BGP Routing Policies.

Slides:



Advertisements
Similar presentations
BGP Overview Processing BGP Routes.
Advertisements

1 Interdomain Traffic Engineering with BGP By Behzad Akbari Spring 2011 These slides are based on the slides of Tim. G. Griffin (AT&T) and Shivkumar (RPI)
BGP.
Border Gateway Protocol Ankit Agarwal Dashang Trivedi Kirti Tiwari.
CS540/TE630 Computer Network Architecture Spring 2009 Tu/Th 10:30am-Noon Sue Moon.
© J. Liebeherr, All rights reserved 1 Border Gateway Protocol This lecture is largely based on a BGP tutorial by T. Griffin from AT&T Research.
BGP. 2 Copyright © 2009 Juniper Networks, Inc. BGP Overview Is an inter-domain routing protocol that communicates prefix reachablility.
Border Gateway Protocol Autonomous Systems and Interdomain Routing (Exterior Gateway Protocol EGP)
Fundamentals of Computer Networks ECE 478/578 Lecture #18: Policy-Based Routing Instructor: Loukas Lazos Dept of Electrical and Computer Engineering University.
1 Interdomain Routing Protocols. 2 Autonomous Systems An autonomous system (AS) is a region of the Internet that is administered by a single entity and.
1 Network Architecture and Design Routing: Exterior Gateway Protocols and Autonomous Systems Border Gateway Protocol (BGP) Reference D. E. Comer, Internetworking.
Practical and Configuration issues of BGP and Policy routing Cameron Harvey Simon Fraser University.
CS Summer 2003 Lecture 3. CS Summer 2003 What is a BGP Path Attribute? BGP uses a set of parameters known as path attributes to characterize.
CS Summer 2003 Lecture 4. CS Summer 2003 Route Aggregation The process of representing a group of prefixes with a single prefix is known as.
The Border Gateway Protocol (BGP) Sharad Jaiswal.
More on BGP Check out the links on politics: ICANN and net neutrality To read for next time Path selection big example Scaling of BGP.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicBSCI Module 6 1 Configuring Basic BGP BSCI Module 6.
Ion Stoica October 2, 2002 (* this presentation is based on Lakshmi Subramanian’s slides) EE 122: Inter-domain routing – Border Gateway Protocol (BGP)
Release 5.1, Revision 0 Copyright © 2001, Juniper Networks, Inc. Advanced Juniper Networks Routing Module 6: Border Gateway Protocol.
Border Gateway Protocol(BGP) L.Subramanian 23 rd October, 2001.
BGP Policy Control.
1 Semester 2 Module 6 Routing and Routing Protocols YuDa college of business James Chen
BGP Attributes and Path Selections
1 © 2000, Cisco Systems, Inc. Session # Presentation_ID Border Gateway Protocol.
TCOM 515 Lecture 6.
© 2009 Cisco Systems, Inc. All rights reserved. ROUTE v1.0—6-1 Connecting an Enterprise Network to an ISP Network BGP Attributes and Path Selection Process.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 6: Static Routing Routing Protocols.
1. 2 Anatomy of an IP Packet IP packets consist of the data from upper layers plus an IP header. The IP header consists of the following:
Chapter 9. Implementing Scalability Features in Your Internetwork.
Border Gateway Protocol
Xuan Zheng (modified by M. Veeraraghavan) 1 BGP overview BGP operations BGP messages BGP decision algorithm BGP states.
© 2001, Cisco Systems, Inc. A_BGP_Confed BGP Confederations.
BGP4 - Border Gateway Protocol. Autonomous Systems Routers under a single administrative control are grouped into autonomous systems Identified by a 16.
Border Gateway Protocol (BGP) W.lilakiatsakun. BGP Basics (1) BGP is the protocol which is used to make core routing decisions on the Internet It involves.
More on Internet Routing A large portion of this lecture material comes from BGP tutorial given by Philip Smith from Cisco (ftp://ftp- eng.cisco.com/pfs/seminars/APRICOT2004.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 6: Static Routing Routing and Switching Essentials.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public ITE PC v4.0 Chapter 1 1 Introduction to Dynamic Routing Protocol Routing Protocols and Concepts.
BGP Filtering (Policy Routing). BGP Filtering Can Apply our Routing Policy Controlling the sending and receiving updates Prefix Filtering AS_Path Filtering.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—3-1 Route Selection Using Policy Controls Employing AS-Path Filters.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—5-1 Customer-to-Provider Connectivity with BGP Connecting a Multihomed Customer to a Single Service.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—3-1 Route Selection Using Policy Controls Applying Route-Maps as BGP Filters.
1 Border Gateway Protocol (BGP) and BGP Security Jeff Gribschaw Sai Thwin ECE 4112 Final Project April 28, 2005.
© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—3-1 Route Selection Using Policy Controls Using Multihomed BGP Networks.
BGP Basics BGP uses TCP (port 179) BGP Established unicast-based connection to each of its BGP- speaking peers. BGP allowing the TCP layer to handle such.
Route Selection Using Attributes
Text BGP Basics. Document Name CONFIDENTIAL Border Gateway Protocol (BGP) Introduction to BGP BGP Neighbor Establishment Process BGP Message Types BGP.
CHAPTER 6: STATIC ROUTING Static Routing 2 nd semester
Border Gateway Protocol BGP-4 BGP environment How BGP works BGP information BGP administration.
Border Gateway Protocol DPNM Lab. Seongho Cho
Optimizing Routing 1. Using Multiple Routing Protocols
Border Gateway Protocol
BGP 1. BGP Overview 2. Multihoming 3. Configuring BGP.
Border Gateway Protocol
BGP (cont) 1. BGP Peering 2. BGP Attributes
Explaining BGP Concepts and Terminology
BGP supplement Abhigyan Sharma.
Interdomain Traffic Engineering with BGP
Introduction To Networking
Lixin Gao ECE Dept. UMASS, Amherst
Introduction to Dynamic Routing Protocol
Cours BGP-MPLS-IPV6-QOS
Introduction to Dynamic Routing Protocol
Static Routing 1st semester
Working Principle of BGP
Scaling Service Provider Networks
BGP Troubleshooting.
BGP Route Selection.
BGP Route Reflectors and Confederation
Static Routing 2nd semester
Presentation transcript:

BGP Routing Policies

Foreword BGP can be used to combine many policy tools, use BGP path attributes such as AS_PATH, COMMUNITY and so on as well as filter routes received from or sent to peers. This section will introduce many of the policy mechanisms within BGP to support manipulation of all traffic. Page 2

Objectives Upon completion of this section, you will be able to: Understand the BGP route selection process Understand BGP filters Page 3

Contents Review of the BGP Route Selection Process BGP path selection Page 4

Review of the BGP Route Selection Process If the route’s next hop is unreachable, ignore it Select the route with highest Preferred-Value Select the route with highest local preference Choose aggregate routes over non aggregate routes Local manual aggregation routing priority takes precedence over local automatic aggregation routing Network command presides over import-route command in local route import Select the route with the shortest AS_PATH. BGP compares the origin attribute of the route and selects the route with the lowest origin attribute code: IGP is lower than EGP, which is lower than Incomplete. Select the route with the lowest MED value. 1. Select the route with highest Preferred-Value 2. Select the route with highest local preference 3. Prefer the aggregated route to the detailed routes 1. Prefer the route with the shortest AS_PATH 2. BGP compares the origin attribute of the route and selects the route with the lowest origin attribute code: IGP is lower than EGP, which is lower than Incomplete. 3. Select the route with the lowest MED value. 4. Prefer EBGP routes over IBGP routes Page 5

Review of the BGP Route Selection Process (cont.) Prefer the route with the shortest path to the BGP NEXT_HOP. This is the route with the lowest IGP metric to the next-hop router. When all the above are identical, they are equivalent route and can be used for load balancing Note: AS_PATH must be the same The last 3 route selection rules can be ignored when load balancing is implemented Selects the route with the shortest cluster-list Prefer the route with smaller Originator ID. Select the route with smaller router ID if Originator ID is unavailable. Prefer the route with smaller peer IP address. 8. Prefer the route with the shortest path to the BGP NEXT_HOP. This is the route with the lowest IGP metric to the next-hop router. When all the above are identical, they are equivalent route and can be used for load balancing. Note: AS_PATH must be the same The last 3 route selection rules can be ignored when load balancing is implemented 9. Selects the route with the shortest cluster-list 10. Prefer the route with smaller Originator ID. Select the route with smaller router ID if Originator ID is unavailable. 11. Prefer the route with smaller peer IP address. Page 6

Contents Review of the BGP Route Selection Process BGP path selection Page 7

BGP Route Selection Parameters The important parameters that affect the BGP route selection Preferred Value Local-Preference AS-Path Origin MED EBGP/IBGP IGP Cost Cluster-list Communities Base on the BGP route selection process and the common BGP path attributes, 9 important BGP parameters that affect the BGP route selection are as follow: •Preferred Value •LOCAL_PREF •AS_PATH •ORIGIN •MED •Is the neighbor type EBGP or IBGP? •Internal cost of IGP •Cluster-list •COMMUNITY The parameters specified above can directly affect the BGP route selection. Among them, the most common used parameters are LOCAL_PREF, AS_PATH and MED. The function and the configuration of these parameters will be discussed in detail in the following slides. Page 8

BGP Local-Preference default local-preference command is used to configure the BGP default local preference, higher values are preferred. [Router-bgp] default local-preference preference By default, the local preference value is 100. Configuring different local preference values will affect the BGP route selection. When multiple routes to reach a particular network exist on a BGP router, the route with higher local preference will be selected. Local preference is used only within an AS between IBGP peers, it will not be advertized to other AS`. LOCAL_PREF attribute is used within an AS between IBGP peers to determine the best path for the data traffic to exit an AS. LOCAL_PREF attributes become very useful when there are multiple routes to leave the AS and reach an outside network. default local-preference command is used to configure the BGP default local preference, higher values are preferred. The range of the LOCAL_PREF value on Huawei equipments are from 0 to 4294967295. Its default value is 100 Page 9

Configure the Default Value of the Local-Preference [RTB]bgp 200 [RTB-bgp]default local-preference 2000 AS 200 10.1.1.2 Local-Pref:2000 AS 100 10.1.1.1 RTB 192.168.1.1/32 10.4.4.1 RTA As shown in the diagram above, router D will receive 2 different update information to reach the network 192.168.1.1/32 from RTB and RTC respectively. By default, RTD will perform the BGP route selection. The selected best route will be responsible to send the data to the destination 192.168.1.1/32. Both RTB and RTC change their default local preference value by using the “default localpreference” command . The local preference of RTB has been changed to 2000 while the local preference of RTC has been changed to 1000. As a result, RTD receives 2 routes that carry different local preference value toward 192.168.1.1/32. One of the routes carries the local preference 2000 with the IP prefix of RTB as the next hop IP address. Another route carries the local preference 1000 with the IP prefix of RTC as the next hop IP address. In this circumstance (all other parameters adopt the default value), the route with RTB as next hop IP address will be selected as the best route which in charge of the data transmission to reach 192.168.1.1/32. This is because the highest local preference is preferred. Local-Pref:1000 RTD 10.4.4.2 [RTC]bgp 200 [RTC-bgp]default local-preference 1000 RTC Page 10

Configuring Local-Preference via Policy AS 200 10.1.1.2 NLRI 192.168.1.0/24 Local-Pref:2000 AS 100 10.1.1.1 RTB RTD 192.168.1.0/24 192.168.2.0/24 10.4.4.1 RTA 10.4.4.2 NLRI 192.168.2.0/24 Local-Pref:2000 LOCAL_PREF is an important parameter that affect the BGP route selection within an AS. BGP can work together with some policy tools to implement load balancing in some complex network. As shown in the diagram above, RTD can reach 192.168.1.0/24 and 192.168.2.0 in AS100 via 2 different routes. We can set the next hop IP address as RTB for the data to reach 192.168.1.0/24 and set the next hop IP address as RTC for the data to reach 192.168.2.0/24. These can be achieved by configuring the local preference via policy. RTC RTD can reach AS100 via 2 different routes. The next hop is RTB for the traffic to reach 192.168.1.0/24. The next hop is RTC for the traffic to reach 192.168.2.0/24. Page 11

Policy Configuration on RTB # acl number 2000 rule 5 permit source 192.168.1.0 0.0.0.255 bgp 200 peer 10.1.1.1 as-number 100 peer 3.3.3.3 as-number 200 ipv4-family unicast undo synchronization peer 10.1.1.1 enable peer 10.1.1.1 route-policy test1 import route-policy test1 permit node 10 if-match acl 2000 apply local-preference 2000 route-policy test1 permit node 20 apply local-preference 1000 Explanation of the configuration: # acl number 2000 rule 5 permit source 192.168.1.0 0.0.0.255 Specify the range of IP addresses that match the ACL 2000. bgp 200 peer 10.1.1.1 as-number 100 peer 3.3.3.3 as-number 200 ipv4-family unicast undo synchronization peer 10.1.1.1 enable peer 10.1.1.1 route-policy test1 import Apply route policy test1 for the route information received from peer 10.1.1.1. Page 12

Policy Configuration on RTC # acl number 2000 rule 5 permit source 192.168.2.0 0.0.0.255 bgp 200 peer 10.4.4.1 as-number 100 peer 2.2.2.2 as-number 200 ipv4-family unicast undo synchronization peer 10.4.4.1 enable peer 10.4.4.1 route-policy test1 import route-policy test1 permit node 10 if-match acl 2000 apply local-preference 2000 route-policy test1 permit node 20 apply local-preference 1000 Page 14

BGP MED default med command is used to configure the default MED value [Router-bgp] default med med By default, the MED value is 0. Configuring different MED values will affect the BGP route selection. The lowest MED value is preferred. The MED value is considered as metric or cost. We prefer the route with lowest cost. MED attributes that sent to an EBGP peer, will only be seen within that AS. It is not passed beyond the receiving AS. MED attribute is used to determine the entry point to an AS. It is used when multiple paths exist between 2 AS’ and one AS is trying to influence the entry point from another AS. MED attribute is considered as metric or cost. Its value is in the range of 0 to 4284967295. The lowest MED value is preferred. By default, the MED value is 0. Page 15

Configuring MED via Policy Prefix/Mask Med 192.168.1.0/24 1000 192.168.3.0/24 2000 AS 100 AS 200 RTA RTB RTE RTF 10.1.1.1 10.1.1.2 192.168.1.0/24 192.168.3.0/24 Prefix/Mask Med 192.168.1.0/24 2000 192.168.3.0/24 1000 The MED value is configured in AS100 via policy to influence the BGP route selection in AS200. The configuration of MED value realize the incoming traffic control when multiple paths exist. There are 2 networks in AS100: 192.168.1.0/24 and 192.168.3.0/24. The routing updates of these 2 networks is sent to AS200 via RTA and RTC. On RTA, the MED value is configured as 1000 for the data to reach 192.168.1.0/24 and the MED value is configured as 2000 for the data to reach 192.168.3.0/24. On RTC, the MED value is configured as 2000 for the data to reach 192.168.1.0/24 and the MED value is configured as 1000 for the data to reach 192.168.3.0/24. After the configuration, the traffic of RTF in AS200 can reach 192.168.3.0 via RTC and the data traffic of RTF in AS200 can reach 192.168.1.0 via RTA. In AS100, the load balancing is implemented base on the incoming traffic. RTC RTD The MED value is configured in AS100 via policy to influence the BGP route selection in AS200. The configuration of MED value realize the incoming traffic control when multiple paths exist. Page 16

Policy Configuration on RTA # bgp 100 peer 10.1.1.2 as-number 200 peer 3.3.3.3 as-number 100 peer 5.5.5.5 as-number 100 ipv4-family unicast undo synchronization peer 10.1.1.2 enable peer 10.1.1.2 route-policy test1 export peer 3.3.3.3 enable peer 5.5.5.5 enable route-policy test1 permit node 10 if-match ip-prefix 1 apply cost 2000 route-policy test1 permit node 20 apply cost 1000 ip ip-prefix 1 index 10 permit 192.168.3.0 24 greater-equal 24 less-equal 24 Explanation of the configuration: # bgp 100 peer 10.1.1.2 as-number 200 peer 3.3.3.3 as-number 100 peer 5.5.5.5 as-number 100 ipv4-family unicast undo synchronization peer 10.1.1.2 enable peer 10.1.1.2 route-policy test1 export \\apply rout e policy test1 for the route sent to peer 10.1.1.2 peer 3.3.3.3 enable peer 5.5.5.5 enable route-policy test1 permit node 10 Page 17

Policy Configuration on RTC # bgp 100 peer 10.4.4.1 as-number 200 peer 1.1.1.1 as-number 100 peer 5.5.5.5 as-number 100 ipv4-family unicast undo synchronization peer 10.4.4.1 enable peer 10.4.4.1 route-policy test1 export peer 1.1.1.1 enable peer 5.5.5.5 enable route-policy test1 permit node 10 if-match ip-prefix 1 apply cost 2000 route-policy test1 permit node 20 apply cost 1000 ip ip-prefix 1 index 10 permit 192.168.1.0 24 greater-equal 24 less-equal 24 Page 19

AS-PATH Filter We can define multiple filtering policies (permit or deny) under the same as-path-filter number. The operation “OR” is applied during the matching process. This indicates that at least one occurrence is required to make the test true. No occurrence indicates that the test failed AS_PATH Filter uses the regular expression method to filter the AS_PATH attribute information. We can define multiple filtering policies (permit or deny) under the same as-pathfilter number. The operation “OR” is applied during the matching process. This indicates that at least one occurrence is required to make the test true. No occurrence indicates that the test failed AS_PATH Filter uses the regular expression method to filter the AS_PATH attribute information. Page 20

Regular Expressions Regular expressions is a type of BGP filtering method. Regular expressions are a formula used to match the string according to certain rules. The decision process is done (permit or deny) on the AS_PATH attribute of the BGP route, based on the matched string. In fact, we can regard the regular expression as an ACL for the AS_PATH. Multiple permit or deny filters can be defined using regular expressions. The operation “OR” is applied for the matching process. Regular expression is a formula used to match the string according to certain rules. Next, the decision process is done (permit or deny) on the AS_PATH attribute of the BGP route base on the matched string. Page 21

Regular Expressions Characters Explanation ^ Match the beginning of a string. For example “^200” indicates match only if the first value of the AS_PATH is 200. $ Match the end of a string. For example “200$” indicates match only if the last value of the AS_PATH is 200. . Match any single character, including white space. + Matches one or more sequences of the pattern. _ Match any delimiters. For example, comma, bracket, white space and so on. * Match zero or more sequences of the pattern. ( ) To group smaller regular expressions into larger regular expressions, ”()” is often used together with “|”. | It is an operator that means “or”. [ ] Enable you to specify a range of single characters., ”[]” is often used together with “-”. - Separates the end points of a range. Page 22

ip as-path-filter 1 permit ^12.*74$ String Matching (1) ^ (Caret) matches the beginning of a line ^ regular expression $ (Dollar) matches the end of a line. $ regular expression ip as-path-filter 1 permit ^12.*74$ Match the AS number that starts with sequence12 and ends with sequence 74 “^” represents start of a line. The regular expression ^12 can match sequence 12 of the first AS number 123 in AS_PATH (123 621 743 34512 2374). In other words, the AS number of the routing information must be start with sequence 12. “$” represents the end of a line. The regular expression 74$ can match sequence 74 of the last AS number 2374 in AS_PATH (123 621 743 34512 2374). In other words, the AS number of the routing information must be end with sequence 74. “^” is used at the front of a group of matching symbols. Example AS_PATH (123 621 743 34512 2374) Page 23

ip as-path-filter 1 permit 23|43 String Matching (2) | (Bar) is used to specify an OR operation. Regular expression 1| Regular expression 2 ip as-path-filter 1 permit 23|43 Match AS23 or AS43 Regular expression 23|43 matches AS23 or AS43. AS shown in the example above, the regular expression 23|43 matches AS_PATH (123 621 743 34512 2374) for 3 times. Regular expression 23|43 can match some characters of the whole AS number. For example, it matches 43 of the AS743. In addition, it matches the 23 of the AS123 and AS2374. Example AS_PATH (123 621 743 34512 2374) Page 24

ip as-path-filter 1 permit [1-3][47] String Matching (3) [ ] (Brackets) enable us to specify a range of single characters., ”[]” is often used together with “-”. - Hyphen [regular expression 1-regular expression 2] ip as-path-filter 1 permit [1-3][47] Match AS number 14, 17, 24, 27, 34 or 37 Regular expression [1-3] matches the character “1”, “2” or “3”. Regular expression [47] matches the character “4” or “7”. When used together, regular expression [1- 3][47] matches the AS number of 14, 17, 24, 27, 34 or 37. Example AS_PATH (123 621 743 34512 2374) Page 25

ip as-path-filter 1 permit _34512 170$ String Matching (4) _ (Underscore) matches any delimiters. For example, comma, bracket, white space and so on. ip as-path-filter 1 permit _34512 170$ AS34512 and AS170 are directly connected “.”and “_”are different in that “.”can be used to match any single character, including white space while “_”is used to match any delimiters. Example of the delimiters are comma, left parenthesis, right parenthesis, the beginning of theinput string, the end of the input string, space and so on. "_34512 170$"among AS-PATH(123 621 743 34512 170) indicates that AS34512 and AS170 are indicates connected ."_" indicates any delimiters. The underscore in thisregular expression represents the white space in between the "743 34512". Example AS_PATH (123 621 743 34512 170) Page 26

ip as-path-filter 1 permit [1-3].[47] String Matching (5) . (Dot) matches any single character, including space. ip as-path-filter 1 permit [1-3].[47] AS_PATH (123 621 743 34512 2374) The "."sign in the middle of the regular expression [1-3].[47] can match any single character, including space. So the AS_PATH (123 621 743 34512 2374) matches the regular expression [1-3].[47] 3 times: “1 7”, “237”and “374”. AS_PATH (123 621 743 34512 2374) AS_PATH (123 621 743 34512 2374) Page 27

ip as-path-filter 1 permit _621 .* 170$ String Matching (6) * (Asterisk) matches zero or more sequences of the pattern. + (Plus) matches one or more sequences of the pattern. ip as-path-filter 1 permit _621 .* 170$ Accept the route originating from AS170, and traverses AS621 In the diagram above, the most difficult part is the “.+” sign in the middle of the regular expression. As per discussed earlier, “.” sign in the regular expression matches any single character including white space while “+” sign matches one or more sequences of the pattern. Therefore, “.+” sign matches multiple single characters including white space or sequence of the pattern. In the example above, the “.+” sign matches “ 743 34512 ” of the AS_PATH (123 621 743 34512 170). AS_PATH (123 621 743 34512 170) Page 28

Common Used Regular Expressions Meaning =========|| ============= ^$ .* _10_ ^10$ ^10_ ^[0-9]+$ Match the routes originated in local AS Match all routes Match the routes traversing AS10 Match the routes with only AS10 in AS_PATH Match the routes received from AS10 directly Match the routes with only one AS in AS_PATH Page 29

AS 200 AS 100 AS 300 AS 400 AS-Path Filter RTB RTC RTA RTD 10.1.1.2 10.2.2.1 AS 100 AS 300 10.1.1.1 10.2.2.2 RTB 192.168.1.0/24 192.168.2.0/24 RTC 10.4.4.2 10.3.3.1 RTA RTD 10.4.4.1 10.3.3.2 AS 400 Base on the requirement specified in the diagram above, we need to configure the filtering policies on RTC. These filtering policies are implemented to the routes coming from the EBGP peer RTA and EBGP peer RTD. RTC wants to receive only routing information from AS300. Page 30

Configuration on RTC # bgp 400 peer 10.4.4.2 as-number 100 ipv4-family unicast undo synchronization peer 10.4.4.2 enable peer 10.4.4.2 as-path-filter 1 import peer 10.3.3.1 enable peer 10.3.3.1 as-path-filter 1 import ip as-path-filter 1 permit ^300_ Explanation of the configuration: # bgp 400 peer 10.4.4.2 as-number 100 peer 10.3.3.1 as-number 300 ipv4-family unicast undo synchronization peer 10.4.4.2 enable peer 10.4.4.2 as-path-filter 1 import \\apply as-path-filter to the route coming from the peer RTA peer 10.3.3.1 enable peer 10.3.3.1 as-path-filter 1 import \\apply as-path-filter to the route coming from the peer RTD ip as-path-filter 1 permit ^300_ \\receive only the routing information from AS300 Page 31

BGP Community Expected direction of the traffic flow AS 200 AS 100 10.1.1.1 10.1.1.2 RTA RTB 1000M 10.4.4.2 10.2.2.1 1000M 10.0.0.0/24 AS 300 10.4.4.1 10.2.2.2 In the example above, ASBR RTA and ASBR RTD in AS100 announce the network 10.0.0.0/24 to all other nodes in the network. As a result, both RTB and RTC have 2 different paths to reach AS100. By default, the routers will select the best path to reach AS100. For example, RTC will select the path between RTC and RTD to reach the network 10.0.0.0/24. From the diagram above, the bandwidth of the link between RTC and RTD is 10M only. In contrast, the bandwidth of the links between RTA-RTB and RTB-RTC are 1000M. Therefore, we would like to direct the traffic to reach the network 10.0.0.0/24 by using the path via RTC-RTB-RTA. 10.3.3.2 10.3.3.1 RTD RTC 10M Default direction of the traffic flow Page 32

Configuration on RTA bgp 100 peer 10.4.4.1 as-number 100 # ipv4-family unicast undo synchronization peer 10.4.4.1 enable peer 10.1.1.2 enable peer 10.1.1.2 route-policy set_community export peer 10.1.1.2 advertise-community route-policy set_community permit node 10 apply community 100:1 Explanation of the configuration: bgp 100 peer 10.4.4.1 as-number 100 peer 10.1.1.2 as-number 200 # ipv4-family unicast undo synchronization peer 10.4.4.1 enable peer 10.1.1.2 enable peer 10.1.1.2 route-policy set community export \\apply routing policy “set community” to the route advertise to the peer. peer 10.1.1.2 advertise-community \\advertise community attributes to a peer or peer group. By default, no community attribute is advertised to any peer or peer group. Page 33

Configuration on RTD bgp 100 peer 10.4.4.2 as-number 100 # ipv4-family unicast undo synchronization peer 10.4.4.2 enable peer 10.3.3.1 enable peer 10.3.3.1 route-policy set_community export peer 10.3.3.1 advertise-community route-policy set_community permit node 10 apply community 100:2 Page 35

Configuration on RTC bgp 300 peer 10.2.2.1 as-number 200 # ipv4-family unicast undo synchronization peer 10.2.2.1 enable peer 10.2.2.1 route-policy set_local_pref import peer 10.2.2.1 advertise-community peer 10.3.3.2 enable peer 10.3.3.2 route-policy set_local_pref import peer 10.3.3.2 advertise-community route-policy set_local_pref permit node 10 if-match community-filter 1 apply local-preference 200 Route-policy set_local_pref permit node 20 if-match community-filter 2 apply local-preference 50 ip community-filter 1 permit 100:1 ip community-filter 2 permit 100:2 Explanation on the configuration: # ip community-filter 1 permit 100:1 \\configure the filtering list for community attribute ip community-filter 2 permit 100:2 ip community-filter basic-comm-filter-num { deny | permit } [ communitynumber| aa:nn ] * &<1-16> [ internet | no-export-subconfed | no-advertise | no-export ] ip community-filter adv-comm-filter-num { deny | permit } regular-expression In the basic community attribute list, we can specify only the community number or well-known community attributes. In the advanced community attribute list, we can specify the regular expression that is used for string matching. Example: # The basic community list with list number 1 [Quidway] ip community-filter 1 permit internet # The advanced community attribute list with list number [Quidway] ip community-filter 100 permit ^10 Page 36

Display the Community Attribute [RTC]display bgp routing-table community Total Number of Routes: 2 BGP Local router ID is 10.2.2.2 Status codes: * - valid, > - best, d - damped, h - history, i - internal, s - suppressed, S - Stale Origin : i - IGP, e - EGP, ? - incomplete Network NextHop MED LocPrf PrefVal Community * 10.0.0.0/24 10.3.3.2 0 50 0 <100:2> *> 10.2.2.1 200 0 <100:1> display bgp routing-table community [ aa:nn &<1-13> ] [ no-advertise | noexport | no-export-subconfed ][ whole-match ] community:display the routing information that belong to a specified BGP community. aa:nn:specify the community number. no-advertise : specify the BGP routes that carry no-advertise community attribute. Routes received carrying this value cannot be advertised at all, to either EBGP or IBGP peers. no-export:specify the BGP routes that carry no-export community attribute. Routes received carrying this value cannot be advertised to EBGP peers or, if a confederation is configured, the routes cannot be advertised outside of the confederation. no-export-subconfed:specify the BGP routes that carry no-export-subconfed community attribute. All routes received carrying a communities attribute containing this value MUST NOT be advertised to external BGP peers (this includes peers in other members autonomous systems inside a BGP confederation). whole-match:indicates the exact matching. Page 37

Display the Community Attribute (Cont.) [RTC]display bgp routing-table 10.0.0.0 BGP local router ID : 10.2.2.2 Local AS number : 300 Paths: 2 available, 1 best BGP routing table entry information of 10.0.0.0/24: From: 10.2.2.1 (10.1.1.2) Original nexthop: 10.2.2.1 Community:<100:1> AS-path 200 100, origin igp, localpref 200, pref-val 0, valid, external, best, pre 255 Advertised to such 1 peers: 10.3.3.2 From: 10.3.3.2 (10.3.3.2) Original nexthop: 10.3.3.2 Community:<100:2> AS-path 100, origin igp, MED 0, localpref 50, pref-val 0, valid, external, pre 255 Not advertised to any peer yet display bgp routing-table [ ipv4-address ] [ { mask | mask-length } [ longerprefixes ] ] ipv4-address:display the network address in IPv4 format. mask/mask-length:specify the subnet mask in dotted decimal format/the length of the subnet mask longer-prefixes:allow for the longer prefix match. Page 38

Summary Describe the route policy tools used in BGP. List out the parameters that affect the BGP route selection. Describe the difference between “+” and “*” used in regular expressions. Describe also the difference between “.” and “_” . 1. Describe the route policy tools used in BGP. The route policy tools used in BGP are mainly consist of ACL, IP-PREFIX list, Filter-List, route policy. In addition, the policy tools AS-PATH-FILTER and COMMUNITY-FILTER are solely designed for BGP. 2. List out the parameters that affect the BGP route selection. The important parameters that affect the BGP route selection are as follow: Preferred Value Local-Preference AS-Path Origin MED EBGP/IBGP IGP Cost CLUSTER ID Communities Among them, the commonly used parameters are Preferred Page 39