31
edits
Changes
Created page with "<p style="color:red">The information on this page is updated in accordance with the [https://wiki.teltonika-networks.com/view/FW_%26_SDK_Downloads'''00.07.06.10'''] firmware v..."
<p style="color:red">The information on this page is updated in accordance with the [https://wiki.teltonika-networks.com/view/FW_%26_SDK_Downloads'''00.07.06.10'''] firmware version .</p>
=Introduction=
BGP, or Border Gateway Protocol, is a fundamental routing protocol used in large-scale networks, particularly the internet, to exchange routing and reachability information among autonomous systems (ASes). This article provides a guide on how to configure iBGP or internal Border Gateway routing which uses one autonomous system on our two routers.
=Configuration overview and prerequisites=
'''Prerequisites''':
* Routers must be connected through WAN-WAN connection
* At least two end devices (PCs, Laptops) to configure the routers and test the set up
* Both routers must be on <b>"Advanced mode"</b>
[[File:Networking rutos manual webui basic advanced mode 75.gif|none|border|center|class=tlt-border]]
==Topology==
[[File:IBGP topology.png|border|center|class=tlt-border]]
=iBGP Configuration=
==RUT1 BGP Configuration==
Navigate to <b>Network -> Routing -> Dynamic routes -> BGP</b>.
Enable <b>"BGP - Global Settings"</b> and <b>"vty"</b>.
[[File:BGP enable.png|none|border|left|class=tlt-border|800x800px]]
On <b>BGP Instance</b> tab configure it like this:
[[File:BGP routing instance.png|none|border|left|class=tlt-border|800x800px]]
 1. <b>Enable</b> - on
 2. <b>AS</b> - 65000 (it must be the same on both routers)
 3. <b>BGP router ID</b> - 10.10.10.10 (RUT1 WAN IP)
 4. <b>Network</b> - 192.168.1.0/24 (RUT1 LAN subnet)
 5. <b>Redistribution options</b> - Connected routes
Go to <b>BGP peers</b> tab and add new instance. For <b>Name</b> write any name you desire and press <b>Add</b>.
[[File:BGP peers v1.png|none|border|left|class=tlt-border|1100x1100px]]
On popped up window select these options:
[[File:BGP peer config v1.png|none|border|left|class=tlt-border|800x800px]]
 1. <b>Enable</b> - on
 2. <b>AS</b> - 65000 (it must be the same on both routers)
 3. <b>Remote address</b> - 10.10.10.20 (RUT2 WAN IP)
==RUT2 BGP Configuration==
For RUT2, the configuration is very similar, all we need to do is just change the <b>BGP router ID</b> to <b>10.10.10.20</b>, <b>Network</b> to <b>192.168.2.0/24</b> on the <b>BGP Instance</b>, and the <b>Remote address</b> to <b>10.10.10.10</b> on the <b>Peer Configuration</b>.
<b>BGP Instance</b> should look like this:
[[File:BGP instance RUT2.png|none|border|left|class=tlt-border|900x900px]]
And <b>Peer Configuration</b> like this:
[[File:RUT2 BGP peer.png|none|border|left|class=tlt-border|900x900px]]
==Firewall Zones==
Now we can reach only routers by them self to reach their whole network we need to edit Firewalls <b>WAN</b> Zone to add <b>lan</b> on <b>forward to destination zones</b> field.
On both routers navigate to <b>Network -> Firewall -> General Settings -> Zones</b> and press edit on <b>wan</b> zone.
[[File:BGP Firewall edit.png|none|border|left|class=tlt-border|1100x1100px]]
On popped up window add <b>lan</b> on <b>Allow forward to destination zones</b> field and press
[[File:BGP Firewall WAN zone .png|none|border|left|class=tlt-border|900x900px]]
=Testing the setup=
If you have followed the steps correctly, the configuration should be complete. Here are the results you can expect to receive:
PC1 to PC2:
Pinging 192.168.2.10 from 192.168.1.10 with 32 bytes of data:
Reply from 192.168.2.10: bytes=32 time=3ms TTL=62
Reply from 192.168.2.10: bytes=32 time=5ms TTL=62
Reply from 192.168.2.10: bytes=32 time=5ms TTL=62
Reply from 192.168.2.10: bytes=32 time=3ms TTL=62
PC2 to PC1:
Pinging 192.168.1.10 from 192.168.2.10 with 32 bytes of data:
Reply from 192.168.1.10: bytes=32 time=9ms TTL=124
Reply from 192.168.1.10: bytes=32 time=3ms TTL=124
Reply from 192.168.1.10: bytes=32 time=5ms TTL=124
Reply from 192.168.1.10: bytes=32 time=5ms TTL=124
=See also=
<ul>
<li>[[Routing]]</li>
<li>[[Firewall traffic rules]]</li>
</ul>
=External links=
https://frrouting.org/ - additional information about FRRouting that our device routing is based on.
=Introduction=
BGP, or Border Gateway Protocol, is a fundamental routing protocol used in large-scale networks, particularly the internet, to exchange routing and reachability information among autonomous systems (ASes). This article provides a guide on how to configure iBGP or internal Border Gateway routing which uses one autonomous system on our two routers.
=Configuration overview and prerequisites=
'''Prerequisites''':
* Routers must be connected through WAN-WAN connection
* At least two end devices (PCs, Laptops) to configure the routers and test the set up
* Both routers must be on <b>"Advanced mode"</b>
[[File:Networking rutos manual webui basic advanced mode 75.gif|none|border|center|class=tlt-border]]
==Topology==
[[File:IBGP topology.png|border|center|class=tlt-border]]
=iBGP Configuration=
==RUT1 BGP Configuration==
Navigate to <b>Network -> Routing -> Dynamic routes -> BGP</b>.
Enable <b>"BGP - Global Settings"</b> and <b>"vty"</b>.
[[File:BGP enable.png|none|border|left|class=tlt-border|800x800px]]
On <b>BGP Instance</b> tab configure it like this:
[[File:BGP routing instance.png|none|border|left|class=tlt-border|800x800px]]
 1. <b>Enable</b> - on
 2. <b>AS</b> - 65000 (it must be the same on both routers)
 3. <b>BGP router ID</b> - 10.10.10.10 (RUT1 WAN IP)
 4. <b>Network</b> - 192.168.1.0/24 (RUT1 LAN subnet)
 5. <b>Redistribution options</b> - Connected routes
Go to <b>BGP peers</b> tab and add new instance. For <b>Name</b> write any name you desire and press <b>Add</b>.
[[File:BGP peers v1.png|none|border|left|class=tlt-border|1100x1100px]]
On popped up window select these options:
[[File:BGP peer config v1.png|none|border|left|class=tlt-border|800x800px]]
 1. <b>Enable</b> - on
 2. <b>AS</b> - 65000 (it must be the same on both routers)
 3. <b>Remote address</b> - 10.10.10.20 (RUT2 WAN IP)
==RUT2 BGP Configuration==
For RUT2, the configuration is very similar, all we need to do is just change the <b>BGP router ID</b> to <b>10.10.10.20</b>, <b>Network</b> to <b>192.168.2.0/24</b> on the <b>BGP Instance</b>, and the <b>Remote address</b> to <b>10.10.10.10</b> on the <b>Peer Configuration</b>.
<b>BGP Instance</b> should look like this:
[[File:BGP instance RUT2.png|none|border|left|class=tlt-border|900x900px]]
And <b>Peer Configuration</b> like this:
[[File:RUT2 BGP peer.png|none|border|left|class=tlt-border|900x900px]]
==Firewall Zones==
Now we can reach only routers by them self to reach their whole network we need to edit Firewalls <b>WAN</b> Zone to add <b>lan</b> on <b>forward to destination zones</b> field.
On both routers navigate to <b>Network -> Firewall -> General Settings -> Zones</b> and press edit on <b>wan</b> zone.
[[File:BGP Firewall edit.png|none|border|left|class=tlt-border|1100x1100px]]
On popped up window add <b>lan</b> on <b>Allow forward to destination zones</b> field and press
[[File:BGP Firewall WAN zone .png|none|border|left|class=tlt-border|900x900px]]
=Testing the setup=
If you have followed the steps correctly, the configuration should be complete. Here are the results you can expect to receive:
PC1 to PC2:
Pinging 192.168.2.10 from 192.168.1.10 with 32 bytes of data:
Reply from 192.168.2.10: bytes=32 time=3ms TTL=62
Reply from 192.168.2.10: bytes=32 time=5ms TTL=62
Reply from 192.168.2.10: bytes=32 time=5ms TTL=62
Reply from 192.168.2.10: bytes=32 time=3ms TTL=62
PC2 to PC1:
Pinging 192.168.1.10 from 192.168.2.10 with 32 bytes of data:
Reply from 192.168.1.10: bytes=32 time=9ms TTL=124
Reply from 192.168.1.10: bytes=32 time=3ms TTL=124
Reply from 192.168.1.10: bytes=32 time=5ms TTL=124
Reply from 192.168.1.10: bytes=32 time=5ms TTL=124
=See also=
<ul>
<li>[[Routing]]</li>
<li>[[Firewall traffic rules]]</li>
</ul>
=External links=
https://frrouting.org/ - additional information about FRRouting that our device routing is based on.
