X. WAN

Configuring Border Gateway Protocol (BGP)

Products:
Vigor 2862
Vigor 2865
Vigor 2926
Vigor 2927
Show all

Keywords:
backup
bgp
border
border gateway protocol
Show all

Configuring Border Gateway Protocol (BGP)

In a simple office/home Internet connection, you have a single ISP and single local subnet so your router only has to decide if an IP destination is local (within your LAN) or not. If the destination is not local, the router just forwards the datagram on to your ISP. Job done. Once on the Internet, it's not so simple; An ISP will likely have multiple peers (connections to other ISPs) so it has to know which of its peers can deliver the packet to the destination, and which can do so most efficiently. 

Border Gateway Protocol (BGP) is the method by which routers on the Internet can tell each other that they can reach a particular destination (IP address).  They are the 'road signs' or the SatNav for your data. BGP can also be used between private networks - referred to as 'Autonomous Systems' or 'AS' in the context of BGP - to exchange information about multiple private subnets reachable within each AS - that would commonly be used between a pair (or more) of remote corporate locations.

BGP is an exterior Gateway Protocol (EGP). It operates outside of your private network (your autonomous system or 'AS') on the Internet. It is distinct from Interior Gateway protocols like RIP, OSPG and EIGRP which runs inside your network.  BGP can also operate inside your AS (where iBGP peers exist). A unique ASN (Autonomous System Number) is allocated (by IANA) for your system.  You can also create your own private AS if it's not going to get onto the Internet - there are allocated ranges for private usage.

It's vital that your BGP management configuration is managed competently. An error would be the equivalent of changing a sign on the highway - everyone would end up in the wrong place and never get to their destinations.

One of the biggest BGP disasters was caused by Pakistani Telecom trying to block YouTube throughout Pakistan. They issued deliberately false BGP routing but it propagated outside of Pakistan and spread across the Internet, causing YouTube to be unavailable for the whole world - imagine, no funny cat videos or make-up tutorials for 24 hours! There have been other incidents of the BGP table being deliberately poisoned. On a smaller scale, if you get it wrong, you can take your own domain offline and make it unreachable. Once you fix it, it takes time for the corrected routing information to propagate again.


 

Example Configuration between a Vigor 2860 and Vigor 2862

This setup guide will demonstrate how to configure Border Gateway Protocol to operate across a private WAN link, between a Vigor 2860 router and Vigor 2862 router which each have three LAN subnets configured on them.

Setting up BGP across a WAN link requires a direct link or private WAN connection between the two points. The purpose of the BGP link between the two networks is to simplify the management of LAN subnets between the two routers - once BGP is configured, the Vigor 2862 will be able to automatically update the routing configuration of the Vigor 2860 when the LAN configuration of the Vigor 2862 changes.

 

Network Configuration

 
Vigor 2860Vigor 2862
Private WAN IP Address 192.168.29.12 192.168.29.11
LAN-A Subnet
172.16.12.0/24 10.0.2.0/24
LAN-B Subnet
172.16.13.0/24 10.0.3.0/24
LAN-C Subnet
172.16.14.0/24 10.0.4.0/24

/24 is a Subnet Mask value of 255.255.255.0, which indicates a range of IP addresses from 0 to 255, i.e. 172.16.12.0/24 indicates 172.16.12.0 to 172.16.12.255.

Section 1 - Vigor2862 Configuration

1. Go to [BGP Routing] and select the Basic Settings tab,

  • Check Enable BGP
  • Give it a unique Local AS Number (Autonomous System), in this example "2862" will be used
  • Configure the Hold Time for received routes as 180 seconds
  • Configure the Connect Retry Time as 120 seconds
  • The Router ID can be left with its default of "LAN 1"

Click OK to save these settings.

The Hold Time value is the amount of time that the BGP routes loaded from the BGP Neighbour routers remain active for. When the Vigor 2862 router does not receive a keep-alive message within the Hold Time period, from the BGP Neighbour (Vigor 2860) for a route, that route is then cleared from the Vigor 2862's routing table.


2. Click the first available Index number in the Neighbour table to create a profile for the remote BGP router.

  • Enable the profile
  • Enter the Profile Name to identify the remote BGP router
  • Enter the AS Number of the Vigor2860, in this example, this will be set as "2860"
  • Enter the WAN IP address of the Vigor2860 router



Click OK to save and apply the configuration change.
   


3. Go to [BGP Routing] and click on the [Static Network] tab

Enter the IP address(es) and Subnet Mask(s) of the Vigor 2862 router's local subnets that will be advertised through the BGP link.



Click OK to save and apply the configuration.
   


 
Section 2 - Vigor2860 Configuration



4. Go to [BGP Routing] on the Vigor 2860 and repeat steps 1 to 3 (from Section 1) for this router.

The configuration should be as shown below, note that the Local AS Number ("2860") and Static Networks (172.16.x.x) to advertise across the BGP link are unique to this router:


The Status in the Neighbour table will show "Established" after the routing information has been exchanged between the two routers:   

Section 3 - Testing BGP Routes

To test the functionality of Border Gateway Protocol between the two routers, go to [Diagnostics] > [Routing Table] to verify that the routes available through the other router will be sent through to the remote router's WAN IP, and the route type will display as "B" (for BGP):


   

When changes are made to the Vigor 2862 or Vigor 2860 routers; adding or deleting Static Networks on the BGP Configuration page, the routing table of the BGP Neighbour will be updated accordingly.

For example, deleting a static network on Vigor2862 will clear that route from the Vigor 2860.

To do that, go to the [BGP Routing] > Static Network tab, click Select for the route(s) to clear and click the Delete button:

The deleted network will be cleared from the Routing Table of the Vigor 2860 when the configured Hold Time expires:


How do you rate this article?

1 1 1 1 1 1 1 1 1 1