Configure BGP Peers or Peer Groups

Configure peers and peer groups to simplify BGP configuration and make updates more efficient.

BGP speakers can have many neighbors configured with similar update policies. For example, many neighbors use the same distribute lists, filter lists, outbound route maps, and update source. Group the neighbors that use the same update policies into peer groups and peer associations.

Note

Note

  • If required, route policies exist.

  • You configure BGPv4 on a VRF instance the same way you configure the GlobalRouter, except that you must use VRF Router Configuration mode and the prefix ip bgp. The VRF must have an RP Trigger of BGP.

  • Route refresh is not currently supported on non-default VRFs.

  • Not all parameters are supported on non-default VRFs.

About this task

Many of the command variables in this procedure use default values. You can accept the default values or change them to customize the configuration.

Procedure

  1. Enter BGP Router Configuration mode:

    enable

    configure terminal

    router bgp

  2. Create a peer or peer group:

    neighbor WORD<0–1536>

  3. Apply a route policy to all incoming routes:

    For BGPv4: neighbor WORD<0–1536> in-route-map WORD<0-256>

    For BGPv6: neighbor WORD<0–1536> ipv6–in-route-map WORD<0-256>

  4. Apply a route policy to all outgoing routes:

    For BGPv4: neighbor WORD<0–1536> out-route-map WORD<0-256>

    For BGPv6: neighbor WORD<0–1536> ipv6–out-route-map WORD<0-256>

  5. Optional: Configure the source IP address:

    neighbor WORD<0–1536> update-source WORD<1–256>

  6. Enable MD5 authentication (for BGPv4):

    neighbor WORD<0–1536> MD5-authentication enable

  7. Specify an MD5 authentication password (for BGPv4):

    neighbor password <nbr_ipaddr|peer-group-name> WORD<0-1536>

  8. Change the default values for other command variables as required.
  9. Enable the configuration:

    neighbor WORD<0–1536> enable

Example

Create a peer or a peer group:

Switch(router-bgp)# neighbor peergroupa

Apply a route policy (in-route-map or out-route-map) to all incoming or outgoing routes:

Switch(router-bgp)# neighbor peergroupa in-route-map map1 out-route-map map2

Configure the source IP address:

Switch(router-bgp)# neighbor peergroupa update-source 192.0.2.1

Enable MD5 authentication:

Switch(router-bgp)# neighbor peergroupa MD5–authentication enable

Specify an MD5 authentication password:

Switch(router-bgp)# neighbor password peergroupa password

Enable the configuration:

Switch(router-bgp)# neighbor peergroupa enable

Variable Definitions

The following table defines parameters for the neighbor command.

Variable

Value

address-family <ipv6>

Enables the IPv6 address family on BGP neighbor.

Switch(router-bgp)# neighbor peergroupa address-family ipv6

advertisement-interval <5-120>

Specifies the time interval, in seconds, that transpires between each transmission of an advertisement from a BGP neighbor. The default value is 5 seconds.

Switch(router-bgp)# neighbor peergroupa advertisement-interval 26 enable

The route advertisement interval feature is implemented using the time stamp that indicates when each route is advertised. The time stamp is marked to each route so that the route advertisement interval is compared to the time stamp and BGP is then able to make a decision about whether the route advertisement can be sent or it should be delayed when a better route is received. This feature does not work for a withdraw route because the route entry is already removed when the processing route advertisement is sent and the time stamp marked in the route entry cannot be obtained.

allow-as-in

Allows BGP to inject updates.

default-ipv6–originate

Enables IPv6 BGP neighbor default originate.

Switch(router-bgp)# neighbor peergroupa default-ipv6–originate

default-originate

Enables the switch to send a default route advertisement to the specified neighbor. A default route does not need to be in the routing table. The default value is disable.

Do not use this command if default-information originate is globally enabled.

Switch(router-bgp)# neighbor peergroupa default-originate enable peer-group test

ebgp-multihop

Enables a connection to a BGP peer that is more than one hop away from the local router. The default value is disable.

Switch(router-bgp)# neighbor peergroupa ebgp-multihop retry-interval 3 timers 4 5

enable

Enables the BGP neighbor.

fall-over bfd

Enable fall-over Bidirectional Forwarding Detection (BFD).

in-route-map WORD<0-256>

Applies a route policy rule to all incoming routes that are learned from, or sent to, the peers or peer groups of the local router. The local BGP router is the BGP router that allows or disallows routes and configures attributes in incoming or outgoing updates.

WORD<0-256> is an alphanumeric string length (0–256 characters) that indicates the name of the route map or policy.

Switch(router-bgp)# neighbor peergroupa in-route-map map1 address-family ipv6

ipv6-in-route-map WORD <0–256>

Creates IPv6 in route map. WORD <0–256> specifies the route map name in the range of 0 to 256 characters.

Switch(router-bgp)# neighbor peergroupa ipv6– in-route-map map1

ipv6-max-prefix <0-2147483647>

Configures a limit on the number of routes that the router can accept from a neighbor. The default value is 12000 routes. A value of 0 (zero) indicates that no limit exists.

ipv6–out-route-map WORD <0–256>

Creates IPv6 out route map. WORD <0–256> specifies the route map name in the range of 0 to 256 characters.

Switch(router-bgp)# neighbor peergroupa ipv6–out-route-map map2

max-prefix <0-2147483647>

Configures a limit on the number of routes that the router can accept from a neighbor. The default value is 12000 routes. A value of 0 (zero) indicates that no limit exists.

Switch(router-bgp)# neighbor peergroupa max-prefix 158 in-route-map map1 out-route-map map2

MD5-authentication enable

Enables TCP MD5 authentication between two peers. The default value is disable.

neighbor-debug mask WORD<1-100>

Displays specified debug information for a BGP peer. The default value is none.

<WORD 1-100> is a list of mask choices separated by commas with no space between choices. For example:{<mask>,<mask>,<mask>...}.

Mask choices are:

  • none disables all debug messages.

  • all enables all debug messages.

  • error enables display of debug error messages.

  • packet enables display of debug packet messages.

  • event enables display of debug event messages.

  • trace enables display of debug trace messages.

  • warning enables display of debug warning messages.

  • state enables display of debug state transition messages.

  • init enables display of debug initialization messages.

  • filter enables display of debug messages related to filtering.

  • update enables display of debug messages related to sending and receiving updates.

Switch(router-bgp)# neighbor peergroupa neighbor-debug-mask event,trace,warning,state

next-hop-self

When enabled, specifies that the next-hop attribute in an iBGP update is the address of the local router or the router that generates the iBGP update. The default value is disable.

You can only configure this variable if the neighbor is disabled.

Switch(router-bgp)# neighbor peergroupa next-hop-self out-route-map map2 peer-group peergroupb

out-route-map WORD<0-256>

Applies a route policy rule to all outgoing routes that are learned from, or sent to, the peers or peer groups of the local router. The local BGP router is the BGP router that allows or disallows routes and configures attributes in incoming or outgoing updates.

WORD<0-256> is an alphanumeric string length (0–256 characters) that indicates the name of the route map or policy.

peer-group <WORD 0-1536>

Adds a BGP peer to the specified subscriber group. You must create the specified subscriber group before you use this command.

remote-as <WORD 0-11>

Configures the remote AS number of a BGP peer or a peer-group. You must disable the admin-state before you can configure this variable.

Switch(router-bgp)# neighbor peergroupa remote-as As-number

<WORD 0-11> is an alphanumeric string length (0–11 characters) that indicates the AS number.

remove-private-as enable

Strips private AS numbers when an update is sent.

The default value is enable.

retry-interval <1-65535>

Configures the time interval, in seconds, for the ConnectRetry timer. The default value is 120 seconds.

Switch(router-bgp)# neighbor 198.51.100.2 retry-interval 34

You can configure the retry interval for BGP neighbors only; you cannot configure the retry interval for BGP peer groups.

route-reflector-client

Configures the specified neighbor or group of neighbors as a route reflector client. The default value is disable. All configured neighbors become members of the client group and the remaining iBGP peers become members of the nonclient group for the local route reflector.

Note:

This variable only applies to VRF 0.

Switch(router-bgp)# neighbor

route-refresh

Enables route refresh for the BGP peer. If enabled, a route refresh request received by a BGP speaker causes the speaker to resend all route updates it contains in its database that are eligible for the peer that issues the request.

Note:

This variable only applies to VRF 0.

send-community

Enables the switch to send the update message community attribute to the specified peer. The default value is disable.

site-of-origin

Specifies a site of origin that is added to the extended communities list in each route from a specific peer.

soft-reconfiguration-in enable

Enables the router to relearn routes from the specified neighbor or group of neighbors without restarting the connection after the policy changes in the inbound direction. The default value is disable.

timers <0-21845> <0-65535>

Configures timers, in seconds, for the BGP speaker for this peer.

<0-21845> is the keepalive time. The default is 60. As a best practice, configure a value of 30 seconds.

<0-65535> is the hold time. The default is 180.

Switch(router-bgp)# neighbor peergroupa timers 4 6

update-source WORD<1–256>

Specifies the source IPv4 address {A.B.C.D.} or IPv6 address to use when the system sends BGP packets to this peer or peer group. You must disable the admin-state before you can configure this variable.

Switch(router-bgp)# neighbor peergroupa update-source 192.0.2.2 weight 560

weight <0-65535>

Specifies the weight of a BGP peer or peer group, or the priority of updates the router can receive from that BGP peer. The default value is 0. If you have particular neighbors that you want to use for most of your traffic, you can assign a higher weight to all routes learned from that neighbor.

WORD<0-1536>

Specifies the peer IP address or the peer group name.