Scribd Logo
Upload

Welcome to Scribd!

  • 35 views

    CCNP BGP

    Uploaded by

    Fredy benites

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    CCNP BGP

    Uploaded by

    Fredy benites
    35 views14 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    35 views14 pages

    CCNP BGP

    Uploaded by

    Fredy benites

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 14

    CCNP

    ENCOR 350-401

    BGP 
    Communities – Part1
    00919886861543 ‫المدرب عبد الرحمن العلوش‬ NO_E XPORT

    www.everestacademy.in
    everestacademy.in , Mob: 00919886861543
    BGP Communities

    ❖ The BGP community is numerical value that can be assigned to a specific prefix and
    advertised to other neighbors.

    ❖ When a neighbor receives the prefix it will examine the community value and take
    proper action whether it is filtering or modifying other attributes.

    ❖ BGP communities are an optional transitive BGP attribute that can traverse from AS to
    AS. It can be set, appended, removed, or modified selectively .

    ❖ By default the community attribute is removed from the update before being sent to the
    neighbor. To allow community values to be sent to a specific neighbor the command
    neighbor x.x.x.x send-community [standard | extended | both] must be applied.

    ❖ There are three types of BGP communities:


    1. Standard community is a 32-bit value.
    2. Extended community is a 64-bit value (VPN services).
    3. Large community is a 96-bit value.

    everestacademy.in , Mob: 00919886861543


    Standard BGP Communities

    ❖ A standard BGP community is a 32-bit number (four octets) that can be included
    with a route. It can be displayed as a full 32-bit number (0 – 4,294,967,295) or as
    two 16-bit numbers (0–65535):(0–65535), commonly referred to as new format.

    ❖ RFC 1997 Reserved Values :

    0:0 to 0:65535 0x0000000 to 0x0000FFFF


    65535:0 to 65535:65535 0xFFFF0000 to 0xFFFFFFFF

    ❖ Private BGP communities follow a particular convention where the first 16 bits
    represent the AS of the community origination, and the second 16 bits represent a
    pattern defined by the originating AS.
    ❖ A private BGP community pattern can vary from organization to organization, does
    not need to be registered, and can signify geographic locations for one AS while
    indicating a method of route advertisement in another AS.

    ❖ Use the global configuration command ip bgp-community new-format to display the


    BGP communities in new format.

    ❖ http://www.onesc.net/communities/

    everestacademy.in , Mob: 00919886861543


    BGP Well-Known Reserved Communities

    AS 65200
    R5
    eBGP
    Routes received carrying this value cannot AS 65100
    0xFFFFFF01 be advertised to EBGP peers .
    NO_EXPORT 65535:65281 If a confederation is configured, the routes R1 R3
    cannot be advertised outside of the iBGP
    confederation boundary. iBGP iBGP

    0xFFFFFF02 Routes received carrying this value cannot


    NO_ADVERTISE
    be advertised to other iBGP ore BGP peers. R2 R4
    65535:65282
    Routes received carrying this value cannot
    NO_EXPORT_SUBCONFED 0xFFFFFF03 be advertised to EBGP peers, including AS 65200
    peers in other autonomous systems within R5
    (Local-AS) 65535:65283
    a confederation. eBGP

    AS 65100
    R(config-route-map)# set community ?
    <1-4294967295> community number
    R1 R3
    aa:nn community number in aa:nn format eBGP
    gshut Graceful Shutdown (well-known community)
    iBGP AS 10 AS 20 iBGP
    internet Internet (well-known community)
    local-AS Do not send outside local AS (well-known community)
    no-advertise Do not advertise to any peer (well-known community)
    no-export Do not export to next AS (well-known community) R2 R4
    none No community attribute

    everestacademy.in , Mob: 00919886861543


    Network Scenario

    ❖ Do not allow AS 100 to become a transit AS by using NO_EXPORT community on R1 only.

    !R1 !R2
    enable enable
    conf t conf t
    interface Loopback1 interface Loopback1
    ip address 192.168.1.1 255.255.255.255 ip address 192.168.2.1 255.255.255.255
    ! !
    interface Ethernet0/0 interface Ethernet0/0
    ip address 10.12.1.1 255.255.255.0 ip address 10.12.1.2 255.255.255.0
    ! !
    interface Ethernet0/1 interface Ethernet0/1
    ip address 10.14.1.1 255.255.255.0 ip address 10.23.1.2 255.255.255.0
    ! !
    router bgp 100 router bgp 100
    bgp router-id 1.1.1.1 bgp router-id 2.2.2.2
    no bgp default ipv4-unicast no bgp default ipv4-unicast 
    neighbor 10.12.1.2 remote-as 100 neighbor 10.12.1.1 remote-as 100
    neighbor 10.14.1.4 remote-as 404 neighbor 10.23.1.3 remote-as 303
    ! !
    address-family ipv4 address-family ipv4
    redistribute connected redistribute connected
    neighbor 10.12.1.2 activate neighbor 10.12.1.1 activate
    neighbor 10.14.1.4 activate neighbor 10.23.1.3 activate
    exit-address-family exit-address-family
    end end

    everestacademy.in , Mob: 00919886861543


    Network Scenario

    ❖ Do not allow AS 100 to become a transit AS by using NO_EXPORT community on R1 only.

    !R3 !R4
    enable enable
    conf t conf t
    interface Loopback1 interface Loopback1
    ip address 192.168.3.1 255.255.255.0 ip address 192.168.4.1 255.255.255.255
    ! !
    interface Ethernet0/0 interface Ethernet0/0
    ip address 10.23.1.3 255.255.255.0 ip address 10.14.1.4 255.255.255.0
    ! !
    interface Ethernet0/1 interface Ethernet0/1
    ip address 10.36.1.3 255.255.255.0 ip address 10.45.1.4 255.255.255.0
    ! !
    router bgp 303 router bgp 404
    bgp router-id 3.3.3.3 bgp router-id 4.4.4.4
    no bgp default ipv4-unicast no bgp default ipv4-unicast 
    neighbor 10.23.1.2 remote-as 100 neighbor 10.14.1.1 remote-as 100
    neighbor 10.36.1.6 remote-as 606 neighbor 10.45.1.5 remote-as 505
    ! !
    address-family ipv4 address-family ipv4
    redistribute connected redistribute connected
    neighbor 10.23.1.2 activate neighbor 10.14.1.1 activate
    neighbor 10.36.1.6 activate neighbor 10.45.1.5 activate
    exit-address-family exit-address-family
    end end

    everestacademy.in , Mob: 00919886861543


    Network Scenario

    ❖ Do not allow AS 100 to become a transit AS by using NO_EXPORT community on R1 only.

    !R5 !R6
    enable Enable
    conf t conf t
    interface Loopback1 interface Loopback1
    ip address 192.168.5.1 255.255.255.255 ip address 192.168.6.1 255.255.255.255
    ! !
    interface Ethernet0/0 interface Ethernet0/0
    ip address 10.45.1.5 255.255.255.0 ip address 10.36.1.6 255.255.255.0
    ! !
    router bgp 505 router bgp 606
    bgp router-id 5.5.5.5 bgp router-id 6.6.6.6
    no bgp default ipv4-unicast no bgp default ipv4-unicast
    neighbor 10.45.1.4 remote-as 404 neighbor 10.36.1.3 remote-as 303 
    ! !
    address-family ipv4 address-family ipv4
    redistribute connected redistribute connected
    neighbor 10.45.1.4 activate neighbor 10.36.1.3 activate
    exit-address-family exit-address-family
    end end

    everestacademy.in , Mob: 00919886861543


    Network Scenario

    ❖ Do not allow AS 100 to become a transit AS by using NO_EXPORT community on R1 only.

    R1# conf t
    R1(config)# ip as-path access-list 1 permit _404_

    R1(config)# route-map NO_EXPORT permit 10


    R1(config-route-map)# match as-path 1
    R1(config-route-map)# set community no-export
    R1(config-route-map)# exit

    R1(config)# route-map NO_EXPORT permit 20


    R1(config-route-map)# exit

    R1(config)# router bgp 100


    R1(config-router)# address-family ipv4 
    R1(config-router-af)# neighbor 10.12.1.2 send-community
    R1(config-router-af)# neighbor 10.12.1.2 route-map NO_EXPORT out
    R1(config-router-af)# end

    R1# clear ip bgp * out NO_E XPORT

    everestacademy.in , Mob: 00919886861543


    Network Scenario

    ❖ Do not allow AS 100 to become a transit AS by using NO_EXPORT community on R1 only.

    R2# show bgp ipv4 unicast 192.168.4.1


    BGP routing table entry for 192.168.4.1/32, version 14
    Paths: (1 available, best #1, table default, not advertised to EBGP peer)
    Not advertised to any peer
    Refresh Epoch 1
    404
    10.14.1.4 from 10.12.1.1 (1.1.1.1)
    Origin incomplete, metric 0, localpref 100, valid, internal, best
    Community: no-export
    rx pathid: 0, tx pathid: 0x0
    R2#
    R2# show bgp ipv4 unicast 192.168.5.1
    BGP routing table entry for 192.168.5.1/32, version 15
    Paths: (1 available, best #1, table default, not advertised to EBGP peer)

    Not advertised to any peer
    Refresh Epoch 1
    404 505
    10.14.1.4 from 10.12.1.1 (1.1.1.1)
    NO_E XPORT
    Origin incomplete, metric 0, localpref 100, valid, internal, best
    Community: no-export
    rx pathid: 0, tx pathid: 0x0

    everestacademy.in , Mob: 00919886861543


    Network Scenario

    ❖ Do not allow AS 100 to become a transit AS by using NO_EXPORT community on R1 only.

    R3# show bgp ipv4 unicast | begin Network


    Network Next Hop Metric LocPrf Weight Path
    *> 10.12.1.0/24 10.23.1.2 0 0 100 ?
    *> 10.14.1.0/24 10.23.1.2 0 100 ?
    * 10.23.1.0/24 10.23.1.2 0 0 100 ?
    *> 0.0.0.0 0 32768 ?
    * 10.36.1.0/24 10.36.1.6 0 0 606 ?
    *> 0.0.0.0 0 32768 ?
    *> 10.45.1.0/24 10.23.1.2 0 100 404 ?
    *> 192.168.1.1/32 10.23.1.2 0 100 ?
    *>
    *>
    192.168.2.1/32
    192.168.3.1/32
    10.23.1.2
    0.0.0.0
    0
    0
    0 100 ?
    32768 ? 
    *> 192.168.4.1/32 10.23.1.2 0 100 404 ?
    *> 192.168.5.1/32 10.23.1.2 0 100 404 505 ?
    *> 192.168.6.1/32 10.36.1.6 0 0 606 ?

    NO_E XPORT

    everestacademy.in , Mob: 00919886861543


    Network Scenario

    ❖ Do not allow AS 100 to become a transit AS by using NO_EXPORT community on R1 only.

    R1# conf t
    R1(config)# ip as-path access-list 1 permit _303_

    R1(config)# route-map NO_EXPORT permit 10


    R1(config-route-map)# match as-path 1
    R1(config-route-map)# set community no-export
    R1(config-route-map)# exit

    R1(config)# route-map NO_EXPORT permit 20


    R1(config-route-map)# exit

    R1(config)# router bgp 100


    R1(config-router)# address-family ipv4 
    R1(config-router-af)# neighbor 10.12.1.2 send-community
    R1(config-router-af)# neighbor 10.12.1.2 route-map NO_EXPORT in
    R1(config-router-af)# end

    R1# clear ip bgp * in

    everestacademy.in , Mob: 00919886861543


    Network Scenario

    ❖ Do not allow AS 100 to become a transit AS by using NO_EXPORT community on R1 only.

    R1# show bgp ipv4 unicast 192.168.3.1


    BGP routing table entry for 192.168.3.1/32, version 14
    Paths: (1 available, best #1, table default, not advertised to EBGP peer)
    Not advertised to any peer
    Refresh Epoch 4
    303
    10.23.1.3 from 10.12.1.2 (2.2.2.2)
    Origin incomplete, metric 0, localpref 100, valid, internal, best
    Community: no-export
    rx pathid: 0, tx pathid: 0x0
    R1#
    R1# show bgp ipv4 unicast 192.168.6.1
    BGP routing table entry for 192.168.6.1/32, version 15
    Paths: (1 available, best #1, table default, not advertised to EBGP peer)

    Not advertised to any peer
    Refresh Epoch 4
    303 606
    10.23.1.3 from 10.12.1.2 (2.2.2.2)
    Origin incomplete, metric 0, localpref 100, valid, internal, best
    Community: no-export
    rx pathid: 0, tx pathid: 0x0

    everestacademy.in , Mob: 00919886861543


    Network Scenario

    ❖ Do not allow AS 100 to become a transit AS by using NO_EXPORT community on R1 only.

    R4# show bgp ipv4 unicast | begin Network


    Network Next Hop Metric LocPrf Weight Path
    *> 10.12.1.0/24 10.14.1.1 0 0 100 ?
    * 10.14.1.0/24 10.14.1.1 0 0 100 ?
    *> 0.0.0.0 0 32768 ?
    *> 10.23.1.0/24 10.14.1.1 0 100 ?
    *> 10.36.1.0/24 10.14.1.1 0 100 303 ?
    * 10.45.1.0/24 10.45.1.5 0 0 505 ?
    *> 0.0.0.0 0 32768 ?
    *> 192.168.1.1/32 10.14.1.1 0 0 100 ?
    *>
    *>
    192.168.2.1/32
    192.168.3.1/32
    10.14.1.1
    10.14.1.1
    0 100 ?
    0 100 303 ? 
    *> 192.168.4.1/32 0.0.0.0 0 32768 ?
    *> 192.168.5.1/32 10.45.1.5 0 0 505 ?
    *> 192.168.6.1/32 10.14.1.1 0 100 303 606 ?

    everestacademy.in , Mob: 00919886861543


    Network Scenario

    ❖ Do not allow AS 100 to become a transit AS by using NO_EXPORT community on R1 only.

    R3# show bgp ipv4 unicast | begin Network


    Network Next Hop Metric LocPrf Weight Path
    *> 10.12.1.0/24 10.23.1.2 0 0 100 ?
    *> 10.14.1.0/24 10.23.1.2 0 100 ?
    * 10.23.1.0/24 10.23.1.2 0 0 100 ?
    *> 0.0.0.0 0 32768 ?
    * 10.36.1.0/24 10.36.1.6 0 0 606 ?
    *> 0.0.0.0 0 32768 ?
    *> 192.168.1.1/32 10.23.1.2 0 100 ?
    *> 192.168.2.1/32 10.23.1.2 0 0 100 ?
    *> 192.168.3.1/32 0.0.0.0 0 32768 ?
    *> 192.168.6.1/32 10.36.1.6 0 0 606 ?

    R4# show bgp ipv4 unicast | begin Network


    Network Next Hop Metric LocPrf Weight Path

    *> 10.12.1.0/24 10.14.1.1 0 0 100 ?
    * 10.14.1.0/24 10.14.1.1 0 0 100 ?
    *> 0.0.0.0 0 32768 ?
    *> 10.23.1.0/24 10.14.1.1 0 100 ?
    * 10.45.1.0/24 10.45.1.5 0 0 505 ?
    *> 0.0.0.0 0 32768 ?
    *> 192.168.1.1/32 10.14.1.1 0 0 100 ?
    *> 192.168.2.1/32 10.14.1.1 0 100 ?
    *> 192.168.4.1/32 0.0.0.0 0 32768 ?
    *> 192.168.5.1/32 10.45.1.5 0 0 505 ?

    everestacademy.in , Mob: 00919886861543

    You might also like