How to configure eBGP on Juniper Router

Today, we will learn to configure eBGP on Juniper Router. We will be using a simple point-to-point topology to keep the tutorial simple and to the point. So, let’s get started.

Every BGP configuration is done by following 2 steps. In first step, we need to tell, who we are by mentioning Autonomous System Number (ASN) and Router ID.

routing-options {
    router-id 1.1.1.1;
    autonomous-system 65001;
}

In the second step, we need to configure to establish a session with neighbors.

protocols {
    bgp {
        group Session-to-R1 {
            type external;
            neighbor 1.1.1.2 {
                peer-as 65002;
            }
        }
    }
}

Configuring eBGP on Juniper Devices

Let’s configure these by following below network topology.

First of all, we will configure the IP addresses of the interface for both of the Routers as per the topology.

R1:
set interfaces ge-0/0/0 unit 0 family inet address 1.1.1.1/30
set interfaces ge-0/0/1 unit 0 family inet address 10.1.1.1/24

R2:
set interfaces ge-0/0/0 unit 0 family inet address 1.1.1.2/30
set interfaces ge-0/0/1 unit 0 family inet address 172.16.0.1/24

Commit your configuration, and do basic check up.

[edit]
root@R1# commit
commit complete

Below, is my verification from R1 end. My both interfaces are UP and i can ping Router R2, from R1.

[edit]
root@R1# run show interfaces terse | match ge-
ge-0/0/0                up    up
ge-0/0/0.0              up    up   inet     1.1.1.1/30
ge-0/0/1                up    up
ge-0/0/1.0              up    up   inet     10.1.1.1/24

[edit]
root@R1#

[edit]
root@R1# run ping 1.1.1.2
PING 1.1.1.2 (1.1.1.2): 56 data bytes
64 bytes from 1.1.1.2: icmp_seq=0 ttl=64 time=16.820 ms
64 bytes from 1.1.1.2: icmp_seq=1 ttl=64 time=3.746 ms
64 bytes from 1.1.1.2: icmp_seq=2 ttl=64 time=3.899 ms
64 bytes from 1.1.1.2: icmp_seq=3 ttl=64 time=6.043 ms
^C
--- 1.1.1.2 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max/stddev = 3.746/7.627/16.820/5.385 ms

[edit]
root@R1#

Now, let’s move for BGP configuration. In the first step, I will be announcing ASN and Router-IDs.

R1:
set routing-options autonomous-system 65001
set routing-options router-id 1.1.1.1

R2:
set routing-options autonomous-system 65002
set routing-options router-id 1.1.1.2

In the second step, I will configure bgp session with remote end and commit the changes.

R1:
set protocols bgp group BGP-to-R2 neighbor 1.1.1.2 peer-as 65002
set protocols bgp group BGP-to-R2 type external

Here, we are saying that, our BGP type is external, which means it’s eBGP. We will configure internal bgp (iBGP) in another article.

Now, we will check bgp session summary by using “run show bgp summary“. You will see, session status is Active. It’s because remote end, still not configured and R1 actively trying to establish the session.

R1:
[edit]
root@R1# run show bgp summary
Groups: 1 Peers: 1 Down peers: 1
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
inet.0
                       0          0          0          0          0          0
Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
1.1.1.2               65002       5741       5740       0       1           5 Active

[edit]
root@R1#

So, let’s configure R2 end and commit the changes.

R2:
set protocols bgp group BGP-to-R1 neighbor 1.1.1.1 peer-as 65001
set protocols bgp group BGP-to-R1 type external

After completing the configuration in R2 ends, here is the final verification from R1.

[edit]
root@R1# run show bgp summary
Groups: 1 Peers: 1 Down peers: 0
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
inet.0
                       0          0          0          0          0          0
Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
1.1.1.2               65002          3          2       0       1          18 0/0/0/0              0/0/0/0

“run show bgp neighbor ” is another important command to verify bgp session and it will help to do the troubleshoot if needed.

[edit]
root@R1# run show bgp neighbor 1.1.1.2
Peer: 1.1.1.2+49742 AS 65002   Local: 1.1.1.1+179 AS 65001
  Group: Session-to-R1         Routing-Instance: master
  Forwarding routing-instance: master
  Type: External    State: Established    Flags: 
  Last State: OpenConfirm   Last Event: RecvKeepAlive
  Last Error: Cease
  Options: 
  Holdtime: 90 Preference: 170
  Number of flaps: 2
  Last flap event: Stop
  Error: 'Hold Timer Expired Error' Sent: 1 Recv: 0
  Error: 'Cease' Sent: 2 Recv: 0
  Peer ID: 1.1.1.2         Local ID: 1.1.1.1           Active Holdtime: 90
  Keepalive Interval: 30         Group index: 0    Peer index: 0    SNMP index: 0
  I/O Session Thread: bgpio-0 State: Enabled
  BFD: disabled, down
  Local Interface: ge-0/0/0.0
  NLRI for restart configured on peer: inet-unicast
  NLRI advertised by peer: inet-unicast
  NLRI for this session: inet-unicast
  Peer supports Refresh capability (2)
  Stale routes from peer are kept for: 300
  Peer does not support Restarter functionality
  Restart flag received from the peer: Notification
  NLRI that restart is negotiated for: inet-unicast
  NLRI of received end-of-rib markers: inet-unicast
  NLRI of all end-of-rib markers sent: inet-unicast
  Peer does not support LLGR Restarter functionality
  Peer supports 4 byte AS extension (peer-as 65002)
  Peer does not support Addpath
  Table inet.0 Bit: 20000
    RIB State: BGP restart is complete
    Send state: in sync
    Active prefixes:              0
    Received prefixes:            0
    Accepted prefixes:            0
    Suppressed due to damping:    0
    Advertised prefixes:          0
  Last traffic (seconds): Received 159812 Sent 577 Checked 159812
  Input messages:  Total 24     Updates 1       Refreshes 0     Octets 504
  Output messages: Total 22     Updates 0       Refreshes 0     Octets 422
  Output Queue[1]: 0            (inet.0, inet-unicast)

[edit]
root@R1#

If you check routes list, you will not find any routes from the remote end. It’s because, we have not announced any routes yet.

[edit]
root@R1# run show route

inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

1.1.1.0/30         *[Direct/0] 1d 19:52:28
                    > via ge-0/0/0.0
1.1.1.1/32         *[Local/0] 1d 19:52:28
                      Local via ge-0/0/0.0
10.1.1.0/24        *[Direct/0] 1d 19:52:28
                    > via ge-0/0/1.0
10.1.1.1/32        *[Local/0] 1d 19:52:28
                      Local via ge-0/0/1.0

inet6.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

ff02::2/128        *[INET6/0] 1d 20:14:26
                      MultiRecv

[edit]
root@R1#

So, let’s announce routes from both ends.

R1:
set policy-options policy-statement BGP-Export term 1 from route-filter 10.1.1.0/24 exact
set policy-options policy-statement BGP-Export term 1 then accept
set policy-options policy-statement BGP-Import term 1 from route-filter 172.16.0.0/24 exact
set policy-options policy-statement BGP-Import term 1 then accept

set protocols bgp group BGP-to-R2 import BGP-Import
set protocols bgp group BGP-to-R2 export BGP-Export

R2:
set policy-options policy-statement BGP-Export term 1 from route-filter 172.16.0.0/24 exact
set policy-options policy-statement BGP-Export term 1 then accept
set policy-options policy-statement BGP-Import term 1 from route-filter 10.1.1.0/24 exact
set policy-options policy-statement BGP-Import term 1 then accept

set protocols bgp group BGP-to-R1 import BGP-Import
set protocols bgp group BGP-to-R1 export BGP-Export

Now, verify final output of “run show bgp summary”.

[edit]
root@R1# run show bgp summary
Groups: 1 Peers: 1 Down peers: 0
Table          Tot Paths  Act Paths Suppressed    History Damp State    Pending
inet.0
                       1          1          0          0          0          0
Peer                     AS      InPkt     OutPkt    OutQ   Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
1.1.1.2               65002         61         59       0       2       25:42 1/1/1/0              0/0/0/0

You can see, we announced 1 route and received 1 route. You also can run “run show route” to verify.

[edit]
root@R1# run show route

inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

1.1.1.0/30         *[Direct/0] 1d 20:06:55
                    > via ge-0/0/0.0
1.1.1.1/32         *[Local/0] 1d 20:06:55
                      Local via ge-0/0/0.0
10.1.1.0/24        *[Direct/0] 1d 20:06:55
                    > via ge-0/0/1.0
10.1.1.1/32        *[Local/0] 1d 20:06:55
                      Local via ge-0/0/1.0
172.16.0.0/24      *[BGP/170] 00:03:52, localpref 100
                      AS path: 65002 I, validation-state: unverified
                    > to 1.1.1.2 via ge-0/0/0.0

inet6.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

ff02::2/128        *[INET6/0] 1d 20:28:53
                      MultiRecv

[edit]
root@R1#

So, our bgp session are established and we have routes in our routing table. Now, let’s ping from Bob‘s pc to Johns pc.

Bob> ping 172.16.0.100

84 bytes from 172.16.0.100 icmp_seq=1 ttl=62 time=15.025 ms
84 bytes from 172.16.0.100 icmp_seq=2 ttl=62 time=6.166 ms
84 bytes from 172.16.0.100 icmp_seq=3 ttl=62 time=23.729 ms
84 bytes from 172.16.0.100 icmp_seq=4 ttl=62 time=7.194 ms
Bob>

Success!