Border Gateway Protocol (BGP)

Disclaimer: 
===========
All the text written here is sometimes my interpretation of data and sometimes exact words
written in different websites, tutorials, white paper, books and other online and offline sources.
This text is mainly for my personal reference. Thanks.

	- BGP is a path-vector routing protocol used for inter-AS routing.
	- Although while setting up BGP, both eBGP and iBGP sessions have to be configured.
	- Some important tips:
		a. when you setting up bgp, use commands such as "sh ip bgp", "sh ip bgp summary"to verify the neighbor
		   formation.
		b. while setting up both ibgp or ebgp, use loopback addresses to form adjacencies.
		c. important things to read about: "update-source", "next-hop-self", "ebgp-multihop" for ebgp sessions and synchronization.
		d. synchronization:
		   ================
		   Synchronization can be turned on or off by typing "synchronization" or "no synchronization" once you are in
		   router config prompt. Synchronization means that when your AS is acting as a transit and transferring data
		   coming from one peering AS to another peering AS, then one thing becomes extremely important that border routers
		   should not announce the external routes over ebgp to peering ASes unless the IGP is aware of the routes. This is
		   necessary because unless IGP is aware of the routes, it will not be possible to route the transit data.
		e. When there are core routers in your network which are only running IGP and no iBGP, then they will not come to know
		   about external(customer) routes. And hence, if a packet comes to them, they will drop it. See a link to a  nice thread 
		   on my homepage about the same. There is also a nice BGP Current Best Practices presentation link on my homepage.
		   To solve this issue, there are multiple solutions (now I am quoting from that link):
		     a. redistribute BGP routes in IGP (not the preferred approach).
		     b. run iBGP on all the routers in your network which can be in the transit path connecting edge routers,
			    for example, backbone routers.
		  

Configuring BGP:
=================
	- Configuring bgp would require two broad steps:
		a. configure ebgp
		b. configure ibgp
	- Before you start configuring ebgp or ibgp, configure a loopback address on all the routers.
		a. run commands:
			router> enable
			router# conf t
			router(config)# interface loopback 0
			router(config-if)# ip address 1.1.1.1 255.255.255.255 
			router(config-if)# end
	- Once you have configured loopback addresses on all the PE routers, now start forming the eBGP sessions.
	  I am not too sure whether you should do ibgp before ebgp or otherwise but my guess is ibgp before ebgp.
	  Still, this is a practice session, so no worries, eventually everything should work together.
	- Forming eBGP sessions is very easy. Commands to be executed are:
		router> enable
		router# conf t
		router(config)# router bgp 300, here 300 is the AS number
		router(config-router)# neighbor 2.2.2.2 remote-as 100, where 100 is the AS number of the peering ebgp router.
		router(config-router)# network 11.11.11.0 mask 255.255.255.0
		router(config-router)# end
		note: We do not do update-source and next-hop-self because the ip addresses used to form the ebgp adjacency
		===== need not be routable, means, in general, you should not be able to ping them from anywhere except
			  being on the nodes forming the adjacency.

	- Forming ibgp sessions is supposed to be done before ebgp.
		router> enable
		router# conf t
		router(config)# router bgp 100, here 100 is the AS number
		router(config-router)# neighbor 2.2.2.2 remote-as 100, where 100 is the AS number of the peering ibgp router.
		router(config-router)# network 11.11.11.0 mask 255.255.255.0, XXXX we do not do this step because in ibgp
								sessions, routers do not have any network addresses to announce. Not sure about
								customers with IGP ip addresses allocated, may be static routes need to be included
								in ibgp sessions.
		router(config-router)# neighbor 2.2.2.2 update-source lo0
		router(config-router)# neighbor 2.2.2.2 next-hop-self
		router(config-router)# end

Global notes:
=============
1) In general, when everything is setup, you shouldn't be able to ping any customer machine from inside the 
   ISP network and any machine in the ISP network from customer machines. But you should be able to ping
   customer machines from customer machines. Even traceroutes would show all the intermediate ISP nodes
   when done from a customer machines to another customer machines. But anything originating from customer
   machine headed for ISP machine can go beyond CE router because ISP ip addresses are not known outside.
   Basically connectivity is one way, from inside ISP network to outside but not the other way around.
Security Systems
The University of Southern California does not screen or control the content on this website and thus does not guarantee the accuracy, integrity, or quality of such content. All content on this website is provided by and is the sole responsibility of the person from which such content originated, and such content does not necessarily reflect the opinions of the University administration or the Board of Trustees