Saturday, September 15, 2018




The following are some basic Cisco commands used for troubleshooting BGP in non-VRF and VRF environments.


Show a list of configured VRF's

        Show ip vrf

To see a quick status of all BGP connections, on a non-vrf router and a vrf router,

        show ip bgp summary
        show ip bgp vpnv4 vrf <name> summary


To see BGP routes, in the default table or an explicit VRF,

        show ip bgp
        show ip bgp vpnv4 vrf <name>


To see what routes you're getting from a neighbor, use one of these

        show ip bgp neighbor <IP-address-of-neighbor> routes
        show ip bgp vpnv4 vrf office neighbors x.x.x.x received-routes


  To see what routes you're sending to a neighbor, use the command

        show ip bgp neighbor <IP-address-of-neighbor> advertised-routes
        show ip bgp vpnv4 vrf office neighbors x.x.x.x advertised-routes


 To see what routes you're getting from an AS, use the command

        show ip bgp regexp <regluar-expression-for-an-AS>

 To clear a BGP session:

        clear ip bgp <ip-address of neighbor>

Notes: 

  • The same VPNv4 session is used to carry all VRF information, so it will clear all VRF's, not just 1
  • From my understanding, the use of "soft in" triggers an automatic ROUTE-REFRESH message to neighbors to resend their routing advertisements without dropping the neighbor.

Commands to configure VRF BGP routing - In Config Mode

ip routing
Enables IP routing on the device

ip vrf <name>
Names the VRF, and enters VRF configuration mode.

rd 2:2
An RD is a route-distinguisher, and it does just that, distinguishes this VPN, or routing table from others.

route-target export 2:2
route-target import 2:2

An RT is a route-target and allows the routes to be imported and exported into and out of the VRF.




When BGP is not behaving correctly, a way to temporarily stop peering with a neighbor is to use the following command:

        router bgp 194
        neighbor <ipaddress>
        password xxx


or on VRF enabled devices
   
      router bgp 1
      address-family ipv4 vrf <name>
      neighbor <ipaddress>
      password xxx


Since the other router doesn't have the same password, the two routers will stop talking to one another, without you having to do anything else. Later, when the problem is resolved, simply remove the line to reestablish peerage.


To see what's happening with BGP, use the commands

        terminal monitor
        debug ip bgp events


To find out who owns and Autonomous System, go to http://www.arin.net/ and type AS<number> in search. 


Note - AS64512 to AS65535 are Private use Autonomous System Numbers for Internal use only, think Private IP ranges:
 

192.168.0.0 - 192.168.255.255 (65,536 IP addresses)172.16.0.0 - 172.31.255.255 (1,048,576 IP addresses)
10.0.0.0 - 10.255.255.255 (16,777,216 IP addresses)


I hope this may be of use and I welcome any feedback, 

please feel free to comment below.




No comments:

Post a Comment