BGPv4 – setup a peering with an ISP

glitchlist Uncategorized Leave a Comment

What are infos/configurations that you have to tell to an Internet Service Provider when you set up a new internet peering?

In an IT Company when the fuffa’s* officialisms are completed the technicians can finally go to the point. At the other side of the peering you have agreed to some parameters to set up the peer and exchange your networks.

As a first step, I suggest you sign up on peeringdb.com to allow your future peers to learn the basic information about your network and your NOC.


Next, prepare your informations:

  • Your ASN
  • Your peer ip address
  • How many and which ASNs will be behind the AS-MASTER
  • Your advertised networks
  • Your route-policies
  • Your ip-prefix-lists

Ask the ISP:

  • His ASN
  • His peer ip address
  • The eventual authentication option (Es. MD5)
  • Communities BGP to do traffic engineering (if requested)

An ISP can announce 3 subsets of routing tables, we can choose between:

  • DFZ: >760.000 routes (aka BGP Full Route)
  • PARTIAL: circa 300.000 routes + the default-route 0.0.0.0/0
  • ONLY DEFAULT: 0.0.0.0/0

Little example… Customer side (Huawei BGP routers):

#Build ACLs to tag ASN into advertised networks

acl number 2010
 description ASnnnn
 rule 5 permit source 10.10.0.0 0.0.15.255
#
acl number 2015
 description ASyyyy
 rule 5 permit source 20.20.0.0 0.0.15.255
#
acl number 2020
 description ASzzzz
 rule 5 permit source 30.30.0.0 0.0.15.255
#
route-policy toISP permit node 10
 if-match acl 2010
 apply as-path [ASnnnn] additive
#
route-policy toISP permit node 15
 if-match acl 2015
 apply as-path [ASyyyy] additive
#
route-policy toISP permit node 20
 if-match acl 2020
 #nothing to apply because is the ASN-MASTER


#Build an ip-prefix to permit all Prefixes... you'll need it in the future if you need to block some networks

ip ip-prefix fromISP index 10 permit 0.0.0.0 0 less-equal 32

#Build an as-path filter to allows only locally originated routes to be advertised to that ISP neighbor

ip as-path-filter ISP permit ^$
#Finally BGP confs:

bgp [my_bgpAS]
 router-id [ip-router-id]
 peer [ip_isp_peer] as-number [isp_bgpAS]
 peer [ip_isp_peer] connect-interface GigabitEthernet0/0/9
 #
 ipv4-family unicast
  undo synchronization
  network 10.10.0.0 255.255.240.0   
  network 20.20.0.0 255.255.240.0   
  network 30.30.0.0 255.255.240.0 
  peer [ip_isp_peer] enable
  peer [ip_isp_peer] as-path-filter ISP export
  peer [ip_isp_peer] ip-prefix fromISP import
  peer [ip_isp_peer] route-policy toISP export

Have a great Internet!

.glitchlist crew

*: Italian slang

Leave a Reply

Your email address will not be published. Required fields are marked *