BGP is a routing protocol that is used by ISPs on the internet to communicate routing information, and if you want to connect to more than one ISP, chances are you'll need to run it.
If you want to multi-home to two or more ISPs, you will need to run BGP, and to run BGP, you need to get an Autonomous System Number (ASN). ARIN allocates ASNs, and you'll need to download and complete the form at ftp://ftp.arin.net/templates/asntemplate.txt to get allocated one. There is a fee, and ARIN will not release the ASN number until they are paid. ASNs are simply a number between 1 and 65355. For instance BBNPlanet is AS 1, UUNet is 701, Sprint is 1239 and MCI is 3561.
Let's assume that you are allocated AS 65301 and that your network is 10.1.2.0/24. For our example we'll assume that you're connecting to Savvis (AS 6347) and Sprint (AS 1239). Say that the serial port addresses for Savvis as 10.6.6.2 on the near side and 10.6.6.3 on the Savvis side and for Sprint we'll use 10.25.9.109 on the near side and 10.25.9.110 on Sprint's side.
Let's say we have a Cisco 4700 - to run BGP you'll need to generally have at least 64M of ram.
First we'll create an as-path access-list for using as a filter for our announcements to both carriers.
cisco# config term Enter configuration commands, one per line. End with CNTL/Z. cisco(config)# ip as-path access-list 1 permit ^$ cisco(config)# ip bgp new cisco(config)# ^Z cisco#as-path access lists are regexp filters on AS patches, the above access lists matches only on an empty AS path, which is a way of saying only our internal routes.
I generally use a BGP community mechanism in addition to simple AS-PATH
filters (or instead of, in more complex installations). I use the community
AS:100 (in this case 65301:100) to mark routes originating from this AS, and
then AS:
cisco# config term Enter configuration commands, one per line. End with CNTL/Z. cisco(config)# route-map ORIGINATE permit 10 cisco(config-route-map)# set community 65301:100 cisco(config-route-map)# ^Z cisco#we want to create a community access-list to further restrict outbound announcements.
cisco# config term Enter configuration commands, one per line. End with CNTL/Z. cisco(config)# ip community-list 1 permit 65301:100 cisco(config)# ^Z cisco#now we'll want to create incoming and outbound route-maps for each of our carriers.
cisco# config term Enter configuration commands, one per line. End with CNTL/Z. cisco(config)# route-map SAVVIS-IN permit 10 cisco(config-route-map)# set community 65301:6347 cisco(config-route-map)# exit cisco(config)# route-map SAVVIS-OUT permit 10 cisco(config-route-map)# match community 1 cisco(config-route-map)# exit cisco(config)# route-map SPRINT-IN permit 10 cisco(config-route-map)# set community 65301:1239 cisco(config-route-map)# exit cisco(config)# route-map SPRINT-OUT permit 10 cisco(config-route-map)# match community 1 cisco(config-route-map)# exit cisco(config)# ^Z cisco#and now we bring it all together with our BGP section:
cisco# config term Enter configuration commands, one per line. End with CNTL/Z. cisco(config)# router bgp 65301 cisco(config-router)# no sync cisco(config-router)# network 10.3.2.0 mask 255.255.255.0 route-map ORIGINATE cisco(config-router)# cisco(config-router)# neighbor 10.6.6.3 remote-as 6347 cisco(config-router)# neighbor 10.6.6.3 filter 1 out cisco(config-router)# neighbor 10.6.6.3 route-map SAVVIS-IN in cisco(config-router)# neighbor 10.6.6.3 route-map SAVVIS-OUT out cisco(config-router)# neighbor 10.25.9.110 remote-as 1239 cisco(config-router)# neighbor 10.25.9.110 filer 1 out cisco(config-router)# neighbor 10.25.9.110 route-map SPRINT-IN in cisco(config-router)# neighbor 10.25.9.110 route-map SPRINT-OUT out cisco(config-router)# ^Z cisco#and that's it! Now we want to see if the sessions come up - run the command 'show ip bgp sum' (the log below is from a router on which the bgp sessions have been established for some time).
cisco# show ip bgp sum BGP table version is 356818164, main routing table version 356818164 53010 network entries (103119/159030 paths) using 11296252 bytes of memory 14595 BGP path attribute entries using 2061148 bytes of memory 20122 BGP route-map cache entries using 321952 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 10.6.6.3 4 6347 486782 15121 356818164 0 0 5d14h 52402 10.25.9.110 4 1239 218911 8176 356818164 0 0 5d16h 50715 cisco#in this case, the two peers have been established for over 5 days.. in the state field on the far left, you will see 'Active' or 'OpenSent' or 'OpenConfirm' until the session is established. In older versions of IOS the State field will be blank. In some newer versions you'll see the PfxRcd in the header, and that will show the number of prefix's (routes) recieved from that neighbor.
There's other commands we can run now too.. say for instance we want to know information about the network 4.0.0.0/8 we can run the command:
cisco#show ip bgp 4.0.0.0
BGP routing table entry for 4.0.0.0/8, version 356594030
Paths: (2 available, best #2)
1239 1
10.25.9.110 from 10.25.9.110
Origin IGP, localpref 100, valid, internal, best
Community: 65301:1239
6347 1239 1
10.6.6.3 from 10.6.6.3 (206.129.255.1)
Origin IGP, localpref 100, valid, internal
Community: 65301:6347
cisco#
cisco#show ip route 4.0.0.0
Routing entry for 4.0.0.0/8, Hash 1088
Known via "bgp 65301", distance 20, metric 0
Tag 1239, type external
Last update from 10.25.9.110 5d22h ago
Routing Descriptor Blocks:
* 10.25.9.110, from 10.25.9.110, 5d22h ago
Route metric is 0, traffic share count is 1
AS Hops 3
cisco#show ip bgp 4.0.0.0 255.0.0.0 lo
BGP table version is 357082275, local router ID is 10.3.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i4.0.0.0 10.25.9.110 100 0 1239 1 i
* i 10.6.6.3 100 0 6347 1239 1 i
cisco#
You can see the details of this networks bgp attributes in the show ip
bgp output, the details of the routing information in the show ip
route output and an overview of the BGP information in the second show ip
bgp. In the BGP section we can see our two paths, one for each ISP, and we
can see that the sprint path (via AS 1239) gets chosen because it has a shorter
AS path (this is easier to see on the brief show ip bgp output on the
right side).
If we want to look at routes coming from certain AS's, we can use the show ip bgp reg command:
cisco#show ip bgp reg _7224$ BGP table version is 357084193, local router ID is 209.43.147.112 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * i204.177.154.0/23 204.201.48.10 100 0 1239 701 7224 i *>i 204.201.48.6 100 0 6347 701 7224 i * i208.192.208.0/22 204.201.48.10 100 0 1239 701 7224 i *>i 204.201.48.6 100 0 6347 701 7224 i * i208.202.218.0/23 204.201.48.10 100 0 1239 701 7224 i *>i 204.201.48.6 100 0 6347 701 7224 i * i208.216.180.0/22 204.201.48.10 100 0 1239 701 7224 i *>i 204.201.48.6 100 0 6347 701 7224 i * i208.226.120.0/22 204.201.48.10 100 0 1239 701 7224 i *>i 204.201.48.6 100 0 6347 701 7224 i * i209.191.164.0/23 204.201.48.10 100 0 1239 701 6993 7224 i *>i 204.201.48.6 100 0 6347 701 6993 7224 i cisco#This shows us all routes that originate in AS 7224 (amazon.com). We used a regular expresion to match on the AS path - any normal regular expression can be used which gives us a fair amount of flexibility.