BGP Default Route Origination
This chapter describes BGP Default Route Origination.
Topics in this chapter include:
Applicability
The information and MD-CLI configuration in this chapter are based on SR OS Release 20.7.R1. Advertising artificially generated IPv4 and IPv6 default routes is supported in SR OS Release 19.7.R1 and later.
Overview
It is common practice for a BGP router to send an IPv4 and/or IPv6 default route to certain peers rather than a number of more specific routes.
In SR OS releases earlier than 19.7.R1, a BGP router only advertises a default route that is installed in the Forwarding Information Base (FIB). This default route is either received from a BGP peer and re-advertised, or the default route is configured locally as a static route, with black-hole next-hop. The attributes of this default route can be modified by an export policy. The drawback of depending on a default route installed in the FIB is that when the BGP peer withdraws or modifies the default route, the BGP router must withdraw or re-advertise the default route.
In SR OS Release 19.7.R1 and later, the send-default command allows BGP routers to advertise artificially generated IPv4 (0.0.0.0/0) and/or IPv6 (::/0) default routes. These artificially generated default routes are unrelated to possible default routes installed in the FIB of the local router. If the local FIB contains a default route and a BGP export policy allows that installed default route to be advertised, the send-default command overrides the advertisement of the installed default route. If the default route in the FIB is withdrawn or modified, the artificially generated default route continues to be advertised.
The send-default command can be configured in the general BGP context, in the BGP group context, or in the BGP neighbor context, in both base router instance and VPRN router instances. The command can be used for IPv4, IPv6, or both. An optional send-default export policy can modify the attributes of the artificially generated default routes. Only the default-action part of this send-default export policy is parsed and applied, as follows:
*[ex:configure router "Base" bgp]
A:admin@PE-1# send-default
send-default
export-policy - Export policy name
ipv4 - Enable IPv4 family type
ipv6 - Enable IPv6 family type
Before modification by a send-default export policy, the properties of the artificially generated default route are as follows:
-
The origin is set to Incomplete.
-
When advertised to an iBGP peer, the AS_PATH is empty.
-
When advertised to an eBGP peer, the global Autonomous System Number (ASN) and/or local AS are prepended. If the send-default export policy specifies an as-path-prepend action, these modifications are made before prepending the ASN and/or local AS.
-
The BGP next-hop is the local address used with the receiving peer or the local router ID (if the Network Layer Reachability Information (NLRI) is IPv6, and the local address is an IPv4 address or it refers to an IPv4-only interface).
-
No Multi-Exit Discriminator (MED) attribute is added.
-
When advertised to an iBGP peer, a local preference attribute is added and its value is taken from the configuration of the local-preference command or the value 100, the implicit default.
-
No standard or large communities are attached. When a send-default export policy is applied to change this, confirm that disable-communities is not set.
Configuration
Example topology with IPv4 addresses shows the example topology with two routers. An eBGP session is established between the base routers (PE-1 in AS 64501 and PE-2 in AS 64500) and an iBGP session is established within VPRN 1 in AS 64496.
Example topology with IPv6 addresses shows the same example topology with IPv6 addresses.
The initial configuration includes:
-
Cards, MDAs, ports
-
Router interfaces
On PE-1, the BGP configuration in the base router is as follows:
# on PE-1:
configure {
router "Base" {
autonomous-system 64501
bgp {
router-id 192.0.2.1
split-horizon true
group "eBGP" {
peer-as 64500
local-as {
as-number 64501
}
import {
policy ["1:0"] # accepts routes with community "1:0"
}
}
neighbor "192.168.12.2" {
group "eBGP"
local-address "int-PE-1-PE-2"
send-communities {
large false # no large communities sent to 192.168.12.2
}
family {
ipv4 true
}
}
neighbor "2001:db8::12:2" {
group "eBGP"
local-address 2001:db8::12:1
family {
ipv6 true
}
}
}
On PE-1, the BGP configuration in VPRN 1 is as follows:
# on PE-1:
configure {
service {
vprn "VPRN 1" {
autonomous-system 64496
---snip---
bgp
router-id 172.31.0.1
split-horizon true
group "iBGP-VPRN1" {
type internal
}
neighbor "172.31.0.2" {
group "iBGP-VPRN1"
local-address 172.31.0.1
send-communities {
large false # no large communities sent to 172.31.0.2
}
family {
ipv4 true
}
}
neighbor "2001:db8::31:0:2" {
group "iBGP-VPRN1"
family {
ipv6 true
}
}
}
---snip---
The configuration is similar on PE-2.
No export policies are applied in BGP, so no routes will be advertised. The following BGP sessions are established on PE-2:
[]
A:admin@PE-2# show router bgp summary all
===============================================================================
BGP Summary
===============================================================================
Legend : D - Dynamic Neighbor
===============================================================================
Neighbor
Description
ServiceId AS PktRcvd InQ Up/Down State|Rcv/Act/Sent (Addr Family)
PktSent OutQ
-------------------------------------------------------------------------------
192.168.12.1
Def. Instance 64501 8 0 00h01m45s 0/0/0 (IPv4)
9 0
2001:db8::12:1
Def. Instance 64501 7 0 00h01m39s 0/0/0 (IPv6)
7 0
172.31.0.1
Svc: 1 64496 7 0 00h01m33s 0/0/0 (IPv4)
7 0
2001:db8::31:0:1
Svc: 1 64496 6 0 00h01m24s 0/0/0 (IPv6)
6 0
-------------------------------------------------------------------------------
Initially, no default routes are installed in the route table of the base router or the VPRN; for example, on PE-2, as follows:
[]
A:admin@PE-2# show router route-table 0.0.0.0/0
===============================================================================
Route Table (Router: Base)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
No. of Routes: 0
[]
A:admin@PE-2# show router 1 route-table ipv6 ::/0
===============================================================================
IPv6 Route Table (Service: 1)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
No. of Routes: 0
The following use cases are shown in the following subsections:
Advertise default routes that are installed in the FIB
PE-1 has not received default routes from any other BGP peer, so black-holed default routes for IPv4 and IPv6 are configured locally in the base router and in VPRN 1 routing instances, as follows:
# on PE-1:
configure {
router "Base" {
static-routes {
route 0.0.0.0/0 route-type unicast {
blackhole {
admin-state enable
}
}
route ::/0 route-type unicast {
blackhole {
admin-state enable
}
}
}
}
service {
vprn "VPRN 1" {
static-routes {
route 0.0.0.0/0 route-type unicast {
blackhole {
admin-state enable
}
}
route ::/0 route-type unicast {
blackhole {
admin-state enable
}
}
}
The following export policies are configured for prefixes 0.0.0.0/0 and ::/0.
# on PE-1:
configure {
policy-options {
community "1:0" {
member "1:0" { }
}
prefix-list "route_0/0" {
prefix 0.0.0.0/0 type exact {
}
}
prefix-list "route_::/0" {
prefix ::/0 type exact {
}
}
policy-statement "export-route_0/0" {
entry 10 {
from {
prefix-list ["route_0/0"]
}
action {
action-type accept
community {
add ["1:0"]
}
origin igp
}
}
}
policy-statement "export-route_::/0" {
entry 10 {
from {
prefix-list ["route_::/0"]
}
action {
action-type accept
community {
add ["1:0"]
}
origin igp
}
}
}
These export policies are applied in BGP group "eBGP" in the base router, as follows:
# on PE-1:
configure {
router "Base" {
bgp {
group "eBGP" {
export {
policy ["export-route_0/0" "export-route_::/0"]
}
}
}
The same export policies are applied in the general bgp context in VPRN 1, as follows:
# on PE-1:
configure {
service {
vprn "VPRN 1" {
bgp {
export {
policy ["export-route_0/0" "export-route_::/0"]
}
}
No default routes are configured on PE-2.
The following BGP summary on PE-2 shows that in each BGP session one BGP route is received and active:
[]
A:admin@PE-2# show router bgp summary all
===============================================================================
BGP Summary
===============================================================================
Legend : D - Dynamic Neighbor
===============================================================================
Neighbor
Description
ServiceId AS PktRcvd InQ Up/Down State|Rcv/Act/Sent (Addr Family)
PktSent OutQ
-------------------------------------------------------------------------------
192.168.12.1
Def. Instance 64501 22 0 00h08m21s 1/1/0 (IPv4)
22 0
2001:db8::12:1
Def. Instance 64501 21 0 00h08m15s 1/1/0 (IPv6)
20 0
172.31.0.1
Svc: 1 64496 21 0 00h08m10s 1/1/0 (IPv4)
20 0
2001:db8::31:0:1
Svc: 1 64496 21 0 00h08m00s 1/1/0 (IPv6)
20 0
-------------------------------------------------------------------------------
The following BGP route is received in the base router:
[]
A:admin@PE-2# show router bgp routes
===============================================================================
BGP Router ID:192.0.2.2 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop (Router) Path-Id IGP Cost
As-Path Label
-------------------------------------------------------------------------------
u*>i 0.0.0.0/0 100 None
192.168.12.1 None 0
64501 -
-------------------------------------------------------------------------------
Routes : 1
===============================================================================
Also, a BGP-IPv6 route for ::/0 is received in the base router, and VPRN 1 receives BGP-IPv4 route 0.0.0.0/0 and BGP-IPv6 route ::/0, as follows:
[]
A:admin@PE-2# show router 1 bgp routes ipv6
===============================================================================
BGP Router ID:172.31.0.2 AS:64496 Local AS:64496
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP IPv6 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop (Router) Path-Id IGP Cost
As-Path Label
-------------------------------------------------------------------------------
u*>i ::/0 100 None
2001:db8::31:0:1 None 10
No As-Path -
-------------------------------------------------------------------------------
Routes : 1
===============================================================================
The default route 0.0.0.0/0 is installed in the route table for the base router, as follows:
[]
A:admin@PE-2# show router route-table 0.0.0.0/0
===============================================================================
Route Table (Router: Base)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
0.0.0.0/0 Remote BGP 00h02m48s 170
192.168.12.1 0
-------------------------------------------------------------------------------
No. of Routes: 1
Similarly, the default route ::/0 is installed in the IPv6 route table for the base router (not shown here). For VPRN 1, default route 0.0.0.0/0 is installed in the IPv4 route table (not shown here), whereas default route ::/0 is installed in the IPv6, as follows:
[]
A:admin@PE-2# show router 1 route-table ipv6 ::/0
===============================================================================
IPv6 Route Table (Service: 1)
===============================================================================
Dest Prefix[Flags] Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
::/0 Remote BGP 00h02m52s 170
fe80::21:88ab:d904:706f-"int-VPRN1-PE-2-PE-1" 10
-------------------------------------------------------------------------------
No. of Routes: 1
Advertise artificially generated default routes
With the send-default command, no default routes need to be installed in the FIB. However, the following example shows that both static default routes in PE-1 remain, but that this static default route will not be advertised anymore. With the send-default command, an artificially generated default route is advertised and overrules the static default route.
The following send-default command is configured on PE-1 and PE-2:
# on PE-1, PE-2:
configure {
router "Base" {
bgp {
group "eBGP" {
send-default {
ipv4 true
ipv6 true
}
}
}
}
service {
vprn "VPRN 1" {
bgp {
send-default {
ipv4 true
ipv6 true
}
}
}
The following BGP summary on PE-2 shows that in each iBGP session (VPRN 1 in AS 64496), one route is received and active, and one route is advertised. The BGP sessions in the base router are eBGP sessions. In MD-CLI, the default behavior is compliant with RFC 8212, so all BGP routes are rejected when no export policies are configured.
[]
A:admin@PE-2# show router bgp summary all
===============================================================================
BGP Summary
===============================================================================
Legend : D - Dynamic Neighbor
===============================================================================
Neighbor
Description
ServiceId AS PktRcvd InQ Up/Down State|Rcv/Act/Sent (Addr Family)
PktSent OutQ
-------------------------------------------------------------------------------
192.168.12.1
Def. Instance 64501 13 0 00h03m50s 0/0/0 (IPv4)
14 0
2001:db8::12:1
Def. Instance 64501 12 0 00h03m44s 0/0/0 (IPv6)
12 0
172.31.0.1
Svc: 1 64496 12 0 00h03m40s 1/1/1 (IPv4)
13 0
2001:db8::31:0:1
Svc: 1 64496 12 0 00h03m40s 1/1/1 (IPv6)
12 0
-------------------------------------------------------------------------------
Because no send-default export policy is configured to modify the attributes, the origin will remain Incomplete, which also proves that the received routes in VPRN 1 on PE-2 are different from the ones received before the send-default command was configured, as follows:
[]
A:admin@PE-2# show router 1 bgp routes
===============================================================================
BGP Router ID:172.31.0.2 AS:64496 Local AS:64496
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop (Router) Path-Id IGP Cost
As-Path Label
-------------------------------------------------------------------------------
u*>? 0.0.0.0/0 100 None
172.31.0.1 None 10
No As-Path -
-------------------------------------------------------------------------------
Routes : 1
===============================================================================
The following shows the details of the received and advertised BGP-IPv6 route ::/0 in VPRN 1 on PE-2:
[]
A:admin@PE-2# show router 1 bgp routes ::/0 hunt
===============================================================================
BGP Router ID:172.31.0.2 AS:64496 Local AS:64496
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP IPv6 Routes
===============================================================================
-------------------------------------------------------------------------------
RIB In Entries
-------------------------------------------------------------------------------
Network : ::/0
Nexthop : 2001:db8::31:0:1
Path Id : None
From : 2001:db8::31:0:1
Res. Protocol : ISIS Res. Metric : 10
Res. Nexthop : fe80::21:88ab:d904:706f
Local Pref. : 100 Interface Name : int-VPRN1-PE-2-PE-1
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : None
AIGP Metric : None IGP Cost : 10
Connector : None
Community : No Community Members
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 172.31.0.1
Fwd Class : None Priority : None
Flags : Used Valid Best Incomplete
Route Source : Internal
AS-Path : No As-Path
Route Tag : 0
Neighbor-AS : n/a
Orig Validation: NotFound
Source Class : 0 Dest Class : 0
Add Paths Send : Default
RIB Priority : Normal
Last Modified : 00h01m07s
-------------------------------------------------------------------------------
RIB Out Entries
-------------------------------------------------------------------------------
Network : ::/0
Nexthop : 2001:db8::31:0:2
Path Id : None
To : 2001:db8::31:0:1
Res. Protocol : INVALID Res. Metric : 0
Res. Nexthop : n/a
Local Pref. : 100 Interface Name : NotAvailable
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : None
AIGP Metric : None IGP Cost : 10
Connector : None
Community : No Community Members
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 172.31.0.1
Origin : Incomplete
AS-Path : No As-Path
Route Tag : 0
Neighbor-AS : n/a
Orig Validation: NotFound
Source Class : 0 Dest Class : 0
-------------------------------------------------------------------------------
Routes : 2
===============================================================================
The origin attribute can be modified by the following export policy that sets the origin to IGP, the MED value to 50, and adds the communities ‟64496:1:1” and ‟1:0”:
# on PE-1, PE-2:
configure {
policy-options {
community "1:0" {
member "1:0" { }
}
community "large1" {
member "64496:1:1" { }
}
policy-statement "1:0" { # import policy for eBGP sessions (base)
entry 10 {
from {
community {
name "1:0"
}
}
action {
action-type accept
}
}
}
policy-statement "export-default" { # send-default export policy
default-action {
action-type accept
origin igp
bgp-med {
set 50
}
community {
add ["large1" "1:0"]
}
}
}
The export policy is included in the send-default command, as follows:
# on PE-1, PE-2:
configure {
router "Base" {
bgp {
group "eBGP" {
send-default {
ipv4 true
ipv6 true
export-policy "export-default"
}
import {
policy ["1:0"]
}
}
}
}
service {
vprn "VPRN 1" {
bgp {
send-default {
ipv4 true
ipv6 true
export-policy "export-default"
}
}
The export policy sets the origin to IGP, sets the MED to a value of 50, and adds communities ‟large1” and ‟1:0”. The import policy in the base router accepts routes with community ‟1:0”. PE-2 receives and accepts the BGP-IPv4 default route with origin IGP and MED 50, as follows:
[]
A:admin@PE-2# show router bgp routes
===============================================================================
BGP Router ID:192.0.2.2 AS:64500 Local AS:64500
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop (Router) Path-Id IGP Cost
As-Path Label
-------------------------------------------------------------------------------
u*>i 0.0.0.0/0 None 50
192.168.12.1 None 0
64501 -
-------------------------------------------------------------------------------
Routes : 1
===============================================================================
[]
A:admin@PE-2# show router bgp routes 0.0.0.0/0 hunt | match Flags
Flags : Used Valid Best IGP
The other artificially generated default routes also have origin IGP and MED 50. In this example, the send-communities large false command is configured on PE-1 and PE-2 for the IPv4 neighbors in the base router and in VPRN 1, so no large community is sent for IPv4; only for IPv6. On PE-2, the default IPv4 routes in the RIB-IN and the RIB-OUT of the base router only contain community ‟1:0”, not the large community ‟64496:1:1”, as follows:
[]
A:admin@PE-2# show router bgp routes 0.0.0.0/0 hunt | match Community
Community : 1:0 # RIB-IN
Community : 1:0 # RIB-OUT
On PE-2, the details of the received default IPv6 route ::/0 in VPRN 1 are as follows:
[]
A:admin@PE-2# show router 1 bgp routes ::/0 hunt
===============================================================================
BGP Router ID:172.31.0.2 AS:64496 Local AS:64496
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
l - leaked, x - stale, > - best, b - backup, p - purge
Origin codes : i - IGP, e - EGP, ? - incomplete
===============================================================================
BGP IPv6 Routes
===============================================================================
-------------------------------------------------------------------------------
RIB In Entries
-------------------------------------------------------------------------------
Network : ::/0
Nexthop : 2001:db8::31:0:1
Path Id : None
From : 2001:db8::31:0:1
Res. Protocol : ISIS Res. Metric : 10
Res. Nexthop : fe80::10:1ff:fe01:1
Local Pref. : 100 Interface Name : int-VPRN1-PE-2-PE-1
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : 50
AIGP Metric : None IGP Cost : 10
Connector : None
Community : 1:0 64496:1:1
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 172.31.0.1
Fwd Class : None Priority : None
Flags : Used Valid Best IGP
Route Source : Internal
AS-Path : No As-Path
Route Tag : 0
Neighbor-AS : n/a
Orig Validation: NotFound
Source Class : 0 Dest Class : 0
Add Paths Send : Default
RIB Priority : Normal
Last Modified : 00h02m50s
---snip---
The artificially generated default routes are only modified by the send-default export policy, not involving other export BGP policies.
Conclusion
With the send-default command, BGP routers can advertise artificially generated default routes for IPv4, IPv6, or both. The artificially generated default routes are always advertised, regardless of the presence of default routes installed in the local FIB.