All Cisco-Network Study Notes: 01/01/09

Manual Summaries and the AS_PATH Path Attribute 409

Manual Summaries and the AS_PATH Path Attribute

As covered in the aftermost several pages, a router can add entries to its BGP table application the network

command and avenue redistribution. Additionally, BGP can use chiral avenue summarization to

advertise arbitrary routes to adjoining routers, causing the adjoining routers to learn

additional BGP routes. BGP chiral summarization with the aggregate-address command differs

significantly from application the auto-summary command. It can abridge based on any routes

in the BGP table, creating a arbitrary of any prefix length. It does not consistently abolish the

advertisement of the basic subnets, although it can be configured to do so.

The accumulated avenue charge accommodate the AS_PATH PA, aloof like it is appropriate for every added NLRI

in the BGP table. However, to absolutely accept what this command does, you charge to booty a closer

look at the AS_PATH PA.

The AS_PATH PA consists of up to four altered components, alleged segments, as follows:

■ AS_SEQ (short for AS Sequence)

■ AS_SET

■ AS_CONFED_SEQ (short for AS Confederation Sequence)

■ AS_CONFED_SET

The best frequently acclimated articulation is alleged AS_SEQ. AS_SEQ is the abstraction of AS_PATH as shown

back in Figure 11-1, with the PA apery all ASNs, in order, through which the avenue has been

advertised.

However, the aggregate-address command can actualize a arbitrary avenue for which the AS_SEQ

must be null. Back the basic subnets of the arbitrary avenue accept differing AS_SEQ values,

the router artlessly can’t actualize an authentic representation of AS_SEQ, so it uses a absent AS_SEQ.

However, this activity introduces the achievability of creating acquisition loops, because the capacity of

AS_PATH, accurately AS_SEQ, are acclimated to anticipate a avenue from actuality re-advertised to an AS

that has already heard about the route.

The AS_PATH AS_SET articulation solves the botheration back the arbitrary avenue has a absent AS_SEQ.

The AS_SET articulation holds an unordered account of all the ASNs in all the basic subnets’

AS_SEQ segments.

Example 11-7 shows an archetype in which the router does use a absent AS_SEQ for a arbitrary route,

and again the aforementioned arbitrary with the as-set advantage creating the AS_SET segment.

NOTE AS_PATH includes the AS_CONFED_SEQ and AS_CONFED_SET segments as

well, which are covered later, in the area “Confederations.”

Building the BGP Table 363

The afterward account summarizes the accomplishments taken by the aggregate-address command back it

creates a arbitrary route:

■ It does not actualize the arbitrary if the BGP table does not currently accept any routes for NLRI

inside the summary.

■ If all the basic subnets are aloof from the accumulation router’s BGP table, it also

then withdraws the aggregate. (In added words, the router tells its neighbors that the aggregate

route is no best valid.)

■ It sets the NEXT_HOP abode of the summary, as listed in the bounded BGP table, as 0.0.0.0.

■ It sets the NEXT_HOP abode of the arbitrary route, as advertised to neighbors, to the

router’s amend antecedent IP abode for anniversary neighbor, respectively.

■ If the basic subnets central the arbitrary all accept the aforementioned AS_SEQ, it sets the new

summary route’s AS_SEQ to be absolutely like the AS_SEQ of the basic subnets.

■ If the AS_SEQ of the basic subnets differs in any way, it sets the AS_SEQ of the new

summary avenue to null.

■ Back the as-set advantage has been configured, the router creates an AS_SET articulation for the

aggregate route, but alone if the arbitrary route’s AS_SEQ is null.

■ As usual, if the arbitrary is advertised to an eBGP peer, the router prepends its own ASN to

the AS_SEQ afore sending the Update.

■ It suppresses the advertisement of all basic subnets if the summary-only keyword is

used; advertises all of them if the summary-only keyword is omitted; or advertises a subset

if the suppress-map advantage is configured.

Example 11-7 shows R3 from Figure 11-4 summarizing 23.0.0.0/8. R3 advertises the summary

with ASN 123 as the alone AS in the AS_SEQ, because some basic subnets accept AS_PATHS

of 45, and others accept 678 45. As a result, R3 uses a absent AS_SEQ for the aggregate. The example

goes on to appearance the appulse of the as-set option.

Example 11-7 Avenue Accession and the as-set Option

! Note that R3’s routes to arrangement 23 all accept the aforementioned AS_PATH except one new

! prefix, which has an AS_PATH that includes ASN 678. As a result, R3 will

! actualize a absent AS_SEQ for the arbitrary route.

R3# appearance ip bgp | accommodate 23

*> 23.3.0.0/20 4.4.4.4 0 45 i

*> 23.3.16.0/20 4.4.4.4 0 45 i

*> 23.3.32.0/19 4.4.4.4 0 45 i

continues

364 Affiliate 11: BGP

*> 23.3.64.0/18 4.4.4.4 0 45 i

*> 23.3.128.0/17 4.4.4.4 0 45 i

*> 23.4.0.0/16 4.4.4.4 0 45 678 i

! The afterward command is now added to R3’s BGP configuration:

aggregate-address 23.0.0.0 255.0.0.0 summary-only

! Note: R3 will not accept a BGP table access for 23.0.0.0/8; however, R3 will

! acquaint this arbitrary to its peers, because at atomic one basic subnet

! exists.

! R1 has abstruse the prefix, NEXT_HOP 3.3.3.3 (R3’s amend antecedent IP abode for

! R1), but the AS_PATH is now absent because R1 is in the aforementioned AS as R3.

! (Had R3-R1 been an eBGP peering, R3 would accept prepended its own ASN.)

! Note that the abutting command is on R1 R1 R1 R1.

R1# sh ip bgp | activate Network

Network Abutting Hop Metric LocPrf Weight Path

*>i21.0.0.0 3.3.3.3 0 100 0 45 i

*>i23.0.0.0 3.3.3.3 0 100 0 i

! Next, R1 displays the AGGREGATOR PA, which identifies R3 (3.3.3.3) and its AS

! (123) as the accession point at which advice is lost. Also, the phrase

! “atomic-aggregate” refers to the actuality that the ATOMIC_AGGREGATE PA has also

! been set; this PA artlessly states that this NLRI is a summary.

R1# appearance ip bgp 23.0.0.0

BGP acquisition table access for 23.0.0.0/8, adaptation 45

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Flag: 0x800

Advertised to update-groups:

Local, (aggregated by 123 3.3.3.3), (received & used)

3.3.3.3 (metric 2302976) from 3.3.3.3 (3.3.3.3)

Origin IGP, metric 0, localpref 100, valid, internal, atomic-aggregate, best

! R6, in AS 678, receives the arbitrary avenue from R1, but the abridgement of information

! in the accepted AS_PATH allows R6 to apprentice of the route, possibly causing

! a acquisition loop. (Remember, one of the basic subnets, 23.4.0.0/16, came from

! ASN 678.)

R6# sh ip bgp nei 172.16.16.1 received-routes | activate Network

Network Abutting Hop Metric LocPrf Weight Path

*> 21.0.0.0 172.16.16.1 0 123 45 i

*> 23.0.0.0 172.16.16.1 0 123 i

! The R3 agreement is afflicted as apparent abutting to use the as-set option.

R3# aggregate-address 23.0.0.0 255.0.0.0 summary-only as-set

! R1 now has the AS_SET basic of the AS_PATH PA, which includes an unordered

! account of all autonmous systems from all the basic subnets’ AS_PATHs on R3.

R1# sh ip bgp | activate Network

Network Abutting Hop Metric LocPrf Weight Path

*>i21.0.0.0 3.3.3.3 0 100 0 45 i

*>i23.0.0.0 3.3.3.3 0 100 0 {45,678} i

Example 11-7 Avenue Accession and the as-set Advantage (Continued)

364 Affiliate 11: BGP

*> 23.3.64.0/18 4.4.4.4 0 45 i

*> 23.3.128.0/17 4.4.4.4 0 45 i

*> 23.4.0.0/16 4.4.4.4 0 45 678 i

! The afterward command is now added to R3’s BGP configuration:

aggregate-address 23.0.0.0 255.0.0.0 summary-only

! Note: R3 will not accept a BGP table access for 23.0.0.0/8; however, R3 will

! acquaint this arbitrary to its peers, because at atomic one basic subnet

! exists.

! R1 has abstruse the prefix, NEXT_HOP 3.3.3.3 (R3’s amend antecedent IP abode for

! R1), but the AS_PATH is now absent because R1 is in the aforementioned AS as R3.

! (Had R3-R1 been an eBGP peering, R3 would accept prepended its own ASN.)

! Note that the abutting command is on R1 R1 R1 R1.

R1# sh ip bgp | activate Network

Network Abutting Hop Metric LocPrf Weight Path

*>i21.0.0.0 3.3.3.3 0 100 0 45 i

*>i23.0.0.0 3.3.3.3 0 100 0 i

! Next, R1 displays the AGGREGATOR PA, which identifies R3 (3.3.3.3) and its AS

! (123) as the accession point at which advice is lost. Also, the phrase

! “atomic-aggregate” refers to the actuality that the ATOMIC_AGGREGATE PA has also

! been set; this PA artlessly states that this NLRI is a summary.

R1# appearance ip bgp 23.0.0.0

BGP acquisition table access for 23.0.0.0/8, adaptation 45

Paths: (1 available, best #1, table Default-IP-Routing-Table)

Flag: 0x800

Advertised to update-groups:

Local, (aggregated by 123 3.3.3.3), (received & used)

3.3.3.3 (metric 2302976) from 3.3.3.3 (3.3.3.3)

Origin IGP, metric 0, localpref 100, valid, internal, atomic-aggregate, best

! R6, in AS 678, receives the arbitrary avenue from R1, but the abridgement of information

! in the accepted AS_PATH allows R6 to apprentice of the route, possibly causing

! a acquisition loop. (Remember, one of the basic subnets, 23.4.0.0/16, came from

! ASN 678.)

R6# sh ip bgp nei 172.16.16.1 received-routes | activate Network

Network Abutting Hop Metric LocPrf Weight Path

*> 21.0.0.0 172.16.16.1 0 123 45 i

*> 23.0.0.0 172.16.16.1 0 123 i

! The R3 agreement is afflicted as apparent abutting to use the as-set option.

R3# aggregate-address 23.0.0.0 255.0.0.0 summary-only as-set

! R1 now has the AS_SET basic of the AS_PATH PA, which includes an unordered

! account of all autonmous systems from all the basic subnets’ AS_PATHs on R3.

R1# sh ip bgp | activate Network

Network Abutting Hop Metric LocPrf Weight Path

*>i21.0.0.0 3.3.3.3 0 100 0 45 i

*>i23.0.0.0 3.3.3.3 0 100 0 {45,678} i

Example 11-7 Avenue Accession and the as-set Advantage (Continued)

Building the BGP Table 365

Table 11-6 summarizes the key credibility apropos summarization application the aggregate-address,

auto-summary, and arrangement commands.

Adding Absence Routes to BGP

The final adjustment covered in this affiliate for abacus routes to a BGP table is to inject absence routes

into BGP. Absence routes can be injected into BGP in one of three ways:

■ By injecting the absence application the arrangement command

■ By injecting the absence application the redistribute command

■ By injecting a absence avenue into BGP application the acquaintance neighbor-id default-information

[route-map route-map-name] BGP subcommand

When injecting a absence avenue into BGP application the arrangement command, a avenue to 0.0.0.0/0 must

exist in the bounded acquisition table, and the arrangement 0.0.0.0 command is required. The absence IP route

can be abstruse via any means, but if it is removed from the IP acquisition table, BGP removes the

default avenue from the BGP table.

Injecting a absence avenue through redistribution requires an added agreement command—

default-information originate. The absence avenue charge aboriginal abide in the IP acquisition table; for

instance, a changeless absence avenue to null0 could be created. Then, the redistribute changeless command

! Now R6 does not accept the 23.0.0.0 prefix due to R1’s analysis of the AS_SET PA,

! acquainted that ASN 678 is in the AS_SET and is additionally R6’s ASN.

R6# sh ip bgp nei 172.16.16.1 received-routes | activate Network

Network Abutting Hop Metric LocPrf Weight Path

*> 21.0.0.0 172.16.16.1 0 123 45 i

NOTE Arbitrary routes can additionally be added via addition method. First, the router would create

a changeless route, about with destination of interface null0. Then, the prefix/length can be

matched with the arrangement command to inject the summary. This adjustment does not clarify any

of the basic subnets.

Table 11-6 Summary: Injecting Arbitrary Routes in BGP

Command

Component

Subnets Removed Routes It Can Summarize

auto-summary (with

redistribution)

All Alone those injected into BGP on that router

using the redistribute command

aggregate-address All, none, or a subset Any prefixes already in the BGP table

auto-summary (with the

network command)

None Alone those injected into BGP on that router

using the arrangement command

Example 11-7 Avenue Accession and the as-set Advantage (Continued)

366 Affiliate 11: BGP

could be acclimated to redistribute that changeless absence route. However, in the appropriate case of the default

route, Cisco IOS additionally requires the default-information arise BGP subcommand.

Injecting a absence avenue into BGP by application the acquaintance neighbor-id default-information

[route-map route-map-name] BGP subcommand does not add a absence avenue to the bounded BGP

table; instead, it causes the advertisement of a absence to the defined neighbor. In fact, this method

does not alike analysis for the actuality of a absence avenue in the IP acquisition table by default, but it

can. With the route-map option, the referenced avenue map examines the entries in the IP routing

table (not the BGP table); if a avenue map admittance article is matched, again the absence avenue is advertised

to the neighbor. Archetype 11-8 shows aloof such an archetype on R1, with route-map check-default

checking for the actuality of a absence avenue afore R1 would arise a absence avenue to R3.

ORIGIN Path Attribute

Depending on the adjustment acclimated to inject a avenue into a bounded BGP table, BGP assigns one of three

BGP ORIGIN PA codes: IGP, EGP, or incomplete. The ORIGIN PA provides a accepted descriptor

as to how a accurate NLRI was aboriginal injected into a router’s BGP table. The appearance ip bgp

command includes the three accessible ethics in the fable at the top of the command output, listing

the absolute ORIGIN cipher for anniversary BGP avenue at the far appropriate of anniversary achievement line. Table 11-7 lists

the three ORIGIN cipher names, the single-letter abridgement acclimated by Cisco IOS, and the reasons

why a avenue is assigned a accurate code.

The ORIGIN codes and meanings adumbrate a few concepts that abounding bodies acquisition counterintuitive. First,

routes redistributed into BGP from an IGP absolutely accept an ORIGIN cipher of incomplete. Also, do

Example 11-8 Originating a Absence Avenue to a Acquaintance with the acquaintance default-originate Command

! The pertinent genitalia of the R1 agreement are listed next, with the avenue map

! analogous an IP avenue to 0.0.0.0/0 with a admittance action, enabling the

! advertisement of a absence avenue to acquaintance 3.3.3.3 (R3).

router bgp 123

neighbor 3.3.3.3 remote-as 123

neighbor 3.3.3.3 update-source Loopback1

neighbor 3.3.3.3 default-originate route-map check-default

ip avenue 0.0.0.0 0.0.0.0 Null0

ip prefix-list def-route seq 5 admittance 0.0.0.0/0

route-map check-default admittance 10

match ip abode prefix-list def-route

! R1 absolutely has a absence route, as apparent below.

R1# appearance ip avenue | accommodate 0.0.0.0/0

S* 0.0.0.0/0 is anon connected, Null0

! R3 now learns a absence avenue from R1, as apparent below.

R3# appearance ip bgp | activate Network

Network Abutting Hop Metric LocPrf Weight Path

*>i0.0.0.0 1.1.1.1 100 0 i

not abash EGP with eBGP; an ORIGIN of EGP refers to Exterior Gateway Protocol, the actual old

and deprecated antecedent to BGP. In practice, the EGP ORIGIN cipher should not be apparent today.

BGP ORIGIN Codes

ORIGIN Code

Cisco IOS

Notation

Used for Routes Injected Due to the Following

Commands

IGP i network, aggregate-address (in some cases), and neighbor

default-originate commands

EGP e Exterior Gateway Protocol (EGP). No specific commands apply.

Incomplete ? redistribute, aggregate-address (in some cases), and defaultinformation

originate command

The rules apropos the ORIGIN codes acclimated for arbitrary routes created with the aggregateaddress

command can additionally be a bit surprising. The rules are abbreviated as follows:

■ If the as-set advantage is not used, the accumulated avenue uses ORIGIN cipher i.

■ If the as-set advantage is used, and all basic subnets actuality abbreviated use ORIGIN cipher i,

the accumulated has ORIGIN cipher i.

■ If the as-set advantage is used, and at atomic one of the basic subnets has an ORIGIN cipher ?,

the accumulated has ORIGIN cipher ?.

NOTE The BGP ORIGIN PA provides a accessory descriptor for the agent of a BGP table entry,

which is acclimated as allotment of the BGP accommodation process.

Building the BGP Table

The BGP cartography table, additionally alleged the BGP Acquisition Advice Base (RIB), holds the network

layer reachability advice (NLRI) abstruse by BGP, as able-bodied as the associated PAs. An NLRI is

simply an IP prefix and prefix length. This area focuses on the action of how BGP injects

NLRI into a router’s BGP table, followed by how routers acquaint their associated PAs and NLRI

to neighbors.

NOTE Technically, BGP does not acquaint routes; rather, it advertises PAs added a set of NLRI

that shares the aforementioned PA values. However, best bodies artlessly accredit to NLRI as BGP prefixes or

BGP routes. This book uses all three terms. However, because there is a acumen amid a

BGP avenue in the BGP table and an IP avenue in the IP acquisition table, the argument takes affliction to accredit to

the BGP table or IP acquisition table to analyze the two tables.

Injecting Routes/Prefixes into the BGP Table

Unsurprisingly, an alone BGP router adds entries to its bounded BGP table by application the same

general methods acclimated by IGPs: by application the arrangement command, by audition the topology

information via an Update bulletin from a neighbor, or by redistributing from accession routing

protocol. The abutting few sections appearance examples of how a bounded BGP router adds routes to the BGP

table by methods added than acquirements them from a BGP neighbor.

BGP arrangement Command

This section, and the abutting section, assumes the BGP no auto-summary command has been

configured. Agenda that as of the Cisco IOS Software Release 12.3 Mainline, no auto-summary is the

default; beforehand releases defaulted to use auto-summary. Afterward that, the section, “The Appulse of

Building the BGP Table 355

Auto-Summary on Redistributed Routes and the arrangement Command,” discusses the appulse of the

auto-summary command on both the arrangement command and the redistribute command.

The BGP arrangement router subcommand differs decidedly from the arrangement command acclimated by

IGPs. The BGP arrangement command instructs that router’s BGP action to do the following:

Look for a avenue in the router’s accepted IP acquisition table that absolutely matches the

parameters of the arrangement command; if the IP avenue exists, put the agnate NLRI into

the bounded BGP table.

With this logic, affiliated routes, changeless routes, or IGP routes could be taken from the IP routing

table and placed into the BGP table for after advertisement. Back the router removes that route

from its IP acquisition table, BGP again removes the NLRI from the BGP table, and notifies neighbors

that the avenue has been withdrawn.

Note that the IP avenue charge be akin absolutely back the no auto-summary command is

configured or acclimated by default.

Table 11-5 lists a few of the key appearance of the BGP arrangement command, whose all-encompassing syntax is:

network {network-number [mask network-mask]} [route-map map-tag]

*NEXT_HOP is a BGP PA that denotes the next-hop IP abode that should be acclimated to ability the NLRI.

Example 11-4 shows an archetype arrangement command as implemented on R5 of Figure 11-4 (R5’s

BGP neighbors accept been shut bottomward so that the BGP table shows alone BGP table entries created

by the arrangement commands on R5). In Archetype 11-4, R5 uses two arrangement commands to add

21.0.0.0/8 and 22.1.1.0/24 to its BGP table.

Table 11-5 Key Appearance of the BGP arrangement Command

Feature Implication

No affectation is configured Assumes the absence classful mask.

Matching argumentation with no auto-summary

configured

An IP avenue charge bout both the prefix and prefix length

(mask).

Matching argumentation with auto-summary

configured

If the arrangement command lists a classful network, it

matches if any subnets of the classful arrangement exist.

NEXT_HOP of BGP avenue added to the

BGP table*

Uses abutting hop of IP route.

Maximum cardinal injected by the

network command into one BGP process

200

Purpose of the route-map advantage on the

network command

Can be acclimated to clarify routes and dispense PAs, including

NEXT_HOP*.

356 Affiliate 11: BGP

Figure 11-4 Sample BGP Network, with IP Addresses

Example 11-4 Examples of Clearing the BGP Table via the arrangement Command

! On R5, the arrangement commands accurately bout prefixes 21.0.0.0/8 and 22.1.1.0/24. The

! blank of the affectation on the aboriginal command implies the associated classful mask

! of 255.0.0.0, as the IP abode listed (21.0.0.0) is a chic A address.

router bgp 45

no synchronization

bgp log-neighbor-changes

network 21.0.0.0

network 22.1.1.0 affectation 255.255.255.0

! The acquaintance commands are not shown, as they are not pertinent to the topics

! covered in this example.

! Next, the two routes akin by the arrangement commands are absolutely in the IP

! acquisition table. Agenda that the avenue to 21.0.0.0/8 is a affiliated route, and the

! avenue to 22.1.1.0/24 is a changeless route.

R5# appearance ip avenue | incl 21 | 22

IBGP

10.1.23.2

10.1.12.2

10.1.23.3

10.1.12.1

EBGP

10.1.34.4

10.1.134.4 IBGP

10.1.34.3

10.1.134.3

10.1.45.5

10.1.57.5

10.1.57.7

10.1.78.7

10.1.78.8

10.1.68.8

10.1.68.6

10.1.45.4

172.16.16.6

172.16.16.1

10.1.69.6

10.1.69.9

EIGRP 6

ASN 678

ASN 123 ASN 45

R8 R7

R8: RIP Only

EBGP IBGP

Networks 30 Through 39

Via redistribute eigrp 6 Command

Networks 20 Through 29

Via Arrangement Command

RID

3.3.3.3

RID

4.4.4.4

RID

5.5.5.5

RID

7.7.7.7

RID

8.8.8.8

RID

6.6.6.6

RID

111.111.111.111

RID

2.2.2.2

R3 R4

Building the BGP Table 357

Redistributing from an IGP, Static, or Affiliated Route

The BGP redistribute subcommand can redistribute static, connected, and IGP-learned routes.

The mechanics of the BGP redistribute command assignment actual analogously with redistribution as

covered in Affiliate 10, “IGP Avenue Redistribution, Avenue Summarization, and Absence Routing”;

however, this area covers a few nuances that are different to BGP.

BGP does not use the abstraction of artful a metric for anniversary alternating avenue to ability a particular

prefix. Instead, BGP uses a step-wise accommodation action that examines assorted PAs to actuate the

best route. As a result, redistribution into BGP does not crave any application of setting

metrics. However, a router ability charge to administer a avenue map to the redistribution action to

manipulate PAs, which in about-face affects the BGP accommodation process. If a metric is assigned to a route

injected into BGP, BGP assigns that metric amount to the BGP Multi-Exit Discriminator (MED) PA,

which is frequently referred to as metric.

Example 11-5 shows R6 (from Figure 11-4) bushing its BGP table through avenue redistribution from

Enhanced IGRP (EIGRP) action 6 (as configured in Archetype 11-5 with the router eigrp 6

command) and redistributing a distinct changeless route. EIGRP on R6 learns routes alone for

networks 30 through 39. The goals of this archetype are as follows:

■ Redistribute EIGRP routes for networks 31 and 32

C 21.0.0.0/8 is anon connected, Loopback20

22.0.0.0/24 is subnetted, 1 subnets

S 22.1.1.0 [1/0] via 10.1.5.9

! Below, the prefixes accept been added to the BGP table. Agenda that the NEXT_HOP

! PA has been set to 0.0.0.0 for the avenue (21.0.0.0/8) that was taken from a

! affiliated route, with the NEXT_HOP for 22.1.1.0/24 analogous the IP route.

R5# appearance ip bgp

BGP table adaptation is 38, bounded router ID is 5.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Abutting Hop Metric LocPrf Weight Path

*> 21.0.0.0 0.0.0.0 0 32768 i

*> 22.1.1.0/24 10.1.5.9 0 32768 i

NOTE Although this point is not different to BGP, accumulate in apperception that redistribution from an IGP

causes two types of routes to be taken from the acquisition table—those abstruse by the routing

protocol, and those affiliated routes for which that acquisition agreement matches with a network

command.

Example 11-4 Examples of Clearing the BGP Table via the arrangement Command (Continued)358 Affiliate 11: BGP

■ Redistribute the changeless avenue to arrangement 34, and set the MED (metric) to 9

■ Do not accidentally redistribute the affiliated routes that are akin by EIGRP’s network

commands

■ Use the Cisco IOS 12.3 absence ambience of no auto-summary

Example 11-5 shows the aberration of accidentally redistributing added routes—the connected

subnets of arrangement 10.0.0.0 akin by EIGRP arrangement commands. After in the example, a route

map is added to anticipate the problem.

Example 11-5 Archetype of Clearing the BGP Table via Redistribution

! R6 redistributes EIGRP 6 routes and changeless routes below, ambience the metric on

! redistributed changeless routes to 9. Agenda that EIGRP 6 matches subnets 10.1.68.0/24

! and 10.1.69.0/24 with its arrangement command.

router bgp 678

redistribute changeless metric 9

redistribute eigrp 6

router eigrp 6

network 10.0.0.0

ip avenue 34.0.0.0 255.0.0.0 null0

! Commands different to clearing the bounded BGP table are omitted.

! R6 has met the ambition of injecting 31 and 32 from EIGRP, and 34 from static.

! It additionally accidentally best up two subnets of 10.0.0.0/8 because EIGRP’s network

! 10.0.0.0 command akin these affiliated subnets.

R6# appearance ip bgp

BGP table adaptation is 1, bounded router ID is 6.6.6.6

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Abutting Hop Metric LocPrf Weight Path

*> 10.1.68.0/24 0.0.0.0 0 32768 ?

*> 10.1.69.0/24 0.0.0.0 0 32768 ?

*> 31.0.0.0 10.1.69.9 156160 32768 ?

*> 32.1.1.0/24 10.1.69.9 156160 32768 ?

*> 34.0.0.0/24 0.0.0.0 9 32768 ?

! Below, agenda the metrics for the two EIGRP routes. The appearance ip bgp command output

! aloft shows how BGP assigned the MED (metric) that aforementioned value.

R6# appearance ip avenue eigrp

32.0.0.0/24 is subnetted, 1 subnets

D 32.1.1.0 [90/156160] via 10.1.69.9, 00:12:17, FastEthernet0/0

D 31.0.0.0/8 [90/156160] via 10.1.69.9, 00:12:17, FastEthernet0/0

! Below, the redistribute eigrp command has been afflicted to the following, using

! a avenue map to alone acquiesce routes in networks in the 30s.

redist eigrp 6 route-map just-30-something

Building the BGP Table 359

Also agenda that the NEXT_HOP PA for anniversary avenue either matches the abutting hop of the redistributed

route or is 0.0.0.0 for affiliated routes and routes to null0.

Impact of Auto-Summary on Redistributed Routes and the arrangement Command

As it does with IGPs, the BGP auto-summary command causes a classful arbitrary avenue to be

created if any basic subnet of that arbitrary exists. However, clashing IGPs, the BGP autosummary

router subcommand causes BGP to abridge alone those routes injected due to

redistribution on that router. BGP auto-summary does not attending for classful arrangement boundaries

in the topology, and it does not attending at routes already in the BGP table. It artlessly looks for routes

injected into the BGP due to the redistribute and arrangement commands on that aforementioned router.

The argumentation differs hardly based on whether the avenue is injected with the redistribute command

or the arrangement command. The argumentation for the two commands is abbreviated as follows:

■ redistribute—When the redistribution action would commonly inject subnets of a classful

network, do not inject the subnets into the acquisition table, but instead inject the classful

network.

■ network—For arrangement commands that account a classful arrangement cardinal and no mask

parameter, inject the classful arrangement if at atomic one subnet of that classful arrangement exists in

the IP acquisition table.

While the above-mentioned definitions are abridged for abstraction purposes, a few credibility deserve further

emphasis and explanation. First, for redistribution, the auto-summary command causes the

redistribution action to inject alone classful networks into the bounded BGP table, and no subnets.

The arrangement command, with auto-summary configured, still injects subnets based on the same

logic already declared in this chapter. In accession to that logic, if a arrangement command matches

the classful arrangement number, BGP injects the classful network, as continued as at atomic any one subnet

of that classful arrangement exists in the IP acquisition table.

! The avenue map and ACLs acclimated for the clarification are apparent next. As a result, the

! two subnets of 10.0.0.0/8 will not be redistributed into the BGP table.

R6# appearance route-map

route-map just-30-something, permit, arrangement 10

Match clauses:

ip abode (access-lists): permit-30-39

Set clauses:

Policy acquisition matches: 0 packets, 0 bytes

R6# appearance access-list

Standard IP admission account permit-30-39

10 admittance 32.0.0.0, wildcard $.25 7.255.255.255 (1538 matches)

20 admittance 30.0.0.0, wildcard $.25 1.255.255.255 (1130 matches)

Example 11-5 Archetype of Clearing the BGP Table via Redistribution (Continued)

360 Affiliate 11: BGP

Example 11-6 shows an archetype that credibility out the appulse of the auto-summary command. The

example follows these accomplish on router R5 from Figure 11-2:

1. 10.15.0.0/16 is injected into BGP due to the redistribute command.

2. Auto-summary is configured, BGP is cleared, and now alone 10.0.0.0/8 is in the BGP table.

3. Auto-summary and redistribution are disabled.

4. The arrangement 10.0.0.0 command, arrangement 10.12.0.0 affectation 255.254.0.0 command, and

network 10.14.0.0 affectation 255.255.0.0 command are configured. Alone the aftermost of these three

commands absolutely matches a accepted route, so alone that avenue is injected into BGP.

5. Auto-summary is enabled, causing 10.0.0.0/8 to be injected, as able-bodied as the aboriginal 10.14.0.0/

16 route.

Example 11-6 Auto-Summary Appulse on Acquisition Tables

! R5 has shut bottomward all acquaintance connections, so the achievement of appearance ip bgp alone shows

! routes injected on R5.

! Footfall 1 is below. Alone 10.15.0.0/16 is injected by the accepted configuration. Agenda that

! the different curve of achievement accept been removed, and route-map only15 only

! matches 10.15.0.0/16.

R5# appearance run | be router bgp

router bgp 5

no synchronization

redistribute affiliated route-map only15

no auto-summary

! Below, agenda the absence of 10.0.0.0/8 as a route, and the attendance of 10.15.0.0/16,

! as able-bodied as the blow of the routes acclimated in the accessible steps.

R5# appearance ip avenue 10.0.0.0

Routing access for 10.0.0.0/8, 4 accepted subnets

Attached (4 connections)

Redistributing via eigrp 99, bgp 5

Advertised by bgp 5 route-map only15

C 10.14.0.0/16 is anon connected, Loopback10

C 10.15.0.0/16 is anon connected, Loopback10

C 10.12.0.0/16 is anon connected, Loopback10

C 10.13.0.0/16 is anon connected, Loopback10

! Alone 10.15.0.0/16 is injected into BGP.

R5# appearance ip bgp

BGP table adaptation is 2, bounded router ID is 5.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Abutting Hop Metric LocPrf Weight Path

*> 10.15.0.0/16 0.0.0.0 0 32768 ?

! Next, footfall 2, area auto-summary is enabled. Now, 10.15.0.0/16 is no longer

Building the BGP Table 361

! injected into BGP, but classful 10.0.0.0/8 is.

R5# conf t

Enter agreement commands, one per line. End with CNTL/Z.

R5(config)# router bgp 5

R5(config-router)# auto-summary

R5(config-router)# ^Z

R5# bright ip bgp *

R5# appearance ip bgp

BGP table adaptation is 2, bounded router ID is 5.5.5.5

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Abutting Hop Metric LocPrf Weight Path

*> 10.0.0.0 0.0.0.0 0 32768 ?

! Now, at footfall 3, no auto-summary disables automated summarization, redistribution is

! disabled, and at footfall 4, the arrangement commands are added. Agenda that 10.12.0.0/15 is

! not injected, as there is no exact match, nor is 10.0.0.0/8, as there is no exact

! match. However, 10.14.0.0/16 is injected due to the exact bout of the prefix and

! prefix length.

R5# conf t

Enter agreement commands, one per line. End with CNTL/Z.

R5(config)# router bgp 5

R5(config-router)# no auto-summary

R5(config-router)# no redist conn route-map only15

R5(config-router)# no redist connected

R5(config-router)# arrangement 10.0.0.0

R5(config-router)# arrangement 10.12.0.0 affectation 255.254.0.0

R5(config-router)# arrangement 10.14.0.0 affectation 255.255.0.0

R5(config-router)# ^Z

R5# bright ip bgp *

R5# sh ip bgp | activate network

Network Abutting Hop Metric LocPrf Weight Path

*> 10.14.0.0/16 0.0.0.0 0 32768 i

! Finally, auto-summary is re-enabled (not apparent in the example).

! 10.14.0.0/16 is still an exact match, so it is

! still injected. 10.0.0.0/8 is additionally injected because of the arrangement 10.0.0.0 command.

R5# sh ip bgp | activate network

Network Abutting Hop Metric LocPrf Weight Path

* 10.0.0.0 0.0.0.0 0 32768 i

* 10.14.0.0/16 0.0.0.0 0 32768 i

Example 11-6 Auto-Summary Appulse on Acquisition Tables (Continued)

BGP Messages and Neighbor States

BGP Messages and Neighbor States
The desired state for BGP neighbors is the established state. In that state, the routers have formed
a TCP connection, and they have exchanged Open messages, with the parameter checks having
passed. At this point, topology information can be exchanged using Update messages. Table 11-3
lists the BGP neighbor states, along with some of their characteristics. Note that if the IP addresses
mismatch, the neighbors settle into an active state.
BGP Message Types
BGP uses four basic messages. Table 11-4 lists the message types and provides a brief description
of each.
Table 11-3 BGP Neighbor States
State
Listen for
TCP?
Initiate
TCP?
TCP
Up?
Open
Sent?
Open
Received?
Neighbor
Up?
Idle No
Connect Yes
Active Yes Yes
Open sent Yes Yes Yes Yes
Open confirm Yes Yes Yes Yes Yes
Established Yes Yes Yes Yes Yes Yes
Table 11-4 BGP Message Types
Message Purpose
Open Used to establish a neighbor relationship and exchange basic parameters.
Keepalive Used to maintain the neighbor relationship, with nonreceipt of a keepalive message
within the negotiated Hold timer causing BGP to bring down the neighbor connection.
(The timers can be configured with the bgp timers keepalive holdtime subcommand or
the neighbor [ip-address | peer-group-name] timers keepalive holdtime BGP
subcommand.)
Building BGP Neighbor Relationships 353
Purposefully Resetting BGP Peer Connections
Example 11-3 shows how to reset neighbor connections by using the neighbor shutdown
command and, along the way, shows the various BGP neighbor states. The example uses routers
R1 and R6 from Figure 11-2, as configured in Example 11-2.
Message Purpose
Update Used to exchange routing information, as covered more fully in the next section.
Notification Used when BGP errors occur; causes a reset to the neighbor relationship when sent.
Example 11-3 Examples of Neighbor States
! R1 shuts down R6’s peer connection. debug ip bgp shows moving to a down state,
! which shows as “Idle (Admin)” under show ip bgp summary.
R1# debug ip bgp
BGP debugging is on for address family: BGP IPv4
R1# conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)# router bgp 123
R1(config-router)# neigh 10.1.16.6 shutdown
R1#
*Mar 4 21:01:45.946: BGP: 10.1.16.6 went from Established to Idle
*Mar 4 21:01:45.946: %BGP-5-ADJCHANGE: neighbor 10.1.16.6 Down Admin. shutdown
*Mar 4 21:01:45.946: BGP: 10.1.16.6 closing
R1# show ip bgp summary | include 10.1.16.6
10.1.16.6 4 678 353 353 0 0 0 00:00:06 Idle (Admin)
! Next, the no neighbor shutdown command reverses the admin state. The various
! debug messages (with some omitted) list the various states. Also note that the
! final message is the one log message in this example that occurs due to the
! default configuration of bgp log-neighbor-changes. The rest are the result of
! a debug ip bgp command.
R1# conf t
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)# router bgp 123
R1(config-router)# no neigh 10.1.16.6 shutdown
*Mar 4 21:02:16.958: BGP: 10.1.16.6 went from Idle to Active
*Mar 4 21:02:16.958: BGP: 10.1.16.6 open active, delay 15571ms
*Mar 4 21:02:29.378: BGP: 10.1.16.6 went from Idle to Connect
*Mar 4 21:02:29.382: BGP: 10.1.16.6 rcv message type 1, length (excl. header) 26
*Mar 4 21:02:29.382: BGP: 10.1.16.6 rcv OPEN, version 4, holdtime 180 seconds
*Mar 4 21:02:29.382: BGP: 10.1.16.6 went from Connect to OpenSent
*Mar 4 21:02:29.382: BGP: 10.1.16.6 sending OPEN, version 4, my as: 123, holdtime 180
seconds
*Mar 4 21:02:29.382: BGP: 10.1.16.6 rcv OPEN w/ OPTION parameter len: 16
BGP: 10.1.16.6 rcvd OPEN w/ remote AS 678
continues
Table 11-4 BGP Message Types (Continued)
*Mar 4 21:02:29.382: BGP: 10.1.16.6 went from OpenSent to OpenConfirm
*Mar 4 21:02:29.382: BGP: 10.1.16.6 send message type 1, length (incl. header) 45
*Mar 4 21:02:29.394: BGP: 10.1.16.6 went from OpenConfirm to Established
*Mar 4 21:02:29.398: %BGP-5-ADJCHANGE: neighbor 10.1.16.6 Up
All BGP neighbors can be reset with the clear ip bgp * exec command, which, like the neighbor
shutdown command, resets the neighbor connection, closes the TCP connection to that neighbor,
and removes all entries from the BGP table learned from that neighbor. The clear command will
be shown in the rest of the chapter as needed, including in coverage of how to clear just some
neighbors.
NOTE The clear command can also be used to implement routing policy changes without
resetting the neighbor completely, using a feature called soft reconfiguration. This feature is not
covered in detail in this book.

External BGP Neighbors

External BGP Neighbors
The physical topology between eBGP peers is often a single link, mainly because the connection
is between different companies in different autonomous systems. As a result, eBGP peering can
simply use the interface IP addresses for redundancy, because if the link fails, the TCP connection
will fail because there is no longer an IP route between the peers. For instance, in Figure 11-2, the
R1-R6 eBGP peering uses interface IP addresses defined in the neighbor commands.
When IP redundancy exists between two eBGP peers, the eBGP neighbor commands should use
loopback IP addresses to take advantage of that redundancy. For example, two parallel links exist
between R3 and R4. With neighbor commands that reference loopback addresses, either of
these links could fail, but the TCP connection would remain. Example 11-2 shows additional
configuration for the network in Figure 11-2, showing the use of loopbacks between R3 and R4,
and interface addresses between R1 and R6.
Example 11-2 Basic eBGP Configuration of Neighbors
! R1 Config—This example shows only commands added since Example 11-1.
router bgp 123
neighbor 172.16.16.6 remote-as 678
! R1 does not have a neighbor 172.16.16.6 update-source command configured. R1
! uses its s0/0/0.6 IP address, 172.16.16.1, because R1’s route to 172.16.16.6
! uses s0/0/0.6 as the outgoing interface, as seen below.
R1# show ip route 172.1.16.6
Routing entry for 172.16.16.0/24
Known via "connected", distance 0, metric 0 (connected, via interface)
Routing Descriptor Blocks:
* directly connected, via Serial0/0/0.6
Route metric is 0, traffic share count is 1
R1# show ip int brief | include 0/0/0.6
Serial0/0/0.6 172.16.16.1 YES manual up

350 Chapter 11: BGP
The eBGP configurations differ from iBGP configuration in a couple of small ways. First, the
neighbor remote-as commands refer to a different AS than does the router bgp command, which
implies that the peer is an eBGP peer. Second, R3 had to configure the neighbor 4.4.4.4 ebgpmultihop
2 command (and R4 with a similar command) or the peer connection would not have
formed. For eBGP connections, Cisco IOS defaults the IP packet’s TTL field to a value of 1, based
on the assumption that the interface IP addresses will be used for peering (like R1-R6 in Example 11-2).
In this example, if R3 had not used multihop, it would have sent packets to R4 with TTL 1.
R4 would have received the packet (TTL 1 at that point), then attempt to route the packet to its
loopback interface—a process that would decrement the TTL to 0, causing R4 to drop the packet.
So, even though the router is only one hop away, think of the loopback as being on the other side
of the router, requiring that extra hop.
Checks Before Becoming BGP Neighbors
Similar to IGPs, BGP checks certain requirements before another router may become a neighbor,
reaching the BGP established state. Most of the settings are straightforward; the only tricky part
relates to the use of IP addresses. The following list describes the checks that BGP performs when
forming neighbor relationships:
1. The router must receive a TCP connection request with a source address that the router finds
in a BGP neighbor command.
! R3 Config—Because R3 refers to R4’s loopback (4.4.4.4), and R4 is an eBGP
! peer, R3 and R4 have added the neighbor ebgp-multihop command to set TTL to 2.
! R3’s update source must be identified as its loopback in order to match
! R4’s neighbor 3.3.3.3 commands.
router bgp 123
neighbor 4.4.4.4 remote-as 45
neighbor 4.4.4.4 update-source loopback1
neighbor 4.4.4.4 ebgp-multihop 2
! R3 now has three working neighbors. Also note the three TCP connections, one for
! each BGP peer. Note that because R3 is listed using a dynamic port number, and
! R4 as using port 179, R3 actually initiated the TCP connection to R4.
R3# show ip bgp summary
BGP router identifier 3.3.3.3, local AS number 123
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 123 247 247 0 0 0 03:14:49 0
2.2.2.2 4 123 263 263 0 0 0 03:15:07 0
4.4.4.4 4 45 17 17 0 0 0 00:00:11 0
R3# show tcp brief
TCB Local Address Foreign Address (state)
649DD08C 3.3.3.3.179 2.2.2.2.43521 ESTAB
649DD550 3.3.3.3.179 1.1.1.1.27222 ESTAB
647D928C 3.3.3.3.21449 4.4.4.4.179 ESTAB
Example 11-2 Basic eBGP Configuration of Neighbors (Continued)
Building BGP Neighbor Relationships 351
2. A router’s ASN (on the router bgp asn command) must match the neighboring router’s
reference to that ASN with its neighbor remote-as asn command. (This requirement is not
true of confederation configurations.)
3. The BGP RIDs of the two routers must not be the same.
4. If configured, MD5 authentication must pass.
Figure 11-3 shows the first three items in the list graphically, with R3 initiating a BGP TCP
connection to R1. The circled numbers 1, 2, and 3 in the figure correspond to the item numbers in
the previous list. Note that R1’s check at Step 2 uses the neighbor command R1 identified as part
of Step 1.
Figure 11-3 BGP Neighbor Parameter Checking
In Figure 11-3, R3 initiates a TCP connection with its update source IP address (3.3.3.3) as the
source address of the packet. The first check occurs when R1 receives the first packet, looks at the
source IP address of the packet (3.3.3.3), and finds that address in a neighbor command. The
second check has R1 comparing R3’s stated ASN (in R3’s BGP Open message) to R1’s neighbor
command it identified at Step 1. Step 3 checks to ensure the BGP RIDs are unique, with the BGP
Open message stating the sender’s BGP RID.
While the check at Step 1 might seem intuitive, interestingly, the reverse bit of logic does not have
to be true for the neighbors to come up. For instance, if R1 did not have a neighbor 3.3.3.3
update-source 1.1.1.1 command, the process shown in Figure 11-3 would still work. Succinctly
put, only one of the two routers’ update source IP addresses needs to be in the other router’s
neighbor command for the neighbor to come up. Examples 11-1 and 11-2 showed the correct
update source on both routers, and that makes good sense, but it works with only one of the two.
R3 R1
RID
3.3.3.3
BGP Open
Message
RID
111.111.111.111
Note: R3’s Loopback IP Address is 3.3.3.3
Src.-IP
3.3.3.3
Dest.-IP
1.1.1.1
Dest.-Port
179
Syn
RID
3.3.3.3
ASN
123
TCP Reply (SYN, ACK)
TCP Connection Up (ACK)
router bgp 123
neigh 1.1.1.1 update-source loopback1
neigh 1.1.1.1 remote-as 123 neighbor 3.3.3.3 remote-as 123
1
2
3
BGP uses a keepalive timer to define how often that router sends BGP keepalive messages, and a
Hold timer to define how long a router will wait without receiving a keepalive message before
resetting a neighbor connection. The Open message includes each router’s stated keepalive timer.
If they do not match, each router uses the lower of the values for each of the two timers,
respectively. Mismatched settings do not prevent the routers from becoming neighbors.

Internal BGP Neighbors 391

Internal BGP Neighbors
A BGP router considers each neighbor to be either an internal BGP (iBGP) peer or an external
BGP (eBGP) peer. Each BGP router resides in a single AS, so neighbor relationships are either
with other routers in the same AS (iBGP neighbors) or with routers in other autonomous systems
(eBGP neighbors). The two types of neighbors differ only slightly in regard to forming neighbor
relationships, with more significant differences in how the type of neighbor (iBGP or eBGP)
impacts the BGP update process and the addition of routes to the routing tables.
iBGP peers often use loopback interface IP addresses for BGP peering to achieve higher
availability. Inside a single AS, the physical topology often has at least two routes between each
pair of routers. If BGP peers use an interface IP address for their TCP connections, and that
interface fails, there still might be a route between the two routers, but the underlying BGP TCP
connection will fail. Any time two BGP peers have more than one route through which they can
reach the other router, peering using loopbacks makes the most sense.
Several examples that follow demonstrate BGP neighbor configuration and protocols, beginning
with Example 11-1. The example shows some basic BGP configuration for iBGP peers R1, R2,
and R3 in AS 123, with the following features, based on Figure 11-2.

BGP Neighbor Summary Table
BGP Feature Description and Values
How is the source IP address used to reach a
neighbor determined?
Defined with the neighbor update-source
command; or, by default, uses the outgoing interface
IP address for the route used to reach the neighbor
How is the destination IP address used to reach
a neighbor determined?
Explicitly defined on the neighbor command
Auto-summary* Off by default, enabled with auto-summary router
subcommand
Neighbor authentication MD5 only, using the neighbor password command
* Cisco changed the IOS default for BGP auto-summary to be disabled as of Cisco IOS Software Release 12.3.

Building BGP Neighbor Relationships 347
Figure 11-2 Sample Network for BGP Neighbor Configuration
■ The three routers in ASN 123 will form iBGP neighbor relationships with each other
(full mesh).
■ R1 will use the bgp router-id command to configure its RID, rather than use a loopback.
■ R3 uses a peer-group configuration for neighbors R1 and R2. This allows fewer configuration
commands, and improves processing efficiency by having to prepare only one set of outbound
Update packets for the peer group. (Identical Updates are sent to all peers in the peer group.)
■ The R1-R3 relationship uses BGP MD5 authentication, which is the only type of BGP
authentication supported in Cisco IOS.
IBGP
IBGP
IBGP
EBGP
EBGP
Network 21.0.0.0/8
Subnet 22.1.1.0/24
R5
10.1.34.4
10.1.134.4 IBGP
10.1.34.3
10.1.134.3
172.16.16.6
172.16.16.1
ASN 678
ASN 123 ASN 45
R7
RID
111.111.111.111
R9
R4
R6 R8
EBGP IBGP
IGP
Network 31.0.0.0/8
Subnet 32.1.1.0/24
RID
3.3.3.3
RID
8.8.8.8
RID
9.9.9.9
RID
7.7.7.7
RID
6.6.6.6
RID
2.2.2.2
RID
5.5.5.5
RID
4.4.4.4
R3
R2
R1
348 Chapter 11: BGP
Example 11-1 Basic iBGP Configuration of Neighbors
! R1 Config—R1 correctly sets its update-source to 1.1.1.1 for both R2 and R3,
! in order to match the R2 and R3 neighbor commands. The first three highlighted
! commands below were not typed, but added automatically as defaults by IOS 12.3
!—in fact, IOS 12.3 docs imply that the defaults of sync and auto-summary at
! IOS 12.2 has changed to no sync and no auto-summary as of IOS 12.3. Also, R1
! knows that neighbors 2.2.2.2 and 3.3.3.3 are iBGP because their remote-as values
! match R1’s router BGP command.
interface Loopback1
ip address 1.1.1.1 255.255.255.255
!
router bgp 123
no synchronization
bgp router-id 111.111.111.111
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 123
neighbor 2.2.2.2 update-source Loopback1
neighbor 3.3.3.3 remote-as 123
neighbor 3.3.3.3 password secret-pw
neighbor 3.3.3.3 update-source Loopback1
no auto-summary
! R3 Config—R3 uses a peer group called “my-as” for combining commands related
! to R1 and R2. Note that not all parameters must be in the peer group: R3-R2 does
! not use authentication, but R3-R1 does, so the neighbor password command was
! not placed inside the peer group, but instead on a neighbor 1.1.1.1 command.
interface Loopback1
ip address 3.3.3.3 255.255.255.255
!
router bgp 123
no synchronization
bgp log-neighbor-changes
neighbor my-as peer-group
neighbor my-as remote-as 123
neighbor my-as update-source Loopback1
neighbor 1.1.1.1 peer-group my-as
neighbor 1.1.1.1 password secret-pw
neighbor 2.2.2.2 peer-group my-as
no auto-summary
! Next, R1 has two established peers, but the fact that the status is “established”
! is implied by not having the state listed on the right side of the output, under
! the heading State/PfxRcd. Once established, that column lists the number of
! prefixes learned via BGP Updates received from each peer. Note also R1’s
! configured RID, and the fact that it is not used as the update source.
R1# show ip bgp summary
BGP router identifier 111.111.111.111, local AS number 123
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2 4 123 59 59 0 0 0 00:56:52 0
3.3.3.3 4 123 64 64 0 0 0 00:11:14 0

A few features in Example 11-1 are particularly important. First, note that the configuration does
not overtly define peers as iBGP or eBGP. Instead, each router examines its own ASN as defined
on the router bgp command, and compares that value to the neighbor’s ASN listed in the
neighbor remote-as command. If they match, the peer is iBGP; if not, the peer is eBGP.
R3 in Example 11-1 shows how to use the peer-group construct to reduce the number of configuration
commands. BGP peer groups do not allow any new BGP configuration settings; they
simply allow you to group BGP neighbor configuration settings into a group, and then apply that
set of settings to a neighbor using the neighbor peer-group command. Additionally, BGP builds
one set of Update messages for the peer group, applying routing policies for the entire group—rather
than one router at a time—thereby reducing some BGP processing and memory overhead.

BGP -BGP AS_PATHs and Path Vector Logic

BGP

Like Interior Gateway Protocols (IGPs), BGP exchanges cartography advice in adjustment for routers

to eventually apprentice the best routes to a set of IP prefixes. Unlike IGPs, BGP does not use a metric

to baddest the best avenue amid alternating routes to the aforementioned destination. Instead, BGP uses several

BGP aisle attributes (PAs) and an complex accommodation action back allotment amid multiple

possible routes to the aforementioned subnet.

BGP uses the BGP free arrangement aisle (AS_PATH) PA as its absence metric apparatus when

none of the added PAs has been ever set and configured. Generally speaking, BGP uses PAs to

describe the characteristics of a route; this introduces and explains a advanced array of BGP PAs. The

AS_PATH aspect lists the path, as authentic by a arrangement of free arrangement numbers (ASNs)

through which a packet charge canyon to ability a prefix. Amount 11-1 shows an example.

Figure 11-1 BGP AS_PATHs and Aisle Agent Logic

Figure 11-1 shows a archetypal case of how BGP uses aisle agent argumentation to accept routes. In the figure, R1

learns of two AS_PATHs by which to ability 9.0.0.0/8—through ASNs 2-3 and through ASNs 5-4-3.

If none of the routers has acclimated acquisition behavior to access added PAs that access BGP’s

choice of which avenue is best, R1 will accept the beeline AS_PATH—in this case, AS_PATH 2-3.

In effect, BGP treats the AS_PATH as a vector, and the breadth of the agent (the cardinal of ASNs

in the path) determines the best route. With BGP, the appellation avenue still refers to acceptable hopby-

hop IP routes, but the appellation aisle refers to the arrangement of free systems acclimated to reach

a accurate destination.

ASN 2

ASN 5

ASN 1

ASN 3

Network

9.0.0.0/8

AS_PATH 2, 3

AS_PATH 5, 4, 3

ASN 4

This affiliate follows a agnate arrangement as several of the IGP chapters. First, the argument focuses on

neighbor relationships, followed by how BGP exchanges acquisition advice with its neighbors.

The affiliate ends with a area accoutrement how BGP adds IP routes to a router’s IP acquisition table

based on the BGP cartography table.

BGP-CCIE Routing

BGP
This chapter covers what might be the single most important topic on both the CCIE Routing
and Switching written and lab exams—Border Gateway Protocol (BGP) Version 4. This chapter
focuses on how BGP accomplishes its fundamental tasks:
1. Forming neighbor relationships
2. Injecting routes into BGP from some other source
3. Exchanging those routes with other routers
4. Placing routes into IP routing tables
All of these BGP topics have close analogies with those of BGP’s IGP cousins, but of course
there are many differences in the details.
This chapter focuses on how BGP performs its central role as a routing protocol.

Next Hop-Protocol on Which BGP Peers Communicate-Peering-Routing Information Base (RIB) and Routing Protocol Interaction

Blueprint capacity covered in

this chapter:

This affiliate covers the afterward subtopics from

the Cisco CCIE Routing and Switching written

exam blueprint. Refer to the abounding adapt in

Table I-1 in the Introduction for added capacity on

the capacity covered in anniversary affiliate and their

context aural the blueprint.

■ Protocol on Which BGP Peers Communicate

■ Next Hop

■ Peering

■ Troubleshooting a BGP Route That Will Not

Install in the Routing Table

■ Routing Information Base (RIB) and Routing

Protocol Interaction

Command Reference-Memory Builders

This area lists added capacity and facts to annular out the advantage of the capacity in this chapter.

Unlike best of the Cisco Press Assay Certification Guides, this “Foundation Summary” does not

repeat advice presented in the “Foundation Topics” area of the chapter. Please booty the

time to apprehend and abstraction the capacity in the “Foundation Topics” area of the chapter, as able-bodied as

review items acclaimed with a Key Topic icon.

Table 10-11 lists some of the best accordant Cisco IOS commands accompanying to the capacity in this

chapter. Also accredit to Tables 10-2 and 10-3 for the bout and set commands.

Table 10-11 Command Reference for Affiliate 10

Command Command Mode and Description

redistribute agreement [process-id] {level-1 | level-

1-2 | level-2} [as-number] [metric

metric-value] [metric-type type-value] [match

{internal | alien 1 | alien 2}] [tag

tag-value] [route-map map-tag] [subnets]

Router config mode; defines the acquisition agreement from which

to booty routes, several analogous parameters, and several things

that can be apparent on the redistributed routes.

ip prefix-list list-name [seq seq-value] {deny

network/length | admittance network/length}

[ge ge-value] [le le-value]

Global config mode; defines associates of a prefix list, which

match a prefix (subnet) and prefix breadth (subnet mask).

ip prefix-list list-name sequence-number

description text

Global config; sets a description to a band in a prefix list.

distance {ip-address {wildcard-mask}}

[ip-standard-list] [ip-extended-list]

Router config mode; identifies the avenue source, and an optional

ACL to ascertain a subnet of routes, for which this router’s AD is

changed. Influences the alternative of routes by selectively

overriding absence AD.

distance eigrp internal-distance externaldistance

EIGRP config; sets the AD for all centralized and alien routes.

distance ospf {[intra-area dist1] [inter-area

dist2] [external dist3]}

OSPF config; sets the AD for all intra-area, interarea, and

external routes.

ip summary-address eigrp as-number networkaddress

subnet-mask [admin-distance]

Interface mode; configures an EIGRP avenue summary.

ip summary-address rip ip-address

ip-network-mask

Interface mode; configures a RIP avenue summary.

area area-id ambit ip-address affectation [advertise |

not-advertise] [cost cost]

OSPF mode; configures an OSPF arbitrary amid areas.

summary-address abode affectation {level-1 |

level-1-2 | level-2}

IS-IS mode; configures an IP arbitrary route

Memory Builders 337

Memory Builders

The CCIE Acquisition and Switching accounting exam, like all Cisco CCIE accounting exams, covers a fairly

broad set of topics. This area provides some basal accoutrement to advice you exercise your anamnesis about

some of the broader capacity covered in this chapter.

Fill in Key Tables from Memory

Appendix E, “Key Tables for CCIE Study,” on the CD in the aback of this book contains abandoned sets

of some of the key arbitrary tables in anniversary chapter. Print Appendix E, accredit to this chapter’s tables

in it, and ample in the tables from memory. Accredit to Appendix F, “Solutions for Key Tables for CCIE

Study,” on the CD to analysis your answers.

Definitions

Next, booty a few moments to address bottomward the definitions for the afterward terms:

default route, avenue redistribution, alien route, accumulated route, avenue map, IP

prefix list, arbitrary route, basic route, aperture of aftermost resort

Refer to the comment to analysis your answers.

Using Avenue Summarization to Actualize Absence Routes

Generally speaking, avenue summarization combines abate abode ranges into a baby cardinal of

larger abode ranges. From that perspective, 0.0.0.0/0 is the better accessible summary, because it

includes all accessible IPv4 addresses. And, as it turns out, EIGRP avenue summarization supports

summarizing the 0.0.0.0/0 supernet, finer creating a absence route.

Because avenue summarization causes a absent avenue to be created for the summary, some Cisco

documentation advises adjoin application avenue summarization to actualize a absence route. For example,

in Figure 10-8, brainstorm that R9 is endemic by this network’s ISP, and R1 learns a absence route

(0.0.0.0/0) via EBGP from R9. However, back R1 configures an EIGRP absence avenue application route

summarization, R1 will additionally actualize a bounded avenue to 0.0.0.0/0 as well, but with destination null0.

The EBGP avenue has a college AD (20) than the EIGRP arbitrary avenue to null0 (AD 5), so R1 will

now alter its BGP-learned absence avenue with the arbitrary avenue to null0—preventing R1 from

being able to accelerate packets to the Internet.

Route summarization can still be acclimated to actualize absence routes with the able precautions. The

following account capacity a few of the requirements and options:

■ The bounded router creates a bounded arbitrary route, destination null0, application AD 5 (EIGRP), when

deciding if its avenue is the best one to add to the bounded acquisition table.

■ EIGRP advertises the arbitrary to added routers as AD 90 (internal).

■ This adjustment is not accurate by RIP and OSPF.

■ To affected the admonition of EIGRP’s absence avenue actuality set to absent by accepting a low AD, set

the AD college (as needed) with the ip summary-address command.

Example 10-11 lists a sample agreement on R1 again, this time creating arbitrary routes to

0.0.0.0/0 for EIGRP.

Example 10-11 EIGRP and IS-IS Agreement for Creating Absence Arbitrary Routes

! EIGRP avenue summarization is done beneath s0/0/0.4, the subnet affiliated to R4. In this

! example, the AD was afflicted to 7 (default 5) aloof to appearance how to change the AD. To

! abstain the botheration with the absence avenue to null0 on R1, the AD should accept been set

! college than the absence abstruse via BGP.

interface Serial0/0/0.4 point-to-point

ip abode 14.1.1.1 255.255.255.0

ip summary-address eigrp 1 0.0.0.0 0.0.0.0 7

! In this example, R1 has two sources for a bounded avenue to 0.0.0.0/0: EIGRP

! (AD 7, per the ip summary-address command), and BGP from R9

! (AD 20). R1 installs the EIGRP avenue based on the everyman AD.

R1# appearance ip avenue eigrp

14.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

D 14.1.2.0/24 [90/2172416] via 14.1.1.4, 00:01:03, Serial0/0/0.4

D 14.0.0.0/8 is a summary, 05:53:19, Null0

D* 0.0.0.0/0 is a summary, 00:01:08, Null0

! Next, R4’s EIGRP avenue shows AD 90, instead of the AD 7 configured at R1. AD is

! a bounded parameter—R4 uses its absence AD of 90 for centralized routes.

R4# appearance ip avenue eigrp

D* 0.0.0.0/0 [90/2172416] via 14.1.1.1, 00:01:14, Serial0/0/0.1

Using the ip default-network Command

RIP and EIGRP can inject absence routes by application the ip default-network command. To do so, the

following charge be accurate on the bounded router:

■ The bounded router charge configure the ip default-network net-number command, with netnumber

being a classful arrangement number.

■ The classful arrangement charge be in the bounded router’s IP acquisition table, via any means.

■ For EIGRP only, the classful arrangement charge be advertised by the bounded router into EIGRP, again

through any means.

■ This adjustment is not accurate by OSPF.

When application the ip default-network command, RIP and EIGRP alter in how they acquaint the

default. RIP advertises a avenue to 0.0.0.0/0, but EIGRP flags its avenue to the classful arrangement as a

candidate absence route. Because EIGRP flags these routes as candidates, EIGRP charge again also

be announcement those classful networks. However, because RIP does not banderole the classful network

as a applicant absence route, RIP does not absolutely accept to acquaint the classful network

referenced in the ip default-network command.

Example 10-10 shows the key aberration amid RIP and EIGRP with attention to the ip defaultnetwork

command. In this case, R1 will acquaint about classful arrangement 10.0.0.0 application EIGRP

due to the auto-summary command.

Static Absence Avenue with Avenue Redistribution

! EIGRP will acquaint classful arrangement 10.0.0.0/8 due to its arrangement command,

! analogous R1’s fa0/0 interface, and the auto-summary command. Also, R1 charge have

! a avenue to classful arrangement 10.0.0.0/8, in this case due to a changeless route.

! RIP will not acquaint classful arrangement 10.0.0.0/8, but it will still be able

! to inject a absence avenue based on the ip default-network command.

router eigrp 1

network 10.0.0.0

network 14.0.0.0

auto-summary

router rip

version 2

network 13.0.0.0

ip classless

ip default-network 10.0.0.0

ip avenue 10.0.0.0 255.0.0.0 10.1.1.102

! On R3, RIP learns a avenue to 0.0.0.0/0 as its default.

R3# appearance ip avenue rip

R* 0.0.0.0/0 [120/1] via 13.1.1.1, 00:00:19, Serial0/0/0.1

! On R4, agenda that EIGRP abstruse a avenue to 10.0.0.0/8, apparent with a * that

! flags the avenue as a applicant absence route.

R4# appearance ip route

! curve bare for brevity

ia - IS-IS inter area, * - applicant default, U - per-user changeless route

o - ODR, P - alternate downloaded changeless route

Gateway of aftermost resort is 14.1.1.1 to arrangement 10.0.0.0

D* 10.0.0.0/8 [90/2172416] via 14.1.1.1, 00:05:35, Serial0/0/0.1

14.0.0.0/24 is subnetted, 2 subnets

C 14.1.2.0 is anon connected, FastEthernet0/0

C 14.1.1.0 is anon connected, Serial0/0/0.1

Using the default-information arise Command

OSPF does not abutment redistribution of statically authentic absence routes. Instead, OSPF requires

the default-information arise router subcommand, which about tells OSPF to

redistribute any absence routes activate in the acquisition table, either changeless routes or routes from another

routing protocol. The afterward account summarizes the absence acquisition appearance back application the

default-information arise command with OSPF:

■ Redistributes any absence avenue (0.0.0.0/0) in the acquisition table.

■ The command can set the metric and metric blazon directly, with OSPF behind to amount 1 and

type E2.

■ OSPF allows the use of the consistently keyword, which agency a absence is sourced behindhand of

whether a absence avenue is in the acquisition table.

■ Not accurate by EIGRP.

■ Accurate by RIP, with some differences. (Refer to the argument afterward Archetype 10-9 for an

explanation of the differences.)

Example 10-9 shows an archetype of application the default-information arise command with

OSPF. In this case, R1 has abstruse a avenue to 0.0.0.0/0 via BGP from R9 in Figure 10-8.

As mentioned earlier, RIP does abutment the default-information arise command; however,

the command behaves hardly abnormally in RIP than it does in OSPF. With RIP, this command

creates and advertises a absence avenue if either no absence avenue exists or a absence avenue was learned

from addition acquisition protocol. However, if a changeless avenue to 0.0.0.0/0 is in the bounded acquisition table,

the default-information arise command does not account RIP to inject a default—the reason

behind this behavior is that RIP already supports redistribution of changeless routes, so redistribute

static should be acclimated in that case.

Static Absence Avenue with Avenue Redistribution

router ospf 1

network 15.0.0.0 0.255.255.255 breadth 0

default-information originate

! R5 has a absence route, behind to blazon E2, amount 1. It as advertised as a

! blazon 5 LSA.

R5# appearance ip avenue ospf

O*E2 0.0.0.0/0 [110/1] via 15.1.1.1, 00:18:07, Serial0/0.1

R5# sh ip ospf abstracts | activate Type-5

Type-5 AS External Link States

Link ID ADV Router Age Seq# Checksum Tag

0.0.0.0 1.1.1.1 1257 0x80000001 0x008C12 1

Default Routes 331 Using Static Routes to 0.0.0.0, with redistribute static

Default Routes 331
Using Static Routes to 0.0.0.0, with redistribute static
Routers consider a route to 0.0.0.0/0 as a default route. RIP and EIGRP support redistribution of
static routes, including such a default static route. The rules and conditions for redistributing static
defaults into RIP and EIGRP are as follows:
■ The static ip route 0.0.0.0 0.0.0.0 and redistribute static commands need to be configured
on the same local router.
■ The metric must be defaulted or set, using the same methods covered earlier in this chapter.
■ The redistribute command can refer to a route map, which examines all static routes (not just
the default).
■ EIGRP treats the default route as an external route by default, with default AD 170.
■ This method is not supported by OSPF.
Example 10-8 shows how R1 can inject defaults via RIP to R3 and via EIGRP to R4. The EIGRP
configuration refers to a route map that examines all static routes, matching only static default
routes. If other static routes existed, EIGRP would not advertise those routes based on the
route map.
Example 10-8 Static Default Route with Route Redistribution
! R1 Config—note that ip classless is configured, but it does not impact the
! advertisement of the static route at all.
router eigrp 1
redistribute static route-map just-default
network 10.0.0.0
network 14.0.0.0
default-metric 1544 10 1 1 1
!
router rip
version 2
redistribute static
network 13.0.0.0
default-metric 1
!
ip classless
! The static route is configured next, followed by the prefix list that matches
! the default route, and the route map that refers to the prefix list.
ip route 0.0.0.0 0.0.0.0 10.1.1.102
!
ip prefix-list zero-prefix seq 5 permit 0.0.0.0/0
!
route-map just-default permit 10
match ip address prefix-list zero-prefix
!
continues
route-map just-default deny 20
! Next, R3, the RIP router, lists R1 (13.1.1.1) as its gateway of last resort,
! based on the RIP route to 0.0.0.0/0, next hop 13.1.1.1.
R3# sh ip route
! Lines omitted for brevity
Gateway of last resort is 13.1.1.1 to network 0.0.0.0
13.0.0.0/24 is subnetted, 2 subnets
C 13.1.1.0 is directly connected, Serial0/0/0.1
C 13.1.2.0 is directly connected, FastEthernet0/0
R* 0.0.0.0/0 [120/1] via 13.1.1.1, 00:00:12, Serial0/0/0.1
! Next, R4, the EIGRP router, lists R1 (14.1.1.1) as its gateway of last resort,
! based on the EIGRP route to 0.0.0.0/0, next hop 14.1.1.1. Note that the default
! points to 0.0.0.0/0, AD 170, as it is an external route, due to the EX listed
! in the output of the show ip route command.
R4# sh ip route
! lines omitted for brevity
Gateway of last resort is 14.1.1.1 to network 0.0.0.0
D 10.0.0.0/8 [90/2172416] via 14.1.1.1, 00:01:30, Serial0/0/0.1
14.0.0.0/24 is subnetted, 2 subnets
C 14.1.2.0 is directly connected, FastEthernet0/0
C 14.1.1.0 is directly connected, Serial0/0/0.1
D*EX 0.0.0.0/0 [170/2172416] via 14.1.1.1, 00:01:30, Serial0/0/0.1

Default Routes

Default Routes
Routers forward packets using a default route when there are no specific routes that match a
packet’s destination IP address in the IP routing table. Routing protocols can advertise default
routes, with each router choosing the best default route to list as that router’s gateway of last resort.
This section covers how a router can create a default route and then cause an IGP to advertise the
default route.
In addition to the advertisement of default routes, each router may use one of two options for how
the default route is used. As described in Chapter 6, “IP Forwarding (Routing),” each router’s
configuration includes either the (default) ip classless command or the no ip classless command.
With ip classless, if a packet’s destination does not match a specific route in the IP routing table,
the router uses the default route. With no ip classless, the router first checks to see if any part of
the destination address’s classful network is in the routing table. If so, that router will not use the
default route for forwarding that packet.
Cisco IOS supports five basic methods of advertising default routes with IGPs, four of which are
covered here. One method for advertising a default route is for one routing protocol to redistribute
another routing protocol’s default route. Because route redistribution has already been covered
heavily, this section of the chapter covers other methods. Of the other four methods, not all are
supported by all IGPs, as you can see in Table 10-10.
NOTE The topic of default routing requires discussion of the configuration on one router, plus
configuration of the other routers using the same IGP. For this section, I will call the router with
the default routing configuration the “local” router, and other routers using the same IGP “other”
routers.
330 Chapter 10: IGP Route Redistribution, Route Summarization, and Default Routing
Interestingly, when a router learns of multiple default routes, using any of these methods, it will
use the usual process for choosing the best route: administrative distance, route type (per Table 10-9,
earlier in this chapter), and lowest metric, in that order.
Figure 10-8 shows a sample network used with all the default route examples, in which R1 is the
local router that configures the default routing commands.
Figure 10-8 Sample Network for Default Route Examples
Table 10-10 Four Methods for Learning Default Routes
Feature RIP EIGRP OSPF
Static route to 0.0.0.0, with the redistribute static command Yes Yes No
The default-information originate command Yes No Yes
The ip default-network command Yes Yes No
Using summary routes No Yes No
NOTE Table 10-10 has details that may be difficult to memorize. To make it easier, you could
start by ignoring the use of summary static routes, because it is not recommended by Cisco.
Then, note that RIP supports the other three methods, whereas EIGRP supports two methods
and OSPF supports only one—with EIGRP and OSPF not supporting any of the same options.
R1
R9
R3 R5
13.1.2.3/24
13.1.1.0/24 15.1.1.0/24
17.1.1.0/24
Fa0/0
15.1.2.5/24
Fa0/0
17.1.2.7/24
Fa0/0
RID 1.1.1.1
RID 5.5.5.5
.3
0/0/0.1
.5
.1 .1 0/0.1
.1 .1
.7
R4
14.1.1.4/24 14.1.1.0/24
10.1.1.102/24
Fa0/0
Fa0/0
.4
0/0/0.1
R7
RIP
Network 13.0.0.0
OSPF 1 (Two Areas, with R5 as ABR)
Network 15.0.0.0
IS-IS (Both Routers Are L2)
Network 17.0.0.0
EIGRP 1
Network 14.0.0.0

EIGRP Avenue Summarization

EIGRP provides the easiest and best aboveboard rules for summarizing routes as compared

with RIPv2, OSPF, and IS-IS. To abridge routes, the ip summary-address eigrp as-number

network-address subnet-mask [admin-distance] command is placed beneath an interface. If any of

the basic routes are in that router’s acquisition table, EIGRP advertises the arbitrary avenue out

that interface. The arbitrary is authentic by the network-address subnet-mask parameters.

One of the added absorbing appearance of the EIGRP arbitrary is the adeptness to set the AD of the

summary route. The AD is not advertised with the route; the summarizing router, however, uses

the configured AD to actuate whether the absent avenue for the arbitrary should be put into its

routing table. The EIGRP AD for arbitrary routes defaults to 5.

OSPF Route Summarization

OSPF Route Summarization
All OSPF routers in the same area must have identical LSDBs after flooding is complete. As a
result, all routers in the same OSPF area must have the same summary routes, and must be missing
the same component subnets of each summary. To make that happen, OSPF allows route
summarization only as routes are injected into an area, either by an ABR (inter-area routes) or by
an ASBR (external routes).
OSPF uses two different configuration commands to create the summary routes, depending on
whether the summary is for inter-area or external routes. Table 10-9 lists the two commands. Both
commands are configured under router ospf.
The commands have a couple of important attributes. First, the area range command specifies an
area; this area is the area in which the component subnets reside, with the summary being
advertised into all other areas. Also, the area range command can set the cost for the summary
route, instead of using the lowest cost of all component routes. Also, the not-advertise keyword
can essentially be used to filter the subnets implied by the summary, as covered in Chapter 9,
“OSPF.”
Where used Command
ASBR summary-address {{ip-address mask} | {prefix mask}} [not-advertise] [tag tag]
ABR area area-id range ip-address mask [advertise | not-advertise] [cost cost]
OSPF Route Summarization Commands

The summary-address command summarizes external routes as they are injected into OSPF as
an ASBR. The cost can be assigned, and the routes can be filtered using the not-advertise
keyword.

Route Summarization

Route Summarization
Route summarization creates a single route whose numeric range, as implied by the prefix/prefix
length, is larger than the one or more smaller component routes. For example, 10.1.0.0/16 is a
summary route that includes component subnets 10.1.1.0/24, 10.1.4.132/30, and any other subnets
with the range 10.1.0.0 through 10.1.255.255.
The following list details some of the key features that the three IGPs covered in this book have in
common with regard to how route summarization works (by default):
■ The advertised summary is assigned the same metric as the currently lowest-metric
component subnet.
■ The router does not advertise the component subnets.
■ The router does not advertise the summary when its routing table does not have any of the
component subnets.
■ The summarizing router creates a local route to the summary, with destination null0, to
prevent routing loops
NOTE I use the term component route to refer to a route whose range of IP addresses is a
subset of the range specified by a summary route; however, I have not seen this term in other
reference materials from Cisco.
Route Summarization 327
■ Summary routes reduce the size of routing tables and topology databases, indirectly
improving convergence.
■ Summary routes decrease the amount of specific information in routing tables, sometimes
causing suboptimal routing.
Figure 10-7 depicts the suboptimal-routing side effect when using route summarization. It also
depicts the effect of using a summary to null0 on the summarizing router.
Figure 10-7 Route Summarization Suboptimal Routing and Routing to Null0
In Figure 10-7, R4 learned two paths to summary route 10.0.0.0/8, and picked the route through
R3 based on the metric. Because R4 does not have a route for 10.2.2.0/24, R4 then sends any
packets to that subnet based on its route to network 10.0.0.0/8, through R3. So, although subnets
like 10.2.2.0/24 may be topologically closer to R4 through R1, R4 sends the packets via the scenic,
suboptimal route through R3.
Also note that R4’s summary route to 10.0.0.0/8 matches packets for which the component subnet
does not exist anywhere in the network. In that case, routers like R4 forward the packets based on
the larger summary, but once the packet reaches the router that created the summary, the packet is
discarded by the summarizing router due to its null route. For instance, Figure 10-7 shows R4
forwarding a packet destined to 10.3.3.1 to R3. R3 does not have a more specific route than its
route to 10.0.0.0/8, with next-hop interface null0. As a result, R3 discards the packet.
The sections that follow provide a few details about summarization with each routing protocol.
R3 R4
R1
Subnets That All
Begin with 10.1
R3 Routing Table:
10.1.1.0/24…
10.1.2.0/24…
10.2.2.0/24…
10.0.0.0/8, to null0
R4 Routing Table:
10.0.0.0/8, to R3
Subnets That All
Begin with 10.2
Subnet 10.2.2.0/24
Packet to 10.3.3.1
Packet to 10.2.2.1
Summary 10.0.0.0/8
Summary 10.0.0.0/8
Both packets match my
best route to 10.0.0.0/8,
which points to R3
• Packet to 10.3.3.1 matches
route to Null0 – Discard
• Packet to 10.2.2.1 matches
specific route – Forward
Represents Routing Updates
Represents Example Packets

Redistributing a Subset of Routes Application a Avenue Map

Route maps can be referenced by any redistribute command. The avenue map may absolutely let all

the routes through, ambience altered avenue attributes (for example, metrics) for altered routes. Or

it may bout some routes with a abjure clause, which prevents the avenue from actuality redistributed.

(Refer to Figure 10-1 for a analysis of avenue map logic.)

Figure 10-3 and Archetype 10-2 appearance an archetype of alternate redistribution amid EIGRP and

OSPF, with some routes actuality either filtered or afflicted application avenue maps.

Figure 10-3 OSPF and EIGRP Alternate Redistribution Application Avenue Maps

The afterward account capacity the requirements for redistribution from OSPF into EIGRP. These

requirements use R1’s perspective, because it is the router accomplishing the redistribution.

■ Routes with next-hop abode 15.1.1.5 (R5) should be redistributed, with avenue tag 5.

14.1.1.4/24 15.1.1.5

15.1.1.0/24

15.1.6.0/24

Fa0/0

15.1.2.5/24

Fa0/0

RID 1.1.1.1

RID 6.6.6.6

14.0.0.0 on the Left (EIGRP)

15.0.0.0 on the Right (OSPF)

From Added EIGRP Routers:

14.2.16.0/23

14.2.18.0/23

14.2.20.0/24

14.2.21.0/24

14.2.22.4/30

14.2.22.8/30

14.3.8.0/24 Tagged 99

14.3.9.0/24 Tagged 99

Externals:

15.6.11.0/24 (E1)

15.6.12.0/24 (E2)

314 Chapter 10: IGP Avenue Redistribution, Avenue Summarization, and Absence Routing

■ E1 routes sourced by R6 (RID 6.6.6.6) should be redistributed, and assigned a avenue tag of 6.

■ No added routes should be redistributed.

The requirements for redistributing routes from EIGRP into OSPF are as follows, afresh from R1’s

perspective:

■ Routes alpha with 14.2, and with masks /23 and /24, should be redistributed, with metric

set to 300.

■ Added routes alpha with 14.2 should not be redistributed.

■ Routes alpha with 14.3 should be redistributed, with avenue tag 99.

■ No added routes should be redistributed.

Most of the account of the agreement is provided in the comments in Archetype 10-2, with

a few added comments afterward the example.

Example 10-2 Avenue Redistribution Application Avenue Maps

! No metrics are set on the redistribute commands; either the absence metric

! is used, or the avenue maps set the metrics. The default-metric command

! sets the bare EIGRP metric ambit to “1” because article charge be

! configured, but the ethics are unimportant.

router eigrp 1

redistribute ospf 1 route-map ospf-into-eigrp

network 14.0.0.0

default-metric 1544 5 1 1 1

no auto-summary

! While this agreement strives to use added options besides the options

! anon on the redistribute command, back acclimated by OSPF, you charge still

! accommodate the subnets keyword for OSPF to apprentice subnets from added IGPs.

router ospf 1

router-id 1.1.1.1

redistribute eigrp 1 subnets route-map eigrp-into-ospf

network 15.0.0.0 0.255.255.255 breadth 0

! ACL A-14-3-x-x matches all addresses that activate 14.3. ACL A-15-1-1-5 matches

! absolutely IP abode 15.1.1.5. ACL A-6-6-6-6 matches absolutely abode 6.6.6.6.

ip access-list accepted A-14-3-x-x

permit 14.3.0.0 0.0.255.255

ip access-list accepted A-15-1-1-5

permit 15.1.1.5

ip access-list accepted A-6-6-6-6

permit 6.6.6.6

! The prefix lists matches prefixes in the ambit 14.2.0.0 through 14.2.255.255,

! with prefix breadth 23 or 24.

ip prefix-list e-into-o seq 5 admittance 14.2.0.0/16 ge 23 le 24

Route Redistribution 315

! route-map ospf-into-eigrp was alleged by the redistribute command beneath router

! eigrp, acceptation that it controls redistribution from OSPF into EIGRP.

! Article 10 matches OSPF routes whose abutting hop is 15.1.1.5, which is R5’s serial

! IP address. R1’s alone avenue that meets this belief is 15.1.2.0/24. This route

! will be redistributed because the route-map article 10 has a admittance action.

! The avenue tag is additionally set to 5.

route-map ospf-into-eigrp admittance 10

match ip next-hop A-15-1-1-5

set tag 5

! Article 15 matches OSPF routes whose LSAs are sourced by router with RID 6.6.6.6,

! namely R6, and additionally accept metric blazon E1. R6 sources two alien routes, but

! alone 15.6.11.0/24 is E1. The avenue is tagged 6.

route-map ospf-into-eigrp admittance 15

match ip route-source A-6-6-6-6

match route-type alien type-1

set tag 6

! route-map eigrp-into-ospf was alleged by the redistribute command beneath router

! ospf, acceptation that it controls redistribution from EIGRP into OSPF.

! Article 10 matches application a prefix list, which in about-face matches prefixes that begin

! with 14.2, and which accept either a /23 or /24 prefix length. By implication, it

! does not bout prefix breadth /30. The metric is set to 300 for these routes.

route-map eigrp-into-ospf admittance 10

match ip abode prefix-list e-into-o

set metric 300

! Article 18 matches routes that activate 14.3. They are tagged with a 99.

route-map eigrp-into-ospf admittance 18

match ip abode A-14-3-x-x

set tag 99

! Next, the archetype shows the routes that could be redistributed, and then

! shows the after-effects of the redistribution, pointing out which routes were

! redistributed. First, the archetype shows, on R1, all routes that R1 could

! try to redistribute into EIGRP.

R1# appearance ip avenue 15.0.0.0

Routing access for 15.0.0.0/24, 5 accepted subnets

Attached (2 connections)

Redistributing via eigrp 1

O E1 15.6.11.0 [110/84] via 15.1.6.6, 00:21:52, Serial0/0/0.6

O E2 15.6.12.0 [110/20] via 15.1.6.6, 00:21:52, Serial0/0/0.6

C 15.1.6.0 is anon connected, Serial0/0/0.6

O IA 15.1.2.0 [110/65] via 15.1.1.5, 00:21:52, Serial0/0/0.5

C 15.1.1.0 is anon connected, Serial0/0/0.5

! R4 sees alone two of the bristles routes from 15.0.0.0, because alone two akin either of

! the route-map clauses. The added three routes akin the absence abjure clause.

R4# appearance ip avenue 15.0.0.0

Routing access for 15.0.0.0/24, 2 accepted subnets

continues

Example 10-2 Avenue Redistribution Application Avenue Maps (Continued)

316 Chapter 10: IGP Avenue Redistribution, Avenue Summarization, and Absence Routing

Redistributing via eigrp 1

D EX 15.6.11.0 [170/2171136] via 14.1.1.1, 00:22:21, Serial0/0/0.1

D EX 15.1.2.0 [170/2171136] via 14.1.1.1, 00:22:21, Serial0/0/0.1

! Still on R4, the appearance ip eigrp cartography command displays the tag. This command

! filters the achievement so that aloof one band of achievement lists the tag values.

R4# sho ip eigrp topo 15.6.1.0 255.255.255.0 | incl tag

Administrator tag is 5 (0x00000005)

R4# sho ip eigrp topo 15.6.11.0 255.255.255.0 | incl tag

Administrator tag is 6 (0x00000006)

! Next, the archetype shows the accessible routes that could be redistributed from

! EIGRP into OSPF.

! The abutting command (R1) lists all routes that could be redistributed into OSPF.

R1# appearance ip avenue 14.0.0.0

Routing access for 14.0.0.0/8, 10 accepted subnets

Attached (1 connections)

Variably subnetted with 3 masks

Redistributing via eigrp 1, ospf 1

D 14.3.9.0/24 [90/2297856] via 14.1.1.4, 00:34:48, Serial0/0/0.4

D 14.3.8.0/24 [90/2297856] via 14.1.1.4, 00:34:52, Serial0/0/0.4

D 14.1.2.0/24 [90/2172416] via 14.1.1.4, 00:39:27, Serial0/0/0.4

C 14.1.1.0/24 is anon connected, Serial0/0/0.4

D 14.2.22.8/30 [90/2297856] via 14.1.1.4, 00:35:49, Serial0/0/0.4

D 14.2.20.0/24 [90/2297856] via 14.1.1.4, 00:36:12, Serial0/0/0.4

D 14.2.21.0/24 [90/2297856] via 14.1.1.4, 00:36:08, Serial0/0/0.4

D 14.2.16.0/23 [90/2297856] via 14.1.1.4, 00:36:34, Serial0/0/0.4

D 14.2.22.4/30 [90/2297856] via 14.1.1.4, 00:35:53, Serial0/0/0.4

D 14.2.18.0/23 [90/2297856] via 14.1.1.4, 00:36:23, Serial0/0/0.4

! Next, on R5, agenda that the two /30 routes alpha with 14.2 were correctly

! prevented from accepting into OSPF. It additionally filtered the redistribution of the

! two routes that activate with 14.1. As a result, R5 knows alone 6 routes in

! arrangement 14.0.0.0, admitting R1 had 10 subnets of that arrangement it could have

! redistributed. Additionally below, agenda that the /23 and /24 routes central 14.2 have

! metric 300.

R5# appearance ip avenue 14.0.0.0

Routing access for 14.0.0.0/8, 6 accepted subnets

Variably subnetted with 2 masks

O E2 14.3.9.0/24 [110/20] via 15.1.1.1, 00:22:41, Serial0/0.1

O E2 14.3.8.0/24 [110/20] via 15.1.1.1, 00:22:41, Serial0/0.1

O E2 14.2.20.0/24 [110/300] via 15.1.1.1, 00:22:41, Serial0/0.1

O E2 14.2.21.0/24 [110/300] via 15.1.1.1, 00:22:41, Serial0/0.1

O E2 14.2.16.0/23 [110/300] via 15.1.1.1, 00:22:41, Serial0/0.1

O E2 14.2.18.0/23 [110/300] via 15.1.1.1, 00:22:41, Serial0/0.1

! The appearance ip ospf database command confirms that the avenue tag was set

! correctly.

R5# appearance ip ospf abstracts alien 14.3.8.0 | incl Tag

External Avenue Tag: 99

Example 10-2 Avenue Redistribution Application Avenue Maps (Continued)

NOTE Avenue maps accept an adumbrated abjure article at the end of the avenue map. This implied

deny article matches all packets. As a result, any routes not akin in the absolutely configured

route-map clauses bout the adumbrated abjure clause, and are filtered. Both avenue maps in the

example acclimated the adumbrated abjure article to absolutely clarify the routes.