Border Gateway Protocol DPNM Lab. Seongho Cho
Contents Introduction BGP Operation How Does BGP Work? BGP Message Types BGP Packet Formats Open, Update, Notification, Keep-alive Loopback Interface EBGP Multihop & Load Balancing Synchronization BGP Filtering Route Filtering, Path Filtering, Route Maps BGP Attributes Origin Next hop AS path Local preference, …… Path selection algorithm Q&A
Introduction Inter-Autonomous System routing protocol Interior BGP (IBGP) - IBGP is NOT an IGP. Exterior BGP (EBGP) Basic activities Determination of optimal routing paths The transport of information Request For Comments RFC 1771-Describes BGP4 RFC 1654-Describes the first BGP4 specification RFC 1105, 1163, 1267-Describes versions of BGP prior to BGP4
BGP Operations BGP performs three types of routing Inter-autonomous system routing Between 2+ BGP routers in different AS. To maintain a consistent view of the inter-network topology. BGP neighbors must reside on the same physical network. Intra-autonomous system routing Between 2+ BGP routers located within the same AS. To maintain a consistent view of the system topology. To determine which router will serve as the connection point for specific external AS. Pass-through autonomous system routing Between 2+ BGP peer routers that exchange traffic across an AS that does not run BGP. BGP must interact with whatever intra-AS routing protocol is being used to successfully transport BGP traffic through that AS.
How Does BGP Work? BGP uses TCP as its transport protocol (port 179). BGP maintains routing tables, transmits routing updates, and bases routing decision on routing metrics. BGP routers exchange network reachability information including information about the list of AS paths. BGP neighbors exchange full routing information when the TCP connection is first established. BGP routers send to their neighbors only those routes that have changed. BGP routers do not send periodic routing updates. BGP routing updates advertise only the optimal path to a destination network.
BGP Message Types Open message opens a BGP communications session is the first message sent by each side after a transport-protocol connection is established. is confirmed using a keep-alive message and must be confirmed before any other messages can be exchanged. Update Message is used to provide routing updates to other BGP systems. is sent by TCP to ensure reliable delivery. Notification Message is sent when an error condition is detected. Is used to close an active session and to inform any connected router of why the session is being close. Keep-alive Message notifies BGP peers that a device is active. is sent often enough to keep the session from expiring.
BGP Packet Formats Header Format All BGP message types use the basic packet header and have additional fields, but keep-alive message use only the basic packet header. BGP Packet-Header Fields Maker – Contains an authentication value that the message receiver can predict. Length – Indicates the total length of the message in bytes. Type – Specifies the message type as one of the following: Open; Update; Notification; Keep-alive Data – Contains upper-layer information in this optional field.
BGP Packet Formats Open Message Format BGP open messages are comprised of a BGP header and additional fields.
BGP Packet Formats Open Message Format BGP Open Message Fields These fields provide the exchange criteria for two BGP routers to establish a peer relationship. Version - Provides the BGP version number so that the recipient can determine whether it is running the same version as the sender. Autonomous System - Provides the autonomous system number of the sender. Hold-Time - Indicates the maximum number of seconds that can elapse without receipt of a message before the transmitter is assumed to be nonfunctional. BGP Identifier - Provides the BGP identifier of the sender (an IP address), which is determined at startup and is identical for all local interfaces and all BGP peers. Optional Parameters Length - Indicates the length of the optional parameters field (if present). Optional Parameters - Contains a list of optional parameters (if any). Only one optional parameter type is currently defined: authentication information. Authentication information consists of the following two fields: Authentication code: Indicates the type of authentication being used. Authentication data: Contains data used by the authentication mechanism (if used).
BGP Packet Formats Update Message Format BGP update messages are comprised of a BGP header and additional fields.
BGP Packet Formats Update Message Format BGP Update Message Fields Upon receiving an update message packet, routers will be able to add or delete specific entries from their routing tables. Unfeasible Routes Length - Indicates the total length of the withdrawn routes field or that the field is not present. Withdrawn Routes - Contains a list of IP address prefixes for routes being withdrawn from service. Total Path Attribute Length - Indicates the total length of the path attributes field or that the field is not present. Path Attributes - Describes the characteristics of the advertised path. The following are possible attributes for a path: Origin: Mandatory attribute that defines the origin of the path information AS Path: Mandatory attribute composed of a sequence of autonomous system path segments Next Hop: Mandatory attribute that defines the IP address of the border router that should be used as the next hop to destinations listed in the network layer reachability information field Multi Exit Disc: Optional attribute used to discriminate between multiple exit points to a neighboring autonomous system Local Preference: Discretionary attribute used to specify the degree of preference for an advertised route Atomic Aggregate: Discretionary attribute used to disclose information about route selections Aggregator: Optional attribute that contains information about aggregate routes Network Layer Reachability Information (NLRI) - Contains a list of IP address prefixes for the advertised routes
BGP Packet Formats Notification Message Format BGP notification messages are comprised of a BGP header and additional fields
BGP Packet Formats Notification Message Format BGP Notification Message Fields This packet is used to indicate some sort of error condition to the peers of the originating router. Error Code - Indicates the type of error that occurred. The following are the error types defined by the field: Message Header Error: Indicates a problem with a message header, such as unacceptable message length, unacceptable marker field value, or unacceptable message type. Open Message Error: Indicates a problem with an open message, such as unsupported version number, unacceptable autonomous system number or IP address, or unsupported authentication code. Update Message Error: Indicates a problem with an update message, such as a malformed attribute list, attribute list error, or invalid next-hop attribute. Hold Time Expired: Indicates that the hold-time has expired, after which time a BGP node will be considered nonfunctional. Finite State Machine Error: Indicates an unexpected event. Cease: Closes a BGP connection at the request of a BGP device in the absence of any fatal errors. Error Subcode - Provides more specific information about the nature of the reported error. Error Data - Contains data based on the error code and error subcode fields. This field is used to diagnose the reason for the notification message.
BGP Filtering Sending and receiving BGP updates can be controlled by using a number of different filtering methods based: on route information; on path information; on community. Route Filtering Path Filtering Route Maps Regular Expression
BGP Filtering Route Filtering Based on the network address information Syntax ip prefix-list [list-name] [seq seq-num] [permit/deny] netwrok/len [le/ge] length Example (in R1) ip prefix-list Block-128 permit /16 le 24 ip prefix-list Block-128 permit /24 le 25
BGP Filtering Path Filtering Based on the BGP AS path information. Syntax neighbor [peer-address] filter-list [as-path access-list number] [in/out] ip as-path access-list [number] permit [regexp] Example (in R1) neighbor filter-list 10 out ip as-path access-list 10 permit ^$ ip as-path access-list 10 deny.* this AS any path
BGP Filtering Route Maps Syntax route-map [map-name] [permit/deny] [sequence-number] match [condition] set [statement] neighbor [peer-address] route-map [map-name] [in/out] Example (in R1) neighbor route-map My-AS out route-map My-AS permit 10 match as-path 10 ip as-path access-list 10 permit ^$ Ip as-path access-list 10 deny.*
BGP Filtering Regular Expression A regular expression is a pattern to match against an input string. Range A range is a sequence of characters contained within left and right square brackets. For example: [abcd] Atom An atom is a single character, such as the following: . (Matches any single character) ^ (Matches the beginning of the input string) $ (Matches the end of the input string) \ (Matches the character) − (Matches a comma (,), left brace ({), right brace (}), the beginning of the input string, the end of the inputstring, or a space.) Piece A piece is an atom followed by one of the following symbols: * (Matches 0 or more sequences of the atom) + (Matches 1 or more sequences of the atom) ? (Matches the atom or the null string)
BGP Filtering Regular Expression Examples of regular expressions follow: a* Any occurrence of the letter "a", including none a+ At least one occurrence of the letter "a" should be present ab?a This matches "aa" or "aba" _100_ Via AS100 ^100$ Origin AS100 ^100.* Coming from AS100 ^$ Originated from this AS
Loopback Interface Using a loopback interface to define neighbors is common with IBGP, but not with EBGP. In the case of EBGP, peer routers are frequently directly connected and loopback does not apply. Normally the loopback interface is used to make sure the IP address of the neighbor stays up and is independent of hardware functioning properly.
EBGP Multihop & Load Balancing In some cases, a router can run EBGP with a third party router that doesn't allow the two external peers to be directly connected. By using EBGP multihop, the neighbor connection to be established between two non-directly-connected external peers. To achieve load balancing between two EBGP speakers over parallel serial lines. In normal situations, BGP picks one of the lines to send packets on, and load balancing wouldn't happen. By introducing loopback interfaces, the next hop for EBGP is the loopback interface. RTA has two choices to reach next hop : one via and the other one via , and the same for RTB.
Synchronization If the AS is passing traffic from another AS to a third AS, BGP should not advertise a route before all routers in the AS have learned about the route via IGP. BGP will wait until IGP has propagated the route within the AS and then will advertise it to external peers. This is called synchronization. Do not need synchronization If all routers in the AS will be running IBGP, If the AS will not be passing traffic from a different AS through the AS,
BGP Attributes Origin Attribute The origin attribute is a mandatory attribute that defines the origin of the path information. The origin attribute indicates how BGP learned about a particular route. IGP - The route is interior to the originating AS. This value is set when the network router configuration command is used to inject the route into BGP. EGP - The route is learned via the Exterior Border Gateway Protocol (EBGP). Incomplete - The origin of the route is unknown or learned in some other way. An origin of incomplete occurs when a route is redistributed into BGP.
BGP Attributes Origin Attribute RTA will reach via: 300 i (which means the next AS path is 300 and the origin of the route is IGP). RTA will also reach via: i (which means, the entry is in the same AS and the origin is IGP). RTE will reach via: 100 i (the next AS is 100 and the origin is IGP). RTE will also reach via: 100 ? (the next AS is 100 and the origin is incomplete "?", coming from a static route).
BGP Attribute Next-Hop Attribute The EBGP next hop attribute is the next hop IP address that is going to be used to reach the advertising router. For EBGP peers, the next-hop address is the IP address of the connection between the peers. For IBGP, the EBGP next-hop address is carried into the local AS. Exchanging Next-Hop Static Route Dynamic Routing Protocol like OSPF next-hop-self
BGP Attribute Next-Hop Attribute Static Route: ip route (in R1) next-hop-self: neighbor next-hop-self (in R2) Example (in R1) / /
BGP Attribute AS_path Attribute Whenever a route update passes through an AS, the AS number is prepended to that update. The AS_PATH attribute is actually the list of AS numbers that a route has traversed in order to reach a destination. Detecting routing loops when its own AS number is detected in the route advertisement.
BGP Attribute AS_Path Attribute Network is advertised by RTB in AS200, when that route traverses AS300 and RTC will append its own AS number to it. So when reaches RTA it will have two AS numbers attached to it: first 200 then 300. So as far as RTA is concerned the path to reach is (300,200).
BGP Attribute Local Preference Attribute The local preference attribute is used to prefer an exit point from the local AS. The local preference attribute is propagated throughout the local AS. If there are multiple exit points from the AS, the local preference attribute is used to select the exit point for a specific route.
BGP Attribute Local Preference Attribute AS 100 is receiving two advertisements for network from AS 200. When Router A receives the advertisement for network , the corresponding local preference is set to 50. When Router B receives the advertisement for network , the corresponding local preference is set to 100. These local preference values will be exchanged between routers A and B. Because Router B has a higher local preference than Router A, Router B will be used as the exit point from AS 100 to reach network in AS 200.
BGP Attribute Community Attribute The community attribute provides a way of grouping destinations, called communities, to which routing decisions can be applied. Route maps are used to set the community attribute. Predefined community attributes are listed here: no-export - Do not advertise this route to EBGP peers. no-advertise - Do not advertise this route to any peer. internet - Advertise this route to the Internet community; all routers in the network belong to it.
BGP Attribute Community Attribute AS 1 advertises to AS 2 with the community attribute no- export. AS 2 will propagate the route throughout AS 2 but will not send this route to AS 3 or any other external AS. AS 1 advertises to AS 2 with the community attribute no- advertise. Router B in AS 2 will not advertise this route to any other router. There are no limitations to the scope of the route advertisement from AS 1.
BGP Attribute Weight Attribute The weight attribute is a Cisco defined attribute. The weight attribute is not advertised to neighboring routers. If the router learns about more than one route to the same destination, the route with the highest weight will be preferred.
BGP Attribute Weight Attribute Router A is receiving an advertisement for network from routers B and C. When Router A receives the advertisement from Router B, the associated weight is set to 50. When Router A receives the advertisement from Router C, the associated weight is set to 100. Both paths for network will be in the BGP routing table, with their respective weights. The route with the highest weight will be installed in the IP routing table.
BGP Attribute Multi-Exit Discriminator (MED) Attribute The multi-exit discriminator (MED) or metric attribute is used as a suggestion to an external AS regarding the preferred route into the AS that is advertising the metric. The term suggestion is used because the external AS that is receiving the MEDs may be using other BGP attributes for route selection.
BGP Attribute Multi-Exit Discriminator (MED) Attribute Router C is advertising the route with a metric of 10, while Route D is advertising with a metric of 5. The lower value of the metric is preferred, so AS 100 will select the route to router D for network in AS 200. MEDs are advertised throughout the local AS.
BGP Attribute Atomic aggregate & aggregator Attribute One of the main enhancements of BGP4 over BGP3 is Classless Inter Domain Routing (CIDR). CIDR or supernetting is a new way of looking at IP addresses and of reducing the routing table.
BGP Attribute Atomic aggregate & aggregator Attribute
Path Selection Algorithm BGP could possibly receive multiple advertisements for the same route from multiple sources. BGP selects only one path as the best path. When the path is selected, BGP puts the selected path in the IP routing table and propagates the path to its neighbors.
Path Selection Algorithm BGP uses the following criteria, in the order to select a path for a destination: If the path specifies a next hop that is inaccessible, drop the update. Prefer the path with the largest weight. If the weights are the same, prefer the path with the largest local preference. If the local preferences are the same, prefer the path that was originated by BGP running on this router. If no route was originated, prefer the route that has the shortest AS_path. If all paths have the same AS_path length, prefer the path with the lowest origin type (where IGP is lower than EGP, and EGP is lower than incomplete). If the origin codes are the same, prefer the path with the lowest MED attribute. If the paths have the same MED, prefer the external path over the internal path. If the paths are still the same, prefer the path through the closest IGP neighbor. Prefer the path with the lowest IP address, as specified by the BGP router ID.
References CISCO Documentation – Border Gateway Protocol (BGP) Border Gateway Protocol (BGP) BGP Case Studies (Document ID:26634) BGP Techniques for Internet Service Providers BGP for Internet Service Providers Introduction to the Border Gateway Protocol (BGP) BGP4.AS CISCO Routers Help, CCIE lab. Advanced CISCO Networking, 성안당
Questions ?