modules/05-ebgp.md

# Module 5: eBGP — Peering with the World

> **Course**: [ISP Backbone Lab Course](../README.md)
> **Previous**: [Module 4: L3VPN](04-l3vpn.md)
> **Next**: [Module 6: Segment Routing](06-segment-routing.md)

---

## Network Diagram

![eBGP Peering at the IXP](../diagrams/Module5_eBGP_Peering.png)
*eBGP peering at the IXP — route filtering, local-pref tiers, and the Big 9 best path selection*

---

## Peering Types at an ISP

| Type | What It Is | Relationship | Money |
|------|-----------|-------------|-------|
| **Transit** | You pay a bigger ISP to reach the full internet | Customer → Provider | You pay them |
| **Peering** | Two ISPs agree to exchange traffic for free | Peer ↔ Peer | Free (settlement-free) |
| **Customer** | Someone pays YOU for connectivity | Provider → Customer | They pay you |
| **IXP (Internet Exchange)** | A shared switch where many ISPs peer at once | Many ↔ Many | Small port fee |

## Our Lab Setup

PE-EDGE1 (AS 65000) and PE-EDGE3 (AS 65100) peer at the IXP. This simulates **settlement-free peering** between two ISPs.

## Lab 5 Config: eBGP at the IXP

**PE-EDGE1:**

```
! IXP-facing interface
interface GigabitEthernet0/5
 description TO IXP-SWITCH
 ip address 172.16.0.1 255.255.255.0
 no shutdown
!
router bgp 65000
 neighbor 172.16.0.3 remote-as 65100
 !
 address-family ipv4 unicast
  neighbor 172.16.0.3 activate
  neighbor 172.16.0.3 route-map PEERING-IN in
  neighbor 172.16.0.3 route-map PEERING-OUT out
  neighbor 172.16.0.3 prefix-list PEER-IN-FILTER in
 exit-address-family
!
! Only accept their customer prefixes, not the full internet
ip prefix-list PEER-IN-FILTER seq 10 permit 10.200.0.0/16 le 24
ip prefix-list PEER-IN-FILTER seq 999 deny 0.0.0.0/0 le 32
!
! Set local-pref lower for peering routes (prefer transit/customer)
route-map PEERING-IN permit 10
 set local-preference 100
!
route-map PEERING-OUT permit 10
 ! Only advertise your customer routes, not routes learned from other peers
 match community CUSTOMER-ROUTES
```

**PE-EDGE3:**

```
interface GigabitEthernet0/5
 description TO IXP-SWITCH
 ip address 172.16.0.3 255.255.255.0
 no shutdown
!
router bgp 65100
 neighbor 172.16.0.1 remote-as 65000
 !
 address-family ipv4 unicast
  neighbor 172.16.0.1 activate
  neighbor 172.16.0.1 route-map PEERING-IN in
  neighbor 172.16.0.1 route-map PEERING-OUT out
 exit-address-family
```

## BGP Best Path Selection (The Big 9)

This is **THE** most important BGP concept. When a router has multiple paths to the same prefix, it picks the best one using this order:

| Priority | Attribute | Higher or Lower Wins? | Who Controls It? |
|----------|-----------|----------------------|-----------------|
| 1 | Weight (Cisco-proprietary) | Higher | Local router only |
| 2 | Local Preference | Higher | Entire AS (via iBGP) |
| 3 | Locally originated | — | Prefer routes this router originated |
| 4 | AS Path length | Shorter | Neighbors (can be prepended) |
| 5 | Origin code | IGP > EGP > ? | Route origin |
| 6 | MED (Multi-Exit Discriminator) | Lower | Neighbor (suggestion only) |
| 7 | eBGP over iBGP | — | Prefer external routes |
| 8 | Lowest IGP metric to next-hop | Lower | Interior routing |
| 9 | Oldest route / Router ID | Varies | Tiebreakers |

## Understanding Check

1. Why do ISPs filter inbound routes with prefix lists? What could go wrong?
2. What is AS-path prepending and when would you use it?
3. Why set a lower local-preference on peering routes?
4. What is a BGP community and how do ISPs use them for traffic engineering?

---

> **Next Module**: [Module 6: Segment Routing →](06-segment-routing.md)
Add all 8 course modules with converted markdown links Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> 2026-02-27 10:28:45 -07:00			`# Module 5: eBGP — Peering with the World`

			`> Course: [ISP Backbone Lab Course](../README.md)`
			`> Previous: [Module 4: L3VPN](04-l3vpn.md)`
			`> Next: [Module 6: Segment Routing](06-segment-routing.md)`

			`---`

			`## Network Diagram`

			`![eBGP Peering at the IXP](../diagrams/Module5_eBGP_Peering.png)`
			`eBGP peering at the IXP — route filtering, local-pref tiers, and the Big 9 best path selection`

			`---`

			`## Peering Types at an ISP`

			`\| Type \| What It Is \| Relationship \| Money \|`
			`\|------\|-----------\|-------------\|-------\|`
			`\| Transit \| You pay a bigger ISP to reach the full internet \| Customer → Provider \| You pay them \|`
			`\| Peering \| Two ISPs agree to exchange traffic for free \| Peer ↔ Peer \| Free (settlement-free) \|`
			`\| Customer \| Someone pays YOU for connectivity \| Provider → Customer \| They pay you \|`
			`\| IXP (Internet Exchange) \| A shared switch where many ISPs peer at once \| Many ↔ Many \| Small port fee \|`

			`## Our Lab Setup`

			`PE-EDGE1 (AS 65000) and PE-EDGE3 (AS 65100) peer at the IXP. This simulates settlement-free peering between two ISPs.`

			`## Lab 5 Config: eBGP at the IXP`

			`PE-EDGE1:`

			```
			`! IXP-facing interface`
			`interface GigabitEthernet0/5`
			`description TO IXP-SWITCH`
			`ip address 172.16.0.1 255.255.255.0`
			`no shutdown`
			`!`
			`router bgp 65000`
			`neighbor 172.16.0.3 remote-as 65100`
			`!`
			`address-family ipv4 unicast`
			`neighbor 172.16.0.3 activate`
			`neighbor 172.16.0.3 route-map PEERING-IN in`
			`neighbor 172.16.0.3 route-map PEERING-OUT out`
			`neighbor 172.16.0.3 prefix-list PEER-IN-FILTER in`
			`exit-address-family`
			`!`
			`! Only accept their customer prefixes, not the full internet`
			`ip prefix-list PEER-IN-FILTER seq 10 permit 10.200.0.0/16 le 24`
			`ip prefix-list PEER-IN-FILTER seq 999 deny 0.0.0.0/0 le 32`
			`!`
			`! Set local-pref lower for peering routes (prefer transit/customer)`
			`route-map PEERING-IN permit 10`
			`set local-preference 100`
			`!`
			`route-map PEERING-OUT permit 10`
			`! Only advertise your customer routes, not routes learned from other peers`
			`match community CUSTOMER-ROUTES`
			```

			`PE-EDGE3:`

			```
			`interface GigabitEthernet0/5`
			`description TO IXP-SWITCH`
			`ip address 172.16.0.3 255.255.255.0`
			`no shutdown`
			`!`
			`router bgp 65100`
			`neighbor 172.16.0.1 remote-as 65000`
			`!`
			`address-family ipv4 unicast`
			`neighbor 172.16.0.1 activate`
			`neighbor 172.16.0.1 route-map PEERING-IN in`
			`neighbor 172.16.0.1 route-map PEERING-OUT out`
			`exit-address-family`
			```

			`## BGP Best Path Selection (The Big 9)`

			`This is THE most important BGP concept. When a router has multiple paths to the same prefix, it picks the best one using this order:`

			`\| Priority \| Attribute \| Higher or Lower Wins? \| Who Controls It? \|`
			`\|----------\|-----------\|----------------------\|-----------------\|`
			`\| 1 \| Weight (Cisco-proprietary) \| Higher \| Local router only \|`
			`\| 2 \| Local Preference \| Higher \| Entire AS (via iBGP) \|`
			`\| 3 \| Locally originated \| — \| Prefer routes this router originated \|`
			`\| 4 \| AS Path length \| Shorter \| Neighbors (can be prepended) \|`
			`\| 5 \| Origin code \| IGP > EGP > ? \| Route origin \|`
			`\| 6 \| MED (Multi-Exit Discriminator) \| Lower \| Neighbor (suggestion only) \|`
			`\| 7 \| eBGP over iBGP \| — \| Prefer external routes \|`
			`\| 8 \| Lowest IGP metric to next-hop \| Lower \| Interior routing \|`
			`\| 9 \| Oldest route / Router ID \| Varies \| Tiebreakers \|`

			`## Understanding Check`

			`1. Why do ISPs filter inbound routes with prefix lists? What could go wrong?`
			`2. What is AS-path prepending and when would you use it?`
			`3. Why set a lower local-preference on peering routes?`
			`4. What is a BGP community and how do ISPs use them for traffic engineering?`

			`---`

			`> Next Module: [Module 6: Segment Routing →](06-segment-routing.md)`