ROSv7 – BGP Basic Configuration – eBGP Peering to Advertise Subnets


Introduction

This tutorial will explain how to use ROSv7 to peer with your upstream provider for the purpose of advertising subnets out to the rest of the world. I’ll include the configuration of the Upstream Router and the Downstream Router in CLI format so that it can just be copied and pasted into a new terminal window (since the configuration of those two devices is not the focus of this tutorial). BTW, you will probably want to copy it to a notepad, clean up the extra spaces that are added from the webpage, and then copy it into your router. When everything is successfull, you should be able to see the route of 123.123.123.0/24 installed in the Upstream Router and be able to ping from that router through the BGP Gateway Router to the Downstream Router at 123.123.123.2.

I struggled with how to present this information. There are multiple ways to acheive the same thing and as you become more comfortable with the settings, you will very likey adopt a differnt syntax. I also realize the syntax will continue to evolve as bug fixes are implmented and feature sets are rounded off. I also struggled with whether or not to call out any of the new features. There are many new features already there and many more coming down the line. In the end, I decided to show the easiest and fastest way to get up and running becuase the main purpose of the tutorial is to help users get their routers up and running with ROSv7 as fast as possible.

One last note. You should never do a peering like this without filters. I’ve left the filters out of this example though becuase I am working on a Quick Refrence Guide for the new syntax, so be looking for that in the Downloads section.

 

 

Order of Operations (As they apply to this example only)

Here are the Order of Operations:

1) Add all link IP address to their respective interfaces

2) Create the BGP Connection

3) Add the network to the Address List

4) Ensure a route is installed in the Main Routing Table

5) Test

Configs

Upstream Router

/ip address
add address=1.50.50.1/30 interface=ether1 network=1.50.50.0
/routing bgp connection
add as=64512 connect=yes disabled=no listen=yes local.role=ebgp name=Peering_to_BGP-GW-Router remote.address=1.50.50.2/32 .as=64513
/system identity
set name=”Upstream Router”

 

BGP Gateway Router

/ip address
add address=1.50.50.2/30 interface=ether1 network=1.50.50.0
add address=123.123.123.1/24 interface=ether2 network=123.123.123.0
/ip firewall address-list
add address=123.123.123.0/24 list=BGP_Upstream_Output_Network
/ip route
add disabled=no distance=1 dst-address=0.0.0.0/0 gateway=1.50.50.1 pref-src=”” routing-table=main scope=30 suppress-hw-offload=no target-scope=10
/routing bgp connection
add as=64513 connect=yes disabled=no listen=yes local.role=ebgp name=Peering_to_Upstream-Router output.network=BGP_Upstream_Output_Network \
remote.address=1.50.50.1/32 .as=64512
/system identity
set name=”BGP Gateway Router”

Downstream Router

/ip address
add address=123.123.123.2/24 interface=ether1 network=123.123.123.0
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=123.123.123.1 routing-table=main suppress-hw-offload=no
/system identity
set name=”Downstream Router”

 

Step by Step Procedures:

1) Add all link IP address to their respective interfaces

/ip address
add address=1.50.50.2/30 interface=ether1 network=1.50.50.0
add address=123.123.123.1/24 interface=ether2 network=123.123.123.0

 

 

2) Create the BGP Connection

In a case like this example, which only has one peer, then the BGP connection settings are all that is really needed. Templates help out when there are going to be multiple connectin with similar settings. Take notice of the output.network setting. This is how the L3 firewall address list connects to BGP in this example (there are also other settings that can refrence the address list as well.) What was once done in the Networks tab will now be accomplished with the address list. You will want to copy and paste that value from one field to other since those do not currently pre-populate for you.

/routing bgp connection
add as=64513 connect=yes disabled=no listen=yes local.role=ebgp name=Peering_to_Upstream-Router output.network=BGP_Upstream_Output_Network \
remote.address=1.50.50.1/32 .as=64512

 

3) Add the network to the Address List

The L3 firewall address list has now replaced the networks setting that was in ROSv6, but there is a caviat to it. At the moment, it can not toggle between “sycronize and no-sycronize” so you have to pay attention to the how the routes show up in the main routing table… more about that in the next step. BTW, there are no firewall rules needed, just the address list. The 111.111.111.0/24 is to illistrate a condition in the next step.

/ip firewall address-list
add address=123.123.123.0/24 list=BGP_Upstream_Output_Network

 

 

4) Ensure a route is installed in the Main Routing Table

If you notice in the main routing table (IP -> Route) the 123.123.123.0/24 network is a DAC route. Since BGP is not able to choose between syncronization modes at the moment, its inportant that the route being advertised is an active route in the routing table. This one already is and should work just fine, but let’s say you wanted to advertise a route which was not in this router’s address list. You can install a static route with the same gateway as the default route. That route becomes active and BGP is now able to advertise it such as with this 111.111.111.0/24 route.

/ip route print

 

 

5) Test

Now all that is left is to test it. From the Upstream Router, you should see the route/s installed as Dab (Dynamic Active BGP) routes and you should be able to ping 123.123.123.1 and 123.123.123.2.

/ip route print

ping 123.123.123.1

 

 

Enjoy 😉

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.