liminfo

BGP Reference

Free reference guide: BGP Reference

26 results

About BGP Reference

The BGP Reference is a structured, searchable cheat sheet for Border Gateway Protocol — the routing protocol that powers the global Internet. Organized into six categories, this reference covers everything a network engineer needs for configuring Cisco IOS-style BGP: starting a BGP process (router bgp ASN), setting the router ID, enabling neighbor logging, advertising networks with network statements, and verifying peering state with show bgp summary. Whether you are configuring BGP for an enterprise edge router, a data center interconnect, or studying for CCNP/CCIE certification, this reference provides accurate syntax and real configuration examples.

The Neighbor and Path Attributes sections are the heart of BGP engineering. Neighbor configuration covers the full set of peer options: neighbor remote-as for establishing sessions, update-source Loopback0 for iBGP stability, ebgp-multihop for non-directly-connected eBGP peers, MD5 password authentication, and Keepalive/Hold timer customization. The Path Attributes section covers the BGP decision process attributes with practical route-map examples: AS_PATH (primary loop prevention and path selection), LOCAL_PREF (inbound path preference within an AS, default 100, higher is preferred), MED/metric (outbound path preference to external AS, lower is preferred), WEIGHT (Cisco-proprietary local preference, highest wins), and COMMUNITY values including well-known communities (no-export, no-advertise, local-AS).

Route filtering is essential for Internet-facing BGP deployments. This reference covers prefix-list filtering with sequence numbers and le/ge range operators, route-map policies that combine match conditions with set actions (perfect for traffic engineering), AS path regex filtering with ip as-path access-list, and maximum-prefix limits with percentage-based warnings to prevent route table explosions. The eBGP section covers standard external peering, GTSM TTL security (ttl-security hops), and conditional default route advertisement. The iBGP section covers loopback-based peering, next-hop-self configuration, Route Reflector setup with route-reflector-client, and BGP Confederation for large autonomous systems.

Key Features

  • Basic Config: router bgp ASN, bgp router-id, bgp log-neighbor-changes, network statements, show bgp summary
  • Neighbor: remote-as, update-source Loopback0, ebgp-multihop, MD5 password authentication, Keepalive/Hold timers
  • Path Attributes: AS_PATH, LOCAL_PREF (higher preferred, default 100), MED (lower preferred), WEIGHT (Cisco), COMMUNITY
  • Filtering: prefix-list with le/ge ranges, route-map with match/set, as-path access-list regex, maximum-prefix with warnings
  • eBGP: standard external peering config, GTSM TTL security (ttl-security hops 1), conditional default-originate
  • iBGP: loopback-based peering, next-hop-self, Route Reflector with route-reflector-client, BGP Confederation
  • All examples use Cisco IOS syntax with realistic ASN and IP address values
  • Category filter for jumping directly to Basic Config, Neighbor, Path Attributes, Filtering, eBGP, or iBGP

Frequently Asked Questions

What is BGP and why is it called the routing protocol of the Internet?

BGP (Border Gateway Protocol) is the only EGP (Exterior Gateway Protocol) in use on the Internet. It is used between autonomous systems (AS) — organizations such as ISPs, enterprises, and content providers — to exchange reachability information about IP prefixes. Every BGP router maintains a table of all prefixes it has learned and selects the best path to each destination based on a multi-attribute decision process. Unlike OSPF or EIGRP which optimize for topology, BGP optimizes for policy — allowing fine-grained control over traffic flows.

What is the difference between eBGP and iBGP?

eBGP (External BGP) peers with routers in different autonomous systems (different AS numbers). iBGP (Internal BGP) peers with routers within the same AS. Key differences: eBGP routes have their next-hop changed to the advertising router; iBGP preserves the original next-hop (requiring next-hop-self or proper IGP reachability). eBGP decrements TTL (default 1 hop); iBGP uses TTL 255. iBGP requires either full mesh between all iBGP peers or a Route Reflector/Confederation to avoid routing loops.

What is LOCAL_PREF and how is it used for traffic engineering?

LOCAL_PREF (Local Preference) is a BGP path attribute shared among iBGP peers within the same AS. It indicates the preferred exit point from the AS to reach a destination. Higher LOCAL_PREF values are preferred (default is 100). By setting LOCAL_PREF to 200 on routes received from a preferred upstream ISP and leaving it at 100 for the backup ISP, you ensure all internal routers exit through the primary link. LOCAL_PREF is not advertised to eBGP peers.

What is the difference between MED and LOCAL_PREF in BGP?

LOCAL_PREF controls outbound traffic (which exit point your AS uses to reach a destination) and is shared only within your AS. MED (Multi-Exit Discriminator) controls inbound traffic (which entry point remote ASes use when entering your AS) and is advertised to directly connected eBGP peers. Lower MED is preferred. MED is typically used when you have multiple connections to the same upstream AS and want to influence which link carries inbound traffic.

How does a BGP Route Reflector work?

Normally iBGP requires full mesh — every iBGP router must peer with every other iBGP router, which scales as O(n^2). A Route Reflector (RR) is an iBGP router that re-advertises routes learned from its clients (route-reflector-client) to other clients and non-client iBGP peers. This reduces the number of iBGP sessions needed. The RR adds ORIGINATOR_ID and CLUSTER_LIST attributes to prevent routing loops. A pair of RRs per cluster provides redundancy.

How do I filter BGP routes with a prefix-list?

Define a prefix-list: ip prefix-list FILTER seq 10 permit 10.0.0.0/8 le 24 allows any prefix within 10.0.0.0/8 up to /24 length. seq 20 deny 0.0.0.0/0 le 32 denies everything else. Apply it to a neighbor: neighbor 10.0.0.2 prefix-list FILTER in (for inbound filtering) or out (for outbound). Prefix-lists are more efficient than access-lists for route filtering because they match on prefix length ranges.

What are BGP COMMUNITY values and how are they used?

BGP COMMUNITY is a 32-bit attribute (written as ASN:value, e.g., 65001:100) used to tag routes with policy metadata. Communities allow upstream ISPs to apply routing policies (like no-export or local-preference adjustments) based on community tags set by customers. Well-known communities: no-export (do not advertise outside the AS), no-advertise (do not advertise to any peer), local-AS (do not advertise outside the confederation sub-AS). Use set community additive in route-maps to add communities without replacing existing ones.

What is GTSM (TTL Security) in BGP and why is it important?

GTSM (Generalized TTL Security Mechanism, RFC 5082) protects BGP sessions from remote attacks by requiring that BGP packets arrive with a TTL of 254 or higher (for directly connected peers). The command neighbor 10.0.0.2 ttl-security hops 1 configures this: your router sends BGP packets with TTL=255, and the peer must receive them with TTL >= 254. An attacker more than 1 hop away cannot forge packets with this TTL value. GTSM is recommended for all Internet-facing eBGP sessions.