| Add_workflow_for_techpubs |
|---|
| AUTH1 | UserResourceIdentifier{userKey=8a00a0c87a8bc654017a90dcbbab0002, userName='null'} |
|---|
| JIRAIDAUTH | TP-548 |
|---|
| REV5 | UserResourceIdentifier{userKey=8a00a0c85f4199b1015f7ea6e836000d, userName='null'} |
|---|
| REV6 | UserResourceIdentifier{userKey=8a00a0c85f4199b1015f7ea6e836000d, userName='null'} |
|---|
| REV3 | UserResourceIdentifier{userKey=8a00a0c866dc3dee0166e544fde30008, userName='null'} |
|---|
| REV1 | UserResourceIdentifier{userKey=8a00a0c86d32712b016d406f77af0008, userName='null'} |
|---|
|
The
supports the use of BGP for connections between complex networks.
BGP is maintained and configured via the CLI only. The BGP on
should only be implemented by network administrators comfortable with configuring the
via CLI and with those who are experienced in working with network service providers to establish connectivity.
This document only covers activating and accessing the BGP process. It is not meant as a full reference for the configuration and operation of BGP. The
supports most standard BGP functions such as configuring local preference, setting weights, and adjusting as-paths.
Complete the following steps to enable, connect, and configure the BGP daemon:
- Activate the BGP process. At the command prompt (#), enter the following command:
| Code Block |
|---|
config_routing --bgp --enable |
The
will enable the BGP daemon and reconfigure other network processes to send and receive routes to the BGP process. The
will not forward traffic during this startup routine.
2. To start configuring BGP, access the BGP process. At the command prompt (#), complete the following steps:
1. Enter the following command:
| Code Block |
|---|
config_routing --bgp --connect |
You are prompted for the BGP password.
2. Enter the default password: bgp
The BGP console (BGP>) is displayed.
3. At the BGP console (BGP>), enter the following command:
The BGP privileged mode console (BGP#) is displayed. At this point, BGP can be configured using commands similar to other routers that run BGP.
4. At the BGP privileged mode console (BGP#), enter the following command:
| Code Block |
|---|
config terminal |
The BGP daemon is now in BGP terminal configuration mode. The BGP terminal configuration mode console (BGP(config)#) is displayed.
5. At the BGP terminal configuration mode console (BGP(config)#), add an Autonomous System (AS):
| Code Block |
|---|
router bgp <AS> |
| Note |
|---|
The AS number is typically given by the network service provider. |
The BGP daemon is now in router configuration mode. The router configuration console (BGP(config-router)#) is displayed.
6. From here, the BGP routing configuration can be constructed using commands typical to other industry routers. Following is a basic example:
| Code Block |
|---|
BGP(config-router)# bgp router-id <WAN-IP>
neighbor <peer-IP> remote-as <peer-AS>
neighbor <peer-IP> activate
network <LAN network> mask <LAN network mask>
neighbor <peer-IP> remote-as <peer-AS> |
7. When finished configuring BGP, the configuration is saved with two steps. First issue the command:
This writes the configuration to the
file /etc/config/bgpd.conf.
8. Next exit the BGP process by typing the command exit until you are returned to the
command line. Once you reach the
command line, issue the command:
This saves the contents of /etc/config/bgpd.conf to flash on the
.
By default, the BGP process checks the Linux table at startup time for routes to advertise. This may create an undesired condition where the advertise routes are out of sync with the local routes if the local routing table changes for reasons such as LAN failure or a change in received routes from a local routing process such as OSPF. To avoid this situation, the below command should be added to the BGP routing configuration.
| Code Block |
|---|
bgp network import-check |
Further, if LAN VLAN interfaces are in use, then execute the following command from the
CLI:
| Code Block |
|---|
enable_monitor_vlan on |
This enables the
to monitor the LAN switch ports and update BGP as required should a VLAN become no longer accessible.