Wednesday, 30 January 2019

BGP Series 11: BGP Peer Groups

BGP Peer-Groups:

  • Why do we need bgp peer groups?

    • In a network, we may have a couple of eBgp neighbors and dozens of iBGP neighbors

    • With each Bgp neighbor, there is a lot of other policies such as filter-list/ route-map/ distribute-list. If each neighbor had different policy, no other way than applying to them individually, but, Many neighbors might require the same BGP policies like:

      • Apply same inbound RouteMaps to a group of neighbors
      • Apply same bgp filtering to a group of neighbors
      • Change the same path attributes for a group of neighbors
    • Configuring per-neighbor policies are burdensome:

      • Takes more time to configure
      • Utilizes more CPU for sending/receiving updates
  • Example:

    • img
    • If we had lots of neighbors, it will take a lot of time…:(
    • But, what if we could create a group and put all of the neighbors under that group and then configure policies for that group
    • img(WARNING: This not actual command, just an analogy)
  • What is a Peer Group?

    • Groups of peers to which the same outbound policies apply
    • Only inbound policies can be overridden on a per-neighbor basis
    • All configuration options or individual neighbors can be applied to peer groups
    • Updates are generated once per group
  • Configuration:

    • To create the peer-group:

(config-router)#neighbor peer-group

    • To add neighbors to that peer-group:

(config-router)#neighbor peer-group

  • Example of peer-group for iBGP neighbors:

    • img
    • Here, were are creating a peer-group named ‘my-company’
    • And for peer-group ‘my-company’, we are saying it is in remote-as 300 and has route-map ‘Attribute’ outbound and filter-list ‘2’ outbound
    • In the end, we just mention neighbor IP and mention peer-group
    • Now, coming to the last command: in a peer-group, all the neighbors must have the same outbound policy. But, if we wish, we could give unique inbound policies
  • Example of peer-group for eBGP neighbors:

    • img
    • Since, all external neighbors will be in different AS, we can’t apply ‘remote-as’ under peer-group, but, still, we can give the policies for the external neighbors under a peer-group

No comments:

Post a Comment