BGP (Border Gateway Protocol) is the routing protocol that makes the internet work. For the CCNA 200-301 exam, you are expected to understand BGP basics—its purpose, operation, and configuration in a simple enterprise context. While BGP is an advanced topic, Cisco includes it in the exam to ensure you can connect an enterprise network to an ISP. Mastering BGP fundamentals will set you apart as a network engineer who understands how traffic flows across autonomous systems.
Jump to a section
Imagine the internet as a global postal system. Each country (Autonomous System, or AS) has its own postal service that knows how to deliver mail within its borders. When you send a letter from the US to Japan, your local post office doesn't know every street in Tokyo—it just knows to hand the letter to the US international mail service, which passes it to Japan's postal service, which delivers it locally. BGP is like the agreement between postal services: each service advertises which addresses it can reach and the best path to get there. For example, the US postal service might say, 'I can reach any address in North America, and to get to Japan, send mail through this specific gateway.' BGP routers exchange these advertisements using UPDATE messages, much like postal services sharing route cards. The BGP decision process is like a postal manager choosing the most efficient route based on policies (e.g., avoid countries with high tariffs, prefer trusted partners). If a postal service in Europe goes on strike, BGP quickly withdraws those routes and recalculates alternatives. Just as postal services use AS numbers to identify themselves, BGP uses 16-bit (now 32-bit) AS numbers. The BGP table is the global directory of all reachable prefixes, and the best path selection ensures that your letter—or your data packet—takes the most reliable and policy-compliant path across the world.
What is BGP and Why Does It Exist?
BGP (Border Gateway Protocol) is an Exterior Gateway Protocol (EGP) used to exchange routing information between different Autonomous Systems (ASes). An AS is a collection of networks under a single administrative domain, identified by a unique 16-bit or 32-bit AS number. BGP's primary purpose is to provide loop-free path selection and policy-based routing across the internet. Unlike interior protocols (OSPF, EIGRP) that assume a single administrative control, BGP is designed for the internet, where each AS may have its own routing policies, business relationships, and security requirements.
BGP Path-Vector Mechanism
BGP is a path-vector protocol. Instead of using metrics like hop count or cost, BGP advertises the complete path (sequence of AS numbers) to a destination. This path is stored as the AS_PATH attribute. When a router receives a route, it examines the AS_PATH to detect loops—if its own AS number appears in the path, the route is discarded. This is fundamentally different from distance-vector or link-state protocols.
BGP Message Types
BGP uses four message types over TCP port 179:
OPEN: After TCP connection establishment, each side sends an OPEN message to negotiate capabilities, hold time, and BGP version. Default hold time is 90 seconds (Cisco) or 180 seconds (RFC). Keepalive interval is 1/3 of hold time.
KEEPALIVE: Sent periodically to maintain the session. Default interval is 30 seconds (if hold time is 90 seconds).
UPDATE: Advertises new routes or withdraws existing ones. Contains Network Layer Reachability Information (NLRI) and path attributes.
NOTIFICATION: Sent when an error occurs, causing session teardown.
BGP Neighbor States
BGP neighbor establishment goes through these states: 1. IDLE: Initial state; router refuses all incoming BGP connections. After a start event (e.g., neighbor configuration), it transitions to Connect. 2. CONNECT: Router waits for TCP connection to complete. If successful, sends OPEN and goes to OpenSent. If fails, goes to Active. 3. ACTIVE: Router retries TCP connection. If it succeeds, sends OPEN and goes to OpenSent. If it keeps failing, it cycles between Connect and Active. 4. OPENSENT: OPEN message sent, waiting for reply. If correct OPEN received, sends KEEPALIVE and goes to OpenConfirm. If error, sends NOTIFICATION and back to Idle. 5. OPENCONFIRM: Waiting for KEEPALIVE. If received, state becomes Established. If hold time expires, back to Idle. 6. ESTABLISHED: BGP session is up; UPDATE messages can be exchanged.
BGP Attributes and Path Selection
BGP uses attributes to select the best path. The order of preference (highest to lowest): 1. Highest Weight (Cisco proprietary, local to router) 2. Highest Local Preference (local to AS) 3. Prefer locally originated routes (network command, redistribution, aggregation) 4. Shortest AS_PATH 5. Lowest Origin type (IGP < EGP < incomplete) 6. Lowest MED (Multi-Exit Discriminator) 7. Prefer eBGP over iBGP 8. Lowest IGP metric to next-hop 9. If both are eBGP, lowest neighbor router ID
BGP Configuration on Cisco IOS
Basic eBGP configuration between two routers in different ASes:
R1 (AS 100):
router bgp 100
bgp router-id 1.1.1.1
neighbor 10.1.1.2 remote-as 200
!
address-family ipv4 unicast
network 192.168.1.0 mask 255.255.255.0
exit-address-familyR2 (AS 200):
router bgp 200
bgp router-id 2.2.2.2
neighbor 10.1.1.1 remote-as 100
!
address-family ipv4 unicast
network 172.16.1.0 mask 255.255.255.0
exit-address-familyVerification Commands
show ip bgp summary: Displays BGP neighbor states, prefixes received, memory usage.
show ip bgp: Shows the BGP table with all routes and attributes.
show ip bgp neighbors [neighbor-ip]: Detailed neighbor info, including state, timers, messages exchanged.
show ip route bgp: Shows BGP routes in the routing table.
Interaction with Other Protocols
BGP relies on an IGP (like OSPF or EIGRP) for next-hop reachability within the AS. For iBGP, all routers must be fully meshed (or use route reflectors) because iBGP does not advertise routes learned from one iBGP neighbor to another (split horizon). BGP also interacts with routing policies via prefix-lists, route-maps, and community attributes.
Configure BGP Router ID
The BGP router ID is a 32-bit value that uniquely identifies the BGP speaker. It is chosen as the highest IP address on a loopback interface, or the highest physical interface IP if no loopback is configured. It is recommended to set it manually using `bgp router-id x.x.x.x` under the BGP process. This prevents instability if interfaces go down. The router ID is used in the BGP OPEN message and for route selection when all other attributes are equal.
Define the BGP Process
Enter BGP configuration mode with `router bgp <local-as>`. The AS number must match your organization's assigned AS. For the CCNA, you will typically use private AS numbers (64512-65535) for lab or enterprise scenarios. This command creates the BGP process and sets the local AS number. All subsequent neighbor and network commands are entered under this process.
Specify BGP Neighbors
Use `neighbor <ip-address> remote-as <as-number>` to define a BGP peer. For eBGP, the remote AS must be different from the local AS. For iBGP, it must be the same. The neighbor IP is typically the directly connected interface IP or a loopback for iBGP. BGP forms a TCP connection to this IP on port 179. Ensure IP reachability (via a static route or IGP) before the session can establish.
Advertise Networks
To advertise a prefix into BGP, use `network <network> mask <mask>` under the BGP address-family. The network must exist in the routing table (e.g., via a connected interface, static route, or IGP). BGP does not automatically advertise all routes; you must explicitly define which prefixes to advertise. Alternatively, you can use `redistribute` to inject routes from other protocols, but this is less precise.
Verify BGP Session
Use `show ip bgp summary` to check if the neighbor state is Established. The output shows the neighbor IP, remote AS, prefixes received, and uptime. If the state is not Established, use `show ip bgp neighbors <ip>` to see detailed state information and error counters. Common issues: incorrect remote AS, IP unreachability, ACL blocking TCP 179, or mismatch in hold time.
Check BGP Table and Routing
Use `show ip bgp` to view all BGP routes and their attributes. The best path is marked with a '>'. Use `show ip route bgp` to see which BGP routes are installed in the routing table. If a route is not installed, check the next-hop reachability and the best path selection criteria. The `network` command may fail if the prefix is not in the routing table with an exact match.
In a typical enterprise network, BGP is used to connect to one or more Internet Service Providers (ISPs). For example, a company with a single ISP might use a default route from BGP, but for redundancy, they may have two ISPs. In that case, BGP allows the enterprise to influence inbound and outbound traffic using attributes like Local Preference and AS Path prepending. The network engineer configures BGP on the border routers, often using a loopback interface for stability, and applies route-maps to filter or modify attributes.
Another scenario is a multi-homed enterprise that advertises its public IP prefixes to both ISPs. The engineer must ensure that the prefixes are originated correctly and that the AS_PATH is not accidentally manipulated. BGP communities (e.g., NO_EXPORT) are used to control route propagation. Misconfiguration can lead to prefix hijacking or suboptimal routing. For instance, forgetting to configure the network command results in the ISP not advertising your prefixes, causing inbound traffic blackholing.
In large-scale networks, BGP scalability is managed through route reflectors and confederations, but for CCNA, you only need to understand basic eBGP. Performance considerations include memory usage (BGP table can contain hundreds of thousands of routes) and CPU load from processing updates. In production, engineers often filter unnecessary routes using prefix-lists and set soft-reconfiguration inbound to avoid full table downloads. The most common mistake is misconfiguring the AS number, which prevents the session from establishing.
The CCNA 200-301 exam objective 3.6 covers 'Configure and verify BGP for a given network scenario (single-homed enterprise).' You will NOT be tested on advanced topics like route reflectors, confederations, or full internet BGP tables. Focus on basic eBGP configuration, neighbor states, and verification.
Common wrong answers on the exam:
1. Confusing eBGP and iBGP: Candidates often forget that eBGP requires different AS numbers, and iBGP requires the same AS. The exam may show a neighbor statement with the same AS and ask if it's correct.
2. Assuming BGP automatically redistributes all routes: The network command is required, and the prefix must be in the routing table.
3. Misidentifying BGP states: The exam may present a show ip bgp summary output with a state like 'Active' and ask what it means. Candidates often think 'Active' is normal, but it indicates a problem.
4. Confusing BGP attributes: For example, thinking Weight and Local Preference are the same. Weight is Cisco proprietary and only local to the router; Local Preference is propagated within the AS.
Specific values to memorize: Default hold time is 90 seconds (Cisco), keepalive 30 seconds. BGP uses TCP port 179. The BGP router ID is the highest loopback IP. The AS_PATH attribute prevents loops.
For scenario questions, use elimination: If the question asks about influencing outbound traffic, think Local Preference. For inbound traffic, think MED or AS Path prepending. If the question involves a single-homed network, you likely need a default route from BGP.
BGP is a path-vector protocol that uses TCP port 179.
eBGP requires different AS numbers; iBGP uses the same AS.
Default hold time is 90 seconds (Cisco), keepalive 30 seconds.
BGP states: Idle, Connect, Active, OpenSent, OpenConfirm, Established.
The network command must match a route in the routing table exactly.
show ip bgp summary and show ip bgp are key verification commands.
BGP router ID is the highest loopback IP, or highest physical IP.
These come up on the exam all the time. Here's how to tell them apart.
eBGP
Different AS numbers between peers
Default administrative distance: 20
TTL set to 1 by default (can be changed)
Routes advertised to all eBGP neighbors
Typically used between ASes
iBGP
Same AS number between peers
Default administrative distance: 200
TTL not modified (uses IGP reachability)
Split horizon: does not advertise iBGP learned routes to other iBGP peers
Used within the same AS
Mistake
BGP automatically advertises all connected routes.
Correct
BGP only advertises prefixes explicitly configured with the network command or redistributed. The network command requires an exact match in the routing table.
Candidates confuse BGP with IGPs like OSPF, which do automatically advertise connected interfaces.
Mistake
BGP uses UDP for neighbor discovery.
Correct
BGP uses TCP port 179 for reliable transport. Neighbors must be manually configured; there is no automatic discovery.
Many protocols (OSPF, EIGRP) use IP or UDP, so candidates assume BGP does too.
Mistake
The Active state is a normal, stable BGP state.
Correct
Active indicates that the router is actively trying to establish a TCP connection but has not succeeded. It is a transient state; persistent Active means a problem.
The word 'Active' sounds positive, but in BGP it signals a connection attempt.
Mistake
iBGP routes are automatically advertised to all iBGP neighbors.
Correct
iBGP has a split-horizon rule: routes learned from an iBGP neighbor are not advertised to another iBGP neighbor. Full mesh or route reflectors are required.
Candidates assume iBGP works like eBGP, where routes are passed to all peers.
Reveal each answer, then mark whether you got it right. Score 60%+ to unlock the next chapter.
eBGP runs between routers in different Autonomous Systems (ASes) and has an administrative distance of 20. iBGP runs within the same AS and has an AD of 200. eBGP peers must have different AS numbers; iBGP peers share the same AS. eBGP uses a TTL of 1 by default, while iBGP relies on IGP reachability. iBGP has a split-horizon rule that prevents advertising routes learned from one iBGP neighbor to another, requiring full mesh or route reflectors. For the CCNA, focus on eBGP configuration.
Use the 'network' command under the BGP address-family. The syntax is 'network <network> mask <subnet-mask>'. The network must exist in the routing table exactly as specified. For example, if you have a connected route for 192.168.1.0/24, you can advertise it with 'network 192.168.1.0 mask 255.255.255.0'. BGP does not automatically advertise all routes; you must explicitly define them. Alternatively, you can use redistribution, but the network command is more precise.
Active means the router is actively trying to initiate a TCP connection to the neighbor but has not succeeded. It indicates that the previous attempt (in Connect state) failed. Persistent Active state usually points to a problem: the neighbor IP is unreachable, an ACL blocks TCP port 179, or the remote AS is misconfigured. Check 'show ip bgp neighbors' for details. Active is not a stable state; the goal is to reach Established.
BGP uses the AS_PATH attribute. When a BGP router receives an UPDATE, it examines the AS_PATH. If its own AS number appears in the path, the route is rejected because it would create a loop. This is the path-vector mechanism. Unlike distance-vector protocols that use hop count, BGP ensures loop-free paths by tracking the sequence of ASes a route has traversed.
The BGP router ID is a 32-bit number that uniquely identifies a BGP speaker. It is used in the OPEN message and for route selection when all other attributes are equal. Cisco routers choose the highest IP address on a loopback interface, or if no loopback exists, the highest IP on a physical interface. It is recommended to set it manually with 'bgp router-id x.x.x.x' to avoid changes if interfaces go down.
Yes, but only if the BGP next-hop is directly connected. For eBGP, the neighbor is typically directly connected, so no IGP is needed. For iBGP, you need an IGP (or static routes) to provide reachability to the next-hop IPs of iBGP learned routes, because iBGP does not change the next-hop attribute. Without an IGP, the router will not have a route to the next-hop, and the BGP route will not be installed in the routing table.
The keepalive timer ensures that the BGP session remains alive by sending periodic KEEPALIVE messages. The default keepalive interval is 30 seconds (one-third of the hold time, which defaults to 90 seconds on Cisco). If no KEEPALIVE or UPDATE is received within the hold time, the session is torn down. The hold time is negotiated during the OPEN exchange; the smaller of the two values is used.
You've just covered BGP Basics for CCNA — now see how well it sticks with free CCNA 200-301 practice questions. Full explanations included, no account needed.
Done with this chapter?