BGP peer groups

In my last two tips, I discussed how BGP works with other protocols. I want to continue this train of thought with a few tips on configuring BGP.

Like other routing protocols, BGP has neighbors, which are

    Requires Free Membership to View

    Login

usually called "peers". Unlike a lot of Interior Gateway Protocols like OSPF and EIGRP, which can discover their neighbors, BGP peers must be manually identified by IP address. This is a good thing, not a disadvantage, as you don't want BGP peers suddenly appearing without proper planning.

When you define the peers, you can assign quite a few attributes to them, such as route-maps for inbound and outbound traffic, prefix-lists for inbound and outbound advertisements, version, communities, their Autonomous System number, etc. This can be a little tedious and present an opportunity for mistakes, so IOS has a very useful method for assigning all of these values to a group of peers, which are appropriately named "peer-groups".

Peers are normally grouped by Autonomous System number, but you can be more granular. For instance, if your company has two BGP routers, and they talk to a partner company which has two BGP routers and also to an internet provider which as two more routers, then on one of your routers, you'd configure a peer group for your company, a second peer group for the partner, and a third peer group for the ISP. Then, you assign all the attributes to each peer group and add routers to the peer groups, instead of assigning all the attributes to each peer individually.

I consider this a "best practice" even for an environment as small as my example, but you can see how it quickly becomes a practical necessity in larger environments as the number of peers grows.

Here is what the peer-group configuration of one of your routers might look like in the above example:

neighbor mycompany peer-group
neighbor mycompany remote-as 65000

neighbor partner peer-group
neighbor partner remote-as 65001
neighbor partner prefix-list their-routes in
neighbor partner prefix-list my-routes out

neighbor isp peer-group
neighbor isp remote-as 65002
neighbor isp prefix-list default-route in
neighbor isp prefix-list my-routes out

neighbor 10.1.1.1 peer-group mycompany
neighbor 10.1.1.3 peer-group partner
neighbor 10.1.1.4 peer-group partner
neighbor 10.1.2.3 peer-group isp
neighbor 10.1.2.4 peer-group isp

Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.


This was first published in November 2004

Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.

    Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

    Back to top