Confederations
- Tracy Yang (Unlicensed)
Command References
admin@XorPlus# set protocols bgp confederation disable [true/false]
Note: This command is to enable/disable BGP confederation.
admin@XorPlus# set protocols bgp confederation identifier [confederation-identifier]
Note: This command is to configure a BGP confederation identifier, It’s used to establish an EBPG Peer, it's a 2-byte or 4-byte AS number.
admin@XorPlus# set protocols bgp peer [Peer-IPV6 address] confederation-member [true/false]
Note:This command is to specify one BGP peer as a confederation member.
admin@XorPlus# set protocols bgp local-as [AS-Number]
Note: This Command is to configure a private local-AS number, used for establishing an internal confederation EBGP.
A confederation is another way to deal with the explosion of an IBGP mesh within an AS. As with route reflection, confederations are recommended only for cases in which IBGP peering involves a large number of IBGP peering sessions per router.
BGP confederations are based on the concept that an AS can be broken into multiple sub-AS's. Inside each sub-AS, all the rules of IBGP apply. All BGP routers inside the sub-AS, for example, must be fully meshed. Because each sub-AS has a different AS number, external BGP must run between them. Although EBGP is used between sub-ASs, routing inside the confederation behaves like IBGP routing in a single AS. In other words, the next hop, MED,and local preference information is preserved when crossing the sub-AS boundaries. To the outside world, a confederation looks like a single AS.
All the sub-ASs are shielded from the outside world and can be given any AS number. The numbers could be chosen from the private AS range (64512 to 65534, as designated in RFC 1930) in order not to use up any formal AS numbers.
As mentioned previously, inside the sub-AS, an IBGP full mesh is used. EBGP is used between the sub-AS's as well as between the confederation itself and outside AS's.
Confederations can easily detect routing loops inside the whole AS, because EBGP is run between sub-AS's. The AS path list is a loop-avoidance mechanism used to detect routing updates leaving one sub-AS and attempting to reenter the same sub-AS. A routing update that tries to reenter the sub-AS it originated from will be detected, because the sub-AS will see its own sub-AS number listed in the update's AS path.
Figure 2-5
Step 1: Switch B, Switch C, and Switch D configured as a confederation member
Switch B:
admin@XorPlus# set protocols bgp bgp-id 9.9.9.9 admin@XorPlus# set protocols bgp local-as "65531" admin@XorPlus# set protocols bgp confederation identifier "6" admin@XorPlus# set protocols bgp peer 3003::1 local-ip "3003::2" admin@XorPlus# set protocols bgp peer 3003::1 as "65531" admin@XorPlus# set protocols bgp peer 3003::1 next-hop-self true admin@XorPlus# set protocols bgp peer 3003::1 confederation-member true admin@XorPlus# set protocols bgp peer 3003::1 ipv6-unicast true
Switch C:
admin@XorPlus# set protocols bgp bgp-id 6.6.6.6 admin@XorPlus# set protocols bgp local-as "65531" admin@XorPlus# set protocols bgp confederation identifier "6" admin@XorPlus# set protocols bgp peer 1001::2 local-ip "1001::1" admin@XorPlus# set protocols bgp peer 1001::2 as "65532" admin@XorPlus# set protocols bgp peer 1001::2 next-hop-self true admin@XorPlus# set protocols bgp peer 1001::2 client true admin@XorPlus# set protocols bgp peer 1001::2 confederation-member true admin@XorPlus# set protocols bgp peer 1001::2 ipv6-unicast true admin@XorPlus# set protocols bgp peer 3003::2 local-ip "3003::1" admin@XorPlus# set protocols bgp peer 3003::2 as "65531" admin@XorPlus# set protocols bgp peer 3003::2 next-hop-self true admin@XorPlus# set protocols bgp peer 3003::2 confederation-member true admin@XorPlus# set protocols bgp peer 3003::2 ipv6-unicast true
Switch D:
admin@XorPlus# set protocols bgp bgp-id 26.26.26.26 admin@XorPlus# set protocols bgp local-as "65532" admin@XorPlus# set protocols bgp confederation identifier "6" admin@XorPlus# set protocols bgp peer 1001::1 local-ip "1001::2" admin@XorPlus# set protocols bgp peer 1001::1 as "65531" admin@XorPlus# set protocols bgp peer 1001::1 next-hop-self true admin@XorPlus# set protocols bgp peer 1001::1 confederation-member true admin@XorPlus# set protocols bgp peer 1001::1 ipv6-unicast true
Step 2: Switch A and Switch B configure EBGP, Switch C and Switch E configure EBGP
Switch A:
admin@XorPlus# set protocols bgp bgp-id 33.33.33.33 admin@XorPlus# set protocols bgp local-as 10 admin@XorPlus# set protocols bgp peer 5005::1 local-ip "5005::2" admin@XorPlus# set protocols bgp peer 5005::1 as 6 admin@XorPlus# set protocols bgp peer 5005::1 ipv6-unicast true
Switch B:
admin@XorPlus# set protocols bgp peer 5005::2 local-ip "5005::1" admin@XorPlus# set protocols bgp peer 5005::2 as "10" admin@XorPlus# set protocols bgp peer 5005::2 ipv6-unicast true
Switch D:
admin@XorPlus# set protocols bgp peer 4004::2 local-ip "4004::1" admin@XorPlus# set protocols bgp peer 4004::2 as 100 admin@XorPlus# set protocols bgp peer 4004::2 next-hop-self true admin@XorPlus# set protocols bgp peer 4004::2 ipv6-unicast true
Switch E:
admin@XorPlus# set protocols bgp bgp-id 100.100.100.100 admin@XorPlus# set protocols bgp local-as 100 admin@XorPlus# set protocols bgp peer 4004::1 local-ip "4004::2" admin@XorPlus# set protocols bgp peer 4004::1 as 6 admin@XorPlus# set protocols bgp peer 4004::1 ipv6-unicast true
Step 3: Switch A distribute one BGP route entry, then check the BGP route table on Switch B, Switch C, Switch D and Switch E.
Switch B BGP route table:
admin@XorPlus# run show bgp routes ipv6 Status Codes: * valid route, > best route Origin Codes: i IGP, e EGP, ? incomplete Prefix Nexthop Peer AS Path ---------------------------- ------------------------ --------------- ------------ *> 9999::/64 5005::2 33.33.33.33 10 i admin@XorPlus# run show bgp routes ipv6 detail 9999::/64 From peer: 33.33.33.33 Route: Winner Origin: IGP AS Path: 10 Nexthop: 5005::2 Local Preference: 100 admin@XorPlus#
Switch C BGP route table:
admin@XorPlus# run show bgp routes ipv6 Status Codes: * valid route, > best route Origin Codes: i IGP, e EGP, ? incomplete Prefix Nexthop Peer AS Path ---------------------------- ------------------------ --------------- ------------ *> 9999::/64 3003::2 9.9.9.9 10 i admin@XorPlus# run show bgp routes ipv6 detail 9999::/64 From peer: 9.9.9.9 Route: Winner Origin: IGP AS Path: 10 Nexthop: 3003::2 Local Preference: 100 admin@XorPlus#
Switch D BGP route table:
admin@XorPlus# run show bgp routes ipv6 Status Codes: * valid route, > best route Origin Codes: i IGP, e EGP, ? incomplete Prefix Nexthop Peer AS Path ---------------------------- ------------------------ --------------- ------------ *> 9999::/64 1001::1 6.6.6.6 (65531) 10 i admin@XorPlus# run show bgp routes ipv6 detail 9999::/64 From peer: 6.6.6.6 Route: Winner Origin: IGP AS Path: (65531) 10 Nexthop: 1001::1 Local Preference: 100 admin@XorPlus#
Note: We can see that the AS-path includes the confederation EGBP AS number 65531
Switch E BGP route table:
admin@XorPlus# run show bgp routes ipv6 Status Codes: * valid route, > best route Origin Codes: i IGP, e EGP, ? incomplete Prefix Nexthop Peer AS Path ---------------------------- ------------------------ --------------- ------------ *> 9999::/64 4004::1 6.6.6.6 6 10 i admin@XorPlus# run show bgp routes ipv6 detail 9999::/64 From peer: 6.6.6.6 Route: Winner Origin: IGP AS Path: 6 10 Nexthop: 4004::1 Local Preference: 100 admin@XorPlus#
Note: We can see that the confederation AS number 65531 was removed from the AS-path when it outbounds the AS to it’s EBGP Peer.
Copyright © 2025 Pica8 Inc. All Rights Reserved.