In this lesson, we will configure iBGP on Juniper Router. This is the second part of our JunOS BGP series. A network topology with three routers is chosen for today’s lab. We will configure ibgp among them and check the reachability from end to end.

Below are the list of our Juniper BGP series articles. This will be updated day by day.

Network Topology

How to configure iBGP on Juniper Router

iBGP configuration on Juniper

Before going to iBGP configuration, few things you need to keep in mind.

First, a router can’t advertise it’s learnt routes from a ibgp peer to another ibgp peer. That means, Router R2, will not be able to advertise learnt routes from R1 to R3 or R3 to R1. This is the rule of iBGP to avoid split horizon. You can learn more about iBGP rules from ciscopress.

Second, If we have a full mesh design, then this issue will not occur. However, full mesh is not always feasible and it’s nightmare for larger networks. To solve it, we can use BGP Route Reflectors or BGP Confederations.

You also can bypass this problem, by configuring an IGP routing protocol like OSPF, which will help to reach all the routers. So, let’s get started.

First of all, we will configure all the interfaces of these three routers.

R1:
set interfaces ge-0/0/0 unit 0 family inet address 1.1.1.1/30
set interfaces ge-0/0/1 unit 0 family inet address 10.1.1.1/24

R2:
set interfaces ge-0/0/1 unit 0 family inet address 1.1.1.2/30
set interfaces ge-0/0/2 unit 0 family inet address 2.2.2.1/30

R3:
set interfaces ge-0/0/0 unit 0 family inet address 2.2.2.2/30
set interfaces ge-0/0/1 unit 0 family inet address 172.16.0.1/24

Now, we will configure any IGP routing protocol, in this case OSPF. We will add only router connected interfaces in this OSPF.

R1:
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0

R2:
set protocols ospf area 0.0.0.0 interface ge-0/0/1.0
set protocols ospf area 0.0.0.0 interface ge-0/0/2.0

R3:
set protocols ospf area 0.0.0.0 interface ge-0/0/0.0

Let’s verify our OSPF neighborship for all these three routes.

R1:
root@R1# run show ospf neighbor
Address          Interface              State     ID               Pri  Dead
1.1.1.2          ge-0/0/0.0             Full      1.1.1.2          128    37

R2:
root@R2# run show ospf neighbor
Address          Interface              State     ID               Pri  Dead
1.1.1.1          ge-0/0/1.0             Full      1.1.1.1          128    37
2.2.2.2          ge-0/0/2.0             Full      2.2.2.2          128    36

R3:
root@R3# run show ospf neighbor
Address          Interface              State     ID               Pri  Dead
2.2.2.1          ge-0/0/0.0             Full      1.1.1.2          128    35

So, we should be able to reach R1 to R3, which is needed to establish iBGP session from R1 to R3.

root@R1# run ping 2.2.2.2 rapid count 5
PING 2.2.2.2 (2.2.2.2): 56 data bytes
!!!!!
--- 2.2.2.2 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 6.860/13.199/19.267/4.549 ms

After having reachability, we will move for the BGP configuration. As a first step, we will need to add autonomous system number (ASN) for all three routers. This configuration is same for all these three routers.

R1, R2, R3:
set routing-options autonomous-system 65001

Now, time to establish BGP peer with neighbors.

R1:
set protocols bgp group IBGP-PEERS type internal
set protocols bgp group IBGP-PEERS neighbor 1.1.1.2
set protocols bgp group IBGP-PEERS neighbor 2.2.2.2

R2:
set protocols bgp group IBGP-PEERS type internal
set protocols bgp group IBGP-PEERS neighbor 1.1.1.1
set protocols bgp group IBGP-PEERS neighbor 2.2.2.2

R3:
set protocols bgp group IBGP-PEERS type internal
set protocols bgp group IBGP-PEERS neighbor 1.1.1.1
set protocols bgp group IBGP-PEERS neighbor 2.2.2.1

Explanation: type internal means iBGP and external means eBGP.

Verification:

We need to use run show bgp summary command to check the session status. For R1 router, we can clearly see, we have bgp session established with both R2 and R3 routers.

[edit]
root@R1# run show bgp summary
Groups: 1 Peers: 2 Down peers: 0
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
inet.0
                       0          0          0          0          0          0
Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
1.1.1.2               65001         68         68       0       0       29:27 0/0/0/0              0/0/0/0
2.2.2.2               65001         68         67       0       0       29:23 0/0/0/0              0/0/0/0

Although, our iBGP session is up, but there is no learnt or advertised route yet (from above output – 0/0/0/0). You also can use run show route to check routing table.

R1:
root@R1# run show route

inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

1.1.1.0/30         *[Direct/0] 18:57:24
                    > via ge-0/0/0.0
1.1.1.1/32         *[Local/0] 18:57:24
                      Local via ge-0/0/0.0
2.2.2.0/30         *[OSPF/10] 02:05:38, metric 2
                    > to 1.1.1.2 via ge-0/0/0.0
10.1.1.0/24        *[Direct/0] 18:57:24
                    > via ge-0/0/1.0
10.1.1.1/32        *[Local/0] 18:57:24
                      Local via ge-0/0/1.0
224.0.0.5/32       *[OSPF/10] 02:06:47, metric 1
                      MultiRecv

inet6.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

ff02::2/128        *[INET6/0] 5d 00:12:36
                      MultiRecv

Now, we need to announce our routes. We will announce our direct (connected) routes here. If you have static or any other routes, you can simply create another term under IGBP-ROUTES policy-statement. This command is same for all these three routes.

set policy-options policy-statement IGBP-ROUTES term 1 from protocol direct
set policy-options policy-statement IGBP-ROUTES term 1 then accept

So, we have declared our policy-statement, now we need to apply to our bgp group.

set protocols bgp group IBGP-PEERS export IGBP-ROUTES

After adding above command, we should have some routes now. Here is output from R1 router.

BGP Summary:
root@R1# run show bgp summary
Groups: 1 Peers: 2 Down peers: 0
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
inet.0
                       2          1          0          0          0          0
Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
1.1.1.2               65001        569        567       0       0     4:14:29 0/0/0/0              0/0/0/0
2.2.2.2               65001        556        565       0       0     4:14:25 1/2/2/0              0/0/0/0

Routes List:
root@R1# run show route

inet.0: 7 destinations, 8 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

1.1.1.0/30         *[Direct/0] 22:37:11
                    > via ge-0/0/0.0
1.1.1.1/32         *[Local/0] 22:37:11
                      Local via ge-0/0/0.0
2.2.2.0/30         *[OSPF/10] 05:45:25, metric 2
                    > to 1.1.1.2 via ge-0/0/0.0
                    [BGP/170] 00:36:04, localpref 100, from 2.2.2.2
                      AS path: I, validation-state: unverified
                    > to 1.1.1.2 via ge-0/0/0.0
10.1.1.0/24        *[Direct/0] 22:37:11
                    > via ge-0/0/1.0
10.1.1.1/32        *[Local/0] 22:37:11
                      Local via ge-0/0/1.0
172.16.0.0/24      *[BGP/170] 00:36:04, localpref 100, from 2.2.2.2
                      AS path: I, validation-state: unverified
                    > to 1.1.1.2 via ge-0/0/0.0
224.0.0.5/32       *[OSPF/10] 05:46:34, metric 1
                      MultiRecv

inet6.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

ff02::2/128        *[INET6/0] 5d 03:52:23
                      MultiRecv

So, router R1 received 172.16.0.0/24 route which is belong to R3. Let’s ping from Bob PC to John PC.

Bob> ping 172.16.0.100

84 bytes from 172.16.0.100 icmp_seq=1 ttl=61 time=41.179 ms
84 bytes from 172.16.0.100 icmp_seq=2 ttl=61 time=14.184 ms
84 bytes from 172.16.0.100 icmp_seq=3 ttl=61 time=8.701 ms
84 bytes from 172.16.0.100 icmp_seq=4 ttl=61 time=26.717 ms

Let me know if you have any questions. Enjoy 🙂

Written by Rajib Kumer Das

I am Rajib Kumer Das, a network engineer with 8+ years of experience in multi-vendor environment. In my current position, I am responsible to take care critical projects and it's support cases. I do have several vendor certificates and have plans to go further.

Leave a Comment

Your email address will not be published. Required fields are marked *