2 @c This is part of the Frr Manual.
3 @c @value{COPYRIGHT_STR}
5 @c Copyright @copyright{} 2015 Hewlett Packard Enterprise Development LP
6 @c See file frr.texi for copying conditions.
10 @acronym{BGP} stands for a Border Gateway Protocol. The lastest BGP version
11 is 4. It is referred as BGP-4. BGP-4 is one of the Exterior Gateway
12 Protocols and de-fact standard of Inter Domain routing protocol.
13 BGP-4 is described in @cite{RFC1771, A Border Gateway Protocol
16 Many extensions have been added to @cite{RFC1771}. @cite{RFC2858,
17 Multiprotocol Extensions for BGP-4} provides multiprotocol support to
27 * BGP Address Family::
29 * BGP Communities Attribute::
30 * BGP Extended Communities Attribute::
31 * Displaying BGP routes::
32 * Capability Negotiation::
35 * How to set up a 6-Bone connection::
36 * Dump BGP packets and table::
37 * BGP Configuration Examples::
43 Default configuration file of @command{bgpd} is @file{bgpd.conf}.
44 @command{bgpd} searches the current directory first then
45 @value{INSTALL_PREFIX_ETC}/bgpd.conf. All of bgpd's command must be
46 configured in @file{bgpd.conf}.
48 @command{bgpd} specific invocation options are described below. Common
49 options may also be specified (@pxref{Common Invocation Options}).
53 @itemx --bgp_port=@var{PORT}
54 Set the bgp protocol's port number.
58 When program terminates, retain BGP routes added by zebra.
62 Specify a specific IP address for bgpd to listen on, rather than its
63 default of INADDR_ANY / IN6ADDR_ANY. This can be useful to constrain bgpd
64 to an internal address, or to run multiple bgpd processes on one host.
71 First of all you must configure BGP router with @command{router bgp}
72 command. To configure BGP router, you need AS number. AS number is an
73 identification of autonomous system. BGP protocol uses the AS number
74 for detecting whether the BGP connection is internal one or external one.
76 @deffn Command {router bgp @var{asn}} {}
77 Enable a BGP protocol process with the specified @var{asn}. After
78 this statement you can input any @code{BGP Commands}. You can not
79 create different BGP process under different @var{asn} without
80 specifying @code{multiple-instance} (@pxref{Multiple instance}).
83 @deffn Command {no router bgp @var{asn}} {}
84 Destroy a BGP protocol process with the specified @var{asn}.
87 @deffn {BGP} {bgp router-id @var{A.B.C.D}} {}
88 This command specifies the router-ID. If @command{bgpd} connects to @command{zebra} it gets
89 interface and address information. In that case default router ID value
90 is selected as the largest IP Address of the interfaces. When
91 @code{router zebra} is not enabled @command{bgpd} can't get interface information
92 so @code{router-id} is set to 0.0.0.0. So please set router-id by hand.
97 * BGP decision process::
98 * BGP route flap dampening::
102 @subsection BGP distance
104 @deffn {BGP} {distance bgp <1-255> <1-255> <1-255>} {}
105 This command change distance value of BGP. Each argument is distance
106 value for external routes, internal routes and local routes.
109 @deffn {BGP} {distance <1-255> @var{A.B.C.D/M}} {}
110 @deffnx {BGP} {distance <1-255> @var{A.B.C.D/M} @var{word}} {}
111 This command set distance value to
114 @node BGP decision process
115 @subsection BGP decision process
117 The decision process Frr BGP uses to select routes is as follows:
120 @item 1. Weight check
121 prefer higher local weight routes to lower routes.
123 @item 2. Local preference check
124 prefer higher local preference routes to lower.
126 @item 3. Local route check
127 Prefer local routes (statics, aggregates, redistributed) to received routes.
129 @item 4. AS path length check
130 Prefer shortest hop-count AS_PATHs.
132 @item 5. Origin check
133 Prefer the lowest origin type route. That is, prefer IGP origin routes to
134 EGP, to Incomplete routes.
137 Where routes with a MED were received from the same AS,
138 prefer the route with the lowest MED. @xref{BGP MED}.
140 @item 7. External check
141 Prefer the route received from an external, eBGP peer
142 over routes received from other types of peers.
144 @item 8. IGP cost check
145 Prefer the route with the lower IGP cost.
147 @item 9. Multi-path check
148 If multi-pathing is enabled, then check whether
149 the routes not yet distinguished in preference may be considered equal. If
150 @ref{bgp bestpath as-path multipath-relax} is set, all such routes are
151 considered equal, otherwise routes received via iBGP with identical AS_PATHs
152 or routes received from eBGP neighbours in the same AS are considered equal.
154 @item 10 Already-selected external check
156 Where both routes were received from eBGP peers, then prefer the route which
157 is already selected. Note that this check is not applied if @ref{bgp
158 bestpath compare-routerid} is configured. This check can prevent some cases
161 @item 11. Router-ID check
162 Prefer the route with the lowest @w{router-ID}. If the
163 route has an @w{ORIGINATOR_ID} attribute, through iBGP reflection, then that
164 router ID is used, otherwise the @w{router-ID} of the peer the route was
165 received from is used.
167 @item 12. Cluster-List length check
168 The route with the shortest cluster-list
169 length is used. The cluster-list reflects the iBGP reflection path the
172 @item 13. Peer address
173 Prefer the route received from the peer with the higher
174 transport layer address, as a last-resort tie-breaker.
178 @deffn {BGP} {bgp bestpath as-path confed} {}
179 This command specifies that the length of confederation path sets and
180 sequences should should be taken into account during the BGP best path
184 @deffn {BGP} {bgp bestpath as-path multipath-relax} {}
185 @anchor{bgp bestpath as-path multipath-relax}
186 This command specifies that BGP decision process should consider paths
187 of equal AS_PATH length candidates for multipath computation. Without
188 the knob, the entire AS_PATH must match for multipath computation.
191 @deffn {BGP} {bgp bestpath compare-routerid} {}
192 @anchor{bgp bestpath compare-routerid}
194 Ensure that when comparing routes where both are equal on most metrics,
195 including local-pref, AS_PATH length, IGP cost, MED, that the tie is broken
198 If this option is enabled, then the already-selected check, where
199 already selected eBGP routes are preferred, is skipped.
201 If a route has an @w{ORIGINATOR_ID} attribute because it has been reflected,
202 that @w{ORIGINATOR_ID} will be used. Otherwise, the router-ID of the peer the
203 route was received from will be used.
205 The advantage of this is that the route-selection (at this point) will be
206 more deterministic. The disadvantage is that a few or even one lowest-ID
207 router may attract all trafic to otherwise-equal paths because of this
208 check. It may increase the possibility of MED or IGP oscillation, unless
209 other measures were taken to avoid these. The exact behaviour will be
210 sensitive to the iBGP and reflection topology.
215 @node BGP route flap dampening
216 @subsection BGP route flap dampening
218 @deffn {BGP} {bgp dampening @var{<1-45>} @var{<1-20000>} @var{<1-20000>} @var{<1-255>}} {}
219 This command enables BGP route-flap dampening and specifies dampening parameters.
222 @item @asis{half-life}
223 Half-life time for the penalty
224 @item @asis{reuse-threshold}
225 Value to start reusing a route
226 @item @asis{suppress-threshold}
227 Value to start suppressing a route
228 @item @asis{max-suppress}
229 Maximum duration to suppress a stable route
232 The route-flap damping algorithm is compatible with @cite{RFC2439}. The use of this command
233 is not recommended nowadays, see @uref{http://www.ripe.net/ripe/docs/ripe-378,,RIPE-378}.
239 The BGP MED (Multi_Exit_Discriminator) attribute has properties which can
240 cause subtle convergence problems in BGP. These properties and problems
241 have proven to be hard to understand, at least historically, and may still
242 not be widely understood. The following attempts to collect together and
243 present what is known about MED, to help operators and Frr users in
244 designing and configuring their networks.
246 The BGP @acronym{MED, Multi_Exit_Discriminator} attribute is intended to
247 allow one AS to indicate its preferences for its ingress points to another
248 AS. The MED attribute will not be propagated on to another AS by the
249 receiving AS - it is `non-transitive' in the BGP sense.
251 E.g., if AS X and AS Y have 2 different BGP peering points, then AS X
252 might set a MED of 100 on routes advertised at one and a MED of 200 at the
253 other. When AS Y selects between otherwise equal routes to or via
254 AS X, AS Y should prefer to take the path via the lower MED peering of 100 with
255 AS X. Setting the MED allows an AS to influence the routing taken to it
256 within another, neighbouring AS.
258 In this use of MED it is not really meaningful to compare the MED value on
259 routes where the next AS on the paths differs. E.g., if AS Y also had a
260 route for some destination via AS Z in addition to the routes from AS X, and
261 AS Z had also set a MED, it wouldn't make sense for AS Y to compare AS Z's
262 MED values to those of AS X. The MED values have been set by different
263 administrators, with different frames of reference.
265 The default behaviour of BGP therefore is to not compare MED values across
266 routes received from different neighbouring ASes. In Frr this is done by
267 comparing the neighbouring, left-most AS in the received AS_PATHs of the
268 routes and only comparing MED if those are the same.
270 @c TeXInfo uses the old, non-UTF-8 capable, pdftex, and so
271 @c doesn't render TeX the unicode precedes character correctly in PDF, etc.
272 @c Using a TeX code on the other hand doesn't work for non-TeX outputs
273 @c (plaintext, e.g.). So, use an output-conditional macro.
287 Unfortunately, this behaviour of MED, of sometimes being compared across
288 routes and sometimes not, depending on the properties of those other routes,
289 means MED can cause the order of preference over all the routes to be
290 undefined. That is, given routes A, B, and C, if A is preferred to B, and B
291 is preferred to C, then a well-defined order should mean the preference is
292 transitive (in the sense of orders @footnote{For some set of objects to have
293 an order, there @emph{must} be some binary ordering relation that is defined
294 for @emph{every} combination of those objects, and that relation @emph{must}
295 be transitive. I.e.@:, if the relation operator is @mprec{}, and if
296 a @mprec{} b and b @mprec{} c then that relation must carry over
297 and it @emph{must} be that a @mprec{} c for the objects to have an
298 order. The ordering relation may allow for equality, i.e.
299 a @mprec{} b and b @mprec{} a may both be true amd imply that
300 a and b are equal in the order and not distinguished by it, in
301 which case the set has a partial order. Otherwise, if there is an order,
302 all the objects have a distinct place in the order and the set has a total
303 order.}) and that A would be preferred to C.
305 However, when MED is involved this need not be the case. With MED it is
306 possible that C is actually preferred over A. So A is preferred to B, B is
307 preferred to C, but C is preferred to A. This can be true even where BGP
308 defines a deterministic ``most preferred'' route out of the full set of
309 A,B,C. With MED, for any given set of routes there may be a
310 deterministically preferred route, but there need not be any way to arrange
311 them into any order of preference. With unmodified MED, the order of
312 preference of routes literally becomes undefined.
314 That MED can induce non-transitive preferences over routes can cause issues.
315 Firstly, it may be perceived to cause routing table churn locally at
316 speakers; secondly, and more seriously, it may cause routing instability in
317 iBGP topologies, where sets of speakers continually oscillate between
320 The first issue arises from how speakers often implement routing decisions.
321 Though BGP defines a selection process that will deterministically select
322 the same route as best at any given speaker, even with MED, that process
323 requires evaluating all routes together. For performance and ease of
324 implementation reasons, many implementations evaluate route preferences in a
325 pair-wise fashion instead. Given there is no well-defined order when MED is
326 involved, the best route that will be chosen becomes subject to
327 implementation details, such as the order the routes are stored in. That
328 may be (locally) non-deterministic, e.g.@: it may be the order the routes
331 This indeterminism may be considered undesirable, though it need not cause
332 problems. It may mean additional routing churn is perceived, as sometimes
333 more updates may be produced than at other times in reaction to some event .
335 This first issue can be fixed with a more deterministic route selection that
336 ensures routes are ordered by the neighbouring AS during selection.
337 @xref{bgp deterministic-med}. This may reduce the number of updates as
338 routes are received, and may in some cases reduce routing churn. Though, it
339 could equally deterministically produce the largest possible set of updates
340 in response to the most common sequence of received updates.
342 A deterministic order of evaluation tends to imply an additional overhead of
343 sorting over any set of n routes to a destination. The implementation of
344 deterministic MED in Frr scales significantly worse than most sorting
345 algorithms at present, with the number of paths to a given destination.
346 That number is often low enough to not cause any issues, but where there are
347 many paths, the deterministic comparison may quickly become increasingly
348 expensive in terms of CPU.
350 Deterministic local evaluation can @emph{not} fix the second, more major,
351 issue of MED however. Which is that the non-transitive preference of routes
352 MED can cause may lead to routing instability or oscillation across multiple
353 speakers in iBGP topologies. This can occur with full-mesh iBGP, but is
354 particularly problematic in non-full-mesh iBGP topologies that further
355 reduce the routing information known to each speaker. This has primarily
356 been documented with iBGP route-reflection topologies. However, any
357 route-hiding technologies potentially could also exacerbate oscillation with
360 This second issue occurs where speakers each have only a subset of routes,
361 and there are cycles in the preferences between different combinations of
362 routes - as the undefined order of preference of MED allows - and the routes
363 are distributed in a way that causes the BGP speakers to 'chase' those
364 cycles. This can occur even if all speakers use a deterministic order of
365 evaluation in route selection.
367 E.g., speaker 4 in AS A might receive a route from speaker 2 in AS X, and
368 from speaker 3 in AS Y; while speaker 5 in AS A might receive that route
369 from speaker 1 in AS Y. AS Y might set a MED of 200 at speaker 1, and 100
370 at speaker 3. I.e, using ASN:ID:MED to label the speakers:
375 X:2------|--A:4-------A:5--|-Y:1:200
381 Assuming all other metrics are equal (AS_PATH, ORIGIN, 0 IGP costs), then
382 based on the RFC4271 decision process speaker 4 will choose X:2 over
383 Y:3:100, based on the lower ID of 2. Speaker 4 advertises X:2 to speaker 5.
384 Speaker 5 will continue to prefer Y:1:200 based on the ID, and advertise
385 this to speaker 4. Speaker 4 will now have the full set of routes, and the
386 Y:1:200 it receives from 5 will beat X:2, but when speaker 4 compares
387 Y:1:200 to Y:3:100 the MED check now becomes active as the ASes match, and
388 now Y:3:100 is preferred. Speaker 4 therefore now advertises Y:3:100 to 5,
389 which will also agrees that Y:3:100 is preferred to Y:1:200, and so
390 withdraws the latter route from 4. Speaker 4 now has only X:2 and Y:3:100,
391 and X:2 beats Y:3:100, and so speaker 4 implicitly updates its route to
392 speaker 5 to X:2. Speaker 5 sees that Y:1:200 beats X:2 based on the ID,
393 and advertises Y:1:200 to speaker 4, and the cycle continues.
395 The root cause is the lack of a clear order of preference caused by how MED
396 sometimes is and sometimes is not compared, leading to this cycle in the
397 preferences between the routes:
401 /---> X:2 ---beats---> Y:3:100 --\
404 \---beats--- Y:1:200 <---beats---/
408 This particular type of oscillation in full-mesh iBGP topologies can be
409 avoided by speakers preferring already selected, external routes rather than
410 choosing to update to new a route based on a post-MED metric (e.g.
411 router-ID), at the cost of a non-deterministic selection process. Frr
412 implements this, as do many other implementations, so long as it is not
413 overridden by setting @ref{bgp bestpath compare-routerid}, and see also
414 @ref{BGP decision process}, .
416 However, more complex and insidious cycles of oscillation are possible with
417 iBGP route-reflection, which are not so easily avoided. These have been
418 documented in various places. See, e.g., @cite{McPherson, D. and Gill, V.
419 and Walton, D., "Border Gateway Protocol (BGP) Persistent Route Oscillation
420 Condition", IETF RFC3345}, and @cite{Flavel, A. and M. Roughan, "Stable
421 and flexible iBGP", ACM SIGCOMM 2009}, and @cite{Griffin, T. and G. Wilfong,
422 "On the correctness of IBGP configuration", ACM SIGCOMM 2002} for concrete
423 examples and further references.
425 There is as of this writing @emph{no} known way to use MED for its original
426 purpose; @emph{and} reduce routing information in iBGP topologies;
427 @emph{and} be sure to avoid the instability problems of MED due the
428 non-transitive routing preferences it can induce; in general on arbitrary
431 There may be iBGP topology specific ways to reduce the instability risks,
432 even while using MED, e.g.@: by constraining the reflection topology and by
433 tuning IGP costs between route-reflector clusters, see RFC3345 for details.
434 In the near future, the Add-Path extension to BGP may also solve MED
435 oscillation while still allowing MED to be used as intended, by distributing
436 "best-paths per neighbour AS". This would be at the cost of distributing at
437 least as many routes to all speakers as a full-mesh iBGP would, if not more,
438 while also imposing similar CPU overheads as the "Deterministic MED" feature
439 at each Add-Path reflector.
441 More generally, the instability problems that MED can introduce on more
442 complex, non-full-mesh, iBGP topologies may be avoided either by:
447 Setting @ref{bgp always-compare-med}, however this allows MED to be compared
448 across values set by different neighbour ASes, which may not produce
449 coherent desirable results, of itself.
452 Effectively ignoring MED by setting MED to the same value (e.g.@: 0) using
453 @ref{routemap set metric} on all received routes, in combination with
454 setting @ref{bgp always-compare-med} on all speakers. This is the simplest
455 and most performant way to avoid MED oscillation issues, where an AS is happy
456 not to allow neighbours to inject this problematic metric.
460 As MED is evaluated after the AS_PATH length check, another possible use for
461 MED is for intra-AS steering of routes with equal AS_PATH length, as an
462 extension of the last case above. As MED is evaluated before IGP metric,
463 this can allow cold-potato routing to be implemented to send traffic to
464 preferred hand-offs with neighbours, rather than the closest hand-off
465 according to the IGP metric.
467 Note that even if action is taken to address the MED non-transitivity
468 issues, other oscillations may still be possible. E.g., on IGP cost if
469 iBGP and IGP topologies are at cross-purposes with each other - see the
470 Flavel and Roughan paper above for an example. Hence the guideline that the
471 iBGP topology should follow the IGP topology.
473 @deffn {BGP} {bgp deterministic-med} {}
474 @anchor{bgp deterministic-med}
476 Carry out route-selection in way that produces deterministic answers
477 locally, even in the face of MED and the lack of a well-defined order of
478 preference it can induce on routes. Without this option the preferred route
479 with MED may be determined largely by the order that routes were received
482 Setting this option will have a performance cost that may be noticeable when
483 there are many routes for each destination. Currently in Frr it is
484 implemented in a way that scales poorly as the number of routes per
485 destination increases.
487 The default is that this option is not set.
490 Note that there are other sources of indeterminism in the route selection
491 process, specifically, the preference for older and already selected routes
492 from eBGP peers, @xref{BGP decision process}.
494 @deffn {BGP} {bgp always-compare-med} {}
495 @anchor{bgp always-compare-med}
497 Always compare the MED on routes, even when they were received from
498 different neighbouring ASes. Setting this option makes the order of
499 preference of routes more defined, and should eliminate MED induced
502 If using this option, it may also be desirable to use @ref{routemap set
503 metric} to set MED to 0 on routes received from external neighbours.
505 This option can be used, together with @ref{routemap set metric} to use MED
506 as an intra-AS metric to steer equal-length AS_PATH routes to, e.g., desired
517 * Route Aggregation::
518 * Redistribute to BGP::
522 @subsection BGP route
524 @deffn {BGP} {network @var{A.B.C.D/M}} {}
525 This command adds the announcement network.
529 address-family ipv4 unicast
534 This configuration example says that network 10.0.0.0/8 will be
535 announced to all neighbors. Some vendors' routers don't advertise
536 routes if they aren't present in their IGP routing tables; @code{bgpd}
537 doesn't care about IGP routes when announcing its routes.
540 @deffn {BGP} {no network @var{A.B.C.D/M}} {}
543 @node Route Aggregation
544 @subsection Route Aggregation
546 @deffn {BGP} {aggregate-address @var{A.B.C.D/M}} {}
547 This command specifies an aggregate address.
550 @deffn {BGP} {aggregate-address @var{A.B.C.D/M} as-set} {}
551 This command specifies an aggregate address. Resulting routes include
555 @deffn {BGP} {aggregate-address @var{A.B.C.D/M} summary-only} {}
556 This command specifies an aggregate address. Aggreated routes will
560 @deffn {BGP} {no aggregate-address @var{A.B.C.D/M}} {}
563 @node Redistribute to BGP
564 @subsection Redistribute to BGP
566 @deffn {BGP} {redistribute kernel} {}
567 Redistribute kernel route to BGP process.
570 @deffn {BGP} {redistribute static} {}
571 Redistribute static route to BGP process.
574 @deffn {BGP} {redistribute connected} {}
575 Redistribute connected route to BGP process.
578 @deffn {BGP} {redistribute rip} {}
579 Redistribute RIP route to BGP process.
582 @deffn {BGP} {redistribute ospf} {}
583 Redistribute OSPF route to BGP process.
586 @deffn {BGP} {redistribute vpn} {}
587 Redistribute VNC routes to BGP process.
590 @deffn {BGP} {update-delay @var{max-delay}} {}
591 @deffnx {BGP} {update-delay @var{max-delay} @var{establish-wait}} {}
592 This feature is used to enable read-only mode on BGP process restart or when
593 BGP process is cleared using 'clear ip bgp *'. When applicable, read-only mode
594 would begin as soon as the first peer reaches Established status and a timer
595 for max-delay seconds is started.
597 During this mode BGP doesn't run any best-path or generate any updates to its
598 peers. This mode continues until:
599 1. All the configured peers, except the shutdown peers, have sent explicit EOR
600 (End-Of-RIB) or an implicit-EOR. The first keep-alive after BGP has reached
601 Established is considered an implicit-EOR.
602 If the establish-wait optional value is given, then BGP will wait for
603 peers to reach established from the begining of the update-delay till the
604 establish-wait period is over, i.e. the minimum set of established peers for
605 which EOR is expected would be peers established during the establish-wait
606 window, not necessarily all the configured neighbors.
607 2. max-delay period is over.
608 On hitting any of the above two conditions, BGP resumes the decision process
609 and generates updates to its peers.
611 Default max-delay is 0, i.e. the feature is off by default.
614 @deffn {BGP} {table-map @var{route-map-name}} {}
615 This feature is used to apply a route-map on route updates from BGP to Zebra.
616 All the applicable match operations are allowed, such as match on prefix,
617 next-hop, communities, etc. Set operations for this attach-point are limited
618 to metric and next-hop only. Any operation of this feature does not affect
621 Supported for ipv4 and ipv6 address families. It works on multi-paths as well,
622 however, metric setting is based on the best-path only.
630 * BGP Peer commands::
635 @subsection Defining Peer
637 @deffn {BGP} {neighbor @var{peer} remote-as @var{asn}} {}
638 Creates a new neighbor whose remote-as is @var{asn}. @var{peer}
639 can be an IPv4 address or an IPv6 address.
643 neighbor 10.0.0.1 remote-as 2
646 In this case my router, in AS-1, is trying to peer with AS-2 at
649 This command must be the first command used when configuring a neighbor.
650 If the remote-as is not specified, @command{bgpd} will complain like this:
652 can't find neighbor 10.0.0.1
656 @node BGP Peer commands
657 @subsection BGP Peer commands
659 In a @code{router bgp} clause there are neighbor specific configurations
662 @deffn {BGP} {neighbor @var{peer} shutdown} {}
663 @deffnx {BGP} {no neighbor @var{peer} shutdown} {}
664 Shutdown the peer. We can delete the neighbor's configuration by
665 @code{no neighbor @var{peer} remote-as @var{as-number}} but all
666 configuration of the neighbor will be deleted. When you want to
667 preserve the configuration, but want to drop the BGP peer, use this
671 @deffn {BGP} {neighbor @var{peer} ebgp-multihop} {}
672 @deffnx {BGP} {no neighbor @var{peer} ebgp-multihop} {}
675 @deffn {BGP} {neighbor @var{peer} description ...} {}
676 @deffnx {BGP} {no neighbor @var{peer} description ...} {}
677 Set description of the peer.
680 @deffn {BGP} {neighbor @var{peer} version @var{version}} {}
681 Set up the neighbor's BGP version. @var{version} can be @var{4},
682 @var{4+} or @var{4-}. BGP version @var{4} is the default value used for
683 BGP peering. BGP version @var{4+} means that the neighbor supports
684 Multiprotocol Extensions for BGP-4. BGP version @var{4-} is similar but
685 the neighbor speaks the old Internet-Draft revision 00's Multiprotocol
686 Extensions for BGP-4. Some routing software is still using this
690 @deffn {BGP} {neighbor @var{peer} interface @var{ifname}} {}
691 @deffnx {BGP} {no neighbor @var{peer} interface @var{ifname}} {}
692 When you connect to a BGP peer over an IPv6 link-local address, you
693 have to specify the @var{ifname} of the interface used for the
694 connection. To specify IPv4 session addresses, see the
695 @code{neighbor @var{peer} update-source} command below.
697 This command is deprecated and may be removed in a future release. Its
698 use should be avoided.
701 @deffn {BGP} {neighbor @var{peer} next-hop-self [all]} {}
702 @deffnx {BGP} {no neighbor @var{peer} next-hop-self [all]} {}
703 This command specifies an announced route's nexthop as being equivalent
704 to the address of the bgp router if it is learned via eBGP.
705 If the optional keyword @code{all} is specified the modifiation is done
706 also for routes learned via iBGP.
709 @deffn {BGP} {neighbor @var{peer} update-source @var{<ifname|address>}} {}
710 @deffnx {BGP} {no neighbor @var{peer} update-source} {}
711 Specify the IPv4 source address to use for the @acronym{BGP} session to this
712 neighbour, may be specified as either an IPv4 address directly or
713 as an interface name (in which case the @command{zebra} daemon MUST be running
714 in order for @command{bgpd} to be able to retrieve interface state).
718 neighbor foo update-source 192.168.0.1
719 neighbor bar update-source lo0
724 @deffn {BGP} {neighbor @var{peer} default-originate} {}
725 @deffnx {BGP} {no neighbor @var{peer} default-originate} {}
726 @command{bgpd}'s default is to not announce the default route (0.0.0.0/0) even it
727 is in routing table. When you want to announce default routes to the
728 peer, use this command.
731 @deffn {BGP} {neighbor @var{peer} port @var{port}} {}
732 @deffnx {BGP} {neighbor @var{peer} port @var{port}} {}
735 @deffn {BGP} {neighbor @var{peer} send-community} {}
736 @deffnx {BGP} {neighbor @var{peer} send-community} {}
739 @deffn {BGP} {neighbor @var{peer} weight @var{weight}} {}
740 @deffnx {BGP} {no neighbor @var{peer} weight @var{weight}} {}
741 This command specifies a default @var{weight} value for the neighbor's
745 @deffn {BGP} {neighbor @var{peer} maximum-prefix @var{number}} {}
746 @deffnx {BGP} {no neighbor @var{peer} maximum-prefix @var{number}} {}
749 @deffn {BGP} {neighbor @var{peer} local-as @var{as-number}} {}
750 @deffnx {BGP} {neighbor @var{peer} local-as @var{as-number} no-prepend} {}
751 @deffnx {BGP} {neighbor @var{peer} local-as @var{as-number} no-prepend replace-as} {}
752 @deffnx {BGP} {no neighbor @var{peer} local-as} {}
753 Specify an alternate AS for this BGP process when interacting with the
754 specified peer. With no modifiers, the specified local-as is prepended to
755 the received AS_PATH when receiving routing updates from the peer, and
756 prepended to the outgoing AS_PATH (after the process local AS) when
757 transmitting local routes to the peer.
759 If the no-prepend attribute is specified, then the supplied local-as is not
760 prepended to the received AS_PATH.
762 If the replace-as attribute is specified, then only the supplied local-as is
763 prepended to the AS_PATH when transmitting local-route updates to this peer.
765 Note that replace-as can only be specified if no-prepend is.
767 This command is only allowed for eBGP peers.
770 @deffn {BGP} {neighbor @var{peer} ttl-security hops @var{number}} {}
771 @deffnx {BGP} {no neighbor @var{peer} ttl-security hops @var{number}} {}
772 This command enforces Generalized TTL Security Mechanism (GTSM), as
773 specified in RFC 5082. With this command, only neighbors that are the
774 specified number of hops away will be allowed to become neighbors. This
775 command is mututally exclusive with @command{ebgp-multihop}.
779 @subsection Peer filtering
781 @deffn {BGP} {neighbor @var{peer} distribute-list @var{name} [in|out]} {}
782 This command specifies a distribute-list for the peer. @var{direct} is
783 @samp{in} or @samp{out}.
786 @deffn {BGP command} {neighbor @var{peer} prefix-list @var{name} [in|out]} {}
789 @deffn {BGP command} {neighbor @var{peer} filter-list @var{name} [in|out]} {}
792 @deffn {BGP} {neighbor @var{peer} route-map @var{name} [in|out]} {}
793 Apply a route-map on the neighbor. @var{direct} must be @code{in} or
797 @deffn {BGP} {bgp route-reflector allow-outbound-policy} {}
798 By default, attribute modification via route-map policy out is not reflected
799 on reflected routes. This option allows the modifications to be reflected as
800 well. Once enabled, it affects all reflected routes.
803 @c -----------------------------------------------------------------------
805 @section BGP Peer Group
807 @deffn {BGP} {neighbor @var{word} peer-group} {}
808 This command defines a new peer group.
811 @deffn {BGP} {neighbor @var{peer} peer-group @var{word}} {}
812 This command bind specific peer to peer group @var{word}.
815 @node BGP Address Family
816 @section BGP Address Family
818 Multiprotocol BGP enables BGP to carry routing information for multiple
819 Network Layer protocols. BGP supports multiple Address Family
820 Identifier (AFI), namely IPv4 and IPv6. Support is also provided for
821 multiple sets of per-AFI information via Subsequent Address Family
822 Identifiers (SAFI). In addition to unicast information, VPN information
823 @cite{RFC4364} and @cite{RFC4659}, and Encapsulation information
824 @cite{RFC5512} is supported.
826 @deffn {Command} {show ip bgp vpnv4 all} {}
827 @deffnx {Command} {show ipv6 bgp vpn all} {}
828 Print active IPV4 or IPV6 routes advertised via the VPN SAFI.
831 @deffn {Command} {show ip bgp encap all} {}
832 @deffnx {Command} {show ipv6 bgp encap all} {}
833 Print active IPV4 or IPV6 routes advertised via the Encapsulation SAFI.
836 @deffn {Command} {show bgp ipv4 encap summary} {}
837 @deffnx {Command} {show bgp ipv4 vpn summary} {}
838 @deffnx {Command} {show bgp ipv6 encap summary} {}
839 @deffnx {Command} {show bgp ipv6 vpn summary} {}
840 Print a summary of neighbor connections for the specified AFI/SAFI combination.
843 @c -----------------------------------------------------------------------
844 @node Autonomous System
845 @section Autonomous System
847 The @acronym{AS,Autonomous System} number is one of the essential
848 element of BGP. BGP is a distance vector routing protocol, and the
849 AS-Path framework provides distance vector metric and loop detection to
850 BGP. @cite{RFC1930, Guidelines for creation, selection, and
851 registration of an Autonomous System (AS)} provides some background on
852 the concepts of an AS.
854 The AS number is a two octet value, ranging in value from 1 to 65535.
855 The AS numbers 64512 through 65535 are defined as private AS numbers.
856 Private AS numbers must not to be advertised in the global Internet.
859 * AS Path Regular Expression::
860 * Display BGP Routes by AS Path::
861 * AS Path Access List::
862 * Using AS Path in Route Map::
863 * Private AS Numbers::
866 @node AS Path Regular Expression
867 @subsection AS Path Regular Expression
869 AS path regular expression can be used for displaying BGP routes and
870 AS path access list. AS path regular expression is based on
871 @code{POSIX 1003.2} regular expressions. Following description is
872 just a subset of @code{POSIX} regular expression. User can use full
873 @code{POSIX} regular expression. Adding to that special character '_'
874 is added for AS path regular expression.
878 Matches any single character.
880 Matches 0 or more occurrences of pattern.
882 Matches 1 or more occurrences of pattern.
884 Match 0 or 1 occurrences of pattern.
886 Matches the beginning of the line.
888 Matches the end of the line.
890 Character @code{_} has special meanings in AS path regular expression.
891 It matches to space and comma , and AS set delimiter @{ and @} and AS
892 confederation delimiter @code{(} and @code{)}. And it also matches to
893 the beginning of the line and the end of the line. So @code{_} can be
894 used for AS value boundaries match. @code{show ip bgp regexp _7675_}
895 matches to all of BGP routes which as AS number include @var{7675}.
898 @node Display BGP Routes by AS Path
899 @subsection Display BGP Routes by AS Path
901 To show BGP routes which has specific AS path information @code{show
902 ip bgp} command can be used.
904 @deffn Command {show ip bgp regexp @var{line}} {}
905 This commands display BGP routes that matches AS path regular
906 expression @var{line}.
909 @node AS Path Access List
910 @subsection AS Path Access List
912 AS path access list is user defined AS path.
914 @deffn {Command} {ip as-path access-list @var{word} @{permit|deny@} @var{line}} {}
915 This command defines a new AS path access list.
918 @deffn {Command} {no ip as-path access-list @var{word}} {}
919 @deffnx {Command} {no ip as-path access-list @var{word} @{permit|deny@} @var{line}} {}
922 @node Using AS Path in Route Map
923 @subsection Using AS Path in Route Map
925 @deffn {Route Map} {match as-path @var{word}} {}
928 @deffn {Route Map} {set as-path prepend @var{as-path}} {}
929 Prepend the given string of AS numbers to the AS_PATH.
932 @deffn {Route Map} {set as-path prepend last-as @var{num}} {}
933 Prepend the existing last AS number (the leftmost ASN) to the AS_PATH.
936 @node Private AS Numbers
937 @subsection Private AS Numbers
939 @c -----------------------------------------------------------------------
940 @node BGP Communities Attribute
941 @section BGP Communities Attribute
943 BGP communities attribute is widely used for implementing policy
944 routing. Network operators can manipulate BGP communities attribute
945 based on their network policy. BGP communities attribute is defined
946 in @cite{RFC1997, BGP Communities Attribute} and
947 @cite{RFC1998, An Application of the BGP Community Attribute
948 in Multi-home Routing}. It is an optional transitive attribute,
949 therefore local policy can travel through different autonomous system.
951 Communities attribute is a set of communities values. Each
952 communities value is 4 octet long. The following format is used to
953 define communities value.
957 This format represents 4 octet communities value. @code{AS} is high
958 order 2 octet in digit format. @code{VAL} is low order 2 octet in
959 digit format. This format is useful to define AS oriented policy
960 value. For example, @code{7675:80} can be used when AS 7675 wants to
961 pass local policy value 80 to neighboring peer.
963 @code{internet} represents well-known communities value 0.
965 @code{no-export} represents well-known communities value @code{NO_EXPORT}@*
966 @r{(0xFFFFFF01)}. All routes carry this value must not be advertised
967 to outside a BGP confederation boundary. If neighboring BGP peer is
968 part of BGP confederation, the peer is considered as inside a BGP
969 confederation boundary, so the route will be announced to the peer.
971 @code{no-advertise} represents well-known communities value
972 @code{NO_ADVERTISE}@*@r{(0xFFFFFF02)}. All routes carry this value
973 must not be advertise to other BGP peers.
975 @code{local-AS} represents well-known communities value
976 @code{NO_EXPORT_SUBCONFED} @r{(0xFFFFFF03)}. All routes carry this
977 value must not be advertised to external BGP peers. Even if the
978 neighboring router is part of confederation, it is considered as
979 external BGP peer, so the route will not be announced to the peer.
982 When BGP communities attribute is received, duplicated communities
983 value in the communities attribute is ignored and each communities
984 values are sorted in numerical order.
987 * BGP Community Lists::
988 * Numbered BGP Community Lists::
989 * BGP Community in Route Map::
990 * Display BGP Routes by Community::
991 * Using BGP Communities Attribute::
994 @node BGP Community Lists
995 @subsection BGP Community Lists
997 BGP community list is a user defined BGP communites attribute list.
998 BGP community list can be used for matching or manipulating BGP
999 communities attribute in updates.
1001 There are two types of community list. One is standard community
1002 list and another is expanded community list. Standard community list
1003 defines communities attribute. Expanded community list defines
1004 communities attribute string with regular expression. Standard
1005 community list is compiled into binary format when user define it.
1006 Standard community list will be directly compared to BGP communities
1007 attribute in BGP updates. Therefore the comparison is faster than
1008 expanded community list.
1010 @deffn Command {ip community-list standard @var{name} @{permit|deny@} @var{community}} {}
1011 This command defines a new standard community list. @var{community}
1012 is communities value. The @var{community} is compiled into community
1013 structure. We can define multiple community list under same name. In
1014 that case match will happen user defined order. Once the
1015 community list matches to communities attribute in BGP updates it
1016 return permit or deny by the community list definition. When there is
1017 no matched entry, deny will be returned. When @var{community} is
1018 empty it matches to any routes.
1021 @deffn Command {ip community-list expanded @var{name} @{permit|deny@} @var{line}} {}
1022 This command defines a new expanded community list. @var{line} is a
1023 string expression of communities attribute. @var{line} can include
1024 regular expression to match communities attribute in BGP updates.
1027 @deffn Command {no ip community-list @var{name}} {}
1028 @deffnx Command {no ip community-list standard @var{name}} {}
1029 @deffnx Command {no ip community-list expanded @var{name}} {}
1030 These commands delete community lists specified by @var{name}. All of
1031 community lists shares a single name space. So community lists can be
1032 removed simpley specifying community lists name.
1035 @deffn {Command} {show ip community-list} {}
1036 @deffnx {Command} {show ip community-list @var{name}} {}
1037 This command display current community list information. When
1038 @var{name} is specified the specified community list's information is
1042 # show ip community-list
1043 Named Community standard list CLIST
1044 permit 7675:80 7675:100 no-export
1046 Named Community expanded list EXPAND
1049 # show ip community-list CLIST
1050 Named Community standard list CLIST
1051 permit 7675:80 7675:100 no-export
1056 @node Numbered BGP Community Lists
1057 @subsection Numbered BGP Community Lists
1059 When number is used for BGP community list name, the number has
1060 special meanings. Community list number in the range from 1 and 99 is
1061 standard community list. Community list number in the range from 100
1062 to 199 is expanded community list. These community lists are called
1063 as numbered community lists. On the other hand normal community lists
1064 is called as named community lists.
1066 @deffn Command {ip community-list <1-99> @{permit|deny@} @var{community}} {}
1067 This command defines a new community list. <1-99> is standard
1068 community list number. Community list name within this range defines
1069 standard community list. When @var{community} is empty it matches to
1073 @deffn Command {ip community-list <100-199> @{permit|deny@} @var{community}} {}
1074 This command defines a new community list. <100-199> is expanded
1075 community list number. Community list name within this range defines
1076 expanded community list.
1079 @deffn Command {ip community-list @var{name} @{permit|deny@} @var{community}} {}
1080 When community list type is not specifed, the community list type is
1081 automatically detected. If @var{community} can be compiled into
1082 communities attribute, the community list is defined as a standard
1083 community list. Otherwise it is defined as an expanded community
1084 list. This feature is left for backward compability. Use of this
1085 feature is not recommended.
1088 @node BGP Community in Route Map
1089 @subsection BGP Community in Route Map
1091 In Route Map (@pxref{Route Map}), we can match or set BGP
1092 communities attribute. Using this feature network operator can
1093 implement their network policy based on BGP communities attribute.
1095 Following commands can be used in Route Map.
1097 @deffn {Route Map} {match community @var{word}} {}
1098 @deffnx {Route Map} {match community @var{word} exact-match} {}
1099 This command perform match to BGP updates using community list
1100 @var{word}. When the one of BGP communities value match to the one of
1101 communities value in community list, it is match. When
1102 @code{exact-match} keyword is spcified, match happen only when BGP
1103 updates have completely same communities value specified in the
1107 @deffn {Route Map} {set community none} {}
1108 @deffnx {Route Map} {set community @var{community}} {}
1109 @deffnx {Route Map} {set community @var{community} additive} {}
1110 This command manipulate communities value in BGP updates. When
1111 @code{none} is specified as communities value, it removes entire
1112 communities attribute from BGP updates. When @var{community} is not
1113 @code{none}, specified communities value is set to BGP updates. If
1114 BGP updates already has BGP communities value, the existing BGP
1115 communities value is replaced with specified @var{community} value.
1116 When @code{additive} keyword is specified, @var{community} is appended
1117 to the existing communities value.
1120 @deffn {Route Map} {set comm-list @var{word} delete} {}
1121 This command remove communities value from BGP communities attribute.
1122 The @var{word} is community list name. When BGP route's communities
1123 value matches to the community list @var{word}, the communities value
1124 is removed. When all of communities value is removed eventually, the
1125 BGP update's communities attribute is completely removed.
1128 @node Display BGP Routes by Community
1129 @subsection Display BGP Routes by Community
1131 To show BGP routes which has specific BGP communities attribute,
1132 @code{show ip bgp} command can be used. The @var{community} value and
1133 community list can be used for @code{show ip bgp} command.
1135 @deffn Command {show ip bgp community} {}
1136 @deffnx Command {show ip bgp community @var{community}} {}
1137 @deffnx Command {show ip bgp community @var{community} exact-match} {}
1138 @code{show ip bgp community} displays BGP routes which has communities
1139 attribute. When @var{community} is specified, BGP routes that matches
1140 @var{community} value is displayed. For this command, @code{internet}
1141 keyword can't be used for @var{community} value. When
1142 @code{exact-match} is specified, it display only routes that have an
1146 @deffn Command {show ip bgp community-list @var{word}} {}
1147 @deffnx Command {show ip bgp community-list @var{word} exact-match} {}
1148 This commands display BGP routes that matches community list
1149 @var{word}. When @code{exact-match} is specified, display only routes
1150 that have an exact match.
1153 @node Using BGP Communities Attribute
1154 @subsection Using BGP Communities Attribute
1156 Following configuration is the most typical usage of BGP communities
1157 attribute. AS 7675 provides upstream Internet connection to AS 100.
1158 When following configuration exists in AS 7675, AS 100 networks
1159 operator can set local preference in AS 7675 network by setting BGP
1160 communities attribute to the updates.
1164 neighbor 192.168.0.1 remote-as 100
1165 address-family ipv4 unicast
1166 neighbor 192.168.0.1 route-map RMAP in
1169 ip community-list 70 permit 7675:70
1170 ip community-list 70 deny
1171 ip community-list 80 permit 7675:80
1172 ip community-list 80 deny
1173 ip community-list 90 permit 7675:90
1174 ip community-list 90 deny
1176 route-map RMAP permit 10
1178 set local-preference 70
1180 route-map RMAP permit 20
1182 set local-preference 80
1184 route-map RMAP permit 30
1186 set local-preference 90
1189 Following configuration announce 10.0.0.0/8 from AS 100 to AS 7675.
1190 The route has communities value 7675:80 so when above configuration
1191 exists in AS 7675, announced route's local preference will be set to
1197 neighbor 192.168.0.2 remote-as 7675
1198 address-family ipv4 unicast
1199 neighbor 192.168.0.2 route-map RMAP out
1202 ip prefix-list PLIST permit 10.0.0.0/8
1204 route-map RMAP permit 10
1205 match ip address prefix-list PLIST
1206 set community 7675:80
1209 Following configuration is an example of BGP route filtering using
1210 communities attribute. This configuration only permit BGP routes
1211 which has BGP communities value 0:80 or 0:90. Network operator can
1212 put special internal communities value at BGP border router, then
1213 limit the BGP routes announcement into the internal network.
1217 neighbor 192.168.0.1 remote-as 100
1218 address-family ipv4 unicast
1219 neighbor 192.168.0.1 route-map RMAP in
1222 ip community-list 1 permit 0:80 0:90
1224 route-map RMAP permit in
1228 Following exmaple filter BGP routes which has communities value 1:1.
1229 When there is no match community-list returns deny. To avoid
1230 filtering all of routes, we need to define permit any at last.
1234 neighbor 192.168.0.1 remote-as 100
1235 address-family ipv4 unicast
1236 neighbor 192.168.0.1 route-map RMAP in
1239 ip community-list standard FILTER deny 1:1
1240 ip community-list standard FILTER permit
1242 route-map RMAP permit 10
1243 match community FILTER
1246 Communities value keyword @code{internet} has special meanings in
1247 standard community lists. In below example @code{internet} act as
1248 match any. It matches all of BGP routes even if the route does not
1249 have communities attribute at all. So community list @code{INTERNET}
1250 is same as above example's @code{FILTER}.
1253 ip community-list standard INTERNET deny 1:1
1254 ip community-list standard INTERNET permit internet
1257 Following configuration is an example of communities value deletion.
1258 With this configuration communities value 100:1 and 100:2 is removed
1259 from BGP updates. For communities value deletion, only @code{permit}
1260 community-list is used. @code{deny} community-list is ignored.
1264 neighbor 192.168.0.1 remote-as 100
1265 address-family ipv4 unicast
1266 neighbor 192.168.0.1 route-map RMAP in
1269 ip community-list standard DEL permit 100:1 100:2
1271 route-map RMAP permit 10
1272 set comm-list DEL delete
1275 @c -----------------------------------------------------------------------
1276 @node BGP Extended Communities Attribute
1277 @section BGP Extended Communities Attribute
1279 BGP extended communities attribute is introduced with MPLS VPN/BGP
1280 technology. MPLS VPN/BGP expands capability of network infrastructure
1281 to provide VPN functionality. At the same time it requires a new
1282 framework for policy routing. With BGP Extended Communities Attribute
1283 we can use Route Target or Site of Origin for implementing network
1284 policy for MPLS VPN/BGP.
1286 BGP Extended Communities Attribute is similar to BGP Communities
1287 Attribute. It is an optional transitive attribute. BGP Extended
1288 Communities Attribute can carry multiple Extended Community value.
1289 Each Extended Community value is eight octet length.
1291 BGP Extended Communities Attribute provides an extended range
1292 compared with BGP Communities Attribute. Adding to that there is a
1293 type field in each value to provides community space structure.
1295 There are two format to define Extended Community value. One is AS
1296 based format the other is IP address based format.
1300 This is a format to define AS based Extended Community value.
1301 @code{AS} part is 2 octets Global Administrator subfield in Extended
1302 Community value. @code{VAL} part is 4 octets Local Administrator
1303 subfield. @code{7675:100} represents AS 7675 policy value 100.
1304 @item IP-Address:VAL
1305 This is a format to define IP address based Extended Community value.
1306 @code{IP-Address} part is 4 octets Global Administrator subfield.
1307 @code{VAL} part is 2 octets Local Administrator subfield.
1308 @code{10.0.0.1:100} represents
1312 * BGP Extended Community Lists::
1313 * BGP Extended Communities in Route Map::
1316 @node BGP Extended Community Lists
1317 @subsection BGP Extended Community Lists
1319 Expanded Community Lists is a user defined BGP Expanded Community
1322 @deffn Command {ip extcommunity-list standard @var{name} @{permit|deny@} @var{extcommunity}} {}
1323 This command defines a new standard extcommunity-list.
1324 @var{extcommunity} is extended communities value. The
1325 @var{extcommunity} is compiled into extended community structure. We
1326 can define multiple extcommunity-list under same name. In that case
1327 match will happen user defined order. Once the extcommunity-list
1328 matches to extended communities attribute in BGP updates it return
1329 permit or deny based upon the extcommunity-list definition. When
1330 there is no matched entry, deny will be returned. When
1331 @var{extcommunity} is empty it matches to any routes.
1334 @deffn Command {ip extcommunity-list expanded @var{name} @{permit|deny@} @var{line}} {}
1335 This command defines a new expanded extcommunity-list. @var{line} is
1336 a string expression of extended communities attribute. @var{line} can
1337 include regular expression to match extended communities attribute in
1341 @deffn Command {no ip extcommunity-list @var{name}} {}
1342 @deffnx Command {no ip extcommunity-list standard @var{name}} {}
1343 @deffnx Command {no ip extcommunity-list expanded @var{name}} {}
1344 These commands delete extended community lists specified by
1345 @var{name}. All of extended community lists shares a single name
1346 space. So extended community lists can be removed simpley specifying
1350 @deffn {Command} {show ip extcommunity-list} {}
1351 @deffnx {Command} {show ip extcommunity-list @var{name}} {}
1352 This command display current extcommunity-list information. When
1353 @var{name} is specified the community list's information is shown.
1356 # show ip extcommunity-list
1360 @node BGP Extended Communities in Route Map
1361 @subsection BGP Extended Communities in Route Map
1363 @deffn {Route Map} {match extcommunity @var{word}} {}
1366 @deffn {Route Map} {set extcommunity rt @var{extcommunity}} {}
1367 This command set Route Target value.
1370 @deffn {Route Map} {set extcommunity soo @var{extcommunity}} {}
1371 This command set Site of Origin value.
1374 @c -----------------------------------------------------------------------
1375 @node Displaying BGP routes
1376 @section Displaying BGP Routes
1380 * More Show IP BGP::
1384 @subsection Show IP BGP
1386 @deffn {Command} {show ip bgp} {}
1387 @deffnx {Command} {show ip bgp @var{A.B.C.D}} {}
1388 @deffnx {Command} {show ip bgp @var{X:X::X:X}} {}
1389 This command displays BGP routes. When no route is specified it
1390 display all of IPv4 BGP routes.
1394 BGP table version is 0, local router ID is 10.1.1.1
1395 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
1396 Origin codes: i - IGP, e - EGP, ? - incomplete
1398 Network Next Hop Metric LocPrf Weight Path
1399 *> 1.1.1.1/32 0.0.0.0 0 32768 i
1401 Total number of prefixes 1
1404 @node More Show IP BGP
1405 @subsection More Show IP BGP
1407 @deffn {Command} {show ip bgp regexp @var{line}} {}
1408 This command display BGP routes using AS path regular expression (@pxref{Display BGP Routes by AS Path}).
1411 @deffn Command {show ip bgp community @var{community}} {}
1412 @deffnx Command {show ip bgp community @var{community} exact-match} {}
1413 This command display BGP routes using @var{community} (@pxref{Display
1414 BGP Routes by Community}).
1417 @deffn Command {show ip bgp community-list @var{word}} {}
1418 @deffnx Command {show ip bgp community-list @var{word} exact-match} {}
1419 This command display BGP routes using community list (@pxref{Display
1420 BGP Routes by Community}).
1423 @deffn {Command} {show ip bgp summary} {}
1426 @deffn {Command} {show ip bgp neighbor [@var{peer}]} {}
1429 @deffn {Command} {clear ip bgp @var{peer}} {}
1430 Clear peers which have addresses of X.X.X.X
1433 @deffn {Command} {clear ip bgp @var{peer} soft in} {}
1434 Clear peer using soft reconfiguration.
1437 @deffn {Command} {show ip bgp dampened-paths} {}
1438 Display paths suppressed due to dampening
1441 @deffn {Command} {show ip bgp flap-statistics} {}
1442 Display flap statistics of routes
1445 @deffn {Command} {show debug} {}
1448 @deffn {Command} {debug event} {}
1451 @deffn {Command} {debug update} {}
1454 @deffn {Command} {debug keepalive} {}
1457 @deffn {Command} {no debug event} {}
1460 @deffn {Command} {no debug update} {}
1463 @deffn {Command} {no debug keepalive} {}
1466 @node Capability Negotiation
1467 @section Capability Negotiation
1469 When adding IPv6 routing information exchange feature to BGP. There
1470 were some proposals. @acronym{IETF,Internet Engineering Task Force}
1471 @acronym{IDR, Inter Domain Routing} @acronym{WG, Working group} adopted
1472 a proposal called Multiprotocol Extension for BGP. The specification
1473 is described in @cite{RFC2283}. The protocol does not define new protocols.
1474 It defines new attributes to existing BGP. When it is used exchanging
1475 IPv6 routing information it is called BGP-4+. When it is used for
1476 exchanging multicast routing information it is called MBGP.
1478 @command{bgpd} supports Multiprotocol Extension for BGP. So if remote
1479 peer supports the protocol, @command{bgpd} can exchange IPv6 and/or
1480 multicast routing information.
1482 Traditional BGP did not have the feature to detect remote peer's
1483 capabilities, e.g. whether it can handle prefix types other than IPv4
1484 unicast routes. This was a big problem using Multiprotocol Extension
1485 for BGP to operational network. @cite{RFC2842, Capabilities
1486 Advertisement with BGP-4} adopted a feature called Capability
1487 Negotiation. @command{bgpd} use this Capability Negotiation to detect
1488 the remote peer's capabilities. If the peer is only configured as IPv4
1489 unicast neighbor, @command{bgpd} does not send these Capability
1490 Negotiation packets (at least not unless other optional BGP features
1491 require capability negotation).
1493 By default, Frr will bring up peering with minimal common capability
1494 for the both sides. For example, local router has unicast and
1495 multicast capabilitie and remote router has unicast capability. In
1496 this case, the local router will establish the connection with unicast
1497 only capability. When there are no common capabilities, Frr sends
1498 Unsupported Capability error and then resets the connection.
1500 If you want to completely match capabilities with remote peer. Please
1501 use @command{strict-capability-match} command.
1503 @deffn {BGP} {neighbor @var{peer} strict-capability-match} {}
1504 @deffnx {BGP} {no neighbor @var{peer} strict-capability-match} {}
1505 Strictly compares remote capabilities and local capabilities. If capabilities
1506 are different, send Unsupported Capability error then reset connection.
1509 You may want to disable sending Capability Negotiation OPEN message
1510 optional parameter to the peer when remote peer does not implement
1511 Capability Negotiation. Please use @command{dont-capability-negotiate}
1512 command to disable the feature.
1514 @deffn {BGP} {neighbor @var{peer} dont-capability-negotiate} {}
1515 @deffnx {BGP} {no neighbor @var{peer} dont-capability-negotiate} {}
1516 Suppress sending Capability Negotiation as OPEN message optional
1517 parameter to the peer. This command only affects the peer is configured
1518 other than IPv4 unicast configuration.
1521 When remote peer does not have capability negotiation feature, remote
1522 peer will not send any capabilities at all. In that case, bgp
1523 configures the peer with configured capabilities.
1525 You may prefer locally configured capabilities more than the negotiated
1526 capabilities even though remote peer sends capabilities. If the peer
1527 is configured by @command{override-capability}, @command{bgpd} ignores
1528 received capabilities then override negotiated capabilities with
1531 @deffn {BGP} {neighbor @var{peer} override-capability} {}
1532 @deffnx {BGP} {no neighbor @var{peer} override-capability} {}
1533 Override the result of Capability Negotiation with local configuration.
1534 Ignore remote peer's capability value.
1537 @node Route Reflector
1538 @section Route Reflector
1540 @deffn {BGP} {bgp cluster-id @var{a.b.c.d}} {}
1543 @deffn {BGP} {neighbor @var{peer} route-reflector-client} {}
1544 @deffnx {BGP} {no neighbor @var{peer} route-reflector-client} {}
1548 @section Route Server
1550 At an Internet Exchange point, many ISPs are connected to each other by
1551 external BGP peering. Normally these external BGP connection are done by
1552 @samp{full mesh} method. As with internal BGP full mesh formation,
1553 this method has a scaling problem.
1555 This scaling problem is well known. Route Server is a method to resolve
1556 the problem. Each ISP's BGP router only peers to Route Server. Route
1557 Server serves as BGP information exchange to other BGP routers. By
1558 applying this method, numbers of BGP connections is reduced from
1559 O(n*(n-1)/2) to O(n).
1561 Unlike normal BGP router, Route Server must have several routing tables
1562 for managing different routing policies for each BGP speaker. We call the
1563 routing tables as different @code{view}s. @command{bgpd} can work as
1564 normal BGP router or Route Server or both at the same time.
1567 * Multiple instance::
1568 * BGP instance and view::
1570 * Viewing the view::
1573 @node Multiple instance
1574 @subsection Multiple instance
1576 To enable multiple view function of @code{bgpd}, you must turn on
1577 multiple instance feature beforehand.
1579 @deffn {Command} {bgp multiple-instance} {}
1580 Enable BGP multiple instance feature. After this feature is enabled,
1581 you can make multiple BGP instances or multiple BGP views.
1584 @deffn {Command} {no bgp multiple-instance} {}
1585 Disable BGP multiple instance feature. You can not disable this feature
1586 when BGP multiple instances or views exist.
1589 When you want to make configuration more Cisco like one,
1591 @deffn {Command} {bgp config-type cisco} {}
1592 Cisco compatible BGP configuration output.
1595 When bgp config-type cisco is specified,
1597 ``no synchronization'' is displayed.
1598 ``no auto-summary'' is displayed.
1600 ``network'' and ``aggregate-address'' argument is displayed as
1603 Frr: network 10.0.0.0/8
1604 Cisco: network 10.0.0.0
1606 Frr: aggregate-address 192.168.0.0/24
1607 Cisco: aggregate-address 192.168.0.0 255.255.255.0
1609 Community attribute handling is also different. If there is no
1610 configuration is specified community attribute and extended community
1611 attribute are sent to neighbor. When user manually disable the
1612 feature community attribute is not sent to the neighbor. In case of
1613 @command{bgp config-type cisco} is specified, community attribute is not
1614 sent to the neighbor by default. To send community attribute user has
1615 to specify @command{neighbor A.B.C.D send-community} command.
1620 neighbor 10.0.0.1 remote-as 1
1621 address-family ipv4 unicast
1622 no neighbor 10.0.0.1 send-community
1626 neighbor 10.0.0.1 remote-as 1
1627 address-family ipv4 unicast
1628 neighbor 10.0.0.1 send-community
1633 @deffn {Command} {bgp config-type zebra} {}
1634 Frr style BGP configuration. This is default.
1637 @node BGP instance and view
1638 @subsection BGP instance and view
1640 BGP instance is a normal BGP process. The result of route selection
1641 goes to the kernel routing table. You can setup different AS at the
1642 same time when BGP multiple instance feature is enabled.
1644 @deffn {Command} {router bgp @var{as-number}} {}
1645 Make a new BGP instance. You can use arbitrary word for the @var{name}.
1650 bgp multiple-instance
1653 neighbor 10.0.0.1 remote-as 2
1654 neighbor 10.0.0.2 remote-as 3
1657 neighbor 10.0.0.3 remote-as 4
1658 neighbor 10.0.0.4 remote-as 5
1662 BGP view is almost same as normal BGP process. The result of
1663 route selection does not go to the kernel routing table. BGP view is
1664 only for exchanging BGP routing information.
1666 @deffn {Command} {router bgp @var{as-number} view @var{name}} {}
1667 Make a new BGP view. You can use arbitrary word for the @var{name}. This
1668 view's route selection result does not go to the kernel routing table.
1671 With this command, you can setup Route Server like below.
1675 bgp multiple-instance
1678 neighbor 10.0.0.1 remote-as 2
1679 neighbor 10.0.0.2 remote-as 3
1682 neighbor 10.0.0.3 remote-as 4
1683 neighbor 10.0.0.4 remote-as 5
1687 @node Routing policy
1688 @subsection Routing policy
1690 You can set different routing policy for a peer. For example, you can
1691 set different filter for a peer.
1695 bgp multiple-instance
1698 neighbor 10.0.0.1 remote-as 2
1699 address-family ipv4 unicast
1700 neighbor 10.0.0.1 distribute-list 1 in
1704 neighbor 10.0.0.1 remote-as 2
1705 address-family ipv4 unicast
1706 neighbor 10.0.0.1 distribute-list 2 in
1711 This means BGP update from a peer 10.0.0.1 goes to both BGP view 1 and view
1712 2. When the update is inserted into view 1, distribute-list 1 is
1713 applied. On the other hand, when the update is inserted into view 2,
1714 distribute-list 2 is applied.
1716 @node Viewing the view
1717 @subsection Viewing the view
1719 To display routing table of BGP view, you must specify view name.
1721 @deffn {Command} {show ip bgp view @var{name}} {}
1722 Display routing table of BGP view @var{name}.
1725 @node How to set up a 6-Bone connection
1726 @section How to set up a 6-Bone connection
1734 ! Actually there is no need to configure zebra
1740 ! This means that routes go through zebra and into the kernel.
1744 ! MP-BGP configuration
1747 bgp router-id 10.0.0.1
1748 neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 remote-as @var{as-number}
1751 network 3ffe:506::/32
1752 neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 activate
1753 neighbor 3ffe:1cfa:0:2:2a0:c9ff:fe9e:f56 route-map set-nexthop out
1754 neighbor 3ffe:1cfa:0:2:2c0:4fff:fe68:a231 remote-as @var{as-number}
1755 neighbor 3ffe:1cfa:0:2:2c0:4fff:fe68:a231 route-map set-nexthop out
1758 ipv6 access-list all permit any
1760 ! Set output nexthop address.
1762 route-map set-nexthop permit 10
1763 match ipv6 address all
1764 set ipv6 nexthop global 3ffe:1cfa:0:2:2c0:4fff:fe68:a225
1765 set ipv6 nexthop local fe80::2c0:4fff:fe68:a225
1767 ! logfile FILENAME is obsolete. Please use log file FILENAME
1774 @node Dump BGP packets and table
1775 @section Dump BGP packets and table
1777 @deffn Command {dump bgp all @var{path} [@var{interval}]} {}
1778 @deffnx Command {dump bgp all-et @var{path} [@var{interval}]} {}
1779 @deffnx Command {no dump bgp all [@var{path}] [@var{interval}]} {}
1780 Dump all BGP packet and events to @var{path} file.
1781 If @var{interval} is set, a new file will be created for echo @var{interval} of seconds.
1782 The path @var{path} can be set with date and time formatting (strftime).
1783 The type ‘all-et’ enables support for Extended Timestamp Header (@pxref{Packet Binary Dump Format}).
1784 (@pxref{Packet Binary Dump Format})
1787 @deffn Command {dump bgp updates @var{path} [@var{interval}]} {}
1788 @deffnx Command {dump bgp updates-et @var{path} [@var{interval}]} {}
1789 @deffnx Command {no dump bgp updates [@var{path}] [@var{interval}]} {}
1790 Dump only BGP updates messages to @var{path} file.
1791 If @var{interval} is set, a new file will be created for echo @var{interval} of seconds.
1792 The path @var{path} can be set with date and time formatting (strftime).
1793 The type ‘updates-et’ enables support for Extended Timestamp Header (@pxref{Packet Binary Dump Format}).
1796 @deffn Command {dump bgp routes-mrt @var{path}} {}
1797 @deffnx Command {dump bgp routes-mrt @var{path} @var{interval}} {}
1798 @deffnx Command {no dump bgp route-mrt [@var{path}] [@var{interval}]} {}
1799 Dump whole BGP routing table to @var{path}. This is heavy process.
1800 The path @var{path} can be set with date and time formatting (strftime).
1801 If @var{interval} is set, a new file will be created for echo @var{interval} of seconds.
1804 Note: the interval variable can also be set using hours and minutes: 04h20m00.
1807 @node BGP Configuration Examples
1808 @section BGP Configuration Examples
1810 Example of a session to an upstream, advertising only one prefix to it.
1814 bgp router-id 10.236.87.1
1815 neighbor upstream peer-group
1816 neighbor upstream remote-as 64515
1817 neighbor upstream capability dynamic
1818 neighbor 10.1.1.1 peer-group upstream
1819 neighbor 10.1.1.1 description ACME ISP
1821 address-family ipv4 unicast
1822 network 10.236.87.0/24
1823 neighbor upstream prefix-list pl-allowed-adv out
1826 ip prefix-list pl-allowed-adv seq 5 permit 82.195.133.0/25
1827 ip prefix-list pl-allowed-adv seq 10 deny any
1831 A more complex example. With upstream, peer and customer sessions.
1832 Advertising global prefixes and NO_EXPORT prefixes and providing
1833 actions for customer routes based on community values. Extensive use of
1834 route-maps and the 'call' feature to support selective advertising of
1835 prefixes. This example is intended as guidance only, it has NOT been
1836 tested and almost certainly containts silly mistakes, if not serious
1841 bgp router-id 10.236.87.1
1842 neighbor upstream capability dynamic
1843 neighbor cust capability dynamic
1844 neighbor peer capability dynamic
1845 neighbor 10.1.1.1 remote-as 64515
1846 neighbor 10.1.1.1 peer-group upstream
1847 neighbor 10.2.1.1 remote-as 64516
1848 neighbor 10.2.1.1 peer-group upstream
1849 neighbor 10.3.1.1 remote-as 64517
1850 neighbor 10.3.1.1 peer-group cust-default
1851 neighbor 10.3.1.1 description customer1
1852 neighbor 10.4.1.1 remote-as 64518
1853 neighbor 10.4.1.1 peer-group cust
1854 neighbor 10.4.1.1 description customer2
1855 neighbor 10.5.1.1 remote-as 64519
1856 neighbor 10.5.1.1 peer-group peer
1857 neighbor 10.5.1.1 description peer AS 1
1858 neighbor 10.6.1.1 remote-as 64520
1859 neighbor 10.6.1.1 peer-group peer
1860 neighbor 10.6.1.1 description peer AS 2
1862 address-family ipv4 unicast
1863 network 10.123.456.0/24
1864 network 10.123.456.128/25 route-map rm-no-export
1865 neighbor upstream route-map rm-upstream-out out
1866 neighbor cust route-map rm-cust-in in
1867 neighbor cust route-map rm-cust-out out
1868 neighbor cust send-community both
1869 neighbor peer route-map rm-peer-in in
1870 neighbor peer route-map rm-peer-out out
1871 neighbor peer send-community both
1872 neighbor 10.3.1.1 prefix-list pl-cust1-network in
1873 neighbor 10.4.1.1 prefix-list pl-cust2-network in
1874 neighbor 10.5.1.1 prefix-list pl-peer1-network in
1875 neighbor 10.6.1.1 prefix-list pl-peer2-network in
1878 ip prefix-list pl-default permit 0.0.0.0/0
1880 ip prefix-list pl-upstream-peers permit 10.1.1.1/32
1881 ip prefix-list pl-upstream-peers permit 10.2.1.1/32
1883 ip prefix-list pl-cust1-network permit 10.3.1.0/24
1884 ip prefix-list pl-cust1-network permit 10.3.2.0/24
1886 ip prefix-list pl-cust2-network permit 10.4.1.0/24
1888 ip prefix-list pl-peer1-network permit 10.5.1.0/24
1889 ip prefix-list pl-peer1-network permit 10.5.2.0/24
1890 ip prefix-list pl-peer1-network permit 192.168.0.0/24
1892 ip prefix-list pl-peer2-network permit 10.6.1.0/24
1893 ip prefix-list pl-peer2-network permit 10.6.2.0/24
1894 ip prefix-list pl-peer2-network permit 192.168.1.0/24
1895 ip prefix-list pl-peer2-network permit 192.168.2.0/24
1896 ip prefix-list pl-peer2-network permit 172.16.1/24
1898 ip as-path access-list asp-own-as permit ^$
1899 ip as-path access-list asp-own-as permit _64512_
1901 ! #################################################################
1902 ! Match communities we provide actions for, on routes receives from
1903 ! customers. Communities values of <our-ASN>:X, with X, have actions:
1905 ! 100 - blackhole the prefix
1906 ! 200 - set no_export
1907 ! 300 - advertise only to other customers
1908 ! 400 - advertise only to upstreams
1909 ! 500 - set no_export when advertising to upstreams
1910 ! 2X00 - set local_preference to X00
1912 ! blackhole the prefix of the route
1913 ip community-list standard cm-blackhole permit 64512:100
1915 ! set no-export community before advertising
1916 ip community-list standard cm-set-no-export permit 64512:200
1918 ! advertise only to other customers
1919 ip community-list standard cm-cust-only permit 64512:300
1921 ! advertise only to upstreams
1922 ip community-list standard cm-upstream-only permit 64512:400
1924 ! advertise to upstreams with no-export
1925 ip community-list standard cm-upstream-noexport permit 64512:500
1927 ! set local-pref to least significant 3 digits of the community
1928 ip community-list standard cm-prefmod-100 permit 64512:2100
1929 ip community-list standard cm-prefmod-200 permit 64512:2200
1930 ip community-list standard cm-prefmod-300 permit 64512:2300
1931 ip community-list standard cm-prefmod-400 permit 64512:2400
1932 ip community-list expanded cme-prefmod-range permit 64512:2...
1934 ! Informational communities
1936 ! 3000 - learned from upstream
1937 ! 3100 - learned from customer
1938 ! 3200 - learned from peer
1940 ip community-list standard cm-learnt-upstream permit 64512:3000
1941 ip community-list standard cm-learnt-cust permit 64512:3100
1942 ip community-list standard cm-learnt-peer permit 64512:3200
1944 ! ###################################################################
1945 ! Utility route-maps
1947 ! These utility route-maps generally should not used to permit/deny
1948 ! routes, i.e. they do not have meaning as filters, and hence probably
1949 ! should be used with 'on-match next'. These all finish with an empty
1950 ! permit entry so as not interfere with processing in the caller.
1952 route-map rm-no-export permit 10
1953 set community additive no-export
1954 route-map rm-no-export permit 20
1956 route-map rm-blackhole permit 10
1957 description blackhole, up-pref and ensure it cant escape this AS
1958 set ip next-hop 127.0.0.1
1959 set local-preference 10
1960 set community additive no-export
1961 route-map rm-blackhole permit 20
1963 ! Set local-pref as requested
1964 route-map rm-prefmod permit 10
1965 match community cm-prefmod-100
1966 set local-preference 100
1967 route-map rm-prefmod permit 20
1968 match community cm-prefmod-200
1969 set local-preference 200
1970 route-map rm-prefmod permit 30
1971 match community cm-prefmod-300
1972 set local-preference 300
1973 route-map rm-prefmod permit 40
1974 match community cm-prefmod-400
1975 set local-preference 400
1976 route-map rm-prefmod permit 50
1978 ! Community actions to take on receipt of route.
1979 route-map rm-community-in permit 10
1980 description check for blackholing, no point continuing if it matches.
1981 match community cm-blackhole
1983 route-map rm-community-in permit 20
1984 match community cm-set-no-export
1987 route-map rm-community-in permit 30
1988 match community cme-prefmod-range
1990 route-map rm-community-in permit 40
1992 ! #####################################################################
1993 ! Community actions to take when advertising a route.
1994 ! These are filtering route-maps,
1996 ! Deny customer routes to upstream with cust-only set.
1997 route-map rm-community-filt-to-upstream deny 10
1998 match community cm-learnt-cust
1999 match community cm-cust-only
2000 route-map rm-community-filt-to-upstream permit 20
2002 ! Deny customer routes to other customers with upstream-only set.
2003 route-map rm-community-filt-to-cust deny 10
2004 match community cm-learnt-cust
2005 match community cm-upstream-only
2006 route-map rm-community-filt-to-cust permit 20
2008 ! ###################################################################
2009 ! The top-level route-maps applied to sessions. Further entries could
2010 ! be added obviously..
2013 route-map rm-cust-in permit 10
2014 call rm-community-in
2016 route-map rm-cust-in permit 20
2017 set community additive 64512:3100
2018 route-map rm-cust-in permit 30
2020 route-map rm-cust-out permit 10
2021 call rm-community-filt-to-cust
2023 route-map rm-cust-out permit 20
2025 ! Upstream transit ASes
2026 route-map rm-upstream-out permit 10
2027 description filter customer prefixes which are marked cust-only
2028 call rm-community-filt-to-upstream
2030 route-map rm-upstream-out permit 20
2031 description only customer routes are provided to upstreams/peers
2032 match community cm-learnt-cust
2035 ! outbound policy is same as for upstream
2036 route-map rm-peer-out permit 10
2037 call rm-upstream-out
2039 route-map rm-peer-in permit 10
2040 set community additive 64512:3200