BGP Multihop Sessions
Understanding EBGP Multihop
BGP is an exterior gateway protocol (EGP) that is used to exchange routing information among routers in different autonomous systems (ASs). The following are two ways of establishing EBGP multihop between routers:
When external BGP (EBGP) peers are not directly connected to each other, they must cross one or more non-BGP routers to reach each other.
Configuring multihop EBGP enables the peers to pass through the other routers to form peer relationships and exchange update messages. This type of configuration is typically used when a Juniper Networks routing device needs to run EBGP with a third-party router that does not allow direct connection of the two EBGP peers. EBGP multihop enables a neighbor connection between two EBGP peers that do not have a direct connection.
The default behavior for an EBGP connection is to peer over a single physical hop using the physical interface address of the peer. In some cases, it is advantageous to alter this default, one-hop, physical peering EBGP behavior. One such case is when multiple physical links connect two routers that are to be EBGP peers. In this case, if one of the point-to-point links fails, reachability on the alternate link still exists.
In figure 1, router R1 belongs to AS 1 and router R2 belongs to AS 2. The two physical links between the routers is used for load balancing. The EBGP multihop peering works with one physical link as well.
The following configuration example helps to establish a single BGP peering session across these multiple physical links:
Each router must establish the peering session with the loopback address of the remote router. You can configure this session using the
local-addressstatement, which alters the peer address header information in the BGP packets.Use the
multihopstatement to alter the default use of the neighbor's physical address. In addition, you can also specify a time-to-live (TTL) value in the BGP packets to control how far they propagate. We use a TTL value of 1 to ensure that the session cannot be established across any other backdoor links in the network.Note:When multihop is configured, the Junos OS sets the TTL value of 64, by default.
A TTL value of 1 is sufficient to enable an EBGP session to the loopback address of a directly connected neighbor.
Each router must have IP routing capability to the remote router's loopback address. This capability is often accomplished by using a static route to map the loopback address to the interface physical addresses.
[edit protocols bgp group ext-peers]
type external;
local-address 192.168.3.4;
neighbor 172.16.128.1 {
multihop ttl 1;
}
[edit routing-options]
static {
route 172.16.128.1 next-hop (10.10.1.1 | 10.10.2.1);
}
See Also
Example: Configuring EBGP Multihop Sessions
This example shows how to configure an external BGP (EBGP) peer that is more than one hop away from the local router. This type of session is called a multihop BGP session.
Requirements
No special configuration beyond device initialization is required before you configure this example.
Overview
The configuration to enable multihop EBGP sessions requires connectivity between the two EBGP peers. This example uses static routes to provide connectivity between the devices.
Unlike directly connected EBGP sessions in which physical addresses are typically used in the neighbor statements, you must use loopback interface addresses for multihop EBGP by specifying the loopback interface address of the indirectly connected peer. In this way, EBGP multihop is similar to internal BGP (IBGP).
Finally, you must add the multihop statement. Optionally, you can set a maximum time-to-live (TTL) value with the ttl statement. The TTL is carried in the IP header of BGP packets. If you do not specify a TTL value, the system’s default maximum TTL value is used. The default TTL value is 64 for multihop EBGP sessions. Another option is to retain the BGP next-hop value for route advertisements by including the no-nexthop-change statement.
Figure 2 shows a typical EBGP multihop network.
Device C and Device E have an established EBGP session. Device D is not a BGP-enabled device. All of the devices have connectivity via static routes.
Configuration
CLI Quick Configuration
To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.
Device C
set interfaces fe-1/2/0 unit 9 description to-D set interfaces fe-1/2/0 unit 9 family inet address 10.10.10.9/30 set interfaces lo0 unit 3 family inet address 192.168.40.4/32 set protocols bgp group external-peers type external set protocols bgp group external-peers multihop ttl 2 set protocols bgp group external-peers local-address 192.168.40.4 set protocols bgp group external-peers export send-static set protocols bgp group external-peers peer-as 18 set protocols bgp group external-peers neighbor 192.168.6.7 set policy-options policy-statement send-static term 1 from protocol static set policy-options policy-statement send-static term 1 then accept set routing-options static route 10.10.10.14/32 next-hop 10.10.10.10 set routing-options static route 192.168.6.7/32 next-hop 10.10.10.10 set routing-options router-id 192.168.40.4 set routing-options autonomous-system 17
Device D
set interfaces fe-1/2/0 unit 10 description to-C set interfaces fe-1/2/0 unit 10 family inet address 10.10.10.10/30 set interfaces fe-1/2/1 unit 13 description to-E set interfaces fe-1/2/1 unit 13 family inet address 10.10.10.13/30 set interfaces lo0 unit 4 family inet address 192.168.6.6/32 set routing-options static route 192.168.40.4/32 next-hop 10.10.10.9 set routing-options static route 192.168.6.7/32 next-hop 10.10.10.14 set routing-options router-id 192.168.6.6
Device E
set interfaces fe-1/2/0 unit 14 description to-D set interfaces fe-1/2/0 unit 14 family inet address 10.10.10.14/30 set interfaces lo0 unit 5 family inet address 192.168.6.7/32 set protocols bgp group external-peers multihop ttl 2 set protocols bgp group external-peers local-address 192.168.6.7 set protocols bgp group external-peers export send-static set protocols bgp group external-peers peer-as 17 set protocols bgp group external-peers neighbor 192.168.40.4 set policy-options policy-statement send-static term 1 from protocol static set policy-options policy-statement send-static term 1 then accept set routing-options static route 10.10.10.8/30 next-hop 10.10.10.13 set routing-options static route 192.168.40.4/32 next-hop 10.10.10.13 set routing-options router-id 192.168.6.7 set routing-options autonomous-system 18
Device C
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the Junos OS CLI User Guide.
To configure Device C:
Configure the interface to the directly connected device (to-D), and configure the loopback interface.
[edit interfaces fe-1/2/0 unit 9] user@C# set description to-D user@C# set family inet address 10.10.10.9/30 [edit interfaces lo0 unit 3] user@C# set family inet address 192.168.40.4/32
Configure an EBGP session with Device E.
The
neighborstatement points to the loopback interface on Device E.[edit protocols bgp group external-peers] user@C# set type external user@C# set local-address 192.168.40.4 user@C# set export send-static user@C# set peer-as 18 user@C# set neighbor 192.168.6.7
Configure the multihop statement to enable Device C and Device E to become EBGP peers.
Because the peers are two hops away from each other, the example uses the
ttl 2statement.[edit protocols bgp group external-peers] user@C# set multihop ttl 2
Configure connectivity to Device E, using static routes.
You must configure a route to both the loopback interface address and to the address on the physical interface.
[edit routing-options] user@C# set static route 10.10.10.14/32 next-hop 10.10.10.10 user@C# set static route 192.168.6.7/32 next-hop 10.10.10.10
Configure the local router ID and the autonomous system (AS) number.
[edit routing-options] user@C# set router-id 192.168.40.4 user@C# set autonomous-system 17
Configure a policy that accepts direct routes.
Other useful options for this scenario might be to accept routes learned through OSPF or local routes.
[edit policy-options policy-statement send-static term 1] user@C# set from protocol static user@C# set then accept
Results
From configuration mode, confirm your configuration by entering the show interfaces, show protocols, show policy-options, and show routing-options commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.
user@C# show interfaces
fe-1/2/0 {
unit 9 {
description to-D;
family inet {
address 10.10.10.9/30;
}
}
}
lo0 {
unit 3 {
family inet {
address 192.168.40.4/32;
}
}
}
user@C# show protocols
bgp {
group external-peers {
type external;
multihop {
ttl 2;
}
local-address 192.168.40.4;
export send-static;
peer-as 18;
neighbor 192.168.6.7;
}
}
user@C# show policy-options
policy-statement send-static {
term 1 {
from protocol static;
then accept;
}
}
user@C# show routing-options
static {
route 10.10.10.14/32 next-hop 10.10.10.10;
route 192.168.6.7/32 next-hop 10.10.10.10;
}
router-id 192.168.40.4;
autonomous-system 17;
If you are done configuring the device, enter commit from configuration mode. Repeat these steps for all BGP sessions in the topology.
Configuring Device D
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the Junos OS CLI User Guide.
To configure Device D:
Set the CLI to Device D.
user@host> set cli logical-system D
Configure the interfaces to the directly connected devices, and configure a loopback interface.
[edit interfaces fe-1/2/0 unit 10] user@D# set description to-C user@D# set family inet address 10.10.10.10/30 [edit interfaces fe-1/2/1 unit 13] user@D# set description to-E user@D# set family inet address 10.10.10.13/30 [edit interfaces lo0 unit 4] user@D# set family inet address 192.168.6.6/32
Configure connectivity to the other devices using static routes to the loopback interface addresses.
On Device D, you do not need static routes to the physical addresses because Device D is directly connected to Device C and Device E.
[edit routing-options] user@D# set static route 192.168.40.4/32 next-hop 10.10.10.9 user@D# set static route 192.168.6.7/32 next-hop 10.10.10.14
Configure the local router ID.
[edit routing-options] user@D# set router-id 192.168.6.6
Results
From configuration mode, confirm your configuration by entering the show interfaces and show routing-options commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.
user@D# show interfaces
fe-1/2/0 {
unit 10 {
description to-C;
family inet {
address 10.10.10.10/30;
}
}
}
fe-1/2/1 {
unit 13 {
description to-E;
family inet {
address 10.10.10.13/30;
}
}
}
lo0 {
unit 4 {
family inet {
address 192.168.6.6/32;
}
}
}
user@D# show protocols
user@D# show routing-options
static {
route 192.168.40.4/32 next-hop 10.10.10.9;
route 192.168.6.7/32 next-hop 10.10.10.14;
}
router-id 192.168.6.6;
If you are done configuring the device, enter commit from configuration mode. Repeat these steps for all BGP sessions in the topology.
Configuring Device E
Step-by-Step Procedure
The following example requires you to navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the Junos OS CLI User Guide.
To configure Device E:
Set the CLI to Device E.
user@host> set cli logical-system E
Configure the interface to the directly connected device (to-D), and configure the loopback interface.
[edit interfaces fe-1/2/0 unit 14] user@E# set description to-D user@E# set family inet address 10.10.10.14/30 [edit interfaces lo0 unit 5] user@E# set family inet address 192.168.6.7/32
Configure an EBGP session with Device E.
The
neighborstatement points to the loopback interface on Device C.[edit protocols bgp group external-peers] user@E# set local-address 192.168.6.7 user@E# set export send-static user@E# set peer-as 17 user@E# set neighbor 192.168.40.4
Configure the
multihopstatement to enable Device C and Device E to become EBGP peers.Because the peers are two hops away from each other, the example uses the
ttl 2statement.[edit protocols bgp group external-peers] user@E# set multihop ttl 2
Configure connectivity to Device E, using static routes.
You must configure a route to both the loopback interface address and to the address on the physical interface.
[edit routing-options] user@E# set static route 10.10.10.8/30 next-hop 10.10.10.13 user@E# set static route 192.168.40.4/32 next-hop 10.10.10.13
Configure the local router ID and the autonomous system (AS) number.
[edit routing-options] user@E# set router-id 192.168.6.7 user@E# set autonomous-system 18
Configure a policy that accepts direct routes.
Other useful options for this scenario might be to accept routes learned through OSPF or local routes.
[edit policy-options policy-statement send-static term 1] user@E# set from protocol static user@E# set then accept
Results
From configuration mode, confirm your configuration by entering the show interfaces, show protocols, show policy-options, and show routing-options commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.
user@E# show interfaces
fe-1/2/0 {
unit 14 {
description to-D;
family inet {
address 10.10.10.14/30;
}
}
}
lo0 {
unit 5 {
family inet {
address 192.168.6.7/32;
}
}
}
user@E# show protocols
bgp {
group external-peers {
multihop {
ttl 2;
}
local-address 192.168.6.7;
export send-static;
peer-as 17;
neighbor 192.168.40.4;
}
}
user@E# show policy-options
policy-statement send-static {
term 1 {
from protocol static;
then accept;
}
}
user@E# show routing-options
static {
route 10.10.10.8/30 next-hop 10.10.10.13;
route 192.168.40.4/32 next-hop 10.10.10.13;
}
router-id 192.168.6.7;
autonomous-system 18;
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
Verifying Connectivity
Purpose
Make sure that Device C can ping Device E, specifying the loopback interface address as the source of the ping request.
The loopback interface address is the source address that BGP will use.
Action
From operational mode, enter the ping 10.10.10.14 source 192.168.40.4 command from Device C, and enter the ping 10.10.10.9 source 192.168.6.7 command from Device E.
user@C> ping 10.10.10.14 source 192.168.40.4 PING 10.10.10.14 (10.10.10.14): 56 data bytes 64 bytes from 10.10.10.14: icmp_seq=0 ttl=63 time=1.262 ms 64 bytes from 10.10.10.14: icmp_seq=1 ttl=63 time=1.202 ms ^C --- 10.10.10.14 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.202/1.232/1.262/0.030 ms
user@E> ping 10.10.10.9 source 192.168.6.7 PING 10.10.10.9 (10.10.10.9): 56 data bytes 64 bytes from 10.10.10.9: icmp_seq=0 ttl=63 time=1.255 ms 64 bytes from 10.10.10.9: icmp_seq=1 ttl=63 time=1.158 ms ^C --- 10.10.10.9 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max/stddev = 1.158/1.206/1.255/0.049 ms
Meaning
The static routes are working if the pings work.
Verifying That BGP Sessions Are Established
Purpose
Verify that the BGP sessions are up.
Action
From operational mode, enter the show bgp summary command.
user@C> show bgp summary Groups: 1 Peers: 1 Down peers: 0 Table Tot Paths Act Paths Suppressed History Damp State Pending inet.0 2 0 0 0 0 0 Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped... 192.168.6.7 18 147 147 0 1 1:04:27 0/2/2/0 0/0/0/0
user@E> show bgp summary Groups: 1 Peers: 1 Down peers: 0 Table Tot Paths Act Paths Suppressed History Damp State Pending inet.0 2 0 0 0 0 0 Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped... 192.168.40.4 17 202 202 0 1 1:02:18 0/2/2/0 0/0/0/0
Meaning
The output shows that both devices have one peer each. No peers are down.
Viewing Advertised Routes
Purpose
Check to make sure that routes are being advertised by BGP.
Action
From operational mode, enter the show route advertising-protocol bgp neighbor command.
user@E> show route advertising-protocol bgp 192.168.6.7 inet.0: 5 destinations, 7 routes (5 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 10.10.10.14/32 Self I * 192.168.6.7/32 Self I
user@C> show route advertising-protocol bgp 192.168.40.4 inet.0: 5 destinations, 7 routes (5 active, 0 holddown, 0 hidden) Prefix Nexthop MED Lclpref AS path * 10.10.10.8/30 Self I * 192.168.40.4/32 Self I
Meaning
The send-static routing policy is exporting the static routes from the routing table into BGP. BGP is advertising these routes between the peers because the BGP peer session is established.