BGPBGP Config

neighbor [ip] remote-as [asn]

Establishes a BGP peering session with a neighbor by specifying its IP address and autonomous system number.

Overview

The 'neighbor [ip] remote-as [asn]' command is fundamental for establishing BGP peering sessions on Cisco NX-OS (Nexus) devices. BGP (Border Gateway Protocol) is the de facto inter-domain routing protocol used to exchange routing information between autonomous systems (AS) on the Internet and within large enterprise networks. This command defines a BGP neighbor by specifying its IP address and the remote autonomous system number. The IP address can be IPv4 or IPv6, and the AS number can be a 2-byte (1-65535) or 4-byte (1-4294967295) value. On NX-OS, BGP configuration is hierarchical: after entering 'router bgp <asn>', you configure neighbors under that process. However, the neighbor must also be activated under the appropriate address family (e.g., 'address-family ipv4 unicast') to exchange prefixes. NX-OS supports both eBGP (different AS) and iBGP (same AS) peering. This command is used in initial BGP setup, adding new peers, or modifying existing peer AS numbers. In troubleshooting workflows, verifying the neighbor configuration with 'show running-config | section router bgp' or 'show ip bgp neighbors' is essential. Common issues include AS mismatch, unreachable neighbor IP, or missing address-family activation. NX-OS also supports advanced features like BGP dynamic neighbors, but the static neighbor configuration remains the most common method.

Syntax·BGP Config
neighbor {ip-address | ipv6-address} remote-as {asn}

When to Use This Command

  • Configuring eBGP peering with an external ISP at 10.1.1.2, AS 65001.
  • Setting up iBGP peering between two routers in the same AS 65000 at 192.168.1.2.
  • Establishing IPv6 BGP peering with a neighbor at 2001:db8::2, AS 65002.
  • Configuring multiple BGP sessions for route reflectors or confederations.

Parameters

ParameterSyntaxDescription
ip-address | ipv6-addressA.B.C.D or X:X::XThe IP address of the BGP neighbor. This must be a reachable address from the local router. For IPv4, use dotted decimal notation; for IPv6, use colon-hexadecimal format.
asn<1-65535> or <1-4294967295>The autonomous system number of the neighbor. For eBGP, this must differ from the local AS; for iBGP, it must match. NX-OS supports both 2-byte and 4-byte AS numbers.

Command Examples

Basic eBGP Neighbor Configuration

neighbor 10.1.1.2 remote-as 65001

Configures BGP neighbor 10.1.1.2 in autonomous system 65001. No output is generated upon successful configuration.

Verifying BGP Neighbor Status

show ip bgp neighbors 10.1.1.2
BGP neighbor is 10.1.1.2, remote AS 65001, external link
  BGP version 4, remote router ID 10.1.1.2
  BGP state = Established, up for 00:12:34
  Last read 00:00:08, hold time = 180, keepalive interval = 60 seconds
  Neighbor capabilities:
    Dynamic capability: advertised (old, new) received (old, new)
    Route refresh: advertised and received (new)
    Address family IPv4 Unicast: advertised and received
  Received 500 messages, 0 notifications, 0 in queue
  Sent 400 messages, 0 notifications, 0 in queue
  Connections established 1, dropped 0
  Last reset never

The output shows the neighbor is established. Key fields: BGP state = Established indicates successful peering; up for 00:12:34 shows session uptime; hold time and keepalive interval are default; received/sent messages indicate activity; no notifications indicate no errors.

Understanding the Output

The 'show ip bgp neighbors' command output provides detailed information about a BGP peering session. The first line shows the neighbor IP and remote AS, indicating whether it's an external (eBGP) or internal (iBGP) link. The BGP state field is critical: 'Established' means the session is up and exchanging routes, while 'Idle', 'Connect', 'Active', 'OpenSent', 'OpenConfirm' indicate problems. The uptime shows how long the session has been established. The hold time and keepalive interval are negotiated parameters; default hold time is 180 seconds, keepalive 60 seconds. The 'Last read' field shows time since last keepalive or update; if it approaches the hold time, the session may reset. The neighbor capabilities section confirms support for route refresh and address families. The message counters show total received and sent messages; notifications indicate errors (0 is healthy). Connections established/dropped show session stability; 'Last reset' indicates when the session last went down. A healthy session shows 'Established' state, recent last read, low or zero notifications, and stable connection count.

Configuration Scenarios

eBGP Peering with an ISP

A Nexus switch connects to an ISP router for Internet connectivity. The local AS is 65000, ISP AS is 65001.

Topology

Nexus (AS 65000) -- 10.1.1.0/30 -- ISP Router (AS 65001)

Steps

  1. 1.Enter BGP configuration mode: 'router bgp 65000'
  2. 2.Configure the neighbor: 'neighbor 10.1.1.2 remote-as 65001'
  3. 3.Enter IPv4 unicast address family: 'address-family ipv4 unicast'
  4. 4.Activate the neighbor: 'neighbor 10.1.1.2 activate'
Configuration
! Config snippet
router bgp 65000
  neighbor 10.1.1.2 remote-as 65001
  address-family ipv4 unicast
    neighbor 10.1.1.2 activate

Verify: Use 'show ip bgp neighbors 10.1.1.2' to check state is Established. Use 'show ip bgp summary' to see prefix counts.

Watch out: If the ISP uses a different AS than configured, the session will not establish. Also ensure the interface connecting to the ISP has an IP in the same subnet and is up.

iBGP Peering for Route Reflector

Two Nexus switches in the same AS 65000 peer via iBGP. One acts as route reflector.

Topology

Nexus-1 (RR, AS 65000) -- 192.168.1.0/30 -- Nexus-2 (Client, AS 65000)

Steps

  1. 1.On Nexus-1: 'router bgp 65000', 'neighbor 192.168.1.2 remote-as 65000'
  2. 2.On Nexus-1: 'address-family ipv4 unicast', 'neighbor 192.168.1.2 activate', 'neighbor 192.168.1.2 route-reflector-client'
  3. 3.On Nexus-2: 'router bgp 65000', 'neighbor 192.168.1.1 remote-as 65000', 'address-family ipv4 unicast', 'neighbor 192.168.1.1 activate'
Configuration
! Nexus-1 config
router bgp 65000
  neighbor 192.168.1.2 remote-as 65000
  address-family ipv4 unicast
    neighbor 192.168.1.2 activate
    neighbor 192.168.1.2 route-reflector-client

Verify: Check 'show ip bgp neighbors 192.168.1.2' on Nexus-1; state should be Established. Use 'show ip bgp' to see reflected routes.

Watch out: iBGP requires full mesh or route reflection; without route-reflector-client, the neighbor will not receive routes from other iBGP peers.

Troubleshooting with This Command

When a BGP session fails to establish, the 'neighbor' command is the starting point. First, verify the configuration with 'show running-config | section router bgp' to ensure the neighbor IP and remote AS are correct. Common issues include: 1) AS mismatch: the remote-as must match the neighbor's configured AS. Use 'show ip bgp neighbors <ip>' to see the configured remote AS and compare with the neighbor's actual AS. 2) IP reachability: ensure the neighbor IP is reachable via ping. If not, check routing and interface status. 3) Address-family activation: the neighbor must be activated under the correct address family. If not, the session may establish but no routes are exchanged. Use 'show ip bgp neighbors <ip>' and look for 'Address family IPv4 Unicast: advertised and received' in capabilities. 4) BGP state machine: states like 'Idle' indicate no connection attempt; 'Active' means the router is trying to connect but failing; 'OpenSent'/'OpenConfirm' indicate parameter negotiation issues. Check for 'Last error' in the neighbor output. 5) TTL security: if enabled, ensure the neighbor's TTL is correct. 6) Password mismatch: if MD5 authentication is configured, both sides must match. Use 'show ip bgp neighbors <ip>' to see if authentication is enabled. On NX-OS, the 'debug ip bgp' command can provide real-time peering events, but use with caution in production. Also, 'show ip bgp summary' gives a quick overview of all neighbors and their states. For persistent issues, check logs with 'show logging | include BGP'.

CCNA Exam Tips

1.

Remember that 'remote-as' must match the neighbor's configured AS; mismatch causes peering failure.

2.

For iBGP, the remote-as must be the same as the local AS; for eBGP, it must be different.

3.

The 'neighbor' command alone does not activate the session; you must also configure the address family (e.g., 'address-family ipv4 unicast') and activate the neighbor.

Common Mistakes

Using the wrong AS number: causes the neighbor to reject the connection, resulting in 'Active' or 'Idle' state.

Forgetting to activate the neighbor under the address family: the session may establish but no routes are exchanged.

Misconfiguring the neighbor IP address (e.g., using a non-reachable address): session never establishes.

Platform Notes

On Cisco NX-OS (Nexus), the BGP configuration syntax is similar to IOS but with some differences. Unlike IOS, NX-OS requires explicit activation of neighbors under the address family; IOS automatically activates neighbors in the IPv4 unicast address family unless 'no activate' is used. NX-OS also uses 'router bgp <asn>' with a separate 'address-family' sub-mode. The 'neighbor' command itself is identical. For IPv6, use 'neighbor ipv6-address remote-as asn' and activate under 'address-family ipv6 unicast'. NX-OS supports BGP dynamic neighbors via 'neighbor <subnet> remote-as <asn>' but static configuration is more common. In terms of verification, 'show ip bgp neighbors' output is similar but may include NX-OS-specific fields like 'VRF' if using VRF-lite. NX-OS also supports 'show bgp neighbors' (without 'ip') for both IPv4 and IPv6. For troubleshooting, NX-OS has 'show bgp internal' for detailed internal state. Compared to IOS, NX-OS BGP is more modular and supports features like BGP EVPN and VXLAN. Version differences: NX-OS 7.x and later have enhanced BGP scalability. Always check the specific NX-OS version documentation for command variations.

Practice for the CCNA 200-301

Test your knowledge with hundreds of CCNA practice questions covering all exam domains.

Practice CCNA Questions