BGP Multi-Exit Discriminator

Multi-Exit Discriminator (MED) is also known as the metric of BGP - it is labeled metric in the show ip bgp output. It is an optional nontransitive BGP Path Attribute (PA), meaning that it is optionally supported in the various BGP deployments and it is not not advertised outside the AS it is sent to. A lower MED is preferred over a higher one. Cisco defaults to a MED value of 0 - so by default it is set to the most preferred value.

Now, what the MED allows you to do is this: tell a neighboring AS, which external path is the best for certain prefixes.

For the example I will use the below topology with AS 123 connecting to AS 45.

BGP MED topology

The networks 40.0.0.0 /8 and 50.0.0.0 /8 are advertised by both R4 and R5 to their eBGP neighbors in AS 123. What MED can do is tell the routers in AS 123 to prefer one path over the other. In this example we want R4 to be the preferred path for network 40.0.0.0 /8 and R5 for network 50.0.0.0 /8.

This could possibly be a scenario with an enterprise connecting redundantly to the same ISP. The ISP then exchanges the reachability information with a MED value to have the customer prefer R4 for the networks 40.0.0.0 /8 and R5 for the networks 50.0.0.0 /8.

Below is the pertinent configuration on R4.

R4#show running-config | section router bgp
router bgp 45
 bgp router-id 4.4.4.4
 bgp log-neighbor-changes
 network 40.0.0.0
 network 50.0.0.0
 neighbor PGROUP peer-group
 neighbor PGROUP remote-as 45
 neighbor PGROUP update-source Loopback0
 neighbor 5.5.5.5 peer-group PGROUP
 neighbor 140.1.14.1 remote-as 123
 neighbor 140.1.14.1 route-map RMAP_SET_MED out
R4#show running-config | section route-map
<output omitted>
route-map RMAP_SET_MED permit 10
 match ip address prefix-list PFX_40
 set metric 50
route-map RMAP_SET_MED permit 20
 match ip address prefix-list PFX_50
 set metric 100
route-map RMAP_SET_MED permit 99

And below is the configuration done on R5 - almost identical except for the peerings and route-map configuration.

R5#show running-config | section router bgp
router bgp 45
 bgp router-id 5.5.5.5
 bgp log-neighbor-changes
 network 40.0.0.0
 network 50.0.0.0
 neighbor PGROUP peer-group
 neighbor PGROUP remote-as 45
 neighbor PGROUP update-source Loopback0
 neighbor 4.4.4.4 peer-group PGROUP
 neighbor 140.1.25.2 remote-as 123
 neighbor 140.1.25.2 route-map RMAP_SET_MED out
R5#show run
R5#show running-config | section route-map
<output omitted>
route-map RMAP_SET_MED permit 10
 match ip address prefix-list PFX_40
 set metric 100
route-map RMAP_SET_MED permit 20
 match ip address prefix-list PFX_50
 set metric 50
route-map RMAP_SET_MED permit 99

 The route-map is configured to match on the given networks and set the metric (MED). The route-map is then configured on the eBGP peer in the outbound direction.

The result can be seen on R3.

R3#show ip bgp | begin Network
     Network          Next Hop            Metric LocPrf Weight Path
 *>i 40.0.0.0         140.1.14.4              50    100                0 45 i
 *>i 50.0.0.0         140.1.25.5              50    100                0 45 i
 *>  90.0.0.0         0.0.0.0                      0                       32768 i
 *>  91.0.0.0         0.0.0.0                      0                       32768 i

The routes entered into R3s BGP table both have a metric of 50, but what about the networks that should be marked with 100 - well, R1 and R2 aren't advertising those routes because they are not best routes. The result here is that R3 will send packets destined for 40.0.0.0 /8 to router R1 and packets destined for 50.0.0.0 /8 to R2.

This is the BGP table on R1 and R2.

R1#show ip bgp | begin Network
     Network          Next Hop            Metric LocPrf Weight Path
 *>  40.0.0.0         140.1.14.4               50                         0 45 i
 *>i 50.0.0.0         140.1.25.5               50    100               0 45 i
 *                          140.1.14.4             100                         0 45 i
 *>i 90.0.0.0         3.3.3.3                       0    100               0 i
 *>i 91.0.0.0         3.3.3.3                       0    100               0 i
R2#show ip bgp | begin Network
     Network          Next Hop            Metric LocPrf Weight Path
 *>i 40.0.0.0         140.1.14.4              50    100                0 45 i
 *                          140.1.25.5             100                         0 45 i
 *>  50.0.0.0         140.1.25.5              50                          0 45 i
 *>i 90.0.0.0         3.3.3.3                      0    100                0 i
 *>i 91.0.0.0         3.3.3.3                      0    100                0 i

Both R1 and R2 have a single route in their BGP tables with a metric of 100 - this is the route advertised from the eBGP neighbor. It is not selected as best and is therefore not advertised to their iBGP neighbors and so they only have one.

Some good reading from Cisco, including a description of the bgp deterministic-med and bgp always-compare-med features, can be found here: http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13759-37.html