IP Routing: BGP Configuration Guide, Cisco IOS XE Gibraltar 16.10.x
Bias-Free Language
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Border Gateway Protocol (BGP) policy accounting (PA) measures and classifies IP traffic that is sent to, or received from,
different peers. Policy accounting was previously available on an input interface only. The BGP Policy Accounting Output Interface
Accounting feature introduces several extensions to enable BGP PA on an output interface and to include accounting based on
a source address for both input and output traffic on an interface. Counters based on parameters such as community list, autonomous
system number, or autonomous system path are assigned to identify the IP traffic.
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest caveats and feature information,
see
Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module,
and to see a list of the releases in which each feature is supported, see the feature information table at the end of this
module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature
Navigator, go to
www.cisco.com/go/cfn. An account on Cisco.com is not required.
Prerequisites for BGP PA Output Interface Accounting
Before using the BGP Policy Accounting Output Interface Accounting feature, you must enable BGP and Cisco Express Forwarding
or distributed CEF on the router.
Information About BGP PA Output Interface Accounting
BGP PA Output Interface Accounting
Policy accounting using BGP measures and classifies IP traffic that is sent to, or received from, different peers. Originally,
BGP PA was available on an input interface only. BGP PA output interface accounting introduces several extensions to enable
BGP PA on an output interface and to include accounting based on a source address for both input and output traffic on an
interface. Counters based on parameters such as community list, autonomous system number, or autonomous system path are assigned
to identify the IP traffic.
Using the BGP
table-map command, prefixes added to the routing table are classified by BGP attribute, autonomous system number, or autonomous system
path. Packet and byte counters are incremented per input or output interface. A Cisco policy-based classifier maps the traffic
into one of eight possible buckets that represent different traffic classes.
Using BGP PA, you can account for traffic according to its origin or the route it traverses. Service providers (SPs) can
identify and account for all traffic by customer and can bill accordingly. In the figure below, BGP PA can be implemented
in Router A to measure packet and byte volumes in autonomous system buckets. Customers are billed appropriately for traffic
that is routed from a domestic, international, or satellite source.
BGP policy accounting using autonomous system numbers can be used to improve the design of network circuit peering and transit
agreements between Internet service providers (ISPs).
Benefits of BGP PA Output Interface Accounting
Accounting for IP Traffic Differentially
BGP policy accounting classifies IP traffic by autonomous system number, autonomous system path, or community list string,
and increments packet and byte counters. Policy accounting can also be based on the source address. Service providers can
account for traffic and apply billing according to the origin of the traffic or the route that specific traffic traverses.
Efficient Network Circuit Peering and Transit Agreement Design
Implementing BGP policy accounting on an edge router can highlight potential design improvements for peering and transit agreements.
How to Configure BGP PA Output Interface Accounting
Specifying the Match Criteria for BGP PA
The first task in configuring BGP PA is to specify the criteria that must be matched. Community lists, autonomous system
paths, or autonomous system numbers are examples of BGP attributes that can be specified and subsequently matched using a
route map. Perform this task to specify the BGP attribute to use for BGP PA and to create the match criteria in a route map.
Enters route-map configuration mode and defines the conditions for policy routing.
The
map-name argument identifies a route map.
The optional
permit and
deny keywords work with the match and set criteria to control how the packets are accounted for.
The optional
sequence-number argument indicates the position that a new route map is to have in the list of route maps already configured with the same
name.
Step 5
matchcommunity-listcommunity-list-number [exact]
Example:
Router(config-route-map)# match community-list 30
Matches a BGP community.
Step 6
settraffic-indexbucket-number
Example:
Device(config-route-map)# set traffic-index 2
Indicates where to output packets that pass a match clause of a route map for BGP policy accounting.
Step 7
exit
Example:
Device(config-route-map)# exit
Exits route-map configuration mode and returns to global configuration mode.
Classifying the IP Traffic and Enabling BGP PA
After a route map has been defined to specify match criteria, you must configure a way to classify the IP traffic before
enabling BGP policy accounting.
Using the
table-map command, BGP classifies each prefix that it adds to the routing table according to the match criteria. When the
bgp-policyaccounting command is configured on an interface, BGP policy accounting is enabled.
Perform this task to classify the IP traffic and enable BGP policy accounting.
SUMMARY STEPS
enable
configureterminal
routerbgpas-number
table-maproute-map-name
networknetwork-number [masknetwork-mask]
neighborip-addressremote-asas-number
exit
interfacetypenumber
ipaddressip-addressmask
bgp-policyaccounting [input |
output] [source]
exit
DETAILED STEPS
Command or Action
Purpose
Step 1
enable
Example:
Device> enable
Enables privileged EXEC mode.
Enter your password if prompted.
Step 2
configureterminal
Example:
Device# configure terminal
Enters global configuration mode.
Step 3
routerbgpas-number
Example:
Device(config)# router bgp 65000
Configures a BGP routing process and enters router configuration mode for the specified routing process.
The
as-number argument identifies a BGP autonomous system number.
Step 4
table-maproute-map-name
Example:
Device(config-router)# table-map set_bucket
Classifies BGP prefixes entered in the routing table.
Use the optional
input or
output keyword to account for traffic either entering or leaving the router. By default, BGP policy accounting is based on traffic
entering the router.
Use the optional
source keyword to account for traffic based on source address.
Step 11
exit
Example:
Device(config-if)# exit
Exits interface configuration mode and returns to global configuration mode.
Verifying BGP Policy Accounting
Perform this task to verify that BGP policy accounting is operating.
Enter the
showipcef command with the
detail keyword to learn which accounting bucket is assigned to a specified prefix.
In this example, the output is displayed for the prefix 192.168.5.0. It shows that accounting bucket number 4 (traffic_index
4) is assigned to this prefix.
Example:
Device# show ip cef 192.168.5.0 detail
192.168.5.0/24, version 21, cached adjacency to POS7/2
0 packets, 0 bytes, traffic_index 4
via 10.14.1.1, 0 dependencies, recursive
next hop 10.14.1.1, POS7/2 via 10.14.1.0/30
valid cached adjacency
Enter the
showipbgp command for the same prefix used in Step 1--192.168.5.0--to learn which community is assigned to this prefix.
In this example, the output is displayed for the prefix 192.168.5.0. It shows that the community of 100:197 is assigned to
this prefix.
Example:
Device# show ip bgp 192.168.5.0
BGP routing table entry for 192.168.5.0/24, version 2
Paths: (1 available, best #1)
Not advertised to any peer
100
10.14.1.1 from 10.14.1.1 (32.32.32.32)
Origin IGP, metric 0, localpref 100, valid, external, best
Community: 100:197
Displays the state of BGP policy accounting on a specified interface.
In this example, the output shows that BGP policy accounting has been configured to be based on input traffic at Fast Ethernet
interface 1/0/0:
Example:
Device# show cef interface Fast Ethernet 1/0/0
FastEthernet1/0/0 is up (if_number 6)
Corresponding hwidb fast_if_number 6
Corresponding hwidb firstsw->if_number 6
Internet address is 10.1.1.1/24
ICMP redirects are always sent
Per packet load-sharing is disabled
IP unicast RPF check is disabled
Inbound access list is not set
Outbound access list is not set
IP policy routing is disabled
BGP based policy accounting on input is enabled
BGP based policy accounting on output is disabled
Hardware idb is FastEthernet1/0/0 (6)
Software idb is FastEthernet1/0/0 (6)
Fast switching type 1, interface type 18
IP Distributed CEF switching enabled
IP Feature Fast switching turbo vector
IP Feature CEF switching turbo vector
Input fast flags 0x100, Output fast flags 0x0, Flags 0x0
ifindex 7(7)
Slot 1 Slot unit 0 VC -1
Transmit limit accumulator 0xE8001A82 (0xE8001A82)
IP MTU 1500
Configuration Examples for BGP PA Output Interface Accounting
Specifying the Match Criteria for BGP Policy Accounting Example
In the following example, BGP communities are specified in community lists, and a route map named set_bucket is configured
to match each of the community lists to a specific accounting bucket using the settraffic-index command:
ip community-list 30 permit 100:190
ip community-list 40 permit 100:198
ip community-list 50 permit 100:197
ip community-list 60 permit 100:296
!
route-map set_bucket permit 10
match community-list 30
set traffic-index 2
!
route-map set_bucket permit 20
match community-list 40
set traffic-index 3
!
route-map set_bucket permit 30
match community-list 50
set traffic-index 4
!
route-map set_bucket permit 40
match community-list 60
set traffic-index 5
Classifying the IP Traffic and Enabling BGP Policy Accounting Example
In the following example, BGP policy accounting is enabled on POS interface 2/0/0. The policy accounting criteria is based
on the source address of the input traffic, and the table-map command is used to modify the bucket number when the IP routing table is updated with routes learned from BGP.
router bgp 65000
table-map set_bucket
network 10.15.1.0 mask 255.255.255.0
neighbor 10.14.1.1 remote-as 65100
!
ip classless
ip bgp-community new-format
!
interface POS2/0/0
ip address 10.15.1.2 255.255.255.0
bgp-policy accounting input source
no keepalive
crc 32
clock source internal
Additional References
The following sections provide references related to the BGP policy accounting output interface accounting feature.
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this
feature.
--
MIBs
MIBs
MIBs Link
CISCO-BGP-POLICY-ACCOUNTING-MIB
To locate and download MIBs for selected platforms, Cisco IOS XE software releases, and feature sets, use Cisco MIB Locator
found at the following URL:
No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.
--
Technical Assistance
Description
Link
The Cisco Support website provides extensive online resources, including documentation and tools for troubleshooting and
resolving technical issues with Cisco products and technologies.
To receive security and technical information about your products, you can subscribe to various services, such as the Product
Alert Tool (accessed from Field Notices), the Cisco Technical Services Newsletter, and Really Simple Syndication (RSS) Feeds.
Access to most tools on the Cisco Support website requires a Cisco.com user ID and password.
Feature Information for BGP Policy Accounting Output Interface Accounting
The following table provides release information about the feature or features described in this module. This table lists
only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise,
subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco
Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1. Feature Information for BGP Policy Accounting Output Interface Accounting
Feature Name
Releases
Feature Information
BGP Policy Accounting
Cisco IOS XE Release 2.1
BGP policy accounting measures and classifies IP traffic that is sent to, or received from, different peers.
This feature was introduced on the Cisco ASR 1000 Series Aggregation Services Routers.
BGP Policy Accounting Output Interface Accounting
Cisco IOS XE Release 2.1
This feature introduces several extensions to enable BGP PA on an output interface and to include accounting based on a source
address for both input and output traffic on an interface.
This feature was introduced on the Cisco ASR 1000 Series Routers.
The following commands were introduced or modified for this feature:
bgp-policy,
settraffic-index,
showcefinterface,
showcefinterfacepolicy-statistics
SNMP Support for BGP Policy Accounting
Cisco IOS XE Release 2.1
The CISCO-BGP-POLICY-ACCOUNTING-MIB was introduced.
This feature was introduced on the Cisco ASR 1000 Series Routers.
Glossary
AS--autonomous system. An IP term to describe a routing domain that has its own independent routing policy and is administered
by a single authority.
BGP--Border Gateway Protocol. Interdomain routing protocol that exchanges reachability information with other BGP systems.