BGP TEST WITH 100% CORRECT SOLUTIONS
N WLLA OMNI - ANSWER N - Next hop reachable?
W - Weight
L - Local pref
L - Locally injected routes
A - AS_Path
O - Origin (I, E or ?)
M - MED
N - Neighbor type (eBGP over iBGP)
I - IGP metric to next-hop
Minimum eBGP configuration? - ANSWER router bgp <ASN>
neighbor <IP> remote-as <REMOTE_ASN>
Requirements for eBGP neighbors? - ANSWER * Local ASN must match the remote-as
configured on the neighbor.
* BGP router IDs must not be the same
* MD5 authentication must pass if configured
* The routers must form a TCP connection (port 179) between the IPs used in the
respective neighbor statements.
How is the BGP router ID chosen? - ANSWER * Configured using the bgp router-id
command
* Highest loopback interface
* Highest other interface
How would you configure BGP to use a loopback address on each end? - ANSWER
neighbor <IP> update-source <SOURCE_INT>
neighbor <IP> ebgp multihop <HOP_COUNT>
Where IP is the neighbor's loopback IP, SOURCE_INT is our loopback interface and
HOP_COUNT is 2.
What is multihop? - ANSWER The TTL for the TCP connection defaults to one so it will
,only cross one segment by default.
neighbor <IP> ebgp multihop <TTL> will set the TTL to a higher value. For instance,
multihop 2 would allow you to reach a loopback interface on a neighboring router.
How do you authenticate a BGP connection? - ANSWER Configure each router with a
pre-shared key for it's neighbor.
neighbor <IP> password <PSK>
List the BGP neighbor states. - ANSWER Idle - admin down or awaiting the next retry
Connect - waiting for TCP connection to complete
Active - TCP connection complete but no BGP messages sent
Opensent - TCP connection exists and BGP Open message sent but no matching Open
received from peer
Openconfirm - Open message sent and matching
Open received. Keepalives (all params match) or Notification (param mismatch) are
next.
Established - All params match, peers will now send Updates
How can you verify eBGP neighbor status? - ANSWER show ip bg neighbors
[neighbor-id]
Neighbors and status are listed at the bottom. The State/PfxRcd is either text listing the
state or the number of prefixes received from the neighbor.
How can you verify the TCP connection for BGP? - ANSWER show tcp brief
Shows the local and remote (foreign) IP and port for each TCP connection.
How can you administratively disable a neighbor? - ANSWER neighbor <IP> shutdown
Re-enable with:
no neighbor <IP> shutdown
How do you debug BGP? - ANSWER debug ip bgp
List the BGP mesage types. - ANSWER Open - Establish a neighbor connection and
exchange basic params.
Keepalive - Sent periodically to maintain the neighbor relationship. Failure to receive a
Keepalive before the Hold timer expires will bring down the neighbor-ship.
Update - Used to exchange PAs and associated prefix/length (NLRI) used by those PAs.
,Notification - Signals a BGP error, usually results in a reset to the connection.
What is a PA? - ANSWER Path Attribute
... allow BGP to make determinations of what is the best path.
What is an NLRI? - ANSWER Network Layer Reachability Information
... is exchanged between BGP routers using UPDATE messages. An NLRI is composed
of a LENGTH and a PREFIX. The length is a network mask in CIDR notation (eg. /25)
specifying the number of network bits, and the prefix is the Network address for that
subnet.
The NLRI is unique to BGP version 4 and allows BGP to carry supernetting information,
as well as perform aggregation.
The NLRI would look something like one of these:
/25, 204.149.16.128
/23, 206.134.32
/8, 10
Only one NLRI is included in an UPDATE Message, though there may be multiple
AS-paths and AS-path attributes.
Describe output of "show ip bgp". - ANSWER Shows a list of all routes learned from BGP
with the best route marked with >, and including the Metric (MED), Local Preference,
Weight and AS_Path for each. iBGP routes are marked with i in the third column.
What are the PA categories? - ANSWER Well-known, mandatory - Must appear in every
UPDATE message, must be supported by every BGP implementation.
Well-known, discretionary - May or may not appear in an UPDATE message, but it MUST
be supported by any BGP software implmentation.
Optional, Transitive - May or may not be supported in all BGP implementations. If sent in
an UPDATE message, but not recognized by the receiver, it should be passed on to the
next AS.
, Optional, Non-transitive - May or may not be supported, if received, it is not required
that the router pass it on.
List well-known, mandatory PAs. - ANSWER * AS_path
* ORIGIN
* NEXT_HOP
List well-known, discretionary PAs. - ANSWER * LOCAL_PREF
* ATOMIC_AGGREGATE
List optional, transitive PAs. - ANSWER * AGGREGATOR
* COMMUNITY
List optional, non-transitive PAs. - ANSWER * MULTI_EXIT_DISC
* ORIGINATOR_ID
* Cluster List
List some BGP verification commands. - ANSWER show ip bgp /prefix/ [mask]
0.0.0.0 0.0.0.0 will list all default routes
show ip bgp neighbors /ip-address/ received-routes
shows routes from a particular neighbor before filters are applied.
show ip neighbors /ip-address/ routes
shows routes from a particular neighbor after filters are applied.
N WLLA OMNI - ANSWER N - Next hop reachable?
W - Weight
L - Local pref
L - Locally injected routes
A - AS_Path
O - Origin (I, E or ?)
M - MED
N - Neighbor type (eBGP over iBGP)
I - IGP metric to next-hop
Minimum eBGP configuration? - ANSWER router bgp <ASN>
neighbor <IP> remote-as <REMOTE_ASN>
Requirements for eBGP neighbors? - ANSWER * Local ASN must match the remote-as
configured on the neighbor.
* BGP router IDs must not be the same
* MD5 authentication must pass if configured
* The routers must form a TCP connection (port 179) between the IPs used in the
respective neighbor statements.
How is the BGP router ID chosen? - ANSWER * Configured using the bgp router-id
command
* Highest loopback interface
* Highest other interface
How would you configure BGP to use a loopback address on each end? - ANSWER
neighbor <IP> update-source <SOURCE_INT>
neighbor <IP> ebgp multihop <HOP_COUNT>
Where IP is the neighbor's loopback IP, SOURCE_INT is our loopback interface and
HOP_COUNT is 2.
What is multihop? - ANSWER The TTL for the TCP connection defaults to one so it will
,only cross one segment by default.
neighbor <IP> ebgp multihop <TTL> will set the TTL to a higher value. For instance,
multihop 2 would allow you to reach a loopback interface on a neighboring router.
How do you authenticate a BGP connection? - ANSWER Configure each router with a
pre-shared key for it's neighbor.
neighbor <IP> password <PSK>
List the BGP neighbor states. - ANSWER Idle - admin down or awaiting the next retry
Connect - waiting for TCP connection to complete
Active - TCP connection complete but no BGP messages sent
Opensent - TCP connection exists and BGP Open message sent but no matching Open
received from peer
Openconfirm - Open message sent and matching
Open received. Keepalives (all params match) or Notification (param mismatch) are
next.
Established - All params match, peers will now send Updates
How can you verify eBGP neighbor status? - ANSWER show ip bg neighbors
[neighbor-id]
Neighbors and status are listed at the bottom. The State/PfxRcd is either text listing the
state or the number of prefixes received from the neighbor.
How can you verify the TCP connection for BGP? - ANSWER show tcp brief
Shows the local and remote (foreign) IP and port for each TCP connection.
How can you administratively disable a neighbor? - ANSWER neighbor <IP> shutdown
Re-enable with:
no neighbor <IP> shutdown
How do you debug BGP? - ANSWER debug ip bgp
List the BGP mesage types. - ANSWER Open - Establish a neighbor connection and
exchange basic params.
Keepalive - Sent periodically to maintain the neighbor relationship. Failure to receive a
Keepalive before the Hold timer expires will bring down the neighbor-ship.
Update - Used to exchange PAs and associated prefix/length (NLRI) used by those PAs.
,Notification - Signals a BGP error, usually results in a reset to the connection.
What is a PA? - ANSWER Path Attribute
... allow BGP to make determinations of what is the best path.
What is an NLRI? - ANSWER Network Layer Reachability Information
... is exchanged between BGP routers using UPDATE messages. An NLRI is composed
of a LENGTH and a PREFIX. The length is a network mask in CIDR notation (eg. /25)
specifying the number of network bits, and the prefix is the Network address for that
subnet.
The NLRI is unique to BGP version 4 and allows BGP to carry supernetting information,
as well as perform aggregation.
The NLRI would look something like one of these:
/25, 204.149.16.128
/23, 206.134.32
/8, 10
Only one NLRI is included in an UPDATE Message, though there may be multiple
AS-paths and AS-path attributes.
Describe output of "show ip bgp". - ANSWER Shows a list of all routes learned from BGP
with the best route marked with >, and including the Metric (MED), Local Preference,
Weight and AS_Path for each. iBGP routes are marked with i in the third column.
What are the PA categories? - ANSWER Well-known, mandatory - Must appear in every
UPDATE message, must be supported by every BGP implementation.
Well-known, discretionary - May or may not appear in an UPDATE message, but it MUST
be supported by any BGP software implmentation.
Optional, Transitive - May or may not be supported in all BGP implementations. If sent in
an UPDATE message, but not recognized by the receiver, it should be passed on to the
next AS.
, Optional, Non-transitive - May or may not be supported, if received, it is not required
that the router pass it on.
List well-known, mandatory PAs. - ANSWER * AS_path
* ORIGIN
* NEXT_HOP
List well-known, discretionary PAs. - ANSWER * LOCAL_PREF
* ATOMIC_AGGREGATE
List optional, transitive PAs. - ANSWER * AGGREGATOR
* COMMUNITY
List optional, non-transitive PAs. - ANSWER * MULTI_EXIT_DISC
* ORIGINATOR_ID
* Cluster List
List some BGP verification commands. - ANSWER show ip bgp /prefix/ [mask]
0.0.0.0 0.0.0.0 will list all default routes
show ip bgp neighbors /ip-address/ received-routes
shows routes from a particular neighbor before filters are applied.
show ip neighbors /ip-address/ routes
shows routes from a particular neighbor after filters are applied.
