IPv6 iBGP: The Internal Fabric
In an iBGP setup, the goal is to ensure all routers within
your organization know how to reach external destinations.
- The Full Mesh Requirement: Since iBGP routers do not re-advertise prefixes learned from one iBGP peer to another (to pr+event loops), you typically need a "Full Mesh" or Route Reflectors.
- Next-Hop-Self: Because iBGP doesn't change the next-hop attribute, internal routers often don't know how to reach the original eBGP exit point. Using the next-hop-self command is a standard practice to ensure internal reachability.
IPv6 eBGP: Crossing the Border
eBGP is the handshake between different entities (like your
network and an ISP).
- Prefix Filtering: Unlike iBGP, you never trust an eBGP peer blindly. Strict prefix-lists and route-maps are essential to ensure you aren't leaking private routes or accepting "bogon" space.
- The Link-Local Trap: In IPv6, eBGP can technically peer using Link-Local addresses (fe80::/10), but for stability and clarity, most engineers stick to Global Unicast Addresses (GUA) for peering.
In this blog, we configure the basics of IPv6 eBGP and iBGP.
Topology:
- Configure the topology as per the diagram.
- Configure the IPv6 addresses as per the topology.
- Configure IBGP on router 1 and router 2.
- Advertise directly connected.
- Configure EBGP on router 3
- Configure next-hop-self on router 2 for router 1
- Verify the configuration with ping, traceroute and show commands.
R1(config)#interface fastethernet 0/0
R1(config-if)#ipv6 address 2001:12::1/64
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface loopback 1
R1(config-if)#ipv6 address fc00:11::1/64
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config-if)#ipv6 address 2001:12::1/64
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#interface loopback 1
R1(config-if)#ipv6 address fc00:11::1/64
R1(config-if)#no shutdown
R1(config-if)#exit
R2(config)#interface fastethernet 0/0
R2(config-if)#ipv6 address 2001:12::2/64
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface loopback 1
R2(config-if)#ipv6 address fc00:22::1/64
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface serial 2/0
R2(config-if)#ipv6 address 2001:23::1/64
R2(config-if)#no shutdown
R2(config-if)#exit
R3(config)#interface loopback 1
R3(config-if)#ipv6 address fc00:33::1/64
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface serial 2/0
R3(config-if)#ipv6 address 2001:23::2/64
R3(config-if)#no shutdown
R3(config-if)#exit
R1(config)#ipv6 unicast-routing
R1(config)#router bgp 6500
R1(config-router)#bgp router-id 1.1.1.1
R1(config-router)#no bgp default ipv4-unicast
R1(config-router)#neighbor 2001:12::2 remote-as 6500
R1(config-router)#address-family ipv6 unicast
R1(config-router-af)#neighbor 2001:12::2 activate
R1(config-router-af)#network fc00:11::/64
R1(config-router-af)#network 2001:12::/64
R1(config-router-af)#exit
R2(config)#ipv6 unicast-routing
R2(config)#router bgp 6500
R2(config-router)#bgp router-id 2.2.2.2
R2(config-router)#no bgp default ipv4-unicast
R2(config-router)#neighbor 2001:12::1 remote-as 6500
R2(config-router)#neighbor 2001:23::2 remote-as 6700
R2(config-router)#address-family ipv6 unicast
R2(config-router-af)#neighbor 2001:12::1 activate
R2(config-router-af)#neighbor 2001:23::2 activate
R2(config-router-af)#network fc00:22::/64
R2(config-router-af)#network 2001:12::/64
R2(config-router-af)#network 2001:23::/64
R2(config-router-af)#exit
%BGP-5-ADJCHANGE: neighbor 2001:12::1 Up
R2(config)#router bgp 6500
R2(config-router)#address-family ipv6 unicast
R2(config-router-af)#neighbor 2001:12::1 next-hop-self
R2(config-router-af)#exit
R3(config)#ipv6 unicast-routing
R3(config)#router bgp 6700
R3(config-router)#bgp router-id 3.3.3.3
R3(config-router)#no bgp default ipv4-unicast
R3(config-router)#neighbor 2001:23::1 remote-as 6500
R3(config-router)#address-family ipv6 unicast
R3(config-router-af)#neighbor 2001:23::1 activate
R3(config-router-af)#network fc00:33::/64
R3(config-router-af)#network 2001:23::/64
R3(config-router-af)#exit
%BGP-5-ADJCHANGE: neighbor 2001:23::1 Up
R1#show ip bgp ipv6 unicast summary
BGP router identifier 1.1.1.1, local AS number 6500
BGP table version is 7, main routing table version 7
5 network entries using 860 bytes of memory
6 path entries using 528 bytes of memory
3/3 BGP path/bestpath attribute entries using 408 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1820 total bytes of memory
BGP activity 7/2 prefixes, 8/2 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2001:12::2 4 6500 24 21 7 0 0 00:16:06 4
R1#show ipv6 route bgp
IPv6 Routing Table - default - 8 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, HA - Home Agent, MR - Mobile Router, R - RIP
H - NHRP, I1 - ISIS L1, I2 - ISIS L2, IA - ISIS interarea
IS - ISIS summary, D - EIGRP, EX - EIGRP external, NM - NEMO
ND - ND Default, NDp - ND Prefix, DCE - Destination, NDr - Redirect
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
B 2001:23::/64 [200/0]
via 2001:12::2
B FC00:22::/64 [200/0]
via 2001:12::2
B FC00:33::/64 [200/0]
via 2001:12::2
R2#ping fc00:11::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to FC00:11::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/30/40 ms
R2#ping fc00:33::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to FC00:33::1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/28/36 ms
R1#traceroute fc00:33::1
Type escape sequence to abort.
Tracing the route to FC00:33::1
1 2001:12::2 20 msec 28 msec 20 msec
2 2001:23::2 44 msec 64 msec 40 msec
(If you like this blog, please visit our YouTube channel.https://www.youtube.com/@internetworkss
No comments:
Post a Comment