INR Lab 5 - BGP

###### tags: `finished` :::success # INR Lab 5 - BGP ::: ## 1. Preparation: :::info a. Select a virtual routing solution that you would like to try. For example (Mikrotik, vyos, Pfsense). b. GNS3 already has a template for these routers (Mikrotik, vyos, Pfsense), try to use these templates as it will save you a lot of time and troubleshooting. c. Try to draw a network scheme before you start the lab. This will help you in the deployment phase. d. The network scheme should include at least two networks, each one of them should have at least 3 routers, these routers can be the same routers from the OSPF lab. ::: As a solution, I chose MikroTik, because I already know it well. My topology is partially similar to Lab 4 (OSPF). Subnet `192.168.7.0` belongs to the backbone area, and subnet `172.16.7.0` to area1. <center> ![](https://i.imgur.com/iqegkPF.png) Figure 1 - My topology </center> I used the following commands to configure OSPF: Example of backbone conf on R1 (similar settings for R2 and R3): ``` #Assigning IP addresses to router interfaces: /ip address add address=192.168.17.1/24 interface=ether2 /ip address add address=192.168.7.1/24 interface=ether1 #Configure OSPF on loopback interface for more safety: /routing ospf instance> add name=default /interface bridge add name=loopback /ip address add address=10.255.255.1/32 interface=loopback /routing ospf instance> set 0 router-id=10.255.255.1 #Then add network in our backbone area: /routing ospf network add network=192.168.7.0/24 area=backbone /routing ospf network add network=192.168.17.0/24 area=backbone ``` <center> ![](https://i.imgur.com/avExzAV.png) Figure 2 - Test the connections between machines in backbone area ![](https://i.imgur.com/BETqJYB.png) Figure 3 - Results of several command for check OSPF status </center> Example of area1 conf on R4 (similar settings for R5 and R6): Earlier, on the side of area1 were incorrect setting backbone side, it happened due to the fact that I did not immediately determine what part of the network will relate to this area. Therefore, initially in the area1 it was created by default ospf instance (0.0.0.0) to the loopback interfaces. So my setup looks a bit like a mess. ``` #Assigning IP addresses to router interfaces: /ip address add address=172.16.7.1/24 interface=ether1 /ip address add address=172.16.17.1/24 interface=ether2 #Configure OSPF on loopback interface for more safety: /routing ospf instance add name=default /interface bridge add name=loopback /ip address add address=10.255.255.4/32 interface=loopback /routing ospf instance set 0 router-id=10.255.255.4 #Create area1: /routing ospf area add name=area1 area-id=0.0.0.1 #Then add network in area1 area: /routing ospf network add network=172.16.7.0/24 area=area1 /routing ospf network add network=172.16.17.0/24 area=area1 ``` :::info e. This lab should be done in teams of 2, 3, or 4. As long as each team member uses a different network device. f. Connect one of your OSPF ASBR router interfaces (BGP interface) to your physical interface (bridge can also be used). g. Agree with other teams on a subnet that your team will use. h. Check that you can ping your teammates ASBR router from your ASBR router. ::: <center> ![](https://i.imgur.com/GeVpww5.png) Figure 4 - Our team map </center> I joined a team on subnet 217.1.2.0, consisting of Ilya, Alisher and Vladimir. My AS = 64777 My subnet = 217.1.2.7 Below are the settings for the R7 link router: ``` #Assigning IP addresses to router interfaces: /ip address add address=217.1.2.7/24 interface=ether1 /ip address add address=192.168.7.4/24 interface=ether2 /ip address add address=172.16.7.4/24 interface=ether3 /interface bridge add name=loopback /ip address add address=10.7.7.7 interface=loopback /routing ospf network add network=217.1.2.0/24 area=backbone ``` <center> ![](https://i.imgur.com/XKf5iQK.png) Figure 5 - R7 as a bridge between two area ![](https://i.imgur.com/ajPSUHj.png) Figure 6 - Ping to ASBR Vladimir and ASBR Alisher </center> ## 2. Deployment: :::info a. Define an AS number that your ASBR router will use, again agree with the other teams on which AS number each team will use (64512 to 65534). b. Enable BGP and start advertising your OSPF network to your peer. c. Can your peers reach your internal subnets? And can you reach their internal subnets? ::: Okay, my team uses Vladimir's number (65001). Add BGP mode in R7: ``` #Configure BGP (remote address and AS is Vladimir): /routing bgp instance add redistribute-ospf=yes as=64777 router-id=10.7.7.7 routing bgp peer add remote-as=65001 remote-address=217.1.2.2 ``` <center> ![](https://i.imgur.com/kX5OtA3.png) Figure 7 - Ping to Ilia's internal subnet (192.168.100.2) and Vladimir (10.10.20.2) </center> :::info d. How can the OSPF Internal router know about your peer’s OSPF Internal router? One way is to redistribute BGP routes into the OSPF routing table, but is this a practical method? why? ::: Neighbor routers only know about the internal network if I distribute it. But this is not practical, since the BGP essentially connects the entire Internet and if internal routes also float in it, then the size of the BGP tables will exceed terabytes. Initially, our idea was to distribute our own SPF tables in the BGP so as not to clog up their internal tables, but this would require a VPN. ## 3. Verification: :::info a. How can you check if you have an established status with your peer? b. How can you check in the routing table of ASBR and OSPF Internal routers to see which networks did you receive from your neighbors? c. Use traceroute to verify that you have full BGP and OSPF connectivity. ::: I can check established status with the command `/routing bgp peer print`. Below you can also see advertising between my router and Alisher (we are the only ones who are finishing this lab now). <center> ![](https://i.imgur.com/Yt1AqmM.png) Figure 8 - Here we have chat with Alisher's ASBR ![](https://i.imgur.com/ySW6T16.png) Figure 9 - Full route table ![](https://i.imgur.com/rssaSA6.png) Figure 10 - Result of tracerout </center> ## 4. Transit: :::info a. Peer with other teams and send them the routers that you receive from your peer in task 2 b. Can the new peer reach your network and your teammate network through you? ::: Since I was the last to connect, all the screenshots above have already been taken from the general network. Including a giant routing table. ## 5. ISP (Bonus) :::info a. Become a transit for all/most of the networks that are available. ::: We are all connected /mysterious sounds from the movie The Matrix/ References: 1. [Manual:Routing/OSPF - MikroTik](https://wiki.mikrotik.com/wiki/Manual:Routing/OSPF) 2. [Manual:OSPF-examples - MikroTik](https://wiki.mikrotik.com/wiki/Manual:OSPF-examples) 3. [Manual:Routing/BGP - Mikrotik](https://wiki.mikrotik.com/wiki/Manual:Routing/BGP) 4. [Very simple presentation of BGP work on Habr (ru)](https://habr.com/ru/post/184350/) 5. [How to BGP MikroTik](https://wiki.mikrotik.com/wiki/Manual:BGP_HowTo_%26_FAQ)