Configuring NetFlow for BGP


 

The Border Gateway Protocol (BGP), defined in RFC 1771, provides loop-free interdomain routing between autonomous systems. (An autonomous system [AS] is a set of routers that operate under the same administration.) BGP is often run among the networks of Internet service providers (ISPs).

 

Note In order to get AS info, you need to configure your router to include AS info. AS information collection is resource intensive, especially when configured for origin-AS. In case you are not interested in monitoring peering arrangements, disabling AS collection may improve NetFlow Analyzer performance.

Enabling BGP Routing

Enter the global configuration mode and issue the following commands to enable BGP routing and establish a BGP routing process:

 

Command Purpose
router bgp as-number Enables the BGP routing process, which places the router in router configuration mode
network network-number [mask network-mask] [route-map route-map-name] Flags a network as local to this autonomous system and enters it to the BGP table

Configuring BGP Neighbors

BGP supports two kinds of neighbors: internal and external. Internal neighbors are in the same autonomous system; external neighbors are in different autonomous systems. Normally, external neighbors are adjacent to each other and share a subnet, while internal neighbors may be anywhere in the same autonomous system.

 

To configure BGP neighbors, issue the following command in router configuration mode:

 

Command Purpose
neighbor {ip-address|peer-group-name} remote-as as-number Specifies a BGP neighbor

 

BGP Neighbor Configuration Examples

The following example shows how BGP neighbors on an autonomous system are configured to share information.

 

router bgp 109
network 131.108.0.0
network 192.31.7.0
neighbor 131.108.200.1 remote-as 167
neighbor 131.108.234.2 remote-as 109
neighbor 150.136.64.19 remote-as 99

 

In the example, a BGP router is assigned to autonomous system 109, and two networks are listed as originating in the autonomous system. Then the addresses of three remote routers (and their autonomous systems) are listed. The router being configured will share information about networks 131.108.0.0 and 192.31.7.0 with the neighboring routers. The first router listed is in a different autonomous system; the second neighbor's remote-as router configuration command specifies an internal neighbor (with the same autonomous system number) at address 131.108.234.2 and the third neighbor's remote-as router configuration command specifies a neighbor on a different autonomous system.

Including AS Info in Netflow Exports

If you have configured BGP on your network, and want Netflow to report on autonomous systems (AS info), issue the following command on the router in global configuration mode:

 

Command Purpose
ip flow-export destination {hostname|ip_address} 9996 Exports the Netflow cache entries to the specified IP address. Use the IP address of the NetFlow Analyzer server and the configured Netflow listener port. The default port is 9996.
ip flow-export {version}[peer-as | origin-as] Exports NetFlow cache entries in the specified version format (5 or 7). If your router uses BGP, you can specify that either the origin or peer ASs are included in exports - it is not possible to include both.
Copyright © 2012, ZOHO Corp. All Rights Reserved.
ManageEngine