Differences

This shows you the differences between two versions of the page.

--- cisco:bgp [2006/05/28 22:44]
a
+++ cisco:bgp [2009/05/25 00:35] (current)
@@ Line 1: / Line 1: @@
 ====== Cisco BGP ======
-see also: **[[:networking]]**, **[[:cisco]]**
+see also: **[[:networking]]**, **[[:cisco]]**, **[[http://www.cymru.com/Documents/secure-bgp-template.html|Secure BGP template for Cisco]]**
 ----
@@ Line 61: / Line 61: @@
    match ip address 98 99 199
   route-map standardout permit 20
+===== Useful commands =====
+FIXME - styling (and more detailed)
+   Router# show ip bgp nei 172.16.0.2 received-routes
+and
+   Router# show ip bgp nei 172.16.0.2 routes
+and
+   Router# show ip bgp rib-failure
+===== Preventing AS from becoming Transit AS =====
+To prevent your AS from becoming a Transit AS, use following startegy
+Create a route map say ''“transit”'' in config mode
+   route-map transit permit 10
+   match as-path 1
+In config mode, use following command
+   ip as-path access-list 1 deny ^$
+This command will only allow routes with origin code “''i''” and filter all routes with incomplete as-path.
+Apply the above route-map  with neighbor statement
+   router bgp 64000
+   neighbor 2.2.2.2 route-map transit in
+Only routes with origin code” i” will enter your AS.
+===== AS-path prepending =====
+   router bgp 65001
+     neighbor 10.1.0.2 remote-as 65200
+     neighbor 10.1.0.2 description Backup ISP
+     neighbor 10.1.0.2 route-map prepend out
+    !
+    route-map prepend permit 10
+    set as-path prepend 65001 65001 65001
+===== Extracting BGP info with regular expressions =====
+**Short version:**
+   show ip bgp regexp [AS]$ - list all network paths with that AS
+   show ip bgp regexp _AS_ - match any route going through AS
+   show ip bgp regexp _AS AS_ - match any route passed through AS and AS
+   show ip bgp regexp _AS$ - match only routes originated in this AS
+To find all subnets originating from AS 100 (AS path ends with 100): \\
+\\
+''**Router# show ip bgp regexp _100$**''
+   ...
+      Network          Next Hop            Metric LocPrf Weight Path
+   *  10.1.0.0/30      172.16.0.6                             0 300 100 ?
+   *>                  172.16.0.1               0             0 100 ?
+   *  172.16.0.0/30    172.16.0.6                             0 300 100 ?
+   *                   172.16.0.1               0             0 100 ?
+   ...
+To find all subnets reachable via AS 100 (AS path begins with 100):\\
+\\
+**''Router# show ip bgp regexp ^100_''**
+   ...
+      Network          Next Hop            Metric LocPrf Weight Path
+   *> 10.1.0.0/30      172.16.0.1               0             0 100 ?
+   *  10.3.0.0/30      172.16.0.1                             0 100 300 ?
+   *  172.16.0.0/30    172.16.0.1               0             0 100 ?
+   *> 172.16.0.8/30    172.16.0.1               0             0 100 ?
+   ...
+To find all routes traversing AS 100:\\
+\\
+**''Router# show ip bgp regexp _100_''**
+   ...
+      Network          Next Hop            Metric LocPrf Weight Path
+   *  10.1.0.0/30      172.16.0.6                             0 300 100 ?
+   *>                  172.16.0.1               0             0 100 ?
+   *  10.3.0.0/30      172.16.0.1                             0 100 300 ?
+   *  172.16.0.0/30    172.16.0.6                             0 300 100 ?
+   ...
+If you need to further filter the output, use quote-regexp instead. For example, to find all 172.x.x.x routes originating from AS 100: \\
+\\
+''**Router# show ip bgp quote-regexp "_100$" | include ^.  172\.**''
+    ...
+    *  172.16.0.0/30    172.16.0.6                             0 300 100 ?
+    *  172.31.0.1/32    172.16.0.6                             0 300 100 ?
+Or, to find all subnets currently being reached via AS 100: \\
+**''Router# show ip bgp quote-regexp "^100_" | i ^.>''**
+    ...
+    *> 10.1.0.0/30      172.16.0.1               0             0 100 ?
+    *> 172.16.0.8/30    172.16.0.1               0             0 100 ?
+    *> 172.31.0.1/32    172.16.0.1               0             0 100 ?