Transcripts
1. Introduction to BGP: Border Gateway Protocol, BGP. This course is all about BGP. If you are IT
professional and if you have experience or
without experience, this course is for you
because this course is from scratch to
advanced level, okay? And this course also cover
some part of CCMP as well, Cisco Certified Network
Professional and core and NRC. Whatever mentioned related
to BGP and encode an NRC. Those topics are already
covered in this course as well. Because this course, we
will introduce two BGP. What is BGP? What
is Autonoma system? What is flavor of BGP? Table up BGP, BGP active-passive
lipid state of BGP, messages type of BGP, multi-hop, end up dead souls of BGP, a whole timer and keep
alive BGP next hop cell of BGP
synchronization, attribute, path selection of BGP,
authentication of BGP, backdoor, route refresh, route
reflector, address family. Okay, are these topic will
be covered in this course. Bgp filtering using excess list. Bgp filtering use it prefix
lists using a route map. Peer group, what is peer
group and why we are using BGP and lab. Also peer group. Bgp, a dumpling,
split horizon rule, and remove private
AS are two summary, route aggregation,
summarization, suppress map, unsuppress map type of
high-speed connection, multi-homing, and so many other topics covered
in this course. This course is for anyone who wants to validate their skill. They want to update
their routing scales, and they want to learn BGP.
2. Border Gateway Protocol: Let's start BGP, the
Border Gateway Protocol. Bgp stand for Border
Gateway Protocol. Bgp is our dynamic
routing protocol. Just like an ear GRP OSPF. Bgp is also dynamic
routing protocol. Bgp is Exterior
Gateway Protocol. Shortcut we call EGP. We have interior
gateway protocol and we have Exterior
Gateway Protocol, or BGP is the only
exterior gateway protocols which use for outside
interior gateway protocol. We have EI, GRP,
OSPF, and IS-IS, and so many other protocol
and protocol nice setup rules and regulation. Model means border. We know between country we
have a border and gateway. So it is a gateway
between two border. That's why we call them Border Gateway Protocol as
set-up rule and regulation. And a protocol which use between two borders are
more than two borders. N is a gateway to
connect to burden. Now, BGP is the only
EGP used nowadays, as I told you this, the only protocol which uses an exterior
gateway protocol. And BEP is called
protocol up internet, because most of the time we
use them on the internet. Bgp is called application
layer protocol as well. Bgp is also called
policy-based routing protocol. You can set policy. Based on policy. It can change the route, which we will see
later in the course. Bgp is called a S by S
dynamic routing protocol. Because BGP use
autonomous system. So that's why we
call them AS by, AS dynamic routing protocol. We will discuss in
detail AS what is, AS so far good about this one. Right? Now. Bgp is called path
vector routing protocol. Again, we will discuss
part with the routing BGP. But we told me is enormous system on
part two, destination. Just like a rape. Rape is using next hop
router as a whole. While path Victor use our
two enormous as a park. Bgp protocol use TCP
port number 179. Let me show you quickly. So let me capture
this interface. We are BGP is configured, so capture 0 slash 0. So I can quickly show you
through Wireshark BGP. Bgp is basically using
TCP port number 179. Again, later in the course
I will show you and we will capture and from
many show command, I will show you
this port number. But right now I just want
to show you quickly. Here is BGP, let me
write filter is a BGP, so we have a BGP. And here is mentioned BGP. And you can see here source
port is 1 seventh died. Bgp is using port number 179. Bgp is an open standard
routing protocol, just like rape, just like
OSPF, just like IS-IS. You can use BGP on any vendor. Router is an open standard
routing protocol. Any vendor, or it
can be a router, it can be Juniper router, it can be Cisco router. You can configure BGP
and any vendor router. Bgp is mainly used for
scalability and reliability. Keep in mind,
because by nature is very slow protocol as compared
to other routing protocol. So that's why we mainly use BGP for scalability
and reliability. And the Internet. And BGP is used for control, but not far speed, as I told you, is
very slow by nature. Not like other dynamic
routing protocol. And we use them for
control, not fast speed. I already told you BGP use the concept of autonomous
system number. We will discuss our
number system in detail. So it means a mainly we use BGP between two
autonomous system. Bgp prevent loop
using AS number. Again, we will see later. But just as an introduction, you need to know that BGP use AS number to
prevent the loop. When you configure BGP, router is running BGP. Then they router, we
call BGP speaker. And the router is
called BGP peer. So if you have an I-bar, so suppose in this case, this R1 is running BGP, an ISP one is running BGP. So this is BGP speaker, and this is BGP peered. Both are running BGP. So that's why you need to know these two small terminology, BGP speaker and BGP peered. This ISP, this one
is BGP peered. This ISP one is BGP speaker. But for R1 BGP night
peer is ISP one. Anyway. It means if you are running BGP, router is called BGP
peered or BGP speaker. Bgp border Gateway. Our routing protocol is
a classless support. Subnetting. Support, full
length subnet mask, variable length subnet mask. Nsrs low, also support CIDR. Bgp support our two
summarization and men while similar
summarization, keep in mind. So this router is
running BGP as well. Sure, running BGP. And here it is. If I go to router BGP. So here I can type
out to somebody, you know, auto summary. Let me question mark. Okay. I just want to
see if it can show us. Okay. Question mark. I will show you like this. Here is it's mentioned are two summary enable automatic
summarization. So we will see later in the
course we will configure out to summarization and also
men while summarization. So BGP support both R2 and
men all summarization. What are two summarization? We use this command
R to summary. While for the other one, is this one aggregate. Again, we will see in
detail aggregate address. Here you need to put, suppose
if I put aggregate n, suppose subnet mask just wanted to put something to show you extra feature as well. So this manual summarization can support many other features. Summary only suppress, may advertise map and
so many other things. But anyway, at least
you need to know right now that BGP support auto
and manual summarization. Bgp update, incremental,
triggered update. So it means BGP updates are
incremental and trigger. Just like an ERP and OSPF. Bgp updates our sin as a unicast to manually
define neighbor, you need to define your night. But men willy, it's not like
a dynamic routing protocol, ie, a GRP, OSPF, RIP. To dynamically make a neighbor
ship with their peer. You need to do it manually. Here we type Nippur command. If you go back to here, I typed that this
is my neighbor. Neighbor and remote is 200. On the other side, I
need to type the same. Sure. Running section, BGP. So this side I also
typed like this. If I go to this one, it means it is men willy. And when we see the
traffic is also. Not using multicast. This is BGP. It's not like your GRP or OSPF. It using Unicast to send
and receive update. They, they're sending and
receiving update you can see here using Unicast. Okay? Bgp, administrative distances,
24 external update. If you configure BGP, is the external BGP. There are two flavor. You don't. Bgp can be configured
in two flavors. One is called BGP, second is called BGP. Bgp means external
Border Gateway Protocol. While I BGP means internal BGP, again, we will do
both and detail. There are two flavor up BGP. But if you configure
them as an external BGP, administrative
distance will be 20. And right now I configure
them as external. So if I go to Let me go, if I have something. So I can show you the
administrative distance. And it should be 20. You can see from here as well. And also we can verify
from routers as well. So this is port number. Okay? And I need to check and
detail is better to go here. And if I check show IP
route BGP is using, here is administrative
distance is 20. Because I configure
them as E BGP. If you configure them as IVP, then the administrative
distance will be 200. Because BGP is met
for external use. But if you want to use
them as extra internal, then the administrative
distance will become high 200. So it means the nipple. The nipple relationship
between E BGP and I BGP protocol are slightly different
because AD is different. 2200 For I BGP neighbor, no need to be
connected directly. For E BGP, the neighbor need
to be connected directly. Again, we will discuss in detail the difference between
I BGP and E BGP. But this is just one difference
between I BGP and E BGP. Border Gateway routing protocol, guaranteed loop free
routing information. Bgp has no R2
discovery mechanism. You need to set
them men with you. I already told you it's not like an ERP with PF or
any other route in dynamic routing
protocol to dynamically delay or deny dynamic,
dynamically discover. Neither. Bgp protocol is used to
exchange Internet routes. And this the only protocol
which use for Internet route. Let me show you if I go
to any public routes or you can go to route server ORG and let
me open any of these. These are publicly,
you can review them. So let me log into any
and if I say show BGP, BGP and enter to look at now, how many routes are there? Because it's the only protocol which support million routes. None of the protocol can handle huge routing table like this. Look good. I'm pressing again and again, and there is a
huge routing table I just opened from here. There is a thousand you
can open any of these. And this is just for review. And this is publicly available. To check BGP. You can go to this website
to check routes servers, dot ORG to check BGP. So that's why this the
only protocol which use for Internet route, because it's supported
huge routing. Table. Bgp is layer four protocol
that sit on top of TCP. If you go there. And if we check here, so you can see Internet
protocol version four. And this is transmission
control protocol because it's used tcp Transmission
Control Protocol. And I told you about the
port number, this is 179. This way I said it. This BGP is layer four protocol
that sit on top of TCP. And you can see from
here is using TCP. And TCP required
three-way handshake, which we will see again
later in the course. So this was an introduction to the Border Gateway
Protocol, BGP.
3. Autonomous System (AS): Topic related to BGP is
what is enormous system. Either we call them
autonomous system number, either AS Internet. Everybody has a public IP, which is unique all
over the world. And in the Internet. Internet, international network. Internet is basically
consider them like Elaine. And when you
configure same IP and the landlord will
give you error. Wonder if I can figure here. Suppose if I change the
IP router one to 12 R2. So they will say, how
is it possible to do brother has the same name. So if I change them to
da2, let me change them. After awhile. Ip conflict error will, you will see look at it
said duplicate addresses. This is not possible. We are in the same network. The IP has to be not similar. It's like a Brothers. And when you give
them the same name. So an intimate everybody
has unique IP address. Same way. Every router which is
connected to the internet, either through internet, is
connected to other branches. They need to buy
autonomous system number. Same like thereby IP addresses. And the inside is
now something I ana. What is the situation of international accounting
and not this one? Yeah, I forgot the name. Let me search it. Ip addresses, public
IP addresses. Addresses range. If they can take me to something name is Ayana something
I forgot the name, not only for Guard thing. Really. So public IEP season AS number. These two are provided
by one company? Yeah. This one is well, but there is yeah, This one. Yeah. Internet Assigned
Numbers Authority. This way I'm muting. Okay, so Internet Assigned
Numbers Authority, this authority, the word IP addresses and AS
number and fibrinogen. This one, ethnic and
all those five region, Asia and America and
all those things. Okay? So public IPs are
assigned based on these fibrinogen in every
region has their own ranges. Okay? Same, they
maintain IP address, which is IPV4 address, an IPV6 address, the same thing they do with autonomous
system number allocation. Same way. There is IPV4 and IPV6 just did is
autonomous system with 32 n. This 116 energy to Sam, like our IPV4, IPV4, IPV4 to do an IPV6, 128. Same, they're handle 16-bit
autonomous system number and 32 bit autonomous
system number. So whenever you want to
connect through outside world, you need to buy
autonomous system number. If you want to
connect through BGP. Either the service
provider will give you same like they assign you and give you a range of public IPs. Normally they provide
you for five PIPs. You know, a range of IP
is normally whenever you buy anything from
service provider, they will give you IP addresses. Same way when you
connect through BGP, they will provide you autonomous
system number as well. But in IPV4 and IPV6 deer or some IP which
is publicly available. And some of them are, which is private IPs, and some of them
which we can use, and some of them which is the same thing and
autonomous system as well. Some autonomous system,
we can use them locally. Some of them can,
we can use them publicly, which is private, and some of them as public, and some of them are reserved. So basically why we are
using this autonomous, the same question I will ask
you why we need public IP to uniquely identified my
router on the internet. Internet is nothing but international network
consider them as a lane. When I change the IP of R1
and I give them the same IP, They gave me a
duplicate IP error. How the BGP router
will distinguish the other BGP routers
in the internet. So we need some unique number. And that number is called
autonomous system, which represent
your organization, which should be
present your company. You can buy many Autonoma, same like if you have
many public IPs. Same public IP, you
can help them from anywhere to reach to
your organization. The same thing you will need
to connect to your branch, to another branch using BGP. Means if IPV4 addresses clear to you or to number system has to be clear to
you, scared away. Now, BGP use autonomous system. But there are two type
autonomous system. Number one is 16-bit, either we call them two octet
autonomous system number, 16 bit, it means
possible numbers are 65536 from 0 to 65535. So it's total 65536
number from 0 to 65535. This one is called 16 bit, 16 bit code only these number, but it's the Internet
and everything change. So they introduce IPV6 because IP four is
not F and this word. Many things are connected
to the Internet and everything
need IPV4 address. Public IPs, like a
freezer, like agrees. Both smartphones, smart TVs, smart screen,
everything new report, every laptop, iPad, iPod, everything required public IPs to connect to the Internet. So IPV4 is not enough. So they introduce IPV6. Same way. Every organization
is using BGP to connect to other branches. So 16 bit is not enough
because it's only 65535. And most of them we
can not use same IP for what they've done. They introduce same like IPV6. They introduced an AS 32-bit, which we call them for
acted or four-byte number. They say, okay, let's
increase the number. An IPV4 we want twenty eight, thirty one, thirty two, and IPV6 we have one 32-bit, which is a huge number, IPV6. Same way they increase
AS number two, 32-bit. Before it was 16 S double up. First one. 32-bit can cover
up to this number, which is a huge number. 4294967296. I don't know how much is it. So two-by-two autonomous
system number is from 0 to 655354 byte autonomous
system number is from 654362 onwards
till 4294967295, which is double
up the first one. So for hardcore, almost 4.3
billion unique is number. Very good. Now coming
to the first 116 bit, 16 bit, we can not
use 00 is reserved. It means total one. We can not use
from one to 64495. These are public S number
which we can use publicly, just like a public IP addresses, which become like that much. From 64496 up to this
one, which become 15. These are reserved
same like class D, which is reserved for multicast. And from 655234, these are private number
which you can use internally. Same like IP for ten
range, IP 4172216 range. And I believe for 192168 range. So total number is 10 to two, which you can use internally
for lab purposes, for internal purpose to connect with each
other through BGP. But these a's will not
work outside internet. Same Leica, those three
range of IP four. And also the last
one is also reserve. Same like or to 55 to
55 to 55 is deserved Pat public certified broadcast. So this was two byte number. I did 32. Now coming to the
other one, sorry, 16. The other 10 is reserved. We already know
these are reserved. These are reasonable
to this point. We already done. And
from here to here, these are probate number. How many? Very huge number are
for private use? And rest of them we
can use them because we have a huge number
from 655362429. So some of them are reserved. You get the idea. Yeah. There are two types of is same like there are two type of IPV4. One is 16-bit autonomous system, which start from 0,
which is reserved. And these are like this. This was specific areas. Well, because of
what they've done, this Ayana divide IP
addresses AS number an area, five area or the area
code all over the world. So don't worry. So that's why they written ethnic and all these ethnic
and all those things. I told you that the word
IP and S number and five regions like Asia, africa is coming and this one Asia Pacific region
is coming under this one. Us and some others are
coming under this one. Okay. So we're I was
autonomous system. Yeah. So these are two types, 16 bit. Okay. You can see is up to 655535, which is deserved the last one, which I wrote in the table. I get from here. You can check here as well
as the ranges. And then 32-bit, 32-bit, which is start from
this, the first one. It started from here to here. And it's ending
up to this point. And I told you
these are reserved. The last one, this one here is I take from here
seats reserved for private use and
other other of them. You can use them publicly. It's a huge range. Now you get the idea
what is S number is required for BGP whenever you want to connect to
outside word either to other branches publicly
through Internet, then you need S number
to configure and BGP, and it is a unique number, just like a public IP address. There are two type of 163216 give you limited entry to
give you double up that one. Same like IPV4 or IPV6. And why we need this one, because BGP work AS number and BGP required number to
distinguish everything, to find out the best
path to use a number, to connect to the other
router to use AS number. So for many purposes
they are using a S number of S Number shortcut. We call them ASN as well. Normally, when you
communicate with ISPs, so they will shortcut and email, they will say AS number. Don't confuse AS number means
autonomous system number. Because in real world
you will face this one. And then I give you a
shortcut in the table. Now coming to how we can write
this number and routers. Now this is the question. Let me tell you. Let me take one old
router 371 model, which is 12 version is here. This one is 12 version. Let me start this one
and let's go back here. So our autonomous
system number can be right in three different way. And routers with a spline AS means autonomous system
plane means in plain text. Normally we say in plain
English, plain texts. You can type them like a regular decimal
number, 12345678910. These are regular number. It's the easy way to type AS number when you
configure BGP. Simple decimal number. Other method is a is dark. Now is dark. What they do, they put dot in the middle. They make things easy for you. They say, if you want to
configure 32-bit up AS number, so it will be
difficult for you to write a huge number
like this one number. It will be difficult
for you to write a huge number and maybe
you will do a mistake. He said, I can give
you a short curt with AS dark AS means
autonomous system, and dark means dark. The same like IPV6 and IPV6. We can make the IP shorter. There are methods to
make them shorter. And IP for there is no method. Same way as here, because it's a long number. How we can write
them in shortcut. So we can use AS dart number. But keep in mind, first, let me explain you
a new router words and you will find
that you do both. If I go to configuration, what is my version? I'm using version 15. This is really important. Maybe you will do 1112
and you will say, I did not find the command. So keep in mind if you are using what John 15 and type
router BGP question mark. So look at you can
type two type of autonomous system number one to four to look at a huge
number. Did you do? Because 32 is ending with this number and also
Dart one method, whatever they bought
the old router, Let's go to old router, which has one origin. So here I'm using is working
and I need to check. Okay, let me check
by show commands. Show what Jen here I'm
using what Jen, Cisco IOS. Now let's see what
is the difference. The router, BGP, question mark, look at these 65535. This digits is
somehow, you may know. But what about here? I type the same
command is showing me for two up to this point. Sam, like when you open IPV6, sorry, Windows XP,
there is no IPV6. But in Windows seven, Windows eight and onward, you will find IPV6 by different. Because this being introduced later when Cisco introduce words and they put
them in that one. But in words, you will find only up to this
one, 16-bit only. But here you will find T2. And also there is no shortcut. There is no second method. But in new router you will find the second shortcut method is
well, crisp, clear to you. Yeah. Keep in mind this one. Now coming to what is a start? What is a dart and
what they can give us. So basically 654535 year. If I multiply this
number, let me clear, Do some point before going dark. So let me paste them
and multiply by two. Okay, Sorry, knee
65 multiplied by 65565 and multiply it by same. So this number has
to be the same. 95. It has to be one extra, I believe, via 429496. So there is a smart
doubt identity Rogaine, because in real it's not 65, is basically 36 total. Can I change them? Okay. So let me type them 65536, and let me copy this one and
multiply it by the same. So now you can see this
number and this number, 4294. Okay. It should be one extra. Oh, yeah. Okay. Because
they start them from one this way. So basically this 32
is the double up, the first one, the one which was before 16
bit up to 65535. Why I'm telling you this? Why? Because this dark notation, say dark notation say that the maximum you can
go up to this point. Then you will reach
to the end, this one, the one which calculator show us autonomous system
number. This date. If you want a longer
number to be shorter, you can use a dart. But how to make them a z? There is a website as well, which I mentioned in my
documents. This one. You can type suppose 65535
is dart number is equal. Okay, let me make them. One extra is equal up one dot 0. Because by default are 65535. Yeah, So I increase one. So here I start from 0 is one. So if I increase them
37, so it will be 1.1. If I make them 38
third will become 1.2. Here one means 65535. You get my point. This way. I was showing you there. So this is dark. What didn't they say? Okay. I can give you a
shortcut method. For 65535. You can use one regular
decimal number one, and then put Dart and then put whatever you want
to increase them. And the last you
can go up to 65535. Here. I think she will not an
outgoing to understand. Let me show you here. So I type or regular number. First method is regular number. Suppose I type 65536. It's okay. Okay. Our Lady one is configured. So let me remove keep in mind, you can only
configure BGP router. That's why it's giving me error. Now let's go back
and type this one. So I type this command, router BGP and autonomous
systems 65536. And let's check all do show run. Section BGP. I configure them as
a regular number. N is also showing me is a 65536. Okay? You can also increase
them as well. Maybe you need more. Suppose 39, it's okay. And now if I check again, so 65539, because
this router support, if you do the same, keep in mind, I
alluded to you and 32, sorry, an old router
is not support, it will give me an error. Why? What the **** are you doing? The last number is this
one and you are going to 39 because there's the old route that it doesn't
support a tutu bit. So now I'm here. This be regular number. But if I increase the number, suppose let me remove this one. And let me go back. And let's get a huge number. If I have some weird, Let's take this last one number. Cannot copy. So let
me type 655378. So it's a huge number, I make
them increase, you know, but maybe you can do a mistake here to type a huge number. So what you can do, you can type the same
thing and dark notation. Router, BGP, question
mark desert Dart. Suppose I for I want to type
1.1. What does it means? 1.11.1 means 655366,
then two more. So it's 37. Let's check code. Do show. Running section BGP. Bgp. Look at is 37. Why is 1.1 become one too? Let's copy and check here and change them
to a start number 1.1. Why? Because 65535, they
still has digits here. So it will be 1. This will be, the
last 16, will be 1. And then when I
increase them one, so it will become 1.1. If I make them 39, it will become 1.3. And this three can
reach up to 65535. The last number can
here be this one. And also the last number
can hear me here. This one, if you are
not sure, let's do it. 6535. So this should be the last number and
this should be the last. So what is this value? The same value which
I told you here. Four to nine for the last video. This one for two 32-bit, it gives me this one. You cannot increase them more
because it's not possible. They will give you error. They said the maximum value
can be from 0 to 65535, which I already done it. So you can use here as well too. These are the last value
which you can put. So basically divide
the huge number and two-part one side 65535 and
the other side, dart 6535. Rather than to type
a huge number, you can divide them
in part is clear. So here 1, this
means this number. And 1.1 means 6.15372
means this one. 3.1 means this number. So rather than to
type this number, you can use if you
want, let's try them. It will give us 3.1. So let me remove the
other one. No router. And what was the
number they give us? This one. And let's check out. Make them know why. But it's showing me
a regular number. There is another question now. And running configuration. If I type okay, because I typed them in decimal, yeah, so let me remove them. Let me type them as a dot
notation, router BGP. And what was the dark notation? 3.1. And let's check
out and showing me 3.1. Either something is exchanged
them to this number 3.1, the you know, the plain number. But I need and shortcut
the way I type it, it has to show me the same. No, by default, it will show you in regular
number n plane one. But if you need an dot
notation is a 3.1, so you need to type BGP. Is notation. Dart. You give instruction
to the outer dead. Keep in mind. Show me and dark notation
rather than in regular number. Now you can check if you
go to do so running. Now you will see 1.3. So the 3.1, this
what we type here. Now it's showing me 3.1. Before it was showing
me like this. Then I type this command, BGP, S notation there. Show me BGP, an
enormous notation format. Okay, So it's clear. I hope so up to this point
that we can type a number and two different way explain which is our
regular decimal number. And another method is, is dark and S dot is nothing but the word
the hole into parts. And you can type 1.11.21.31.21
means 6.2553511. It means 6535 plus two. And I asked to
give example here. Suppose If you don't want to use this
method, this calculator, which is a line
which can convert from a start number
two plain texts. If you don't, you can manually do calculation in this way. Suppose if you want to
convert this number to Dart, what you can do divide
this number by 6535. So what integer come up? One is come up then minus this one and
multiply it by this one. So it will give you this one. Then minus this one, it will give you ten. And finally, you can type
the one integer plus ten. So it will give
you dot notation. Maybe you will not
understand this method, but I just give an example. If you want to try that, how we can convert plain text, too dark notation, and the
easiest ways to calculate. And also this can help you any number and dark notation and try them
that what they will give you. Suppose 3.1. So just remove this
command and try them the port number they
will give you 196609. So you can find
this way as well. Using a router is a calculator. And rewards are that as well, but you need to enable them. This one, BGP S notation, dark. What is it was? So I quickly go through is dart. But now there is a small doubt
I want to show you before. This topic is number one is, let me go to my topology and
let's connect this R 32, okay, it will not connect. So I need to stop them. Let me save our tool can do it. Stop, Delete, and let me connect R2, 12 version. This time my router
is on two with 12 virgin and R1
is with 15 origin. Because I want to show you
the last thing related to a number which you
can face in real-world. I connect these two router, one router res version
for P and other routers. What Jen now what I've
done is number 65536. Either say one service provider gives me this number because they say that you are
using what Jan 15, so your router can
support that you do. And because this company, other branch, we
have our old router. So it not support
32-bit sweat support. All the origin up to 6535, the maximum here, S2, and here we have the new one. So how it will work? That's the question. So first let me configure
R1 quickly and then R two, and then we will see
what we can do know. And let me go to R2 as well. Okay? And let's start interface
Fast Ethernet 0 plus 0 IP address. Until it start, let
me quickly configured IP address dot 1245245240. No shirt. Interface, loop, big one. And let me copy this one. Ip address. And this one. And then I will enable BGP is clear,
yeah, it's easy. So I will change the name, then I will configure
the IP address, the loopback interface,
and then I will configure. But my BGP will be
6553636371, year three CA1. The other side is too. Yeah. More days to let me
copy this one and R1, this DR1 and paste them. Bgp is configured on this
side with new router. Sure. An inward just show
what the density. So we are using what
Jen 15 this side. Okay. And if I check sure, running section BGP, so I
enable it, this 165537. Now coming to drama,
we'll start here. And this router enable config. Hostname or two and
interface parse it and nerdy 0 plus 0 IP address 1926812 or two to 55
to 55 to 55 dot 0. No, shut down. And let me type this one
and make them two to two. And let's change this to two. Let me configure. Yeah. Now, let me configure
BGP. Hear myself. So I say router BGP might be GPS to it's okay up to
this point, That's okay. No CDP know CDP run. Okay. So here what I've done
router BGP to neighbor. Neighbor is 190 to 168. Well, that one This one, Yeah. That one. And remote remote a sub one. Is this 165537? Yeah. Let me see. 65537. And let's enter There's no because the thing
is the router BGP. Router, BGP. I'm here. So let me router, I just showed you, but anyway, let me show you again
the router BGP, because this is what Gen 12. It can support only up to 65535. And I'm trying to put
a is number 65537, which is the opposite
route or real number. But they say no,
you can not type. Now what I will do
router BGP, router BGP. And remote is this one. If I cannot type so how I can make a naval ship
with a new router. In the world, there are many
organization which they are still using all routers. So you will tell him that no, because you are using router, router, old version of iOS. So you cannot connect
to the new router. You need to upgrade
your operating system. Either you need to upgrade your routers to the new version, then you can configure BGP. You will tell them this year. This is the only thing
you can tell them. Is there any solution temporary? Yes. So rather than to type dir
autonomous system number, you can type 23456. I believe there is no one. If I wrote here. I don't know I wrote here or no. Let me see if I write here. No, because I just
remember this one. So that's why here I
type remote S2 3456. And then I will
advertise my network. My network was two
to two and mask to 55 to 55 to 55 to 55. Let's see, It's
become neighbor and not show IP route BGP. It will get 111 after awhile. Definitely show IP BGP summary. Yeah, my neighbor's
sheep is dear. Don't worry. We will explain this
table right now. My main concern in
about AS number. So don't worry what I'm showing
in configuring anything. So forget about that one. Now let's check out
show IP route BGP. Yes, I'm receiving 11111. Yes, I can ping 111111 is drought year and
less from R1 ping to, to, to which I configure and the other router
being due to two yes. Is my I'm receiving route
from there to router. Router BGP. Yes, I'm
receiving to-to through BGP. Strange. You and I
wrote around a number. It's not a run. This
is a way to configure. If you are using old router. If not taking the new number, you just need to type this one. There's a unique number, 23456, whatever it is
configured on the other side, 65537891065539406070866, workday, what is configured. And if you have an old router, you need to configure 23456, it will become neighbor. Automatically. Cisco gives you this unique. But also cisco said
they don't ever use this method because
it can make up. If the router is using the same as number for some reason, then there will be an issue. But temporary solution
or router can connect to the new router with new
S number as possible. If somebody asked
you an interview. But keep in mind, you need to upgrade your
iris is the best solution. But temporarily,
you can use this S 23456 to connect to
the highest number. So this was the story of S.
4. Flavors iBGP and eBGP: Another topic is BGP flavor. What is flavor like
vanilla and chocolate one. So BGP has to flavor
one is I BGP. Border Gateway Protocol. Either in short curt
we write i BGP. Either we call
them internal BGP. You can configure BGP
and two different way. We will see in the lab. Bgp, we already know
Border Gateway Protocol. And I means in TDL,
either internal, internal BGP when you
configure to router, and the same autonomous
system number. If both router or using
the same AS number, then this type of
configuration or BGP is called internal BGP. When they are using same
autonomous system number on both router. And when you configure I
BGP TTL value will be 255. It make distinguished
from E BGP TTL, time to live for how long
and how long I can go. This is called TTL when
you do ping the results. So TTL, time to live for how long I can
live in the network. So up to 255 route, it can be alive if
you configure I BGP. If you configure a BGP, administrative
distance will be 200. Also keep in mind this
one we will do tomorrow. When you configure BGP route, which is advertised
to I BGP peered, it will be unchanged. What does it mean? It will be clear
to you tomorrow. This is the beauty of BGP
and man born to use them. And the network internal BGP peered do not need to
be directly connected. Every routing protocol
which we've done up to now, GRP, OSPF, RIP IS-IS. Every protocol need
direct connectivity and same subnet to
become neighbor. And we paste them in OSPF. If you change your subnet so
it will not become neighbor. We check an ERP when I changed the neighbor
to some other subnet. So the neighbor ship this tray. This is the only protocol I BGP, which is not required
directly connected. And this is the main point
to use them an ISP network. Because this doesn't require
direct connectivity and ISP, there is a situation which
I will tell you later in the course that we need n direct connectivity
to pass our route. So I BGP is the idle
one to use them. Even give you a high administrative
distance. But it's okay. You need to lose something
to get something. So I BGP administrative
distance has, but it will give you n
direct connectivity. The underlying network. That's why this is the
only reason we are using in the network as the BGP. Bgp is normally you
will see every beer. But I BGP has a specific scenario and that's
the beauty to use them. Also, we will see this one, we will face this issue
and I BGP letter. When I BGP route
receive I BGP peered, it cannot be advertised
to other BGP. So just keep in mind, I will clear to you when we
go to that topic tomorrow. And I already told you, again, it will be
clear to you tomorrow. Wind routers advertise to I BGP peered next hop
remain unchanged. But anyway, right now we need to configure BGP to check 202, check TTL value to 55. And how to make them as I BGP. So let's go let me
take two router. Let's take this one and
change the name to and say, okay, take only one. So let me take another one. Oh, R2. Okay, so I take two router
and let's connect them. So I connect to router, okay? And start, and start. Now, we can configure internal N-terminal you need to change is to
make them similar. So S1 is here and S1 is year. So in boats are the
AS number is similar. So this one is
called internal BGP. Okay, so let me run it. Okay, R1 and R2. And just need the year
in which is good too. And nimble. When it's
3H2 configuration. Then change the host
name, sname to R1. Interface, parse it and then
zeros less 0 IP address. Give it to this one, dot one and subnet mask. This 10, exert an interface. Lubeck one and IP address. This one and exit. And let me change
this to this one. Okay? So this R1 configuration, just this simple configuration,
okay? Ip addresses. So let me tighten. And they will configure the host name to
keyword is not coming. Okay, enable is wrong. Okay? And let's go to configuration
and configure IP addresses. Do I configure
address 100 to 1681, dot one, and Lubeck address
with the full subnet mask. Okay? And let's do the same. And R2, what I will do, I will configure it. And I will change
Lubeck to 22 to o, and let configure the rest. So let's go to R2 and
configure do right. So I have only direct
connectivity, R1 and R2. If I pin two to two, it will not work
because there is no routing protocol
face not working. And also from R2, if I tried to pin 111, it will not work. It will not work straight
away if you need here. So let me copy quickly. 19216 years 12024. I'm using this subnet
between R1 and R2. Okay? Here I'm using this subnet
one and this side is two. Here I have a loopback
interface to represent internal network as a one
dot one dot one with 32. And this side I have
a loopback interface which represent internal network to dot to dot to this one. So I'm trying to reach two to
two and from two to one is not working and it will
not work because there is no routing
protocol configured. Now my target is
to configure BGP. So how we can configure BGP? Okay, so let's go to R1 first, go to configuration router, BGP, autonomous
system. So I save one. Keep in mind what is
my autonomous system? One. And then I will type
neighbor command. And who is my neighbor? 19216812, r2. R2, which is this one. And remote. What is the ASR promote router
means and out2 also won. This the difference
between e BGP and I BGP if this one and
this number is similar. So it means you are
going to configure BGP. That's it. And now network, I will
advertise my one network with the mask to 55
to 55 to 55 to 55. So my side is done. Let me copy this command
and let's go to R2. So I'll do, I will say router, BGP, autonomous system one. And I will say my remote AS1, that one router and also
remote S is also one. And then my network to
advertise to to-to with mask to 55 to 55 to 55 to 55. After a while they
will become neighbor. And this neighbor chip is
called BGP this night, but sheep is called BGP because both sides AS
number are similar. Number is u1 and also
other side is one. So it has to come up, up to now. Let's see, my interface
is upper naught. Okay? My interface is
the interface for us. It's a net 0 slope
0, no, shut down. And let's check out the
other side is up or not. Show IP interface brief
is down here as well. Interface 0 slash 0. No shut down. I configure IP, but forget to make them up. After a while, you
will see the nice, bell-shaped and this type of membership, you see this one. Jesse, change it, say 12, R2 is up now and they
become neighbor. Let me capture as well 0 plus 0 interface
through Wireshark. So now let's see. This
is show IP route BGP. Okay, I'm still not
receiving after awhile, I will resume to, to, to network here is come up. What is written here, 200. So I BGP administrative
distances 200. And you can see now
let's check out TTL. Ttl, I will go show
IP BGP neighbor. And let's go down. What is TTL to 55. Keep in mind, I will
show you now BGP, it will be different. So TTL is 255 and
autonomous system is SOD, administrative distance is 200. And Autonoma system is
similar to V. Checkout date is 200 when
we configure them. And DTL Vali was 255. So we check in I BGP. And also you can
verify it from here if you need type BGP. Okay. And we need to check
this, the port number. And Saudi what I was
searching firewall care. So autonomous system, it
can be from BGP as well. Go to keep alive message. Okay, and keep alive message
is that update message. There will be next top. There are many attribute
to check them. I think so if we
check them from here, it will be better. Either it should be mentioned
in this one as well. So let me go to keep alive. And Border Gateway keep-alive message is nothing so I just need to check another message. Okay, there should be a
number I'm just looking for. There can be many things but and it should
be I don't know. I can't remember. It should be here at the year
maybe in these two places. But anyway, this is
the port number. We will discuss
port number random, the other one, okay? Tcp, because they
are using TCP again, we will see a bit later. Right now I'm searching
for AS number, which is 200 and the other one. Okay, so these are attribute
difficult to find out here. But you can see is here is
200 and TTL value is 255. Ttl value can be
found here as well. By the way, it should be
written here somewhere. What I just need to
look after that one. I forgot the specific place
to find out. But it's dear. Ttl value should be
there to find out to 55. These the two main difference
to find out directly. There is a huge
difference we will discuss a bit later,
maybe tomorrow. The thing which I
highlighted them. But right now when
I configure BGP, BGP, BGP TTL values to 55 and administered
to diseases 200. And what is the changes? The changes is only when you configure a is
boats are similar. Now, let's configure them. Let me stop this one and
change them to E BGP. Let me start again. Only IP addresses are there. And let me change the S22. And let me keep aside. So internal BGP AS
was 202 D L12 55. Now I changed my scenario here AS will be one and
here AS will be two. So now how we will
configure BGP. So this type of BGP
is called E BGP. So let's configure it. Okay? So IP addresses are there, okay? Okay, and let's okay, nothing is configured
there, okay. Show IP interface brief. Show interfaces are down. Let me make them up. No shut down. And there is nothing configured
show IP protocol. So no protocol is running. Keep in mind, okay, and let's go to R2, enable show IP interface, brief, configure interface you
roughly 0, no shut down. And let's save this change. Okay, So nothing is
configured here as well, show IP protocol, no
protocol is running. Now let's configure BGP, router BGP, my
autonomous is one, enter neighbor, 192, 160th, r2 is r2, and remote is
opposite our 2D mode S2. This is the difference. If it is not same, it means you are
configuring BGP. And let me advertise
one dot one dot one my network and mask to 55. To 55 to 55 to 55. Enter. My side is done. Now what are two?
We'll do opposite. I'll do we'll type router
BGP to and neighbor 192168 dot one is R1 IP
and remote aces one. It's up with the idea to 21122
and network to the tutor to mask to 55 to 55
to 55 to 55 done. And after a while they
will become neighbor. This time you will
see the difference. So let them up, It's up now, show IP route BGP nor
outings here yet, after awhile when
they become night, but you will see the
route 1122 will be here. So let's check out a, show IP route BGP,
okay, still here. It's not. Okay. And until let me go to
our to show IP route BGP. Yes, here the one. So you can see now it's 20
and what was before 200. And Syria, Israel. So you can see it's 20. Now what about the other one? Show IP BGP neighbor. So IP BGP neighbor. And let's go down
to see TTL value. What is TTL now? S1. It means BGP need
direct connectivity. Night worship. It will not work because to TLS, it will require
direct connectivity. If you increase
them more than one, then you need to increased UDL, which we will cover tomorrow. This the disadvantages of E BGP. If I come to E BGP. Bgp means external
Border Gateway Protocol. Either we call
them external BGP, either we call it E BGP. When you configure
to pair up BGP with different autonomous
Dennis Carl E BGP. Ttl value is one and
administrative distance is 20, which we just check out. It's changed the next 12, which we will see tomorrow
when they advertise the route. It's not like I BGP. Bgp will not change the air hope when they exchange
and advertise the route. And external BGP require
direct connectivity. While I BGP not require
direct connectivity. Bgp, BGP TDL is one. I BGP TTL value is 255. Ebg be administered
to distance is 20, I BGP administrative
distances 200. E BGP. Advertise and change your hop, exchange the information
which we will see. But I BGP, not E BGP we normally use between organization and either between
our organization and ISP. While I BGP normally we use
them inside ISP, not outside. So these are the
major difference between I BGP and E BGP. And then we saw there is
a slight different and configuration and
slight differences. This one, let me copy here. There's this slide
difference between I BGP and E BGP router BGP one. But remote essays. Two. If this one I make one, then it's become a BGP when
I just make them anything. So it's become a BGP. If this one and this three
becomes same dinner, call it I BGP and
configuration wise. Otherwise there is a huge
difference between these two. Anything, let me check. No, nothing. That's the thing. Bgp can be configured
in two flavors, internal BGP and external BGP, either I BGP and E BGP, there is a slight difference
between configuration, but both are totally different
configuration wise and to use them differently
and also it's react differently
in the environment. It's react differently, okay.
5. BGP Three Tables: Table, we've done,
we've done table, an EEG ERP within
a table and OSPF. And the same way there are three table and BGP
men three tables. So when you configure BGP, we already configured
BGP and R1 and R2. Bgp is already configured
and we can see between R1 and R2
we just configured. So when you configure BGP, there are three type of table. First one is neighbor table. Neighbor table, as
the name suggests, is keeping record and
detail up neighbor. And the command to check neighbor table a
show IP BGP summary. This, the command to
check neighbor table. And neither table when you
type show IP BGP summary, you will find a lot
of information. First thing is here, identifier. Identifier is basically identity like an ERP and OSPF router ID, same as here in BGP. Here they call it identifier. And how they choose
this the same way, which will then in OSPF first
day we'll check manually, then it will check
highest Lubeck. Then they will check
highest physical address to make them identifier.
We already know. Then it will show you a number. It's better to show from there. I'm in R1, show IP BGP summary to check
the neighbor table. Bgp router identifier. What is this one? Basically 11 is the router
ID like OSPF and BGP. We've done it. I don't
want to repeat them. I told you first, it will check router BGP, one BGP router ID. That's the command
to manually type. Suppose I type sick
dart sack that six. Now you will see this
will become changed. So I changed the router ID. Let me show you
again, show IP BGP. You see identifies 666. So first thing first, it will check men willy. If you configure them manually, then it will take that
one straight away. If you're not configure it, show IP interface brief, then it will take
highest Lubeck address. If Lubeck is not available, then it will take highest
physical address. But in this case our
diet, the main Willy. So this point is clear. What is BGP identifier? This the router ID. Then local AS number
we just check out is they said the local AS number of this router is
one and that's true. Shortening section BGP. So my a is one year and S1. So it's clear in this table. Let's go to other thing. Sorry, not this one. Sure. Bgp summary. Let me clear ensure again. Now it's a BGP table version S3 and men routing table or GNS3. And also here is a
table where GNS3, what the **** is
stable version three, BGP table who are gentry
means that how many update I get recently
is take three updates. If something change,
so it will increase. And also this table
version, it will increase. Let's change them. Let me down Lubeck
interface here, Lubeck to and shut down. So it will send
the detail to R1. There's something has changed. So what is the table
we're done now is three. And which one is
**** entertaining? Three. And what is right now? Three. Let's check audit
will become four now. You see is for now, because I changed the
network down the interface. So it's changed to four
and has changed to four. So it's clear. Still four because
there is no changes. If I know shut down, there will be another change. And Professor Lubeck
to know shut down. So interface is big, network has begun BGP. Bgp will trigger the update. R1 and R1 will change the routing virgins or a table
origin to something new. Let's check out is five. Now, clear. Next thing is to network entries using to 40
bytes of memory. This memory, that how many memory is
taking far too network, which they are held to network. Forget about this one. This will, we will discuss
maybe in this course, are there any other course? Why and how much routing
tables can keep BGP. So it's all about memory
and those things. It's not. Required here. Now coming to this part,
they said neighbor, the neighbor address
of R2, IP address. We means what? We are using
BGP, IPV4 origin means, but IPV4 addresses to this
the neighboring region, my S is one. But neighbor AS2. Messages received 20 and
message send a team is clear. Table words, and I
already told you this T-Shirt card
and Q. And naught. Q. How many Picot our
enqueue coming to me, and how many packets
are enqueue going up. Same concept applies, EEG
ERP for how long is up. So it's this one. And there is no steady state. We will discuss maybe
tomorrow this TBP States. And prefix received. Prefix means how
many network I'm receiving from R2,
from my neighbor. Neighbor is advertising only one network.
Let's check out. Sure, I B, sorry. I, sorry, sure. Running through
running section BGP. I'm only advertising
one network, which is two to two. Let's create a new one. Interface, Lubeck, 22, IP
address twenty two, twenty two, twenty two, twenty two
to 55 to 55 to 55 to 55. So I create a new Lubeck and let me advertise
this Lubeck. And here Network. Twenty two, twenty two, twenty two, twenty two mosque to
55 to 55 to 55 to 55. Now you will see here
before it was prefixed one. Now our two A's
advertising to network. So it will show you two. You will see it's
become too risky area. Rest of almost similar like
an EA GRP up to this point. State we will do tomorrow. Prefix how many network I'm
receiving from my neighbor. Done. This was BGP neighbor table. Let's go to another table. I mentioned here. If you want out
of q and enqueue, enqueue input messages,
state we will do okay. Forwarding table. And forwarding table is keep
all the network detail. How many network is content? And keeping The command to use forwarding table
and BGP is show IP BGP. So let's go there, show IP BGP command to
check the forwarding table. So I'm hearing forwarding table. So in forwarding table is
a table origin is six. We just discussed what is six? Table origin? How many
updates is getting? Six. Router ID now is showing
correctly there was identifier. They give them the
name identifier now is giving them a router
idea is a good thing. Then there are some
states which we will do an attributes part. And then these are the network and which they are getting. Vgp 112222211 belonged to 00 means to this R1 and
2222 belong to two. These are the metric
local preferences where part origin code, these are attributes which we will discuss
later in the course. So keep in mind, but we will discuss later
metrics, these attributes. Network means local BGP
network which they're getting Learn
network of subnets. So this is the entry to
this to true subnet mask, entered a to subnet mask
if the next top is 0. So it means this network
belong to this router. If this is not 0, it means this is came from some other network. This was second table. And as I mentioned here, BGP table, local
router ID network. What is star? What is next? This one, so it's
the best route. It's mentioned here. The one mentioned with
greater than sign, it means it's the best
route to read here. And star means this
the well-lit route. Now, going to third
table is routing table, which we always check
an ERP and OSPF. Best path, best destination
will go to routing table. We can find out that one. Show IP route BGP. Show IP route BGP. Here. B means BGP to 22 is the
destination network. 20th administrative distance. This the next hop. And for how long it's going to get to the next five-minute. And also 22 network
with a subnet mask. 20th administrative distance. There is no metric
because BGP is not using metric, it
using attributes. So that's why it's 0.
And that's the next hop. And for how long is connected to two was five-minute before, and 22 was learned
three-minute before. This was the third table or BGP. It was so easy. So these are the three
main table of BGP, which we will use
them again and again. Neighbor table to keep the neighbor detail with the
command show IP BGP summary. And you can find many details. Then forwarding table
where they keep all their network along
their path and attributes. Then you have to go to forwarding table which
show IP BGP command. And the last one where they keep the best route is
a routing table. And you can find them with show IP route either
which show IP route BGP. And here you can
pattern BGP means BGP and then the destination network with administrative distance. And next top and timing, for how long it's been
since it was learn. These were the
three table of BGP.
6. BGP Active and Passive: Topic related to BGP is BGP
active and BGP passive. What is BGP active? Actually, as we
discussed yesterday, BGP work based on TCP
three-way handshake. We already know and today
I will show you again. It means BGP is working
on TCP port number 179. But one router has to initiate TCP session and
the other neighbor will accept TCP session. But the WHO going to initiate TCP session, that's
the question. And we already know
that most of the time, suppose if you are
using SSH and you are typing SSH to any
router or device. So you will get random port. We know this one, yeah, one side we normally get
random port and the other side we connect to use that
port 80 board like HTTP. Https may be SSH, telnet, whatever you
are trying to do. One side you will
get random port. There are very few application which has client and server, both port number like a DHCP
sixty seven and sixty six. Sixty seven and sixty eight. But most of the application when you're trying
to access them. So you will get a random port. The same cases here
because you are going to initiate TCP session for BGP, because BGP is using TCP, we already know this one. The device which initiate the traffic is
called BGP active. Either BGP client. So it means BGP
active client device which will initiate the traffic. And BGP passive server as the device to
accept TCP session. This why this concept is here, VGB active and BGP passive. Now, why one device
will become active? N How it will become active and why it will become client. What is the criteria? The criteria is so simple. Neighbor with the
lowest router ID. We already know router ID is a unique number which
you can put manually, which if you did not
put them in valley, then it will get automatically Lubeck address
highest loopback IP. And if Lubeck is not available, it will get physical highest
IP is called router ID. We discuss router idea
and OSPF will discuss router idea and EIRP
is the same concept. The router with the lowest id
will become active router. The router with the
lowest router ID by default will become client. Router with the lowest id
will initiate TCP session. Router with Louis router ID by deferred will get random port, which will be higher than 1023 because up to 1023
are registered port. We discussed this
in many courses. So active router will get
random port higher than 1023. Active router is
also called client. An active router. The router which has
lowest router ID. But can we modify this behavior? Yes, we can modify this behavior statically to make one router active and the other
become passive. But we cannot make them
to router active-active. Neither we can make
two router passive, passive, otherwise
it will not work. So there is a procedure
to make them manually. But if you not configured
manually, so by default, router with Louis ID will become active router either client to initiate the traffic
and get random port. But keep in mind before
going to live, to show you. If this router is a collide with Louis router ID and the
initiator traffic with R2. Now there is a
connection establish, but R to break that connection for
some reason, clear BGP. Suppose next time because
R to break the connection, so R2 will become
active this time to initiate the trophic. Why? Because r to break
the connection. These behaviors for
the first time. Second time somebody breaks to that router will become active
router either declined. So this is a small
concept and BGP which call active-passive
less checkout. So let me take two router here. I o this 37 router to router. Let's change the name to our ok. And so I take two router, let me put this router
here and this router here. Let me connect it with
zeros less 0 interface. So I get to router. Okay, let me start this
router and start this router. So here I will create Lubeck 11, and here I will
create Lubeck to two. And these two router
will connect with 19216 to eight subnet, dot one and dot two. This will become a one and
this will become h two. It means you are configuring
BGP because ASR different. Now we know this concept. So let me start this R1. Okay? And also let me start out. This is another one. This is our two. Okay? So let me take a script. We already know how
to configure IP. So enable config hostname R1 for us Ethernet print that one, no shut down and
loopback interface. Okay, and paste here. So R1 is ready now. And let me sell. Now let's go to R2. R2 we will assign T2. Then we will create Lubeck
two with two to two. And we'll change the
name to host them to add two and copy and paste. Okay, exit, exit and right. Oh good. The tip to create two interfaces and assigning IP
addresses are 22 to two. And same as here in R1. R1 I have pulled out 1111. Okay. Let me pin 12 that too. Just for the safe side. And my Ricci was to do
so, yes, it's okay. She says smile
configuration R1 and R2. Okay. Now I need to configure BGP. So here I have, because
we already know now. So R1 I will go to
our one router BGP one dot two is my
neighbor, neighbor S2. And I want to advertise
my one network. This one, it says here. So let me copy this one to R1. Let's go to R1
configuration and paste. So router BGP neighbor told
R2 and they said, okay, and before that one, Let me start capture is when 0 interface I
want to capture. So let me start Wireshark
and let's go to R2. R2 I will type router BGP
to because my x is two. And I want to be neighbor with
the neighbor with this 11. And I want to advertise
to do to Lubeck. So let me copy this one and
let's go to R2 and paste this one in R2 configuration
and paste done. Now let's see BGP here. Okay, after a while, you will see BGP. Let me exit from here. And exit. Okay, let's see why. Yes, BGP now. So I think so we miss
them, sorry, TCP, BGP nor TCP here because BGP, BGP is working TCP,
TCP, TCP sync. First bracket, then sink acknowledgment, and
then acknowledgement. These are three packet and TCP three-way handshake,
which we call it. So R1 send this drill,
that one is R1. Rich, poor, they get random
port and sending them to 179. Then 179, reply to this random port with
zinc acknowledgement. Then this random port send
acknowledgments, three picket. How will we know that R1
get this random port? Let's go to R1. There are two command to verify. One commodities. So IP BGP neighbor and you can
filter them, include host. You see this? They say that I am a
host means that one R1, my local port is 60365
random port here. 60365 random port. Why he get random port? Because id router, ID router idea of R1 is 111
and router idea of our 2S2, 2P2, which one is
bigger too, is bigger. How we know that 11
is the reality, no, We can try show IP
BGP summary command. Here you can see we call them, identify it as well. We can foreign show IP BGP. Here is this route righty. So Router idea of R1 is lower
than the router idea of r2. How we know this lower than, let's check out that one. If I go to R2. So router ideas hire two. And we already know the cancer, why they get 222. Because first, it will
check Lubeck interfaces, highest loopback interface
to make them router ID. If Lubeck and professors
not available, then it will check highest
physical interface. Many time we're
done this and OSPF, this the same concept
here as well. So based on router
ID, R1 become client. Let's go back to that one. Show IP BGP neighbor. And then I put section, show me only because it has huge number if I say
show IP BGP neighbor. So ne, I need to check host here to search here it's
very difficult to search. That's why I filter it. So it should be here. Let's go down. Yeah, it should be host
should be here somewhere. You see is very
difficult there too. I make them filter
to find out this. So this include US IN
means include host. So R1 get random port
and 12 to get 179. Once you want, dynein is
the Porta BGP TCP ways. Either you can use another
command, show TCP brief. So the PCP brief on. This command can also help you. Let's see, It has to
show me the poor, these two port here as well. Let me try this command
and that one as well. So let me clear and
C here as well. I don't know for
some reason is take time to show you
guys come up now. So you said that one
get random board, which is here as well. And in the other
side to get 179, which is 12 da2, opposite R2. Say, okay, it will come
until it's come up, come up. It said it, I have 179 and my opposite person filled
out one has random port. And also you can use the
other command as well to verify which I
told you this one. So let me copy and
paste this command. Here. You can see it's got 179, but here it's random port. Okay? So now it's clear
what is active. Either active. Active will get random board
activists called client, a client as a router
which initiates TCP session and it
gets random port. You can see from three places. Okay? Now our question is. If I were to break this
session, so what will happen? You want to do as a
highest router ID. So let's clear them. Clear IP BGP star. It means I1 to initiate
the trophic again. So who is going to
break this session? R2. R2 will get this time
a random number. This is the punishment. Even though our two
has a router idea, yes, router already
but dies first time. But if he is breaking
the rule, clear IP BGP. So first time what he get
179, Let's check out. Okay, it will come
because he's just done. So it will take time
to up as I told you, BGP as slow as compared
to OSPF and EA GRP. So you will see
first-time it get 179, but this time it will
not get someone 79. Still not there. Yes. Come up, look at is
get a random port. It's a punishment because he is the person to break the law. If you break again, again, he will get a random port. Whenever he is trying
to break the rule. Bread to TCP session, it will get random port. Either router, either
add one or two. But first-time selection is
different based on router ID. But next time is based on who
is going to break the rule. Again, if I check this time, you will see it's a random port. Let's do this one, this side. So last time it gets ones. Yeah, This time it get once they want benign
because R to break the rule. Let's break here. Clear. Ip BGP, star. What do you think?
Now this time our one will get random port because R1, what route you want to add
one router idea is lower. But that is a separate question. This time, he break the rule so it will get a random port. Let's checkout. And you see last time
R2 break to term, this term, so it gets random. So up to this point is clear to you that how the selection work, first-time, checking
the router ID. And second time, if somebody
break the TCP session, the router will get
a random port now coming to if I want
to give them static. So go to router BGP one
and neighbor wisdom. I bought 190 to 16812. R2 is R1 night bar and
type here transport, transport and question
mark connection mode. And here is two mod active, actively establish
the TCP session and basically establish the TCP. So now I'm going to give
them a role of active. Suppose I make out at one passive that you will
be a passive all the time. And basic means server. You will not initiate TCP
session even if you break them. Even if you break them still, you will get 179
for simple word. Let's come out from
here and let's clear again the thing
which I clear last time, I get a random port. Let me clear again. Is clear. Okay, It's clear. Ip, BGP. And star. Last time I clear, one thing was my
router idea was lower. And second, Iowa, I was the
person to break TCP session. So that's why I
get a random port. But this time I say you will
be pasting all the time. I configure it statically. Let's see if I'm getting show IP BGP neighbor
and include host. Okay, It's not up yet. Let them, the neighbor ship up. You will see this
router will get 179. E1 is break the rule. Okay, So let's wait for awhile. Yeah, it's come up now
and let's check out. You'll see when 79
let me clear again. I'm breaking the rule, but nobody is there to
give me a random port. You understand? So you can put this rule, okay, keep in mind, you
cannot give Passive, Passive to both router. If you make both the
router passive, passive, it means you said that
you bought our server. You will not initiate
TCP session. It means it will not work. Nobody will initiate. Terrific. And this way you are TCP session will not establish. So keep in mind, never do this one. Neither. You can make
both the router active. You can test this yourself. This is your assignment. If you make both the router
active, it will not work. If you make both the router passive again, it will not work. One of them has to be active and the other
one has to be passive. I make R1 is active. And when it's active all the time it will
get still not up. Every time it will get. Local port will be 179
and other side is up now. And let's see again. You see again once
it won't deny, you want is breaking the rule. So this is called
active and passive. And BGP is a small topic. So you can check
from here also there is a command should
TCP brief oligomer. You can verify it from there. And the men really
active and passive. So I make one side and you can make the other side
active if you want. But I don't want you
can leave them alone. A ligand, and also, if you want, you can make it as well. One, Let's do it. Okay, so let me copy
this one and go to A2. And guess if you want men willy. So router BGP to and you
can type this command, neighbor and connection
mode is active. And this way they
serve as activity and the other one is passive.
7. BGP Neighbor States: Topic related to BGP is
BGP neighbor states. What is BGP neighbor state? An OSPF and ERP. We also done neighbor states. Same as here. Like an eyeball agency. Will then an OSPF also
be done in EEG ERP. So the same concept is
here because this is also dynamic routing protocol, BGP, BGP neighbor
state are six type, there are six states. 1234566 type. But first of all, BGP will try to
establish TCP session. We already know. We just check out
because BGP is not like OSPF and EA
GRP, It's using TCP. So first it will try to
establish TCP session. And the session and establish Dennett will
start rest of the states. And also we know BGP are not using any broadcast
and multicast like a broadcast repeats
using broadcast to send and receive
hello to a neighbor. Erp and OSPF is using
multicast IP reality check. 220052 to 40052 to 400910. Rip, OSPF, any AGRP
they're using multicast. But BGP is not like those. To find out and discover
their neighbor. You need to manually and statically typed the
neighbor ship to come up. And BGP because they are
using TCP port number 179. Now let's go to stages
which we call them states. This concept is
already clear to you. I just show you there is
one router become client, and the other router
becomes server. Client, we call it active. And server we call it passive. Gland is a router which
has Louis router ID. And a client, either a router with the lowest router ID will
initiate TCP session and the router will get random port is a source port and destination
port will be 179, which I wrote here. We just check out this concept. So R1 is a big 111 and R2
as a Lubeck to, to, to. R2 will get this
one as a router ID, and R1 will get this
one as a router ID. If you are not sure, then I can make
any other changes. I will manually type a
huge number of router ID, which is bigger than two. Then R2 will become client. Let's see this one. Let me do like this way. We already know this
concept we just discussed. So first packet, it
will send a SYN packet. I show you from the Wireshark sink packet
it will send to R2. R2 will send a sync
acknowledgment, acknowledgment of this sync. And then client will send an acknowledgment of
the sink acknowledgment and these three concept or
TCP three-way handshake. So BGP do the same thing. Now after this, the
thing will start. Six packet will start. Either six states will start either six
stages we'll start. First one is idle. Bgp, idle state. When you administratively
down the BGP process, there is a command to shut down BGP process on one side,
either both sided. Then they prouder will
go to idle state. Either you configure BGP on
one side and the other side. Our weighting, you need to
put the BGP configuration. So R1 will be an
idle mode until you configure BGP and other
side to make a TCP session. So again, router and this situation will
become an idle state. You just configure one side or BGP and the other side is
not configured either. There is no reachability. Either the other side is down, either the other side
interface is down, either there is no
cable connected. Again, this router
will be an idle state. Either you just reset
the BGP session. Again, that router will
go and idle state, like clear BGP star,
which I show you. So in that situation, router will go to idle. State. This the first step. Let's do one thing. Let me quickly show
you this three things. And then let me show
you idle state, then we will go
to another state. So I need to configure a router. So I have R1 and R2. R1 is 19216012 dot one. And this has turned
out to here as we have a Lubeck 111 and here
we have Lubeck 222. This is a S1, this is S2. It means there's a BGP. Nothing is configured
besides IP addresses. So let me check out
at the IP addresses. Are there show IP
interface brief. Only IP addresses are there. If I say show IP protocols, so nothing is configured. And let me check, are to Israel. I just configured IP address
is only to save some time. So IP addresses there. And if I say show protocol, any protocol is
running, they say no. Let's configure. But before configuration,
let me, sorry. Let me capture, right-click
and capture this interface, 0 slash 0 interface
through Wireshark. But I told you a router with Louis router ID
will become blind. So let me configure. You can configure
here the highest. So this will become server BGP. There is a command
to make them anyway, let me copy this one. We already know there is no
router BGP go to a router. Bgp is my administrator to enormous system and who is my neighbor and
neither is two. And this is my loopback
interface to advertise. So we already know this one. If you have any doubt,
you can tell me. I can type again. Let me go to R1 and
paste this one. If you want, you can
make BGP router ID, something men willy, by
default it will get 111. So let's make them 11111111. You can do this one as well. So my R1 is ready. But I'll do is not ready. And let me go to TCP. So there is no TCP. Let me show you this
TCP concept then I will remove configuration from R2. So let me go to
R2 configuration. This is our two
configuration quickly. And let me paste. We already done, but
I just want to show you again and paste. Now you will see TCP session. After awhile, a device with Louis router ID will
become a client and the other will become
server, either basic. So let's see if I configure
everything it has to come up. I'm router BGP two is correct. And here I can figure
them correctly. Yeah, it will come up now. You see okay, So
this is TCP session. And then Sink, Sink acknowledgment
and acknowledgment. So this concept is
clear to you, right? Yeah. Sink, Sink, acknowledgment
and acknowledgment. Let me check out one thing. Show IP BGP, my bird
and section host. Why it's good, by the
way, router ideas. By the way, to get a random, it has to get 179. Let me check that out already. Show I played show
IP BGP summary. So your router ideas 11. But for some reason anyway, but this constructor
is clear to you. Sync, sync acknowledgment. Acknowledgment. Let me remove BGP, no router BGP to I remove
configuration of router two. So right now, BGP
is configured only. Bgp is configure
only on router one. Now let's go to state. First state is if you configure BGP on one side and
the other side, BGP is not configured. So this router will
go to idle state. Let's check out,
show IP BGP summary. It's an active state. But after a while it will
go to y-s in active state. I need to clear clear IP BGP because it was connected before. Yeah, they establish connection. So that's why let me remove
and this term you will see. So show IP BGP is an idle state. You can see why. Because I just
configure BGP on R1, but there is no
BGP configuration. So this router will
be an idle state, but not in either state. It will go to idle, to active, E2 to idle. Let me show you that one. Debug, IP BGP. This the command to enable
debugging behind the scene. Communication between R1 and R2. Here you will see
this router will go from idle state to
active and from active to idle, debug IP BGP. So let's see. The state is now idle. After a while, you
will see it will go from idle to active. Still I cannot see. So maybe if will come
up after awhile. There's a connection is refused because there is
no configuration. By the way, I remove it here. And it has to go to oh, let me see why it's not active, but it has to show me
like either too active. Why? Because let me show you because it configured before. So no router BGP. Let me do it fresh again, then it will clear to you. So I remove this one. Yeah, It's going now
from E2 to idle. But anyway, let me
copy and paste again. Idle state is if you
administratively down BGP process. If you configure BGP one
side and other side is not. And if you type reset command, so let's check out
the first one. So I just configured, I just configure BGP decided, but the other side,
there is no BGP. Okay, Let's check out. So debuggers And I
believe debug IP BGP. And after a while you will
see and also you can verify, show IP BGP summary. It's again an active state. Wife are some reason. Yeah, issuing now
from idle to active. You see after a while, again, it will go from idle to active. I will show you these
processes will a bit later. But we just saw
that we configure BGP and annuli router
and a neighbor, there is no configuration. So in this situation, BGP will show you idle state. And I will show you
this one as well. When we already
configured, then I will, I will say clear IP BGP. Again, it will go to
idle state for awhile. Clear. So this is called either state. Now another one is connect
BGP connect state. Connect state is if the BGP
TCP session is established. But right now it's
not establish. Let me do one thing. Here. Debuggers are Liddy or less
aren't debug here as well. Debug IP BGP, debug IP BGP. So I enable BGP here as well. And let me enable what is
called BGP here as well. Copy and paste. Now you will see
other states connect. If TCP has established regard, it will establish
there is no problem. If TCP three-way handshake has completed and it
will be completed, then it will go from
idle to connect state. And if three-way
handshake, Sussex bull, then it will go to open
state. It will jump. It will not go to keep
in mind from Connect. It will go to Open Sans. Because active is
not a good state. It will bypass active. We just check active. Active means if TCP
session has failed, if there is issues something, if three-way handshake
not completed. If TCP is blocked on
the other router, then it will go to active state. If something goes wrong with
TCP three-way handshake. So from connect to it
will go to active. But if it is exposed, then it will jump to
connect to open chain. Let's check out as jump or not. So you can see it going from, you see from E2 to open send. Because this router was
already an active state. You know, we were an idle state, but either state is, it will go around
either to active, either to active,
active to idle, idle to active, active to idle. When your device
is in idle state, it will do like this way. But when you
configure everything, then from active, if
everything is okay, then from activate
will go to Open send. So that's why you can see
it go from E2 to open send. And then from opens into, you know, from opens and it
will go to Open conform. So let's check out for open
confirm it do to open sin. Years from opens and to open conform and from open
conform to establish. Open confirmed to establish. You get the idea. If something goes wrong with connectivity of TCP
three-way handshake, then from Connect to
activate will go to active. It will retry, it
will try again and again to established
three DCP3 way handshake. It will try to establish, then it will go from E2
to open, send open sand. They are sending
BGP open messages. We will do messages a
bit later, this one, this slide and opens
and it's sending messages to other peer to
exchange the information. Open confirm both router
send and receive messages. Then this stage is called
open confirm and keep alive. Message are received
in this day. And open confirm. And after open confirm, then they establish
connection with two neighbor. They exchange the information
and establish one. They exchange the agency. They complete all the
routing information. They start keep alive messages. There are two Hold timer. There. Is it keep-alive timer? This is established in the
we call them establish. Connect state is the reason is there is no such command to show you that it
will go like this way. This, the only thing you can
see this, like this way. It was an active state. So from E2 it will
go to Open send. Because it was an active state. You are in this side,
it will be okay. I can show you from here. From here, it's go
from ideal to connect. It was idle. We just configure an R2, so it was an idle state.
So what happened? The TCP three-way
handshake was completed. So what they then from
either jumped to connect. So in order to go
from idle to connect, but an R1 is go from
E2 to open sent. And also you can see this
message are not here. Yeah, and remember, you can check only by D but
Kumar wireshark, you can not see these. So it goes from
idle to connect and from Connect to
open sand and then from opens into open confirmed and from open
confirm to establish. This the way at work. These are stages like OSPF, connect to open
sand and then open or open consent to open confirmed and open
confirm to establish. And every state has their own Things like an ideal state. It means, okay, I was
talking about this 11 sided die completed and the other side
there were no BGP. Router was an idle state, yeah. But there another thing, maybe you administratively
down BGP. You can down BGP as well administratively
show IP BGP summary. Now you can see there is no state because
it's working now. And how can, so let me go
to configuration router, BGP, BGP one, and BGP. Hi there neighbor 192682. There is a shutdown or some
command to make them down. I forgot the command
sometime is skipped from my mind. Password. There is a shutdown. So I shut down my neighbor. And you will see now from
established to idle state, because this is also possible. I written here. One of the reason is if
resume notification message, it will jump back
to the idle state, ie when it was established. But if something goes wrong, so y1 from established, it will jump to the
idle state directly. It will go back to the idle situation and
that's what happened. I'm going from established to idle state because
administratively shut down. So now let's check out a
show IP Control Shift six. I need to wait. Yeah, let him come come up. So then I will show you it
will be an ideal state because what I've done administratively
down the process. So now let's check
out after a while. Unfortunately, Control
Shift six is not working. And GNS3 and real-world, if this thing is coming to you, then you can stop them. But here no, show IP BGP summary visited I hail idle and written due to
administratively shut down. So two things. If you configure a
first-time be BGP process, and the other third
is not configured, then it will be an ideal state. If you shut down the process. Administratively. Again, it will be an idle state. Led me up them again. Okay. And this started, we'll be also, let's
check out this side. Show IP BGP summary. This side is active, but after a while it
will go to idle Israel. Yeah, it will be an eight divide into like clear the session. Okay, so anyway, this well, so let me fix this issue. Router BGP, BGP one. And what was the this
one and control? No. Okay. Quickly, let me show you here. It will go to still
an active yeah. Until I said Okay. So no neighbor and shut down. Let's see. Now show. Let them wait. Hanged. Because I miss
type this command. So again it will search. You can see now from idle to active and open send to open
confirm. So two things. Now what is the third thing? The third thing
which I told you, how clear maybe you reset a BGP. So let them breathe it. Now it's okay. Yeah. Let me show you. You can see nothing is there no status there
everything is. Okay. Let me reset clear IP BGP star. But quickly because it will
go to the other state. Again. This is idle because I
just clear BGP session. So again it will go. So that's why I said we're already establish
BGP Pierre is reset. I just reset. So it will go to either
state for awhile. And after a while it
will be still now. It will work. Let me check now it will. Okay. Now you see no, nothing. What else? I tried to say. That's it. Yeah. Maybe a TCP is blocked
from the other side. Again, it will be an idle state. Suppose in R2 I configure ACL. Either firewall
is in the middle. Suppose here I say access list. Access list extended
IPS is, let me do it. Ip access list extended a, b, c. And here I said deny, deny TCP any to any and
permit ip be any to any. So basically I configure
ACL which denied TCP. And we know BGP is using TCP and TCP and
permit everything. And let me go to
interface 0 slash 0, which is the interface
IP access group. What is the name? Abc? And
I say if you are receiving TCP packet and this interface blocket show IP access list. So I have x is less
with denied TCP. But because I already
establish a session, I need to reset clear
IP BGP and star. Now you will see
again the idle state. Let me go to our R1. R1 will try to
establish TCP session, which is not possible. So it is in idle state. Anyway, you will say
because it will wait. So let's wait for awhile. Because when you release it, it takes time to connect, to go from idle to active. And it will be
moving around like either two active adult to active again and
again now with an E2. But again it will go
to adult to active. Let's give them a time and
let's see what is wrong. Wrong is show excess list. This excess less is denying TCP. And without TCP
three-way handshake, BGP cannot go further. So keep in mind, if an organization there is a scenario firewall
is in the middle. So you need to allow TCP 179 to work either
if there is ACLs. Again, BGP will not
establish a session. And we just check
out because I just denied TCP packet came. And let's check out again. So it's inactive state
and it's not working. So this can be also be
they can be the issue. Connect. If TCP work and TCP three-way
handshake completed, then it will jump to open sand. And it failed. For some reason. Suppose suddenly TCP is disconnected or
something goes wrong. Either cable is unplugged, then from Connect, it will go back to active
steady or this one. Active, we'll try
again and again. If it is worth, then it
will go to Open Sans. If it is not work, it will go back to idle. And if I hover, ER here is idle connect
open and active. This is the situation where
you are BGP can stuck troubleshoot purpose
from idle to connect and connect to Open
Sans and opens into active. This the situation. But if it's crossed opens and then definitely it will
go to Open confirming, establish, and either
from this way. So idolized, no router to neighbor because
you just configure. This is one situation not, I'm not taking that idle
can be in this situation. But here is another image
I found out and Internet. But I told you there can be 45 error which make the
router and idle mode. One of them is if you recently configure
BGP and one router, and the other one
is not configured, then this router will
be an idle state. Connect me if they start
initiating TCP session. If TCP session is yes, then it will go to Open Sans. Open messages will be sent
message we will cover now. Then it will go to Open confirm and open confirmed Wilson
alive, keep alive message. And then it will go to
establishing and established. They will send update and
notification messages. Again messages. We will do this the circle. If TCP session is known, then it will be an active
weight for a timer. Because it will go
to still an active, it has to go to idle as well. For some reason. Either maybe I missed it. But as far as I know, it has to go to idle again, I believe after a while. It's still there because it's
trying again TCP session. Anyway, let's wait
for a while and it's a dimer weird
fighter timer. If TCP session is no. Okay. This one is
connected this way. And what else? If
I lift something? No, Yeah, These are the
messages which I show you. You can use debug IP, BGP. I'll go to idle to active, then from E2 to open saying then if two messages
are received and everything and then
opens into been confirmed and open
confirm to establish. Yeah. Let's check out now. It's still an active anyway. What else? Yeah. That's it. Yeah. So these are the six states
or BGP when they want to become a neighbor. Okay guys.
8. BGP Messages Types: Because related to
BGP messages type, there are four types
of BGP messages. One is open, second is update. Third one is keep alive and
forth on a notification. These are four messages which BGP exchange
with the neighbor. First one is BGP, opened message. Open message. Basically send by BGP
with their values, their capability to establish and farm neighbor ship
with other BGP beer. And this open messages they
are sending their details. Like a relationship, you know, when you want to make
a relationship with someone and you want
to marry with someone, you need to check many things. In this open messages
one night per cent. Many details to other
searches version, which version you are
using, IPV4 or IPV6. What is the AS number
to consider them as a BGP, BGP router ID. Because router ID has to be
unique. We already know. And whole timer. What is the whole time timer
we will do in next slide? Bgp timer, this one. So an open messages
is like a proposal. When you give proposal to your girlfriend that
I want to marry you. Open messages sending
by BGP to girlfriends, neighbor that I
want to marry you. These are my detail. This is my salary, this is my house. I'm doing this and you
know, my character. These are the things which
they exchange and open messages, values
and capabilities. We will see in the lab. Next one is update. As the name suggest. If there is anything change, you add a new route, UV drought, you
change the attribute, attribute we will do maybe
tomorrow or maybe next week. But attribute, if you
change part attribute, they will send update message. If you add a new route, they will send update message. If you withdraw it out, they will send update message. Whatever you do changes in the network like
aiding the route, remove the route, gender attribute chain,
the product reviewed. They will send an update to their neighbor,
make them update. This is called update message. And also the name suggests. We will also see we will add one route and we will
remove one route and we will see it sending updates
are not keep alive message. Keep alive message is
similar to hello message of OSPF and GRP. It's like a heartbeat to send and receive this
keep alive message. After every 60 seconds. After every 62nd, BGP is exchanging keep alive message
and Hold timer is 182nd. By default, these
are the default. We will change them
in next slide. So keep-alive messages
are small packet, very, very small packet
and size this j, they are just checking their
neighbor is alive or not. This way the packet
name is keep alive. Just to check. Sam, like a hello
message of EEG, ERP and OSPF clear. And last one is notification. Like an office is. They will send you a
notification. Same as here. If you do something wrong, something wrong, not a drought. If you aid route or remove
loud or with Rod route, then this message is
called update message. But if you do a mistake and the routing BGP configuration, like you configure
different areas. You can figure same BGP
identifier, same router ID. Either you can figure
unacceptable whole timer. Either you configure an
acceptable hello timer. Either you do some
other mistake and BGP, one router will
send a notification to another router that
there is a new guy. He recently hired them by
someone and he made a mistake. He configure me wrongly. So let me update you. This guy don't know anything. He just a CCNE and you don't know any configure
BGP differently. So let me know you then this
guy is good fun of thing. This is Carl
notification to update the neighbor with
notification message that something is wrong. And configuration. Then these are 24 messages
which they are exchanging. Let's check out. We will use the same topology. I have R1 and R2. Here is S1, S2. Well that one is
R1 and R2 is R2. This is a loopback two to
two and they start 11. Ips are configured and nothing
else is configured here. And enable show IP
interface brief, show IP protocol,
nothing is configured. And here we have two interfaces. Show IP interface
brief two interfaces, and show IP protocol. Nothing is configured done. Now let's configure BGP
and these two router. But before configuring BGP, let me right-click and
capture Fast Ethernet, which connected to R2 so that
we can see the messages. And then we will
do some changes. So let me go to R1 configuration and R1
I will type router BGP. One neighbor is drilled R2
remote S renin many time. So let me copy and paste. So BGP is configured
on this side. And let me configure
BGP on the other side. Done. And now after that we can
see the messages here, BGP. So let's see. First, they will send with
Mitch's open message. So let them on. Here is let's go here as well. Let me clear the screen. And here you will see now just where the moment because
they will become neighbor. And after TCP
three-way handshake, they will go through
seven state. And after seven state, we can see some messages. So the six misstate. And after six to eight, we will see some messages. So I'm expecting now by the way, let me check my
configuration is okay. Bgp router 2111. Yeah. And here yes, come up
now, it's take some time. Here is first
message I told you, which is message number
one, open message. And if I open border
gateway routing protocol here is written Open message. And here are same message type
is one, Open message, one. And length of the packet is 45. Worthiness for I told you in first message they
exchange virgin. Which region is we're
running myth, IPV4. Then second I told
you they will mention AS number, this TAS number. They say my S is one. And then I told
you there will be Hold timer and router ID. You can see Hold timer is
180 and BGP identifier. In other words, we
call them router ID. So there's the first message. So R1 exchange open message. In order to exchange
Open message R1, say that my road radius 111, r to say my router
idea is to, to, to my S is two and I am
running IPV4, what Jen for. And also they are running the same and some other
stuff as well. Parameters. You know, many
capability I told you they will exchange
capabilities as well. There are many things
which right now is not. It is a lot of capability
which they are exchanging. This, the first message
exchange you become a neighbor. Let's go to another
messages, update message. When you add something, either you remove something, either you change the
attribute or whatever, they will exchange
update message. So there is update message, but it's better that I
can show you my cell. So last messages, keep-alive. Yeah. Let me add
a new route here. Either let me remove a route. So let me go to Interface
Lubeck to let me shut down. So what I've done, I
remove Lubeck two, which is two to two
from our two network. So what they will do,
suddenly they will send update message look at
and this update messages, message number two, length
of the packet is 28. And what they say
withdraw route. Here is the tu, tu, tu route is not anymore. Let me update you so you
can see it's updating them. And here I also told you when something is withdraw
means you remove them. Let me add let me know. Shut down. Again. They will
send update message. And this time they will say that I want not a bedraggled
rise 0 this time. And it should be this one that there is
a new route with 222. And if I add a new road,
again, it will be, suppose if I create
a new one interface Lubeck 22, an IP address. Twenty two, twenty two, twenty two, twenty two. Twenty two to 55
to 55 to 55 to 55. Minute 22 I type. So I create a new Lubeck and
let me go to router BGP two. And let me add this route. Last time when I add the
other one, this one. So let me make them twenty two. Twenty two, twenty
two, twenty two. But before 22, let me enter. Whereas the last
message keep alive. After cupula, you
will see update. Here is this time what they
say that there is a new route with 22 done with which message? Update, message. So we check out and BGP, if you remove route,
you'd add route. So it will send update message. Now coming to keep
alive message. Keep alive message is nothing but just to exchange a
small packet without any information after
every 60 seconds and hold time is 61 a DC
current, three times bigger. So let me go to here. And these are keep-alive
message you see? And if I open, this is
message number four. And nothing is there a
small packet with 19 k b's. And they said, no information. Is this just a heartbeat? There is no nothing just to see that the neighbor
is alive or not. This is called keep
alive message. Okay? And the last
one is notification. Notification in the sense
when something is configured wrongly like a bed AS
number bed identifier, bed whole time or unacceptable
whole time or halo time, but, and so on many thing. So let me go to prove
you the notification. So what should I do? Let me go to R2. Let me configure my S wrongly. So what I will do, I will remove no router BGP two. This is my rotor, BGP to yeah. And then I will type router BGP instead
of 222, I type it. And then libraries
190 to 168 dot one. My neighbor is 12 DOD
one with remote S1. But in R1, I said that
my neighbor is 22, not two, sorry two. And here is, instead
of two is 22. So what will happen? They need to send a
notification message, which I did not receive
weird by the way. And it can be here as well. Okay. Let's take time. By the way, it has
to send right now. Beer is down. Yeah, it's come up now. And here is looking at
now notification message. They said bed Peer AS this
is message number three, major error, Open message, major error code, open
message, bed, bed, beer. They are tilling to R1 that
you configure correctly. But here somebody
configured wrong is sure running section BGP. I say my neighbor is, my neighbor is two. But here I typed by two. Instead, I type 22. So they send notification
there debate, ascending notification as well. That look at men, somebody configured you wrongly, BGP has to be 20, not 22 should be two. You can correct them
from two places. Either current here, make them
20 to either correct here, make it to the ST1 example
to send notification. So let me remove 22, fix it, and let's enable two and
this one quickly again. Let me fix this issue. This is one example. Other examples can
be same router ID. What is the router idea of R1? Show IP, BGP summary. My identifier is 111. Let me give them
this identifier. Bgp, router ID1
dot one, dot one. So after a while, they still open message. After a while you will see a
notification message again. This time identified as similar, which hasn't to be similar. And here I am receiving again. Let's see how long it
will take to show us. Let's watch here. The last message
is open message. Here is notification
message come up. It said bed, identify. What is the identifier. Then time I told you identified
as nothing but router ID, we call them identify
that bed identifier. And again, they
will send message, notification message
to the other neighbor there to look at Brother. Your idea and my idea is similar to brother hasn't
to be the same name. So it will not work. This is called Notification
message and so on. You can prove the other one, gender role timer to something
here, something here. And so many other things
when configuration. So this is called notification. Then we check out from here. Let me see if I miss something. Then we check one by one. They said this was BGP
messages for messages which we checkout and we verify
from Wireshark as well.
9. Multihop & Update-Source: Topic related to BGP, BGP multi-hop, and
BGP up dead souls. These two command you need
to type in many situation. And to be honest and real world, you need to type
these two. Come on. I will tell you why
BGP normally we configure BGP through
Lubeck interfaces, not true physical interfaces. When you configure BGP
through Lubeck interfaces, then you require
these two commands. You remember
yesterday I told you they're divided far. Bgp. Bgp TTL is one. I told you that I will
show you later on. Now this is the day by default
when you configure BGP, BGP between two router. So it's okay if you
connect them directly, but if you configure
them more than one, then it will not work. And the reason is
TTL because to deal we'll decrement to 0 and
then it will discard. And BGP will say that I'm
not reachable to the pier. That's why it's required BGP multi-hop command to
increase the TTL value. If you can't remember, let me open that one to flavor. We discussed this
one yesterday and this flavor E BGP
flavor I told you, keep in mind that
TTL value is one. Today's the day to show you. Okay? So when you configure to
E BGP with each other using the Lubeck
interfaces as a source. Then what will happen
before we use directly 12, that 112 or two. But if I want to use
Lubeck as a source, in real-world, you will
see Lubeck as a source. Keep in mind and
real-world 99 per cent. We are using loop back
interfaces to configure BGP. Now you will say why reason is, one of the reason
is because Lubeck is logical interfaces
and it will not down until your router is done either you men will
you down the interfaces. But physical interfaces
can be done. It can be due to
fluctuation or anything. And this way you are BGP
will be disconnected, TCP session will be reset, and then BGP take a huge time to connect again because
this is slow and nature. But if you are using
loopback interface to reach, then loopback interface, even if the physical
interfaces down you are BGP session will
be still establish. You will say why it
will be established, because this is a TCP session. Once they're TCP
session established, it will be established until, and unless you said clear I BGP, which we saw in
the lab menu time. This is one of the reason
that an actual word, you will see BGP is configured through
loop back interfaces. But when you configure
through Lubeck interfaces, there is a PCL value
less than one. And Lubeck is a second hope. Before we were
configured directly this command here I said, Well that one, it's okay, we are directly connected in
one hop is enough for us. But now I'm using a next
hop and TTL is one. So R2 will say that
I'm not reachable, my TTL is destroyed. I can only reach to one hop and you are trying to
reach a second hope, which is loopback interface. This way, you need
to put this command E BGP multi-hop and
increase the TTL. Because we know by default
you TLS one of E BGP and T TLAs 2255 I BGP, not EVP. But we are here, we are talking about
E BGP configuration. Second thing, we will need
updates source command, because now we are using
Lubeck as a source. So how router router will
send your 12th at one IP? They are physical
IP by the fall. And BGP configuration routers sending their physical
interface IP as a source, which they expecting
like this way. But this time we configure BGP using loop back interfaces. And router will try to
send their physical IP. Again, connection
will not work because we configure BGP based
on loop back interfaces. So what will happen? You need to type
another extra command, updates source loop back
interfaces to tell the router. They're update yourself rather than to use a
physical interface. Use the Lubeck
interfaces is a source, then it will start work. And this is our lab to
fix this, to issue. These two issues can be fixed
by using these two command. Okay, so here I have R1 and R2. There is nothing configured
beside IP addresses. And let me start R1 and
let me start out R2. R1 is S1 and S2. And we want to configure
BGP between these two. We want to configure BGP because this issue
you will face e BGP, not an internal BGP. So keep in mind this
issue is only an E BGP. So S1 and S2, we want to configure BGP
which is different, is okay. So R1 and R2 start. Now what I will do, I will not use physical IP. Here I have a loopback
interface to use them as a BGP, where it is. Let me show you show IP
interface brief, this 11. What I will say, this my
previous configuration, yeah, forget about
the above one. I will say No. I will use two, d2, d2, d2 because in R1 and R1, I will give you the
detail of R2 Lubeck. There's two to two. So I will say that my
neighbor is two to two. And I want to advertise
my desk network. Okay? And I'll do, I will say that my neighbor
is not a physical interface, is one dot, one dot one
loop bake with remote S1. And I wanted to
advertise to Tutu. But the reason is R0, R1, 11 is reachable to, to, to, to know. If I try to ping from R two to one dot one dot one is not working
because there is no route. And if I try here to, to do is not working. So how I can make a
connection first thing first, it has to be reachable. Then I can use
Lubeck interfaces. So what I can do to reach them, I can make a static route, go to configuration ip
route and type two d2, d2 and to 55, to 55 to 55 to 55. With the WHO? This
route is with R2. And what is the R2 to R2? And R2, I will do
the opposite. Here. I will configure pulled out one, and I will make this 11. Correct. You will see this
in the real world with deferred annuity
thing reachability. Now let me try 111. I'm reachable. Yes, this time unreachable. And let me try from R1
to pink, tutu to Lubeck. Sorry, to dot to dot to. Yes, I'm reachable now. Okay, first condition is done, but BGP is still not there. This was a requirement
because when I was trying to
configure with Lubeck, I first phase issue there, these two Lubeck has
to be reachable. So I configure a default
route, steady growth, sorry. Okay, now, let's try. Now is reachable,
it has to work. So let me copy this one. And let me capture this one. Let me put in R1, this configuration, but a
new startup configuration. This time my neighbor is
two to two with Lubeck, I'm doing not with
physical connectivity. And the same thing I will
do from the other side. E BGP configuration based on loopback interface is not unphysical interfaces
keep in mind, do you think they will
connect in labor? Know, if I can debug IP BGP. Now what is the question? Why? Why answer is this one? Show IP BGP summary. Not somebody show
IP BGP show IP BGP. It was sure. I BGP neighbor, sorry. The thing is it's
not chewing UDL. I doubt it will show us because
it's not reachable too. It's not showing you, remember the TTL value. So the issue is TTL value. Here I mentioned by this way. Now I configured using Lubeck. And Lubeck is one-hop
more of a and T, TLS one for E BGP, which we discussed last time. And I told you
that keep in mind, we will discuss.
Now what I need. I need to increase that UDL. Then it will start work. How I can increase TTL value. I need to go to every router. I'm here, I'm a lady
under neighbor. And first thing is, who is my neighbor? This my neighbor. Neighbor 222 m. I'm an R1 and I will
type II BGP multi-hop. How many hope I
need by default S1. Here I'm connecting
through LoopBack. Loopback means to hope you
can type three as well, but it's better to type one. So you will not leak. Your BGP is better
to touch on it too. So I type this command. Now I need to do the same. And this side as well, router BGP to and
what was my neighbor? The neighbor and type
yet another command, E BGP multi-hop two. Now let's see a show
IP BGP neighbor. Still it's not
showing me the TTL. Ttl issue is fixed now
with this command. But still I don't
have Ricci show IP, BGP, somebody still. I have an I-bar, but within idle state. Now what is the reason? Still, I'm not last thing. To fix this issue, you need to type a source. They don't use your
physical interfaces. Use Lubeck as a source. So let me go to R1 and type another extra
command, two to two. And type here Updates source, Lubeck, one minute, Becky, I'm connected to
Lubeck one and R2. I will go to configuration
router BGP two. And neither command here I will type up dead source Lubeck two, because here I have a little bit to do a show IP interface brief. Here is I say use my Lubeck interfaces
and now they will become nine by UCS
start open messages. So in this situation, you need to type to command and also our default route
has to be there. Means reachability
has to be there with any other routing
protocol to use them. Show IP BGP summary. So here i now I'm
receiving one route. If you can figure it out, then you will reach you will
say maybe I'm reaching to, to, to base on default route. From here, I need to ping
from here, not from there. Being 222, you will say because I was reaching base
on different route, a static route 2222. Okay, let's do another thing. Let me make a new route. Because the static route
was really far to, to, to, let me create a
new one interface, Lubeck 22, an IP
address twenty two, twenty two, twenty two. Twenty two to 55
to 55 to 55 to 55. And let me advertise
this router. Bgp two. And let me go to
the route which are advertised before year end. Let me change them. To now there is no default
out for two to two. But still I can
reach 2222 as well. So if you're thinking
that you are reached to, to, to, to base on
the static route. Why I'm reaching to 22 now. The ISD, those Lubeck interfaces
are specially made for BGP and you need a default or static route to reach
those Lubeck interfaces. And rest of the thing you
will get through BGP. And this is the
real-world scenario. You will see this time
of configuration. The router will be configured
through Lubeck interfaces. And also when you check the configuration and
real-world section, VGP, you will see
these two command, E BGP and updated
source loop egg. This is the way it work. And why we are using
these two command. This was our topic, BGP multi-hop and
BGP update source. So BGP multi-hop is
to increase the TTL. Because by default TTL
is one and we are using Lubeck interfaces
and update source we are using rather than to
use our physical interfaces, we are using our
Lubeck as a source. So we give instruction to BGP
to use Lubeck is up there, source and this y start working. Okay? And from here you can verify, but I'm sure IP BGP and we saw these command and that's it. This was BGP multi-hop
end up their source.
10. Keepalive & Hold Timers: Another topic related to BGP, Border Gateway
Protocol is timer, same like EEG, ERP and OSPF. Bgp has also a timer like
their work visa, Hello packet. Here we call it keep
alive, Beckett. And yesterday we
saw them as well. Keep alive is a small packet. Nothing was there. Just to be aware that the neighbor
is alive or not. This is called a keep alive. But this keep-alive
messages that timer, which is 60 seconds
by default and we check out yesterday's well. And there is a hole down timer, hold down timer means
if BGP neighbor, not hair from the
neighbor up to 182nd, so it will consider the night, but as it down, that neighbor is not anymore. This is downtime or
same like an OSPF. Anywhere. Ospf was changing
their whole timer. We saw them in every
network it was changing but when we check out, so by default it to us for TC can or something and same
like EEG ERP as well. We decrease them as well. If you remember in wispy, if I decrease the timer as well, a whole timer, same you
can do here as well. This is three-time of keep alive and it has
to be three time. We will check. If I give them less
than three, three-time. Suppose this is a 63,
so three times 30036. So as 182nd if you give them 50, So the whole timer
has to be 1 fifth p. You get my point,
what I'm saying. But yes, there is few
value which is illegal. Like 12 are illegal. Why? You need to give three times bigger video
for our whole timer. So 12 is not making any sense. What will be the
minimum to three times? It will become minus and minus is that
they love the year. So you cannot give one or two. As a whole timer value. The minimum which you
can give it as 3 second. Make sense because you
can keep, keep-alive. Timer is a one. So three times, a whole
timer will be 3 second. So keep in mind if
somebody asked you, so 12 is illegal,
it's not possible. We will see in the lab as well. I will give it to they will say, I know it's not possible. What will be the three-time
of two means less than. So there is no such value. The last value I can
put 11 Hold timer, the last value is three. So it's not possible. Now coming to one AD
is a flesh timer. They will wait 1 second
to the neighbor. If neighbor is not responding. One time of keep-alive
to time upkeep, a lime, and three timekeeper lives, so it will consider them down. Now, is it possible that I can
keep a separate keep alive message timer with one neighbor and different with
other neighbor. Yes as possible. Means. Suppose there are two,
has two neighbors. One is R1, other one is R3. Is it possible that or
to have our whole time or suppose for MTC can with
R3 and 60-second with R1. Yes, it's possible,
but it has to be the same. But it's okay. Do neighbor or three, they give them the
same because R2, R3 has the same keep-alive
and hold dimer. And the same it can be. So we will check how
to change hello timer, keep-alive beaches,
and Hold timer. And also we will check
to change you leave with one neighbor something else with other neighbors
something else. So both are possible. So this is BGP timer. So what I can know, let me go to lab and
I need three routers. So let's go there. I o is bigger to take
this router is okay. So I need three router
and it should be oh, I think so there are
two slot or not. If not, I need to add. Okay, so now I have. One I had walked to, and I have added three. Okay, so let me connect
0 slash 010 slash one, and it's better to 0 slash one. Okay? So I take three router. So I held three row two now. Okay, let me start this router. So what will be our subnet 1223 year I will make
a Lubeck with 111. Okay, So this should
be one to two, so it will be 12 and there
should be 11 with Lubeck. And let me change
this one to one to one sixty eight twenty-three dot 0 subnet between
these two router. This router, because
it takes time. And I believe it's
connected one, okay, so E BGP connectivity. So I start R1 and R2. Also three. This is no, no. And R3 also know, okay? By the way, are all of
them as BGP connectivity. So E BGP between R1 and R2, and also E BGP between
these two router. S1 is S1. Here we have S2, I believe there is S3
because it's ABDB. So let me here it is. Okay, so now e BGP connectivity between
R1 and R2, R2 to R3. And these are the subnets
which we will use. So what I can do, let me copy and paste
just the IP addressing. I will go to R1 enable
mode configuration. I will change the
host name to R1. Then I will configure
router BGP one S1, and the neighbor SQL data, which is our two with remote S2, which is our remote S is two. And this router
will advertise 111. But I need to configure
IP addresses. So if I held the
Yesterday script, I give some year. I think so I give
this one a Philly, I need to save time
to add the IP. So yesterday we use one script, by the way, this one. Yeah. So let me go back. And R1, I will go to
R1 Fast Ethernet 0 slash 0 with 12 that one
no shutdown interface. And yes or I need this one. So let me copy the
script and go to R1 Control Q and paste, and do right,
because we will use these three router
in next lab as well. So let me save only IP's. I wrote do right means
save this setting. And let me check
everything is okay or not. So let's go to
until R1 is coming. Let's go to R2. Let me check, show
IP interface brief. So you see that 1111. Now let's go to R2 and R2. Basically, I have
two interfaces. 0 plus 0 is connected
to this one, this one, and no need of
loopback interface by the way. So instead of this one, let me copy this
one and paste year. What is the next interface? 0 slash one. So let me change 0 slash one and change the
IP to 23 dot two. 23 dot two. So I have two interfaces
to configure our 20 slash one with 23 dot two. And they start to feel that too. And we'll need to
configure Lubeck and let me copy this one and go to R2. Okay, and do right
to save the changes. And now let me check the interfaces just
for this safe side. So it's up, up 1223 now
coming to router three. So N routed three y-naught. Let me copy this one. Okay, The only thing is 23. It should be only three. That's it. So copy. And some of the things that I will do it
like a hostname or three. And now paste this one. I'll exit and do right. Let's see, everything is okay. Control Z, show IP
interface brief. So 23, let me ping 23 dot two because it's
directly connected. Let me check is
reachable or not. Okay, three-tuple and R2. Let me pin 12 Dart. One, which is R1. Okay? And let me pink 23
dot three is real. So at least reachability is
they are direct connectivity. And let me double saved it at least as safe so that we can
use in next lab as well, the same routers, IPs are saved. Now let's configure BGP. For BGP, I will go to need up configuration
and this one straight away, we'll go to BGP one, folder two, and remote SQL. And I ordered it because
we've done many times, so don't need just copy and paste, configuration and paste. So I configure BGP here and
advertise 111 loop back. And do I have 1223 tonight, but I would say router
BGP, two neighbors, 12 dot 123 dots three with
remote S differently. So let me copy
this one and go to R2 and configuration and paste. So BGP is configured
here as well. Now let's configure
BGP and router three. So router three has
23 da2 neighbor, which is R2 with a remote S2. And router three is BGP. Three means S3. So let me copy this
one and paste. Bgp has been configured
an R3 Router, which is E BGP basically, because here BGP, S3 remote
S2 phase is called E, BGP. We know this here. Okay, Now coming to our lab
to check the time. Okay? So let's check out a, show IP BGP neighbor. Show IP BGP summary by the way. And our neighbor,
neighbor is showing here something more than
show IP BGP is summary. So I have one neighbor in
R2 if I do the same thing, so R2 has to neighbor. Let's check out
Control Z and paste. So I have to now but dwelled
at one end 23 dot two. We already know we are
running what Jan for one, R1 is a S1 and S3. How many messages
we receive a 0. Table origin, we're not
receiving anything. It will be added after awhile. And here I'm
receiving one prefix means I'm receiving
one network instead. Now, you know, state is nothing, if not doing anything, that means everything is okay. Yesterday we
discussed prefix I'm receiving from 12 because
in a study from R1, R1 has one loopback interface
which is the advertised. So let's check out
again. So yes. Now table is also terrible wordiness to
everything is okay. But our topic is to
check the time Mal. What I can do in R1, Let's start from R1 and check their default time or show
IP BGP neighbor command. First of all, they say
they're too remote. We're, I'm connected with R2. Our to remote access
to an external link. Externally means that I'm
connected through E BGP. If it is, say, N terminal
lingered means I BGP. And rest of the
thing we already, most of them will
discuss BGP status. Establish this, tell
us to establish this, the remote IP or KBD. We everything the router ID of the remote 23 dot
two because our two has no loopback interface to get their highest 23 dot to
make them as an author ID. We already know this one. Anyway, coming to the point
and it is Hold timer. All time is 182nd and give a
live interval is 60 seconds. After every 60 seconds, they will exchange
keep alive message. Let's do the same.
So it will be same. No doubt it's the same. 18060. And also here, it should be the same. By default it is the value. Now, my concern is, can I change this
value as a whole? That's what I want. So yes, let's go to R2, which is in the middle router, Control C and Control Q to clear the screen
configuration router BGP 2s, which is the number of R2. Okay? Here I can set timer. Timer is the command BGP, and here is a live interval. So what is the default ones? 60, Let me change them to 50. But what I say, Hold timer
has to be three times bigger. So what will be the
three-time 1 fifth? The AC value. So they do can understand you can
take any value. I will show you another thing. Suppose if you take 5151, either something of value
which has not acquired, it will make them automatically. Okay, I will show
you that one later. What what is my point? But right now, 51
fifth, the tip. So I can change the timer,
fire both neighbor. Let me clear BGP because
the timer will not change. Control C, Control Q shoe IP, BGP neighbor timer
is still 180 and this one Control C
Control Shift Up Arrow. Same when AT, because
I need to clear, clear IP BGP hard reset. This is called hard reset. Clear IP BGP reset
my PCP session. And everything is disconnected
and it will connect again. So we need to connect again, they will exchange the
new value of dimer. Because yesterday and
messages I told you that first messages they
will exchange the timer. You remember, maybe you forgot. But now they will
exchange the new timer. Let's see what is the new
Timer Control C Up Arrow. You can see now Hold timer is 1 fifth and keep
alive is Phillip D. Let's go to R1 as well. Control C, update or
show IP BGP neighbor. And R1 has the same 1
fifth D and D Second, which we change and
modify by which command. And we enter in BGP
configuration and we'll type the command
timer, BGP 5150. Okay, it's done. It means an immediate
hotel when you exchange. So it will be applied to our router all neighbor
automatically. But don't want this type. I want a different, you know, normally with the one neighbor you are good in with the other, my buddy, you are not good. Maybe Europe, there is
a different scenario, but in our Asian country, when you have an eyeball on
this side and other side. So sometimes you don't like one neighbor and new
like the other neighbor. This is our story, not in
Europe and UK, but anyway, I spent six years and I
wasn't know who else besides me and my house
and UK, Trust me. I wasn't know who
is living there, but in buggies and
it's not like this. You have to know
the whole village. He won the whole district. Anyway. So now p and one, p is equal for both sides. But I want three different
and R1 different. So let's check out how
we can do that one. So let me go to router BGP to
so before I type this one, it's okay, leave it like this. For specific ny bar to set them, you need to type neighbor and which nobody want to change. Let's change the R31, 23 dots three, There's
my night but yeah, which is the IP R3 here
type dimers to value again, let's give them 20. I suppose 30. So what will be 30306090? This will be Hold
timer and enter. But I need to clear
the thing again. So let me type clear IP BGP. Now what will happen
with our three? My value will be 3090 and
for R1 it will be 5150. You get my point. Because I told them that fire this
specific neighbor, my timer is 39. But far rest up. Everyone has 5150. Let's check out now again. So before it was 15050. So Control C and up arrow. And now you will see
903090 is the whole time, and 30 is the
keep-alive interval. But let's check out R1. R1 is 15050. Yeah, it will be
the same Control C. And now you can see 15050. So if you want,
you can change for our specific
neighbor, the timer. And for other neighbor
it can be different. It's up to you. Now, maybe you met thinking that if the timer
is change in the Route, Router three something
and do something, no, it has to be the same. Whenever you have an I-bar ship. So our two has two
neighbors shape. Maybe you are thinking this
question or to his tonight, but R1 and R2 are to running different timer
with R1. So it's the same. It means R2. Let's
check out our two. Maybe you are thinking this one. Show IP BGP neighbor. So I have a timer with
15050 with the WHO, with AS1, who is R1? And I have worked timer. Where it is. It should be here somewhere. Maybe I left. Yeah, is here. But I have a timer
with our 39030. And it can be many neighbor. You can keep different
neighbor with different dimer.
You get my point. So our two keeping
two different timer, it will be the same
with neighbor. It's not about that R1 timer
has to be the same R3 known. They are not directly neighbor. If you are thinking there, this one and this one is
don't have the same neighbor. So how it will work? No, no, no, no, no, no. You just need to care about the directly connected neighbor. We don't care about
the other neighbor. The only thing is R1. R2 has the same timer, or two or three has
to be the same timer. We don't care about R3 and R1. If they are connected directly, then you need to
be carried aboard. Suppose if you connect them, then you can put a
different timer. Anyway, it's not a big deal and not a hard topic to
discuss and more. But at least you'll get
idea that you can change the timer with your
neighbor specifically, and you can join the
dimer as a whole. This the two thing you can do. This was BGP timer. Okay. Yeah, I remember one thing before
closing this topic. I told you it has
to be three time. Let's check out date value. So Control C because it's
a huge configuration. Configuration, a
router, BGP, do. And what was the time
where I said this one? Let's check out. Let me give them a halo timer. One. This is 0 is the last one. Yeah. And let me give them Hold timer to what I said too as possible. No. Look at now, Hold timer must be 0 or
greater than two sequences, greater than two seconds. So it's not possible to give
them to R1 is not possible. These two value
or the last value they said greater than two, n greater than two is
the last one is three. It's okay. It's liberate this one. Flipping because
you don't give out small value as not OSPF to
give them a less value, S naught E AGRP to come up quickly to give them less value. This is BGP. Bgp is slow and nature
I told you many times. So don't give them a less timer because the chances
appear to flipping. And when they split, it will take a huge
time to come up without a smile reason that why we
always give them a huge range. So it will take
much time to down. Because this is
the beauty of BGP. Because an internet we don't
care about the slowness. The converse time we care about the part not to be disturbed. Anyway, this is a
different student. Don't want to go. Let's
come to the topic. So 12 is not possible
and timer, it's correct. Now, then I told
you that the timer has to be three time
labored 123 times. So let's give them three. So suppose let me give them ten. So what will be the three timer? It will be 30. Yeah. So suppose if I type
20, what will happen? It will change the value or
to medically to 30, either. It will make ten less
to fix the video. Because Weiler, hello timer. If a halo timer is ten, so whole time and
it has to be 30. So what BGP will do, it will change either
ten to make them less. What will be the 23 times? It may be 88816. No, sorry, 556677 something. So either it will
make less this ten, either it really increased 20. Let's see what
will they will do. Let me clear BGP. So keep in mind
this point as well. It will adjust the value
clear IP BGP and start. Now then I will check
because I had done it for specific neighbor,
which is R3. R3 I will check. I believe they
will decrease ten. Either it will increase 20. I can't remember exactly, but in these two they will
do something to adjust them. 13 ratio. So let's go here and
Control C and up arrow. Okay, is 180. Maybe I type something. Has come up now. Yes. So they decrease the halo timer. But they give the whole time
or 20 which I give them. You get my point. I give it plenty
to say it's wrong. Let me fix the value. Six has to be the correct value. So what they then
they make it six. So 63 times 661218. So it's almost 31 ratio. Yeah. These two thing you need
to remember as well. 12 is illegal and if you give them a round three times keep-alive
multiplier. So what they will
do, they will fix the value automatically. And what else in BGP
timer, That's it.
11. Next-Hope-Self iBGP: The next topic related
to BGP as next hop cell. What is next top cell? And I BGP, there is
a small issue when I BGP router tech routes
from E BGP neighbor. So it will pass you. Remember in first lecture
I told you and BGP, there, there are some issue and
I BGP when it's taken out from a BGP and date-time
I'll do you live it. You will understand
later on this the point which I
was talking about, the time when I BGP, BGP, when N terminal BGP take
a route from external BGP. Suppose this is S1, this is external BGP, and this is S2, but an S to V. How many routers here
I take to router? R2 is connected to, R1, is a BGP link. This is E BGP because this is IB GPS connected to
external another AS number. So it has become R2
is connected to R3, is I, BGP and Arduino is
connected to R1 as the E BGP. This concept is
clear to you, Yeah. Now, if Today crowd 111 from R1, which is E BGP router, router two will not
change anything. It will give it two or three. Same to same. You get my point. It will not change. So R2 will keep 11 and next
hop will be thrilled R21, which is one IP. And the same thing, they will pass to R3. Big this 111 and next
hop is that one. So when R3 try to reach to 111, it will not work because I don't know anything
about that. One. Next hop for R3 is 23. There are two rather than one. This is the issue and I BGP. Let me give an example. Normally I gave this example
in Hindi class and UK when you do something as a
suppose you are working under your manager when you
do something good. So what you are a
manager will do it. The manager will not
take the credit. It will pass the same thing
to the higher management. And we'll say that a
hammer done this thing. They will say that
a modern this task, and he's done a great job. So he mentioned a month. Now, top management
don't know Edmond. They only know the manager
and manager is R2. But he give directly the task has been done by mud, not by me. It will give the same think
to the top management. Top management,
consider them R3. Now what happened in
Pakistan in sodium? When you do something. So Manager take the credit. They change your name and gender thing and
they put their own name. Manager will change it. I had done this thing, take 111, I had done it and
the project is finished. But top management
don't know that this is done by someone else. This is the comparison between
two different societies. But here we need Pakistan
or to change them. Our to his disclaim that
is being done by me. You need to approach me. If you need to ask something, you get will not
work here because our three don't know how
they will reach to Emma. They don't have their number or their phone number, their email. They don't care who is
the 1000 thousand imply they don't know top management normally they don't know
about their employees. They only know their
managers to interact. When this top
management said that, okay, let me reach him. It will not work. Because this drill that one number is not there
in the routing table. You will understand when
we're done the lab. But I'm just telling
you the issue. What is the exit issue? When you connect I BGP to BGP? What will happen? This is called reachability
problem and how we can fix it to type next hop self
command to make R2. So the other case it either Pakistan to claim that
this route as mine. If you want to reach 111, you have to ping me. Not directly to R1. Let me give another
example then we go to lab. Maybe I'm giving stupid example, but just for
understanding purpose, suppose R3 and R2, or friend and
working together in a office is a colleague's R3, R2 that I need some money. Three, borrow some money from R2 to say that I
don't have a money. It didn't tell
anything to add three. But he borrowed from another person which
artery don't know him. So are due by money. They'd give me some
money because he is my colleague and
very close to me. Give me the money to take money from another
person and give it to R3. R2 mentioned two or
three that I took this money from another
person just for you. Three don't know that person. But are too just mentioned them that this money is being taken from another person just for you because you
asked me to give. But R2 can do something
to solve this problem. When R2 take money
from another person. So they will straight away
give it two or three, and we'll say, okay,
take money from me. Our two will not mention that I took this money from Florida. Florida is true and this
endured. No, no, no, no, no. They will say take
the money, that's it. And whenever you have
just returned to me, You get my point. So this is two
example which I try. Maybe you will
understand now let's go to lab and hopefully you will understand what is next
tall silk and BGP command. So here I have three router, but here I have what I
BGP between these two. R2 and R3 has I BGP if you want, let me drag custom shape
to show you square, either circle and dashes. And let me change the
color to something. So let me distinguish it. These two router has I
don't need this one. So this is R1 is one
I believe I gave them one year and the
other two has L2. Either. You can give them 23. They're both help to three. So they both Hill an
internal BGP configuration. Keep in mind these two
router has I BGP, okay? But R2 and R1 is BGP. These two are internal, this one is external. Okay? And let's see, R1 is 111
route to give them to R2. So what we'll do our two
to give it two or three. So let's check out
first IPs are there, I believe IPS configured on these three router
lady from last lab. So if I check old show
IP interface brief, so I have two IP here. And there are two IP
configured here. Yes. Okay. And let's go to three, and I believe are three is also one IP configure,
ip interface brief. Ip addresses are already there. The only thing I need to
configure BGP between R1 and R2 and I BGP
between R2 and R3. So what I will do, I
will take the script to copy paste because many
times we configure them, so I hope so it's clear to you. So what I will do an R1, I will go to router BGP one, R2, which is R2 is my night, but with different
areas where it means E BGP configuration. And I will advertise 111. So let's take this one
and go to R1 and paste. Okay, sorry I left something. Your left router, BGP, Control C and V. Okay? So what I've done,
I say router BGP, my neighbor is twiddle
dot to this one. And I'm, my S is one, but R2 is two, so it means e BGP configuration. So R1 configuration is done. Now let's go to R2. But an R2, I have one I BGP neighbor and
one e BGP neighbor. Okay? So what I will do, I will say router BGP here I, we choose to three, so let me make them 23. And here 23. So I saved mine eye, but it's 12 dot
one, which is S1. But in R1 I need to
change to three years. Well, so it's better. I type the URL, so let me
change this to two now, because we don't have
any other option either to change directory here. So let me make this too again. You can take any
number by the way. But in our one I
allergy type two. So i then I need to change
back there either here. I said router BGP
to my one night but is BGP and the other
neighbor is two, and I'm also two. So I have a neighbor
with BGP as well. That's it. Not a difficult task and paste. Now let's go to R3, R2 as simple, it has only
one neighbor with I BGP, router BGP to end
router BGP, L2, and S2 is the same. So what I will do, I will
paste here, that's it. Now let's see the issue. Because this, the edge
router Between I BGP and E BGP are doing is
taking 111 from E BGP. Let's check out. So let me go to R1, R2, show IP, BGP. Okay, it will take
some time to come up. So just weird, because
take time to come up. So let's try now. Ip BGP. Yeah, it's come up. Now, R2 is receiving 11
route and it's correct. Or two is receiving this 11
with the next hub, dot one. Dot one is this router. Okay? N is correct,
everything is okay. Now, let's see what R2 will
do to give this route to R3. Let's go to our three show. I, show IP BGP. Okay, it's not yet here. Show IP BGP. Neighbor. Somebody Control. C. Show IP BGP somebody. Okay, my neighbor is DL. Now let's check
out a show IP BGP. You see R3 also
receive one-on-one. This is R3. R3, it's received this one
with the help of R2. But what happened? Who is the next
hop? Well that one. And who is giving
this throat when D3.js giving 112 or three. But next hop is not changed. Same to same which are
to receive this route, they give them the same
to their internal person. Told that 13 don't have anything to reach 12 dot one because it's
not daddy connected. So can I ping one dot
one, dot one, no. Because in my routing table they say if you
want to reach 111, you have to go to that one. And R3 don't know that one. Because that one is
connected to R2. R3 only know 23 dot two, which is our two things. So this is the problem. And I BGP and E
BGP connectivity. When you connect a BGP to E BGP, when they get
something from E BGP, they will give it
to their friend and I BGP networks same to same
with the same next hop. Our to get this from 12, to give it two or three with the same thing, which is wrong. I am, I am checking
is not reachable. You are doing has
to be reachable, but it's okay because
I'm directly connected 111 so I can ping but
are three cannot be 111. This the question. How to solve the problem
before solved the problem, let me show you when we
were discussing BGP flavor. So I told you there, you remember, and I BGP, this third thing
which I told you. I think so this one and
these three sentences, when I BGP routers you from I cannot get this
different thing. I will show you
this one as well. I BGP route receive from IBD be peer but cannot be
advertised to an EBD PP or no attribute like local wind routers advertise
to IBD peer next 12 year, this one, these three will
be next and next class. I will explain you this one. When we were talking
about I BGP. So I told you that will route
as advertised to I BGP. Peered. Next two op remain unchanged. This was the question. So R2 received from
EBG people Dart one, they did not change and
give it the same next hop, which is not working. You'll get this idea now, the other three
will be also clear. And next lecture, if I remember,
I will show you there. Okay? So now our three is not
reachable 2111 in this case. How to fix this issue. So there are three can receive 11 behalf of R2 not
directly told that one. So let's go to fix this issue. So what I can do go to
config router BGP two, which is our S number and type neighbor.
Who is my neighbor? 19216, year 23, R3. R3, which is receiving around
route with next hop diet, next hop silk command. So simple. And this was our top topic
of the day. Next, Hobson. Okay, Let's check out. Sorry, Control C
Control Shift six. Let me check. It was drilled out too. Yeah. Let's check out again. Look at now is 23 dot two. Now, what was twiddle dot one? Now respects. But do you think I'm
unreachable 2111 now? Saudi know, one thing is fixed, which was around next hop. R2 was giving me same
to same next hop. Now I said, Okay, Whenever you take a
route from external BGP, Jane the next job, and keep yourself as a next hop. That's why I type this
command next hop cell. Keep yourself as a next hop. So he said, Okay, I'll to
say okay, now it's me. But still I'm not reachable. To fix this issue. One more thing you need to do. You need to advertise 192216830 mask to 55
to 55 to 55 dot 0. The network which
is between R2 and R3 has to be a
advertise this 23. Okay, keep in mind it can be many router in internal
BGP, maybe 200. Then you need to type this
command with every neighbor. Next hop self next to upsell. And one time you need to
advertise your internal subnet, then R3 will be reachable. So let's see now, look at now. Now R3 can reachable 2111. And also next hop silk
issue is sort out. Now, next hop is 23 dot two. N11 is now the
best route and I'm reachable deal with
the help of R2, not directly to hit 12 Dart one because I
wasn't know 12 dot one. I know only R1 with
if I go to R2. So now that issue is
fixed with next top cell. Okay. What else? Okay, So we check out if
I miss something, no, this was BGP next hop self. And the issue is when you connect internal BGP
to external BGP.
12. BGP Synchronization: Next topic related to BGP
is BGP synchronization. So what is BGP synchronization? Basically 11 I BGP neighbor, learn something from
another I BGP neighbor, it will never advertise
to E BGP neighbor. If synchronization is enable. Suppose I have R1, R2, and R3. R1 and R2 is I BGP we already
discussed to flavor up BGP, BGP and E BGP. Bgp be discussing I BGP that
if I BGP route received from I BGP peered but can be
advertised to E BGP peer. Cannot. If synchronization is enabled. Keep in mind if
synchronization is enable. But fortunately, synchronization is
disabled in version 15. If you have 15, I was, then BGP is, this
synchronization is disabled. Bgp synchronization. It means in this case, if synchronization is disabled, if R2 learn something, suppose 111, so it
will advertise to R3. But if I enable
synchronization in R2, it will never advertise
112 or three simple words. Yes, there is a condition unless they're the same prefix
has been learned with interior gateway protocol means it will advertise even if
synchronization is enabled. If this 11 is learn through any interior gateway
protocols like OSPF, RIP, report one rep origin to
IS-IS any protocol if R1 and R2 is also sharing 11 through any interior
gateway protocol, even if synchronization
is enabled, the route will be
advertised to add three. So this is one condition. But if there is no interior gateway routing
protocol configure OSPF, EA, GRP, and
synchronization is enabled. Then R2, which is
a border router, which you learn 111, it will never advertise
to our three. But if you disable
synchronization, then this route will be
advertised to add three. You get what I'm saying? What BGP synchronization
was enabled by default. But in what John 15, I waste, Cisco disable
synchronization. It means there will be no issue. Straightaway, R2 will advertise 1123 because synchronization
is disabled. But if you enable
synchronization and do, it will never advertise 1123. But in one condition it will advertise to let
way to advertise. If you configure any IGP
like RIP, OSPF, etc. This was theoretical things. So suppose I have
R1, R2, and R3. R1 and R2 is using a SQL which is interior
gateway routing protocols, same AS while all
three is using S3. They are connected
like this way. So let's go to lab
and do it there. So I have R1, R2, which is connected directly to Fast Ethernet with AES-128, 123. And then R2 is connected to R3, which is BGP neighbor. Because R3 has a S3, I have 11 network Lubeck and they are connected
like this way. So there is no configuration. By the way, let me go to R1
and R2. I just connect them. Okay? So let's go to our
one and say no. And let's go to our two
unknown and let's go to. So what I will do, I
will use a script, okay? I will share this script. You can use this
to save some time. I will go to R1 Fast Ethernet. I will change the
host name to R1. Then I will go through
this interface and put this IP law shutdown. And I will create a looping with 111 full subnet master to do. Then I will go to R2. R2 has two interfaces
that will change the name and go to Fast
Ethernet port 12 dot Yp and Fast Ethernet one
slash 023 dot two IP and R3. I will configure Fast Ethernet. Twenty-three, then I
will apply R1 PGP. So let's do first this one. So let me copy or one and
go to R1, clear the screen. And I believe I need to go
to enable and paste here. So I can figure R1 basic IPs. Let's go to R2. R2 I have two interfaces. Basically nothing
gets copy and paste. And let's go to our three. And let's configure our three. Enable and then paste. Okay, did not copy and paste. Okay, So basic
configuration is done. Now need to configure
BGP configuration. Let's go to R1 and
configure BGP. So we already know
what I need to do. I need to router B
gp120 neighbor 12, R2. R2 is basically this R
two we already know. And S is also similar. And I will advertise
my one network. It's easier, we already done it. So let me copy and
paste this one. And let's go to R2. R2 basically the **** tonight. But when I BGP, BGP. So let's to configure
router BGP, B12, f1 is I BGP neighbor, and 23 dot three, which is R3, is E BGP neighbor. Let's paste. And last router is three. So R3 has only one
E BGP neighbor, Control C and Control V. Just where two, it will be synchronized with
each other, the routers. Let's check out one thing that E BGP synchronization
is enabled or disabled. Let me show you the
version I'm using what Jen 1515 means. Dead synchronization
is disabled. So sure, running section
router, BGP, BGP. Okay. Let's check out. Let me copy this one to
show you and other router. You see there is no
synchronization clear card. Let's check out
here, Israel and R2. Sorry. Let me copy this one. And R2. So it's disabled. It's okay. It means our du will advertise
the network. Okay, sorry. Running section. Router, BGP. So you can see is disabled because we are
using words in 15. If it is disabled, I say if it is disabled, then our du will advertise 112 or three D or
E BGP neighbor. It means our three
will receive 11. Let's check out. I'm
in R3 and show IP BGP. I'm receiving 11. It's okay from 23 dot to n. Let's check at checkout
and routing table show IP route BGP. Yes, I'm receiving here as well. Because BGP is an art enable, sorry, BGP synchronization
is not an ample. Let's check out here. Definitely I'm
receiving show IP BGP. So yes. And show IP route BGP. Yes, it's here is way. Okay, great. Let me enable
synchronization in R2. If I enable
synchronization and R2, R2 will never give
this 11 network to R3. Let's check out. I am in R2. Let's go to router BGP 12 and say synchronization
enabled synchronization, but we need to clear, clear IP, BGP and stuff. I think softwood work for us. So let me clear in one is when and let me
clear in our 3s1. And let's check out. Now. Let's see. I'm still receiving it
means I need to do it. Hardly. I believe I need to. Yeah. So clear this one. Clear and clear. Okay. Just weird. So let them TCP three-way
handshake show IP BGP. Still I'm not receiving
less weird to be BGP. Bgp, somebody. Okay. So now I'm in R2. So R2 is still receiving
prefixed from part one, but it will never advertise
now two or three, let's check out an
artery now again, this time you will
never find show IP BGP. Know the route is not here. Show IP BGP, show IP route BEP. Neither I'm receiving
and routing table neither end BGP table. So it's not here because
of synchronization. Why less checkout? If I show running config, what was the command, this one. Now I enabled synchronization, which was disabled by
default when I enable. So I give instruction to do that whenever you receive any
route from your eye, BGP neighbor never advertised
to E BGP neighbor. You'll get what I'm saying. Okay? Because of synchronization
is enabled. But there is one condition. The third condition is, unless they're the
same, IP prefixes, learn with interior
gateway protocol E1 if synchronization is enable. So we saw that artery is
not receiving the route. Now, show IP route. Let me show you are
together as BGP is not yet and show snark deal. Because of synchronization
is now enabled in order to do is not giving
route to add three now, which is learn from R1. 111 is land now but are okay. One thing, more and less
checkout, show IP BGP. You add the route is there, but it's not the best route. You see. In BGP route is dear. But if I check
show IP route BGP. So in my routing table is here. This is another thing. When synchronization is enable. R2 received the route from R1, which is his eye BGP neighbor. But I'll do will never installed there route n routing table, but it will be in BGP. Bgp table. You can see clearly
it's not here. Let me show you are together. Show IP route. I'm not receiving any 11 network before it was Vincent
organization was disabled. So this is another
point to keep in mind. Now let me show
you show IP route. So it's not here. And show
IP DB is not here as well. And R3 because I'm BGP night, but but there was one condition
even in this situation, are three can receive 11. If I enable any interior
gateway protocol, Let's enable any interior
gateway protocol between R1 and R2. Neither an artery,
no need of an R3. If I enable either EEG ERP either who is between R1 and R2. So R1 and R2 will learn
the route through IBD. Igp protocol means any interior gateway
routing protocol, then it will return. One synchronization
is enabling R2. Let's check code. So I'm in R1. Let's go to suppose
router EA GLP-1. And for lab purposes, let me network zeros 00. And let's do the same in our router EI GLP-1 and
network zeros eulogy to 0. Now they become neither is. Indeed real gateway
routing protocol. Then R2, even
synchronization is enable. R3 will receive the route. Look at now, just
before it was not receiving neither and routing
table neither and BGP. Let's check out show IPB. Oh, it's here is when now R3, R2 synchronization is enabled. Keep in mind, show sure running, whereas the running command, you see an R2
synchronization is still enable and R3 as receiving the route because
of this one condition. If this condition is unlisted, the same IP prefixes learn with any routing
protocol like RIP, repulsion to like
OSPF and IS-IS OSPF. Then the current edition of synchronization will be false. Then R2 will advertise
two or three. But if there is no interior
gateway routing protocol, then an F synchronization
is enabled. R2 will never give
up route to R3, which is E BGP sniper. I've also, it's clear
to you now that what is BGP synchronization. So we've done this part
and we check out as well. So it was enabled by default and what is enabled
synchronization, but in what ways is
disabled by default. And we checkout no need
to enable an R1 and R3. I just enabled
synchronization and R2. And USA, the route was
not receiving by R3. So this is called
BGP synchronization.
13. BGP Attributes: So today topic is
BGP attributes. What is the attribute? We discuss EIRP,
we discuss OSPF, these protocol if,
if you know already rip and IS-IS and so
many other protocol. So basically, every protocol
is using some metric. We already discussed
about metric. Metric is a formula techniques which routing protocol used
to find out the best path. You remember, yeah. So OSPF, we're using cost
and we discuss cost as well. Erp, we're using five K. There is bandwidth, delay and load and reliability and so many things they
were using by default, they were using k1 and k2, k3 bandwidth and delay. To find out the best path. Static protocol is using
metric by administrator, whatever administrators
set that is the metric, and so on, repos
using hop count. Similarly, BGP is using a tribute to find
out the best path. Ospf is using only cost. One thing that it, GRP is using five things
to find out the best path. Rapids using only one
to count the route, which is called Hop. And sturdy can define as using administrators,
whatever he said. Every protocol is either
one or two things to find out the best path. But BGP is more flexible
and extensible protocol. It using variety of things. It gives you more
options to find out the best path and to
manipulate the route. The beauty of BGP, That's why we are using
them in Internet. The other spatial car, like a racing car, to students that may be more and more many
things, many other stuff. Which is you will not
find a normal car. Racing car like Ferrari. I don't know. I don't have much experience, but I'm just saying those are
built for special purpose. You cannot derive those. Spatial car and real-world. You will not see them
because those are made for special
purpose bar speed. Same as BGP. Bgp is specially
designed for Internet, and BGP has much attributes. And those attributes
are nothing but a metric to find
out the best path. And it gives you
more widely thing to find out the best path. So it's clear what
is the attribute. Now, every protocol has some house techniques formula
to find out the best part. And BGP as a metric
of attribute, a combination of many thing
to find out the best path. That's it. This is
called attribute. Okay? Now how many
attributes are there? If you are talking
about Cisco then from 0 to 14 attributes. And if you are talking
about other vendor, then from one to 14 attributes, Cisco has one extra attribute
which is called weight. We will see. But other winter
they don't have wet. So these are 14 attribute, 14 special type of things. Okay? Now these attribute, these 0 to 14
attributes are divided. And for the category,
four main categories. Either type. One is called
well-known mandatory, well-known discretionary
and optional transitive and optional
non transitive. So you can say that
basically as being divided into category will
not an optional, then well-known as
further divided into category mandatory,
discretionary. I don't know how to
pronounce properly. Then optional is
being divided and more category, transitive
and intransitive. But I say this for type. Otherwise you can say like two category then
further two categories. So BGP, attributes
and dividing and two men category will non optional. Then well-known is further divided in mandatory,
discretionary. Then optional is divided and transitive and
non transitive. And then furthermore. Now coming to the
non-mandatory answered, we'll now there is a
mandatory what is mandatory? Mandatory noise,
the English word which is must compulsory. So these are attributes
are compulsory and it must be an every
update message. Now the thing Good, What
the **** is update message. We already know
the underwater for messages type
keep-alive message. You remember Update message. We discussed that one. I show you the IRR
and update VCG. I told you that later on. I will explain you more today. I will show you that one. What can I do is better to earn. So basically a HER2 router
because we already know, so I already configured one is connected to R2 through BGP, and R3 is connected
to R4 through BGP. We know what is the
difference between these two. But one side, I configure
BGP, but the other side, I did not configured yet because I need the
update message. So let me add the capture and
I BGP first, the first one. So we can see Update message which we
discussed the underwater for messages which BGP
share with each other. So let me configure BGP
and other side and R2. Okay, so just give me a minute. Configured. And here I configure BGP
on this side as well. So this one is I. Bgp means
I'm using the same AS number. And let me type here BGP. Okay, So neighbor shape
is still not there. Let me see that one end
remote is this one. Show IP interface brief. My interfaces are
up and let me pin the other side because
I just can okay, sup now, I thought maybe
something is wrong. So these are the messages, you know, open message
which we discuss. Keep alive, message,
update message. Now you'll remember, now
coming to update message. This is our target
update message. So we'll non-mandatory. As the name suggests, mandatory
means must compulsory. These outer 14 attributes,
these attributes, which is example, are these one, spot next hop,
address and origin. We will discuss
this a bit later. These attributes are coming under a well-known
and mandatory. When it is well-known
and mandatory. So an every update message, BGP will exchange these
attribute and it is must every night but has to understand and support
these attribute. Every BGP speaker,
either every BGP peer, we already know
this terminology. So every BGP, either
any vendor or router, when you configure BGP
between two router. So they need to
support recognize, and must to send
these attribute. This is Calvin
non-mandatory attribute. And if it is not in
the update message, so neither ship will not come. They will send
notification message. Now we know
notification message. Show you that one when
something is wrong. So they will generate
an error and we'll send to the neighbor
that I'm not anymore your neighbor
because you are not giving me well-known
mandatory attributes. So these are must compulsory. And it should be in
every update message. And it has to be
supported by every BGP. And it is to be recognized by every BGP speaker, our neighbor. Okay, let's find out. So I have tonight but R1 and R2, I configure BGP, BGP. And this is update message. Let me open this update message. And these are the attributes. So let me go up n here is it said the origin will
non liver transitive, then AS part will none. And then next hop. Attribute and there is
labored the other two. Because you are talking
about right now about well known which is AS part
next hop, address and origin. So there is, this is origin, this is a spot, this
is the next hop. And what is the message type? Update message. So that's what I was saying. That in every update
message, when you bill, you configure BGP between two router when they
exchange update message. We already discussed
these four messages. F4 messages are near
it clear to you. So this will be
not clear to you. So first they will
check with each other. They will ask them, do you have the
compulsory attribute? Give it to me. Let me check if
something is missing. So then we will not become anymore neighbour
because these are the compulsory and must has to
be an every update message. And this y and update
message you can see origin is part and next hop. Clear, then we'll non-mandatory
to SDN and we check them. If for some reason
it's not there. So there will be no
nice bell-shaped. Now coming to an well-known, then we held discretionary. Again because well-known. Everybody know about
what is well-known, but everybody knows,
we say well known. So again, these attributes
are well-known. It must be recognized and
support by BGP speaker, NPR. But the reason is
May and men not appear in every BGP
update message. So there is a slight difference between discretionary
and mandatory. Both are recognized by every
BGP speaker and neighbor. Both are supported by every
BGP speaker and neighbor. But mandatory or masked
and discretionary or not, must be an admin, not be in every BGP
update message. An example of these are local preferences and
atomic aggregate. Let me see. I don't teach you
because this is I BGP. So maybe we have a
local preferences. Let me see if we have, let me make this
smaller origin is part this one to
make them like this. Because this is, yeah, local preferences is one of them is because
I configure BGP, we will discuss why
local preferences is deer and BGP update message. Local preferences means
local preferences. It's locally only
available between I BGP. But it's not compulsory. Sdl. Yeah, if I configure BGP, so let me quickly
configure a salary open. Sorry. This side I did not configure. So let me capture here as well. This capture is different, okay? This is E BGP capture. And the other one
is I BGP capture. So let me go to R4 and configure this side as well as a BGP. So let me see what I
need to configure. Configure router BGP for and
neither is 190 to 168233. And because this is a BGP, so remote S will be three, the other side is three. And I will advertise
one network of 404 dot for with masks to 55
to 55 to 55 to 55. So let's see, now an E BGP. Let me check out that local
preferences is there or not. So I'm in the second one now and let me type BGP still
nothing is there. So I need to show because
this takes some time, so let me quickly check
everything is okay. Yes, Come up here, live it. So let's checkout
update message. This time we e BGP
configuration. The previous one was
I BGP configuration. And let me go to
Update message and let see an update message
part attribute. And let's see origin. Uic is must and mandatory. S part is mandatory. Next hop is mandatory. And you can see there is
no local preferences. This one, but still
my neighbor ship SDR. So it means it's proof that will non-discretionary
are supported. It doesn't mean they're
not supported because in the other update
you can see them. And it's support
and recognized by every router when
you configure BGP. But it May not be appear. So that's why it may smell. And it may not be, which is not here. But doesn't mean if
these are not there. So then I bought
ship will not come up no mine eye but
she pays dear. Yeah, if these are not there, then the neighbor ship
will not come up. You understand the
difference between real, non-mandatory and
well-known discretionary. Both are recognized and
supported by all BGP, but deflationary May not be appear in which I show
you it is N1 deities, but then the other
one is not there. Okay? Now let's go to the other two
type, optional transitive. An optional non transitive. What is a rational transitive? Because it's the two category
I will now add an optional. Then n will normally have
mandatory and discretionary. Then an optional. Optional. What it means by a final optional means
is it's like an option. Either you take them
either do not and will not means it's recognized
to everyone know them. I'll get them. Optional
transitive now May not be supported
by our BGP speaker. Now the thing that changed here, it was, it, it must be
recognized and supported. When none must be
recognized and supported. Same as well. Now, discretionary must be
recognized and supported. So well-known mandatory
discretionary. Both will be recognized and supported by any vendor,
any BGP speaker, our neighbor, must be
recognized, recognize, and support our different thing, then appear in a messages
different thing. So don't mix up yourself because it's a
tricky thing I know. But an optional this m men and men are to be supported
by all BGP speaker. Not must get every BGP
speaker has to support. This is the first
difference between optional turns into n will be passed on if not recognized
by the receiver. But these optional
transient you, the message, it will pass
them to the other neighbor. Maybe he recognized or not, but they will pass them. So these attributes should be accepted and pass
along to other peer. An example of these are
aggregator and community. Aggregator, and maybe
one of them is internal. We know because we did
not configure them, we just need to configure
the network show. So here, an optional transit to it May not be supported BGP, but it will pass
them in a message. Now coming to the last one,
optional non transitive. Again, it May not be
supported by BGP speaker, and the difference
is not required to pass on and maybe safely ignore. So this is the
difference between optional transitive
and intransitive. Transitive and intransitive, both will not be recognized
or may be recognized. But in transit you, they will pass them. Either they take them or not. But an optional
non trans YouTube, they will pass them. No, they will not pass them. And they can ignore
them as well. An example of these are MAB, originator, ID and cluster
less than so many other. So you got it. These are the four
category it review. How many tribute we have. 0 to 141 to 140 to 145 Cisco and one to 144
Nancy's other vendor. Then we discussed for category. And I did. I show you from the messages. Now coming to, let me
show you some of them, which is very important. Origin. We will discuss
this a bit later. Origin is well-known
and mandatory. S part is well-known
and mandatory which they try SDL origin is there. And it's still say
it's a well-known. The other one is S part is
also well-known, mandatory. So that's why as part as the ear and when you
open it a seven. Now, don't confuse
transitive, this one here. Here. And Wireshark transitive
means that it's compulsory. It's not those transitive
which they are written. You need you just need
to check this flag, E1 there is flaccid. If we go which
plague is a transit? Use it, but it will
make you confuse. The only thing you need
to know, well known, that origin is well-known and
also AS part is when none. Next hop is also
well-known and mandatory. And this y next hop
is also the ear. There is. And when you open it, again, it's a well-known okay. We check these three are there and is well-known and mandatory. Then multi-axial
discrimination, discriminator, either we call them MAB, is optional and non transitive. Local preferences as
well-known discretionary. And that's why I BGP local preferences is
there when you open it. So he said, well known
because it's a well known, but they switch discretionary. Because then we'll now
there are two category same as atomic aggregate because we do need to configure
so it's not there. Then aggregator the
community and all these are transitive and intransitive. Just you need to know the
category. We will discuss. All of them one-by-one. So these were the
attribute of BGP. And it's written here is rel. Attribute is nothing but
it's like a metric of BGP. Ospf is cost, EHR, PAs, bandwidth and
delay by default, but there are other options
as well as the hop count, static and deferred as
administrator metric. So BGP has attribute. And how many attributes
we have 0 to 141 to 14, then it's divided and two
men category well-known, an optional, then well-known as Jordan, mandatory
and discretionary. Then optional is divided into category transitive
and non transitive.
14. Best Path Selection: Topic is BGP best
path selection. How BGP select best path. So as we discussed, OSPF and EHR PER using metric
to find out the best path. Same way BGP is using
attribute which we discuss. They're using up to 14
attributes to find out the best route and install the best route
and routing table. The same way which
OSPF and E AGRP do. But how they will do, because there are
many attributes. So these attributes,
they have some value and some other up sequence or
order to select the best path. And these are the
sequence or order. Priority means it has to
be the first one to check. And Cisco, because
of where it is not available in
any other vendor. So first, attribute
to check is wet. Highest will be preferred. Second is local preference. Again, highest
will be preferred. Rest of everything lower is the, the only two attributes with the highest prefer our weight
and local preferences. And Cisco and nonsense code, the only thing is local preferences with
the highest S prefer. Rest of every attribute
are only the lowest, either the shortest
are preferred. So don't confuse
the first two are the only things which the
highest is preferred. So the first one is weird. If where does equal, keep in mind, it will
come from top to bottom. Okay, So it will check
from top to bottom. And this is the sequence
you need to remember them. There are some sentence to
remember these one where local preferences originate
as part origin code. It feels search them so you
will find many sentence, let me say BGP attributes. Memorize something. There are many sentences
I forgot to memorize. The attribute. How to memorize? Like a sentence is. I don't know where it is made. Maybe. Vgb attributes. For guard the sentence. There are many to memorize
the order here like this one. For BGP attributes,
like where it has W0. So we say we love orange is, orange means pair refreshment. There are many available. So it means every first word, v means wet, then the other
one is local preference. And it's written how JSTOR and then from oranges originate, then the other
one, ASOS As part. Then again, this
is one and so on. So there are many
sentences like this. To memorize them, you
need to know the order. So wet, then local preference, then originate,
spot, origin code, MAD E BGP part where I BGP path, shortest IGP path
to BGP next top, oldest path, router ID,
neighbor id addresses. But keep in mind it will
go from top to bottom. And this sequence,
which we hear one to 11 n when it is equal, then it will go
to the next step. And keep in mind, when did 3H2, LL1, some weird, It
will not be equal. That's why we say equal load
balancing is not possible. And BGP, you remember first a BGP theoretical
section I told you, because where it may be, where it is equal, it will
go to local preferences. Originate can be equal, okay? As part can be equal. Origin code can be equal. Mad suppose equal,
maybe BGP part what I, BGP can be equal. The ape is equal. But all this part okay, to route came and the same time. But router ID cannot be the same because the neighbor,
she will not come up. So there will be tiebreaker somehow didn't
neighbor IP address. Again, neighbor IP address
cannot be the same. Either the lowest neighbor IP, which is not possible to router, two neighbor has the same IP, one of them has the lowest one. Somehow, when you
reach to somewhere, there will be a difference, which will be a tiebreaker. Anyway. So these are the
attribute priority where local preferences. So weird, highest
local preference, highest originate local path, shortest origin code lowest, MAD lowest, again, prefer a BGP. Then Louis IGP metric oldest, the one which is
resumed earlier. And then the Lewis router ID and then the Lewis number, IP. So most of the thing h, which is lowest, is
preferred. Okay? So these are the path
selection criteria to use this attribute to
find out the best path. Because ERP, we're
using bandwidth and delay and we check them
and we change the value. You remember, then cost we're using OSPF and we're using cost, we check that one as well. Okay, So these are the order where local preference
originate a spot, original code MAD, and
so on, blah, blah, blah. Okay, Now coming to
the first one is red. The first one is, Wait, wait, a Cisco proprietary
value. Keep in mind. It's only in Cisco and where it is only
local on the router, where it is not exchanged
between BGP router, where it is never advertise
to the other router. And the part with the
highest weight as prefer. This the only thing
which the highest one is preferred route which
is coming from local. So the way it will be 32768. And when a route is coming from other router,
the way it will be 0. Let's check out. So I already created one
small topology quickly. We will do a same like this way. But right now to show
you all the thing, next section, I will
show you in the lab, but right now just
showing you so wet. What I done. I have R1, R2, and R3, which is
connected with a X12. Three means I BGP. If you want, I can write. So R1, R2, and R3 or BGP neighbor
with AS1 to three. So R1, R2, and R3 are connected,
inter-connected with I, BGP, and then R2 and R3 are connected with
another AS which is 45. So it means this is E. Bgp is clear. Yeah, I'll reread and
many time BGP and I BGP. So between the ****
E BGP neighbor ship R2 and R4, ie BGP neighbor. Same way. R3 and R4 has E BGP. While, while R4 and R3, R4 and R5 is I BGP if you want, let me write down
this one as well. So between these two, the ****, I BGP, same like the
BGP configuration. That's the simple thing. Okay. Are afforded
advertising for, for, for, let's see, R1
is getting this 444. So let me go to R1. Enable show IP BGP. So I'm receiving this
444 with weight 0. Let's go to for the one who is advertising this
one, show IP BGP. And the same route for essay
that the weight is 32768. Okay. Show IP BGP. We discussed three
routing table, yeah, and I told you that I
will explain you this throughout this table later
on, today is the day. Keep in mind most of the
attribute you will find here. Like next hop. Like metric, MUD, local preferences,
weird path, origin code. This is origin code, this one. Say everything is D
Here, the attributes. Anyway, our first
attribute as weight. Weight is only found in Cisco router when the route is local. So the way it will be 32768 and when the route is
coming from another, so the way it will be 0. So the same four has 0 while for is
advertising this route. So they're guarded 32768. And the one with the highest
weight is preferred. What does it mean? So suppose if I
advertise for, for, for same four for n
my routing table. So they will prefer that one. Why? Because of bread. And also another
thing clear to you, R4 has read 32768 or something. What was 3276832768. But they're not
advertising 327682. Other one because I told you
that it will not pass to the other router where it is not exchanged
between BGP router, where it is only
local to the router. It's a Cisco proprietary, and we check this one as well. When it is originated
from locally. So that way it will be 32768 and wind where it is
coming from another node, it will be 0 and you check out an R4 because it's
locally forums here. Let me show you if
you are confused. This interfaces here, debtor issuing the
way it is this one. While R1 don't have this one, they are getting from another. So that's why the weight is 0. This the first
thing to check out. We just saying theoretically
and next we will do the lab. And the one with the highest, highest Saudi, highest
rate will be preferred. Basically, if I configure
interface Lubeck one, an IP address for dot fool dot four to 55 to 55
to 55 to four I5. And let me advertise this one. Router, BGP, I think so 123, I believe it may see we
have 123 and network for dot fool dot for mosque
to 55 to 55 to 55 to 55. Show IP BGP. Ships six, no less checkout, show IP BGP. You see now it said 32768. But before this, advertising
this for, for a locally, I was getting the same one
from another one with red, 0 from here with 133
with from my neighbor. When I advertise the
same for, for locally. So they ignore the other one and the one with the highest weight, they put that one because we knew configured locally the way it will be high. When you are getting from another row, the
weight will be 0. We can change. I'm not saying that we cannot
change, we will do. But just to show you clear, okay, Let's go to another one. Another attribute is
whereas local preferences. Again, local preferences is a second BGP attribute
in sequence. First, it will check where it, where it is equal. So what they will do
then second thing, they will check
local preference. And we use local preference to manipulate outbound
external BGP part I will show you in the lab. Now, local preferences
default value as 100. And the part with the highest local
preferences is preferred. This the only two attribute with the highest is preferred. But the other one thing to show you before I can
explain you more. What I say. I told you that
local preferences for default value is 100, local preferences is a 100. Let's check out. What is the
local preferences for 40? What I told you that it's a 100. Let's check out an R4. Show IP BGP for, for local preferences
is nothing. But who is my neighbor? R5. Let's go to R5
and checkout far for, for, for show IP BGP. Look at I need to delete the other one because I'm getting
the year one as well. Let me quickly delete the other route
which I create here. Router, BGP one and
this one, this one. Control? No. Because I need to show you something before
we discuss okay. Now, it's correct. Correct. You'll see that for for
for which I am getting from 454454 is this one. So I'm getting this
for four here, this four for this tenet work. But local preferences is a 100. But the same thing which
is I'm getting an R1. Local preferences is nothing. Just let me, why is
showing a 100 need to be? I'm not getting this one. Okay. Refresh. Clear IP BGP, star, soft. Okay. Sorry, I'm getting 44 is showing me that you are getting this. Okay. Sorry. I need to what was
the route interface? A little bit one. Interface loop, big one. Okay. Sure. Ip BGP. Give me a minute. I will tell you. Clear. Ip BGP. Soft means it will
not hardly reset. Okay, liver. Maybe it's considered
them from internal. So that's why 13 there
are three is given. Yes. Okay. Because I put next
hop cell here. Okay? So that's why it's showing
me local preferences, a 100, if I remove that
commodified realized now. But anyway, let's go
to R4 and shoe IP BGP. You see local preferences
is not there, but the same route when
it's given to internally. So R5 is receiving with metric. So the local preferences a 100. Why I'm showing you this, because it will not pass
to the other routers. It's only local, significant,
only internal BGP. They can pass through. But with EBP they will not
exchange local preferences. You'll get what I'm saying. And then we check the
local preferences is a 1000 with e BGP. And the one with the highest
local preferences prefer. And we can only use local preferences to
manipulate our bond. External BGP part, which
we will see in the lab. And local preferences as
sent to all internal BGP. That's what I was showing you. But local preferences is not exchanged between
external BGP router. And that's what I
was to show you. Because it's only internal. They can give it to them
that internally at home they will say that the
local preferences is a 100. But then when it's given to
E BGP neighbor, by the way, I can verify from better
to verify here this one, R2 is the best because
this is e BGP. So rather than R1, R2 is
the best to show you. So let me go to R2
and show IP BGP. And you see now that's the
best option to show you. 44 with 0 local preference. But five I am receiving. And 500. It's very strange way. This thing I-bar,
this thing hyper, and also this one is denied bar. And 44 is advertised
to this one as well. And for advertise to
this one as well, our Firebase Getting a
100 local preference and R2 is getting nothing
local preference. Why? That is, this is the issue. This what I am
trying to tell you, that local preferences
only local to BGP. But even as they're
given to external BGP, they will remove their value. What is the reason? Reason is that local
preferences is a well-known which recognized
by every router. But it is a discretionary
BGP attribute. It will only pass if
I BGP neighbor ship. You remember, I told you I configure to router
and previous lab. One was I BGP and
otherwise ie BGP. To end this discretionary, I do local preferences
was there. But when I check in
E BGP neighbor ship, local preferences,
what not here? Because it's not a
mandatory or discretionary, which can be recognized
by every router, but it May not be in
the update message. So in this case, when R4 sending update message, it will not pass 4442 R2 for four means
local preferences, sorry, when they're
passing for 42 R2, they will not pass local
preferences to R2. But when R4 is passing to R5, they will given them
local preferences that take local
preference with a 100. So this is another attribute
which is a mix-up, an IPE. Internally. They will send to internal BGP with externally
they will not exchange. And this is a well-known but discretionary
BGP attributes, local preferences, values a 100. When it is internally, when it's given to
external, it will be 0. Keep in mind, you will be confused why gear is
0 and here is a 100. Again in here as well. We check their weight is local 32768 and what is going
from another so at 0. So two things are done. Local preferences. And second, it will
check local preference. The highest local preference
will be preferred. We will see in the lab. Now coming to the
third one, originate. Originate is the third
attributes of BGP. Read sequence order. Bgp will prefer the part that is local Route, Router originate. And local route originate
are seeing by next hop 00. This is the identification with anything next top 00 means this route was advertised
inside this router and it's a local route that
will be preferred. The second identification
is where it will be 32768. If the route is
considered local route. It means any route which is advertised through
network command internally to their
desk all originate. Let me show you. Let's go back. And R1. Let's go to R1. There is an extra 00. No, let's go to R4. This one. I have 444
and style here locally. How locally, if I say
show running section BGP. So here is I advertised for, for, for locally with
network command. So let's check out show IP BGP. And you see what is
the next top 000. It means there's 44
belong to this router. Show IP interface brief. Yes, 44 is my route. That's why next top
is 00 means itself this router secondary
identification where it will be
327168 by default, if I route is local because we discuss weight, weight is 32768. The route is local. Local route for four is advertised through
network command locally. Here is why I'm focusing on network command because later I will show you something else. Say 44 is advertise locally. Next hop is this one. So I will prefer the route which is
originated from locally. Okay. Let me show
you another way. Here. I'm also receiving 44. With next hop is 133 means
I'm receiving from 23. The same route for, for, for and where it is 0
because it's not my route. Let me configure my route
with the same configuration. So if I go to
Interface Lubeck one and no shutdown because I
already have four network. And if I go to router BGP 123 and letting
me advertise this for, for network and started my BGP. Here it is. Sorry, there's no, let me control a and put them
on with network command. Okay, and now let's
check out again. Show IP BGP. You see now next top is 0. And where does this one? And before it was showing me that four is coming
with the word 0. And next up is someone else. But when I installed
my own locally, so it's prefer locally. It's a local man. He said 44 belonged to me. That's the best road. There's why they said this the best Willard
route to install. Because somebody giving
me the same for, for, for, but with where to 0. And someone is giving
me the same route, but with next top
something else. Someone is giving 444, which is coming
from another way. So rather than to take
this 44 from another way, I heal my own. So I will prefer 444,
which is locally. So localist prefer and
the routing table, or BGP 44 is installed
with local one. And they discard this one
because it's the same for four. I believe it's clear to you. So they will prefer this one with the one
with next top is 0. Either way it is 32768. And the route which is
locally originate because I create my own locally and advertise with
network command. For 20 is a as part as part
autonomous system path. This default attribute, a, BGP to check out if the, if the three attributes
are matching. Suppose I'm getting a route
with everything similar, where does similar, then
local preferences as similar, then originate as similar. Then it will go to check S path. It will check date from where I'm getting the
route, which shortest path? Sharp is a spot. And I will show you
right now, just wait. Bgp AS part is a well-known
mandatory attribute. We discussed this when
essa mandatory and it has to pass to
the other router. And it must be in
every update message. And also the main purpose
of S bar to award the loop, which we will discuss
in other paper. Now, which will be preferred. The one with the less AS
part will be preferred. Suppose you have a part to reach the destination is 123 and
the other one has 12345. The one with the lowest 8123 will be preferred.
Let me show you. Let me remove 44
again from here. Because for four I created. So let me go to router BGP 123, and the route which
I advertise myself, let me remove them. Now I will get the 44 from R4. Again, this one, I
remove my one because I created my local here
and I advertise myself. Prefer that one. Now, I remove this one cross. Now I have this one all the way. But for four has two
parts to reach me. You see two path R4, R2, and R1 to reach me. And other one is R4, R5, R3 to reach me for, for network. Now the question is,
which I will get? Let's check out. Let me go to R1 and
say show IP BGP. Let me show you again. Here is it says that I'm receiving 444 from
two different. But from 13 dot 312 to this one. This is two, and this one is 13, R3, R2, and R3. They say, I'm getting
the same route from two different next hop. Both have different,
both have 0 metric, both have 0 local preferences. Both heavyweight 00
and both help part. This is our one. Forty five and forty five. Because only one path. Again here, this spot
and this one is bad. Anyway, this one is
also they are equal, equal part the hill. We will see in the lab, we will increase the path. But they installed this one. These are different story. Why? Because local preferences
equal weight, equal part equal, and it's
advertised by network command. The only difference is
they check the next hop. So next hop to as lower. So that's why they
installed this one. This sign is valid, the best trout, this one. This one has developed one. So they put this one. This is a different
story we will see. But right now we
are talking about path part attribute
as this one here is. This eye is different, this is origin code
is under part, but it's not here as
a separate attribute. So we have these attribute next hop attribute,
metric, attribute, local preferences,
attribute, weight, attribute, attribute,
origin code attributes. And through network command
which we see today, we'll check this path. Unfortunately both
have same path, 4545 minutes, only one. If this part is more, suppose this, suppose
there is another E BGP. So they have 123 path to reach. And here we have two parts. So they will install this r2
one because of lower part. We will see in the lab, but
I'm just showing you here. Okay? So AS part
is very good one. And we can change the AS part, which we'll see in
the left far inbound and outbound board direction, we can change them to
manipulate the route. Now coming to the fifth one, which is origin cord. Origin chord F part is similar. Origin, originators,
similar, local preferences, similar where dissimilar
than it will go to. It will check origin cord. Origin code means from
where this route is coming through network command,
through redistribution. So the route which is coming through network command
is represented by i. And the route which is coming. This one is not anymore the E1, this protocol is not anymore. Egp was all protocol
which is not anymore. The only two things that
are left in this one. Np-complete means
redistribution. The route with advertise through network command will be preferred through
redistribute. One. Origin is well-known and
mandatory attributes which will be parsed
and the update message. Let me show you where
its origin cord. This one, you see origin code. Three things are there. Means IGP means through net. Igp doesn't mean IGP means
through network Command. E means EGP. Egp was old protocol, which is not anymore absolute. And question mark
means incomplete, incomplete enemies
through redistribution. I will show you
just wait a moment. Now they said this for, for network, I'm receiving this. I this IS from this one. It's not under part part is 45. So I did this for four. I am receiving somebody advertise through
network command. And we'll also say that is being advertised
through network command. So let me go to R4, which this the person
who advertise this row. So if I say sure,
running section BGP. So yes, this command
was advertised through network
command, this R1, see that one is the origin
code that this route for, for, for I'm receiving somebody advertise
through network command. First, let me explain you with network command
and through redistribution. So what can I do? Let
me go quickly to R4 and router, router BGP. And let me remove them
through network command. So let me remove and let
me redistribute connected. They distributed connected
means that I want to advertise for four
through redistribution. Connected means my
connected interface do show IP interface brief. So I have 44 which is connected. These two are
already advertised. So the only thing left for four, it will be redistribute. So let's see, there
is some changes. Chewing idea after a while. These I will be replaced with question mark means
redistribute. Let's check out. You'll see now, question mark, question mark. Forget about these two because I need to advertise
these two as a BGP. So that's why they
redistribute this one as well. Anyway, our target is this one. You see now before it was i and i now as question
mark and question. So these two things are clear to you that I am is through
network command. It's written here, IGP, which is a confusion. I know. Forget about E, you
will never see E here because E protocol
is not anymore. Igp me is through internal network command
desk routers advertise. And question mark means
incomplete means that somebody redistribute this
route and you'll see them. Let me fix the issue again. So let me go to router BGP. Weird was and let
me let me remove, notice distribute connected, and let me advertise
the route again. Okay. So I fixed the issue again. Now it will be I again that somebody advertised
through network command. It will take some
time to come up. Let them come up, then we
let go to origin cord. So origin port is clear to you. They will check date
how I'm getting this network, this subnet, this destination
through redistribution, either through network command. Next thing they will check MUD. Let's check out first
this one is fixed. It's fixed now and you
can see is I bake. Okay. And the same sequence
next one is MUD. Mud means multi-access
discriminator. As the name suggests,
multi exhibit. If you have a multiple exit, then you can use MAD, which is the six BGP
attributes and sequence to checkout Multiplexer
discriminator, either MUD is optional and
non transitive attribute. Now we know what is optional and non transitive,
which we'll discuss. So no need to explain this one, which is optional
and non transitive. It May not be support
and it may not be pass, and it can be ignored. So it means if it
can be ignored in the lowest, MUD is preferred. Again, everything is lowered. Preferred only thing is
wet and local preferences, high year is preferred. Most of the attribute, not most, all of them, besides, these two, are the
lowest prefer. Mad exchange between
autonomous system. Normally we use MUD
if we suppose to ISP. Mad is not passed along to any because it's non trans YouTube. It can only influence
this the things same is, it means we can
use them locally. We can use locally to
manipulate the path. And mostly if we have
two ISP and if I want to receive from one
route to make them prefer, I can use MUD. Forget about, we will see in the lab, we will change them. Then you will understand. This is called MUD and
you can find MAD here. This metric, this is a maybe. Now these are clear to you read visa with local preferences, we check out part
we check out then this is from origin code, we check out and from where the network
is coming locally, either from another place. And then we check
metric, which is 0. By default, it will be 0. He went the route
which I'm receiving from another network will be 0. Either if I advertise for, for locally, the metric
will be still 0. Keep in mind, it will be 0 and anything's not like
a where to change. A few, advertise locally
the word real high. If coming from another,
the word will be 0. If the, if the network is local, the local preference
will be 100. If coming from another
edge will be 0, no metric will be 0
always for any condition. Okay? Next one is E BGP part
where I BGP path. If you are learning to route. So E BGP route will be
preferred through BGP. We already know
these two things. So E BGP will be preferred. And also shortest
IGP path to BGP next hop With AS which is
lowest one will be preferred. And all this path. Suppose if I'm receiving
to route from Sam. So the one which is the old one, if everything is similar, this the last option to check. Suppose if I'm
receiving this for four from two
different locations. And everything is equal, destiny is equal, this is equal, this is equal, this is equal. So what I will do, I will say that which route
I receive first, it will be installed. This the last things
to check out. The oldest route will be preferred to install
in the routing table, the one which is the new one. Then if this one is similar
because to route advertise on the same time with
every sequence similar, then they will check router ID. Every router has ID. We already discussed
this one, show IP BGP. My router idea is 13 dot one
and R2 has something else. Maybe, I don't know, maybe
12 to show IP BGP summary. Here. The identified as for 24 to 24 to the one
which is lowest, BGP router ID will be preferred. In this case, if suppose
everything similar. Suppose I'm receiving everything from to router, R2 and R3. So definitely R2 and R3 there don't have the
similar router ID. So one of them has
the Lewis router ID. And this case,
this one has to be 35 dot three and this
one is 24 dot two. So definitely R2
will be preferred because 24 D2 is
lower router ID. Okay? So they can check router ID. The last thing, if throat radius similar
cannot be similar, but was just saying the last thing they can
check neighbor IP address, prefer the part with the
lowest number IP address. So in this case, this one is neither
IPS dwelled a2 and a3. So which one is the Lewis? Dot two is the Lewis. So R1 will prefer R2 because
next hop IP address. And it's also mentioned
here, this one, which is the newest next hop, IP, to enter two, enter three, which
can not be similar. Yeah, it can be neither IP
address they will check. And somehow when you reach here, something will be tiebreaker. It's not possible that
everything has to be the same. When you reach to 111314? No. When do you reach some
weird something will be a tiebreaker and they
will prefer that route. But this is the
way to check them. They will check from this
weight where it is equal, it will go to check. Second thing is
local preference. A local preference is
equal, then it will check, originate from where
the router is coming. If debt is similar, then it will check AS part, how far away is the destination? Which part is less? As part? If this one is similar, suppose the net will
check origin code how the route I am receiving
through redistribution, either through network command. If that one is similar, then it will check the MAD. If immediate similar, then
it will check E BGP that I'm receiving this route through
E BGP, either I BGP. So they will prefer the BGP and they will ignore the IBD P1, and they will check
the next hop. And then the oldest part, and then the router
ID, which I told you, and then the
neighbor IP address. So somewhere it will be a tiebreaker and then they
will install dead trout. That's why I'm receiving
for four through through different route,
through different path. This path for forests
coming here as well. And 44 is coming here as well. So what did they then? R4 install, sorry, R1 installed. Which one? This one dot one. Why? Metric is similar? R3 and R4 has similar metric. R3 and R4 has similar
local preferences. R2 and R3 route has same with
R3 and R4 has same path. R2 and R3 has similar
originate cord. So what is the last
thing to check out? The next hope. In this way. Here it's not similar
because it cannot be similar to route with
the same IP address. Suppose if it is similar, which is cannot be, then they will check
the router ID. Then they will check the
next top IP addresses and so many other things. But anyway, here is the
tiebreaker is the next hop. And that's why they
prefer people da2, rather than to use 133, every attribute,
a similar metric is similar local preferences, similar way it is similar. Path as similar origin
code is similar. Originate a similar from
where the route is coming. Both are advertised
through network command. So that's why the last try
Baker is the next hop. 12 R2 is lower and 13 dot
three is the highest one. So they prefer this, why? This sign is here. The best. Other one is not the best. They will send the traffic to 12 da2 rather than to use 133. Okay.
15. Path Selection Lab: So basically we are doing
BGP best parts selection. So we discussed theoretically, now we will do lab how BGP
will select the best path. These are the things which
they are checking where then local preference this
originate as part origin code, then MAD, then E
BGP part where I BGP then shortest
IGP or less path, router ID and library. The most important and
real-world we are using this sex attribute to chain
them and to manipulate. You will never see
7891011 to change them. Neither we can chain
them that much. We can change the
router idea somehow. To change the router
I do to manipulate. But the oldest part, we have to destroy the new one and that's the
only thing we can do. So 7891011, You have nothing
in your hand to chain them. So that's why we will
see in the lab only these 61 where local preference originate as part origin code
and MED and the real world, you will also see
only these two change if you want to manipulate
something and BGP. Keep in mind these
six are important and real-world and also
interview perspective. The other one is
the best way not important because we can not
do anything with that one. If the route is coming
through eBay JPY, we will advertise through I BGP. It will make another
issue for us. And all this path. What we will do to
make them a new path, either router ID, yes, we can manipulate somehow, which is not recommended. And our network, we give normally router I did
Lubeck addresses. And normally we don't want to change them to
something else. So that's why these six
attribute we will see which is important and real
world and also here. So our lab will
be like this way. Let's go this one. We
need seven router. So let me go to here. And i o, let me take
say one router number is seven and change the
name to R, and that's it. Okay, so now I have
seven routers. So R1 and this is R2. Okay. Then for and I believe
are focused on yeah. Out of five. And then six is up or down? Yes, here are the
six and Odyssey one. So this is our lab, so let's connect them. So 0 slope 0 interface, 0 slash one interface. And let's connect two to four. And let's connect
two out of six. And let's connect three to five. And let's connect
five to say one. And finally six to 71. Okay? And let me make them down a bit. And this should be here
does not look good one, but anyway, okay. Okay, and now let's start. Let's start with IP schema. Kid, just wait a minute. Okay, So let me start because it will take time here as well. Then we will configure
IP schema outside. So R1, okay, it's starting now. So let's do the lab. Let me see. I use
the same subnet. So R1 to R2, we will use da2, Okay? And here we will use R1, R2, R3. So it will be 13, correct? V naught, R1 to R2. So 12, then R2 to R2, R4. So Meg them to four. Correct? And Sam way four to six. So this should be
four to six subnet. Oh, get, and what else? Here we will use
subnet three to five. Okay? And this one is five to six, right there, five,
sorry, five to seven. So five to say one subnet. And finally here we
will use six to seven. The lowest to highest here, six to 7426241221233255276 to seven. Okay. And last thing I think so I used advertise some where here is
six and also hearsay one. So what I need to do, let me advertise here. Six dots, six dots six. I don't know advertisers are
24 or singular and not 24. Okay? And here I will
advertise, say one kid. So let's what ties 7777. So this will be
loopback addresses. Yeah, we know we can create
Lubeck address is here. This t configuration. So R1, no. Okay, Let's go to
Otter to know then R3, R4, R5, R6. No. And I'd say one. No. Let's start what I need to do. I need to draw
something to show you. It's a separate one. Yeah. So I need sorry, not this one. I need custom shift
with the circle, with the dashes and let me
choose dishes, this one. So basically these three
routers are in the same number. Keep in mind. So
let me put them, these three in this sim. And also I love
them as separately. So what I need to do, I need to draw another
shape quickly. And it shouldn't be dishes and let's change the color to red. And here it is. Okay. So this one is separate. Okay, separate S. This is separate is this is separate is
and this is separate. Is okay, Clear. And every router number
is the IP address. And also AS number I
believe we are a is 467, S5, And this one is a is 123 altogether,
these are internal. So let me quickly derive. It is 123. So here is, this is, it is 123. And this is, it is five. This is a one. And similar, this is
S4 and five is 46. So basically all of
them are 0s, BGP, these all of them EBG be the only internally these
three are I, BGP. This is our topology. So now let me configure it. So let me clear the R1. Clear to clear out three out of five or six
and clearer, say one. Let me four will be
clear after a while. So R1, R2, R3, and this should know. Okay, 567. Now I need to configure
IP addresses, so I will use the script. So let's go to top of the IP address
configuration R1 and R1. I need to go to enable
then configuration. Then the host name should be R1, okay, Then interface useless 0. So this is fast Ethernet. Let me change to Forbes
Ethernet 0 slope 012 or two. Then no, shut down. Then interface Fast Ethernet, 0 slash one, this
interface 13 dot one. And I have a loopback
interface as well here, which I did not rote, but I will type here, I'll guess so let me
do IP it as well. Here I have 111, seemed like the one
dot, one, dot one. Okay. So I will advertise 111. The other one is ready to apply. Well to R1 and
change and do right? So one configuration is done. Now let's go to R2. R2 as this one I do
has two interfaces. 0 slope 0. So let
me change for us at T2 and then the
outside interface, 0 slash one with 24. And yes, let me type enable
configuration, host name a2. And here you can put this mark and let's go to R2 and configured
correctly or no issue. Yeah. So R2 is configured. Now let's go to R3. R3 is this one almost
similar configuration. So first let me go
to enable more than host name should
be out of three. And Fast Ethernet 0 slash 0. No, Fast Ethernet 0 slash one. This one should be 35 dot three. And then we held fast
Ethernet 0 slash 0, which is 133, this one. Okay, and the tip. So copy this one and go to add three and paste and do
right and control set. Now let's go to R4. R4 has this 12 interfaces. So let's go to our 4 first, we will go to enable more than hostname should be R4 and zeros. 2424 is 0 slash 0
sub-net interface. And now 0 slash one interface as Sue 46
dot for that set and copy. Okay, and go to four
and paste. Do right? And it's, it. Let's go to R5. So R5 is this one,
almost similar thing. So R5, Let's go to
first enable mode, then hostname odd five, Thirty-five, Thirty-five
percent this interface, so it should be fast
Ethernet 0 slash 0. And then this
interface, 0 slash one. So fast that the net 57
dot five, That's it. And copy to five. Do right and exit. Now router, six, routers access this one they held two
interfaces plus one Lubeck. So first go to
enable hostname R6. Okay? Which interface
0 slope 04646. This 1 first 0 slash 046. Then the other one
is this one is 6767 is this 10 slash 12. Third interface, I need
a loopback interface, which is 66 with 24 Done. And let's copy six and paste and R6 interface
and do right, done. Last one is seven. So basically seven has
also three interfaces, one logical and two. So go to save 1. First we need to go to enable, then a host name should be
able to say 10 slash 1671. So this is 0 slash one,
basically this 67. And the other interface, which is 57, is 0 slash 000. Okay? And Lubeck interface,
you can type this mark. And lubricated 7777. It's done. Now I need to copy. And we'll do our best to right? And then these were the
basic IP configuration. All of them. This is not our topic or
duplicate attribute checking. So let me quickly
configure BGP as well. So let's go to BGP. Let me explain you quickly
then I will copy paste and R1, I will say router BGP one
to three because I'm an R1. I helped build our tonight
but with the same edge. So it means I BGP, I have another neighbor
with 123 same S. So again, I BGP and I will
advertise my 111 network. That's it. So this is R1 BGP configuration, which I hope to be no. So let me copy this
one and do right. So BGP is configured in R1. Let's go to R2. And R2, the only thing I need
to tell you next hop setup. You remember the story. So in R2 I'm 123. Again. My neighbor
is 121 with 123, and my neighbor is with
remote S4, this one. So this one is for, but I
will use as a next hop sell. You already know why I need next top cell. I
hope that is clear. So let copy R2 configuration. Do write. These two router will
use next top selling, the same has to be in R3. You know the stria because
R3 is also edge router, so they need to
change because R3 is going to do EBG
p and also I BGP. So it will not change the path. So that's why we need to type next hop self command
just to real, you know, you remember,
yeah, we didn't. Okay, so R3 is then, now let's go to R4. R4 has basically two neighbor, this side and this side. So let's go to R4, R4, BGP for I have 123
R2 and I have a 66. So copy and paste. And do right. Okay, R5 is also similar story to neighbor,
to neighbor 123. This one out of 37,
which is our same one. So let me copy and paste
or five Israel do right? And let me save it. Now coming to router six. So router sex is basically
one neighbor to neighbor, and also advertise
their own route. So router BGP six, I have now bought for I
have now bursae one and I'm advertising 666 done. And here is du, right? So one is also similar story. Say one is BGP, say one for PC1
router, router six. And I will advertise
only say when I don't care about the
other one, leave it. We did not create this one. So say one and do right. Now BGP and everything
is configured now coming to party attributes,
but first checkout. So the first thing
I need to check an R1 regarding 666 throat, how I am receiving sex because I have two paths to reach there. You see I have a bar
to reach year to 666, and I have a bar to
reach here to 666. What do you think Reach it out? It will prefer same
like EEG ERP with SPF, they have metric to find
out how to reach successes. Some of them will check cars, some of them will
check bandwidths, some of them will
check hopped on. Now let's come in here. So let's go to R1
and see 666 throat. How I'm receiving this one. So let me say show IP BGP. Okay, so still
neighbor ship is not, did not show IP interface brief. Interfaces are up,
show IP BGP summary. Neither ship is also up. Okay. So it means the 66
throat is not yet up. Show IP interface
brief case, correct. And show IP BGP summary. Yeah, my neighbor is also there. So it will take some
time to come up. So okay, so let's check out R1. I thought maybe
something is wrong, so. Let's check out show IP BGP. He has come up now. You see, let me show you here. I don't know how to show both
together. It's not so okay. I'm receiving sexy
only focused on 6666. I'm receiving through
drill down to why. Even though 66 I helped to path to reach and
to get this route, I told you through R2, R4, and R6, and also through our
three or five or seven n R6. So I'm receiving 66. They say the best route
and valid route and best route 66 through
the help up Dwell da2, who is drilled or to
next hop is this one. They prefer R2 path y. Let's check out the first thing. They will check which thing red. So where does 0? Then need to show me the
other one as well? Yes, come up now. So it can show me both to
that you can understand. So through 133 I'm also receiving sex and through
the base of dwelled R2, I'm also receiving sex. But they considered
trilled r to the best. You know, you need to
check this thing here. This thing is not
there, you know, the sign the sign
means valid and best. So they said I'm
receiving 66 through different way to 2133, but they're considered
as the best. Let's check out the first thing. They will check which thing
with where it is 0 here. And where does 0 here as well. So star, yeah. What was the next thing? The next thing to check
local preferences. Local preferences is a 100. You remember this one? Yeah, I told you this is
the sequence to check out. Whereas let me go up. It was let me show you the list so that
will be clear to you. This 1. First thing they will check wet, wet far 1312, both has 0. Next thing, they will
check local preferences. Let's go to local preferences. Local preferences for 13 is 100. The same 66 throat. And also for drilled R2
is 100 tooth in time. It will go to the third one, originate from where
the route is coming. So it's the same through either origin and Cody
either Edward, Edward eyes. So it's almost a
similar then a is path. This the question now, which route has less
AS part to reach? So if I go to success
States through the wire, 13 dot three, then
I will go to five, then seven, then 63
AS part to cross. But if I go to through
12 da2, need to spot. Let me show you from diagram. If I'm reaching to
six days or target. So true, or do I have one? And then two is six and S2. So how many is either
coming on the way to? If I go this way? So how many is? One is two. And the last one is six, is three is to reach here. Either this one is considered. This way. The last thing, the tiebreaker is this 146. They say, if I go
through 12 or to deny, go to four, then I
will reach to six. But if I go through 133
first I will go to S5, then seven, then I will
read to Sx, and it's true. It will go to S5, then seven, then it
will reach to a six. So what is the tiebreaker
years AS path? The shortest one with prefer, and that's why they
installed this route. The best. Keep in mind the best
route is represent. Let me copy this one. Because now we will change the S part and lead
to remove these one. Our main focus are only these two and let me remove
this one as well. This one is on target. So 13 that three is
not valid route. Here is the village and
installed best this 12 or two based on
this four dots six. Because it is part is less. Okay? This is by default. Molas start from weight. So the first thing to
check and decide is wet. If the weight is highest there, trout will be preferred. Okay? So N My case, where the 0 here and 0 here, who is the loser? 133. Why not increase the
weight for this guy? So definitely, first
thing they will check the weight
and weight is high. So they will install 13 dot
three is the best route. This what we say, Yeah, that's the first thing to check. What we can do to increase this one because it is locally. So we will configure an R1. So R1 I will go
to configuration. There are two way
to change them. 34 way, but anyway,
I will use one. And the one which I will say route map, I will use roadmap. We will discuss roadmap
and next paper in detail. So I said route map and give
them any names, a post-test. And Ben is the sequence number. And here I will say sit, read this div right here. And let's set the width 500
and come out from here. Router BGP 123
because I'm in R1. And here I will say a neighbor. The neighbor which is the loser, which is 13 dark three or three. Use roadmap, which I configured above with the name of
taste for N-H bond. So what is test? Test means that increase the weight for 133. Sent them 500. So now R3 is this one
where it is 0012 when, but now I changed this one. Let's check out
now, show IP BGP. But nothing has changed. Because when you
modify something, you need to reset. So type clear. Keep in mind who is
the winner? Right now? The sign is here. This sign will now go to this one and this red
will become hear. What I said. I think so far I pondered, it will be like this. Now. This sign will go from cut up from here
and it will go here. A while. You will
see like this way, clear IP BGP. Start with soft. Soft means to not do this. Try everything and
checkout. Lets see Now. Look at now 66. Look at and now thrilled R2
is not anymore the best path. Now going because of
where it is, increase. This the first thing
they are checking, if you are not sure, Let's do a trace route. Trace route 66 darts x dot six, and you will see the
next hop will be 13, that three, not well, da2. Let's see if I'm going to suggest who will
be the next hop. 133, either 12, da2, definitely R1 will say
13 dot three and years, etc. Control Shift six. I don't care. Let me remove it
and you will see it will be 12 R2 by default. So if I go to router BGP
and let me remove this one, That's the thing
which I configure. Yeah. I say increase the
weight up my neighbor 133. So I removed now and
let me clear soft. And now check out, show IP BGP. You see again 12 R2 is the best because different with ASD. How? Let's trace out again. Press road and numerical. So it will be quickly, you see, filled out to his winning
before when I trace route. So it was going through 13. Now the default one is 12, again, winning
controllership six. I don't get it. The rest of what is
going on not clear. One attribute is clear to you, which is the first-year
tribute to check in Cisco router only other vendor. They don't have a weight. And the highest
one is preferred. Suitor Tinder three,
I put them 512 was 0. The highest rank prefer, and they prefer and
they changed the route. That's the beauty of BGP to manipulate them using
these attribute. These are good. Spatial top
and these type of gear, reverse gear, firewall,
and load those. These are those thing
to manipulate them the car where it is
clear to you now, there are 34 method more
to change the weight, but I use the simplest way. Okay? Now let's do the second thing. They check local preference and which is the highest
one will be preferred. Again, who is the winner? Pulled onto the table also show me they pulled
out two is the winner. Let me copy them
and paste again. Again. Forget about this one. And forget about the first one I want to target is this one. So 66, now they said
dwelled R2 is the best. This one, the sign is here. I will copy again when I
change and everything is similar by AS part
two is winning. But before AS part, there are other things to check. And there it is. Second thing is
local preference. Right now, local preferences, a 100100, the one with
the highest will win. So what I will do, now I will change the
local preference, local preferences also
local to the router. So again, I will
do changes in R1. So go to configuration. Again, I will use the same
route map, which I create. This route map, let me remove them and I
will create again, I will use the same name. Okay, sorry, configuration. Again, I will say route map
and local either give them, let me give them
a, B, C, ABC, TEN. Test either ABC and
sit local preferences. Who's going to win the
one with the highest? Because these two things are
the only which is highest. So a 100 is by default, let me make them 200. And again, what I will
do router BGP 123, R1, and my neighbor 19216813
dot three, then 13. There are three can, when
I will say route map and use what was the
name a, B, C, N. For N bond and Greece, the local preferences
of 13 dot three. Winter Dean dot three
is receiving 66 route. So it will multiply it by 200. I will prefer him
with the highest one. Again, it will not show. So what I need to do. I need to type clear command, clear IP BGP soft to
re-establish everything. And then you will see 13, there are three will win again with this time with
local preferences. Because where it is equal 00. So let's see, after the screen is clear,
then I will show you. Okay, so now let's check
out a, show IP BGP. Okay, So it's similar
because I need to type clear IP BGP, star soft. And done. Now let's check code. You see 13, that
three is the best now with 200 preference, let me copy this one
and compare the IRR. Maybe you have a doubt because this is a very small
sign to check out. So let me remove this one. And let me remove the first one. You see the difference
here is know this side and the
sign was here before. Now, front of 133, this sign is d. And
the second thing to verify a stress
route, trace route, say star six, star six, numerical too quickly and you see the traffic is
going through 133. So it's clear that traffic
is going now through 133, the best route due to
local preferences. Let me go to route map
again and remove them. Router, BGP, route map
control and no route map. And also let me go to route map which I
created above this one, Control N, no, so I
remove everything. And if I say clear IP
BGP and checkout again, you will see this time we will again print out two
is winning start. And if you said trace route, now you will see it going
through R2, clear tooting. Now let's go to the third
thing which they're checking. Originate, originate, similar. So we cannot apply this one. Because definitely it will
originate if I configure. Control Shift Six show IP BGP. So I have 66 and the
best part is two. So if I configure the
same here locally, suppose the interface Lubeck
six and IP address six. There are six, there
are 6255255240. And go to router BGP 123. And network command and
advertise this one and checkout. Now it will be
preferred this one, because I have locally this one. Okay, I need to clear, clear IP BGP, star salt. And now let's check out kids 66 maybe or 66 is different. Let's see. It's showing us okay. The way it has to come up or six Six show running
section BGP. Does I advertise correctly? Okay. I didn't not advertise
a router, BGP 123. And the same way like this one, I need to advertise six. Okay? And let me see my
interface as deer or not. It has to be there locally, yes. So now let's check out. It may clear quickly, clear IP BGP solved. And now let's check code. I already show you this one, but I'm quickly need
to show you again. You see now the
other sex or gun. Because they will check
if the originators locally they will prefer
there to end rather than the one which is coming
from another way anywhere. Let me explain this one too. Let me quickly remove them. Router BGP and let me remove this one Control N
No, I don't need. And also interface
Lubeck six main shirt down and clear IP BGP to make the thing
simple again, this one. And now let's check out. Six will be again with 12. So 66 with the best
part is again this one. Okay? Now let's go to path. And this is now the
tiebreaker in this situation. Which one is the tiebreaker? Because 1332 da2 metric is
similar local preferences, similar weight is similar. But the only thing is, is path. Third Pindar. Three is giving the
same route through three different path while pulled R2 is given
through four dots six. Now the question is, how
can I manipulate this one? Yes, I can change
the AS part as well. But who got to change this one? What is a spot is part
as men dead tree. And it has to be in every update and they
exchange them as well. So that's the good news that
AS part has to be exchanged. So what I can do, it's not a local thing. So I can go to R6. Here is because he's the
person to advertise this 66. Here what I will do
and router saves, I will configure access list, whatever six, excess
lists six suppose, but made 666, sorry 0. The last one is and 0 dot 0 or 0 to 55 wildcard.
What are you done? I increase this extra. So I create access list
two with 66 anode. Here with drought map. Again, I will use route, route, maybe it's mostly
used with any names. Suppose ABC ten, I am an R6. The other two I
changed other three or change our R1 local LEA, this one is not locally
and match IP address. What is my IP address is six. This one exists list. And here I will say set path
prepaids, part something. But sorry, set S
but something yeah. Said AS part prepend. Prepend means to
manipulate them. I would say six,
there are 63666. I increase them to
three times six and exit this the roadmap
I did not apply yet. And roadmap, I got this ACL, which is my interface
upset 66, my network. And I prepend to increase
through time more. The AS number five, who now I will go to. I need to create one
route map as well. Route map a, B, C, 20. You need to create extra one. Now let's go to router BGP sex. And here I would say number 190 to one sixty
eight forty six. Start for I will show you let
me type them a route map. And what was a, B, C out. And R6. I configure a roadmap
for Route Six Six Six. And I say that F66 is going out to 46 dark for
46 third folders, R4 increase the S of ABC
increase AS to three-time more. And this guy will
receive different one. So now what will happen
before when I was receiving through R2 printer to as the best because
of a is part one. Part two is path. But now R6 is giving
the same thing. Suppose if someone came to me
and I give them the video, I did a course fee is $200, but another person
came and I give them a $100 charge up to me. So I give it to one person with a $100 and other one is $200. So R6, what they're done, they create a roadmap
that whenever this guy as Q6
success in Greece, the S to three times more. No, pretending, not
the actual one. And R seven is getting
the real price. So before let me
copy again this one. It's not apply yet. Keep in mind, I will apply now. So this is the old
story and all story. Let me remove 111. We don't need the 111, and I don't need 77 as well. So now the route map
through R2 is only for sex. Now there will be three more, 6666 and these are three. So it will win. So 13 that three will win
and this sign will go up. Now let me show you
now what I need to do. Let me check out first. So yes, I see increased. Now, look at let me copy this one again and
go back to that one. Okay. And now you will
see the difference between I don't need this one, sorry, not this one. Let me delete this one. And also let me delete this one. You see the difference before
dwelled R2 was receiving with a S4 six now for
63 more Three spot. So the S part was now more. And what the attributes, attributes then the AS part with shortest one will be when
that will be preferred. So the preference will be
given to where it is similar. If local preferences is similar, if originate, local,
non-local, if AS part. Now the fourth one
it will check. So before everything
was similar, local preferences where
everything was similar. So the tiebreaker, we
increase the spot far. This router, router,
which was the winner. Now it's not anymore winner
before it was the best path. Now SNR, now 13, that three based on a spot. If I ping from here to here, the trace route 66 numeric. So you will see again, I'm going through 13 dot a3. So you can change
the S part is well, you can pretend it's
not the actual spot, but you can pretend
them and you can increase them to manipulate. And the other one
is origin code. This the origin code. How I am receiving the route
through network command, either through redistribution,
which I showed you. So far. What I need to do first, let me clear this one up and no, so let me remove this route map and also let me remove
route map from here. Roadmap. No. Okay. And after a while
it will be come again, thrilled to show IP BGP. Okay, I need to clear, clear IP BGP, store soft. And let's check out now. Okay, still six, so I need to
type this command and six, I believe clear IP
BGP, store soft. And let's check all
that I'm receiving. Still. Okay. Still Not yet. Okay. Just wait a moment. I think so I delete or not. Let me check out shoe
running section BGP. Remove the combined now. So neighbor this one. So it will take a bit
of time to come up to make them normal is
better to do it clear. I still still showing me 666. Okay. It's come up
now, the correct one. So you see now 12, R2 is winning again
because of Louis is path. Okay? Now the last, the other one is origin code, origin cord said that how I'm receiving this road, I mean, which is this one through
this one network command. Both are receiving
through network command. So what I will do, I need to chain them in R7. But I need to make the
part similar as well. Because until the
path is not similar, I cannot show you origin code. So I need one more
here, the AS path. So what I will do,
I will go to R6. And again, I will
configure route map. This time I'll will
increase only once. So what I will do exist, I think you access list is
already there, which I create. Yeah, it's already there. So let me quickly apply them. So what I will do route, maybe roadmap or test. Then either a, B, C before it was ABC or
we'll apply the same. And match IP address. Ip address is six, which is the excess
list by the way. And set. But pretend I think
so I need only one. So I will make them six
exit and I need to create another route map with
empty okay, exit. And now router BGP six. And what was the command? Let me apply again. This one, yeah, no neighbors. So let me remove know. And I will say for this x
dot for to give it to ABC. Let's check out now. It has to be similar. Now. Gets to act has to be 466. Either quickly, I
need to do one thing. Clear IP BGP, soft. Let's checkout. Command is not that much time. It made that clear
IP BGP served. And let's see, 6647646. Still let's not change. Yes. Chain now. Okay. So you see that they said
30033 is part 576466. I increase 16, but still who is the best 12 R2
because of next top. But before next hop, they will check the origin code from where this route is coming. This I, both 13
there are receiving. Same way means through
network command. I, how can I show you? I can do another thing. If I create the
same network here. Enter phase. No, I can do another thing
to show you this one. I will create an A3 666, and we'll advertise
through network command. And here I will
redistribute them. Either I can create 66 here and here I will advertise
through network command. And because it will not work, Let's see an artist
sale and let me create interface Lubeck six,
IP address 6066255. Mask subnet, sorry, to
55 to 55 to four for 0. So I create the same one. But here what I will do, a router, BGP, say one. And through network
command divert water is 666 mosque to 55
to 55 to 55 dot 0. But in our sakes, what I will do router, BGP, router BGP six. So here I advertise them. Yeah. What was when
I advertise them? 66. I need to go back. Okay. Let me check out shoe
running section BGP. I will tell you what
I'm doing here. I will remove them, this one. But I will say
redistribute connected. So here I make them as a redistribution sex and
say when I create them, advertise to them
through network command. Let's see now what I
am receiving here. Okay, I think so I need
to clear the command. Clear IP, BGP, BB, BB, AGB, star, soft. Okay? And I need to do the
same thing in R7. Okay, and let's see again
here what I'm receiving now. Okay, now, you see now
what heparin 66 is. 13 dot three is prefer because this advertised
through I need to increase. This is part because it's
wind through AS path. And this one is
through redistribute. The same route. This empty, this empty area
means this success. Again. They say that
this one is advertised through redistribute
and this one is advertised through
network command. So we will prefer network one. I know you will say, because
this one is five, same one. The first thing check AS but it is part is checked
before origin code. So yes, true. So
what I need to do, I can do one thing. I need to remove this six
from this six router. You remember I apply something. So what I apply, I apply router BGP six
and I increase the S, This one, Yeah, Let
me remove them. Now it really qualia. So clear IP BGP, I don't know this one
is clear to you or not, but the other part, I
hope this is clear. Now let's check out again. I'll get it shouldn't be
now for six after awhile. So still it takes time. Let me clear them from here. Clear IP BGP soft and show IP BGP now still has to
this success to be removed. But when it through be removed. So I need to wait for awhile. I'll still the air is
removed this time. Yes. Okay. Now, show IP BGP. They say that 66 we're receiving
through 1335, say one, which is through network
command, same-sex six, we're receiving through 12 da2, but through redistribution. So because local
preferences the same way, the same path, the same
because this is also two part, this is all to do path. So we will prefer
the one with i. So there's white
Thirteen dot three when because the dean that
three is receiving here, I change this one to 666. If you are confused,
let me create 66. Here I 66, I advertise
through network command. Here 66 I advertised
through redistribution. So the command
that authority the network which is advertised,
either the subnet, which is advertised through
network commodities prefer i means through
network command. And question mark means which
I already explained to you and theoretically means
through redistribution. We saw this one is, well, if where it is similar,
local preferences, similar, originated similar
AS part is similar, then it will check origin cord. And the last one is MAD. You can change the MUD as well. Mud this value, this one, this is also local. So in R1 you can change this one and it will
prefer that one. So these are the six
important attribute to change and
manipulate the way. And we check them one
by one and which one is the first one to check? So this is a sequence
to check him. That's it. I hope that's clear.
16. BGP Authentication: The next topic related to BGP. Bgp authentication
is a security risk to protect your protocols, like BGP, OSPF, RIP, OSPF, and repugnant
to also an EA GRP. There is a different
mechanism to authenticate. Bgp is using TCP
three-way handshake. So if you want to protect and to reduce security
risks and BGP network, so it's better to use BGP
peered authentication. Bgp authentication
means you need to enable a configuration
on both side. So when there is a
TCP segment exchange, so they will exchange the authentication as well
as authentication mechanism. They are using
message digest five, which we call the MD5. So when there is a
TCP segment, okay, so BGP will verify, if authentication is successful, then the three-way
handshake succeed. Successful. If not, they will put in, they will not pair
with each other. They will not they will not make an eyebrow shape with
the other BGP speaker. In this way, we can
protect BGP network. And it's so easy like any
other protocol, just, we just need to
type a password and then you can type a
password in Hidden Words, either like a seven. And either you can type directly
the password, which is, which is a TCP message
digest password. Okay? So in this way we can protect
our network if BGP is dear. Okay? So what we're going to do, we will use two routers. Suppose I have R1 and R2, which connected with E, BGP. You can use BGP either II BGP. And suppose we have
two network to exchange 11 this side and
due to this side and R1, R2 are connected with
the 1926 to eight to a network dot one, dot two. Okay, so let's go and
check out and lab. So I have this lame. Basically I just connected
these two router. No configuration is dear. So let me on this router first. And this one is, well, okay, I have a script to apply. So let me show you. So it will be easier
to save some time. I will go to R1
configuration more than I will change
the host name to R1. Then I will configure for us, it will dot one, and I will configure one
loopback interface. Okay, it's busy. So no new router. And also let's go to our
blue and make them know because it's take
time to show you. So, you know, they are connected Fast Ethernet 0 plus 00 slash 0. And to Lubeck we will create, okay, So it's so easy. Now I'm in R1, it make clear the
screen and enable. And let's apply this 11
basic configuration. So fast Ethernet one dot
11 loopback interface. And let's go to our 222. I will go to R2
change and m2 r2. And then one interface, basically, I need to create one
loopback interface as well. So let me copy from
here and go there. And change this one to
two dots, two dots. So this is our two
configuration. Copy and enable and paste. I'll do another one
is configured just let checkout to ping the
other side, 190 to 168121. Can I add one to it? Okay, Yeah. Let me show you the
interface, show IP interface. So here is drilled out
to and to, to, to, to configure BGP. Bgp basically. So what I will do, I
will go to router, this one and S is one, and this is two. Okay? So what I'm going to do, we'll go to BGP one or two and remote S2 because
this one is in S1, the other side it is two. And this one will
advertise 111 network. So we already done, it's easy. And let's apply this one
or two configuration and paste to this
configured here. Now this side, I will
go to router BGP. Two neighbors told at one, which is our one, is, is 12 will advertise to network. So let me copy this
one and paste. So BGP configuration is done, but without security, our
main target is security. J4. I go too fast
Ethernet and capture. So there is no authentication. Without authentication during
the TCP segment header, they will be nothing. If I go to BGP. Bgp has not yet started TCP. Okay. So still like things.
So the membership okay, Then I bought ship is up. I make to type BGP. Okay. Let's check out, show
the BGP summary. Okay, so I have one
neighbor, this one. Yes, what messages are here now? So let me go to
the main thing is TCP Transmission
Control Protocol we already know and
BGP is using 1794. So let me extend this one. Tcp, TCP three-way handshake. So here the password will be, if I go to flake and
not a flag by the way, and flavor, there
will be option. Which option is not
available right now because we are not
using any password. Okay, so if I want to flag, there should be
option with password. So right now nothing is there. It's okay. Okay, so what I will do, let me configure
authentication in R1. And R1 authentication is easy. What you will do,
your neighbor it, this is your night, but
I may add one to l. That was my neighbor. And you just type
a password, okay? Two type of password, 07. So 0 means no
encryption vertically, you can type a password. Suppose I type a, B, C and enter. Because one side I type a password and other side
there is no password, so it will give you error. But y is not doing because TCP three-way handshake
is already done. So if I say clear IP BGP, star, hard reset, after a while, it will start giving
you an error. It says no MD5 digest
from 12 to 179. You will now it's sending one
side is sending a password, but other side is not
configured with password. Okay. Showing me the center and there will be no night but
should keep in mind, if I go to R2 and type here BGP, somebody twists and
active reality, discuss ways and
E2 because once I pass or something
and the other side, the password is not configured either the password is wrong. This to either state as a team. How can I remove this error? So I need to go to
router BGP too, because it's a BGP and denied by which I
can figure that one, I will type a password. The second password is sermon,
means encrypted password. Can I put seven password? So I will type seven, but now I need the
encrypted password. So why not copy from here
and encrypted password. So in this way, it will clear to you what is the
difference between 01. So sure, running
section that BGP. So let's see the
password is yeah, I can see the password in clear. Clearly. Can I do a concept service
password encryption? Service password encryption. So let's enable service
password encryption to hide such type of password. This is type say one
password, basically. Now you will see here
there is no type seven, yeah, issuing you
directly after awhile. Let's check out. So now it will be typed. Say when you see now there is one and this is ABC basically. So let me copy this one. And let's go to R2. So there are two way to
configure he didn't need. Now this is headed
only after a while. The membership build up because they will exchange
the password and the heater. I will show you the Wireshark. Let's see now. They can. Then I buy cheap or not. So let's go to your IP BGP. Somebody is still an active. Okay. Let's see,
after awhile either. Yeah, It's up now.
So you can see. It's not active now, it's okay. And let's go to the header. So let me go to update. And I am in Transmission
Control Protocol TCP header. And now there will be an option. Yeah. If you click an option, you see there is
TCP MD5 signature. Okay. Let's go inside. Here is so let me
go to TCP option. And here is. So now you can see before
it was not the MD5 digest. This is the digest MD5
message digest five. So they can warp the password to this hash format and they are sending and TCP
three-way handshake. So both sides have
this similar parser, then they will exchange everything and they
will become nine. Okay, so this was
BGP authentication, so easy to configure. And you can end this way. You can protect
your BGP network. Keep in mind, there are
many other thing to protect your BGP, like TTL. You can increase the
TTL and this way, and so many other
things you can, but one of them, and our main topic
was authentication. How to protect BGP
authentication using message digest
five algorithm. So it was easy type
of password and this way you can protect your
BGP authentication.
17. BGP Backdoor: Next topic related to
BGP, BGP backdoor. What is BGP backdoor? So when a router
learn a prefix or network from different routing
protocol, how they decide. Suppose the route information is the same, same destination. So what they will do their outer definitely we discuss
this NCCN and CCMP level. We all know that the router will take a decision based
on administrative, smaller the administrative
distance, better the link. And they will
install their drown, their routing
protocol route which has less administrative
distance. So now the question is, suppose a router learn a prefix
or network through a BGP. An IGP. Igp means anterior
gateway routing protocol. It can be RIP
routing information, it can be OSPF and
it can be a GLP. Now the thing is E BGP
administrative distance is 20. Why OSPF Eddie is
110120 and EHR P 90. How the router will determine. Definitely they will
choose the smaller the LD. And that is BGP. Administrative
distances string t. But maybe we don't need to learn their drought through
administrative distance of e BGP which has 20. Maybe we don't want
to install E BGP, but we want to install
the IGP through RIP, OSPF EEG ERP route in
our routing table. So what we will do, Suppose
we have this network, S1, S2, and S3. But R2 is connected through R1, through private, maybe link, maybe something, maybe liaison, but whatever is
advertising to, to, to through IGP route OSPF
or EA GRP, this case OSPF. But there also are to
advertising to, to, to through E BGP neighbor R3. Now because R3 is
current due to R1. So when they resume to, to do this land route, there are three will advertise
the same route to R1. R1 is receiving two to two
network through OSPF and BGP. So what will happen? Definitely R1 villain style, the less administrative one, which is e BGP. But in this case,
our two network, one, that R1 learn this
network through OSPF. Now we have 23 possibility. We can decrease OSPF
administrative distance. There is a command to decrease OSPF administrative
distance less than 20. Then OSPF will win
the competition, and R1 will install OSPF
routers and routing table. Second thing we can do to increase the e BGP
administrative distance. More than OSPF. Ospf administrative
distance is 110. We will increase
administrative distance, or EBG free from 20 to 120. Suppose this way, OSPF will win the competition
and R1 willing start to 22, which is advertised through OSPF and also as
advertised through E BGP. So R1 will say that OSPF administrative distance
is 110 Y E BGP is 120th. So I want to install
OSPF through SPL. When FU increase
administrative distance. Bgp thing, either to
decrease OSPF less than 20, either to increase E BGP administrative
distance more than OSPF. There is a possibility
to do like this. What do you think
any other statement? Because increasing E BGP
can make more issues, which is our default value. And also decreasing OSPF
may make some issue. While you can achieve this target through
BGP backdoor command. So you don't need to change
the default value of OSPF administrative
distance and chairing the default administrative
distance of e BGP. He wonder is possible you
can do through that one. Now the big toe Steadman get aid in the network command is amazing command which you can add them through
network command window. You need to type the network. Then the suppose
in this case to, to, to the mosque of
this one that you do. And then backdoor this command to do the same thing,
which I told you. They will increase EBG be
administrative distance. But this is a proper way. This command delta BGP process
to change the distance. So it means backdoor command will increase the
administrative distance. And the long road, which is two to two, they will change the
value from 2200. They will chain II BGP land
route to 200 like I BGP, because we know BGP
administrative distance is 200. There do the same
job, but properly, rather than we'd increase, decrease OSPF and BGP
administrative distance. Backdoor command will
do the same job. This way when an
increase to 200, definitely OSPF has 110
administrative distance. So R1 will install OSPF
routers and routing table. Big door is nothing but S
treat like a local network. It is not advertise. This is our topology. R1 and R2 is connected through
private link with SPF, one hundred one sixty
eight dot one dot two, R2 and R3 as connected 1916 to 823 dot 223 dots
three through E, BGP are three is connected 19216813313 dot one through BGP. Administer O, S is one. S2 and S3 are smart topology so that
we can perform the lab. And what we told you that R1
and R3 tissue the route to, to, to which we create a
loopback interface here. We will advertise
through BGP and also we will advertise through
OSPF and we'll see, and then we will use
a backdoor command. So these are the thing
which I explained here. So let's go to
topology, the topology. Okay? And I already open R1, which is not configured. So let me say unknown and R2. And our three. So basically we have
R1, R2, and R3. They are connected
through OSPF and BGP. First we will assign
IP addresses, and then we will see an R1
without backdoor command. Then we will put
backdoor command and R1 to increase to 22, which is coming
through BGP to 200. And this way I will run
this to do network through this line because EBG PID
is 20 and OSPF is one n. So let's see now. So let me go to R1. And let's go to our, and lets clear our three. Let me take the script. One, I will change the name, I will go to one interface
and sacred interface. One has two interfaces. 121313 dot one, dot one. So 1312, that 130. And also I will advertise
I have one neighbor up E, BGP and OSPF prioritize
under the interface, you can advertise
separately as well. I will advertise the BGP as
well and OSPF on this link, because zeros let 0 is connected
through OSPF is clear. So let me copy the three. It's the wrong one. So let me stop this one. And let me start. It will start. Let me go to R1. So copy and paste. So I'm thrilled that
one I advertise and OSPF keep in mind this one. And this is through OSPF, this one, this network. Then I configure
BGP 133, this one. Okay? So now let's go to R2. R2 is also true with PF2 to network and also as advertised
through BGP as well. Okay, So let me go
to R2 and paste. So I changed the name
from router to R2. Then I create a Lubeck with 222 and I advertise
two to two and OSPF. Then I can figure
out this interface and advertise
through OSPF because this one dot one interface
and to-to under OSPF. And then I create this interface once let 0 and no shut down. Then router BGP, this team hyper 23 dot
three, this tonight. And I advertise to, to, to under BGP as well. So this is through OSPF Israel
and through BGP as well. So this D configuration of R2. So now let's go to R3. R3 is this one. R3 is connected through
E BGP to R1 and R2. So this is our 32 interfaces and its connectivity
to R1 and R2. Okay, so let me copy
this one and paste. Okay, so BGP configuration is done and also
interfaces are done. Now we need to check that to, to, to network R1. We need to verify
an R1 that they are receiving 222 through
OSPF, either through BGP. So definitely it should be true, ie BGP advertise 222233 will
advertise the same route to R1 with
administrative distance 20 are to advertise to, to, to through R1 to R1 through OSPF with 110
administrative distance. Now this is R1 has
to decide on one. We'll say that I'm
receiving to, to, to whether administrative
distance 11020. So I will ignore this one and
R1 will install this route. But we want that R1 installed. So what is the solution? We will see that one. And due to this
administrative distance, Let's see an R1 is better. So let me go to R1 and
say show IP route. And you see 222 is
learned through BGP with the
administrator to distance 20 with the help of 133. Next hop, 13 dot three is this 1192216 to 813
dot b1 and b2 is R3. R1 prefer the route through BGP, and we already expected definitely due to
administrative distance. The issue is this
administrative distance. That's why. Now what is the solution? I told you the solution either increase administrative distance
of e BGP more than OSPF, either decrease OSPF administrative
distance less than 20. And the last procedure is
BGP bagged or command. So simple. This the command to type them. So go to R1, R1, or can not any other router. We'll do router, BGP V1, which is the administrative
distance of R1, or sorry, the autonomous
system of R1. And then type the
command network. It's a strange command
through network type to, to do network which I'm
learning through OSPF and BGP, type mask, default subnet
mask, anti big toe. That's it. Now after a while you will
see the dye will learn the same route through
OSPF, show IP route. And you'll see instantly, I can see the two to two is
learned through 110 OSPF, grilled R2, next hop, just before this command, it was through BGP. After type this command
under BGP and R1. I'm here in R1 and R1, I type the command that increase the administrative
distance of e BGP to 200. So in this way, they will learn OSPF Froude, how I know that they increase. So let's down this interface. 0 slash 0 and R1. So definitely when I'm not receiving 222 through
this interface, So definitely I will
go for this one. Because second and
measure two, this is 200. Let's see, and shut down
their interface to checkout. So 0 slash 0 interface
and not one. Let me shut down the
one which I'm receiving OSPF router zeros
length 0 shut down. So before before it was 20 administrative distance
without backdoor command. After backdoor command. This thick Amanda big door. Now I'm receiving through OSPF, but basically I just want to
see what backdoor command. So let me show you that one. Now. Check again now. So now the OSPF path is down. So definitely they
will look at now, they will learn through BGP, but this time with 200 due
to their backdoor command. So backdoor is doing
nothing but the BGP route. They will change their
administrative distance to like I BGP. So that's why 200 is
too much on IGP route, has less value
like 110129 IS-IS. All of them has a less than 200. So definitely IGP
will learn I BGP. So the IGB ramp like OSPF, EHR BIS will win
the competition. So backdoor is doing
nothing but it is increasing from 20 to 200. They can prefer these protocol
and we check out as well. So if I bring back the
interface will definitely OSPF. No shut down. And now you will check again. Okay, after awhile because
the interface is still no, just with PF is now being still. So it will take a bit of time. So when OSPF has come up now, so it was 200. Now as through OSPF. So this is called BGP backdoor.
18. BGP Route Refresh: Next topic related to
BGP, route refresh. What is route refresh? Whenever you do some changes, like an attribute, policy changes, route
change, anything. So BD, BGP will never advertise directly those details until and unless you
refresh the route. Refresh the route means
that you need to reset. You need to reset a BGP. Then it will exchange
the updates. Suppose you change
their attributes. So it will not directly
affect until you reset them. One of the method is hard reset, which you can use in lab, but you cannot use them in
production environment. Because it will
reset everything, the TCP session, it will
disconnect everything. Your entire BGP process will be disconnect and it
will be reconnect. So it means your network
will be interrupt. So this method can be used
hard reset and lab purpose, but you cannot use them in
production environment. So this is one of the method. So hard reset when
you apply TCP, three-way handshake
will be done again. And then l will exchange
the lead us information. Whatever you change. The command for hard
reset is clear. Ip BGP. That's the simple command
to put n, it will reset. We will see in the second
method is soft reconfiguration. That means we have
three option to reset and to exchange
information, the policy, the attributes, the route, which you modify, either you add them. Soft reconfiguration. Basically, it creates an extra
table, a separate table, which stores all the
information before applying the policies of every neighbor. Keep in mind, it will create a separate table for
each BGP neighbor. Again, it means if we
hold 200 neighbor, it means that we'll
create 200 extra table. It's an extra burden. It means extra required,
extra memory, CPU. So this option is not
suitable also for a huge environment because it
will create a huge tables. And also n production
environment. And BGP, you receive
and store many tables, many details, many routes. But as deer is called
soft reconfiguration. Keep in mind this
soft reconfiguration is not enabled by default. You need to enable and
you'll give instruction to BGP router to create a separate
table for each neighbor. Then the third option is
route refresh capability. Route refresh doesn't
require any extra table. Also, it's not required to
disconnect your network. So whatever you do a changes and two will send
only those changes. Whatever you apply BGP policy. So when you apply route refresh, route refresh will be
normally we call them soft. Soft reset is hard reset and soft reset like
this one is hard reset. This is soft reset. Reset means it doesn't required to disconnect your
network and BGP session. But it will exchange the detail, whatever you change and it
will not disturb your network. So this option is very good
for production environment. Keep in mind, soft reset will be used for soft
reconfiguration as well. Whenever you do changes, you need to apply
the same command. Excuse me, far soft reconfiguration and
also far route refresh. The only difference between a soft reconfiguration and
a route refresh capability. There to route refresh
doesn't require to create extra table
to store the detail. While soft reconfiguration
required to store and create
a separate table before apply the policy. This the main difference. But the command to exchange the latest information and
policy and attributes and BGP, whatever you do changes. Both require the same command. So don't confuse yourself. Command is same for soft reconfiguration and
route refresh capability. The only thing is
soft reconfiguration. Create extra table, route refresh does not
create any extra table. The topology we
will use R1 and R2 is connected with
12 dot 1 12th R2, R1 is 111 network and R2 is two to two
loopback interface. This is S1, S2. So let's go to lab. So I have R1 and R2 BGP configuration
pulled out one or two. But let me go. I did not configure
anything should know. And let's go to our to know. And I will use a
script to apply the IP addresses because it's
the CCNV, they will stop. I will change the
host name of our one. I will apply dot one
and create loopback. Okay, done. So let me go to R1. Clear the screen enabled, and apply this one. I apply IP and I create
a loopback interface. Okay, the same thing I
will do here, enable, and we'll create
a Lubeck and also configured facet to
net 0 slash two. Okay, Then next thing I will
configure BGP neighbor ship. So an R1, I will go to
BGP one remote is two, and I will advertise
what network. Simple. So here is BGP is configured. Now let's go to our two N here I will do the same BGP
simple configuration. You're done. Let's check out after a while it will create a neighbor shape, okay, R1 and R2, it will take some
time, is up now. So show IP BGP summary. Yeah, so you can see I helped
build out what neighbor, but I'm not receiving any prefix yet because
it's take time. Okay. Let's check out and R1. Okay, So let's see still. So it stayed time just quite
awhile so that I can resume. Should be BGP. Yeah, I'm receiving
110 guess mine one. And it will take some time
to receive, Let's see, minutes synchronized
with each other, then we will start our lab. So let's check out for a while. Sometimes take time. And lip. Let's see, still need
to receive to, to, to network as well from
R2 with next top R2, R2. Okay, So let's check
out now still. Okay. So still, still at stake. Maybe it's takes some time. You guys come up now. So now I'm receiving do to, to network from 12 dot to n. Let's go to our
tool to check out. Yes, yes, now I'm
receiving one prefix. And if I want to
check, show IP BGP. So 11 network is the
arrow came from that one. Okay, then the first
thing is hard reset. And the commodities clear
IP BGP simple command. And it will reset and
kill TCP session, and it will restart everything. Let's check out. Suppose I've done
some changes, config. Suppose let me create a roadmap. I create a route map
with the name test, suppose and permit ten. Okay? And let me set
the weight this way, where it is 0 right
now is 011 network. I am receiving 0 support
that may make them 100 and exert and router BGP to because R to
R and BGP router BGP two. And this is my neighbor, but here I will
attach route map. Route map name is
test an N-H bond. Do you think is applied? So let's check out. Sure, BGP nor still at 0. Because you need to reset a BGP so that you
can get the update. And we have three options. The first option is hard reset to kill the TCP session and
restart everything. But it will interrupt
your network and it's not applicable and
production network keep in mind. So still I'm not receiving a 0. So how we can do clear IP
BGP and question mark, clear beer, I only want beer. You can put the peer Israel
like a twelv dot one. And star means everything. Let me put star. Question mark. There is other option
which we will do like a soft reconfiguration and bone are born and soft
and many thing. But anyway, I want a hard
reset, clear IP BGP. And clear IP BGP if you
want on this side as well, you know, it's reset
everything looks good. Everything is disconnected. Everything and TCP
three-way handshake will be done again
and everything, and everything will be up again. And now if I check show IP BGP, so the way it has changed now, because I reset everything
before, it was 0, because I use a route map
and I put the word 100. Okay. So this is one way which is not recommended
in production, which I already told you. Now, let's go to another option. Another option is solve
reconfiguration to store and create
a separate table before applying the policy. But as required extra memory. But it's not enabled
by default and first checkout is
enabled or not. The command is show
IP, BGP neighbor. What is my neighbor? 100 to 160 year 121. And here I will say receive route to N-H bonds solve free configuration
is not enabled. Is clearly said that soft
reconfiguration is not enable. This the command to check
out soft reconfiguration. Extra table by default is not
enabled, which I told you. And it's telling me
that it's not enabled, how we can enable. So let's go to our router BGP to twist my AS and
who is my neighbor? Told that one is my neighbor. And here you can say soft
reconfiguration and bond. So I give instruction
that creator solve reconfiguration extra table for inbound routes coming
from that one. For every neighbor is
create a separate table. If you have another member, you have to do the same process. Okay, Let's check out
again the same command. What was the command? The command show IP BGP neighbor told that one receive route. Now you can see there is
extra table they created. This is the second option. First, you need to enable them for every and
each neighbor. Then it will create a separate table which you
can check by this command. Now let's change the value. So let me go to the same. What was the roadmap, the roadmap test permanent pen. And let me change the
value this time up to 200. Let's check all this
change on our show. Ip BGP. No, it's still a 100. So what is the advantages
of soft reconfiguration? No, I took it. Again. I need to apply one command, but it will not
disconnect the route. It will not kill
the TCP session. And what is that command? Clear IP BGP question mark. So you can see here it is. It Me? See Supposed star
means for each night, but any question mark here
is N solve reconfiguration. Let me zoom it. N solve reconfiguration,
N-H bond up there suddenly. And then out, Solve reconfiguration
for outbound up debt. And there is software as well, soft reconfiguration,
inbound and outbound. It's up to you. You can use, you can
use out and you can use soft keyword for inbound
and outbound both. So in this way, it will not disconnect. Started means every night, but you can tap on AI. But Israel, my neighbor is one and question
mark again, same thing. So I will type soft because
it is far in and out both. Why not use this
simple one? And Enter. You see no disconnect
duty show IP BGP, and you see the Betas change
to 200 before it was 100. And there is no discontinuity. Keep in mind this the question, the main thing is this one. But you are using this
command to reset to che, to exchange the update. But you have created
Extract Table extra burden. And what is their
burden? Is this one? This the question of our enterprise network,
production network. If you have a huge network, it will keep all the details because it's required extra
memory and extra burden. So what is the third option? The third option and the best one is route refresh capability. You don't need to
create extra table. So let's remove the
table figure BGP, y2, and this the
command I enable. Yeah, nice soft reconfiguration
control and no, removed. And now let's check our table. Is there an art show, IP BGP neighbor resume? Again, it's telling me that as disabled soft reconfiguration
is not enabled. Great. It's not enable. No extra memory
required, no extra CPU, no extra table,
everything is there now. So the third option
to use a soft reset, like a hard reset, but no disconnect duty, no killing TCP session. How let's change
the value again. So what was the route map? So let me go to
route map test and set red value this time 500. Keep in mind our weird value
is 200 before the changes. Now let's check all
show IP BGP is 200s. But keep in mind, I haven't configured
soft reconfiguration Because we are doing
the third option. It doesn't require
this command to be enable and how it
can be updated. Just say clear IP BGP,
please your neighbor. One and soft. Maybe in your mind you will
say you use this command with this second option
software, you can, yes. But in their case
there was extra table. In this case there
is no extra table. But the command is similar
to exchange the updates. Now let's check out show IP BGP. You'll see now is 500
before it was 200, no discounting duty, no nothing. So this is the third option
to exchange the information. But you need to check out that your routers
support this command. Show IP BGP, 100 to 160 years. 121, show IP BGP neighbor, neighbor, 192 to 168121. You need to check
the capability, neighbor capability,
route refresh, advertise and receive new, maybe a new router
there will be new and old before the RFC
and after the RFC. Cisco in the chain them. So let's say that route refresh, advertise and
receive its support. For the support, you can use this command, refresh
software, refresh. It will not disconnect
your network. It will not down your BGP and
it will not kill your TCP. So these are the three
option far-out refresh when you do some changes, you when you change the policy, when you change the attributes, we knew chain the route, and you want to
exchange and BGP. So hard reset, soft reconfiguration
and drought, refresh. Let me go quickly if
I miss something. So we check this one. It's okay. By the way, if you want to see, so you can debug as
well debugged IP BGP. Suppose. And here you can
also debug IP BGP. I enable debugging, okay? And whenever I do some
changes, suppose, what was the route map, this one and sit weight. So last time I put 500, let me put 700 this time. So IP BGP, so S5, 100, yeah, but I tend to see
on a rant need to reset. So let me reset. You will see and debugging it, sending and receiving something. So this is the command,
clear IP BGP neighbors soft. You will see in debug as
sending refresh request. And this are, they will
receive refresh refresh request and receive
a refresh request. It should be. This is the refresh request. So this the Refresh
Request which they sent that refresh because we are doing this
one route refresh. You can see from
the debug is well, soft refreshed sending
the request because R to send the request and R1
will receive request, received the request,
refresh request. And then they will
exchange the detail. So when the exchanger
detail, Let's see, show IP BGP, you will
see now is say 100. So this is how this
route refresh work. Okay? So let me go. If
I miss something, I believe it's okay. No, it's okay. So that's the way to use these three commands
for BGP updates.
19. Route Reflector RR: Another topic related to
BGP, route reflector. Route reflector, either
route reflector. So what is the route
reflector basically, by far, suppose a few hill. In this case, suppose
we have three router, R1, R2, and R3. And all of them are I
BGP neighbor as 123123. So if R2 learn 11
network from R1, R2 learn 11 network from R1. R2 will advertise
this network to another I BGP neighbor due
to split horizon rule. Why? Because I BGP say you must be fully mesh to
receive this route. It means I will
receive 11, means R3. If I'm connected directly. Definitely now is fully mesh. So it'd become, this
three routers scenario will become like this. Suppose I have a router
here, router here, and here, connect,
connect and connect. But here are three is
not directly connected. They say I BGP, say due to split horizon, you need to be
connected fully mesh, then you will receive
the route by differ. But the issue is fully mesh
and this case is okay. But if I suppose six
routers, I have 123456. So if I want to become a BGP
neighbor, so six router, the formula is n, n minus one into n means
number of protons. So how many router I have six. So if I put 66 minus one, and then I do become
15, I BGP peer. So every router health. So we have altogether
15 PM and gets up R3. Suppose it has to be
connected sex also same and also aid also for r. So five is five connected for connected and also
seven and also six. Same way, R4 has to be
connected to our neighbor. R5 has to be connected
to our neighbor, either here or here. Same case, or six, or 78. So it's become 15. I BGP Pierre is a big issue. And this gets us
to get six router. But suppose if I
have a 62 daughters, if you put 60 years later, huge number of peers. So what is the solution that I want to
exchange this road? But I don't need fully mesh
connectivity like this one. So the solution is
route a reflector. Route reflector
basically get rid up full mesh IBD
people in the network. And S break the IBD P
loop avoidance rule, which is split horizon rule. And the rule say that if you learn something from
your eye BGP neighbor, never give it to
another I BGP neighbor. So in this way, loop will be prevent
by different. But route reflect. Ignore this rule. And they will give the route add prefix to R3 in this case, in our case, this is
called route reflect. We have six routers. So
what is the solution? V6 router and do
it like this way. We will make R3 is
a route reflector. And they will make a
nitrile to R3 only. They are not directly
connected with each other. It's okay. So this is route reflector
and these are the client. You can make them a client,
either non-clients. Maybe some of them
is not your client. There is a rule. If
it's not your clients, who does, they will
receive the route or not. There is a separate story, but this is the solution to use route reflector to
break the rule of split horizon and Luba widens
and without fully mesh, get all the routes. Their solution is called route reflector and
visa like this way. Rather than to
create 59 BGP beer, we hail only five, connectivity only n. Suppose if this client sends
update to route reflector, route reflector will send
up there to our client. Either maybe not inclined. And some cases, there
are some cases. In this way they will
receive the route, which is not by default. So if you want a huge network, you will need a full mesh, which is a difficult job. So you can use route reflector and you can make your client, and this way is a
better solution. But these are the rules,
some of the ruler, this one route learn from BGP neighbor can be forwarded to the BGP neighbor,
client or noncompliant. So if Froude reflector learn
some route from E BGP, they will forward to E BGP, and also they will
forward to their client. If suppose R seven
is not a client, still they will forever
to non-clients. Second condition is a fraud. Learn from a client
can be forward to E BGP neighbor clients
and non-clients. If route reflectors learn
something from a client, this is a client road
referred to client. Suppose you send update, so they will forward
this to E BGP neighbor. Suppose if E BGP null, but also they will forward it
to clients and non-clients. Suppose or someone
is not a client. This is another condition. Also route learn
from non-clients. Suppose RC4 is
non-planned and this sin, update to route reflector. So it can be forward to another a BGP
neighbor and it will be forwarded to client
but not a non-clients. So keep in mind these
three condition. What route reflector will do some of them I will
show you in the lab. This is called route reflector. You get the idea. So if you don't want
fully mesh connectivity, you can use route reflector. In this case, I will make
R2 as a route reflector. So when it's get this route, so they will forward to R3 because R2 as a route
reflector for R3. This way we will get the route
which is not by default. So let's go to lab to show you. So I have R1, R2, and R3, three routers. There is no enable, there is no configuration. So let me type the script to enable IP
addresses in or those things. So let me go to R1. I will enable this one. I need 16 years, and also I
will create a new big and R1. So let me go to R1. And this the script to create, so copy and paste. Okay, so R1 is gone. Okay, and now let's go to R2. R2 I helped to Nippur, decided, well this was 23. So this is, this is 23 to da2. So let me copy this
one and go to R2. And out from here. And our three, I have only one. Forget about three right now. I will just configure 23 only because I want to show
you something later on. So in R3, let me paste this one. So three, it's done now. Now I need BGP configuration. I BGP, what? R1, R2, R3, they all have 123. Okay? So let me configure an R1. I will say it will
da2 remote S 123, and I will advertise
my one network. So let me go to R1 and paste. So BGP is configured here. And I hope to neighbor. So let me copy and
paste tonight, but as well, Let's go to R3. R3, I have only one neighbor, so I don't want to
advertise anything. Okay. So it's done now. After awhile then
I worship pulled up and we will see, okay, So let's check out R1, R2. And this is three. So let's see, I have a neighbor, she Bernard Shaw,
IP, BGP, somebody. So it will take some time
as an idol is up now. Okay, So I have a
neighbor to hold onto it. Okay? And now let's check out an R2. And R2, I hope tonight,
but basically, I helped build that 123
dots three, this is R1, this is our three, but still are not receiving any
prefix from R1. It has to be because they
are ordered rising one. So it will take some time and let's check
out here as well. Show IP BGP summary. So I have only one
neighbor and I'm not receiving any
prefix from R2. My neighbor is R2. My main target is here. Let's see now, still are not receiving prefix
which I has to be. So let's see, just
weird for awhile. To receive one network. One is advertise the show
running section router, BGP. Let's see, I advertise
11 naught, naught in R1. So let's check out. It should be. Okay. And let's see. I believe I advertise 11 network and our du has to
receive 11 network. So 11 network is here. And let's go back to R2. So now let's check out. Yes, Now I'm receiving. So let me check out
a show IP BGP table. So yes, I am receiving 11 network less charcoal show
IP route BGP routing table I'm receiving 11. And also in BGP table
I'm receiving 11 as R2, which is in the middle. So R two is receiving
11 network. What do you think our du will advertise this 11
prefix to R3 or not. Let's check. Go to
R3 and checkout. Know still 0. Let's see, show IP BGP. No, nothing else. The show IP route
BGP, nothing is. Why do to split horizon rule due to fully mesh has to be
there than R3 will receive. So you get the idea now, by default it's not there. It's grass, you know,
it's not receiving artery is not
receiving 11 network. So what is the solution? We have two solution, fully mesh and there is another solution we will
discuss later in the course. But one of the solution
is route reflector. I will make R2 as
a route reflector. This is a dinar, three will receive this one. Let's go to R2 and
R2 router BGP 123. And who is my neighbor? 23 dot three. Here I will say route reflector. Route reflector client. I said point D3.js, my route reflector
client, and that's it. So everything is, you know, it's like a hard reset,
reset and reconnect. Now. You see now this is
the command to make. R3 is our client. Keep in mind in this
situation or three years, a client and R1 is non-clients. I will show you
that a bit later, but let me type here. Client. So let me change this
to so this is now client. And in this case right
now, R1 is non-clients. This is non-clients because I type the command only far R3, if I want R1 is a client, then I need to type 12 to 168, grilled R21 and route
reflector client. Anyway, I will
come to that line. Let's go to R3 and see at
receiving now the route or not, still am not receiving
IP BGP, BGP table SDR. Now I'm receiving
show IP BGP summary. So now R3 is receiving prefix
and show IP BGP table. Now I'm receiving
a difference to receive that may
Irish there or not. There is a separate story
we already discussed, but at least now I'm receiving
the route which was not before because of
route reflector. Okay. What do you think? Because I make are due
as a route reflector. And I say R3 is my client. But I do use something. There were three points. Route learn from non-planned. Okay. Not this one. Route learn from client
can be forward to E BGP neighbor clients
and non-clients. Let me show you another thing. Suppose if I create 333, Let's create, let me
create a big interface. Lu, Big Three and IP address, three dots, three dots,
three to 55 to 55 to 5555. So I create a Lubeck a lead
me advertise these two, end BGP, router, BGP 123, and network one dot
one dot one mosque to 55 to 55 to 5555 enter. And let me clear IP BGP because we need
to reset this thing. Then it will work. Then it will exchange. And let me reset here, and let me reset here. Okay. So now I created 333 network and I'm a client,
route reflector client. So if r2 learn 33 network, what do you think they will
provide this 33 to R1 or not? Which is R1 is non-clients? Yes. R2, which is route reflector when they learn something
from the client. So they will provide that
prefix to non-clients as well. But before it was
not doing that one, before route reflector,
when I learned 11, it was not giving to our three. But now this is route reflector. So when they learn something
from their clients, so they will provide those
prefix to non-clients as well. It means these three, Three
network will be in R1. Let's check out. Show IP BGP. One is there, okay, so three, it will take some
time to come up because let me check
also IPB UP summary. Okay, so I'm not
receiving yet because it does take time is 0. Okay, so let's wait for awhile. Because I need to receive
these three network by rule, even though I'm not alkaline. But because route
reflector learn the route from from a client, so there has to provide
immediate one as well, even though I'm non-clients. So let's see why
it's taking time. Let's check out here. Show IP BGP. So I have one net product. It means 33 network is not here. The're sure running
section, router, BGP. Let's see, I advertised
properly or not. So let me check in our three. Oh, I advertise one-on-one
network which is wrong. It has to be three. I don't know why by mistake. Let's see. I type 11. So let me go to router BGP A123. Let me remove this one. And it has to be 33. My mistake, sorry. N. Now let me advertise this one. Okay? And now let's check
out clear IP BGP, clear IP BGP, and clear IP BGP. Now, let's wait for awhile. So let's go to our duet
will take some time, but show IP BGP, I need to receive
both the route, which is not yet here. It's taken a while to show. Okay. Let me check out this time I
advertise correctly or not. I hope so. This time it's okay. It's time. It's 33. I'm advertising. Okay. So our two Let's
check out still. No. No. Like we need to wait till now. We need to wear it for
awhile. The eyes come up. One is showing it has
to show three years. Well, let's check out
11 is, 11 is here. Let's see an R1 IP BGP. So you see I'm receiving 333. And they say is, I mean there's internal that I'm receiving this route from my
eye BGP neighbor. Even though before
it was not working, but due to R2 as
a route reflector when they learn something
from non client. So the client so
they will give it to clients and
non-clients as well. Okay, let's check out
here as well now. So as Vietnam are doing, is receiving 11 from
our 133 from R3. But R3 is their client and
R1 is non non-clients, but still R1 is receiving three. So these are the
three condition. Keep in mind. One of them, I show you what this means by route, learn
from non-clients. Non-clients can be forward
to another a BGP client, but not to an unplanned
this and other condition. The one which we done is
route lung from a client. So this R3 as a client can be forwarded
to clients and non-clients. This why 33 was advertised
to non-clients? You want to I can make this
R1 is a client as well. Same command you need
to type config T, N router, BGP, route
reflector client. Yeah. You can make like
this way as well. For that one. Now, both R1 and
R3 are the clock. Now this is another, another solution
if you want to do. But because I want to clear
this point at the dew point, maybe I will make
another video to show you to attach some BGP neighbor. This is called route reflector. When they send up dead, they will provide to the
other client directly, which was not possible at
the beginning we check R2 as not providing
prefix to R3, but we break that rule and we make R2 as a route reflector. So let's go if I miss something. So this is the
configuration we check our n is in BGP tables, announcer and routing table we make as a route
reflector client, then we receive the route. Okay? I know there will
be no reachability. This is a different topic. We need to configure some detail gateway
routing protocol to make the reachability. Suppose if you ping
from our three-to-one, one, it will be not reachable. This is a different solution. We need some EIRP, OSPF RIP, something,
then it will work. There is a different story, but this was route reflector.
20. Address Families Part1: So another topic related to
PGP is address family, okay? And normal BGP
which we are using, it's only support IPV4
unicast prefixes. It means you cannot advertise IPV6 network and normal BGP. But later on they introduce
multiprotocol BGP Capability. It means you can use
multiple protocol, like IPV4 or IPV6 unicast multicast VRF
within a same BGP. And you can advertise
them as IPV4 or IPV6. This multiprotocol,
BGP, which we call MP BGP, multiprotocol BGP. This extension is called Address Family
identifier n shortcut. We say address
family identifier. So due to this MPB GP,
multiprotocol, BGP, now at support
different addresses, IPV4 or IPV6 with an assembly. And also its support, IPV4 unicast IP for multicast, IPV6 unicast IPV6 multicast. And we are a pen, so many
other features as well. So there's
multiprotocol BGP bring a new feature which was
not present, an old BGP. And this address family, you can go to address
familiar IPV4. You can go to Edit Family IPV6. You can go to address
family unicast multicast. We are so many other things. So whenever BGP exchange
information with BGP peered, so they will send the address family
identifier detail to end BGP open message. So they can understand
that we are using multi protocol BGP, and we're using a family
to combine many things. Basically anomaly we, BGP, aedes family is the most
common and MPLS network. Mostly you will see such
type of scenario there. This is called Address
Family identifier, where you can combine multiple protocol and
also unicast multicast. We are open, so another
feature is also available with Anna
Address Family. First, we will use
a small topology. We have R1 and R2, which is connected
to that 1122 and e, BGP, S1 and S2. This side I'm using IPV6 loop back and
they start also IPV6. And Oracle Intuit
is through IPV4. How is it possible to
exchange IPV6, IPV4 network? And how we can advertise IPV6
network under BGP ib form. So this is possible
due to address family. We will use Address Family. First, we will create interfaces
and all these things. But let me show you. Here is address familiar IPV6. And under that, I will
advertise my IPV6. But for IPV6, as we know, you need to enable
IPV6 unicast routing. This command you need
to enable and router to enable IPV6 feature and routing. So this is the way
to achieve this one. So let's go and see this one. So I am here, I have R1 and R2 which is
connected through E BGP. I will assign one
to R1 and R2 to R2. And I will create
these IPV6 interfaces. So I have R1, which is nothing is
configured here. So let me go to R1 and this is. I will use a script, okay, so an R1, I will go to
enable configuration. This the IP address
or fast Ethernet. And I will create IPV6
loopback interface. So let me copy this
one and paste. Sorry this is wrong
one. This is R2. So let me remove this one. I know Interface. Big one Just wanted
to remove this one. Show IP interface brief. So nothing is there. Okay? And also the name is
different, but it's okay, I will apply R2
configuration here, so it will replace everything. Okay, and now let's check
out show IP interface brief. Show IP interface brief. You see is 12 that one, but Lubeck two is not
showing IP because IPV6, so I will say Show
IPV6 interface brief. So now you can see there's
2001, so it's okay. 2000s double colon one
is my IPV6 interface. Here is Israel. It's okay. So R2 is configured. Let's configure R1. And let me paste
this configuration. And now let's check out a
show IP interface brief. So you can see it when
that one is up and show IPV6 interface brief. And here is 1001. Okay, that was the basic
configuration of R1 and R2. Now we need to configure BGP. So far BGP, what I need
to do go to config T. Okay? First of all, I
need to configure IPV6 because it will give me an error when I put the
IPV6 network under BGP. So it's better to
enable in advance. So I will say IPV6
unicast routing. You need to enable this one, otherwise, IPV6 will not work. So let me enable here and
let enabled here as well. So both side I enable
IPV6 unicast routing. Now I need to go to router BGP MIS is one which
will decide my S is one. Okay? Now what I need to do, my
neighbor is 1921 dot two. This is my neighbor. Our to remote areas which will decide is two because
this E BGP connectivity, so *** to end on. Now, how do I will
advertise IPV6 under IPV4? Because if I say network and
what is my IPV6 network is, is 1 thousand and this is
double colon 0 slash 64. So it's not accepting this one. Because it's not possible how
I can advertise such way. Because if you want
to advertise network, it should be IPV4 network
and proper channel like a, B, C, and I'm typing IPV6. That's why they introduce
address family, which is our topic for today,
is familiar identifier. So if I'm using
IPV4 connectivity and want to advertise
IPV6 network, which we hail thousands,
double colon one. So I need to use address
family, type address family. And now it's asking
me which type, IPV4 or IPV6 VPN for. I said there are many features. So this time I say IPV6. Now, it's asking me, with an IPV6 is a
multicast unicast. And if you type a carriage
returns, so again, it will be unicast, so it's better to type unicast. Unicast is the commanded
does familiar. I'm still under BGP. And here I will type my network. Network 1 thousand
double colon 0 slash 64. I advertise the entire
network now is accepting. And then I will
activate the neighbor. So my neighbor is
1926 years old R2, which is must the
command to activate. And then from this side, I will do the same thing in R2. And R2, I LED enable IPV6
router BGP to neighbor is 190 to 160 years old dart
one remote sorry, neighbor. Neighbor is 192216 years
told that one which is R1. And remote. The more AS is one, mile one is two and
R2 and R1 is one. Again because I'm going
to advertise IPV6. So I will use address family. So I will say address
family, IPV6 unicast. And here I will
advertise my 2000s. Network. 64 is the subnet mask because this side I hail
2000s double colon two. Then the, the library is
190 to 160 year 12 dot one. I relate to it. And this way they will
exchange the inflammation. But if I'm still under BGP, keep in mind if you type exit address family and I
want to exit at this family, you will be still under BGP. I'm still under BGP. These are the BGP configuration and this is the command address familiar which we use to
combine IPV4 and IPV6. And this way you can combine
multicasts, unicast, and so many other feature, VPN and so other
feature we are at. Now let's check out how
we can check out that we are receiving the
IPV6 route or not. So the command is
a bit different. Show IP BGP. Nothing is there. Because if you are
using address family, it means if you are
using multiprotocol BGP, so the show command
is a bit different. You need to type show BGP, IPV6, IPV4, IPV4, IPV4. I have nothing because
you are not using IPV4. So advertise via,
we advertise IPV6. So I will say, sure, I show BGP IPV6 unicast. And you see I'm receiving
thousands and two thousand. Two thousand is because it's 0. It means this belong
to our 2 thousand. I'm receiving from that one. Again, an R1 if I
want to verify. So Command is a bit different. Show BGP, IPV6, unicast. So here you can see
thousand and two thousand and show
IP BGP summary. My neighbor is IPV4 MRI I'm
advertising IPV6 network. And this is possible
due to address family. Either I would say as possible
due to multiprotocol BGP. Again, there is a separate topic related to multiprotocol BGP. But here we are specifically discussing BGP address family. So it's like an extension. It's like a feature
up Multi Protocol, BGP, where you can combine
IPV4 or IPV6 route, which we have done it. We want to advertise IPV6. We are connected through IPV4. So let me go through
if I miss something. So we've done this
one, we activate, and then these are the
command which is a bit different and we check out. So it's there and it's
working and it's okay. This was the first configuration related to BGP address family. We will do another lab
related to this one. So hopefully it will
be clear to you.
21. Address Families Part2: So we've done one example
and BGP addressed family. So basically it's a
feature and multiprotocol BGP as an extension to combine IPV4 and IPV6 and so many other
feature under one BGP. We're done this example. Let's do another example. This time, I'm connected
through IPV6 and also IPV4. And I have a network, IP 41 network prefix of IPV6. What we will do last time, we, we just advertise
IPV6 prefix to R2. N also are to advertise IPV6, but this time they want to
advertise IPV4 or IPV6 both. And also the neural connectivity or through IPV4 and IPV6. So let's check out. I
will use the same thing. I have R1 and R2. Here I will create a
loopback interface, IPV6, IPV4 or IPV6, IPV4. This is S1, S2, and they are connected through IPV6 and also IPV4 with BGP, nothing is configured here, so let me go to R1, and here is our 2. First I need to apply the IPs. So let me go to R1. Here is I will go to
enable configuration, then I will change
and M2 R1 apply this IB2 interface
and also IPV6. Ip I will enable IPV6
here, no shutdown. And I will create a loop
backup IPV4 and Lubeck IPV6. So let me copy this one is AC, how we can apply
the IP and paste. So R1 configuration is done. Okay, now let's go to R2. R2 I will do the same thing. We'll change the name and then assign IP and also IPV6 IP. And then no shutdown, create loop backup IPV4
and create Lubeck of IPV6. Okay, so let me copy this one. Control C and control V. Let's verify show
IP interface brief. So I held two, which is up and Lubeck. While the IPV6, we
need to check IPV6. So IPV6 is here. And now let's go to show
IP interface brief. Show IPV6 interface brief. So everything is okay. Next thing I need
to configure BGP, which is our topic. And BGP configuration,
I allergy to you. And lastly, as well, if you are using IPV6, you need to enable IPV6
routing, IPV6 unicast routing. So I need to enable
this on both sides. Otherwise it will not work. So IPV6, and let me type here as well,
IPV6 unicast routing. Okay? Then now this the way I have
an eyeball to hold onto, but I have a neighbor or IPV6 is remote areas or both
are similar to it. Okay? Then I will go to
IPV4 address family, and we'll advertise
my one network. Then I will go to Edit Family six and advertise
thousand network. This is our main target
because I have both network. So in this way you can
again use addressed family, which is our topic for today. So a router, BGP, which is my AS number, and my neighbor is
1922162, which is R2. And remote areas of
our do is to done. Now, I have a neighbor
of IPV6 Israel, which is 3 thousand double
colon, which is R2. If you want to see. So here is this IP is assigned and also this IP is assigned
under one interface. So this is my neighbor and
remote AS is similar to an R1 I actuated and I have our tonight but IPV6 sniper
and I build for neighbor. Now what about the network? Because I want to advertise my IPV6 network
and IPV4 network. Either prefixes which we call
Thousand and One, One, One. So what I will do, again, I will use Address Family. Address family,
but which family? First I will use
addressed family, IPV4 unicast because I'm using Unicast network
to advertise. And here my network is
190 to 168 dot one, which I am connected directly. And mosque is to 55
to 55 to 55 dot 0. And another network is one dot 000 net work with
the mask to 55 dots. Little dot is 0. This one I have 11 network
with a subnet mask. So that's why I
advertise like this way. So I P4 is done. But before exit to Ida's family, you need to activate
the neighbor. So mine eye but it is one hundred two hundred
sixty eight to activate. And now I can exert exert
address family and enter. Now again, I'm still under BGP, but I only exit from
address family IPV4. Now I need IPV6
network to advertise. So again, I will
say address family this time IPV6 unicast. Here, my network which
I want to advertise is thousand double
colon 0 slash 64. But I want to advertise
3 thousand as well, which I'm connected
through this network. And before exit the
address family, you need to activate. So my neighbor is three, because I'm in IPV6. End to end here I
will say activate, same like I activate IPV4. Here I activate IPV6. And now I can exit from here. And now I'm under BGP, I can exit from here as well. Now, the same thing I will do, an R2 Israel router BGP too, because now women are to
my night, but as 1922162, years 21 and remote
of R1 is one. But I have one neighbor
is IPV6 Israel, which is 3,001, and
remote S is one. Now I want to advertise
my network IPV4 and IPV6 because our du is also
IPV4 or IPV6 prefixes. So I will go to address
family IPV4 unicast. Here I will advertise first the network
which I'm connected. Normally not required,
but if you want, you can do 55 to 55 to 55 to 0. And my other network has two
dot 0, Zero mosque 25500. So I advertise my IPV4 network, but before exert
their dress family, I need to activate mine eye, but it is 100 to 168 dot one activate and
exert address family. Now I have IPV6 address family, IPV6 unicast and IPV6 network. Let me see what we have. We have 2 thousand. So I will say 20,000. I want to advertise
the whole network. And another network, the one which I'm connected
directly to R2. So I will advertise
that one as well. And the last thing before exit the address family neighbor is 3 thousand double colon one and activate an exit from
here, exit from here. And now we can
verify verification. Again, I told you the
commander a bit different. So we already done, you
need to type show BGP, IPV4 or IPV6 unicast command. To show the details
show BGP, IPV4 unicast. Ip. For unicast, I
have one network to network because one
is coming from R1, belong to R2 and told that one which we are
connected directly. But what about the IPV6 network? You just need to change
the command to IPV6. And here I'm receiving thousand, two thousand, and
three thousand, okay. The same thing you can verify
from their side as well. If I come here and check in R1, so you see 12192. And if you want to see the IPV6, so you see thousand, two thousand, and three thousand because we are using here, this is 2 thousand and this
is 3 thousand network. Like this one. This coming from 3,002 and
this one belongs to R1. That's why it's nothing, only 0 next row. So let's go back if
I miss something. So we check out from here, show the other one, ensure IP BGP summary. Definitely our connectivity
is IP BGP summary. So our connectivity
is through IPV4. And it's showing us that we
are receiving two prefixes. So you can verify it
from here as well. And we check the IPV6
one, and that's it. So basically we use this time IPV4 network
and IPV6 network. Again, nothing was difficult, but the only thing was going to different address
family if I go there. So basically we hear is
we say edist familiar IPV4 address family IPV6 because both what
a unicast to this, why we use unicast. This is another example
related to address family. This time the concept was a bit different than
the previous lab. I hope you understand this one. Thank you.
22. Filtering Access List Part-1: Another topic related
to PGP is filtering. Bgp filtering. You can use a route filter when BGP speaker exchange
route update. So it can be accept
either it can be denied based on your filter. Normally we use a filter and aerodynamic protocol like EA, GRP, OSPF, BGP, and
other protocolized IS. So you can use filtering and other dynamic routing
protocol as well besides BGP. So basically we use filtering
to filter the floor, to manipulate the traffic flow, to reduce memory utilization, to improve the security. And you can use for
many other purposes. Suppose if you don't
want any update. So you can use
filtering to block, to deny those updates. There are many methods
which you can use to filter the route and BGP. One of them is
access control list. Keep in mind, we can use excess less
parliamentary purpose. You can use them for
filtering as well. There is another one,
distributed list. Then there is a prefix list. And the last one we can use. And wildly you will see
and BGP route maps. So access control list
and shortcut we call ACL distributed less prefix
list and route map. We can use this method to filter the route whenever they're
exchanging routing updates. So you can use filter, whatever you like, like
a filter, normal filter. Suppose everything is
coming in the filter. Which thing you don't
need either you want. You can use filter here
that I need this either. I either, I don't need these updates either these
routes, either these prefix. The first one is ACL. Acl can be used for
many purposes and DHCP you can use
them and NAD pair, you can use them for filtering, you can use them for perfect, allowed or denied for Mac. Anywhere you will see ACLs. But here spatially we use
ACL filter filtering. So it's a different
way to use ACL. Not to block the traffic, but block the routes. Updates to either allow
them either to deny them. And filtering ACL is basically not denying either permitting traffic from different network. But we are using ACL here to allow or deny routes from
being advertised or learn. As I told you, ACL we can use we already done and
course ACL and detail. There are many type of PCL, standard ACL, extended ACL name, ACL, dynamic SEL, time-based
ACL infrastructure, ACL. We'd done it in detail. So you can use for
many purposes. We use HCl and switches, we use a CNN router, we use a CNN firewall. We use HCl to deny a
permit that profit. We use this here to
filter the traffic. So here we are using spatially
to filter the traffic to allow or deny a route
from being advertised or learn rather than
to deny traffic. Okay? So this is the first method. So first we will look
this one and lab ACL, how we can use a CL and BGP to deny or allow droughts
being advertised, learned. So let's go to lab. So this is our lab. We will use to router. Router one, number is one, and router to S number is two. They are connected
dot one, dot two. Here we will create some Lubeck 123456 and they start also
sex loop back interfaces. And then we will see to deny or allowed some prefixes
from R1 to R2, either from R2 to R1. Okay, so let's go here. So we will create a Lubeck
interfaces and R1 and R2. Then we will configure
BGP configuration. We already know when
we will use ACLs, allow or block the routes. So I have R1 and R2 which
is not yet configured. So let's go to, by the way, this is R1. These are the loopback
interface, AS1, E BGP connectivity dot one, dot two, and these are
the Lubeck interfaces. So let's go to R1. Okay? There is no configuration. Let's go to R2 as well. Okay, So I will use
a script because we already know I will
change the name to R1, go to interface this one to assign this IP and no shutdown. And we'll create some
new big interfaces. So easy to do. So copy and paste. The same thing we will do
an hour to go to enable change the name and create
few Lubeck interfaces based. Okay, let's see now if I check
show IP interface brief. So I have Lubeck interfaces and pull that one is
assigning this up. And let's check out here. Show IP interface brief. You see this one and this
interface is twiddle dot two. Okay, Done. Now we need to configure BGP. Okay? So let me go to R1 and let's
create a configure BGP, router, BGP 112, x1 and x2. And I will advertise my
sixth loop back interfaces. Okay, sorry, it needs to
go to configuration mode. N here is done, and now let's go to R2. Okay? Configuration. And let's configure our two BEP. Then. After a while, they will exchange the
information, the routes. Okay, So let's see, show IP BGP summary. So it's an idle state.
They are not yet. Okay, so we just need to wait, okay, now it's okay. But still we are not receiving prefixes mean the network
which we advertise. So we need to wait for a while. Let's see. So until that we
receive these prefixes. Okay, and let's go to our quiz
will show IP BGP summary. Okay, Not yet. We can check show IP BGP table. Yeah, so it's showing
only are two routes, not yet R1 route. It will take some time. And let's go here,
Israel, show IP BGP. So you see this
only one network, so it will take some time. What do we need to
do after a while? It will show you like this. We will create an ACL
basically to deny, suppose I don't need
to do to our one. To 22 is coming from here. This is the second one. So suppose 222, I don't need the two to two network, okay? I can block this to, to, to network being advertised
and the receiver here. So I can use this one. Let me see. I think so. Yeah, the first one is to two. So this one I just
written wrongly. The only thing is you
just need to change this to It's okay. This one I just
mentioned wrongly here, but instead it's okay. And R2, if I go here, show IP interface brief. So I have to do to network
two to three to 24, to 252 to six. So I don't want to receive
two to two network from R2 and R1 table. So let's first check out. You see I'm receiving due to
network from 12 to from R2. Okay? So suppose I want to apply filter using access
control list ACL, because our first target is ACL, we can use this year to filter, okay, access control list. So what we can do
an R1 if I don't want to receive two
to two from R2. So what I can do, Let's go to, let me show you again
here SDR configuration. I will create a ACL
with number one. Any number you can
go from one to 99. Here I will say denied to
dot to dot to network. And it's the word wildcard. We already know. 245. And then I will say
access list, one, pediment, rest up everything
I want to permit. But there's not a proper ACL to deny or allow the traffic. Basically I just created, but I will not
attach to interface, I will attach to BGP. What I can do, I will
go to router BGP one, and here I can use distributed
distri, distributed list. And here are many methods. One of them is ACL from
one-to-one, nine, nine, okay? And also I can use name, ACLS and prefixes as well, which is our next topic. But anyway, my ACL
number is one, which is mentioned here. And question mark there, say filter incoming routing
updates either out. So because these
these two are our 222 is coming to me because I'm, I'm in R1 and 22 is coming inside and this interface parse it and then 0 slash 0. So it's n. I will use n
rather than out, so as n. But before checking this one, what I can do, I
will debug Kumar, debug IP BGP updates. So I enable debug
and R1 debug IP BGP updates so that it
can show me behind the scene when R1 and R2
exchanging the updates. And now I will clear BGP. So they can exchange
information. Clear IP BGP star, which is hard reset
we already discussed. And after a while you will see that it will deny to to-to. You see here it say we're
receiving two to two. So as denied due to
distributed prefix list, it say I'm going to deny 222 due to distributed less,
which we configure. And we use HCl to
achieve this target. And now, if you check
our game show, IP BGP, you'll see two to three years the air two to four is there, two to five year to 2x's there? But 222 is not there. Which was before. You see it was there
to, to, to network. This is the where to filter. So n coming filter we apply. You can use the same
method with, you know, from this side to deny to, to, to, to send out. It's also possible
because there was an out. We check here. Here is it safe filter incoming routing updates and filter
outgoing route up debts. It's up to you. So you can
achieve the same goal to configure ACL and then apply
to your BGP and say out, our du will not send to, to, to network to R1. But you can do the
same thing and R1 that I don't need
this to network. And when I enable debug, so it's clearly say
that we are going to deny due to distributed list two to
two networks spatially, not rest of them. And when we check here
too, it's not there. You can see it's
only two to three. And if we check again, so now the route will be
there beside two to two. So I start from two
to three network. So that's the first
method to apply. And BGP to filter the traffic. We already know there
are many methods. One of them is access
control list, which we use. And we filtered the trophic
access control list.
23. Filtering Access List Part-2: So in last lecture we discuss about filtering, route filters. We use Route filter. So whenever router exchanging
their routing updates, so it can be accept
either it can be denied. We use filtering to manipulate the traffic flow to reduce memory utilization
and improve security. Then we discuss about the first method is
access control lists. To use access control
lists to do filter. This lecture we will
discuss prefix list, how we can deny either
except BGP routing updates. So ACL we already done. So now let's go to prefix list. Basically, a prefix list is
similar to access list is almost similar concept to make the route prefix the route. But prefix list is much faster than HCl and its flexibility. Excess list, There is no
less than or greater than. You can not give a
range of things. But in prefix lest you can do much better than
access control list. And keep in mind same like
an access control list. There is a default deny any. We already know that
there is a deny any at the end of
prefix list Israel. But normally we use prefix
list For Route filters. Normally we use prefer
this part, this approach, this is called prefix lists. Prefix list is similar. Now you will see in
the lab, It's almost, but it's more
flexible, you know, as compared to
access control list. So in our lab we will use
this topology to deny to, to, to network which coming
from R2 to R1 here. And BGP we will apply
professionals to deny to, to, to, to accept. This is our main target. I have R1 and R2. There are some network
loop back interfaces. In this side we have
some Lubeck interfaces. This is S1, this is S2. 12 dot 12 will lead to
very small topology. So let's go to lab. Okay. Here is when we apply it. So we will receive
all the route, then we will create
a prefix list. Units are almost similar
like an ACL IP prefix list. This the name test. We want to deny to two
to N rather than to type subnet mask in ACL here you
can type in CIDR notation. So easy to type no, two to two with 24 subnet mask. And then we will
say IP prefix less. Permit anything. There is an implicit
deny at the end of ACL and similar thing as
here and prefix list. So we will say IP prefix, this test 00 less than 32 means permit
anything like an ACL. We say permit any any,
either permanent, any. And then we will go to BGP and we will use
distributed list again. But this time we will
say prefix list. And prefix list. We will use our tests, the name of the prefix
list, an N-H bond. And then we can use debug
command to see that S deny or not. Let's go to lab. We have same lab. Let me on this one, R1 and R2, I will copy
paste the configuration. Okay, So let me go to
R1 and let's go to R2. Okay, so I have here the script. I will go to enable. Then we'll go to
configuration and we'll change the name for
acetone and useless zeros. I'm told that one
and we'll clear few Lubeck interfaces
for test purpose. The same thing I
will do in R2 and we'll create some
loop back interfaces. Then I will configure BGP, BGP, BGP and this deniable. And we'll advertise the network. And the same thing
I will do in R2. So let me copy this one. And let's go to R1 and paste. Okay, it's done. And let's go to R2. R2, this T configuration. Okay, it's done. And now let's apply
BGP configuration. So this is our one
BGP configuration and BGP is done. And now let's go to
R2 and apply BGP. Need to go to
configuration and apply. Okay? After a while they will
exchange information. So we need to wear and I just need to check the
interfaces here is up. I help build or two and I have these loopback interface
is okay and R2. Let's go to our one
interface brief. Here is told that one, and these are the interfaces six loopback interface is BGP. So I'm not receiving yet. It will take some time to
receive the prefix from R2. So we need to wait for awhile. Then we can deny. Okay, Still it's not there. It will come up now. So you can see I'm
receiving two to two to three to four to five to six. Are two advertising
all these network M and I'm receiving
all the network. What I want to apply
the filter now I don't need to do to network,
okay, this one. So what I can do an R1, I can configure ACL, I can configure route map. I can configure prefix this. So this time we're gonna
configure prefix lists. So IP prefix list. After that you can
give any name, okay, either a sequence number. So I said test. Then same like or deny a permit. We want to deny something. After deny, they're asking
the example as well. Their network and length. The network is to
dot to dot to dot 0, and the length is 24. We advertise them as a shoe running interface
Lubeck to three times, three times three
times 255 minutes 24. So I will say two
to two with 24, detect this the first
statement to deny two to two. Then IP prefix list, same name, and permit. Like an ACL. We say permit any, either permit any, any. Now they're asking
the same thing. Here. I will say aloud,
zeros, zeros, zeros, 0, and less than 30 to anything. It means any, any like. Now I need to go to
BGP router, BGP one. Okay? And here I will use
distributed list. And distributed
less is asking me access control list number either at the end
there is a prefix. So let me type this prefix. And now they're asking
prefix list name. We just configure this
T prefix name test and then question mark, it's a en route. So definitely we are receiving
this route from r to n. But before this, I did not enable
debug IP BGP updates. Let me enable a debug
IP BGP updates. Okay, and now I will clear BGP. You will see there will
be denied this network. By the way, I'm still receiving this route
show IP BGP to, to, to steal the ear. Because we need to
clear BGP session. So I enable debug
IP BGP updates. And now let's clear, clear IP BGP Hard Reset. And now you will see there
will be a deny statement. You see this one. It said that I don't
need this one. This network to, to, to network. It's denied due to distributed, are prefixed S
because we are using distributed and prefix
less to deny this one. And rest of the
network they receive. You see on the network
the resume properly. I see say show IP BEP. Now, you can see it
starting from two to three, but I'm not receiving
two to two network. So this is another method
to filter the network. You see this one if
I say show IP BGP, so I'm not receiving two to two. This is second method and BGP to filter the network
filter the prefixes.
24. Filtering Route-Maps: Another method to filter
that out and BGP route map. We already done
access control list, then we're done prefix list. Now this time we're going to do route maps to filter that out. Either to accept or deny. Route map is a huge topic, by the way, is a separate topic. But we can use route map. We can use for many purposes, but most of the time
you will see route map. We are using BGP for the
purpose of filtering the route. And BGP route map can use ACL and it can
use prefixes list. It means end of the
day route map also using access control list, either prefix less,
which we already done. Then we can attach a route
map to BGP, BGP Sniper. This way we can
filter the route. Route, maybe use the concept
of sequence number. Okay? By default, sequence
number is ten. If you want to type, if you don't want to type. So by default, it
start from ten. If view not specify
any sequence number. As I told you, route
map is a huge topic, separate topic, because the route map can
be used for many purposes. And router searches,
NPB, redistribution, route, and far so many other purpose you
can use route map. Keep in mind, route map is i2 is using prefix lists
in excess list. But end of the day, route map will take a decision. So suppose I have a
route map action permit, an ACL say permit. And so result will be permitted either prefix,
let's say permit. If route map said deny, an ACL said deny, so result will be denied. And even if prefetched, let's say deny, so
it will be denied. But if route, map, say permit and either ACL
or prefix list self-denial. So end result will be denied. The route map H&S deny an ACL
prefix list is permanent. So again it will be denied. So it means if it is
deny and route map. So you can type permit and prefix list
an ACL Israel, no issue. Because in the labor will create an ACL either prefetch list. And I will use permanent. So maybe you are thinking that why you are
using parliament. We want to deny two to two and you want to permit them to say, okay, I will deny
them en route map. Because end of the
day route map by using ACL and prefix
less to call them. It's okay if it is
deny and route map. No need to be denied yet. It's okay if you want
to deny is okay. But even if it is permitted, Okay, and reserve
will be denied. So this is a third
method to filter the route and BGP
using route map. Again, we will use
the same topology which we use for ACL
and prefix list. We have R1 and R2 and
V E BGP connectivity. It will dot one, dot two, S1, S2 and some
Lubeck interfaces. And let me go to
a route map lab. Okay, so here is, again, we will apply everything so we will receive all the
network including 222. So you see, I say
access control list I created and permit to
to to network. It's okay. You can type permit either deny, but then route map. I deny this one. So end result will be denied. So no need because I'm calling
this ACL ends or drought. Ma'am, I say a route
map taste denied. And this the sequence number
by default now so ten. And then I say match IP address, match IP address
means the ACL number. So my ACL number is one. So I call to, to do here, but I take decision
and this ACL deny. And second, and
better to create this one to permit rest of the
perfect Same like a permit any. And also in prefix less, we say 000 less than
32 en route map view here to follow the same
procedure and create empty. Another statement with permit, the rest of the traffic
can be permanent. So this statement is
for their purpose. And then I will
call the route map, go to router BGP. Builder to his mind
I-bar from where I'm receiving all the network
include a two to two. And then I will say a route
map and test is the name which we give here this
one rather than this one. And then n, n bond. And this read, these two
network will be denied. But this time it
will say that it is a route map due to road map, previously a same prefix
and distributed list. This is a third method to
filter the route and BGP. So what I have done, because we already
configured this one. So I remove the prefix
list or you go to router BGP and say no
distributed prefix list. And previous video,
we're done this one. And then I say, no IP
prefix less denied to two. And then I say I know IP prefix less stress permit this one, these three
statements we use and last video to deny
to, to, to network. But this time I will
receive again if I say clear IP, BGP star, star. And now you will see I will
resume to, to, to network. Okay? You see this time I'm
receiving to-to to network because I have already
enabled debug command. And there is no prefix list, no ACL to deny to,
to, to network. So let's see, show IP BGP. And you can see I'm
receiving to-to to network. And this is my target to
deny to, to, to network. So here is 23456 network
from R2 which I'm receiving. And I want to filter that
I don't need to do to network to receive
an R1 BGP table. So what we can do, we can
use filter and filter. The third method
is the route map. So let's go to route map, go to configuration in R1. That's the same
topology or care. Don't need to explain you again. I will create the
ACL with any number and I will permit the network
which I want to deny. Keep in mind. The network which
I want to deny. And 00255, this
DACA with wildcard. Okay. So I type more. Let me remove this one. So I say access control list. One permit. I can type permit, I can type deny. End of the day because
roadmap will deny. I already told you and I
explained you in the table. So this is my ACL. Now I will create route map. So I say a route map and I give the name paste and benign
because I'm denying here. So end of the day
it will be denied. And thus the sequence
number here, I will say major IP address. This the command
to call the ACL is asking ACL and also prefix list. You can use prefixes instead
of x's less excess list. Here my ACL number
is one, this one. And exit is better to do. Permit another one. This one and type permit
and type 20 sequence number and just exit from here. It's like an ACL to
normally we do permit any, any prefix list, we say
000 less than two to two. And route map, there is also
a deny statement at the end, so it's better to use this one. I said permit anything. So my road map is ready now, this might route map. So I call this ACL, okay? Now what I need to do, I need to go to router BGP one. And I need to update
this road map to my neighbor from where I'm
receiving two to two network, which I want to deny it, 192216 year old R2 to R2 IPN here I will
say route to map. What is the name of
the roadmap test and which from year I'm
receiving this router, this mean is n, say n. But debug is on people's
IP, BGP updates. So let me enable deeper to see
how they're going to deny. And what I need to do. I need to clear IP BGP. With star. After a while you will see they
will deny to, to, to network here is it's clearly mentioned they're
denied due to route map. So this time we use a route map to deny and
filter the network and BGP. So this is a third method, method to deny something. And BGP. Keep in
mind we create ACL. I create ACLU. There is one match, sequence number ten
and permanent 222. I can use prefix list
as well and route map. Because I'm roadmap, you
can call ACL either. You can call prefix list. So n stood up this one. Acl. You can do prefix
listed, IP prefix list. And here you can give
them an m, suppose a, b, c. And you can permit either deny because end of
the day it will be denied. I said permit. And what is the network to
dot to dot 0 and slash 24. Done button route map. You can call this one. By the way, Let's do it. Another network to T9
and stood up this one. Let's deny the areas which are
the network we will do 13. Let me double-check enable, show IP interface brief. We held to 22 to three network. So let me go there. And so I say IP prefix list, ABC per minute, 223342234. Yeah, It's okay. Now I can go to route map. And what was the best and denied ten and match IP address. Here we can use
prefix list as well. So let me go prefix list. And what is the name a, B, C of the prefix last name, we just created a, B, C. And then because we
are already using ACL, this why is telling me that prefix less than x is
less can not be used. And one sequence number. So I can remove the ACL. So let me remove
image IP address, and here is one, and it may remove this one. And now let me
manage IP address. What was this one? So let me apply a
prefix list this time. So it means I want to deny two to three network
rather than you see now, they said denied
you to route map. Before we deny to do
with the help of ACL. But this time we deny to two to three network with
the help of prefix list. So my main target
is the route map. You can use prefix list. Either you can use
access control list. And now if I check out here, show IP BGP, see
223222 is the air, but this time two to three
is not here because you deny this time two to two three
network using prefix list. And here is the deny one, even though it's a permit. But when we call them and
route, it was denied. And the table say that effort
is deny and route map. So it will be denied. Here is en route map
action is denied, but then prefix this
NACL, it is permitted. So end result will be denied. So no need to deny an ACL and prefect if you want, you can. Okay. So this was the third method
to filter the route and PGP.
25. BGP Peer Group: Next topic related to
BGP, BGP peer group. Here we know we already discussed
what is BGP peer group? We use it every beer and
every technology we hail. Group concept means when
you combine something. So same as here, peer group. If you have one eye bird and they require the
same BGP policy. So we can make a BGP peer group. Because rather than
to push something to one by one neighbor, we can make a group
to push them. So if you have BGP router and may have many night but are there to require the same BGP policies. But keep in mind, these members are
BGP peer group must share identical odd bond policy. Definitely it
should be the same. We create a group
for this purpose. When we have similar things
everywhere in real-world, we create a group E1
and E2 directory. We create a group E1 and firewall we create
a group object group. You will see group. Group is nothing but
combination. Same thing. You can customize the
N-H bond update policy for any member of
the peer group. Even though you can customize. So it's possible,
maybe you want to send something extra to your
peer group member. It's possible. But most of the time we
create a peer group when we are sending same policies. So it means a peer group has
a suitor BGP light bulb, that share the same
outbound policies? Yes. Why we are using VGP peer group. We use BGP peer group to simplify configuration
and improve performance. What does it mean? Simply by configuration means? Rather than to send
the same detail and type the same detail for
each and every member. We can send them at once. To remember, let me
show you from diagram. Suppose I have 300 neighbors and this R1 has 300 neighbors, and all 309 held
the same policies. So what are what we'll do? I need to type 300
times, similar things. 300 time. So if I create a group, so rather than to type 300 time, I need to type 1s and then I can send them to all
group member at once. So it means I need
to type less as compared to type individually
for each member. But each neighbor. Because these are 300 neighbors. And I need to push
them similar thing. So FYI want to push
them similar thing, I need to push them 300 time. What will happen is saying
improve performance. Performance means it means
R1 has to use CPU and RAM. And BGP update 300
times each time, which is burden and R1. So why not? If we make a BGP peer group rather than to send
300 times cm things, we can push them once. To BGP peer group
means CPU cycle, CPU resources, and
also configuration. We can improve. So BGP peer group can be used when router has
a group of nine, but with the same policy
which I told you. So if the night having similar configuration
parameter use BGP group, you can create this
group bar I BGP, and you can create this
part E BGP as well. So the advantage is BGP
peer group update is generated once per group rather than for each
neighbor, which I told you. So BGP peer group update
is generated once. So if you have 300 neighbors, so you will generate
update once. If you create a BGP peer group, rather than to send them 300 time to each
and every night. But you get the idea
why we are using BGP peer group means. And BGP peer group require less CPU resources rather
than send separately. Definitely CPU cycle,
CPU resources, resources and all
those things that BGP updates each and every time. It will be once per group. Bep peer group, save a lot of time and typing
as well means you need to type less configuration because you are
pushing to the group rather than individually
and separate neighbor. So BGP peer group, make updating more efficient
and improve performance. Definitely, performance
will be improved. It will be efficient
because the thing which you were doing 300 time now
you are doing once. I'm giving an example at 300, it can be 500, it
can be anything. So this BGP peer group reduce
processor Lord as well. And it's generated once
rather than to individually, each and every time separately. So this is called
BGP peer group. So now we have the
idea of what is BGP peer group and why we
are using BGP peer group. And I already told
you that it can be BGP neighbor and it
can be I BGP diaper. If you have many labor. And they're using
similar policies, similar configuration. So you can create
BGP peer group. Keep in mind, maybe
you're thinking, suppose if I create
a BGP peer group, but I want to send
something extra to this neighbor only and
don't want to send them. Now, but as possible, yes. You can use extra
configuration to send something only
to this neighbor. But we are talking about if
there is a similar policies, you want to push them to all. So what you can do, you can create a BGP peer group. Let me give you an example
here we will see in the lab. But I just want to show
you if I held the detail. Okay, so here is suppose I have three neighbors and
three neighbor. I want to send them up
dead source loop bit one. In EBP multi-hop to
Israel, same thing, two, same neighbor
password to the Samnite. Samnite been a network
to the same neighbor. So it means 12345. And this case, it can be huge. This is just an example. Say if I want to send these
five things to my iPad, so I need to type three
times a day or two. I LoopBack, LoopBack,
LoopBack, one, multi-hop to multi-hop to multi-hop to same as
password three times. And Sam is what
again three times. So it means I need to
type this command. In my case, it can be 300 time. I need to type
this command three time again and again for each and every member because
I have three members. So this is without peer
group configuration. I need to type more,
more configuration. And each and every time R1 will send update to each
neighbor separately, separate CPU and
RAM will utilize. Now coming to peer group. So if I create a BGP peer group, so this is my BGP peer group
members, which is 234. So my group is ready now and group only for line is the thing which I was sending three
times for each member. Now I can set them at once. So this is my group. And I send them Lubeck one. This is my group, and I send them
multi-hop to once, and this is my group ends. I sent them password
and similar, this is my group and
I sent them what Jen for the thing which I was sending these for each
member separately. Now I sent them at once. So definitely CPU
will be less use, less CPU will be utilized. Performance will be fast
because the thing which I was sending three times separately now I'm
sending it once. So this is scarred
BGP peer group. And I already told you what is the advantage is up
using BGP peer group. Required less CPU resources,
require less configuration. Efficiency, improved
performance. Sending up there rather than
separately at once. Only. So far, this purpose, you are using BGP peer group. So in next video, I will
show you and lab how we can configure and how we
can use BGP peer group.
26. BGP Peer Group Lab: Okay, So in last
video we discuss theoretically what
is BGP peer group. So let's do the labor
BGP peer group. I have four routers, R1, R2, R3, and R4. And every router has
Lubeck interfaces 11234, R1 connected to R2 with
1226812 dot one and dot two. Similar R1 with 1313
dot a3 and 14 dot 1144. And all of them has E, BGP. This is S1, S2, S3 for they are BGP neighbor. Because R1 sending similar
thing to R2, R3 and R4. Edit can be 300 router, but I just take three
router is an example. R1 sending similar things
to all their neighbors. So why not create BGP
peer group for R1? Because R1 is sending similar thing like a network
to Aldi and Khyber Pass. All two are the
unipolar blue backup there to all the other night. What Jen to all the NI but similar thing
they are sending. So there is two
possible solution. One is without BGP peer group, and second is BGP peer group. And I told you, theoretically they're
less CPU will be utilized and the update will be sent at once rather
than three-time. And my guess. So let
me show you here. So I held this one and
let me zoom it a bit. Tiao care. So this is the topology. And let's go to R1. Okay? And enter no, because
nothing is configured. Let's go to R2. No. Okay. Let's go to R3. Okay. And let's go to R4. Okay, now, first thing first, I need to configure
IP addresses, or I need to create one
loopback interface. And I need to assign
0 slash 010 slash one dot 10 slash 214
dot one, these IPs. So because we already know
this is CCNV level stuff. So what I will do, I will copy paste the script 0 slash 012, that one, this 113
dot 114 dot one. And I will create one
loopback interface with one. Let it. So it's so simple.
Let me copy this one. Okay, by the way, I need to change
the name as well. So config T, host name R1. Okay, So now let
me copy this one. And let's go to our one. Enable and paste this one. Done exit. So R1 is done. Now I need to configure
out to R2 has only one loopback interface
and one physical interface. So let's go to R2. So let me configure T n, a hostname or two, just one interface and
one loopback interface. So copy this one and
paste here, Done. And now let's go to three. So let me drag out
three here, okay? And R3 is only one physical
interface and one loop back, but I need to change
the name Israel. So config T the
host name, three. Kids. So let me copy
this one and paste. So at three is done. Now R4, similar one physical
interface and one logical. Okay, so let's go to two, config T, hostname R4. So let's go to our four
enabled and paste this one. Then an exit. Okay? So basic
configuration is termed R1, R2, R3, and R4. Now next thing
what I need to do. So i then the basic
configuration of these routers, because we are using loop back interfaces to reach each
other through E BGP. So I need any routing
protocol to configure. What I will do. We already
know this one, yeah, So I will configure
static route to reach Lubeck interfaces
we already discussed we need to reach
there because we will use loop back interfaces
for E BGP neighbor ship. So I need to configure static
route from R1 to reach 234. So what I can do, I need
to type a static route. Okay? So let me copy
the static route. Three load from R1, I need to reach to two. So 12 da2 to reach Three,
Three, Three, Three. And to reach for four, I need to 14 dot for this
terrestrially grout, we know how to configure. So let me go to R1
and paste this one. So now I'm reachable. On the other side, I
need to be reachable. In R2, I need to
type to reach 11. This one, One, I
would say twiddle dot one for our 313
dot one, this one. And far R4, 14 dot
one, this one. Because other router has
to reach 11 as well. Yeah. So let me copy this one in R2 and R3 because we
already know this way. Rather than to type, I just want to copy paste. First thing first we
need reachability to the loopback
interface is done. If I ping from here, do ping to dot to dot two. So now I can reach to R2, loopback interface three dots, three or three years
and four dot for dot for reachability is there. This is required for
BGP if you want to configure BGP through
loop back interfaces. So reachability has to be there. We already know this one, yeah. Okay, next thing now. So now we're done. Now we have two choices
which I told you. One is without BGP peer
group configuration. So without BGP peer
group configuration, what I need to do an R1, I need to go to router BGP one, and I have an AI, but to
Lubeck interface of R2. I have an I but three
Lubeck interface of our 34, loopback interface, R4. And because we are using
Lubeck interfaces, so I need to apply this command we already know
from previous lectures. Again, I need to tell far too. I need to tie for R3
and R4 three times 39, three times this command. Now because we are using
Lubeck interfaces, so I need to change
because for E BGP, hope is only one. So I need to change
them multi-hop to. So again, for R2, R3, and R4 if these
are 300 neighbor. So I need to type this
command 300 time. Then I want to apply password. So I need to for 234, I need to type three
times this command. And I want to use BGP
for just an example. It can be many other things. I need to type this
command three-time. Again, this is without BGP
peer group configuration. You get the idea, yeah. So if I copy this one
and R1 and paste, this is widowed peer group
configuration commands. I have 392343 term. I will send this command, three term, I will
send this command. Three term I will
send this command, and three term I will send this command F. I want
to send something else. Again, I need to type three
times for each member, for each peer group,
for each neighbor. Let me configure R2, R3. First, we don't need this idea, tastes bitter to configure this and then I will come back. So R2 just for you
or configuration, because our topic is peer group, no need to configure
our two or three, but just to show you
how to configure them. So in R2 I were remote S2 these. So we need to configure our
2 first so they are ready, okay, because we don't care. R2, R3, and R4. Let me configure our two or
three and make them ready. Our target is peer group, which has to be an R1. So we don't care about 234. Okay? So let me make really 234. So these are the configuration. If you want to see the
configuration, let me explain you. I am an R4, so BGP for I have one neighbor password,
Cisco version S4. I want to advertise my 44. I want to update source
Lubeck and a BGP. And the same thing, right? And, and R3, R2 as well. So in R1 without peer group, now I have a member
show IP BGP summary. So I have three neighbors, 234. Yes, that's correct. I held three neighbors. But without BGP peer group. Now, if you want to save
the configuration NF1 to less type and utilize CPU
and RAM, which we discuss. What we can do an R1, I can create BGP peer group. This is the configuration. First thing first,
this is similar. I need to go to an R1, I need to type the router BGP, and I have a neighbor
to neighbor 34. Then I will create a group
with the command neighbor. And this is the group. You can give them any name. I gave. Peer group one, PGY1. It can be anything, any name. And then I type peer group. And then I say, and this peer group, I have a member to, I have a Min but three
and I have a member for which belong to
peer group PGY1, PGY2, and peer group PGY1. So let me remove the
Without configurations. So I will write no
router BGP one. So I remove previously
configuration. So now I can type
this command first. I need to type normal
command router BGP, and these are my diaper. So let me type this command. First. Let me go to this one. This is similar like
the previous one. So these are similar. But next thing I
will type Nippur. And then there is if you see neighbor address,
neighbor tag. So I can type any group name. Suppose in my case
I say PGY1, n here. Command is, you will
see I need to go to n. It should be here. P or sorry, peer group. So I need to go to,
here is the command. A second figure, peer group. What I will say, I
will say peer group. So there's the camera. Let me show you. So I say I want to make
a peer group nine, PGY1. There's my group name. And this should be peer group. Next. Who is in this
peer group member? So I have three member too, 34. So I will type to dot
to dot t2 and PGY1. If you type here. So they can ask you
the name, okay? So here you can type PGY1 and peer group, sorry, peer group. And here you need to type
the peer group names. So what name I gave
it, this one, PGY1. So this is one member of this
group with this command. Now I have another member and this peer group, three dots, three dots, three and enter, and I have another
member and so on. And this way you can
add as many you want. Done. First I create a group, then I add the
membrane, this group. I add three member
in this group. Now, I can use this group
name to send them anything. It wants only the thing which
I was writing three times. Now I need to type once, you know, in previous
configuration, I type Lubeck one three-time
multi-hop three time. Password three
times, three times, and my configuration, it can
be many other configuration. Now, look at I just need
for line and stood up. How many land before it
was 123456789101112. Before I was writing 12 belied. Instead of a line, I need to type only four. You get the idea? Let's configuration. Don't think maybe
you are thinking no, if we count these
line and above line. So there is no huge difference because I have only
three neighbor. If you have a 300 and diaper, then you can see that you will list type
because you need to type only once per group,
this configuration. So next what I can do, now, I can use this group PGY1, and I can send them those
things which I was sending for each member to consider them
update source Lu big one. So this update source, Lubeck one will be sent to all my three member
automatically. And multi-hop, sorry,
E BGP, multi-hop. Ebg be multi-hop it to to send them to our group member
and to send them Password. Cisco, N word agenda for
you see my neighbor, she pays up again because
we already configured 234. But this time, let's
configuration and also less CPU and RAM utilize the
thing which I was sending per peer group. Now I'm sending per group before I was sending
23 neighbors separately. Now I'm sending to this group member only and they will get
them automatically. All three member will
get them automatically. So you get the idea. Yeah. So this is called a BGP
peer group configuration. This way, whatever you
want to send them, you can put them in this group. Okay? Maybe you are
thinking that I want to send something extra to R2, only, not other members. So don't advertise
them in the group. You can deal with them
separately as well. But the thing which you want to send them to all three member, then you need to type under
this night this command, this is important command. Here is, and here you can
see now all these things. If you want to activate
them, advertise something, allow policy something to all three member if you
want to give them anything. Password, which I
gave an example, prefix list, something, route, map, whatever you want to do it. So you need to send
them to all member, then you need to come here. And under this group you need to advertise anywhere
you get the idea that what is BGP peer group
and why we are using BGP peer group and how to
configure this BGP peer group. Keep in mind now if
you want to verify, maybe you are thinking, so show IP BGP, BGP summary. So I have still
the three member, no difference, but before it
was without BGP peer group. Now I help with BGP peer group. And you see the difference. I cannot show you the RAM and CPU because it's
only three routers. But in a huge environment
when you have so many routes, so many prefix, so many network, and so many neighbors, then in that case you can see CPU and RAM utilization
and those stuff. But at least you get the idea because we have only
three router to see. Okay, So this was
BGP peer group lab.
27. BGP Route Dampening: Okay, So in this video, we are going to discuss
BGP route a dampening. Before. To discuss
BGP route dampening, you need to know
what is flipping. You know, when your network
route are repeatedly scan, flip means that it's changing repeatedly. Maybe you have a network
which it down and then up, up and down, up and
down repeatedly. This is Carl flip, flipping. Now suppose, let
me go to this one. Suppose, consider here, we
held this route and flip down. So R1, because R1 is
receiving this network, R1 will advertise
to R3, R4, and R5. That to 22 is not anymore. It would advertise their
route is not anymore. They will update their neighbor. Again, the network is up. Again. They will send the request to all the night bus again
is down repeatedly. This is called flipping. Every time one has to use
their resources, CPU RAM, and R1 has to utilize
the CPU and RAM and they need to advertise this route again and again to
their neighbors. Consider this is only one route. Maybe this is a 100 routes, which is flipping, network
prefix, which is flipping. So R1 has to use the CPU and RAM and they need to
update the UI button. Consider these three neighbor,
maybe 300 neighbors. So it means it's consuming
CPU and resources. To save the resources and CPU. We use route a dampening. So what will happen when
you enable route dampening? So it will suppress
the flipping routes. You know, the route which is
up and down, up and down. They will suppress them. Instead of being advertised. Rather than to advertise these
routes which is flipping, they will suppress them, suppresses nothing but
they will keep them. But they will not advertise
even if it is up. When the routes are suppressed. There is a threshold we will discuss when the routes are
up and down, up and down. So there is a threshold
and BGP dampening. What they will do. They will suppress the road. Even if the route is available. It will not be advertised to the neighbors until the timer. So we use this feature to
save our CPU and resources. Because we know BGP
routing table is huge and it's not
practical to send those routing updates to our router when the
flipping is occur. When flipping is
darker and you have a huge table and you
have many neighbors. So again and again,
advertising these network, these prefix is very difficult because it will affect the performance
of the network. And it relays will consume
more resources up routers. Because it will affect
the performance as well, because your network is changing the part in updating
tables again and again. So what is the best practice
to the base pretest? Isps use a route a
dampening regularly. It means so route dampening
was designed to decrease the load on the
router and increase the overall network stability. The network will be
stable when the routers placing router with
suppress these route, they will not advertise, even if it is up. This way, your network
will be stable. And also they will
decrease the load on the router to send
update again and again. So it means stable prefix
will still be advertised while propagation of the flipping route will
remain suppressed. Until such route
becomes stable again, they will keep these
flipping route for awhile. There is value which
we will discuss. When it's stable, then
they will advertise them. Keep in mind, BGP route a dampening was
applied locally and the router when the route
we learn through E BGP. So this feature is
spatially for BGP peers. And as I told you, there is suppress limit. We will discuss, which
is by default 2000s. When flipping is occur and
they cross this limit, those route will be suppressed. They will be, they
will keep them. Okay, so we know what
is BGP dampening? Now we need to know some
terminology and BGP dampening. First one, penalty. Penalty is punishment
is a numerical value. Numerical value and
as a punishment. So when the route is flip, so the router will
assign punishment, which is the far 1000, thousand penalty
each, every time. And it will increase every
time the route is flip, it will increase 1 thousand. So it means to to, uh, to time flip through 2003
times I flip three thousand, four thousand, five thousand, six thousand until
and unless you change this value, by default, this thousand, this
is called penalty. Okay, So we know penalty
in BGP dampening. Next thing is half-life time. This is also a numerical
value and it's half lifetime. Half lifetime. The file is 15 minute. Keep in mind, default
value is 15 minute. So this penalty will be reduced
to half after 15 minute. Suppose you have a
penalty onetime thousand. So what will happen
after 15 minutes? It will be 500. If you are not receiving
any other penalty. This is called half lifetime. Every time you are penalty will decrease and decrease
timescale half lifetime. So it means the
half-life time period, which specifies the amount
of time needed to decrease the current penalty to value twice smiler, twice, smaller. It means if you suppose you
get a penalty thousand. So when 15-minute is passed
to it will become 500. This is simple example so
that you can understand. So it means you win a BGP route has been
assigned a penalty. The penalty is decreased by half after the
half-life time period, which is by default 15-minute. Third thing we need to
know is suppressed limit. This is again a numerical value. It means if you were penalty is greater than these
suppress limit, the route will become suppressed and the default
value is 2 thousand. So there is a limit. It means if you
cross 2 thousand, if you get more than
two times penalties, so it will pass the threshold. Threshold is called
suppress limit. It means every flipping
you will get penalty. But if you're a penalty increase in more than 2
thousand by default, I'm talking about default value. This is called suppress limit. It means it's required
three flipping. Three flipping means 3 thousand. It means you pass
the 2000s threshold. Now, suppress, suppress. A route that is not advertise. E1 is up. When you get penalty, penalty pass, you are
suppressed, limit. Your route will be suppressed, and suppress is nothing
but they will keep them. But they will not
advertise to the neighbor. To keep the networks table, and also to utilize CPU and RAM. It means when your route
route is suppressed, when it's penalty
exceed the limit. And by default limit is two. And this is called suppress
and suppresses nothing but those route which is not
advertise E1 if it is up, but they will keep
them for awhile. There is a limit. And then they will advertise
when everything is okay. And what is this? Everything is okay. There it is called reuse limit. When you get penalty and
you get again penalty, you'll get third time penalty. So you cross the
limit up to thousand, limit to us 2 thousand
and you get 3 thousand. So your route will
be suppressed. And by time being, it will be decreased because
you have half-life time. When you were penalty decrease in S reach the
default value is 750. That is called the reuse limit. Again, this value is numerical and it will be
compare with your penalty. If your penalty is less
than the re-used limit, the suppress route will be
no longer be suppressed. It will be advertised. Again. It means that the
route is added back to the BGP table and
use for forwarding. It means you get 3
thousand penalty. And after awhile, you
are where you decrease, decrease when it's
reached to say 1 fifth t. So your route will
be re advertise. It will be added
back to BGP table. This is called reuse limit. So you get the idea penalty, half-life time, suppress, limit, suppress and reuse limit. Another is the maximum
suppress time. Maximum suppress time and minute is ranges from one to 255. Maximum suppress time for how long we can give
the route suppress. The farthest 60 minute. And maximum. You can keep them 255, the value, this the range. It means the route
experiencing route flipping should not be suppressed
by more than 60 minutes. This the maximum limit which you can keep the route suppress. Whatever. After 60 minutes,
you need to air them to BGP table and you
need to firewall them again. This is called maximum
suppress time, which is 60 minute by deform. Another terminology related
to BGP dampening as history. What is history and
entry that is used to store information about
the route when it's down. So they will keep
them in a history. It means when your
route and you are prefix become unavailable
after flipping, at least once, the BGP process still
keep it in the table. And mark with
history means hedge. And when you pass the limit, then it will be not
anymore history, it will become d
means dampening. So it means if you
still if your route is flipped once too, it's okay. Because still you did not
grasp the suppress limit. Your route will be marked
as a history hitch. But if you cross the limit, then it will become d. This is called a history. So the thing I
mentioned here again around that is flipping resume penalty UP
thousand for each flip. And we reach to the suppress limit by
default, which is 2000s. So BGP suppress,
advertise up there trout, even if the route is up, it will not be advertised
and it will be suppressed. And when your penalty decrease because of
a half-life time. So it will be decreased
after every five seconds. So when your video decrees and
it's become less than 750, these route will
be re advertise. Also keep in mind that BGP dampening is
disabled by default. And the command to
enable as BGP dampening. Because nowadays our
router are powerful, so no need of BGP dampening. They can accept such
type of flipping. But anyway, this command
is there for you. We discuss all these again as I already
mentioned again here. So this is our topology. We have R1, R2, 345. We will use R2 to
flip this network. And R1 will advertise to
these three neighbors. We will flip this three
times and you will see the route will become dampening. And R1 will not advertise that route anymore
to the neighbor. First time it will
keep them in history. Sacred debit will be in history. But if it is passed
the threshold 2000s, these two network R1 will not advertise anymore
to these neighbor. Even if the network is not
flipping anymore and it's up. Because then need to decrease
the value which is 750, then it will be advertised either they need to
wait for 60 minutes, which is the maximum
suppress time. This is called BGP dampening.
28. Route Dampening Lab: In the last video we discuss
BGP dampening theoretically. So now let's do the labor
BGP dampening, okay, so we hail five
routers, R2, R1, 345. Consider, R1 is, ISP, okay? And these are the clients. So when R2, we will
use this to two, which is a loopback. We will down this network, okay? And R1 will receive flipping. We will use this one by
the way, what happened? They will keep them in history again if they pass
the threshold. So R1 will advertise
this to two, will not advertise these
two to anymore 2345. But before that, we will
configure them these routers. And we will check without
BGP dampening feature, and then we will
enable BGP dampening. We already know that
the penalty should be reduced by half lifetime,
which is 15-minute. And the dampening route must be a reuse when the
value raised to 750, these are the default
value we will use. The default route should not be used when it's
reached two 2000s, the threshold, it will make them press when I switch
to 2 thousand points. And the route experiencing a route flap should not be suppressed for more
than 60 minutes. We discuss these
theoretically previously. So let's go to lab and
let me take my script. So let me open R1. Nothing is configured
on these routers. So first I need to configure. So no, this is R1. And let's go to R2. And let's go to our three. No, let's go to R4. Let's go to R5 Finally. Okay, so an R1, let me clear the
screen and enable R2, clear the screen and enable. Our three, clear the
screen and enable. R4 clear the screen and enable. And R5 clear the
screen and enable. Okay? So this is our connectivity, or to connect it to R1, R2 and 12 dot one. And here is a
loopback to, to, to, here is a loopback 11 here, 33 here, four, here, five. Okay. R1 connected to our
31313331414 dot for N 15 dot 115513 means
are 12313141512. And all of them
are BGP neighbors. So let me copy the script.
Let me show you one. Then I will copy rest stop. I will change that m2 R1 here. And this router, I will go to this interface and
will 12 dot one. Then I will go to 0 dot
1130 to 14 dot 10315. And I will create one
loop back interface. This one done. So simple. So let me copy this one, R1. And let's go to Paste R1. Then. R1 is done. Similar. R2 has only
two interfaces, one physical discipline
and one logical. So we already know,
let me copy this one. And R2, let me paste. Okay, and R3 is also similar, only one Lubeck
and one physical. So let me copy and paste. And let's go to four. So four is also one
logical and one. So let me clear the
screen as well. Finally, 51 physical
connectivity with R1. Okay? And now we have physical connectivity
all the route of R1, R2, R3, R4, and R5. So these are the
basic connectivity. Now I need to
configure BGP, BGP. So R1, I will type a
BGP one because I have a S1 to S2 with this router, three with 345, and I will
advertise my one network. Okay, so let me copy this one. And let's go to R1 and paste. Done. So BGP is configured here. Now in R2 only one neighbor. So router BGP to number 12 dot one S1 because I have a stew. And two I will advertise to. So let me copy this
one and paste to. Let's go to three. So let me copy three. Let's go to for similar things. E BGP connectivity for, and let's go to five. Okay? And this is finally five. Okay? So I will keep one
like this and let me bring them here again to one. This is two. And let's go to three. And let's go to four. And let's go to five. Okay? So my target, Estee Lauder, Okay? Now what will happen? So before applying BGP,
a dampening feature, we need to check without
this BGP damping, you need to enable
BGP damping in R1. But right now I'm
not going to enable, we already configured these. Okay, Let's check out, but I need to
enable debug in R1. So let me copy this command. This the R1, because I want to test this route
when a switch to R1. So this one, okay. Anyway, BGP damping
feature is not enabled. So let's check out
before without this one. So let's go to R2. And what is my big show
IP interface brief. My LoopBack is this
one is Lubeck one. So let's go to
loopback interface, loop back one and shut down. But before shut down, let's go to three and checkout. Show IP BGP. Yes, I'm receiving this to
two with 13 dot one from R1. And let's do the same
thing here and R4. So again, I'm receiving
with 14 dot one, this one. And here phi is, well, show IP BGP. Yes. So to-to with a 15
dot one, dot one is R1. This route is dear. But if this route is flipped, Let's go to R2 and
flip this route. Shut down. What will happen? R1 will receive the update
and they will send the update to all
the neighbors that this network and this
prefix is not an important. So R3, R4, and R5 will remove this route
from their BGP table. So it's the area to SDR.
Let's check out again. It's not more. It started 12 was there but
it's not the NO. Let's check out here. It's not there. It's not there. Less up again. Sorry. No shutdown. I enable again. So R1 will receive the
update again and they will advertise again to the
neighbor there to, to, to route is available again. And let's check out. If I check all three, so two is again,
if we go to four, so two was not the area. Let's check out too
is again the air. And if I go to five, so it's again there. This the way. But every time one
has to play our role, they need to send the update
to all their neighbors. They need to utilize the CPU
and RAM each and every time. Now coming to our topic, let me enable, okay, how many times you
want to do, do it? As many times, every time they
have to do the same thing. Up and down, up and
down, up and down. They will do the same thing. They will send the update
and they will remove from the BGP table again and again. So now what we can do, we can use BGP damping
feature in R1. I only need an R1 because
R1 is in the middle, which advertising
to their neighbors. In R1, I will say BGP
dampening under BGP, okay, I'm already under
BGP router, BGP one. So I'm already there.
So I say BGP dampening. Let me show you more detail. Either let me clear
and show you again. So R1 or don't need to
enable this in R2 and R3 because one is the
responsible person to send up there to D&I. But again and again, in R1 I will go to
router BGP one. And here BGP dampening this
tick mark, question mark. So you can change the value. This, the half-life time
which we discussed. Halftime, is by default
a 15-minute and maximum. You can give them 45. So if you want to change by default as 15,
let me type 15. Suppose next value is reuse. Reuse is this one. By default as 750. Here, maximum you can
go up to 20 thousand. Reuse this 150. Suppose if you want to change, then as suppressed the route, suppress route is
by default 2000s. And here, maximum you can
go up to 20 thousand. And then maximum duration
to suppress a stable route. Maximum duration is
between one to 255. And I told you
maximum duration is 60 minutes. This is the limit. Here. Maximum you can go up to
20 thousand and reuse. And halftime you can
maximum go up to 45 here and suppress
route maximum. You can go 20 thousand
and stable route to keep them as maximum 255. Also, you can use route map
for specific route criteria. And also there is
a carriage return. So I will use carriage return. I will say No, I don't want
to use route map and I don't want to change the default
value until around this. If you want to change, you can. I send BGP dampening and R1. Keep in mind I really
enabled and R1 done. Next command is Deepak
IP BGP dampening. So I can see the debugging. They send BGP dampening. Debugging is on on-farm. Also, I can check the value, show IP BGP dampening
and question mark. Here is parameters. If you want to check
the parameters. So they said dampening, reconfiguration and
progress because it's taking time to enable. So I need to wait for a minute. Now as Dunya clear dampening
structure with half time 15 and SD reuse 750 and
suppresses 2 thousand. They still default
value is created. Now I can check, show IP BGP damping parameters. So they said they'd say 12060, you are using all the
parameter a deferred 115. I told you halftime. Let me show you again. Whereas this 15-minute
second is 750. This theory use this one. Then 2000s as these
suppress limit. I told you default
is 2 thousand. Then 60 is the maximum duration. This one maximum suppress time. Again, they mentioned there
the half-life time is 15-minute and the maximum
suppressed penalty is this one. That's the maximum you can sit. And suppress penalty is 2000s. Suppress threshold. If you pass this one, you are out will be suppressed. And reuse penalty essay
1 fifth DNR told you 60 minutes is the maximum done. You can check this, the other command as well. So if I say show IP BGP
dampening question mark. Second is the flip statistics. If you want to check
the flip statistics, nothing has the, right now
we haven't done anything. And then another one is
damping part, so path. So still nothing is there. Now we will see all
these commands. So let's go back to r2 and do the same thing
which we've done before. So let me go to R2 and
down this network, shut down, down the network and R1 because I enabled debug. So here you will see
the debug messages. They say that the
route is flipped, so that's why we
charged them penalty thousand because you are
using default value. And new total penalty is
thousand, as mentioned here. And it says the penalty is 11. And the penalty is
farther to 00 network, which coming from part two. So this is the network
and this depart to AS2. Halftime is 15, reuses
750 and suppresses 2000s, issuing us the same thing, which is the default
value and debug command. But if I check now with the show IP BGP dampening,
flips statistics. So now they're marked them
as a history because I told you that once it's flipped, first time they will mark
them as a history nut them. So let's hedge. If it is d, then
it will be damped. But essay history, there, There's 22 network
coming from 12, R2, R2. Flip ones. Duration is this one. N is coming from this part. Let's check out another command. Dampened path. So it's not showing yet. Because when it's another
command which we can use show IP BGP for two
dot 0 dot 0 network. Here you can also see something. It says history entry. It only history. Not yet as damped. We will see here as well. And now you can see that
the penalty is decrees to 925 from a thousand because
it's get penalty thousand, which we see here. But now it's decreased
because I told you after every five seconds,
it will decrease. When it's reached to 750, they will reuse them. Let's go to our four
SDRAM at this route. So 22 is not the
let's go to okay. It's done that way.
Let me up them. No shutdown because
it's flipped them. I shut down but not I need
to know shut down as well. So this route will be there. Still is dear to his deer and
345 route is still there. It's okay. Because it's not suppress. A humanist mentioned
that is not suppressed. Because when LTE
is 889 and it will be suppressed when it's reached
and more than 2 thousand, again, 5 second as decrease. Let's flip again. So you will see the difference. So I would say shut down. Okay. And no shutdown. Let's go to R1. So this time they said
the year charge penalties thousand new 1868 and flip
count is two this time. How I can verify, Let's go to flip this one. Now they say that the
network to two is still in history because it not
pass the threshold yard. This, the network is from
the wrist coming to flip. Duration is this one. And from this path is coming. Total penalty is 25 and
it's not yet suppress. Our three will still
receive show IP BGP. Still there because it's required another
down three flips. And also if I check
from this one, so still say that it should
be history somewhere. It should be mentioned
some weird its history. But still it not damped. Okay. So yeah, I can
not see anything. It should be here somewhere. This the penalty and
flip time is two. And now it's decreasing again. After 30-second every five
seconds it will decrease. If I wait for 15 minutes, half of them will reach. But anyway, I need to
apply third time to show you what I
will do third time, I will say shut down. Okay. It's flipped and then I
will set no shut down. Now it will cross 2 thousand. So let's see it. Yes. They said that total
penalty is now 2720 and flipped three times. And now, if I check
in under one, look at now so to history, okay, yet it's not
it's not updated here. It will be updated
because it's take time. So let's go to flip statistics. Here is okay. Now as D is not more
hedge before when Check it was HUC, it was hitch. Now because it's three term
and its cross 2 thousand. So now it's marked with the d. And d means damped this one and this d flip
this to duration and reuses. After five-minutes,
it will be re-used. And it's coming from this part. And let's now check
out flip statistics. And what was the other
one? Yard them part. Now it will show them
coming from here. Reuse will be in four
minute and 49 seconds. And this depart
from it is coming. And also if we
check two network, so it will be d here as well. Now it says suppressed
due to damping. This to network case suppress. Now three will not
receive this one is not there to network is not clear for you will
not receive this, and also five will not receive. The route is up.
Now, if I were to R2 and I said no shut down. But R1 will keep them. Suppress here. And if you
check here is suppressed here. And if we check here,
flip statistics. So suppress, the route is suppressed
and it's marked with a B. And the value
decreased to this one. It means we need to wait for another three minutes to
really utilize this route. Even that out is up. Now, keep in mind the
route is upright. Now. Show IP interface brief. My interface is up right now, no flipping anymore because
it's past the threshold. So now they need to
wait for that one. Yes. If you want
frequently to them now, so you can use this command, clear IP BGP damping, and enter this command. It will clear them and it
will do it straight away. Now, if I check Show IP BGP. So two is there now. And also if I check
flips statistics, it's not anything Lydia and R3 will receive
them right now. You are too is now here. And if you check here and 45. If want to force bully, then you need to type this
command, clear IP BGP. Dampening. You get the idea. Okay, So let me go to
lab if I miss something. So we already know that
depending parameter, if you want to check
flips statistics, you want to check
the path IP BGP, show IP BGP to
networks spatially. And if you want to debug. So we check and we see all these drought and how it
is and why we are using BGP. An impending okay, So this
was BGP and dampening a lab.
29. Split Horizon Rule: Okay, so another
topic related to BGP is BGP split horizon rule. Basically split horizon
is one of the feature of BGP routing protocols that
prevent a routing loops. It means the route, routes that are learned from one eye BJP neighbor will
never be sent to another. I BGP Pierre, simple as that. Keep in mind this
split horizon rule is different than the ERP and RIP. We also use split horizon. Yeah, they have
different concept, but in BGP they held
different concept. And BGP split horizon
means that when a route, as learn from BGP will never
be sent to another IP GP. Like this. Suppose R1, R2, and R3, all three router configured
as a BGP sniper. And they're using the
same AS number 123. Suppose one
advertiser, 1112, r2. R2 will never advertise
this 112 or three. Because of split horizon rule. You get the idea until and
unless you have a full mesh, either you configure
route reflector. We discuss route reflector. Yeah. Either full mesh then it's okay. But in this case because
it's not full mesh me, R1 has to be connected to R3 and day have an I-bar
ship, then it's okay. Then are three will receive
11 either route reflector. So this can form a loop
and your topology. So that's why they
protect you from Blake. Holy, if you don't have
a full mesh and I BGP. So split horizon
role is to protect you and to prevent the loop. You can use route
reflector then it's okay. Route reflector we discussed
previously basically disable this split horizon rule and sin I BGP route to every route. We discussed this one, we already know what is
the route reflector. Basically route
reflectors up with it, it's disabled the
split horizon rule. But here we are talking about split horizon rule
in normal case. It means BGP split horizon rule. Instead, they routes
learn via eye. Bgp will never be sent
to another I BGP peer. So if I put in another way, I BGP route will
not pass on route. It received from
another I BGP peered to another I BGP Pierre. The BGP split
horizontal state that BGP speaker cannot advertise any IP BGP update to
other IP BGP Pierre. In three different way. I told you that what is
split horizon rule and BGP, all these three router
and I BGP sniper ship. When R1 and R2, R2 will never give this 11, n will never advertise
112 or three. Because our split horizon rule, that's it. The simple way. Let's do quickly or lay
by three routers here, R1 and R2, and R3. Nothing is configured here. So let me go to no. Let's do know. And let's do no. Okay. Next thing, we'll use my script. I will configure IP addresses
and then it's simple. I will go to, sorry, R1 is up. I will go to our one. I will change that m2 R1 under this interface will
configure 121, create one loopback interface. So same. Here are one I will create a, apply this IP under
physical interface and one logical here to
physical interfaces and here one physical interface. So simple, so simple. I need to configure
IPs in R1 enable. And let's go to our to
enable our three in April. Oh, okay. And now let me
apply this script. So R1, I will configure
IP addresses. So let me paste this one. R1 is done. And R2 I have two interfaces
to assign IP addresses. And R3 I have only one
interface to assign IP address. Done. Now let's go to R1 and I
need to configure BGP. Bgp basically router, BGP 123, neighbor is also 123
and I will advertise by 11 network is
the BGP neighbor. So let me copy this one
and configure here. And R2, I have 291231
neighbor is 2123 dots three, both are in BGP
neighbor. Keep in mind. So let me copy this
one and paste. And let's go to our 33
has only one neighbor. So 123, okay? There are BGP neighbor. So let's go to R2
and check here, show IP BGP summary. So I have two neighbor, R1 and R3, okay? Still am not receiving any
prefix prompt L dot 12. It will take some
time to show you. So let me say show BGP not yet. It's okay. Sure. Running Section BGP, advertise their S1,
so it has to be there and show IP
interface brief. Show up and it's okay. Okay, so our two will
receive 11 after awhile. So let's check out. Not yet. Let's see now. I just need to
wait for awhile so they are to receive
one-on-one network. And then we will check this
11 network and add three. So it will be not there. So let's see now.
It's come up now. So in R2, R1 is advertising 11. So R2 will receive, it's okay. But because R to receive this 11 from there I BGP neighbor. So our two will not advertise the eye BGP neighbor network to another I BGP network, a router. So I'm receiving a to K. Let's go to R3. R3 is not receiving because
of split horizon rule. And you know, and rape
and those weak to check like their shoe
interface is 0 slash 0. And every interface
there is not sure IEP, sorry, sorry, interfaces. Interface. Because there is a split
horizon role enabler. I show you in some routing, I can't remember, but I show you and rape, I believe, yeah. Here is a split horizon is
enabled under every interface. Anyway, this is a
different story, but R2 is receiving this route, which we can see here, 11. But r three is not receiving
this one, show IP BGP. Because of split horizon rule. Because I told you when R2, R2 has two neighbors. One is R1 and R3. Both are I, BGP, not E BGP. If you make them this
library BGP, then it's okay. But because R to receive
this 11 from R1, so it will not give it to another I BGP
neighbor as possible. If you connect R1, R2, R3, and make my brush
shape between them, then as possible,
like a full mesh. Either you configure
route reflector, which we discussed
previously, then as possible. This is called BGP
split horizon. So it was simple dead how
and why it's not working. So you need to know if
you have a scenario like this and you're looking
after your network, That's why I'm not
receiving 11 and R3. So it means due to split
horizon rule, That's it.
30. Remove Private AS: Next topic related to BGP is BGP remove pyruvate is by the way, previously we discussed
Our Lady or what is BGP? Autonomous system number? We already know this one. Like our IP address, autonomous system numbers
have to be unique. The Internet and
same like a IPV4. We have public range and
we help probate ranges. So same AS number and BGP AS number autonomous
system number. We help private ranges and
also we held public range. We already discuss
this in detail. I'm just going to revise
quickly and then I will go to our main topic. There are N two byte number. There are 65536 possible number, which is from 0 to 65535. We're from 645264534 are reserved for private use. Like IPV4, we have private IPs. So same as here. Say if I check from here, this green one is our target. We have a trench and we
help public range from one to 64495 are public ranges. From 6651265534 are
private, just like IPV4. We discussed this in detail
previously in this course. But just to revise, why now I'm coming to private S. These are private as
the green number. Okay. Six, Six, 512. Any any number between
this one will consider probate and any number from one to 64495, we'll consider public. Now the reason is an E BGP
globally unique AS number, just like our IP phone
number on the Internet. And same like we cannot use
private IPs on the Internet. So we cannot use
private AS number on the Internet because
there has to be unique. And the range which
I told you from 6451234 are considered part of it is because
these are private. It means they are
not globally unique. It means that ISP need to ensure that probate AS number from BGP update when they are
sending them to the Internet. So whenever ISP receiving any
number from their costumer, from their client,
then need to remove private as if it is in
the range of this one. And for that purpose, we are using BGP removed
private is because private AS shouldn't never be advertised from one
ISP to another ISP. Bgp private S, be used within a day or they can be used with
an organization, but you cannot use
them on the internet. So these private a's should never be advertised
to the Internet. So what we can do, ISP can use the remove
private AS command. But there are three different
flavor up this command. One is the remote private AS
command, which only what? When there is probate S number only if in the way if in the part there is
private and public is number, mix and match number, then this command will not work. I will show you in the lab. This command only work if the entire path has
probate is number only. If there is any
public is number. This command will not
remove private F number. Okay? And keep in mind this command. Remove private.
Private is a proud that are advertised to the configure peer
means for outside. It means removed only
private route advertise to E BGP PI Rudy. And if there is only
private number, this command will work. Otherwise it will not remove. Then we can use this
command, Remove private. There is a third flavor
which is the remove probate, ASR, replace S. We can
do this one as well. We can also replace the private
S with the local public is we can replace them
as well if we want. So these are the three
different thing keep in mind, we will see in the left
hand you will get the idea. The remove private
is only work when in the path only a newly
private is number. Otherwise it will not remove private AS number from the path. And remove private AS command. It will work fine even if there is private and also
public in the path. And third flavor is if
you want to replace them. So after you need to type replace is just
this command extra. So it means we have
three different way, then you will get them
when we go to lab. So this is called
BGP, removed private. Next video, I will show you
the lab three different way. Remove private, remove private. And remote. Private is replace S. We will see all
these three feature. And what is the
difference between these three flavor of
remote private is, and why we want to remove is because these are private and private are not used and never be advertised
to the Internet just like a private IPs, okay.
31. Remove Private AS Lab: Last video we discussed BGP, remote private is theoretically, so now let's do the labor. Okay, So I have three router, R1, R2, and R3. R1 is private AS 64512
or two is public, is an R3 is also
public AS, okay. R1 is connected to R2 by one ninety two and sixty
eight dot 112 da2. And R2 is connected to
our 323 dot 2233, okay? And R1 is one network 111 prefix which will
advertise to R2. So keep in mind, I
have 6451264512. I take from private
ranges 66512. So I take the first private. Okay. And the other two has
their public AS number 23. So 23 is coming under public
AS number from one to 64495. They are considered
public AS number. You can use them
on the Internet, but you cannot use
6651265534 on the internet. Okay. So deliberately I
assigned to R1 pyruvate and these two his
public S number. Okay, so let's go to lab. So let me open our one. Nothing is configured. First we will configure
these routers, and then we will configure BGP, and then we will see
the three flavor. So let me open R3 as well. So let's go to R1 and say no. Let's go to R2, and now let's go to our three. Okay, so first thing
first, what I need to do, I need to configure
IP addresses, one logical Lubeck and this
physical interface IP. So let me copy from here. I have already created a script, so I will change the name to R1. I will go to this interface
assigned to a dot one. No, shut down and I will
create one Lubeck with the 24. So let me copy this one. And let's go to our one. Clear the screen
enable and paste. So R1 is configured, okay? And let's configure or to enable R2 has 292 IPA physical, okay? So to physically IPs. So let me copy and paste. Okay, so R2 is done, are three is only one
physical interface. So I will configure that one. So this is our three, sorry, I need to go
to enable and paste. So R3 is out soda. Now I hail IP addresses. Next I will configure
BGP, BGP, and R1. This theme, my
private AS number, my neighbor is this
one, R2 with AS2. And I will advertise
my one network. Okay? So let me go to R1 and
let me paste this in R1. Let's go to R1 and config t. And let me
configure this one. And R2 has two neighbors. So R2 has to Nippur router BGP to public AS number pulled out, one with private S
and three width. Public is. So let me paste this one. Let's go to 33 is
only one neighbor. So I will copy this
one and paste. Done. So next thing we need to check. Neighbors ship. Okay, so it's better
to check in R1, R2, sorry, let me go to
show IP BGP summary. So I have two neighbor,
well this site, well that one and
when the other side, okay, but I'm not
receiving prefix. I need to receive prefix one. So maybe it will take some time. Okay, it's better to
check, show IP BGP. So it's still not showing. So let's go to R1 and C, show IP interface brief. Yeah, So I helped do big
111 and this is also up. And let's check out show
running section BGP here. So I'm going to advertise this one network as
well. It's okay. I believe I will receive now. Yeah, It's okay now. I received this one.
So everything is okay. Okay. I configure basic
configuration item. Then basic BGP
configuration is done. Now in R2 when I check the private AS so if I go to
R2 which is in the middle, so I'm receiving
this private is R1. Because R1 is private, is this one. Yeah. So R2 is receiving
less checkout and R3, R3 will also receive. So R three is
actually receiving. 22 is two, and this
one is the R1 private. So without configure their to feature or to advertise
the same AS to the R3. Which is not possible. Not possible in this series. Because at three are using AES
and this is another iss p. Suppose how you are using private is to
advertise on the internet, like a private IP
on the Internet. So Sam is not possible. So what we can do, so we see that in R2 we are
receiving private is an R3, we are receiving private S. Now, how to remove this one in R2 because R two is receiving
from their client is okay, but our two will never give to the another ISP on the Internet. So we will do
configuration and R2. What we will do, we will configure and we will type this command
with their neighbor. So let me copy this command. Here is R2, I will say there to remove
private A's automatically. Let's go to R2. So here I will go
to configuration and a router BGP to is my
S. And then I will say, whenever you are giving the
route to your neighbor, this sniper 23 dot three
removed private S. Never give them private. Autonomous system,
simple command. Now, let's check out in R3
before it was receiving. Let's see, still is receiving
because we need to reset. So clear, IP BGP star. Let me reset the neighbor shape. And then this term, if you check it was receiving your UCS, receiving private. Now it will not receive anymore. Look at now is only two
means the public one, but not the private anymore. So you get the idea
why we are using this. You can reach it. It's not there
before it was there. 646 for just retype this command that removed probate
when you are giving anything
to your neighbor. Okay? So this one is
done. When we check. It's not anymore, they're now
coming to the second thing, which we discussed
theoretically, theory I told you that removed private AS command work only when path is
containing private. Keep in mind, I told you this
one that this command will only work when in the
path there is private, but not mix and match no public. If there is a public, then this commodity
will not work. How to prove you? Suppose
there is another router, but bitter to create what to do. Let me create an R1. This one prepend. We discussed this preprint. What I will do. I have only this one. Yeah. I will add 13 as well. And then public case again, private is again public gaze. I will pretend that I'm, this route is coming
from these 345. We can do this here. We use this command. So let me copy this one. What this command say, R1, what I will say, I will create a route map with the name AS and PR permit ten. Okay. And said the S part, I will change my AS part. Okay. I will make them
164513 will use 11, I will use another
private, and again public. And I will go to undermine BGP. And this is my
neighbor router two. And I will use this route map. So it means this R1. Right now are one
is giving to R2, this one network directly
issuing like this. But now I will pretend
myself that no, this route is coming from one, then coming from 6413, then coming from 11, then 1, fourth, then 111. We know this command V, We use them previously. So let me copy this command
and paste in R1 to change my and I need to reset. I need to clear IP BGP. Update the night worship. Okay? So before I was receiving
this 11 network sits 4512. But now it will be more than this just to
show you something. That's why I changed
them. So now let's check. Look at now, before I was
receiving from one too. Now they said that
is coming from 612, then coming from AS1
than coming from 613, then one, then 14, then 111. Why I'm doing this to show you this command will
not work anymore. Removed private is
because N the path, this one is private, but this one is public. This is private. This is public, private, public. Now R3, which was
receiving the removed. It will not be removed anymore. Let's check out. Oh, look it. Before it removed. When
the command is still here. Keep in mind and R2 show
running section BGP. So the command removed
private AS is still there, but it's not working anymore. Because this command
say that no, I will not work anymore because in the part there is a mismatch. Mismatch means there is some
A's private and public. So I will not work. If you make them all of them
private, then I will remove. But if one of them is public. So this Command cell
will not work this way. Are three is receiving the
whole thing's private as well. When I enable the command, command is still enable. But I told you this, this command will only work in the part containing probate is. But if there is containing
both private and public, then this command will not work. Simple as that. This white, this command
is not working anymore. What I can do, I can use another command and
there it is removed. Probate, ASL. I just need to put all command. Then it will work. This what I want to show you. So let me go down. So this was not working. Okay. I pretend my network
now is huge now. And then let me go to R2. And R2. Go to router BGP to n stood up this one,
type this command. But question mark there is, I'll just type on. And now clear. Because whenever you do
something you need to clear to update your neighbor ship. Now, R3 will not receive
these private trenches. Julio, it will be
two then 11111. So let's check out now. If I check, so look at now. Public one is public, 11 is public, N11 one is public. And the private one
is being removed. 121314. Who removed? Because without it
was not working. So two things are
clear to you now. Remove private is if there is, all of them is private, then you can use this command. If there is a mixed message, then you need to
use all command. And last one, there is another command which
you can replace them. You can replace your private
is with us, local public AS. So here's local public S2. So it means an R3. I can do another thing. And stood up 121314. I can write two to two. But how an R2? I need to do another
small changes. I need to go to router BGP
and this the neighbor. There is the more
remote private ASL. We type this command
previous LEA, just type another
command here is look at now, replace it. And clear BGP. So this time I say
that instead of remote private replaced them
with my night but public. So if I go down and
replace them, let me see. Yeah. So when I replace them, so you see now 12ths
been replaced with 213, replaced with 21, fourth
replaced with two. You can use this one as well. Let's check out in R3. If I go back to our three. And if I say show IP BGP
is 2222 and stood up. If you go back and
stood up 12 to 13, probate sorry, private become two and
this private become too. You can use the replace as well. So you have three different
flavor up this command. And I show you three
different flavor. And what is the
difference between these? Between private is removed, private ASL, and report
private and replace. So now you get the idea and how we can use these three
different flavor. Okay?
32. BGP Auto Summary: Another topic related to BGP, BGP Otto summary basically are to somebody who is
disabled by default and BGP. So what happened? Normally when you
advertise network and BGP, you have to type the exit
network and subnet mask. Otherwise it will not advertise. And BGP, we know this one. So whatever you are subnet is, you need to type exact
network and exit subnet mask. Otherwise BGP will not
advertise that one. I will show you in the lab. But when you enable R2 summary, then you can advertise
classful network and you don't need to add
the subnet mask, no need of subnet mask. Then BGP will automatically advertise the classful network. Only when you enable our toes. Somebody under BGP. And this are to
somebody who is I told you is disabled by
default and BGP. So it's up to you. If you want plus full network to be
advertised or to metrically, then you can enable
R2 summary command. Otherwise you need to type exit network with a subnet mask. Then BJP will advertise. Otherwise it will not advertise. I will show you in the lab. I have a small lab here. One is connected
to R2 with E BGP, dot one and dot two. And here we have one network
111 bit subnet mask 24. So let's configure this one. I have two routers and
nothing is configured there, so let me say no. And also in r2, know. And next thing I need to apply IP addresses to let me change the name and assign
the IP address. And Lubeck with 24 subnet mask. Keep in mind, this
is our one sitting. Let me copy this one. So R1, let me copy
and let me paste. So R1 is configured. Now let's go to R2. Enable R2, I will just
assign IP address, will be the interface, no loopback address, no need
of any loopback address. This one is in this side. Okay, so R1 and
R2 is configured. Now configure them
BE BGP. So R1. I need to type this command
router BGP libraries to build R2 with remote
edge to this what we do, yeah, normally, and this
side, the opposite direction. So here I say router BGP two, and neither is told that one. Now everything is okay my night, but you will be up if I go
to show IP BGP summary. So you see my neighbor
is 12, that one, but that one is not giving
any prefix, no network. Now, let's advertise
one network. This might one network, yeah. This one network is here. Do show running interface. Lubeck one. So my Lubeck which 111
with 24 subnet mask. If I try to advertise
them like this, one dot v dot 0 and mosque this the way how we
advertise network and BGP. And if I type two
fibers to buy 500, do you think they will advertise
this one network to R2? No. I write under BGP if
you want to check. So do show running. Section BGP says under
this 11 network, but the network was three times 255 and I write it
as a class full network. And let's go to R2 and c, I'm receiving this prefix, no, show IP BGP and other command. Show IP BGP. No, I'm not receiving y. Why? Because end BGP. If you want to advertise
something without R2 summary, you need to type exit
subnet mask, exit network. So how it will work. So I need to go
back to this one, Control N E to remove this one. And up arrow idea to
bring this network. But this time I need to
type exactly how it is. 11. Because this is three times 255, and I need to change this
one to 255255 and Enter. Now it will work because
this the way it is, I need to advertise
the same way with the exit subnet mask
and exit network. Now let's go to R2.
It will be here now, look at now is here
with 24 years. And if the check
the previous one. So now I am receiving
one prefix now. But this command is okay to
check with this command. Now I'm getting amazing. When I try with this one. This one, it was not working. Now, let me remove this one. Keep in mind if I type
them like this network, sorry, not this one. This one. It will not show the air, it will not advertise. Look at it's not there again. If you want to see
them like this, enable R2 summary under BGP, this the only thing
which I was telling you and now check
it will be there. Now. It will take just a minute. It will come now. Let me type summary. Yeah. So now you can see it's working the same command
which I type before. Without R2 summary to it was
not R1 was not advertising. There's two R2. And it was advertised
the same way with 24. Now look at as a class full. This, the logic only using BGP autosomal
in this what I told you that by different R2 summary is disabled, which was disabled. And when you advertise
network and BGP, you have to type
the exact network and subnet mask
which I showed you. Otherwise it will
not be advertised and it will not be
placed in BGP table. Yes, We took it was not yet. But when you are
two summary enable, then you can advertise
classful network, which I advertised E1. I can advertise like
this way as well. Let me remove this
one Control N know, and I can type directly
1000, That's it. Again, it will work. I make this no, ya, keep in mind it will be
here. After a while. It will come up now. Let me type again. Yeah,
it's okay. Let's check out. It has to be dear.
Just wait a minute. Maybe I need to type
Our to somebody again. You will do is steal and
let's check out now. Yeah. So it's come up now. But if I said no to somebody, and you want this network, I type like this, it will not be advertised. This what I mentioned here. I said you can advertise classful network and you do not held to add
the subnet mask. Without subnet mask I advertise. Bgp will automatically advertise
the class full network. And this what BGP done.
So let me go down. If I miss something, it was easy just to show you. What is our toes summary. Yeah. So we need to advertise
the similar thing and then whether to somebody we
check so you can advertise. This was our toast summary. Okay.
33. BGP Route Aggregation: The next topic related
to BGP, BGP aggregate. Either we call them the
route aggregation or R. And we also know BGP aggregate with the name
route summarization. Because we discuss
summarization and many other courses and routing
switching courses as well. So you may know what is
a route summarization. Basically, route
summarization is a method to minimize size up the
routing table, okay? Rather than to send a huge
chunk cup network our subnets. So what we can do, we can minimize them. Rather than to send a huge
suppose 500 networks, we can minimize
them two to three. Just giving an example. This is called a summarization. It's like a summary. You know, suppose if you have a big article or book and someone said it, summarize them. And one, maybe in one paragraph. This is called summarization. The same thing we do en
route summarization. In BGP route
summarization is a method to minimize size of
the routing table. To announcing the whole
address block received from the Regional Internet
Registry to other. As I told you, rather than
to send a huge block, we can minimize them. So route aggregation is a universal method
used to suppress a setup route by a
single gentle route. So this is a method which
we use and BGP to suppress a setup route to only
single gentle route. Normally we use BGP aggregate, either BGP summarization, I, route aggregation, or far intra-domain and
inter-domain routing purpose. Mainly you will see
disaggregation and BGP and intra-domain and
inter-domain routing. Bgp use static route to null. I will show you in the
lab if I remember. To prevent routing loop. When you use BGP aggregation
or summarization. For every aggregate statement, they will create a static
route and routing table, and it will be
redirect to null 0. We know none-zero from
ERP and all those things. Now, the aggregate
address command under BGP allow you to advertise
summary address. The command which we use for BGP summarization is
aggregate address. And we write them like this way. Aggregate address. With this aggregate at rest, we can use the many option, which I will show
you when we do lab. The aggregate address
command can be used to generate a summary
route and BGP. We can configure aggregate address under
BGP configuration. If we want summary route. If you use aggregate
address command without, with no argument, it will create a great entry
and BGP routing table. But Israel is, there will
be other route as well. What does it mean, this one, I will show you in the lab. It means if you want to use aggregate address command
without any Gmail. So what will happen? It will create a summary route, but the other route
will be also there. Let me explain you here again. If we use only the
aggregate address command without any keyword,
any argument, any option, then
the summarize route and are more specific
route will be advertise. Now you get the idea. If you use end BGP configuration aggregate address command
without any keyword, any other option,
what will happen? It will summarize the route, but the other more specific
route will also be advertise. It means it's useless. Why use this? Because I need a summarization. To minimize the routing table. I'm sending a summary
route as well, and the more specific
route as well. So what is the advantages? It means suppose I have a thousand route and I want
to minimize them to one. So when I create
summarization with the aggregate address
command without any keyword. So it will create a
summary route as well, and they will send a
thousand route as well. It means 1001 because I'm using aggregate address
without any keyword. So by deferred, what
will Hepburn are more specific routes summarize by the aggregate
route are advertises. Well, basically when we do lab, I will show you what is
the difference between aggregate address and the
other option as well. If you don't want those thousand and more specific
route to be advertised, then you can use
summary only keyword. Because aggregated rest
without any keyword. It will advertise
a summary route plus dose route as well. But if you need only summarize route and not the
other more specific, then use a keyword,
summary only. So now we know somebody
only keyword as well. Now, another thing
which we will face, when you use summary
only, what will happen? And summary only the
thing will happen. They, it will summarize, but the more specific route
will not be advertised. But we will ask our a is autonomous system
because it's summarized. And it will only show
the next hop detail. What we can do if you want to include the information is well, then you need to put
keyword AS set as well. It means if we use
summary only keyword, then only the summarizer
out will be advertised. And the more specific route or deny from the advertisement. I allergy to do. Because when we use
aggregated race, so without any keyword. So at Cinder summarize route plus the more
specific route as well. So we use summary only keyword. So the summary only key
word, what they're done. They summarize the road
and only advertise the more specific
route and denied the other routes means that only advertise the
summary route. But the AS part information, however, however, is
lost and somebody route. Now we face another issue. We started out to an issue. So there is another issue. Now when we summarize them, we lost the information. So far, their purpose. To preserve the ASN formation, we use a keyword, set means autonomous system set. You get out of it. I, I will explain
you in the lab, but let me go to
screenshot of the lab. Suppose I have two
routers here, S2 and S3. I have S1 and S4. From these. Or do an R3 which
are different a's, I'm receiving subnet one cell
into 216221 cell to 21633. R1 rescue these two. So R1 will advertise
without aggregate. It will advertise both to R4. Similar way. They will say that I'm
receiving 1 seventh, 2 to 16 to 21, so two to 1633. So R1 will give
both the route to R4 if you're not
configure anything. So let me show you
from screenshot. Here is our four
resumes, 16 to 21633. Now what I've done, and next step, I apply
aggregate command. And under R1, I say that
no, don't advertise both. The route. Our subnet
are prefixed separately. Summarize them, but I use
only aggregate address. I told you, if you use aggregate address without any keyword,
so what will happen? They make them three now, before it was two. Now plus those two. And summary route,
There's summarize them, 1721600, and those two
are already there. Why? Because I'm using
aggregate address. I say, aggregate, them all. Say, say okay, those more specific to route will go and
I also will go with them. So they advertise
more specific ones. You wanted to 16 to two as well, and 33 as well. And plus the summary route, because I'm using
aggregated as this. What I want to explain
you theoretically. Now I said No, I want a summary of these
two NADH, this one. Then I type a summary
only command. With the aggregate, I put
a keyword summary only. So now this time
when I go to R4, R4 only receiving the summary, but not the two more specific anymore because of summary only. But I lost my ASD detail before there was a S1, S2, S3. Now, when I summarize them, so I'm only receiving
one R1 detail, not r2 and r3 s
detail is being lost. I told you, if you use
summary only key word, the more specific
route is not anymore, but you will get that
you lost the ASD detail. And they aid it Don, Sorry, atomic
aggregate attribute. Because we lost our
S and formation. So this summary only will
remove ASN formation, but we'll put a
atomic aggregate. We discuss this attribute. Now I need those
A's information, which is very important. So what I can do, I can use a set command
with summary only, which I told you about. Now, I bake. These one cell to 216 is
coming from two AS number 23. Before, there was
no information, only one that they
are coming from R1, but basically they are
not coming from R1. This is from R2 and R3. So if you want to
bake the information, you need to type
this command S set. Now I get back my
detail AS detail. And also the aggregate
attribute is not anymore because no need of aggregate, atomic
aggregate attribute. Because now my ASR bag, if you don't have as big. So you can use
atomic aggregate so that they can tell
the other router that basically these routes are coming from somewhere else. That's why they put this
aggregate attribute here. But as I say, no, just put the
information is set as well. So now Not anymore. These are the three
things which we will discuss in the
lab we will see, but I explained you here
from this topology. So basically what we
will do in the lab and next video we will see aggregate address
without any keyword. Then we will use summary only
to see what is the output. And then we will see summary
only plus a set command. So these three things
we need to verify. And you need to keep in mind that if you are using
BGP summarization, BGP route summarization,
route aggregation, BGP aggregation, BGP aggregate. You need to care about these things and also
add routing table. I will show you
the null when you create a BGP summarization. So it will create a static
route to null as well. We will verify that in
next video as well. And I will show you
in the lab and how to configure and verify
BGP summarization.
34. Route Aggregation Lab: That's when previous video we
discussed BGP aggregation, BGP summarization theoretically
now let's do the lab. I have four router, R1 in the middle, okay, I have R2 and R3. Basically, R2 and R3, they will send 170
to 16 to 21722633. These two subnets to R1 and R1 will summarize them
and we'll send to R4. This is what we want to do. All of them has E BGP
neighbor ship because R to R using a S2 and S3, R1 is AS1, R4 is S4. Connectivity is similar. We know R1 to R2 is 1221212
or 313 dot 313 dot one, and R1 to R4, 14 dot 1144. This is our connectivity. First, we will check
without summarization, these two subnets
when we go into R1. So R1 will advertise them to R4, similar 172 to 16 to two, and also 170 to 1633. Both will go to R4. And next step we
will do aggregation without any keyword and
we will see the result. Then next one we will use somebody only and
we'll see the result. And then we will use is
set to see the result. Okay? So that's what
we want to achieve. So let's go to lab. So I have these four routers. So let me open R1 first. And I believe there
is no configuration. So again, I need to do
the basic configuration. So R1. And let me open r2 as well. And let's open our three. Okay, and let's open
our four as well. So I have these four router. First I need to configure. So this is R1 and this is two. And this is R3. This one is R4. So first I need to configure R1. R1 is a three connectivity
is 00102, okay? 12 dot one, dot 114 dot one. Okay? So let me use a script. Here. I need to change R1 dot one, dot 114 dot one
interfaces configuration. So copy and let me
paste this one. So r one is done. R2 is simple, only
one connectivity 12 da2, N1 loopback interface. So this is r2 configuration. So R2 is ten. And similar R3. R3 has one interface, 13 dot 31, loopback interface 1633
with a full subnet mask. Okay, so copy and paste. And 44 is only one
physical connectivity. That's it. So let's go to four. Copy and paste. Router for is turn. Next thing we need to
configure BGP between these, all these routers,
so we already know. So I will copy and paste
and router BGP one. I have a 121314 neither. Okay? So S2, S3, and S4. So simple. So in R1, I need
to copy this one. And let's go to R1 and paste. So BGP is done here. And R2, R2 has
only one neighbor, okay, which is R1. And also I will advertise
162 to this one. So what I can do, let me copy this one
and paste in a2. A3 is also similar thing. It will advertise one cell to 216333 dot one is their
neighbor with R1. So let me paste this one. N4 has only one neighbor,
dyadic this one. So copy, and let's
paste this one. So four is done. We don't need anything in for. So let me do this one. Okay. We're done the configuration,
basic configuration, okay? R1 basic configuration are
two basic configuration are three basic configuration
and R4 basic configuration. Then we configure
BGP in R13 neighbor. Then we configure BGP and r2 one neighbor and advertise
172 to 16 to two. Similar in R3, we
advertise 172233. These two are important
because we will advertise these are for only one neighbor. Okay? Now what happened without
any summarization? So when R1 receive
170 to 16 to 2721633, so R1 will advertise
both of them to R4. Consider them, these
are a 100 subnet, but here I just took
only two is an example. R1 will advertise similar to R4, less checkout R4, R4, I will say Show IP BGP. Care. I'm assuming only one. So I need to check. Maybe it will take
time has come up now. So an R4, I'm receiving
both the subnet. Here is 172 to 16
to 2170 to 1633, because these two are
coming to R1 and R1 is giving similar to R4, okay? It will advertise
them similar to R4. Done. New issue. Considering these
are many subnets. Here we just take an
example, you need to. Now what I want to do, I want to summarize these two, where I will put
summarization in R1. So R1 is my target router. So let's go to R1. And an R1. What I will do, I will
go to router BGP, routers BGP, and what
is my S number is one. And here the command is
aggregate, aggregate address. So theoretically I told
you about aggregate. This aggregate address command can be used to generate
a summary route. So now I want to
summary route up these two to give it to R4. So far summary route, I just need to copy this one. This is my summarization
of these two. So I paste this one. I said 1721600255255. I say an R1. Whenever I'm receiving
these two subnet, I will summarize and
we'll give it to R4. This is the command under
BGP, aggregate address. Keep in mind there
are many options. Advertise map is gotten. This one is set, attribute, map, route map, summary
only, suppress map. So many other options out there. But I'm not using any keyword. I said carriage return. I just want to use aggregate
address and enter. What do you think? What will happen now? Before it was two subnets only. Now an R1 or use aggregate
means summarization, but without any key what
I told you theoretically, if you remember now
you will get the idea. If I Chicken are four again, you see I resumed summarization. Same thing which I put in R4. But unfortunately,
I am receiving the other two route because I told you that if you are using
aggregate address command, it will generate route. It's better to mention here, if we use only the
aggregated risk command without any keyword, then this summarize route and all the more specific
route will be advertised in this
what we are receiving. The more specific route
is already there. And these summary
route is there. Why? Because I'm using aggregate addressed
without any keyword. So the first thing is
clear to you now, Yeah, so if I go back to MyLab now, an R4 without any summarization, both subnets are here. Then I use aggregate address. So with summary route and also the more specific
both are there. Now I need a solution. I don't need these
more specific one. So if I don't need
more specific one, what I can do an R1, I just need to change
one thing more. After aggregate addressed,
there is a command, this one, somebody only. I need to type summary
only and Enter. So in summary only I told you
when you put summary only. What will happen if we
use summary only keyword, then only summarize route
will be advertised. And the more specific
route our deny from the advertisement. Now, the more specific
will be not there anymore. Let's check out. So if I go to R4 before
both were there, then I use aggregate. Aggregate is the air
and more specific idea. Now I say summary only. Let's check out, look at now. So now you can see the difference
without summarization. Aggregate only. So summarization
and more specific. And summary only. So summary only, I just read the summary. But what happened? The thing is I always use somebody only birth.
Another issue. I'm not receiving a detail
AS1 7216, Two, Two and Three. Three because one was coming
from two AS part 21021633, wires coming from S3. This one. S3 and S2. Now I'm not receiving
these AS detail. Only showing date this
route is coming from AS1, which is nothing
but R1 AS number. This the issue. So let me go back now, this is the issue. And I can see another thing. If I say show IP BGP
170 to this route, I need more information
about this route. So look at now, after that, what they've done. They said that aggregated
by 14 dot one. Said it because
this is aggregate. So we will add another
attribute it to aggregate and attribute we discussed atomic
aggregate. Anyway. Let's summarize. Summary only command
what they're done. They summarize but we
lost our ASD detail. And also with the route, they aid atomic
aggregate attribute. There are four understand that basically this is
not the actual route, but is coming from aggregation. That's why they aid this
atomic aggregate as well. And also as here aggregated by 14 dot one there
to basically R1. Aggregate this one. So the route which
you are receiving is basically aggregated one, done. So two things are clear. Aggregate address
will advertise with summary plus the more specific, we put summary only. So summary only we receive
summary only, yes. But we lost detail. And also there is a atomic
aggregate attribute set. Okay, we got it, This one. Now, to sort out the detail. If you want to
advertise information. After summary, only
put a command, a set. Let's do it in R1. So R1, I say, okay, after this, there is another command to generate a set path information. And this what I want. So I put this command
and enter this time. Let's go back and check
out again, show IP BGP. Look at now. There is a difference. There is only these n. Now, if you come here, you see now there is 23. Now, because this
route is coming from, to and also from 323 is nothing but S
number two and S three. And this is in
this what we want. Before there was
only R1 AS detail. Now the 23. So we start out our issue. Let's check out this route
which we checked before. That atomic aggregate is there are not anymore
because no need now look at now atomic aggregate as being
removed from the air. Why? Because they say it
is segregated by this and 23 is already put. So we have now the
ACE information. So why do I need to put
atomic aggregate now? So this way, this attribute
has been removed. So we then set as well as information is big and
atomic aggregated attribute is being removed. So this is called summarization. Keep in mind, there
is more option. If I go to R1, which we will discuss, maybe in another videos, because there is a route. There is suppress map. And so many other
advertised map. We have many other
options as well. Maybe you don't want to do summarization for
our specific route. You can exclude those as well. You can include some of thing. You can use route map to
include and exclude something. So many variation is
there in summarization. But we'd done the basic
ones so that you can get the idea that what is aggregation and how to
use them without keyword, with somebody who only only. Hopefully next video we will
see the other option which is advertise map and
spatially suppress map. These two en route map. We can use these
three other option so that more specific
summarization which we can do. Okay? So this was BGP aggregation. Either summarization.
35. BGP Suppress Map: The next topic related
to BGP is suppress map. And previous lecture,
if you remember, we discussed BGP summarization, BTP aggregation, and
BGP route aggregate, and we use this topology. In this topology, what we done, there were three
possible things. One was if we use if we
are not using anything. So I will receive
all the routes, will receive all the route. But if I use aggregate, so I will receive the aggregate
plus the route as well, the specific route as well. So somebody is also there and the specific route
is also there. Then we use summary only. When we use summary only with aggregate commands.
So what happened? We received summary only, but not the more specific
route in this case. Here I told you there are
many other option as well. And one of the option
is suppress map. Suppose I said No, I want to advertise to da2, but I don't want three dots, three in this case. Because somebody who
only I can reduce summary only with aggregate, I can resume our
route plus summary. But I need some of the route. And I don't need
some of the route. So in that case you
can use suppress map. If you want to suppress some but not all of the component route, then you can use suppress map. Because with summary
only, it will suppress. We know this and we know
from previous video. But if you want to suppress few and you want to advertise the
rest of them with somebody, then you can use suppress map. It means suppress map is used
to allow specific network. Along with summary
network and BGP. It is possible to suppress
prefix selectively. You can suppress
whatever you like, the one which you don't
want to advertise. And you can advertise the rest
of them plus With Summary. Then you can use suppress map. And the command is this one, the same aggregate command. After that you can
type suppress map and then you can type name
of the route map. It will clear to you in the lab. So I have very small lab. I have two routers, R1 and R2. They are connected with E BGP
dot 1 12th at T2, S1, S2. And R1 is for a different
subnets, 161234. So let's go to lab
and let me open. Let me refresh to open it. Okay, Let me open R1
and let me open r2. So let's configure them because nothing is
configured here. Okay? So what I need to do, I need to configure R1, this interface
physically 12 dot one. And I need to create for
loop back interfaces. Okay, so let's go to
I can use the script, by the way, is better
to use scripts. So here I will change the ramp to R1 under this
interface will configure. And I will create for
loop back interfaces. It's easier. So let me copy this one, and let's go to R1 and paste. So R1 is configure and R2 is not difficult,
only one interface. So let me configure a two. So only one interface
and no shut down. Okay. So R1 air interfaces
are created to bed. Let me show you.
So you can see for Lubeck interfaces plus the
physical interface done. Now I need to configure BGP. So in R1 to R2, and I need to advertise all these four
subnets. So it's okay. Let me copy this one and
paste the other side. And R2 only one neighbor. So here is copy and paste. That's it. This what,
this, what we need, okay. So my neighbor is R1
with remote s1 and r2. S number is two. So if we check out now, do show Ip BGP summary. So I have an I-bar,
12 da2, okay? And if we type this
command in R2, so here you can see 12
dot one R1 is neither a power two n. I'm not receiving any prefix
after a while. It will show you for
prefixes because we have four different subnets which
need to be received by R2. Okay? So first check this. Then we will apply aggregate. After aggregate we will
apply summary only, and then we will go
to our main topic, which is a surprise. Okay, So let's check out again. Now I'm receiving for prefixes. So it's better to
show from show BGP. Here you can see 16116 to
16316 for Esquire normal, and we have to receive these
routes we already know. Now I want to suppress
summarization. So what do we do normally, we say normally
router BGP and R1, we will apply aggregate address. Okay? And for summarization, you can use this summary
route calculator. Just type these
471611616164 and calculate. So it will give
you summary route. If you have more, you can use this small
calculator you can download free with the
name somebody route. So this is my summary copy. Now let's go to subnet mask and enter
this what we do here, because without option we
can use this one as well, even though we have many
other option to use, but there is carriage return as well. So what will happen? R2, I was receiving
for prefixes. Now I will receive
five because all these four plus the
summary, let's check out. Now you see the summary 214. And if you want to
check from here. So S5 now, before it
was four before I was receiving for only now summaries
when you get the idea. Yeah, because we've done
this and previous video. What I don't get such things. I need fewer them. Like I want to suppress, want to, but I want
to receive 34. So another option is I
can use summary only. After this aggregate, I will
say summary only and enter. Now summary only
what they will do. I will only receive summary and all these will be
removed less checkout. Now I only receiving summary, but I don't need such things. I need some of them. So if you need some of them, then you need to
use suppress map. What I can do an R1, I will exit from here. I will create excess list. You can do access list prefix
less whatever you like. But x is less than simple, so I'm using excess list and I say access list one permit. And I want 172216
dot one dot 0000255. I want to suppress one. This was the first one. And I want to
suppress too as well. Suppose done. I want to suppress
these two subnets. So I create a CL. Now I need a route map. So here I would say a
route map with any name, suppose block and permit ten N here I would
say match IP address. And after Meiji period, this is asking the ACL
number, which is one. Done. So I call these
ACL and route map. Now I will call route
map and suppress map. How now I will go
back to router BGP one and the command which
I typed previously, aggregate command, this one. After summary only. Here you can see
rest of the option. And here we suppress map. I will type this suppress map. And then it's asking
the route map. So our route map name is block, and block is nothing. But just to suppress these two, it means it will advertise
to plus summary. So it means here I will
reduce summary plus 34. These two. Let's check out. So let me show IP BGP. And now you can see
the difference. This is called suppress. Now I'm receiving 34, I suppress 12, and also I'm
receiving the summary only. So if you want to keep some of them and if you want to
suppress some of them, and if you want to
advertise some of them, then you can use suppress map. It was quite easy to use
and it's very handy to use them if you need more
specific to advertise. And if you don't want to
advertise some of them, then you can use
this suppress map. Okay? That's it. This was suppressed map.
36. BGP Unsuppress Map: Next topic related to
BGP is unsuppress map. And previous video we
discussed suppress map. So unsuppress map
is the opposite of suppress or unsuppress. Does the rewards
up suppress map, which suppress map is doing? It will send the route
which you advertise an access list and suppress map. When you advertise
route and excess list, it will be suppressed. But unsuppress mate. It will advertise them. So it's opposite
our suppress map. It means a matching route
will be unsuppress from aggregate and advertise
independently to the neighbor. So those routes, which you
advertise an excess less, either end prefix
less en route, map. Those route will
be advertised to the Nippur and rest of them
will not be advertised. So it means it's doing
opposite up suppress map. Keep in mind this
unsuppress mate feature is applied only on
per library basis. It means for every night, but you need to
do it separately. It's not like us suppress map. This feature is used spatial
route map that match and permit the prefix
same Leica suppress map. We use a route map. You need to Mecca route map. This descent is aggregate. First we need to aggregate. And after this,
this is per night, but command, if not
like a Suppress. To attach them with
aggregated risks. You need to do it separately
per neighbor basis. So here again, I'm using the same topology which
you use unsuppress map. I have R1 and R2, both are connected to that
1 12th or two with E BGP, R1 has four different subnets. This is S1, this is S2. Okay, so let's do go
there and configured. So let me go to R1. Let's open our two as well. Okay, let me type no, nothing is configured here. And no. First I will
consider R1 from my script. We already know I need
to change the name. Physical interface dwelled
at 14 loop back interfaces. It is a z. So let me clear
the screen and paste. Copy and paste. So R1 is done. Do show IP interface brief
for loop back interfaces. Let's go to R1, R2. R2 has only one interface. So let's copy this
one and paste. Done. Now we need to configure BGP. Again, I said AC, we already done this, my neighbor and also for
subnet to advertise. So an R1 I will paste this one. And R2 I have only
direct connectivity. So R2, let me copy
this one and paste. Done. Now I need to check there to my neighbor ship is up or not. So exit and R2 show
IP BGP summary. So yes, I have an
I-bar 12 dot one, but still I'm not
receiving any routes, so it will take some time
to show up until that time, let me show you what we've done. We configure R1 for loop back interfaces
for test purpose. And then we configure our
two physical interface. Then R1, R2, and I advertise
for new big interfaces. The other side I just
advertise Nippur shape. Okay, definitely R2 will resume our four
subnet after awhile. So let's go back and
now let's verify. So still am not
receiving it will take another 20 to 30
seconds to show up. Okay? Yeah, So now I'm receiving
for a different subnets. So let's check out
from shore IP BGP. So 1234. Okay. Now what I need, if I use summary only, I will refuse summary only. We know this one. So let me go to R1 and router
BGP one and aggregate. And we are ready for and
aggregate from here. So this is my summary, and this is my
summary subnet mask. And here I will
type summary only. So what will happen? Here? I will receive only summary. What I want to
advertise some of them. This because this is unsuppress. So which two subnet I
want to unsuppress? Suppose here I want
to unsuppress 12. So summary plus these
two will be received. So let's go to R1. How we can do that one. So let me use excess
list this time. And then you can use
anything standard. And here I will say allow route. Suppose this the name
which I give them. I want to permit once I
went to 2161 dot 0000255, and let me permit
another one as well. So let me type the same command. And two. These two I want to
advertise because this is unsuppress this
the opposite up suppress. My ACL is ready exit from
here now I need route map. So route map. And around, maybe you can give
them any names. Suppose loud. Let me type allow only. Either allow this the
name aloud, permit, intend, marriage, IP address, and I need the name. So this is my ACL I want
to call en route map. Done. So my route map is done, my ACL is done. The route which I want
to advertise is done. Now, I need to go back
to BGP configuration, but not the aggregate command, because this is per
night, per base. Here what I need to do, I need to neighbor and my night, but as 19216812 dot one. So the tool that to
R2 is my neighbor. Here I will type this command. You will see if you go, you will find
unsuppress map under my paper route map to
selectively unsuppress, suppress this what I want. So unsurprised map
and question mark now is asking me route map name. So this is my road map name and this route map is nothing but
cutting these two subnets. Whereas my road map name, Let's go to route map. I give them a name, something here, this one, hello. Enter. Then let's go to
R2 and checkout. I'm not receiving the reason
is I need to clear IP BGP. Enter. I need to clear the library. And then I need to check. Now you will see the difference. You see now I'm receiving
one, I'm receiving two. And this summary only, which is doing opposite
up suppress because in my ACL I told them to
advertise one, n advertise to. And definitely
summary will be there because we are using
this summary command. This is called unsuppress. If I go here, so i summary
only I received this summary, but then I create unsuppress
access list en route map. Here I create floor, but anyway there I create 12 is up to you,
whatever you like. So this way there is
a different year. But in my case here
and lay by Shea advertised one dot 12 dot one. Don't advertise
34 automatically, it will be suppressed, but 12 will be advertised. So this is opposite
up suppress map, the thing which you
want to advertise, you need to create ACL for that. The thing which you
don't want to advertise, that one is a suppress map. Okay? So these two are the option
which you can use for our specific route
which you want to suppress or you
want to advertise. This was the BGP aggregate to more option previously be
done, suppress and unsuppress.
37. Types of ISP Connections: The next topic related
to BGP is typeof. Isp connection means
different type to connect to ISP internet
service provider. So basically, multi-homing
and single harming. These are the two
term which we use. These two term means describe how we are connected to Internet service provider. How our edge routers
are connected to the internet service
provider, to the Internet. So basically these are different design topology
where we describe how a customer is connected
using BGP to one-up, more than one ISP Internet
Service Provider. So this is called
ISP connection. And basically we are
talking about to turn a multi-homing
and single homing. How your enterprise, your customer are
connected to the Internet. In specialty, you are edge
routers or firewalls. So the first one is
single home network. Single means single, one. Single home is topology that you have a single
connection to one ISP. You have single
connectivity to single ISP. With this setup, we
are not using BGP. And mainly we are using
static and default route. And this is the
recommended way to use. Teddy can defer load because
you are directly connected. Let me show you the here. This is our enterprise
router or edge router, and we are connected to the ISP, so no need to configure
BGP in this case. This is called
single home network. You have only one connect
to two to one ISP. Neither on customer side, there are more connectivity. Neither an ISP side there is
more than one connectivity. This one is called
single home network. And normally we use static and default
route in this case, because there is
only one exit point. So it means that when enterprise establish connection with
just one single ISP, then the connection is
called single home network. That's what I told you. Under this topology, we sit up static and dynamic routing, maybe use dynamic routing to
provide the route to ISP. And the only advantages
of this type of setup that there is no cost. Low cost, because you have only one router which
connected to the Internet. However, it is not saved because it doesn't provide you any
redundancy and backup. No high availability noted
and then see no backup. If a breakage is Km means your, this link is down, either your router is
down, either ISPs down. In any case, your connection
will be disturbed. And there will be no Internet
to your enterprise network. It means this, this
type of topology is best when you are not
heavily depend on Internet. And maybe you don't
need internet. So in this case, we don't need to configure BGP. This one is single
home and network. Now coming to dual
home network now and dual home setup host is still connected to
the outside network. We'll only one ISPs. Still the ISP is one. But with the two routers. But you have to edge router. You are still only
connected to single ISP, but you use to link one link. Because here you are
using only single link. Now you how to link to link. And here maybe I help to link the same ISP but
different routers. A bit redundancy. If this link is down, I have another link. This link is down, I
have another link. But again, if this
router is down, so the entire enterprise network will not reach to the Internet. And if ISPs don't, again, enterprise network is not
reachable to the internet. This case, if one router
is down on ISP side, still unbridgeable to Internet. What if both are down, then I'm not reachable. But on the other side, if this router is down P1 I hurried and density up
to link and to router. Still I'm not reachable
to the Internet. So this is called
dual home network. It means the extra piece
of hardware are linked, provide you a bit
of a redundancy. A bit of redundancy better than this solution, single home. And do all the home
network connection aside, has two or more connection
to the same ISP. In both case we have only
one I speak. Keep in mind. Now, it can be connected to either one or two edge router, ISP or enterprises up to you. We are one link is primary and the other link is
secondary or backup. And maybe the other
way enterprise can use this topology to load balance traffic using both
the link is up to them. But you have a better parent. And see again, we
are not using BGP. Still. In this case, you can use static and dynamic routing
protocol to achieve this one. New need to configure BGP, neither in this case. Not an dual home network. This is dual home. Now let's go to
single multi home. That was dual home. Dual home. And this was single home, single home, dual home. Now we have single,
but multi home. It means multi-wall, means v are connected to at
least two different ISP. Now we have more than one
ISP might be home network using BGP multi-homing network connected to two or more ISPs. Now, ISPs are more than
one and above two cases only one ISP was there. This topology is preliminary
setup for three main reasons to achieve redundancy,
reliability, and efficiency. Definitely we use this
multi-homing network connection is where the enterprises connected to more than
one ISP on the same time. Now we can achieve redundancy, we can achieve backup. We have high availability now. In this case, one
ISPs down the system, switch all the traffic to the E2 ISP without any downtime. And the case of single
multi-homing network to BGP is typically
use in this scenario. If you have such scenario, then you can use BGP. It means single router at the customer connected
to two different ISP, single point of failure. In this design, there is some disadvantages because
we are moving to another. Now we have another one. If I show you single
multi-homing. So this is n, we have two different ISP. Now, if this ISPs down, so we have another ISP. But again, on the
enterprise side, we have only one router. If this one is down still
we are not reachable. But if one ISPs don't
either another, so we have one solution there. Now what else? Now we do a multi home. This was single multi whom? It was dual home. But this one is
single multi-homing. Now we do a multi home network. Dual multi-homing
means we are having two connection
with multiplies p, and we use a redundant
link as well. Now we have more opportunities. Dual multi-homing gave
you the most redundancy. No doubt. Bgp is used with ISP and can be implement internally as well. It means this topology of
further most redundancy, multi-room offer
more feature and advance benefit to costumer. Because you now you
have redundancy, high availability, reliability,
efficiency, performance. Multi-homing network
offer a high level up. Both efficiency and
reliability look at now, we have to link to ISP as well. And it can be to router on
the enterprise side as well. So in shortcut, if I say
single home means you are connected to single
ISP using single link. Dual home is you
are connected to single ISP using dual Link. And single multi-homing means
you are connected to two SP using single leg
and dual multi-homing, you are connected to two
ISP but using dual link. So here we have Dual
Link and single link. But we have to be in both cases. Here we have singlets
be single link, singular p and dual
linkage shortcut. So you need to know this for a different ISP
connectivity option. That's it.
38. Multi-Homed Network: Next topic related to BGP
is PGP multi home network. And previous video we
discussed many ISP connection. One of them was multi-homing. If you remember, we discussed single home multi-homing and so many other option we discuss. Let me repeat. Multi-homing is that you are connected to at least
two different ISPs. Then this is called multi-hop
and single lake ISP, it means you are connected
with single leg, but ISP and single router
on the customer side, connected to two different ISP. It means on the customer
side and enterprise network, you have only one router, but you have to ISP. It means if this router is down, it means you will not connect to the Internet even
though you how to link. So it's useless. This, what I mentioned here, the single point of
failure and this design is that you will leave one
router at the customer side. So when the router fed, you will not be able to connect to the ISP even
though you have to ISP. A single multi-homing topology
means single link per ISP, but multiple, at least two ISPs. We know this terminology
from previous video. It means this type of network topology offer
several benefits like redundancy and backup in
case of failure in your ISP. Because we have to be
so if one ISP fail, we have another ISP. Such scenario. If one ISP down, the system will switch
all the traffic to the E2 ISP without
any network downtime. And we know this one. If one ISP is not working, I can switch you what all the
traffic to ISP too easily. Another huge benefit in
this enterprise can decide the best network path to route the traffic and
offer high efficiency. We know this one, this, the advantage is
in such topology. Now, let me show you in the lab. Let's configure a
simple test environment where one costumer, router, we have a 100. Here. We have a 100 and which
connect to two ISP. We will connect them to
two different ISP and also configure load
sharing among the tooling. And we will configure
load shedding. I will show you how we can
configure load shedding. So this is our topology and
this is what I told you. This is our enterprise network, this is our customer router. We have two ISPs, and this is the Internet route. And our actual topology is
this one which I create an IV. These are routed by the way, I just changed the
icon, so don't worry, these are the same
router which I'm using since all these lab I have R1, R2, R3, and R4. What I will do, I will
make one router, ISP 1, second router, ice P2, and this is our customer router. These are two ISP, so 11 dot 11 dot two ISP to IP and two
dot 12 da2 ISP to IP. So this is one subnet. This is to subnet. Then ISP one is connected to
any internet drought 1011. And this ISP to
connect it, 10101010. This is 1011 and this is 1010. And these two routers, these two ISP
belong to same ISP. So we are using a is 200
and this is ISP network. And ISP has a default
route to this entity. And also I speak to
has a default route to empty because you don't
care about this part. We care about how if
we have a one router on customer side and
we have two ISP. So how we will do
load balancing, load sharing by the way, and BGP using
multi-hop topology. And here I have an
internal subnet, one cell to 21600100
and these are, is 200. So this is our topology. So let me show you
this topology here. First, I need to open them. I just create the topology, but there is nothing configured. So I need to go to R1. So let me click in R1 and type no because nothing
is configured here. Then I SP1 and no. Then let's go to ISP to enter. And now nothing is
configured here, and also the NT router. So let's create a
enter this one. Okay? So these are my four
router which we want to achieve this one, okay? So I will use script
because I just want to show you how it is work. Okay? So what I can do, I need to create them,
assign hostname. I need to create Lubeck, which is representing
our internal network. And then we'll connect
zeros less 0 to ice P1. And I will connect
0 slash one to SP2. So this is my basic
configuration, these two interfaces
and loop it. So what I can do, let
me copy from here. And let me explain you
from here as well. So loopback interface represent this 100 dark, this one, okay? Interface 0 plus
0 is one dot one. Also I put description
is connected to ISP 11 dot 10 slash one is connected
to two dot one and down. Okay? So this is the
basic configuration. Let me copy from here. Let's go to R1. Sorry, I need to go to
configuration and type here. Okay, so I changed
the name to R1, loopback interface and
two physical interfaces. Let me show you those
two physical interfaces. So you can see I have 02
physical connectivity done. Now let's go to ISP. Isp has two interfaces, one connected to R1, second is connected
to NT with Jenny l1. And here is connected to R1. So let's go to this is, ISP one, from here, two interfaces, yeah,
up to this point. So let me copy this
one and let's go to ISP and ample, convey and paste. Okay? So I Sp1 two interfaces, one connected to R1 and second connected to the
default gateway. We have our outer ear,
which I showed you. And same thing as here, I SP2. So let's go to ice P2 and
less assign ISP to as well. And I sp2 and paste, so I speak to is also configure. And now this router has
only two interfaces, just need to configure those. So let me go to
interior router and I need two interfaces to
configure. Just copy. And let's go to this
router and paste. So here I have
connected one ISP, one with 10111010 is
connected to an SP2. So 10101 is connected here, 10101011 is connected to ISPOR. These are the two
interfaces, okay, that's it. So the basic
configuration is this, the basic IP addresses configuration is done now
we need to configure BGP. First, configure BGP and R1. Again, I will use the script. I just want to show you
how it is work, okay, so R1, what I need to do here, let me explain you. I need to go to router BGP 100, my S number, and I need to
configure BGP dampening. I already told you what is dampening unit to go
through that video. And this is my network
which I were to advertise. Okay. I have an I bought
201 dot one dot two, which is R1, sorry, I SP1. And this is also
similar to Hunter, to dot to this one. Here I create to prefix list one dot 22 da2
with these two Nippur, this one and this one, what this prefix
do, this prefix, what they will do,
they will only receive a default route,
not anything else. This way, he said differed only just received different prefix. Normally we do at real world, you will configure
such prefix lists. The route which you want to sue, you need to mention and you are prefixed either route, map, either you can use what
is called excess less. It's up to you
whatever you like. Because we will discuss all of these three options
for filtering, okay? So this is filter basically, the most important thing is
maximum path to under BGP. Under router BGP, I
say maximum path two, because by default, BGP will not keep more
than one route. We know this one. Because this is not
behavior of BGP. Erp can also OSPF do the same. But in BGP, if you want
more than one route, you need to type this command. This is very important. So I say maximum path, keep maximum two path. So let's pick up with this one. You understand what I'm saying? And paste. So in R1 I
configure this one. Now let's go to an ISP side. An ISP side, we don't
have much thing. Two 100 and a network which they have a network
default network to connect you to
the other side. And they have an I-bar, one dot one this neighbor. And deferred originate because this will originate me is
redistribute the default route. And ISP one has a default
route to this router. Here is 111. So if you see 101111, we just configured this one. Yeah, this so simple. Let me copy this one
and paste and ISP. Isp one is configured. Same thing almost here, but only we have
101010101 default route. So if I go to ice P2, so here is 200 similar. I was advertised 1010 and the other one was
advertising 1011. Okay? And this one is 10101. And default originate means to advertise the default route. Okay? So copy this Tintin
and this is ten in L1. This router interface is
10101101 and this side 101001. Okay? This slightly difference
between these two and this one we
already configure. Now we need to verify an R1. We need to verify the situation. So if I go to because
it will take time. So let me show you from here. So what we've done,
an R1 I create one loopback interface is one
interface connected to SP1, second connected to
SP2, an ISP one, I configure IP
address and 10102, which is configured
to different route. This one NT connectivity. Shaman ISP onto one
side is connected to R1 and the other side is
connected to default gateway, which is 1010 to IP address up this interface is useless
unless Tintin to done. Now an empty route which
are default gateway router. One is connected to SP1, but we have ELA one dot 0 IP. Here we have ten
dot 0 dot one IP. So this was then
we configure BGP, BGP damping which is required. We advertise or internal subnet. We have two Nivre to ISPs. And we say only this
you default route only. And we create a prefix to resume default
router D. And that's the important one which
I told you maximum part two because
we have two ISP, so I enable this one. And then we configure eyes p1. And then we can figure I sp2. Now I need to go to R1 to
show you show IP route. So you will see two route. And also if you go
to show IP BGP, so here it will mention
M and M means multipath. So now we have
multipath can figure. So this is the way
how we configure. If I show you show IP BGP. So you can see there is M and ensuring next hop to routers. And this what we want, this we want to achieve. So multi path, it's showing M. And if I were to show IP route here and BGP default route which
going to T2, N1, N2. So if one route is down, so I can reach ten dot one, dot 0 dot one. Let me check the other
one, Control Shift six. I just need to bring
one to see 101001. I need to reach
there by the way. So we have to route. So if one ISP has down to that traffic will switch
over to the other ISP. Still there is, I think so. I need to check via the route. Maybe this one is not reachable. Okay, I need to configure
default route here as well so they can
forward the traffic. If I say IP route, and if somebody is coming from, we hail this one, I SP1. If we held this subnet and
to 55 to five PRB dot 00. So next hop is two, same as we inhale ten. But next hop is ten. I believe I need to check here. I need to reach the air. For some reason
I'm not reaching. But the main thing I
want to show you this because I need to verify
what's wrong there. And I SP1 do show
IP interface brief. Maybe the interface is okay. Yeah, it's connected 0 slash one and I need to
ping from here. Let me verify from here
y is not reaching. So do ping and here one. So here I am reachable from
here to let's go to this one. Do show IP interface
brief and do ping. And let me pin one. Okay, so I'm reachable. And now let me bring
this interface from R1. So if I ping this one, yeah, It's okay now, if I bring a layer one, yeah, so 11 is now
need to verify again. But now it's okay, at least control ships six. And if I trace route
here, nomadic. So let's see how it is going. The traffic is going
to be going through to da2 as going to the Th2 and
tutor to as our desk network. Okay, So if two dot two is down, so it will go to the other one. Let's go down to dot, to dot two is connected
through 0 slash one interface. So if I go to interface
0 slash to shut down, and now let's check out the
trace route command again. Okay, So let me see now, it's still showing
maybe the interface. I know I should not shut down. Yeah, it's shut down. No, this is 0 slash one. Sorry. I thought I don't 0
slash one and shut down. Okay, and now let's
check out trace route. So if I trace route, so now it's going
through one to2. You see before it
was going through to da2 now is going to one dot two. Just to show you there is
some need to troubleshoot. Just to show you how
it is work and how we configure multi-hop
this situation, if we have two ISBN
we want to use, otherwise you can
use many attribute, you know, we discussed
it attribute. You can manipulate the traffic. You want to send some
perfect to SP1, SP2. There is a different story. But my main purpose, how we can configure them
in simply and just in simple thing to
show you how it is where this was multi-homing. And we have two ISP, but on the customer side we have only one router which connected
to two different ISP. Now two different, same ISP. Because we have same
number in this case. We have such scenario many scenario maybe
two different I-SPY, two different AS number. Okay. Maybe this aren't we held
different router to router. And maybe we held
double connectivity, multiple connectivity
with the ISP. So many possibility that's just to show you
how that as well.
39. BGP Confederation: Okay, next topic related to
BGP is BGP configuration. Basically BGP configuration is Alternate two methods
to route reflector. Previously we discussed
the route reflector. Second method which we can
use as BGP configuration. What this BGP configuration
to reduce the number of BGP bearing with single AS means
we can divide a single. So externally it will
be look like good one, but inside it will be small. So this way we don't need full mesh connectivity
because I BGP, as we already discussed, that it required full
mesh connectivity. Otherwise they will not exchange all their routes due
to loop prevention. Now, an insert is, we can use private S number
which is 6451265535. We can use internally
and sub ASD is private and outside we
will be like one is. In this way. We don't need any
full connectivity, any full mesh connectivity. So it means BGP configuration is one method used to solve
the scaling problem. This what we need. Scaling is a big issue. And BGP deployment. So you have a method
route reflector, and second best
method for scaling, we hail BGP configuration. So if I say another word, so the implementation
of BGP configuration reduce I BGP mesh inside, which I told you already. The trick is to divide it into multiple areas and assign the whole group to
single configuration. If I show you this topology, so here I have insert private AS 65003650016500 private too. So I have three inside
I BGP neighbor. How do I make them diaper? Because these are sub S, But I have a 100
which is public. So this public AS which is 400. So it will connect to this S 100 rather than to
each individual. Neither we need
full connectivity between these R1, R2, and R3. This what I'm saying here, that it reduced the
BGP mesh insert. We do need to be connected
directly like R2 to R1, R1 to 33 to two. And then they have an I. But sheep all together. We can use single configuration. And this way we will connect
them like oh, virtually. So the outside world, we have seen that as I told you, we have a single S, 100 which is connected to R4. R4 will connect to a 100, even though it's
connected to our R1. And R1 has their own
S, which is 65001. But R4 will connect 200. Rather than to connect 265001. Because you will use a
100 is a confederation, is a single S for outside. And this thing which I
mentioned here is red. So BJP can filtration is
another mechanism to a wide I BGP full mesh topology
like that route reflector. We discussed this in
route reflector as well. So it means BGP mechanism. There are some autonomous
system answered I BGP topology. So this BGP
configuration mechanism, what they will do, they will create sub switch, I told you. So far outside we have one S and then inside
we will create sub. So this method is called
BGP configuration. I explained you
from here as well. And when we do the labs, so hopefully you will
understand them. But here we are going
to discuss them. What is BGP configuration? So it means I can save their
BGP configuration, divide a, S and two sub running
BGP on every router. So far outside world
we have a single is an insert with them. This is called BGP
configuration. And next video we will
make a lab like this way. And we will configure
BGP configuration, insert these three router. And this is outside router. And we will see how this
R4 can see these routers. Because they will
see them as a one. But inside we have
BGP configuration, configure it for this BGP
configuration. Theoretically.
40. BGP Confederation Lab: In a previous video, we discuss BGP configuration. Theoretically, this video, we will configure
BGP configuration. So we are using for Router, which is running BGP consist of three router configuration
and one router from outside. So our forest from outside, which will recognize
these three router, is a 100 AS number 65001. Because R1 is using a 65001. R3 is using 65003, private is using 65002. All these three router
has Lubeck and professors 1113332224441 connect you to our 313 dot one dot three or
two connected to 23 dot 223, dots 34 connected
to R1, 14 dot 441. This is our lab. What we can do, this is our public is, so R4 will connect you to a 100 because you will
configure configuration. And these are sub
a is 650365165002. So let's see, in the lab, I have these four router and nothing gets
configured the law. So R1, nothing is configured
to nothing and R4. So first I need to configure R1. This is R1 connect to
DR1 has two interfaces. One Thirteen dot 1
second for t dot one. So what I will do, I will use the script to save some time. I will go to a neighbor, then I will go to configuration. I will change the name to R1
and 0 slash one interface, I will assign 13 dot 10
slash two interface. I will assign 14 dot one, and I will create one
loopback interface. So it's easy. Let me copy this one
and configure R1. So R1 is done. Now let's go to R2. R2 has only one
interface from T3, da2, 0 slash 11
loopback interface. So let's check out or two
years 2321 loopback interface. So let me copy this one
and let's go to two. Done. Now let's go to three. So router three has two
interfaces and one logical 33, Lubeck, 133, and 23-year three. So this 11323, that 31 loopback interface
and change the name to R3. So copy and paste. Okay, now let's go to four. R4 has only one interface
connected to R1, 14 dot 41 logical interface. So let me copy this one and let's go to our
folder and paste. Basic configuration is done. The rest of them we will do. Now we need to configure BGP configuration and
these three routers. So what I will do
first, I will open R1. So R1 is, I'll let you
open basic connectivity. Is there? What I need to do? First, I need to go
to a router, BGP. And what is my Autonoma system? Private autonomous
system, 65001. Okay. And Enter next
what I will do BGP. And here I will type configuration because we
are doing configuration. Identification is identifier for each
means identification. Here is asking the AS
number is, which is a 100. So I will type a 100. This the first command. So I'm under my private
AS and identification. I assign a 100, which represent this
one to outside world. Okay, The next thing,
BGP configuration, configuration peer,
who is my beer? I have two beers, R3 and R2. But here I have Daddy
currently only two or three. So what is the BGP
configuration? Might be here. So my beer, I have 6500, I don't know which I
assign 65003, which is R3. Okay. Next one is you can
put command on it. Yeah, 65002, which is R2. This 165002. These are my peers and enter. Two things. Identifier, the public case, and then my night buttons, this case I hopefully tonight, but under BGP configuration
neighbor peer, I can say to command
next command, the network command,
which normally we use. So I want to advertise my
loopback interface with the mask to 55 to
55 to 55 to 55. We already know
this commodity z. Next thing my night but ship. So I have a neighbor
which is 1 ninth, 2 to 16815 dot four. Which is four. Okay. And Remote. Remote. Remote AS is 400. Because this is yeah, I'm connected
outside to this one. Then. Now my another
night but is 14 dot four is done is
my internal light bar. So I will type
Nippur 190 to 168, which is R3, this one. So 13 Dart three. And remote is 65003. Let me double-check. Yeah, 6500 three and
enter my tonight. But he's done was one is
external, one is internal. And I put the identification, and then I put my
light bulb appear. Last command, what
I will type here, which we already
discussed by the way, so don't need to explain
you next hop cell. This the command I need to
type it my neighbor as well. So R1 is done, R1 configuration is done. Let me show you what I
configured, by the way. Sure. Running section BGP. So this is my private S. This one is the identifier
which is a 100. These are my two
configuration peers, router three and outer two. I want to advertise One, One, One. This might internalize. And this one is my
external labor. And next top cell command. The same thing I need to do it n other routers is really just
to change a few things. So I copy this one
now go into R2. So this one, our two
has this neighbor, or two has to pair configuration
peer and identify, identify it as a 100. So I need to do it the
same thing here as well. So what I can do here, I will change this
router BGP to T2 because my internal S is 265002. Done this, the first change, no need of this command. I'll just copy from
the 100 will be there. Now BGP configuration peers. So my peer is 65002,
is r2 itself. So I will remove this 123. And this one I will
change to one, this one, because I held
this configuration here and this one
configuration here. And I want to
advertise to dot to dot to dot to my libraries. Third, P naught 13, this is 2323 dot three, next to upsell, 23 dot three. And remote S. I don't have the
other connectivity, so I don't need this command. This, the thing which I need
to copy and paste in art to Israel are two
configuration is also done. Now let's go to R3. R3 I held two neighbors ship. So what I will do here, I will make them this 165003, my private is identified. This command will be remain the same in all three routers. Yes, this one will
be changed 65003, it will become 21 is
already this one. So this is my
Confederation neighbors. And I want to advertise
three dot, dot, dot three. And my neighbor is 2323 dot two with the remote
internal private AS2. Bird. Let me copy this one and let me paste them here because
I have another neighbor, this 11313 dot one. Correct. But a is 65001. You get this point here. Now you can see a
similar outmost. And far this sniper 13 dot one. I will pad next
hop silk command. And the same command
I will do for 23232. So let me copy these
and paste them here. Done. This is internal configuration. And terminally we are done. This is configuration,
configuration. If I say show IP BGP summary. So hopefully I helped to
labor with 6500165002. Okay? And if I check in R2, so again, show IP BGP summary. So I have neither
quantity dot a3 and a4. I check in R1 IP BGP summary. So I have two neighbor, 23, which is internal and
this one which is idle. It's okay. We will go into
configure R4 now. Now coming to the main point, now how we will configure R4. R4. Do you think they
will make an I-bar should be 65001 because an R1 show running section BGP. Here are my 65001. And I make a knife
or with this one, you can see remote AS 400. So it has to be the opposite. Yeah. And R4, I will say
router BGP 400, and then I will make 965001. I know I will make
neighbors ship with a 100. This the beauty
of concentration. So in R4 I will share
out through BGP 400 and my libraries 192216814 dot one, but remote as a 100. You get my point. And here if I want to
advertise for dot fool dot for suppose mosque to 55
to 55 to 55, Two, 45. You can advertise this one and you see my night,
but she pays up. Show IP BGP summary. And my neighbor
is up with a 100. But R1 is basically
not a 1065001. But it's coming under this one. This why we said that BGP configuration is
basically dividing, subdividing a is my
neighbor ship is up. It means if I go to R2, so can I see for, for network? Let's go to our, to the last router. If I say show IP BGP. So you see, I can see for, for, for this are for detail
and my last router. But there is a small changes
which you can notice. N squared parentheses. It says 6500365001 and
S coming from public. The public is 400. But as coming
through 6500365001, these are nothing but
this 16500365001. So let me go to reconfigure basic configuration
of these routers. And then in R1 we configure
identified a 100, the same command we
type in R2 as well. Okay? And the same command we type
under router three Israel. Then second command which is similar as BGP
configuration peers. But we changed the peers. This is R2 and R3 here, this is R1, and
this is our three because this is R2 and R3. My beer is 65001 or
1650222, which is R2. Next command we already know, so you need to type
this next hop. Okay? And then remote is definitely to whom
you want to connect. For our food, we do
nothing because this normal outside this R4, they can see all these
three routers under a 100. Let me show you if
I go to R4 and if I say show IP BGP, you see, I can see 1112223334
under a 100, y12 is not under a 1011 is under 6500133 is under
6500322 is under 65002. But when they're giving outside, so it will represent a 100. That's why R4 can
see them as a 100. Let's go if I do sum. So we can see an R4, 1234 for under a 100 from R4. Can I pin these?
Yes, definitely. If I want to ping source, I will put my loopback
interface so I can ping 111. It can be source for
dot fool dot four. I can pin two and definitely
I will pin three as well. Yes, So I'm reachable easily. So you can see there
is a trace route, definitely is going to reach
their interests route. It will show that
at going there, then there then they are FYI
want to trace two to two. But actually for R4, they said that all these
routes are coming from a 100, even though inside is coming
from different private AS the concept of BGP
configuration and R4, I told you already, we are receiving these prefixes. So if I say show IP BGP summary, so I'm receiving three
prefixes from R1, R2, and R3 just to verify trace route and we
don't need ideology told you. It will show you
through the park. And R4, we already
checked this one. They checked just to verify
in just to show you how that is what this is
called BGP configuration. We check these all
three router is a one chunk working
with outside world. But inside we have
different, this way. We have reachability as well and everything and we
verify as well. So R4 can recognize
them as a 100, not them is a 65001
or two or three. And that's the beauty
of BGP configuration.
41. BGP Regular Expression: Next topic related to BGP
is regular expression. Basically a regular
expression is a patron used to match
against an input string. And BGP, we widely used BGP regular expression when you want to filter your
AS part attributes. So we can use BGP. Regular expression is we know BGP route content
AS part attribute. You can use regular expression
to obtain route with specific AS related to AS part attribute and
you can filter them. Regular expression
is nothing but a string of special
character that can be used to search and foreign
specific character patron. We can use this regular
expression which show command. I know we can use them with
AS part excess list as well. But here we will use them
with show command to match BGP prefix based on the
information content and a spark regular
expression as far molar for matching string
that follows certain patron. And they will return
you the answer. You know, this regular
expression we use in many languages as well to filter something BGP regular
expression as spatial character to get useful information
from BGP tables. Simple is that the
command which we use a show IP BGP regular
expression command, reject to display a route to matching the specific
regular expression. Those characters are aesthetic. We have brackets. This is called
carrot, dollar sign. We have hyphen parentheses. We have period, we
have plus sign. We have question mark, underscore, pipe sign,
and carrot and brackets. These spatial
character can be used to filter information from BGP. Table. Steric is used to match 0 or
more sequence of the patron. Break it, we can use designated arrange of
single character patron. We can use the beginning of
input string, dollar sign. We can use an input string. We can use to separate
parentheses, logical grouping. We can use them. Period, we can use for any single character
matching plus sign, we can use match one or
more segments or patron, if we need one or more, we can use plus
sign question mark. We can use 0 or one
occurrence of patron. And underscore. We can use matches or spaces. Pipe we can use
functionality to query. We can pipe sign we normally
use and carry them brackets. Exclude the character
listed in bracket. If you want to
exclude something, they can reuse
credit and brackets. Like these are the examples. Expression. Suppose Dart and steady,
it means anything. Then carrot and dollar sign
locally originated drought. And kill it with say, 1474 underscore. It means anything. Learn from this AS
number, AS number. Autonomous system number 1474. And if you want, originated something
from autonomous systems, so 1474, then we can use
underscore 747 $4 sign. If you want to check any
instruments and art cinemas. And then our two numbers, 7474, then we can use underscore
sound 474, underscore. And directly connected
autonomous system. Then we can use carrot 0 to nine and brackets
and then plus I told you why we need plus match one end mode and
synchronous dollar sign. So these are few examples. You will get the idea. So rather than to
create a topology, why not to go to looking
glass this website, which is publicly available, many routers so we can do
or test there as well. So let me go to BGP
Looking Glass servers. I'm in BGP four. And then I click on
looking glasses. And let's go to any country. Let's go to, here is Australia. Let's go to Australia
one and click on this one to open
Australia router. So let me open Secure CRT. And let's do some example. The thing which I told you here, we will use this expression. Okay? So first example,
suppose someone, because you know, these
routers are huge. If I say show IP BGP. So you will see this,
the huge table BGP. And enter. Look at now space, space, space bar as a huge table. And FY needs some
specific things. So what I can do
Control C, Control Q. And you see show IP BGP, I helped part and formation. I can filter the thing
using this part attribute. Okay, so what I
can do Control C. And here these are the example. Suppose someone say create
a regular expression that show all the network debt
originate from, say, 1474. What I can do, I
will say Show IP BGP rejects means regular
expression underscore 7474. So this command will
show me all the routes that originated from
autonomous system 7474. Now, if I type like this, it's showing me all the
thing. These one as well. This one is 331 Israel. And you see a lot of things. So Control C, I can
type this command. Let me copy this one. Okay, Let me, so I can use
this command copy and paste. Show IP BGP, regular expression
underscore sevenfold, so on fraud and enter. Now you will see
only those route which originated from this one. So this is the beauty
of regular expression. It showing me those
drought only. So as filter them and they
can give you the reserve. And the command is show IP, BGP and regular expression,
this d command. And after that, you can type any regular expression
which you want. Now let's go to second example. Second example is to find all the subnet
reachable via 7474. It means anything which
begin with 7474 AS number. So what I can do, I can use
carrot sign and underscore. If I use this one, it will show me those routes, those subnet prefix, which
is starting with 7474. So if I go here and paste
this one and Enter, you see starting from
seven fourths N14 only. And there is a part of. So let me go up again and
let me delete this one. And let's do another example. Let's go to another example. Another example is create
a regular expression. They're true. Asl 1478, the beginning
and everything behind it. So we need those detail. It means which start from
this AS number 7474. And after that, it
can be anything. So again, I can use gedit, an underscore this one. If I go here and type this one. So it means I said that
anything which is starting from 01474 Behind it can be anything. So if I enter, so everything which started
from this one, you can see n. The rest of them
can be anything. Now let's go to another example. Show everything we're 6762
and the middle of the park. So I need those thing. We're *** coming in the middle. There may be many AS before and there can be many s After. I don't care. Then I need to use underscore
before an underscore after. You see now there is nothing,
yeah, it's different. But now I need another filter because there's a huge table. So what I'm saying, so D is wrong. Let me copy again
67164623. So Control C. And regular expression.
This thick Omar. And here our type
that anything before and anything after
6762 and Enter. Now you'll see 67. Section 162, before is these two and after as these
two, it can be anything. I don't care. I say it has to
be in the middle. Middle means it can be anything before it, anything after. We already discussed
that we can use underscore for this
type of situation. Then next example is create a regular expression that only show the locally
originated network. We can use carrot
and dollar sign, anything because there
is no such thing. So I can show you this one. We will leave this one. Let's go to another one to match all the network and BGP table. All the network we can use. Dart with static. It will show all the networks. So I can use dot with static. So it will show all the network. You can see it's different
now, all the network. So if you see and if you want
to check all the network. So you can use this command, show IP BGP regular expression dot dot static for
this type of output. Next example is show
all the network that are originated by you
are directly connected. A sniper show me
those network only, which is originated by my directly connected
AS numbers only. Maybe I don't know how
many neighbors I hail. So I can use this command. Get it signed 0 to nine
and plus dollar sign. So I will remove this one. And let's see how
many night but I help Saudi desert dollar sign is when we type a
dollar and enter. So I believe I have
only one neighbor, 7474. Let's go down. Maybe I held the network which advertised
by these nipper. So let me go down until this, the command show are
the network that originated by you are
directly connected AS number. Then you can use this
regular expression. Let's see if there should
be any other Nivre. So I believe they still need
directly connected neighbor. Let me go down more. Okay, let's go down more. Yeah, I don't have. Okay. Next command is create a regular expression
that only shows 7474. So definitely we can use
carrots and, and dollar sign, show you only 7474 and the path. So Control C, Control Q. And let me go to
regular expression. And here I will type 7474. So it will show you only
say 1474 and the path. Okay? So these are the few examples. So it means you can use this regular
expression to filter. Because you know that BGP
routing table is very huge. And if you need
specific information, so you can use these
character and symbols for specific purpose with a
regular expression command. The command which you can use. You can use with the
help of this command to find out whatever
information you need. If you need anything, if you need locally
originated drought, if you need land
from specific is if you want originated
from a number, any instance directly
connected and so many other example
you can use and you can figure out the specific
information from BGP table using this
regular expression. That's it.
42. Interview Questions & Answers: Okay. So let's discuss basic interview question
and answer related to BGP, border Gateway and
routing protocol. First thing first,
they may ask you, what is BGP? Border
Gateway Protocol? So we know this is
Exterior Gateway Protocol and the only protocol
which use on the Internet. Gateway routing protocol used to communicate between
more than one, AS we discussed, what is S? And maybe they can ask
you next question. What is this? Why I mentioned here what is
autonomous system number? So in my first lecture, I mentioned to you in detail what is Border
Gateway Protocol? So you can explain them. Bgp as a path vector
routing protocol, okay? The only protocol which
use on the Internet, and you can explain
them two main things, which is BGP provide
route manipulation. And it can handle a
huge routing table. A huge routing table. If I go to any website, BGP, BGP For MFI, go to BGP
Looking Glass server, which you can access
public BGP server. Yeah, three for read only. So let me go to any country. Let's go to Australia. So let me open this Australia. Okay. Let me type show IP BGP. And you will see a
huge routing table. I'm pressing again and
again space bar and almost type press 20 times and still BGP table is
not finished yet. And now I finish more
than 30 time and still there is a huge routing table. So you can explain them. That's the only
protocol which can handle huge routing table. None of the protocol,
EEG, ERP, OSPF, or any other protocol can not handle a
huge routing table. Second thing is
which distinguish BGP is provide
route manipulation. We can use 14 attribute to
manipulate the routing. Okay. We can use a
reality, discuss it, reboot, Yeah, So you can
explain them, their thing. And there are a huge
advantages of using BGP. There's just a few
things I mentioned. You will realize that we
already discussed this one. Second thing. They may ask you, what is autonomous
system either AS, Okay? So I told you that
what is a S If I go to do now must system this one. So if I go to this website, yes, this one, Internet Assigned
Numbers Authority here, I told you that
same like before, we have public IPs and we held private IPs and same like IPV6. We have some private
IPs and some of them public IPs and Ayana. They are the Internet
Assigned Numbers Authority which can provide
you IPV4, IPV6. Similar, they can assign you this autonomous
system number, a location, and we
have to type 16. And these are the 16, some of them private, we discuss in detail. Okay. So you can explain them
those things in detail. Next thing there is the normal Christian which they
ask and interview. They say Kaner, router on different subnet
become BGP neighbor. Yes. Bgp does not require a neighbor to be attached
and the same subnet. It's not like a ERP or OSPF RIP so that you are Nippur because
all those protocols, they're required diaper has
to be on the same subnet. But BGP is the only
protocol which it doesn't require
that the neighbor has to be on the same subnet. But BGP router use TCP
connection between the router to pass BGP messages
and they can make an I. But you get my point
what I'm saying. So BGP is the only
protocol which doesn't require neighbor
has to be on the same sub n. Let me explain you from one topology because it's the most question which
normally ask in interviews. I have three routers here, R1, R3, and R2. And I want to make a neighbor
shape between R1 and R2. Even though R2 is not
directly connected to R1. And I don't want to
enable BGP and R3, but I want to make these
two router to be hyper. Is it possible? Yes, The only thing we
need reachability here, and we can make these
two router neighbor. So let me open this R1
to configure quickly. And let me open R2. Okay? Let me open R3. Okay, so let's go to R1 first. These are my script.
So quickly apply R1. I will change the name to R1. Under interface I will apply 13 dot one and I will create
one loopback interface. So let me do this one and paste. Let's go to R2. R2 in this one, the last one. So R2 has also similar 23 da2. I will change the name
and I will create one loopback
interface, so as AC. And let me assign this one. Our three, which
is in the middle. Keep in mind. One
is connected to R3, 13 dot 1133, this side, 23 dot 323 da2. Okay? So these are connected I19
partnership between R2 and R2, which is not directly connected. Neither they are
in the same subnet or one isn't 13 subnet, this one isn't 2323 subnet. Okay? Now in R3, which is in the middle, just 13323 dots three, just connectivity between
these two router. So let me apply this one. Okay? And now let's create an I-bar
ship between R1 and R2. Same thing what I will do router BGP one AS1 and
remote S is also one. I'm talking about I BGP. And 2323 dot two is this 123
dot two which is far away, not directly connected,
neither in the same subnet. So what I will do, I
will say that this is my neighbor and I want to
advertise my Lubeck 111. But for reachability, I
create a default route, sorry, static route
to reach there. So if I want to reach
this 23 network, I need to give my
route to 13 dot three, which is in the middle or three static route because
you just need reachability. So let me apply this one and R1. Okay, and now let's
go to our two. I will not configure
any BGP and R3. R2. Again, I will do
one because I BGP 13, That one is my neighbor
and I want it to. But to reach 13, I need to give
route to our three, which is in the middle. The tip, just need reachability. Now it will become Nippur. But keep in mind our three. There is nothing show running. Section BGP. Know BGP is running. If you want to
check show running, you see there is no BGP running only two interfaces which
connect our R1 and R2. But if I go here, show IP BGP, you can see I have a neighbor, 11 as my own route and 22, and now I make an I-bar flipped. So if I can show you
should be dp summary. So it's better to show you from here 23 dot two,
which is far away. This one, not 1323, S's become my Nippur. And if I go to R2, show IP BGP summary. So 13 dot one and here
23 dot too far away, it's become my neighbor MIN,
receiving the prefixes. Well, why I told you that I
BGP use show IP BGP Nippur, sorry, show IP BGP neighbor. I told you that
TTL value is 255. So this route can reach
to R2 because for BGP doesn't require neighbor
to be on the same subnet. The stability of BGP. But I configured I BGP. Keep in mind, let me
show you from here. If I capture this point has
to be clear to you, okay? Because I BGP use a TTL to 55, so I can reach there. But if I can figure E BGP, then I need to assign
one extra commands. If I go there. And you see time to live to 54 to five basically
because it's near to me. So I can reach the ear. The only difference
is if it is a BGP, then I need to assign multi-hop. I need to increase multi-hop. You remember that thing? Yeah. We already explained you. So I don't want to go in detail. I hope so you get the idea. If they asked you
an interview that can route on different
subnet become BGP neighbor. So you can say yes and you
can explain them like this. Then what port number
BGP used for connection? We already discussed
this one, PCP 179. Let me show you from here. We're using TCP. And if I go to this one. So here you can see TCP 179. We are using port number 179 and we already discuss
in detail by the way, then, what is the
difference between e BGP, BGP neighbor, Okay,
good question. And I BGP neighbor sheep farm between router within
the same number. Because then I BGP, we are using same
autonomous system number while an E BGP neighbor shape, we are using different areas. Even though I mentioned you
were in video number three or something more difference
between e BGP, BGP, you can explain
them more detail. But this T shortcut,
because I BGP, they are using same
autonomous system and BGP using a different
autonomous system number. Okay, and there are
many other things. Then what is the administrative
distance of BGP? So we already know
I BGP used 200. Let me show you from here. If I show IP route. So here you can find as well. Yeah, here is, because
I configure BGP is 200. If it is E BGP, then
it should be 20. Okay? So we already know this one. So you can explain them. Explain loop prevention
mechanism and BGP. Bgp use a different mechanism. But I just mentioned to win
our routes land route from I BGP route does not advertise the same
route to another IP GP PR. And I show you in Libya, if you remember that video. So I told you that one. You can go through that video, how it is not going to
advertise the same route. And also by using AS part. We already explained
this one as well. So you can go in more
detail because it will take time to configure a need to attach another route. By the way, I need to
configure BGP here as well. So when they learn the
route, something from here, so they will not advertise to R2 D2 loop prevention mechanism. This the first thing
which I'm talking about. So we already covered this one. You can go through that one. And do we need to follow three-way handshake
process to establish BGP? Yes. Because BGP use
three-way handshake. If I reset it, clear IP BGP, hard reset, and Nephites go there. You will find TCP
three-way handshake again. You can see it's required. You can see acknowledgment. Here is acknowledgments
sink and sink. Acknowledgment chair should
be three three-way handshake. So yes, you can say that. Yes, it's required
because BGP use TCP and TCP definitely
require three-way handshake. What is the difference between the hard reset and soft reset? Again, we already
covered this one. The one which I just use. This is called hard reset, clear I BGP and you know,
it's down everything. And here you will see
everything is done. Bgp. If I go to BJP, this the last message,
yes, and when t3. So if I reset, it will revisit each
and everything. Open message, open
message key color, and it will reset each and every day, each and everything. And also three-way handshake. And it will reset the
three-way handshake as well. If you are using a hard reset, the neighbors will be Our
disconnected and it will be bring them down
and then they will reconnect if you are
using hard reset. But in case of soft reset, the router does not bring
down the BGP neighbor ship. The ship will be still
the show IP BGP summary. So this neighborhood, but the only thing is if
you want to down, so there is a command
question mark, there is a soft. And if I quickly check, so my neighbor's
sheep is still there. But in the case of a heart race, a hard set, hard reset. This the hard reset if I checked with Lee,
so my neighbor, she will be down now.
You know, it's down. It will make them down. If you using hard
reset, clear IP BGP. And it's a hard reset now and again reconnect
and it's done. This. The difference between
hard reset and soft reset. The NIH budget will not
bring them down and became a soft reset. We use these command as well. And these are the command
clear IP BGP soft and clear IP BGP without South
has become like a hard reset. And so you can explain
them in this way. Definitely what are the
different BGP messages type? We'll discuss in
detail open message. We can check from here as well. These are open message. It's better to make them BGP. We discuss in detail
open message, keep-alive message,
update message. Okay, these are the
message type we discuss, keep-alive Update
Notification message. So you can explain them. These four message
we will discuss in detail and explained
various states of BGP. Again, we discussed in detail
either connect active, open sand and open
confirmed and establish. You can mention them and you can explain them as these Israel. Some of them you
can find from here which we discussed
in that video. So you can go through that
and you need to know about these various state of
BGP. Very important. Then expand BGP path attribute. Again, we make two videos
related to Path attribute. Next hop, you can find out more. If I say show IP BGP
from this command, you can find most of
the attribute here. If I go there, this is next top. Where to attribute
this attribute. And we discussed why it is
0 and this one is 32768. You can find out more detail in that video, local preferences. So this is local preferences. Local injected drought effort
is local injected AS path. This is path origin, origin. So you can find the origin
code here and immediate. So this is the MAD and okay
and unipolar type and also E, BGP route, neighbor router ID. We can find the neighbor
router ID like this one is the local router ID and
an I-bar IP address. We can find out
that one as well. So these are the attributes you need to be clear about
the BGP path attribute. You can go through that
video and your unit. You can explain them. Explain BGP wet attribute. This is where to deploy, which is local and only you
can find in Cisco 32768, okay, if it is a local
route and if it is, so, it will become 0. And we discuss in detail this one explained
local preferences. So again, there's the
local preferences we discussed 100 and
there is nothing. Why? So you can explain
them in more detail. And also an eye BGP and a
BGP it will be different. Explained BGP MAD. So again, this T MED attribute, what is a recursive lookup? So two times they will check
the destination and it's the normal routing questions
so you can explain them. What is route reflector
and why it is required. Again, we discussed
route reflector and BGP route learn from BGP will never be advertised
to another IP GTP now, but we know this one. To overcome this situation, route reflector is used. Route reflector, a client and a router advertisement
between this one. So it will break this
rule and you will get the detail and more detail we discussed
throughout reflector. And also we've done one
lab route reflector we use to eliminate
full mesh requirement. Without full
connectivity, still you will get all the details so
you can use route reflector. We know this one. What is the difference between
local preferences and MAD? Again, these are
the two attribute. So you can explain them. What are the command
administrator to disable BGP sniper ship? So there is the shutdown
if I have one neighbor. Okay, and let me go to
router BGP, routing BGP one. And my neighbor is 19216
years 23 dot two here. So I can type shut down so
I can bring down the libel. Should you know
that our neighbor, she pays done administratively. If I donate question marks
or Control a and know, the neighborhood
will be up again. Now that I bought cheap is up. So what is the command
administratively disabled BGP neighbor ship. So the command is this one, IP address of them
hyper and you can type, shut down type node. So it will enable, again, cannot run BGP process
under single router. No. I'm already running BGP one. Yeah, if I go to show
running section BGP, so I'm already running
a router BGP, okay? If I say router BGP to, it will give me an error. There's a BGP is
allergy reading AS1. So I can only run one BGP. Not more than one. You can not run BGP process on single router is not
possible on single router. And define various BGP
path attribute we already discussed for and detail for
category will non-mandatory, well-known a discretionary
and optional transitive and optional and non transitive. So you can go through that video and you will get the idea. What is E BGP multi-hop. I told you, if your neighbor
is not connected directly, so you need to apply
multi-hop to reach that won. The case of Pi BGP is 255. I mentioned you
from here as well, because TTL value is here, 255. So far I BGP
neighbor, it's okay. But for E BGP S1. So you need to type multi-hop command to
increase that one. We use that one
for that purpose. Okay, well, what is the use
of Confederation and BGP? So again, we discussed
this one if you want to split at enormous system and
smaller to number system. So we are using Confederation, okay, for that purpose. Which algorithm is used by
BGP for best path selection? So they're using
composite metric, 14 attributes, they're
using different attributes. Bgp, which type of
routing protocols. So it's a path vector
routing protocol and exterior gateway protocols are what will the
BGP first check to see a prefixes accessible? Bgp will check next
hop attribute to determine next top
accessibility first, what are the two
methods for reducing the number of BGP
connection and network? So definitely we have two
method we are using and we discuss both confederation
and route reflector. We using these two
methods to reduce, okay? And what is the rule
for synchronization? Again, we discussed
synchronization and more detail. You can go through that video
and you can explain them. Can I use BGP? Any IGP know because BGP work
between our two numbers, but IGP we're inside or
two now my system number. So we cannot use
any IGP protocol, interior gateway protocol
for exterior purpose. So this is the beauty. That's the only protocol
which we use outside. What are the benefits up
configuring BGP peer group, definitely system
resources, CPU and memory, and also less configuration. And these are the and more
detail we discussed this, the benefit of using a BGP peer group
command remote private, ASN BGP use, we use remote private AS we'll
discuss theoretically. And also we return
one lab as well. So you can go through
that and you can explain them that why we
need remote private. Okay. We don't want to ISP firewood prefix that
land from private AS. So it will remove the
private AS number. Normally be removed
like a private IPs. Private IP never
work on Internet. We need public IPs. So the same thing happen here. So it will remove the private S when as far over
to the other ISP. So these are the few
question it can be more. But when you call the scores. So hopefully you can answer
them all the question when they asked related to BGP
and normally interview, they will ask you such question. Okay. Thank you.
Ahmad Ali, Cyber Security Consultant
