Tip
This is the documentation for the 22.10 version. Looking for the documentation of the latest version? Have a look here.
BGP Neighbor ConfigurationΒΆ
From within config-bgp
mode, the neighbor
statement can take either an
IP address to setup a single neighbor or it can take a name which configures a
peer group. The command then changes to config-bgp-neighbor
mode.
tnsr(config-bgp)# neighbor 203.0.113.14
tnsr(config-bgp-neighbor)#
Peer groups work nearly identical to neighbors, and they define options that are common to multiple neighbors.
Warning
A neighbor or peer group must first be defined here before it can be used inside an address family (BGP Address Family Neighbor Configuration).
config-bgp-neighbor
mode contains the following commands:
- advertisement-interval <interval-sec>:
Minimal time between sending routing updates to this neighbor. Expressed in seconds between
0-600
.- bfd enabled (true|false):
Enable Bidirectional Forwarding Detection for this BGP neighbor.
- capability dynamic:
Enables negotiation of the
dynamic
capability with this neighbor or peer group.- capability extended-nexthop:
Enables negotiation of the
extended-nexthop
capability with this neighbor or peer group. This capability can set IPv6 next-hops for IPv4 routes when peering with IPv6 neighbors on interfaces without IPv4 connectivity. This is automatically enabled when peering with IPv6 link-local addresses.- disable-connected-check:
Disables a check that normally prevents peering with eBGP neighbors which are not directly connected. This enables using loopback interfaces to establish adjacencies with peers.
- description <string>:
A brief text description of this neighbor.
- dont-capability-negotiate:
Disables dynamic capability negotiation with the peer. When set, the router does not advertise capabilities, nor does it accept them. This results in using only locally configured capabilities.
- ebgp-multihop [hop-maximum <hops>]:
The maximum allowed hops between this router and the neighbor, in the range
1-255
. When enabled without a specific value, the default is1
. This value cannot be set ifttl-security
is set.- (enable|disable):
The default state of a neighbor is disabled. To enable the neighbor, use the
enable
command. To disable the neighbor, rundisable
orno enable
.- enforce-first-as:
When set, enforces the first AS for eBGP routes.
- local-as <asn> [no-prepend [replace-as]]:
Sets the local AS number sent to this neighbor, which replaces the AS number configured on the BGP server itself. By default, this value is prepended to the AS path for routes received from this neighbor or peer group, and is added to the AS path for routes sent to this neighbor or peer group after the AS number from the BGP sever.
- no-prepend:
Suppresses prepending this AS number to the AS path for received routes.
- replace-as:
Suppresses prepending the BGP server AS to transmitted routes, so that only this value is present.
- override-capability:
Ignores capabilities sent by the peer during negotiation and uses locally configured capabilities instead.
- passive:
When set, this router will not issue requests to the neighbor on its own. The BGP daemon will only respond to remote requests from this neighbor.
- password <line>:
A password used by BGP for TCP-MD5 (RFC 2385) authentication of communications with the neighbor, up to 64 characters in length.
- peer-group [<peer-group-name>]:
Configure this neighbor as a member of the given peer group. Only valid for use in neighbors defined by address, not on peer groups.
- port <port>:
An alternate port number used by this daemon for BGP messages, if it uses a value other than TCP port
179
.- remote-as <asn>:
The remote AS number of this neighbor.
- solo:
Instructs the router to prevent reflection of routes received from this neighbor back to this neighbor. This command is not useful in peer groups with multiple members.
- strict-capability-match:
When set, enforces the comparison between the set of capabilities sent by the peer during negotiation and the set of capabilities present in the local configuration. If there is a mismatch, an error is transmitted to the peer.
- timers keepalive <interval> holdtime <hold>:
Configures the intervals between keep alive messages and how long to wait for a response from this neighbor before considering the peer unreachable. This overrides the default values set on the BGP server itself. Both values must be in the range
0-65535
, in seconds.- timers connect <seconds>:
The amount of time, in seconds from
1-65535
, in which a connection to this peer must be established or else it is considered unsuccessful.- ttl-security hops <hops>:
Similar to
ebgp-multihop
but sets a specific hop count at which neighbors must be reached, rather than the maximum value set byebgp-multihop
. This command cannot be set ifebgp-multihop
is set.- update-source (<ifname>|<ip-address>):
Configures a specific interface or IP address to use when sending messages to this peer.
Note
Within BGP neighbor mode, the most important directives are remote-as
to
set the AS number of the neighbor and enable
. The majority of other
neighbor configuration is handled by the neighbor definition for a specific
address family (BGP Address Family Neighbor Configuration).