arrange services and protocols

author: rebortg <github@ghlr.de> 2020-11-30 20:53:36 +0100
committer: rebortg <github@ghlr.de> 2020-11-30 20:53:36 +0100
commit: 8943fc9f877cbee3301a8261ddd27b4b1f15f174 (patch)
tree: bb09c5f41a7683dc361517c2bde346eea36cda24 /docs/routing/bgp.rst
parent: e33e1268f944be445b5a771df0e97e913487512f (diff)
download: vyos-documentation-8943fc9f877cbee3301a8261ddd27b4b1f15f174.tar.gz
vyos-documentation-8943fc9f877cbee3301a8261ddd27b4b1f15f174.zip
1 files changed, 0 insertions, 335 deletions
diff --git a/docs/routing/bgp.rst b/docs/routing/bgp.rst
deleted file mode 100644
index c576d836..00000000
--- a/docs/routing/bgp.rst
+++ /dev/null
@@ -1,335 +0,0 @@
-.. _bgp:
-
-###
-BGP
-###
-
-:abbr:`BGP (Border Gateway Protocol)` is one of the Exterior Gateway Protocols
-and the de facto standard interdomain routing protocol. The latest BGP version
-is 4. BGP-4 is described in :rfc:`1771` and updated by :rfc:`4271`. :rfc:`2858`
-adds multiprotocol support to BGP.
-
-VyOS makes use of :abbr:`FRR (Free Range Routing)` and we would like to thank
-them for their effort!
-
-Basic Concepts
-==============
-
-.. _bgp-autonomous-systems:
-
-Autonomous Systems
-------------------
-
-From :rfc:`1930`:
-
-   An AS is a connected group of one or more IP prefixes run by one or more
-   network operators which has a SINGLE and CLEARLY DEFINED routing policy.
-
-Each AS has an identifying number associated with it called an :abbr:`ASN
-(Autonomous System Number)`. This is a two octet value ranging in value from 1
-to 65535. The AS numbers 64512 through 65535 are defined as private AS numbers.
-Private AS numbers must not be advertised on the global Internet.
-
-The :abbr:`ASN (Autonomous System Number)` is one of the essential elements of
-BGP. BGP is a distance vector routing protocol, and the AS-Path framework
-provides distance vector metric and loop detection to BGP.
-
-.. _bgp-address-families:
-
-Address Families
-----------------
-
-Multiprotocol extensions enable BGP to carry routing information for multiple
-network layer protocols. BGP supports an Address Family Identifier (AFI) for
-IPv4 and IPv6.
-
-.. _bgp-route-selection:
-
-Route Selection
----------------
-
-The route selection process used by FRR's BGP implementation uses the following
-decision criterion, starting at the top of the list and going towards the
-bottom until one of the factors can be used.
-
-1. **Weight check**
-
-   Prefer higher local weight routes to lower routes.
-
-2. **Local preference check**
-
-   Prefer higher local preference routes to lower.
-
-3. **Local route check**
-
-   Prefer local routes (statics, aggregates, redistributed) to received routes.
-
-4. **AS path length check**
-
-   Prefer shortest hop-count AS_PATHs.
-
-5. **Origin check**
-
-   Prefer the lowest origin type route. That is, prefer IGP origin routes to
-   EGP, to Incomplete routes.
-
-6. **MED check**
-
-   Where routes with a MED were received from the same AS, prefer the route
-   with the lowest MED.
-
-7. **External check**
-
-   Prefer the route received from an external, eBGP peer over routes received
-   from other types of peers.
-
-8. **IGP cost check**
-
-   Prefer the route with the lower IGP cost.
-
-9. **Multi-path check**
-
-   If multi-pathing is enabled, then check whether the routes not yet
-   distinguished in preference may be considered equal. If
-   :cfgcmd:`bgp bestpath as-path multipath-relax` is set, all such routes are
-   considered equal, otherwise routes received via iBGP with identical AS_PATHs
-   or routes received from eBGP neighbours in the same AS are considered equal.
-
-10. **Already-selected external check**
-
-    Where both routes were received from eBGP peers, then prefer the route
-    which is already selected. Note that this check is not applied if
-    :cfgcmd:`bgp bestpath compare-routerid` is configured. This check can
-    prevent some cases of oscillation.
-
-11. **Router-ID check**
-
-    Prefer the route with the lowest `router-ID`. If the route has an
-    `ORIGINATOR_ID` attribute, through iBGP reflection, then that router ID is
-    used, otherwise the `router-ID` of the peer the route was received from is
-    used.
-
-12. **Cluster-List length check**
-
-    The route with the shortest cluster-list length is used. The cluster-list
-    reflects the iBGP reflection path the route has taken.
-
-13. **Peer address**
-
-    Prefer the route received from the peer with the higher transport layer
-    address, as a last-resort tie-breaker.
-
-.. _bgp-capability-negotiation:
-
-Capability Negotiation
-----------------------
-
-When adding IPv6 routing information exchange feature to BGP. There were some
-proposals. :abbr:`IETF (Internet Engineering Task Force)`
-:abbr:`IDR (Inter Domain Routing)` adopted a proposal called Multiprotocol
-Extension for BGP. The specification is described in :rfc:`2283`. The protocol
-does not define new protocols. It defines new attributes to existing BGP. When
-it is used exchanging IPv6 routing information it is called BGP-4+. When it is
-used for exchanging multicast routing information it is called MBGP.
-
-*bgpd* supports Multiprotocol Extension for BGP. So if a remote peer supports
-the protocol, *bgpd* can exchange IPv6 and/or multicast routing information.
-
-Traditional BGP did not have the feature to detect a remote peer's
-capabilities, e.g. whether it can handle prefix types other than IPv4 unicast
-routes. This was a big problem using Multiprotocol Extension for BGP in an
-operational network. :rfc:`2842` adopted a feature called Capability
-Negotiation. *bgpd* use this Capability Negotiation to detect the remote peer's
-capabilities. If a peer is only configured as an IPv4 unicast neighbor, *bgpd*
-does not send these Capability Negotiation packets (at least not unless other
-optional BGP features require capability negotiation).
-
-By default, FRR will bring up peering with minimal common capability for the
-both sides. For example, if the local router has unicast and multicast
-capabilities and the remote router only has unicast capability the local router
-will establish the connection with unicast only capability. When there are no
-common capabilities, FRR sends Unsupported Capability error and then resets the
-connection.
-
-.. _bgp-router-configuration:
-
-BGP Router Configuration
-========================
-
-ASN and Router ID
------------------
-
-.. cfgcmd:: set protocols bgp <asn>
-
-   First of all you must configure BGP router with the :abbr:`ASN (Autonomous
-   System Number)`. The AS number is an identifier for the autonomous system.
-   The BGP protocol uses the AS number for detecting whether the BGP connection
-   is internal or external.
-
-.. cfgcmd:: set protocols bgp <asn> parameters router-id
-
-   This command specifies the router-ID. If router ID is not specified it will
-   use the highest interface IP address.
-
-Route Selection
----------------
-
-.. cfgcmd:: set protocols bgp <asn> parameters bestpath as-path confed
-
-   This command specifies that the length of confederation path sets and
-   sequences should be taken into account during the BGP best path
-   decision process.
-
-.. cfgcmd:: set protocols bgp <asn> parameters bestpath as-path multipath-relax
-
-   This command specifies that BGP decision process should consider paths
-   of equal AS_PATH length candidates for multipath computation. Without
-   the knob, the entire AS_PATH must match for multipath computation.
-
-.. cfgcmd:: set protocols bgp <asn> parameters bestpath as-path ignore
-
-   Ignore AS_PATH length when selecting a route
-
-IPv4
-^^^^
-
-A simple eBGP configuration:
-
-**Node 1:**
-
-.. code-block:: none
-
-  set protocols bgp 65534 neighbor 192.168.0.2 ebgp-multihop '2'
-  set protocols bgp 65534 neighbor 192.168.0.2 remote-as '65535'
-  set protocols bgp 65534 neighbor 192.168.0.2 update-source '192.168.0.1'
-  set protocols bgp 65534 address-family ipv4-unicast network '172.16.0.0/16'
-  set protocols bgp 65534 parameters router-id '192.168.0.1'
-
-**Node 2:**
-
-.. code-block:: none
-
-  set protocols bgp 65535 neighbor 192.168.0.1 ebgp-multihop '2'
-  set protocols bgp 65535 neighbor 192.168.0.1 remote-as '65534'
-  set protocols bgp 65535 neighbor 192.168.0.1 update-source '192.168.0.2'
-  set protocols bgp 65535 address-family ipv4-unicast network '172.17.0.0/16'
-  set protocols bgp 65535 parameters router-id '192.168.0.2'
-
-
-Don't forget, the CIDR declared in the network statement MUST **exist in your
-routing table (dynamic or static), the best way to make sure that is true is
-creating a static route:**
-
-**Node 1:**
-
-.. code-block:: none
-
-  set protocols static route 172.16.0.0/16 blackhole distance '254'
-
-**Node 2:**
-
-.. code-block:: none
-
-  set protocols static route 172.17.0.0/16 blackhole distance '254'
-
-
-IPv6
-^^^^
-
-A simple BGP configuration via IPv6.
-
-**Node 1:**
-
-.. code-block:: none
-
-  set protocols bgp 65534 neighbor 2001:db8::2 ebgp-multihop '2'
-  set protocols bgp 65534 neighbor 2001:db8::2 remote-as '65535'
-  set protocols bgp 65534 neighbor 2001:db8::2 update-source '2001:db8::1'
-  set protocols bgp 65534 neighbor 2001:db8::2 address-family ipv6-unicast
-  set protocols bgp 65534 address-family ipv6-unicast network '2001:db8:1::/48'
-  set protocols bgp 65534 parameters router-id '10.1.1.1'
-
-**Node 2:**
-
-.. code-block:: none
-
-  set protocols bgp 65535 neighbor 2001:db8::1 ebgp-multihop '2'
-  set protocols bgp 65535 neighbor 2001:db8::1 remote-as '65534'
-  set protocols bgp 65535 neighbor 2001:db8::1 update-source '2001:db8::2'
-  set protocols bgp 65535 neighbor 2001:db8::1 address-family ipv6-unicast
-  set protocols bgp 65535 address-family ipv6-unicast network '2001:db8:2::/48'
-  set protocols bgp 65535 parameters router-id '10.1.1.2'
-
-Don't forget, the CIDR declared in the network statement **MUST exist in your
-routing table (dynamic or static), the best way to make sure that is true is
-creating a static route:**
-
-**Node 1:**
-
-.. code-block:: none
-
-  set protocols static route6 2001:db8:1::/48 blackhole distance '254'
-
-**Node 2:**
-
-.. code-block:: none
-
-  set protocols static route6 2001:db8:2::/48 blackhole distance '254'
-
-Route Filter
-^^^^^^^^^^^^
-
-Route filter can be applied using a route-map:
-
-**Node1:**
-
-.. code-block:: none
-
-  set policy prefix-list AS65535-IN rule 10 action 'permit'
-  set policy prefix-list AS65535-IN rule 10 prefix '172.16.0.0/16'
-  set policy prefix-list AS65535-OUT rule 10 action 'deny'
-  set policy prefix-list AS65535-OUT rule 10 prefix '172.16.0.0/16'
-  set policy prefix-list6 AS65535-IN rule 10 action 'permit'
-  set policy prefix-list6 AS65535-IN rule 10 prefix '2001:db8:2::/48'
-  set policy prefix-list6 AS65535-OUT rule 10 action 'deny'
-  set policy prefix-list6 AS65535-OUT rule 10 prefix '2001:db8:2::/48'
-  set policy route-map AS65535-IN rule 10 action 'permit'
-  set policy route-map AS65535-IN rule 10 match ip address prefix-list 'AS65535-IN'
-  set policy route-map AS65535-IN rule 10 match ipv6 address prefix-list 'AS65535-IN'
-  set policy route-map AS65535-IN rule 20 action 'deny'
-  set policy route-map AS65535-OUT rule 10 action 'deny'
-  set policy route-map AS65535-OUT rule 10 match ip address prefix-list 'AS65535-OUT'
-  set policy route-map AS65535-OUT rule 10 match ipv6 address prefix-list 'AS65535-OUT'
-  set policy route-map AS65535-OUT rule 20 action 'permit'
-  set protocols bgp 65534 neighbor 2001:db8::2 address-family ipv4-unicast route-map export 'AS65535-OUT'
-  set protocols bgp 65534 neighbor 2001:db8::2 address-family ipv4-unicast route-map import 'AS65535-IN'
-  set protocols bgp 65534 neighbor 2001:db8::2 address-family ipv6-unicast route-map export 'AS65535-OUT'
-  set protocols bgp 65534 neighbor 2001:db8::2 address-family ipv6-unicast route-map import 'AS65535-IN'
-
-**Node2:**
-
-.. code-block:: none
-
-  set policy prefix-list AS65534-IN rule 10 action 'permit'
-  set policy prefix-list AS65534-IN rule 10 prefix '172.17.0.0/16'
-  set policy prefix-list AS65534-OUT rule 10 action 'deny'
-  set policy prefix-list AS65534-OUT rule 10 prefix '172.17.0.0/16'
-  set policy prefix-list6 AS65534-IN rule 10 action 'permit'
-  set policy prefix-list6 AS65534-IN rule 10 prefix '2001:db8:1::/48'
-  set policy prefix-list6 AS65534-OUT rule 10 action 'deny'
-  set policy prefix-list6 AS65534-OUT rule 10 prefix '2001:db8:1::/48'
-  set policy route-map AS65534-IN rule 10 action 'permit'
-  set policy route-map AS65534-IN rule 10 match ip address prefix-list 'AS65534-IN'
-  set policy route-map AS65534-IN rule 10 match ipv6 address prefix-list 'AS65534-IN'
-  set policy route-map AS65534-IN rule 20 action 'deny'
-  set policy route-map AS65534-OUT rule 10 action 'deny'
-  set policy route-map AS65534-OUT rule 10 match ip address prefix-list 'AS65534-OUT'
-  set policy route-map AS65534-OUT rule 10 match ipv6 address prefix-list 'AS65534-OUT'
-  set policy route-map AS65534-OUT rule 20 action 'permit'
-  set protocols bgp 65535 neighbor 2001:db8::1 address-family ipv4-unicast route-map export 'AS65534-OUT'
-  set protocols bgp 65535 neighbor 2001:db8::1 address-family ipv4-unicast route-map import 'AS65534-IN'
-  set protocols bgp 65535 neighbor 2001:db8::1 address-family ipv6-unicast route-map export 'AS65534-OUT'
-  set protocols bgp 65535 neighbor 2001:db8::1 address-family ipv6-unicast route-map import 'AS65534-IN'
-
-We could expand on this and also deny link local and multicast in the rule 20
-action deny.
author	rebortg <github@ghlr.de>	2020-11-30 20:53:36 +0100
committer	rebortg <github@ghlr.de>	2020-11-30 20:53:36 +0100
commit	8943fc9f877cbee3301a8261ddd27b4b1f15f174 (patch)
tree	bb09c5f41a7683dc361517c2bde346eea36cda24 /docs/routing/bgp.rst
parent	e33e1268f944be445b5a771df0e97e913487512f (diff)
download	vyos-documentation-8943fc9f877cbee3301a8261ddd27b4b1f15f174.tar.gz vyos-documentation-8943fc9f877cbee3301a8261ddd27b4b1f15f174.zip