Bgp (1)
-
Upload
vamsidhar-naidu -
Category
Technology
-
view
152 -
download
1
Transcript of Bgp (1)
![Page 1: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/1.jpg)
Border Gateway Protocol (BGP4)
![Page 2: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/2.jpg)
Border Gateway Protocol (BGP)
• Routing/Forwarding basics• Building blocks• Exercises• BGP protocol basics• Exercises• BGP path attributes• Best path computation• Exercises
![Page 3: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/3.jpg)
Border Gateway Protocol (BGP)...
• Typical BGP topologies• Routing Policy• Exercises• Redundancy/Load sharing• Best current practices
![Page 4: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/4.jpg)
Routing/ForwardingBasics
![Page 5: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/5.jpg)
IP route lookup:Longest match routing
R2
R3
R1 R4
All 10/8 except10.1/16
10.1/16
Packet: DestinationIP address: 10.1.1.1
10/8 -> R310.1/16 -> R420/8 -> R530/8 -> R6…..
R2’s IP routing table
![Page 6: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/6.jpg)
IP route lookup: Longest match routing
R2
R3
R1 R4
All 10/8 except10.1/16
10.1/16
10/8 -> R310.1/16 -> R420/8 -> R5
…..
R2’s IP routing table
10.1.1.1 & FF.0.0.0 is equal to10.0.0.0 & FF.0.0.0
Match!
Packet: DestinationIP address: 10.1.1.1
![Page 7: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/7.jpg)
IP route lookup: Longest match routing
R2
R3
R1 R4
All 10/8 except10.1/16
10.1/16
10/8 -> R310.1/16 -> R420/8 -> R5
…..
R2’s IP routing table
10.1.1.1 & FF.FF.0.0 is equal to10.1.0.0 & FF.FF.0.0
Match as well!
Packet: DestinationIP address: 10.1.1.1
![Page 8: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/8.jpg)
IP route lookup: Longest match routing
R2
R3
R1 R4
All 10/8 except10.1/16
10.1/16
10/8 -> R310.1/16 -> R420/8 -> R5…..
R2’s IP routing table
10.1.1.1 & FF.0.0.0 is equal to20.0.0.0 & FF.0.0.0
Does not match!
Packet: DestinationIP address: 10.1.1.1
![Page 9: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/9.jpg)
IP route lookup: Longest match routing
R2
R3
R1 R4
All 10/8 except10.1/16
10.1/16
10/8 -> R310.1/16 -> R420/8 -> R5
…..
R2’s IP routing table
Packet: DestinationIP address: 10.1.1.1
Longest match, 16 bit netmask
![Page 10: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/10.jpg)
IP route lookup: Longest match routing
• default is 0.0.0.0/0
• can handle it using the normal longest match algorithm
• matches everything. Always the shortest match.
![Page 11: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/11.jpg)
Forwarding
• Uses the routing table built by routing protocols
• Performs the lookup to find next-hop and outgoing interface
• Switches the packet with new encapsulation as per the outgoing interface
![Page 12: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/12.jpg)
Building Blocks
• Autonomous System (AS)
• Types of Routes
• IGP/EGP
• DMZ
• Policy
• Egress
• Ingress
![Page 13: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/13.jpg)
Autonomous System (AS)
• Collection of networks with same policy• Single routing protocol• Usually under single administrative control• IGP to provide internal connectivity
AS 100
![Page 14: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/14.jpg)
Autonomous System(AS)...
• Identified by ‘AS number’• Public & Private AS numbers• Examples:
– Service provider– Multi-homed customers– Anyone needing policy discrimination
![Page 15: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/15.jpg)
Routing flow and packet flow
For networks in AS1 and AS2 to communicate: AS1 must announce routes to AS2
AS2 must accept routes from AS1
AS2 must announce routes to AS1
AS1 must accept routes from AS2
accept
announce
announceacceptAS 1 AS2
packet flow
packet flow
Routing flow
egress
ingress
![Page 16: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/16.jpg)
Egress Traffic
• Packets exiting the network
• Based on – Route availability (what others send you)– Route acceptance (what you accept from others)– Policy and tuning (what you do with routes from
others)– Peering and transit agreements
![Page 17: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/17.jpg)
Ingress Traffic• Packets entering your network
• Ingress traffic depends on:– What information you send and to who– Based on your addressing and ASes– Based on others’ policy (what they accept from
you and what they do with it)
![Page 18: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/18.jpg)
Types of Routes• Static Routes
– configured manually
• Connected Routes– created automatically when an interface is ‘up’
• Interior Routes– Routes within an AS
• Exterior Routes– Routes exterior to AS
![Page 19: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/19.jpg)
What Is an IGP?
• Interior Gateway Protocol• Within an Autonomous System• Carries information about internal prefixes• Examples—OSPF, ISIS, EIGRP…
![Page 20: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/20.jpg)
What Is an EGP?
• Exterior Gateway Protocol• Used to convey routing information between
ASes• De-coupled from the IGP• Current EGP is BGP4
![Page 21: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/21.jpg)
Why Do We Need an EGP?
• Scaling to large network– Hierarchy– Limit scope of failure
• Define administrative boundary• Policy
– Control reachability to prefixes
![Page 22: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/22.jpg)
• Interior– Automatic
discovery– Generally trust
your IGP routers– Routes go to all
IGP routers
• Exterior
Specifically configured peers
Connecting with outside networks
Set administrative boundaries
Interior vs. Exterior Routing Protocols
![Page 23: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/23.jpg)
Hierarchy of Routing Protocols
Local NAPFDDI
Other ISP’s
BGP4 BGP4/Static
BGP4 / OSPF
Customers
BGP4
![Page 24: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/24.jpg)
AS 100 AS 101
AS 102
DMZ Network
AA
BB
CC
DD
EE
• Shared network between ASes
Demilitarized Zone (DMZ)
![Page 25: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/25.jpg)
Addressing - ISP
• Need to reserve address space for its network.
• Need to allocate address blocks to its customers.
• Need to take “growth” into consideration
• Upstream link address is allocated by upstream provider
![Page 26: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/26.jpg)
BGP Basics
• Terminology
• Protocol Basics
• Messages
• General Operation
• Peering relationships (EBGP/IBGP)
• Originating routes
![Page 27: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/27.jpg)
Terminology
• Neighbor– Configured BGP peer
• NLRI/Prefix– NLRI - network layer reachability information– Reachability information for a IP address & mask
• Router-ID– Highest IP address configured on the router
• Route/Path– NLRI advertised by a neighbor
![Page 28: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/28.jpg)
Protocol Basics
• Routing protocol used between ASes
–if you aren’t connected to multiple ASes, you don’t need BGP :)
• Runs over TCP• Path vector protocol• Incremental update
AS 100 AS 101
AS 102
EE
BB DD
AA CC
Peering
![Page 29: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/29.jpg)
BGP Basics ...
• Each AS originates a set of NLRI
• NLRI is exchanged between BGP peers• Can have multiple paths for a given prefix• Picks the best path and installs in the IP
forwarding table• Policies applied (through attributes)
influences BGP path selection
![Page 30: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/30.jpg)
AS 100 AS 101
AS 102
AA CC
BGP speakers are called peers
BGP Peers
eBGP TCP/IP
Peer Connection
Peers in different AS’sare called External Peers
Note: eBGP Peers normally should be directly connected.
EE
BB DD220.220.8.0/24 220.220.16.0/24
220.220.32.0/24
![Page 31: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/31.jpg)
AS 100 AS 101
AA CC
BGP speakers are called peers
BGP Peers
iBGP TCP/IP
Peer Connection
Peers in the same ASare called Internal Peers
AS 102
EE
BB DD
Note: iBGP Peers don’t have to be directly connected.
220.220.8.0/24 220.220.16.0/24
220.220.32.0/24
![Page 32: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/32.jpg)
AS 100 AS 101
AA CC
BGP Peers
AS 102
DD220.220.8.0/24 220.220.16.0/24
220.220.32.0/24
EE
BB
BGP Peers exchange Update messages containing Network Layer Reachability Information (NLRI)
BGP Update
Messages
![Page 33: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/33.jpg)
Configuring BGP Peers
interface Serial 0ip address 222.222.10.2 255.255.255.252
router bgp 100 network 220.220.8.0 mask 255.255.255.0 neighbor 222.222.10.1 remote-as 101neighbor 222.222.10.1 remote-as 101
interface Serial 0ip address 222.222.10.1 255.255.255.252
router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 222.222.10.2 remote-as 100neighbor 222.222.10.2 remote-as 100
eBGP TCP Connection
• BGP Peering sessions are established using the BGP “neighbor” configuration command
222.222.10.0/30
BB CC DDAA
AS 100 AS 101
.2220.220.8.0/24 220.220.16.0/24.2 .1 .2 .1.1
– External (eBGP) is configured when AS numbers are different
![Page 34: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/34.jpg)
– Internal (iBGP) is configured when AS numbers are same
AS 100 AS 101
Configuring BGP Peers
222.222.10.0/30
.2
interface Serial 1ip address 220.220.16.2 255.255.255.252
router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 220.220.16.1 remote-as 101neighbor 220.220.16.1 remote-as 101
BB
interface Serial 1ip address 222.220.16.1 255.255.255.252
router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 220.220.16.2 remote-as 101neighbor 220.220.16.2 remote-as 101
CC
iBGP TCP Connection
• BGP Peering sessions are established using the BGP “neighbor” configuration command
DD220.220.8.0/24 220.220.16.0/24AA .2 .1 .2 .1.1
– External (eBGP) is configured when AS numbers are different
![Page 35: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/35.jpg)
Configuring BGP Peers
• Each iBGP speaker must peer with every other iBGP speaker in the AS
iBGP TCP/IP
Peer Connection
AS 100
AABB
CC
![Page 36: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/36.jpg)
Configuring BGP Peers
• Loopback interface are normally used aspeer connection end-points
AS 100215.10.7.1
215.10.7.2
215.10.7.3
AABB
CC
iBGP TCP/IP
Peer Connection
![Page 37: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/37.jpg)
iBGP TCP/IP
Peer Connection
Configuring BGP Peers
AS 100
AA
215.10.7.1215.10.7.2
215.10.7.3
CC
BB
interface loopback 0 ip address 215.10.7.1 255.255.255.255
router bgp 100 network 220.220.1.0 neighbor 215.10.7.2 remote-as 100 neighbor 215.10.7.2 update-source loopback0neighbor 215.10.7.2 update-source loopback0 neighbor 215.10.7.3 remote-as 100 neighbor 215.10.7.3 update-source loopback0neighbor 215.10.7.3 update-source loopback0
AA
![Page 38: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/38.jpg)
Configuring BGP Peers
AS 100
AA
215.10.7.1215.10.7.2
215.10.7.3
CC
AA
interface loopback 0 ip address 215.10.7.2 255.255.255.255
router bgp 100 network 220.220.5.0 neighbor 215.10.7.1 remote-as 100 neighbor 215.10.7.1 update-source loopback0neighbor 215.10.7.1 update-source loopback0 neighbor 215.10.7.3 remote-as 100 neighbor 215.10.7.3 update-source loopback0neighbor 215.10.7.3 update-source loopback0
BB
iBGP TCP/IP
Peer Connection
![Page 39: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/39.jpg)
Configuring BGP Peers
AS 100
AA
215.10.7.1215.10.7.2
215.10.7.3
AABB
interface loopback 0 ip address 215.10.7.3 255.255.255.255
router bgp 100 network 220.220.1.0 neighbor 215.10.7.1 remote-as 100 neighbor 215.10.7.1 update-source loopback0neighbor 215.10.7.1 update-source loopback0 neighbor 215.10.7.2 remote-as 100 neighbor 215.10.7.2 update-source loopback0neighbor 215.10.7.2 update-source loopback0
CC
iBGP TCP/IP
Peer Connection
![Page 40: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/40.jpg)
BGP Updates — NLRI
• Network Layer Reachability Information
• Used to advertise feasible routes
• Composed of:– Network Prefix– Mask Length
![Page 41: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/41.jpg)
BGP Updates — Attributes• Used to convey information associated with
NLRI– AS path– Next hop– Local preference– Multi-Exit Discriminator (MED)– Community– Origin – Aggregator
![Page 42: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/42.jpg)
• Sequence of ASes a route has traversed
• Loop detection
• Apply policy
AS 100
AS 300
AS 200
AS 500
AS 400
170.10.0.0/16 180.10.0.0/16
150.10.0.0/16
Network Path
180.10.0.0/16 300 200 100
170.10.0.0/16 300 200
150.10.0.0/16 300 400
Network Path180.10.0.0/16 300 200 100170.10.0.0/16 300 200
AS-Path Attribute
![Page 43: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/43.jpg)
160.10.0.0/16
150.10.0.0/16
192.10.1.0/30
.2
AS 100
AS 200
Network Next-Hop Path160.10.0.0/16 192.20.2.1 100
CC
Next Hop Attribute
.1
BGP Update
Messages
BB
AA
.1
.2
192.
20.2
.0/3
0
AS 300
EE
DD
• Next hop to reach a network
• Usually a local network is the next hop in eBGP session
140.10.0.0/16
![Page 44: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/44.jpg)
• Next hop to reach a network
• Usually a local network is the next
hop in eBGP session
160.10.0.0/16
150.10.0.0/16
192.10.1.0/30
.2
AS 100
AS 200CC
Next Hop Attribute
.1
BB
AA
.1
.2
192.
20.2
.0/3
0
BGP Update
Messages
EE
DD
• Next Hop updated betweeneBGP Peers
AS 300140.10.0.0/16
Network Next-Hop Path150.10.0.0/16 192.10.1.1 200160.10.0.0/16 192.10.1.1192.10.1.1 200 100
![Page 45: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/45.jpg)
• Next hop not changedbetween iBGP peers
160.10.0.0/16
150.10.0.0/16
192.10.1.0/30
.2
AS 100
AS 200
Network Next-Hop Path150.10.0.0/16 192.10.1.1 200160.10.0.0/16 192.10.1.1192.10.1.1 200 100
CC
Next Hop Attribute
.1
BB
AA
.1
.2
192.
20.2
.0/3
0
BGP Update
Messages
DD
EE
AS 300140.10.0.0/16
![Page 46: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/46.jpg)
Next Hop Attribute (more)
• IGP should carry route to next hops
• Recursive route look-up
• Unlinks BGP from actual physical topology
• Allows IGP to make intelligent forwarding decision
![Page 47: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/47.jpg)
BGP Updates — Withdrawn Routes
• Used to “withdraw” network reachability
• Each Withdrawn Route is composed of:– Network Prefix– Mask Length
![Page 48: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/48.jpg)
BGP Updates — Withdrawn Routes
AS 321AS 123
192.168.10.0/24
192.192.25.0/24
.1 .2
x
Connectivity lost
BGP Update
Message
Withdraw Routes192.192.25.0/24Withdraw Routes192.192.25.0/24
Network Next-Hop Path150.10.0.0/16 192.168.10.2 321 200192.192.25.0/24 192.168.10.2 321
![Page 49: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/49.jpg)
BGP Routing Information BaseBGP RIB
D 10.1.2.0/24D 160.10.1.0/24D 160.10.3.0/24R 153.22.0.0/16S 192.1.1.0/24
Network Next-Hop Path
router bgp 100 network 160.10.0.0 255.255.0.0 no auto-summary
Route Table
*>i160.10.1.0/24 192.20.2.2 i*>i160.10.3.0/24 192.20.2.2 i
BGP ‘network’ commands are normally used to populate the BGP RIB with routes from the Route Table
![Page 50: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/50.jpg)
BGP Routing Information BaseBGP RIB
router bgp 100 network 160.10.0.0 255.255.0.0 aggregate-address 160.10.0.0 255.255.0.0 summary-only no auto-summary
Route Table
Network Next-Hop Path
D 10.1.2.0/24D 160.10.1.0/24D 160.10.3.0/24R 153.22.0.0/16S 192.1.1.0/24
*> 160.10.0.0/16 0.0.0.0 i*> 160.10.0.0/16 0.0.0.0 i* i 192.20.2.2 i* i 192.20.2.2 is> 160.10.1.0/24 192.20.2.2 is> 160.10.3.0/24 192.20.2.2 i
BGP ‘aggregate-address’ commands may be used to install summary routes in the BGP RIB
![Page 51: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/51.jpg)
BGP ‘redistribute’ commands can also be used to populate the BGP RIB with routes from the Route Table
BGP Routing Information BaseBGP RIB
Network Next-Hop Path
router bgp 100 network 160.10.0.0 255.255.0.0 redistribute static route-map foo no auto-summary
access-list 1 permit 192.1.0.0 0.0.255.255
route-map foo permit 10 match ip address 1
Route Table
D 10.1.2.0/24D 160.10.1.0/24D 160.10.3.0/24R 153.22.0.0/16S 192.1.1.0/24
*> 160.10.0.0/16 0.0.0.0 i* i 192.20.2.2 is> 160.10.1.0/24 192.20.2.2 is> 160.10.3.0/24 192.20.2.2 i*> 192.1.1.0/24 192.20.2.2 ?*> 192.1.1.0/24 192.20.2.2 ?
![Page 52: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/52.jpg)
BGP Routing Information Base
BGP RIBIN Process
Update
Network Next-Hop Path173.21.0.0/16 192.20.2.1 100
* 173.21.0.0/16 192.20.2.1 100
• BGP “in” process• receives path information from peers
• results of BGP path selection placed in the BGP table
• “best path” flagged (denoted by “>”)
Update
Network Next-Hop Path*>i160.10.1.0/24 192.20.2.2 i*>i160.10.3.0/24 192.20.2.2 i
OUT Process
>
![Page 53: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/53.jpg)
BGP Routing Information Base
OUT Process
Network Next-Hop Path160.10.1.0/24 192.20.2.2 200160.10.3.0/24 192.20.2.2 200173.21.0.0/16 192.20.2.2 200 100192.20.2.1 192.20.2.1
BGP RIB
> 173.21.0.0/16 192.20.2.1 100
Network Next-Hop Path*>i160.10.1.0/24 192.20.2.2 i*>i160.10.3.0/24 192.20.2.2 i*
IN Process
Update Update
• BGP “out” process• builds update using info from RIB
• may modify update based on config
• Sends update to peers
Next-Hop changed
![Page 54: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/54.jpg)
BGP Routing Information Base
BGP RIB
D 10.1.2.0/24D 160.10.1.0/24D 160.10.3.0/24R 153.22.0.0/16S 192.1.1.0/24
Network Next-Hop Path*>i160.10.1.0/24 192.20.2.2 i*>i160.10.3.0/24 192.20.2.2 i*> 173.21.0.0/16 192.20.2.1 100
• Best paths installed in routing table if:
B 173.21.0.0/16
Route Table
• prefix and prefix length are unique• lowest “protocol distance”
![Page 55: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/55.jpg)
The ‘Bible’ & other resources
• Route-views.oregon-ix.net
• Internet Routing Architectures– Bassam Halabi– pg. 168 BGP Decision Process Summary
![Page 56: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/56.jpg)
Types of BGP Messages
• OPEN– To negotiate and establish peering
• UPDATE– To exchange routing information
• KEEPALIVE– To maintain peering session
• NOTIFICATION– To report errors (results in session reset)
![Page 57: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/57.jpg)
Internal BGP Peering (IBGP)
• BGP peer within the same AS• Not required to be directly connected• Maintain full IBGP mesh or use Route Reflection
AS 100
AA
EE
BB
DD
![Page 58: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/58.jpg)
External BGP Peering (EBGP)
AS 100 AS 101CC
BB
AA
• Between BGP speakers in different AS• Directly connected or peering address is reachable
![Page 59: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/59.jpg)
An Example…
Learns about 35.0.0.0/8 from F & D
AS3561
B
E
C
D
F
A
AS200
AS101
AS21
AS675
35.0.0.0/8
![Page 60: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/60.jpg)
Basic BGP commands
Configuration commandsrouter bgp <AS-number>
neighbor <ip address> remote-as <as-number>
Show commandsshow ip bgp summary
show ip bgp neighbors
![Page 61: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/61.jpg)
Originating routes...
• Using network command or redistributionnetwork <ipaddress>
redistribute <protocol name>
• Requires the route to be present in the routing table
![Page 62: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/62.jpg)
Originating routes/Inserting prefixes into BGP
• network command
• network 198.10.4.0 mask 255.255.254.0
• ip route 198.10.0.0 255.255.254.0 serial 0
• matching route must exist in the routing table before network is announced!
• Origin: IGP
![Page 63: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/63.jpg)
Update message
• Withdrawn routes• Path Attributes• Advertised routes
![Page 64: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/64.jpg)
Stable IBGP peering
• Unlinks IBGP peering from physical topology.
• Carry loopback address in IGProuter ospf <ID>
passive-interface loopback0
• Unlink peering from physical topologyrouter bgp <AS1>
neighbor <x.x.x.x> remote-as <AS1>
neighbor <x.x.x.x> update-source loopback0
![Page 65: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/65.jpg)
BGP4 continued...
![Page 66: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/66.jpg)
BGP Path Attributes: Why ?
• Encoded as Type, Length & Value (TLV)
• Transitive/Non-Transitive attributes
• Some are mandatory
• Used in path selection
• To apply policy for steering traffic
![Page 67: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/67.jpg)
BGP Path Attributes...
• Origin• AS-path• Next-hop• Multi-Exit Discriminator (MED)• Local preference• BGP Community• Others...
![Page 68: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/68.jpg)
AS-PATH
• Updated by the sending router with its AS number
• Contains the list of AS numbers the update traverses.
• Used to detect routing loops
– Each time the router receives an update, if it finds its AS number, it discards the update
![Page 69: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/69.jpg)
• Sequence of ASes a route has traversed
• Loop detection
AS-Path
AS 100
AS 300
AS 200
AS 500
AS 400
170.10.0.0/16 180.10.0.0/16
150.10.0.0/16
180.10.0.0/16 300 200 100
170.10.0.0/16 300 200
150.10.0.0/16 300 400
180.10.0.0/16 dropped
![Page 70: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/70.jpg)
Next-Hop
• Next hop router to reach a network• Advertising router/Third party in EBGP• Unmodified in IBGP
160.10.0.0/16
150.10.0.0/16
150.10.1.1 150.10.1.2
AS 100
AS 300AS 200
150.10.0.0/16 150.10.1.1160.10.0.0/16 150.10.1.1
AA BB
20Cisco Systems Confidential0799_04F7_c2
![Page 71: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/71.jpg)
Third Party Next Hop
192.68.1.0/24
150.1.1.3150.1.1.3
150.1.1.1
150.1.1.2
192.68.1.0/24 150.1.1.3
AS 201
AS 200
CC
AA BB
• More efficient, but bad idea!
peering
![Page 72: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/72.jpg)
Next Hop...
• IGP should carry route to next hops• Recursive route look-up• Unlinks BGP from actual physical topology• Allows IGP to make intelligent forwarding
decision
![Page 73: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/73.jpg)
Local Preference
• Not for EBGP, mandatory for IBGP
• Default value is 100 on Ciscos
• Local to an AS
• Used to prefer one exit over another
• Path with highest local preference wins
![Page 74: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/74.jpg)
Local Preference
AS 400
AS 200
160.10.0.0/16
AS 100
AS 300
160.10.0.0/16 500> 160.10.0.0/16 800
500 800 EE
BB
CC
AA
DD
![Page 75: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/75.jpg)
Multi-Exit Discriminator
• Non-transitive
• Represented as a numeric value (0-0xffffffff)
• Used to convey the relative preference of entry points
• Comparable if paths are from the same AS
• Path with lower MED wins
• IGP metric can be conveyed as MED
![Page 76: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/76.jpg)
Multi-Exit Discriminator (MED)
AS 201
AS 200
192.68.1.0/24
CC
AA BB
192.68.1.0/24 1000192.68.1.0/24 2000
preferred
![Page 77: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/77.jpg)
Origin
• Conveys the origin of the prefix
• Three values: – IGP - Generated using “network” statement
• ex: network 35.0.0.0
– EGP - Redistributed from EGP
– Incomplete - Redistribute IGP• ex: redistribute ospf
• IGP < EGP < INCOMPLETE
![Page 78: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/78.jpg)
Communities
• Transitive, Non-mandatory• Represented as a numeric value (0-0xffffffff)• Used to group destinations• Each destination could be member of multiple
communities• Flexibility to scope a set of prefixes within or
across AS for applying policy
![Page 79: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/79.jpg)
Customer AS 201
Service Provider AS 200
192.68.1.0/24
CC
AA BB
Community:201:110 Community:201:120
DD
Community Local Preference201:110 110201:120 120
Community...
![Page 80: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/80.jpg)
Synchronization
• C not running BGP (non-pervasive BGP)• A won’t advertise 35/8 to D until the IGP is in sync• Turn synchronization off!
– Run pervasive BGP
router bgp 1880no sync
1880
209
690
B
AC
35/8
D OSPF
![Page 81: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/81.jpg)
BGP Route Selection (bestpath)Only one path as the bestpath !
• Route has to be synchronized Prefix in forwarding table
• Next-hop has to be accessibleNext-hop in forwarding table
• Largest weightLocal to the router
• Largest local preferenceSpread within AS
• Locally sourcedVia redistribute or network statement
![Page 82: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/82.jpg)
BGP Route Selection ...
• Shortest AS-path lengthnumber of ASes in the AS-path attribute
• Lowest origin IGP < EGP < INCOMPLETE
• Lowest MEDbetween paths from same AS
• External over internal closest exit from a router
• Closest next-hop Lower IGP metric, closer exit from as AS
• Lowest router-id • Lowest IP address of neighbor
![Page 83: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/83.jpg)
BGP Route Selection...
AS 400
AS 200
AS 100
AS 300
BBAA
DD
AS 400’s Policy to reach AS100
AS 200 preferred path
AS 300 backup
Increase AS path attribute length by at least 1
![Page 84: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/84.jpg)
Stub AS
• Typically no need for BGP
• Point default towards the ISP
• ISP advertises the stub network to Internet
• Policy confined within ISP policy
![Page 85: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/85.jpg)
Stub AS
AS 100
AS 101BB
AA
Provider
Customer
![Page 86: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/86.jpg)
Multi-homed AS
• Only border routers speak BGP
• IBGP only between border routers
• Exterior routes must be redistributed in a controlled fashion into IGP or use defaults
![Page 87: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/87.jpg)
Multi-homed AS
AS 100
AS 200
AS 300
DD
CCBB
AAprovider
provider
customer
![Page 88: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/88.jpg)
Service Provider Network
• IBGP used to carry exterior routes
• IGP keeps track of topology
• Full IBGP mesh is required
![Page 89: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/89.jpg)
Common Service Provider Network
AS 100 AS 200
AS 400
AS 300
FF
EE
DD
GG
HH
CCBB
AA
provider
![Page 90: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/90.jpg)
Routing Policy
• Why?– To steer traffic through preferred paths– Inbound/Outbound prefix filtering – To enforce Customer-ISP agreements
• How ?– AS based route filtering - filter list– Prefix based route filtering - distribute list– BGP attribute modification - route maps
![Page 91: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/91.jpg)
Distribute list - using IP access lists
access-list 1 deny 10.0.0.0access-list 1 permit anyaccess-list 2 permit 20.0.0.0 … more access-lists as prefixes are added ...
router bgp 100neighbor 171.69.233.33 remote-as 33neighbor 171.69.233.33 distribute-list 1 inneighbor 171.69.233.33 distribute-list 2 out
![Page 92: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/92.jpg)
Filter list rules Regular Expressions
• RE is a pattern to match against an input string
• Used to match against AS-path attribute
• ex: ^3561.*100.*1$
• Flexible enough to generate complex filter list rules
![Page 93: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/93.jpg)
Filter list - using as-path access list
ip as-path access-list 1 permit 3561
ip as-path access-list 2 deny 35
ip as-path access-list 2 permit .*
router bgp 100
neighbor 171.69.233.33 remote-as 33
neighbor 171.69.233.33 filter-list 1 in
neighbor 171.69.233.33 filter-list 2 out
![Page 94: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/94.jpg)
Route Maps
router bgp 300neighbor 2.2.2.2 remote-as 100neighbor 2.2.2.2 route-map SETCOMMUNITY out!route-map SETCOMMUNITY permit 10match ip address 1match community 1set community 300:100!access-list 1 permit 35.0.0.0ip community-list 1 permit 100:200
![Page 95: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/95.jpg)
Route-map match & set clauses
Match Clauses Set Clauses• AS-path• Community• IP address
• AS-path prepend• Community• Local-Preference• MED• Origin• Weight• Others...
![Page 96: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/96.jpg)
H HethH H
eth
H Heth
H Heth
C31
C22C21
C32
ISP3
ISP2
Inbound route-mapto set community
Route-map Configuration Example
neighbor <x.x.x.x> route-map AS100_IN in!route-map AS100_IN permit 10
set community 100:200
neighbor <y.y.y.y> route-map AS200_IN in!route-map AS200_IN permit 10
match community 1set local-preference 200
!ip community-list 1 permit 100:200
![Page 97: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/97.jpg)
Load Sharing & Redundancyusing BGP
![Page 98: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/98.jpg)
Load-sharing - single path
AS100 AS200
Router A:interface loopback 0ip address 20.200.0.1 255.255.255.255!router bgp 100 neighbor 10.200.0.2 remote-as 200neighbor 10.200.0.2 update-source loopback0neighbor 10.200.0.2 ebgp-multi-hop 2!ip route 10.200.0.2 255.255.255.255 <DMZ-link1, link2>
ALoopback 010.200.0.2
Loopback 020.200.0.1
![Page 99: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/99.jpg)
100 200A
Note:A still only advertises one “best” path to ibgp peers
Router A:router bgp 100 neighbor 10.200.0.1 remote-as 200neighbor 10.300.0.1 remote-as 200maximum-paths 2
Load Sharing - Multiple paths from the same AS
![Page 100: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/100.jpg)
Redundancy - Multi-homing
• Reliable connection to Internet• 3 common cases of multi-homing:
- default from all providers- customer + default routes from all- full routes from all
![Page 101: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/101.jpg)
Default from all providers
• Low memory/CPU solution
• Provider sends BGP default– provider is selected based on IGP metric
• Inbound traffic decided by providers’ policy– Can influence using outbound policy, example:
AS-path prepend
![Page 102: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/102.jpg)
Default from all providers
AS 400
Provider
AS 200
Provider
AS 300
EE
BB
CC
AA
DD
![Page 103: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/103.jpg)
Customer + default from all providers
• Medium memory and CPU solution
• Granular routing for customer routes and
default for the rest
• Inbound traffic decided by providers’ policy– Can influence using outbound policy
![Page 104: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/104.jpg)
Customer routes from all providers
AS 400
Provider
AS 200
Customer
AS 100160.10.0.0/16
Provider
AS 300
EE
BB
CC
AA
DD
C chooses shortest AS path
![Page 105: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/105.jpg)
Full routes from all providers
• More memory/CPU
• Full granular routing
• Usually transit ASes take full routes
• Usually pervasive BGP
![Page 106: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/106.jpg)
Full routes from all providers
AS 400
AS 200
AS 100
AS 300
EE
BB
CC
AA
DD
C chooses shortest AS path
AS 500
![Page 107: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/107.jpg)
Best PracticesIGP in Backbone
• IGP connects your backbone together, not your client’s routes
• IGP must converge quickly
• IGP should carry netmask information - OSPF, IS-IS, EIGRP
![Page 108: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/108.jpg)
Best Practices...Connecting to a customer
• Static routes– You control directly– No route flaps
• Shared routing protocol or leaking– You must filter your customers info– Route flaps
• BGP for multi-homed customers
![Page 109: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/109.jpg)
Best Practices...Connecting to other ISPs
• Use BGP4• Advertise only what you serve• Take back as little as you can• Take the shortest exit
![Page 110: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/110.jpg)
Best Practices...The Internet Exchange
• Long distance connectivity is expensive
• Connect to several providers at a single
point
![Page 111: Bgp (1)](https://reader036.fdocuments.in/reader036/viewer/2022062405/5576458cd8b42ac31b8b4d3b/html5/thumbnails/111.jpg)
Q & A