Ch 11: BGP Flashcards

1
Q

Which of the following autonomous systems are private? (Choose two.)

a. 64,512–65,535
b. 65,000–65,535
c. 4,200,000,000–4,294,967,294
d. 4,265,000–4,265,535,016

A

A and C. ASNs 64,512–65,535 are private ASNs within the 16-bit ASN range, and 4,200,000,000–4,294,967,294 are private ASNs within the extended 32-bit range.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which BGP attribute must be recognized by all BGP implementations and advertised to other autonomous systems?

  1. Well-known mandatory
  2. Well-known discretionary
  3. Optional transitive
  4. Optional non-transitive
A
  1. Well-known mandatory attributes must be recognized by all BGP implementations and included with every prefix advertisement.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

T/F: BGP supports dynamic neighbor discovery by both routers.

A

False.

BGP neighbors are statically defined. There is a feature that supports dynamic discovery by one peer (though it is beyond the scope of this book), but the other router must still statically configure the remote BGP peer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

T/F: A BGP session is always one hop away from a neighbor.

A

False.

BGP supports multi-hop neighbor adjacency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

T/F: The IPv4 address family must be initialized to establish a BGP session with a peer using IPv4 addressing.

A

False.

The IPv4 address family is automatically initialized by default on IOS-based devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which command is used to view the BGP neighbors and their hello intervals?

  1. show bgp neighbors
  2. show bgp afi safi neighbors
  3. show bgp afi safi summary
  4. show afi bgp interface brief
A

B. The command show bgp afi safi neighbors displays all the neighbors, their capabilities, session timers, and other useful troubleshooting information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How many tables does BGP use for storing prefixes?

a. One
b. Two
c. Three
d. Four

A

C.

BGP uses three tables (Adj-RIB-In, Loc-RIB, and Adj-RIB-Out) for storing BGP prefixes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

T/F: BGP advertises all its paths for every prefix so that every neighbor can build its own topology table.

A

False.

BGP advertises only the path that the local router deems is the best path.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Which BGP command advertises a summary route to prevent link-flap processing by downstream BGP routers?

  1. aggregate-address network subnet-mask as-set
  2. aggregate-address network subnet-mask summary-only
  3. summary-address network subnet-mask
  4. summary-address network mask subnet-mask
A

2.

The command aggregate-address network subnet-mask summary-only creates a BGP aggregate and suppresses the component routes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

T/F: The IPv6 address family must be initialized to establish a BGP session with a peer using IPv6 addressing.

A

True.

The IPv6 address family does not exist by default on IOS-based devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a BGP AS?

A

From the perspective of BGP, an autonomous system (AS) is a collection of routers under a single organization’s control, using one or more IGPs to route packets internally within the AS..

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

T/F: An IGP is required in a BGP AS to route internally.

A

An IGP is not required within an AS; an AS could use BGP as the only routing protocol.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How many AS numbers are available?

A

2^32 = 4G

ASNs were originally 2 bytes (16-bit range), which made 65,535 ASNs possible. Due to exhaustion, RFC 4893 expanded the ASN field to accommodate 4 bytes (32-bit range). This allows for 4,294,967,295 unique ASNs, providing quite an increase from the original 65,535 ASNs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the two reserved ASN ranges for private networks?

A
  • 64,512–65,535 are private ASNs in the 16-bit ASN range
  • 4,200,000,000–4,294,967,294 are private ASNs within the extended 32-bit range.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What entity is responsible for assigning ASNs?

A

The Internet Assigned Numbers Authority (IANA) is responsible for assigning all public ASNs to ensure that they are globally unique. IANA requires the following items when requesting a public ASN:

  1. Proof of a publicly allocated network range
  2. Proof that Internet connectivity is provided through multiple connections
  3. Need for a unique routing policy from providers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are PAs?

A

BGP uses path attributes (PAs) associated with each network path. The PAs provide BGP with granularity and control of routing policies within BGP. The BGP prefix PAs are classified as follows:

  • Well-known mandatory
  • Well-known discretionary
  • Optional transitive
  • Optional non-transitive
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

T/F: Prefix advertisements must include mandatory well-known attributes but discretionary well-known attributes are optionally included.

A

True.

well-known attributes must be recognized by all BGP implementations.

Well-known mandatory attributes must be included with every prefix advertisement; well-known discretionary attributes may or may not be included with a prefix advertisement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What is NLRI?

A

In BGP, the Network Layer Reachability Information (NLRI) is a routing update that consists of the network prefix, prefix length, and any BGP PAs for the specific route.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are the two types of optional PAs? Do they need to be recognized by all BGP implementations?

A

There are four categories of path attributes:

  1. Well-known mandatory
    • Must be recognized by all BGP routers and must be included in every update message. Routing information errors occur without this attribute.
  2. Well-known discretionary
    • Can be recognized by all BGP routers; can be included in every update message as needed.
  3. Optional transitive
    • Transitive attribute between ASs. A BGP router not supporting this attribute can still receive routes with this attribute and advertise them to other peers.
  4. Optional non-transitive
    • If a BGP router does not support this attribute, it will not advertise routes with this attribute.

Optional attributes do not have to be recognized by all BGP implementations. Optional attributes can be set so that they are transitive and stay with the route advertisement from AS to AS. Other PAs are non-transitive and cannot be shared from AS to AS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

T/F: BGP is a path vector routing protocol.

A

True.

BGP is a path vector routing protocol and does not contain a complete topology of the network, as link-state routing protocols do. BGP behaves like distance vector protocols, ensuring that a path is loop free.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is AS_Path?

A

The BGP attribute AS_Path is a well-known mandatory attribute and includes a complete list of all the ASNs that the prefix advertisement has traversed from its source AS.

AS_Path is used as a loop-prevention mechanism in BGP. If a BGP router receives a prefix advertisement with its AS listed in the AS_Path attribute, it discards the prefix because the router thinks the advertisement forms a loop.

Figure 11-1 shows the loop-prevention mechanism:

  1. AS 100 advertises the 172.16.1.0/24 prefix to AS 200.
  2. AS 200 advertises the prefix to AS 400, which then advertises the prefix to AS 300.
  3. AS 300 advertises the prefix back to AS 100 with an AS_Path of 300 400 200 100. AS 100 sees itself in the AS_Path variable and discards the prefix.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

What is MP-BGP? What is the AFI? and the SAFI?

A

Originally, BGP was intended for routing of IPv4 prefixes between organizations, but RFC 2858 added Multi-Protocol BGP (MP-BGP) capability by adding an extension called the address family identifier (AFI).

An address family identifier (AFI) correlates to a specific network protocol, such as IPv4 or IPv6, and additional granularity is provided through a subsequent address-family identifier (SAFI) such as unicast or multicast.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What are the MP_REACH_NLRI and MP_UNREACH_NLRI attributes used for? Where are they carried?

A

These attributes are carried inside BGP update messages and are used to carry network reachability information for different address families.

NLRI = Network Layer Reachability Information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is the difference between Multiprotocol BGP, MP-BGP, and MBGP?

A

No difference, just different names for the same thing.

Some network engineers refer to Multiprotocol BGP as MP-BGP, and other network engineers use the term MBGP. Both terms refer to the same thing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

T/F: BGP maintains a single database that contains the AF and Sub-AF information for each protocol.

A

False.

Every address family maintains a separate database and configuration for each protocol (address family + subsequent-address family) in BGP.

This allows for a routing policy in one address family to be different from a routing policy in a different address family, even though the router uses the same BGP session with the other router. BGP includes an AFI and SAFI with every route advertisement to differentiate between the AFI and SAFI databases.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

What is the period that BGP sends out Hello packets to discover new neighbors?

A

Never.

BGP does not use hello packets to discover neighbors, as do IGP protocols, and it cannot discover neighbors dynamically.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

By what are BGP neighbors defined?

A

BGP neighbors are defined by IP address.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

What port does BGP use for inter-router communication?

A

BGP uses TCP port 179 to communicate with other routers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

What mechanism in BGP allow for handling of fragmentation, sequencing, and reliability?

A

None.

BGP relies on TCP for this. TCP allows for handling of fragmentation, sequencing, and reliability (acknowledgment and retransmission) of communication packets.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

What allows BGP to form adjacenies that are multiple hops away? Why can’t IGPs do this?

A

IGPs follow the physical topology because the sessions are formed with hellos that cannot cross network boundaries (that is, single hop only).

BGP uses TCP, which is capable of crossing network boundaries (that is, multi-hop capable). While BGP can form neighbor adjacencies that are directly connected, it can also form adjacencies that are multiple hops away.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

What is a BGP session?

A

A BGP session refers to the established adjacency between two BGP routers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

T/F: Multi-hop sessions require that the router must use an manually defined static route that is installed in the RIB in order to establish the TCP session with the remote endpoint.

A

almost right…

Multi-hop sessions require that the router use an underlying route installed in the RIB (static or from any routing protocol) to establish the TCP session with the remote endpoint.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

T/F: R3 is located in between R2 and R4. If R2 forms a neighborship with R4 through R3, then R3 will be unaware that R2 and R4 have established a neighborship.

A

True.

In Figure 11-2, R1 is able to establish a direct BGP session with R2. In addition, R2 is able to establish a BGP session with R4, even though it passes through R3.

R1 and R2 use a directly connected route to locate each other. R2 uses a static route to reach the 10.34.1.0/24 network, and R4 has a static route to reach the 10.23.1.0/24 network.

R3 is unaware that R2 and R4 have established a BGP session even though the packets flow through R3.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

T/F: BGP neighbors connected to the same network use the ARP table to locate the IP address of the peer.

A

True.

BGP neighbors connected to the same network use the ARP table to locate the IP address of the peer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

T/F: A default route is sufficient to establish a multi-hop BGP session.

A

False.

A default route is not sufficient to establish a multi-hop BGP session.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

T/F: BGP can be thought of as a control plane routing protocol or as an application because it allows for the exchange of routes with a peer that is multiple hops away.

A

True.

BGP can be thought of as a control plane routing protocol or as an application because it allows for the exchange of routes with a peer that is multiple hops away.

BGP routers do not have to be in the data plane (path) to exchange prefixes, but all routers in the data path need to know all the routes that will be forwarded through them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

What are the two types of BGP sessions?

A

BGP sessions are categorized into two types:

  1. Internal BGP (iBGP): Sessions established with an iBGP router that are in the same AS or that participate in the same BGP confederation. iBGP prefixes are assigned an administrative distance (AD) of 200 upon installation in the router’s RIB.
  2. External BGP (eBGP): Sessions established with a BGP router that are in a different AS. eBGP prefixes are assigned an AD of 20 upon installation in the router’s RIB.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

What is the AD for an iBGP prefix upon installation in the router’s RIB?

A

iBGP prefixes are assigned an administrative distance (AD) of 200 upon installation in the router’s RIB.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

What is the AD of an eBGP route in the RIB?

A

eBGP prefixes are assigned an AD of 20 upon installation in the router’s RIB.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

What is the TTL on eBGP and iBGP packets and why does this matter?

A

Time-to-live (TTL) on eBGP packets is set to 1 by default. eBGP packets drop in transit if a multi-hop BGP session is attempted.

TTL on iBGP packets is set to 255, which allows for multi-hop sessions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

T/F: The advertising router appends its ASN to the existing AS_Path variable.

A

False.

The advertising router prepends its ASN to the existing AS_Path variable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

How does BGP prevent loops?

A

The receiving router verifies that the AS_Path variable does not contain an ASN that matches the local router’s ASN.

BGP discards the NLRI (Network Layer Reachability Information) if it fails the AS_Path loop prevention check.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

T/F: The configurations for eBGP and iBGP sessions are fundamentally the same except that the ASN in the remote-as statement is different from the ASN defined in the BGP process.

A

True.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q
  1. Can R2 form an adjacency directly with R4?
  2. If yes, will traffic from AS 65100 or AS 65300 be able to reach the other?
  3. What needs to happen for both eBGP and iBGP to function in this network diagram?
  4. What is the formula to determine the number of links requred to form a full mesh network?
A
  1. Yes. R2 can form an iBGP session directly with R4.
  2. No. While the adjacency is formed, R3 would not know where to route traffic from AS 65100 or AS 65300 when traffic from either AS reaches R3, because R3 would not have the appropriate route forwarding information for the destination traffic.
  3. Figure 11-5 shows the eBGP and iBGP sessions that would be needed between the routers to allow connectivity between AS 65100 and AS 65300. Notice that AS 65200 R2 establishes an iBGP session with R4 to overcome the loop-prevention behavior of iBGP learned routes.
  4. n(n-1) / 2
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

How many message types does BGP use?

A

Four.
BGP communication uses four message types, as shown in Table 11-2.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Match these 3 lists.

  • Type 1
  • Type 2
  • Type 3
  • Type 4
  • NOTIFICATION
  • OPEN
  • KEEPALIVE
  • UPDATE
  • Advertises, updates, or withdraws routes
  • Sets up and establishes BGP adjacency
  • Ensures that BGP neighbors are still alive
  • Indicates an error condition to a BGP neighbor
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Which BGP message is used to establish a BGP adjacency?

A

An OPEN message is used to establish a BGP adjacency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

T/F: Both sides negotiate session capabilities before BGP peering is established.

A

True.

Both sides negotiate session capabilities before BGP peering is established.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Which of these is not contained within the OPEN message?

  1. BGP version number
  2. ASN of the originating router
  3. Database revision number
  4. Hold time
  5. BGP identifier
  6. Other optional parameters that establish the session capabilities.
A
  1. There is no DB rev number.

The OPEN message contains the BGP version number, the ASN of the originating router, the hold time, the BGP identifier, and other optional parameters that establish the session capabilities.

50
Q

What is the heart beat mechanism for BGP neighbors to ensure that a neighbor is healthy and alive?

A

The hold time is a heart- beat mechanism for BGP neighbors to ensure that a neighbor is healthy and alive.

Hold time: The hold time attribute sets the hold timer, in seconds, for each BGP neighbor. Upon receipt of an UPDATE or KEEPALIVE, the hold timer resets to the initial value. If the hold timer reaches zero, the BGP session is torn down, routes from that neighbor are removed, and an appropriate update route withdraw message is sent to other BGP neighbors for the affected prefixes.

51
Q

What is the default Hold Timer value for BGP on Cisco routers?

A

180 seconds.

52
Q

What is the BGP router ID?

A

The BGP router ID (RID) is a 32-bit unique number that identifies the BGP router in the advertised prefixes.

The RID can be used as a loop-prevention mechanism for routers advertised within an autonomous system. The RID can be set manually or dynamically for BGP. A nonzero value must be set in order for routers to become neighbors.

53
Q

T/F: BGP relies on the TCP connection state to ensure that the neighbors are still alive.

A

False.

BGP does not rely on the TCP connection state to ensure that the neighbors are still alive. BGP uses KEEPALIVE messages for this.

54
Q

How often are KEEPALIVE messages exchanged?

A

KEEPALIVE messages are exchanged every one-third of the hold timer agreed upon between the two BGP routers.

Cisco devices have a default hold time of 180 seconds, so the default keepalive interval is 60 seconds. If the hold time is set to 0, then no keepalive messages are sent between the BGP neighbors.

55
Q

Which BGP message advertises any feasible routes, withdraws previously advertised routes, or can do both.

A

An UPDATE message advertises any feasible routes, withdraws previously advertised routes, or can do both.

An UPDATE message includes the Network Layer Reachability Information (NLRI), such as the prefix and associated BGP PAs, when advertising prefixes. Withdrawn NLRIs include only the prefix. An UPDATE message can act as a keepalive to reduce unnecessary traffic.

56
Q

Which BGP message is sent when an error is detected with the BGP session?

A

A NOTIFICATION message is sent when an error is detected with the BGP session, such as a hold timer expiring, neighbor capabilities changing, or a BGP session reset being requested. This causes the BGP connection to close.

57
Q

What are BGP neighbors called?

A

BGP forms a TCP session with neighbor routers called peers.

58
Q

T/F: BGP uses the finite-state machine (FSM) to maintain a table of all BGP peers and their operational status.

A

True.

BGP uses the finite-state machine (FSM) to maintain a table of all BGP peers and their operational status.

59
Q

What is the BGP FSM? What are the possible states?

A
  1. Idle
  2. Connect
  3. Active
  4. OpenSent
  5. OpenConfirm
  6. Established

I Care About Obama’s Opinion Everyday!

Figure 11-6 shows the BGP FSM and the states, listed in the order used in establishing a BGP session.

60
Q

What is the first stage of the BGP FSM?

A

Idle is the first stage of the BGP FSM.

BGP detects a start event and tries to initiate a TCP connection to the BGP peer and also listens for a new connection from a peer router.

If an error causes BGP to go back to the Idle state for a second time, the ConnectRetryTimer is set to 60 seconds and must decrement to zero before the connection can be initiated again. Further failures to leave the Idle state result in the ConnectRetryTimer doubling in length from the previous time.

61
Q

What state of the BGP FSM is TCP initiated?

A

In the Connect state, BGP initiates the TCP connection. If the three-way TCP handshake is completed, the established BGP session process resets the ConnectRetryTimer and sends the Open message to the neighbor; it then changes to the OpenSent state.

If the ConnectRetryTimer depletes before this stage is complete, a new TCP connection is attempted, the ConnectRetryTimer is reset, and the state is moved to Active. If any other input is received, the state is changed to Idle.

During this stage, the neighbor with the higher IP address manages the connection. The router initiating the request uses a dynamic source port, but the destination port is always 179.

62
Q

If the three-way TCP handshake is completed, the established BGP session process resets the ConnectRetryTimer and sends the _______ message to the neighbor; it then changes to the _______ state.

A

If the three-way TCP handshake is completed, the established BGP session process resets the ConnectRetryTimer and sends the Open message to the neighbor; it then changes to the OpenSent state.

63
Q

During the BGP CONNECT stage, which neighbor manages the connection?

A

During this stage, the neighbor with the higher IP address manages the connection.

64
Q

T/F: The router initiating the request uses a dynamic source port, but the destination port is always 179.

A

True.

The router initiating the request uses a dynamic source port, but the destination port is always 179.

65
Q

What command will display the active TCP sessions?

A

The command show tcp brief displays the active TCP sessions between a router.

Notice in the attached figure that the TCP source port is 179 and the destination port is 59884 on R1; the ports are opposite on R2.

This is because the router initiating the request uses a dynamic source port, but the destination port is always 179.

66
Q

This state follows Connect and indicates a reply has been received. The next state is OpenSent. What state is this?

A

In the Active state, BGP starts a new three-way TCP handshake. If a connection is established, an Open message is sent, the hold timer is set to 4 minutes, and the state moves to OpenSent. If this attempt for TCP connection fails, the state moves back to the Connect state, and the ConnectRetryTimer is reset.

67
Q

In the OpenSent state, an Open message has been sent from the originating router and is awaiting an Open message from the other router. Once the originating router receives the OPEN message from the other router, both OPEN messages are checked for errors. The following items are examined: (one is incorrect, which one?)

  1. BGP versions must match.
  2. The destination IP address of the OPEN message must match IP address that is configured for the neighbor.
  3. The AS number in the OPEN message must match what is configured for the neighbor.
  4. BGP identifiers (RIDs) must be unique. If a RID does not exist, this condition is not met.
  5. Security parameters (such as password and TTL) must be set appropriately.
A

In the OpenSent state, an Open message has been sent from the originating router and is awaiting an Open message from the other router. Once the originating router receives the OPEN message from the other router, both OPEN messages are checked for errors. The following items are examined: (one is incorrect, which one?)

  1. BGP versions must match.
  2. The source IP address of the OPEN message must match IP address that is configured for the neighbor.
  3. The AS number in the OPEN message must match what is configured for the neighbor.
  4. BGP identifiers (RIDs) must be unique. If a RID does not exist, this condition is not met.
  5. Security parameters (such as password and TTL) must be set appropriately.
68
Q

What are the commands to enable BGP?

A

router bgp as-number

[bgp router-id router-id]

neighbor ip-address remote-as as-number

69
Q

What does the source IP address of a BGP packet reflect?

A

The source IP address of the BGP packets still reflects the IP address of the outbound interface.

When a BGP packet is received, the router correlates the source IP address of the packet to the IP address configured for that neighbor. If the BGP packet source does not match an entry in the neighbor table, the packet cannot be associated to a neighbor and is discarded.

70
Q

T/F: IOS does not activate the IPv4 address family by default.

A

False,

IOS activates the IPv4 address family by default.

This can simplify the configuration in an IPv4 environment because steps 4 and 5 are optional but may cause confusion when working with other address families. The BGP router configuration command no bgp default ip4-unicast disables the automatic activation of the IPv4 AFI.

71
Q

What commands are needed to enable BGP?

A

router bgp as-number

  • Initialize the BGP routing process

[bgp router-id router-id]

  • Statically define the BGP router ID (RID), optional, but statically configuring the BGP RID is a best practice.

neighbor ip-address remote-as as-number

  • Identify the BGP neighbor’s IP address and AS number

address-family afi safi

  • This command will initialize the address family. Examples of afi values are IPv4 and IPv6, and examples of safi values are unicast and multicast.
  • neighbor ip-address activate (subcommand of AF)
    • Activates the address family for the BGP neighbor
72
Q

In BGP if the RID is not statically defined what happens?

A

The router will try dynamic allocation.

The dynamic RID allocation logic uses the highest IP address of the any up loopback interfaces. If there is not an up loopback interface, then the highest IP address of any active up interfaces becomes the RID when the BGP process initializes.

If neither then 0.0.0.0 is assigned to the RID and no neighbors will form adjacencies.

73
Q

What command will verify the BGP session?

A

The BGP session is verified with the command show bgp afi safi summary. (show bgp ip4 unicast summary)

Earlier commands like show ip bgp summary came out before MBGP and do not provide a structure for the current multiprotocol capabilities within BGP. Using the AFI and SAFI syntax ensures consistency for the commands, regardless of information exchanged by BGP. This will become more apparent as engineers work with address families like IPv6, VPNv4, and VPNv6.

Example 11-3 shows the IPv4 BGP unicast summary. Notice that the BGP RID and table version are the first components shown. The Up/Down column indicates that the BGP session is up for over 5 minutes.

74
Q

What is the Loc-RIB table?

A

BGP network statements do not enable BGP for a specific interface; instead, they identify specific network prefixes to be installed into the BGP table, known as the Loc-RIB table.

75
Q

What BGP command is used for advertising IPv4 networks?

A

The network statement resides under the appropriate address family within the BGP router configuration. The command network network mask subnet-mask [route-map route-map-name] is used for advertising IPv4 networks.

76
Q

What optional command can add specific BGP PAs to the Loc-RIB table?

A

The optional route-map provides a method of setting specific BGP PAs when the prefix installs into the Loc-RIB table. Route maps are discussed in more detail in Chapter 12.

The command network network mask subnet-mask [route-map route-map-name] is used for advertising IPv4 networks.

77
Q

How many tables does BGP use for maintaining the network prefix and path attributes (PAs) for a route?

A

BGP uses three tables for maintaining the network prefix and path attributes (PAs) for a route:

  1. Adj-RIB-In: Contains the NLRIs in original form (that is, from before inbound route policies are processed). To save memory, the table is purged after all route policies are processed.
  2. Loc-RIB: Contains all the NLRIs that originated locally or were received from other BGP peers. After NLRIs pass the validity and next-hop reachability check, the BGP best-path algorithm selects the best NLRI for a specific prefix. The Loc-RIB table is the table used for presenting routes to the IP routing table.
  3. Adj-RIB-Out: Contains the NLRIs after outbound route policies have been processed.
78
Q

T/F: The Adj-RIB-Out table is a unique table maintained for each BGP peer. It enables a network engineer to view routes advertised to a specific router.

A

True.

It contains the final routes after all policies have been applied.

79
Q

What is the command that displays the contents of the Adj-RIB-Out table for a neighbor?

A

The command:

  • show bgp afi safi neighbor ip-address advertised-routes

displays the contents of the Adj-RIB-Out table for a neighbor.

Example 11-8 shows the Adj-RIB-Out entries specific to each neighbor. Notice that the next-hop address reflects the local router and will be changed as the route advertises to the peer.

80
Q

What command can also be used to verify the exchange of NLRIs between nodes?

A

The show bgp ipv4 unicast summary command can also be used to verify the exchange of NLRIs between nodes, as shown in Example 11-9.

81
Q

What command shows BGP routes in the global IP routing table (RIB)?

A

The BGP routes in the global IP routing table (RIB) are displayed with the command show ip route bgp.

Example 11-10 shows these commands in the sample topology. The prefixes are from an eBGP session and have an AD of 20, and no metric is present.

82
Q

What is the MED in BGP?

A
  • We Love Obama AS Obama Means Pure Refreshment!
  • Weight, Local-Pref, Originate (local), AS Path, Origin (iBGP or eBGP), MED, Path, Router-id

Multi Exit Discriminator - (MED)

The MED provides a dynamic way to influence another AS in the way to reach a certain route when there are multiple entry points for that AS.

BGP follows a systematic procedure for choosing the best path. There are other important attributes that are taken in to account before considering the MED attribute. They are:

  1. weight
  2. local preference
  3. originate route
  4. AS path

So, if any of these criteria matches, the MED attribute will not be considered.

83
Q

What do afi and safi stand for in BGP?

A

When the BGP peers exchange the Multiprotocol extension capability, they exchange AFI and SAFI numbers and thus identify what the other BGP speaker is capable of.

IPv6 in BGP is implementated via MBGP, as is MPLS and VPNs through two new attributes:

  • MP_UNREACH_NLRI
  • MP_REACH_NLRI

The first two values in these two attributes contain the Address Family Identifier (AFI) and the Subsequent Address Family Identifier (SAFI).

For example:

  • If BGP is carrying IPv4 traffic, AFI equals 1, SAFI equals 1 for Unicast, or SAFI equals 4 for MPLS.
  • If BGP is carrying IPv6 traffic, AFI equals 2, SAFI equals 1 for Unicast, and SAFI equals 2 for multicast.
84
Q

What are the 3 parts to the BGP RIB, the Routing Information Base?

A

The database known as the BGP RIB consists of three parts as explained below:

  1. Adj-RIBs-In: BGP RIB-In stores BGP routing information received from different peers. The stored information is used as an input to BGP decision process. In other words this is the information received from peers before applying any attribute modifications or route filtering to them.
  2. Local RIB: The local routing information base stores the resulted information from processing the RIBs-In database’s information. These are the routes that are used locally after applying BGP policies and decision process.
  3. Adj-RIBs-out: This one stores the routing information that was selected by the local BGP router to advertise to its peers through BGP update messages. Do not forget; BGP only advertises best routes if they are allowed by local outbound policies.

The database described in this post is not to be confused with the routing table as these are only tables used by the BGP process only and never by the router for packet forwarding. Only the set of routes that exist in the Local-RIB are installed in the routing table based on a criteria specified by local BGP speaker (vendor implementation and preference of routing protocols).

85
Q

What is the difference between a optional transitive path attibute and a optional non-transitive PA?

A

Optional attributes can be set so that they are transitive and stay with the route advertisement from AS to AS. Other PAs are non-transitive and cannot be shared from AS to AS.

Optional attributes do not have to be recognized by all BGP implementations.

86
Q

What type of PA is AS_Path? What does it include? What is it’s purpose?

A

The BGP attribute AS_Path is a well-known mandatory attribute and includes a complete list of all the ASNs that the prefix advertisement has traversed from its source AS. AS_Path is used as a loop-prevention mechanism in BGP. If a BGP router receives a prefix advertisement with its AS listed in the AS_Path attribute, it discards the prefix because the router thinks the advertisement forms a loop.

87
Q

The advertising router prepends its ASN to the existing ______ variable.

A

The advertising router prepends its ASN to the existing AS_Path variable.

88
Q

Upon receiving a network prefix from a peer in an eBGP session, the receiving router verifies that the AS_Path variable does not contain an ASN that matches the local routers.

If there is a match in the AS_Path, then BGP discards the _____ because it fails the loop prevention check.

A

Upon receiving a network prefix from a peer in an eBGP session, the receiving router verifies that the AS_Path variable does not contain an ASN that matches the local router’s.

If there is a match in the AS_Path, then BGP discards the NLRI because it fails the loop prevention check.

NLRI, Network Layer Reachabilty Information,

89
Q

In BGP, ________ messages include the Network Layer Reachability Information (NLRI).

A

An UPDATE message advertises any feasible routes, withdraws previously advertised routes, or can do both. An UPDATE message includes the Network Layer Reachability Information (NLRI), such as the prefix and associated BGP PAs, when advertising prefixes. Withdrawn NLRIs include only the prefix. An UPDATE message can act as a keepalive to reduce unnecessary traffic.

90
Q

What message type will cause a BGP session to close?

A

A NOTIFICATION message is sent when an error is detected with the BGP session, such as a hold timer expiring, neighbor capabilities changing, or a BGP session reset being requested. This causes the BGP connection to close.

91
Q

What does the acronym “I Care About Organizing Everything”?

A
  1. Idle
  2. Connect
  3. Active
  4. OpenSent -> OpenConfirm
  5. Established

FSM for BGP establishing a session…

92
Q

T/F: BGP network statements do not enable BGP for a specific interface; instead, they identify specific network prefixes to be installed into the BGP table, known as the Loc-RIB table.

A

True.

BGP network statements do not enable BGP for a specific interface; instead, they identify specific network prefixes to be installed into the BGP table, known as the Loc-RIB table.

After configuring a BGP network statement, the BGP process searches the global RIB for an exact network prefix match. The network prefix can be for a connected network, a secondary connected network, or any route from a routing protocol. After verifying that the network statement matches a prefix in the global RIB, the prefix is installed into the BGP Loc-RIB table. As the BGP prefix is installed into the Loc-RIB table, the following BGP PAs are set, depending on the RIB prefix type:

Connected network: The next-hop BGP attribute is set to 0.0.0.0, the BGP origin attribute is set to i (IGP), and the BGP weight is set to 32,768.

Static route or routing protocol: The next-hop BGP attribute is set to the next-hop IP address in the RIB, the BGP origin attribute is set to i (IGP), the BGP weight is set to 32,768, and the MED is set to the IGP metric.

93
Q

As the BGP prefix is installed into the Loc-RIB table, the following BGP PAs are set, depending on the RIB prefix type. What are the next-hop BGP attributes set to for a Connected network and a Static route/routing protocol?

A

As the BGP prefix is installed into the Loc-RIB table, the following BGP PAs are set, depending on the RIB prefix type:

Connected network:

  • next-hop: 0.0.0.0
  • origin: i (IGP)
  • weight: 32,768.

Static route or routing protocol:

  • next-hop: next-hop IP address in the RIB
  • origin: i (IGP)
  • weight: 32,768
  • MED: IGP metric
94
Q

T/F: Every route in the Loc-RIB table is advertised to a BGP peer.

A

False:

Not every route in the Loc-RIB table is advertised to a BGP peer.

All routes in the Loc-RIB table use the following process for advertisement to BGP peers.

  1. Pass a validity check. Verify that the NRLI is valid and that the next-hop address is resolvable in the global RIB. If the NLRI fails, the NLRI remains but does not process further.
  2. Process outbound neighbor route policies. After processing, if a route was not denied by the outbound policies, the route is maintained in the Adj-RIB-Out table for later reference.
  3. Advertise the NLRI to BGP peers. If the NLRI’s next-hop BGP PA is 0.0.0.0, then the next-hop address is changed to the IP address of the BGP session.
95
Q

Where does the “network” statement reside in a BGP config?

A

The network statement resides under the appropriate address family within the BGP router configuration.

The command network network mask subnet-mask [route-map route-map-name] is used for advertising IPv4 networks.

The optional route-map provides a method of setting specific BGP PAs when the prefix installs into the Loc-RIB table. Route maps are discussed in more detail in Chapter 12.

96
Q

What table contains the NLRIs in original form (that is, from before inbound route policies are processed)?

A

Adj-RIB-in

To save memory, the table is purged after all route policies are processed. After confirming the validity of the received NLRIs they are passed on to the Loc-RIB.

97
Q

What table contains all the NLRIs that originated locally or were received from other BGP peers?

A

Loc-RIB.

After NLRIs pass the validity and next-hop reachability check, the BGP best-path algorithm selects the best NLRI for a specific prefix and this route is intalled into the Loc-RIB.

The Loc-RIB table is the table used for presenting routes to the IP routing table.

98
Q

What table contains the NLRIs after outbound route policies have been processed?

A

Adj-RIB-Out.

99
Q

Not every prefix in the Loc-RIB table is advertised to a BGP peer or installed into the global RIB when received from a BGP peer. BGP performs the following route processing steps. Put them in order:

  1. Update the Loc-RIB with the latest entry. The Adj-RIB-In table is cleared to save memory.
  2. Identify the BGP best path and pass only the best path and its path attributes to the global RIB.
  3. Install the best-path route into the global RIB, process the outbound route policy, store the non-discarded routes in the Adj-RIB-Out table, and advertise to BGP peers.
  4. Store the route in the Adj-RIB-In table in the original state and apply the inbound route policy based on the neighbor on which the route was received.
  5. Pass a validity check to verify that the route is valid and that the next-hop address is resolvable in the global RIB. If the route fails, the route remains in the Loc-RIB table but is not processed further.
A

This is the proper order.

  1. Store the route in the Adj-RIB-In table in the original state and apply the inbound route policy based on the neighbor on which the route was received.
  2. Update the Loc-RIB with the latest entry. The Adj-RIB-In table is cleared to save memory.
  3. Pass a validity check to verify that the route is valid and that the next-hop address is resolvable in the global RIB. If the route fails, the route remains in the Loc-RIB table but is not processed further.
  4. Identify the BGP best path and pass only the best path and its path attributes to the global RIB. The BGP best path selection process is covered in Chapter 12.
  5. Install the best-path route into the global RIB, process the outbound route policy, store the non-discarded routes in the Adj-RIB-Out table, and advertise to BGP peers.
100
Q

What command displays the content of the Loc-RIB?

A

The command show bgp afi safi displays the contents of the BGP database (Loc-RIB) on the router.

Every entry in the BGP Loc-RIB table contains at least one path but could contain multiple paths for the same network prefix.

Example 11-6 displays the BGP table on R1, which contains received routes and locally generated routes.

101
Q

What command displays all the paths for a specific route and the BGP path attributes for that route?

A

The command show bgp afi safi network displays all the paths for a specific route and the BGP path attributes for that route.

Example 11-7 shows the paths for the 10.12.1.0/24 network. The output includes the number of paths and which path is the best path.

102
Q

T/F: The Adj-RIB-Out table is a unique table maintained for each BGP peer.

A

True.

103
Q

What command enables a network engineer to view routes advertised to a specific router?

A

This command will display the contents of the Adj-RIB-Out table for a neighbor.

  • show bgp afi safi neighbor ip-address advertised routes

Example 11-8 shows the Adj-RIB-Out entries specific to each neighbor. Notice that the next- hop address reflects the local router and will be changed as the route advertises to the peer.

104
Q

What command shows the BGP routes in the global IP routing table (RIB)?

A

The BGP routes in the global IP routing table (RIB) are displayed with the command show ip route bgp.

Example 11-10 shows these commands in the sample topology. The prefixes are from an eBGP session and have an AD of 20, and no metric is present.

105
Q

Example 11-11 shows the routing table for R1. How was the loopback (192.168.3.3) on R3 learned? How is the loopback (192.168.4.4) on R4 reached? How was the loopback (192.168.5.5) on R5 learned?

A

Example 11-11 shows the routing table for R1. Notice that R3’s loopback was learned via EIGRP, R4’s loopback is reached using a static route, and R5’s loopback is learned from OSPF.

106
Q

What are the two techniques for BGP summarization?

A

There are two techniques for BGP summarization:

Static: Create a static route to Null0 for the summary network prefix and then advertise the prefix with a network statement. The downfall of this technique is that the summary route is always advertised, even if the networks are not available.

Dynamic: Configure an aggregation network prefix. When viable component routes that match the aggregate network prefix enter the BGP table, then the aggregate prefix is created. The originating router sets the next hop to Null0 as a discard route for the aggregated prefix for loop prevention.

107
Q

What is the command to implement dynamic route summarization? What benefit would route summarization have in the attached diagram? In order for R4 to benefit from this where would the summarization happen?

A

Dynamic route summarization is accomplished with the BGP address family configuration command:

  • aggregate-address network subnet-mask [summary-only] [as-set].

In Figure 11-11 on question side of this card, R3 summarizes all the eBGP routes received from AS 65100 and AS 65200 to reduce route computation on R4 during link flaps. In the event of a link flap on the 10.13.1.0/24 network, R3 removes all the AS 65100 routes learned directly from R1 and identifies the same network prefixes via R2 with different path attributes (a longer AS_Path). R3 has to advertise new routes to R4 because of these flaps, which is a waste of CPU cycles because R4 only receives connectivity from R3. If R3 summarized the network prefix range, R4 would execute the best-path algorithm once and not need to run during link flaps of the 10.13.1.0/24 link

Figure 11-12 removes the flapping serial link between R1 and R3 to demonstrate BGP route aggregation and the effects of the commands.

108
Q

What is an “atomic aggregate”?

A

Aggregated routes act like new BGP routes with a shorter prefix length.

When a BGP router summarizes a route, it does not advertise the AS_Path information from before the aggregation. BGP path attributes like AS_Path, MED, and BGP communities are not included in the new BGP advertisement.

109
Q

T/F: When a BGP router summarizes a route, it advertises the AS_Path information from before the aggregation.

A

False.

110
Q

T/F: BGP path attributes like AS_Path, MED, and BGP communities are not included in the new BGP advertisement with an atomic aggregated route.

A

True.

BGP path attributes like AS_Path, MED, and BGP communities are not included in the new BGP advertisement.

The atomic aggregate attribute indicates that a loss of path information has occurred. This happens when the ‘summary-only’ option is used on the aggregation.

111
Q

What is the purpose of the optional as-set keyword that may be used with the aggregate-address command.

A

The purpose is to keep the BGP path information history.

As the router generates the aggregate route, BGP attributes from the component aggregate routes are copied over to it. The AS_Path settings from the original prefixes are stored in the AS_SET portion of the AS_Path. The AS_SET, which is displayed within brackets, only counts as one hop, even if multiple ASs are listed.

112
Q

What commands are needed to configure a BGP process with an AS of 65200, AFI of IPv4, and to advertise a summary route of 192.168.0.0/16 while preserving the BGP path information history? i.e. the advertised summary route will include the AS that summarized the route.

A

Example 11-24 shows R2’s updated BGP configuration for summarizing both networks with the as-set keyword.

113
Q

T/F: Multiprotocol BGP (MP-BGP) enables BGP to carry NLRI for multiple protocols, such as IPv4, IPv6, and Multiprotocol Label Switching (MPLS) Layer 3 virtual private networks (L3VPNs).

A

True.

114
Q

T/F: MP-BGP for IPv6 continues to use the same well-known TCP port 179 for session peering as BGP uses for IPv4.

A

True.

115
Q

What are the AFI and SAFI attibute fields that are exchanged for:

  1. IPv4 unicast
  2. IPv6 unicast
  3. IPv6 multicast
A

During the initial open message negotiation, the BGP peer routers exchange capabilities. The MP-BGP extensions include an address family identifier (AFI) that describes the supported protocols, along with subsequent address family identifier (SAFI) attribute fields that describe whether the prefix applies to the unicast or multicast routing table:

  1. IPv4 unicast: AFI: 1, SAFI: 1
  2. IPv6 unicast: AFI: 2, SAFI: 1
  3. IPv6 multicast: AFI: 2, SAFI: 2
116
Q

Figure 11-13 demonstrates a simple topology with three different ASs and R2 forming an eBGP session with R1 and R3.

What is the range in IPv6 of all link-local addresses?

What are the advertised link-local addresses in this network?

A

The link-local addresses have been configured from the defined link-local range FE80::/10.

  • All of R1’s links are configured to FE80::1
  • all of R2’s links are set to FE80::2
  • all of R3’s links are configured for FE80::3

A link-local address is an IPv6 unicast address that can be automatically configured on any interface using the link-local prefix FE80::/10 (1111 1110 10) and the interface identifier in the modified EUI-64 format.

117
Q

T/F: Unique global unicast addressing is the recommended method for BGP peering to avoid operational complexity.

A

True.

BGP peering using the link-local address may introduce risk if the address is not manually assigned to an interface. A hardware failure or cabling move will change the MAC address, resulting in a new link-local address. This will cause the session to fail because the stateless address autoconfiguration will generate a new IP address.

118
Q

T/F: IPv4 unicast routing capability is not advertised by default in IOS.

A

False.

IPv4 unicast routing capability is advertised by default in IOS unless the neighbor is specifically shut down within the IPv4 address family or globally within the BGP process with the command no bgp default ipv4-unicast.

119
Q

What is the command to display detailed information on whether the IPv6 capabilities with a specific peer were negotiated successfully?

A

Routers exchange AFI capabilities during the initial BGP session negotiation. This command displays detailed information on whether the IPv6 capabilities were negotiated successfully:

show bgp ipv6 unicast neighbors ip-address [detail]

120
Q

What command displays a status summary of the IPv6 BGP sessions, including the number of routes that have been exchanged and the session uptime?

A

The command below displays a status summary of the sessions, including the number of routes that have been exchanged and the session uptime.

show bgp ipv6 unicast summary

121
Q

What is the command to view the BGP path attributes for an IPv6 route?

A

The BGP path attributes for an IPv6 route are displayed with the command:

show bgp ipv6 unicast prefix/prefix-length.

122
Q

T/F: The same process for summarizing or aggregating IPv4 routes occurs with IPv6 routes, and the format is identical except that the configuration is placed under the IPv6 address family.

A

True.

This is done using the command aggregate-address prefix/prefix-length [summary-only] [as-set].