Bfd
Scenario to verify BGP with BFD (Bidirectional Forwarding Detection) for fast failure detection. BFD provides sub-second detection of link or neighbor failures, allowing BGP to react much faster than using BGP keepalive timers alone (which typically take tens of seconds). This test demonstrates BFD with eBGP multihop sessions where DUT0 and DUT1 are separated by a transit router (DUT2). The test verifies that when BGP traffic is blocked, BFD detects the failure and tears down the BGP session quickly.
Test eBGP with BFD
Description
Test to check eBGP with BFD protocol
Scenario
Step 1: Set the following configuration in DUT1 :
set interfaces dummy dum0 address 1.1.1.1/24 set interfaces ethernet eth0 address 10.10.0.200/24 set protocols bgp 20 neighbor peer bfd set protocols bgp 20 neighbor peer remote-address 10.10.0.100 set protocols bgp 20 neighbor peer remote-as 10 set protocols bgp 20 neighbor peer route-map export PERMIT set protocols bgp 20 redistribute connected route-map REDIS set protocols logging bgp bfd set protocols logging bgp neighbor-events set protocols logging level debugging set protocols route-map PERMIT rule 1 action permit set protocols route-map REDIS rule 1 action permit set protocols route-map REDIS rule 1 match interface dum0 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 10.10.0.100/24 set protocols bgp 10 neighbor peer bfd set protocols bgp 10 neighbor peer remote-address 10.10.0.200 set protocols bgp 10 neighbor peer remote-as 20 set protocols bgp 10 neighbor peer route-map import PERMIT set protocols logging bgp bfd set protocols logging bgp neighbor-events set protocols logging level debugging set protocols route-map PERMIT rule 1 action permit set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic policy DROP rule 1 action drop set traffic policy DROP rule 1 selector DROP set traffic selector DROP rule 1 destination port 179 set traffic selector DROP rule 1 protocol tcp set traffic selector DROP rule 2 protocol tcp set traffic selector DROP rule 2 source port 179 set traffic selector DROP rule 3 destination port 3784 set traffic selector DROP rule 3 protocol udp
Step 3: Run the command protocols bgp show ip neighbors on DUT0 and check whether the output matches the following regular expressions:
BGP state = Established Status: Up BFD: Type: single hopShow output
BGP neighbor is 10.10.0.200, remote AS 20, local AS 10, external link Local Role: undefined Remote Role: undefined Hostname: osdx BGP version 4, remote router ID 10.10.0.200, local router ID 10.10.0.100 BGP state = Established, up for 00:00:02 Last read 00:00:01, Last write 00:00:01 Hold time is 90 seconds, keepalive interval is 30 seconds Configured hold time is 90 seconds, keepalive interval is 30 seconds Configured tcp-mss is 0, synced tcp-mss is 1448 Configured conditional advertisements interval is 60 seconds Neighbor capabilities: 4 Byte AS: advertised and received AddPath: IPv4 Unicast: RX advertised and received Paths-Limit: IPv4 Unicast: advertised (0) and received (0) Long-lived Graceful Restart: advertised and received Address families by peer: Route refresh: advertised and received Enhanced Route Refresh: advertised and received Address Family IPv4 Unicast: advertised and received Hostname Capability: advertised (name: osdx,domain name: n/a) received (name: osdx,domain name: n/a) Version Capability: not advertised not received Link-Local Next Hop Capability: not advertised not received Graceful Restart Capability: advertised and received Remote Restart timer is 120 seconds Address families by peer: Graceful Restart Capability: advertised and received Remote Restart timer is 120 seconds Peer has restarted (R-bit is set) Peer has restarted (N-bit is set) Address families by peer: none Graceful restart information: End-of-RIB send: IPv4 Unicast End-of-RIB received: IPv4 Unicast Local GR Mode: Helper* Remote GR Mode: Helper R bit: True N bit: True Timers: Configured Restart Time(sec): 120 Received Restart Time(sec): 120 Configured LLGR Stale Path Time(sec): 0 IPv4 Unicast: F bit: False End-of-RIB sent: Yes End-of-RIB sent after update: Yes End-of-RIB received: Yes Timers: Configured Stale Path Time(sec): 360 LLGR Stale Path Time(sec): 0 Message statistics: Inq depth is 0 Outq depth is 0 Sent Rcvd Opens: 2 1 Notifications: 1 0 Updates: 1 3 Keepalives: 1 1 Route Refresh: 1 2 Capability: 0 0 Total: 6 7 Prefix statistics: Inbound filtered: 0 AS-PATH loop: 0 Originator loop: 0 Cluster loop: 0 Invalid next-hop: 0 Withdrawn: 0 Attributes discarded: 0 Minimum time between advertisement runs is 0 seconds Update delay timer is 0 seconds (remaining: 0) For address family: IPv4 Unicast Update group 1, subgroup 1 Packet Queue length 0 Community attribute sent to this neighbor(all) Inbound path policy configured Route map for incoming advertisements is *PERMIT Outbound updates discarded due to missing policy 1 accepted, 0 sent prefixes Connections established 1; dropped 0 Last reset 00:00:02, Cease: connection collision (n/a) External BGP neighbor may be up to 1 hops away. Local host: 10.10.0.100, Local port: 179 Foreign host: 10.10.0.200, Foreign port: 33996 Nexthop: 10.10.0.100 Nexthop global: :: Nexthop local: :: BGP connection: shared network BGP Connect Retry Timer in Seconds: 30 Estimated round trip time: 0 ms BFD Hold Time (interval 30) timer expires in 0 seconds Read thread: on Write thread: on FD used: 30 BFD: Type: single hop Detect Multiplier: 3, Min Rx interval: 300, Min Tx interval: 300 Status: Up, Last update: 0:00:00:01
Step 4: Run the command protocols bgp show ip on DUT0 and check whether the output matches the following regular expressions:
1.1.1.0/24Show output
BGP table version is 1, local router ID is 10.10.0.100, vrf id 0 Default local pref 100, local AS 10 Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 1.1.1.0/24 10.10.0.200 0 0 20 ? Displayed 1 routes and 1 total paths
Step 5: Run the command protocols ip show route on DUT0 and check whether the output matches the following regular expressions:
1.1.1.0/24Show output
Codes: K - kernel route, C - connected, L - local, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR, f - OpenFabric, t - Table-Direct, > - selected route, * - FIB route, q - queued, r - rejected, b - backup t - trapped, o - offload failure IPv4 unicast VRF default: B>* 1.1.1.0/24 [20/0] via 10.10.0.200, eth0, weight 1, 00:00:01 C>* 10.10.0.0/24 is directly connected, eth0, weight 1, 00:00:02 L>* 10.10.0.100/32 is directly connected, eth0, weight 1, 00:00:02
Step 6: Ping the IP address 1.1.1.1 from DUT0:
admin@DUT0$ ping 1.1.1.1 count 1 size 56 timeout 1Show output
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data. 64 bytes from 1.1.1.1: icmp_seq=1 ttl=64 time=0.237 ms --- 1.1.1.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.237/0.237/0.237/0.000 ms
Step 7: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 10.10.0.100/24 set interfaces ethernet eth0 traffic policy local-out DROP set protocols bgp 10 neighbor peer bfd set protocols bgp 10 neighbor peer remote-address 10.10.0.200 set protocols bgp 10 neighbor peer remote-as 20 set protocols bgp 10 neighbor peer route-map import PERMIT set protocols logging bgp bfd set protocols logging bgp neighbor-events set protocols logging level debugging set protocols route-map PERMIT rule 1 action permit set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic policy DROP rule 1 action drop set traffic policy DROP rule 1 selector DROP set traffic selector DROP rule 1 destination port 179 set traffic selector DROP rule 1 protocol tcp set traffic selector DROP rule 2 protocol tcp set traffic selector DROP rule 2 source port 179 set traffic selector DROP rule 3 destination port 3784 set traffic selector DROP rule 3 protocol udp
Step 8: Run the command protocols bgp show ip neighbors on DUT0 and check whether the output matches the following regular expressions:
BGP state = (Connect|Idle) Status: Down BFD: Type: single hopShow output
BGP neighbor is 10.10.0.200, remote AS 20, local AS 10, external link Local Role: undefined Remote Role: undefined Hostname: osdx BGP version 4, remote router ID 10.10.0.200, local router ID 10.10.0.100 BGP state = Idle Last read 00:00:04, Last write 00:00:04 Hold time is 90 seconds, keepalive interval is 30 seconds Configured hold time is 90 seconds, keepalive interval is 30 seconds Configured tcp-mss is 0, synced tcp-mss is 0 Configured conditional advertisements interval is 60 seconds Graceful restart information: Local GR Mode: Helper* Remote GR Mode: NotApplicable R bit: False N bit: False Timers: Configured Restart Time(sec): 120 Received Restart Time(sec): 120 Configured LLGR Stale Path Time(sec): 0 Message statistics: Inq depth is 0 Outq depth is 0 Sent Rcvd Opens: 2 1 Notifications: 1 2 Updates: 1 3 Keepalives: 1 1 Route Refresh: 1 2 Capability: 0 0 Total: 6 9 Prefix statistics: Inbound filtered: 0 AS-PATH loop: 0 Originator loop: 0 Cluster loop: 0 Invalid next-hop: 0 Withdrawn: 0 Attributes discarded: 0 Minimum time between advertisement runs is 0 seconds Update delay timer is 0 seconds (remaining: 0) For address family: IPv4 Unicast Not part of any update group Community attribute sent to this neighbor(all) Inbound path policy configured Route map for incoming advertisements is *PERMIT Outbound updates discarded due to missing policy 0 accepted prefixes Connections established 1; dropped 1 Last reset 00:00:01, Peer closed the session (n/a) External BGP neighbor may be up to 1 hops away. Local host: 10.10.0.100, Local port: 179 Foreign host: 10.10.0.200, Foreign port: 33996 Nexthop: 10.10.0.100 Nexthop global: :: Nexthop local: :: BGP connection: shared network BGP Connect Retry Timer in Seconds: 30 Next start timer due in 0 seconds BFD Hold Time (interval 30) timer expires in 0 seconds Read thread: off Write thread: off FD used: -1 BFD: Type: single hop Detect Multiplier: 3, Min Rx interval: 300, Min Tx interval: 300 Status: Down, Last update: 0:00:00:01
Step 9: Run the command protocols bgp show ip on DUT0 and check whether the output does not match the following regular expressions:
1.1.1.0/24Show output
No BGP prefixes displayed, 0 exist
Step 10: Run the command protocols ip show route on DUT0 and check whether the output does not match the following regular expressions:
1.1.1.0/24Show output
Codes: K - kernel route, C - connected, L - local, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR, f - OpenFabric, t - Table-Direct, > - selected route, * - FIB route, q - queued, r - rejected, b - backup t - trapped, o - offload failure IPv4 unicast VRF default: C>* 10.10.0.0/24 is directly connected, eth0, weight 1, 00:00:05 L>* 10.10.0.100/32 is directly connected, eth0, weight 1, 00:00:05
Step 11: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 10.10.0.100/24 set protocols bgp 10 neighbor peer bfd set protocols bgp 10 neighbor peer remote-address 10.10.0.200 set protocols bgp 10 neighbor peer remote-as 20 set protocols bgp 10 neighbor peer route-map import PERMIT set protocols logging bgp bfd set protocols logging bgp neighbor-events set protocols logging level debugging set protocols route-map PERMIT rule 1 action permit set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic policy DROP rule 1 action drop set traffic policy DROP rule 1 selector DROP set traffic selector DROP rule 1 destination port 179 set traffic selector DROP rule 1 protocol tcp set traffic selector DROP rule 2 protocol tcp set traffic selector DROP rule 2 source port 179 set traffic selector DROP rule 3 destination port 3784 set traffic selector DROP rule 3 protocol udp
Step 12: Run the command protocols bgp show ip neighbors on DUT0 and check whether the output matches the following regular expressions:
BGP state = Established Status: Up BFD: Type: single hopShow output
BGP neighbor is 10.10.0.200, remote AS 20, local AS 10, external link Local Role: undefined Remote Role: undefined Hostname: osdx BGP version 4, remote router ID 10.10.0.200, local router ID 10.10.0.100 BGP state = Established, up for 00:00:01 Last read 00:00:00, Last write 00:00:00 Hold time is 90 seconds, keepalive interval is 30 seconds Configured hold time is 90 seconds, keepalive interval is 30 seconds Configured tcp-mss is 0, synced tcp-mss is 1448 Configured conditional advertisements interval is 60 seconds Neighbor capabilities: 4 Byte AS: advertised and received AddPath: IPv4 Unicast: RX advertised and received Paths-Limit: IPv4 Unicast: advertised (0) and received (0) Long-lived Graceful Restart: advertised and received Address families by peer: Route refresh: advertised and received Enhanced Route Refresh: advertised and received Address Family IPv4 Unicast: advertised and received Hostname Capability: advertised (name: osdx,domain name: n/a) received (name: osdx,domain name: n/a) Version Capability: not advertised not received Link-Local Next Hop Capability: not advertised not received Graceful Restart Capability: advertised and received Remote Restart timer is 120 seconds Address families by peer: Graceful Restart Capability: advertised and received Remote Restart timer is 120 seconds Peer has restarted (R-bit is set) Peer has restarted (N-bit is set) Address families by peer: none Graceful restart information: End-of-RIB send: IPv4 Unicast End-of-RIB received: IPv4 Unicast Local GR Mode: Helper* Remote GR Mode: Helper R bit: True N bit: True Timers: Configured Restart Time(sec): 120 Received Restart Time(sec): 120 Configured LLGR Stale Path Time(sec): 0 IPv4 Unicast: F bit: False End-of-RIB sent: Yes End-of-RIB sent after update: Yes End-of-RIB received: Yes Timers: Configured Stale Path Time(sec): 360 LLGR Stale Path Time(sec): 0 Message statistics: Inq depth is 0 Outq depth is 0 Sent Rcvd Opens: 4 2 Notifications: 2 2 Updates: 2 5 Keepalives: 2 2 Route Refresh: 1 2 Capability: 0 0 Total: 11 13 Prefix statistics: Inbound filtered: 0 AS-PATH loop: 0 Originator loop: 0 Cluster loop: 0 Invalid next-hop: 0 Withdrawn: 0 Attributes discarded: 0 Minimum time between advertisement runs is 0 seconds Update delay timer is 0 seconds (remaining: 0) For address family: IPv4 Unicast Update group 2, subgroup 2 Packet Queue length 0 Community attribute sent to this neighbor(all) Inbound path policy configured Route map for incoming advertisements is *PERMIT Outbound updates discarded due to missing policy 1 accepted, 0 sent prefixes Connections established 2; dropped 1 Last reset 00:00:04, Peer closed the session (n/a) Down last reset: Cease: connection collision, 1 seconds ago External BGP neighbor may be up to 1 hops away. Local host: 10.10.0.100, Local port: 179 Foreign host: 10.10.0.200, Foreign port: 44350 Nexthop: 10.10.0.100 Nexthop global: fe80::dcad:beff:feef:6c00 Nexthop local: fe80::dcad:beff:feef:6c00 BGP connection: shared network BGP Connect Retry Timer in Seconds: 30 Estimated round trip time: 0 ms BFD Hold Time (interval 30) timer expires in 0 seconds Read thread: on Write thread: on FD used: 30 BFD: Type: single hop Detect Multiplier: 3, Min Rx interval: 300, Min Tx interval: 300 Status: Up, Last update: 0:00:00:02
Step 13: Run the command protocols bgp show ip on DUT0 and check whether the output matches the following regular expressions:
1.1.1.0/24Show output
BGP table version is 3, local router ID is 10.10.0.100, vrf id 0 Default local pref 100, local AS 10 Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 1.1.1.0/24 10.10.0.200 0 0 20 ? Displayed 1 routes and 1 total paths
Step 14: Run the command protocols ip show route on DUT0 and check whether the output matches the following regular expressions:
1.1.1.0/24Show output
Codes: K - kernel route, C - connected, L - local, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR, f - OpenFabric, t - Table-Direct, > - selected route, * - FIB route, q - queued, r - rejected, b - backup t - trapped, o - offload failure IPv4 unicast VRF default: B>* 1.1.1.0/24 [20/0] via 10.10.0.200, eth0, weight 1, 00:00:00 C>* 10.10.0.0/24 is directly connected, eth0, weight 1, 00:00:08 L>* 10.10.0.100/32 is directly connected, eth0, weight 1, 00:00:08
Step 15: Ping the IP address 1.1.1.1 from DUT0:
admin@DUT0$ ping 1.1.1.1 count 1 size 56 timeout 1Show output
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data. 64 bytes from 1.1.1.1: icmp_seq=1 ttl=64 time=0.468 ms --- 1.1.1.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.468/0.468/0.468/0.000 ms
Test eBGP multihop with BFD
Description
Test to check eBGP multihop with BFD protocol
Scenario
Step 1: Set the following configuration in DUT2 :
set interfaces ethernet eth0 address 10.10.0.101/24 set interfaces ethernet eth1 address 20.20.0.201/24 set protocols static route 1.1.1.0/24 next-hop 20.20.0.200 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces dummy dum0 address 1.1.1.1/24 set interfaces ethernet eth1 address 20.20.0.200/24 set protocols bgp 20 neighbor peer bfd set protocols bgp 20 neighbor peer ebgp-multihop 2 set protocols bgp 20 neighbor peer remote-address 10.10.0.100 set protocols bgp 20 neighbor peer remote-as 10 set protocols bgp 20 neighbor peer route-map export PERMIT set protocols bgp 20 redistribute connected route-map REDIS set protocols logging bgp bfd set protocols logging bgp neighbor-events set protocols logging level debugging set protocols route-map PERMIT rule 1 action permit set protocols route-map REDIS rule 1 action permit set protocols route-map REDIS rule 1 match interface dum0 set protocols static route 10.10.0.0/24 next-hop 20.20.0.201 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 3: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 10.10.0.100/24 set protocols bgp 10 neighbor peer bfd set protocols bgp 10 neighbor peer ebgp-multihop 2 set protocols bgp 10 neighbor peer remote-address 20.20.0.200 set protocols bgp 10 neighbor peer remote-as 20 set protocols bgp 10 neighbor peer route-map import PERMIT set protocols logging bgp bfd set protocols logging bgp neighbor-events set protocols logging level debugging set protocols route-map PERMIT rule 1 action permit set protocols static route 20.20.0.0/24 next-hop 10.10.0.101 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic policy DROP rule 1 action drop set traffic policy DROP rule 1 selector DROP set traffic selector DROP rule 1 destination port 179 set traffic selector DROP rule 1 protocol tcp set traffic selector DROP rule 2 protocol tcp set traffic selector DROP rule 2 source port 179 set traffic selector DROP rule 3 destination port 4784 set traffic selector DROP rule 3 protocol udp
Step 4: Run the command protocols bgp show ip summary on DUT0 and check whether the output contains the following tokens:
EstablishedShow output
IPv4 Unicast Summary: BGP router identifier 10.10.0.100, local AS number 10 VRF default vrf-id 0 BGP table version 0 RIB entries 0, using 0 bytes of memory Peers 1, using 24 KiB of memory Neighbor LocalAddr V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State PfxRcd PfxSnt Desc 20.20.0.200 10.10.0.100 4 20 2 4 0 0 0 00:00:00 Established 0 (Policy) N/A Total number of neighbors 1
Step 5: Run the command protocols bgp show ip neighbors on DUT0 and check whether the output matches the following regular expressions:
BGP state = Established Status: Up BFD: Type: multi hopShow output
BGP neighbor is 20.20.0.200, remote AS 20, local AS 10, external link Local Role: undefined Remote Role: undefined Hostname: osdx BGP version 4, remote router ID 20.20.0.200, local router ID 10.10.0.100 BGP state = Established, up for 00:00:05 Last read 00:00:04, Last write 00:00:04 Hold time is 90 seconds, keepalive interval is 30 seconds Configured hold time is 90 seconds, keepalive interval is 30 seconds Configured tcp-mss is 0, synced tcp-mss is 1448 Configured conditional advertisements interval is 60 seconds Neighbor capabilities: 4 Byte AS: advertised and received AddPath: IPv4 Unicast: RX advertised and received Paths-Limit: IPv4 Unicast: advertised (0) and received (0) Long-lived Graceful Restart: advertised and received Address families by peer: Route refresh: advertised and received Enhanced Route Refresh: advertised and received Address Family IPv4 Unicast: advertised and received Hostname Capability: advertised (name: osdx,domain name: n/a) received (name: osdx,domain name: n/a) Version Capability: not advertised not received Link-Local Next Hop Capability: not advertised not received Graceful Restart Capability: advertised and received Remote Restart timer is 120 seconds Address families by peer: Graceful Restart Capability: advertised and received Remote Restart timer is 120 seconds Peer has restarted (R-bit is set) Peer has restarted (N-bit is set) Address families by peer: none Graceful restart information: End-of-RIB send: IPv4 Unicast End-of-RIB received: IPv4 Unicast Local GR Mode: Helper* Remote GR Mode: Helper R bit: True N bit: True Timers: Configured Restart Time(sec): 120 Received Restart Time(sec): 120 Configured LLGR Stale Path Time(sec): 0 IPv4 Unicast: F bit: False End-of-RIB sent: Yes End-of-RIB sent after update: Yes End-of-RIB received: Yes Timers: Configured Stale Path Time(sec): 360 LLGR Stale Path Time(sec): 0 Message statistics: Inq depth is 0 Outq depth is 0 Sent Rcvd Opens: 2 1 Notifications: 1 0 Updates: 1 3 Keepalives: 1 1 Route Refresh: 1 2 Capability: 0 0 Total: 6 7 Prefix statistics: Inbound filtered: 0 AS-PATH loop: 0 Originator loop: 0 Cluster loop: 0 Invalid next-hop: 0 Withdrawn: 0 Attributes discarded: 0 Minimum time between advertisement runs is 0 seconds Update delay timer is 0 seconds (remaining: 0) For address family: IPv4 Unicast Update group 1, subgroup 1 Packet Queue length 0 Community attribute sent to this neighbor(all) Inbound path policy configured Route map for incoming advertisements is *PERMIT Outbound updates discarded due to missing policy 1 accepted, 0 sent prefixes Connections established 1; dropped 0 Last reset 00:00:05, Cease: connection collision (n/a) External BGP neighbor may be up to 2 hops away. Local host: 10.10.0.100, Local port: 179 Foreign host: 20.20.0.200, Foreign port: 34876 Nexthop: 10.10.0.100 Nexthop global: :: Nexthop local: :: BGP connection: non shared network BGP Connect Retry Timer in Seconds: 30 Estimated round trip time: 0 ms BFD Hold Time (interval 30) timer expires in 0 seconds Read thread: on Write thread: on FD used: 30 BFD: Type: multi hop Detect Multiplier: 3, Min Rx interval: 300, Min Tx interval: 300 Status: Up, Last update: 0:00:00:01
Step 6: Run the command protocols bgp show ip on DUT0 and check whether the output matches the following regular expressions:
1.1.1.0/24Show output
BGP table version is 1, local router ID is 10.10.0.100, vrf id 0 Default local pref 100, local AS 10 Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 1.1.1.0/24 20.20.0.200 0 0 20 ? Displayed 1 routes and 1 total paths
Step 7: Run the command protocols ip show route on DUT0 and check whether the output matches the following regular expressions:
1.1.1.0/24Show output
Codes: K - kernel route, C - connected, L - local, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR, f - OpenFabric, t - Table-Direct, > - selected route, * - FIB route, q - queued, r - rejected, b - backup t - trapped, o - offload failure IPv4 unicast VRF default: B> 1.1.1.0/24 [20/0] via 20.20.0.200 (recursive), weight 1, 00:00:04 * via 10.10.0.101, eth0, weight 1, 00:00:04 C>* 10.10.0.0/24 is directly connected, eth0, weight 1, 00:00:05 L>* 10.10.0.100/32 is directly connected, eth0, weight 1, 00:00:05 S>* 20.20.0.0/24 [1/0] via 10.10.0.101, eth0, weight 1, 00:00:05
Step 8: Ping the IP address 1.1.1.1 from DUT0:
admin@DUT0$ ping 1.1.1.1 count 1 size 56 timeout 1Show output
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data. 64 bytes from 1.1.1.1: icmp_seq=1 ttl=63 time=0.379 ms --- 1.1.1.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.379/0.379/0.379/0.000 ms
Step 9: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 10.10.0.100/24 set interfaces ethernet eth0 traffic policy local-out DROP set protocols bgp 10 neighbor peer bfd set protocols bgp 10 neighbor peer ebgp-multihop 2 set protocols bgp 10 neighbor peer remote-address 20.20.0.200 set protocols bgp 10 neighbor peer remote-as 20 set protocols bgp 10 neighbor peer route-map import PERMIT set protocols logging bgp bfd set protocols logging bgp neighbor-events set protocols logging level debugging set protocols route-map PERMIT rule 1 action permit set protocols static route 20.20.0.0/24 next-hop 10.10.0.101 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic policy DROP rule 1 action drop set traffic policy DROP rule 1 selector DROP set traffic selector DROP rule 1 destination port 179 set traffic selector DROP rule 1 protocol tcp set traffic selector DROP rule 2 protocol tcp set traffic selector DROP rule 2 source port 179 set traffic selector DROP rule 3 destination port 4784 set traffic selector DROP rule 3 protocol udp
Step 10: Run the command protocols bgp show ip neighbors on DUT0 and check whether the output matches the following regular expressions:
BGP state = (Connect|Idle) Status: Down BFD: Type: multi hopShow output
BGP neighbor is 20.20.0.200, remote AS 20, local AS 10, external link Local Role: undefined Remote Role: undefined Hostname: osdx BGP version 4, remote router ID 20.20.0.200, local router ID 10.10.0.100 BGP state = Idle Last read 00:00:07, Last write 00:00:07 Hold time is 90 seconds, keepalive interval is 30 seconds Configured hold time is 90 seconds, keepalive interval is 30 seconds Configured tcp-mss is 0, synced tcp-mss is 0 Configured conditional advertisements interval is 60 seconds Graceful restart information: Local GR Mode: Helper* Remote GR Mode: NotApplicable R bit: False N bit: False Timers: Configured Restart Time(sec): 120 Received Restart Time(sec): 120 Configured LLGR Stale Path Time(sec): 0 Message statistics: Inq depth is 0 Outq depth is 0 Sent Rcvd Opens: 2 1 Notifications: 1 2 Updates: 1 3 Keepalives: 1 1 Route Refresh: 1 2 Capability: 0 0 Total: 6 9 Prefix statistics: Inbound filtered: 0 AS-PATH loop: 0 Originator loop: 0 Cluster loop: 0 Invalid next-hop: 0 Withdrawn: 0 Attributes discarded: 0 Minimum time between advertisement runs is 0 seconds Update delay timer is 0 seconds (remaining: 0) For address family: IPv4 Unicast Not part of any update group Community attribute sent to this neighbor(all) Inbound path policy configured Route map for incoming advertisements is *PERMIT Outbound updates discarded due to missing policy 0 accepted prefixes Connections established 1; dropped 1 Last reset 00:00:02, Peer closed the session (n/a) Down last reset: BFD down initiated, 1 seconds ago External BGP neighbor may be up to 2 hops away. Local host: 10.10.0.100, Local port: 179 Foreign host: 20.20.0.200, Foreign port: 34876 Nexthop: 10.10.0.100 Nexthop global: :: Nexthop local: :: BGP connection: non shared network BGP Connect Retry Timer in Seconds: 30 Next start timer due in 1 seconds BFD Hold Time (interval 30) timer expires in 0 seconds Read thread: off Write thread: off FD used: -1 BFD: Type: multi hop Detect Multiplier: 3, Min Rx interval: 300, Min Tx interval: 300 Status: Down, Last update: 0:00:00:01
Step 11: Run the command protocols bgp show ip on DUT0 and check whether the output does not match the following regular expressions:
1.1.1.0/24Show output
No BGP prefixes displayed, 0 exist
Step 12: Run the command protocols ip show route on DUT0 and check whether the output does not match the following regular expressions:
1.1.1.0/24Show output
Codes: K - kernel route, C - connected, L - local, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR, f - OpenFabric, t - Table-Direct, > - selected route, * - FIB route, q - queued, r - rejected, b - backup t - trapped, o - offload failure IPv4 unicast VRF default: C>* 10.10.0.0/24 is directly connected, eth0, weight 1, 00:00:08 L>* 10.10.0.100/32 is directly connected, eth0, weight 1, 00:00:08 S>* 20.20.0.0/24 [1/0] via 10.10.0.101, eth0, weight 1, 00:00:08
Step 13: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 10.10.0.100/24 set protocols bgp 10 neighbor peer bfd set protocols bgp 10 neighbor peer ebgp-multihop 2 set protocols bgp 10 neighbor peer remote-address 20.20.0.200 set protocols bgp 10 neighbor peer remote-as 20 set protocols bgp 10 neighbor peer route-map import PERMIT set protocols logging bgp bfd set protocols logging bgp neighbor-events set protocols logging level debugging set protocols route-map PERMIT rule 1 action permit set protocols static route 20.20.0.0/24 next-hop 10.10.0.101 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0' set traffic policy DROP rule 1 action drop set traffic policy DROP rule 1 selector DROP set traffic selector DROP rule 1 destination port 179 set traffic selector DROP rule 1 protocol tcp set traffic selector DROP rule 2 protocol tcp set traffic selector DROP rule 2 source port 179 set traffic selector DROP rule 3 destination port 4784 set traffic selector DROP rule 3 protocol udp
Step 14: Run the command protocols bgp show ip neighbors on DUT0 and check whether the output matches the following regular expressions:
BGP state = Established Status: Up BFD: Type: multi hopShow output
BGP neighbor is 20.20.0.200, remote AS 20, local AS 10, external link Local Role: undefined Remote Role: undefined Hostname: osdx BGP version 4, remote router ID 20.20.0.200, local router ID 10.10.0.100 BGP state = Established, up for 00:00:01 Last read 00:00:00, Last write 00:00:00 Hold time is 90 seconds, keepalive interval is 30 seconds Configured hold time is 90 seconds, keepalive interval is 30 seconds Configured tcp-mss is 0, synced tcp-mss is 1448 Configured conditional advertisements interval is 60 seconds Neighbor capabilities: 4 Byte AS: advertised and received AddPath: IPv4 Unicast: RX advertised and received Paths-Limit: IPv4 Unicast: advertised (0) and received (0) Long-lived Graceful Restart: advertised and received Address families by peer: Route refresh: advertised and received Enhanced Route Refresh: advertised and received Address Family IPv4 Unicast: advertised and received Hostname Capability: advertised (name: osdx,domain name: n/a) received (name: osdx,domain name: n/a) Version Capability: not advertised not received Link-Local Next Hop Capability: not advertised not received Graceful Restart Capability: advertised and received Remote Restart timer is 120 seconds Address families by peer: Graceful Restart Capability: advertised and received Remote Restart timer is 120 seconds Peer has restarted (R-bit is set) Peer has restarted (N-bit is set) Address families by peer: none Graceful restart information: End-of-RIB send: IPv4 Unicast End-of-RIB received: IPv4 Unicast Local GR Mode: Helper* Remote GR Mode: Helper R bit: True N bit: True Timers: Configured Restart Time(sec): 120 Received Restart Time(sec): 120 Configured LLGR Stale Path Time(sec): 0 IPv4 Unicast: F bit: False End-of-RIB sent: Yes End-of-RIB sent after update: Yes End-of-RIB received: Yes Timers: Configured Stale Path Time(sec): 360 LLGR Stale Path Time(sec): 0 Message statistics: Inq depth is 0 Outq depth is 0 Sent Rcvd Opens: 3 2 Notifications: 1 2 Updates: 2 5 Keepalives: 2 2 Route Refresh: 1 2 Capability: 0 0 Total: 9 13 Prefix statistics: Inbound filtered: 0 AS-PATH loop: 0 Originator loop: 0 Cluster loop: 0 Invalid next-hop: 0 Withdrawn: 0 Attributes discarded: 0 Minimum time between advertisement runs is 0 seconds Update delay timer is 0 seconds (remaining: 0) For address family: IPv4 Unicast Update group 2, subgroup 2 Packet Queue length 0 Community attribute sent to this neighbor(all) Inbound path policy configured Route map for incoming advertisements is *PERMIT Outbound updates discarded due to missing policy 1 accepted, 0 sent prefixes Connections established 2; dropped 1 Last reset 00:00:04, Peer closed the session (n/a) Down last reset: BFD down initiated, 3 seconds ago External BGP neighbor may be up to 2 hops away. Local host: 10.10.0.100, Local port: 49078 Foreign host: 20.20.0.200, Foreign port: 179 Nexthop: 10.10.0.100 Nexthop global: fe80::dcad:beff:feef:6c00 Nexthop local: fe80::dcad:beff:feef:6c00 BGP connection: non shared network BGP Connect Retry Timer in Seconds: 30 Estimated round trip time: 0 ms BFD Hold Time (interval 30) timer expires in 0 seconds Read thread: on Write thread: on FD used: 26 BFD: Type: multi hop Detect Multiplier: 3, Min Rx interval: 300, Min Tx interval: 300 Status: Up, Last update: 0:00:00:01
Step 15: Run the command protocols bgp show ip on DUT0 and check whether the output matches the following regular expressions:
1.1.1.0/24Show output
BGP table version is 3, local router ID is 10.10.0.100, vrf id 0 Default local pref 100, local AS 10 Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *> 1.1.1.0/24 20.20.0.200 0 0 20 ? Displayed 1 routes and 1 total paths
Step 16: Run the command protocols ip show route on DUT0 and check whether the output matches the following regular expressions:
1.1.1.0/24Show output
Codes: K - kernel route, C - connected, L - local, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR, f - OpenFabric, t - Table-Direct, > - selected route, * - FIB route, q - queued, r - rejected, b - backup t - trapped, o - offload failure IPv4 unicast VRF default: B> 1.1.1.0/24 [20/0] via 20.20.0.200 (recursive), weight 1, 00:00:01 * via 10.10.0.101, eth0, weight 1, 00:00:01 C>* 10.10.0.0/24 is directly connected, eth0, weight 1, 00:00:11 L>* 10.10.0.100/32 is directly connected, eth0, weight 1, 00:00:11 S>* 20.20.0.0/24 [1/0] via 10.10.0.101, eth0, weight 1, 00:00:11
Step 17: Ping the IP address 1.1.1.1 from DUT0:
admin@DUT0$ ping 1.1.1.1 count 1 size 56 timeout 1Show output
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data. 64 bytes from 1.1.1.1: icmp_seq=1 ttl=63 time=0.356 ms --- 1.1.1.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.356/0.356/0.356/0.000 ms