BGP Cheat Sheet (for the BGP exercises) ip classless ip subnet-zero ip bgp-community new-format ! !--------------BGP Configuration------ router bgp 51234 ! Initial BGP config statement ! gives your with ASN no synchronization ! Do not synchronize with the IGP no auto-summary ! no classfull boundaries bgp dampening ! dampen route flaps network 103.223.0.0 mask 255.255.0.0 ! network to announce into BGP !---------------First Peer------------- neighbor 101.98.66.11 remote-as 51357 ! peer's address and AS number neighbor 101.98.66.11 description BigISP Transit (noc@upstream.net) ! name and contact info is useful neighbor 101.98.66.11 send-community ! Send communities to peers neighbor 101.98.66.11 version 4 ! BGP version 4 neighbor 101.98.66.11 password ! password for eBGP session neighbor 101.98.66.11 prefix-list sanity-filter in ! filter all incoming announcements ! against this prefix-list neighbor 101.98.66.11 prefix-list my-routes out ! filter all outgoing announcements ! against this prefix-list !---------------Second Peer------------ neighbor 101.55.13.7 remote-as 53512 ! peer's address and AS number neighbor 101.55.13.7 description SmallISP Peering (noc@smallisp.net) ! name and contact info is useful neighbor 101.55.13.7 send-community ! Send communities to peers neighbor 101.55.13.7 version 4 ! BGP version 4 neighbor 101.55.13.7 password ! password for eBGP session neighbor 101.55.13.7 prefix-list as53512-in in ! filter all incoming announcements ! against this prefix-list neighbor 101.55.13.7 prefix-list my-routes out ! filter all outgoing announcements ! against this prefix-list !---------------Internal Peer---------- neighbor 102.108.0.1 remote-as 51234 ! iBGP (remote AS is same as local AS) neighbor 102.108.0.1 description IBGP-peer ! useful info: neighbor description neighbor 102.108.0.1 version 4 ! BGP version 4 neighbor 102.108.0.1 password ! password for iBGP session neighbor 102.108.0.1 update-source loopback ! always use loopback for iBGP neighbor 102.108.0.1 send-community ! Send communities to internal peers ! ip prefix-list my-routes description Allow my routes and deny others ip prefix-list my-routes seq 5 permit 128.223.0.0/16 ip prefix-list my-routes seq 100 deny 0.0.0.0/0 le 32 ! ip prefix-list as53512-in description All routes for peer AS 123 ip prefix-list as53512-in seq 5 permit 205.240.25.0/24 ip prefix-list as53512-in seq 10 permit 199.217.92.0/22 ip prefix-list as53512-in seq 15 permit 206.40.128.0/22 ip prefix-list as53512-in seq 100 deny 0.0.0.0/0 le 32 ! ! prefix-list to deny some bad prefixes, permit almost everything else, ! but deny prefixes longer than /24 - see RFC3330 and Project Cymru ! (www.cymru.com/Documents) for more info ! ip prefix-list sanity-filter description "Deny default, RFC1918, net 10" ip prefix-list sanity-filter seq 15 deny 10.0.0.0/8 le 32 ip prefix-list sanity-filter seq 10 deny 127.0.0.0/8 le 32 ip prefix-list sanity-filter seq 20 deny 169.254.0.0/16 le 32 ip prefix-list sanity-filter seq 20 deny 172.16.0.0/12 le 32 ip prefix-list sanity-filter seq 30 deny 192.0.2.0/24 le 32 ip prefix-list sanity-filter seq 25 deny 192.168.0.0/16 le 32 ip prefix-list sanity-filter seq 50 permit 0.0.0.0/0 le 24 !