BGP Update Generation - Part 2

BGP Update Generation - Part 2

Traditional peer-groups were introduced to improve CPU utilization, and make configuration less redundant and easy to read. However, the way peer-groups work, the common attributes must be replicated across peer-groups. Hence, redundant configuration is not completely avoided and the ability to have session-specific configuration is limited.

The BGP dynamic peer-group feature identifies peers that have same outbound policy and optimizes update generation and replication across those peers. Dynamic peer-groups separate the peer-group configuration from update-replication through two features-

Peer Templates
Update groups

Peer Templates

The configuration feature of peer templates allows a set of configuration options to be applied to a set of neighbors. Peer templates are reusable and support inheritance. There are two types of peer templates-

Peer session templates
Peer policy templates

Peer session templates are used to build a template of general session configuration. It does not include any policy-type attributes. It can be configured as below and supports these commands-

Peer session template

Edge-1(config)# router bgp 100

Edge-1(config-router)# template ?

  peer-policy   Template configuration for policy parameters

  peer-session  Template configuration for session parameters

Edge-1(config-router)# template peer-session ?

  WORD  Name of peer-session template

Edge-1(config-router)# template peer-session GENERAL_SESSION

Edge-1(config-router-stmp)#?

BGP peer-policy configuration commands:

  allowas-in               Accept as-path with my AS present in it

  default                  Set a command to its defaults

  description              Neighbor specific description

  disable-connected-check  One-hop away EBGP peer using loopback address

  ebgp-multihop            Allow EBGP neighbors not on directly connected

                           networks

  exit-peer-session        Exit from template configuration mode

  fall-over                session fall on peer route lost

  inherit                  Inherit a template

  local-as                 Specify a local-as number

  no                       Negate a command or set its defaults

  password                 Set a password

  remote-as                Specify a BGP neighbor

  shutdown                 Administratively shut down this neighbor

  timers                   BGP per neighbor timers

  translate-update         Translate Update to MBGP format

  transport                Transport options

  ttl-security             BGP ttl security check

  update-source            Source of routing updates

  version                  Set the BGP version to match a neighbor

Peer policy templates are used to build a template of policy information. This includes manipulating actual BGP prefix information, such as filtering, capabilities and route-reflection. Peer policy template is configured as follows and support these commands-

Peer policy template

Edge-1(config)# router bgp 100

Edge-1(config-router)# template peer-policy GENERAL_POLICY

Edge-1(config-router-ptmp)#?

BGP peer-policy configuration commands:

  advertisement-interval  Minimum interval between sending BGP routing updates

  allowas-in              Accept as-path with my AS present in it

  as-override             Override matching AS-number while sending update

  capability              Advertise capability to the peer

  default                 Set a command to its defaults

  default-originate       Originate default route to this neighbor

  distribute-list         Filter updates to/from this neighbor

  dmzlink-bw              Propagate the DMZ link bandwidth

  exit-peer-policy        Exit from template configuration mode

  filter-list             Establish BGP filters

  inherit                 Inherit a template

  maximum-prefix          Maximum number of prefixes accepted from this peer

  next-hop-self           Disable the next hop calculation for this neighbor

  next-hop-unchanged      Propagate the iBGP paths's next hop unchanged for

                          this neighbor

  no                      Negate a command or set its defaults

  prefix-list             Filter updates to/from this neighbor

  remove-private-as       Remove private AS number from outbound updates

  route-map               Apply route map to neighbor

  route-reflector-client  Configure a neighbor as Route Reflector client

  send-community          Send Community attribute to this neighbor

  soft-reconfiguration    Per neighbor soft reconfiguration

  unsuppress-map          Route-map to selectively unsuppress suppressed routes

  weight                  Set default weight for routes from this neighbor

Update groups:

Update groups handle update replication. The router builds update groups dynamically based on examining the outbound policy of the configured BGP sessions. BGP peers with same outbound policies are assigned to same update group. No configuration is required for this feature.

Network topology:

This example will demonstrate peer session and peer policy templates on Edge-1 router. Edge-1 router creates a GENERAL_SESSION peer-session template which includes password and version. Edge-1 router also creates an INTERNAL_SESSION peer-session template for iBGP peers which includes iBGP specific configuration and also inherit GENERAL_SESSION settings. And lastly, it creates an EXTERNAL_SESSION template for eBGP peers and inherit GENERAL_SESSION settings too.

NOTE: Any configuration at the neighbor level takes precedence over template settings.

peer session templates on Edge-1

router bgp 100

 template peer-session GENERAL_SESSION

  password cisco

  version 4

 exit-peer-session

 template peer-session INTERNAL_SESSION

  inherit peer-session GENERAL_SESSION

  remote-as 100

  update-source Loopback 0

  timers 30 90

 exit-peer-session

 template peer-session EXTERNAL_SESSION

  inherit peer-session GENERAL_SESSION

  remote-as 200

 exit-peer-session

 neighbor 2.2.2.2 inherit peer-session INTERNAL_SESSION

 neighbor 3.3.3.3 inherit peer-session INTERNAL_SESSION

 neighbor 10.2.2.2 inherit peer-session EXTERNAL_SESSION

The show ip bgp replication command displays update replication statistics for update-groups. Core-1 and Core-2 routers are part of the same update-group.

show ip bgp replication

Edge-1# show ip bgp replication

                                                                    Current    Next

Index  Members          Leader       MsgFmt    MsgRepl     Csize    Version Version

    1        2         2.2.2.2            2          2    0/1000          6/0

    2        1        10.2.2.2            1          0    0/100           6/0

The show ip bgp update-group command displays update-group statistics.

show ip bgp update-group

Edge-1# show ip bgp update-group

BGP version 4 update-group 1, internal, Address Family: IPv4 Unicast

  BGP Update version : 6/0, messages 0

  Update messages formatted 2, replicated 2

  Number of NLRIs in the update sent: max 3, min 2

  Minimum time between advertisement runs is 0 seconds

  Has 2 members (* indicates the members currently being sent updates):

   2.2.2.2          3.3.3.3

BGP version 4 update-group 2, external, Address Family: IPv4 Unicast

  BGP Update version : 6/0, messages 0

  Update messages formatted 1, replicated 0

  Number of NLRIs in the update sent: max 3, min 3

  Minimum time between advertisement runs is 30 seconds

  Has 1 member (* indicates the members currently being sent updates):

   10.2.2.2

Advertise only Default-route to Core-1:

Now, a condition arises that only default-route be advertised to Core-1 router while full BGP table be advertised to Core-2 router. Admittedly, this can be achieved through various ways, however, peer policy template is also one of the options.

peer policy template on Edge-1

router bgp 100

 template peer-policy DEFAULT_ONLY

  filter-list 20 out

  default-originate

 exit-peer-policy

 neighbor 2.2.2.2 inherit peer-policy DEFAULT_ONLY

ip prefix-list 20 seq 5 deny 0.0.0.0/0 le 32

The show ip bgp replication command shows that Core-1 router is dynamically assigned to another update-group since its outbound policy changed.

show ip bgp replication

Edge-1# show ip bgp replication

                                                                    Current    Next

Index  Members          Leader       MsgFmt    MsgRepl     Csize    Version Version

    1        1        10.2.2.2            1          0    0/100           6/0

    2        1         3.3.3.3            2          0    0/100           6/0

    3        1         2.2.2.2            0          0    0/100           6/0

The show ip bgp update-group command also shows Core-1 router in a different update-group.

show ip bgp update-group

Edge-1# show ip bgp update-group

BGP version 4 update-group 1, external, Address Family: IPv4 Unicast

  BGP Update version : 6/0, messages 0

  Update messages formatted 1, replicated 0

  Number of NLRIs in the update sent: max 3, min 3

  Minimum time between advertisement runs is 30 seconds

  Has 1 member (* indicates the members currently being sent updates):

   10.2.2.2

BGP version 4 update-group 2, internal, Address Family: IPv4 Unicast

  BGP Update version : 6/0, messages 0

  Update messages formatted 2, replicated 0

  Number of NLRIs in the update sent: max 3, min 2

  Minimum time between advertisement runs is 0 seconds

  Has 1 member (* indicates the members currently being sent updates):

   3.3.3.3

BGP version 4 update-group 3, internal, Address Family: IPv4 Unicast

  BGP Update version : 6/0, messages 0

  Outgoing update AS path filter list is 20

  Unconditional default-originate

  Update messages formatted 0, replicated 0

  Number of NLRIs in the update sent: max 0, min 0

  Minimum time between advertisement runs is 0 seconds

  Has 1 member (* indicates the members currently being sent updates):

   2.2.2.2

The template settings can be viewed using show ip bgp template {peer-session | peer-policy} command.