BGP4: Enabling IPv6 Neighbors

Being tired of using static routes with IPv6, I’ve some times ago implemented OSPFv3 with IPv6 peers… But I have faced a lot of issue, mostly due to quagga’s implementation of OSPF.

I’ve decided some days ago to switch to BGP4 IPv6 peers. I have to say one things to summary: It works very well.

You can read the full article to see how I have put this in place.

First of all, we assume that quagga is already installed and that bgpd is running properly on every node that needs to gather or propagate routes…

Here is the network BGP schema that I will explain and configure through quagga:

From the previous schema, we assume following things:

  • Behind Router D, we have following IPv6 Network:
  1. network 2a01:38:8007:aaaa::/64
  2. network 2a01:38:8007:aaab::/64
  3. network 2a01:38:8007:aaac::/64
  4. network 2a01:38:8007:aaad::/64
  5. network 2a01:38:8007:aaae::/64
  • Behind Router C, we have following IPv6 Network:
  1. 2a01:38:8007:baaa::/64
  • Router B1 and B2 are there to ensure failover of networks behind router D.
  • Router B1 and B2 announce only the common network with router D: 2a01:38:8007:aaae::/64
  • Routers have following IPv6 public address:
  1. Router A: 2a01:38:8007:1::1 and 2a01:38:8007:2::1
  2. Router B1: 2a01:38:8007:1::2
  3. Router B2: 2a01:38:8007:2::2
  4. Router C: 2a01:38:8007:1::4
  5. Router D: 2a01:38:8007:aaae::1
  • We prefer that routes behind router D go through B1, B2 is only there as failover.

So, to begin with BGP configuration, we will first declare every neighbors on every routers.

On router A:

A(config)# router bgp 65442
A(config-router)# neighbor 2a01:38:8007:1::2 remote-as 65443
A(config-router)# neighbor 2a01:38:8007:1::4 remote-as 65444
A(config-router)# neighbor 2a01:38:8007:2::2 remote-as 65443

On router B1:
B1(config)# router bgp 65443
B1(config-router)# neighbor 2a01:38:8007:1::1 remote-as 65442
B1(config-router)# neighbor 2a01:38:8007:aaae::1 remote-as 65453

On B2:

B2(config)# router bgp 65443
B2(config-router)# neighbor 2a01:38:8007:2::1 remote-as 65442
B2(config-router)# neighbor 2a01:38:8007:aaae::1 remote-as 65453

On D:

D(config)# router bgp 65453
D(config-router)# neighbor 2a01:38:8007:aaae::2 remote-as 65443
D(config-router)# neighbor 2a01:38:8007:aaae::3 remote-as 65443

Finally, on C:

C(config)# router bgp 65444
C(config-router)# neighbor 2a01:38:8007:1::1 remote-as 65442

Now, peers should be connected to each-other, we will tell to BGP to enable IPv6 Routes on them.

On every router and for each neighbor:

X(config-router)# address-familly ipv6
X(config-router-af)# neighbor <address> activate

Now, for each router which will announce routes, we will declare the network:

i.e. for D:

D(config-router-af)# network 2a01:38:8007:aaaa::/64
D(config-router-af)# network 2a01:38:8007:aaaa::/64
D(config-router-af)# network 2a01:38:8007:aaab::/64
D(config-router-af)# network 2a01:38:8007:aaac::/64
D(config-router-af)# network 2a01:38:8007:aaad::/64
D(config-router-af)# network 2a01:38:8007:aaae::/64

Now, the main difference for IPv6 enabled BGP is that you need a route-map for incoming routes, for each peer.

I’ll show a brief example for one router, that you can apply to all.

So, we will apply a route-map on router A for routes comming from router B1:

We define a prefix-list matching our whole ipv6 subnet:

A(config)# ipv6 prefix-list v6-peer-in seq 5 permit 2a01:38:8007::/48 ge 64 le 64
A(config)# ipv6 prefix-list v6-peer-in seq 10 deny any

A(config)# route-map RB1-IN permit 10
A(config)# match ipv6 address prefix-list v6-peer-in
A(config)# set ipv6 next-hop global 2a01:38:8007:1::2
A(config)# set ipv6 next-hop local 2a01:38:8007:1::2

The address specified in next-hop, should be the global address of the neighbor where the route-map is applied. So finally, we apply this route-map to 2a01:38:8007:1::2:

A(config-router-af)# neighbor 2a01:38:8007:1::2 route-map RB1-IN in
A(config-router-af)# neighbor 2a01:38:8007:1::2 route-map RB1-IN import

And that’s it! You should now see routes being propagated…

Things to be done next:

  • Assign weight to peer to ensure failover priority is respected.
  • Add some connection between neighbors.
  • Redistribute default route (2000::/3).

If you have troubles, just drop me a comment…

This entry was posted in Networking. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *