DE-CIX Academy: BGP 05. Notice of Liability. Links visited during the webinar. The Big Picture

Similar documents
DE-CIX Academy: BGP Introduction. Notice of Liability. BGP Configuration Examples. Network Diagram for all examples. Links and Examples

DE-CIX Academy: BGP - Multihoming

BGP4 workshop scenario

How BGP Routers Use the Multi Exit Discriminator for Best Path Selection

BGP Attributes and Policy Control

LAB16: BGP IPv6. BGP: Route Reflector. Disclaimer

BGP Attributes and Policy Control

BGP Attributes and Path Selection

Connecting to a Service Provider Using External BGP

CertifyMe. CertifyMe

Configuring BGP. Cisco s BGP Implementation

Topology for: EIGRP, BGP, Redistribution

Multihoming with BGP and NAT

BGP Attributes and Policy Control

Configuring basic MBGP

BGP Multihoming ISP/IXP Workshops

internet technologies and standards

Chapter 17 BGP4 Commands

BGP Routing and BGP Policy. BGP Routing. Agenda. BGP Routing Information Base. L47 - BGP Routing. L47 - BGP Routing

BGP made easy. John van Oppen Spectrum Networks / AS11404

Ravi Chandra cisco Systems Cisco Systems Confidential

2016/01/17 04:05 1/19 Basic BGP Lab

BGP Commands. Network Protocols Command Reference, Part 1 P1R-355

BGP Multihoming. ISP/IXP Workshops

LAB1: BGP IPv4. BGP: Initial Config. Disclaimer

HP 5920 & 5900 Switch Series

BGP in the Internet Best Current Practices

2016/09/07 08:37 1/5 Internal BGP Lab. Set up Internal BGP (ibgp) within the each Group autonomous system to carry routing information within the AS.

Cisco CISCO Configuring BGP on Cisco Routers Exam. Practice Test. Version

BGP and the Internet. Why Multihome? Why Multihome? Why Multihome? Why Multihome? Why Multihome? Redundancy. Reliability

BGP Commands. Network Protocols Command Reference, Part 1 P1R-355

LACNIC XIII. Using BGP for Traffic Engineering in an ISP

Module 6 Implementing BGP

This appendix contains supplementary Border Gateway Protocol (BGP) information and covers the following topics:

Module 16 An Internet Exchange Point

Table of Contents 1 MBGP Configuration 1-1

Multihoming Techniques. bdnog8 May 4 8, 2018 Jashore, Bangladesh.

IPv4/IPv6 BGP Routing Workshop. Organized by:

BGP mvpn BGP safi IPv4

Configuring BGP on Cisco Routers Volume 1

MPLS VPN Route Target Rewrite

HP FlexFabric 7900 Switch Series

BGP Commands: M through N

IPv6 Module 16 An IPv6 Internet Exchange Point

prefix filtering netkit-lab-bgp-1

BGP for Internet Service Providers

BGP and the Internet

Q&As. CCIP Configuring BGP on Cisco Routers (BGP) Pass Cisco Exam with 100% Guarantee

BGP. Attributes 2005/03/11. (C) Herbert Haas

BGP Attributes and Policy Control. BGP Attributes. Agenda. What Is an Attribute? AS-Path. AS-Path loop detection. BGP Attributes

Chapter 6 Lab 6-4, BGP Route Reflectors and Route Filters

Contents. Introduction. Prerequisites. Configure. Requirements. Components Used

Chapter 20 IPv6 BGP Unicast Address Family Commands

BGP. BGP Overview. BGP Operation. BGP Neighbors

Connecting to a Service Provider Using External BGP

Vendor: Alcatel-Lucent. Exam Code: 4A Exam Name: Alcatel-Lucent Border Gateway Protocol. Version: Demo

BGP Tutorial AFNOG2000 Class IP Assignments

BraindumpStudy. BraindumpStudy Exam Dumps, High Pass Rate!

Module 7 BGP Route Reflector Lab

HPE FlexFabric 5940 Switch Series

FiberstoreOS BGP Command Line Reference

Multihoming Case Study

BGP for Internet Service Providers

BGP Attributes and Policy Control. BGP Attributes. BGP Attributes. Agenda. What Is an Attribute? AS-Path. ISP/IXP Workshops.

ECMP Load Balancing. MPLS: Layer 3 VPNs Configuration Guide, Cisco IOS XE Release 3S (Cisco ASR 900 Series) 1

MPLS VPN Inter-AS with ASBRs Exchanging VPN-IPv4 Addresses

ISP Border Definition. Alexander Azimov

BGP Multihoming Techniques

MPLS VPN C H A P T E R S U P P L E M E N T. BGP Advertising IPv4 Prefixes with a Label

BGP Multihoming Techniques

Introduction to BGP. ISP Workshops. Last updated 30 October 2013

BGP Graceful Shutdown

Configure the IPv6 BGP Local Preference Feature

IBGP internals. BGP Advanced Topics. Agenda. BGP Continuity 1. L49 - BGP Advanced Topics. L49 - BGP Advanced Topics

8/28/2014. MikroTik RouterOS Training. Inter-Networking. Internetworking 1. Overview. Lab Setup. Lab Setup. Autonomous system BGP MPLS

Page1. Cisco IOS Software, Linux Software (I86BI_LINUX-ADVENTERPRISEK9-M), Version 15.2(4)M1, DEVELOPMENT TEST SOFTWARE

BGP Feed Configuration Memo

Module 14 Transit. Objective: To investigate methods for providing transit services. Prerequisites: Modules 12 and 13, and the Transit Presentation

InterAS Option B. Information About InterAS. InterAS and ASBR

Module 4 BGP-LS Configuration Lab

Chapter 13 Configuring BGP4

Border Gateway Protocol - BGP

Internet inter-as routing: BGP

Brocade Vyatta Network OS Routing Policies Configuration Guide, 5.2R1

Operation Manual MCE H3C S3610&S5510 Series Ethernet Switches. Table of Contents

BGP Operations and Security. Training Course

Service Provider Multihoming

Brocade 5600 vrouter Routing Policies Configuration Guide

IOS Implementation of the ibgp PE CE Feature

The Access Tier ISP, considering upstream connectivity

IPv6 Module 6 ibgp and Basic ebgp

Introduction to BGP ISP/IXP Workshops

IPv6 Switching: Provider Edge Router over MPLS

BGP Multihoming Techniques

Border Gateway Protocol

Configuring Multicast VPN Inter-AS Support

Routing Implementation

BGP and the Internet. Enterprise Multihoming. Enterprise Multihoming. Medium/Large ISP Multihoming. Enterprise Multihoming. Enterprise Multihoming

Exam : Title : BGP + MPLS Exam (BGP + MPLS)

BGP. Autonomous system (AS) BGP version 4. Definition (AS Autonomous System)

Transcription:

Notice of Liability Despite careful checking of content, we accept no liability for the content of external links. Content on linked sites is exclusively the responsibility of the respective website operator. Links visited during the webinar ISIS Routing Protocol: https://www.iso.org/standard/30932.html BGP Route Reflectors: https://www.rfc-editor.org/info/rfc4456 BGP Communities: Standard: http://www.rfc-editor.org/info/rfc1997 and http://www.rfc-editor.org/info/rfc1998 Extended: http://www.rfc-editor.org/info/rfc4360 and http://www.rfc-editor.org/info/rfc5668 Large: http://www.rfc-editor.org/info/rfc8092 and http://www.rfc-editor.org/info/rfc8195 Regular expressions: Concept: https://en.wikipedia.org/wiki/regular_expression In Cisco IOS: https://www.cisco.com/c/en/us/td/docs/ios/12_2s/feature/guide/fsnextcl.html https://www.cisco.com/c/en/us/td/docs/ios/12_2/termserv/configuration/guide/ftersv_c/ tcfaapre.html#wp1022889 Cisco Route-Maps http://www.ciscopress.com/articles/article.asp?p=426637&seqnum=2 Tools for network emulation: GNS3: https://www.gns3.com Mikrotik router image: https://mikrotik.com/download (use Cloud Hosted Router)

Example Network GNS3 is used to emulate the routers in our example network. We are using Cisco routers with IOS. Routers in AS64500 are named R1-R4 and are "properly" configured, while routers in the other Autonomous Systems are just there to do BGP to AS64500 and are not "properly" configured.

DE-CIX Academy: BGP 05 Cisco IOS Router Configurations - AS64500 R1 hostname R1 interface Loopback0 ip address 192.168.1.1 255.255.255.255 We are using IS-IS as IGP. This is to enable it on this interface GigabitEthernet0/0 description to R3 interface and to announce ip address 192.168.2.1 255.255.255.252 the interfaces address. interface GigabitEthernet1/0 description to R2 ip address 192.168.2.5 255.255.255.252 interface GigabitEthernet2/0 No IS-IS to description to AS64496 Upstream ip address 10.96.1.2 255.255.255.252 router isis net 49.0000.0000.0000.0001.00 This number needs router bgp 64500 neighbor internal peer-group to be unique in your neighbor internal remote-as 64500 network neighbor internal update-source Loopback0 neighbor internal next-hop-self neighbor internal send-community both neighbor upstream peer-group neighbor upstream soft-reconfiguration inbound neighbor upstream route-map upstream-in in neighbor upstream route-map upstream-out out neighbor 10.96.1.1 remote-as 64496 neighbor 10.96.1.1 peer-group upstream neighbor 192.168.1.2 peer-group internal neighbor 192.168.1.3 peer-group internal ip bgp-community new-format ip community-list expanded announce-to-customers permit 64500:4[1357][0-9][0-9][0-9] ip community-list expanded announce-to-peers permit 64500:4[2367][0-9][0-9][0-9]i ip community-list expanded announce-to-upstream permit 64500:4[4567][0-9][0-9][0-9] ip community-list expanded delete-my-communities permit 64500:.*

route-map upstream-in permit 100 set metric 0 set local-preference 10 set comm-list delete-my-communities delete set community 64500:41000 additive route-map upstream-in deny 65000 route-map upstream-out permit 100 match community announce-to-upstream set metric 0 route-map upstream-out deny 65000 end We set community 64500:41000 here This matches against "announce-tocustomers" on other routers. R2 hostname R2 interface Loopback0 ip address 192.168.1.2 255.255.255.255 interface GigabitEthernet0/0 description to R3 ip address 192.168.2.9 255.255.255.252 interface GigabitEthernet1/0 description to R1 ip address 192.168.2.6 255.255.255.252 interface GigabitEthernet2/0 description to AS64497 ip address 10.97.1.2 255.255.255.252 interface GigabitEthernet3/0 description to DE-CIX / AS517 ip address 80.81.192.200 255.255.252.0 router isis net 49.0000.0000.0000.0002.00 router bgp 64500 neighbor internal peer-group neighbor internal remote-as 64500 neighbor internal update-source Loopback0

neighbor internal next-hop-self neighbor internal send-community both neighbor upstream peer-group neighbor upstream soft-reconfiguration inbound neighbor upstream route-map upstream-in in neighbor upstream route-map upstream-out out neighbor peering peer-group neighbor peering soft-reconfiguration inbound neighbor peering route-map peering-in in neighbor peering route-map peering-out out neighbor 10.97.1.1 remote-as 64497 neighbor 10.97.1.1 peer-group upstream neighbor 80.81.193.17 remote-as 517 neighbor 80.81.193.17 peer-group peering neighbor 192.168.1.1 peer-group internal neighbor 192.168.1.3 peer-group internal ip bgp-community new-format ip community-list expanded announce-to-customers permit 64500:4[1357][0-9][0-9][0-9] ip community-list expanded announce-to-peers permit 64500:4[2367][0-9][0-9][0-9] ip community-list expanded announce-to-upstream permit 64500:4[4567][0-9][0-9][0-9] ip community-list expanded delete-my-communities permit 64500:.* route-map peering-out permit 100 match community announce-to-peers set metric 0 set comm-list delete-my-communities delete route-map peering-out deny 65000 route-map upstream-in permit 100 set local-preference 10 set comm-list delete-my-communities delete set community 64500:41000 additive route-map upstream-in deny 65000 route-map peering-in permit 100 set local-preference 1000 set comm-list delete-my-communities delete set community 64500:41000 additive route-map peering-in deny 65000 route-map upstream-out permit 100 match community announce-to-upstream set metric 0 set comm-list delete-my-communities delete route-map upstream-out deny 65000 end All communities starting with "64500:" get deleted when sending and receiving prefixes

R3 (at start) hostname R3 interface GigabitEthernet0/0 description to R1 ip address 192.168.2.2 255.255.255.252 interface GigabitEthernet1/0 description to R2 ip address 192.168.2.10 255.255.255.252 interface GigabitEthernet2/0 description to R4 ip address 192.168.2.13 255.255.255.252 interface GigabitEthernet3/0 description to AS64511 ip address 192.168.3.1 255.255.255.252 ip bgp-community new-format end R4 hostname R4 interface Loopback0 ip address 192.168.1.4 255.255.255.255 interface GigabitEthernet0/0 description to R3 ip address 192.168.2.14 255.255.255.252 router isis net 49.0000.0000.0000.0004.00 router bgp 64500 redistribute static metric 0 route-map static-to-bgp neighbor internal peer-group neighbor internal remote-as 64500 neighbor internal next-hop-self neighbor internal send-community both neighbor 192.168.2.13 peer-group internal Only one ibgp neighbor is needed for a route-reflector client

ip bgp-community new-format ip route 192.168.200.0 255.255.255.0 Null0 tag 40000 route-map static-to-bgp permit 100 match tag 41000 set community 64500:41000 route-map static-to-bgp permit 200 match tag 42000 set community 64500:42000 route-map static-to-bgp permit 300 match tag 43000 set community 64500:43000 route-map static-to-bgp permit 400 match tag 44000 set community 64500:44000 route-map static-to-bgp permit 500 match tag 45000 set community 64500:45000 route-map static-to-bgp permit 600 match tag 46000 set community 64500:46000 route-map static-to-bgp permit 700 match tag 47000 set community 64500:47000 route-map static-to-bgp permit 1000 match tag 40000 set community no-export route-map static-to-bgp deny 10000 end Static prefix to be redistributed into BGP and not announced to anybody

Router Configs: Neighbor Networks Neighbor networks use minimal configuration only. AS64511 - "Customer" Network hostname AS64511 interface GigabitEthernet0/0 description to AS64500 R3 ip address 192.168.3.2 255.255.255.252 router bgp 64511 network 172.16.1.0 mask 255.255.255.0 neighbor upstream peer-group neighbor upstream send-community both neighbor upstream route-map upstream-in in neighbor upstream route-map upstream-out out neighbor 192.168.3.1 remote-as 64500 neighbor 192.168.3.1 peer-group upstream ip bgp-community new-format ip route 172.16.1.0 255.255.255.0 Null0 route-map upstream-in permit 100 route-map upstream-out permit 100 set community 286:33 64500:1 64500:1234 end Here we set some BGP communities to test AS64500's incoming filters

AS64496 - "Upstream Provider" hostname AS64496 interface GigabitEthernet0/0 description to AS64500 R1 ip address 10.96.1.1 255.255.255.252 interface GigabitEthernet1/0 description to AS517 ip address 10.96.1.5 255.255.255.252 router bgp 64496 network 10.96.0.0 mask 255.255.0.0 neighbor customer peer-group neighbor customer send-community both neighbor customer route-map customer-in in neighbor customer route-map customer-out out neighbor 10.96.1.2 remote-as 64500 neighbor 10.96.1.2 peer-group customer neighbor 10.96.1.6 remote-as 517 neighbor 10.96.1.6 peer-group customer ip route 10.96.0.0 255.255.0.0 Null0 route-map customer-in permit 100 route-map customer-out permit 100 end We announce one prefix and let through whatever AS517 announces

AS64497 - "Upstream Provider" hostname AS64497 interface GigabitEthernet0/0 description to AS64500 R2 ip address 10.97.1.1 255.255.255.252 interface GigabitEthernet1/0 description to AS517 ip address 10.97.1.5 255.255.255.252 router bgp 64497 network 10.97.0.0 mask 255.255.0.0 neighbor customer peer-group neighbor customer send-community both neighbor customer route-map customer-in in neighbor customer route-map customer-out out neighbor 10.97.1.2 remote-as 64500 neighbor 10.97.1.2 peer-group customer neighbor 10.97.1.6 remote-as 517 neighbor 10.97.1.6 peer-group customer ip bgp-community new-format ip route 10.97.0.0 255.255.0.0 Null0 route-map customer-in permit 100 route-map customer-out permit 100 end We announce one prefix and let through whatever AS517 announces

AS517 - "some provider who peers" hostname AS517 interface GigabitEthernet0/0 description to AS64496 ip address 10.96.1.6 255.255.255.252 interface GigabitEthernet1/0 description to AS64497 ip address 10.97.1.6 255.255.255.252 interface GigabitEthernet2/0 description to DE-CIX ip address 80.81.193.17 255.255.252.0 router bgp 517 network 172.17.1.0 mask 255.255.255.0 network 172.17.2.0 mask 255.255.255.0 neighbor upstream peer-group neighbor upstream send-community both neighbor upstream route-map upstream-in in neighbor upstream route-map upstream-out out neighbor peering peer-group neighbor peering send-community both neighbor peering route-map peering-in in neighbor peering route-map peering-out out neighbor 10.96.1.5 remote-as 64496 neighbor 10.96.1.5 peer-group upstream neighbor 10.97.1.5 remote-as 64497 neighbor 10.97.1.5 peer-group upstream neighbor 80.81.192.200 remote-as 64500 neighbor 80.81.192.200 peer-group peering ip route 172.17.1.0 255.255.255.0 Null0 ip route 172.17.2.0 255.255.255.0 Null0 ip prefix-list via-peering seq 10 permit 172.17.1.0/24 ip prefix-list via-upstream seq 5 permit 172.17.1.0/24 ip prefix-list via-upstream seq 10 permit 172.17.2.0/24 route-map peering-in permit 100 route-map peering-out permit 100 match ip address prefix-list via-peering route-map upstream-in permit 100 route-map upstream-out permit 100 match ip address prefix-list via-upstream end AS517 is Transit Provider but also peers with AS64500 Prefix 172.17.1.0/24 is announced via transit and via peering Prefix 172.17.2.0/24 is announced via transit only

Experiments During the webinar on router R3 the following experiments are performed. Experiment 1: Setup IS-IS as IGP Here we add a Loopback interface and configure IS-IS on all internal interfaces (although it is not really necessary on interface gig 2/0 to R4). int Loopback0 ip address 192.168.1.3 255.255.255.255 int gig 0/0 int gig 1/0 int gig 2/0 router isis net 49.0000.0000.0000.0003.00 Experiment 2a: Setup fully meshed ibgp to R1 and R2 router bgp 64500 neighbor internal peer-group neighbor internal remote-as 64500 neighbor internal next-hop-self neighbor internal send-community both neighbor internal update-source loopback 0 neighbor 192.168.1.1 peer-group internal neighbor 192.168.1.2 peer-group internal

Experiment 2b: Setup R4 as route reflector client router bgp 64500 neighbor internal-rr peer-group neighbor internal-rr remote-as 64500 neighbor internal-rr route-reflector-client neighbor internal-rr next-hop-self all neighbor internal-rr send-community both neighbor 192.168.2.14 peer-group internal-rr Experiment 3: Setup ebgp to customer AS64511 router bgp 64500 neighbor customer peer-group neighbor customer send-community both neighbor customer soft-reconfiguration inbound neighbor customer route-map customer-in in neighbor customer route-map customer-out out neighbor 192.168.3.2 peer-group customer ip community-list expanded delete-incoming permit 64500:[0-35-9][0-9]* route-map customer-in permit 100 set metric 0 set local-preference 10000 set comm-list delete-incoming delete continue ip community-list expanded announce-community-set permit 64500:4[0-9][0-9][0-9][0-9] route-map customer-in permit 200 match community announce-community-set route-map customer-in permit 300 set community 64500:47000 additive route-map customer-in deny 65000 ip community-list expanded announce-to-customers permit 64500:4[1357][0-9][0-9][0-9] route-map customer-out permit 100 match community announce-to-customers set metric 0 set comm-list announce-to-customers delete route-map customer-out deny 65000

Experiment 4: Adding our own prefixes to BGP ip route 192.168.0.0 255.255.0.0 Null0 tag 47000 router bgp 64500 redistribute static metric 0 route-map static-to-bgp route-map static-to-bgp permit 100 match tag 41000 set community 64500:41000 route-map static-to-bgp permit 200 match tag 42000 set community 64500:42000 route-map static-to-bgp permit 300 match tag 43000 set community 64500:43000 route-map static-to-bgp permit 400 match tag 44000 set community 64500:44000 route-map static-to-bgp permit 500 match tag 45000 set community 64500:45000 route-map static-to-bgp permit 600 match tag 46000 set community 64500:46000 route-map static-to-bgp permit 700 match tag 47000 set community 64500:47000 route-map static-to-bgp permit 1000 match tag 40000 set community no-export route-map static-to-bgp deny 10000

DE-CIX Academy: BGP 05 Router R3 (final, after all configs are added) hostname R3 interface Loopback0 ip address 192.168.1.3 255.255.255.255 interface GigabitEthernet0/0 description to R1 ip address 192.168.2.2 255.255.255.252 interface GigabitEthernet1/0 description to R2 ip address 192.168.2.10 255.255.255.252 interface GigabitEthernet2/0 description to R4 ip address 192.168.2.13 255.255.255.252 interface GigabitEthernet3/0 description to AS64511 ip address 192.168.3.1 255.255.255.252 router isis net 49.0000.0000.0000.0003.00 router bgp 64500 redistribute static metric 0 route-map static-to-bgp neighbor internal peer-group neighbor internal remote-as 64500 neighbor internal update-source Loopback0 neighbor internal next-hop-self neighbor internal send-community both neighbor internal-rr peer-group neighbor internal-rr remote-as 64500 neighbor internal-rr route-reflector-client neighbor internal-rr next-hop-self all neighbor internal-rr send-community both neighbor customer peer-group neighbor customer send-community both neighbor customer soft-reconfiguration inbound neighbor customer route-map customer-in in neighbor customer route-map customer-out out neighbor 192.168.1.1 peer-group internal neighbor 192.168.1.2 peer-group internal neighbor 192.168.2.14 peer-group internal-rr neighbor 192.168.3.2 remote-as 64511 neighbor 192.168.3.2 peer-group customer Here we redistribute static routes into BGP Only difference in config between a route-reflector client and a standard ibgp neighbor

DE-CIX Academy: BGP 05 ip bgp-community new-format ip community-list expanded delete-incoming permit 64500:[0-35-9][0-9]* ip community-list expanded announce-community-set permit 64500:4[0-9][0-9][0-9][0-9] ip community-list expanded announce-to-customers permit 64500:4[1357][0-9][0-9][0-9] ip route 192.168.0.0 255.255.0.0 Null0 tag 47000 Static prefix to be ip route 192.168.7.0 255.255.255.0 Null0 tag 40000 redistributed into route-map customer-in permit 100 BGP and continue announced to set metric 0 set local-preference 10000 everybody set comm-list delete-incoming delete route-map customer-in permit 200 match community announce-community-set route-map customer-in permit 300 set community 64500:47000 additive route-map customer-in deny 65000 This prefix goes into BGP but is not route-map customer-out permit 100 match community announce-to-customers announced set metric 0 externally set comm-list announce-to-customers delete route-map customer-out deny 65000 route-map static-to-bgp permit 100 match tag 41000 set community 64500:41000 route-map static-to-bgp permit 200 match tag 42000 set community 64500:42000 route-map static-to-bgp permit 300 match tag 43000 set community 64500:43000 This matches the route-map static-to-bgp permit 400 "tag" of the static match tag 44000 routes set community 64500:44000 route-map static-to-bgp permit 500 match tag 45000 set community 64500:45000 route-map static-to-bgp permit 600 match tag 46000 set community 64500:46000 route-map static-to-bgp permit 700 match tag 47000

set community 64500:47000 route-map static-to-bgp permit 1000 match tag 40000 set community no-export route-map static-to-bgp deny 10000 end Static routes with no "tag" do not get into BGP

Mikrotik Router Configurations - AS64500 Many ISPs use Mikrotik routers. As Mikrotik offers a free "Cloud Hosted Router" software image (with some limitations) I also generated a config file for Mikrotik. Note that Mikrotik does not support IS-IS, so IGP in this case is OSPF.

DE-CIX Academy: BGP 05 R1 /system identity set name=r1 Define Loopback /interface bridge add name=loopback0 /interface ethernet set [ find default-name=ether1 ] comment="to R3" set [ find default-name=ether2 ] comment="to R2" set [ find default-name=ether3 ] comment="to AS64496" /ip add add add add Interface IP Addresses address address=192.168.2.1/30 interface=ether1 network=192.168.2.0 address=192.168.2.5/30 interface=ether2 network=192.168.2.4 address=10.96.1.2/30 interface=ether3 network=10.96.1.0 address=192.168.1.1 interface=loopback0 network=192.168.1.1 /routing ospf instance set [ find default=yes ] redistribute-connected=as-type-2 router-id=192.168.1.1 /routing ospf network add area=backbone network=192.168.2.0/24 /routing bgp instance set default as=64500 router-id=192.168.1.1 OSPF as IGP /routing bgp peer add name=r2 nexthop-choice=force-self remote-address=192.168.1.2 remote-as=64500 updatesource=loopback0 add name=r3 nexthop-choice=force-self remote-address=192.168.1.3 remote-as=64500 updatesource=loopback0 add in-filter=upstream-in name=as64496 out-filter=upstream-out remote-address=10.96.1.1 remoteas=64496 /routing filter add chain=upstream-in set-bgp-communities=64500:41000 set-bgp-local-pref=10 set-bgp-med=0 add action=accept bgp-communities=64500:44000 chain=upstream-out set-bgp-med=0 add action=accept bgp-communities=64500:45000 chain=upstream-out set-bgp-med=0 add action=accept bgp-communities=64500:46000 chain=upstream-out set-bgp-med=0 add action=accept bgp-communities=64500:47000 chain=upstream-out set-bgp-med=0 add action=discard chain=upstream-out Mikrotik does not support regular expressions here So we need one rule per possible Communiy

DE-CIX Academy: BGP 05 R3 (complete) /system identity set name=r3 /interface bridge add name=loopback0 /interface set [ find set [ find set [ find set [ find /ip add add add add add ethernet default-name=ether1 default-name=ether2 default-name=ether3 default-name=ether4 ] ] ] ] comment="to comment="to comment="to comment="to Define a Loopback interface R1" R2" R4" AS64511" address address=192.168.2.2/30 interface=ether1 network=192.168.2.0 address=192.168.2.10/30 interface=ether2 network=192.168.2.8 address=192.168.2.13/30 interface=ether3 network=192.168.2.12 address=192.168.3.1/30 interface=ether4 network=192.168.3.0 address=192.168.1.3/32 interface=loopback0 network=192.168.1.3 } Set interface IP addresses /routing ospf instance set [ find default=yes ] redistribute-connected=as-type-2 router-id=192.168.1.3 /routing ospf network add area=backbone network=192.168.2.0/24 Configure OSPF /routing filter add action=accept bgp-communities=64500:40000 chain=bgp-out Configure BGP add action=accept bgp-communities=64500:41000 chain=bgp-out and add action=accept bgp-communities=64500:42000 chain=bgp-out redistribution of add action=accept bgp-communities=64500:43000 chain=bgp-out add action=accept bgp-communities=64500:44000 chain=bgp-out static routes add action=accept bgp-communities=64500:45000 chain=bgp-out add action=accept bgp-communities=64500:46000 chain=bgp-out add action=accept bgp-communities=64500:47000 chain=bgp-out add action=discard chain=bgp-out /routing bgp instance set default as=64500 out-filter=bgp-out redistribute-static=yes router-id=192.168.1.3 /routing bgp peer add name=r1 nexthop-choice=force-self remote-address=192.168.1.1 remote-as=\ 64500 update-source=loopback0 add name=r2 nexthop-choice=force-self remote-address=192.168.1.2 remote-as=\ 64500 update-source=loopback0 Configure fully meshed ibgp peers

/routing filter add chain=ibgp-rr set-out-nexthop=192.168.2.13 /routing bgp peer add name=r4 nexthop-choice=force-self out-filter=ibgp-rr remote-address=\ 192.168.2.14 remote-as=64500 route-reflect=yes update-source=ether3 add name=as64511 in-filter=customer-in out-filter=customer-out \ remote-address=192.168.3.2 remote-as=64511 /routing filter add chain=customer-in set-bgp-local-pref=10000 set-bgp-med=0 add action=accept bgp-communities=64500:41000 chain=customer-in set-bgp-communities=64500:41000 add action=accept bgp-communities=64500:42000 chain=customer-in set-bgp-communities=64500:42000 add action=accept bgp-communities=64500:43000 chain=customer-in set-bgp-communities=64500:43000 add action=accept bgp-communities=64500:44000 chain=customer-in set-bgp-communities=64500:44000 add action=accept bgp-communities=64500:45000 chain=customer-in set-bgp-communities=64500:45000 add action=accept bgp-communities=64500:46000 chain=customer-in set-bgp-communities=64500:46000 add action=accept bgp-communities=64500:47000 chain=customer-in set-bgp-communities=64500:47000 add action=accept chain=customer-in set-bgp-communities=64500:47000 add action=accept bgp-communities=64500:41000 chain=customer-out \ set-bgp-communities="" set-bgp-med=0 add action=accept bgp-communities=64500:43000 chain=customer-out \ set-bgp-communities="" set-bgp-med=0 add action=accept bgp-communities=64500:45000 chain=customer-out \ set-bgp-communities="" set-bgp-med=0 add action=accept bgp-communities=64500:47000 chain=customer-out \ set-bgp-communities="" set-bgp-med=0 add action=discard chain=customer-out

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback