De Le wiki des TPs RSM
BGP: Traffic Engineering

"The goal of this practical is to use a virtual platform developed by Juniper to do traffic engineering by modifying the path taken by packets un an IP network. This practical will also be an opportunity to learn JunOS operating system used by Juniper routers


  • Cent-OS A does not have a good configuration of interface eth1:0 with is used of
  • zebra and bgpd deos not start a boot time on centos A.
  • Give an explanation of filtering 172.16.1/24



The network architecture we will use is defined in the following picture:

Archi BGP TE.png

This picture give a vision of the AS we will use:

  • AS-200 is the target AS we will want to reach. This AS announces a prefix to the rest of the world. The goal will be to ping the host.
  • AS-100, AS-101 and AS-102 symbolize the Internet network made of several ISP or Tier-1.
  • AS-B will be the AS you will manage. This AS is multi-homed to two ISP.

AS 200, 100, 101, 102 will be common to all the groups. Each group will manage a different AS-B, called AS-B._ where _ is you group number.

The goal of this practical is to modify BGP announcements to force some routes and verify that the network react the appropriate way to your commands.

If we suppose that the route selection is only made on AS_PATH length, what should be the route between AS 200 and your AS B ?

The following picture describes more precisely the network architecture of your AS-B. Each group will have a similar and independent architecture.

Archi BGP TE2.png

You AS B is composed of several PE:

  • routers B_.1 and B_.2 are peering in BGP with AS-100 and AS-101.
  • routers B_.6 and B_.5 allows your customers to access Internet. They will use private AS numbers 65001 and 65002.

The other routers are P routers, they are running IS-IS as IGP.

Addressing plan

None of these routers are in Telecom-Bretagne premises. We can access them through ssh, the port number we will use the command ssh -p <port>. The following scheme gives the IP addressing plan and the port number you can use to reach the router. We give you all the port, but to respect AS principle, normally you cann alny access to router un you AS-B.

Analyze of the existing network

Red arrow.png do a connection on router B_.1

#ssh -p PPPP <- PPPP is the port number of your router B_.1
Welcome to the cloud
password is Clouds's password: Clouds
--- JUNOS 10.3B2.4 built 2010-06-02 01:55:40 UTC

You are connected to a Juniper router. Commands are different from the Cisco commands we saw on previous practicals. In fact at this point you are connected to a BSD host which supervise your router.

Red arrow.png To see that you are on a Unix machine type a Unix comand such as ps

 clclroot@vm-b1% ps

Red arrow.png start the cli application to configure your router (the prompt will change)

root@vm-b1% cli

Red arrow.png Visualize router configuration and find the part regarding interface configuration

 root@vm-b1.1> show configuration

On the following scheme represent the prefixes and their length for router B_.1



Red arrow.png Display BGP peering

root@vm-b1.1> show bgp summary

How many iBGP and eBGP peering? with how many ASes ?

Red arrow.png Display BGP announces

root@vm-b1.1> show route protocol bgp

Indicate of the previous scheme what is the path taken by theses announces. Why do B_.1 receives two announces that took the same path ?

To which router is send a packet to ? on which interface ? what if the IP address of this interface ?

show route 


Red arrow.png try a ping to

root@vm-b1.1> ping                    

Does it work ? Give a explaination since we receive prefixes for that destination in the BGP table.

Red arrow.png try to ping with another IP source address

root@vm-b1.1> ping source

Why does it works ?

Locate on the configuration file where prefix 172.16._ is filtered

On BGP configuration we can find the following instructions for peering with the backbone

       group backbone {
           export to_bgp;
           neighbor {
               family inet {           
               peer-as 100;
           neighbor {
               family inet {
               peer-as 101;

The export instruction will define what prefixes will be announced or not. The definition is given by the to_bgp access list given at the end of the configuration file.

   policy-statement to_bgp {
       term 1 {
           from {
               route-filter exact;
           then accept;



Outils personnels