I'm in the process of setting up BGP with 2 connections coming in from 2 different ISPs on two routers at 2 different locations. For interconnect the 2 locations, I have a point to point T1 line going, my question is if I use this T1 line to set up iBGP between the 2 routers, is it possible to use ip addresses from the private class C, something like 192.168.1.0/30 and still be able to go out to through the other router if one connection fails?
As already stated you can do this. Those addresses are not visible to the internet in case you do NAT them on your firewalls. This does not cause any problem as you do not intent to become a transit AS anyhow. Just make sure to have proper filters in place to avoid becoming transit AS. An example config could look like this (make sure to adjust this to your environment).
ip address 10.10.10.1 255.255.255.255
description to ISP1
ip address 22.214.171.124 255.255.255.252
description to second location
ip address 10.1.1.1 255.255.255.252
router bgp 65000
network 126.96.36.199 mask 255.255.0.0
neighbor 188.8.131.52 remote-as 1 ! ISP1
neighbor 184.108.40.206 prefix-list NoTrash in
neighbor 220.127.116.11 filter-list 1 out
neighbor 18.104.22.168 weight 150
neighbor 10.10.10.2 remote-as 65000
neighbor 10.10.10.2 update-source Loopback0
ip as-path access-list 1 permit ^$
ip prefix-list NoTrash deny 192.168.0.0/16 le 32
ip prefix-list NoTrash deny 172.16.0.0/12 le 32
ip prefix-list NoTrash deny 10.0.0.0/8 le 32
ip prefix-list NoTrash deny 22.214.171.124/16 le 32
ip prefix-list NoTrash permit 0.0.0.0/0 le 32
ip route 126.96.36.199 255.255.0.0 Null 0 250
This would only announce 1.1/16 (assumed to be your official IP addresses) to the ISP. All RFC1918 routes are blocked. You could extend this and use the BOGON list for filtering, but this would require more maintainance, because you have to adjust the filters from time to time. For a customer it should be sufficient to block all routes you potentially have internally.
Thank you for your answers. So from Martin's reply, the loopback interface on both routers can have the ip address from the ip block that routers are advertising, and so updates are being sent throught loopback interface instead of the serial interface on the routers which I use to set up the point to point on?
I'm new to BGP, so trying to get a better understanding of BPG before I'm diving in and configuring the routers.
Also I have 4 T1 lines from ISP1 which I used IP CEF to load-share traffic between these 4 lines. Any thoughts on what would be the best method to configure BGP between 2 IPSs: one with 4T1 lines using IP CEF and 1 with a single T1 line?
Yes, you can use the loopback to peer between the routers. In BGP, you advertise networks using the network command, redistribute another protocol into BGP or it has to be a BGP route. If you are redistributing another protocol or connected networks into BGP, make sure you have filters blocking the RFC1918 addresses from being leaked to the ISP.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...