BGP Commands

BGP Finite State Machine: Troubleshooting

(See page 108 of the Halabi book for a diagram).

1. Idle

Waiting for Start event, normally initiated by the operator (establishing new BGP session or resetting an existing session). After errors, BGP falls back to the Idle state.

After a Start event, BGP initializes, resets connect retry timer, initiates TCP transport connection, and listens for connections initiated by a remote peer.

2. Connect

BGP is waiting for a transition protocol connection to complete. If TCP transport succeeds, transition to State 4, OpenSent, and send OPEN. If not, transition to Active. If the connect retry timer expires, remain in Connect, reset the timer, and initiate a transport connection. In case of any other event, transition back to Idle.

3. Active

BGP is trying to initiate a transport protocol connection and acquire a peer. If the successful, transition to OpenSent and send OPEN. If connect retry expires, restart the timer and fall back to the Connect state. Also actively listen for connection by another peer. Go back to idle in case of other events.

Connect to Active flip-flops indicates a TCP transport problem, e.g. TCP retransmissions or unreachability of a peer.

4. OpenSent

BGP is waiting for an OPEN message from its peer. When one is received, it is checked for correctness (version number, AS number, password). If not correct, an error NOTIFICATION is sent and the system goes to Idle. If no error, then send KEEPALIVE and reset the keepalive timer. Negotiate hold time, smaller value wins. If zero, hold timer and keepalive timer are not restarted.

This state is where EBGP versus IBGP is determined, based on AS number.

5. OpenConfirm

BGP waits for KEEPALIVE or NOTIFICATION. If KEEPALIVE is received, transition to Established. If UPDATE or KEEPALIVE is received, restart the hold timer (unless the negotiated hold time is zero). If NOTIFICATION is received, transition to Idle.

Periodic KEEPALIVE messages are sent. If transport disconnect is received, transition to Idle. If an error occurs, send a NOTIFICATION with the error code, then go to Idle.

6. Established

This is the final stage of neighbor negotiation. BGP exchanges updates with its peers. If a NOTIFICATION is received, the system transitions to Idle. Updates are checked for errors. If an error is found, a NOTIFICATION is sent, and the system goes to Idle. In case of hold time expiration, disconnect by transport, Stop event received, or other such events, the system falls back to Idle.

BGP Configuration Commands in IOS

To create an aggregate route summary in the BGP routing table:

aggregate-address with no arguments creates an aggregate entry in the BGP routing table if there are any more-specific BGP routes that fall in the specified range. The aggregate is advertised as coming from your autonomous system with the atomic aggregate attribute, to show that information might be missing. (By default, unless you specify the as-set keyword.)

as-set: creates an aggregate entry, but the path advertised for this route is an AS_SET consisting of all elements in all paths that are being summarized. Do not use this form of aggregate-address when aggregating many paths, because this route then must be continually withdrawn and re-updated as autonomous system path reachability information for the summarized routes changes.

summary-only: create the aggregate route and also suppress advertisements of more-specific routes to all neighbors. If you only want to suppress advertisements to certain neighbors, you may use the neighbor distribute-list command, with caution. If a more specific route leaks out, all BGP speakers will prefer that route over the less-specific aggregate you are generating, by using longest-match routing.

suppress-map: creates the aggregate route but suppresses advertisement of the specified routes. You can use the match clauses of route maps to selectively suppress some more specific routes of the aggregate and leave others unsuppressed. IP access lists and autonomous system path access lists match statements can be used for this.

To advertise only networks and not subnets, the default behavior for BGP, use the command:

To compare MED with paths from different AS’s:

To restore the default BGP route reflector behavior, reflection from a reflector to clients:

To configure cluster ID when there is more than one route reflector:

To assign the BGP confederation identifier:

To specify which AS’s belong to the confederation:

To specify BGP route dampening (and optional parameters):

half-life: Time (in minutes) after which a penalty is decreased. Once the route has been assigned a penalty, the penalty is decreased by half after the half-life period (which is 15 minutes by default). The process of reducing the penalty happens every 5 seconds. The range of the half-life period is 1 to 45 minutes. The default is 15 minutes.

reuse: If the penalty for a flapping route decreases enough to fall below this value, the route is unsuppressed. The process of unsuppressing routes occurs at 10-second increments. The range of the reuse value is 1 to 20000; the default is 750.

suppress: A route is suppressed when its penalty exceeds this limit. The range is 1 to 20000; the default is 2000.

max-suppress-time: Maximum time (in minutes) a route can be suppressed. The range is 1 to 20000; the default is 4 times the half-life. If the half-life value is allowed to default, the maximum suppress time defaults to 60 minutes.

route-map map: Name of route map controlling where BGP route dampening is enabled.

To change the default local preference:

Here value must be in the range 0-4294967295. Higher values are more preferred. The default is 100.

To immediately reset sessions to directly adjacent external peers when the link goes down:

To allow to be redistributed into BGP:

To assign default metric (MED) for redistribution of other protocols (RIP, IGRP, EIGRP, OSPF) into BGP:

To specify the use of administrative distances other than defaults:

Here external-distance is the administrative distance (AD) for BGP external routes, a number from 1 to 255, default 20. (255 distance means to not install the route into the routing table). Internal-distanceis the BGP internal route AD, default 200. Local-distance is the AD for BGP local routes, those listed with a network router command. Default is 200. Caution: altering internal-distance is considered hazardous.

To define an AS path access-list using an AS regular expression:

Details of regular expressions are in the Dial Solutions Command Reference on the documentation CD or Web pages.

To create a BGP community list:

Here community-list-number is an integer from 1 to 99 specifying the list number. The community-number is a number from 1 to 4294967200. Multiple numbers can be specified, separated by a space. There are some special communities that can also be specified: internet, no-export, no-advertise.

Possible MATCH conditions for BGP-related route-maps:

To specify a BGP neighbor advertisement interval (minimum interval between sending BGP updates:

Default intervals are 30 seconds for external peers and 5 seconds for internal peers.

To allow to be sent to a neighbor (if necessary, subject to a route-map to inject conditionally):

To describe a neighbor:

To specify filtering of information sent to/from a neighbor, using a distribute list to filter:

To accept and attempt EBGP connections to peers that are not directly connected, with specified time-to-live in hops:

To specify a filter list for a neighbor or peer group:

(weight is an integer from 0 to 65535 to assign to incoming routes that match the AS paths in the filter-list).

To assign the maximum number of prefixes allowed from a neighbor:

(threshold is the percent of maximum the router generates warnings at, default is 75. With warning-only, when the maximum is exceeded, the peering is not terminated)

To disable next-hop processing of BGP prefixes, and set next hop to self (typically in partial mesh NBMA networks):

To specify the password for a BGP neighbor or peer group:

To configure a neighbor to be in a BGP peer group:

To create a BGP peer group:

To specify a neighbor and its remote AS number:

To apply a route map to incoming or outgoing routes to/from a neighbor:

To set up a router as a route reflector and specify a client:

To specify sending the community attribute to a neighbor:

To start storing received updates:

To allow the use of any operational interface for internal BGP TCP connections:

To hard-code the neighbor’s BGP version (for faster session establishment):

(value can be 2; the default is to use 4 and negotiate down to 2 if requested)

To assign a weight to a neighbor connection:

To specify a network BGP may advertise (if found in the routing table):

To specify a network as a backdoor route (not advertised):

To assign an absolute weight to a BGP network, over-riding any weight assigned by redistribution:

To create a BGP routing process and specify AS number:

Possible SET conditions for BGP-related route-maps:

(additive adds the community to existing communities, none removes the community attribute from any prefixes that pass the route-map)

(value is an integer from 0 to 4294967295, default 100)

(metric-value is an integer from -294967295 to 294967295)

(value is an integer from 0 to 4294967295)

(weight is an integer from 0 to 65535)

To re-enable (or turn off) IGP route synchronization with BGP:

To modify metric and tag values when the IP routing table is updated with BGP-derived routes:

To adjust BGP timers:

(keepalive is the keepalive message interval and defaults to 60 seconds. holdtime is the interval in seconds for declaring a peer dead if no keepalives are received. It defaults to 180 seconds.)

BGP EXEC Mode Commands