Do you have your own /24 IP subnet and want to setup a BGP router? This article will gave a basic overview of the key components required. The syntax used is for an IOS 12.2 Cisco 6500 series, but is applicable to a 7600 series, a 7200 series, or even a 1800 or 2800 series router.
1. The /24 subnet we are announcing is 184.108.40.206/24.
2. The IPv4 WAN Subnet from our upstream BGP provider is 220.127.116.11/30.
3. Upstream BGP peer’s AS is 1000, and our AS is 17500
So to begin, we assume our BGP uplink is delivered to us via a basic Cat5 handoff. This handoff has a static WAN subnet of 18.104.22.168/30 – our side of the WAN is 22.214.171.124 and the provider’s side of the WAN is 126.96.36.199. That also means our default GW is 188.8.131.52.
We connect this Cat5 uplink to FastEthernet7/1 on our 6500. Now we need to go into the 6500 series router, config the WAN link, then do all the BGP configs so we can start using our /24 subnet.
We login with enable access and go to configuration mode:
Cisco6500# config -t
We know setup the WAN link:
Cisco6500(config)# interface FastEthernet7/1
Cisco6500(config)# desc BGP Uplink
Cisco6500(config)# ip address 184.108.40.206 255.255.255.252
Cisco6500(config)# no shutdown
We set the default route:
Cisco6500(config)# ip route 0.0.0.0 0.0.0.0 220.127.116.11 250
At this point our router is live and we should be able to ping out to the internet. In order to use our own /24 and AS we need to setup a BGP session with our upstream, let get started:
Cisco6500(config)# router bgp 17500
The above effectively “creates” the BGP service on our end acting as AS 17500, we now need to config it. We are inside the router statement, so every command from this point on effects only the BGP config. We have to exit out to return to the main config.
Cisco6500(config-router)# bgp log-neighbor-changes
Cisco6500(config-router)# neighbor 18.104.22.168 remote-as 1000
Cisco6500(config-router)# neighbor 22.214.171.124 ebgp-multihop 5
Cisco6500(config-router)# neighbor 126.96.36.199 password ABC123
Quick recap of the above. We are telling our BGP service about our first neighbor or “peer”. The peer address 188.8.131.52 is the WAN side IP of our upstream, we specify that our peers AS is 1000, we specify a BGP session password (this is optional, and must be configured to match on the other end), the ebgp-multihop 5 entry is also potentially optional, but I like to add it just in case there are any hops between myself and my peer.
Now we configure the IPv4 portion of the BGP config. In order to do that, we go one more level down in the config by entering the following:
Cisco6500(config-router)# address-family ipv4
This puts you into a sub-config menu, and your prompy will change. From here we can add the IP details of our BGP session:
Cisco6500(config-router-af)# neighbor 184.108.40.206 activate
Cisco6500(config-router-af)# neighbor 220.127.116.11 next-hop-self
Cisco6500(config-router-af)# neighbor 18.104.22.168 send-community
Cisco6500(config-router-af)# neighbor 22.214.171.124 soft-reconfiguration inbound
Cisco6500(config-router-af)# neighbor 126.96.36.199 filter-list 1 in
Cisco6500(config-router-af)# neighbor 188.8.131.52 filter-list 15 out
The first line activates IPv4 on the session. The next three lines are pretty basic and normal. The soft-reconfiguration line is required if you want to be able to do soft resets of the BGP session to grab updates from the other side or vice versa. The last two lines are tricky, but basically, the control what we will allow in and what we allow out from our router. I will describe these filter lists below after we are down with the main BGP config. The following lines finish out out IPv4 portion of the config:
Cisco6500(config-router-af)# no auto-summary
Cisco6500(config-router-af)# no synchronization
Cisco6500(config-router-af)# network 184.108.40.206 mask 255.255.255.0
The last line here is our IPv4 announcement. Now we exit out of the address-family sub-config, and the bgp router sub-config:
This returns us to the menu config menu. At this point our BGP session is 95% percent complete, just a few loose ends to finish up. Mainly, we have to create those in and out filter lists rules for the BGP prefixes we will allow in and out. We add the following:
Cisco6500(config)# ip as-path access-list 1 permit .*
Cisco6500(config)# ip as-path access-list 15 permit ^$
Cisco6500(config)# ip as-path access-list 15 permit ^(17500_)+$
Access list 1 basically permits everything in, which is want we want. Access list 15 permits our AS 17500 to go out. Last but not least, we need to locally null route our IP announcement:
Cisco6500(config)# ip route 220.127.116.11 255.255.255.0 Null0 250
Cisco6500(config)# write mem
At this point our BGP router is live, you can verify with the following command:
Cisco6500# sh ip bgp summary
BGP router identifier 18.104.22.168, local AS number 17500
BGP table version is 27807253, main routing table version 27807253
187089 network entries using 18895989 bytes of memory
203251 path entries using 9756048 bytes of memory
48641 BGP path attribute entries using 2724008 bytes of memory
39260 BGP AS-PATH entries using 1076272 bytes of memory
58 BGP community entries using 1392 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
61132 BGP filter-list cache entries using 733584 bytes of memory
BGP using 33187293 total bytes of memory
8 received paths for inbound soft reconfiguration
BGP activity 4186733/3980758 prefixes, 6186177/5962957 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
22.214.171.124 4 1000 10948679 267030 27806888 0 0 7w2d 174293
With your BGP router live and running, you can start using your IP space on any interface by simply assign a subnet of your choosing, for example:
Cisco6500(config)# interface FastEthernet7/2
Cisco6500(config)# desc Mail Server
Cisco6500(config)# ip address 126.96.36.199 255.255.255.248
Cisco6500(config)# no shutdown
This creates a 188.8.131.52/29 subnet on interface 7/2 with 184.108.40.206 acting as the default gateway. Simply connect a server to that port and it will be live with a usable IP in the .2 through .6 (.7 is reserved for the broadcast).