the prefix length and becomes a way of expressing the explicit mask that CIDR requires. In this case, the addition of the prefix /16 indicates that the subnet mask consists of 16 bits (counting from the left). Using this method, supernet /16 represents (see Table 1: CIDR Conversion on page 16). Table 1: CIDR Conversion Prefix Dotted-decimal Binary Network class / Class A / Class A / Class A / Class A / Class A / Class A / Class A / Class A or 256 Class B / Class B 16 Configuration BGP Services October 2014

17 Routing information consolidation Prefix Dotted-decimal Binary Network class / Class B / Class B / Class B / Class B / Class B / Class B / Class B or 256 Class C / Class C / Class C / Class C / Class C / Class C / Class C / Class C / Class C Use CIDR to assign network prefixes of arbitrary lengths, as opposed to the obsolete class system, which assigned prefixes as even multiples of an octet. For example, you can assign a single routing table supernet entry of /21 to represent 8 separate Class C network numbers: through Supernet addressing You can create a supernet address that covers any address range. For example, to create a supernet address that covers an address range of to : 1. Convert the starting and ending address range from dotted-decimal notation to binary notation (see the following figure). October 2014 Configuration BGP Services 17

18 BGP fundamentals Figure 3: Binary notation conversion 2. Locate the common bits in both ranges. Ensure that the remaining bits in the start range are zeros, and the remaining bits in the end range are all ones. 3. If the remaining bits in the end range are not all ones, you must recalculate to find the IP prefix that has only ones in the remaining bits in the end range. 4. Recalculate to find a network prefix that has all ones in the remaining end range bits (see the following figure). In this example, is the closest IP prefix that matches the start range's common bits. Figure 4: First aggregate and prefix length 5. The 21 bits that match the common bits form the prefix length. The prefix length is the number of binary bits that form the explicit mask (in dotted-decimal notation) for this IP prefix. 6. The remaining aggregate is formed from to the end range, Configuration BGP Services October 2014

19 Routing information consolidation As shown in Figure 4: First aggregate and prefix length on page 18, the resulting first aggregate /21 represents all of the IP prefixes from to The following figure shows the results after forming the remaining aggregate from to the end range, The resulting aggregate /23 represents all of the IP prefixes from to Figure 5: Last aggregate and prefix length The final result of calculating the supernet address that ranges from to is as follows: (with mask) = / (with mask) = /23 Aggregate routes Eliminating the idea of network classes provides an easy method to aggregate routes. Rather than advertise a separate route for each destination network in a supernet, BGP uses a supernet address to advertise a single route (called an aggregate route) that represents all the destinations. CIDR also reduces the size of the routing tables used to store advertised IP routes. The following figure shows an example of route aggregation using CIDR. In this example, a single supernet address /16 is used to advertise 256 separate Class C network numbers through October 2014 Configuration BGP Services 19

20 BGP fundamentals Figure 6: Aggregating routes with CIDR Confederations A BGP router configured for IBGP establishes a peer-to-peer session with every other IBGP speaker in the AS. In an AS with a large number of IBGP speakers, this full-mesh topology can result in high bandwidth and maintenance costs. As shown in the following example, a full-mesh topology for an AS with 50 IBGP speakers requires 1225 internal peer-to-peer connections: Example: n x (n-1)/2 = n IBGP sessions where: 50 x (50-1)/2 = 1225 number of unique IBGP sessions You can reduce the high bandwidth and maintenance costs associated with a large full-mesh topology by dividing the AS into multiple smaller ASs (sub-ass), and then grouping them into a single confederation (see the following figure). 20 Configuration BGP Services October 2014

21 Routing information consolidation Figure 7: Confederations As shown in this figure, each sub-as is fully meshed within itself and has EBGP sessions with other sub-ass that are in the same confederation. Although the peers that are located in different ASs have EBGP sessions with the various sub-as peers, they preserve the next-hop, MED, and local preference information and exchange routing updates as if they were IBGP peers. This method allows all of the ASs to retain a single interior gateway protocol (IGP). When the confederation is assigned its own confederation identifier, the group of sub-ass appear as a single AS (with the confederation identifier as the AS number). October 2014 Configuration BGP Services 21

22 BGP fundamentals Route reflectors Another way to reduce the IBGP mesh inherent in an AS with a large number of IBGP speakers is to configure a route reflector (RR). Using this method, when an IBGP speaker needs to communicate with other BGP speakers in the AS, the speaker establishes a single peer-to-peer RR client session with the IBGP route reflector. In an AS, there can be more than one route reflector cluster. There can also be more than one route reflector in a cluster. When there is more than one reflector in a cluster, special care must be taken to prevent route loops. The following figure shows a simple IBGP configuration with three IBGP speakers (Routers A, B, and C). Without route reflectors configured, when Router A receives an advertised route from an external neighbor, it must advertise the route to Routers B and C. Figure 8: Fully meshed AS with IBGP speakers Routers B and C do not readvertise the IBGP learned routes to other IBGP speakers (BGP does not allow routers to pass routes learned from internal neighbors on to other internal neighbors, thus avoiding routing information loops). As shown in the following figure, when you configure an internal BGP peer (Router B) as a route reflector, all of the IBGP speakers are not required to be fully meshed. In this case, the assigned route reflector assumes the responsibility for passing IBGP learned routes to a set of IBGP neighbors. 22 Configuration BGP Services October 2014

23 Routing information consolidation Figure 9: AS with route reflector When Router B (the route reflector) receives routes advertised from Router A (the IBGP speaker) it advertises them to router C. Conversely, when the route reflector receives routes from internal peers, it advertises those routes to Router A. IBGP sessions are not required between Routers A and C. Route reflectors separate internal peers into two groups: client peers and nonclient peers. The route reflector and its clients form a cluster. The client peers in the cluster are not required to be fully meshed, and do not communicate with IBGP speakers outside their cluster. Nonclient peers must be fully meshed with each other. This concept is shown in the following figure, where Router A is shown as the route reflector in a cluster with client Routers B, C, and D. Routers E, F, and G are fully meshed, nonclient routers. October 2014 Configuration BGP Services 23

24 BGP fundamentals Figure 10: Route reflector with client and nonclient peers Confederation and route reflector considerations In the case of route reflectors and confederations, you must enable the next-hop-self parameter on the internal peers. The reason for this is that the next-hop-self parameter changes the next hop of external routes to the address of the router which has transferred them from ebgp to ibgp. This guarantees that the route gets installed in the routing table manager (RTM). The route in the RTM will not be installed if the next-hop of the route is not reachable. With next-hop-self enabled, the reachability is possible. This makes the routing simpler as well. It also helps in terms of security, as monitoring of the outgoing routes is easier, as you can monitor them from one single place. BGP communities You can group destinations into communities to simplify policy administration. A community is a group of destinations that share a common administrative property. Use a community control routing policies with respect to destinations. It is common practice to create communities when you have more than one destination and want to share a common attribute. 24 Configuration BGP Services October 2014

25 BGP path attributes The following are specific community types: Internet advertise this route to the Internet community No Advertise do not advertise to any BGP peer including IBGP peers No Export do not advertise any destinations outside of a BGP confederation No Export SubConfed do not advertise to external BGP peers, even within the same confederation. You can use a community to control which routing information to accept, prefer, or distribute to other BGP neighbors. If you specify the append option in the route policy, the specified community value is added to the existing value of the community attribute. Otherwise, the specified community value replaces any community value that was previously set. BGP path attributes You can create policies that control routes, work with default routing, control specific and aggregated routes, and manipulate BGP path attributes. There are four categories of BGP path attributes: Well-known mandatory attributes must be included in every BGP update message. Well-known discretionary attributes may or may not be sent in a particular BGP update message. Optional transitive attributes are accepted and passed to other BGP peers. Optional non-transitive attributes can be either accepted or ignored, but must not be passed along to other BGP peers. Path attributes are used by border routers that utilize built-in algorithms or manually configured polices to select paths. BGP uses the following path attributes to control the path a BGP router chooses: Origin (well-known mandatory) AS_path (well-known mandatory) Next Hop (well-known mandatory) Multi-Exit Discriminator Attribute (optional non-transitive) Local Preference (well-known discretionary) Atomic Aggregate (well-known discretionary) Aggregator (optional transitive) Community (optional transitive) These are further discussed in the following section. For information about configuring route policies to manipulate path attributes, see Border Gateway Protocol (BGP-4) Technical Configuration Guide, NN October 2014 Configuration BGP Services 25

26 BGP fundamentals BGP route selection One of the most important responsibilities a BGP router performs is determining the best path to a given destination network. This path is then eligible for use in the router s IP forwarding table and is also advertised to its external BGP (EBGP) peers. When choosing the best of multiple BGP routes to a given destination, the router executes a best path algorithm. For more details and examples about the algorithm, see the Lab Note BGP Best Path Selection Process on the Passport 8800/8600, available at The algorithm chooses a route in the following order: highest weight Weight is a locally significant parameter and is associated with each BGP peer. You can use the weight to influence which peer paths the router uses. highest local preference The Local Preference has global significance within an AS. The preference is commonly manipulated using route policies to influence path selection. prefer locally originated paths The path that was locally originated using the network, redistribution, or aggregate command is preferred over a path that was learned through a BGP Update. Local paths sourced by network or redistribute commands are preferred over local aggregates sourced by the aggregate address command. shortest AS Path The AS Path parameter specifies the ASs that the network prefix has traversed. The AS Path is commonly used to determine the best path. For example, a router can choose a path based on whether the network passed through a given AS. A route policy can be configured to match the AS and modify the Local Preference. Also, the AS Path can be padded before it is advertised to a peer AS, so that the advertised network path is less likely to be preferred by downstream routers. lowest origin type The origin type can be used to prefer a route. The order of preference is IGP, EGP, INC (incomplete). lowest Multi-Exit Discriminator (MED) The MED parameter influences the preferred path from a remote AS to the advertising AS. This parameter applies when there are multiple exit points from the remote AS to the advertising AS. A lower MED value indicates a stronger path preference than a higher MED value. By default, the MED attribute is ignored as specified by the BGP global parameter Always Compare MED. This parameter must be enabled for MEDs to be compared (and for this step of the best path algorithm to execute). The router compares MEDs regardless of what the first (neighboring) AS specified in the AS_PATH. Deterministic MED, when enabled, means that the first AS of the multiple paths must be the same. Paths received with no MED are assigned a MED of 0, unless the global BGP parameter Missing Is Worst is enabled. If so, received paths are assigned a MED of Missing is Worst is enabled by default. The router changes paths received with a MED of to before insertion into the BGP table. 26 Configuration BGP Services October 2014

27 BGP and dampened routes If the BGP global parameter Best Path MED Confed is enabled, MEDs are compared for all paths that consists only of AS_CONFED_SEQUENCE (paths originated within the local confederation). This parameter is disabled by default. lowest IGP metric to the BGP next-hop If there are multiple paths whose BGP next-hop is reachable through an IGP, the path with the lowest IGP metric to the BGP next-hop is chosen. prefer External paths (learned via EBGP) over Internal paths (IBGP) External paths are preferred over Internal paths if ECMP is enabled, insert up to four paths in the routing table If the IP global parameter Equal Cost Multi-Path (ECMP) is enabled, then multiple BGP learned routes that have the same metric to different IP next-hops are installed in the IP forwarding table for traffic load-balancing purposes. lowest Router ID The lowest Router ID, or Circuitless IP (CLIP) address, is preferred. BGP and dampened routes The Avaya Ethernet Routing Switch 8800/8600 supports route dampening (route suppression). When route dampening is used, a route accumulates penalties each time the route fails. When the accumulated penalties exceed a threshold, the route is no longer advertised. Suppressed routes are re-entered into the routing table only after the accumulated penalty falls below the reuse threshold. Route flap dampening suppresses the advertisement of the unstable route until the route becomes stable. Dampening is applied only to routes that are learned through an EBGP. Route flap dampening prevents routing loops and protects IBGP peers from having higher penalties for routes that are external to the AS. The following is a description of the algorithm that is used to control route flaps. When the route flaps the first time: A route history entry is created. A timer is started (180 seconds). If the route does not flap again, this timer is used to delete the history entry after the set time of 180 seconds. When the route flaps a second time: The penalty is recalculated based on the decay function. If the penalty is greater than the cut-off value (1536), the route is suppressed and the reuse time is calculated based on the reuse time function. The reuse timer starts. When the reuse time expires, the suppressed route is announced again (the reuse time is recalculated if the route flaps again). The penalty decays slower for withdrawn routes than for October 2014 Configuration BGP Services 27

28 BGP fundamentals update routes. The route history entry is kept longer if the route is withdrawn. For update history, the delete time is 90 seconds and the withdrawn history delete time is 180 seconds. BGP updates BGP uses update messages to communicate information between two BGP speakers. The update message can be used to advertise a single feasible route to a peer, or to withdraw multiple unfeasible routes from service. The following figure shows the format of an update message. Figure 11: Update message format This section describes how BGP uses the update message fields to communicate information between BGP speakers. Withdrawn Routes Length The Withdrawn Routes Length parameter (referred to in RFC 1771 as the Unfeasible Routes Length field) indicates the total length of the Withdrawn Routes field in octets. The Withdrawn Routes Length field is used to calculate the length of the Network Layer Reachability Information field. For example, a value of 0 indicates that no routes are being withdrawn from service, and that the Withdrawn Routes field is not present in this Update message. Withdrawn Routes The Withdrawn Routes parameter is a variable-length parameter that contains a list of IP prefixes for routes that are being withdrawn from service. The following figure shows the format of an IP prefix. Figure 12: IP Prefix format The Length indicates the number of bits in the prefix (also called the network mask). For example, /16 is equivalent to (where: the network mask is represented by the /16 which indicates the number of bits in the Length parameter). 28 Configuration BGP Services October 2014

29 BGP updates The Prefix parameter contains the IP address prefix itself, followed by enough trailing bits to make the length of the whole field an integer multiple of 8 bits (1 octet). Total Path Attributes Length The Total Path Attributes Length parameter indicates the total length of the Path Attributes parameter in octets. The Total Path Attributes Length is used to calculate the length of the Network Layer Reachability Information parameter. For example, a value of 0 indicates that no Network Layer Reachability Information field is present in this update message. Path Attributes The Path Attributes parameter is a variable-length sequence of path attributes that is present in every BGP Update. The path attributes contain BGP attributes that are associated with the prefixes in the Network Layer Reachability Information parameter. For example, the attribute values allow you to specify the prefixes that can be exchanged in the BGP session, or which of the multiple paths of a specified prefix to use. The attributes carry the following information about the associated prefixes: the path origin the AS paths through which the prefix is advertised the metrics that display degrees of preference for this prefix The following figure shows the encoding used with the Path Attribute parameter. The fields are described in the sections that follow. Figure 13: Path attribute encoding Attribute Type As shown in the following figure, the Attribute Type is a two-octet field that comprises two sub-fields: Attribute Flags and Attribute Type Code. Figure 14: Attribute Type fields Attribute Flags October 2014 Configuration BGP Services 29

30 BGP fundamentals The Attribute Flags parameter is a bit string that contains four binary values that describe the attribute, and four bits that are unused. The bit descriptions (from the high-order bit to the low-order bit) are: The high-order bit (bit 0) is the Optional bit. When set (1) the attribute is optional. When this bit is clear (0), the attribute is well-known. Well-known attributes must be recognized by all BGP implementations and, when appropriate, passed on to BGP peers. Optional attributes are not required to be present in all BGP implementations. The second high-order bit (bit 1) is the Transitive bit. For well-known attributes, this bit must be set to 1. For optional attributes, it defines whether the attribute is transitive (when set to 1) or non-transitive (when set to 0). The third high-order bit (bit 2) is the Partial bit. It defines whether the information contained in the optional transitive attribute is partial (when set to 1) or complete (when set to 0). For wellknown attributes and for optional non-transitive attributes the Partial bit must be set to 0. The fourth high-order bit (bit 3) is the Extended Length bit. It defines whether the Attribute Length is one octet (when set to 0) or two octets (when set to 1). Extended Length may be used only if the length of the attribute value is greater than 255 octets. - If the Extended Length bit of the Attribute Flags octet is set to 0, the third octet of the Path Attribute contains the length of the attribute data in octets. - If the Extended Length bit of the Attribute Flags octet is set to 1, then the third and the fourth octets of the path attribute contain the length of the attribute data in octets. The lower-order four bits of the Attribute Flags octet are unused. They must be zero (and must be ignored when received). Attribute Type Code The Attribute Type Code parameter contains the attribute type code, as defined by the Internet Assigned Numbers Authority (IANA). The Attribute Type Code is used to uniquely identify the attribute from all others. The remaining octets of the Path Attribute represent the attribute value and are interpreted according to the Attribute Flags and the Attribute Type Code parameters. The supported Attribute Type Codes are shown in the following table. Table 2: BGP mandatory path attributes Attribute Type code Description Origin 1 Defines the origin of the path information: = IGP (the path is valid all the way to the IGP of the originating AS) = 1--- EGP (the path was advertised using an EGP by the last AS in the AS path) = 2--- Incomplete (the path is valid only to the last AS in the AS path) 30 Configuration BGP Services October 2014

31 BGP updates Attribute Type code Description AS path 2 Contains a list of the ASs that must be traversed to reach the given destinations. Each AS path segment is represented as follows: Path segment type Path segment length Path segment value Next hop 3 Specifies the IP address of the border router to use as a next hop for the advertised destinations (destinations listed in the NLRI field of the Update message). Multiexit discriminator 4 This attribute is used on external (internal-as) links to discriminate among multiple exit or entry points to the same neighboring AS. Local preference 5 Indicates the preference that AS border routers assign to a chosen route when advertising it to IBGP peers Atomic aggregate 6 Ensures that certain network layer reachability information (NLRI) is not deaggregated Aggregator 7 Identifies which AS performed the most recent route aggregation. This attribute contains the last AS number that formed the aggregate route followed by the IP address of the BGP speaker that formed the aggregate route. Attribute Length The Attribute Length can be one or two octets in length, depending on the value of the Extended Length parameter in the Attributes Flag field. This parameter indicates the length of the Attribute field. Attribute The Attribute contains the actual value of the specific attribute and is implemented according to the values in the Attribute Flags and the Attribute Type Code parameters. Network Layer Reachability Information The Network Layer Reachability Information parameter is a variable length field that contains a list of prefixes. The number of prefixes in the list is limited only by the packet size that can be sent between BGP speakers. October 2014 Configuration BGP Services 31

32 BGP fundamentals Equal-cost multipath Equal-cost Multipath (ECMP) support allows a BGP speaker to perform route or traffic balancing within an AS by using multiple equal-cost routes submitted to the routing table by OSPF, RIP, or static routes. For more information about ECMP, see Avaya Ethernet Routing Switch 8800/8600 Configuration IP Routing, NN MD5 message authentication Authenticate BGP messages by using Message Digest 5 (MD5) signatures. When you enable BGP authentication, the BGP speaker verifies that the BGP messages it receives from its peers are actually from a peer and not from a third party masquerading as a peer. BGPv4 TCP MD5 message authentication provides the following features: A TCP MD5 signature can exist for BGP peers. You can configure authentication and secret keys for each peer. Peers configured with common secret keys can authenticate each other and exchange routing information. The switch can concurrently have some BGP peers configured with authentication enabled and other BGP peers with authentication disabled. The secret keys are always stored encrypted. When you enable BGPv4 TCP MD5 authentication, the router computes an MD5 signature for each TCP packet based on the TCP packet and a per-peer secret key. The router adds this MD5 signature to the TCP packet containing a BGP message and sends it with the packet, but it does not send the secret key. The receiver of the TCP packet also knows the secret key and can verify the MD5 signature. A third party trying to masquerade as the sender, however, cannot generate an authentic signature because it does not know the secret key. In the CLI commands, the term Password refers to the secret key. The secret keys provide security. If the keys are compromised, then the authentication itself is compromised. To prevent this, the secret keys are stored in encrypted form on the switch. MD5 signature generation BGP peers calculate MD5 signatures in BGP messages based on the following elements: TCP pseudo-header TCP header, excluding options TCP segment data TCP MD5 authentication key If TCP receives an MD5 authentication key, it reduces its maximum segment size (MSS) by 18 octets, which is the length of the TCP MD5 option. It also adds an MD5 signature to each 32 Configuration BGP Services October 2014

33 BGP and route redistribution transmitted packet. The peer inserts the resulting 16-byte MD5 signature into the following TCP options: kind=19, length=18. MD5 signature verification As shown in the following table, after the switch receives a packet, it performs three tests. The following table lists the tests and the event message that TCP logs if a test fails. Table 3: MD5 signature verification rules on BGP TCP packets Condition tested Action on success Failure event message Is the connection configured for MD5 authentication? Is MD5 authentication enabled for this TCP connection? Does the computed MD5 signature match the received MD5 signature? Verify that the packet contains a kind=19 option. TCP computes the expected MD5 signature. TCP sends the packet to BGP. TCP MD5 No Signature TCP MD5 Authentication Disabled TCP MD5 Invalid Signature If a packet passes a test, it proceeds to the next test. When a packet has passed all three tests, TCP accepts the packet and sends it to BGP. If a packet fails a test, the switch logs an event, increments the count of TCP connection errors (wftcpconnmd5errors), and discards the packet. The TCP connection remains open. BGP and route redistribution Redistribution imports routes from one protocol to another. Redistribution sends route updates for a protocol-based route through another protocol. For example, if OSPF routes exist in a router and they must be sent through a BGP network, then configure redistribution of OSPF routes through BGP. This sends OSPF routes to a router that uses BGP. Routes can be redistributed: on a global basis between protocols on a single VRF instance (intravrf) between the same or different protocols on different VRF instances (intervrf) Configure the route policy with the match parameter set to the protocol from which routes should be learned. For example, to redistribute OSPF routes to BGP, apply the following route policy: config ip route-policy bgp_pol seq 1 create config ip route-policy bgp_pol seq 1 enable config ip route-policy bgp_pol seq 1 action permit config ip route-policy bgp_pol seq 1 match-protocol ospf October 2014 Configuration BGP Services 33

34 BGP fundamentals You can also use the config ip bgp redistribute command to accomplish the (intravrf) redistribution of routes through BGP, so that BGP redistribution occurs globally on all BGP-enabled interfaces. This redistribution does not require a route policy, but one can be used for more control. You can redistribute routes from a protocol in one VRF to BGP in another VRF using the config ip <dst-vrf> bgp redistribute <source-protocol> <context> [vrf-src <vrfname>] commands. You can use a route policy for redistribution control. If you enable route redistribution between VRF instances, ensure that IP addresses do not overlap. Use caution when configuring redistribution. An improperly configured parameter could cause learned EBGP routes to be advertised out of your local AS. If this happens, other networks could be routed through your local AS. You should not use redistribution if you are peering to an Internet Service Provider (ISP) and do not wish to have traffic transit your local AS. When you redistribute OSPF routes into BGP, route priorities can create routing loops. Because BGP has a higher route preference than OSPF External type 1 and 2 routes, if you redistribute OSPF External type 1 and 2 routes into BGP, the BGP routes are used and could cause a routing loop. The Ethernet Routing Switch 8800/8600 supports route redistribution between BGP, RIP, OSPF, and between direct and static routes. For more information about RIP and OSPF route redistribution, and about route redistribution using the IP, Policy, Route Redistribution tab, see Avaya Ethernet Routing Switch 8800/8600 Configuration OSPF and RIP, NN and Avaya Ethernet Routing Switch 8800/8600 Configuration IP Routing, NN See Configuring redistribution to BGP for VRF 0 on page 62. Circuitless IP Circuitless IP (CLIP) is a virtual (or loop back) interface that is not associated with a physical port. You can use a CLIP interface to provide uninterrupted connectivity to your switch as long as there is an actual path to reach the device. For example, as shown in the following figure, a physical pointto-point link exists between R1 and R2 along with the associated addresses ( /30 and /30). Note also that an IBGP session exists between two additional addresses /32 (CLIP 1) and /32 (CLIP 2). Figure 15: Routers with I-BGP connections 34 Configuration BGP Services October 2014

35 BGP and IP VPN The CLIP interface is treated as any other IP interface. The network associated with the CLIP is treated as a local network attached to the device. This route always exists and the circuit is always up because there is no physical attachment. Routes are advertised to other routers in the domain either as external routes using the routeredistribution process or when you enable OSPF in a passive mode to advertise an OSPF internal route. You can configure the OSPF protocol only on the CLIP interface. When you create a CLIP interface, the system software programs a local route with the CPU as destid. All packets that are destined to the CLIP interface address are processed by the CPU. Any other packets with destination addresses associated with this network (but not to the interface address) are treated as if they are from any unknown host. A circuitless IP or CLIP (that is, loopback IP address) is a logical IP address that is used for network management, as well as other purposes. It is typically configured as a host address (with a 32 bit subnet mask). Avaya recommends that the OSPF Router ID be set to the configured circuitless IP address. By default, the BGP Router ID is automatically equivalent to the OSPF Router ID. For information about configuring CLIP interfaces, see Avaya Ethernet Routing Switch 8800/8600 Configuration IP Routing, NN BGP and IP VPN IP VPN is used to provide Virtual Private Networks (VPNs) using the Avaya Ethernet Routing Switch 8800/8600 platform. There are three major components used to implement IP VPN on the Ethernet Routing Switch 8800/8600: MultiProtocol Label Switching (MPLS), Virtual Router Forwarding Lite (VRF Lite), and Multiprotocol Internal Border Gateway Protocol (MP-iBGP). RFC 4364 defines BGP extensions to distribute the VPN/VRF routing information using the control plane, and defines MPLS for packet transportation. Multiple VPN sites can be connected using IP VPN in enterprise or carrier-managed networks. To enable an RFC 4364 VPN network, four major network components are required: the VPN site, the Customer Edge (CE) router, the Provider Edge (PE) router, and the Provider (P) core router (see the following figure). October 2014 Configuration BGP Services 35

36 BGP fundamentals Figure 16: IP VPN network A CE device resides in a VPN site and connects to a PE router. The CE allows the VPN site access to remote VPN sites that belong to the same VPN. A PE router attaches to one or more CE devices and peers using IBGP with at least one other PE node. A PE node provides remote access to other VPNs that are locally supported by a PE, and keeps track of all VPN routing information which it learns both locally and remotely. It also acts as Label Edge Router (LER), which terminates an LSP tunnel used to forward traffic to other PE nodes. A P router provides IGP connectivity between PE nodes. It is not connected to any CE device and has no knowledge of VPN routes. PE routers use BGP to distribute VPN routes to each other. Each VPN can have its own address space. This means that the same address can be used in any number of VPNs, where in each VPN, the address denotes a different system. If two sites of a VPN attach to PE routers in the same AS, the PE routers can distribute VPN-IPv4 routes to each other by means of an IBGP connection between them. Alternatively, each can have an IBGP connection to a route reflector. For information about IP VPN, and BGP configuration for IP VPN, see Avaya Ethernet Routing Switch 8800/8600 Configuration IP VPN, NN For information about MPLS, see Avaya Ethernet Routing Switch 8800/8600 Configuration MPLS Services, NN BGP IP VPN parameters Several BGP parameters are required to support IP VPN. These are briefly described in the following sections. For more information, see Avaya Ethernet Routing Switch 8800/8600 Configuration IP VPN, NN IP VPN requires the Premier Routing License. For information about licensing, see Avaya Ethernet Routing Switch 8800/8600 Administration, NN Configuration BGP Services October 2014

37 BGP and IP VPN Site of origin The site of origin uniquely identifies the site from which the PE router learned the route. All routes learned from a particular site must be assigned the same Site of Origin, even if a site is multiplyconnected to a single PE, or is connected to multiple PEs. Different Site of Origin parameters must be used for distinct sites. The site of origin parameter can be used to prevent routing loops. In some cases, this parameter can be used to ensure that a route learned from a particular site through a particular PE/CE connection is not distributed back to the site through a different PE/CE connection. It is particularly useful if BGP is used as the PE/CE protocol, but different sites have not been assigned distinct AS numbers. Route distinguishers Route distinguishers (RD) are part of the mechanism that converts non-unique IP addresses into globally unique addresses VPNs connect private networks that can use private and public addresses. Different systems within different VPNs can have private addresses that overlap with each other. BGP assumes all addresses it advertises and receives are globally unique addresses. An RD differentiates between systems so that BGP views them as two different systems. The RD is an eight-byte value used to prefix the IPv4 address, which forms a VPN-IPv4 address that uniquely identifies the same private IPv4 addresses that belong to different VPNs. Route targets Route targets are a form of policy which identifies a set of sites within a VPN. Route targets control the distribution of VPN-IPv4 routes. When a route is learned from another PE, the import route target identifies which VRF for which the route is destined. When a route is announced to another PE, the Export route targets, which are associated with the VRF from which the route was learned, is encoded with the route. A route target is an eight-byte field encoded in the EXTENDED_COMMUNITY path attribute of the UPDATE message. The first two bytes encode the Type, and the other six bytes encode the. When comparing route targets, all eight bytes must be equal for the route targets to be considered equal. A route target consists of an administration field and an assigned number field. Import route targets are used by the ingress PE to identify which VPNs are associated with the routing information. Import route targets are configured for each VRF, and used by the PE to decide which routes should be distributed to each VRF. Import route targets and export route targets must be configured for a VRF using VRF import and export policies. Route refresh Because routes are subject to ingress filtering, routing information is lost for any VPN that is not configured on the PE router. If a VPN (for example, one of the import route targets that is configured for a VRF) is configured on the PE router, the router must relearn information it previously discarded that was tagged with that route target. Route refresh accomplishes the relearning of routes. A route October 2014 Configuration BGP Services 37

38 BGP fundamentals refresh request received by a BGP speaker causes the speaker to resend all route updates it contains in its database that are eligible for the peer that issues the request. To advertise the Route Refresh capability to a peer, a BGP speaker uses BGP Capabilities Advertisements. The advertisement conveys to a peer that the speaker can receive and properly handle ROUTE-REFRESH requests from the peer. The Ethernet Routing Switch 8800/8600 saves all VPN routes it receives from its BGP peer if that peer cannot use route refresh. If the BGP peer is route refresh capable, then the Ethernet Routing Switch 8800/8600 saves all VPN routes that belong to the VPNs that are configured on it. If the route refresh capability is negotiated with a peer, route information in a routing update is lost if none of the route targets that are received with the routing update matches with any of the import route targets in any VRF. IP VPN BGP route preference and selection For IP VPN routes learned through MP-BGP, the protocol is set to VPN-IPv4. When multiple routes from different protocols to the same destination are learned, the route preference determines the best route to the destination. The route preference for VPN-IPv4 is configurable and defaults to the default route preference for IBGP. Route selection rules are applied to incoming VPN routes as follows. If it exists, an inbound policy (a policy configured on an IBGP neighbor) is applied to the VPN routes. If the route is not denied by a policy, the Route Target (RT) in the route update is matched with the import route targets in the VRFs. If there is at least one matching RT found, the VPN route is stored. Routes with the same RD and prefix/mask use the following BGP route selection rules: - lowest group preference (configured on a BGP group-basis) - highest BGP local preference - shortest AS-PATH length - lowest AS-PATH origin - lowest MED - external/confederation over internal BGP - local route (learned from attached CEs, static routes, or attached subnets) - leaked route from a locally configured VRF instance - remote route through MP-BGP peer - lowest BGP ID - lowest peer address - lowest route distinguisher 38 Configuration BGP Services October 2014

39 BGP+ If a matching RT is not found, the decision about whether to store the VPN route is based on the route refresh capability information exchanged with the BGP peer. A route is imported to VRFs which have a matching import RT. In a VRF, VRF-level import policies are applied to the route. If a route is not denied by a policy, the route is added to the VRF IP route table if there is a MPLS tunnel established and available for the BGP next hop from which the route is learned. BGP+ Avaya Ethernet Routing Switch 8800/8600 extends the BGPv4 process to support the exchange of IPv6 routes using BGPv4 peering. BGP+ is an extension of BGPv4 for IPV6. Note that the Ethernet Routing Switch 8800/8600 BGP+ support is not an implementation of BGPv6. Native BGPv6 peering uses the IPv6 Transport layer (TCPv6 ) for establishing the BGPv6 peering, route exchanges, and data traffic. Native BGPv6 peering is not supported. Ethernet Routing Switch 8800/8600 supports the exchange of BGP+ reachability information over IPv4 transport. To support BGP+, the Ethernet Routing Switch supports two BGP protocol extensions, standards RFC 4760 (multi-protocol extensions to BGP) and RFC 2545 (MP-BGP for IPv6). These extensions allow BGPv4 peering to be enabled with IPv6 address family capabilities. The Ethernet Routing Switch 8800/8600 implementation of BGP+ uses an existing TCPv4 stack to establish a BGPv4 connection. Optional, nontransitive BGP properties are used to transfer IPv6 routes over the BGPv4 connection. Any BGP+ speaker has to maintain at least one IPv4 address to establish a BGPv4 connection. Different from IPv4, IPv6 introduces scoped unicast addresses, identifying whether the address is global or link-local. When BGP+ is used to convey IPv6 reachability information for inter-domain routing, it is sometimes necessary to announce a next hop attribute that consists of a global address and a link-local address. For BGP+, no distinction is made between global and site-local addresses. The BGP+ implementation includes support for BGPv6 policies, including redistributing BGPv6 into OSPFv3, and advertising OSPFv3, static, and local routes into BGPv6 (through BGP+). It also supports the aggregation of global unicast IPv6 addresses and partial HA. BGP+ does not support confederations. In this release, you can configure confederations for IPv4 routes only. The basic configuration of BGP+ is the same as BGPv4 with one additional parameter added and some existing commands altered to support IPv6 capabilities. You can enable and disable IPv6 route exchange by specifying the address family attribute as IPv6. Note that an IPv6 tunnel is required for the flow of IPv6 data traffic. BGP+ is only supported on the global VRF instance. BGP+ tunnel configurations When using the BGP+ functionality, additional configurations are needed to install the routes in the IPv6 RTM and for the IPv6 traffic originated from one IPv6 island to reach the other IPv6 island. October 2014 Configuration BGP Services 39

40 BGP fundamentals These are IPv6 tunnel and static route configurations specific to the BGP+ peers. For more information, see BGP+ tunnel configuration examples on page 163. Limitations BGP+ convergence in case of Split Multi-Link Trunk (SMLT) scenarios cannot be guaranteed. Avaya does not recommend to configure BGP peers between SMLT core routers or in between the core router and any switch connecting through SMLT links for the failover scenarios. BGP configuration considerations and limitations Use the information in this section to help you configure BGP on the Avaya Ethernet Routing Switch 8800/8600. The Ethernet Routing Switch 8800/8600 supports BGPv4 as described in RFC BGP implementation guidelines To successfully configure BGP, follow these guidelines: BGP will not operate with an IP router in nonforwarding (host-only) mode. Make sure that the routers you want BGP to operate with are in forwarding mode. If you are using BGP for a multihomed AS (one that contains more than a single exit point), Avaya recommends that you use OSPF for your IGP and BGP for your sole exterior gateway protocol, or use intra-as IBGP routing. If OSPF is the IGP, use the default OSPF tag construction. Using EGP or modifying the OSPF tags makes network administration and proper configuration of BGP path attributes difficult. For routers that support both BGP and OSPF, the OSPF router ID and the BGP identifier must be set to the same IP address. The BGP router ID automatically uses the OSPF router ID. In configurations where BGP speakers reside on routers that have multiple network connections over multiple IP interfaces (the typical case for IBGP speakers), consider using the address of the router's circuitless (virtual) IP interface as the local peer address. In this way, you ensure that BGP is reachable as long as there is an active circuit on the router. By default, BGP speakers do not advertise or inject routes into its IGP. You must configure route policies to enable route advertisement. Coordinate routing policies among all BGP speakers within an AS so that every BGP border router within an AS constructs the same path attributes for an external path. Configure accept and announce policies on all IBGP connections to accept and propagate all routes. Make consistent routing policy decisions on external BGP connections. The 4-byte AS number feature does not support BGP IPv6 native peering. 40 Configuration BGP Services October 2014

41 BGP configuration considerations and limitations When a new peer (4-byte AS number) has to communicate with an old peer (2-byte AS number), you have to assign a 2-byte AS number to the new peer. This 2-byte number can be any globally unique AS number or AS_TRANS. Configuration guidelines On the Avaya Ethernet Routing Switch 8800/8600, you must configure the following minimum parameters: Router ID Local AS Number Enable BGP globally BGP Neighbor Peer Session: remote IP addresses Enable BGP peer When running both BGP and OSPF, the OSPF and BGP Router ID must be the same. The Router ID must be a valid IP address of an IP interface on the router or a circuitless IP (CLIP) address. This IP address is used in BGP Update messages. By default, the BGP Router ID automatically uses the OSPF Router ID. You cannot configure the BGP Router ID if you configure BGP before you have configured the OSPF Router ID. You must first disable BGP, and then enable BGP globally. BGP policies can be added to the BGP peer configuration to influence route decisions. BGP policies are applied to the peer through the CLI and ACLI soft-reconfiguration commands. Make sure that you define AS numbers in policies the same way that you configure them for the router. The choices are asplain (regular expression) or asdot (dot notation). If you create policies using asplain and configure the switch with asdot, the match will not occur. After the Ethernet Routing Switch 8800/8600 is configured for BGP, some parameter changes may require the BGP global state or the neighbor admin-state to be disabled or enabled. BGP policies are dynamically modified. On the global level, the BGP redistribution command has an apply parameter that causes the policy to be applied when it is issued. BGP neighbor Maximum Prefix configuration By default, the Maximum Prefix parameter is set to limit network layer reachability information (NLRI) messages per neighbor. The Maximum Prefix parameter limits the number of routes that the Avaya Ethernet Routing Switch 8800/8600 can accept. The Maximum Prefix parameter prevents large numbers of BGP routes from flooding the network in the event of a misconfiguration. You can configure the Maximum Prefix limit to any value, including 0 (0 means unlimited routes). When you configure the Maximum Prefix value, consider the maximum number of active routes that your equipment configuration can support. October 2014 Configuration BGP Services 41

42 BGP fundamentals BGP and OSPF interaction RFC 1745 defines the interaction between BGP and OSPF when OSPF is the IGP within an autonomous system. For routers running both protocols, the OSPF router ID and the BGP ID must be the same IP address. Interaction between BGPv4 and OSPF includes the ability to advertise supernets to support classless interdomain routing (CIDR). BGPv4 supports interdomain supernet advertisements; OSPF can carry supernet advertisements within a routing domain. 42 Configuration BGP Services October 2014

43 Chapter 4: BGP configuration using Enterprise Device Manager Configure Border Gateway Protocol (BGP) to create an interdomain routing system that guarantees loop-free routing information between autonomous systems. The Avaya Ethernet Routing Switch 8800/8600 supports BGP with IPv4 and IPv6 networks. Most of the IPv4 BGP configuration tabs are applicable to BGP+ as well. Some BGP+ tabs are also provided for the presentation of IPv6-specific information. When using the BGP+ functionality, additional configurations are needed to install the routes in the IPv6 RTM and for the IPv6 traffic originated from one IPv6 island to reach the other IPv6 island. These are IPv6 tunnel and static route configurations specific to the BGP+ peers. For more information, see BGP+ tunnel configuration examples on page 163. Logging in to a VRF instance Log in to a particular VRF instance to view and configure parameters for that VRF. BGP+ only supports the GlobalRouter VRF instance. Procedure steps 1. In your browser, enter the switch IP. 2. In the User Name field, enter your user name. 3. In the Password field, enter your password. 4. Click Log On.The EDM default Global Router VRF (vrf 0) view loads. Perform the following steps if you need to change the VRF context view: 5. From the navigation tree, open the following folders: Configuration > VRF Context view. 6. Click Set VRF Context view. 7. Select a VRF Context view, and click Launch VRF Context view. October 2014 Configuration BGP Services 43

44 BGP configuration using Enterprise Device Manager Configuring BGP globally Enable BGP so that BGP runs on the router. Configure general BGP parameters to define how BGP operates on the system. This procedure applies for BGP+ as well as for IPv4 BGP. Prerequisites To configure BGP on a specific VRF instance, login to the required VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. If you must configure the BGP Router ID, use the CLI or ACLI. You cannot configure the BGP Router ID using Enterprise Device Manager. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click BGP. 3. To enable the BGP AdminStatus, select enable. 4. Configure the LocalAs ID. 5. In Aggregate, enable or disable route aggregation as required. 6. Configure the remaining BGP options as required. 7. Configure BGP confederations as required. 8. Configure BGP route reflectors as required. 9. In the IP-VPN section, enable or disable RouteRefresh as required. 10. Click Apply. definitions Use the data in the following table to configure general BGP parameters. bgpversion bgpidentifier Specifies the version of BGP that operates on the router. Specifies the BGP router ID number. The default value is , but if BGP is enabled without changing this value, the OSPF router ID is used. 44 Configuration BGP Services October 2014

45 Configuring BGP globally AdminStatus LocalAs 4ByteAs NewLocalAs AsDot Aggregate DefaultMetric DefaultLocalPreference DefaultInformationOriginate DefaultInformationOriginateIPv6 AlwaysCompareMed Enables or disables BGP on the router. The default is disable. You cannot enable AdminStatus until you change the LocalAS value to a nonzero value. Sets the local autonomous system (AS) number. You cannot change this field when AdminStatus is set to enable. This field sets a 2-byte local AS number in the range from 1 to To set a 4-byte local AS number, click enable in the 4ByteAs field and enter a number in the NewLocalAs field. Attention: This parameter is not supported with BGP+. Enables or disables the switch from using 4 byte numbers for autonomous systems. Specifies the 4-byte local AS number in octets. You cannot change this field when AdminStatus is set to enable. To set a 4-byte local AS number, enable the 4ByteAs field and enter a number in the range of to If you enable AsDot, enter the AS number in octets in the range of 1.0 to Attention: This parameter is not supported with BGP+. Enables or disables representing AS numbers in octects. The default is disable so the switch uses the plain notation format. If you enable this field and the 4ByteAs field, enter the AS number in the NewLocalAs field. Attention: This parameter is not supported with BGP+. Enables or disables aggregation. The default is enable. You cannot change the value when BGP is enabled. Sets the metric sent to BGP neighbors. The Default Metric determines the cost of a route a neighbor uses. Use this parameter in conjunction with the redistribute parameters so that BGP uses the same metric for all redistributed routes. The default is -1. The range is -1 to Specifies the default local preference. The default is 100. The range is 0 to Enables or disables the redistribution of network into BGP. The default is disable. Enables or disables the redistribution of a default IPv6 network into BGP. The default is disable. Enables or disables the comparison of the multi-exit discriminator (MED) parameter for paths from neighbors in different ASs. A path with a lower MED is preferred over a path with a higher MED. The default is disable. October 2014 Configuration BGP Services 45

46 BGP configuration using Enterprise Device Manager DeterministicMed AutoPeerRestart AutoSummary NoMedPathIsWorst BestPathMedConfed DebugMask IgnoreIllegalRouterId Synchronization MaxEqualcostRoutes Enables or disables deterministic MED. Deterministic MED compares the MEDs when routes advertised by different peers in the same AS are chosen. The default is disable. Enables or disables the process that automatically restarts a connection to a BGP neighbor. The default is enable. Attention: Because the switch does not support IPv6 BGP peers, this parameter does not support IPv6 peers. Enables or disables automatic summarization. When enabled, BGP summarizes networks based on class limits (for example, Class A, B, or C networks). The default is enable. Enables or disables NoMedPathIsWorst. When set to enable (default), BGP treats an update that is missing a MED attribute as the worst path. Enables or disables the comparison of MED attributes within a confederation. The default is disable. Displays the specified debug information for BGP global configurations. The default value is none. none disables all debug messages. all enables all debug messages. error enables the display of debug error messages. packet enables the display of debug packet messages. event enables the display of debug event messages. trace enables the display of debug trace messages. warning enables the display of debug warning messages. state enables display of debug state transition messages. init enables the display of debug initialization messages. filter enables the display of debug messages related to filtering. update enables display of debug messages related to updates transmission and reception. Enables BGP to overlook an illegal router ID. For example, it enables the acceptance of a connection from a peer that sends an open message using a router ID of 0. The default is enable. Enables or disables the router to accept routes from ibgp peers without waiting for an update from the IGP. The default is enable. Sets the maximum number of equal-cost-paths that are available to a BGP router by limiting the number of equal-cost-paths that can be stored in the routing table. The default value is 1; the range is 1 to Configuration BGP Services October 2014

47 Configuring 4-byte AS numbers IbgpReportImportRoute FlapDampEnable QuickStart TrapEnable ConfederationIdentifier ConfederationPeers RouteReflectionEnable RouteReflectorClusterId ReflectorClientToClientReflection RouteRefresh Configures BGP to report imported routes to an interior BGP (IBGP) peer. This command also enables or disables reporting of non-bgp imported routes to other IBGP neighbors. The default is enable. Enables or disables route suppression for routes that go up and down (flap). The default is disable. This parameter is not supported with BGP+. Enables or disables the Quick Start feature, which forces the BGP speaker to begin establishing peers immediately, instead of waiting for the peer's auto-restart timer to expire. The default is disable. Enables or disables BGP traps. Specifies a BGP confederation identifier in the range of 0 to The default is 0. Lists adjoining ASs that are part of the confederation in the format (5500,65535,0,10,...,...). The default is none. Enables or disables the reflection of routes from IBGP neighbors. The default is enable. Sets a reflector cluster ID IP address. This option applies only if RouteReflectionEnable is set to enable, and if multiple route reflectors are in a cluster. The default value is Enables or disables route reflection between two route reflector clients. This option applies only if RouteReflectionEnable is set to enable. The default is enable. Enables or disables IP VPN Route Refresh for BGP. The default is disable. If enabled, a route refresh request received by a BGP speaker causes the speaker to resend all route updates it contains in its database that are eligible for the peer that issues the request. This parameter is not supported with BGP+. Configuring 4-byte AS numbers Configure AS numbers using the 4-byte format and represent the numbers in octets. This procedure does not apply for BGP+. Prerequisites To configure BGP on a specific VRF instance, login to the required VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. October 2014 Configuration BGP Services 47

48 BGP configuration using Enterprise Device Manager Make sure that you define AS numbers in policies the same way that you configure them for the router. The choices are asplain (regular expression) or asdot (dot notation). If you create policies using asplain and configure the switch with asdot, the match will not occur. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click BGP. 3. To change the AS number format, first disable AdminStatus. 4. Enable 4-byteAs. 5. Enable AsDotFormat. 6. Enter the 4-byte AS number in octets in the LocalAs field. 7. Set AdminStatus to enable. 8. Click Apply. definitions Use the data in the following table to configure AS parameters. LocalAs 4ByteAs NewLocalAs AsDot Sets the local autonomous system (AS) number. You cannot change this field when AdminStatus is set to enable. This field sets a 2-byte local AS number in the range from 1 to To set a 4-byte local AS number, click enable in the 4ByteAs field and enter a number in the NewLocalAs field. Attention: This parameter is not supported with BGP+. Enables or disables the switch from using 4 byte numbers for autonomous systems. Specifies the 4-byte local AS number in octets. You cannot change this field when AdminStatus is set to enable. To set a 4-byte local AS number, enable the 4ByteAs field and enter a number in the range of to If you enable AsDot, enter the AS number in octets in the range of 1.0 to Attention: This parameter is not supported with BGP+. Enables or disables representing AS numbers in octects. The default is disable so the switch uses the plain notation format. If you enable this field and the 4ByteAs field, enter the AS number in the NewLocalAs field. Attention: This parameter is not supported with BGP+. 48 Configuration BGP Services October 2014

49 Configuring aggregate routes Configuring aggregate routes Configure aggregate routes so that the router advertises a single route (aggregate route) that represents all destinations. Aggregate routes also reduce the size of routing tables. This procedure does not apply for IPv6 routes. Prerequisites Aggregate routes are enabled. You have determined the appropriate aggregate address and mask. If required, policies exist. To configure BGP on a specific VRF instance, login to the VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click BGP. 3. Click the Aggregates tab. 4. Click Insert. 5. Configure the aggregate Address and PrefixLen. 6. Configure AsSetGenerate and SummaryOnly as required. 7. Configure policies for the aggregate route. 8. Click Insert. definitions Use the data in the following table to configure aggregate routes. Address PrefixLen AsSetGenerate SummaryOnly Specifies the aggregate address. The default is none. Specifies the aggregate prefix length. The default is none. Enables or disables AS-SET path information generation. The default is disable. Enables or disables the summarization of routes in routing updates. Enabling this parameter creates the aggregate route and October 2014 Configuration BGP Services 49

50 BGP configuration using Enterprise Device Manager SuppressPolicy AdvertisePolicy AttributePolicy suppresses advertisements of more-specific routes to all neighbors. The default is disable. Specifies the route policy (by name) used for the suppressed route list. Enabling this parameter creates the aggregate route and suppresses advertisements of the specified routes. The default is none. Specifies the route policy (by name) used for route advertisements. The route policy selects the routes that create AS-SET origin communities. The default is none. Specifies the route policy (by name) used to determine aggregate route attributes. The default is none. Configuring aggregate IPv6 routes Configure IPv6 aggregate routes so that the router advertises a single route (aggregate route) that represents all destinations. Aggregate routes also reduce the size of routing tables. Prerequisites Aggregate routes are enabled. You have determined the appropriate aggregate prefix and length. If required, policies exist. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IPv6. 2. Click BGP+. 3. Click the Aggregates tab. 4. Click Insert. 5. Specify the aggregate Address and PrefixLen. 6. Configure AsSetGenerate and SummaryOnly as required. 7. Configure policies for the aggregate route. 8. Click Insert. 50 Configuration BGP Services October 2014

51 Configuring allowed networks definitions Use the data in the following table to configure aggregate routes. Address PrefixLen AsSetGenerate SummaryOnly SuppressPolicy AdvertisePolicy AttributePolicy Specifies the aggregate address. The default is none. Specifies the aggregate prefix length. The default is none. Enables or disables AS-SET path information generation. The default is disable. Enables or disables the summarization of routes in routing updates. Enabling this parameter creates the aggregate route and suppresses advertisements of more-specific routes to all neighbors. The default is disable. Specifies the route policy (by name) used for the suppressed route list. Enabling this parameter creates the aggregate route and suppresses advertisements of the specified routes. The default is none. Specifies the route policy (by name) used for route advertisements. The route policy selects the routes that create AS-SET origin communities. The default is none. Specifies the route policy (by name) used to determine aggregate route attributes. The default is none. Configuring allowed networks Configure network addresses to determine the network addresses that BGP advertises. The allowed addresses determine the BGP networks that originate from the Avaya Ethernet Routing Switch 8800/8600. This procedure does not apply for IPv6 networks. Prerequisites To configure BGP on a specific VRF instance, login to the VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click BGP. October 2014 Configuration BGP Services 51

52 BGP configuration using Enterprise Device Manager 3. Click the Network tab. 4. Click Insert. 5. Configure the network address, prefix length, and metric. 6. Click Insert. definitions Use the data in the following table to configure network addresses. NetworkAfAddr NetworkAfPrefixLen NetworkAfMetric Specifies the network prefix that BGP advertises. The default is none. Specifies the network prefix length. The default is none. Specifies the metric used when an update is sent for the routes in the network table. The metric configures the MED for the routes advertised to EBGP peers. The range is 0 to The default is 0. Configuring allowed IPv6 networks Configure IPv6 network addresses to determine the network addresses that BGP advertises. The allowed addresses determine the BGP networks that originate from the Avaya Ethernet Routing Switch 8800/8600. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IPv6. 2. Click BGP+. 3. Click the Network tab. 4. Click Insert. 5. Configure the network address, prefix length, and metric. 6. Click Insert. definitions Use the data in the following table to configure network addresses. 52 Configuration BGP Services October 2014

53 Configuring BGP peers NetworkAfAddr NetworkAfPrefixLen NetworkAfMetric Specifies the network prefix that BGP advertises. The default is none. Specifies the network prefix length. The default is none. Specifies the metric used when an update is sent for the routes in the network table. The metric configures the MED for the routes advertised to EBGP peers. The range is 0 to The default is 0. Configuring BGP peers Create new peer configurations to join peers to a specified subscriber group. With BGP+, the peers must be IPv4 peers. Prerequisites To configure BGP on a specific VRF instance, login to the VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click BGP. 3. Click the Peers tab. 4. Click Insert. 5. Configure the peer as required. 6. Click Insert. 7. Enable the new peer. In the Peers tab, in the Enable column, select enable. By default, new peer configuration parameters are set to disable. 8. Click Apply. 9. To modify a peer, click the parameter and select a new value. Some parameters, like BfdEnable, can only be configured after the peer is created. definitions Use the data in the following table to create new peer configurations. October 2014 Configuration BGP Services 53

54 BGP configuration using Enterprise Device Manager RemoteAddr GroupName PeerState RemoteAs Enable EbgpMultiHop RoutePolicyIn RoutePolicyOut RemovePrivateAs UpdateSourceInterface ConnectRetryInterval HoldTimeConfigured KeepAliveConfigured Specifies the IP address of this peer or subscriber group. The default is none. (Peer creation is not possible without a remote address.) Specifies the peer group name to which this peer belongs (optional). The default is none. Specifies the BGP peer connection state: idle, connect, active, opensent, openconfirm, or established. Configures a remote AS number for the peer or peer-group in the range 0 to The default is 0. Controls whether the peer connection is enabled or disabled. The default is disabled. Enables or disables a connection to a BGP peer that is more than one hop away from the local router. The default value is disable. Specifies the route policy that applies to all IPv4 networks learned from this peer. The default value is none. To remove a route policy, click under the RoutePolicyIn column, hit Ctrl and highlight the policy to remove, and click OK. Specifies the route policy that applies to all outgoing IPv4 updates to this peer. The default value is none. To remove a route policy, click under the RoutePolicyOut column, hit Ctrl and highlight the policy to remove, and click OK. Strips (when enabled) private AS numbers when the switch sends an update. The default is enable. Specifies the IP address to be used as the Circuitless IP. Applicable only for ibgp connections. Specifies the time interval (in seconds) for the ConnectRetry timer. The suggested value for this timer is 120 seconds (the default). Specifies the time interval (in seconds) for the Hold Timefor this BGP speaker with this peer. This value is placed in an OPENmessage sent to this peer by this BGP speaker, and is compared withthe HoldTime in an OPEN message received from the peer when the switchdetermines the Hold Time with the peer. The HoldTime must be at leastthree seconds. if it is zero, the Hold Time is not to be establishedwith the peer. The suggested value for this timer is 90 seconds. Thedefault is 180 seconds. Specifies the time interval (in seconds) for the KeepAlivetimer configured for this BGP speaker with this peer. KeepAliveConfigureddetermines the KEEPALIVE messages frequency relative to HoldTimeConfigured;the actual time interval for the KEEPALIVE messages is indicated bykeepalive. The recommended maximum value for this timer is one-thirdof HoldTimeConfigured. If KeepAliveConfigured is zero, no periodickeepalive messages are sent to the peer after the BGP connection isestablished. The suggested value for this timer is 30 seconds. Thedefault is Configuration BGP Services October 2014

55 Configuring BGP peers MD5Authentication AdvertisementInterval DefaultOriginate DefaultOriginateIpv6 Weight MaxPrefix NextHopSelf RouteReflectorClient SoftReconfigurationIn DebugMask Enables and disables MD5 authentication. The default is disable. Specifies the time interval (in seconds) that elapses between each transmission of an advertisement from a BGP neighbor. The default value is 30 seconds and the range is 5 to 120 seconds. When enabled, allows the local router to send the default IPv4 route to the neighbor for use as a default route. The default value is disable. When enabled, allows the local router to send the default IPv6 route to the neighbor for use as a default route. The default value is disable. Specifies this peer's or peer groups' weight, or the priority of updates that can be received from this BGP peer. The default value is 100 and the range is 0 to Sets a limit on the number of routes that are accepted from a neighbor. The default value is routes and the range is 0 to means there is no limit to the number of routes that are accepted. Specifies that the next-hop attribute in an IBGP update is the address of the local router or the router that generates the IBGP update. The default is false. Specifies that this peer is a route reflector client. The default is false. When enabled, the router relearns routes from the specified neighbor or group of neighbors without resetting the connection when the policy changes in the inbound direction. The default value is enable. Enabling SoftReconfigurationIn causes all BGP routes to be stored in local memory (even non-best routes). Displays the specified debug information for the BGP peer. The default value is none. none disables all debug messages. all enables all debug messages. error enables the display of debug error messages. packet enables the display of debug packet messages. event enables the display of debug event messages. trace enables the display of debug trace messages. warning enables the display of debug warning messages. state enables display of debug state transition messages. init enables the display of debug initialization messages. filter enables the display of debug messages related to filtering. October 2014 Configuration BGP Services 55

56 BGP configuration using Enterprise Device Manager SendCommunity Vpnv4Address IpvpnLiteCap Ipv6Cap RouteRefresh AsOverride AllowAsIn Ipv6RoutePolicyIn Ipv6RoutePolicyOut BfdEnable update enables display of debug messages related to updates transmission and reception. Enables or disables sending the update message's community attribute to the specified peer. The default value is disable. Enables BGP address families for IPv4 (BGP) and L3 VPN (MP-BGP) support. Enable this parameter for VPN/VRF Lite routes. The default is disable. Specifies (when enabled) that IP VPN Lite capability can be enabled or disabled on the BGP neighbor peer. The default is disable. Specifies (when enabled) that IPv6capability can be enabled or disabled on the BGP neighbor peer. The default is disable. Configures a route refresh for the BGP peer. Specifies that the AS Override parameter can be enabled or disabled for the BGP peer. The default is disable. Specifies the number of AS-in allowed for the BGP peer. The range is 0 to 10. The default is 0. Specifies the route policy that applies to all IPv6 networks learned from this peer. The default value is none. To remove a route policy, click under the Ipv6RoutePolicyIn column, hit Ctrl and highlight the policy to remove, and click OK. Specifies the route policy that applies to all outgoing IPv6 updates to this peer. The default value is none. To remove a route policy, click under the Ipv6RoutePolicyOut column, hit Ctrl and highlight the policy to remove, and click OK. Enables Bidirectional Forwarding Detection (BFD) on this BGP peer. The default is disable. Configuring peer groups Configure or edit peer groups when setting update policies for neighbors in the same group. This procedure applies for BGP+ as well as for IPv4 BGP. Prerequisites To configure BGP on a specific VRF instance, login to the VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. 56 Configuration BGP Services October 2014

57 Configuring peer groups Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click BGP. 3. Click the Peer Groups tab. You can modify a parameter by clicking the parameter. 4. Click Insert. 5. Use the following variable definitions table to configure the peer group as required. 6. Click Insert. 7. Enable the new peer group. In the Peer Groups tab, in the Enable column, select enable. 8. Click Apply. definitions Use the data in the following table to configure or edit peer groups Index Specifies the index of this peer group. The range is 1 to GroupName Enable RemoteAs DefaultOriginate EbgpMultiHop AdvertisementInterval KeepAlive HoldTime Specifies the peer group to which this neighbor belongs. The default value is none. (Peer group creation is not possible without a name) Enables or disables the peer group. The default value is disable. Configures a remote AS number for the peer-group in the range 0 to The default value is 0. When enabled, allows the local router to send the default IPv4 route to the neighbors in that peer group for use as a default route. The default value is disable. When enabled, allows the local router to send the default IPv6 route to the neighbors in that peer-group for use as a default route. The default value is disable. Specifies the time interval (in seconds) that elapses between BGP routing updates. The default value is 30 seconds and the range is 1 to 120 seconds. Specifies the time interval (in seconds) between sent BGP keep alive messages to remote peers. The range is 1 to and the default value is 60. Configures the hold time for the group of peers in seconds. The suggested value is three times the value of the KeepAlive time. The range is 3 to and the default value is 180. October 2014 Configuration BGP Services 57

58 BGP configuration using Enterprise Device Manager Weight MaxPrefix NextHopSelf RoutePolicyIn RoutePolicyOut RouteReflectorClient SoftReconfigurationIn MD5Authentication RemovePrivateAs SendCommunity Vpnv4Address IpvpnLiteCap Assigns an absolute weight to a BGP network. The default value is 100 and the range is 0 to Specifies the limit on the number of routes that is accepted from this group of neighbors. A value of zero indicates no limit The default value is routes and the range is 0 to Specifies that the switch must set the NextHop attribute to the local router address before it sends updates to remote peers. The default value is false. Specifies the route policy that applies to all IPv4 networks learned from this group of peers. The default value is none. To remove a route policy, click under the RoutePolicyIn column, hit Ctrl and highlight the policy to remove, and click OK. Specifies the route policy that applies to all outgoing IPv4 updates to this group of peers. The default value is none. To remove a route policy, click under the RoutePolicyOut column, hit Ctrl and highlight the policy to remove, and click OK. Specifies that peers in this group are route reflector clients. The default value is false. When enabled, the router relearns routes from the specified neighbor or group of neighbors without resetting the connection when the policy changes in the inbound direction. The default value is enable. Enabling SoftReconfigurationIn causes all BGP routes to be stored in local memory (even non-best routes). Enables and disables MD5 authentication. The default is disable. Strips (when enabled) private AS numbers when the switch sends an update. The default is enable. Enables or disables sending the update message's community attribute to the specified peer group. The default value is disable. Specifies the VPNv4 routes. Enable this parameter for VPN/VRF Lite routes. The default is disable. Specifies (when enabled) that IP VPN Lite capability can be enabled or disabled on the BGP neighbor peer group. The default is disable. SooAddress Specifies the site of origin (SOO) IP address. The default is SooAsNumber SooAssignedNum SooType RouteRefresh Specifies the AS number for the SOO for the BGP peer group. The range is 0 to The default is 0. Specifies the assigned number required, along with the AS number or address, to configure the SOO for the BGP peer group. The range is 0 to The default is 0. Specifies the SOO type as an AS number or IP address. The default is none. Enables or disables IP VPN Route Refresh for the BGP peer group. If enabled, a route refresh request received by a BGP speaker causes 58 Configuration BGP Services October 2014

59 Viewing BGP summary route information AsOverride AllowAsIn DefaultOriginateIpv6 UpdateSourceInterface Ipv6Cap Ipv6RoutePolicyIn Ipv6RoutePolicyOut the speaker to resend all route updates it contains in its database that are eligible for the peer that issues the request. The default is disable. Specifies that the AS Override parameter can be enabled or disabled for the BGP peer group. The default is disable. Specifies the number of AS-in allowed for the BGP peer group. The range is 1 to 10. The default is 0. When enabled, allows the local router to send the default IPv6 route to a group of neighbors for use as a default route. The default value is disable. The Inet address to use for circuitless IP for this peer group. When enabled, specifies that the ipv6 capability can be enabled or disabled on the BGP neighbor peer group. The default value is disable. Specifies the route policy that applies to all IPv6 networks learned from this group of peers. The default value is none. To remove a route policy, click under the Ipv6RoutePolicyIn column, hit Ctrl and highlight the policy to remove, and click OK. Specifies the route policy that applies to all outgoing IPv6 updates to this group of peers. The default value is none. To remove a route policy, click under the Ipv6RoutePolicyOut column, hit Ctrl and highlight the policy to remove, and click OK. Viewing BGP summary route information You can display current BGP route information. This procedure does not apply for IPv6 routes. Prerequisites To configure BGP on a specific VRF instance, login to the VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click BGP. 3. Click the Bgp Route Summary tab. October 2014 Configuration BGP Services 59

60 BGP configuration using Enterprise Device Manager definitions Use the data in the following table to understand BGP route information. Prefix PrefixLen LocalAddr RemoteAddr Specifies the IP address prefix in the Network Layer Reachability Information (NLRI) field. This is an IP address that contains the prefix with a length specified by IpAddrPrefixLen. Any bits beyond the length specified by IpAddrPrefixLen are set to zero. Specifies the length, in bits, of the IP address prefix in the NLRI field. The local address of this entry's BGP connection. Specifies the IP address of the peer from which path information was learned. Viewing IPv6 BGP+ summary route information You can display current IPv6 BGP+ route information. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IPv6. 2. Click BGP+. 3. Click the Bgp Route Summary tab. definitions Use the data in the following table to understand BGP route information. Prefix PrefixLen LocalAddr Specifies the IP address prefix in the Network Layer Reachability Information (NLRI) field. This is an IP address that contains the prefix with a length specified by IpAddrPrefixLen. Any bits beyond the length specified by IpAddrPrefixLen are set to zero. Specifies the length, in bits, of the IP address prefix in the NLRI field. The local address of this entry's BGP connection. 60 Configuration BGP Services October 2014

61 Displaying dampened routes information RemoteAddr Specifies the IP address of the peer from which path information was learned. Displaying dampened routes information You can view dampened path information to see which routes are suppressed. This procedure does not apply for IPv6 routes. Prerequisites To configure BGP on a specific VRF instance, login to the VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. Dampened routes must be enabled for the data to be up-to-date (Generals tab, FlapDampEnable option). Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click BGP. 3. Click the Dampened Routes tab. definitions Use the data in the following table to understand dampened path information. IpAddrPrefix IpAddrPrefixLen Peer FlapPenalty FlapCount Specifies the IP address prefix in the Network Layer Reachability Information (NLRI) field. This is an IP address that contains the prefix with a length specified by IpAddrPrefixLen. Any bits beyond the length specified by IpAddrPrefixLen are set to zero. Specifies the length, in bits, of the IP address prefix in the NLRI field. Specifies the IP address of the peer where the path information was learned. Specifies the penalty based on number of route flaps. Specifies the number of times a route flapped (went down and came up) since the last time the penalty was reset to zero. October 2014 Configuration BGP Services 61

62 BGP configuration using Enterprise Device Manager RouteDampened ReuseTime Indicates whether this route is suppressed or announced. Specifies the system-configured time for route reuse. Configuring redistribution to BGP for VRF 0 Configure redistribute entries for BGP to announce routes of a certain source type to BGP, for example, direct, static, RIP, and OSPF. If a route policy is not configured, then the switch uses the default action based on metric, metric type, and subnet. Use a route policy to perform detailed redistribution. For more information about route redistribution using the IP, Policy, Route Redistribution tab, see Avaya Ethernet Routing Switch 8800/8600 Configuration IP Routing, NN Prerequisites To configure BGP on a specific VRF instance, login to the VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. If required, a route policy exists. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click BGP. 3. Click the Redistribute tab. 4. Click Insert. 5. Configure the source protocols. 6. If required, choose a route policy. 7. Configure the metric to apply to redistributed routes. 8. Enable the redistribution instance. 9. Click Insert. definitions Use the data in the following table to configure redistribute entries. 62 Configuration BGP Services October 2014

63 Configuring a prefix list DstVrfId Protocol SrcVrfId RouteSource Enable RoutePolicy Specifies the destination VRF instance (read-only). For the current release, only VRF 0 redistribution is supported. Specifies the protocols that receive the redistributed routes (bgp). Specifies the source VRF instance (read-only). For the current release, only VRF 0 redistribution is supported. Specifies the source protocol for the route redistribution entry: direct, static, rip, or direct. Enables (or disables) a BGP redistribute entry for a specified source type. The default is disable. Sets the route policy to be used for the detailed redistribution of external routes from a specified source into the BGP domain. The default is none. Metric Sets the metric for the redistributed route. The value can be a range between 0 to The default value is 0. Avaya recommends that you use a value that is consistent with the destination protocol. Configuring a prefix list Use prefix lists to allow or deny specific route updates. A prefix list policy specifies route prefixes to match. When there is a match, the route is used. This procedure does not apply for IPv6 BGP+. Prerequisites To configure a BGP prefix list on a specific VRF instance, login to the VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click Policy. 3. In the Prefix List tab, click Insert. 4. Edit the parameters as required. 5. Click Insert. October 2014 Configuration BGP Services 63

64 BGP configuration using Enterprise Device Manager definitions Use the data in the following table to use the Prefix List tab. Id Specifies the prefix list. The range is 0 to Prefix PrefixMaskLen Name MaskLenFrom MaskLenUpto Specifies the prefix IP address. Specifies the length of the prefix mask. You must enter the full 32-bit mask to exact a full match of a specific IP address (for example, when creating a policy to match the next-hop). Names a specified prefix list during the creation process or renames the specified prefix list. The name can be from 1 to 64 characters in length. Specifies the lower bound on the mask length. The default is the mask length. Lower bound and higher bound mask lengths together can define a range of networks. Specifies the higher bound mask length. The default is the mask length. Lower bound and higher bound mask lengths together can define a range of networks. Configuring an IPv6 prefix list Use IPv6 prefix lists to allow or deny specific route updates. A prefix list policy specifies route prefixes to match. When there is a match, the route is used. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IPv6. 2. Click Policy. 3. In the Prefix List tab, click Insert. 4. Edit the parameters as required. 5. Click Insert. definitions Use the data in the following table to use the Prefix List tab. 64 Configuration BGP Services October 2014

65 Configuring an AS path list Id Specifies the prefix list. The range is 0 to Prefix PrefixMaskLen Name MaskLenFrom MaskLenUpto Specifies the prefix IPv6 address. Specifies the length of the prefix mask. You must enter the full 128-bit mask to exact a full match of a specific IPv6 address (for example, when creating a policy to match the next-hop). Names a specified prefix list during the creation process or renames the specified prefix list. The name can be from 1 to 64 characters in length. Specifies the lower bound on the mask length. The default is the mask length. Lower bound and higher bound mask lengths together can define a range of networks. Specifies the higher bound mask length. The default is the mask length. Lower bound and higher bound mask lengths together can define a range of networks. Configuring an AS path list The As Path List is used with route policies and contains one or multiple AS path entries. Use an AS path list to restrict the routing information a router learns or advertises to and from a neighbor. The AS path list acts as a filter that matches AS paths. This procedure applies for IPv6 routes as well as for IPv4 routes. Prerequisites To configure a BGP AS path list on a specific VRF instance, login to the VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click Policy. 3. Click the As Path List tab. 4. Click Insert. 5. Enter the appropriate information for your configuration. 6. Click Insert. October 2014 Configuration BGP Services 65

66 BGP configuration using Enterprise Device Manager definitions Use the data in the following table to use the As Path List parameters. Id Specifies the AS Path list. The range is 0 to MemberId Mode AsRegularExpression Specifies the AS Path Access List member ID. The range is 0 to Specifies the action to be taken when a policy is selected for a specific route. Select permit (allow the route) or deny (ignore the route). The expression that is to be used for the AS path. Configuring a community access list The Community List is used with route policies and contains one or multiple Community List entries. Use community lists to specify permitted routes by using their BGP community. This list acts as a filter that matches communities or AS numbers. This procedure applies for IPv6 routes as well as for IPv4 routes. Prerequisites To configure a BGP community list on a specific VRF instance, login to the VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click Policy. 3. Click the Community List tab. 4. Click Insert. 5. Configure the list as required. 6. Click Insert. 66 Configuration BGP Services October 2014

67 Configuring an extended community list definitions Use the data in the following table to use the Community List tab. Id Specifies the Community List. The range is 0 to MemberId Mode Community Specifies the Community List member ID. The range is 0 to Specifies the action to be taken when a policy is selected for a specific route. Select permit (allow the route) or deny (ignore the route). Specifies the community access list community string. Configuring an extended community list The extended community list is used with route policies and contains one or multiple Community List entries. Use community lists to specify permitted routes by BGP extended community attributes, including route targets and sites of origin (SOO). This list acts as a filter that matches route targets and SOO. This procedure applies for IPv6 routes as well as for IPv4 routes. Prerequisites To configure a BGP extended community list on a specific VRF instance, login to the VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. Procedure steps 1. In the navigation tree, open the following folders: Configuration > IP. 2. Click Policy. 3. Click the Ext Community List tab. 4. Click Insert. 5. Configure the list as required. 6. Click Insert. October 2014 Configuration BGP Services 67

68 BGP configuration using Enterprise Device Manager definitions Use the data in the following table to use the Ext Community List tab. Id Specifies the extended community list. The range is 0 to MemberId RTType RTAddress RTAsNumber RTAssignedNum SooType SooAddress SooAsNumber SooAssignedNum VrfId Specifies the community list member ID. The range is 0 to Specifies the route target type for the extended community rule. The type can be: none, AS number, or IP address. Specifies the extended community IP address for the route target entry. Specifies the extended community AS number for the route target entry. The range is 0 to Specifies the extended community assigned number. The range is 0 to Specifies the SOO type for the extended community rule. Specifies the site of origin. Specifies the extended community AS number for the site of origin. The range is 0 to Specifies the extended community assigned number for the site of origin. The range is 0 to Specifies the VRF instance. 68 Configuration BGP Services October 2014

69 Chapter 5: BGP configuration using the CLI Configure BGP to create and maintain an interdomain routing system that guarantees loop-free routing information between autonomous systems. The Ethernet Routing Switch 8800/8600 supports BGP with IPv4 and IPv6 networks. Most IPv4 BGP configuration commands are applicable to BGP+ as well. When using the BGP+ functionality, additional configurations are needed to install the routes in the IPv6 RTM and for the IPv6 traffic originated from one IPv6 island to reach the other IPv6 island. These are IPv6 tunnel and static route configurations specific to the BGP+ peers. For more information, see BGP+ tunnel configuration examples on page 163. For information about configuring IP VPN with BGP, see Avaya Ethernet Routing Switch 8800/8600 Configuration IP VPN, NN For information about configuring route policies for BGP, see Avaya Ethernet Routing Switch 8800/8600 Configuration IP Routing, NN All information about statistics is moved to Avaya Ethernet Routing Switch 8800/8600 Performance Management, NN Job aid: Roadmap of BGP CLI commands The following roadmap lists all the BGP commands and their parameters. Use this list as a quick reference. Table 4: Job aid: Roadmap of BGP CLI commands Command config ip bgp Parameter aggregate-address <prefix/len> <add del> [as-set <value>] [summary-only <value>] [suppress-map <value>] [advertise-map <value>] [attribute-map <value>] aggregation <enable disable> always-cmp-med <enable disable> auto-peer-restart <enable disable> auto-summary <enable disable> cl-to-cl-reflection <enable disable> cluster-id <ipaddr> <add del> comp-bestpath-med-confed <enable disable> October 2014 Configuration BGP Services 69

70 BGP configuration using the CLI Command config ip bgp confederation config ip bgp neighbor <nbr_ipaddr peergroup-name> Parameter debug-screen [<settings>] default-local-pref <value> <add del> default-metric <value> <add del> deterministic-med <enable disable> disable enable flap-dampening <enable disable> global-debug mask <value> ibgp-report-import-rt <enable disable> ignore-illegal-rtrid <enable disable> info local-as <asnum> max-equalcost-routes <value> <enable disable> neighbor-debug-all mask <value> network <prefix/len> <add del> [metric <value>] no-med-path-is-worst <enable disable> orig-def-route <enable disable> quick-start <enable disable> restart route-reflection <enable disable> route-refresh <enable disable> router-id <ipaddr> stats-clear synchronization <enable disable> traps <enable disable> identifier <value> <add del> info peers <as-num-list> address-family {ipv6 vpnv4} <value> admin-state <enable disable> bfd<enable disable> connect-retry-interval <value> <add del> create delete 70 Configuration BGP Services October 2014

71 Job aid: Roadmap of BGP CLI commands Command config ip bgp redistribute apply config ip bgp redistribute <direct ospf rip static> config ip as-list <listid> Parameter ebgp-multihop <enable disable> hold-time <value> <add del> info ipvpn-lite-capability <enable disable> keepalive-time <value> <add del> max-prefix <value> <add del> MD5-authentication <enable disable> neighbor-debug mask <value> nexthop-self <enable disable> originate-def-route <enable disable> password <password> <add del> peer-group <peer-group name> <add del> remote-as <asnum> remove-private-as <enable disable> restart [soft-reconfiguration <value>] route-advertisement-interval <value> <add del> route-policy <in out> <route-map name> <add del> route-reflector-client <enable disable> route-refresh <enable disable> send-community <enable disable> soft-reconfiguration-in <enable disable> stats-clear update-source-interface <ipaddr> <add del> weight <value> <add del> apply [vrf-src <value>] create [vrf-src <value>] delete [vrf-src <value>] disable [vrf-src <value>] enable [vrf-src <value>] info [vrf-src <value>] metric <metric-value> [vrf-src <value>] route-policy <policy name> [vrf-src <value>] [clear] create <memberid> <permit deny> <as path> delete [<member-id>] [<as path>] info October 2014 Configuration BGP Services 71

72 BGP configuration using the CLI Command config ip community-list <listid> config ip extcommunity-list <listid> config ip prefix-list <listid> show ip bgp show ip bgp neighbor show ip extcommunity-list Parameter add-community <memberid> <permit deny> <community-string> delete info remove-community [memberid <value>] [community-string <value>] add-extcommunity <member-id> [rt <value] [soo <value>] delete info remove-extcommunity <member-id> add-prefix <ipaddr/mask> [masklenfrom <value>] [masklento <value>] delete info name <value> remove-prefix <ipaddr/mask> aggregates [<prefix/len>] [vrf <value>] [vrfids <value>] cidr-only [exact <value>] [vrf <value>] [vfids <value>] conf [vrf <value>] [vrfids <value>] dampened-paths <ipaddr> [<prefix>] [longer-prefixes] [vrf <value>] [vrfids <value>] flap-damp-config [exact <value>] [vrf <value>] [vrfids <value>] imported-routes [<prefix>] [longer-prefixes] [vrf <value>] [vrfids <value>] networks [exact <value>] [vrf <value>] [vrfids <value>] peer-group [<peer-group name>] [vrf <value>] [vrfids <value>] redistribution [exact <value>] [vrf <value>] [vrfids <value>] route [<prefix>] [longer-prefixes] [community <value>] [ip <value>] [vrf <value>] [vrfids <value>] route-vpnv4 [<prefix>] [longer-prefixes] [community] [ip <value>] [ext-community] [vrf <value>] [vrfids <value>] show-all [file <value>] [vrf <value>] [vrfids <value>] stats [vrf <value>] [vrfids <value>] summary [vrf <value>] [vrfids <value>] advertised-route <ipaddr> [<prefix>] [longer-prefixes] [vrf <value>] [vrfids <value>] info [<ipaddr>] [vrf <value>] [vrfids <value>] route <ipaddr> [<prefix>] [longer-prefixes] [community <value>] [vrf <value>] [vrfids <value>] stats <ipaddr> [vrf <value>] [vrfids <value>] route-vpnv4 <ipaddr> [prefix <value>] [longer-prefixes] [community <value>] [vrf <value>] [vrfids <value>] 72 Configuration BGP Services October 2014

73 Job aid: Roadmap of BGP+ CLI commands Command [<list-id>] [vrf <value>] [vrfids <value>] show port stats routing [port <value>] Parameter Job aid: Roadmap of BGP+ CLI commands Most of the existing BGP configurations are applicable to BGP+ for IPv6. BGP uses a router ID to identify BGP-speaking peers. The BGP router ID is 32-bit value that is often represented by an IPv4 address. By default, BGP sets the router ID to the IPv4 address of a loopback interface on the router. If no loopback interface is configured on the router, then the software chooses the highest IPv4 address configured on a physical interface on the router to represent the BGP router ID. If the router is configured only for IPv6 and has no IPv4 addresses, then you must manually configure the BGP router ID. The following roadmap lists all the BGP+ commands and their parameters. Use this list as a quick reference. BGP+ is supported only on the global router (VRF 0). Table 5: Job aid: Roadmap of BGP+ CLI commands Command config ip bgp Parameter aggregate-address <prefix/len> <add del> [as-set <value>] [summary-only <value>] [suppress-map <value>] [advertise-map <value>] [attribute-map <value>] aggregation <enable disable> always-cmp-med <enable disable> auto-peer-restart <enable disable> auto-summary <enable disable> cl-to-cl-reflection <enable disable> cluster-id <ipaddr> <add del> comp-bestpath-med-confed <enable disable> debug-screen [<settings>] default-local-pref <value> <add del> default-metric <value> <add del> deterministic-med <enable disable> disable enable global-debug mask <value> October 2014 Configuration BGP Services 73

74 BGP configuration using the CLI Command config ip bgp confederation config ip bgp neighbor <nbr_inetaddr peer-groupname> Parameter ibgp-report-import-rt <enable disable> ignore-illegal-rtrid <enable disable> info local-as <asnum> max-equalcost-routes <value> <enable disable> neighbor-debug-all mask <value> network <prefix/len> <add del> [metric <value>] no-med-path-is-worst <enable disable> orig-v6-def-route <enable disable> quick-start <enable disable> restart route-reflection <enable disable> router-id <ipaddr> stats-clear synchronization <enable disable> traps <enable disable> identifier <value> <add del> info peers <as-num-list> address-family ipv6 <enable disable> admin-state <enable disable> connect-retry-interval <value> <add del> create delete ebgp-multihop <enable disable> hold-time <value> <add del> info keepalive-time <value> <add del> max-prefix <value> <add del> neighbor-debug mask <value> nexthop-self <enable disable> originate-def-route <enable disable> peer-group <peer-group name> <add del> remote-as <asnum> remove-private-as <enable disable> 74 Configuration BGP Services October 2014

75 Job aid: Roadmap of BGP+ CLI commands Command config ip bgp redistribute <v6- direct ospfv3 v6-static> config ip as-list <listid> config ip community-list <listid> config ip extcommunity-list <listid> config ipv6 prefix-list <listid> show ip bgp show ipv6 bgp Parameter restart [soft-reconfiguration <value>] route-advertisement-interval <value> <add del> route-policy <in out> <route-map name> <add del> [ipv6] route-reflector-client <enable disable> send-community <enable disable> soft-reconfiguration-in <enable disable> stats-clear update-source-interface <ipaddr> <add del> weight <value> <add del> apply create delete disable enable info metric <metric-value> route-policy <policy name> [clear] create <memberid> <permit deny> <as path> delete [<member-id>] [<as path>] info add-community <memberid> <permit deny> <community-string> delete info remove-community [memberid <value>] [community-string <value>] add-extcommunity <member-id> [rt <value] [soo <value>] delete info remove-extcommunity <member-id> add-prefix <prefix/len> [masklenfrom <value>] [masklento <value>] delete info name <value> remove-prefix <prefix/len> conf peer-group [<peer-group name>] aggregates [<prefix/len>] October 2014 Configuration BGP Services 75

76 BGP configuration using the CLI Command show ip extcommunity-list [<list-id>] [vrf <value>] [vrfids <value>] show port stats routing [port <value>] Parameter imported-routes [<prefix>] [longer-prefixes] networks [exact <value>] redistribution [exact <value>] route [<prefix>] [longer-prefixes] [community <value>] [ip <value>] show-all [file <value>] Job aid: Roadmap of VRF Lite BGP CLI commands The following roadmap lists all the VRF Lite BGP commands and their parameters. Use this list as a quick reference. Table 6: Job aid: Roadmap of VRF Lite BGP CLI commands Command config ip vrf <vrfname> bgp Parameter aggregate-address <prefix/len> <add del> [as-set <value>] [summary-only <value>] [suppress-map <value>] [advertisemap <value>] [attribute-map <value>] aggregation <enable disable> always-cmp-med <enable disable> auto-peer-restart <enable disable> auto-summary <enable disable> create debug-screen [<setting>] default-local-pref <value> <add del> default-metric <value> <add del> delete deterministic-med <enable disable> disable enable flap-dampening <enable disable> global-debug mask <value> ibgp-report-import-rt <enable disable> ignore-illegal-rtrid <enable disable> 76 Configuration BGP Services October 2014

77 Job aid: Roadmap of VRF Lite BGP CLI commands Command config ip vrf <vrfname> bgp neighbor <nbr_ipaddr peer-group-name> Parameter info max-equalcost-routes <value> <enable disable> network <prefix/len> <add del> [metric <value>] no-med-path-is-worst <enable disable> orig-def-route <enable disable> quick-start <enable disable> restart route-policy <in out> <route-map name> <add del> router-id <ipaddr> stats-clear synchronization <enable disable> traps admin-state <enable disable> allow-as-in <0...10> as-override <enable disable> connect-retry-interval <value> <add del> create delete ebgp-multihop <enable disable> hold-time <value> <add del> info keepalive-time <value> <add del> max-prefix <value> <add del> MD5-authentication <enable disable> neighbor-debug mask <value> nexthop-self <add del> originate-def-route <enable disable> password <password> <add del> peer-group <peer-group name> <add del> remote-as <asnum> remove-private-as <enable disable> restart [soft-reconfiguration <value>] route-advertisement-interval <value> <add del> route-policy <in out> <route-map name> <add del> send-community <enable disable> site-of-origin <as-num:assigned-num ipaddr:assigned-num> <add del> October 2014 Configuration BGP Services 77

78 BGP configuration using the CLI Command config ip vrf <vrfname> bgp redistribute apply config ip vrf <vrfname> bgp redistribute <direct ospf rip static> config ip vrf <vrfname> as-list <listid> config ip vrf <vrfname> community-list <listid> config ip vrf <vrfname> extcommunity-list <listid> config ip vrf <vrfname> prefix-list <listid> Parameter soft-reconfiguration-in <enable disable> stats-clear update-source-interface <ipaddr> <add del> weight <value> <add del> apply [vrf-src <value>] create [vrf-src <value>] delete [vrf-src <value>] disable [vrf-src <value>] enable [vrf-src <value>] info [vrf-src <value>] metric <metric-value> [vrf-src <value>] route-policy <policy-name> [vrf-src <value>] [clear] create <memberid> <permit deny> <as path> delete info add-community <memberid> <permit deny> <communitystring> delete info remove-community [memberid <value>] [community-string <value>] add-extcommunity <member-id> [rt <value] [soo <value>] delete info remove-extcommunity <member-id> add-prefix <ipaddr/mask> [masklenfrom <value>] [masklento <value>] delete info name <value> remove-prefix <ipaddr/mask> 78 Configuration BGP Services October 2014

79 Configuring BGP globally Configuring BGP globally Configure BGP globally to enable BGP on the switch and determine how BGP operates. This procedure applies for BGP+ as well as for IPv4 BGP. Prerequisites To configure the suppress-map, advertise-map, or attribute-map options, the route policy for those options is already configured. You cannot modify the global BGP configuration unless BGP is disabled. For initial BGP configuration, you must know the AS number. To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must replace config ip with config ip vrf <vrfname> in the following procedure. Not all parameters are configurable on nonzero VRFs. Procedure steps 1. Configure the local AS number: config ip bgp local-as <asnum> This parameter only applies to VRF Use the following variable definitions table to configure BGP as required. 3. Enable BGP using the following command: config ip bgp enable 4. Ensure that the configuration is correct: show ip bgp conf definitions Use the data in the following table to use the config ip bgp and config ip vrf <vrfname> bgp commands. Unless otherwise stated, all parameters listed are supported with BGP+. October 2014 Configuration BGP Services 79

80 BGP configuration using the CLI aggregate-address <prefix/len> <add del> [as-set <value>] [summary-only <value>] [suppress-map <value>] [advertise-map <value>] [attribute-map <value>] aggregation <enable disable> always-cmp-med <enable disable> auto-peer-restart <enable disable> auto-summary <enable disable> cl-to-cl-reflection <enable disable> Adds or deletes an aggregate address in a BGP routing table. Because the routes in the table are only aggregated to EBGP peers, routing traffic is minimized. The default value is none. <prefix/len> is an IPv4 or IPv6 prefix and prefix length <add del> adds or deletes the entry as-set <value> enables or disables autonomous system information. The default value is disable. summary-only <value> enables or disables the summarization of routes not included in routing updates. This parameter creates the aggregate route and suppresses advertisements of more specific routes to all neighbors. The default value is disable. suppress-map <value> is the route map name (string length between 0 and 64 characters long) for the suppressed route list. advertise-map <value> is the route map name (any string length between 0 and 64 characters long) for route advertisements. attribute-map <value> is the route map name (string length between 0 and 64 characters long). The default value is none. Enables or disables the aggregation feature on this interface. The default value is enable. You cannot change the value when BGP is enabled. Enables or disables the comparison of the multi-exit discriminator (MED) parameter for paths from neighbors in different autonomous systems. A path with a lower MED is preferred over a path with a higher MED. The default value is disable. Enables or disables the process that automatically restarts a connection to a BGP neighbor. The default value is enable. Because the switch does not support IPv6 BGP peers, this parameter does not support IPv6 peers. When enabled, BGP summarizes networks based on class limits (For example, Class A, B, C networks). The default value is enable. Enables or disables route reflection between two route reflector clients. This option is applicable only if the route reflection value is set to enable. The default value is enable. Route reflection may be enabled even when clients are fully meshed. In this event, route reflection is not required. The default value is enable. This parameter only applies to VRF Configuration BGP Services October 2014

81 Configuring BGP globally cluster-id <ipaddr> <add del> comp-bestpath-med-confed <enable disable> 4-byte-as <enable disable> as-dot <enable disable> create debug-screen [<setting>] create default-local-pref <value> <add del> default-metric <value> <add del> Sets a cluster ID. This option is applicable only if the route reflection value is set to enable, and if multiple route reflectors are in a cluster. <ipaddr> is the cluster ID of the reflector router. The default value is <add del> adds or deletes the cluster ID. The default value is add. This parameter only applies to VRF 0. When enabled, the router compares multi-exit discriminator (MED) attributes within a confederation. The default value is disable. This parameter only applies to VRF 0. Enables or disables the switch from using 4 byte numbers for autonomous systems. Enables or disables representing AS numbers in octects. The default is disable so the switch uses the plain notation format. If you enable 4-byteAs and AsDotFormat, enter LocalAs numbers in the range of 1.0 to This parameter is not supported with BGP+. Creates a BGP instance in a VRF. BGP configuration can occur in a nonzero VRF only when the BGP instance exists in the VRF. This parameter only applies to VRF instances. This parameter is not supported with BGP+. Displays debug messages to the console, or saves them in a log file. <setting> is off or on. Disable BGP screen logging (off), or enable BGP screen logging (on). The default value is off. Adds the RP trigger of BGP to an existing nonzero VRF. This parameter only applies to non-zero VRFs. This parameter is not supported with BGP+. Specifies the default value of the local preference attribute. You cannot change the default value when BGP is enabled. <value> is an integer value between 0 and The default value is 100. <add del> adds or deletes the configuration. The default value is del. Sets a value that is sent to a BGP neighbor to determine the cost of a route a neighbor is using. A default metric value helps solve the problems associated with redistributing routes that have incompatible metrics. For example, whenever metrics do not convert, using a default metric provides a reasonable substitute and redistribution proceeds. Use this option in conjunction with the redistribute commands so the current October 2014 Configuration BGP Services 81

82 BGP configuration using the CLI delete deterministic-med <enable disable> disable enable flap-dampening <enable disable> global-debug mask <value> ibgp-report-import-rt <enable disable> routing protocol uses the same metric value for all redistributed routes. <value> is an integer value between -1 and The default value is -1. <add del> adds or deletes the configuration. The default value is del. Deletes the RP trigger of BGP from an existing nonzero VRF. This parameter only applies to non-zero VRFs. This parameter is not supported with BGP+. Enables or disables deterministic Multiexit Discriminator (MED). The default value is disable. Disables BGP. Enables BGP. You cannot enable BGP until you change the Local AS to any value other than 0. The default value is disable. Enables or disables route suppression for routes that flap on and off. The default value is enable. This parameter is not supported with BGP+. Displays specified debug information for BGP global configurations. The default value is none. <value> is a list of mask choices separated by commas with no space between choices. Mask choices are: none disables all debug messages. all enables all debug messages. error enables display of debug error messages. packet enables display of debug packet messages. event enables display of debug event messages. trace enables display of debug trace messages. warning enables display of debug warning messages. state enables display of debug state transition messages. init enables display of debug initialization messages. filter enables display of debug messages related to filtering. update enables display of debug messages related to sending and receiving updates. Configures BGP to advertise imported routes to an interior BGP (IBGP) peer. This command also enables or disables 82 Configuration BGP Services October 2014

83 Configuring BGP globally ignore-illegal-rtrid <enable disable> info local-as <asnum> max-equalcost-routes <value> <enable disable> neighbor-debug-all mask <value> network <prefix/len> <add del> [metric <value>] no-med-path-is-worst <enable disable> orig-def-route <enable disable> advertisement of non-bgp imported routes to other IBGP neighbors. The default value is enable. When enabled, BGP overlooks an illegal router ID. For example, you can set this command to enable or disable the acceptance of a connection from a peer that sends an open message using a router ID of 0 (zero). The default value is enable. Displays the current BGP system configuration Sets the local autonomous system (AS) number on the current system. You cannot change local-as when BGP is set to enable. To set a 2-byte local AS number, enter a local-as number in the range of 1 to To set a 4-byte local-as number, enable the 4-byte-as variable and enter a number in the range of to If you enable as-dot, enter the AS number in octets in the range of 1.0 to This parameter is not supported with BGP+. Sets the maximum number of equal-cost-paths that are available to a BGP router by limiting the number of equal-costpaths that can be stored in the routing table. The default value is disable. <value> is the max-equalcost-routes allowed. the range is 1 to 4 equal-cost-paths. The default value is 1. Important: The state of this parameter is not shown in response to the config ip vrf <vrfname> bgp command. Displays specified debug information for BGP neighbors. The default value is none. For mask options, see the globaldebug mask <value> section. Specifies IGP network prefixes for BGP to advertise for redistribution. This command imports routes into BGP. The default value is none. <prefix/len> is the network address and mask. <add del> adds or deletes the configuration. metric <value>the metric corresponds to the MED (multi-exit discriminator) BGP attribute for the route. Enables or disables BGP to treat an update without a multi-exit discriminator (MED) attribute as the worst path. The default value is enable. Enables the advertisement of a default route to peers, if it is present in the routing table. The default value is disable. This parameter does not apply to IPv6 routes. October 2014 Configuration BGP Services 83

84 BGP configuration using the CLI orig-v6-def-route <enable disable> quick-start <enable disable> restart route-reflection <enable disable> route-refresh <enable disable> Enables the advertisement of a default IPv6 route to peers, if it is present in the routing table. The default value is disable. Enables or disables the quick-start flag for exponential backoff. The default value is disable. Restarts BGP on the current system. Enables or disables the reflection of routes from IBGP neighbors. The default value is enable. This parameter only applies to VRF 0. Enables or disables IP VPN Route Refresh. If enabled, a route refresh request received by a BGP speaker causes the speaker to resend all route updates it contains in its database that are eligible for the peer that issues the request. The default value is disable. This parameter only applies to VRF 0. router-id <ipaddr> Specifies the BGP router ID. The default value is stats-clear synchronization <enable disable> traps <enable disable> This parameter only applies to VRF 0. Resets all displayed counters to zero. Enables or disables the router to accept routes from BGP peers without waiting for an update from the IGP. The default value is enable. Enables or disables traps. The default value is disable. Job aid: BGP debug commands Debug command values allow you to control debug messages for global BGP message types, and for message types associated with a specified BGP peer or peer group. The following tips can help you use the debug commands: Display debug commands for multiple mask choices by entering the mask choices separated by commas, with no space between choices. To end (disable) the display of debug messages, use the mask choice of none. You can save debug messages in a log file, or you can display the messages on your console using the debug-screen command. You can display global debug messages for the following mask categories: none disables the display of all debug messages all sets the switch to display all categories of debug messages error sets the switch to display error debug messages packet sets the switch to display packet debug messages event sets the switch to display event debug messages warning sets the switch to display warning debug messages 84 Configuration BGP Services October 2014

85 Configuring 4 byte AS numbers init sets the switch to display initialization debug messages filter sets the switch to display filter-related debug messages update sets the switch to display update-related debug messages For information about the logged debug messages, see Avaya Ethernet Routing Switch 8800/8600 Logs Reference, NN Configuring 4 byte AS numbers Configure AS numbers using the 4-byte format and represent the numbers in octets. This procedure does not apply for BGP+. Prerequisites To configure BGP on a specific VRF instance, login to the required VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. Configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must replace config ip with config ip vrf in the following procedure. Not all parameters are configurable on nonzero VRFs. Make sure that you define AS numbers in policies the same way that you configure them for the router. The choices are asplain (regular expression) or asdot (dot notation). If you create policies using asplain and configure the switch with asdot, the match will not occur. Procedure steps 1. To change the AS number format, first disable BGP. config ip bgp disable 2. Enable the 4-byte AS numbering format. config ip bgp 4-byte-as enable 3. To use the dotted octet notation, enable as-dot. config ip bgp as-dot enable 4. Configure the 4-byte AS number. If you enabled as-dot, enter the AS number in octets. config ip bgp local-as 5. Enable BGP. config ip bgp enable <asnum> definitions Use the data in the following table to use the config ip bgp and config ip vrf <vrfname> bgp AS parameters. October 2014 Configuration BGP Services 85

86 BGP configuration using the CLI local-as <asnum> 4-byte-as <enable disable> as-dot <enable disable> Sets the local autonomous system (AS) number. You cannot change local-as when BGP is set to enable. To set a 2-byte local AS number, enter a local-as number in the range of 1 to To set a 4-byte local-as number, enable the 4-byte-as variable and enter a number in the range of to If you enable as-dot, enter the AS number in octets in the range of 1.0 to This parameter is not supported with BGP+. Enables or disables the switch from using 4 byte numbers for autonomous systems. Enables or disables representing AS numbers in octects. The default is disable so the switch uses the plain notation format. If you enable this field and the 4ByteAs field, enter the AS number in the NewLocalAs field. Attention: This parameter is not supported with BGP+. Configuring BGP confederations Reduce the high bandwidth and maintenance costs associated with a large full-mesh topology by dividing the AS into multiple smaller ASs, and then grouping them into a single confederation. Confederations can only be configured for VRF 0. This procedure applies for BGP+ as well as for IPv4 BGP. Prerequisites To configure confederations, BGP must be disabled. Procedure steps 1. Add the confederation identifier: config ip bgp confederation identifier <value> add 2. Add the required ASs to the confederation: config ip bgp confederation peers <as-num-list> 3. Ensure that the configuration is correct: config ip bgp confederation info 86 Configuration BGP Services October 2014

87 Configuring BGP peers or peer groups definitions Use the data in the following table to use the config ip bgp confederation command. All parameters listed are supported with BGP+. identifier <value> <add del> info peers <as-num-list> Specifies a BGP confederation identifier. You cannot configure this option when BGP is enabled. <value> is an integer value between 0 and The default value is 0. <add del> adds or deletes the confederation. The default value is add. Displays current confederation configuration information. Adds autonomous systems to a confederation. as-list is an integer string length value between 0 and 256 that represents the AS number. Enter one or more as numbers within quotes (for example, " ") to add AS systems. Enter another set of numbers within quotes, or a single number within quotes to replace the previous configuration. Enter only a set of quotes (or 0) to delete the configuration. Configuring BGP peers or peer groups Use peers and peer groups to simplify BGP configuration and makes updates more efficient. BGP speakers can have many neighbors configured with similar update policies (for example, many neighbors use the same distribute lists, filter lists, outbound route maps, update source, and so on). Group the neighbors that have the same update policies into peer groups and peer associations. This procedure applies for BGP+ as well as for IPv4 BGP; however, all peers must be IPv4 peers. The configuration of native IPv6 peers is not supported. Prerequisites If required, route policies exist. To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must replace config ip with config ip vrf <vrfname> in the following procedure. October 2014 Configuration BGP Services 87

88 BGP configuration using the CLI Procedure steps 1. Create a peer or peer group using the following neighbor command: config ip bgp neighbor <nbr_ipaddr peer-group-name> create <nbr_ipaddr peer-group-name> specifies the peer IPv4 address or the peer group name. 2. Use the following variable definitions table to configure the neighbor as required. 3. Enable the neighbor: config ip bgp neighbor <nbr_ipaddr peer-group-name> admin-state enable definitions Use the data in the following table to use the config ip bgp neighbor <nbr_ipaddr peergroup-name> command. Unless otherwise stated, all parameters listed are supported with BGP+. address-family vpnv4 <enable disable> address-family ipv6 <enable disable> admin-state <enable disable> bfd <enable disable> connect-retry-interval <value> <add del> create delete Enables or disables BGP address families for IPv4 (BGP) and L3 VPN (MP-BGP) support. Enable this parameter for VPN/VRF Lite routes. The default value is disable. This parameter is not supported with BGP+. Enables or disables BGP address families for BGP+ support. Enable this parameter for IPv6 routes. The default value is disable. Enables or disables the administrative state of a BGP peer. The default value is disable. Enables or disables BFD on a BGP peer. The default value is disable. This parameter is not supported with BGP+. Sets the time interval (in seconds) for the ConnectRetry Timer. The default value is 120 seconds. <value> is an integer value between 1 and seconds. <add del> adds or deletes the configuration. Creates a BGP peer or a peer group. With BGP+, the peer must be an IPv4 peer. Native IPv6 peering is not supported. Deletes a BGP peer or a peer group. 88 Configuration BGP Services October 2014

89 Configuring BGP peers or peer groups ebgp-multihop <enable disable> hold-time <value> <add del> info ipvpn-lite-capability <enable disable> keepalive-time <value> <add del> max-prefix <value> <add del> MD5-authentication <enable disable> neighbor-debug mask <value> Enables or disables a connection to a BGP peer that is more than one hop away from the local router. The default value is disable. Sets the time interval (in seconds) for the BGP speaker for this peer. The default value is 180 seconds. <value> is an integer value with a range 0, 3 to 180 seconds (the integer values 1 and 2 are not valid). <add del> adds or deletes the configuration. Displays current configuration information of a BGP peer or peergroup. Specifies (when enabled) that IP VPN Lite capability can be enabled or disabled on the BGP neighbor peer. The default is disable. This parameter is not supported with BGP+. Specifies the time interval (in seconds) that transpires between transmissions of the local BGP router's keep-alive packets. The keep-alive packets indicate the enabled status of the local BGP router to peers. The default value is 60 seconds. <value> is an integer value between 0 and seconds. <add del> adds or deletes the configuration. Sets a limit on the number of routes that can be accepted from a neighbor. The default value is routes. A value of 0 (zero) indicates that there is no limit to the number of routes that can be accepted. <value> is an integer value between 0 and routes. <add del> adds or deletes the configuration. Enables or disables TCP MD5 authentication between two peers. The default value is disable. Displays specified debug information for a BGP peer. The default value is none. <value> is a list of mask choices separated by commas with no space between choices. For example: {<mask>,<mask>,<mask>...}. Mask choices are: none disables all debug messages. all enables all debug messages. error enables display of debug error messages. packet enables display of debug packet messages. event enables display of debug event messages. trace enables display of debug trace messages. October 2014 Configuration BGP Services 89

90 BGP configuration using the CLI nexthop-self <enable disable> originate-def-route <enable disable> originate-v6-def-route <enable disable> password <password> <add del> peer-group <peer-group-name> <add del> remote-as <asnum> remove-private-as <enable disable> warning enables display of debug warning messages. state enables display of debug state transition messages. init enables display of debug initialization messages. filter enables display of debug messages related to filtering. update enables display of debug messages related to sending and receiving updates. When enabled, specifies that the next-hop attribute in an IBGP update is the address of the local router or the router that is generating the IBGP update. The default value is disable. The next-hop parameter can only be configured when the neighbor is disabled. With BGP+, Avaya recommends enabling the next-hop-self parameter on the Edge/Boundary switch. Enables or disables the switch to send a default route advertisement to the specified neighbor. A default route does not have to be in the routing table. The default value is disable. Do not use this command if orig-def-route is globally enabled. This parameter is not supported with BGP+. Enables or disables the switch to send an IPv6 default route advertisement to the specified neighbor. A default route does not have to be in the routing table. The default value is disable. Do not use this command if orig-v6-def-route is globally enabled. Specifies a password for TCP MD5 authentication between two peers. The default value is none. <password> is an alphanumeric string length from 0 to 1536 characters. <add del> adds or deletes the password. Adds a BGP peer to the specified subscriber group. You must create the specified subscriber group before you issue this command. The default value is none. <peer-group-name> is a string length from 0 to 1536 characters. <add del> adds or deletes the configuration. Configures a remote-as for a BGP peer or a peer-group. You cannot configure this option when the admin-state is enable. asnum is an integer value between 0 and The default value is 0. When enabled, strips private AS numbers when an update is sent. This feature is especially useful within a confederation. The default value is enable. 90 Configuration BGP Services October 2014

91 Configuring BGP peers or peer groups restart [soft-reconfiguration <value>] route-advertisement-interval <value> <add del> route-policy <in out> <route-map name> <add del> [ipv6] route-reflector-client <enable disable> route-refresh <enable disable> send-community <enable disable> soft-reconfiguration-in <enable disable> stats-clear Resets a BGP inbound or outbound (or both inbound and outbound) connection using BGP soft reconfiguration. <value> is either inbound (in) or outbound soft configuration (out). If you do not specify in or out, both inbound and outbound soft configurations are triggered. Specifies the time interval (in seconds) that transpires between each transmission of an advertisement from a BGP neighbor. The default value is 5 seconds. <value> is an integer value between 5 and 120 seconds. <add del> adds or deletes the configuration. Applies a route policy rule to all routes that are learned from, or sent to, the local BGP router's peers, or peer groups. The local BGP router is the BGP router that allows or disallows routes and sets attributes in incoming or outgoing updates. The default value is none. <in out> indicates whether the route is incoming or outgoing. <route-map name> name is an alphanumeric string length (0 to 256 characters) that indicates the name of the route map or policy. <add del> adds or deletes the configuration. [ipv6] specifies an IPv6 policy You can configure separate policies for BGP IPv4 and IPv6 prefixes to the same BGP neighbor. The policy names are unique in the system. Configures the specified neighbor or group of neighbors as its route reflector client. The default value is disable. All neighbors that are configured become members of the client group and the remaining IBGP peers become members of the nonclient group for the local route reflector. Enables or disables IP VPN Route Refresh for the BGP peer. If enabled, a route refresh request received by a BGP speaker causes the speaker to resend all route updates it contains in its database that are eligible for the peer that issues the request. The default value is disable. Enables or disables sending the update message community attribute to the specified peer. The default value is disable. When enabled, the router relearns routes from the specified neighbor or group of neighbors without resetting the connection when the policy changes in the inbound direction. The default value is disable. Resets all displayed counters to zero. October 2014 Configuration BGP Services 91

92 BGP configuration using the CLI update-source-interface <ipaddr> <add del> weight <value> <add del> Specifies the source IP address when BGP packets are sent to this peer or peer group. You cannot configure this parameter when the admin-state is enable. The default value is <ipaddr> is the specified source address. <add del> adds or deletes the configuration. Specifies the weight of a BGP peer or peer groups, or the priority of updates that can be received from that BGP peer. The default value is 0. If you have particular neighbors that you want to prefer for most of your traffic, you can assign a higher weight to all routes learned from that neighbor. <value> is an integer value between 0 and <add del> adds or deletes the configuration. Configuring redistribution to BGP for VRF 0 Configure a redistribute entry to announce routes of a certain source protocol type into the BGP domain, for example, static, RIP, or direct routes. Use a route policy to control the redistribution of routes. This procedure does not apply for BGP+. Prerequisites If required, a route policy exists. To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must replace config ip with config ip vrf <vrfname> in the following procedure. Procedure steps 1. Configure redistribution using the following command: config ip bgp redistribute <direct ospf rip static> create [vrf-src <value>] 2. If required, specify a route policy to govern redistribution: config ip bgp redistribute <direct ospf rip static> route-policy <policy name> [vrf-src <value>] [clear] 3. Enable the instance: 92 Configuration BGP Services October 2014

93 Configuring redistribution to BGP for VRF 0 config ip bgp redistribute <direct ospf rip static> enable [vrf-src <value>] 4. Apply the redistribution instance: config ip bgp redistribute <direct ospf rip static> apply [vrf-src <value>] 5. View redistribution configurations to ensure they are correct: show ip bgp redistribution [exact <value>] [vrf <value>] [vrfids <value>] definitions Use the information in the following table to help you use the config ip bgp redistribute <direct ospf rip static> command. apply create delete disable enable info metric <metric-value> route-policy <policy name> Applies the redistribution configuration. Changes do not take effect until you apply them. Creates the BGP route redistribution instance. Deletes the BGP route redistribution instance. Disables the BGP route redistribution instance. Enables the BGP route redistribution instance. The default value is disable. Shows information about the BGP route redistribution instance. Configures the metric to apply to redistributed routes. The default value is 0. Configures the route policy to apply to redistributed routes. The default value is none. Use the data in the following table to use the show ip bgp redistribution command. exact <value> vrf <value> vrfids <value> Specifies an exact match on the prefix. Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp redistribution command output Use the data in the following table to use the show ip bgp redistribution command. October 2014 Configuration BGP Services 93

94 BGP configuration using the CLI SRC-VRF SRC MET ORIGIN ENABLE RPOLICY Indicates the redistribution source VRF instance. Indicates the redistribution source: RIP, Local, Static, or OSPF. Indicates the metric value Indicates the Redistribution origin: IBGP or EBGP. Indicates whether the redistribution policy is enabled (T) true or disabled (F) false. The route policy that is currently assigned to the redistribution. Configuring redistribution to BGP+ for VRF 0 Configure a redistribute entry to announce routes of a certain source protocol type into the BGP+ domain, for example, static, OSPFv3, or direct routes. Use a route policy to control the redistribution of routes. Prerequisites If required, a route policy exists. Procedure steps 1. Configure redistribution using the following command: config ip bgp redistribute <v6-direct ospfv3 v6-static> create 2. If required, specify a route policy to govern redistribution: config ip bgp redistribute <v6-direct ospfv3 v6-static> route-policy <policy name> [clear] 3. Enable the instance: config ip bgp redistribute <v6-direct ospfv3 v6-static> enable Unlike IPv4 redistribution, you do not need to manually apply the IPv6 redistribution instance. Once you enable the IPv6 redistribution instance, it is automatically applied. 4. View redistribution configurations to ensure they are correct: show ipv6 bgp redistribution 94 Configuration BGP Services October 2014

95 Configuring a prefix list definitions Use the information in the following table to help you use the config ip bgp redistribute <v6-direct ospfv3 v6-static> command. create delete disable enable info metric <metric-value> route-policy <policy name> Creates the BGP route redistribution instance. Deletes the BGP route redistribution instance. Disables the BGP route redistribution instance. Enables the BGP route redistribution instance. The default value is disable. Shows information about the BGP route redistribution instance. Configures the metric to apply to redistributed routes. The default value is 0. Configures the route policy to apply to redistributed routes. The default value is none. Job aid: show ipv6 bgp redistribution command output Use the data in the following table to use the show ipv6 bgp redistribution command. SRC-VRF SRC MET ENABLE RPOLICY Indicates the redistribution source VRF instance. Indicates the redistribution source: Local, Static, or OSPF. Indicates the metric value Indicates whether the redistribution policy is enabled (T) true or disabled (F) false. The route policy that is currently assigned to the redistribution. Configuring a prefix list Use prefix lists to allow or deny specific route updates. A prefix list policy specifies route prefixes to match. When there is a match, the route is used. This procedure does not apply for BGP+. October 2014 Configuration BGP Services 95

96 BGP configuration using the CLI Prerequisites To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must replace config ip with config ip vrf <vrfname> in the following procedure. Procedure steps 1. Create a prefix list using the following command: config ip prefix-list <listid> add-prefix <ipaddr/mask> [masklenfrom <value>] [masklento <value>] Use the same command to add additional prefixes to the list. 2. Name the list: config ip prefix-list <listid> name <value> definitions Use the data in the following table to use the config ip prefix-list <listid> command, where <listid> is an integer value between 1 and 1024 that represents the prefix list ID. add-prefix <ipaddr/mask> [masklenfrom <value>] [masklento <value>] delete info name <value> remove-prefix <ipaddr/mask> Creates or adds a prefix to the list. The default value is none. <ipaddr/mask> specifies the IP address and network mask in the format a.b.c.d/x, a.b.c.d/x.x.x.x, or default. masklenfrom <value> specifies an integer in the range 0 to 32. masklento <value> specifies an integer in the range 0 to 32. Deletes the specified prefix list entry. Displays the current configuration of the specified prefix list. Names the prefix list. The default value is none. Removes the prefix entry from the list. <ipaddr/mask> specifies the IP address and network mask in the format a.b.c.d/x, a.b.c.d/x.x.x.x, or default. 96 Configuration BGP Services October 2014

97 Configuring an IPv6 prefix list Configuring an IPv6 prefix list Use prefix lists to allow or deny specific route updates. A prefix list policy specifies route prefixes to match. When there is a match, the route is used. Procedure steps 1. Create an IPv6 prefix list using the following command: config ipv6 prefix-list <listid> add-prefix <v6-ipaddr/v6-prefixlen> [masklenfrom <value>] [masklento <value>] Use the same command to add additional prefixes to the list. 2. Name the list: config ipv6 prefix-list <listid> name <value> 3. Display the IPv6 prefix list: show ipv6 prefix-list [<list name>] [prefix <value>] definitions Use the data in the following table to use the config ipv6 prefix-list <listid> command, where <listid> is an integer value between 1 and 1024 that represents the prefix list ID. add-prefix <v6-ipaddr/v6-prefix-len> [masklenfrom <value>] [masklento <value>] delete info name <value> remove-prefix <v6-ipaddr/v6-prefix-len> Creates or adds a prefix to the list. The default value is none. <v6-ipaddr/v6-prefix-len> specifies the IPv6 address and prefix length. masklenfrom <value> specifies an integer in the range 0 to 32. masklento <value> specifies an integer in the range 0 to 32. Deletes the specified prefix list entry. Displays the current configuration of the specified prefix list. Names the prefix list. The default value is none. Removes the prefix entry from the list. <v6-ipaddr/v6-prefix-len> specifies the IPv6 address and prefix length. October 2014 Configuration BGP Services 97

98 BGP configuration using the CLI Configuring AS path lists The As Path List is used with route policies and contains one or multiple AS path entries. Use an AS path list to restrict the routing information a router learns or advertises to and from a neighbor. The AS path list acts as a filter that matches AS paths. This procedure applies for BGP+ as well as for IPv4 BGP. Prerequisites To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must replace config ip with config ip vrf <vrfname> in the following procedure. Procedure steps 1. Create the path list: config ip as-list <listid> create <memberid> <permit deny> <as path> definitions Use the data in the following table to use the config ip as-list <listid> command, where listid is an integer value between 1 and 1024 that represents the AS-path list ID you want to create or modify. create <memberid> <permit deny> <as path> delete info Creates the AS-path list. The default value is none. <memberid> is an integer value between 0 and that represents the regular expression entry in the AS path list. <permit deny> permits or denies access for matching conditions. <as path> is an integer value between 0 and Deletes the specified AS-path list entry. Displays the current content of the specified AS-path list ID. 98 Configuration BGP Services October 2014

99 Configuring community lists Configuring community lists The Community List is used with route policies and contains one or multiple Community List entries. Use community lists to specify permitted routes by using their BGP community. This list acts as a filter that matches communities or AS numbers. This procedure applies for BGP+ as well as for IPv4 BGP. Prerequisites To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must replace config ip with config ip vrf <vrfname> in the following procedure. Procedure steps 1. Create the community list and members: config ip community-list <listid> add-community <memberid> <permit deny> <community-string> definitions Use the data in the following table to use the config ip community-list <listid> command, where <listid> is an integer value between 1 and 1024 that represents the community list ID. add-community <memberid> <permit deny> <community-string> delete info Adds an entry to the community list. The default value is none. <permit deny> sets the access mode, which permits or denies access for matching conditions. <memberid> is an integer value between 0 and that represents the member ID in the community list. <community-string> is an alphanumeric string value with a string length between 0 and 1536 characters (AS num:community-value) or (well-known community string). Well known communities include: internet, no-export, no-advertise, local-as (known as NO_EXPORT_SUBCONFED). Deletes the specified community list entry. Displays the current content of the specified community list ID. October 2014 Configuration BGP Services 99

100 BGP configuration using the CLI remove-community [memberid <value>] [community-string <value>] Removes an entry from the community list. <memberid> is an integer value between 0 and <community-string> is an alphanumeric string value with a string length between 0 and 1536 characters. Configuring extended community lists The extended community list is used with route policies and contains one or multiple Community List entries. Use community lists to specify permitted routes by BGP extended community attributes, including route targets and sites of origin (SOO). This list acts as a filter that matches route targets and SOO. This procedure applies for BGP+ as well as for IPv4 BGP. Prerequisites To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must replace config ip with config ip vrf <vrfname> in the following procedure. Procedure steps 1. Create the list and specify members: config ip extcommunity-list <listid> add-extcommunity <member-id> [rt <value>] [soo <value>] definitions Use the data in the following table to use the config ip extcommunity-list <listid> command, where <listid> is an integer value between 1 and 1024 that represents the community list ID you want to create or modify. By default, no extended community list entries exist. add-extcommunity <member-id> [rt <value>] [soo <value>] Adds an entry to the extended community list. <member-id> is an integer value between 0 and that represents the member ID in the community list. 100 Configuration BGP Services October 2014

101 BGP show commands rt <value> specifies the route target in the format {AS number:assigned number} (that is, {0 to 65535}:{0 to }) or {ipaddress:assigned number} (that is, {a.b.c.d}:{0 to 65535}). soo <value> specifies the site of origin in the format {AS number:assigned number} (that is, {0 to 65535}:{0 to }) or {ipaddress:assigned number} (that is, {a.b.c.d}:{0 to 65535}). delete info remove-extcommunity <member-id> Deletes the specified extended community list entry. Displays the current content of the specified extended community list ID. Removes an entry from the extended community list. <memberid> is an integer value between 0 and BGP show commands Show commands are useful to verify BGP configuration and to monitor or troubleshoot BGP operation. To display information for a specific virtual routing and forwarding (VRF) instance, you must specify the VRF name in the syntax of the command. Viewing BGP aggregate information Display information about current aggregate addresses. This procedure is not supported with BGP+. Procedure steps 1. Display information about current aggregates using the following command: show ip bgp aggregates [<prefix/len>] [vrf <value>] [vrfids <value>] definitions Use the data in the following table to use the show ip bgp aggregates command. <prefix/len> vrf <value> vrfids <value> Specifies the IP address and the mask length. The length can be from 0 to 32. Specifies a VRF instance by name. Specifies a range of VRFs by ID number. October 2014 Configuration BGP Services 101

102 BGP configuration using the CLI Viewing BGP+ aggregate information Display information about current IPv6 aggregate addresses. Procedure steps 1. Display information about current aggregates using the following command: show ipv6 bgp aggregates [<v6-prefix/v6-len>] definitions Use the data in the following table to use the show ipv6 bgp aggregates command. <v6-prefix/v6-len> Specifies the IPv6 address and the prefix length. Viewing CIDR routes Display information about classless interdomain routing (CIDR) routes. This procedure is not supported with BGP+. Procedure steps 1. Display information about CIDR routes using the following command: show ip bgp cidr-only [exact <value>] [vrf <value>] [vrfids <value>] definitions Use the data in the following table to use the show ip bgp cidr-only command. exact <value> vrf <value> vrfids <value> Specifies an exact match of the prefix. This is an IP address and an integer value between 0 and 32 in the format a.b.c.d/xx. Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp cidr-only command output Use the data in the following table to understand the show ip bgp cidr-only command output. Field NETWORK/MASK PEER REMOTE ADDR Description Specifies the network IP address and exact mask length (must be an integer value between 0 and 32). Specifies the IP address of the remote peer. 102 Configuration BGP Services October 2014

103 BGP show commands Field NEXTHOP ADDRESS ORG LOC PREF Description Specifies the IP address of the next hop. Specifies the ultimate origin of the path information: IGB = Networks are interior EGB = Networks learned through an EGP INC (Incomplete) = Undetermined Specifies the local preference. Viewing flap-dampened routes Display information about flap-dampened routes to determine unreliable routes. This procedure is not supported with BGP+. Procedure steps 1. Display information about flap-dampened routes using the following command: show ip bgp dampened-paths <ipaddr> [<prefix>] [longer-prefixes] [vrf <value>] [vrfids <value>] definitions Use the data in the following table to use the show ip bgp dampened-paths <ipaddr> command. longer-prefixes <prefix> vrf <value> vrfids <value> Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp dampened-paths command output Use the data in the following table to understand the show ip bgp dampened-paths <ipaddr> command output. Field NETWORK/MASK PEER REM ADDR NEXTHOP ADDRESS Description Specifies the network IP address and exact mask length (must be an integer value between 0 and 32). Specifies the IP address of the remote peer. Specifies the IP address of the next hop. October 2014 Configuration BGP Services 103

104 BGP configuration using the CLI Field ORG LOC PREF Description The ultimate origin of the path information: IGB = Networks are interior EGB = Networks learned through EGP INC (Incomplete) = Undetermined Specifies the local preference. Viewing global flap-dampening configurations Display global information about flap-dampening. This procedure is not supported with BGP+. Procedure steps 1. Display global information about flap-dampening using the following command: show ip bgp flap-damp-config [exact <value>] [vrf <value>] [vrfids <value>] definitions Use the data in the following table to use the show ip bgp flap-damp-config command. exact <value> vrf <value> vrfids <value> Shows only entries that exactly match the prefix. Specify <value> in the format <a.b.c.d/len>. Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp flap-damp-config command output Use the data in the following table to understand the show ip bgp flap-damp-config command output. Field Status PolicyName CutoffThreshold ReuseThreshold Decay MaxHoldDown Description Indicates the global state of the route flap dampening feature. Valid values are enable or disable. Not applicable for this release. Indicates the penalty level that causes a route to be suppressed. Specifies the system-configured time for route reuse. Indicates the decay rate based on the decay algorithm. Indicates the maximum length of time (in seconds) that the route will be suppressed. 104 Configuration BGP Services October 2014

105 BGP show commands Viewing imported routes Display information about BGP imported routes. This procedure is not supported with BGP+. Procedure steps 1. Display information about BGP imported routes using the following command: show ip bgp imported-routes [<prefix>] [longer-prefixes] [vrf <value>] [vrfids <value>] definitions Use the data in the following table to use the show ip bgp imported-routes command. longer-prefixes <prefix> vrf <value> vrfids <value> Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp imported-routes command output Use the data in the following table to understand the show ip bgp imported-routes command output. Field ROUTE METRIC COMMUNITY LOCALPREF NEXTHOP Description Specifies the IP address of the route. Specifies the route metric. Specifies the BGP community. Specifies the local preference. Specifies the IP address of the next hop. Viewing imported IPv6 routes Display information about BGP imported routes. Procedure steps 1. Display information about BGP imported routes using the following command: October 2014 Configuration BGP Services 105

106 BGP configuration using the CLI show ipv6 bgp imported-routes [<v6-prefix>] [longer-prefixes] definitions Use the data in the following table to use the show ipv6 bgp imported-routes command. <prefix> longer-prefixes Shows paths with this prefix. The prefix is the IPv6 address and exact mask length. Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Job aid: show ipv6 bgp imported-routes command output Use the data in the following table to understand the show ipv6 bgp imported-routes command output. Field ROUTE METRIC COMMUNITY LOCALPREF NEXTHOP Description Specifies the IP address of the route. Specifies the route metric. Specifies the BGP community. Specifies the local preference. Specifies the IP address of the next hop. Viewing BGP network configurations Display information about BGP network configurations. This procedure is not supported with BGP+. Procedure steps 1. Display information about BGP network configurations using the following command: show ip bgp networks [exact <value>] [vrf <value>] [vrfids <value>] definitions Use the data in the following table to use the show ip bgp networks command. exact <value> vrf <value> vrfids <value> Shows only entries that exactly match the prefix. Specify <value> in the format <a.b.c.d/len>. Specifies a VRF instance by name. Specifies a range of VRFs by ID number. 106 Configuration BGP Services October 2014

107 BGP show commands Viewing IPv6 BGP+ network configurations Display information about BGP+ network configurations. Procedure steps 1. Display information about BGP+ network configurations using the following command: show ipv6 bgp networks [exact <value>] definitions Use the data in the following table to use the show ipv6 bgp networks command. exact <value> Shows only entries that exactly match the prefix. Specify <value> in the format <v6-ipaddr/v6-len>. Viewing BGP peer information Display information about BGP peers. Procedure steps 1. Display information about BGP peers using the following command: show ip bgp neighbor info [<ipaddr>] [vrf <value>] [vrfids <value>] 2. Display information about BGP peer advertised routes using the following command: show ip bgp neighbor advertised-route <ipaddr> [<prefix>] [longerprefixes] [vrf <value>] [vrfids <value>] 3. Display information about BGP peer routes using the following command: show ip bgp neighbor route <ipaddr> [<prefix>] [longer-prefixes] [community <value>] [vrf <value>] [vrfids <value>] 4. Display information about IP VPN BGP peers using the following command: show ip bgp neighbor route-vpnv4 <ipaddr> [prefix <value>] [longerprefixes] [community <value>] [vrf <value>] [vrfids <value>] 5. Display statistics for BGP peers using the following command: show ip bgp neighbor stats <ipaddr> [vrf <value>] [vrfids <value>] definitions Use the data in the following table to use the show ip bgp neighbor info and the show ip bgp neighbor stats commands. October 2014 Configuration BGP Services 107

108 BGP configuration using the CLI <ipaddr> vrf <value> vrfids <value> Specifies the IP address. Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Use the data in the following table to use the show ip bgp neighbor advertised-route <ipaddr> command. longer-prefixes prefix vrf <value> vrfids <value> Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Shows paths with this prefix for nonip VPN routes. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Use the data in the following table to use the show ip bgp neighbor route <ipaddr> and show ip bgp neighbor route-vpnv4 <ipaddr> commands. longer-prefixes prefix prefix <value> community <enable disable> vrf <value> vrfids <value> Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Shows paths with this prefix for nonip VPN routes. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Shows paths with this prefix for IP VPN routes. Enables or disables the display of community attributes. Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp neighbor command output Use the data in the following table to use the show ip bgp neighbor route <ipaddr> command. Field NETWORK/MASK PEER REM ADDR NEXTHOP ADDRESS Description Specifies the network mask of the direct route. Specifies the IP address of the remote peer. Specifies the IP address of the next hop. 108 Configuration BGP Services October 2014

109 BGP show commands Field ORG LOCAL PREF STATUS Description Specifies the source of a route: IGP the route is interior to the originating AS that inserts this route into the BGP table (0 = IGP). EGP the route is learned through an Exterior Gateway Protocol (EGP) prior to being inserted into the BGP table (1 = BGP). Incomplete the origin of the route is unknown or learned by some other means. For example, these routes could be learned through RIP, OSPF, or static routes (2 = Incomplete). Specifies the local preference. Specifies the route status: Accepted, Best, Used, Rejected Use the data in the following table to understand the show ip bgp neighbor advertisedroute <ipaddr> command output. Field NETWORK/MASK NEXTHOP ADDRESS PEER REM ADDR ORG LOCAL PREF STATUS Description Specifies the IP mask of the advertised route. Specifies the IP address of the next hop. Specifies the IP address of the remote peer. Specifies the source of a route: IGP the route is interior to the originating AS that inserts this route into the BGP table (0 = IGP). EGP the route is learned through the Exterior Gateway Protocol (EGP) prior to being inserted into the BGP table (1 = BGP). Incomplete the origin of the route is unknown or learned by some other means. For example, these routes could be learned through RIP, OSPF, or static routes (2 = Incomplete). Specifies the local preference. Specifies the route status: Accepted, Best, Used, Rejected Viewing BGP peer group information Display information about BGP peer groups. Procedure steps 1. Display information about BGP peer groups using the following command: show ip bgp peer-group [<peer-group name>] [vrf <value>] [vrfids <value>] October 2014 Configuration BGP Services 109

110 BGP configuration using the CLI definitions Use the data in the following table to use the show ip bgp peer-group command. <peer-group name> vrf <value> vrfids <value> Specifies the name of the peer group. Specifies a VRF instance by name. This parameter is not supported with BGP+. Specifies a range of VRFs by ID number. This parameter is not supported with BGP+. Viewing BGP IP VPN routes Display information about IP VPN routes. This procedure is not supported with BGP+. Procedure steps 1. Display information about BGP routes using the following command: show ip bgp route-vpnv4 [<prefix>] [longer-prefixes] [community] [ip <value>] [ext-community] [vrf <value>] [vrfids <value>] definitions Use the data in the following table to use the show ip bgp route-vpnv4 command. community ext-community ip <value> longer-prefixes prefix vrf <value> vrfids <value> Enables or disables the display of community attributes. Enables or disables the display of extended community attributes. Specifies an IP address. Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp route-vpnv4 command output Use the data in the following table to understand the show ip bgp route-vpnv4 command output. 110 Configuration BGP Services October 2014

111 BGP show commands Field NETWORK/MASK PEER REM ADDR NEXTHOP ADDRESS ORG LOC PREF SVC LABEL Description Specifies the network IP address and exact subnet mask. Specifies the IP address of the remote peer. Specifies the IP address of the next-hop router. Specifies the ultimate origin of the path information: IGB = Networks are interior EGB = Networks learned through an EGP INC (Incomplete) = Undetermined Specifies the local preference. Specifies the route service label. Viewing BGP routes Display information about BGP routes. This procedure does not display IPv6 routes. Procedure steps 1. Display information about BGP routes using the following command: show ip bgp route [<prefix>] [longer-prefixes] [community <enable disable>] [ip <value>] [vrf <value>] [vrfids <value>] definitions Use the data in the following table to use the show ip bgp route command. community <enable disable> ip <value> longer-prefixes <prefix> vrf <value> vrfids <value> Enables or disables the display of community attributes. Specifies an IP address. Shows long prefixes. Longer-prefixes indicates the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp route command output Use the data in the following table to understand the show ip bgp route command output. October 2014 Configuration BGP Services 111

112 BGP configuration using the CLI Field NETWORK/MASK PEER REM ADDR NEXTHOP ADDRESS ORG LOCAL PREF Description Specifies the path prefix address. Specifies the remote peer address. Specifies the BGP next hop address. Specifies the route origin: INC (incomplete), IGP, EGP. Specifies the local preference. Viewing IPv6 BGP+ routes Display information about IPv6 BGP+ routes. Procedure steps 1. Display information about IPv6 BGP+ routes using the following command: show ipv6 bgp route [<v6-prefix>] [longer-prefixes] [community <enable disable>] [ip <value>] definitions Use the data in the following table to use the show ipv6 bgp route command. community <enable disable> ip <value> longer-prefixes <v6-prefix> Enables or disables the display of community attributes. Specifies an IPv6 address. Shows long prefixes. Longer-prefixes indicates the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Job aid: show ipv6 bgp route command output Use the data in the following table to understand the show ipv6 bgp route command output. Field NETWORK/MASK PEER REM ADDR NEXTHOP ADDRESS ORG LOCAL PREF Description Specifies the path prefix address. Specifies the remote peer address. Specifies the BGP next hop address. Specifies the route origin: INC (incomplete), IGP, EGP. Specifies the local preference. 112 Configuration BGP Services October 2014

113 BGP show commands Viewing all BGP configuration information Use this procedure to display all configuration information about BGP. This procedure applies for both IPv4 BGP and BGP+. Procedure steps 1. Display all information about BGP using the following command: show ip bgp show-all [file <value>] [vrf <value>] [vrfids <value>] definitions Use the data in the following table to use the show ipv6 bgp show-all command. file <value> vrf <value> vrfids <value> Specifies the filename: {/pcmcia/<file> /flash/<file>}. Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Viewing all IPv6 BGP+ configuration information Use this procedure to display all configuration information specific to BGP+. Procedure steps 1. Display all IPv6 information about BGP+ using the following command: show ipv6 bgp show-all [file <value>] definitions Use the data in the following table to use the show ipv6 bgp show-all command. file <value> Specifies the filename: {/pcmcia/<file> /flash/<file>}. Viewing a summary of BGP configurations Display summarized information about BGP. This procedure applies for both IPv4 BGP and BGP+. Procedure steps 1. Display summarized information about BGP using the following command: October 2014 Configuration BGP Services 113

114 BGP configuration using the CLI show ip bgp summary [vrf <value>] [vrfids <value>] definitions Use the data in the following table to use the show ip bgp summary command. vrf <value> vrfids <value> Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp summary command output Use the data in the following table to understand the show ip bgp summary command output. Field BGP version local-as Identifier Decision state NEIGHBOR RMTAS STATE HLDTM KPALV HLDCFG KPCFG WGHT CONRTY ADVINT Description Specifies the version of BGP that runs on the router. Specifies the local autonomous system number. Specifies the BGP identifier. Specifies the BGP process state. Specifies the IP address of the remote peer. Specifies the AS number of the remote peer. Specifies the peer operating state: Idle, Accept, Connect, Open, Open-sent, and Established. Specifies the negotiated holdtime timer. Specifies the keepalive timer. Specifies the configured holdtime timer. Specifies the configured keepalive timer. Specifies the weight value assigned to the peer. Specifies the retry timer. Specifies the advertisement interval. 114 Configuration BGP Services October 2014

115 Chapter 6: BGP configuration using the ACLI Configure BGP using ACLI to create and maintain an interdomain routing system that guarantees loop-free routing information between autonomous systems. The Avaya Ethernet Routing Switch 8800/8600 supports BGP with IPv4 and IPv6 networks. Most IPv4 BGP configuration commands are applicable to BGP+ as well. When using the BGP+ functionality, additional configurations are needed to install the routes in the IPv6 RTM and for the IPv6 traffic originated from one IPv6 island to reach the other IPv6 island. These are IPv6 tunnel and static route configurations specific to the BGP+ peers. For more information, see BGP+ tunnel configuration examples on page 163. For information about configuring IP VPN with BGP, see Avaya Ethernet Routing Switch 8800/8600 Configuration IP VPN, NN For information about configuring route policies for BGP, see Avaya Ethernet Routing Switch 8800/8600 Configuration IP Routing, NN All information about statistics is moved to Avaya Ethernet Routing Switch 8800/8600 Performance Management, NN Job aid: Roadmap of BGP ACLI commands The following roadmap lists some of the BGP commands and their parameters that you can use to complete the procedures in this section. Table 7: Job aid: Roadmap of BGP ACLI commands Command Privileged EXEC mode ip bgp apply redistribute <direct ospf rip static> [vrf <WORD 0-64>] [vrf-src <WORD 0-64>] ip bgp apply redistribute vrf <WORD 0-64> ip bgp restart-bgp Parameter <cr> October 2014 Configuration BGP Services 115

116 BGP configuration using the ACLI Command ip bgp stats-clear-counters Parameter neighbor <nbr_ipaddr peer-group-name> [soft-reconfiguration <in out>] [vrf <WORD 0-64>] vrf <WORD 0-64> [soft-reconfiguration <in out>] <cr> neighbor <nbr_ipaddr peer-group-name> [vrf <WORD 0-64>] vrf <WORD 0-64> show ip bgp aggregates [<prefix/len>] [vrf <WORD 0-64>] [vrfids <0-255>] show ip bgp neighbors show ip bgp neighbors <A.B.C.D> cidr-only [<prefix/len>] [vrf <WORD 0-64>] [vrfids <0-255>] conf [vrf <WORD 0-64>] [vrfids <0-255>] confederation dampened-paths <A.B.C.D> [<prefix/len>] [longer-prefixes] [vrf <WORD 0-64>] [vrfids <0-255>] flap-damp-config [<prefix/len>] [vrf <WORD 0-64>] [vrfids <0-255>] imported-routes [<prefix/len>] [longer-prefixes] [vrf <WORD 0-64>] [vrfids <0-255>] networks [<prefix/len>] [vrf <WORD 0-64>] [vrfids <0-255>] peer-group [<WORD >] [vrf <WORD 0-64>] [vrfids <0-255>] redistributed-routes [<prefix/len>] [vrf <WORD 0-64>] [vrfids <0-255>] route [<prefix/len>] [community <enable disable>] [ip <A.B.C.D>] [longerprefixes] [vrf <WORD 0-64>] [vrfids <0-255>] stats [vrf <WORD 0-64>] [vrfids <0-255>] summary [vrf <WORD 0-64>] [vrfids <0-255>] vpnv4 [<prefix/len>] [community] [ext-community] [ip <A.B.C.D>] [longerprefixes] [vrf <WORD 0-64>] [vrfids <0-255>] <cr> vrf <WORD 0-64> vrfids <0-255> <cr> advertised-routes [<prefix/len>] [longer-prefixes] [vrf <WORD 0-64>] [vrfids <0-255>] routes [<prefix/len>] [community <enable disable>] [longer-prefixes] [vrf <WORD 0-64>] [vrfids <0-255>] stats [vrf <WORD 0-64>] [vrfids <0-255>] vpnv4 [<prefix/len>] [community] [ext-community] [ip <A.B.C.D>] [longerprefixes] [vrf <WORD 0-64>] [vrfids <0-255>] vrf <WORD 0-64> vrfids <0-255> 116 Configuration BGP Services October 2014

117 Job aid: Roadmap of BGP ACLI commands Command show ip extcommunity-list [<1-1024>] [vrf <WORD 0-64>] [vrfids <0-255>] Global Configuration mode ip as-list <1-1024> memberid < > <permit deny> as-path <WORD > ip bgp apply redistribute <direct ospf rip static> [vrf <WORD 0-64>] [vrf-src <WORD 0-64>] ip bgp apply redistribute vrf <WORD 0-16> ip bgp restart-bgp ip bgp stats-clear-counters ip community-list <1-1024> memberid < > <permit deny> community-string <WORD 0-256> ip extcommunity-list <1-1024> memberid < > rt ip extcommunity-list <1-1024> memberid < > soo Parameter <cr> neighbor <nbr_ipaddr peer-group-name> [soft-reconfiguration <in out>] [vrf <WORD 0-64>] vrf <WORD 0-64> [soft-reconfiguration <in out>] <cr> neighbor <nbr_ipaddr peer-group-name> [vrf <WORD 0-64>] vrf <WORD 0-64> <AS number> < > [soo {<AS number> < > <ipaddress> < >}] <ipaddress> < > [soo {<AS number> < > <ipaddress> < >}] <AS number> < > <ipaddress> < > ip prefix-list <WORD 1-64> name <WORD 1-64> router bgp [< >] BGP Router Configuration mode aggregate-address {prefix/ len} <A.B.C.D/X> [<ge le> <0-32>] <cr> advertise-map <WORD > as-set attribute-map <WORD > October 2014 Configuration BGP Services 117

118 BGP configuration using the ACLI Command auto-peer-restart enable auto-summary bgp comp-bestpath-medconfed enable debug-screen <off on> default-information originate default-metric < > flap-dampening [enable] global-debug mask <WORD 1-100> ibgp-report-import-rt enable ignore-illegal-rtrid enable neighbor-debug-all mask <WORD 1-100> network <prefix/len> [metric < >] no-med-path-is-worst enable quick-start enable redistribute <direct ospf rip static> route-reflector [enable] Parameter summary-only suppress-map <WORD > aggregation [enable] always-compare-med client-to-client reflection cluster-id <A.B.C.D> confederation identifier < > [peers <WORD 0-255>] default local-preference < > deterministic-med enable multiple-paths <1-8> <cr> enable [vrf-src <WORD 0-64>] metric < > [vrf-src <WORD 0-64>] route-map <WORD 0-64> [vrf-src <WORD 0-64>] vrf-src <WORD 0-64> 118 Configuration BGP Services October 2014

119 Job aid: Roadmap of BGP ACLI commands Command route-refresh router-id <A.B.C.D> synchronization traps enable neighbor <nbr_ipaddr peer-group-name> neighbor password <nbr_ipaddr peer-groupname> <WORD > Parameter <cr> address-family vpnv4 advertisement-interval <5-120> default-originate ebgp-multihop enable fall-over bfd in-route-map <WORD 0-256> ipvpn-lite-capability max-prefix < > MD5-authentication enable neighbor-debug-mask <WORD 1-100> next-hop-self out-route-map <WORD 0-256> peer-group <WORD > remote-as < > remove-private-as enable retry-interval < > route-reflector-client route-refresh send-community soft-reconfiguration-in enable timers < > < > update-source <src-address> weight < October 2014 Configuration BGP Services 119

120 BGP configuration using the ACLI Job aid: Roadmap of BGP+ ACLI commands Most of the existing BGP configurations are applicable to BGP for IPv6. BGP uses a router ID to identify BGP-speaking peers. The BGP router ID is 32-bit value that is often represented by an IPv4 address. By default, BGP sets the router ID to the IPv4 address of a loopback interface on the router. If no loopback interface is configured on the router, then the software chooses the highest IPv4 address configured on a physical interface on the router to represent the BGP router ID. If the router is configured only for IPv6 and has no IPv4 addresses, then you must manually configure the BGP router ID. The following roadmap lists all the BGP+ commands and their parameters. Use this list as a quick reference. BGP+ is supported only on the global router (VRF 0). Table 8: Job aid: Roadmap of BGP+ ACLI commands Command Privileged EXEC mode ip bgp restart-bgp ip bgp stats-clear-counters show ip bgp show bgp ipv6 show ip extcommunity-list [<1-1024>] Global Configuration mode ip as-list <1-1024> memberid < > <permit deny> as-path <WORD > ip bgp restart-bgp Parameter <cr> neighbor <nbr_ipaddr peer-group-name> [soft-reconfiguration <in out>] <cr> neighbor <nbr_ipaddr peer-group-name> conf confederation peer-group [<WORD >] stats summary aggregates [<prefix/len>] imported-routes [<prefix/len>] [longer-prefixes] networks [<prefix/len>] redistributed-routes [<prefix/len>] route [<prefix/len>] [community <enable disable>] [ipv6 <ipv6-addr>] [longerprefixes] <cr> neighbor <nbr_ipaddr peer-group-name> [soft-reconfiguration <in out>] [soft-reconfiguration <in out>] 120 Configuration BGP Services October 2014

121 Job aid: Roadmap of BGP+ ACLI commands Command ip bgp stats-clear-counters ip community-list <1-1024> memberid < > <permit deny> community-string <WORD 0-256> ip extcommunity-list <1-1024> memberid < > rt ip extcommunity-list <1-1024> memberid < > soo ipv6 prefix-list <WORD 1-64> router bgp [< >] Parameter <cr> BGP Router Configuration mode aggregate-address {ipv6- prefix/len} auto-peer-restart enable auto-summary bgp comp-bestpath-medconfed enable debug-screen <off on> default-information originate neighbor <nbr_ipaddr peer-group-name> <AS number> < > [soo {<AS number> < > <ipaddress> < >}] <ipaddress> < > [soo {<AS number> < > <ipaddress> < >}] <AS number> < > <ipaddress> < > name <WORD 1-64> <X:X::X:X/0-128> [<ge le> <0-128>] <cr> advertise-map <WORD > as-set attribute-map <WORD > summary-only suppress-map <WORD > aggregation [enable] always-compare-med client-to-client reflection cluster-id <A.B.C.D> confederation identifier < > [peers <WORD 0-255>] default local-preference < > deterministic-med enable multiple-paths <1-8> October 2014 Configuration BGP Services 121

122 BGP configuration using the ACLI Command default-metric < > global-debug mask <WORD 1-100> ibgp-report-import-rt enable ignore-illegal-rtrid enable neighbor-debug-all mask <WORD 1-100> network <prefix/len> [metric < >] no-med-path-is-worst enable quick-start enable redistribute <ipv6-direct ipv6-static ospfv3> route-reflector [enable] router-id <A.B.C.D> synchronization traps enable neighbor <peer-groupname> Parameter <cr> enable metric < > route-map <WORD 0-64> <cr> advertisement-interval <5-120> default-ipv6-originate ebgp-multihop enable ipv6-in-route-map <WORD 0-256> ipv6-out-route-map <WORD 0-256> max-prefix < > neighbor-debug-mask <WORD 1-100> next-hop-self peer-group <WORD > remote-as < > remove-private-as enable retry-interval < > route-reflector-client send-community 122 Configuration BGP Services October 2014

123 Job aid: Roadmap of VRF Lite BGP ACLI commands Command Parameter soft-reconfiguration-in enable timers < > < > update-source <src-address> weight < Job aid: Roadmap of VRF Lite BGP ACLI commands The following roadmap lists all the VRF Lite BGP commands and their parameters. Use this list as a quick reference. Table 9: Job aid: Roadmap of VRF Lite BGP ACLI commands Command VRF Router Configuration mode ip as-list <1-1024> memberid < > <permit deny> as-path <WORD > ip bgp Parameter aggregate-address <prefix/len> [advertise-map <WORD >] [as-set] [attribute-map <WORD >] [summaryonly] [suppress-map <WORD >] aggregation [enable] always-compare-med auto-peer-restart enable auto-summary default local-preference < > default-information originate default-metric < > deterministic-med enable enable flap-dampening [enable] global-debug mask <WORD 1-100> ibgp-report-import-rt enable ignore-illegal-rtrid enable in-route-map <WORD 0-256> multiple-paths <1-8> network <prefix/len> [metric < >] no-med-path-is-worst enable out-route-map <WORD 0-256> October 2014 Configuration BGP Services 123

124 BGP configuration using the ACLI Command ip bgp neighbor <nbr_ipaddr peer-groupname> ip bgp neighbor password <nbr_ipaddr peer-group-name> <WORD > ip bgp redistribute <direct ospf rip static> Parameter quick-start enable router-id <A.B.C.D> synchronization traps enable <cr> advertisement-interval <5-120> allow-as-in <1-10> as-override default-originate ebgp-multihop enable in-route-map <WORD 0-256> max-prefix < > MD5-authentication enable neighbor-debug-mask <WORD 1-100> next-hop-self out-route-map <WORD 0-256> peer-group <WORD > remote-as < > remove-private-as enable retry-interval < > send-community site-of-origin < > < > site-of-origin <A.B.C.D> < > soft-reconfiguration-in enable timers < > < > update-source <src-address> weight < <cr> enable [vrf-src <WORD 0-64>] metric < > [vrf-src <WORD 0-64>] route-map <WORD 0-64> [vrf-src <WORD 0-64>] vrf-src <WORD 0-64> 124 Configuration BGP Services October 2014

125 Configuring BGP globally Command ip community-list <1-1024> memberid < > <permit deny> community-string <WORD 0-256> ip extcommunity-list <1-1024> memberid < > rt ip extcommunity-list <1-1024> memberid < > soo Parameter <AS number> < > [soo {<AS number> < > <ipaddress> < >}] <ipaddress> < > [soo {<AS number> < > <ipaddress> < >}] <AS number> < > <ipaddress> < > ip prefix-list <1-1024> name <WORD 1-64> <prefix/len> [<ge le> <0-32>] Configuring BGP globally Configure BGP globally to enable BGP on the switch and determine how BGP operates. By default, BGP is disabled. This procedure applies for BGP+ as well as for IPv4 BGP. Prerequisites To configure the suppress-map, advertise-map, or attribute-map options, the route policy for those options is already configured. For initial BGP configuration, you must know the AS number. To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must use VRF Router Configuration mode, and use the prefix ip bgp. Access Global Configuration mode or VRF Router Configuration mode. Procedure steps 1. If required, disable BGP: no router bgp enable 2. In Global Configuration mode, specify the AS number and enable BGP: router bgp [< >] [enable] The AS number parameter only applies to VRF 0. October 2014 Configuration BGP Services 125

126 BGP configuration using the ACLI 3. Access Router BGP Configuration mode: router bgp 4. Use the following variable definitions table to configure BGP as required. 5. Ensure that the configuration is correct: show ip bgp conf definitions Use the data in the following table to use the BGP commands in BGP Router Configuration mode. Unless otherwise stated, all parameters listed are supported with BGP+. aggregate-address <prefix/len> [as-set] [summary-only] [suppress-map <WORD >] [advertise-map <WORD >] [attribute-map <WORD >] auto-peer-restart enable Adds or deletes an aggregate address in a BGP routing table. Because the routes in the table are only aggregated to EBGP peers, routing traffic is minimized. The default value is none. <prefix/len>> is an IPv4 or IPv6 prefix and a prefix length as-set enables autonomous system information. The default value is disable. summary-only enables the summarization of routes not included in routing updates. This parameter creates the aggregate route and suppresses advertisements of more specific routes to all neighbors. The default value is disable. suppress-map <WORD > is the route map name (string length between 0 and 64 characters long) for the suppressed route list. advertise-map <WORD > is the route map name (any string length between 0 and 64 characters long) for route advertisements. attribute-map <WORD > is the route map name (string length between 0 and 64 characters long). The no form of this command is no aggregate-address <prefix/len> [as-set] [summary-only]. The default form of this command is default aggregateaddress <prefix/len> [as-set] [summary-only] [suppress-map <WORD >] [advertise-map <WORD >] [attribute-map <WORD >]. Enables the process that automatically restarts a connection to a BGP neighbor. The default value is enable. The no form of this command is no auto-peer-restart enable. 126 Configuration BGP Services October 2014

127 Configuring BGP globally auto-summary bgp aggregation [enable] bgp always-compare-med bgp client-to-client reflection bgp cluster-id <A.B.C.D> The default form of this command is default auto-peerrestart [enable]. When enabled, BGP summarizes networks based on class limits (For example, Class A, B, C networks). The default value is enable. The no form of this command is no auto-summary. The default form of this command is default autosummary. Enables or disables the aggregation feature on this interface. The default value is enable. You cannot change the value when BGP is enabled. The no form of this command is no bgp aggregation [enable]. The default form of this command is default bgp aggregation [enable]. Enables the comparison of the multi-exit discriminator (MED) parameter for paths from neighbors in different autonomous systems. A path with a lower MED is preferred over a path with a higher MED. The default value is disable. The no form of this command is no bgp always-comparemed. The default form of this command is default bgp alwayscompare-med. Enables or disables route reflection between two route reflector clients. This option is applicable only if the route reflection value is set to enable. The default value is enable. Route reflection may be enabled even when clients are fully meshed. In this event, route reflection is not required. This parameter only applies to VRF 0. The no form of this command is no bgp client-toclient reflection. The default form of this command is default bgp clientto-client reflection. Sets a cluster ID. This option is applicable only if the route reflection value is set to enable, and if multiple route reflectors are in a cluster. <A.B.C.D> is the cluster ID of the reflector router. The default value is This parameter only applies to VRF 0. The no form of this command is no bgp cluster-id [<A.B.C.D>]. October 2014 Configuration BGP Services 127

128 BGP configuration using the ACLI bgp confederation identifier < > [peers <WORD 0-255>] bgp default local-preference < > bgp deterministic-med enable bgp multiple-paths <1-8> comp-bestpath-med-confed enable debug-screen <off on> Configures a BGP confederation. The default value is 0. identifier < > specifies the confederation identifier. peers <WORD 0-255> Lists adjoining ASs that are part of the confederation in the format (5500,65535,0,10,...,...). The no form of this command is no bgp confederation [identifier < >] [peers <WORD 0-255>]. The default form of this command is default bgp confederation [identifier] [peers]. Specifies the default value of the local preference attribute. The default value is 100. You cannot change the default value when BGP is enabled. The no form of this command is no bgp default localpreference [< >]. The default form of this command is default bgp default local-preference. Enables deterministic Multiexit Discriminator (MED). The default value is enable. The no form of this command is no bgp deterministicmed [enable]. The default form of this command is default bgp deterministic-med [enable]. Sets the maximum number of equal-cost-paths that are available to a BGP router by limiting the number of equal-costpaths that can be stored in the routing table. The default value is 1. The default form of this command is default bgp multiple-paths. When enabled, compares multi-exit discriminator (MED) attributes within a confederation. The default value is enable. This parameter only applies to VRF 0. The no form of this command is no comp-bestpath-medconfed [enable]. The default form of this command is default compbestpath-med-confed [enable]. Displays debug messages on the console, or saves them in a log file. Disable BGP screen logging (off) or enable BGP screen logging (on). The default value is off. The no form of this command is no debug-screen. 128 Configuration BGP Services October 2014

129 Configuring BGP globally default-information originate default-metric < > flap-dampening enable global-debug mask <WORD 1-100> The default form of this command is default debugscreen. Enables the advertisement of a default route to peers, if it is present in the routing table. The default value is disable. The no form of this command is no default-information originate. The default form of this command is default defaultinformation originate. Sets a value that is sent to a BGP neighbor to determine the cost of a route a neighbor is using. A default metric value helps solve the problems associated with redistributing routes that have incompatible metrics. For example, whenever metrics do not convert, using a default metric provides a reasonable substitute and redistribution proceeds. Use this option in conjunction with the redistribute commands so the current routing protocol uses the same metric for all redistributed routes. The default value is -1. The no form of this command is no default-metric [< >]. The default form of this command is default defaultmetric. Enables route suppression for routes that flap on and off. The default value is enable. The no form of this command is no flap-dampening [enable]. The default form of this command is default flapdampening [enable]. This parameter is not supported with BGP+. Displays specified debug information for BGP global configurations. The default value is none. <WORD 1-100> is a list of mask choices separated by commas with no space between choices. Mask choices are: none disables all debug messages. all enables all debug messages. error enables display of debug error messages. packet enables display of debug packet messages. event enables display of debug event messages. trace enables display of debug trace messages. warning enables display of debug warning messages. October 2014 Configuration BGP Services 129

130 BGP configuration using the ACLI ibgp-report-import-rt enable ignore-illegal-rtrid enable neighbor-debug-all mask <WORD 1-100> neighbor network <prefix/len> [metric < >] state enables display of debug state transition messages. init enables display of debug initialization messages. filter enables display of debug messages related to filtering. update enables display of debug messages related to sending and receiving updates. The no form of this command is no global-debug mask. The default form of this command is default globaldebug mask. Configures BGP to advertise imported routes to an interior BGP (IBGP) peer. This command also enables or disables advertisement of nonbgp imported routes to other IBGP neighbors. The default value is enable. The no form of this command is no ibgp-report-importrt [enable]. The default form of this command is default ibgpreport-import-rt [enable]. When enabled, BGP overlooks an illegal router ID. For example, you can set this command to enable or disable the acceptance of a connection from a peer that sends an open message using a router ID of 0 (zero). The default value is enable. The no form of this command is no ignore-illegalrtrid [enable]. The default form of this command is default ignoreillegal-rtrid [enable]. Displays specified debug information for BGP neighbors. The default value is none. For mask options, see the globaldebug mask <WORD 1-100> section. The no form of this command is no neighbor-debug-all. The default form of this command is default neighbordebug-all. See the following procedure and variable definitions table: Configuring BGP peers or peer groups on page 134. Specifies IGP network prefixes for BGP to advertise for redistribution. This command imports routes into BGP. The default value is none. <prefix/len> is the network address and mask. metric < > corresponds to the MED (multi-exit discriminator) BGP attribute for the route. 130 Configuration BGP Services October 2014

131 Configuring BGP globally no-med-path-is-worst enable quick-start enable route-reflector enable route-refresh router-id <A.B.C.D> synchronization The no form of this command is no network <prefix/ len>. The default form of this command is default network <prefix/len> metric. Enables BGP to treat an update without a multi-exit discriminator (MED) attribute as the worst path. The default value is enable. The no form of this command is no no-med-path-isworst [enable]. The default form of this command is default no-medpath-is-worst [enable]. Enables the quick-start flag for exponential backoff. The default value is disable. The no form of this command is no quick-start [enable]. The default form of this command is default quick-start [enable]. Enables the reflection of routes from IBGP neighbors. The default value is enable. This parameter only applies to VRF 0. The no form of this command is no route-reflector [enable]. The default form of this command is default routereflector [enable]. Enables or disables IP VPN Route Refresh. If enabled, a route refresh request received by a BGP speaker causes the speaker to resend all route updates it contains in its database that are eligible for the peer that issues the request. The default value is disable. This parameter only applies to VRF 0. The no form of this command is no route-refresh. The default form of this command is default routerefresh. Specifies the BGP router ID in IP address format. This parameter only applies to VRF 0. The default value is The no form of this command is no router-id <A.B.C.D>. Enables the router to accept routes from BGP peers without waiting for an update from the IGP. The default value is enable. The no form of this command is no synchronization. October 2014 Configuration BGP Services 131

132 BGP configuration using the ACLI traps enable The default form of this command is default synchronization. Enables BGP traps. The default value is disable. The no form of this command is no traps [enable]. The default value is enable. The default form of this command is default traps [enable]. Use the data in the following table to use the router bgp commands. <cr> <asnum> 4-byte-as <enable disable> as-dot <enable disable> Enables BGP on the router. The default value is disable. The no form of this command is no router bgp [enable]. The default form of this command is default router bgp [enable]. Sets the local autonomous system (AS) number. You cannot change this number when BGP is set to enable. To set a 2-byte local AS number, enter a number in the range of 1 to To set a 4-byte local AS number, enable the 4-byte-as variable and enter a number in the range of to If you enable as-dot, enter the AS number in octets in the range of 1.0 to Attention: This parameter is not supported with BGP+. Enables or disables the switch from using 4 byte numbers for autonomous systems. Enables or disables representing AS numbers in octects. The default is disable so the switch uses the plain notation format. If you enable the 4-byte-as and as-dot parameters, enter localas numbers in the range of 1.0 to Attention: This parameter is not supported with BGP+. Job aid: BGP debug commands Debug command values allow you to control debug messages for global BGP message types, and for message types associated with a specified BGP peer or peer group. The following tips can help you use the debug commands: Display debug commands for multiple mask choices by entering the mask choices separated by commas, with no space between choices. To end (disable) the display of debug messages, use the mask choice of none. 132 Configuration BGP Services October 2014

133 Configuring 4 byte AS numbers You can save debug messages in a log file, or you can display the messages on your console using the debug-screen command. You can display global debug messages for the following mask categories: none disables the display of all debug messages all sets the switch to display all categories of debug messages error sets the switch to display error debug messages packet sets the switch to display packet debug messages event sets the switch to display event debug messages warning sets the switch to display warning debug messages init sets the switch to display initialization debug messages filter sets the switch to display filter-related debug messages update sets the switch to display update-related debug messages For information about the logged debug messages, see Avaya Ethernet Routing Switch 8800/8600 Logs Reference, NN Configuring 4 byte AS numbers Configure AS numbers using the 4-byte format and represent the numbers in octets. This procedure does not apply for BGP+. Prerequisites You cannot modify the global BGP configuration unless BGP is disabled. To configure BGP on a specific VRF instance, login to the required VRF instance as required. The VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. Configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must use VRF Router Configuration mode, and use the prefix ip bgp. Access Global Configuration mode or VRF Router Configuration mode. Make sure that you define AS numbers in policies the same way that you configure them for the router. The choices are asplain (regular expression) or asdot (dot notation). If you create policies using asplain and configure the switch with asdot, the match will not occur. Procedure steps To change the AS number format, first disable BGP. no router bgp disable 2. Enable the 4-byte AS numbering format. router bgp 4-byte-as enable 3. To use the dotted octet notation, enable as-dot. October 2014 Configuration BGP Services 133

134 BGP configuration using the ACLI router bgp as-dot enable 4. Configure the 4-byte AS number and enable BGP. If you enabled as-dot, enter the AS number in octets. router bgp <asnum> <cr> definitions Use the data in the following table to use the router bgp commands in Global Configuration Mode. <cr> <asnum> 4-byte-as <enable disable> as-dot <enable disable> Enables BGP on the router. The default value is disable. The no form of this command is no router bgp [enable]. The default form of this command is default router bgp [enable]. Sets the local autonomous system (AS) number. You cannot change local-as when BGP is set to enable. To set a 2-byte local AS number, enter a local-as number in the range of 1 to To set a 4-byte local-as number, enable the 4-byte-as variable and enter a number in the range of to If you enable as-dot, enter the AS number in octets in the range of 1.0 to Attention: This parameter is not supported with BGP+. Enables or disables the switch from using 4 byte numbers for autonomous systems. Enables or disables representing AS numbers in octects. The default is disable so the switch uses the plain notation format. If you enable the 4-byte-as and as-dot parameters, enter <asnum> numbers in the range of 1.0 to Attention: This parameter is not supported with BGP+. Configuring BGP peers or peer groups Use peers and peer groups to simplify BGP configuration and makes updates more efficient. BGP speakers can have many neighbors configured with similar update policies (for example, many neighbors use the same distribute lists, filter lists, outbound route maps, update source, and so on). Group the neighbors that have the same update policies into peer groups and peer associations. This procedure applies for BGP+ as well as for IPv4 BGP. 134 Configuration BGP Services October 2014

135 Configuring BGP peers or peer groups Prerequisites If required, route policies exist. To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must use VRF Router Configuration mode, and use the prefix ip bgp. Access BGP Router Configuration mode or VRF Router Configuration mode. Procedure steps 1. Create a peer or peer group: neighbor <nbr_ipaddr peer-group-name> <nbr_ipaddr peer-group-name> specifies the peer IPv4 address or the peer group name. 2. Use the following variable definitions table to configure BGP as required. 3. Enable the configuration: neighbor <nbr_ipaddr peer-group-name> enable definitions Use the data in the following table to use the neighbor <nbr_ipaddr peer-group-name> command. Unless otherwise stated, all parameters listed are supported with BGP+. address-family vpnv4 advertisement-interval <5-120> Enables BGP address families for IPv4 (BGP) and L3 VPN (MP- BGP) support. Enable this parameter for VPN/VRF Lite routes. The default value is disable. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> address-family vpnv4. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> address-family vpnv4. Specifies the time interval (in seconds) that transpires between each transmission of an advertisement from a BGP neighbor. The default value is 5 seconds. October 2014 Configuration BGP Services 135

136 BGP configuration using the ACLI default-originate ebgp-multihop enable in-route-map <WORD 0-256> ipvpn-lite-capability The default form of this command is default neighbor <nbr_ipaddr peer-group-name> advertisementinterval. Enables the switch to send a default route advertisement to the specified neighbor. A default route does not have to be in the routing table. The default value is disable. Do not use this command if default-information originate is globally enabled. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> default-originate. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> default-originate. Enables a connection to a BGP peer that is more than one hop away from the local router. The default value is disable. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> ebgp-multihop. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> ebgp-multihop. Enables the BGP neighbor. The default value is disable. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> enable. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> enable. Applies a route policy rule to all incoming routes that are learned from, or sent to, the local BGP router's peers, or peer groups. The local BGP router is the BGP router that allows or disallows routes and sets attributes in incoming or outgoing updates. The default value is none. <WORD 0-256> name is an alphanumeric string length (0 to 256 characters) that indicates the name of the route map or policy. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> in-route-map <WORD 0-256>. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> in-route-map. Specifies (when enabled) that IP VPN Lite capability can be enabled or disabled on the BGP neighbor peer. The default is disable. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> ipvpn-lite-capability. 136 Configuration BGP Services October 2014

137 Configuring BGP peers or peer groups max-prefix < > MD5-authentication enable neighbor-debug-mask <WORD 1-100> The default form of this command is default neighbor <nbr_ipaddr peer-group-name> ipvpn-litecapability. This parameter is not supported with BGP+. Sets a limit on the number of routes that can be accepted from a neighbor. The default value is routes. A value of 0 (zero) indicates that there is no limit to the number of routes that can be accepted. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> max-prefix. Enables TCP MD5 authentication between two peers. The default value is disable. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> MD5-authentication enable. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> MD5-authentication enable. Displays specified debug information for a BGP peer. The default value is none. <WORD 1-100> is a list of mask choices separated by commas with no space between choices. For example: {<mask>,<mask>,<mask>...}. Mask choices are: none disables all debug messages. all enables all debug messages. error enables display of debug error messages. packet enables display of debug packet messages. event enables display of debug event messages. trace enables display of debug trace messages. warning enables display of debug warning messages. state enables display of debug state transition messages. init enables display of debug initialization messages. filter enables display of debug messages related to filtering. update enables display of debug messages related to sending and receiving updates. The default form of this command is default neighbor <A.B.C.D WORD > neighbor-debug-mask. October 2014 Configuration BGP Services 137

138 BGP configuration using the ACLI next-hop-self out-route-map <WORD 0-256> peer-group <WORD > remote-as < > remove-private-as enable When enabled, specifies that the next-hop attribute in an IBGP update is the address of the local router or the router that is generating the IBGP update. The default value is disable. The next-hop-self parameter can only be configured when the neighbor is disabled. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> next-hop-self. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> next-hop-self. With BGP+, Avaya recommends enabling the next-hop-self parameter on the Edge/Boundary switch. Applies a route policy rule to all outgoing routes that are learned from, or sent to, the local BGP router's peers, or peer groups. The local BGP router is the BGP router that allows or disallows routes and sets attributes in incoming or outgoing updates. The default value is none. <WORD 0-256> name is an alphanumeric string length (0 to 256 characters) that indicates the name of the route map or policy. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> out-route-map <WORD 0-256>. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> out-route-map. Adds a BGP peer to the specified subscriber group. You must create the specified subscriber group before you issue this command. The default value is none. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> peer-group <WORD >. Configures the remote AS number of a BGP peer or a peergroup. You cannot configure this option when the admin-state is enable. The default value is 0. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> remote-as. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> remote-as. When enabled, strips private AS numbers when an update is sent. This feature is especially useful within a confederation. The default value is disable. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> remove-private-as enable. 138 Configuration BGP Services October 2014

139 Configuring BGP peers or peer groups retry-interval < > route-reflector-client route-refresh send-community soft-reconfiguration-in enable The default form of this command is default neighbor <nbr_ipaddr peer-group-name> remove-private-as enable. Sets the time interval (in seconds) for the ConnectRetry Timer. The default value is 120 seconds. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> remove-private-as enable. Configures the specified neighbor or group of neighbors as its route reflector client. The default value is disable. All neighbors that are configured become members of the client group and the remaining IBGP peers become members of the nonclient group for the local route reflector. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> route-reflector-client. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> route-reflectorclient. Enables IP VPN Route Refresh for the BGP peer. If enabled, a route refresh request received by a BGP speaker causes the speaker to resend all route updates it contains in its database that are eligible for the peer that issues the request. The default value is disable. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> route-refresh. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> route-refresh. Enables the switch to send the update message community attribute to the specified peer. The default value is disable. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> send-community. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> send-community. When enabled, the router relearns routes from the specified neighbor or group of neighbors without resetting the connection when the policy changes in the inbound direction. The default value is disable. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> soft-reconfiguration-in enable. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> softreconfiguration-in enable. October 2014 Configuration BGP Services 139

140 BGP configuration using the ACLI timers < > < > update-source <src-address> weight < Sets timers (in seconds) for the BGP speaker for this peer. < > is the keepalive time. The default value is 0 seconds. < > is the hold time. The default value is 0 seconds. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> timers. Specifies the source address when BGP packets are sent to this peer or peer group. You cannot configure this parameter when the admin-state is enable. <src-address> is the specified source address. The default value is The no form of this command is no neighbor <nnbr_ipaddr peer-group-name> update-source <src-address>. The no form of this command is default neighbor <nbr_ipaddr peer-group-name> update-source. Specifies the weight of a BGP peer or peer groups, or the priority of updates that can be received from that BGP peer. The default value is 0. If you have particular neighbors that you want to prefer for most of your traffic, you can assign a higher weight to all routes learned from that neighbor. The no form of this command is no neighbor <nbr_ipaddr peer-group-name> weight. The default form of this command is default neighbor <nbr_ipaddr peer-group-name> weight. Configuring a BGP peer or peer group password Use this procedure to configure a BGP peer or peer group password for Transmission Control Protocol (TCP) MD5 authentication between two peers. Prerequisites Log on to the BGP Router Configuration mode in the ACLI. Procedure steps 1. Assign a BGP peer or peer group password: 140 Configuration BGP Services October 2014

141 Configuring redistribution to BGP for VRF 0 neighbor password <nbr_ipaddr peer-group-name> <WORD 0-80> definitions Use the data in the following table to use the neighbor password <nbr_ipaddr peergroup-name> <WORD 0-80> command. neighbor password <nbr_ipaddr peergroup-name> <WORD 0-80> Specifies a password for TCP MD5 authentication between two peers. <WORD 0-80> is an alphanumeric string length from 0 to 80 characters. The no form of this command is no neighbor password <nbr_ipaddr peer-group-name>. The default form of this command is default neighbor password <<nbr_ipaddr peer-group-name>. Configuring redistribution to BGP for VRF 0 Configure a redistribute entry to announce routes of a certain source protocol type into the BGP domain, for example, static, RIP, or direct routes. Use a route policy to control the redistribution of routes. Prerequisites If required, a route policy exists. To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must use VRF Router Configuration mode, and use the prefix ip bgp. Access BGP Router Configuration mode. Procedure steps 1. Create a redistribution instance: redistribute <direct ospf rip static> 2. If required, specify a route policy to govern redistribution: redistribute <direct ospf rip static> route-map <WORD 0-64> [vrf-src <WORD 0-64>] October 2014 Configuration BGP Services 141

142 BGP configuration using the ACLI 3. Enable the instance: redistribute <direct ospf rip static> enable [vrf-src <WORD 0-64>] 4. Access Privileged EXEC mode and apply the redistribution instance configuration: ip bgp apply redistribute <direct ospf rip static> [vrf-src <WORD 0-64>] definitions Use the information in the following table to help you use the redistribute <direct ospf rip static> command. enable [vrf-src <WORD 0-64>] metric < > [vrf-src <WORD 0-64>] route-map <WORD 0-64> [vrf-src <WORD 0-64>] vrf-src <WORD 0-64> Enables the BGP route redistribution instance. The default value is none. The no form of this command is no redistribute <direct ospf rip static> [enable] [vrf-src <WORD 0-64>]. The default form of this command is default redistribute <direct ospf rip static> [enable] [vrf-src <WORD 0-64>]. Configures the metric to apply to redistributed routes. The default value is 0. The default form of this command is default redistribute <direct ospf rip static> [metric] [vrf-src <WORD 0-64>]. Configures the route policy to apply to redistributed routes. The default value is none. The default form of this command is default redistribute <direct ospf rip static> [route-map] [vrf-src <WORD 0-64>]. Specifies the source VRF instance by name for route redistribution. The default value is GlobalRouter. The default form of this command is default redistribute <direct ospf rip static> [vrf-src <WORD 0-64>]. Configuring redistribution to BGP+ for VRF 0 Configure an IPv6 redistribute entry to announce IPv6 routes of a certain source protocol type into the BGP domain, for example, static, OSPF, or direct routes. Use a route policy to control the redistribution of routes. 142 Configuration BGP Services October 2014

143 Configuring redistribution to BGP+ for VRF 0 Prerequisites If required, a route policy exists. Access BGP Router Configuration mode. Procedure steps 1. Create a redistribution instance: redistribute <ipv6-direct ipv6-static ospfv3> 2. If required, specify a route policy to govern redistribution: redistribute <ipv6-direct ipv6-static ospfv3> route-map <WORD 0-64> 3. Enable the instance: redistribute <ipv6-direct ipv6-static ospfv3> enable Unlike IPv4 redistribution, you do not need to manually apply the IPv6 redistribution instance. Once you enable the IPv6 redistribution instance, it is automatically applied. definitions Use the information in the following table to help you use the redistribute <ipv6-direct ipv6-static ospfv3> command. enable metric < > route-map <WORD 0-64> Enables the BGP route redistribution instance. The default value is none. The no form of this command is no redistribute <ipv6- direct ipv6-static ospfv3>[enable]. The default form of this command is default redistribute <ipv6-direct ipv6-static ospfv3> [enable]. Configures the metric to apply to redistributed routes. The default value is 0. The default form of this command is default redistribute <ipv6-direct ipv6-static ospfv3> [metric]. Configures the route policy to apply to redistributed routes. The default value is none. The default form of this command is default redistribute <ipv6-direct ipv6-static ospfv3> [route-map]. October 2014 Configuration BGP Services 143

144 BGP configuration using the ACLI Configuring a prefix list Use prefix lists to allow or deny specific route updates. A prefix list policy specifies route prefixes to match. When there is a match, the route is used. This procedure is not supported with IPv6 BGP+. Prerequisites To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must use VRF Router Configuration mode, and use the prefix ip bgp. Access Global Configuration mode or VRF Router Configuration mode. Procedure steps 1. Create a prefix list: ip prefix-list <1-1024> <prefix/len> [<ge le> <0-32>] Use the same command to add additional prefixes to the list. 2. Name the list: ip prefix-list <1-1024> name <WORD 1-64> definitions Use the data in the following table to use the ip prefix-list <1-1024> command, where <1-1024> is an integer value between 1 and 1024 that represents the prefix list ID. <prefix/len> [<ge le> <0-32>] name <WORD 1-64> Creates or adds a prefix to the list. The default value is none. <prefix/len> specifies the IP address and network mask in the format a.b.c.d/x, a.b.c.d/x.x.x.x, or default. <ge le> specifies greater than or equal to or less than or equal to. <0-32> specifies the mask length in the range 0 to 32. The no form of this command is no ip prefix-list <1-1024> <prefix/len>. Names the prefix list. The default value is none. 144 Configuration BGP Services October 2014

145 Configuring an IPv6 prefix list Configuring an IPv6 prefix list Use IPv6 prefix lists to allow or deny specific IPv6 route updates. A prefix list policy specifies route prefixes to match. When there is a match, the route is used. Prerequisites Access Global Configuration mode. Procedure steps 1. Create a prefix list: ipv6 prefix-list <WORD 1-64> <prefix/len> [<ge le> <0-128>] Use the same command to add additional prefixes to the list. 2. To rename the list: ip prefix-list <WORD 1-64> name <WORD 1-64> definitions Use the data in the following table to use the ipv6 prefix-list command. <prefix/len> [<ge le> <0-32>] name <WORD 1-64> Creates or adds a prefix to the list. The default value is none. <prefix/len> specifies the IP prefix and length. <ge le> specifies greater than or equal to or less than or equal to. <0-128> specifies the mask length in the range 0 to 128. The no form of this command is no ip prefix-list <1-1024> <prefix/len>. Names the prefix list. The default value is none. Configuring AS path lists The As Path List is used with route policies and contains one or multiple AS path entries. Use an AS path list to restrict the routing information a router learns or advertises to and from a neighbor. The AS path list acts as a filter that matches AS paths. October 2014 Configuration BGP Services 145

146 BGP configuration using the ACLI This procedure applies for BGP+ as well as for IPv4 BGP. Prerequisites To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must use VRF Router Configuration mode, and use the prefix ip bgp. Access Global Configuration mode or VRF Router Configuration mode. Procedure steps 1. Create the path list: ip as-list <1-1024> memberid < > <permit deny> as-path <WORD > Use this command for each member by specifying different member IDs. definitions Use the data in the following table to use the ip as-list <1-1024> command, where <1-1024> is an integer value between 1 and 1024 that represents the AS-path list ID you want to create or modify. memberid < > <permit deny> aspath <WORD > Adds a regular expression entry to the specified AS-path list. The default value is none. memberid < > specifies an integer value between 0 and that represents the regular expression entry in the AS path list. <permit deny> permits or denies access for matching conditions. as-path <WORD > specifies an integer value between 0 and The no form of this command is no ip as-list <1-1024> [memberid < >] [as-path <WORD >]. 146 Configuration BGP Services October 2014

147 Configuring community lists Configuring community lists The Community List is used with route policies and contains one or multiple Community List entries. Use community lists to specify permitted routes by using their BGP community. This list acts as a filter that matches communities or AS numbers. This procedure applies for BGP+ as well as for IPv4 BGP. Prerequisites To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must use VRF Router Configuration mode, and use the prefix ip bgp. Access Global Configuration mode or VRF Router Configuration mode. Procedure steps 1. Create a community list: ip community-list <1-1024> memberid < > <permit deny> community-string <WORD 0-256> 2. Display the community list: show ip community-list <1-1024> [vrf <WORD 0-64>] [vrfids <0-255>] definitions Use the data in the following table to use the ip community-list <1-1024> command, where <1-1024> is an integer value between 1 and 1024 that represents the community list ID. memberid < > <permit deny> community-string <WORD 0-256> Adds an entry to the community list. The default value is none. <permit deny> sets the access mode, which permits or denies access for matching conditions. memberid < > is an integer value between 0 and that represents the member ID in the community list. <WORD 0-256> is <internet no-export no-advertise local-as>; an alphanumeric string value with a string length between 0 and 1536 characters (AS num:community-value) or (well-known community string). Well known communities October 2014 Configuration BGP Services 147

148 BGP configuration using the ACLI include: internet, no-export, no-advertise, local-as (known as NO_EXPORT_SUBCONFED). The no form of this command is no ip community-list <1-1024> [memberid < >] [community-string <WORD 0-256>]. [vrf <WORD 0-64>] [vrfids <0-255>] Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Configuring extended community lists The extended community list is used with route policies and contains one or multiple Community List entries. Use community lists to specify permitted routes by BGP extended community attributes, including route targets and sites of origin (SOO). This list acts as a filter that matches route targets and SOO. This procedure applies for BGP+ as well as for IPv4 BGP. Prerequisites To configure BGP on a specific VRF instance, the VRF must have an RP Trigger of BGP. Not all parameters are configurable on nonzero VRFs. You configure BGP on a VRF the same way you configure for the GlobalRouter, except that you must use VRF Router Configuration mode, and use the prefix ip bgp. Access Global Configuration mode or VRF Router Configuration mode. Procedure steps 1. Create an extended community list: ip extcommunity-list <1-1024> memberid < > { [rt {<AS number> < > <ipaddress> < >}] [soo {<AS number> < > <ipaddress> < >] } 2. Display the extended community list: show ip extcommunity-list <1-1024> [vrf <WORD 0-64>] [vrfids <0-255>] 148 Configuration BGP Services October 2014

149 BGP show commands definitions Use the data in the following table to use the commands in this procedure, where <1-1024> is an integer value between 1 and 1024 that represents the community list ID you want to create or modify. By default, no extended community list entries exist. The no form of this command is no ip extcommunity-list <1-1024> [memberid < >]. memberid < > rt {<AS number> < > <ipaddress> < >} soo {<AS number> < > <ipaddress> < >} [vrf <WORD 0-64>] [vrfids <0-255>] Specifies an integer value between 0 and that represents the member ID in the community list. Specifies the route target in the format {<AS number> <assigned number>} (that is, <0 to 65535> <0 to >) or <ipaddress> <assigned number> (that is, <A.B.C.D> <0 to 65535>). Specifies the site of origin in the format <AS number> <assigned number> (that is, <0 to 65535> <0 to >) or <ipaddress> <assigned number> (that is, <A.B.C.D> <0 to 65535>). Specifies a VRF instance by name. Specifies a range of VRFs by ID number. BGP show commands Show commands are useful to verify BGP configuration and to monitor or troubleshoot BGP operation. To display information for a specific virtual routing and forwarding (VRF) instance, you must specify the VRF name in the syntax of the command. Viewing BGP aggregate information Display information about current aggregate addresses. This procedure does not display IPv6 aggregate information. Procedure steps 1. Display information about current aggregates: show ip bgp aggregates [<prefix/len>] [vrf <WORD 0-64>] [vrfids <0-255>] October 2014 Configuration BGP Services 149

150 BGP configuration using the ACLI definitions Use the data in the following table to use the show ip bgp aggregates command. <prefix/len> Specifies the IP address and the mask length (the length can be 0 to 32). vrf <WORD 0-64> vrfids <0-255> Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Viewing IPv6 BGP+ aggregate information Display information about current IPv6 aggregate addresses. Procedure steps 1. Display information about current IPv6 aggregates: show bgp ipv6 aggregates [<prefix/len>] definitions Use the data in the following table to use the show bgp ipv6 aggregates command. <prefix/len> Specifies the IPv6 prefix and the prefix length (the length can be 0 to 128). Viewing CIDR routes Display information about classless interdomain routing (CIDR) routes. This procedure is not supported with BGP+. Procedure steps 1. Display information about CIDR routes: show ip bgp cidr-only [<prefix/len>] [vrf <WORD 0-64>] [vrfids <0-255>] definitions Use the data in the following table to use the show ip bgp cidr-only command. <prefix/len> Specifies an exact match of the prefix. This is an IP address and an integer value between 0 and 32 in the format a.b.c.d/xx. 150 Configuration BGP Services October 2014

151 BGP show commands vrf <WORD 0-64> vrfids <0-255> Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp cidr-only command output Use the data in the following table to understand the show ip bgp cidr-only command output. Field NETWORK/MASK PEER REM ADDR NEXTHOP ADDRESS ORG LOC PREF Description Specifies the network IP address and exact mask length (must be an integer value between 0 and 32). Specifies the IP address of the remote peer. Specifies the IP address of the next hop. Specifies the ultimate origin of the path information: IGB = Networks are interior EGB = Networks learned through an EGP INC (Incomplete) = Undetermined Specifies the local preference. Viewing flap-dampened routes Display information about flap-dampened routes to determine unreliable routes. This procedure is not supported with BGP+. Procedure steps 1. Display information about flap-dampened routes: show ip bgp dampened-paths <A.B.C.D> [<prefix/len>] [longerprefixes] [vrf <WORD 0-64>] [vrfids <0-255>] definitions Use the data in the following table to use the show ip bgp dampened-paths <A.B.C.D> command, where <A.B.C.D> is the IP address. <prefix/len> longer-prefixes vrf <WORD 0-64> vrfids <0-255> Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Specifies a VRF instance by name. Specifies a range of VRFs by ID number. October 2014 Configuration BGP Services 151

152 BGP configuration using the ACLI Job aid: show ip bgp dampened-paths command output Use the data in the following table to understand the show ip bgp dampened-paths <A.B.C.D> command output. Field NETWORK/MASK PEER REM ADDR NEXTHOP ADDRESS ORG LOC PREF Description Specifies the network IP address and exact mask length (must be an integer value between 0 and 32). Specifies the IP address of the remote peer. Specifies the IP address of the next hop. The ultimate origin of the path information: IGB = Networks are interior EGB = Networks learned through EGP INC (Incomplete) = Undetermined Specifies the local preference. Viewing global flap-dampening configurations Display global information about flap-dampening. This procedure is not supported with BGP+. Procedure steps 1. Display global information about flap-dampening: show ip bgp flap-damp-config [<prefix/len>] [vrf <WORD 0-64>] [vrfids <0-255>] definitions Use the data in the following table to use the show ip bgp flap-damp-config command. <prefix/len> vrf <WORD 0 64> vrfids <0 255> Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp flap-damp-config command output Use the data in the following table to understand the show ip bgp flap-damp-config command output. 152 Configuration BGP Services October 2014

153 BGP show commands Field Status PolicyName CutoffThreshold ReuseThreshold Decay MaxHoldDown Description Indicates the global state of the route flap dampening feature. Valid values are enable or disable. Not applicable for this release. Indicates the penalty level that causes a route to be suppressed. Specifies the system-configured time for route reuse. Indicates the decay rate based on the decay algorithm. Indicates the maximum length of time (in seconds) that the route will be suppressed. Viewing imported routes Display information about BGP imported routes. This procedure does not display IPv6 routes. Procedure steps 1. Display information about BGP imported routes: show ip bgp imported-routes [<prefix/len>] [longer-prefixes] [vrf <WORD 0-64>] [vrfids <0-255>] definitions Use the data in the following table to use the show ip bgp imported-routes command. <prefix/len> longer-prefixes vrf <WORD 0-64> vrfids <0-255> Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp imported-routes command output Use the data in the following table to understand the show ip bgp imported-routes command output. Field ROUTE METRIC COMMUNITY Description Specifies the IP address of the route. Specifies the route metric. Specifies the BGP community. October 2014 Configuration BGP Services 153

154 BGP configuration using the ACLI Field LOCALPREF NEXTHOP Description Specifies the local preference. Specifies the IP address of the next hop. Viewing imported IPv6 routes Display information about imported IPv6 BGP+ routes. Procedure steps 1. Display information about BGP imported routes: show bgp ipv6 imported-routes [<prefix/len>] [longer-prefixes] definitions Use the data in the following table to use the show bgp ipv6 imported-routes command. <prefix/len> longer-prefixes Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Job aid: show bgp ipv6 imported-routes command output Use the data in the following table to understand the show bgp ipv6 imported-routes command output. Field ROUTE METRIC COMMUNITY LOCALPREF NEXTHOP Description Specifies the IP address of the route. Specifies the route metric. Specifies the BGP community. Specifies the local preference. Specifies the IP address of the next hop. Viewing BGP network configurations Display information about BGP network configurations. This procedure does not display BGP+ configurations for IPv Configuration BGP Services October 2014

155 BGP show commands Procedure steps 1. Display information about BGP network configurations: show ip bgp networks [<prefix/len>] [vrf <WORD 0-64>] [vrfids <0-255>] definitions Use the data in the following table to use the show ip bgp networks command. <prefix/len> vrf <WORD 0-64> vrfids <0-255> Shows networks with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Viewing IPv6 BGP+ network configurations Display information about BGP+ network configurations. Procedure steps 1. Display information about BGP+ network configurations: show bgp ipv6 networks [<prefix/len>] definitions Use the data in the following table to use the show bgp ipv6 networks command. <prefix/len> Shows networks with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Viewing BGP peer information Display information about BGP peers. This procedure applies to BGP+ as well as IPv4 BGP. Procedure steps 1. Display information about BGP peers: show ip bgp neighbors [vrf <WORD 0-64>] [vrfids <0-255>] 2. Display information about BGP peer advertised routes: October 2014 Configuration BGP Services 155

156 BGP configuration using the ACLI show ip bgp neighbors <A.B.C.D> advertised-routes [<prefix/len>] [longer-prefixes] [vrf <WORD 0-64>] [vrfids <0-255>] 3. Display information about BGP peer routes: show ip bgp neighbors <A.B.C.D> routes [<prefix/len>] [longerprefixes] [community <enable disable>] [vrf <WORD 0-64>] [vrfids <0-255>] 4. Display information about IP VPN BGP peers: show ip bgp neighbors <A.B.C.D> vpnv4 [<prefix/len>] [longerprefixes] [community] [ext-community] [vrf <WORD 0-64>] [vrfids <0-255>] 5. Display statistics for BGP peers: show ip bgp neighbors <A.B.C.D> stats [vrf <WORD 0-64>] [vrfids <0-255>] definitions Use the data in the following table to use the show ip bgp neighbors and the show ip bgp neighbors <A.B.C.D> stats commands. vrf <WORD 0-64> vrfids <0-255> Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Use the data in the following table to use the show ip bgp neighbors advertised-route <A.B.C.D> command. <prefix/len> longer-prefixes vrf <WORD 0-64> vrfids <0-255> Shows paths with this prefix for nonip VPN routes. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Use the data in the following table to use the show ip bgp neighbors <A.B.C.D> route and show ip bgp neighbors <A.B.C.D> vpnv4 commands. <prefix/len> Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). 156 Configuration BGP Services October 2014

157 BGP show commands longer-prefixes community ext-community vrf <WORD 0-64> vrfids <0-255> Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Enables the display of community attributes. Enables the display of extended community attributes. Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp neighbor command output Use the data in the following table to use the show ip bgp neighbors <A.B.C.D> route command. Field NETWORK/MASK NEXTHOP ADDRESS ORG PEER REM ADDR LOCAL PREF STATUS Description Specifies the network mask of the direct route. Specifies the IP address of the next hop. Specifies the source of a route: IGP the route is interior to the originating AS that inserts this route into the BGP table (0 = IGP). EGP the route is learned through an Exterior Gateway Protocol (EGP) prior to being inserted into the BGP table (1 = BGP). Incomplete the origin of the route is unknown or learned by some other means. For example, these routes could be learned through RIP, OSPF, or static routes (2 = Incomplete). Specifies the IP address of the remote peer. Specifies the local preference. Specifies the route status: Accepted, Best, Used, Rejected Use the data in the following table to understand the show ip bgp neighbors <A.B.C.D> advertised-route command output. Field NETWORK/MASK PEER REM ADDR NEXTHOP ADDRESS ORG Description Specifies the IP mask of the advertised route. Specifies the IP address of the remote peer. Specifies the IP address of the next hop. Specifies the source of a route: IGP the route is interior to the originating AS that inserts this route into the BGP table (0 = IGP). EGP the route is learned through the Exterior Gateway Protocol (EGP) prior to being inserted into the BGP table (1 = BGP). October 2014 Configuration BGP Services 157

158 BGP configuration using the ACLI Field LOCAL PREF STATUS Description Incomplete the origin of the route is unknown or learned by some other means. For example, these routes could be learned through RIP, OSPF, or static routes (2 = Incomplete). Specifies the local preference. Specifies the route status: Accepted, Best, Used, Rejected Viewing BGP peer group information Display information about BGP peer groups. Procedure steps 1. Display information about BGP peer groups: show ip bgp peer-group [<WORD >] [vrf <WORD 0-64>] [vrfids <0-255>] definitions Use the data in the following table to use the show ip bgp peer-group command. <WORD > vrf <WORD 0-64> vrfids <0-255> Specifies the name of the peer group. Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Viewing BGP IP VPN routes Display information about IP VPN routes. This procedure is not supported with BGP+. Procedure steps 1. Display information about BGP routes: show ip bgp vpnv4 [<prefix/len>] [longer-prefixes] [community] [extcommunity] [vrf <WORD 0-64>] [vrfids <0-255>] definitions Use the data in the following table to use the show ip bgp vpnv4 command. <prefix/len> Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). 158 Configuration BGP Services October 2014

159 BGP show commands longer-prefixes community ext-community vrf <WORD 0-64> vrfids <0-255> Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Enables the display of community attributes. Enables the display of extended community attributes. Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp route-vpnv4 command output Use the data in the following table to understand the show ip bgp vpnv4 command output. Field NETWORK/MASK PEER REM ADDR NEXTHOP ADDRESS ORG LOC PREF SVC LABEL Description Specifies the network IP address and exact subnet mask. Specifies the IP address of the remote peer. Specifies the IP address of the next-hop router. Specifies the ultimate origin of the path information: IGB = Networks are interior EGB = Networks learned through an EGP INC (Incomplete) = Undetermined Specifies the local preference. Specifies the route service label. Viewing BGP routes Display information about BGP routes. This procedure does not display IPv6 BGP+ routes. Procedure steps 1. Display information about BGP routes: show ip bgp route [<prefix/len>] [longer-prefixes] [community <enable disable>] [ip <A.B.C.D>] [vrf <WORD 0-64>] [vrfids <0-255>] definitions Use the data in the following table to use the show ip bgp route command. <prefix/len> Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). October 2014 Configuration BGP Services 159

160 BGP configuration using the ACLI community <enable disable> ip <A.B.C.D> longer-prefixes vrf <WORD 0-64> vrfids <0-255> Enables or disables the display of community attributes. Specifies an IP address. Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 32 (for example, show from prefix a.b.c.d/len to a.b.c./32). Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp route command output Use the data in the following table to understand the show ip bgp route command output. Field NETWORK/MASK PEER REM ADDR NEXTHOP ADDRESS ORG LOCAL PREF Description Specifies the path prefix address. Specifies the remote peer address. Specifies the BGP next hop address. Specifies the route origin: INC (incomplete), IGP, EGP. Specifies the local preference. Viewing IPv6 BGP+ routes Display information about BGP routes. Procedure steps 1. Display information about BGP routes: show bgp ipv6 route [<prefix/len>] [longer-prefixes] [community <enable disable>] [ipv6 <ipv6-addr>] definitions Use the data in the following table to use the show ip bgp route command. <prefix/len> community <enable disable> [ipv6 <ipv6-addr>] longer-prefixes Shows paths with this prefix. The prefix is the IP address and exact mask length (must be an integer value between 0 and 32). Enables or disables the display of community attributes. Specifies an IPv6 address. Shows long prefixes. The longer-prefixes indicate the mask length from any specified prefix to 128 (for example, show from prefix X:X::X:X/len to X:X::X:X/128). 160 Configuration BGP Services October 2014

161 BGP show commands Job aid: show bgp ipv6 route command output Use the data in the following table to understand the show bgp ipv6 route command output. Field NETWORK/MASK PEER REM ADDR NEXTHOP ADDRESS ORG LOC PREF Description Specifies the path prefix address. Specifies the remote peer address. Specifies the BGP next hop address. Specifies the route origin: INC (incomplete), IGP, EGP. Specifies the local preference. Viewing a summary of BGP configurations Display summarized information about BGP. This procedure applies to BGP+ as well as IPv4 BGP. Procedure steps 1. Display summarized information about BGP: show ip bgp summary [vrf <WORD 0-64>] [vrfids <0-255>] definitions Use the data in the following table to use the show ip bgp summary command. vrf <WORD 0 64> vrfids <0 255> Specifies a VRF instance by name. Specifies a range of VRFs by ID number. Job aid: show ip bgp summary command output Use the data in the following table to understand the show ip bgp summary command output. Field BGP version local-as Identifier Decision state NEIGHBOR RMTAS STATE HLDTM Description Specifies the version of BGP that runs on the router. Specifies the local autonomous system number. Specifies the BGP identifier. Specifies the BGP process state. Specifies the IP address of the remote peer. Specifies the AS number of the remote peer. Specifies the peer operating state: Idle, Accept, Connect, Open, Open-sent, and Established. Specifies the negotiated holdtime timer. October 2014 Configuration BGP Services 161

162 BGP configuration using the ACLI Field KPALV HLDCFG KPCFG WGHT CONRTY ADVINT Description Specifies the keepalive timer. Specifies the configured holdtime timer. Specifies the configured keepalive timer. Specifies the weight value assigned to the peer. Specifies the retry timer. Specifies the advertisement interval. 162 Configuration BGP Services October 2014

163 Appendix A: BGP+ tunnel configuration examples IPv6 Tunnel configurations for BGP+ When using the BGP+ functionality, additional configurations are needed to install the routes in the IPv6 RTM and for the IPv6 traffic originated from one IPv6 island to reach the other IPv6 island. These are IPv6 tunnel and static route configurations specific to the BGP+ peers. The following sections provide example configurations showing the required IPv6 tunnel and static route configurations. Scenario 1: ebgp+ peership between two ERS 8800/8600s with IPv6 Tunneling The following figure shows a sample network containing ebgp+ peers using IPv6 tunneling. Figure 17: ebgp+ peers with IPv6 tunneling The following sections show the required configurations on each peer. R1 configuration 1. Create a routable interface: config ethernet 2/2 ip create / Assign local AS: October 2014 Configuration BGP Services 163

164 BGP+ tunnel configuration examples config ip bgp local-as Enable BGP: config ip bgp enable 4. Enable IPv6 capabilities on the switch: config ipv6 forwarding enable 5. Configure the IPv4 BGP neighbor: config ip bgp neighbor create config ip bgp neighbor remote-as Specify that this connection needs to negotiate BGP+ capabilities: config ip bgp neighbor address-family ipv6 enable config ip bgp neighbor admin-state enable 7. Create an IPv6 tunnel for IPv6 over IPv4 functionality: config ipv6 tunnel 10 create local-addr ipv6addr 300::1/126 remote-address Create an IPv6 static route to the BGP+ peer: config ipv6 static-route create ::ffff:c801:0102/128 cost 1 tunnel 10 This is an IPv6 mapped IP. This configuration assumes that the Peer IP is going to be the next hop for the routes advertised by it. In other scenarios, if the peer is not the next hop, the static route should point to the next hop for the routes to be installed. Multiple Static routes can be configured using the same tunnel provided that basic care is taken while creating them for reachability. R2 configuration The following shows the configuration for R2: 1. Configure ebgp+ on R2: config ethernet 4/32 ip create / config ip bgp local-as config ip bgp enable config ipv6 forwarding enable config ip bgp neighbor create config ip bgp neighbor remote-as config ip bgp neighbor addressfamily ipv6 enable config ip bgp neighbor admin-state enable config ipv6 tunnel 10 create local-addr ipv6addr 300::2/126 remote-address config ipv6 static-route create ::ffff:c801:0101/128 cost 1 tunnel Configuration BGP Services October 2014

165 Scenario 2: ibgp+ peership on CLIP between two ERS 8800/8600s with IPv6 Tunneling Scenario 2: ibgp+ peership on CLIP between two ERS 8800/8600s with IPv6 Tunneling The following figure shows a sample network containing ibgp+ peers using IPv6 tunneling on CLIP interfaces. Figure 18: ibgp+ peers on CLIP interfaces with IPv6 tunneling The following sections show the required configurations on each peer. R1 configuration 1. Create a routable interface: config ethernet 2/2 ip create / Enable OSPF on the interface: config ethernet 2/2 ip ospf enable You must enable OSPF on the interface and globally as well. If this is not possible, configure static routes to provide reachability to the BGP+ peer. 3. Configure the CLIP interface: config ip circuitless-ip-int 1 create /32 config ip circuitless-ip-int 1 ospf enable 4. Enable OSPF globally: config ip ospf enable 5. Configure BGP: config ip bgp local-as config ip bgp enable 6. Enable IPv6 capabilities on the switch: config ipv6 forwarding enable October 2014 Configuration BGP Services 165