BGP Configuration (Part 2)


Today…we learn about how to change path the packets travel in BGP environment, in IGP such as OSPF…we can modify the metric or even Administrative Distance (AD)

In BGP we call them Path Attributes…

Some say…Path Attributes in BGP is like Metric in IGP Analogy, Some say…Path Attribute is different at all

All we know is…He’s Called THE STIG !!!

The design we throughout the article is like this


Initial Config

Hey…in R1 and R2 we use network command, but in R3 we use redistribute connected ?!?

I just want to show you that both command function do the same effect…advertise route

But the difference is..Network command do advertise route that we exactly want to advertise

But in redistribute connected, ALL OF CONNECTED ROUTE will be advertised

So which is better ?! of course network command, redistribute make router do processing alot more

Remember, redistribute command is used when we want to “join” different routing protocols right ?!?


BGP Route Change with Path Attibute called “WEIGHT”

See the BGP Theory (warning: in Indonesian Language/Bahasa) for the list of BGP Path Attributes

When we see the picture above, AS 1 want to sent packet to AS 3…It send directly to AS 3 ( – R3)

But lets change it, we want to sent packet to AS 2 first, and then to AS 3


  • We using route-map for setting weight value
  • Default Weight value is ZERO(0)..just check in show ip bgp, and the weight value is defined on Cisco Router only
  • ALWAYS USE route-map in for weight (because we want to “weighten” the inbound interface which is affecting the outbound connection)
  • And then clear ip bgp peering first to see the effect

Lets trace it

Done…the packet sent to R2 ( first, and then to AS 3

Note: why do we have to input trace [ip] source [ip] ?!?

Because if we just trace without defining which interface ip we use, default interface to send is physical one first

Lets see…

Now lets check in R3…is there any route to ?!?

Thats why we can’t ping/trace without mentioning the source ip, because when we configure BGP, we not advertising (using network command) to BGP right ?!?


BGP Route Change with Path Attibute called “MED”, ” Local Pref”, and AS PATH”

It is the same like weight configuration, just differ in route-map


Local Preference


  • In MED (Multi Exit Discriminator), the lowest one is preferred
  • In Weight and Local Pref, the Heaviest value is preferred

Choosing best route via AS Path


  • AS 1 send packet to AS 3 directly, from AS 1-to-AS 3 (1 -> 3), how do we change it to send via AS 1-to-AS 2-to-AS 3 (1 -> 2 -> 3) ?!?
  • Prepend it !!! (make it longer)…the longer the path, the most unreliable to send packet
  • Lets see the example:

  • from the value ?!? just look at the next hop AS path…after AS 1…to AS 3….isn’t it obvious it will choose the second path ?!?
  • So thats why I’m typing prepend 3 3 3 3 3 (just to make that route longer to read literally, BGP doest read the VALUE of number for AS_PATH selection eventhough the next-hop AS Path is number 3)

Lets check it…

See…the best path to now to R2 then to R3

But we see the and in the show ip bgp also get the same effect, isn’t it dangerous ?!? yes..

Thats why we use another route-map for filtering which AS_PATH get the prepend

now only route that get the prepend effect

Note for BGP MED and Local Pref:

When Local ISP choose the best path/route to another ISP, they use Local Pref

But when Another ISP want to send packet to Local ISP, local ISP can use MED to select which door/route that Allowed for Another ISP

You can say “traffic from Indonesia goes to Singapore first before entering China” (Local Pref, configured in Indonesia)

but traffic from China to Indonesia only accepted if travel to Malaysia first before entering Indonesia” (MED, configured in Indonesia)

we can force to use MED by typing bgp always-compare-med and bgp deterministic-med in router bgp [as] sub-config

Choosing best route via Origin

when the next hop AS Path is same from all direction to destination, BGP choose Origin attribute

Origin means “where this AS Path originally came from

take a look at this pic


just look at the origin status code…BGP prefer path from  i-BGP > e-BGP > incomplete

take a look at the new design I draw here…


R1 want to send packet to in R4

here is the initial configuration (just change the respectives IP in R2, R3, R4)


from show ip bgp, we know that if R1 want to send packet to, He had two options…using AS 2 Route…,or using AS 3 route

which way does R1 take ?!?

now we trace it…


why R1 choose AS 2 ?!? because of BGP behavior that cannot perform load balancing, the first one that enter R1 routing table…that is the primary route (I’m configuring AS 2 right after AS 1 configuration is done, thats why R1 choose AS 2)

now lets change the BGP Attribute called ORIGIN, lets change AS 2 route become “incomplete” (incomplete means this route came from something others than BGP, such as Redistribution)



  • because AS 2 came from (R2), I use route-map in this neighbor
  • and to forbid anoher network get the “incomplete” status, i’m filtering them using ACL

let see the effect


done…now R1 route to si via AS 3

remember the rules… i-bgp > e-bgp >incomplete (?)

let see if I change AS 2 path to e-bgp origin


it still chooes AS 3 over AS 2

BGP Route Selection Process in brief:

1. Weight (Cisco Only)

2. Local Preference

3. AS-Path

4. Origin

5. MED (if all of the above requirement is same value)

next…advanced BGP (Insya Allah)


BGP Configuration (part 1)


(article yang lama akan coba gw update disini…dan gw coba jelasin in english…biar gaya)

Today we learn about how to configure basic BGP configuration such as,

  • e-BGP
  • i-BGP (with loopback)
  • BGP Full Mesh
  • peer-group
  • BGP authentication
  • And BGP Summarization

And the topology we use throughout this article is like this

Note: IP Scheme is 192.168.XX.X..where XX is the combined number of routers, such as R2 and R3 would be and 23.3

We use OSPF as IGP (Internal) Protocol in AS 1

I already assume you have good understanding how to configure basic IP Configuration on Cisco Router here…

I’m trying to explain step-by-step…including error, note, important detail that I learn when configuring basic BGP Configuration


Configuring e-BGP

e-BGP (external BGP) = Connecting different BGP AS (Autonomous System)

We configure R1 and R5

Wait a little longer (10-20s)…BGP Convergence is verrrry slooow

To see list of BGP neighbor, we could use show ip bgp summary

to perform eBGP WITHOUT connecting directly…we must use eBGP-multihop (we’ll talk about it in the next parts)


Configuring i-BGP

i-BGP (internal BGP) = Connecting BGP within AS

We Configure R1 and R3

If R1 peering within AS (i-BGP), we must check wether route to destination peer is exist within routing table (show ip route)

of course…how would R1 know how to deliver BGP Packet (request for Peering with R3) if He doesnt know where to send the packet ?!? *face palm*

So…one of the differences between e-BGP and i-BGP is i-BGP peering routers are not necessary to be directly connected

Configuring i-BGP with Loopback

The question is…if the physical link down…would it be down too with the BGP Peering right ?!?

There are 2 answers: add another physical link to BGP neighborship table, or (the easiest one)…add loopback IP

Because Loopback Interface is never down (remember…this interface is virtual), Loopback Interface will be down if the Router itself down

As long as the routers know how to send packet to loopback IP (acquired via IGP such as OSPF), the neighborship and peering will be fine

To configure i-BGP with loopback, delete neighborship with physical interface first (no neighbor [physical IP] remote-as [AS Number])

the keyword is update-source [interface]

Lets verify the list of the neighbors


BGP Full Mesh

Now…R1 peering with R5 (e-BGP) and R1 peering with R3 (i-BGP)

The next task is…will R3 reach R5 without extra configuration ?!?

Both R3 and R5 connect to R1. To reach R5 (or R3), R1 must advertise the route to both Routers, lets see if R1 advertise rute to R3 (show ip bgp)

The rules of advertising rute is same like i-BGP peering…He must know the route to it/destination

When we see the configuration above, maybe one or two of us will ask the same question

Why 23.0 use mask…why 34.0 not ?!? the answer is…it doesnt matter, it still same result

If we only advertise network WITHOUT mask…BGP will assume that route is classfull (and is classful right ?!? C Class IP)

Note…if we use network mask (some of you will do it because of laziness…JUST ADD ALL !! haha)

The result is not what you are thinking…the router will advertise DEFAULT ROUTE !!! (just think of it… is default route right ?!?)

So…the way we handle advertised route in BGP is different than IGP such as OSPF

Now lets see if R3 (also R5 will get the same result) get the advertised route…

Lets ping

Ping to R5 success, but will it be the same if R3 ping to one of R5 loopback IP such as ?!?

Why is this happen ?? when R3 ping to which is R5, R1 know where to route the packet (directly connected, exist in R1’s routing table)

But when R3 ping to R5 loopback IP, lets see R1 routing table

Now we know the problem ( doesnt exist in R1’s Routing table)…so what is the solution ?!?

Because R1 doesnt know how to route the packet…we must add static route to R5 loopback ip, then see if that static route exist in routing table, advertise using BGP, check using show ip bgp

Lets check on R3…will it be able to ping loopback ip on R5 ?!?

Unreachable…the packets stop on R2 (23.2) and R4 (34.4)

Why is this happen ?!? because R2 and R4 doesnt know where to route the packets !!! (of course…they doesnt know where the F*** is !!!)

The solution ?!? make R2 (and R4) run BGP too ( acquired via BGP right ?!?)

To make sure a proper BGP implementation, we must configure all router to run BGP? is it like another route protocol?

yes, just like EIGRP and OSPF, BGP is another type of routing protocol right ?!? but this protocol is more suitable in ISP environment

Note: same config apply ro R4, R3, R1

Let see…

But..there is some question…i-BGP peering doesnt need to be directly connected, but now we connect all of them

Isn’t it waste of energy and time ?!?! yes…this is what we called i-BGP Full Mesh

So…imagine if there is more than 4 router…

The formula is n(n-1)/2..where N = sum of all router

So..if there is 25 would be 600 peerings !!!

To overcome this complicated BGP Behavior…BGP has features called Route-Reflector and Route Confederation (later we’ll configure them)


BGP Peer-Group

Imagine you type all this…

To reduce that repetition…BGP has feature called Peer-Group

Let me show you the example


BGP Authentication

Its quite simple (lets keep it simple though wkwkwk)

BGP Default authentication is using MD5


BGP Summarization

BGP auto-summarization is off by default

BGP Summarize route using aggregate command

Lets advertise loopbacks IP from R5

Lets see on R1

dont worry about below, I’m advertised static route into BGP remember…thats why that network exist

To reduce routing table and bgp “show ip bgp” table, on R5 we must use route aggregation

Lets see the effect on R1

Whoops…nothing change…except there is “*> “…a blank network

So…we must add a little command here (summary-only)

And the effect…

Yuppp…it works…

See the last line…S [1/0]…its static (S)…not BGP (B), why ?!? because Static Route AD (Administrative Distance) is better than BGP

So…can it be pinged ?!?…yes, sure it can

Thats all folks for today…part 2 coming soon (BGP Route Modification with Path Attributes) insya Allah

Older Entries