bgpd.texi 54 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587
  1. @c -*-texinfo-*-
  2. @c This is part of the Quagga Manual.
  3. @c @value{COPYRIGHT_STR}
  4. @c See file quagga.texi for copying conditions.
  5. @node BGP
  6. @chapter BGP
  7. @acronym{BGP} stands for a Border Gateway Protocol. The lastest BGP version
  8. is 4. It is referred as BGP-4. BGP-4 is one of the Exterior Gateway
  9. Protocols and de-fact standard of Inter Domain routing protocol.
  10. BGP-4 is described in @cite{RFC1771, A Border Gateway Protocol
  11. 4 (BGP-4)}.
  12. Many extensions have been added to @cite{RFC1771}. @cite{RFC2858,
  13. Multiprotocol Extensions for BGP-4} provides multiprotocol support to
  14. BGP-4.
  15. @menu
  16. * Starting BGP::
  17. * BGP router::
  18. * BGP network::
  19. * BGP Peer::
  20. * BGP Peer Group::
  21. * BGP Address Family::
  22. * Autonomous System::
  23. * BGP Communities Attribute::
  24. * BGP Extended Communities Attribute::
  25. * Displaying BGP routes::
  26. * Capability Negotiation::
  27. * Route Reflector::
  28. * Route Server::
  29. * How to set up a 6-Bone connection::
  30. * Dump BGP packets and table::
  31. * BGP Configuration Examples::
  32. @end menu
  33. @node Starting BGP
  34. @section Starting BGP
  35. Default configuration file of @command{bgpd} is @file{bgpd.conf}.
  36. @command{bgpd} searches the current directory first then
  37. @value{INSTALL_PREFIX_ETC}/bgpd.conf. All of bgpd's command must be
  38. configured in @file{bgpd.conf}.
  39. @command{bgpd} specific invocation options are described below. Common
  40. options may also be specified (@pxref{Common Invocation Options}).
  41. @table @samp
  42. @item -p @var{PORT}
  43. @itemx --bgp_port=@var{PORT}
  44. Set the bgp protocol's port number.
  45. @item -r
  46. @itemx --retain
  47. When program terminates, retain BGP routes added by zebra.
  48. @end table
  49. @node BGP router
  50. @section BGP router
  51. First of all you must configure BGP router with @command{router bgp}
  52. command. To configure BGP router, you need AS number. AS number is an
  53. identification of autonomous system. BGP protocol uses the AS number
  54. for detecting whether the BGP connection is internal one or external one.
  55. @deffn Command {router bgp @var{asn}} {}
  56. Enable a BGP protocol process with the specified @var{asn}. After
  57. this statement you can input any @code{BGP Commands}. You can not
  58. create different BGP process under different @var{asn} without
  59. specifying @code{multiple-instance} (@pxref{Multiple instance}).
  60. @end deffn
  61. @deffn Command {no router bgp @var{asn}} {}
  62. Destroy a BGP protocol process with the specified @var{asn}.
  63. @end deffn
  64. @deffn {BGP} {bgp router-id @var{A.B.C.D}} {}
  65. This command specifies the router-ID. If @command{bgpd} connects to @command{zebra} it gets
  66. interface and address information. In that case default router ID value
  67. is selected as the largest IP Address of the interfaces. When
  68. @code{router zebra} is not enabled @command{bgpd} can't get interface information
  69. so @code{router-id} is set to 0.0.0.0. So please set router-id by hand.
  70. @end deffn
  71. @menu
  72. * BGP distance::
  73. * BGP decision process::
  74. * BGP route flap dampening::
  75. @end menu
  76. @node BGP distance
  77. @subsection BGP distance
  78. @deffn {BGP} {distance bgp <1-255> <1-255> <1-255>} {}
  79. This command change distance value of BGP. Each argument is distance
  80. value for external routes, internal routes and local routes.
  81. @end deffn
  82. @deffn {BGP} {distance <1-255> @var{A.B.C.D/M}} {}
  83. @deffnx {BGP} {distance <1-255> @var{A.B.C.D/M} @var{word}} {}
  84. This command set distance value to
  85. @end deffn
  86. @node BGP decision process
  87. @subsection BGP decision process
  88. @table @asis
  89. @item 1. Weight check
  90. @item 2. Local preference check.
  91. @item 3. Local route check.
  92. @item 4. AS path length check.
  93. @item 5. Origin check.
  94. @item 6. MED check.
  95. @end table
  96. @deffn {BGP} {bgp bestpath as-path confed} {}
  97. This command specifies that the length of confederation path sets and
  98. sequences should should be taken into account during the BGP best path
  99. decision process.
  100. @end deffn
  101. @deffn {BGP} {bgp bestpath as-path multipath-relax} {}
  102. This command specifies that BGP decision process should consider paths
  103. of equal AS_PATH length candidates for multipath computation. Without
  104. the knob, the entire AS_PATH must match for multipath computation.
  105. @end deffn
  106. @node BGP route flap dampening
  107. @subsection BGP route flap dampening
  108. @deffn {BGP} {bgp dampening @var{<1-45>} @var{<1-20000>} @var{<1-20000>} @var{<1-255>}} {}
  109. This command enables BGP route-flap dampening and specifies dampening parameters.
  110. @table @asis
  111. @item @asis{half-life}
  112. Half-life time for the penalty
  113. @item @asis{reuse-threshold}
  114. Value to start reusing a route
  115. @item @asis{suppress-threshold}
  116. Value to start suppressing a route
  117. @item @asis{max-suppress}
  118. Maximum duration to suppress a stable route
  119. @end table
  120. The route-flap damping algorithm is compatible with @cite{RFC2439}. The use of this command
  121. is not recommended nowadays, see @uref{http://www.ripe.net/ripe/docs/ripe-378,,RIPE-378}.
  122. @end deffn
  123. @node BGP network
  124. @section BGP network
  125. @menu
  126. * BGP route::
  127. * Route Aggregation::
  128. * Redistribute to BGP::
  129. @end menu
  130. @node BGP route
  131. @subsection BGP route
  132. @deffn {BGP} {network @var{A.B.C.D/M}} {}
  133. This command adds the announcement network.
  134. @example
  135. @group
  136. router bgp 1
  137. network 10.0.0.0/8
  138. @end group
  139. @end example
  140. This configuration example says that network 10.0.0.0/8 will be
  141. announced to all neighbors. Some vendors' routers don't advertise
  142. routes if they aren't present in their IGP routing tables; @code{bgpd}
  143. doesn't care about IGP routes when announcing its routes.
  144. @end deffn
  145. @deffn {BGP} {no network @var{A.B.C.D/M}} {}
  146. @end deffn
  147. @node Route Aggregation
  148. @subsection Route Aggregation
  149. @deffn {BGP} {aggregate-address @var{A.B.C.D/M}} {}
  150. This command specifies an aggregate address.
  151. @end deffn
  152. @deffn {BGP} {aggregate-address @var{A.B.C.D/M} as-set} {}
  153. This command specifies an aggregate address. Resulting routes inlucde
  154. AS set.
  155. @end deffn
  156. @deffn {BGP} {aggregate-address @var{A.B.C.D/M} summary-only} {}
  157. This command specifies an aggregate address. Aggreated routes will
  158. not be announce.
  159. @end deffn
  160. @deffn {BGP} {no aggregate-address @var{A.B.C.D/M}} {}
  161. @end deffn
  162. @node Redistribute to BGP
  163. @subsection Redistribute to BGP
  164. @deffn {BGP} {redistribute kernel} {}
  165. Redistribute kernel route to BGP process.
  166. @end deffn
  167. @deffn {BGP} {redistribute static} {}
  168. Redistribute static route to BGP process.
  169. @end deffn
  170. @deffn {BGP} {redistribute connected} {}
  171. Redistribute connected route to BGP process.
  172. @end deffn
  173. @deffn {BGP} {redistribute rip} {}
  174. Redistribute RIP route to BGP process.
  175. @end deffn
  176. @deffn {BGP} {redistribute ospf} {}
  177. Redistribute OSPF route to BGP process.
  178. @end deffn
  179. @node BGP Peer
  180. @section BGP Peer
  181. @menu
  182. * Defining Peer::
  183. * BGP Peer commands::
  184. * Peer filtering::
  185. @end menu
  186. @node Defining Peer
  187. @subsection Defining Peer
  188. @deffn {BGP} {neighbor @var{peer} remote-as @var{asn}} {}
  189. Creates a new neighbor whose remote-as is @var{asn}. @var{peer}
  190. can be an IPv4 address or an IPv6 address.
  191. @example
  192. @group
  193. router bgp 1
  194. neighbor 10.0.0.1 remote-as 2
  195. @end group
  196. @end example
  197. In this case my router, in AS-1, is trying to peer with AS-2 at
  198. 10.0.0.1.
  199. This command must be the first command used when configuring a neighbor.
  200. If the remote-as is not specified, @command{bgpd} will complain like this:
  201. @example
  202. can't find neighbor 10.0.0.1
  203. @end example
  204. @end deffn
  205. @node BGP Peer commands
  206. @subsection BGP Peer commands
  207. In a @code{router bgp} clause there are neighbor specific configurations
  208. required.
  209. @deffn {BGP} {neighbor @var{peer} shutdown} {}
  210. @deffnx {BGP} {no neighbor @var{peer} shutdown} {}
  211. Shutdown the peer. We can delete the neighbor's configuration by
  212. @code{no neighbor @var{peer} remote-as @var{as-number}} but all
  213. configuration of the neighbor will be deleted. When you want to
  214. preserve the configuration, but want to drop the BGP peer, use this
  215. syntax.
  216. @end deffn
  217. @deffn {BGP} {neighbor @var{peer} ebgp-multihop} {}
  218. @deffnx {BGP} {no neighbor @var{peer} ebgp-multihop} {}
  219. @end deffn
  220. @deffn {BGP} {neighbor @var{peer} description ...} {}
  221. @deffnx {BGP} {no neighbor @var{peer} description ...} {}
  222. Set description of the peer.
  223. @end deffn
  224. @deffn {BGP} {neighbor @var{peer} version @var{version}} {}
  225. Set up the neighbor's BGP version. @var{version} can be @var{4},
  226. @var{4+} or @var{4-}. BGP version @var{4} is the default value used for
  227. BGP peering. BGP version @var{4+} means that the neighbor supports
  228. Multiprotocol Extensions for BGP-4. BGP version @var{4-} is similar but
  229. the neighbor speaks the old Internet-Draft revision 00's Multiprotocol
  230. Extensions for BGP-4. Some routing software is still using this
  231. version.
  232. @end deffn
  233. @deffn {BGP} {neighbor @var{peer} interface @var{ifname}} {}
  234. @deffnx {BGP} {no neighbor @var{peer} interface @var{ifname}} {}
  235. When you connect to a BGP peer over an IPv6 link-local address, you
  236. have to specify the @var{ifname} of the interface used for the
  237. connection. To specify IPv4 session addresses, see the
  238. @code{neighbor @var{peer} update-source} command below.
  239. This command is deprecated and may be removed in a future release. Its
  240. use should be avoided.
  241. @end deffn
  242. @deffn {BGP} {neighbor @var{peer} next-hop-self [all]} {}
  243. @deffnx {BGP} {no neighbor @var{peer} next-hop-self [all]} {}
  244. This command specifies an announced route's nexthop as being equivalent
  245. to the address of the bgp router if it is learned via eBGP.
  246. If the optional keyword @code{all} is specified the modifiation is done
  247. also for routes learned via iBGP.
  248. @end deffn
  249. @deffn {BGP} {neighbor @var{peer} update-source @var{<ifname|address>}} {}
  250. @deffnx {BGP} {no neighbor @var{peer} update-source} {}
  251. Specify the IPv4 source address to use for the @acronym{BGP} session to this
  252. neighbour, may be specified as either an IPv4 address directly or
  253. as an interface name (in which case the @command{zebra} daemon MUST be running
  254. in order for @command{bgpd} to be able to retrieve interface state).
  255. @example
  256. @group
  257. router bgp 64555
  258. neighbor foo update-source 192.168.0.1
  259. neighbor bar update-source lo0
  260. @end group
  261. @end example
  262. @end deffn
  263. @deffn {BGP} {neighbor @var{peer} default-originate} {}
  264. @deffnx {BGP} {no neighbor @var{peer} default-originate} {}
  265. @command{bgpd}'s default is to not announce the default route (0.0.0.0/0) even it
  266. is in routing table. When you want to announce default routes to the
  267. peer, use this command.
  268. @end deffn
  269. @deffn {BGP} {neighbor @var{peer} port @var{port}} {}
  270. @deffnx {BGP} {neighbor @var{peer} port @var{port}} {}
  271. @end deffn
  272. @deffn {BGP} {neighbor @var{peer} send-community} {}
  273. @deffnx {BGP} {neighbor @var{peer} send-community} {}
  274. @end deffn
  275. @deffn {BGP} {neighbor @var{peer} weight @var{weight}} {}
  276. @deffnx {BGP} {no neighbor @var{peer} weight @var{weight}} {}
  277. This command specifies a default @var{weight} value for the neighbor's
  278. routes.
  279. @end deffn
  280. @deffn {BGP} {neighbor @var{peer} maximum-prefix @var{number}} {}
  281. @deffnx {BGP} {no neighbor @var{peer} maximum-prefix @var{number}} {}
  282. @end deffn
  283. @deffn {BGP} {neighbor @var{peer} local-as @var{as-number}} {}
  284. @deffnx {BGP} {neighbor @var{peer} local-as @var{as-number} no-prepend} {}
  285. @deffnx {BGP} {neighbor @var{peer} local-as @var{as-number} no-prepend replace-as} {}
  286. @deffnx {BGP} {no neighbor @var{peer} local-as} {}
  287. Specify an alternate AS for this BGP process when interacting with the
  288. specified peer. With no modifiers, the specified local-as is prepended to
  289. the received AS_PATH when receiving routing updates from the peer, and
  290. prepended to the outgoing AS_PATH (after the process local AS) when
  291. transmitting local routes to the peer.
  292. If the no-prepend attribute is specified, then the supplied local-as is not
  293. prepended to the received AS_PATH.
  294. If the replace-as attribute is specified, then only the supplied local-as is
  295. prepended to the AS_PATH when transmitting local-route updates to this peer.
  296. Note that replace-as can only be specified if no-prepend is.
  297. This command is only allowed for eBGP peers.
  298. @end deffn
  299. @deffn {BGP} {neighbor @var{peer} ttl-security hops @var{number}} {}
  300. @deffnx {BGP} {no neighbor @var{peer} ttl-security hops @var{number}} {}
  301. This command enforces Generalized TTL Security Mechanism (GTSM), as
  302. specified in RFC 5082. With this command, only neighbors that are the
  303. specified number of hops away will be allowed to become neighbors. This
  304. command is mututally exclusive with @command{ebgp-multihop}.
  305. @end deffn
  306. @node Peer filtering
  307. @subsection Peer filtering
  308. @deffn {BGP} {neighbor @var{peer} distribute-list @var{name} [in|out]} {}
  309. This command specifies a distribute-list for the peer. @var{direct} is
  310. @samp{in} or @samp{out}.
  311. @end deffn
  312. @deffn {BGP command} {neighbor @var{peer} prefix-list @var{name} [in|out]} {}
  313. @end deffn
  314. @deffn {BGP command} {neighbor @var{peer} filter-list @var{name} [in|out]} {}
  315. @end deffn
  316. @deffn {BGP} {neighbor @var{peer} route-map @var{name} [in|out]} {}
  317. Apply a route-map on the neighbor. @var{direct} must be @code{in} or
  318. @code{out}.
  319. @end deffn
  320. @c -----------------------------------------------------------------------
  321. @node BGP Peer Group
  322. @section BGP Peer Group
  323. @deffn {BGP} {neighbor @var{word} peer-group} {}
  324. This command defines a new peer group.
  325. @end deffn
  326. @deffn {BGP} {neighbor @var{peer} peer-group @var{word}} {}
  327. This command bind specific peer to peer group @var{word}.
  328. @end deffn
  329. @node BGP Address Family
  330. @section BGP Address Family
  331. @c -----------------------------------------------------------------------
  332. @node Autonomous System
  333. @section Autonomous System
  334. The @acronym{AS,Autonomous System} number is one of the essential
  335. element of BGP. BGP is a distance vector routing protocol, and the
  336. AS-Path framework provides distance vector metric and loop detection to
  337. BGP. @cite{RFC1930, Guidelines for creation, selection, and
  338. registration of an Autonomous System (AS)} provides some background on
  339. the concepts of an AS.
  340. The AS number is a two octet value, ranging in value from 1 to 65535.
  341. The AS numbers 64512 through 65535 are defined as private AS numbers.
  342. Private AS numbers must not to be advertised in the global Internet.
  343. @menu
  344. * AS Path Regular Expression::
  345. * Display BGP Routes by AS Path::
  346. * AS Path Access List::
  347. * Using AS Path in Route Map::
  348. * Private AS Numbers::
  349. @end menu
  350. @node AS Path Regular Expression
  351. @subsection AS Path Regular Expression
  352. AS path regular expression can be used for displaying BGP routes and
  353. AS path access list. AS path regular expression is based on
  354. @code{POSIX 1003.2} regular expressions. Following description is
  355. just a subset of @code{POSIX} regular expression. User can use full
  356. @code{POSIX} regular expression. Adding to that special character '_'
  357. is added for AS path regular expression.
  358. @table @code
  359. @item .
  360. Matches any single character.
  361. @item *
  362. Matches 0 or more occurrences of pattern.
  363. @item +
  364. Matches 1 or more occurrences of pattern.
  365. @item ?
  366. Match 0 or 1 occurrences of pattern.
  367. @item ^
  368. Matches the beginning of the line.
  369. @item $
  370. Matches the end of the line.
  371. @item _
  372. Character @code{_} has special meanings in AS path regular expression.
  373. It matches to space and comma , and AS set delimiter @{ and @} and AS
  374. confederation delimiter @code{(} and @code{)}. And it also matches to
  375. the beginning of the line and the end of the line. So @code{_} can be
  376. used for AS value boundaries match. @code{show ip bgp regexp _7675_}
  377. matches to all of BGP routes which as AS number include @var{7675}.
  378. @end table
  379. @node Display BGP Routes by AS Path
  380. @subsection Display BGP Routes by AS Path
  381. To show BGP routes which has specific AS path information @code{show
  382. ip bgp} command can be used.
  383. @deffn Command {show ip bgp regexp @var{line}} {}
  384. This commands display BGP routes that matches AS path regular
  385. expression @var{line}.
  386. @end deffn
  387. @node AS Path Access List
  388. @subsection AS Path Access List
  389. AS path access list is user defined AS path.
  390. @deffn {Command} {ip as-path access-list @var{word} @{permit|deny@} @var{line}} {}
  391. This command defines a new AS path access list.
  392. @end deffn
  393. @deffn {Command} {no ip as-path access-list @var{word}} {}
  394. @deffnx {Command} {no ip as-path access-list @var{word} @{permit|deny@} @var{line}} {}
  395. @end deffn
  396. @node Using AS Path in Route Map
  397. @subsection Using AS Path in Route Map
  398. @deffn {Route Map} {match as-path @var{word}} {}
  399. @end deffn
  400. @deffn {Route Map} {set as-path prepend @var{as-path}} {}
  401. Prepend the given string of AS numbers to the AS_PATH.
  402. @end deffn
  403. @deffn {Route Map} {set as-path prepend last-as @var{num}} {}
  404. Prepend the existing last AS number (the leftmost ASN) to the AS_PATH.
  405. @end deffn
  406. @node Private AS Numbers
  407. @subsection Private AS Numbers
  408. @c -----------------------------------------------------------------------
  409. @node BGP Communities Attribute
  410. @section BGP Communities Attribute
  411. BGP communities attribute is widely used for implementing policy
  412. routing. Network operators can manipulate BGP communities attribute
  413. based on their network policy. BGP communities attribute is defined
  414. in @cite{RFC1997, BGP Communities Attribute} and
  415. @cite{RFC1998, An Application of the BGP Community Attribute
  416. in Multi-home Routing}. It is an optional transitive attribute,
  417. therefore local policy can travel through different autonomous system.
  418. Communities attribute is a set of communities values. Each
  419. communities value is 4 octet long. The following format is used to
  420. define communities value.
  421. @table @code
  422. @item AS:VAL
  423. This format represents 4 octet communities value. @code{AS} is high
  424. order 2 octet in digit format. @code{VAL} is low order 2 octet in
  425. digit format. This format is useful to define AS oriented policy
  426. value. For example, @code{7675:80} can be used when AS 7675 wants to
  427. pass local policy value 80 to neighboring peer.
  428. @item internet
  429. @code{internet} represents well-known communities value 0.
  430. @item no-export
  431. @code{no-export} represents well-known communities value @code{NO_EXPORT}@*
  432. @r{(0xFFFFFF01)}. All routes carry this value must not be advertised
  433. to outside a BGP confederation boundary. If neighboring BGP peer is
  434. part of BGP confederation, the peer is considered as inside a BGP
  435. confederation boundary, so the route will be announced to the peer.
  436. @item no-advertise
  437. @code{no-advertise} represents well-known communities value
  438. @code{NO_ADVERTISE}@*@r{(0xFFFFFF02)}. All routes carry this value
  439. must not be advertise to other BGP peers.
  440. @item local-AS
  441. @code{local-AS} represents well-known communities value
  442. @code{NO_EXPORT_SUBCONFED} @r{(0xFFFFFF03)}. All routes carry this
  443. value must not be advertised to external BGP peers. Even if the
  444. neighboring router is part of confederation, it is considered as
  445. external BGP peer, so the route will not be announced to the peer.
  446. @end table
  447. When BGP communities attribute is received, duplicated communities
  448. value in the communities attribute is ignored and each communities
  449. values are sorted in numerical order.
  450. @menu
  451. * BGP Community Lists::
  452. * Numbered BGP Community Lists::
  453. * BGP Community in Route Map::
  454. * Display BGP Routes by Community::
  455. * Using BGP Communities Attribute::
  456. @end menu
  457. @node BGP Community Lists
  458. @subsection BGP Community Lists
  459. BGP community list is a user defined BGP communites attribute list.
  460. BGP community list can be used for matching or manipulating BGP
  461. communities attribute in updates.
  462. There are two types of community list. One is standard community
  463. list and another is expanded community list. Standard community list
  464. defines communities attribute. Expanded community list defines
  465. communities attribute string with regular expression. Standard
  466. community list is compiled into binary format when user define it.
  467. Standard community list will be directly compared to BGP communities
  468. attribute in BGP updates. Therefore the comparison is faster than
  469. expanded community list.
  470. @deffn Command {ip community-list standard @var{name} @{permit|deny@} @var{community}} {}
  471. This command defines a new standard community list. @var{community}
  472. is communities value. The @var{community} is compiled into community
  473. structure. We can define multiple community list under same name. In
  474. that case match will happen user defined order. Once the
  475. community list matches to communities attribute in BGP updates it
  476. return permit or deny by the community list definition. When there is
  477. no matched entry, deny will be returned. When @var{community} is
  478. empty it matches to any routes.
  479. @end deffn
  480. @deffn Command {ip community-list expanded @var{name} @{permit|deny@} @var{line}} {}
  481. This command defines a new expanded community list. @var{line} is a
  482. string expression of communities attribute. @var{line} can include
  483. regular expression to match communities attribute in BGP updates.
  484. @end deffn
  485. @deffn Command {no ip community-list @var{name}} {}
  486. @deffnx Command {no ip community-list standard @var{name}} {}
  487. @deffnx Command {no ip community-list expanded @var{name}} {}
  488. These commands delete community lists specified by @var{name}. All of
  489. community lists shares a single name space. So community lists can be
  490. removed simpley specifying community lists name.
  491. @end deffn
  492. @deffn {Command} {show ip community-list} {}
  493. @deffnx {Command} {show ip community-list @var{name}} {}
  494. This command display current community list information. When
  495. @var{name} is specified the specified community list's information is
  496. shown.
  497. @example
  498. # show ip community-list
  499. Named Community standard list CLIST
  500. permit 7675:80 7675:100 no-export
  501. deny internet
  502. Named Community expanded list EXPAND
  503. permit :
  504. # show ip community-list CLIST
  505. Named Community standard list CLIST
  506. permit 7675:80 7675:100 no-export
  507. deny internet
  508. @end example
  509. @end deffn
  510. @node Numbered BGP Community Lists
  511. @subsection Numbered BGP Community Lists
  512. When number is used for BGP community list name, the number has
  513. special meanings. Community list number in the range from 1 and 99 is
  514. standard community list. Community list number in the range from 100
  515. to 199 is expanded community list. These community lists are called
  516. as numbered community lists. On the other hand normal community lists
  517. is called as named community lists.
  518. @deffn Command {ip community-list <1-99> @{permit|deny@} @var{community}} {}
  519. This command defines a new community list. <1-99> is standard
  520. community list number. Community list name within this range defines
  521. standard community list. When @var{community} is empty it matches to
  522. any routes.
  523. @end deffn
  524. @deffn Command {ip community-list <100-199> @{permit|deny@} @var{community}} {}
  525. This command defines a new community list. <100-199> is expanded
  526. community list number. Community list name within this range defines
  527. expanded community list.
  528. @end deffn
  529. @deffn Command {ip community-list @var{name} @{permit|deny@} @var{community}} {}
  530. When community list type is not specifed, the community list type is
  531. automatically detected. If @var{community} can be compiled into
  532. communities attribute, the community list is defined as a standard
  533. community list. Otherwise it is defined as an expanded community
  534. list. This feature is left for backward compability. Use of this
  535. feature is not recommended.
  536. @end deffn
  537. @node BGP Community in Route Map
  538. @subsection BGP Community in Route Map
  539. In Route Map (@pxref{Route Map}), we can match or set BGP
  540. communities attribute. Using this feature network operator can
  541. implement their network policy based on BGP communities attribute.
  542. Following commands can be used in Route Map.
  543. @deffn {Route Map} {match community @var{word}} {}
  544. @deffnx {Route Map} {match community @var{word} exact-match} {}
  545. This command perform match to BGP updates using community list
  546. @var{word}. When the one of BGP communities value match to the one of
  547. communities value in community list, it is match. When
  548. @code{exact-match} keyword is spcified, match happen only when BGP
  549. updates have completely same communities value specified in the
  550. community list.
  551. @end deffn
  552. @deffn {Route Map} {set community none} {}
  553. @deffnx {Route Map} {set community @var{community}} {}
  554. @deffnx {Route Map} {set community @var{community} additive} {}
  555. This command manipulate communities value in BGP updates. When
  556. @code{none} is specified as communities value, it removes entire
  557. communities attribute from BGP updates. When @var{community} is not
  558. @code{none}, specified communities value is set to BGP updates. If
  559. BGP updates already has BGP communities value, the existing BGP
  560. communities value is replaced with specified @var{community} value.
  561. When @code{additive} keyword is specified, @var{community} is appended
  562. to the existing communities value.
  563. @end deffn
  564. @deffn {Route Map} {set comm-list @var{word} delete} {}
  565. This command remove communities value from BGP communities attribute.
  566. The @var{word} is community list name. When BGP route's communities
  567. value matches to the community list @var{word}, the communities value
  568. is removed. When all of communities value is removed eventually, the
  569. BGP update's communities attribute is completely removed.
  570. @end deffn
  571. @node Display BGP Routes by Community
  572. @subsection Display BGP Routes by Community
  573. To show BGP routes which has specific BGP communities attribute,
  574. @code{show ip bgp} command can be used. The @var{community} value and
  575. community list can be used for @code{show ip bgp} command.
  576. @deffn Command {show ip bgp community} {}
  577. @deffnx Command {show ip bgp community @var{community}} {}
  578. @deffnx Command {show ip bgp community @var{community} exact-match} {}
  579. @code{show ip bgp community} displays BGP routes which has communities
  580. attribute. When @var{community} is specified, BGP routes that matches
  581. @var{community} value is displayed. For this command, @code{internet}
  582. keyword can't be used for @var{community} value. When
  583. @code{exact-match} is specified, it display only routes that have an
  584. exact match.
  585. @end deffn
  586. @deffn Command {show ip bgp community-list @var{word}} {}
  587. @deffnx Command {show ip bgp community-list @var{word} exact-match} {}
  588. This commands display BGP routes that matches community list
  589. @var{word}. When @code{exact-match} is specified, display only routes
  590. that have an exact match.
  591. @end deffn
  592. @node Using BGP Communities Attribute
  593. @subsection Using BGP Communities Attribute
  594. Following configuration is the most typical usage of BGP communities
  595. attribute. AS 7675 provides upstream Internet connection to AS 100.
  596. When following configuration exists in AS 7675, AS 100 networks
  597. operator can set local preference in AS 7675 network by setting BGP
  598. communities attribute to the updates.
  599. @example
  600. router bgp 7675
  601. neighbor 192.168.0.1 remote-as 100
  602. neighbor 192.168.0.1 route-map RMAP in
  603. !
  604. ip community-list 70 permit 7675:70
  605. ip community-list 70 deny
  606. ip community-list 80 permit 7675:80
  607. ip community-list 80 deny
  608. ip community-list 90 permit 7675:90
  609. ip community-list 90 deny
  610. !
  611. route-map RMAP permit 10
  612. match community 70
  613. set local-preference 70
  614. !
  615. route-map RMAP permit 20
  616. match community 80
  617. set local-preference 80
  618. !
  619. route-map RMAP permit 30
  620. match community 90
  621. set local-preference 90
  622. @end example
  623. Following configuration announce 10.0.0.0/8 from AS 100 to AS 7675.
  624. The route has communities value 7675:80 so when above configuration
  625. exists in AS 7675, announced route's local preference will be set to
  626. value 80.
  627. @example
  628. router bgp 100
  629. network 10.0.0.0/8
  630. neighbor 192.168.0.2 remote-as 7675
  631. neighbor 192.168.0.2 route-map RMAP out
  632. !
  633. ip prefix-list PLIST permit 10.0.0.0/8
  634. !
  635. route-map RMAP permit 10
  636. match ip address prefix-list PLIST
  637. set community 7675:80
  638. @end example
  639. Following configuration is an example of BGP route filtering using
  640. communities attribute. This configuration only permit BGP routes
  641. which has BGP communities value 0:80 or 0:90. Network operator can
  642. put special internal communities value at BGP border router, then
  643. limit the BGP routes announcement into the internal network.
  644. @example
  645. router bgp 7675
  646. neighbor 192.168.0.1 remote-as 100
  647. neighbor 192.168.0.1 route-map RMAP in
  648. !
  649. ip community-list 1 permit 0:80 0:90
  650. !
  651. route-map RMAP permit in
  652. match community 1
  653. @end example
  654. Following exmaple filter BGP routes which has communities value 1:1.
  655. When there is no match community-list returns deny. To avoid
  656. filtering all of routes, we need to define permit any at last.
  657. @example
  658. router bgp 7675
  659. neighbor 192.168.0.1 remote-as 100
  660. neighbor 192.168.0.1 route-map RMAP in
  661. !
  662. ip community-list standard FILTER deny 1:1
  663. ip community-list standard FILTER permit
  664. !
  665. route-map RMAP permit 10
  666. match community FILTER
  667. @end example
  668. Communities value keyword @code{internet} has special meanings in
  669. standard community lists. In below example @code{internet} act as
  670. match any. It matches all of BGP routes even if the route does not
  671. have communities attribute at all. So community list @code{INTERNET}
  672. is same as above example's @code{FILTER}.
  673. @example
  674. ip community-list standard INTERNET deny 1:1
  675. ip community-list standard INTERNET permit internet
  676. @end example
  677. Following configuration is an example of communities value deletion.
  678. With this configuration communities value 100:1 and 100:2 is removed
  679. from BGP updates. For communities value deletion, only @code{permit}
  680. community-list is used. @code{deny} community-list is ignored.
  681. @example
  682. router bgp 7675
  683. neighbor 192.168.0.1 remote-as 100
  684. neighbor 192.168.0.1 route-map RMAP in
  685. !
  686. ip community-list standard DEL permit 100:1 100:2
  687. !
  688. route-map RMAP permit 10
  689. set comm-list DEL delete
  690. @end example
  691. @c -----------------------------------------------------------------------
  692. @node BGP Extended Communities Attribute
  693. @section BGP Extended Communities Attribute
  694. BGP extended communities attribute is introduced with MPLS VPN/BGP
  695. technology. MPLS VPN/BGP expands capability of network infrastructure
  696. to provide VPN functionality. At the same time it requires a new
  697. framework for policy routing. With BGP Extended Communities Attribute
  698. we can use Route Target or Site of Origin for implementing network
  699. policy for MPLS VPN/BGP.
  700. BGP Extended Communities Attribute is similar to BGP Communities
  701. Attribute. It is an optional transitive attribute. BGP Extended
  702. Communities Attribute can carry multiple Extended Community value.
  703. Each Extended Community value is eight octet length.
  704. BGP Extended Communities Attribute provides an extended range
  705. compared with BGP Communities Attribute. Adding to that there is a
  706. type field in each value to provides community space structure.
  707. There are two format to define Extended Community value. One is AS
  708. based format the other is IP address based format.
  709. @table @code
  710. @item AS:VAL
  711. This is a format to define AS based Extended Community value.
  712. @code{AS} part is 2 octets Global Administrator subfield in Extended
  713. Community value. @code{VAL} part is 4 octets Local Administrator
  714. subfield. @code{7675:100} represents AS 7675 policy value 100.
  715. @item IP-Address:VAL
  716. This is a format to define IP address based Extended Community value.
  717. @code{IP-Address} part is 4 octets Global Administrator subfield.
  718. @code{VAL} part is 2 octets Local Administrator subfield.
  719. @code{10.0.0.1:100} represents
  720. @end table
  721. @menu
  722. * BGP Extended Community Lists::
  723. * BGP Extended Communities in Route Map::
  724. @end menu
  725. @node BGP Extended Community Lists
  726. @subsection BGP Extended Community Lists
  727. Expanded Community Lists is a user defined BGP Expanded Community
  728. Lists.
  729. @deffn Command {ip extcommunity-list standard @var{name} @{permit|deny@} @var{extcommunity}} {}
  730. This command defines a new standard extcommunity-list.
  731. @var{extcommunity} is extended communities value. The
  732. @var{extcommunity} is compiled into extended community structure. We
  733. can define multiple extcommunity-list under same name. In that case
  734. match will happen user defined order. Once the extcommunity-list
  735. matches to extended communities attribute in BGP updates it return
  736. permit or deny based upon the extcommunity-list definition. When
  737. there is no matched entry, deny will be returned. When
  738. @var{extcommunity} is empty it matches to any routes.
  739. @end deffn
  740. @deffn Command {ip extcommunity-list expanded @var{name} @{permit|deny@} @var{line}} {}
  741. This command defines a new expanded extcommunity-list. @var{line} is
  742. a string expression of extended communities attribute. @var{line} can
  743. include regular expression to match extended communities attribute in
  744. BGP updates.
  745. @end deffn
  746. @deffn Command {no ip extcommunity-list @var{name}} {}
  747. @deffnx Command {no ip extcommunity-list standard @var{name}} {}
  748. @deffnx Command {no ip extcommunity-list expanded @var{name}} {}
  749. These commands delete extended community lists specified by
  750. @var{name}. All of extended community lists shares a single name
  751. space. So extended community lists can be removed simpley specifying
  752. the name.
  753. @end deffn
  754. @deffn {Command} {show ip extcommunity-list} {}
  755. @deffnx {Command} {show ip extcommunity-list @var{name}} {}
  756. This command display current extcommunity-list information. When
  757. @var{name} is specified the community list's information is shown.
  758. @example
  759. # show ip extcommunity-list
  760. @end example
  761. @end deffn
  762. @node BGP Extended Communities in Route Map
  763. @subsection BGP Extended Communities in Route Map
  764. @deffn {Route Map} {match extcommunity @var{word}} {}
  765. @end deffn
  766. @deffn {Route Map} {set extcommunity rt @var{extcommunity}} {}
  767. This command set Route Target value.
  768. @end deffn
  769. @deffn {Route Map} {set extcommunity soo @var{extcommunity}} {}
  770. This command set Site of Origin value.
  771. @end deffn
  772. @c -----------------------------------------------------------------------
  773. @node Displaying BGP routes
  774. @section Displaying BGP Routes
  775. @menu
  776. * Show IP BGP::
  777. * More Show IP BGP::
  778. @end menu
  779. @node Show IP BGP
  780. @subsection Show IP BGP
  781. @deffn {Command} {show ip bgp} {}
  782. @deffnx {Command} {show ip bgp @var{A.B.C.D}} {}
  783. @deffnx {Command} {show ip bgp @var{X:X::X:X}} {}
  784. This command displays BGP routes. When no route is specified it
  785. display all of IPv4 BGP routes.
  786. @end deffn
  787. @example
  788. BGP table version is 0, local router ID is 10.1.1.1
  789. Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
  790. Origin codes: i - IGP, e - EGP, ? - incomplete
  791. Network Next Hop Metric LocPrf Weight Path
  792. *> 1.1.1.1/32 0.0.0.0 0 32768 i
  793. Total number of prefixes 1
  794. @end example
  795. @node More Show IP BGP
  796. @subsection More Show IP BGP
  797. @deffn {Command} {show ip bgp regexp @var{line}} {}
  798. This command display BGP routes using AS path regular expression (@pxref{Display BGP Routes by AS Path}).
  799. @end deffn
  800. @deffn Command {show ip bgp community @var{community}} {}
  801. @deffnx Command {show ip bgp community @var{community} exact-match} {}
  802. This command display BGP routes using @var{community} (@pxref{Display
  803. BGP Routes by Community}).
  804. @end deffn
  805. @deffn Command {show ip bgp community-list @var{word}} {}
  806. @deffnx Command {show ip bgp community-list @var{word} exact-match} {}
  807. This command display BGP routes using community list (@pxref{Display
  808. BGP Routes by Community}).
  809. @end deffn
  810. @deffn {Command} {show ip bgp summary} {}
  811. @end deffn
  812. @deffn {Command} {show ip bgp neighbor [@var{peer}]} {}
  813. @end deffn
  814. @deffn {Command} {clear ip bgp @var{peer}} {}
  815. Clear peers which have addresses of X.X.X.X
  816. @end deffn
  817. @deffn {Command} {clear ip bgp @var{peer} soft in} {}
  818. Clear peer using soft reconfiguration.
  819. @end deffn
  820. @deffn {Command} {show ip bgp dampened-paths} {}
  821. Display paths suppressed due to dampening
  822. @end deffn
  823. @deffn {Command} {show ip bgp flap-statistics} {}
  824. Display flap statistics of routes
  825. @end deffn
  826. @deffn {Command} {show debug} {}
  827. @end deffn
  828. @deffn {Command} {debug event} {}
  829. @end deffn
  830. @deffn {Command} {debug update} {}
  831. @end deffn
  832. @deffn {Command} {debug keepalive} {}
  833. @end deffn
  834. @deffn {Command} {no debug event} {}
  835. @end deffn
  836. @deffn {Command} {no debug update} {}
  837. @end deffn
  838. @deffn {Command} {no debug keepalive} {}
  839. @end deffn
  840. @node Capability Negotiation
  841. @section Capability Negotiation
  842. When adding IPv6 routing information exchange feature to BGP. There
  843. were some proposals. @acronym{IETF,Internet Engineering Task Force}
  844. @acronym{IDR, Inter Domain Routing} @acronym{WG, Working group} adopted
  845. a proposal called Multiprotocol Extension for BGP. The specification
  846. is described in @cite{RFC2283}. The protocol does not define new protocols.
  847. It defines new attributes to existing BGP. When it is used exchanging
  848. IPv6 routing information it is called BGP-4+. When it is used for
  849. exchanging multicast routing information it is called MBGP.
  850. @command{bgpd} supports Multiprotocol Extension for BGP. So if remote
  851. peer supports the protocol, @command{bgpd} can exchange IPv6 and/or
  852. multicast routing information.
  853. Traditional BGP did not have the feature to detect remote peer's
  854. capabilities, e.g. whether it can handle prefix types other than IPv4
  855. unicast routes. This was a big problem using Multiprotocol Extension
  856. for BGP to operational network. @cite{RFC2842, Capabilities
  857. Advertisement with BGP-4} adopted a feature called Capability
  858. Negotiation. @command{bgpd} use this Capability Negotiation to detect
  859. the remote peer's capabilities. If the peer is only configured as IPv4
  860. unicast neighbor, @command{bgpd} does not send these Capability
  861. Negotiation packets (at least not unless other optional BGP features
  862. require capability negotation).
  863. By default, Quagga will bring up peering with minimal common capability
  864. for the both sides. For example, local router has unicast and
  865. multicast capabilitie and remote router has unicast capability. In
  866. this case, the local router will establish the connection with unicast
  867. only capability. When there are no common capabilities, Quagga sends
  868. Unsupported Capability error and then resets the connection.
  869. If you want to completely match capabilities with remote peer. Please
  870. use @command{strict-capability-match} command.
  871. @deffn {BGP} {neighbor @var{peer} strict-capability-match} {}
  872. @deffnx {BGP} {no neighbor @var{peer} strict-capability-match} {}
  873. Strictly compares remote capabilities and local capabilities. If capabilities
  874. are different, send Unsupported Capability error then reset connection.
  875. @end deffn
  876. You may want to disable sending Capability Negotiation OPEN message
  877. optional parameter to the peer when remote peer does not implement
  878. Capability Negotiation. Please use @command{dont-capability-negotiate}
  879. command to disable the feature.
  880. @deffn {BGP} {neighbor @var{peer} dont-capability-negotiate} {}
  881. @deffnx {BGP} {no neighbor @var{peer} dont-capability-negotiate} {}
  882. Suppress sending Capability Negotiation as OPEN message optional
  883. parameter to the peer. This command only affects the peer is configured
  884. other than IPv4 unicast configuration.
  885. @end deffn
  886. When remote peer does not have capability negotiation feature, remote
  887. peer will not send any capabilities at all. In that case, bgp
  888. configures the peer with configured capabilities.
  889. You may prefer locally configured capabilities more than the negotiated
  890. capabilities even though remote peer sends capabilities. If the peer
  891. is configured by @command{override-capability}, @command{bgpd} ignores
  892. received capabilities then override negotiated capabilities with
  893. configured values.
  894. @deffn {BGP} {neighbor @var{peer} override-capability} {}
  895. @deffnx {BGP} {no neighbor @var{peer} override-capability} {}
  896. Override the result of Capability Negotiation with local configuration.
  897. Ignore remote peer's capability value.
  898. @end deffn
  899. @node Route Reflector
  900. @section Route Reflector
  901. @deffn {BGP} {bgp cluster-id @var{a.b.c.d}} {}
  902. @end deffn
  903. @deffn {BGP} {neighbor @var{peer} route-reflector-client} {}
  904. @deffnx {BGP} {no neighbor @var{peer} route-reflector-client} {}
  905. @end deffn
  906. @node Route Server
  907. @section Route Server
  908. At an Internet Exchange point, many ISPs are connected to each other by
  909. external BGP peering. Normally these external BGP connection are done by
  910. @samp{full mesh} method. As with internal BGP full mesh formation,
  911. this method has a scaling problem.
  912. This scaling problem is well known. Route Server is a method to resolve
  913. the problem. Each ISP's BGP router only peers to Route Server. Route
  914. Server serves as BGP information exchange to other BGP routers. By
  915. applying this method, numbers of BGP connections is reduced from
  916. O(n*(n-1)/2) to O(n).
  917. Unlike normal BGP router, Route Server must have several routing tables
  918. for managing different routing policies for each BGP speaker. We call the
  919. routing tables as different @code{view}s. @command{bgpd} can work as
  920. normal BGP router or Route Server or both at the same time.
  921. @menu
  922. * Multiple instance::
  923. * BGP instance and view::
  924. * Routing policy::
  925. * Viewing the view::
  926. @end menu
  927. @node Multiple instance
  928. @subsection Multiple instance
  929. To enable multiple view function of @code{bgpd}, you must turn on
  930. multiple instance feature beforehand.
  931. @deffn {Command} {bgp multiple-instance} {}
  932. Enable BGP multiple instance feature. After this feature is enabled,
  933. you can make multiple BGP instances or multiple BGP views.
  934. @end deffn
  935. @deffn {Command} {no bgp multiple-instance} {}
  936. Disable BGP multiple instance feature. You can not disable this feature
  937. when BGP multiple instances or views exist.
  938. @end deffn
  939. When you want to make configuration more Cisco like one,
  940. @deffn {Command} {bgp config-type cisco} {}
  941. Cisco compatible BGP configuration output.
  942. @end deffn
  943. When bgp config-type cisco is specified,
  944. ``no synchronization'' is displayed.
  945. ``no auto-summary'' is displayed.
  946. ``network'' and ``aggregate-address'' argument is displayed as
  947. ``A.B.C.D M.M.M.M''
  948. Quagga: network 10.0.0.0/8
  949. Cisco: network 10.0.0.0
  950. Quagga: aggregate-address 192.168.0.0/24
  951. Cisco: aggregate-address 192.168.0.0 255.255.255.0
  952. Community attribute handling is also different. If there is no
  953. configuration is specified community attribute and extended community
  954. attribute are sent to neighbor. When user manually disable the
  955. feature community attribute is not sent to the neighbor. In case of
  956. @command{bgp config-type cisco} is specified, community attribute is not
  957. sent to the neighbor by default. To send community attribute user has
  958. to specify @command{neighbor A.B.C.D send-community} command.
  959. @example
  960. !
  961. router bgp 1
  962. neighbor 10.0.0.1 remote-as 1
  963. no neighbor 10.0.0.1 send-community
  964. !
  965. router bgp 1
  966. neighbor 10.0.0.1 remote-as 1
  967. neighbor 10.0.0.1 send-community
  968. !
  969. @end example
  970. @deffn {Command} {bgp config-type zebra} {}
  971. Quagga style BGP configuration. This is default.
  972. @end deffn
  973. @node BGP instance and view
  974. @subsection BGP instance and view
  975. BGP instance is a normal BGP process. The result of route selection
  976. goes to the kernel routing table. You can setup different AS at the
  977. same time when BGP multiple instance feature is enabled.
  978. @deffn {Command} {router bgp @var{as-number}} {}
  979. Make a new BGP instance. You can use arbitrary word for the @var{name}.
  980. @end deffn
  981. @example
  982. @group
  983. bgp multiple-instance
  984. !
  985. router bgp 1
  986. neighbor 10.0.0.1 remote-as 2
  987. neighbor 10.0.0.2 remote-as 3
  988. !
  989. router bgp 2
  990. neighbor 10.0.0.3 remote-as 4
  991. neighbor 10.0.0.4 remote-as 5
  992. @end group
  993. @end example
  994. BGP view is almost same as normal BGP process. The result of
  995. route selection does not go to the kernel routing table. BGP view is
  996. only for exchanging BGP routing information.
  997. @deffn {Command} {router bgp @var{as-number} view @var{name}} {}
  998. Make a new BGP view. You can use arbitrary word for the @var{name}. This
  999. view's route selection result does not go to the kernel routing table.
  1000. @end deffn
  1001. With this command, you can setup Route Server like below.
  1002. @example
  1003. @group
  1004. bgp multiple-instance
  1005. !
  1006. router bgp 1 view 1
  1007. neighbor 10.0.0.1 remote-as 2
  1008. neighbor 10.0.0.2 remote-as 3
  1009. !
  1010. router bgp 2 view 2
  1011. neighbor 10.0.0.3 remote-as 4
  1012. neighbor 10.0.0.4 remote-as 5
  1013. @end group
  1014. @end example
  1015. @node Routing policy
  1016. @subsection Routing policy
  1017. You can set different routing policy for a peer. For example, you can
  1018. set different filter for a peer.
  1019. @example
  1020. @group
  1021. bgp multiple-instance
  1022. !
  1023. router bgp 1 view 1
  1024. neighbor 10.0.0.1 remote-as 2
  1025. neighbor 10.0.0.1 distribute-list 1 in
  1026. !
  1027. router bgp 1 view 2
  1028. neighbor 10.0.0.1 remote-as 2
  1029. neighbor 10.0.0.1 distribute-list 2 in
  1030. @end group
  1031. @end example
  1032. This means BGP update from a peer 10.0.0.1 goes to both BGP view 1 and view
  1033. 2. When the update is inserted into view 1, distribute-list 1 is
  1034. applied. On the other hand, when the update is inserted into view 2,
  1035. distribute-list 2 is applied.
  1036. @node Viewing the view
  1037. @subsection Viewing the view
  1038. To display routing table of BGP view, you must specify view name.
  1039. @deffn {Command} {show ip bgp view @var{name}} {}
  1040. Display routing table of BGP view @var{name}.
  1041. @end deffn
  1042. @node How to set up a 6-Bone connection
  1043. @section How to set up a 6-Bone connection
  1044. @example
  1045. @group
  1046. zebra configuration
  1047. ===================
  1048. !
  1049. ! Actually there is no need to configure zebra
  1050. !
  1051. bgpd configuration
  1052. ==================
  1053. !
  1054. ! This means that routes go through zebra and into the kernel.
  1055. !
  1056. router zebra
  1057. !
  1058. ! MP-BGP configuration
  1059. !
  1060. router bgp 7675
  1061. bgp router-id 10.0.0.1
  1062. neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 remote-as @var{as-number}
  1063. !
  1064. address-family ipv6
  1065. network 3ffe:506::/32
  1066. neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 activate
  1067. neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 route-map set-nexthop out
  1068. neighbor 3ffe:1cfa:0:2:2c0:4fff:fe68:a231 remote-as @var{as-number}
  1069. neighbor 3ffe:1cfa:0:2:2c0:4fff:fe68:a231 route-map set-nexthop out
  1070. exit-address-family
  1071. !
  1072. ipv6 access-list all permit any
  1073. !
  1074. ! Set output nexthop address.
  1075. !
  1076. route-map set-nexthop permit 10
  1077. match ipv6 address all
  1078. set ipv6 nexthop global 3ffe:1cfa:0:2:2c0:4fff:fe68:a225
  1079. set ipv6 nexthop local fe80::2c0:4fff:fe68:a225
  1080. !
  1081. ! logfile FILENAME is obsolete. Please use log file FILENAME
  1082. log file bgpd.log
  1083. !
  1084. @end group
  1085. @end example
  1086. @node Dump BGP packets and table
  1087. @section Dump BGP packets and table
  1088. @deffn Command {dump bgp all @var{path} [@var{interval}]} {}
  1089. @deffnx Command {dump bgp all-et @var{path} [@var{interval}]} {}
  1090. @deffnx Command {no dump bgp all [@var{path}] [@var{interval}]} {}
  1091. Dump all BGP packet and events to @var{path} file.
  1092. If @var{interval} is set, a new file will be created for echo @var{interval} of seconds.
  1093. The path @var{path} can be set with date and time formatting (strftime).
  1094. The type ‘all-et’ enables support for Extended Timestamp Header (@pxref{Packet Binary Dump Format}).
  1095. (@pxref{Packet Binary Dump Format})
  1096. @end deffn
  1097. @deffn Command {dump bgp updates @var{path} [@var{interval}]} {}
  1098. @deffnx Command {dump bgp updates-et @var{path} [@var{interval}]} {}
  1099. @deffnx Command {no dump bgp updates [@var{path}] [@var{interval}]} {}
  1100. Dump only BGP updates messages to @var{path} file.
  1101. If @var{interval} is set, a new file will be created for echo @var{interval} of seconds.
  1102. The path @var{path} can be set with date and time formatting (strftime).
  1103. The type ‘updates-et’ enables support for Extended Timestamp Header (@pxref{Packet Binary Dump Format}).
  1104. @end deffn
  1105. @deffn Command {dump bgp routes-mrt @var{path}} {}
  1106. @deffnx Command {dump bgp routes-mrt @var{path} @var{interval}} {}
  1107. @deffnx Command {no dump bgp route-mrt [@var{path}] [@var{interval}]} {}
  1108. Dump whole BGP routing table to @var{path}. This is heavy process.
  1109. The path @var{path} can be set with date and time formatting (strftime).
  1110. If @var{interval} is set, a new file will be created for echo @var{interval} of seconds.
  1111. @end deffn
  1112. Note: the interval variable can also be set using hours and minutes: 04h20m00.
  1113. @node BGP Configuration Examples
  1114. @section BGP Configuration Examples
  1115. Example of a session to an upstream, advertising only one prefix to it.
  1116. @example
  1117. router bgp 64512
  1118. bgp router-id 10.236.87.1
  1119. network 10.236.87.0/24
  1120. neighbor upstream peer-group
  1121. neighbor upstream remote-as 64515
  1122. neighbor upstream capability dynamic
  1123. neighbor upstream prefix-list pl-allowed-adv out
  1124. neighbor 10.1.1.1 peer-group upstream
  1125. neighbor 10.1.1.1 description ACME ISP
  1126. !
  1127. ip prefix-list pl-allowed-adv seq 5 permit 82.195.133.0/25
  1128. ip prefix-list pl-allowed-adv seq 10 deny any
  1129. @end example
  1130. A more complex example. With upstream, peer and customer sessions.
  1131. Advertising global prefixes and NO_EXPORT prefixes and providing
  1132. actions for customer routes based on community values. Extensive use of
  1133. route-maps and the 'call' feature to support selective advertising of
  1134. prefixes. This example is intended as guidance only, it has NOT been
  1135. tested and almost certainly containts silly mistakes, if not serious
  1136. flaws.
  1137. @example
  1138. router bgp 64512
  1139. bgp router-id 10.236.87.1
  1140. network 10.123.456.0/24
  1141. network 10.123.456.128/25 route-map rm-no-export
  1142. neighbor upstream capability dynamic
  1143. neighbor upstream route-map rm-upstream-out out
  1144. neighbor cust capability dynamic
  1145. neighbor cust route-map rm-cust-in in
  1146. neighbor cust route-map rm-cust-out out
  1147. neighbor cust send-community both
  1148. neighbor peer capability dynamic
  1149. neighbor peer route-map rm-peer-in in
  1150. neighbor peer route-map rm-peer-out out
  1151. neighbor peer send-community both
  1152. neighbor 10.1.1.1 remote-as 64515
  1153. neighbor 10.1.1.1 peer-group upstream
  1154. neighbor 10.2.1.1 remote-as 64516
  1155. neighbor 10.2.1.1 peer-group upstream
  1156. neighbor 10.3.1.1 remote-as 64517
  1157. neighbor 10.3.1.1 peer-group cust-default
  1158. neighbor 10.3.1.1 description customer1
  1159. neighbor 10.3.1.1 prefix-list pl-cust1-network in
  1160. neighbor 10.4.1.1 remote-as 64518
  1161. neighbor 10.4.1.1 peer-group cust
  1162. neighbor 10.4.1.1 prefix-list pl-cust2-network in
  1163. neighbor 10.4.1.1 description customer2
  1164. neighbor 10.5.1.1 remote-as 64519
  1165. neighbor 10.5.1.1 peer-group peer
  1166. neighbor 10.5.1.1 prefix-list pl-peer1-network in
  1167. neighbor 10.5.1.1 description peer AS 1
  1168. neighbor 10.6.1.1 remote-as 64520
  1169. neighbor 10.6.1.1 peer-group peer
  1170. neighbor 10.6.1.1 prefix-list pl-peer2-network in
  1171. neighbor 10.6.1.1 description peer AS 2
  1172. !
  1173. ip prefix-list pl-default permit 0.0.0.0/0
  1174. !
  1175. ip prefix-list pl-upstream-peers permit 10.1.1.1/32
  1176. ip prefix-list pl-upstream-peers permit 10.2.1.1/32
  1177. !
  1178. ip prefix-list pl-cust1-network permit 10.3.1.0/24
  1179. ip prefix-list pl-cust1-network permit 10.3.2.0/24
  1180. !
  1181. ip prefix-list pl-cust2-network permit 10.4.1.0/24
  1182. !
  1183. ip prefix-list pl-peer1-network permit 10.5.1.0/24
  1184. ip prefix-list pl-peer1-network permit 10.5.2.0/24
  1185. ip prefix-list pl-peer1-network permit 192.168.0.0/24
  1186. !
  1187. ip prefix-list pl-peer2-network permit 10.6.1.0/24
  1188. ip prefix-list pl-peer2-network permit 10.6.2.0/24
  1189. ip prefix-list pl-peer2-network permit 192.168.1.0/24
  1190. ip prefix-list pl-peer2-network permit 192.168.2.0/24
  1191. ip prefix-list pl-peer2-network permit 172.16.1/24
  1192. !
  1193. ip as-path access-list asp-own-as permit ^$
  1194. ip as-path access-list asp-own-as permit _64512_
  1195. !
  1196. ! #################################################################
  1197. ! Match communities we provide actions for, on routes receives from
  1198. ! customers. Communities values of <our-ASN>:X, with X, have actions:
  1199. !
  1200. ! 100 - blackhole the prefix
  1201. ! 200 - set no_export
  1202. ! 300 - advertise only to other customers
  1203. ! 400 - advertise only to upstreams
  1204. ! 500 - set no_export when advertising to upstreams
  1205. ! 2X00 - set local_preference to X00
  1206. !
  1207. ! blackhole the prefix of the route
  1208. ip community-list standard cm-blackhole permit 64512:100
  1209. !
  1210. ! set no-export community before advertising
  1211. ip community-list standard cm-set-no-export permit 64512:200
  1212. !
  1213. ! advertise only to other customers
  1214. ip community-list standard cm-cust-only permit 64512:300
  1215. !
  1216. ! advertise only to upstreams
  1217. ip community-list standard cm-upstream-only permit 64512:400
  1218. !
  1219. ! advertise to upstreams with no-export
  1220. ip community-list standard cm-upstream-noexport permit 64512:500
  1221. !
  1222. ! set local-pref to least significant 3 digits of the community
  1223. ip community-list standard cm-prefmod-100 permit 64512:2100
  1224. ip community-list standard cm-prefmod-200 permit 64512:2200
  1225. ip community-list standard cm-prefmod-300 permit 64512:2300
  1226. ip community-list standard cm-prefmod-400 permit 64512:2400
  1227. ip community-list expanded cme-prefmod-range permit 64512:2...
  1228. !
  1229. ! Informational communities
  1230. !
  1231. ! 3000 - learned from upstream
  1232. ! 3100 - learned from customer
  1233. ! 3200 - learned from peer
  1234. !
  1235. ip community-list standard cm-learnt-upstream permit 64512:3000
  1236. ip community-list standard cm-learnt-cust permit 64512:3100
  1237. ip community-list standard cm-learnt-peer permit 64512:3200
  1238. !
  1239. ! ###################################################################
  1240. ! Utility route-maps
  1241. !
  1242. ! These utility route-maps generally should not used to permit/deny
  1243. ! routes, i.e. they do not have meaning as filters, and hence probably
  1244. ! should be used with 'on-match next'. These all finish with an empty
  1245. ! permit entry so as not interfere with processing in the caller.
  1246. !
  1247. route-map rm-no-export permit 10
  1248. set community additive no-export
  1249. route-map rm-no-export permit 20
  1250. !
  1251. route-map rm-blackhole permit 10
  1252. description blackhole, up-pref and ensure it cant escape this AS
  1253. set ip next-hop 127.0.0.1
  1254. set local-preference 10
  1255. set community additive no-export
  1256. route-map rm-blackhole permit 20
  1257. !
  1258. ! Set local-pref as requested
  1259. route-map rm-prefmod permit 10
  1260. match community cm-prefmod-100
  1261. set local-preference 100
  1262. route-map rm-prefmod permit 20
  1263. match community cm-prefmod-200
  1264. set local-preference 200
  1265. route-map rm-prefmod permit 30
  1266. match community cm-prefmod-300
  1267. set local-preference 300
  1268. route-map rm-prefmod permit 40
  1269. match community cm-prefmod-400
  1270. set local-preference 400
  1271. route-map rm-prefmod permit 50
  1272. !
  1273. ! Community actions to take on receipt of route.
  1274. route-map rm-community-in permit 10
  1275. description check for blackholing, no point continuing if it matches.
  1276. match community cm-blackhole
  1277. call rm-blackhole
  1278. route-map rm-community-in permit 20
  1279. match community cm-set-no-export
  1280. call rm-no-export
  1281. on-match next
  1282. route-map rm-community-in permit 30
  1283. match community cme-prefmod-range
  1284. call rm-prefmod
  1285. route-map rm-community-in permit 40
  1286. !
  1287. ! #####################################################################
  1288. ! Community actions to take when advertising a route.
  1289. ! These are filtering route-maps,
  1290. !
  1291. ! Deny customer routes to upstream with cust-only set.
  1292. route-map rm-community-filt-to-upstream deny 10
  1293. match community cm-learnt-cust
  1294. match community cm-cust-only
  1295. route-map rm-community-filt-to-upstream permit 20
  1296. !
  1297. ! Deny customer routes to other customers with upstream-only set.
  1298. route-map rm-community-filt-to-cust deny 10
  1299. match community cm-learnt-cust
  1300. match community cm-upstream-only
  1301. route-map rm-community-filt-to-cust permit 20
  1302. !
  1303. ! ###################################################################
  1304. ! The top-level route-maps applied to sessions. Further entries could
  1305. ! be added obviously..
  1306. !
  1307. ! Customers
  1308. route-map rm-cust-in permit 10
  1309. call rm-community-in
  1310. on-match next
  1311. route-map rm-cust-in permit 20
  1312. set community additive 64512:3100
  1313. route-map rm-cust-in permit 30
  1314. !
  1315. route-map rm-cust-out permit 10
  1316. call rm-community-filt-to-cust
  1317. on-match next
  1318. route-map rm-cust-out permit 20
  1319. !
  1320. ! Upstream transit ASes
  1321. route-map rm-upstream-out permit 10
  1322. description filter customer prefixes which are marked cust-only
  1323. call rm-community-filt-to-upstream
  1324. on-match next
  1325. route-map rm-upstream-out permit 20
  1326. description only customer routes are provided to upstreams/peers
  1327. match community cm-learnt-cust
  1328. !
  1329. ! Peer ASes
  1330. ! outbound policy is same as for upstream
  1331. route-map rm-peer-out permit 10
  1332. call rm-upstream-out
  1333. !
  1334. route-map rm-peer-in permit 10
  1335. set community additive 64512:3200
  1336. @end example