cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
756
Views
5
Helpful
4
Replies

Question about BGP peer-group password on each router

hfakoor222
Spotlight
Spotlight

Doing a lab where there's a central router wehre the BGP peer-groups are defined with a password below, however the lab doesn't specify BGP peer-group commands or passwords on the 3 non-core routers.

 

How would I add the passwords in there?

 

router bgp X0

!
address-family ipv4
neighbor ibgp-partial peer-group
neighbor ibgp-partial description Local Routes only
neighbor ibgp-partial remote-as X0
neighbor ibgp-partial update-source loopback0
neighbor ibgp-partial next-hop-self
neighbor ibgp-partial password BGPlab
neighbor ibgp-partial send-community
neighbor ibgp-partial route-reflector-client
neighbor ibgp-partial filter-list 10 out
!

and then for IPv6 (noting that the AS-PATH filter can be used in both IPv4 and IPv6 peer-groups):

router bgp X0
!
address-family ipv6
neighbor ibgpv6-partial peer-group
neighbor ibgpv6-partial description Local Routes only
neighbor ibgpv6-partial remote-as X0
neighbor ibgpv6-partial update-source loopback0
neighbor ibgpv6-partial next-hop-self
neighbor ibgpv6-partial password BGPlab
neighbor ibgpv6-partial send-community
neighbor ibgpv6-partial route-reflector-client
neighbor ibgpv6-partial filter-list 10 out

 

 

So above is core router

 

Now it is giving me a

'No MD5 digest  from..'

message because i do not have a pass defined on the other routers

 

how do i add it to them

 

 

for example would this work for the ipv4?

 

 

 

router bgp X0
address-family ipv4
neighbor ibgp-partial peer-group
neighbor ibgp-partial remote-as X0
neighbor ibgp-partial password BGPlab

 

Thank you

 

 

 

Oh yeas,  

 

and what's the significance if I do not include a password in peer-groups

1 Accepted Solution

Accepted Solutions

Hi

 The document you used as refereence mixed up two differents subjects and made it confuse. Router reflector and peer group are different things. 

 if you want to use password, you can use the same command in all router. 

You can see that the relationship is based on the neighbor peer group and there is no central router. 

 

Another way to configure

device# configure terminal
device(config)# router bgp
device(config-bgp-router)# local-as 1000
device(config-bgp-router)# neighbor mypeergroup1 peer-group
device(config-bgp-router)# neighbor mypeergroup1 remote-as 11
device(config-bgp-router)# neighbor 10.2.2.2 peer-group mypeergroup1
device(config-bgp-router)# neighbor 10.3.3.3 peer-group mypeergroup1

 

 

View solution in original post

4 Replies 4

Hi

 The document you used as refereence mixed up two differents subjects and made it confuse. Router reflector and peer group are different things. 

 if you want to use password, you can use the same command in all router. 

You can see that the relationship is based on the neighbor peer group and there is no central router. 

 

Another way to configure

device# configure terminal
device(config)# router bgp
device(config-bgp-router)# local-as 1000
device(config-bgp-router)# neighbor mypeergroup1 peer-group
device(config-bgp-router)# neighbor mypeergroup1 remote-as 11
device(config-bgp-router)# neighbor 10.2.2.2 peer-group mypeergroup1
device(config-bgp-router)# neighbor 10.3.3.3 peer-group mypeergroup1

 

 

hfakoor222
Spotlight
Spotlight

The lab actually did add a password on the non core router, it was so obscure and defined on only 1 peer group, while the central router had a pass defined on 3 different peer-groups, however I believe doing it this way by defining the pass on the other routers under a single peer group should work.

are you finish this task or not ? do you success in auth with peer-group? please inform me, if you success share final config?

you can call me old still but I need some time to digest the info., 
you mention about auth in Peer-group and how we can assign password 

so immediately I put this LAB in my ToDoList LAB, and Now I finish LAB, 
here 
R1,R2,R3

R1 config with peer-group for R2 & R3
peer-group have password MHM
BUT
peer R3 have different password MHM2

config R2 with password MHM 

config R3 with password MHM2 

and It WORK, 
so as result the neighbor x.x.x.x password is override the peer-group password.

just would you and all other read this post about this case.