Routing

Expand all | Collapse all

EBGP and IBGP setup on Juniper

  • 1.  EBGP and IBGP setup on Juniper

    Posted 19 days ago
    We have a simple setup where we run EBGP with our ISP to learn default route. This is setup as follows:

    show configuration protocols bgp
    group ISP{
    type external;
    family inet {
    unicast;
    }
    export connected-static;
    peer-as 22222;
    local-as 64333;
    neighbor 172.31.255.89;
    }


    We are also running static route with next hop to customer router to learn some more range:


    show configuration routing-options static
    route 10.80.48.0/20 next-hop 10.80.48.33;
    route 172.26.82.128/28 next-hop 10.80.48.33;
    route 172.22.174.144/28 next-hop 10.80.48.33;



    A requirement has come up to run EBGP with customer too to learn these routes. My question is do we just setup new neihbor within existing group ISP and send default to this customer and learn all these ranges with a policy statement only allowing above ranges OR do we need to setup IBGP with customer. 


    I have tried EBGP with the following@:




    show | compare
    [edit protocols bgp group ISP]
    neighbor 172.31.255.89 { ... }
    + neighbor 10.80.48.33 {
    + import CUST_002-PLL048-A;
    + export default;
    + peer-as 65002;
    + }
    [edit policy-options]
    + policy-statement CUST_002-PLL048 {
    + term accept {
    + from {
    + route-filter 10.80.48.0/20 exact;
    + route-filter 172.26.82.128/28 exact;
    + route-filter 172.22.174.144/28 exact;
    + }
    + then accept;
    + }
    + then reject;
    + }
    + policy-statement default {
    + term default-originate {
    + from {
    + protocol static;
    + route-filter 0.0.0.0/0 exact;
    + }
    + then accept;
    + }
    + then reject;
    + }









    ------------------------------
    junos sky
    ------------------------------


  • 2.  RE: EBGP and IBGP setup on Juniper

     
    Posted 19 days ago
    Communications between internal and ISP will be eBGP because they are in different AS.

    Your configuration looks good for the ISP side.  Naturally the customer side will have the policies in the reverse position where the default is the import policy and CUST_002-PLL048 the export one.

    you can confirm operations for the routes using
    export
    show route advertising-protocol bgp 10.80.48.33
    import
    show route receive-protocol bgp 10.80.48.33


    ------------------------------
    Steve Puluka BSEET - Juniper Ambassador
    IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
    http://puluka.com/home
    ------------------------------



  • 3.  RE: EBGP and IBGP setup on Juniper

    Posted 18 days ago
    @spuluka Thanks for coming back to me.

    Am I okay to setup eBGP with customer own router or do I need to setup iBGP . Customer is willing to use their own private ASN number so I guess above config I setup is correct. 
    They are also looking to only receive default route while advertise above three private ranges to us.


    ​​

    ------------------------------
    junos sky
    ------------------------------



  • 4.  RE: EBGP and IBGP setup on Juniper

    Posted 18 days ago
    just as a general rule of thumb I would keep peers with the same functionality under the same group. meaning I would create a separate group for my "internal connection" wether its iBGP or eBGP. This gives you some room/ flexibility to be a bit more creative if specific config is required for each group. 

    To answer your question, you can achieve this by either iBGP or eBGP, there are a few caveats to both that you need to take into account. for a simple setup I suggest using iBGP, that is if I understood you correctly and the BGP session in question is between 2 routers owned by the same entity (your customer). make sure to use one of the few methods available to change prefix next-hop as you advertise them over iBGP :)

    hope this helps!


  • 5.  RE: EBGP and IBGP setup on Juniper

    Posted 18 days ago
      |   view attached
    @ali.taheri thanks for getting back.
    The setup is quite simple eBGP with ISP which I have already pasted config above.  I think you are right for creating a separate routing protocol group for BGP with customer. As customer wants to use their own ASN number therefore we will do a separate group for BGP with them.

    Please can you confirm how to advertised default route learned via ISP group to customer group  and vice versa.


    BGP with ISP eBGP
    how configuration protocols bgp
    group ISP{
    type external;
    family inet {
    unicast;
    }
    export connected-static;
    peer-as 22222;
    local-as 64333;
    neighbor 172.31.255.89;
    }


    BGP with customer router A :


    how configuration protocols bgp
    group Customer{
    type external;
    family inet {
    unicast;
    }
    export connected-static;
    peer-as 65001;
    local-as 64333;
    neighbor 10.190.14.33;
    }

    ​How do we advertise routes from ISP to Customer group ?


    ------------------------------
    junos sky
    ------------------------------



  • 6.  RE: EBGP and IBGP setup on Juniper

    Posted 18 days ago
    Hi,
    its pretty simple but before we start please note the following:
    - for the sake of this scenario I will refer to the 3 routers as ISP, R1 and R2. 
    - I have used the 3 prefix you showed previously. please note these are NOT public routes and typically are not accepted by ISP's.
    - ISP's typically accept public routes with /24 or shorter, so anything with cidr longer than /24 (/25 /26 /27 /28 . . . ) will not be accepted AFAIK. Confirm this again with your ISP :)
    - This solution assumes eBGP is used between R1/R2, per your preference. if converting iBGP then the solution will slightly change.
    - The following config must be added to R1.
    - R2 in turn needs some sort of export policy to advertise routers to R1

    first we need import/export policy for ISP (you had these covered but I still included them for easier understanding): the import policy is not required as the eBGP routes are accepted by default
    set policy-options policy-statement export-to-isp term 1 from protocol bgp
    set policy-options policy-statement export-to-isp term 1 from route-filter 10.80.48.0/20 exact
    set policy-options policy-statement export-to-isp term 1 from route-filter 172.26.82.128/28 exact
    set policy-options policy-statement export-to-isp term 1 from route-filter 172.22.174.144/28 exact
    set policy-options policy-statement export-to-isp term 1 then accept
    
    set policy-options policy-statement import-from-isp term 1 from protocol bgp
    set policy-options policy-statement import-from-isp term 1 from route-filter 0.0.0.0/0 exact
    set policy-options policy-statement import-from-isp term 1 then accept​

    Apply the import/export policy under bgp group ISP accordingly.

    Next we need import/export policy towards R2. Again, the import policy is not really needed but I recommend including them as you might need to change some parameters as you import routes. 

    set policy-options policy-statement export-to-R2 term 1 from protocol bgp
    set policy-options policy-statement export-to-R2 term 1 from route-filter 0.0.0.0/0 exact
    set policy-options policy-statement export-to-R2 term 1 then accept
    
    set policy-options policy-statement import-from-R2 term 1 from protocol bgp
    set policy-options policy-statement import-from-R2 term 1 from route-filter 10.80.48.0/20 exact
    set policy-options policy-statement import-from-R2 term 1 from route-filter 172.26.82.128/28 exact
    set policy-options policy-statement import-from-R2 term 1 from route-filter 172.22.174.144/28 exact
    set policy-options policy-statement import-from-R2 term 1 then accept​

    Apply the import/export policy under bgp group R1 accordingly.

    Thats it! hope this helps :) 




  • 7.  RE: EBGP and IBGP setup on Juniper

    Posted 11 days ago
    @ali.taher ​i that worked absolutely fine. Only problem I am having now is when advertising routes from customer to ISP none of the routes are getting advertised. I have updated below with ISP peer:

    how configuration protocols bgp
    group ISP{
    type external;
    family inet {
    unicast;
    }
    export [connected-staticimport-from-R2]
    peer-as 22222;
    local-as 64333;
    neighbor 172.31.255.89;

    Is there anything I am missing here?

    Thanks

    ------------------------------
    junos sky
    ------------------------------



  • 8.  RE: EBGP and IBGP setup on Juniper

    Posted 11 days ago
    Hi, glad I was able to help.
    please provide the following output:
    show configuration policy-options policy-statement ​connected-static
    show configuration policy-options policy-statement ​import-from-R2
    show route received-protocol bgp <R2-IP>
    show route advertising-protocol bgp <ISP-IP>



  • 9.  RE: EBGP and IBGP setup on Juniper

    Posted 11 days ago
    @ali.taheri thanks for pointing me in the right direction.
    My policy-statement ​connected-static

    didnt include bgp so I have change the following:




    [edit policy-options policy-statement connected-static term connected from]
    - protocol [ direct static ];
    + protocol [ direct static bgp ];

    and now I can see my routes advertised to ISP




    show route advertising-protocol bgp 172.31.255.101 table inet.0



    * 172.22.234.0/24 Self 67002 65402 65400 I
    * 172.22.250.0/24 Self 67002 65402  65400 I



    ------------------------------
    junos sky
    ------------------------------