Border gateway protocol bgp4
Download
1 / 111

Border Gateway Protocol BGP4 - PowerPoint PPT Presentation


  • 432 Views
  • Updated On :

Border Gateway Protocol (BGP4). Border Gateway Protocol (BGP) . Routing/Forwarding basics Building blocks Exercises BGP protocol basics Exercises BGP path attributes Best path computation Exercises. Border Gateway Protocol (BGP)... . Typical BGP topologies Routing Policy Exercises

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Border Gateway Protocol BGP4' - lotus


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Border gateway protocol bgp l.jpg
Border Gateway Protocol (BGP)

  • Routing/Forwarding basics

  • Building blocks

  • Exercises

  • BGP protocol basics

  • Exercises

  • BGP path attributes

  • Best path computation

  • Exercises


Border gateway protocol bgp3 l.jpg
Border Gateway Protocol (BGP)...

  • Typical BGP topologies

  • Routing Policy

  • Exercises

  • Redundancy/Load sharing

  • Best current practices



Ip route lookup longest match routing l.jpg
IP route lookup:Longest match routing

Packet: Destination

IP address: 10.1.1.1

R1

10/8 -> R3

10.1/16 -> R4

20/8 -> R5

30/8 -> R6

…..

R2’s IP routing table

R3

All 10/8 except

10.1/16

R4

R2

10.1/16


Ip route lookup longest match routing6 l.jpg
IP route lookup: Longest match routing

Packet: Destination

IP address: 10.1.1.1

R1

10/8 -> R3

10.1/16 -> R4

20/8 -> R5

…..

R2’s IP routing table

R3

All 10/8 except

10.1/16

R4

R2

10.1/16

10.1.1.1 & FF.0.0.0

is equal to

10.0.0.0 & FF.0.0.0

Match!


Ip route lookup longest match routing7 l.jpg
IP route lookup: Longest match routing

Packet: Destination

IP address: 10.1.1.1

R1

10/8 -> R3

10.1/16 -> R4

20/8 -> R5

…..

R2’s IP routing table

R3

All 10/8 except

10.1/16

R4

R2

10.1/16

10.1.1.1 & FF.FF.0.0

is equal to

10.1.0.0 & FF.FF.0.0

Match as well!


Ip route lookup longest match routing8 l.jpg
IP route lookup: Longest match routing

Packet: Destination

IP address: 10.1.1.1

R1

10/8 -> R3

10.1/16 -> R4

20/8 -> R5

…..

R2’s IP routing table

R3

All 10/8 except

10.1/16

R4

R2

10.1/16

10.1.1.1 & FF.0.0.0

is equal to

20.0.0.0 & FF.0.0.0

Does not match!


Ip route lookup longest match routing9 l.jpg
IP route lookup: Longest match routing

R1

10/8 -> R3

10.1/16 -> R4

20/8 -> R5

…..

R2’s IP routing table

R3

All 10/8 except

10.1/16

Packet: Destination

IP address: 10.1.1.1

R4

R2

10.1/16

Longest match, 16 bit netmask


Ip route lookup longest match routing10 l.jpg
IP route lookup: Longest match routing

  • default is 0.0.0.0/0

  • can handle it using the normal longest match algorithm

  • matches everything. Always the shortest match.


Forwarding l.jpg
Forwarding

  • Uses the routing table built by routing protocols

  • Performs the lookup to find next-hop and outgoing interface

  • Switches the packet with new encapsulation as per the outgoing interface


Building blocks l.jpg
Building Blocks

  • Autonomous System (AS)

  • Types of Routes

  • IGP/EGP

  • DMZ

  • Policy

  • Egress

  • Ingress


Autonomous system as l.jpg
Autonomous System (AS)

  • Collection of networks with same policy

  • Single routing protocol

  • Usually under single administrative control

  • IGP to provide internal connectivity

AS 100


Autonomous system as14 l.jpg
Autonomous System(AS)...

  • Identified by ‘AS number’

  • Public & Private AS numbers

  • Examples:

    • Service provider

    • Multi-homed customers

    • Anyone needing policy discrimination


Slide15 l.jpg

Routing flow and packet flow

packet flow

egress

announce

accept

AS2

AS 1

Routingflow

announce

accept

ingress

For networks in AS1 and AS2 to communicate:

AS1 must announce routes to AS2

AS2 must accept routes from AS1

AS2 must announce routes to AS1

AS1 must accept routes from AS2

packet flow


Egress traffic l.jpg
Egress Traffic

  • Packets exiting the network

  • Based on

    • Route availability (what others send you)

    • Route acceptance (what you accept from others)

    • Policy and tuning (what you do with routes from others)

    • Peering and transit agreements


Ingress traffic l.jpg
Ingress Traffic

  • Packets entering your network

  • Ingress traffic depends on:

    • What information you send and to who

    • Based on your addressing and ASes

    • Based on others’ policy (what they accept from you and what they do with it)


Types of routes l.jpg
Types of Routes

  • Static Routes

    • configured manually

  • Connected Routes

    • created automatically when an interface is ‘up’

  • Interior Routes

    • Routes within an AS

  • Exterior Routes

    • Routes exterior to AS


What is an igp l.jpg
What Is an IGP?

  • Interior Gateway Protocol

  • Within an Autonomous System

  • Carries information about internal prefixes

  • Examples—OSPF, ISIS, EIGRP…


What is an egp l.jpg
What Is an EGP?

  • Exterior Gateway Protocol

  • Used to convey routing information between ASes

  • De-coupled from the IGP

  • Current EGP is BGP4


Why do we need an egp l.jpg
Why Do We Need an EGP?

  • Scaling to large network

    • Hierarchy

    • Limit scope of failure

  • Define administrative boundary

  • Policy

    • Control reachability to prefixes


Interior vs exterior routing protocols l.jpg
Interior vs. Exterior Routing Protocols

  • Interior

    • Automatic discovery

    • Generally trust your IGP routers

    • Routes go to all IGP routers

  • Exterior

    • Specifically configured peers

    • Connecting with outside networks

    • Set administrative boundaries


Hierarchy of routing protocols l.jpg
Hierarchy of Routing Protocols

Other ISP’s

BGP4 / OSPF

BGP4

BGP4/Static

Local NAP

FDDI

Customers

BGP4


Demilitarized zone dmz l.jpg
Demilitarized Zone (DMZ)

  • Shared network between ASes

A

C

DMZ Network

AS 100

AS 101

B

D

E

AS 102


Addressing isp l.jpg
Addressing - ISP

  • Need to reserve address space for its network.

  • Need to allocate address blocks to its customers.

  • Need to take “growth” into consideration

  • Upstream link address is allocated by upstream provider


Bgp basics l.jpg
BGP Basics

  • Terminology

  • Protocol Basics

  • Messages

  • General Operation

  • Peering relationships (EBGP/IBGP)

  • Originating routes


Terminology l.jpg
Terminology

  • Neighbor

    • Configured BGP peer

  • NLRI/Prefix

    • NLRI - network layer reachability information

    • Reachability information for a IP address & mask

  • Router-ID

    • Highest IP address configured on the router

  • Route/Path

    • NLRI advertised by a neighbor


Protocol basics l.jpg
Protocol Basics

Peering

  • Routing protocol used between ASes

    • if you aren’t connected to multiple ASes, you don’t need BGP :)

  • Runs over TCP

  • Path vector protocol

  • Incremental update

A

C

AS 100

AS 101

B

D

E

AS 102


Slide29 l.jpg

BGP Basics ...

  • Each AS originates a set of NLRI

  • NLRI is exchanged between BGP peers

  • Can have multiple paths for a given prefix

  • Picks the best path and installs in the IP forwarding table

  • Policies applied (through attributes) influences BGP path selection


Bgp peers l.jpg
BGP Peers

A

C

B

D

E

eBGP TCP/IP

Peer Connection

AS 101

AS 100

220.220.16.0/24

220.220.8.0/24

BGP speakers are called peers

AS 102

Peers in different AS’sare called External Peers

220.220.32.0/24

Note: eBGP Peers normally should be directly connected.


Bgp peers31 l.jpg
BGP Peers

B

D

E

iBGP TCP/IP

Peer Connection

A

C

AS 101

AS 100

220.220.16.0/24

220.220.8.0/24

BGP speakers are called peers

AS 102

Peers in the same ASare called Internal Peers

220.220.32.0/24

Note: iBGP Peers don’t have to be directly connected.


Bgp peers32 l.jpg
BGP Peers

B

D

E

BGP Update

Messages

A

C

AS 101

AS 100

220.220.16.0/24

220.220.8.0/24

BGP Peers exchange Update messages containing Network Layer Reachability Information (NLRI)

AS 102

220.220.32.0/24


Configuring bgp peers l.jpg
Configuring BGP Peers

eBGP TCP Connection

B

A

C

D

interface Serial 0

ip address 222.222.10.2 255.255.255.252

router bgp 100

network 220.220.8.0 mask 255.255.255.0

neighbor 222.222.10.1 remote-as 101

interface Serial 0

ip address 222.222.10.1 255.255.255.252

router bgp 101

network 220.220.16.0 mask 255.255.255.0

neighbor 222.222.10.2 remote-as 100

AS 101

AS 100

222.222.10.0/30

220.220.8.0/24

220.220.16.0/24

.2

.1

.2

.1

.2

.1

  • BGP Peering sessions are established using the BGP “neighbor” configuration command

  • External (eBGP) is configured when AS numbers are different


Configuring bgp peers34 l.jpg
Configuring BGP Peers

iBGP TCP Connection

B

A

D

C

interface Serial 1

ip address 222.220.16.1 255.255.255.252

router bgp 101

network 220.220.16.0 mask 255.255.255.0

neighbor 220.220.16.2 remote-as 101

interface Serial 1

ip address 220.220.16.2 255.255.255.252

router bgp 101

network 220.220.16.0 mask 255.255.255.0

neighbor 220.220.16.1 remote-as 101

AS 101

AS 100

222.222.10.0/30

220.220.8.0/24

220.220.16.0/24

.2

.1

.2

.1

.2

.1

  • BGP Peering sessions are established using the BGP “neighbor” configuration command

  • External (eBGP) is configured when AS numbers are different

  • Internal (iBGP) is configured when AS numbers are same


Configuring bgp peers35 l.jpg
Configuring BGP Peers

B

A

C

iBGP TCP/IP

Peer Connection

AS 100

  • Each iBGP speaker must peer with every other iBGP speaker in the AS


Configuring bgp peers36 l.jpg
Configuring BGP Peers

215.10.7.2

215.10.7.1

B

A

215.10.7.3

C

iBGP TCP/IP

Peer Connection

AS 100

  • Loopback interface are normally used aspeer connection end-points


Configuring bgp peers37 l.jpg
Configuring BGP Peers

215.10.7.2

215.10.7.1

B

A

215.10.7.3

interface loopback 0

ip address 215.10.7.1 255.255.255.255

router bgp 100

network 220.220.1.0

neighbor 215.10.7.2 remote-as 100

neighbor 215.10.7.2 update-source loopback0

neighbor 215.10.7.3 remote-as 100

neighbor 215.10.7.3 update-source loopback0

C

iBGP TCP/IP

Peer Connection

AS 100

A


Configuring bgp peers38 l.jpg
Configuring BGP Peers

215.10.7.2

215.10.7.1

B

A

215.10.7.3

interface loopback 0

ip address 215.10.7.2 255.255.255.255

router bgp 100

network 220.220.5.0

neighbor 215.10.7.1 remote-as 100

neighbor 215.10.7.1 update-source loopback0

neighbor 215.10.7.3 remote-as 100

neighbor 215.10.7.3 update-source loopback0

C

iBGP TCP/IP

Peer Connection

AS 100

A


Configuring bgp peers39 l.jpg
Configuring BGP Peers

215.10.7.2

215.10.7.1

B

A

215.10.7.3

C

interface loopback 0

ip address 215.10.7.3 255.255.255.255

router bgp 100

network 220.220.1.0

neighbor 215.10.7.1 remote-as 100

neighbor 215.10.7.1 update-source loopback0

neighbor 215.10.7.2 remote-as 100

neighbor 215.10.7.2 update-source loopback0

iBGP TCP/IP

Peer Connection

AS 100

A


Bgp updates nlri l.jpg
BGP Updates — NLRI

  • Network Layer Reachability Information

  • Used to advertise feasible routes

  • Composed of:

    • Network Prefix

    • Mask Length


Bgp updates attributes l.jpg
BGP Updates — Attributes

  • Used to convey information associated with NLRI

    • AS path

    • Next hop

    • Local preference

    • Multi-Exit Discriminator (MED)

    • Community

    • Origin

    • Aggregator


As path attribute l.jpg

Sequence of ASes a route has traversed

Loop detection

Apply policy

AS-Path Attribute

AS 200

AS 100

170.10.0.0/16

180.10.0.0/16

Network Path

180.10.0.0/16 300 200 100

170.10.0.0/16 300 200

AS 300

AS 400

150.10.0.0/16

Network Path

180.10.0.0/16 300 200 100

170.10.0.0/16 300 200

150.10.0.0/16 300 400

AS 500


Next hop attribute l.jpg
Next Hop Attribute

A

C

B

D

E

Network Next-Hop Path

160.10.0.0/16 192.20.2.1 100

BGP Update

Messages

AS 300

AS 200

140.10.0.0/16

192.10.1.0/30

150.10.0.0/16

.1

.2

.2

192.20.2.0/30

.1

  • Next hop to reach a network

  • Usually a local network is the next hop in eBGP session

AS 100

160.10.0.0/16


Next hop attribute44 l.jpg

Next hop to reach a network

Usually a local network is the next hop in eBGP session

Next Hop Attribute

A

C

B

D

E

Network Next-Hop Path

150.10.0.0/16 192.10.1.1 200

160.10.0.0/16 192.10.1.1 200 100

BGP Update

Messages

AS 300

AS 200

140.10.0.0/16

192.10.1.0/30

150.10.0.0/16

.1

.2

.2

192.20.2.0/30

.1

AS 100

160.10.0.0/16

  • Next Hop updated betweeneBGP Peers


Next hop attribute45 l.jpg

Next hop not changedbetween iBGP peers

Next Hop Attribute

A

B

C

D

E

Network Next-Hop Path

150.10.0.0/16 192.10.1.1 200

160.10.0.0/16 192.10.1.1 200 100

BGP Update

Messages

AS 300

AS 200

140.10.0.0/16

192.10.1.0/30

150.10.0.0/16

.1

.2

.2

192.20.2.0/30

.1

AS 100

160.10.0.0/16


Next hop attribute more l.jpg
Next Hop Attribute (more)

  • IGP should carry route to next hops

  • Recursive route look-up

  • Unlinks BGP from actual physical topology

  • Allows IGP to make intelligent forwarding decision


Bgp updates withdrawn routes l.jpg
BGP Updates — Withdrawn Routes

  • Used to “withdraw” network reachability

  • Each Withdrawn Route is composed of:

    • Network Prefix

    • Mask Length


Bgp updates withdrawn routes48 l.jpg
BGP Updates — Withdrawn Routes

BGP Update

Message

Withdraw Routes

192.192.25.0/24

Connectivity lost

Network Next-Hop Path

150.10.0.0/16 192.168.10.2 321 200

192.192.25.0/24 192.168.10.2 321

AS 321

AS 123

192.168.10.0/24

.1

.2

x

192.192.25.0/24


Bgp routing information base l.jpg
BGP Routing Information Base

router bgp 100

network 160.10.0.0 255.255.0.0

no auto-summary

BGP RIB

Network Next-Hop Path

*>i160.10.1.0/24 192.20.2.2 i

*>i160.10.3.0/24 192.20.2.2 i

D 10.1.2.0/24

D 160.10.1.0/24

D 160.10.3.0/24

R 153.22.0.0/16

S 192.1.1.0/24

BGP ‘network’ commands are normally used to populate the BGP RIB with routes from the Route Table

Route Table


Bgp routing information base50 l.jpg
BGP Routing Information Base

BGP RIB

Network Next-Hop Path

*> 160.10.0.0/16 0.0.0.0 i

* i 192.20.2.2 i

s> 160.10.1.0/24 192.20.2.2 i

s> 160.10.3.0/24 192.20.2.2 i

router bgp 100

network 160.10.0.0 255.255.0.0

aggregate-address 160.10.0.0 255.255.0.0 summary-only

no auto-summary

D 10.1.2.0/24

D 160.10.1.0/24

D 160.10.3.0/24

R 153.22.0.0/16

S 192.1.1.0/24

BGP ‘aggregate-address’ commands may be used to install summary routes in the BGP RIB

Route Table


Bgp routing information base51 l.jpg
BGP Routing Information Base

BGP RIB

Network Next-Hop Path

*> 160.10.0.0/16 0.0.0.0 i

* i 192.20.2.2 i

s> 160.10.1.0/24 192.20.2.2 i

s> 160.10.3.0/24 192.20.2.2 i

*> 192.1.1.0/24 192.20.2.2 ?

router bgp 100

network 160.10.0.0 255.255.0.0

redistribute static route-map foo

no auto-summary

access-list 1 permit 192.1.0.0 0.0.255.255

route-map foo permit 10 match ip address 1

D 10.1.2.0/24

D 160.10.1.0/24

D 160.10.3.0/24

R 153.22.0.0/16

S 192.1.1.0/24

BGP ‘redistribute’ commands can also be used to populate the BGP RIB with routes from the Route Table

Route Table


Bgp routing information base52 l.jpg
BGP Routing Information Base

Update

Update

Network Next-Hop Path

173.21.0.0/16 192.20.2.1 100

IN Process

OUT Process

BGP RIB

Network Next-Hop Path

*>i160.10.1.0/24 192.20.2.2 i

*>i160.10.3.0/24 192.20.2.2 i

>

* 173.21.0.0/16 192.20.2.1 100

  • BGP “in” process

    • receives path information from peers

  • results of BGP path selection placed in the BGP table

  • “best path” flagged (denoted by “>”)


Bgp routing information base53 l.jpg
BGP Routing Information Base

Update

Update

Network Next-Hop Path

160.10.1.0/24 192.20.2.2 200

160.10.3.0/24 192.20.2.2 200

173.21.0.0/16 192.20.2.2 200 100

Next-Hop changed

IN Process

OUT Process

BGP RIB

Network Next-Hop Path

*>i160.10.1.0/24 192.20.2.2 i

*>i160.10.3.0/24 192.20.2.2 i

> 173.21.0.0/16 192.20.2.1 100

*

192.20.2.1

  • BGP “out” process

    • builds update using info from RIB

  • may modify update based on config

  • Sends update to peers


Bgp routing information base54 l.jpg
BGP Routing Information Base

BGP RIB

Network Next-Hop Path

*>i160.10.1.0/24 192.20.2.2 i

*>i160.10.3.0/24 192.20.2.2 i

*> 173.21.0.0/16 192.20.2.1 100

D 10.1.2.0/24

D 160.10.1.0/24

D 160.10.3.0/24

R 153.22.0.0/16

S 192.1.1.0/24

  • Best paths installed in routing table if:

  • prefix and prefix length are unique

  • lowest “protocol distance”

B 173.21.0.0/16

Route Table


The bible other resources l.jpg
The ‘Bible’ & other resources

  • Route-views.oregon-ix.net

  • Internet Routing Architectures

    • Bassam Halabi

    • pg. 168 BGP Decision Process Summary


Types of bgp messages l.jpg
Types of BGP Messages

  • OPEN

    • To negotiate and establish peering

  • UPDATE

    • To exchange routing information

  • KEEPALIVE

    • To maintain peering session

  • NOTIFICATION

    • To report errors (results in session reset)


Internal bgp peering ibgp l.jpg
Internal BGP Peering (IBGP)

AS 100

D

A

B

E

  • BGP peer within the same AS

  • Not required to be directly connected

  • Maintain full IBGP mesh or use Route Reflection


External bgp peering ebgp l.jpg
External BGP Peering (EBGP)

  • Between BGP speakers in different AS

  • Directly connected or peering address is reachable

A

AS 100

AS 101

C

B


An example l.jpg
An Example…

35.0.0.0/8

AS3561

A

AS200

F

B

AS21

C

D

AS101

AS675

E

Learns about 35.0.0.0/8 from F & D


Basic bgp commands l.jpg
Basic BGP commands

Configuration commands

router bgp<AS-number>

neighbor<ip address>remote-as<as-number>

Show commands

show ip bgp summary

show ip bgp neighbors


Originating routes l.jpg
Originating routes...

  • Using networkcommand or redistribution

    network <ipaddress>

    redistribute <protocol name>

  • Requires the route to be present in the routing table


Originating routes inserting prefixes into bgp l.jpg
Originating routes/Inserting prefixes into BGP

  • network command

  • network 198.10.4.0 mask 255.255.254.0

  • ip route 198.10.0.0 255.255.254.0 serial 0

  • matching route must exist in the routing table before network is announced!

  • Origin: IGP


Update message l.jpg
Update message

  • Withdrawn routes

  • Path Attributes

  • Advertised routes


Slide64 l.jpg

Stable IBGP peering

  • Unlinks IBGP peering from physical topology.

  • Carry loopback address in IGP

    router ospf<ID>

    passive-interfaceloopback0

  • Unlink peering from physical topology

    router bgp<AS1>

    neighbor<x.x.x.x>remote-as<AS1>

    neighbor <x.x.x.x>update-sourceloopback0



Bgp path attributes why l.jpg
BGP Path Attributes: Why ?

  • Encoded as Type, Length & Value (TLV)

  • Transitive/Non-Transitive attributes

  • Some are mandatory

  • Used in path selection

  • To apply policy for steering traffic


Bgp path attributes l.jpg
BGP Path Attributes...

  • Origin

  • AS-path

  • Next-hop

  • Multi-Exit Discriminator (MED)

  • Local preference

  • BGP Community

  • Others...


As path l.jpg
AS-PATH

  • Updated by the sending router with its AS number

  • Contains the list of AS numbers the update traverses.

  • Used to detect routing loops

    • Each time the router receives an update, if it finds its AS number, it discards the update


As path69 l.jpg
AS-Path

  • Sequence of ASes a route has traversed

  • Loop detection

AS 200

AS 100

170.10.0.0/16

180.10.0.0/16

180.10.0.0/16

dropped

AS 300

AS 400

150.10.0.0/16

180.10.0.0/16 300 200 100

170.10.0.0/16 300 200

150.10.0.0/16 300 400

AS 500


Next hop l.jpg
Next-Hop

150.10.1.1

150.10.1.2

  • Next hop router to reach a network

  • Advertising router/Third party in EBGP

  • Unmodified in IBGP

AS 200

AS 300

150.10.0.0/16

A

B

150.10.0.0/16 150.10.1.1

160.10.0.0/16 150.10.1.1

AS 100

160.10.0.0/16

Cisco Systems Confidential

0799_04F7_c2

20


Third party next hop l.jpg
Third Party Next Hop

  • More efficient, but bad idea!

AS 200

192.68.1.0/24 150.1.1.3

C

150.1.1.1

peering

150.1.1.3

150.1.1.2

A

B

192.68.1.0/24

AS 201


Next hop72 l.jpg
Next Hop...

  • IGP should carry route to next hops

  • Recursive route look-up

  • Unlinks BGP from actual physical topology

  • Allows IGP to make intelligent forwarding decision


Slide73 l.jpg

Local Preference

  • Not for EBGP, mandatory for IBGP

  • Default value is 100 on Ciscos

  • Local to an AS

  • Used to prefer one exit over another

  • Path with highest local preference wins


Local preference l.jpg
Local Preference

AS 100

160.10.0.0/16

AS 200

AS 300

500

800

D

E

A

B

AS 400

160.10.0.0/16 500

> 160.10.0.0/16 800

C


Slide75 l.jpg

Multi-Exit Discriminator

  • Non-transitive

  • Represented as a numeric value (0-0xffffffff)

  • Used to convey the relative preference of entry points

  • Comparable if paths are from the same AS

  • Path with lower MED wins

  • IGP metric can be conveyed as MED


Multi exit discriminator med l.jpg
Multi-Exit Discriminator (MED)

AS 200

C

preferred

192.68.1.0/24 2000

192.68.1.0/24 1000

A

B

192.68.1.0/24

AS 201


Origin l.jpg
Origin

  • Conveys the origin of the prefix

  • Three values:

    • IGP - Generated using “network” statement

      • ex: network 35.0.0.0

    • EGP - Redistributed from EGP

    • Incomplete - Redistribute IGP

      • ex: redistribute ospf

  • IGP < EGP < INCOMPLETE


Communities l.jpg
Communities

  • Transitive, Non-mandatory

  • Represented as a numeric value (0-0xffffffff)

  • Used to group destinations

  • Each destination could be member of multiple communities

  • Flexibility to scope a set of prefixes within or across AS for applying policy


Slide79 l.jpg

Community...

Service Provider AS 200

C

D

Community:201:110

Community:201:120

A

B

192.68.1.0/24

Customer AS 201


Synchronization l.jpg
Synchronization

1880

C

A

D

OSPF

690

35/8

209

  • C not running BGP (non-pervasive BGP)

  • A won’t advertise 35/8 to D until the IGP is in sync

  • Turn synchronization off!

    • Run pervasive BGP

      router bgp 1880

      no sync

B


Bgp route selection bestpath only one path as the bestpath l.jpg
BGP Route Selection (bestpath)Only one path as the bestpath !

  • Route has to be synchronized

    Prefix in forwarding table

  • Next-hop has to be accessible

    Next-hop in forwarding table

  • Largest weight

    Local to the router

  • Largest local preference

    Spread within AS

  • Locally sourced

    Via redistribute or network statement


Bgp route selection l.jpg
BGP Route Selection ...

  • Shortest AS-path length

    number of ASes in the AS-path attribute

  • Lowest origin

    IGP < EGP < INCOMPLETE

  • Lowest MED

    between paths from same AS

  • External over internal

    closest exit from a router

  • Closest next-hop

    Lower IGP metric, closer exit from as AS

  • Lowest router-id

  • Lowest IP address of neighbor


Bgp route selection83 l.jpg
BGP Route Selection...

AS 100

AS 200

AS 300

D

Increase AS path attribute length by at least 1

A

B

AS 400’s Policy to reach AS100

AS 200 preferred path

AS 300 backup

AS 400


Slide84 l.jpg

Stub AS

  • Typically no need for BGP

  • Point default towards the ISP

  • ISP advertises the stub network to Internet

  • Policy confined within ISP policy


Stub as l.jpg
Stub AS

AS 101

B

Provider

A

AS 100

Customer


Slide86 l.jpg

Multi-homed AS

  • Only border routers speak BGP

  • IBGP only between border routers

  • Exterior routes must be redistributed in a controlled fashion into IGP or use defaults


Multi homed as l.jpg
Multi-homed AS

AS 100

AS 300

D

A

C

B

AS 200

provider

provider

customer


Slide88 l.jpg

Service Provider Network

  • IBGP used to carry exterior routes

  • IGP keeps track of topology

  • Full IBGP mesh is required


Common service provider network l.jpg
Common Service Provider Network

AS 100

AS 200

A

H

B

C

AS 300

provider

D

F

E

G

AS 400


Slide90 l.jpg

Routing Policy

  • Why?

    • To steer traffic through preferred paths

    • Inbound/Outbound prefix filtering

    • To enforce Customer-ISP agreements

  • How ?

    • AS based route filtering - filter list

    • Prefix based route filtering - distribute list

    • BGP attribute modification - route maps


Distribute list using ip access lists l.jpg
Distribute list - using IP access lists

access-list 1 deny 10.0.0.0

access-list 1 permit any

access-list 2 permit 20.0.0.0

… more access-lists as prefixes are added ...

router bgp 100

neighbor 171.69.233.33 remote-as 33

neighbor 171.69.233.33 distribute-list 1 in

neighbor 171.69.233.33 distribute-list 2 out


Filter list rules regular expressions l.jpg
Filter list rules Regular Expressions

  • RE is a pattern to match against an input string

  • Used to match against AS-path attribute

  • ex: ^3561.*100.*1$

  • Flexible enough to generate complex filter list rules


Filter list using as path access list l.jpg
Filter list - using as-path access list

ip as-path access-list 1 permit 3561

ip as-path access-list 2 deny 35

ip as-path access-list 2 permit .*

router bgp 100

neighbor 171.69.233.33 remote-as 33

neighbor 171.69.233.33 filter-list 1 in

neighbor 171.69.233.33 filter-list 2 out


Route maps l.jpg
Route Maps

router bgp 300

neighbor 2.2.2.2 remote-as 100

neighbor 2.2.2.2 route-map SETCOMMUNITY out

!

route-map SETCOMMUNITY permit 10

match ip address 1

match community 1

set community 300:100

!

access-list 1 permit 35.0.0.0

ip community-list 1 permit 100:200


Route map match set clauses match clauses set clauses l.jpg
Route-map match & set clausesMatch Clauses Set Clauses

AS-path

Community

IP address

AS-path prepend

Community

Local-Preference

MED

Origin

Weight

Others...


Slide96 l.jpg

Route-map Configuration Example

eth

eth

H

H

H

H

eth

eth

H

H

H

H

neighbor <y.y.y.y> route-map AS200_IN in

!

route-map AS200_IN permit 10

match community 1

set local-preference 200

!

ip community-list 1 permit 100:200

ISP2

C21

C22

ISP3

neighbor <x.x.x.x> route-map AS100_IN in

!

route-map AS100_IN permit 10

set community 100:200

Inbound route-map

to set community

C32

C31



Load sharing single path l.jpg
Load-sharing - single path

  • Router A:

  • interface loopback 0

  • ip address 20.200.0.1 255.255.255.255

  • !

  • router bgp 100

  • neighbor 10.200.0.2 remote-as 200

  • neighbor 10.200.0.2 update-source loopback0

  • neighbor 10.200.0.2 ebgp-multi-hop 2

  • !

  • ip route 10.200.0.2 255.255.255.255 <DMZ-link1, link2>

Loopback 0

10.200.0.2

A

AS100

AS200

Loopback 0

20.200.0.1


Load sharing multiple paths from the same as l.jpg
Load Sharing - Multiple paths from the same AS

Router A:

router bgp 100

neighbor 10.200.0.1 remote-as 200

neighbor 10.300.0.1 remote-as 200

maximum-paths 2

A

100

200

Note:A still only advertises one “best” path to ibgp peers


Redundancy multi homing l.jpg
Redundancy - Multi-homing

  • Reliable connection to Internet

  • 3 common cases of multi-homing:

    • - default from all providers

    • - customer + default routes from all

    • - full routes from all


Default from all providers l.jpg
Default from all providers

  • Low memory/CPU solution

  • Provider sends BGP default

    • provider is selected based on IGP metric

  • Inbound traffic decided by providers’ policy

    • Can influence using outbound policy, example: AS-path prepend


Default from all providers102 l.jpg
Default from all providers

Provider

AS 200

Provider

AS 300

D

E

A

B

AS 400

C


Customer default from all providers l.jpg
Customer + default from all providers

  • Medium memory and CPU solution

  • Granular routing for customer routes and default for the rest

  • Inbound traffic decided by providers’ policy

    • Can influence using outbound policy


Customer routes from all providers l.jpg
Customer routes from all providers

Customer

AS 100160.10.0.0/16

Provider

AS 300

Provider

AS 200

D

E

A

B

C chooses shortest AS path

AS 400

C


Full routes from all providers l.jpg
Full routes from all providers

  • More memory/CPU

  • Full granular routing

  • Usually transit ASes take full routes

  • Usually pervasive BGP


Full routes from all providers106 l.jpg
Full routes from all providers

AS 100

AS 500

AS 200

AS 300

D

E

A

B

C chooses shortest AS path

AS 400

C


Best practices igp in backbone l.jpg
Best PracticesIGP in Backbone

  • IGP connects your backbone together, not your client’s routes

  • IGP must converge quickly

  • IGP should carry netmask information - OSPF, IS-IS, EIGRP


Best practices connecting to a customer l.jpg
Best Practices...Connecting to a customer

  • Static routes

    • You control directly

    • No route flaps

  • Shared routing protocol or leaking

    • You must filter your customers info

    • Route flaps

  • BGP for multi-homed customers


Best practices connecting to other isps l.jpg
Best Practices...Connecting to other ISPs

  • Use BGP4

  • Advertise only what you serve

  • Take back as little as you can

  • Take the shortest exit


Best practices the internet exchange l.jpg
Best Practices...The Internet Exchange

  • Long distance connectivity is expensive

  • Connect to several providers at a single point



ad