Manual:Routing/BGP: Difference between revisions

From MikroTik Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 25: Line 25:
<table class="styled_table">
<table class="styled_table">
<tr>
<tr>
   <th width="350">Property</th>
   <th width="40%">Property</th>
   <th >Description</th>
   <th >Description</th>
</tr>
</tr>
Line 37: Line 37:
</tr>
</tr>
<tr>
<tr>
     <td><var><b>cluster-id</b></var> (<em>IP address</em>; Default: <b></b>)</td>
     <td><var><b>cluster-id</b></var> (<em>IP address</em>;)</td>
     <td> in case this instance is a route reflector: cluster ID of the router reflector cluster this instance belongs to. This attribute helps to recognize routing updates that comes from another route reflector in this cluster and avoid routing information looping. Note that normally there is only one route reflector in a cluster; this case 'cluster-id' does not need to be configured and BGP router ID is used instead</td>
     <td> in case this instance is a route reflector: cluster ID of the router reflector cluster this instance belongs to. This attribute helps to recognize routing updates that comes from another route reflector in this cluster and avoid routing information looping. Note that normally there is only one route reflector in a cluster; this case 'cluster-id' does not need to be configured and BGP router ID is used instead</td>
</tr>
</tr>
<tr>
<tr>
     <td><var><b>confederation</b></var> (<em>integer: 0..65535</em>; Default: <b></b>)</td>
     <td><var><b>confederation</b></var> (<em>integer: 0..65535</em>;)</td>
     <td> in case of BGP confederations: autonomous system number that identifies the [local] confederation as a whole</td>
     <td> in case of BGP confederations: autonomous system number that identifies the [local] confederation as a whole</td>
</tr>
</tr>
<tr>
<tr>
     <td><var><b>confederation-peers</b></var> (<em>integer: 0..65535</em>; Default: <b></b>)</td>
     <td><var><b>confederation-peers</b></var> (<em>integer: 0..65535</em>;)</td>
     <td> in case of BGP confederations: list of BGP peers internal to the [local] confederation</td>
     <td> in case of BGP confederations: list of BGP peers internal to the [local] confederation</td>
</tr>
</tr>
Line 53: Line 53:
</tr>
</tr>
<tr>
<tr>
     <td><var><b>name</b></var> (<em>string</em>; Default: <b>""</b>)</td>
     <td><var><b>name</b></var> (<em>string</em>;)</td>
     <td> BGP instance name</td>
     <td> BGP instance name</td>
</tr>
</tr>
<tr>
<tr>
     <td><var><b>out-filter</b></var> (<em>string</em>; Default: <b>""</b>)</td>
     <td><var><b>out-filter</b></var> (<em>string</em>;)</td>
     <td> the output routing filter used by all BGP peers belonging to this instance</td>
     <td> the output routing filter used by all BGP peers belonging to this instance</td>
</tr>
</tr>
Line 85: Line 85:
</tr>
</tr>
<tr>
<tr>
     <td><var><b>vrf</b></var> (<em>string</em>; Default: <b></b>)</td>
     <td><var><b>vrf</b></var> (<em>string</em>;)</td>
     <td> List of [[Virtual_Routing_and_Forwarding| VRFs]] used for vpnv4 routes</td>
     <td> List of [[Virtual_Routing_and_Forwarding| VRFs]] used for vpnv4 routes</td>
</tr>
</tr>
Line 98: Line 98:
<table class="styled_table">
<table class="styled_table">
<tr>
<tr>
   <th width="350">Property</th>
   <th width="40%">Property</th>
   <th >Description</th>
   <th >Description</th>
</tr>
</tr>
Line 106: Line 106:
</tr>
</tr>
<tr>
<tr>
     <td><var><b>allowas-in</b></var> (<em>string</em>; Default: <b>""</b>)</td>
     <td><var><b>allowas-in</b></var> (<em>string</em>;)</td>
     <td> </td>
     <td> </td>
</tr>
</tr>
<tr>
<tr>
     <td><var><b>default-originate</b></var> (<em>always | if-installed | never</em>; Default: <b></b>)</td>
     <td><var><b>default-originate</b></var> (<em>always | if-installed | never</em>;)</td>
     <td> specifies how to distribute default route</td>
     <td> specifies how to distribute default route</td>
</tr>
</tr>
Line 123: Line 123:
</tr>
</tr>
<tr>
<tr>
     <td><var><b>in-filter</b></var> (<em>string</em>; Default: <b>""</b>)</td>
     <td><var><b>in-filter</b></var> (<em>string</em>;)</td>
     <td> name of the routing filter that is applied to the incoming routing information</td>
     <td> name of the routing filter that is applied to the incoming routing information</td>
</tr>
</tr>
<tr>
<tr>
     <td><var><b>instance</b></var> (<em>string</em>; Default: <b></b>)</td>
     <td><var><b>instance</b></var> (<em>string</em>;)</td>
     <td> the instance this peer belongs to</td>
     <td> the instance this peer belongs to</td>
</tr>
</tr>
Line 135: Line 135:
</tr>
</tr>
<tr>
<tr>
     <td><var><b>max-prefix-limit</b></var> (<em>integer</em>; Default: <b></b>)</td>
     <td><var><b>max-prefix-limit</b></var> (<em>integer</em>;)</td>
     <td> maximum number of prefixes to accept from a specific peer. When this limit is exceeded, TCP connection between peers is tear down</td>
     <td> maximum number of prefixes to accept from a specific peer. When this limit is exceeded, TCP connection between peers is tear down</td>
</tr>
</tr>
Line 152: Line 152:
</tr>
</tr>
<tr>
<tr>
     <td><var><b>name</b></var> (<em>string</em>; Default: <b></b>)</td>
     <td><var><b>name</b></var> (<em>string</em>;)</td>
     <td> the name of the peer</td>
     <td> the name of the peer</td>
</tr>
</tr>
Line 163: Line 163:
</tr>
</tr>
<tr>
<tr>
     <td><var><b>out-filter</b></var> (<em>string</em>; Default: <b>""</b>)</td>
     <td><var><b>out-filter</b></var> (<em>string</em>;)</td>
     <td> name of the routing filter that is applied to the incoming routing information</td>
     <td> name of the routing filter that is applied to the incoming routing information</td>
</tr>
</tr>
<tr>
<tr>
     <td><var><b>remote-address</b></var> (<em>IP address</em>; Default: <b></b>)</td>
     <td><var><b>remote-address</b></var> (<em>IP address</em>;)</td>
     <td> address of the remote peer</td>
     <td> address of the remote peer</td>
</tr>
</tr>
<tr>
<tr>
     <td><var><b>remote-as</b></var> (<em>integer: 0..65535.0..65535</em>; Default: <b></b>)</td>
     <td><var><b>remote-as</b></var> (<em>integer: 0..65535.0..65535</em>;)</td>
     <td> 32-bit AS number of the remote peer</td>
     <td> 32-bit AS number of the remote peer</td>
</tr>
</tr>
Line 183: Line 183:
</tr>
</tr>
<tr>
<tr>
     <td><var><b>tcp-md5-key</b></var> (<em>string</em>; Default: <b>""</b>)</td>
     <td><var><b>tcp-md5-key</b></var> (<em>string</em>;)</td>
     <td> key used to authenticate the connection with TCP MD5 signature as described in RFC 2385</td>
     <td> key used to authenticate the connection with TCP MD5 signature as described in RFC 2385</td>
</tr>
</tr>
Line 193: Line 193:
</tr>
</tr>
<tr>
<tr>
     <td><var><b>update-source</b></var> (<em>IP address | interface name</em>; Default: <b></b>)</td>
     <td><var><b>update-source</b></var> (<em>IP address | interface name</em>;)</td>
     <td> If address is specified, this address is used as the source address of the outgoing TCP connection.<br />
     <td> If address is specified, this address is used as the source address of the outgoing TCP connection.<br />
If interface name is specified, an address belonging to the interface is used as described.<br />
If interface name is specified, an address belonging to the interface is used as described.<br />
Line 203: Line 203:
<table class="styled_table">
<table class="styled_table">
<tr>
<tr>
   <th width="350">Property</th>
   <th width="40%">Property</th>
   <th >Description</th>
   <th >Description</th>
</tr>
</tr>
Line 282: Line 282:
<table class="styled_table">
<table class="styled_table">
<tr>
<tr>
   <th width="350">Property</th>
   <th width="40%">Property</th>
   <th >Description</th>
   <th >Description</th>
</tr>
</tr>
Line 342: Line 342:
<table class="styled_table">
<table class="styled_table">
<tr>
<tr>
   <th width="350">Property</th>
   <th width="40%">Property</th>
   <th >Description</th>
   <th >Description</th>
</tr>
</tr>
<tr>
<tr>
     <td><var><b>network</b></var> (<em>IP prefix</em>; Default: <b></b>)</td>
     <td><var><b>network</b></var> (<em>IP prefix</em>;)</td>
     <td> the aggregate prefix</td>
     <td> the aggregate prefix</td>
</tr>
</tr>
Line 367: Line 367:
<table class="styled_table">
<table class="styled_table">
<tr>
<tr>
   <th width="350">Property</th>
   <th width="40%">Property</th>
   <th >Description</th>
   <th >Description</th>
</tr>
</tr>
<tr>
<tr>
     <td><var><b>advertise-filter</b></var> (<em>string</em>; Default: <b>""</b>)</td>
     <td><var><b>advertise-filter</b></var> (<em>string</em>;)</td>
     <td> name of the filter chain used to select the routes from which to inherit attributes</td>
     <td> name of the filter chain used to select the routes from which to inherit attributes</td>
</tr>
</tr>
<tr>
<tr>
     <td><var><b>attribute-filter</b></var> (<em>string</em>; Default: <b>""</b>)</td>
     <td><var><b>attribute-filter</b></var> (<em>string</em>;)</td>
     <td> name of the filter chain used to set the attributes of the aggregate route</td>
     <td> name of the filter chain used to set the attributes of the aggregate route</td>
</tr>
</tr>
Line 383: Line 383:
</tr>
</tr>
<tr>
<tr>
     <td><var><b>instance</b></var> (<em>string</em>; Default: <b></b>)</td>
     <td><var><b>instance</b></var> (<em>string</em>;)</td>
     <td> the instance this network belongs to</td>
     <td> the instance this network belongs to</td>
</tr>
</tr>
<tr>
<tr>
     <td><var><b>prefix</b></var> (<em>IP prefix</em>; Default: <b></b>)</td>
     <td><var><b>prefix</b></var> (<em>IP prefix</em>;)</td>
     <td> the aggregate prefix</td>
     <td> the aggregate prefix</td>
</tr>
</tr>
Line 395: Line 395:
</tr>
</tr>
<tr>
<tr>
     <td><var><b>suppress-filter</b></var> (<em>string</em>; Default: <b>""</b>)</td>
     <td><var><b>suppress-filter</b></var> (<em>string</em>;)</td>
     <td> name of the filter chain used to select the routes to be suppressed</td>
     <td> name of the filter chain used to select the routes to be suppressed</td>
</tr>
</tr>
Line 403: Line 403:
Read only status property:
Read only status property:
<table class="styled_table">
<table class="styled_table">
<tr width="350" >
<tr width="40%" >
     <td><var><b>routes-used</b></var> (<em>integer</em>)</td>
     <td><var><b>routes-used</b></var> (<em>integer</em>)</td>
     <td> aggregated route statistics.
     <td> aggregated route statistics.

Revision as of 08:26, 15 May 2009

Summary

The Border Gateway Protocol (BGP) allows setting up an interdomain dynamic routing system that automatically updates routing tables of devices running BGP in case of network topology changes.

MikroTik RouterOS supports BGP Version 4, as defined in RFC 1771 -> RFC 4271

Standards and Technologies:

  • RFC 4271 Border Gateway Protocol 4
  • RFC 4456 BGP Route Reflection
  • RFC 1965 Autonomous System Confederations for BGP
  • RFC 1997 BGP Communities Attribute
  • RFC 2385 TCP MD5 Authentication for BGPv4
  • RFC 3392 Capabilities Advertisement with BGP-4
  • RFC 2918 Route Refresh Capability
  • RFC 2858 Multiprotocol Extensions for BGP-4
  • RFC 2545 Use of BGP-4 Multiprotocol Extensions for IPv6 Inter-Domain Routing

Instance

Sub-menu: /routing bgp instance


Property Description
as (integer: 0..65535.0..65535; Default: ) 32-bit BGP autonomous system number
client-to-client-reflection (yes | no; Default: yes) in case this instance is a route reflector: whether to redistribute routes learned from one routing reflection client to other clients
cluster-id (IP address;) in case this instance is a route reflector: cluster ID of the router reflector cluster this instance belongs to. This attribute helps to recognize routing updates that comes from another route reflector in this cluster and avoid routing information looping. Note that normally there is only one route reflector in a cluster; this case 'cluster-id' does not need to be configured and BGP router ID is used instead
confederation (integer: 0..65535;) in case of BGP confederations: autonomous system number that identifies the [local] confederation as a whole
confederation-peers (integer: 0..65535;) in case of BGP confederations: list of BGP peers internal to the [local] confederation
ignore-as-path-len (yes | no; Default: no) whether to ignore AS_PATH attribute in BGP route selection algorithm
name (string;) BGP instance name
out-filter (string;) the output routing filter used by all BGP peers belonging to this instance
redistribute-connected (yes | no; Default: no) if enabled, this BGP instance will redistribute the information about connected routes, i.e., routes to the networks that can be directly reached
redistribute-ospf (yes | no; Default: no) if enabled, this BGP instance will redistribute the information about routes learned by OSPF
redistribute-other-bgp (yes | no; Default: no) if enabled, this BGP instance will redistribute the information about routes learned by other BGP instances
redistribute-rip (yes | no; Default: no) if enabled, this BGP instance will redistribute the information about routes learned by RIP
redistribute-static (yes | no; Default: no) if enabled, the router will redistribute the information about static routes added to its routing database, i.e., routes that have been created using the '/ip route add' command on the router
router-id (IP address; Default: 0.0.0.0) the BGP Router ID (for this instance). If not specified, BGP will use one of router's IP addresses.
vrf (string;) List of VRFs used for vpnv4 routes


Peer

Sub-menu: /routing bgp peer


Property Description
address-families (ip | ipv6 | l2vpn | l2vpn-cisco | vpnv4; Default: ip) list of address families about which this peer will exchange routing information. The remote peer must support (they usually do) BGP capabilities optional parameter to negotiate any other families than IP
allowas-in (string;)
default-originate (always | if-installed | never;) specifies how to distribute default route
hold-time (time; Default: ) specifies the BGP Hold Time value to use when negotiating with peers.

According to the BGP specification, if router does not receive successive KEEPALIVE and/or UPDATE and/or NOTIFICATION messages within the period specified in the Hold Time field of the OPEN message, then the BGP connection to the peer will be closed. The minimal hold-time value of both peers will be actually used (note that the special value 0 or 'infinity' is lower than any other values)

infinity - never expire the connection and never send keepalive messages.
in-filter (string;) name of the routing filter that is applied to the incoming routing information
instance (string;) the instance this peer belongs to
interface (string | unspecified; Default: unspecified) if specified, then outgoing connection will be made using only this interface; important if you want to run BGP using IPv6 link-local addresses
max-prefix-limit (integer;) maximum number of prefixes to accept from a specific peer. When this limit is exceeded, TCP connection between peers is tear down
max-prefix-restart-time (time 1 minute .. 10 days | infinity; Default: infinity) minimum time interval after which peers can reestablish BGP session.
infinity - session is not reestablished until administrator's intervention.
multihop (yes | no; Default: no) specifies whether the remote peer is more than one hop away.

This option affects outgoing nexthop selection as described in RFC 4271 (for EBGP only, excluding EBGP peers local to the confederation). It also affects

- whether to accept connections from peers that are not in the same network (the remote address of the connection is used for this check)
- and whether to accept incoming routes with NEXT_HOP attribute that is not in the same network as the address used to establish the connection.
name (string;) the name of the peer
nexthop-choice (default | force-self | propagate; Default: default) Affects the outgoing NEXT_HOP attribute selection. Note that nexthops set in filters always takes precedence. Also note that nexthop is not changed on route reflection, expect when it's set in filter.
default - select the nexthop as described in RFC 4271
force-self - always use a local address of the interface that used to connect to the peer as the nexthop;
propagate - try to propagate further the nexthop received; i.e. if the route has BGP NEXT_HOP attribute, then use it as the nexthop, otherwise fall back to the default case
out-filter (string;) name of the routing filter that is applied to the incoming routing information
remote-address (IP address;) address of the remote peer
remote-as (integer: 0..65535.0..65535;) 32-bit AS number of the remote peer
remote-port (integer; Default: 179) Remote peers port to establish tcp session
route-reflect (yes | no; Default: no) specifies whether this peer is route reflection client
tcp-md5-key (string;) key used to authenticate the connection with TCP MD5 signature as described in RFC 2385
ttl (integer: 1..255 | default; Default: default) Time To Leave, the hop limit for TCP connection. For example, if 'ttl=1' then only single

hop neighbors will be able to establish the connection. This property only affects EBGP peers.

default - system's default TTL value is used
update-source (IP address | interface name;) If address is specified, this address is used as the source address of the outgoing TCP connection.

If interface name is specified, an address belonging to the interface is used as described.

This property is ignored, if the value specified is not a valid address of the router or name an interface with active addresses.


Read only status properties:

Property Description
remote-id (IP address) BGP router ID of the remote end
local-address (IP address) local address used for TCP connection
uptime (time) how long the connection has been in established state
prefix-count (integer) number routing prefixes received from this peer currently in routing table
updates-sent (integer) total number of reachable routing prefixes advertised
updates-received (integer) total number of reachable routing prefixes received
withdrawn-sent (integer) total number of withdrawn routing prefixes advertised
withdrawn-received (integer) total number of withdrawn routing prefixes received
remote-hold-time (time) hold time value offered by the remote end
used-hold-time (time) negotiated hold time value
used-keepalive-time (time) negotiated keepalive message interval (used-hold-time / 3)
refresh-capability (yes | no)
as4-capability (yes | no) set to yes if peer supports 4-byte AS numbers
used-keepalive-time (time) negotiated keepalive message interval (used-hold-time / 3)
state (idle | connect | active | opensent | openconfirm | established) BGP protocol state


Advertisements

Sub-menu: /routing bgp advertisements


Read only information about outgoing routing information currently advertised.

This information is calculated dynamically after 'print' command is issued. As a result, it may not correspond to the information that at the exact moment has been sent out. Especially if in case of slow connection, routing information prepared for output will spend long time in buffers. 'advertisements print' will show as things should be, not as they are!

Property Description
prefix (IP prefix) the NLRI prefix sent out
nexthop (IP address) the NEXT_HOP attribute value sent out
as-path (string) the AS_PATH attribute value sent out
origin (igp | egp | incomplete) the ORIGIN attribute value sent out
local-pref (integer) the LOCAL_PREF attribute value sent out
med (integer) the MULTI_EXIT_DISC attribute value sent out
atomic-aggregate (yes | no) the ATOMIC_AGGREGATE attribute value sent out
aggregator (IP address) the AGGREGATOR attribute value sent out
originator-id (IP address) the ORIGINATOR_ID attribute value sent out
cluster-list (string) the CLUSTER_LIST attribute value sent out
peer (string) the peer this information is advertised to


Network

Sub-menu: /routing bgp network


BGP network configuration. BGP Networks is a list of IP prefixes to be advertised.

Property Description
network (IP prefix;) the aggregate prefix
synchronize (yes | no; Default: no) install a route for this network only when there are some IGP routes falling under the range of this network


Aggregate

Sub-menu: /routing bgp aggregate


BGP allows the aggregation of specific routes into one route with. This menu ('/routing bgp aggregate') allows to specify which routes you want to aggregate, and what attributes to use for the route created by aggregation.


Property Description
advertise-filter (string;) name of the filter chain used to select the routes from which to inherit attributes
attribute-filter (string;) name of the filter chain used to set the attributes of the aggregate route
inherit-attributes (yes | no; Default: yes) whether to inherit BGP attributes from aggregated routes
instance (string;) the instance this network belongs to
prefix (IP prefix;) the aggregate prefix
summary-only (yes | no; Default: yes) whether to suppress advertisements of all routes that fall within the range of this aggregate
suppress-filter (string;) name of the filter chain used to select the routes to be suppressed


Read only status property:

routes-used (integer) aggregated route statistics.
in console- list of route console IDs used;
in winbox- number of routes used.

Terminology

aggregated routes - all routes, that fall within the range of this aggregate; they possibly are suppressed;
aggregate route - route created by aggregation.

Notes

Each aggregate will only affect routes coming from peers that belong to it's instance.
'suppress-filter' is useful only if 'summary-only=no'; 'advertise-filter' is useful only if 'inherit-attributes=yes'

If result 'attribute-filter' match 'reject' or 'discard', the aggregate route is not created.


Vpnv4 route

Sub-menu: /routing bgp vpnv4-route