BGP Dynamic Neighbors are a way to bring up BGP neighbors without specifically defining the neighbors remote IP address.
Using the BGP Listen Range command you specify a range of IP addresses typically on your Hub site (maybe in a DMVPN environment) that you trust to become BGP neigbors with you.
When a TCP request on port 179 is received from one of those trusted IP’s a new BGP neighor is dynamically created.
That is about it in a nutshell, if you want Cisco explaining all the details you can go here.
If you want to see a simple lab demonstrating this concept then keep reading.
We will use two routers, R1 will be the HQ site with R2 being remote site.
I will configure the BGP Listen Command to include R2’s address and you should see that the BGP dynamic neighbor is created for R2.
IP addressing is 172.16.1.1 for the HQ router and 172.16.1.2 for the remote site.
BGP Listen Range Command – Lab
Ok so the config on R1 is very simple
So lets step through the config line by line
router bgp 6500
Simply the BGP process number
bgp listen range 172.16.1.0/24 peer-group DYNAMIC
This says R1 is going to listen for any BGP neighbors wanting to become peers but only from the range 172.16.1.0/24 and if it hears any it will dynamically create a neighbor and put them in the peer group DYNAMIC
neighbor DYNAMIC peer-group
This creates the peer-group called DYNAMIC
neighbor DYNAMIC remote-as 65000
All neighbors in peer group DYNAMIC will be put in AS 65000
So does it work?
Currently there are no bgp neighbors as can be seen with the sh ip bgp summary command. But as you can see there is a bit more in this output showing that the router is listening on the range 172.16.1.0/24 for BGP neighbors
Lets hop over to R2 and configure a peering to R1
R2#sh run | sec router bgp
router bgp 65000
neighbor 172.16.1.1 remote-as 65000
The BGP neighbor soon comes up
Lets go back to R1 to see what the sh ip bgp summary looks like
There is a lot more output here than you would normally see. But you can see it works and is a great way to dynamically bring up BGP neighbors.
In my output it is showing total dynamically created neighbors 1/100 max. This can be tuned to up to 5000 with the following command
bgp listen limit 5000
Now you can see we can listen for a max of 5000 neighbors, this is a nice feature if you deploying this for a DMVPN and you know you only have 25 sites you can limit the bgp listen limit to only allow 25 neighbors.
If you have more subnets you want to allow or multiple internet addresses you just keep adding lines to the bgp listen command. Below I am listening on two subnets, this can also be tuned for specific hosts using /32 as the mask
So there an easy way to create dynamic neighbors in BGP.