BGP Component
Overview
Enabling the BGP Component
The BGP configuration is held under the top level bgp object in /etc/flockd/flockd.json. If the bgp object exists BGP will be enabled and the BGP master thread will be started.
With this configuration file:
-
The BGP master thread will be started.
-
The router is in an Autonomous System identified by the Autonomous System Number
65016 -
The router has a BGP router identifier assigned as
172.16.10.1"bgp": { "local": { "id": "172.16.10.1", "asn": 65016 } }
Show the status of the BGP component
Check BGP is listed in the enabled_protocols field.
flock@r01:~$ flockc system
"hostname": "r01"
"software": "Flock Networks Routing Suite"
"version": "20.4.0"
"model": "Large"
"base_os": "Linux"
"pid": 2423
"compile_mode": "Release"
"log_level": "info"
"uptime": Uptime { days: 0, hours: 0, mins: 0, secs: 19 }
"enabled_protocols": ["BGP"]
flock@r01:~$
Show BGP Overview
flock@r01:~$ flockc bgp
{"id":"172.16.10.1","asn":65016,"routes":{"ipv4_unicast":4271,"ipv6_unicast":4760},"neighbor_summary":{"count":4,"established":3,"send_converged":2,"recv_converged":1}}
flock@r70:~$
send_converged means all updates have been sent to this neighbor. The neighbor send update queue is empty. The neighbor may not have received all the updates yet, they may still be in the local TCP send buffer (or the neighbors TCP receive buffer)
recv_converged means all available updates from this neighbor have been processed. The neighbor receive TCP buffer is empty. However the neighbor may not have managed to send all updates yet.
- There are 4271 IPv4 Unicast routes in the BGP RIB
- There are 4760 IPv6 Unicast routes in the BGP RIB
- There are 4 neighbors, 3 of which have reached
establishedstate - 2 of the neighbors are
send_converged - 1 of the neighbors is
recv_converged
Originating Networks
With this configuration file:
-
The router originates the
172.16.0.0/16andfc00:46::/32networks"bgp": { "local": { "id": "172.16.10.1", "asn": 65016, "network": [ { "ip_prefix": "172.16.0.0/16" }, { "ip_prefix": "fc00:46::/32" } ] } flock@r70:~$ flockc bgp --af=ipv4 -p 70.0.0.0/8 {"best_entry":{"reason":"SelfOriginated"}} -
If not specified the address family defaults to
--af=ipv6flock@r70:~$ flockc bgp -p {"ip_net":"fc00:46::/32","best_entry":{"reason":"SelfOriginated"}}
Configuring Neighbors
With this configuration file:
-
The router has a single iBGP neighbor
172.16.10.2- The iBGP connection source is
172.16.10.1 - The iBGP connection will advertise IPv4 unicast routes
- Routes are advertised over iBGP with a next hop of
172.16.10.1(next_hop_self)
- The iBGP connection source is
-
The router has a single eBGP neighbor
172.17.20.1in remoteAS 65017"bgp": { "local": { "id": "172.16.10.1", "asn": 65016, } "as": [ { "asn": 65016, "next_hop_self": true, "neighbor": [ { "ip": "172.16.10.2", "local_ip": "172.16.10.1", "af": [ { "afi": "ipv4", "safi": "unicast" } ] } ] }, { "asn": 65017, "neighbor": [ { "ip": "172.17.20.1", "af": [ { "afi": "ipv4", "safi": "unicast" } ] } ] } ] }
Show all neighbors (in all Autonomous Systems)
BGP runs two Finite State Machines (FSM's) per neighbor. One FSM handles the Outgoing TCP connection and the other handles the Incoming TCP connection. The Flock Routing Suite does not hide this from the operator. In the final working state each neighbor should have one FSM in the Established state, and one FSM in the Idle state.
The last error to cause a BGP Notify Message is held in each FSM's last_notify field. This field is never cleared, it is only overwritten with the last error. So a value of null means there have been no errors that have caused a notify message since flockd was started.
flock@r61:~$ flockc bgp -n
{"asn":50}
{"ip_addr":"50.0.20.50","local_ip_addr":"60.0.20.61","asn":50,"bgp_id":"50.0.100.50","neigh_type":"External"}
{"tcp":"Outgoing", "state":"Established","last_notify":null,"updates_sent":42,"updates_queued":0,"recv_converged":true}
{"tcp":"Incoming", "state":"Idle","last_notify":null",updates_sent":0,"updates_queued":0,"recv_converged":false}}
{"asn":60}
{"ip_addr":"60.0.60.60","asn":60,"bgp_id":"60.0.100.60","neigh_type":"Internal"}
{"tcp":"Outgoing","state":"Established","last_notify":null,"updates_sent":73,"updates_queued":0,"recv_converged":true}
{"tcp":"Incoming", "state":"Idle","last_notify":null,"updates_sent":0,"updates_queued":0,"recv_converged":false}
Show BGP RIB prefix's
Note that this is not the RIB held in the RIB component, this is the BGP RIB. The BGP RIB records routes from all neighbors and sends the 'best entry' route to the RIB component. By default, BGP will show the ipv6 routes if the af parameter is not specified.
Show all prefix's. Only the 'best entry' for each prefix is shown, along with the reason why it was the best.
flock@r01:~$ flockc bgp -p --af ipv4
{"ip_net":"50.0.0.0/8","best_entry":{"neigh":{"neigh_ip_addr":"50.0.20.50","attrs":{"origin":"Igp","as_path":{"segments":[{"segment_type":"AsSequence","segment_value":[50]}]},"next_hop":"50.0.20.50","med":null,"local_pref":null,"atomic_aggregate":false,"aggregator":null}},"reason":"OnlyValidPeer"}}
{"ip_net":"60.0.0.0/8","best_entry":{"reason":"SelfOriginated"}}
Show a specific prefix. The 'best entry' and all the candidate entries are shown.
flock@r61:~$ flockc bgp -p 50.0.0.0/8 --af ipv4
{"best_entry":{"neigh":{"neigh_ip_addr":"50.0.20.50","attrs":{"origin":"Igp","as_path":{"segments":[{"segment_type":"AsSequence","segment_value":[50]}]},"next_hop":"50.0.20.50","med":null,"local_pref":null,"atomic_aggregate":false,"aggregator":null}},"reason":"OnlyValidPeer"},"neighboring_as":[{"med_origin_asn":50,"via_neighs":[{"neigh_ip_addr":"50.0.20.50","neigh_bgp_id":"50.0.100.50","neigh_type":"External","attrs":{"origin":"Igp","as_path":{"segments":[{"segment_type":"AsSequence","segment_value":[50]}]},"next_hop":"50.0.20.50","med":null,"local_pref":null,"atomic_aggregate":false,"aggregator":null}}]}]}
Configuring BGP Active / Passive Neighbors
By default BGP will try to create two TCP transport connections to each neighbor. One outgoing to the neighbors remote BGP TCP port 179, and one allowing incoming connections from the neighbor to the local BGP TCP port 179. A tie break is used to enusure only one connection remains when the BGP neighbor moves to the 'Established' state.
The router can be configured to only form a single TCP transport connection to each neighbor using the connect_mode neighbor configuration parameter.
bgp {
"as": [
"neighbor": [
# Only create the outgoing connection to this neighbor.
# Refuse any incoming connection.
"connect_mode": "active"
]
]
}
or
# Only allow the incoming connection from this neighbor.
# Do not create any outgoing connection.
"connect_mode": "passive"
Configuring BGP Route Reflectors
To configure a router as a BGP Route Reflector, specify which neighbors are Route Relector clients using the route_reflector_client configuration boolean.
bgp {
"as": [
"neighbor": [
# Reflect iBGP routes to and from this neighbor
"route_reflector_client": "true"
]
]
}
To deploy redundant Route Reflectors a Route Relector Cluster Id can optionally be configured.
bgp {
"local": {
"cluster_id": "1.2.3.4"
}
}
Configuring BGP to act as a Route Server
BGP Route Server functionality is defined in RFC7947. To configure a router as a BGP Route Server use the route_server configuration boolean.
bgp {
"as": [],
"local": {
"asn": 65056,
"id": "192.168.0.14",
"route_server": true
}
}
To check BGP is running as a route server.
flock@r01:~$ flockc bgp -j | grep route_server
"route_server": true,
flock@r01:~$
Configuring Multihop BGP
Multihop BGP is configured by changing the Time to Live (TTL) of the BGP packets that are sent.
The default BGP packet TTL's are iBGP = 64 and eBGP = 1.
Use the neighbor ttl configuration keyword to override the defaults.
bgp {
"as": [
{
"asn": 60,
"neighbor": [
{
"ip": "60.0.20.61",
"ttl": {
"send": 2
}
}
]
}
]
}
BGP Operation Commands Reference
Help
flockc bgp -h
Overview
flockc bgp
Autonomous System
flockc bgp -a [<asn>]
Neighbors
flockc bgp -n [<ip-addr>]
Prefixes
flockc bgp --af=<ipv4|ipv6> -p [<ip-network>]