Your SlideShare is downloading. ×
  • Like
BGP protocol  presentation
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Now you can save presentations on your phone or tablet

Available for both IPhone and Android

Text the download link to your phone

Standard text messaging rates apply

BGP protocol presentation

  • 1,755 views
Published

BGP is one of the networking protocol .BGP means Border gateway protocol

BGP is one of the networking protocol .BGP means Border gateway protocol

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
1,755
On SlideShare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
277
Comments
0
Likes
2

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Border Gateway Protocol (BGP) KAREN Technical Workshop François Prowse fprowse@juniper.netCopyright © 2006 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net 1
  • 2. BGP BasicsCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 2
  • 3. What is BGP?  BGP is the routing protocol used to advertise routes between institutions and the KAREN network  More than just a routing protocol, BGP routes contain many additional attributes  Controlled by flexible “Policy” rules that limit what routes we will learn and what we will advertise  BGP policy is traditionally used as an interpretation of commercial arrangements between carriers, ISP’s etc  BGP can be as simple or as complex as you wishCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 3
  • 4. What RFC’s define BGP?  RFC 1771 - A Border Gateway Protocol 4 (BGP-4)  RFC 1772 - Application of the Border Gateway Protocol in the Internet  RFC 1997 - BGP Communities Attribute  RFC 1965 - Autonomous System Confederations for BGP  RFC 1966 - BGP Route Reflection. An alternative to full mesh IBGP  RFC 2270 - Using a Dedicated AS for Sites Homed to a Single Provider  RFC 2283 - Multiprotocol Extensions for BGP-4  RFC 2385 - Protection of BGP Sessions via the TCP MD5 Signature Option  RFC 2439 - BGP Route Flap Damping  RFC 2545 - Multiprotocol Extensions for IPv6 Inter-Domain RoutingCopyright © 2003 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net 4
  • 5. Routing Protocols  IGP – Interior Gateway protocol • Figures optimal path from one node to another node in a network • Examples include RIP, OSPF, ISIS etc… • Runs under a single technical/administrative control (AS) • Can support either IPv4 and/or IPv6  EGP – Exterior Gateway protocols • Allows different AS’s to exchange routing information to allow traffic across two different areas of control • Only one EGP used in the KAREN network -> BGP • Policy allows Peers to control routes leant between sites based on established agreements • Best practice is to only advertise the routes you wish people to actually reach.Copyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 5
  • 6. IGP – Interior Gateway protocol  Each AS maintains their own IGP  There is no interaction of IGP’s between any peers in the KAREN network  IGP’s are required to allow routing inside a domain  Examples include • Static routes • RIP • RIPng IPv6 capable • OSPF • OSPFv3 IPv6 capable • ISIS IPv6 capable • Other proprietary protocols Copyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 6
  • 7. EGP – Exterior Gateway protocol  BGP Can be used in two scenarios • Internally, inside an Autonomous System • Known as IBGP (Internal BGP) • Peers share the same AS number • Typically implemented as a full mesh • Typically peer between loopback addresses • Externally, between peers • Known as EBGP (External BGP) • Peers have different AS numbers • Single point-to-point peering • Typically peer between interface addresses  All connections to the KAREN network use EBGPCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 7
  • 8. IBGP – Full mesh, on top of IGP KAREN Internet AS 12345 IBGP PeeringCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 8
  • 9. EBGP, Peering to the Internet and KAREN KAREN Internet AS 12345 EBGP PeeringCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 9
  • 10. IBGP and EBGP in operation KAREN Internet AS 12345 IBGP Peering EBGP PeeringCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 10 10
  • 11. BGP Protocol Overview  BGP Runs over TCP  Any two routers that have formed a TCP connection to exchange BGP information are called “Peers” or ‘Neighbors”  Once connection is made, Peers exchange their full BGP routing tables.  Updates are then sent as the table changes or new routes are added to the network.  BGP peers in the KAREN network should be capable of exhanging both IPv4 and IPv6 routesCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 11 11
  • 12. BGP Routes  BGP routes contain more that just the advertised prefix • Origin • AS Path • Next Hop • Local Preference • Multiple Exit Discriminator • Community  BGP Policy looks at the prefix as well as route attributes for decision making  BGP attributes can often be changed to influence downstream policyCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 12 12
  • 13. Autonomous System  Autonomous System (AS) • Group of routers belonging to a single administrative domain • Viewed externally as a single, coherent interior routing domain • Each AS runs their own chosen IGP  AS Numbers • Public and private AS numbers are available for use • Public numbers assigned locally by APNIC to each institution • Larger tertiary institutions potentially already have one assigned  You will need a Publicly Assigned AS number to connect to KAREN!Copyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 13 13
  • 14. BGP PolicyCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 14 14
  • 15. BGP Policy  BGP Policy controls what BGP routes are installed in the routers routing table and what routes are advertised to your peers  Use BGP policy when • You don’t want to import all learned routes into the routing table • You don’t want to advertise all known routes to neighboring routers • You want BGP to receive routes from another protocol (Redistribution) • You want to modify information (BGP Attributes) associated with routes  BGP Policy configuration varies with each router vendor and platform  BGP Policy can be as simple or as complex as you wish  Ensure your routers policy implementation is as flexible as possibleCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 15 15
  • 16. Default Policy  BGP when left to its own devices will fall back to default policy for the import and export of routes.  Can vary with vendor implementation  Import • All routes learned from BGP neighbors are installed in the routing table  Export • Transmit all routes learned from BGP neighbors to all BGP neighbors • Advertise only active route  If you aren’t running IBGP in your network then you will need policy to redistribute IGP routes to KARENCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 16 16
  • 17. Import and Export Policy  Control the flow of routes between your network and KAREN by creating specific policy rules!  Import Policy • Apply an import routing policy to control the routes that the routing protocol process uses to determine active routes • Affects routes that BGP receives from a neighbor • Modify BGP attributes  Export Policy • Apply an export routing policy to control the routes that a BGP router advertises to its neighbor • Modify BGP attributesCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 17 17
  • 18. Why do we need policy 200.0.0.0/24 192.168.0.0/24 KAREN Internet AS 12345 200.0.0.0/24 200.0.0.0/24 192.168.0.0/24 192.168.0.0/24Copyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 18 18
  • 19. Policy enforcement Export Export Import Import KAREN Internet AS38022 AS 12345 Eg. Eg. Filter all RFC 1918 routes Import all AS38022 routes No export AS38022 routesCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 19 19
  • 20. Platform requirementsCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 20
  • 21. Router requirements  BGP peers in the KAREN network will be expected to perform the following • BGP peering of both IPv4 and IPv6, large number of routes • While the Internet is currently 160K+ routes, KAREN “should” be smaller • Forwarding of Ethernet Jumbo Frames • Interdomain Multicast forwardingCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 21 21
  • 22. Router requirements  Not all routers capable of the demands required • Does my platform of choice support all the relevant RFC’s? • Pay attention to maximum number of routes in Routing table and Forwarding Table for both IPv4 and IPv6 • Is the router forwarding in Software or Hardware? • Do Jumbo Frames limit my forwarding performance, while mixed with smaller packets? • Is there a flexible “Policy” implementation to control routes installed in route table • What are the default Policies of BGP • Is there any additional Security I should be concerned about?Copyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 22
  • 23. More Information and Help?Copyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 23
  • 24. More Information…  Books Practical BGP BGP Illustrated JunOS Cookbook ISBN 0321127005 ISBN 0596002548 ISBN 0596100140  RFC’s • Specifically RFC 1771, 1772 and 1997  Online • http://www.bgp4.as • http://www.juniper.net/techpubs/software/junos/junos80/swconfig80-routing/frameset.htm  Vendors, Consultants and your existing ISPCopyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 24
  • 25. Q & A?Copyright ©© 2006 Juniper Networks, Inc.Copyright 2003 Juniper Networks, Inc. Proprietary and Confidential Proprietary and Confidential www.juniper.net www.juniper.net 25
  • 26. Thank You