If you remember how BGP’s best path selection algorithm works, you’ll likely remember hearing about the multi-exit discriminator, or MED. The MED is an optional, non-transitive attribute of BGP. When we have multiple entry points (connections) to another AS, this allows us to tell the other AS how we would like them to route traffic to us. Remember that, unlike weight and local preference, lower MEDs are preferred over higher MEDs.
For this lab, we have three routers set up in the following topology:
R1 (AS 65065) is our router and R2 and R3 (AS 65001) belong to our ISP. We’re going to assume that the connection between R1 and R2 is a 1.544 Mbps and that the connection between R1 and R3 is 768 kbps. We would like AS 65001 to use the faster connection (R1-R2) when sending traffic to us, and only use the R1-R3 connection as a backup. The IP network 1.1.1.0/24 has been assigned to us, and we will advertise that into BGP on R1.
First, I’ve configured a number of things previously:
- all connections between routers
- BGP on R2 and R3 (including the iBGP peering)
- the loopback0 interface on R1 (with IP address 1.1.1.1/24)
With all this already configured, we can jump straight into the basic BGP configuration on R1:
R1(config)# router bgp 65065
R1(config-router)# network 1.1.1.0 mask 255.255.255.0
R1(config-router)# neighbor 172.16.12.1 remote-as 65001
R1(config-router)# neighbor 172.16.12.5 remote-as 65001
In a moment (remember, BGP is slooow to converge), we’ll see our neighbor relationships come up:
*Mar 1 03:52:45.519: %BGP-5-ADJCHANGE: neighbor 172.16.12.1 Up
*Mar 1 03:52:49.515: %BGP-5-ADJCHANGE: neighbor 172.16.12.5 Up
Now, let’s take a look at the BGP tables on both R2 and R3:
R2# sh ip bgp
BGP table version is 2, local router ID is 172.16.12.9
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i1.1.1.0/24 172.16.12.10 0 100 0 65065 i
*> 172.16.12.2 0 0 65065 i
R3# sh ip bgp
BGP table version is 2, local router ID is 172.16.12.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i1.1.1.0/24 172.16.12.9 0 100 0 65065 i
*> 172.16.12.6 0 0 65065 i
We can see that R3 is taking the direct path to R1 and R2 is taking the path through R3. This is contrary to what we stated earlier, “We would like AS 65001 to use the faster connection (R1-R2) when sending traffic to us …”. Let’s look into manipulating the MED to achieve our desired result.
The first thing we should do is begin creating an access list that matches the networks we are advertising into BGP. Since (for the sake of this example), our only network is 1.1.1.0/24, this is very simple and can be accomplished with just one access list entry:
R1(config-router)# exit
R1(config)# ip access-list standard BGP_NETWORKS
R1(config-std-nacl)# permit 1.1.1.0 0.0.0.255
Now we have an access list named BGP_NETWORKS that matches our 1.1.1.0/24 network. Next, we need to create a route-map that we can use to set the MED value, which is 0 by default. Since the lowest MED wins, all we need to do is ensure that we are sending a MED higher than 0 to R3. This will ensure that R2 has a lower MED than R3 and therefore AS 65001 will use R2 when sending traffic to us (AS 65065). Let’s create that route-map, have it match on our BGP\_NETWORKS access list, and set the MED to 100:
R1(config-std-nacl)# route-map MED_100 permit 10
R1(config-route-map)# match ip address BGP_NETWORKS
R1(config-route-map)# set metric 100
With our MED_100 route-map in place, we just need to apply it to our neighbor R3, and clear the BGP process:
R1(config-router)# neighbor 172.16.12.5 route-map MED_100 out
R1(config-router)# do clear ip bgp *
In short order, we’ll see our BGP adjacencies go down and then come back up:
*Mar 1 04:06:05.014: %BGP-5-ADJCHANGE: neighbor 172.16.12.1 Down User reset
*Mar 1 04:06:05.014: %BGP-5-ADJCHANGE: neighbor 172.16.12.5 Down User reset
*Mar 1 04:06:43.766: %BGP-5-ADJCHANGE: neighbor 172.16.12.5 Up
*Mar 1 04:06:48.154: %BGP-5-ADJCHANGE: neighbor 172.16.12.1 Up
Let’s take a look at the BGP tables on R3 now:
R3# sh ip bgp
BGP table version is 6, local router ID is 172.16.12.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i1.1.1.0/24 172.16.12.9 0 100 0 65065 i
* 172.16.12.6 100 0 65065 i
We can see that R3 is receiving the 1.1.1.0/24 route from R2 (172.16.12.9) with a metric of 0 and from R1 (172.16.12.6) with a metric of 100. Also, note that BGP has now decided the best path to the 1.1.1.0/24 network is through R2.
Refer to http://evilrouters.net/
