BGP Commands
1. Idle
Waiting for Start event, normally initiated by operator (establishing new BGP session or resetting an existing session). After errors, BGP falls back to the Idle state.
After a Start event, BGP initializes, resets connect retry timer, initiates TCP transport connection, and listens for connections initiated by a remote peer.
2. Connect
BGP is waiting for transport protocol connection to complete. If TCP transport succeeds, transition to State 4, OpenSent, and send OPEN. If not, transition to Active. If the connect retry timer expires, remain in Connect, reset the timer, and initiate a transport connection. In case of any other event, transition back to Idle.
3. Active
BGP is trying to initiate a transport protocol connection and acquire a peer. If successful, transition to OpenSent and send OPEN. If connect retry expires, restart the timer and fall back to the Connect state. Also actively listen for connection by another peer. Go back to idle in case of other events.
Connect to Active flip-flops indicates a TCP transport problem, e.g. TCP retransmissions or unreachability of a peer.
4. OpenSent
BGP is waiting for an OPEN message from its peer. When one is received, it is checked for correctness (version number, AS number, password). If not correct, an error NOTIFICATION is sent and the system goes to Idle. If no error, then send KEEPALIVE and reset the keepalive timer. Negotiate hold time, smaller value wins. If zero, hold timer and keepalive timer are not restarted.
This state is where EBGP versus IBGP is determined, based on AS number.
5. OpenConfirm
BGP waits for KEEPALIVE or NOTIFICATION. If KEEPALIVE is received, transition to Established. If UPDATE or KEEPALIVE is received, restart the hold timer (unless the negotiated hold time is zero). If NOTIFICATION is received, transition to Idle.
Periodic KEEPALIVE messages are sent. If transport disconnect is received, transition to Idle. If an error occurs, send a NOTIFICATION with error code, then go to Idle.
6. Established
This is the final stage of neighbor negotiation. BGP exchanges updates with its peers. If a NOTIFICATION is received, the system transitions to Idle. Updates are checked for errors. If an error is found, a NOTIFICATION is sent, and the system goes to Idle. In case of hold time expiration, disconnect by transport, Stop event received, or other such events, the system falls back to Idle.
BGP Configuration Commands in IOS 11.3
To create an aggregate route summary in the BGP routing table:
[no] aggregate-address address mask [as-set] [summary-only] [suppress-map map-name]
[advertise-map map-name] [attribute-map map-name]
aggregate-address with no arguments creates an aggregate entry in the BGP routing table if there are any more-specific BGP routes that fall in the specified range. The aggregate is advertised as coming from your autonomous system with atomic aggregate attribute, to show that information might be missing. (By default, unless you specify the as-set keyword.)
as-set: creates an aggregate entry, but the path advertised for this route is an AS_SET consisting of all elements in all paths that are being summarized. Do not use this form of aggregate-address when aggregating many paths, because this route then must be continually withdrawn and re-updated as autonomous system path reachability information for the summarized routes changes.
summary-only: create the aggregate route and also suppress advertisements of more-specific routes to all neighbors. If you only want to suppress advertisements to certain neighbors, you may use the neighbor distribute-list command, with caution. If a more specific route leaks out, all BGP speakers will prefer that route over the less-specific aggregate you are generating, by using longest-match routing.
suppress-map: creates the aggregate route but suppresses advertisement of the specified routes. You can use the match clauses of route maps to selectively suppress some more specific routes of the aggregate and leave others unsuppressed. IP access lists and autonomous system path access lists match statements can be used for this.
To advertise only networks and not subnets, the default behavior for BGP, use the command:
[no] auto-summary
To compare MED with paths from different AS's:
[no] bgp always-compare-med
To restore the default BGP route reflector behavior, reflection from a reflector to clients:
[no] bgp client-to-client reflection
To configure cluster ID when there is more than one route reflector:
[no] bgp cluster-id cluster-id
To assign BGP confederation identifier:
[no] bgp confederation identifier autonomous-system
To specify which AS's belong to the confederation:
[no] bgp confederation peers autonomous-system [autonomous-system ]
To specify BGP route dampening (and optional parameters):
[no] bgp dampening [half-life reuse suppress max-suppress-time ] [route-map map]
half-life: Time (in minutes) after which a penalty is decreased. Once the route has been assigned a penalty, the penalty is decreased by half after the half-life period (which is 15 minutes by default). The process of reducing the penalty happens every 5 seconds. The range of the half-life period is 1 to 45 minutes. The default is 15 minutes.
reuse: If the penalty for a flapping route decreases enough to fall below this value, the route is unsuppressed. The process of unsuppressing routes occurs at 10-second increments. The range of the reuse value is 1 to 20000; the default is 750.
suppress: A route is suppressed when its penalty exceeds this limit. The range is 1 to 20000; the default is 2000.
max-suppress-time: Maximum time (in minutes) a route can be suppressed. The range is 1 to 20000; the default is 4 times the half-life. If the half-life value is allowed to default, the maximum suppress time defaults to 60 minutes.
route-map map: Name of route map controlling where BGP route dampening is enabled.
To change the default local preference:
[no] bgp default local-preference value
Here value must be in the range 0-4294967295. Higher values are more preferred. The default is 100.
To immediately reset sessions to directly adjacent external peers when the link goes down:
[no] bgp fast-external-fallover
To allow 0.0.0.0 to be redistributed into BGP:
[no] default-information originate
To assign default metric (MED) for redistribution of other protocols (RIP, IGRP, EIGRP, OSPF) into BGP:
[no] default-metric number
To specify use of administrative distances other than defaults:
distance bgp external-distance internal-distance local-distance
no distance bgp
Here external-distance is the administrative distance (AD) for BGP external routes, a number from 1 to 255, default 20. (255 distance means to not install the route into the routing table). Internal-distance is the BGP internal route AD, default 200. Local-distance is the AD for BGP local routes, those listed with a network router command. Default is 200. Caution: altering the internal-distance is considered hazardous.
To define an AS path access-list using an AS regular expression:
[no] ip as-path access-list access-list-number {permit | deny} as-regular-expression
Details of regular expressions are in the Dial Solutions Command Reference on the documentation CD or Web pages.
To create a BGP community list:
ip community-list community-list-number {permit | deny} community-number
no ip community-list community-list-number
Here community-list-number is an integer from 1 to 99 specifying the list number. The community-number is a number from 1 to 4294967200. Multiple numbers can be specified, separated by a space. There are some special communities that can also be specified: internet, no-export, no-advertise .
Possible MATCH conditions for BGP-related route-maps:
[no] match as-path path-list-number
[no] match community-list community-list [exact ]
[no] match interface type number ...
[no] match ip address { access-list-number | name } ...
[no] match ip next-hop { access-list-number | name } ...
[no] match ip route-source { access-list-number | name } ...
[no] match metric metric-value
[no] match route-type {local | internal | external [type-1 | type-2] | level-1 | level-2}
[no] match tag tag
To specify a BGP neighbor advertisement interval (minimum interval between sending BGP updates:
[no] neighbor {ip-address | peer-group-name} advertisement-interval seconds
Default intervals are 30 seconds for external peers and 5 seconds for internal peers.
To allow 0.0.0.0 to be sent to a neighbor (if necessary, subject to a route-map to inject 0.0.0.0 conditionally):
[no] neighbor {ip-address | peer-group-name} default-originate [route-map map-name]
To describe a neighbor:
[no] neighbor {ip-address | peer-group-name} description text
To specify filtering of information sent to/from a neighbor, using a distribute list to filter:
[no] neighbor {ip-address | peer-group-name} distribute-list {access-list-number | name} {in | out}
To accept and attempt EBGP connections to peers that are not directly connected, with specified time-to-live in hops:
neighbor {ip-address | peer-group-name}ebgp-multihop [ttl]
no neighbor {ip-address | peer-group-name} ebgp-multihop
To specify a filter list for a neighbor or peer group:
[no] neighbor {ip-address | peer-group-name} filter-list access-list-number {in | out |
weight weight}
(weight is an integer from 0 to 65535 to assign to incoming routes that match the AS paths in the filter-list).
To assign the maximum number of prefixes allowed from a neighbor:
neighbor {ip-address | peer-group-name} maximum-prefix maximum [threshold]
[warning-only]
no neighbor {ip-address | peer-group-name} maximum-prefix maximum
(threshold is the percent of maximum the router generates warnings at, default is 75. With warning-only, when the maximum is exceeded, the peering is not terminated)
To disable next-hop processing of BGP prefixes, and set next hop to self (typically in partial mesh NBMA networks):
[no] neighbor {ip-address | peer-group-name}next-hop-self
To specify the password for a BGP neighbor or peer group:
neighbor {ip-address | peer-group-name} password string
no neighbor {ip-address | peer-group-name}password
To configure a neighbor to be in a BGP peer group:
[no] neighbor ip-address peer-group peer-group-name
To create a BGP peer group:
[no] neighbor peer-group-name peer-group
To specify a neighbor and its remote AS number:
[no] neighbor {ip-address | peer-group-name} remote-as number
To apply a route map to incoming or outgoing routes to/from a neighbor:
[no] neighbor {ip-address | peer-group-name} route-map map-name {in | out}
To set up a router as a route reflector and specify a client:
[no] neighbor ip-address route-reflector-client
To specify sending the community attribute to a neighbor:
[no] neighbor {ip-address | peer-group-name} send-community
To start storing received updates:
[no] neighbor {ip-address | peer-group-name} soft-reconfiguration inbound
To allow use of any operational interface for internal BGP TCP connections:
[no] neighbor {ip-address | peer-group-name} update-source interface
To hard-code the neighbor's BGP version (for faster session establishment):
[no] neighbor {ip-address | peer-group-name} version value
(value can be 2; the default is to use 4 and negotiate down to 2 if requested)
To assign a weight to a neighbor connection:
[no] neighbor {ip-address | peer-group-name} weight weight
To specify a network BGP may advertise (if found in the routing table):
[no] network network-number [mask network-mask ]
To specify a network as a backdoor route (not advertised):
[no] network address backdoor
To assign an absolute weight to a BGP network, over-riding any weight assigned by redistribution:
[no] network address mask weight weight [route-map map-name]
To create a BGP routing process and specify AS number:
[no] router bgp autonomous-system
Possible SET conditions for BGP-related route-maps:
[no] set automatic-tag
[no] set as-path {tag | prepend as-path-string }
[no] set community {community-number [additive]} | none
(additive adds the community to existing communities, none removes the community attribute from any prefixes that pass the route-map)
set dampening half-life reuse suppress max-suppress-time
no set dampening
[no] set ip precedence value
[no] set level {level-1 | level-2 | level-1-2 | stub-area | backbone}
[no] set local-preference value
(value is an integer from 0 to 4294967295, default 100)
[no] set metric metric-value
(metric-value is an integer from -294967295 to 294967295)
[no] set metric-type internal
[no] set next-hop next-hop
[no] set origin {igp | egp autonomous-system | incomplete}
[no] set tag tag
(value is an integer from 0 to 4294967295)
[no] set weight weight
(weight is an integer from 0 to 65535)
To re-enable (or turn off) IGP route synchronization with BGP:
[no] synchronization
To modify metric and tag values when the IP routing table is updated with BGP-derived routes:
[no] table-map route-map-name
To adjust BGP timers:
timers bgp keepalive holdtime
no timers bgp
(keepalive is the keepalive message interval and defaults to 60 seconds. holdtime is the interval in seconds for declaring a peer dead if no keepalives are received. It defaults to 180 seconds.)
BGP EXEC Mode Commands
clear ip bgp {* | address | peer-group name} [soft [in | out]]
clear ip bgp dampening [address mask]
clear ip bgp flap-statistics [{regexp regexp} | {filter-list list} | {address mask}]
clear ip bgp address flap-statistics
clear ip bgp peer-group tag
show ip bgp [network] [network-mask] [longer-prefixes]
show ip bgp cidr-only
show ip bgp community community-number [exact]
show ip bgp community-list community-list-number [exact]
show ip bgp dampened-paths
show ip bgp filter-list access-list-number
show ip bgp flap-statistics [{regexp regexp} | {filter-list list} | {address mask [longer-prefix]}]
show ip bgp inconsistent-as
show ip bgp neighbors [address] [received-routes | routes | advertised-routes | {paths
regular-expression} | dampened-routes]
show ip bgp paths
show ip bgp peer-group [tag] [summary]
show ip bgp regexp regular-expression
show ip bgp summary