bgp: static on steroids?

not exactly... it's a dynamic routing protocol that's not dynamic, that's all... you have to do everything...

3 routers, 3 as's, ebgp...

first establish an igp; how about ospf ?

ospf is a decent choice...

r1#sh ip route ospf

Gateway of last resort is not set

      2.0.0.0/32 is subnetted, 1 subnets
O        2.2.2.2 [110/2] via 10.1.1.2, 00:06:15, FastEthernet0/0
      3.0.0.0/32 is subnetted, 1 subnets
O        3.3.3.3 [110/3] via 10.1.1.2, 00:06:15, FastEthernet0/0
      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O        10.1.1.4/30 [110/2] via 10.1.1.2, 00:06:15, FastEthernet0/0

bgp is not lit up yet, but we know r3 is reachable by r1 because the routing table says so...

r1#ping 3.3.3.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/13/32 ms
r1#debug ip tcp trans
TCP special event debugging is on
r1#


establishing a tcp connection is vital...word has it ebgp is usually set up with loopbacks, that makes sense to me... but we don't want to use a static route since we want bgp to do at least some of the work... when we set up the first neighbor we go into the listen state...

r1(config)#router bgp 100
r1(config-router)#neighbor 2.2.2.2 remote-as 200
r1(config-router)#
*Oct 29 18:08:38: TCB67A81330 created
*Oct 29 18:08:38: TCB67A81330 setting property TCP_PMTU (10) 674C8BE4
*Oct 29 18:08:38: TCB67A81330 setting property TCP_TOS (1) 674C8BF0
*Oct 29 18:08:38: TCB67A81330 setting property TCP_VRFTABLEID (14) 67A80FB8
*Oct 29 18:08:38: TCB67A81330 setting property TCP_IN_TTL (27) 674C8BC8
*Oct 29 18:08:38: TCB67A81330 setting property TCP_OUT_TTL (28) 674C8BC8
*Oct 29 18:08:38: TCB67A81330 setting property TCP_OUT_TTL (28) 67A811D6
*Oct 29 18:08:38: TCB67A81330 bound to 0.0.0.0.179
*Oct 29 18:08:38: TCB67A81330 setting property TCP_ACCESS_CHECK (5) 602F59E0
*Oct 29 18:08:38: TCB67A81330 setting property TCP_MD5KEY (2) 0
r1(config-router)#
*Oct 29 18:08:38: TPA: Reserved port 179 in Transport Port Agent for TCP IP type 1
*Oct 29 18:08:38: TCB67A81330 listening with queue 1

we want the update source to be the loopbacks all the way around, and because it's ebgp, we have to use the ebgp multihop statement...

r1(config-router)#neighbor 2.2.2.2 update-sour lo0
r1(config-router)#neighbor 2.2.2.2 ebgp-multihop 3

when we perform this on r1, tcp simply complains in the debugs, as expected...

we need to get r2 in the game...

just adding the neighbor remote statement doesn't get it... we need the update and the multihop also...

r2(config)#router bgp 200
r2(config-router)#neighb 1.1.1.1 remote-as 100
r2(config-router)#neigh 1.1.1.1 update-s lo0
r2(config-router)#neighb 1.1.1.1 ebgp-multihop 3
r2(config-router)#
*Oct 29 18:21:03: %BGP-5-ADJCHANGE: neighbor 1.1.1.1 Up

this is a great verification...

r2(config-router)#do sh tcp brie all           
TCB       Local Address               Foreign Address             (state)
68977010  2.2.2.2.28228               1.1.1.1.179                  ESTAB
67F46CE4  0.0.0.0.179                 1.1.1.1.*                    LISTEN

i've already configured different loopback addresses to advertise as networks not advertised already by ospf...

the last pieces of the puzzle are, setting the rest of the neighbor statements on r2 and r3, and adding the bgp only networks...

r2(config-router)#neighbor 3.3.3.3 remote-as 300
r2(config-router)#neighbor 3.3.3.3 update-s lo0
r2(config-router)#neighbor 3.3.3.3 ebgp-multi 3

r3(config-router)#neighb 2.2.2.2 remote-as 200
r3(config-router)#neighb 2.2.2.2 update-sour lo0
r3(config-router)#neighb 2.2.2.2 ebgp-multi 3
r3(config-router)#
*Oct 29 18:28:55: %BGP-5-ADJCHANGE: neighbor 2.2.2.2 Up

then finally, advertise the lo1 networks we created for bgp only...

r1#sh run | sec router
router ospf 1
 network 1.1.1.0 0.0.0.255 area 0
 network 10.1.1.0 0.0.0.3 area 0
router bgp 100
 bgp log-neighbor-changes
 network 192.168.1.0
 neighbor 2.2.2.2 remote-as 200
 neighbor 2.2.2.2 ebgp-multihop 3
 neighbor 2.2.2.2 update-source Loopback0
r1#

r2#sh ip bgp
BGP table version is 4, local router ID is 192.168.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
 *>  192.168.1.0      1.1.1.1                  0             0 100 i
 *>  192.168.2.0      0.0.0.0                  0         32768 i
 *>  192.168.3.0      3.3.3.3                  0             0 300 i

beautiful... no static routes...

r1#sh ip route bgp

Gateway of last resort is not set

B     192.168.2.0/24 [20/0] via 2.2.2.2, 00:02:00
B     192.168.3.0/24 [20/0] via 2.2.2.2, 00:02:00

r2#sh ip route bgp

Gateway of last resort is not set

B     192.168.1.0/24 [20/0] via 1.1.1.1, 00:03:16
B     192.168.3.0/24 [20/0] via 3.3.3.3, 00:03:17

r3#sh ip route bgp

Gateway of last resort is not set

B     192.168.1.0/24 [20/0] via 2.2.2.2, 00:02:11
B     192.168.2.0/24 [20/0] via 2.2.2.2, 00:02:42

and b's up the ass...

r1#ping 192.168.3.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/8/8 ms

with the network statements be sure to use the mask for networks that fall outside classful boundaries, meaning vlsm... since we are using a class C address without vlsm, the mask statement is unnecessary in this case...

r2#sh run | sec bgp
router bgp 200
 bgp log-neighbor-changes
 network 192.168.2.0
 neighbor 1.1.1.1 remote-as 100
 neighbor 1.1.1.1 ebgp-multihop 3
 neighbor 1.1.1.1 update-source Loopback0
 neighbor 3.3.3.3 remote-as 300
 neighbor 3.3.3.3 ebgp-multihop 3
 neighbor 3.3.3.3 update-source Loopback0