Transcript Border Gateway Protocol (BGP)

Border Gateway Protocol (BGP)
W.lilakiatsakun
BGP Basics (1)
• BGP is the protocol which is used to make core
routing decisions on the Internet
• It involves a table of IP networks or "prefixes"
which designate network reachability
among autonomous systems (AS).
• RFC 4271
• BGP version 4 is a De facto standard for
exterior gateway protocol
• Run over TCP port 179
BGP Basics (2)
• The Border Gateway Protocol makes routing
decisions based on paths, network policies or
rule-sets configured by a network
administrator.
• The major enhancement in version 4 was
support for Classless Inter-Domain
Routing and use of route aggregation to
decrease the size of routings.
BGP Messages (1)
•
•
•
•
•
BGP Messages
1 - OPEN
2 - UPDATE
3 - NOTIFICATION
4 - KEEPALIVE
BGP Messages (2)
• OPEN Message
– After a TCP connection is established, the first
message sent by each side is an OPEN message.
– If the OPEN message is acceptable, a KEEPALIVE
message confirming the OPEN is sent back.
BGP Messages (3)
• KEEP ALIVE
– BGP does not use any TCP-based, keep-alive
mechanism to determine if peers are reachable.
Instead, KEEPALIVE messages are exchanged
between peers often enough not to cause the Hold
Timer to expire.
– A reasonable maximum time between KEEPALIVE
messages would be one third of the Hold Time
interval.
– KEEPALIVE messages MUST NOT be sent more
frequently than one per second.
BGP Messages (4)
• NOTIFICATION
– A NOTIFICATION message is sent when an error
condition is detected.
– The BGP connection is closed immediately after it
is sent.
BGP Messages (5)
• UPDATE
– UPDATE messages are used to transfer routing
information between BGP peers.
– The information in the UPDATE message can be
used to construct a graph that describes the
relationships of the various Autonomous Systems.
BGP Messages (6)
• UPDATE (con’t)
– An UPDATE message is used to advertise feasible
routes that share common path attributes to a
peer, or to withdraw multiple unfeasible routes
from service
– An UPDATE message MAY simultaneously
advertise a feasible route and withdraw multiple
unfeasible routes from service.
BGP Operations (1)
• Learns multiple paths via internal and external
BGP speakers
• Picks the best path and installs in the
forwarding table
• Best path is sent to external BGP neighbors
• Policies applied by influencing the best path
selection
BGP Operations (2)
• BGP neighbors, called peers, are established
by manual configuration between routers to
create a TCP session on port 179.
• A BGP speaker sends 19-byte keep-alive
messages every 30 seconds to maintain the
connection.
• Among routing protocols, BGP is unique in
using TCP as its transport protocol.
BGP Operations (3)
• When BGP runs between two peers in the
same autonomous system (AS), it is referred
to as Internal BGP (iBGP)
• When it runs between different autonomous
systems, it is called ExternalBGP (eBGP)
• The main difference between iBGP and eBGP
peering is in the way routes that were
received from one peer are propagated to
other peers
BGP Operations (4)
• For instance, new routes learned from an eBGP
peer are typically redistributed to all other iBGP
peers as well as all eBGP peers (if transit mode
is enabled on the router).
• However, if new routes were learned on an
iBGP peering, then they are re-advertised only
to all other eBGP peers.
• These route-propagation rules effectively
require that all iBGP peers inside an AS are
interconnected in a full mesh.
eBGP & iBGP
• BGP used internally (iBGP) and externally
(eBGP)
• iBGP used to carry some/all Internet prefixes
across ISP backbone ISP’s customer prefixes
• eBGP used to exchange prefixes with other
Ases implement routing policy
External BGP Peering (eBGP)
• Between BGP speakers in different AS
• Should be directly connected
• Never run an IGP between eBGP peers
Configuring eBGP
Internal BGP (iBGP)
• BGP peer within the same AS
• Not required to be directly connected
– IGP takes care of inter-BGP speaker connectivity
• iBGP speakers need to be fully meshed
– they originate connected networks
– They do not pass on prefixes learned from other
iBGP speakers
Internal BGP peering
Configuring iBGP
BGP Attributes (1)
• Well-known attributes – must be supported by
every BGP implementation
• Mandatory attributes – must be included with
every route entry. If one attribute is missing, it
will result in an error message
– Ex: ORIGIN, AS_PATH, NEXT_HOP, LOCAL_PREF
BGP Attributes (2)
• Discretionary attributes – every BGP router
must recognize, but they don’t have to be
present with every route entry
– Ex. ATOMIC_AGGREGATE
• Optional attributes – not necessarily
supported by all BGP implementations. It can
be either transitive or non-transitive.
– Ex. AGGREGATOR, COMMUNITY, MULTI_EXIT_DISC
BGP Attributes (3)
•
•
•
•
•
•
•
Origin
AS-Path
Next Hop
Multi_Exit_Disc
Local Preference
Atomic_aggregrate
Aggregrator
Origin
• ORIGIN is a well-known mandatory attribute.
• The ORIGIN attribute is generated by the
speaker that originates the associated routing
information.
• Three values: IGP, EGP, incomplete
– IGP generated by BGP network statement
– EGP generated by EGP
– Incomplete redistributed from another routing
protocol
AS_Path (1)
• This attribute identifies the autonomous
systems through which routing information
carried in this UPDATE message has passed.
AS_Path (2)
• AS_Path is Used for
– Loop detection
– Path metrics where the length of the AS Path is
used as in path selection
AS_Path (3)
AS_Path Loop Detection
AS_Path (4)
• When a BGP speaker propagates a route it
learned from another BGP speaker’s UPDATE
message, it modifies the route’s AS_PATH
attribute based on the location of the BGP
speaker to which the route will be sent only
when a given BGP speaker advertises the
route to an external peer.
Next Hop (1)
• The NEXT_HOP defines the IP address of the
router that SHOULD be used as the next hop
to the destinations listed in the UPDATE
message
• Well known mandatory attribute
Next Hop (2)
The IP address to reach the next AS
– Router A advertise 150.10.0.0/16 and 160.10.0.0/16 to router B
in eBGP with next hop 150.10.1.1 (Change it to own IP)
– Router B will update Router C in iBGP keeping the next hop
unchanged
Next Hop (3)
• IOS default is for external next-hop to be
propagated unchanged to iBGP peers
– This means that IGP has to carry external nexthops
• ISP Best Practice is to change external nexthop to be that of the local router
– neighbor x.x.x.x next-hop-self
Multi_Exit_Disc (1)
• The MULTI_EXIT_DISC is an optional nontransitive attribute that is intended to be used
on external (inter-AS) links to discriminate
among multiple exit or entry points to the
same neighboring AS.
• The value of the MULTI_EXIT_DISC attribute is
a four-octet unsigned number, called a metric.
• All other factors being equal, the exit point
with the lower metric SHOULD be preferred.
Multi_Exit_Disc (2)
MED
MED
Multi_Exit_Disc (3)
• For prefix 120.68.1.0/24 Router B send MED
1000 and router A send MED 2000 to eBGP
neighbor
• Incoming traffic from AS200 will choose
Router B since lowest MED will win
Local Preference (1)
• Local preference is used to advertise to IBGP
neighbors only about how to leave their AS
(Outbound Traffic).
• Paths with highest preference value are most
desirable
• Local preference attribute is well-known and
discretionary and is passed only within the AS
• Cisco Default Local Pref is 100
Local Preference (2)
For destination 160.10.0.0/16 Router A advertise local
pref 500 and Router B advertise local pref 800 in iBGP
• 800 will win best path (Router B)
Atomic_aggregate (1)
• If an aggregate excludes at least some of the
AS numbers present in the AS_PATH of the
routes that are aggregated as a result of
dropping the AS_SET, the aggregated route,
when advertised to the peer, SHOULD include
the ATOMIC_AGGREGATE attribute
Atomic_aggregate (2)
• Conveys the IP address of the router/BGP
Speaker generating the aggregate route
• Useful for debugging purposes
• Does not influence best path selection
Aggregator
• AGGREGATOR is an optional transitive
attribute, which MAY be included in updates
that are formed by aggregation
• A BGP speaker that performs route
aggregation MAY add the AGGREGATOR
• attribute, which SHALL contain its own AS
number and IP address.
• The IP address SHOULD be the same as the
BGP Identifier of the speaker.
Path Selection (1)
• If the NEXT_HOP attribute of a BGP route depicts
an address that is not resolvable, or if it would
become unresolvable if the route was installed in
the routing table, the BGP route MUST be
excluded from the decision function.
• If the AS_PATH attribute of a BGP route contains
an AS loop, the BGP route should be excluded
from the decision function.
– AS loop detection is done by scanning the full AS path
(as specified in the AS_PATH attribute), and checking
that the autonomous system number of the local
system does not appear in the AS path.
Path Selection (2)
• Step 1: Prefer highest weight (local to router)
• Step 2: Prefer highest local preference (global
within AS)
• Step 3: Prefer route originated by the local
router
• Step 4: Prefer shortest AS path
• Step 5: Prefer lowest origin code (IGP < EGP <
incomplete)
Path Selection (3)
• Step 6: Prefer lowest MED (from other AS)
• Step 7: Prefer EBGP path over IBGP path
• Step 8: Prefer the path through the closest IGP
neighbor
• Step 9: Prefer oldest route for EBGP paths
• Step 10: Prefer the path with the lowest
neighbor BGP router ID