Information Technology Reference
In-Depth Information
effort. The addition of new edge routers requires adding a BGP session to the edge router
peer group and configuring the ports to terminate the uplink from the edge router.
Example 9-2 shows the BGP aggregation router configuration template.
BGP Aggregation Router Configuration Template
Example 9-2
router bgp <ISP ASN>
no auto-summary
no synchronization
bgp log-neighbor-changes
bgp router-id <ROUTER ID>
!
neighbor CORE_UPLINK peer-group
neighbor CORE_UPLINK description iBGP Session to Core Routers
neighbor CORE_UPLINK version 4
neighbor CORE_UPLINK password <iBGP Password>
neighbor CORE_UPLINK update-source loopback0
neighbor CORE_UPLINK remote-as <ISP ASN>
!
neighbor EDGE_ROUTERS peer-group
neighbor EDGE_ROUTERS description iBGP Sessions for Edge Routers
neighbor EDGE_ROUTERS version 4
neighbor EDGE_ROUTERS password <iBGP Password>
neighbor EDGE_ROUTERS update-source loopback0
neighbor EDGE_ROUTERS remote-as <ISP ASN>
neighbor EDGE_ROUTERS route-reflector-client
!
neighbor PEER_ROUTERS peer-group
neighbor PEER_ROUTERS description iBGP Sessions for Peering Routers
neighbor PEER_ROUTERS version 4
neighbor PEER_ROUTERS password <iBGP Password>
neighbor PEER_ROUTERS update-source loopback0
neighbor PEER_ROUTERS remote-as <ISP ASN>
neighbor PEER_ROUTERS route-reflector-client
neighbor PEER_ROUTERS route-map PARTIAL_ROUTES out
...
!
route-map PARTIAL_ROUTES permit 10
match community 1
!
route-map PARTIAL_ROUTES deny 20
!
ip community-list 1 permit <Customer Routes Community>
ip community-list 1 deny
!
The peering routers are a special case of edge router. They require only partial routes, unlike
the standard customer aggregation edge router that requires full routes. This subject is
discussed in more detail in the later section “Public Peering Security Concerns.”
