Cisco IOS software Overview
internetwork operating system runs on the majority of Cisco networking equipment provides intelligent network services:
security, multicast, load-balancing...
IOS User Interfaces the command-line interface (CLI) configuration tools
AutoInstall the setup command facility the ConfigMaker and FastStep configuration
applications
Cisco IOS Command Modes
User EXEC mode Privileged EXEC mode Global configuration mode Specific configuration modes Configuration submodes configuration subsubmodes ROM Monitor Mode
Cisco IOS Command ModesEntering CLI
User EXEC (Router>)
Log in
logout
Privileged EXEC (Router#)
enable
disable
Global configuration (Router(config)#)
configure terminal
exit/end/Ctrl+Z
Interface configuration (Router(config-if)#)
interface
Router configuration (Router(config-router)#)
router
end/Ctrl+Z
End/Ctrl+Z
exitexit
Basic BGP Configuration Tasks
Enabling BGP Routing Configuring BGP Neighbors Managing Routing Policy Changes Verifying BGP Soft Reset Configuring BGP Interactions with IGPs Configuring BGP Administrative Weights Disabling AS Path Comparison
Basic BGP Configuration Tasks
Configuring BGP Route Filtering by Neighbor Configuring BGP Filtering Using Prefix Lists Configuring BGP Path Filtering by Neighbor Disabling Next-Hop Processing on BGP
Updates Configuring the BGP Version Setting the Network Weight Configuring the Multi Exit Discriminator Metric
Enabling BGP Routing
Router(config)# router bgp autonomous-system
Router(config-router)#
Effect:
Global configuration mode Router configuration mode
Number of the autonomous system to which the router belongs.Example:
Router(config)# router bgp 200
Configuring BGP Neighbors
Router(config-router)# neighbor {ip-address | peer-group-name} remote-as number
ip-address Neighbor's IP address.
peer-group-name Name of a BGP peer group.
number Autonomous system to which the neighbor belongs.
Configuring BGP Neighbors
!Router A
router bgp 109
network 131.108.0.0
network 192.31.7.0
neighbor 131.108.200.1 remote-as
167
neighbor 131.108.234.2 remote-as
109
neighbor 150.136.64.19 remote-as
99
Managing Routing Policy Changes
BGP session must be reset to valid a policy change
reset methods: hard reset soft reset
outbound soft reset inbound soft reset
configured inbound soft reset dynamic inbound soft reset
Managing Routing Policy Changes
Router# clear ip bgp {* | address | peer-group-name} [soft [in | out]]
Router(config-router)# neighbor {ip-address | peer-group-name} soft-reconfiguration inbound Example:router bgp 100neighbor 131.108.1.1 remote-as 200neighbor 131.108.1.1 soft-reconfiguration inbound clear ip bgp 131.108.1.1 soft in
soft (Optional) Soft reset.
in | out (Optional) Triggers inbound or outbound soft reset.
Verifying BGP Soft Reset
Check information about the BGP routing table
Router# show ip bgp
Check information about BGP neighbors
Router# show ip bgp neighbors [address]
Configuring BGP Interactions with IGPs
Synchronization is enabled by default.
In some cases, you do not need synchronization.
To disable synchronization:
Router(config-router)# no synchronization
Configuring BGP Administrative Weights
a cisco-defined proprietary attribute used in the path selection process local to the router to configure this attribute:
Router(config-router)# neighbor {ip-address | peer-group-name} weight weight
Configuring BGP Administrative Weights (contd.)
!Router C router bgp 300 neighbor 1.1.1.1 remote-as 100 neighbor 1.1.1.1 weight 2000 neighbor 2.2.2.2 remote-as 200neighbor 2.2.2.2 weight 1000
Disabling AS Path Comparison
RFC1771 does not include AS-path in the path selection procedure
the Cisco implementation does by default to ignore the as-path length when selecting a
route:
Router(config-router)# bgp bestpath as-path ignore
BGP Route Filtering
Three basic BGP configuration tasks involved:
Configuring BGP Route Filtering by Neighbor Configuring BGP Filtering Using Prefix Lists Configuring BGP Path Filtering by Neighbor
access-list-number: number of an access list. 1 to 99 or 1300 to 1999.
deny: denies access if the address prefix is matched.
permit: permits access if the address prefix is matched.
address-prefix: the prefix to match.
wildcard: wildcard bits. Place ones in the bit positions you want to ignore.
To apply a distribute list on a neighbor:neighbor {ip-address | peer-group-name} distribute-list access-list-number {in | out}
Prefix Filtering To define a distribute list:
access-list access-list-number {deny | permit}
address-prefix [wildcard]
in: distribute list is applied to incoming advertisements.
out: distribute list is applied to outgoing advertisements.
Prefix Filtering
!Router C router bgp 300 network 170.10.0.0 neighbor 3.3.3.3 remote-as 200 neighbor 2.2.2.2 remote-as 100neighbor 2.2.2.2 distribute-list 1 out ! access-list 1 deny 160.10.0.0 0.0.255.255access-list 1 permit 0.0.0.0 255.255.255.255
AS_path Filtering
Router(config)# ip as-path access-list access-list-number {deny | permit} as-regular-expression
Router(config-router)# neighbor {ip-address | peer-group-name} filter-list access-list-number {in | out}
as-regular-expression: a regular expression matching a specific sequence of ASes.
AS_path Filtering
!Router C neighbor 3.3.3.3 remote-as 200 neighbor 2.2.2.2 remote-as 100neighbor 2.2.2.2 filter-list 1 out !ip as-path access-list 1 deny ^200$ip as-path access-list 1 permit .*
Using A Prefix List
Router(config-router)# ip prefix-list list-name [seq seq-
value] deny|permit network/len [ge ge-value] [le le-value]
Router(config-router)# neighbor {ip-address | peer-group-name} prefix-list prefix-listname {in | out}seq-value(Optional): Specifies the sequence number for the prefix list entry.
network/len (Mandatory): The network number and length (in bits) of the network mask.
ge-value(Optional): Specifies the lesser value of a range (the "from" portion of the range description).
le-value(Optional): Specifies the greater value of a range (the "to" portion of the range description).
Example:
ip prefix-list abc deny 128.0.0.0/8 ge 23 le 24
ip prefix-list abc permit 0.0.0.0/0
neighbor 2.2.2.2 prxfix-list abc in
Disabling Next-Hop Processing on BGP Updates!Router C
router bgp 300 neighbor 170.10.20.1 remote-as 100 neighbor 170.10.20.1 next-hop-self
Router(config-router)# neighbor {ip-address | peer-group-name} next-hop-self
Configuring the BGP Version
To prevent negotiation and force the BGP version used
Router(config-router)# neighbor {ip-address | peer-group-name} version value
Example:
neighbor 1.1.1.1 version 4
Setting the Network Weight
The weight attribute is 32768 for the paths that the router originates by default.
To set the absolute weight for a network:
Router(config-router)# network address mask weight weight
Example:
network 128.0.0.0 weight 2000