Friday, June 20, 2008

Use the explicit "address-family ipv4" in BGP configurations

If you use multiprotocol BGP (MP-BGP) in your network to support MPLS VPN, IPv6 or IP Multicast over BGP, it's best if you go all the way and configure an explicit ipv4 address family; the resulting BGP configuration is significantly easier to read and understand as the session-specific parameters are clearly separated from the routing-specific parameters and the IPv4 settings are nicely grouped in an explicit section.
To change the format of the BGP configuration, configure the IPv4 address family with the address-family ipv4 unicast router configuration command (the neighbor statements and other configuration settings pertinent to IPv4 configuration are automatically moved into the new address family) or manually activate a BGP neighbor for IPv4 route exchange with the neighbor activate router configuration command.To illustrate the differences between the traditional BGP configuration and the per-address-family configuration, consider a simple MPLS VPN+Internet setup. First the traditional approach:

router bgp 65000
 template peer-policy Internal

send-community both
 exit-peer-policy
 !
 template peer-session
Internal
  remote-as 65000
  update-source Loopback0

exit-peer-session
 !
 no synchronization
 bgp
log-neighbor-changes
 network 10.0.1.1 mask 255.255.255.255

neighbor 10.0.1.5 inherit peer-session Internal
 neighbor 10.0.1.5
description PE-C(RR)
 neighbor 10.0.1.5 inherit peer-policy
Internal
 no auto-summary
 !
 address-family vpnv4
  neighbor
10.0.1.5 activate
  neighbor 10.0.1.5 send-community extended

exit-address-family

... and the changed configuration after the address-family ipv4 command has been entered:

router bgp
65000
 template peer-policy Internal
  send-community both

exit-peer-policy
 !
 template peer-policy InternalV6

send-label
  inherit peer-policy Internal 1
 exit-peer-policy

!
 template peer-session Internal
  remote-as 65000

update-source Loopback0
 exit-peer-session
 !
 bgp
log-neighbor-changes
 neighbor 10.0.1.5 inherit peer-session
Internal
 neighbor 10.0.1.5 description PE-C(RR)
 !

address-family ipv4
  no synchronization
  network 10.0.1.1 mask
255.255.255.255
  neighbor 10.0.1.5 activate
  neighbor 10.0.1.5
inherit peer-policy Internal
  no auto-summary

exit-address-family
 !
 address-family vpnv4
  neighbor 10.0.1.5
activate
  neighbor 10.0.1.5 send-community extended

exit-address-family

Posted by at
Labels: