Transcript BGP
© 2001, Cisco Systems, Inc. All rights reserved. BGP Overview © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview-2 Objectives Upon completion of this lesson, you will be able to perform the following tasks: • Explain the need for BGP and typical BGP usage scenarios • Describe basic BGP technical characteristics • Describe BGP path attributes • Describe BGP session establishment and routing information exchange • Configure basic BGP on Cisco router • Monitor and troubleshoot basic BGP setup © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-3 Introduction to BGP © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview-4 Objectives Upon completion of this section, you will be able to perform the following tasks: • Explain the need for interdomain routing • Describe the need for external routing protocol • List the basic BGP technical characteristics • Identify typical BGP usage scenarios • Explain BGP limitations © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-5 Interdomain Routing AS65000 AS65001 OSPF BGP EIGRP • An autonomous system (AS) is a collection of networks under a single technical administration • Interior routing protocol (IGP) is run inside an autonomous system resulting in optimum intra-AS routing • Exterior routing protocol (EGP) is run between autonomous systems to enable routing policies and improve security © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-6 Interdomain Routing Goals Scalability • Internet has over 80,000 routes and is still growing Secure routing information exchange • Routers from another autonomous system cannot be trusted • Tight filters are required, authentication is desirable Routing policies support • Routing between autonomous systems might not always follow the optimum path © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-7 Routing Policies - Case Study Service Provider (AS 10) Company X (AS 20) 2 Mbps Company A (AS 1) Company B (AS 2) Q: Assuming standard IGP route selection rules, how will the traffic between AS1 and AS20 flow? Q: Will AS 2 allow this traffic? Q: How would you solve this problem with OSPF or EIGRP? © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-8 BGP Characteristics Distance-vector protocol with enhancements: • Reliable updates • Triggered updates only • Rich metrics (called path attributes) Designed to scale to huge internetworks © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-9 Reliable Updates • Uses TCP as transport protocol • No periodic updates • Periodic keepalives to verify TCP connectivity • Triggered updates are batched and rate-limited (every 5 seconds for internal peer, every 30 seconds for external peer) © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-10 Common BGP Usages • Customer connected to one Internet Service Provider (ISP) • Customer connected to several Service Providers • Service Provider networks (transit autonomous systems) • Service providers exchanging traffic at an exchange point (CIX, GIX, NAP …) • Network cores of large enterprise customers © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-11 Single-homed Customers Large customer or small ISP connecting to the Internet Internet Customer or small Service Provider Service Provider BGP © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-12 Customer Connected to One ISP Usage Guidelines Use BGP between the customer and the Service Provider: • Customers multi-homed to the same Service Provider • Customer that needs dynamic routing protocol with the Service Provider to detect failures • Hint: Use private AS number for these customers • Smaller ISPs that need to originate their routes in the Internet Use static routes in all other cases • Static routes are always simpler than BGP © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-13 Multi-homed Customers Customer connecting to several serviceproviders (multi-homed customer)4 Internet Service Provider #1 Multi-homed Customer Service Provider #2 © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-14 Multi-homed Customer Usage Guidelines • BGP is almost mandatory for multi-homed customers • Multi-homed customers have to use public AS numbers • Multi-homed customers should use providerindependent address space © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-15 Transit Autonomous System • Using BGP to exchange routes is mandatory for transit autonomous systems (provider networks carrying customer traffic) Internet Another Service Provider BGP Multi-homed Customer Simple Customer Static Routing Service Provider (Transit AS) © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-16 BGP Limitations BGP and associated tools cannot express all routing policies • You cannot influence the routing policies of downstream autonomous systems RFC 1771: “BGP does not enable one AS to send traffic to neighbor AS intending that the traffic take a different route from that taken by traffic originating in the neighbor AS” © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-17 RFCs Covering Baseline BGP4 1930 Guidelines for creation, selection, and registration of an Autonomous System 1774 BGP-4 Protocol Analysis 1773 Experience with the BGP-4 protocol 1772 Application of the BGP in the Internet 1771 A Border Gateway Protocol 4 (BGP-4) 1745 BGP4/IDRP for IP---OSPF interaction 1675 BGP MIB © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-18 RFCs Covering Additions to BGP4 1965 Autonomous System Confederations for BGP 1997 BGP Communities Attribute 1998 An Application of the BGP Community Attribute in Multi-home Routing 2385 Protection of BGP sessions via the TCP MD5 Signature Option 2439 BGP Route Flap Damping 2796 BGP Route Reflection An alternative to full mesh IBGP © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-19 RFCs Covering BGP Extensions 2842 Capabilities Advertisement with BGP-4 2858 Multiprotocol extensions for BGP-4 2918 Route Refresh Capability for BGP-4 © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-20 Protocol Development Considerations BGP was designed to perform well in • Interdomain Routing application • Huge internetworks with large routing tables • Environments that require complex routing policies Some design tradeoffs that were made • BGP uses TCP for reliable transport - CPU intensive • Scalability is the top priority - slower convergence © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-21 Summary After completing this section, you should be able to perform the following tasks: • Explain the need for interdomain routing • Describe the need for external routing protocol • List the basic BGP technical characteristics • Identify typical BGP usage scenarios • Explain BGP limitations © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-22 Review Questions • What is an autonomous system? • What are the design goals of an interdomain routing protocol? • When should you use BGP between a customer and a Service Provider? • Which transport mechanism is used to exchange the BGP routing updates? • What is BGP optimized for? © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-23 BGP Path Attributes © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview-24 Objectives Upon completion of this section, you will be able to perform the following tasks: • Describe the concept of BGP path attribute • Explain the difference between well-known and optional BGP attributes • List common mandatory and optional BGP attributes • Describe the functionality of AS-Path, Origin and Next-Hop attributes © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-25 BGP Path Attributes • BGP metrics are called path attributes • BGP attributes are categorized as well-known and optional • Well-known attributes must be recognized by all compliant implementations • Optional attributes are only recognized by some implementations (could be private), expected not to be recognized by everyone © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-26 Well-known BGP Attributes • Well-known attributes are divided into mandatory and discretionary • Well-known mandatory attributes must be present in all update messages • Well-known discretionary attributes are optional - they could be present in update messages • All well-known attributes are propagated to other neighbors © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-27 Optional BGP Attributes • Optional BGP attributes are transitive or nontransitive • Optional transitive attributes – Propagated to other neighbors if not recognized, Partial bit set to indicate that the attribute was not recognized • Optional non-transitive attributes – Discarded if not recognized • Recognized optional attributes are propagated to other neighbors based on their meaning (not constrained by transitive bit) © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-28 Well-known Mandatory Attributes • Origin – Specifies the origin of a BGP route IGP EGP Unknown Route originated in an IGP Route originated in EGP Route was redistributed into BGP • AS_Path – Sequence of AS numbers through which the network is accessible • Next_Hop – IP address of the next-hop router © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-29 Well-known Discretionary Attributes Local preference • Used for consistent routing policy within AS Atomic aggregate • Informs the neighbor AS that the originating router aggregated routes © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-30 Optional Attributes • Non-transitive attributes – Multi_Exit_Disc • Used to discriminate between multiple entry points to a single autonomous system • Transitive attributes – Aggregator • Specifies IP address and AS number of the router that performed route aggregation – Communities • Used for route tagging © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-31 AS-Path • The AS-path attribute is empty when a local route is inserted in the BGP table • The sender’s AS number is prepended to the ASpath attribute when the routing update crosses AS boundary • The receiver of BGP routing information can use the AS-path to determine through which AS the information has passed • An AS that receives routing information with its own AS number in the AS-path silently ignores the information © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-32 AS-Path Example AS 21 AS 123 21.0.0.1 10.0.0.1 Network=10.0.0.0/8 AS-Path=37 21 123 Loop detected, incoming update is ignored Network=10.0.0.0/8 AS-Path=21 123 Network=10.0.0.0/8 AS-Path=123 37.0.0.1 AS 37 Sender’s AS number is prepended to AS path when the update crosses AS boundary © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-33 Next-Hop Attribute • Next-hop attribute indicates the next-hop IP address used for packet forwarding • Usually set to the IP address of the sending BGP router • Can be set to a third-party IP address to optimize routing © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-34 Next-Hop Processing AS 21 Network=21.0.0.0/8 AS-Path=21 Next-hop = 10.0.0.1 AS 123 10.0.0.2 Rtr-A 10.0.0.1 Rtr-B 10.1.0.5 Network=21.0.0.0/8 10.1.0.6 AS-Path=123 21 Next-hop = 10.1.0.5 Rtr-C AS 37 • Next-hop is usually set to the IP address of the sending router © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-35 Next-Hop Processing on Shared Media Network=21.0.0.0/8 AS-Path=21 Next-hop = 10.0.0.1 AS 21 10.0.0.1 AS 123 Rtr-B 10.0.0.2 Rtr-A Network=21.0.0.0/8 AS-Path=123 21 Next-hop = 10.0.0.1 10.0.0.3 Rtr-C AS 37 • If the receiving BGP router is in the same subnet as the current next-hop, the next-hop address is not changed to optimize packet forwarding © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-36 Next-Hop Processing on NBMA Network AS 21 Network=21.0.0.0/8 AS-Path=21 Next-hop = 10.0.0.1 AS 123 10.0.0.2 10.0.0.1 Frame Relay Rtr-A 10.0.0.3 Network=21.0.0.0/8 AS-Path=123 21 Next-hop = 10.0.0.1 Connectivity is broken, Rtr-C cannot reach next-hop 10.0.0.1 Rtr-B Rtr-C AS 37 • BGP next-hop processing can break connectivity with improper network designs over partially-meshed WAN networks © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-37 BGP Path Attribute Summary Well-known mandatory attributes • Recognized by everone, always present • AS-Path, Next-Hop, Origin Well-known discretionary • Recognized by everone, optional • Local Preference, Atomic Aggregate Optional transitive • Might not be recognized, propagated if not • BGP Community, Aggregator Optional non-transitive • Might not be recognized, dropped if not • Multi-exit-discriminator © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-38 Summary After completing this section, you should be able to perform the following tasks: • Describe the concept of BGP path attribute • Explain the difference between well-known and optional BGP attributes • List common mandatory and optional BGP attributes • Describe the functionality of AS-Path, Origin and Next-Hop attributes © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-39 Review Questions • What is a BGP Path Attribute? • Which BGP Path Attributes must be carried with each update? • List three well-known mandatory attributes? • How are the optional transitive attributes propagated between BGP neighbors? • How do the BGP routers detect routing loops? • When is the next-hop attribute different from the IP address of the sending router? © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-40 BGP Neighbor Configuration and Session Establishment © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview-41 Objectives Upon completion of this section, you will be able to perform the following tasks: • Explain the need for static neighbor configuration • Describe the BGP session establishment procedures • Describe the TCP MD5 signature protection and its benefits for BGP © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-42 BGP does not Auto-discover Neighbors • BGP neighbors are not discovered - they must be configured manually • Configuration must be done on both sides of the connection • Both routers will attempt to connect to the other with a TCP session on port number 179 • Only one session will remain if both connection attempts succeed • Source IP address of incoming connection attempts is verified against a list of configured neighbors © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-43 Small BGP Network Used in Following Examples AS 21 21.0.0.0/8 2.3.4.5 AS 123 1.0.0.0/8 2.3.4.6 Rtr-B 3.4.5.7 Rtr-A 3.4.5.6 Rtr-C © 2001, Cisco Systems, Inc. All rights reserved. AS 37 37.0.0.0/8 BGP_Overview—Page-44 BGP Neighbors - Idle State • Initially all BGP sessions to the neighbors are idle Rtr-A#show ip bgp sum BGP table version is 1, main routing table version 1 Neighbor 2.3.4.5 3.4.5.6 V 4 4 © 2001, Cisco Systems, Inc. All rights reserved. AS MsgRcvd MsgSent TblVer 21 0 0 0 37 0 0 0 InQ OutQ Up/Down 0 0 never 0 0 never State Idle Idle BGP_Overview—Page-45 Establishing Session • TCP session is established when the neighbor becomes reachable • BGP Open messages are exchanged Rtr-A#debug ip tcp transactions Rtr-A#debug ip bgp events 0:06:17: BGP: 2.3.4.5 went from Idle to Active 0:06:22: TCB0012A910 created 0:06:22: TCB0012A910 setting property 0 12A8B4 0:06:22: TCB0012A910 bound to 2.3.4.6.11003 0:06:22: TCP: sending SYN, seq 3142900499, ack 0 0:06:22: TCP0: Connection to 2.3.4.5:179, advertising MSS 1460 0:06:22: TCP0: state was CLOSED -> SYNSENT [11003 -> 2.3.4.5(179)] 0:06:22: TCP0: state was SYNSENT -> ESTAB [11003 -> 2.3.4.5(179)] 0:06:22: TCP0: Connection to 2.3.4.5:179, received MSS 1460, MSS is 1460 0:06:22: TCB0012A910 connected to 2.3.4.5.179 0:06:22: BGP: 2.3.4.5 went from Active to OpenSent 0:06:22: BGP: 2.3.4.5 went from OpenSent to OpenConfirm 0:06:22: BGP: 2.3.4.5 went from OpenConfirm to Established © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-46 BGP Open The BGP Open message contains: • BGP Version number • My Autonomous System number • Hold Time • BGP Router Identifier • Optional Parameters © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-47 BGP Neighbors - Steady State • All neighbors shall be up (no state info) Rtr-A#show ip bgp sum BGP table version is 10, main routing table version 10 3 network entries (3/6 paths) using 516 bytes of memory 3 BGP path attribute entries using 284 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory Neighbor 2.3.4.5 3.4.5.6 V 4 4 AS MsgRcvd MsgSent 21 17 22 37 11 17 © 2001, Cisco Systems, Inc. All rights reserved. TblVer 10 10 InQ OutQ Up/Down 0 0 0:01:47 0 0 0:07:07 State/PfxRcvd 27 35 BGP_Overview—Page-48 MD5 Authentication • BGP Peers may optionally use MD5 TCP authentication using shared secret • Both routers must be configured with the same password (MD5 shared secret) • Each TCP segment is verified © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-49 Summary After completing this section, you should be able to perform the following tasks: • Explain that BGP neighbors must be configured • Describe the information exchanged using the BGP Open message • Explain the basic principles of BGP session establishment • Describe the TCP MD5 signature protection and its benefits for BGP © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-50 Review Questions • How are BGP neighbors discovered? • Which steps must be taken before a BGP session is established? • Which information is carried in a BGP Open message? • What are the benefits of using MD5? © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-51 BGP Routing Updates © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview-52 Objectives Upon completion of this section, you will be able to perform the following tasks: • Describe BGP data structures • Explain how BGP announces networks local to an Autonomous System • Describe the processing of incoming BGP updates • Explain the BGP route selection process • Describe the propagation of the best BGP routes to other BGP neighbors © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-53 BGP in Action BGP routing information exchange contains the following steps: • • • • • • Receiving BGP routing updates Building BGP table BGP Route selection BGP Route propagation Building IP routing table Advertising local networks © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-54 Receiving Routing Update • Information from the BGP tables is exchanged after adjacency establishment Rtr-A#debug ip bgp update 1:24:11: BGP: 2.3.4.5 rcv UPDATE about 37.0.0.0 255.0.0.0, next hop 2.3.4.5, path 21 37 metric 0 1:24:11: BGP: 2.3.4.5 rcv UPDATE about 1.0.0.0 255.0.0.0 -denied 1:24:11: BGP: 2.3.4.5 rcv UPDATE about 21.0.0.0 255.0.0.0, next hop 2.3.4.5, path 21 metric 0 1:24:11: BGP: nettable_walker 21.0.0.0/255.0.0.0 calling revise_route 1:24:11: BGP: revise route installing 21.0.0.0/255.0.0.0 -> 2.3.4.5 © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-55 Building BGP Table • All inbound updates are placed into the BGP table Rtr-A#show ip bgp BGP table version is 16, local router ID is 1.2.3.4 Status codes: s suppressed, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 1.0.0.0 * 21.0.0.0 *> *> 37.0.0.0 * © 2001, Cisco Systems, Inc. All rights reserved. Next Hop 0.0.0.0 3.4.5.6 2.3.4.5 3.4.5.6 2.3.4.5 Metric LocPrf Weight Path 0 32768 i 0 37 21 i 0 0 21 i 0 0 37 i 0 21 37 i BGP_Overview—Page-56 BGP Route Selection Criteria • • • • • • • • • Exclude routes with inaccessible next-hop Prefer highest weight (local to router) Prefer highest local-preference (global within AS) Prefer routes that the router originated Prefer shorter AS paths (only length is compared) Prefer lowest origin code (IGP < EGP < Unknown) Prefer lowest MED Prefer external (EBGP) paths over internal (IBGP) For IBGP paths, prefer path through closest IGP neighbor • For EBGP paths, prefer oldest (most stable) path • Prefer paths from router with the lower BGP router ID © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-57 BGP Route Selection • Best routes to the destination networks are selected from the BGP table as123#show ip bgp BGP table version is 4, local router ID is 1.2.3.4 Status codes: s suppressed, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network *> 1.0.0.0 *> 21.0.0.0 * *> 37.0.0.0 * © 2001, Cisco Systems, Inc. All rights reserved. Next Hop 0.0.0.0 3.4.5.6 2.3.4.5 3.4.5.6 2.3.4.5 Metric LocPrf Weight Path 0 32768 i 100 37 21 i 0 0 21 i 0 100 37 i 0 21 37 i BGP_Overview—Page-58 BGP Route Propagation • Best BGP routes are propagated to BGP neighbors as123#debug ip bgp update 1:24:16: BGP: 3.4.5.6 computing updates, neighbor version 15, table version 16, starting at 0.0.0.0 1:24:16: BGP: 3.4.5.6 send UPDATE 21.0.0.0 255.0.0.0, next 3.4.5.7, metric 0, path 123 21 1:24:16: BGP: 3.4.5.6 1 updates enqueued (average=45, maximum=45) 1:24:16: BGP: 3.4.5.6 update run completed, ran for 4ms, neighbor version 15, start version 16, throttled to 16, check point net 0.0.0.0 © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-59 Building IP Routing Table • Best BGP routes are copied into the IP routing table based on administrative distance as123#show ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default Gateway of last resort is not set C C C B B 1.0.0.0 is directly 2.0.0.0 is directly 3.0.0.0 is directly 21.0.0.0 [20/0] via 37.0.0.0 [20/0] via © 2001, Cisco Systems, Inc. All rights reserved. connected, Loopback0 connected, Serial1 connected, Serial0 3.4.5.6, 00:02:06 3.4.5.6, 00:02:06 BGP_Overview—Page-60 Advertising Local Networks • BGP router process keeps a list of local networks (defined with network command or through redistribution) • BGP process periodically scans the IP forwarding table and inserts or revokes routes from BGP routing table based on their presence in the forwarding table © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-61 Advertising Local Networks - Example 1/2 • BGP route is revoked after the network is removed from the forwarding table as123# debug ip routing as123# debug ip bgp update %LINEPROTO-5-UPDOWN: Line protocol on Loopback0 changed state to down 1:34:33: RT: interface Loopback0 removed from routing table 1:34:33: RT: del 1.0.0.0 via 0.0.0.0, connected metric [0/0] 1:34:33: RT: delete network route to 1.0.0.0 1:34:33: BGP: route down 1.0.0.0 255.0.0.0 1:34:33: BGP: no valid path for 1.0.0.0 255.0.0.0 1:34:33: BGP: nettable_walker 1.0.0.0/255.0.0.0 no best path selected 1:34:34: BGP: 2.3.4.5 send UPDATE 1.0.0.0 255.0.0.0 -- unreachable 1:34:34: BGP: 2.3.4.5 1 updates enqueued (average=25, maximum=25) 1:34:34: BGP: 2.3.4.5 update run completed, ran for 4ms, neighbor version 4, start version 5, throttled to 5, check point net 0.0.0.0 1:34:34: BGP: 3.4.5.6 send UPDATE 1.0.0.0 255.0.0.0 -- unreachable © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-62 Advertising Local Networks - Example 2/2 • BGP route is advertised after the network appears in the forwarding table 1:36:42: RT: add 1.0.0.0 255.0.0.0 via 0.0.0.0, connected metric [0/0] 1:36:42: RT: interface Loopback0 added to routing table 1:36:42: BGP: route up 1.0.0.0 255.0.0.0 1:36:42: BGP: nettable_walker 1.0.0.0/255.0.0.0 route sourced locally %LINEPROTO-5-UPDOWN: Line protocol on Interface Loopback0, changed state to up 1:36:43: BGP: 2.3.4.5 computing updates, neighbor version 5, table version 6, starting at 0.0.0.0 1:36:43: BGP: 2.3.4.5 send UPDATE 1.0.0.0 255.0.0.0, next 2.3.4.6, metric 0, path 123 1:36:44: BGP: 2.3.4.5 1 updates enqueued (average=50, maximum=50) 1:36:44: BGP: 2.3.4.5 update run completed, ran for 4ms, neighbor version 5, start version 6, throttled to 6, check point net 0.0.0.0 © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-63 Summary After completing this section, you should be able to perform the following tasks: • Describe the basic functions of BGP and its data structures • Explain how BGP announces networks local to an Autonomous System • Describe the processing of incoming BGP updates • Explain the BGP route selection process • Describe the propagation of the best BGP routes to other BGP neighbors © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-64 Review Questions • Which of the received routing updates are forwarded to other neighbors? • Which incoming BGP updates are stored in the BGP table? • Which BGP routes are announced to other BGP neighbors • With no BGP attributes modified, which criteria will determine route selection? • Describe methods that are available to announce local networks © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-65 Simple BGP Configuration © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview-66 Objectives Upon completion of this section, you will be able to perform the following tasks: • Initial BGP setup • Configuring BGP neighbors • Originating local networks in BGP • Basic BGP route aggregation © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-67 Start the BGP Routing Process router(config)# router bgp as-number • Starts BGP routing • Get your AS number from InterNIC (www.internic.net) or RIPE (www.ripe.net) • Use private AS numbers (64512 - 65535) if you run BGP in a private network • Only one BGP routing process per router is allowed © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-68 Configure External Neighbors router(config-router)# neighbor ip-address remote-as as-number neighbor ip-address description neighbor description • Defines an external neighbor and (optionally) assigns a description • External neighbor has to be reachable over directly connected subnet © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-69 Temporary Disable BGP Neighbor router(config-router)# neighbor ip-address shutdown • Disables communication with a BGP neighbor • Usage scenarios: • Debugging and troubleshooting • Shutdown the neighbor during extensive modification of routing policies to prevent inconsistent routing data © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-70 Configuring TCP MD5 Signature router(config-router)# neighbor ip-address password string • Enables Message Digest 5 authentication on BGP session • Use the same password string on both routers © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-71 Announcing Networks in BGP Only administratively defined networks are announced in BGP • Manually configure networks to be announced • Use redistribution from IGP • Use aggregation to announce summary prefixes © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-72 Manually Define Major Network router(config-router)# network major-network-number • Allows advertising of major networks into BGP • At least one of the subnets must be present in the routing table • The meaning of “network” command in BGP is completely different from any other routing protocol © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-73 Redistributing Routes from IGP • Easier than listing networks in BGP process in large networks • Redistributed routes carry origin-attribute ‘incomplete’ • Always filter redistributed routes to prevent route leaking • Avoid in Service Provider environments © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-74 Simple IGP to BGP Redistribution router(config)# router bgp <AS> redistribute <IGP> distribute-list <ACL> out <IGP> ! access-list <ACL> permit <network> • Configure redistribution in BGP process • Configure route-filter using distribute list • Caveat: • BGP routes originated through redistribution have incomplete origin © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-75 Redistribution Using Route-Maps router(config)# router bgp <AS> redistribute <IGP> route-map intoBGP ! route-map intoBGP permit match ip address <ACL> set origin igp ! access-list <ACL> permit <network> • Origin can be set to ‘IGP’ with a route-map • Other BGP path path attributes can also be set • Metric • Next-hop • Community © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-76 Classless BGP Operation • BGP4 supports Classless Interdomain Routing (CIDR) • Any BGP router can advertise individual networks or supernets (prefixes) • Prefix notation is used with BGP instead of subnet masks • 192.168.0.0/16 = 192.168.0.0 255.255.0.0 © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-77 Manually Announce Classless Prefix in BGP router(config-router)# network ip-prefix-address mask subnet-mask • Configures a classless prefix to be advertised into BGP • The prefix must exactly match an entry in the IP forwarding table • Hint: use a static route to null 0 to create a matching prefix in the IP forwarding table © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-78 Advertising a Supernet Prefix Example • Advertise prefix 192.168.0.0/16 assigned to the Internet Service Provider router(config)# router bgp 123 network 192.168.0.0 mask 255.255.0.0 ! ip route 192.168.0.0 255.255.0.0 null 0 © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-79 Aggregating BGP Networks Summarization is called aggregation in BGP • Aggregation creates summary routes (called aggregates) from networks already in BGP table • Individual networks could be announced or suppressed © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-80 Configuring Aggregation (#1) router(config)# router bgp as-number aggregate-address address-prefix mask • Specify aggregation range in BGP routing process • The aggregate will be announced if there is at least one network in the specified range in the BGP table • Individual networks will still be announced in outgoing BGP updates © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-81 Configuring Aggregation (#2) router(config)# router bgp as-number aggregate-address address-prefix mask summary-only • Configure aggregation of BGP routes • Advertise only the aggregate and not the individual networks Benefits: • Smaller BGP routing tables • More stable internetworks (less route flapping) Drawbacks: • Problems with multi-homed customers © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-82 Multihomed Customer Problem Alternate Provider Multihomed Customer 192.1.1.0/24 192.1.1.0/24 Rest of the Internet 192.1.1.0/24 192.1.0.0/16 Primary Provider (aggregating) • Customer prefers Primary provider using Alternate only as backup • Primary provider advertises the aggregate, Alternate provider advertises individual network © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-83 Multihomed Customer Problem Alternate Provider Multihomed Customer 192.1.1.0/24 192.1.1.0/24 Rest of the Internet 192.1.1.0/24 192.1.0.0/16 192.1.0.0/16 192.1.1.0/24 Primary Provider (aggregating) • Remote autonomous systems prefer longest-match prefix, traffic toward the customer flows through Alternate provider • Solution: don’t use aggregation © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-84 Classless BGP Examples • Advertise prefix 192.168.0.0/20 • Aggregate networks in 192.168.16.0/20 and announce individual networks • Aggregate networks in 192.168.32.0/20 suppressing individual network announcements router(config)# router bgp 123 network 192.168.0.0 mask 255.255.240.0 aggregate-address 192.168.16.0 255.255.240.0 aggregate-address 192.168.32.0 255.255.240.0 summary-only ! ip route 192.168.0.0 255.255.240.0 null 0 © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-85 Aggregation Example - BGP Table as123#show ip bgp BGP table version is 16, local router ID is 1.2.3.4 Status codes: s suppressed, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete *> * *> *> * *> *> *> *> *> s> s> Network 1.0.0.0 21.0.0.0 37.0.0.0 192.168.0.0/20 192.168.16.0/20 192.168.16.0 192.168.17.0 192.168.32.0/20 192.168.32.0 192.168.33.0 © 2001, Cisco Systems, Inc. All rights reserved. Next Hop 0.0.0.0 3.4.5.6 2.3.4.5 3.4.5.6 2.3.4.5 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 0.0.0.0 Metric LocPrf Weight Path 0 32768 i 0 37 21 i 0 0 21 i 0 0 37 i 0 21 37 i 0 32768 i 0 32768 i 0 32768 ? 0 32768 ? 0 32768 i 0 32768 ? 0 32768 ? BGP_Overview—Page-86 Aggregation Example Outgoing BGP Update Router#debug ip bgp updates 1:36:43: BGP: 2.3.4.5 send UPDATE 2.3.4.6, metric 0, path 123 1:36:43: BGP: 2.3.4.5 send UPDATE 2.3.4.6, metric 0, path 123 1:36:43: BGP: 2.3.4.5 send UPDATE 2.3.4.6, metric 0, path 123 1:36:43: BGP: 2.3.4.5 send UPDATE 2.3.4.6, metric 0, path 123 1:36:43: BGP: 2.3.4.5 send UPDATE 2.3.4.6, metric 0, path 123 © 2001, Cisco Systems, Inc. All rights reserved. 192.168.0.0 255.255.240.0, next 192.168.16.0 255.255.255.0, next 192.168.17.0 255.255.255.0, next 192.168.16.0 255.255.240.0, next 192.168.32.0 255.255.240.0, next BGP_Overview—Page-87 Summary After completing this section, you should be able to perform the following tasks: • Explain that external peers are recommended to be directly connected • Describe how to generate routing information about own networks using either a list of networks or redistribution from the IGP • Explain the benefits of generating route summaries at once and avoid doing aggregation at a later stage © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-88 Review Questions • How many BGP processes can be active in a router? • Which parameters must be configured for a BGP neighbor? • What potential problem could be caused by redistributing all routes from the IGP to BGP? • Why are external BGP neighbors almost always directly connected? • What are the benefits of BGP route summarization? • When should you use BGP aggregation? • What are the drawbacks of using BGP aggregation? © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-89 Monitoring and Troubleshooting BGP © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview-90 Objectives Upon completion of this section, you will be able to perform the following tasks: • Monitor the overall BGP status • Monitor BGP neighbors • Monitor BGP table • Inspect individual prefixes in the BGP table • Perform basic BGP debugging • Troubleshoot simple BGP-related problems © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-91 Monitoring Overall BGP Routing router> show ip bgp summary • Displays BGP memory usage, BGP neighbors and the state of communication with them Fred#show ip bgp summary BGP table version is 8, main routing table version 8 4 network entries (8/12 paths) using 832 bytes of memory 5 BGP path attribute entries using 576 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory 2 received paths for inbound soft reconfiguration Neighbor 1.1.0.1 1.1.0.3 1.2.0.1 V 4 4 4 © 2001, Cisco Systems, Inc. All rights reserved. AS MsgRcvd MsgSent 213 80 81 387 79 81 213 82 82 TblVer 8 0 0 InQ OutQ Up/Down State/PfxRcd 0 0 01:15:51 2 0 0 00:00:15 Active 0 0 02:15:23 Idle BGP_Overview—Page-92 Monitoring BGP Neighbors router> show ip bgp neighbor ip-address • Displays detailed neighbor information Fred#show ip bgp neighbor 1.2.0.1 BGP neighbor is 1.2.0.1, remote AS 213, external link Index 3, Offset 0, Mask 0x8 BGP version 4, remote router ID 10.1.1.1 BGP state = Established, table version = 11, up for 01:23:05 Last read 00:00:05, hold time is 180, keepalive interval is 60 seconds Minimum time between advertisement runs is 30 seconds Received 92 messages, 0 notifications, 0 in queue Sent 92 messages, 0 notifications, 0 in queue Connections established 1; dropped 0 Last reset never No. of prefix received 2 © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-93 Monitoring BGP Table router> show ip bgp • Displays all routes in the BGP table in summary format Fred#show ip bgp BGP table version is 11, local router ID is 12.1.2.3 Status codes: s suppressed, d damped, h history, * valid, > best, i internal Origin codes: i - IGP, e - EGP, ? - incomplete *> * *> * *> *> Network 10.0.0.0 11.0.0.0 12.0.0.0 14.0.0.0 © 2001, Cisco Systems, Inc. All rights reserved. Next Hop 1.2.0.1 1.1.0.1 1.2.0.1 1.1.0.1 0.0.0.0 1.1.0.3 Metric LocPrf Weight Path 500 0 213 i 1000 0 213 i 500 0 213 i 1000 0 213 i 0 32768 i 0 0 387 i BGP_Overview—Page-94 Displaying Entries in BGP Table router> show ip bgp ip-prefix [mask subnet-mask] • Displays detailed information about all paths for a Advertising router IP address single prefix Advertising router router-ID Fred#show ip bgp 11.0.0.0 BGP routing table entry for 11.0.0.0/8, version 5 Paths: (2 available, best #1, advertised over EBGP) 213 1.2.0.1 from 1.2.0.1 (10.1.1.1) Origin IGP, metric 500, localpref 100, valid, external, best 213 1.1.0.1 from 1.1.0.1 (11.0.0.1) Origin IGP, metric 1000, localpref 100, valid, external Next-hop Other BGP attributes AS-Path © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-95 Debugging BGP router# debug ip tcp transaction • Displays all TCP transactions (start of session, session errors …) router# debug ip bgp event • Displays significant BGP events (neighbor state transitions, update runs) © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-96 Debugging BGP router# debug ip bgp keepalives • Debugs BGP keepalive packets router# debug ip bgp updates • Displays all incoming or outgoing BGP updates (use with caution) © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-97 Debugging BGP router# debug ip bgp updates acl • Displays all incoming or outgoing BGP updates for routes matching an IP ACL router# debug ip bgp neighbor-ip updates [acl] • Displays all BGP updates received from or sent to a BGP neighbor (optionally matching an IP ACL) © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-98 BGP Session Startup Troubleshooting Common BGP Session Startup Symptoms • BGP neighbors do not become active • BGP neighbor is active, but the session is never established • BGP neighbor oscillates between idle and active © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-99 BGP Session Startup Issues: 1/4 Symptom • BGP neighbors do not become active show ip bgp neighbor display the neighbor state as idle for several minutes Diagnose • Neighbor is not directly connected Verification • Verify with show ip route © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-100 BGP Session Startup Issues: 2/4 Symptom • BGP neighbor is active, session is not established debug ip tcp transaction display shows that the SYN TCP packet is not answered with a SYN+ACK packet Diagnose • Neighbor is not reachable Verification • Verify connectivity with ping • Check for access list presence © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-101 BGP Session Startup Neighbor not Reachable Router#debug ip tcp transaction 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: 16:34:30: TCB82119C40 created TCB82119C40 setting property TCP_WINDOW_SIZE (0) 8223BDE8 TCB82119C40 setting property TCP_TOS (11) 8223BDEC TCB82119C40 bound to 192.168.4.13.11007 TCP: sending SYN, seq 545426735, ack 0 TCP0: Connection to 192.168.4.14:179, advertising MSS 1460 TCP0: state was CLOSED -> SYNSENT [11007 -> 192.168.4.14(179)] 16:35:12: TCP0: state was SYNSENT -> CLOSED [11007 -> 192.168.4.14(179)] 16:35:12: TCB 0x82119C40 destroyed SYN packet is sent SYN+ACK reply never came back, TCP session is closed © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-102 BGP Session Startup Issues: 3/4 Symptom • BGP neighbor is active, session is not established debug ip tcp transaction display shows that the SYN TCP packet is answered with a RST packet Diagnose • This router is not configured as BGP neighbor on the neighboring router Verification • Check IP addresses of BGP neighbors with show ip bgp summary on the neighbor router © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-103 BGP Session Startup Neighbor not Configured Router#debug ip tcp transaction 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 16:30:30: 305377216 16:30:30: 16:30:30: TCB82119C40 created TCB82119C40 setting property TCP_WINDOW_SIZE (0) 8223BDE8 TCB82119C40 setting property TCP_TOS (11) 8223BDEC TCB82119C40 bound to 192.168.4.13.11005 TCP: sending SYN, seq 305377215, ack 0 TCP0: Connection to 192.168.4.14:179, advertising MSS 1460 TCP0: state was CLOSED -> SYNSENT [11005 -> 192.168.4.14(179)] TCP0: state was SYNSENT -> CLOSED [11005 -> 192.168.4.14(179)] TCP0: bad seg from 192.168.4.14 -- closing connection: seq 0 ack rcvnxt 0 rcvwnd 0 len 0 TCP0: connection closed - remote sent RST TCB 0x82119C40 destroyed SYN packet is sent Neighbor replies with RST packet, TCP session is closed © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-104 BGP Session Startup Issues: 4/4 Symptom • BGP neighbor oscillates between active and idle debug ip tcp transaction display the TCP session being established and torn down immediately Diagnose • AS-number mismatch between BGP neighbors Verification • Verify the AS-numbers configured for neighboring routers show ip bgp summary on both routes © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-105 BGP Session Startup AS-number Mismatch Router#debug ip tcp transaction Router#debug ip bgp event 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:43: 16:40:44: 16:40:44: 16:40:44: TCB82119C40 created TCP0: state was LISTEN -> SYNRCVD [179 -> 192.168.4.14(11000)] TCP0: Connection to 192.168.4.14:11000, received MSS 1460 TCP: sending SYN, seq 918933898, ack 862828853 TCP0: Connection to 192.168.4.14:11000, advertising MSS 1460 TCP0: state was SYNRCVD -> ESTAB [179 -> 192.168.4.14(11000)] TCB821197BC callback TCB821197BC accepting 82119C40 from 192.168.4.14.11000 BGP: 192.168.4.14 reset due to BGP Notification sent TCP0: state was ESTAB -> FINWAIT1 [179 -> 192.168.4.14(11000)] TCP0: sending FIN TCP session is established BGP notification is sent due to AS number mismatch in open message © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-106 Summary After completing this section, you should be able to perform the following tasks: • Monitor the overall BGP function • Monitor the neighbor sessions • Monitor the BGP table • Monitor specific entries in the BGP table • Debug and troubleshoot simple BGP © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-107 Review Questions • What information do you get from a show ip bgp summary? • Which command is used to display detailed BGP neighbor information • How does the output from show ip bgp tell you which route to a specific destination is selected as the best? • Which is the most common reason for a BGP session not leaving the idle state? • What happens when a BGP session is established, but terminated immediately? © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-108 Summary After completing this lesson, you should be able to perform the following tasks: • Explain the need for BGP and typical BGP usage scenarios • Describe basic BGP technical characteristics • Describe BGP path attributes • Describe BGP session establishment and routing information exchange • Configure basic BGP on Cisco router • Monitor and troubleshoot basic BGP setup © 2001, Cisco Systems, Inc. All rights reserved. BGP_Overview—Page-109