Nicholas Morrison - Networking Specialist

S1E15 - The Border Gateway Protocol - Lab

Tags:

Connecting

Connect to the lab server:

local$ ssh-keygen -R netlab.nanocat.net
local$ ssh lab@netlab.nanocat.net
Password: (see discord)

Connect to your router:

lab@netlab$ list-devices
lab@netlab$ connect DEVICE

Topology

Prefix and AS number allocations: https://docs.google.com/spreadsheets/d/1vxVgJI_LhY3NDGJ3icE-4zphmBxUurEvVFgdjafFBzc/edit?usp=sharing

Topology: BGP-01

Goal

  • Configure basic IP addressing
  • Configure a BGP session with another peer
  • Advertise your /24 prefix
  • Verify

Enable IP routing

Enable IP routing on your router.

Configure your IP addresses

  • Configure your interface IP addresses, ISP side and PC side.
  • You can use show lldp neighbor to discover where your interfaces connect.
  • Your router should always take the lowest IP address.
  • The link to the ISP will have a /31 netmask.
  • The link to your PC will have a /26 netmask, allocated from your assigned /24.
!
interface ethernetX
   no switchport
   ip address x.x.x.x/x
!

Make sure you can ping your upstream router.

Configure BGP on your router

Establish a BGP session with your upstream. Refer to the diagram for the correct remote-as. You have the lower IP in the /31, your upstream has the higher IP.

!
router bgp XXXXX                        <- your AS number
   neighbor x.x.x.x remote-as xxxxx     <- your upstream's AS number
   neighbor x.x.x.x description The ISP
   network x.x.x.x/24                   <- your /24 IP allocation (not /26)
!

r1.xxx#show ip bgp summary
r1.xxx#show ip route bgp
r1.xxx#show ip bgp neighbor x.x.x.x advertised-routes
r1.xxx#show ip bgp neighbor x.x.x.x received-routes

Do you see the routes?

  • BGP won’t advertise a network unless there’s an exactly matching prefix in your local routing table
  • Add static null0 routes matching your network prefixes

Add null0 routes

!
ip route x.x.x.x/24 null0
!

r1.xxx#show ip bgp neighbor x.x.x.x advertised-routes

r1.xxx#show ip bgp neighbor x.x.x.x advertised-routes
r1.xxx#show ip bgp neighbor x.x.x.x received-routes

Configure your PC

$ ip address add x.x.x.x/26 dev eth1    <- add an IP to eth1
$ ip route delete default               <- delete the gateway
$ ip route add default via x.x.x.1      <- add the correct gateway
$ ip route                              <- check your routing table
$ ping x.x.x.1                          <- make sure you can ping

Traceroute to other AS’s

  • Traceroute to some other AS’s PCs. Make sure you can reach all of them.
  • Look at your BGP database to check the AS path.

Observations

  • Do your /31 link addresses need to appear in everyone else’s routing table? Why or why not?
  • Why do we advertise the whole /24, when we are only making use of a /26?

Fin! Questions?