[Xorp-hackers] BGP groups
Thomas Mangin
thomas.mangin@exa-networks.co.uk
Mon, 31 Oct 2005 19:08:44 +0000
This is a Juniper BGP conf which use the some of the feature of the
language which are really nice when you have lots of sessions.
# show protoocols bgp
apply-groups bgp-log;
path-selection always-compare-med;
damping;
remove-private;
graceful-restart;
group ibgp {
type internal;
inactive: traceoptions {
file log-bgp-ibgp size 1m files 5;
}
local-address <IP>;
import blackhole; ## Used to null route some tagged routes
authentication-key "$....."; ## SECRET-DATA
peer-as <ASN>;
neighbor <IP>;
neighbor <IP>;
}
group transit {
type external;
local-preference 75;
remove-private;
neighbor <IP> {
inactive: traceoptions {
file log-bgp-transit1 size 1m files 5;
}
local-address <IP>;
import [ no-ix no-bogons no-small-prefixes tag-transit1 damping
local-preference-transit community-clear ];
export [ originate export-transit export-transit1
community-clear next-hop-self ];
peer-as <ASN>;
}
neighbor 212.187.136.41 {
inactive: traceoptions {
file log-bgp-transit2 size 1m files 5;
}
local-address <IP>;
import [ no-ix no-bogons no-small-prefixes tag-transit2 damping
local-preference-transit community-clear ];
export [ originate export-transit export-transit2
community-clear next-hop-self ];
peer-as <ASN>;
}
}
group internet_exchange {
type external;
traceoptions {
file log-bgp-exchange size 1m files 5;
flag all;
}
local-preference 150;
local-address <IP>;
import [ no-ix no-bogons no-small-prefixes tag-ix damping
local-preference-peer community-clear ];
export [ originate export-peering export-ix community-clear
next-hop-self ];
neighbor <IP> {
apply-groups bgp-limit-50;
description "IX / Route Collector";
authentication-key "$...."; ## SECRET-DATA
peer-as <ASN>;
}
neighbor <IP> {
apply-groups bgp-limit-50;
description "ISP Name / AS-MACRO";
peer-as <ASN>;
}
neighbor <IP> {
apply-groups bgp-limit-500;
description "ISP Name / AS-MACRO";
peer-as <ASN>;
}
}
with
#show groups
bgp-log {
protocols {
bgp {
traceoptions {
file log-bgp size 1m files 5;
flag state;
flag normal;
flag general;
}
log-updown;
group <*> {
traceoptions {
flag normal;
flag general;
flag state;
}
log-updown;
}
}
}
}
bgp-limit-50 {
protocols {
bgp {
group <*> {
neighbor <*> {
family inet {
unicast {
prefix-limit {
maximum 50;
teardown 80;
}
}
}
}
}
}
}
}
....
Thomas