BGP Peering

This section contains information related to the Border Gateway Protocol (BGP) features on the Cisco Nexus 3550-F Fusion (formerly ExaLINK Fusion). Nexus 3550-Fs purchased as layer 1 only devices (i.e. those which do not have an FPGA module installed) are not capable of receiving or transmitting BGP information, nor are Nexus 3550-Fs running fastmux firmware.

The Border Gateway Protocol (BGP) is an inter-Autonomous System routing protocol. The primary function of a BGP speaking system is to exchange network reachability information with other BGP systems.

The Nexus 3550-F can enable limited BGP support on a router object to allow the Nexus 3550-F to connect to a remote BGP peer and advertise routes. Note that currently no routing is done by the Nexus 3550-F.

Router Objects

The router object is used to define layer 3 functionality on the Nexus 3550-F. Since routing is currently not supported by the Nexus 3550-F, a router object can have at most one port.

Router objects are created using the router command from within configuration mode.

admin@N3550-F(config)> router Primary
Created router "Primary"

A front panel port can then be added to the router object, and an IP address assigned.

admin@N3550-F(config-router:Primary)> port A16
Added port "A16" to router "Primary"
admin@N3550-F(config-router:Primary port:A16)> ip-address 10.30.1.10 255.255.255.0
Set IP address on port "A16" on router "Primary"

The router object can now be configured to speak BGP on this port.

Note: The router port can be the same as the upstream port of a mux object. This allows layer 2 aggregation of BGP traffic from a router object with traffic from the downstream ports of a mux object.

Note

Router objects currently have only 1 port and are only used for connecting to a BGP peer. There is no routing functionality implemented at the moment.

Displaying BGP Configuration

When configuring a router object the show bgp command can be invoked to see the current BGP configuration. The initial empty configuration on a router object called "Primary" should look as follows:

admin@N3550-F(config-router:Primary)> show bgp                 
BGP       : disabled           
Router ID : default            
Password  : disabled

No networks are configured

No neighbors are configured

Configuring BGP

The AS (Autonomous System) number is one of the essential element of BGP. The AS number is a two octet value, ranging in value from 1 to 65535. The AS numbers 64512 through 65535 are defined as private AS numbers. Private AS numbers must not be advertised in the global Internet.

Configuring the BGP AS number:

admin@N3550-F(config-router:Primary)> bgp as-number 65123
Configured BGP AS number on router "Primary"

Removing the BGP AS number:

admin@N3550-F(config-router:Primary)> no bgp as-number
Removed BGP AS number on router "Primary"

The router ID indicates the BGP Identifier of the sender of BGP messages. A given BGP speaker sets the value of its BGP Identifier to an IP address assigned to that BGP speaker.

Configuring the BGP router ID:

admin@N3550-F(config-router:Primary)> bgp router-id 10.30.1.10
Configured BGP router ID on router "Primary"

Removing the BGP router ID:

admin@N3550-F(config-router:Primary)> no bgp router-id
Using default BGP router ID on router "Primary"

Networks

The Nexus 3550-F BGP client may want to announce its own networks to other neighbors. To do this the bgp network command is used.

admin@N3550-F(config-router:Primary)> bgp network
Usage: bgp network <address> <prefix>
Add BGP network

For example the following configuration adds the network 172.18.10.0/24 to be announced to all neighbors.

admin@N3550-F(config-router:Primary)> bgp network 172.18.10.0 24
Added BGP network "172.18.10.0" / "24" on router "Primary"

To remove the announced network:

admin@N3550-F(config-router:Primary)> no bgp network 172.18.10.0 24
Removed BGP network "172.18.10.0" / "24" on router "Primary"

Neighbors

This command adds new neighbors, which allows a user to configure the peers that the Nexus 3550-F BGP client can peer with. The AS number is the unique identifier of the remote peer and the address is the peer IPv4 address.

admin@N3550-F(config-router:Primary)> bgp neighbor
Usage: bgp neighbor <AS number> <address> [<password>]
Add BGP neighbor

Many service providers use a pre-shared key and MD5 checksum for protecting their BGP sessions. In a protected BGP session, a transmitting BGP router generates a MD5 hash value using the pre-shared key and portions of the packet. This checksum is included within the transmitted packet as a TCP option field. Upon receipt of the packet, a receiving router uses the same method to generate and validate the received checksum with its version of the MD5 checksum.

Enabling a protected BGP session is optional and is implemented as an optional password for neighbor configuration. Configuring the BGP neighbor with a password (pre-shared key):

admin@N3550-F(config-router:Primary)> bgp neighbor 65456 10.30.1.20 myneighborpassword
Added BGP neighbor "65456" via address "10.30.1.20" with password "myneighborpassword" on router "Primary"

Configuring the BGP neighbor without a password:

admin@N3550-F(config-router:Primary)> bgp neighbor 65789 10.30.1.30                     
Added BGP neighbor "65789" via address "10.30.1.30" with no password on router "Primary"

Removing the BGP neighbor:

admin@N3550-F(config-router:Primary)> no bgp neighbor 65789 10.30.1.30
Removed BGP neighbor "65789" via address "10.30.1.30" on router "Primary"

Enabling / Disabling BGP

To initiate the BGP peering, the BGP system should be enabled as follows:

admin@N3550-F(config-router:Primary)> bgp enable
Enabled BGP on router "Primary"

To show the full BGP details after it has been configured, re-run show bgp:

admin@N3550-F(config-router:Primary)> show bgp
BGP       : enabled
AS number : 65123
Router ID : 10.30.1.10
Password  : disabled

Network
----------------
172.18.10.0/24
172.18.11.0/24
172.18.12.0/24

Neighbor   AS number Password
---------- --------- ------------------
10.30.1.20 65456     myneighborpassword
10.30.1.30 65789

To protect from accidental disconnections from peers the BGP system will not allow primary functions from being changed while BGP is enabled. A user will also be prompted when disabling to prevent accidental loss of announced networks.

Example of disconnection protection:

admin@N3550-F(config-router:Primary)> bgp as-number 123456
Error: BGP must be disabled before editing.

admin@N3550-F(config-router:Primary)> bgp disable
Are you sure you want to disable BGP for this router? yes
Disabled BGP on router "Primary"

The Router password allows for setting the localhost link password. This can be left as default for standard operation. Configuring the BGP router password:

admin@N3550-F(config-router:Primary)> bgp password mypassword
Configured BGP password on router "Primary"

Removing the BGP Router password:

admin@N3550-F(config-router:Primary)> no bgp password
Removed BGP password on router "Primary"

Displaying BGP Status

To observe the current BGP status of the Nexus 3550-F BGP peer, run show bgp status:

admin@N3550-F(config-router:Primary)> show bgp status
Router Primary BGP status:
BGP table version is 0, local router ID is 10.30.1.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*  10.30.0.0/16     10.30.1.20               1             0 65456 ?
*>                  0.0.0.0                  1         32768 ?
*> 172.18.10.0/24   0.0.0.0                  0         32768 i
*> 172.18.11.0/24   0.0.0.0                  0         32768 i
*> 172.18.12.0/24   0.0.0.0                  0         32768 i
*> 192.168.10.0/25  10.30.1.20               0             0 65456 i

Total number of prefixes 5

To observe the current state of known BGP neighbors, run show bgp neighbors:

admin@fusion5(config-router:Primary)> show bgp neighbors
Router Primary neighbor status:
BGP neighbor is 10.30.1.20, remote AS 65456, local AS 65123, external link
  BGP version 4, remote router ID 10.30.1.20
  BGP state = Established, up for 00:01:41
  Last read 22:39:03, hold time is 180, keepalive interval is 60 seconds
  Neighbor capabilities:
    4 Byte AS: advertised and received
    Route refresh: advertised and received(old & new)
    Address family IPv4 Unicast: advertised and received
  Message statistics:
    Inq depth is 0
    Outq depth is 0
                         Sent       Rcvd
    Opens:                  2          0
    Notifications:          0          0
    Updates:                2          2
    Keepalives:             3          2
    Route Refresh:          0          0
    Capability:             0          0
    Total:                  7          4
  Minimum time between advertisement runs is 30 seconds

 For address family: IPv4 Unicast
  Community attribute sent to this neighbor(both)
  2 accepted prefixes

  Connections established 1; dropped 0
  Last reset never
  External BGP neighbor may be up to 64 hops away.
Local host: 10.30.1.10, Local port: 179
Foreign host: 10.30.1.20, Foreign port: 57011
Nexthop: 10.30.1.10
Nexthop global: ::
Nexthop local: ::
BGP connection: non shared network
Read thread: on  Write thread: off

To observe the current summary of the BGP client, run show bgp summary:

admin@fusion5(config-router:Primary)> show bgp summary
Router Primary BGP summary:
BGP router identifier 10.30.1.10, local AS number 65123
RIB entries 9, using 576 bytes of memory
Peers 1, using 2524 bytes of memory

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.30.1.20      4 65456       5       8        0    0    0 00:02:50        2

Total number of neighbors 1

This page was last updated on Feb-19-2021.