network-freak

BGP Prefix Limit Maximum Prefix-limit is used to control the BGP peer not to overload your BGP routing table and it helps to avoid the situation. let's explore how to configure in Cisco, Juniper, and Nokia router Cisco Configuration  ! router bgp 300  neighbor 192.168.1.1   address-family ipv4 unicast    maximum-prefix <max-limit> <percentage> <Actions>   !  ! Juniper  Configuration edit protocol bgp {         group nokia {             neighbor 192.168.0.1 {                 family inet {                     unicast {                         prefix-limit {                             maximum 1000;                    ...

TCP-AO is a new authentication method proposed through RFC5925, The TCP Authentication Option to enhance the security and authenticity of TCP segments exchanged during BGP.  It supports both IPv4 and IPv6 traffic Benefits of TCP-AO Support multiple stronger algorithms, such as HMAC-SHA1 and AES-128 to create an internal traffic key and message digest. Add a new user-configured key to re-generate internal traffic keys for an established connection and a mechanism to synchronize key change between BGP peers Nokia Configuration /configure system security  keychain "aes-128-cmac-96-keychain"                 tcp-option-number                     send tcp-ao                     receive tcp-ao                 exit                 direction         ...

 In this blog, I will explain the benefits of the MD5 concept and how to configure it on Cisco, Juniper, and Nokia Router TCP-MD5 MD5 is used to protect the BGP session between the peers to form the secured session over the public Network.  TCP MD5 option supports only one key for a connection. Further, it only supports the MD5 algorithm. The MD5 algorithm takes the “secret” from the key and the TCP segment for encryption and generates a message digest. This message digest is then copied to the MD5 digest field in the TCP segment and is sent to the receiving device. Cisco XR router bgp 300  neighbor 192.168.1.1   password encrypted 011D03104C0414042D4D4C Juniper edit protocols {                                  bgp {         group nokia {                neighbor 192.168.0.1 {           ...

Let's explore few concepts of BGP and how to configure it on the Nokia 7750 SR Border gateway protocol is mainly used by Service Providers to carry the huge routing information between different Autonomous Systems. It uses the well-known TCP port number 179. BGP uses TCP protocol for authenticating its peer router session. There are two types of BGP as listed below 1. IBGP (Internal BGP used to share routing information within its own AS) 2. Ebgp (External BGP used to share routing information between 2 different AS) Let's explore how to configure BGP types as per the below topology. IGP is pre-configured as per topology. 1. IBGP configuration between PE01 to PE02  Forming IBGP between Router system IP/Loopback address is a best practice for family ipv4. why are we configuring internal BGP on SYSTEM/LOOPBACK IP? If we configure the adjacency using the physical interface for the ipv4 family it will lead to failure if that particular interface goes down. Even if we have an altern...