More BGP tricks

More BGP tricks

At times, the ‘rules of BGP’ don’t fit the needs of our productions networks. When we get into today’s production networks how often do book configurations apply? I’ll tell you one thing. I don’t see many book examples with 450+ line BGP configs, but I’ve worked on a number of networks where this was the case. Here are two examples where having these tools in your arsenal could be crucial.

Situation 1

Your company has gone through some major changes and requires changing AS numbers on your BGP routers. You have over 20 down stream clients, and several upstream connections that all need changed. Since these changes need to be configured on both sides, what are the chances of getting them all done at once? (feel free to laugh out loud…..) local-as is configurable on a per neighbor basis and will allow us to make these changes one peer at a time until such a time we can take the entire router down and reconfigure BGP. In the example below, we’re changing from ASN 65501, to 8888. Neighbor 1.2.3.4 will continue to use our original ASN, while 5.6.7.8 will use the new ASN 8888.

router bgp 65501
 neighbor 1.2.3.4 remote-as 1234
 neighbor 1.2.3.4 route-map as1234-in in
 neighbor 1.2.3.4 route-map as1234-out out
 neighbor 5.6.7.8 remote-as 5678
 neighbor 5.6.7.8 local-as 8888
 neighbor 5.6.7.8 route-map as5678-in in
 neighbor 5.6.7.8 route-map as5678-out out
!

Situation 2

So, your network has had a major failure and you need to provide for access to the other half. The simplest way you can think of is configuring a tunnel from each end point, and running BGP over it. At least then, you can ensure when the network comes back up, BGP will handle the switchover. But, as you may know, BGP doesn’t allow incoming routes with your ASN already in the path. That’s simple enough to work around using the allowas-in command. Usage: allowas-in [allow X instances of our ASN in path] – see the following example.

router bgp 8888
 neighbor 8.2.2.2 remote-as 8888
 neighbor 8.2.2.2 allowas-in 2
 neighbor 8.2.2.2 route-map as8888-in in
 neighbor 8.2.2.2 route-map as8888-out out
!

Obviously these are just a couple of tricks in the bag, and may not be fully supported solutions… if you have any questions or any topics you’d like to hear more about please let me know in the comments below. Thanks!

Tags :
comments powered by Disqus

Related Posts

Network Field Day 2 — Comic Edition

Network Field Day 2 — Comic Edition

During the coarse of NFD2 I found an iPhone app called Halftone, and later, one named ComicStrip that allow you to add some fun effects and speech bubbles to your photos… So, I …

Read More
Well-Known Intervals

Well-Known Intervals

Listed below are many events which occur on network devices at well-known intervals. The list is provided to serve as an aid while troubleshooting recurring network disruptions. …

Read More
Gartner – more than a magic quadrant

Gartner – more than a magic quadrant

In the past I have personally given a lot of flack towards Gartner, but that was when I was in a different stage of my career. Over the past two years I’ve transitioned …

Read More