BGP Confederation

The implementation of BGP Confederations reduces the iBGP mesh inside an AS. The trick is to divide an AS into multiple ASs and assign the whole group to a single confederation. Each AS alone has iBGP fully meshed and has connections to other ASs inside the confederation. Even though these ASs have eBGP peers to ASs within the confederations, the ASs exchange routing as if they used iBGP. In this way, the confederation preserves next hop, metric, and local preference information. To the outside world, the confederation appears to be a single AS.

In order to configure a BGP confederation, issue this command:
bgp confederation identifier autonomous-system
The confederation identifier is the AS number of the confederation group.

The execution of this command performs peering between multiple ASs within the confederation:
bgp confederation peers autonomous-system [autonomous-system]
Here is an example of confederation:
Confederation

Assume that you have an AS500 that consists of nine BGP speakers. Other non-BGP speakers exist also, but you only have interest in the BGP speakers that have eBGP connections to other ASs. If you want to make a full iBGP mesh inside AS500, you need nine peer connections for each router. You need eight iBGP peers and one eBGP peer to external ASs.

If you use confederation, you can divide AS500 into multiple ASs: AS50, AS60, and AS70. You give the AS a confederation identifier of 500. The outside world sees only one AS, AS500. For each of AS50, AS60, and AS70, you define a full mesh iBGP peers, and you define the list of confederation peers with the bgp confederation peers command.

Here is a sample configuration of routers RTC, RTD, and RTA:

Note: RTA has no knoledge of AS50, AS60, or AS70. RTA has only knowledge of AS500.


RTC#
router bgp 50
bgp confederation identifier 500
bgp confederation peers 60 70
neighbor 128.213.10.1 remote-as 50
neighbor 128.213.20.1 remote-as 50
neighbor 129.210.11.1 remote-as 60
neighbor 135.212.14.1 remote-as 70
neighbor 5.5.5.5 remote-as 100
RTD#
router bgp 60
bgp confederation identifier 500
bgp confederation peers 50 70
neighbor 129.210.30.2 remote-as 60
neighbor 128.213.30.1 remote-as 50
neighbor 135.212.14.1 remote-as 70
neighbor 6.6.6.6 remote-as 600
RTA#
router bgp 100
neighbor 5.5.5.4 remote-as 500


Comments

Popular posts from this blog

Specifying SSH port in Ansible Inventory

Ansible-Playbook to display output of multiple show commands (using stdout_lines with Loop)

Filtering Routes in BGP using Route-maps and Prefix-list

Ansible Playbook for Network OS Upgrade with pre and post checks

Bypassing Proxy Server in Google Chrome

VMware NSX Traffic Flow — East-West & North-South

Ansible-playbook for backing up running config of Cisco IOS

Export or Backup Azure Network Security Groups into CSV using PowerShell