RE: useful bgp example

[Jeff Harper]

> -Original Message-
> From: Jian Gu [mailto:guxiaoj...@gmail.com]
> Sent: Saturday, May 22, 2010 1:44 PM
> To: Jeff Harper
> Cc: Jared Mauch; nanog@nanog.org
> Subject: Re: useful bgp example
> 
> You don't need
> 
> ip prefix-list NETZ seq 1000 deny 0.0.0.0/0 le 32
> 

I know, I just use it as one of those things I like to do as a habit. 

Re: useful bgp example

[Jian Gu]

You don't need

ip prefix-list NETZ seq 1000 deny 0.0.0.0/0 le 32

You can use RFC1918 space address for iBGP peering.

On Wed, May 19, 2010 at 11:37 AM, Jeff Harper
 wrote:
>
>> -Original Message-
>> From: Jared Mauch [mailto:ja...@puck.nether.net]
>> Sent: Wednesday, May 19, 2010 1:29 PM
>> To: Jeff Harper
>> Cc: Deric Kwok; nanog@nanog.org
>> Subject: Re: useful bgp example
>>
>> Nice, but you don't show it as-path filtering your transits out.  I
>> frequently see people take something learned from transit A and
> sending
>> it to transit B, and if it happens to be the backup path in-use for
>> your customer, your transits will accept it and likely pick you as
>> best-path and hairpin through your network.
>>
>> - Jared
>
> Yeah, I left out the actual prefix-list contents, in hindsight I should
> have added it, so here it is. Also, a typo in the network statement,
> lol.
>
> network 1.1.1.0 mask 255.255.0.0
>
> ip prefix-list NETZ description The networks we advertise via BGP
> ip prefix-list NETZ seq 10 permit 1.1.1.0/16
> ip prefix-list NETZ seq 1000 deny 0.0.0.0/0 le 32
>
>
>

Re: useful bgp example

[Jim Burwell]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
 
On 5/19/2010 11:58, Dan White wrote:
> You should be using 192.168.2.0 for documented examples,or at least
> private
> space. Configs like this tend to get cut and pasted into routers and
> get
> changed only when they don't work.
Should that be 192.0.2.0/24, 198.51.100.0/24, or 203.0.113.0/24
(TEST-NET-3) per RFC 5737  ?

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
 
iEYEARECAAYFAkv0R4UACgkQ2fXFxl4S7sScDACgulmdHhk6QJX/OlfvP1cCMq2e
TZcAoIgrbd9HPFjpoSJvRFbML8VgckKj
=zKse
-END PGP SIGNATURE-



smime.p7s
Description: S/MIME Cryptographic Signature

RE: useful bgp example

[Vincent C Jones]

On Wed, 2010-05-19 at 13:37 -0500, Jeff Harper wrote:
> > From: Jared Mauch [mailto:ja...@puck.nether.net]
> > Sent: Wednesday, May 19, 2010 1:29 PM
> > To: Jeff Harper
> > Cc: Deric Kwok; nanog@nanog.org
> > Subject: Re: useful bgp example
> > 
> > Nice, but you don't show it as-path filtering your transits out.  I
> > frequently see people take something learned from transit A and
> sending
> > it to transit B, and if it happens to be the backup path in-use for
> > your customer, your transits will accept it and likely pick you as
> > best-path and hairpin through your network.
> > 
> > - Jared
> 
> Yeah, I left out the actual prefix-list contents, in hindsight I should
> have added it, so here it is. Also, a typo in the network statement,
> lol.
> 
> network 1.1.1.0 mask 255.255.0.0
> 
> ip prefix-list NETZ description The networks we advertise via BGP
> ip prefix-list NETZ seq 10 permit 1.1.1.0/16
> ip prefix-list NETZ seq 1000 deny 0.0.0.0/0 le 32

FYI: It's got to be either 1.1.1.0/24 or 1.1.0.0/16. And there is plenty
more that belongs in an appropriate setup for a realistic usage
scenario. This is why we are all advising the OP to get some
knowledgeable help. 

Vince
-- 
Vincent C. Jones
Networking Unlimited, Inc.
Phone: +1 201 568-7810
v.jo...@networkingunlimited.com

Re: useful bgp example

[Dan White]

On 19/05/10 13:37 -0500, Jeff Harper wrote:

-Original Message-
From: Jared Mauch [mailto:ja...@puck.nether.net]
Sent: Wednesday, May 19, 2010 1:29 PM
To: Jeff Harper
Cc: Deric Kwok; nanog@nanog.org
Subject: Re: useful bgp example

Nice, but you don't show it as-path filtering your transits out.  I
frequently see people take something learned from transit A and

sending

it to transit B, and if it happens to be the backup path in-use for
your customer, your transits will accept it and likely pick you as
best-path and hairpin through your network.

- Jared


Yeah, I left out the actual prefix-list contents, in hindsight I should
have added it, so here it is. Also, a typo in the network statement,
lol.

network 1.1.1.0 mask 255.255.0.0

ip prefix-list NETZ description The networks we advertise via BGP
ip prefix-list NETZ seq 10 permit 1.1.1.0/16
ip prefix-list NETZ seq 1000 deny 0.0.0.0/0 le 32


You should be using 192.168.2.0 for documented examples,or at least private
space. Configs like this tend to get cut and pasted into routers and get
changed only when they don't work.

I just had to change a router config a couple of months ago that a consult
had set up using 11.0.0.0/24 and 12.0.0.0/24, for point to point links.

--
Dan White

RE: useful bgp example

[Jeff Harper]

> -Original Message-
> From: Jared Mauch [mailto:ja...@puck.nether.net]
> Sent: Wednesday, May 19, 2010 1:29 PM
> To: Jeff Harper
> Cc: Deric Kwok; nanog@nanog.org
> Subject: Re: useful bgp example
> 
> Nice, but you don't show it as-path filtering your transits out.  I
> frequently see people take something learned from transit A and
sending
> it to transit B, and if it happens to be the backup path in-use for
> your customer, your transits will accept it and likely pick you as
> best-path and hairpin through your network.
> 
> - Jared

Yeah, I left out the actual prefix-list contents, in hindsight I should
have added it, so here it is. Also, a typo in the network statement,
lol.

network 1.1.1.0 mask 255.255.0.0

ip prefix-list NETZ description The networks we advertise via BGP
ip prefix-list NETZ seq 10 permit 1.1.1.0/16
ip prefix-list NETZ seq 1000 deny 0.0.0.0/0 le 32

Re: useful bgp example

[Jared Mauch]

On May 19, 2010, at 2:26 PM, Jeff Harper wrote:

>> -Original Message-
>> From: Deric Kwok [mailto:deric.kwok2...@gmail.com]
>> Sent: Monday, May 17, 2010 6:15 PM
>> To: nanog@nanog.org
>> Subject: useful bgp example
>> 
>> Hi
>> 
>> My company will get 2 upstream provider. We will plan 2 routers and
>> each router to connect one provider to use bgp for redundant.
>> Do you have any useful bgp example and website to set it up?
>> 
>> Thank you for your help
> 
> This jpg should help, has config on it as well.
> 
> Jeff
> 

Nice, but you don't show it as-path filtering your transits out.  I frequently 
see people take something learned from transit A and sending it to transit B, 
and if it happens to be the backup path in-use for your customer, your transits 
will accept it and likely pick you as best-path and hairpin through your 
network.

- Jared

Re: useful bgp example

[Colby Glass]

Like everyone else said, don't undertake this unless you know what you're
doing. Hire a consultant to come in, or hit the books. Internet Routing Arch
is great, as is the O'Reilly BGP book.

-- 
Colby Glass
Network Engineer
http://blog.alwaysthenetwork.com

On Mon, May 17, 2010 at 7:15 PM, Deric Kwok wrote:

> Hi
>
> My company will get 2 upstream provider. We will plan 2 routers and
> each router to connect one provider to use bgp for redundant.
> Do you have any useful bgp example and website to set it up?
>
> Thank you for your help
>
>

Re: useful bgp example

[Vincent C Jones]

On Mon, 2010-05-17 at 21:04 -0400, valdis.kletni...@vt.edu wrote:
> On Mon, 17 May 2010 19:15:01 EDT, Deric Kwok said:
> > My company will get 2 upstream provider. We will plan 2 routers and
> > each router to connect one provider to use bgp for redundant.
> > Do you have any useful bgp example and website to set it up?
> 
> If your BGP clue is that low, I believe the entire NANOG community would 
> advise
> you hire (even short-term if you can't afford a permanent) somebody who has
> successfully done this before to walk you through it and teach all the details
> to your staff.  With the current tanking of the economy, I'm sure there's
> plenty of qualified BGP experts out there who would *love* even a 3-month
> contract to get this all working for you.

At the risk of tooting my own horn, I concur with the recommendation to
hire some help, but if all you are lacking is BGP clue-full-ness your
challenge in getting help is finding someone clueful who is willing to
take a quick and dirty assignment which will barely cover the cost of
setting up a new client. The configuration itself is a one day task at
most, of which most will be spent grilling you to find out what your
_REAL_ requirements are to allow picking the appropriate canned solution
that can be adapted to meet your true needs.

If you need hand holding applying configurations, negotiating with
service provider, filling out paper work, testing without downtime
infliction, etc., then add more hours/days. Ditto if you've unfamiliar
with basic high availability concepts like single point of failure and
physical diversity. Ditto if your systems are not already set up in
paranoid mode from a security viewpoint (hint, if you can log directly
into your Internet facing router from where ever you are when on the
road, you are at an unacceptable level of risk).

Good luck and have fun!
-- 
Vincent C. Jones
Networking Unlimited, Inc.
Phone: +1 201 568-7810
v.jo...@networkingunlimited.com


DISCLAIMER: My business is built around helping my clients understand
that there is a lot more to improving network availability than just
getting a second service provider and turning on BGP. A few years ago I
wrote a book about what it takes and barely scratched the surface--the
example configurations are still on-line at www.networkingunlimited.com.

Re: useful bgp example

[Steve Bertrand]

On 2010.05.17 21:24, Jared Mauch wrote:
> I have some examples here:
> 
> http://puck.nether.net/bgp/ that may help you.

Along with Jared's excellent help site, here are others that I'd
*highly* recommend reading/following *anything* that these two people
offer as far as BGP is concerned. I've posted a link directly to each
blog. You can do the rest ;)

Ivan Pepelnjak

http://www.ioshints.info/About_Ivan_Pepelnjak

Iljitsch van Beijnum

http://www.muada.com/Iljitsch_van_Beijnum/Iljitsch_blog/Iljitsch_blog.html

Steve

Re: useful bgp example

[Steve Bertrand]

On 2010.05.17 19:15, Deric Kwok wrote:
> Hi
> 
> My company will get 2 upstream provider. We will plan 2 routers and
> each router to connect one provider to use bgp for redundant.
> Do you have any useful bgp example and website to set it up?

One ``website'' I have in mind, but first, *ensure* that you have your
prefix-list and other outbound filters in place before you try anything.
*never* _test_ a multihome scenario before you are very confident that
you don't mess things up for your upstreams (or the Internet in
general). Not all upstream providers filter inbound (which is a problem
on its own).

Always, always, always ensure that you block all out (and in), and then
slowly leak what you need to.

With that said:

http://www.armware.dk/RFC/bcp/bcp38.html

Steve

Re: useful bgp example

[Jared Mauch]

I have some examples here:

http://puck.nether.net/bgp/ that may help you.

Jared Mauch

On May 17, 2010, at 7:15 PM, Deric Kwok   
wrote:



Hi

My company will get 2 upstream provider. We will plan 2 routers and
each router to connect one provider to use bgp for redundant.
Do you have any useful bgp example and website to set it up?

Thank you for your help

Re: useful bgp example

[Jason J. W. Williams]

I'd recommend BGP4 Inter-Domain Routing in the Internet by Stewart. Was very 
helpful when I was learning.

-J

Jason J. W. Williams, COO/CTO
DigiTar
william...@digitar.com

V: 208.343.8520
F: 208.322.8522
M: 208.863.0727

www.digitar.com

On May 17, 2010, at 6:53 PM, Doug Barton wrote:

> 
> On 05/17/10 17:15, Ravi Pina wrote:
>> 
>> I think Internet Routing Architectures (2nd Edition) by Bassam
>> Halab is also a must have.  Read that and hopefully the scope of
>> the work ahead will be brought into focus that you'll hire
>> someone to do it correctly and document and possibly train you
>> and/or your staff.
> 
> I agree completely, and wish that more people applied that same line of
> reasoning to other things, like, oh, say, DNS perhaps? :)
> 
> 
> Doug
> 
> -- 
> 
>   ... and that's just a little bit of history repeating.
>   -- Propellerheads
> 
>   Improve the effectiveness of your Internet presence with
>   a domain name makeover!http://SupersetSolutions.com/
> 
> !SIG:4bf1e5a8162722700917759!
> 

Re: useful bgp example

[Valdis . Kletnieks]

On Mon, 17 May 2010 19:15:01 EDT, Deric Kwok said:
> My company will get 2 upstream provider. We will plan 2 routers and
> each router to connect one provider to use bgp for redundant.
> Do you have any useful bgp example and website to set it up?

If your BGP clue is that low, I believe the entire NANOG community would advise
you hire (even short-term if you can't afford a permanent) somebody who has
successfully done this before to walk you through it and teach all the details
to your staff.  With the current tanking of the economy, I'm sure there's
plenty of qualified BGP experts out there who would *love* even a 3-month
contract to get this all working for you.



pgp3O5utGKZT6.pgp
Description: PGP signature

Re: useful bgp example

[Doug Barton]

On 05/17/10 17:15, Ravi Pina wrote:
>
> I think Internet Routing Architectures (2nd Edition) by Bassam
> Halab is also a must have.  Read that and hopefully the scope of
> the work ahead will be brought into focus that you'll hire
> someone to do it correctly and document and possibly train you
> and/or your staff.

I agree completely, and wish that more people applied that same line of
reasoning to other things, like, oh, say, DNS perhaps? :)


Doug

-- 

... and that's just a little bit of history repeating.
-- Propellerheads

Improve the effectiveness of your Internet presence with
a domain name makeover!http://SupersetSolutions.com/

Re: useful bgp example

[Ravi Pina]

On Mon, May 17, 2010 at 05:11:42PM -0700, Bill Fehring wrote:
> On Mon, May 17, 2010 at 17:07, Bill Fehring  wrote:
> >
> > Don't take this the wrong way, but I'd *highly* suggest hiring a network 
> > engineer that has done this before. The fact that you started here is very 
> > concerning, and if your ISP isn't filtering your sessions carefully, your 
> > mistakes can cause problems for other people.
> > Here's a cisco example:
> > http://tinyurl.com/33e36sf
> > Good luck,
> > Bill
> 
> Also?I would suggest that you take a look at some of the NANOG
> presentation archives on this topic, particularly the "BGP 101" and
> "BGP 102" presentations from NANOG45, or the "Introduction to BGP"
> presentation from NANOG47.
> 
> http://www.nanog.org/presentations/archive/index.php
> 
> -Bill

I think Internet Routing Architectures (2nd Edition) by Bassam
Halab is also a must have.  Read that and hopefully the scope of
the work ahead will be brought into focus that you'll hire
someone to do it correctly and document and possibly train you
and/or your staff.

-r

Re: useful bgp example

[Bill Fehring]

On Mon, May 17, 2010 at 17:07, Bill Fehring  wrote:
>
> Don't take this the wrong way, but I'd *highly* suggest hiring a network 
> engineer that has done this before. The fact that you started here is very 
> concerning, and if your ISP isn't filtering your sessions carefully, your 
> mistakes can cause problems for other people.
> Here's a cisco example:
> http://tinyurl.com/33e36sf
> Good luck,
> Bill

Also I would suggest that you take a look at some of the NANOG
presentation archives on this topic, particularly the "BGP 101" and
"BGP 102" presentations from NANOG45, or the "Introduction to BGP"
presentation from NANOG47.

http://www.nanog.org/presentations/archive/index.php

-Bill

Re: useful bgp example

[Bill Fehring]

Don't take this the wrong way, but I'd *highly* suggest hiring a network
engineer that has done this before. The fact that you started here is very
concerning, and if your ISP isn't filtering your sessions carefully, your
mistakes can cause problems for other people.

Here's a cisco example:

http://tinyurl.com/33e36sf

Good luck,

Bill

On Mon, May 17, 2010 at 16:15, Deric Kwok  wrote:

> Hi
>
> My company will get 2 upstream provider. We will plan 2 routers and
> each router to connect one provider to use bgp for redundant.
> Do you have any useful bgp example and website to set it up?
>
> Thank you for your help
>
>

Re: useful bgp example

[Seth Mattinen]

On 5/17/2010 16:15, Deric Kwok wrote:
> Hi
> 
> My company will get 2 upstream provider. We will plan 2 routers and
> each router to connect one provider to use bgp for redundant.
> Do you have any useful bgp example and website to set it up?
> 
> Thank you for your help
> 


google.com

There's a billion examples out there. Please don't inflict your network
on the world you can't even get that far. Hire someone to do it for you.

~Seth