Distance
Scenario to verify BGP distance (administrative distance) configuration.
Administrative distance is how a router decides which route to install when the same destination is reachable through multiple routing protocols. Each protocol has a default distance value, and the route with the lowest distance wins. The default values are: eBGP external routes use 20, iBGP internal routes use 200, locally originated routes use 200, and static routes use 1. This is why static routes typically win over BGP when both exist for the same destination.
There are two commands to modify BGP distances. The first is distance global, which
modifies the distance for external routes learned from eBGP peers, internal
routes learned from iBGP peers, and local routes originated locally. Each type can
be configured independently and uses its default value if not explicitly set. The second
command is distance prefix, which sets the distance for all routes received from neighbors
whose IP address matches a given prefix. This is useful when you want different distances for
different BGP neighbors without changing the global settings.
Test BGP Distance Global
Description
The distance global command modifies the administrative distance for all BGP
routes based on their type. It requires configuring all three values together:
external, internal, and local. This test first verifies the default behavior where
eBGP routes have distance 20 and static routes have distance 1, causing static to
win. Then it applies distance global external 5 to lower the eBGP distance below
the static route distance of 10, making BGP the preferred path.
Scenario
Note
First we verify default distances: eBGP uses 20, static uses 1, so static wins.
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 10.10.0.100/24 set protocols bgp 100 neighbor peer remote-address 10.10.0.200 set protocols bgp 100 neighbor peer remote-as 200 set protocols bgp 100 neighbor peer route-map import PERMIT set protocols route-map PERMIT rule 1 action permit set protocols static route 1.1.1.0/24 blackhole set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces dummy dum0 address 1.1.1.1/24 set interfaces ethernet eth0 address 10.10.0.200/24 set protocols bgp 200 neighbor peer remote-address 10.10.0.100 set protocols bgp 200 neighbor peer remote-as 100 set protocols bgp 200 neighbor peer route-map export PERMIT set protocols bgp 200 redistribute connected route-map PERMIT set protocols route-map PERMIT rule 1 action permit set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Attention
Verify eBGP session establishes between DUT0 and DUT1.
Step 3: Run command protocols bgp show ip summary at DUT0 and check if output matches the following regular expressions:
10.10.0.200.*EstablishedShow output
IPv4 Unicast Summary: BGP router identifier 10.10.0.100, local AS number 100 VRF default vrf-id 0 BGP table version 0 RIB entries 0, using 0 bytes of memory Peers 1, using 24 KiB of memory Neighbor LocalAddr V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State PfxRcd PfxSnt Desc 10.10.0.200 10.10.0.100 4 200 2 4 0 0 0 00:00:00 Established 0 (Policy) N/A Total number of neighbors 1
Attention
Verify that DUT0 learns route 1.1.1.0/24 via BGP.
Step 4: Run command protocols bgp show ip at DUT0 and check if output matches the following regular expressions:
1.1.1.0/24Show output
BGP table version is 2, local router ID is 10.10.0.100, vrf id 0 Default local pref 100, local AS 100 local address - Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *u 1.1.1.0/24 10.10.0.200 0 0 200 ? *u 10.10.0.0/24 10.10.0.200 0 0 200 ? Displayed 2 routes and 2 total paths
Attention
Verify static route is selected with default distance [1/0] over eBGP [20/0].
Step 5: Run command protocols ip show route at DUT0 and check if output matches the following regular expressions:
B +1.1.1.0/24 \[20/0\].*via 10.10.0.200[\s\S]+S>\* 1.1.1.0/24 \[1/0\].*blackholeShow output
Codes: K - kernel route, C - connected, L - local, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR, f - OpenFabric, t - Table-Direct, > - selected route, * - FIB route, q - queued, r - rejected, b - backup t - trapped, o - offload failure IPv4 unicast VRF default: B 1.1.1.0/24 [20/0] via 10.10.0.200, eth0, weight 1, 00:00:00 S>* 1.1.1.0/24 [1/0] unreachable (blackhole), weight 1, 00:00:04 B 10.10.0.0/24 [20/0] via 10.10.0.200 inactive, weight 1, 00:00:00 C>* 10.10.0.0/24 is directly connected, eth0, weight 1, 00:00:04 K * 10.10.0.0/24 [0/0] is directly connected, eth0, weight 1, 00:00:04 L>* 10.10.0.100/32 is directly connected, eth0, weight 1, 00:00:04
Note
Now we apply distance global external=5. The static route is reconfigured with distance 10, so BGP (5) should win.
Step 6: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 10.10.0.100/24 set protocols bgp 100 neighbor peer remote-address 10.10.0.200 set protocols bgp 100 neighbor peer remote-as 200 set protocols bgp 100 neighbor peer route-map import PERMIT set protocols bgp 100 parameters distance global external 5 set protocols route-map PERMIT rule 1 action permit set protocols static route 1.1.1.0/24 blackhole distance 10 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Attention
Verify eBGP session remains established after configuration change.
Step 7: Run command protocols bgp show ip summary at DUT0 and check if output matches the following regular expressions:
10.10.0.200.*EstablishedShow output
IPv4 Unicast Summary: BGP router identifier 10.10.0.100, local AS number 100 VRF default vrf-id 0 BGP table version 2 RIB entries 3, using 384 bytes of memory Peers 1, using 24 KiB of memory Neighbor LocalAddr V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State PfxRcd PfxSnt Desc 10.10.0.200 10.10.0.100 4 200 5 5 2 0 0 00:00:04 Established 2 (Policy) N/A Total number of neighbors 1
Attention
Verify BGP route is now selected with distance [5/0] over static [10/0].
Step 8: Run command protocols ip show route at DUT0 and check if output matches the following regular expressions:
B>\* 1.1.1.0/24 \[5/0\].*via 10.10.0.200[\s\S]+S +1.1.1.0/24 \[10/0\].*blackholeShow output
Codes: K - kernel route, C - connected, L - local, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR, f - OpenFabric, t - Table-Direct, > - selected route, * - FIB route, q - queued, r - rejected, b - backup t - trapped, o - offload failure IPv4 unicast VRF default: B>* 1.1.1.0/24 [5/0] via 10.10.0.200, eth0, weight 1, 00:00:00 S 1.1.1.0/24 [10/0] unreachable (blackhole), weight 1, 00:00:01 B 10.10.0.0/24 [5/0] via 10.10.0.200 inactive, weight 1, 00:00:00 C>* 10.10.0.0/24 is directly connected, eth0, weight 1, 00:00:06 K * 10.10.0.0/24 [0/0] is directly connected, eth0, weight 1, 00:00:06 L>* 10.10.0.100/32 is directly connected, eth0, weight 1, 00:00:06
Test BGP Distance Prefix
Description
The distance prefix command provides fine-grained control by setting distance
based on the neighbor’s IP address rather than changing global values. The prefix
parameter must match the neighbor’s IP, not the routes being advertised. In this
scenario, DUT0 assigns distance 15 to all routes received from neighbor
10.10.0.200/32. A static blackhole route with distance 10 is also configured.
Since 10 is lower than 15, the static route wins, demonstrating that prefix-based
distance is being applied to the BGP routes from that specific neighbor.
Scenario
Step 1: Set the following configuration in DUT0 :
set interfaces ethernet eth0 address 10.10.0.100/24 set protocols bgp 100 neighbor peer remote-address 10.10.0.200 set protocols bgp 100 neighbor peer remote-as 200 set protocols bgp 100 neighbor peer route-map import PERMIT set protocols bgp 100 parameters distance prefix 10.10.0.200/32 distance 15 set protocols route-map PERMIT rule 1 action permit set protocols static route 1.1.1.0/24 blackhole distance 10 set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Step 2: Set the following configuration in DUT1 :
set interfaces dummy dum0 address 1.1.1.1/24 set interfaces ethernet eth0 address 10.10.0.200/24 set protocols bgp 200 neighbor peer remote-address 10.10.0.100 set protocols bgp 200 neighbor peer remote-as 100 set protocols bgp 200 neighbor peer route-map export PERMIT set protocols bgp 200 redistribute connected route-map PERMIT set protocols route-map PERMIT rule 1 action permit set system login user admin authentication encrypted-password '$6$GSjsCj8gHLv$/VcqU6FLi6CT2Oxn0MJQ2C2tqnRDrYKNF8HIYWJp68nvXvPdFccDsT04.WtigUONbKYrgKg8d6rEs8PjljMkH0'
Attention
Verify eBGP session establishes between DUT0 and DUT1.
Step 3: Run command protocols bgp show ip summary at DUT0 and check if output matches the following regular expressions:
10.10.0.200.*EstablishedShow output
IPv4 Unicast Summary: BGP router identifier 10.10.0.100, local AS number 100 VRF default vrf-id 0 BGP table version 0 RIB entries 0, using 0 bytes of memory Peers 1, using 24 KiB of memory Neighbor LocalAddr V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State PfxRcd PfxSnt Desc 10.10.0.200 10.10.0.100 4 200 3 4 0 0 0 00:00:00 Established 0 (Policy) N/A Total number of neighbors 1
Attention
Verify that DUT0 learns route 1.1.1.0/24 via BGP.
Step 4: Run command protocols bgp show ip at DUT0 and check if output matches the following regular expressions:
1.1.1.0/24Show output
BGP table version is 2, local router ID is 10.10.0.100, vrf id 0 Default local pref 100, local AS 100 local address - Status codes: s suppressed, d damped, h history, u unsorted, * valid, > best, = multipath, i internal, r RIB-failure, S Stale, R Removed Nexthop codes: @NNN nexthop's vrf id, < announce-nh-self Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path *u 1.1.1.0/24 10.10.0.200 0 0 200 ? *u 10.10.0.0/24 10.10.0.200 0 0 200 ? Displayed 2 routes and 2 total paths
Attention
Verify static route [10/0] wins over BGP with prefix distance [15/0].
Step 5: Run command protocols ip show route at DUT0 and check if output matches the following regular expressions:
B +1.1.1.0/24 \[15/0\].*via 10.10.0.200[\s\S]+S>\* 1.1.1.0/24 \[10/0\].*blackholeShow output
Codes: K - kernel route, C - connected, L - local, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP, T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR, f - OpenFabric, t - Table-Direct, > - selected route, * - FIB route, q - queued, r - rejected, b - backup t - trapped, o - offload failure IPv4 unicast VRF default: B 1.1.1.0/24 [15/0] via 10.10.0.200, eth0, weight 1, 00:00:00 S>* 1.1.1.0/24 [10/0] unreachable (blackhole), weight 1, 00:00:04 B 10.10.0.0/24 [15/0] via 10.10.0.200 inactive, weight 1, 00:00:00 C>* 10.10.0.0/24 is directly connected, eth0, weight 1, 00:00:05 K * 10.10.0.0/24 [0/0] is directly connected, eth0, weight 1, 00:00:05 L>* 10.10.0.100/32 is directly connected, eth0, weight 1, 00:00:05