Post on 03-Aug-2020
DD2491, p1 2008
Inter-domain routing and BGP
BGP in JunOS
Olof Hagsand KTH/CSC
DD2491 p1 2008
DD2491, p1 2008
JunOS Routing modelNeighbours
Protocols
Neighbours
Protocols
RIB
FIB
ExportImport
Note: Export policies may be applied only to active routes!
Protocol Default import action Default export action
direct and static accept all N/A
RIP accept all RIP routes reject all
BGP accept all BGP routes export all active BGP routes
IS-IS accept all IS-IS routes reject all (IS-IS uses LSAs)
OSPF accept all OSPF routes reject all (OSPF uses LSAs)
MPLS accept all MPLS routes export all active MPLS routes
DD2491, p1 2008
BGP Routing Process Model
• Pool of routes received from peers
• Import policy for filtering and attribute manipulation
• Decision process to select best routes
• Pool of routes used by router
• Export policy for filtering and attribute manipulation
• Pool of routes that the router advertises
Peer
importpolicy
decisionprocess
RIBRIB exportpolicy
Peer
Peer Peer
DD2491, p1 2008
BGP Routing Information Bases (BGP RIBs)CISCO version
AdjRIBIn
AdjRIBIn
AdjRIBIn
AdjRIBIn
BGPdecisionprocess
LocRIB
AdjRIBOut
AdjRIBOut
AdjRIBOut
AdjRIBOut
Input Policy Engine Output Policy Engine
© 2001 Cisco Press
DD2491, p1 2008
BGP RIBs
BGP routing table consists of three parts
• Adj-RIB-In
– One per peer BGP speaker
– Stores routing information learned from peer
– Filtered/manipulated input policy engine
• Loc-RIB
– Selected best routes by decision process to each available destination
• Adj-RIB-Out
– One per peer BGP speaker
– Stores routing information selected for advertisement to peer
– Output policy applied to Loc-RIB before going into Adj-RIB-Out
– This is redistributed if REFRESH capability is used
DD2491, p1 2008
Import/Export Policy
• Import policy
– Affects routes received from peer BGP speakers
– Filtering based on IP prefixes, AS_PATH and other BGP attributes
– Manipulates path attributes to influence its own decision process
• Export policy
– Affects routes in Loc-RIB (candidates for advertisement)
• In JunoS: only active BGP routes
– Differentiates between internal and external peers
DD2491, p1 2008
BGP example policies
AS1
importpolicy
decisionprocess
RIBRIB exportpolicy
AS3
AS2 AS4
10.0.0.0/240/0
10.0.0.0/2410.2.0.0/240/0
•Deny 0/0 from AS1•Give 10.0.0.0/24 from AS1 better pref
•Use 10.0.0.0/24 from AS1•Use 0/0 and 10.2.0.0/24 from AS2
•Do not propagate 0/0•Do not announce 10.2.0.0/24 to AS3•Give 10.0.0.0/24 metric 10 toward AS4
10.0.0.0/24
10.0.0.0/2410.2.0.0/24
0/0 AS2 BGP10.0.0.0/24 AS1 BGP
10.2.0.0/24 AS2 BGP
DD2491, p1 2008
Configuring BGP in JunOS
• Many configurations can be made on global, group and peer level.
• More specific is preferred (peer before group before global)
protocol bgp {
mtu-discovery Global properties
group external-peers {
type external; Group properties
peer-as 42;
neighbor 192.168.200.13;
neighbor 192.168.200.14;
neighbor 192.168.200.14{
peer-as 93; Peer properties
}
}
}
See: http://www.juniper.net/techpubs/software/junos/junos90/
DD2491, p1 2008
BGP commands in JunOS (1) advertiseinactive Advertise inactive routes
advertisepeeras Advertise routes received from the same autonomous
system
authenticationalgorithm Authentication algorithm name
authenticationkey MD5 authentication key
authenticationkeychain Key chain name
cluster Cluster identifier
damping Enable route flap damping
description Text description
disable Disable BGP
+ export Export policy
> family Protocol family for NLRIs in updates
> gracefulrestart BGP graceful restart options
> group Define a peer group
holdtime Hold time used when negotiating with a peer
+ import Import policy
includempnexthop Include NEXTHOP attribute in multiprotocol updates
ipsecsa IPSec SA name
keep How to retain routes in the routing table
DD2491, p1 2008
BGP commands in JunOS (2)
localaddress Address of local end of BGP session
> localas Local autonomous system number
localpreference Value of LOCAL_PREF path attribute
logupdown Log a message for peer state transitions
> metricout Route metric sent in MED
mtudiscovery Enable TCP path MTU discovery
> multihop Configure an EBGP multihop session
noadvertisepeeras Don't advertise routes received from the same
autonomous system
noaggregatorid Set router ID in aggregator path attribute to 0
outdelay How long before exporting routes from routing table
passive Do not send open messages to a peer
> pathselection Configure path selection strategy
peeras Peer autonomous system number (1..65535)
preference Preference value
removeprivate Remove wellknown private AS numbers
tcpmss Maximum TCP segment size (1..4096)
> traceoptions Trace options for BGP
DD2491, p1 2008
Routing policy: syntax and flow
• Changing the default routing policy
• Syntax:
policy-options {
policy-statement name {
term term-name {
from {
match;
}
then {
action;
}
}
}
}term1 term2
defaultpolicy
term3
term1 term2 term3
Policy 1
Policy 2
term
accept
reject
nextroute
DD2491, p1 2008
Applying policies
• Export policy evaluation order: p4->p2->p0
• If verdict (accept, reject) policy chain is terminated
• Side-effects may still apply
protocol bgp {
export p0; Global properties
import p1;
group external-peers {
type external; Group properties
export p2;
import p3;
neighbor 192.168.200.14{
export p4; Peer properties
import p5;
}
}
}
DD2491, p1 2008
Policy-options statements
• as-path name reg-exp
– Create a named AS-PATH regular expression
– Example: as-path asp0 “65000{4}”
• as-path-group { [as-path] }
• community name members [ ids ]
– Example: community c0 members 701:555
• damping name [options]
• policy-statement
• prefix-list name { ip-addresses }
– Create a named list of prefixes
– Example: prefix-list p0 {10.0.0.1; 192.168.1.0/24;}
# set policy-options ?
DD2491, p1 2008
Policy-statement matches
– aspath– community– family– localpreference– metric– neighbor– nexthop– origin– preference– prefixlist– protocol– routefilter– ...
# set policy-options policy-statement <name> term <name> from ?
DD2491, p1 2008
Policy-statement actions
• accept
• reject
• next policy
• next term
• trace
Sideeffects with accept:– as-path-prepend– community– color– external– load-balance per-packet– local-preference– metric– next-hop– origin– preference
# set policy-options policy-statement <name> term <name> then ?
DD2491, p1 2008
Lab overview
RTX3
RTX2
RTX1
RTX4
Tier1
ASX ASX+1
10.X.8.0/2410.X.9.0/2410.X.10.0/2410.X.11.0/24
AS65500
0/0/0 0/0/0
0/0/0
1/0/1
1/0/1
1/0/1
1/0/1 1/0/0
1/0/0
1/0/0
1/0/0
172.16.10X.0/30
172.16.X+1.0/30
172.16.X.0/30
.1
.1.1 .2 .2
.2
ASX1