1 / 70

Module 6: BGP

Module 6: BGP. Contents. 6.1 BGP Concepts and Terminology. Using BGP in the Enterprise Network. The Internet : a collection of autonomous systems. BGP : provides the routing between autonomous systems. If an organization has only one connection to one ISP ,

jaimin
Download Presentation

Module 6: BGP

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Module 6: BGP

  2. Contents

  3. 6.1 BGP Concepts and Terminology

  4. Using BGP in the Enterprise Network • The Internet : a collection of autonomous systems. • BGP : provides the routing between autonomous systems. • If an organization has only one connection to one ISP,  would use a default route. • if have multiple connections to one or to multiple ISPs,BGP may be appropriate because it allows them to manipulate path attributes to select the optimal path. • External BGP (EBGP) : between routers in different AS. • Internal BGP (IBGP) : between routers in the same AS.

  5. BGP Multihoming Options • Multihoming : An autonomous system has more than one connection to the Internet. • Why multihoming? • To increase the reliability of the connection to the Internet: If one connection fails, the other connection remains available. • To increase the performance of the connection: Better paths can be used to certain destinations. • Three common ways to do multihoming: • Each ISP passes only a default route to the autonomous system: • Each ISP passes only a default route and provider-owned specific routes to the autonomous system • Each ISP passes all routes to the autonomous system.

  6. Option 1: Default Routes from All Providers • limitations of this option: • Path manipulation cannot be performed because only a single route is being received from each ISP. • Bandwidth manipulation is extremely difficult and can be accomplished only by manipulating the IGP metric of the default route. • Diverting some of the traffic from one exit point to another is challenging because all destinations are using the same default route for path selection.

  7. Option 2: Default Routes and Partial Updates • The enterprise (AS 64500) asked both providers to also send routes to networks in AS 64520. • The routes to other AS are decided by the IGP metric that is used to reach the default route within the autonomous system.

  8. Option 3: Full Routes from All Providers • Allows the internal routers of the autonomous system to take the path through the best ISP for each route

  9. BGP Routing Between Autonomous Systems

  10. BGP Routing Between Autonomous Systems • Autonomous System Numbers ; • 16-bits, ranging from 1 to 65535 • 64512 ~ 65535 : private use • BGP : does not look at speed for the best path. • Rather, BGP is a policy-based routing (PBR) protocol that allows an autonomous system to control traffic flow using multiple BGP path attributes.

  11. Path-Vector Functionality • BGP routers : exchange network reachability information, path vectors, made up of path attributes. • Path-vector information : a list of the full path of BGP autonomous system numbers (hop by hop) to reach a destination network and the networks that are reachable at the end of the path.

  12. Path-Vector Functionality • The collection of path information is expressed as a sequence of autonomous system numbers called the AS path. • This sequence forms a route to reach a specific destination.

  13. BGP Routing Policies • BGP is highly applicable as an inter-autonomous-system routing protocol • (EX) All possible paths for AS 64512 to reach networks in AS 64700 through AS 64520: • 64520 64600 64700 • 64520 64600 64540 64550 64700 • 64520 64540 64600 64700 • 64520 64540 64550 64700 • AS 64520 advertises to AS 64512 only its best path, 64520 64600 64700. • To reach the networks in AS 64700, AS 64512 can choose to use AS 64520 or AS 64530

  14. Features of BGP

  15. BGP Databases

  16. BGP Message Types - same as OSPF

  17. BGP Message : Update - Withdraw

  18. 6.2 EBGP and IBGP

  19. BGP Neighbor Relationships

  20. Establishing a Connection Between External BGP Neighbors

  21. Establishing a Connection Between Internal BGP Neighbors • each router within the autonomous system learns about paths to the external networks via IBGP. • The IBGP neighbor can be reached by a directly connected network, static routes, or by the internal routing protocol.

  22. AS Synchronization (Rick) • When an IBGP router receives an update about a destination from an IBGP peer, it tries to verify reachability to that destination via an IGP, such as RIP or OSPF. • If the IBGP router can’t find the destination network in it’s IGP routing table, it will not advertise the destination to other BGP peers.

  23. AS Synchronization (Rick) • The BGP synchronization rule states that a BGP router (RTC) should not advertise to external neighbors (ISP2) destinations (192.213.1.0/24) learned from inside BGP neighbors (RTA) unless those destinations are also known via an IGP (RTD and RTB). • If a router knows about these destinations via an IGP, it assumes that the route has already been propagated inside the AS, and internal reachability is guaranteed.

  24. AS Synchronization (Rick) • If the IBGP router (RTC) does have an IGP route to this destination, the route is considered synchronized, and the router will announce it to other BGP peers (ISP2). • Otherwise, the router will treat the route as not being synchronized with the IGP and will not advertise it.

  25. AS Synchronization (Rick) • The Cisco IOS offers an optional command called no synchronization. • This command enables BGP to override the synchronization requirement, allowing the router to advertise routes learned via IBGP irrespective of an existence of an IGP route.

  26. AS Synchronization (Rick) • In practice, two situations exist where synchronization can be safely turned off on border routers: • When all transit routers inside the AS are running fully meshed IBGP. Internal reachability is guaranteed because a route that is learned via EBGP on any of the border routers will automatically be passed on via IBGP to all other transit routers. • When the AS is not a transit AS.

  27. Synchronization Within an Transit Autonomous System • Transit AS : 외부 AS 간의 트래픽을 라우팅, 전형적 : ISPs. • Redistributing BGP into OSPF in not recommended • run IBGP onall routers within the AS.

  28. IBGP in a Nontransit Autonomous System • Nontransit AS : Multihomed AS with two ISPs • Does not pass routes between the ISPs. • 하지만 AS 내부의 BGP routers은 그 AS에 전달된 모든 BGP routes 을 알아야 한다. • (왜?) 적절한 라우팅 결정을 위하여. • 주로 BGP routers는 Border Router. • AS에서 routing loops을 피하기 위하여, IBGP를 통하여 배운 routes는 다른 동료 IBGP에게 전달하지 않는다. • 따라서 must use fully meshed BGP

  29. Routing Issues in a Transit Autonomous System • Router D와 C가 BGP를 돌리지 않으면 B와 E가 peer 관계를 맺더라도 • AS 65103에서 AS 65101로 가는 패킷이 전달될 수 없다. • Transit AS는 IBGP가 fully mesh 여야 한다.

  30. 6.3 Configuring BGP

  31. Basic BGP Configuration • BGP configuration (Cisco.com manual link)

  32. Activate a BGP Session

  33. Activate a BGP Session (example) • B can be multiple routers away from router A.

  34. Shutting Down a BGP Neighbor

  35. BGP Configuration Considerations

  36. IBGP Peering Issue • 시나리오 1) D: neighbor 10.3.3.1 remote-as 65102. 2) but A send BGP packets to D via B. 3) the source IP address: 10.1.1.1. 4) D : peer ip not match, BGP drop packet. • Solution : use loop back!!

  37. BGP neighbor update-source Command • 물리적 인터페이스 대신 loopback 인터페이스를 사용하면 BGP 패킷 소스 ip 주소도 loopback ip 주소로 하여야 한다. • Use : update-source option • BGP는 IP프로토콜 상에서 실행된다. • BGP 프로토콜은 IP 패킷 근원지, 목적지 IP 주소가 필요 • 근원지 주소는 디폴트로 출구 인터페이스 주소가 사용된다.

  38. BGP neighbor update-source Command • 만약 BGP 이웃을 Lo로 잡고 update source를 Lo로 하지 않으면BGP 패킷의 소스 IP는 인터페이스 IP가 들어간다. • BGP 패킷 drop !!!

  39. EBGP Peering Issue • EBGP peers : 보통 직접 연결되어야 한다. (usually only one hop away). • neighbor ebgp-multihop command : - 다중 홉 거리에 떨여져 있어도 이웃관계 유지. - Loop back 주소를 사용하는 경우에 유리.

  40. EBGP Peering Issue • AS 간에는 IGP가 사용되지 않기 때문에, 도움없이는 이웃 라우터의 loopback에 도달할 수 없다. • 각 라우터는 상대 라우터에 도달할 수 있는 경로를 설정하기 위하여 각각 static routes를 설정한다.

  41. Next Hop Behavior • 라우터 C는 10.10.10.3를 찾기 위하여 자신의 IGP 라우팅 테이블을 거듭 조회(recursive lookup)한다.

  42. BGP neighbor next-hop-self Command • 해당 이웃에 대하여 모든 BGP 업데이트의 next hop 주소를 자신의 인터페이스주소로 설정하도록 함.

  43. Injection Routing Information into BGP • neighbor command : tells BGP where to advertise, • network command : tells BGP what to advertise

  44. BGP network Command Example • 192.168.1.0/24 or 192.168.1.1/32 doses not match • The BGP auto-summary : 재분배되는 모든 서브넷은 BGP 테이블에서 classful boundaries로 요약된다. 12.2(8)T 이후 : default off.

  45. BGP Synchronization

  46. BGP Synchronization Example • A, B, C, D : running IBGP & IGP with each other. • A, B, C, D : have IGP routes to the internal networks of AS 65500, but do not have routes to external networks such as 172.16.0.0. • Because A and B : not redistributing the BGP routes into the IGP.

  47. BGP Configuration Example

  48. 6.4 Advanced BGP Configuration and Verification

  49. BGP FSM(Rick) BGP FSM includes six states: • Idle • Connect • Active • OpenSent • Open Confirm • Established Note: These arrows should show pointing back to the same state.

  50. Idle State • BGP always begins in the Idle state, in which it refuses all incoming connections. • It is normally initiated by an administrator or a network event. • When Start event occurs, the BGP process: • Initializes all BGP resources • Starts the ConnectRetry timer • Initializes a TCP connection the the neighbor • Listens for a TCP initialization from the neighbor • Changes its state toConnect (found ip addr to neighbor & received SYNC ACK)

More Related