SlideShare a Scribd company logo

Bgp (1)

Download as PPT, PDF
Vamsidhar Naidu
Vamsidhar Naidu
Technology
1 of 111
Border Gateway Protocol (BGP4)
Border Gateway Protocol (BGP) • Routing/Forwarding basics • Building blocks • Exercises • BGP protocol basics • Exercises • BGP path attributes • Best path computation • Exercises
Border Gateway Protocol (BGP)... • Typical BGP topologies • Routing Policy • Exercises • Redundancy/Load sharing • Best current practices
Routing/Forwarding Basics
IP route lookup:Longest match routing R2 R3 R1 R4 All 10/8 except 10.1/16 10.1/16 Packet: Destination IP address: 10.1.1.1 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 30/8 -> R6 ….. R2’s IP routing table
IP route lookup: Longest match routing R2 R3 R1 R4 All 10/8 except 10.1/16 10.1/16 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table 10.1.1.1 & FF.0.0.0 is equal to 10.0.0.0 & FF.0.0.0 Match! Packet: Destination IP address: 10.1.1.1
IP route lookup: Longest match routing R2 R3 R1 R4 All 10/8 except 10.1/16 10.1/16 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table 10.1.1.1 & FF.FF.0.0 is equal to 10.1.0.0 & FF.FF.0.0 Match as well! Packet: Destination IP address: 10.1.1.1
IP route lookup: Longest match routing R2 R3 R1 R4 All 10/8 except 10.1/16 10.1/16 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table 10.1.1.1 & FF.0.0.0 is equal to 20.0.0.0 & FF.0.0.0 Does not match! Packet: Destination IP address: 10.1.1.1
IP route lookup: Longest match routing R2 R3 R1 R4 All 10/8 except 10.1/16 10.1/16 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table Packet: Destination IP address: 10.1.1.1 Longest match, 16 bit netmask
IP route lookup: Longest match routing • default is 0.0.0.0/0 • can handle it using the normal longest match algorithm • matches everything. Always the shortest match.
Forwarding • Uses the routing table built by routing protocols • Performs the lookup to find next-hop and outgoing interface • Switches the packet with new encapsulation as per the outgoing interface
Building Blocks • Autonomous System (AS) • Types of Routes • IGP/EGP • DMZ • Policy • Egress • Ingress
Autonomous System (AS) • Collection of networks with same policy • Single routing protocol • Usually under single administrative control • IGP to provide internal connectivity AS 100
Autonomous System(AS)... • Identified by ‘AS number’ • Public & Private AS numbers • Examples: – Service provider – Multi-homed customers – Anyone needing policy discrimination
Routing flow and packet flow For networks in AS1 and AS2 to communicate: AS1 must announce routes to AS2 AS2 must accept routes from AS1 AS2 must announce routes to AS1 AS1 must accept routes from AS2 accept announce announc e acceptAS 1 AS2 packet flow packet flow Routing flow egress ingress
Egress Traffic • Packets exiting the network • Based on – Route availability (what others send you) – Route acceptance (what you accept from others) – Policy and tuning (what you do with routes from others) – Peering and transit agreements
Ingress Traffic • Packets entering your network • Ingress traffic depends on: – What information you send and to who – Based on your addressing and ASes – Based on others’ policy (what they accept from you and what they do with it)
Types of Routes • Static Routes – configured manually • Connected Routes – created automatically when an interface is ‘up’ • Interior Routes – Routes within an AS • Exterior Routes – Routes exterior to AS
What Is an IGP? • Interior Gateway Protocol • Within an Autonomous System • Carries information about internal prefixes • Examples—OSPF, ISIS, EIGRP…
What Is an EGP? • Exterior Gateway Protocol • Used to convey routing information between ASes • De-coupled from the IGP • Current EGP is BGP4
Why Do We Need an EGP? • Scaling to large network – Hierarchy – Limit scope of failure • Define administrative boundary • Policy – Control reachability to prefixes
• Interior – Automatic discovery – Generally trust your IGP routers – Routes go to all IGP routers • Exterior Specifically configured peers Connecting with outside networks Set administrative boundaries Interior vs. Exterior Routing Protocols
Hierarchy of Routing Protocols Local NAP FDDI Other ISP’s BGP4 BGP4/Static BGP4 / OSPF Customers BGP4
AS 100 AS 101 AS 102 DMZ Network AA BB CC DD EE • Shared network between ASes Demilitarized Zone (DMZ)
Addressing - ISP • Need to reserve address space for its network. • Need to allocate address blocks to its customers. • Need to take “growth” into consideration • Upstream link address is allocated by upstream provider
BGP Basics • Terminology • Protocol Basics • Messages • General Operation • Peering relationships (EBGP/IBGP) • Originating routes
Terminology • Neighbor – Configured BGP peer • NLRI/Prefix – NLRI - network layer reachability information – Reachability information for a IP address & mask • Router-ID – Highest IP address configured on the router • Route/Path – NLRI advertised by a neighbor
Protocol Basics • Routing protocol used between ASes –if you aren’t connected to multiple ASes, you don’t need BGP :) • Runs over TCP • Path vector protocol AS 100 AS 101 AS 102 EE BB DD AA CC Peering
BGP Basics ... • Each AS originates a set of NLRI • NLRI is exchanged between BGP peers • Can have multiple paths for a given prefix • Picks the best path and installs in the IP forwarding table • Policies applied (through attributes) influences BGP path selection
AS 100 AS 101 AS 102 AA CC BGP speakers are called peers BGP Peers eBGP TCP/IP Peer Connection Peers in different AS’s are called External Peers Note: eBGP Peers normally should be directly connected. EE BB DD 220.220.8.0/24 220.220.16.0/24 220.220.32.0/24
AS 100 AS 101 AA CC BGP speakers are called peers BGP Peers iBGP TCP/IP Peer Connection Peers in the same AS are called Internal Peers AS 102 EE BB DD Note: iBGP Peers don’t have to be directly connected. 220.220.8.0/24 220.220.16.0/24 220.220.32.0/24
AS 100 AS 101 AA CC BGP Peers AS 102 DD 220.220.8.0/24 220.220.16.0/24 220.220.32.0/24 EE BB BGP Peers exchange Update messages containing Network Layer Reachability Information (NLRI) BGP Update Messages
Configuring BGP Peers interface Serial 0 ip address 222.222.10.2 255.255.255.252 router bgp 100 network 220.220.8.0 mask 255.255.255.0 neighbor 222.222.10.1 remote-as 101neighbor 222.222.10.1 remote-as 101 interface Serial 0 ip address 222.222.10.1 255.255.255.252 router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 222.222.10.2 remote-as 100neighbor 222.222.10.2 remote-as 100 eBGP TCP Connection • BGP Peering sessions are established using the BGP “neighbor” configuration command 222.222.10.0/30 BB CC DDAA AS 100 AS 101 .2220.220.8.0/24 220.220.16.0/24.2 .1 .2 .1.1 – External (eBGP) is configured when AS numbers are different
– Internal (iBGP) is configured when AS numbers are same AS 100 AS 101 Configuring BGP Peers 222.222.10.0/30 .2 interface Serial 1 ip address 220.220.16.2 255.255.255.252 router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 220.220.16.1 remote-as 101neighbor 220.220.16.1 remote-as 101 BB interface Serial 1 ip address 222.220.16.1 255.255.255.252 router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 220.220.16.2 remote-as 101neighbor 220.220.16.2 remote-as 101 CC iBGP TCP Connection • BGP Peering sessions are established using the BGP “neighbor” configuration command DD220.220.8.0/24 220.220.16.0/24AA .2 .1 .2 .1.1 – External (eBGP) is configured when AS numbers are different
Configuring BGP Peers • Each iBGP speaker must peer with every other iBGP speaker in the AS iBGP TCP/IP Peer Connection AS 100 AA BB CC
Configuring BGP Peers • Loopback interface are normally used as peer connection end-points AS 100 215.10.7.1 215.10.7.2 215.10.7.3 AA BB CC iBGP TCP/IP Peer Connection
iBGP TCP/IP Peer Connection Configuring BGP Peers AS 100 AA 215.10.7.1 215.10.7.2 215.10.7.3 CC BB interface loopback 0 ip address 215.10.7.1 255.255.255.255 router bgp 100 network 220.220.1.0 neighbor 215.10.7.2 remote-as 100 neighbor 215.10.7.2 update-source loopback0neighbor 215.10.7.2 update-source loopback0 neighbor 215.10.7.3 remote-as 100 neighbor 215.10.7.3 update-source loopback0neighbor 215.10.7.3 update-source loopback0 AA
Configuring BGP Peers AS 100 AA 215.10.7.1 215.10.7.2 215.10.7.3 CC AA interface loopback 0 ip address 215.10.7.2 255.255.255.255 router bgp 100 network 220.220.5.0 neighbor 215.10.7.1 remote-as 100 neighbor 215.10.7.1 update-source loopback0neighbor 215.10.7.1 update-source loopback0 neighbor 215.10.7.3 remote-as 100 neighbor 215.10.7.3 update-source loopback0neighbor 215.10.7.3 update-source loopback0 BB iBGP TCP/IP Peer Connection
Configuring BGP Peers AS 100 AA 215.10.7.1 215.10.7.2 215.10.7.3 AA BB interface loopback 0 ip address 215.10.7.3 255.255.255.255 router bgp 100 network 220.220.1.0 neighbor 215.10.7.1 remote-as 100 neighbor 215.10.7.1 update-source loopback0neighbor 215.10.7.1 update-source loopback0 neighbor 215.10.7.2 remote-as 100 neighbor 215.10.7.2 update-source loopback0neighbor 215.10.7.2 update-source loopback0 CC iBGP TCP/IP Peer Connection
BGP Updates — NLRI • Network Layer Reachability Information • Used to advertise feasible routes • Composed of: – Network Prefix – Mask Length
BGP Updates — Attributes • Used to convey information associated with NLRI – AS path – Next hop – Local preference – Multi-Exit Discriminator (MED) – Community – Origin – Aggregator
• Sequence of ASes a route has traversed • Loop detection • Apply policy AS 100 AS 300 AS 200 AS 500 AS 400 170.10.0.0/16 180.10.0.0/16 150.10.0.0/16 Network Path 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200 150.10.0.0/16 300 400 Network Path 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200 AS-Path Attribute
160.10.0.0/16 150.10.0.0/16 192.10.1.0/30 .2 AS 100 AS 200 Network Next-Hop Path 160.10.0.0/16 192.20.2.1 100 CC Next Hop Attribute .1 BGP Update Messages BB AA .1 .2 192.20.2.0/30 AS 300 EE DD • Next hop to reach a network • Usually a local network is the next hop in eBGP session 140.10.0.0/16
• Next hop to reach a network • Usually a local network is the next hop in eBGP session 160.10.0.0/16 150.10.0.0/16 192.10.1.0/30 .2 AS 100 AS 200 CC Next Hop Attribute .1 BB AA .1 .2 192.20.2.0/30 BGP Update Messages EE DD • Next Hop updated between eBGP Peers AS 300 140.10.0.0/16 Network Next-Hop Path 150.10.0.0/16 192.10.1.1 200 160.10.0.0/16 192.10.1.1192.10.1.1 200 100
• Next hop not changed between iBGP peers 160.10.0.0/16 150.10.0.0/16 192.10.1.0/30 .2 AS 100 AS 200 Network Next-Hop Path 150.10.0.0/16 192.10.1.1 200 160.10.0.0/16 192.10.1.1192.10.1.1 200 100 CC Next Hop Attribute .1 BB AA .1 .2 192.20.2.0/30 BGP Update Messages DD EE AS 300 140.10.0.0/16
Next Hop Attribute (more) • IGP should carry route to next hops • Recursive route look-up • Unlinks BGP from actual physical topology • Allows IGP to make intelligent forwarding decision
BGP Updates — Withdrawn Routes • Used to “withdraw” network reachability • Each Withdrawn Route is composed of: – Network Prefix – Mask Length
BGP Updates — Withdrawn Routes AS 321 AS 123 192.168.10.0/24 192.192.25.0/24 .1 .2 x Connectivity lost BGP Update Message Withdraw Routes 192.192.25.0/24 Withdraw Routes 192.192.25.0/24 Network Next-Hop Path 150.10.0.0/16 192.168.10.2 321 200 192.192.25.0/24 192.168.10.2 321
BGP Routing Information Base BGP RIB D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 Network Next-Hop Path router bgp 100 network 160.10.0.0 255.255.0.0 no auto-summary Route Table *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i BGP ‘network’ commands are normally used to populate the BGP RIB with routes from the Route Table
BGP Routing Information Base BGP RIB router bgp 100 network 160.10.0.0 255.255.0.0 aggregate-address 160.10.0.0 255.255.0.0 summary-only no auto-summary Route Table Network Next-Hop Path D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 *> 160.10.0.0/16 0.0.0.0 i*> 160.10.0.0/16 0.0.0.0 i * i 192.20.2.2 i* i 192.20.2.2 i s> 160.10.1.0/24 192.20.2.2 i s> 160.10.3.0/24 192.20.2.2 i BGP ‘aggregate-address’ commands may be used to install summary routes in the BGP RIB
BGP ‘redistribute’ commands can also be used to populate the BGP RIB with routes from the Route Table BGP Routing Information Base BGP RIB Network Next-Hop Path router bgp 100 network 160.10.0.0 255.255.0.0 redistribute static route-map foo no auto-summary access-list 1 permit 192.1.0.0 0.0.255.255 route-map foo permit 10 match ip address 1 Route Table D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 *> 160.10.0.0/16 0.0.0.0 i * i 192.20.2.2 i s> 160.10.1.0/24 192.20.2.2 i s> 160.10.3.0/24 192.20.2.2 i *> 192.1.1.0/24 192.20.2.2 ?*> 192.1.1.0/24 192.20.2.2 ?
BGP Routing Information Base BGP RIB IN Process Update Network Next-Hop Path 173.21.0.0/16 192.20.2.1 100 * 173.21.0.0/16 192.20.2.1 100 • BGP “in” process • receives path information from peers • results of BGP path selection placed in the BGP table • “best path” flagged (denoted by “>”) Update Network Next-Hop Path *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i OUT Process >
BGP Routing Information Base OUT Process Network Next-Hop Path 160.10.1.0/24 192.20.2.2 200 160.10.3.0/24 192.20.2.2 200 173.21.0.0/16 192.20.2.2 200 100192.20.2.1192.20.2.1 BGP RIB > 173.21.0.0/16 192.20.2.1 100 Network Next-Hop Path *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i * IN Process Update Update • BGP “out” process • builds update using info from RIB • may modify update based on config • Sends update to peers Next-Hop changed
BGP Routing Information Base BGP RIB D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 Network Next-Hop Path *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i *> 173.21.0.0/16 192.20.2.1 100 • Best paths installed in routing table if: B 173.21.0.0/16 Route Table • prefix and prefix length are unique • lowest “protocol distance”
The ‘Bible’ & other resources • Route-views.oregon-ix.net • Internet Routing Architectures – Bassam Halabi – pg. 168 BGP Decision Process Summary
Types of BGP Messages • OPEN – To negotiate and establish peering • UPDATE – To exchange routing information • KEEPALIVE – To maintain peering session • NOTIFICATION – To report errors (results in session reset)
Internal BGP Peering (IBGP) • BGP peer within the same AS • Not required to be directly connected • Maintain full IBGP mesh or use Route Reflection AS 100 AA EE BB DD
External BGP Peering (EBGP) AS 100 AS 101 CC BB AA • Between BGP speakers in different AS • Directly connected or peering address is reachable
An Example… Learns about 35.0.0.0/8 from F & D AS3561 B E C D F A AS200 AS101 AS21 AS675 35.0.0.0/8
Basic BGP commands Configuration commands router bgp <AS-number> neighbor <ip address> remote-as <as-number> Show commands show ip bgp summary show ip bgp neighbors
Originating routes... • Using network command or redistribution network <ipaddress> redistribute <protocol name> • Requires the route to be present in the routing table
Originating routes/Inserting prefixes into BGP • network command • network 198.10.4.0 mask 255.255.254.0 • ip route 198.10.0.0 255.255.254.0 serial 0 • matching route must exist in the routing table before network is announced! • Origin: IGP
Update message • Withdrawn routes • Path Attributes • Advertised routes
Stable IBGP peering • Unlinks IBGP peering from physical topology. • Carry loopback address in IGP router ospf <ID> passive-interface loopback0 • Unlink peering from physical topology router bgp <AS1> neighbor <x.x.x.x> remote-as <AS1> neighbor <x.x.x.x> update-source loopback0
BGP4 continued...
BGP Path Attributes: Why ? • Encoded as Type, Length & Value (TLV) • Transitive/Non-Transitive attributes • Some are mandatory • Used in path selection • To apply policy for steering traffic
BGP Path Attributes... • Origin • AS-path • Next-hop • Multi-Exit Discriminator (MED) • Local preference • BGP Community • Others...
AS-PATH • Updated by the sending router with its AS number • Contains the list of AS numbers the update traverses. • Used to detect routing loops – Each time the router receives an update, if it finds its AS number, it discards the update
• Sequence of ASes a route has traversed • Loop detection AS-Path AS 100 AS 300 AS 200 AS 500 AS 400 170.10.0.0/16 180.10.0.0/16 150.10.0.0/16 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200 150.10.0.0/16 300 400 180.10.0.0/16 dropped
Next-Hop • Next hop router to reach a network • Advertising router/Third party in EBGP • Unmodified in IBGP 160.10.0.0/16 150.10.0.0/16 150.10.1.1 150.10.1.2 AS 100 AS 300 AS 200 150.10.0.0/16 150.10.1.1 160.10.0.0/16 150.10.1.1 AA BB 20Cisco Systems Confidential0799_04F7_c2
Third Party Next Hop 192.68.1.0/24 150.1.1.3150.1.1.3 150.1.1.1 150.1.1.2 192.68.1.0/24 150.1.1.3 AS 201 AS 200 CC AA BB • More efficient, but bad idea! peering
Next Hop... • IGP should carry route to next hops • Recursive route look-up • Unlinks BGP from actual physical topology • Allows IGP to make intelligent forwarding decision
Local Preference • Not for EBGP, mandatory for IBGP • Default value is 100 on Ciscos • Local to an AS • Used to prefer one exit over another • Path with highest local preference wins
Local Preference AS 400 AS 200 160.10.0.0/16 AS 100 AS 300 160.10.0.0/16 500 > 160.10.0.0/16 800 500 800 EE BB CC AA DD
Multi-Exit Discriminator • Non-transitive • Represented as a numeric value (0-0xffffffff) • Used to convey the relative preference of entry points • Comparable if paths are from the same AS • Path with lower MED wins • IGP metric can be conveyed as MED
Multi-Exit Discriminator (MED) AS 201 AS 200 192.68.1.0/24 CC AA BB 192.68.1.0/24 1000192.68.1.0/24 2000 preferred
Origin • Conveys the origin of the prefix • Three values: – IGP - Generated using “network” statement • ex: network 35.0.0.0 – EGP - Redistributed from EGP – Incomplete - Redistribute IGP • ex: redistribute ospf • IGP < EGP < INCOMPLETE
Communities • Transitive, Non-mandatory • Represented as a numeric value (0-0xffffffff) • Used to group destinations • Each destination could be member of multiple communities • Flexibility to scope a set of prefixes within or across AS for applying policy
Customer AS 201 Service Provider AS 200 192.68.1.0/24 CC AA BB Community:201:110 Community:201:120 DD Community Local Preference 201:110 110 201:120 120 Community...
Synchronization • C not running BGP (non-pervasive BGP) • A won’t advertise 35/8 to D until the IGP is in sync • Turn synchronization off! – Run pervasive BGP router bgp 1880 no sync 1880 209 690 B A C 35/8 D OSPF
BGP Route Selection (bestpath) Only one path as the bestpath ! • Route has to be synchronized Prefix in forwarding table • Next-hop has to be accessible Next-hop in forwarding table • Largest weight Local to the router • Largest local preference Spread within AS • Locally sourced Via redistribute or network statement
BGP Route Selection ... • Shortest AS-path length number of ASes in the AS-path attribute • Lowest origin IGP < EGP < INCOMPLETE • Lowest MED between paths from same AS • External over internal closest exit from a router • Closest next-hop Lower IGP metric, closer exit from as AS • Lowest router-id • Lowest IP address of neighbor
BGP Route Selection... AS 400 AS 200 AS 100 AS 300 BBAA DD AS 400’s Policy to reach AS100 AS 200 preferred path AS 300 backup Increase AS path attribute length by at least 1
Stub AS • Typically no need for BGP • Point default towards the ISP • ISP advertises the stub network to Internet • Policy confined within ISP policy
Stub AS AS 100 AS 101 BB AA Provider Customer
Multi-homed AS • Only border routers speak BGP • IBGP only between border routers • Exterior routes must be redistributed in a controlled fashion into IGP or use defaults
Multi-homed AS AS 100 AS 200 AS 300 DD CCBB AA provider provider customer
Service Provider Network • IBGP used to carry exterior routes • IGP keeps track of topology • Full IBGP mesh is required
Common Service Provider Network AS 100 AS 200 AS 400 AS 300 FF EE DD GG HH CCBB AA provider
Routing Policy • Why? – To steer traffic through preferred paths – Inbound/Outbound prefix filtering – To enforce Customer-ISP agreements • How ? – AS based route filtering - filter list – Prefix based route filtering - distribute list – BGP attribute modification - route maps
Distribute list - using IP access lists access-list 1 deny 10.0.0.0 access-list 1 permit any access-list 2 permit 20.0.0.0 … more access-lists as prefixes are added ... router bgp 100 neighbor 171.69.233.33 remote-as 33 neighbor 171.69.233.33 distribute-list 1 in neighbor 171.69.233.33 distribute-list 2 out
Filter list rules Regular Expressions • RE is a pattern to match against an input string • Used to match against AS-path attribute • ex: ^3561.*100.*1$ • Flexible enough to generate complex filter list rules
Filter list - using as-path access list ip as-path access-list 1 permit 3561 ip as-path access-list 2 deny 35 ip as-path access-list 2 permit .* router bgp 100 neighbor 171.69.233.33 remote-as 33 neighbor 171.69.233.33 filter-list 1 in neighbor 171.69.233.33 filter-list 2 out
Route Maps router bgp 300 neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 route-map SETCOMMUNITY out ! route-map SETCOMMUNITY permit 10 match ip address 1 match community 1 set community 300:100 ! access-list 1 permit 35.0.0.0 ip community-list 1 permit 100:200
Route-map match & set clauses Match Clauses Set Clauses• AS-path • Community • IP address • AS-path prepend • Community • Local-Preference • MED • Origin • Weight • Others...
H H eth H H eth H H eth H H eth C31 C22C21 C32 ISP3 ISP2 Inbound route-map to set community Route-map Configuration Example neighbor <x.x.x.x> route-map AS100_IN in ! route-map AS100_IN permit 10 set community 100:200 neighbor <y.y.y.y> route-map AS200_IN in ! route-map AS200_IN permit 10 match community 1 set local-preference 200 ! ip community-list 1 permit 100:200
Load Sharing & Redundancy using BGP
Load-sharing - single path AS100 AS200 Router A: interface loopback 0 ip address 20.200.0.1 255.255.255.255 ! router bgp 100 neighbor 10.200.0.2 remote-as 200 neighbor 10.200.0.2 update-source loopback0 neighbor 10.200.0.2 ebgp-multi-hop 2 ! ip route 10.200.0.2 255.255.255.255 <DMZ-link1, link2> A Loopback 0 10.200.0.2 Loopback 0 20.200.0.1
100 200 A Note:A still only advertises one “best” path to ibgp peers Router A: router bgp 100 neighbor 10.200.0.1 remote-as 200 neighbor 10.300.0.1 remote-as 200 maximum-paths 2 Load Sharing - Multiple paths from the same AS
Redundancy - Multi-homing •Reliable connection to Internet •3 common cases of multi-homing: - default from all providers - customer + default routes from all - full routes from all
Default from all providers • Low memory/CPU solution • Provider sends BGP default – provider is selected based on IGP metric • Inbound traffic decided by providers’ policy – Can influence using outbound policy, example: AS-path prepend
Default from all providers AS 400 Provider AS 200 Provider AS 300 EE BB CC AA DD
Customer + default from all providers • Medium memory and CPU solution • Granular routing for customer routes and default for the rest • Inbound traffic decided by providers’ policy – Can influence using outbound policy
Customer routes from all providers AS 400 Provider AS 200 Customer AS 100 160.10.0.0/16 Provider AS 300 EE BB CC AA DD C chooses shortest AS path
Full routes from all providers • More memory/CPU • Full granular routing • Usually transit ASes take full routes • Usually pervasive BGP
Full routes from all providers AS 400 AS 200 AS 100 AS 300 EE BB CC AA DD C chooses shortest AS path AS 500
Best Practices IGP in Backbone • IGP connects your backbone together, not your client’s routes • IGP must converge quickly • IGP should carry netmask information - OSPF, IS-IS, EIGRP
Best Practices... Connecting to a customer • Static routes – You control directly – No route flaps • Shared routing protocol or leaking – You must filter your customers info – Route flaps • BGP for multi-homed customers
Best Practices... Connecting to other ISPs • Use BGP4 • Advertise only what you serve • Take back as little as you can • Take the shortest exit
Best Practices... The Internet Exchange • Long distance connectivity is expensive • Connect to several providers at a single point
Q & A

Recommended

Bgp
BgpBgp
Bgp
Febrian ‎
 
BGP (border gateway routing protocol)
BGP (border gateway routing protocol)BGP (border gateway routing protocol)
BGP (border gateway routing protocol)
Netwax Lab
 
BGP
BGPBGP
BGP
Anıl Alibeyoğlu
 
Border Gatway Protocol
Border Gatway ProtocolBorder Gatway Protocol
Border Gatway Protocol
Shashank Asthana
 
How BGP Works
How BGP WorksHow BGP Works
How BGP Works
ThousandEyes
 
BGP
BGP BGP
BGP
Reza Farahani
 
Ospf.ppt
Ospf.pptOspf.ppt
Ospf.ppt
Edgardo Scrimaglia
 
Troubleshooting BGP
Troubleshooting BGPTroubleshooting BGP
Troubleshooting BGP
Duane Bodle
 

Recommended

Bgp
BgpBgp
Bgp
Febrian ‎
 
BGP (border gateway routing protocol)
BGP (border gateway routing protocol)BGP (border gateway routing protocol)
BGP (border gateway routing protocol)
Netwax Lab
 
BGP
BGPBGP
BGP
Anıl Alibeyoğlu
 
Border Gatway Protocol
Border Gatway ProtocolBorder Gatway Protocol
Border Gatway Protocol
Shashank Asthana
 
How BGP Works
How BGP WorksHow BGP Works
How BGP Works
ThousandEyes
 
BGP
BGP BGP
BGP
Reza Farahani
 
Ospf.ppt
Ospf.pptOspf.ppt
Ospf.ppt
Edgardo Scrimaglia
 
Troubleshooting BGP
Troubleshooting BGPTroubleshooting BGP
Troubleshooting BGP
Duane Bodle
 
13. eigrp and ospf
13. eigrp and ospf13. eigrp and ospf
13. eigrp and ospf
Swarndeep Singh
 
BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)
NetProtocol Xpert
 
BGP Overview
BGP OverviewBGP Overview
BGP Overview
Matt Bynum
 
Cisco ospf
Cisco ospf Cisco ospf
Cisco ospf
sarasanandam
 
Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPF
arpit
 
EIGRP (enhanced interior gateway routing protocol)
EIGRP (enhanced interior gateway routing protocol)EIGRP (enhanced interior gateway routing protocol)
EIGRP (enhanced interior gateway routing protocol)
Netwax Lab
 
Dynamic routing protocols (CCNA)
Dynamic routing protocols (CCNA)Dynamic routing protocols (CCNA)
Dynamic routing protocols (CCNA)
Varinder Singh Walia
 
bgp protocol
bgp protocol bgp protocol
bgp protocol
Sukanya Sanyal
 
Ccnp workbook network bulls
Ccnp workbook network bullsCcnp workbook network bulls
Ccnp workbook network bulls
Swapnil Kapate
 
BGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and DiscussionBGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and Discussion
APNIC
 
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
APNIC
 
An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)
Jasim Alam
 
Dynamic routing
Dynamic routingDynamic routing
Dynamic routing
Najmul Hossain Nayan
 
BGP protocol presentation
BGP protocol presentationBGP protocol presentation
BGP protocol presentation
Gorantla Mohanavamsi
 
Border Gateway Protocol (BGP)
Border Gateway Protocol (BGP)Border Gateway Protocol (BGP)
Border Gateway Protocol (BGP)
Nutan Singh
 
Сети для самых маленьких. Часть восьмая. BGP и IP SLA
Сети для самых маленьких. Часть восьмая. BGP и IP SLAСети для самых маленьких. Часть восьмая. BGP и IP SLA
Сети для самых маленьких. Часть восьмая. BGP и IP SLA
Natasha Samoylenko
 
bgp(border gateway protocol)
bgp(border gateway protocol)bgp(border gateway protocol)
bgp(border gateway protocol)
Noor Ul Hudda Memon
 
Segment Routing: A Tutorial
Segment Routing: A TutorialSegment Routing: A Tutorial
Segment Routing: A Tutorial
APNIC
 
Ospf
Ospf Ospf
Ospf
DeeN Mohammad
 
Static Routing
Static RoutingStatic Routing
Static Routing
Kishore Kumar
 
Operationalizing BGP in the SDDC
Operationalizing BGP in the SDDCOperationalizing BGP in the SDDC
Operationalizing BGP in the SDDC
Cumulus Networks
 
MPLS L3 VPN Deployment
MPLS L3 VPN DeploymentMPLS L3 VPN Deployment
MPLS L3 VPN Deployment
APNIC
 

More Related Content

What's hot

Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPF
arpit
 
An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)
Jasim Alam
 

What's hot (20)

13. eigrp and ospf
13. eigrp and ospf13. eigrp and ospf
13. eigrp and ospf
 
BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)BGP (Border Gateway Protocol)
BGP (Border Gateway Protocol)
 
BGP Overview
BGP OverviewBGP Overview
BGP Overview
 
Cisco ospf
Cisco ospf Cisco ospf
Cisco ospf
 
Routing and OSPF
Routing and OSPFRouting and OSPF
Routing and OSPF
 
EIGRP (enhanced interior gateway routing protocol)
EIGRP (enhanced interior gateway routing protocol)EIGRP (enhanced interior gateway routing protocol)
EIGRP (enhanced interior gateway routing protocol)
 
Dynamic routing protocols (CCNA)
Dynamic routing protocols (CCNA)Dynamic routing protocols (CCNA)
Dynamic routing protocols (CCNA)
 
bgp protocol
bgp protocol bgp protocol
bgp protocol
 
Ccnp workbook network bulls
Ccnp workbook network bullsCcnp workbook network bulls
Ccnp workbook network bulls
 
BGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and DiscussionBGP Flowspec (RFC5575) Case study and Discussion
BGP Flowspec (RFC5575) Case study and Discussion
 
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
MPLS L3 VPN Tutorial, by Nurul Islam Roman [APNIC 38]
 
An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)
 
Dynamic routing
Dynamic routingDynamic routing
Dynamic routing
 
BGP protocol presentation
BGP protocol presentationBGP protocol presentation
BGP protocol presentation
 
Border Gateway Protocol (BGP)
Border Gateway Protocol (BGP)Border Gateway Protocol (BGP)
Border Gateway Protocol (BGP)
 
Сети для самых маленьких. Часть восьмая. BGP и IP SLA
Сети для самых маленьких. Часть восьмая. BGP и IP SLAСети для самых маленьких. Часть восьмая. BGP и IP SLA
Сети для самых маленьких. Часть восьмая. BGP и IP SLA
 
bgp(border gateway protocol)
bgp(border gateway protocol)bgp(border gateway protocol)
bgp(border gateway protocol)
 
Segment Routing: A Tutorial
Segment Routing: A TutorialSegment Routing: A Tutorial
Segment Routing: A Tutorial
 
Ospf
Ospf Ospf
Ospf
 
Static Routing
Static RoutingStatic Routing
Static Routing
 

Viewers also liked

Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010
Febrian ‎
 
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
Edureka!
 

Viewers also liked (13)

Operationalizing BGP in the SDDC
Operationalizing BGP in the SDDCOperationalizing BGP in the SDDC
Operationalizing BGP in the SDDC
 
MPLS L3 VPN Deployment
MPLS L3 VPN DeploymentMPLS L3 VPN Deployment
MPLS L3 VPN Deployment
 
Bgp protocol
Bgp protocolBgp protocol
Bgp protocol
 
MPLS: Multiprotocol Label Switching
MPLS: Multiprotocol Label SwitchingMPLS: Multiprotocol Label Switching
MPLS: Multiprotocol Label Switching
 
Mpls
MplsMpls
Mpls
 
MPLS + BGP Presentation
MPLS + BGP PresentationMPLS + BGP Presentation
MPLS + BGP Presentation
 
Linux firewall-201503
Linux firewall-201503Linux firewall-201503
Linux firewall-201503
 
Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010
 
Mpls Services
Mpls ServicesMpls Services
Mpls Services
 
MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)MPLS (Multi-Protocol Label Switching)
MPLS (Multi-Protocol Label Switching)
 
Multi-Protocol Label Switching: Basics and Applications
Multi-Protocol Label Switching: Basics and ApplicationsMulti-Protocol Label Switching: Basics and Applications
Multi-Protocol Label Switching: Basics and Applications
 
MPLS Presentation
MPLS PresentationMPLS Presentation
MPLS Presentation
 
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
What is Artificial Intelligence | Artificial Intelligence Tutorial For Beginn...
 

Similar to Bgp (1)

T4 Handout3
T4 Handout3T4 Handout3
T4 Handout3
gobed
 
E rou01 routing_basics
E rou01 routing_basicsE rou01 routing_basics
E rou01 routing_basics
tanawan44
 
Computer network (14)
Computer network (14)Computer network (14)
Computer network (14)
NYversity
 

Similar to Bgp (1) (20)

bgp.ppt
bgp.pptbgp.ppt
bgp.ppt
 
T4 Handout3
T4 Handout3T4 Handout3
T4 Handout3
 
10 routing-bgp
10 routing-bgp10 routing-bgp
10 routing-bgp
 
Bgp
BgpBgp
Bgp
 
Bigbgp (1)
Bigbgp (1)Bigbgp (1)
Bigbgp (1)
 
Bgp tutorial for ISP
Bgp tutorial for ISPBgp tutorial for ISP
Bgp tutorial for ISP
 
Wrou01
Wrou01Wrou01
Wrou01
 
Part 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGPPart 10 : Routing in IP networks and interdomain routing with BGP
Part 10 : Routing in IP networks and interdomain routing with BGP
 
PLNOG15: BGP New Advanced Features - Piotr Wojciechowski
PLNOG15: BGP New Advanced Features - Piotr WojciechowskiPLNOG15: BGP New Advanced Features - Piotr Wojciechowski
PLNOG15: BGP New Advanced Features - Piotr Wojciechowski
 
E rou01 routing_basics
E rou01 routing_basicsE rou01 routing_basics
E rou01 routing_basics
 
Computer network (14)
Computer network (14)Computer network (14)
Computer network (14)
 
Bgp
BgpBgp
Bgp
 
Apricot2004 bgp00
Apricot2004 bgp00Apricot2004 bgp00
Apricot2004 bgp00
 
BGP
BGPBGP
BGP
 
Bgp
BgpBgp
Bgp
 
Bgp Toc
Bgp TocBgp Toc
Bgp Toc
 
BGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerBGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN Controller
 
Cloud Traffic Engineer – Google Espresso Project by Shaowen Ma
Cloud Traffic Engineer – Google Espresso Project by Shaowen MaCloud Traffic Engineer – Google Espresso Project by Shaowen Ma
Cloud Traffic Engineer – Google Espresso Project by Shaowen Ma
 
07.bgp
07.bgp07.bgp
07.bgp
 
bgp features presentation routing protocle
bgp features presentation routing protoclebgp features presentation routing protocle
bgp features presentation routing protocle
 

Recently uploaded

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Principled Technologies
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Recently uploaded (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

Bgp (1)

  • 2. Border Gateway Protocol (BGP) • Routing/Forwarding basics • Building blocks • Exercises • BGP protocol basics • Exercises • BGP path attributes • Best path computation • Exercises
  • 3. Border Gateway Protocol (BGP)... • Typical BGP topologies • Routing Policy • Exercises • Redundancy/Load sharing • Best current practices
  • 5. IP route lookup:Longest match routing R2 R3 R1 R4 All 10/8 except 10.1/16 10.1/16 Packet: Destination IP address: 10.1.1.1 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 30/8 -> R6 ….. R2’s IP routing table
  • 6. IP route lookup: Longest match routing R2 R3 R1 R4 All 10/8 except 10.1/16 10.1/16 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table 10.1.1.1 & FF.0.0.0 is equal to 10.0.0.0 & FF.0.0.0 Match! Packet: Destination IP address: 10.1.1.1
  • 7. IP route lookup: Longest match routing R2 R3 R1 R4 All 10/8 except 10.1/16 10.1/16 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table 10.1.1.1 & FF.FF.0.0 is equal to 10.1.0.0 & FF.FF.0.0 Match as well! Packet: Destination IP address: 10.1.1.1
  • 8. IP route lookup: Longest match routing R2 R3 R1 R4 All 10/8 except 10.1/16 10.1/16 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table 10.1.1.1 & FF.0.0.0 is equal to 20.0.0.0 & FF.0.0.0 Does not match! Packet: Destination IP address: 10.1.1.1
  • 9. IP route lookup: Longest match routing R2 R3 R1 R4 All 10/8 except 10.1/16 10.1/16 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table Packet: Destination IP address: 10.1.1.1 Longest match, 16 bit netmask
  • 10. IP route lookup: Longest match routing • default is 0.0.0.0/0 • can handle it using the normal longest match algorithm • matches everything. Always the shortest match.
  • 11. Forwarding • Uses the routing table built by routing protocols • Performs the lookup to find next-hop and outgoing interface • Switches the packet with new encapsulation as per the outgoing interface
  • 12. Building Blocks • Autonomous System (AS) • Types of Routes • IGP/EGP • DMZ • Policy • Egress • Ingress
  • 13. Autonomous System (AS) • Collection of networks with same policy • Single routing protocol • Usually under single administrative control • IGP to provide internal connectivity AS 100
  • 14. Autonomous System(AS)... • Identified by ‘AS number’ • Public & Private AS numbers • Examples: – Service provider – Multi-homed customers – Anyone needing policy discrimination
  • 15. Routing flow and packet flow For networks in AS1 and AS2 to communicate: AS1 must announce routes to AS2 AS2 must accept routes from AS1 AS2 must announce routes to AS1 AS1 must accept routes from AS2 accept announce announc e acceptAS 1 AS2 packet flow packet flow Routing flow egress ingress
  • 16. Egress Traffic • Packets exiting the network • Based on – Route availability (what others send you) – Route acceptance (what you accept from others) – Policy and tuning (what you do with routes from others) – Peering and transit agreements
  • 17. Ingress Traffic • Packets entering your network • Ingress traffic depends on: – What information you send and to who – Based on your addressing and ASes – Based on others’ policy (what they accept from you and what they do with it)
  • 18. Types of Routes • Static Routes – configured manually • Connected Routes – created automatically when an interface is ‘up’ • Interior Routes – Routes within an AS • Exterior Routes – Routes exterior to AS
  • 19. What Is an IGP? • Interior Gateway Protocol • Within an Autonomous System • Carries information about internal prefixes • Examples—OSPF, ISIS, EIGRP…
  • 20. What Is an EGP? • Exterior Gateway Protocol • Used to convey routing information between ASes • De-coupled from the IGP • Current EGP is BGP4
  • 21. Why Do We Need an EGP? • Scaling to large network – Hierarchy – Limit scope of failure • Define administrative boundary • Policy – Control reachability to prefixes
  • 22. • Interior – Automatic discovery – Generally trust your IGP routers – Routes go to all IGP routers • Exterior Specifically configured peers Connecting with outside networks Set administrative boundaries Interior vs. Exterior Routing Protocols
  • 23. Hierarchy of Routing Protocols Local NAP FDDI Other ISP’s BGP4 BGP4/Static BGP4 / OSPF Customers BGP4
  • 24. AS 100 AS 101 AS 102 DMZ Network AA BB CC DD EE • Shared network between ASes Demilitarized Zone (DMZ)
  • 25. Addressing - ISP • Need to reserve address space for its network. • Need to allocate address blocks to its customers. • Need to take “growth” into consideration • Upstream link address is allocated by upstream provider
  • 26. BGP Basics • Terminology • Protocol Basics • Messages • General Operation • Peering relationships (EBGP/IBGP) • Originating routes
  • 27. Terminology • Neighbor – Configured BGP peer • NLRI/Prefix – NLRI - network layer reachability information – Reachability information for a IP address & mask • Router-ID – Highest IP address configured on the router • Route/Path – NLRI advertised by a neighbor
  • 28. Protocol Basics • Routing protocol used between ASes –if you aren’t connected to multiple ASes, you don’t need BGP :) • Runs over TCP • Path vector protocol AS 100 AS 101 AS 102 EE BB DD AA CC Peering
  • 29. BGP Basics ... • Each AS originates a set of NLRI • NLRI is exchanged between BGP peers • Can have multiple paths for a given prefix • Picks the best path and installs in the IP forwarding table • Policies applied (through attributes) influences BGP path selection
  • 30. AS 100 AS 101 AS 102 AA CC BGP speakers are called peers BGP Peers eBGP TCP/IP Peer Connection Peers in different AS’s are called External Peers Note: eBGP Peers normally should be directly connected. EE BB DD 220.220.8.0/24 220.220.16.0/24 220.220.32.0/24
  • 31. AS 100 AS 101 AA CC BGP speakers are called peers BGP Peers iBGP TCP/IP Peer Connection Peers in the same AS are called Internal Peers AS 102 EE BB DD Note: iBGP Peers don’t have to be directly connected. 220.220.8.0/24 220.220.16.0/24 220.220.32.0/24
  • 32. AS 100 AS 101 AA CC BGP Peers AS 102 DD 220.220.8.0/24 220.220.16.0/24 220.220.32.0/24 EE BB BGP Peers exchange Update messages containing Network Layer Reachability Information (NLRI) BGP Update Messages
  • 33. Configuring BGP Peers interface Serial 0 ip address 222.222.10.2 255.255.255.252 router bgp 100 network 220.220.8.0 mask 255.255.255.0 neighbor 222.222.10.1 remote-as 101neighbor 222.222.10.1 remote-as 101 interface Serial 0 ip address 222.222.10.1 255.255.255.252 router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 222.222.10.2 remote-as 100neighbor 222.222.10.2 remote-as 100 eBGP TCP Connection • BGP Peering sessions are established using the BGP “neighbor” configuration command 222.222.10.0/30 BB CC DDAA AS 100 AS 101 .2220.220.8.0/24 220.220.16.0/24.2 .1 .2 .1.1 – External (eBGP) is configured when AS numbers are different
  • 34. – Internal (iBGP) is configured when AS numbers are same AS 100 AS 101 Configuring BGP Peers 222.222.10.0/30 .2 interface Serial 1 ip address 220.220.16.2 255.255.255.252 router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 220.220.16.1 remote-as 101neighbor 220.220.16.1 remote-as 101 BB interface Serial 1 ip address 222.220.16.1 255.255.255.252 router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 220.220.16.2 remote-as 101neighbor 220.220.16.2 remote-as 101 CC iBGP TCP Connection • BGP Peering sessions are established using the BGP “neighbor” configuration command DD220.220.8.0/24 220.220.16.0/24AA .2 .1 .2 .1.1 – External (eBGP) is configured when AS numbers are different
  • 35. Configuring BGP Peers • Each iBGP speaker must peer with every other iBGP speaker in the AS iBGP TCP/IP Peer Connection AS 100 AA BB CC
  • 36. Configuring BGP Peers • Loopback interface are normally used as peer connection end-points AS 100 215.10.7.1 215.10.7.2 215.10.7.3 AA BB CC iBGP TCP/IP Peer Connection
  • 37. iBGP TCP/IP Peer Connection Configuring BGP Peers AS 100 AA 215.10.7.1 215.10.7.2 215.10.7.3 CC BB interface loopback 0 ip address 215.10.7.1 255.255.255.255 router bgp 100 network 220.220.1.0 neighbor 215.10.7.2 remote-as 100 neighbor 215.10.7.2 update-source loopback0neighbor 215.10.7.2 update-source loopback0 neighbor 215.10.7.3 remote-as 100 neighbor 215.10.7.3 update-source loopback0neighbor 215.10.7.3 update-source loopback0 AA
  • 38. Configuring BGP Peers AS 100 AA 215.10.7.1 215.10.7.2 215.10.7.3 CC AA interface loopback 0 ip address 215.10.7.2 255.255.255.255 router bgp 100 network 220.220.5.0 neighbor 215.10.7.1 remote-as 100 neighbor 215.10.7.1 update-source loopback0neighbor 215.10.7.1 update-source loopback0 neighbor 215.10.7.3 remote-as 100 neighbor 215.10.7.3 update-source loopback0neighbor 215.10.7.3 update-source loopback0 BB iBGP TCP/IP Peer Connection
  • 39. Configuring BGP Peers AS 100 AA 215.10.7.1 215.10.7.2 215.10.7.3 AA BB interface loopback 0 ip address 215.10.7.3 255.255.255.255 router bgp 100 network 220.220.1.0 neighbor 215.10.7.1 remote-as 100 neighbor 215.10.7.1 update-source loopback0neighbor 215.10.7.1 update-source loopback0 neighbor 215.10.7.2 remote-as 100 neighbor 215.10.7.2 update-source loopback0neighbor 215.10.7.2 update-source loopback0 CC iBGP TCP/IP Peer Connection
  • 40. BGP Updates — NLRI • Network Layer Reachability Information • Used to advertise feasible routes • Composed of: – Network Prefix – Mask Length
  • 41. BGP Updates — Attributes • Used to convey information associated with NLRI – AS path – Next hop – Local preference – Multi-Exit Discriminator (MED) – Community – Origin – Aggregator
  • 42. • Sequence of ASes a route has traversed • Loop detection • Apply policy AS 100 AS 300 AS 200 AS 500 AS 400 170.10.0.0/16 180.10.0.0/16 150.10.0.0/16 Network Path 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200 150.10.0.0/16 300 400 Network Path 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200 AS-Path Attribute
  • 43. 160.10.0.0/16 150.10.0.0/16 192.10.1.0/30 .2 AS 100 AS 200 Network Next-Hop Path 160.10.0.0/16 192.20.2.1 100 CC Next Hop Attribute .1 BGP Update Messages BB AA .1 .2 192.20.2.0/30 AS 300 EE DD • Next hop to reach a network • Usually a local network is the next hop in eBGP session 140.10.0.0/16
  • 44. • Next hop to reach a network • Usually a local network is the next hop in eBGP session 160.10.0.0/16 150.10.0.0/16 192.10.1.0/30 .2 AS 100 AS 200 CC Next Hop Attribute .1 BB AA .1 .2 192.20.2.0/30 BGP Update Messages EE DD • Next Hop updated between eBGP Peers AS 300 140.10.0.0/16 Network Next-Hop Path 150.10.0.0/16 192.10.1.1 200 160.10.0.0/16 192.10.1.1192.10.1.1 200 100
  • 45. • Next hop not changed between iBGP peers 160.10.0.0/16 150.10.0.0/16 192.10.1.0/30 .2 AS 100 AS 200 Network Next-Hop Path 150.10.0.0/16 192.10.1.1 200 160.10.0.0/16 192.10.1.1192.10.1.1 200 100 CC Next Hop Attribute .1 BB AA .1 .2 192.20.2.0/30 BGP Update Messages DD EE AS 300 140.10.0.0/16
  • 46. Next Hop Attribute (more) • IGP should carry route to next hops • Recursive route look-up • Unlinks BGP from actual physical topology • Allows IGP to make intelligent forwarding decision
  • 47. BGP Updates — Withdrawn Routes • Used to “withdraw” network reachability • Each Withdrawn Route is composed of: – Network Prefix – Mask Length
  • 48. BGP Updates — Withdrawn Routes AS 321 AS 123 192.168.10.0/24 192.192.25.0/24 .1 .2 x Connectivity lost BGP Update Message Withdraw Routes 192.192.25.0/24 Withdraw Routes 192.192.25.0/24 Network Next-Hop Path 150.10.0.0/16 192.168.10.2 321 200 192.192.25.0/24 192.168.10.2 321
  • 49. BGP Routing Information Base BGP RIB D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 Network Next-Hop Path router bgp 100 network 160.10.0.0 255.255.0.0 no auto-summary Route Table *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i BGP ‘network’ commands are normally used to populate the BGP RIB with routes from the Route Table
  • 50. BGP Routing Information Base BGP RIB router bgp 100 network 160.10.0.0 255.255.0.0 aggregate-address 160.10.0.0 255.255.0.0 summary-only no auto-summary Route Table Network Next-Hop Path D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 *> 160.10.0.0/16 0.0.0.0 i*> 160.10.0.0/16 0.0.0.0 i * i 192.20.2.2 i* i 192.20.2.2 i s> 160.10.1.0/24 192.20.2.2 i s> 160.10.3.0/24 192.20.2.2 i BGP ‘aggregate-address’ commands may be used to install summary routes in the BGP RIB
  • 51. BGP ‘redistribute’ commands can also be used to populate the BGP RIB with routes from the Route Table BGP Routing Information Base BGP RIB Network Next-Hop Path router bgp 100 network 160.10.0.0 255.255.0.0 redistribute static route-map foo no auto-summary access-list 1 permit 192.1.0.0 0.0.255.255 route-map foo permit 10 match ip address 1 Route Table D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 *> 160.10.0.0/16 0.0.0.0 i * i 192.20.2.2 i s> 160.10.1.0/24 192.20.2.2 i s> 160.10.3.0/24 192.20.2.2 i *> 192.1.1.0/24 192.20.2.2 ?*> 192.1.1.0/24 192.20.2.2 ?
  • 52. BGP Routing Information Base BGP RIB IN Process Update Network Next-Hop Path 173.21.0.0/16 192.20.2.1 100 * 173.21.0.0/16 192.20.2.1 100 • BGP “in” process • receives path information from peers • results of BGP path selection placed in the BGP table • “best path” flagged (denoted by “>”) Update Network Next-Hop Path *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i OUT Process >
  • 53. BGP Routing Information Base OUT Process Network Next-Hop Path 160.10.1.0/24 192.20.2.2 200 160.10.3.0/24 192.20.2.2 200 173.21.0.0/16 192.20.2.2 200 100192.20.2.1192.20.2.1 BGP RIB > 173.21.0.0/16 192.20.2.1 100 Network Next-Hop Path *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i * IN Process Update Update • BGP “out” process • builds update using info from RIB • may modify update based on config • Sends update to peers Next-Hop changed
  • 54. BGP Routing Information Base BGP RIB D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 Network Next-Hop Path *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i *> 173.21.0.0/16 192.20.2.1 100 • Best paths installed in routing table if: B 173.21.0.0/16 Route Table • prefix and prefix length are unique • lowest “protocol distance”
  • 55. The ‘Bible’ & other resources • Route-views.oregon-ix.net • Internet Routing Architectures – Bassam Halabi – pg. 168 BGP Decision Process Summary
  • 56. Types of BGP Messages • OPEN – To negotiate and establish peering • UPDATE – To exchange routing information • KEEPALIVE – To maintain peering session • NOTIFICATION – To report errors (results in session reset)
  • 57. Internal BGP Peering (IBGP) • BGP peer within the same AS • Not required to be directly connected • Maintain full IBGP mesh or use Route Reflection AS 100 AA EE BB DD
  • 58. External BGP Peering (EBGP) AS 100 AS 101 CC BB AA • Between BGP speakers in different AS • Directly connected or peering address is reachable
  • 59. An Example… Learns about 35.0.0.0/8 from F & D AS3561 B E C D F A AS200 AS101 AS21 AS675 35.0.0.0/8
  • 60. Basic BGP commands Configuration commands router bgp <AS-number> neighbor <ip address> remote-as <as-number> Show commands show ip bgp summary show ip bgp neighbors
  • 61. Originating routes... • Using network command or redistribution network <ipaddress> redistribute <protocol name> • Requires the route to be present in the routing table
  • 62. Originating routes/Inserting prefixes into BGP • network command • network 198.10.4.0 mask 255.255.254.0 • ip route 198.10.0.0 255.255.254.0 serial 0 • matching route must exist in the routing table before network is announced! • Origin: IGP
  • 63. Update message • Withdrawn routes • Path Attributes • Advertised routes
  • 64. Stable IBGP peering • Unlinks IBGP peering from physical topology. • Carry loopback address in IGP router ospf <ID> passive-interface loopback0 • Unlink peering from physical topology router bgp <AS1> neighbor <x.x.x.x> remote-as <AS1> neighbor <x.x.x.x> update-source loopback0
  • 66. BGP Path Attributes: Why ? • Encoded as Type, Length & Value (TLV) • Transitive/Non-Transitive attributes • Some are mandatory • Used in path selection • To apply policy for steering traffic
  • 67. BGP Path Attributes... • Origin • AS-path • Next-hop • Multi-Exit Discriminator (MED) • Local preference • BGP Community • Others...
  • 68. AS-PATH • Updated by the sending router with its AS number • Contains the list of AS numbers the update traverses. • Used to detect routing loops – Each time the router receives an update, if it finds its AS number, it discards the update
  • 69. • Sequence of ASes a route has traversed • Loop detection AS-Path AS 100 AS 300 AS 200 AS 500 AS 400 170.10.0.0/16 180.10.0.0/16 150.10.0.0/16 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200 150.10.0.0/16 300 400 180.10.0.0/16 dropped
  • 70. Next-Hop • Next hop router to reach a network • Advertising router/Third party in EBGP • Unmodified in IBGP 160.10.0.0/16 150.10.0.0/16 150.10.1.1 150.10.1.2 AS 100 AS 300 AS 200 150.10.0.0/16 150.10.1.1 160.10.0.0/16 150.10.1.1 AA BB 20Cisco Systems Confidential0799_04F7_c2
  • 71. Third Party Next Hop 192.68.1.0/24 150.1.1.3150.1.1.3 150.1.1.1 150.1.1.2 192.68.1.0/24 150.1.1.3 AS 201 AS 200 CC AA BB • More efficient, but bad idea! peering
  • 72. Next Hop... • IGP should carry route to next hops • Recursive route look-up • Unlinks BGP from actual physical topology • Allows IGP to make intelligent forwarding decision
  • 73. Local Preference • Not for EBGP, mandatory for IBGP • Default value is 100 on Ciscos • Local to an AS • Used to prefer one exit over another • Path with highest local preference wins
  • 74. Local Preference AS 400 AS 200 160.10.0.0/16 AS 100 AS 300 160.10.0.0/16 500 > 160.10.0.0/16 800 500 800 EE BB CC AA DD
  • 75. Multi-Exit Discriminator • Non-transitive • Represented as a numeric value (0-0xffffffff) • Used to convey the relative preference of entry points • Comparable if paths are from the same AS • Path with lower MED wins • IGP metric can be conveyed as MED
  • 76. Multi-Exit Discriminator (MED) AS 201 AS 200 192.68.1.0/24 CC AA BB 192.68.1.0/24 1000192.68.1.0/24 2000 preferred
  • 77. Origin • Conveys the origin of the prefix • Three values: – IGP - Generated using “network” statement • ex: network 35.0.0.0 – EGP - Redistributed from EGP – Incomplete - Redistribute IGP • ex: redistribute ospf • IGP < EGP < INCOMPLETE
  • 78. Communities • Transitive, Non-mandatory • Represented as a numeric value (0-0xffffffff) • Used to group destinations • Each destination could be member of multiple communities • Flexibility to scope a set of prefixes within or across AS for applying policy
  • 79. Customer AS 201 Service Provider AS 200 192.68.1.0/24 CC AA BB Community:201:110 Community:201:120 DD Community Local Preference 201:110 110 201:120 120 Community...
  • 80. Synchronization • C not running BGP (non-pervasive BGP) • A won’t advertise 35/8 to D until the IGP is in sync • Turn synchronization off! – Run pervasive BGP router bgp 1880 no sync 1880 209 690 B A C 35/8 D OSPF
  • 81. BGP Route Selection (bestpath) Only one path as the bestpath ! • Route has to be synchronized Prefix in forwarding table • Next-hop has to be accessible Next-hop in forwarding table • Largest weight Local to the router • Largest local preference Spread within AS • Locally sourced Via redistribute or network statement
  • 82. BGP Route Selection ... • Shortest AS-path length number of ASes in the AS-path attribute • Lowest origin IGP < EGP < INCOMPLETE • Lowest MED between paths from same AS • External over internal closest exit from a router • Closest next-hop Lower IGP metric, closer exit from as AS • Lowest router-id • Lowest IP address of neighbor
  • 83. BGP Route Selection... AS 400 AS 200 AS 100 AS 300 BBAA DD AS 400’s Policy to reach AS100 AS 200 preferred path AS 300 backup Increase AS path attribute length by at least 1
  • 84. Stub AS • Typically no need for BGP • Point default towards the ISP • ISP advertises the stub network to Internet • Policy confined within ISP policy
  • 85. Stub AS AS 100 AS 101 BB AA Provider Customer
  • 86. Multi-homed AS • Only border routers speak BGP • IBGP only between border routers • Exterior routes must be redistributed in a controlled fashion into IGP or use defaults
  • 87. Multi-homed AS AS 100 AS 200 AS 300 DD CCBB AA provider provider customer
  • 88. Service Provider Network • IBGP used to carry exterior routes • IGP keeps track of topology • Full IBGP mesh is required
  • 89. Common Service Provider Network AS 100 AS 200 AS 400 AS 300 FF EE DD GG HH CCBB AA provider
  • 90. Routing Policy • Why? – To steer traffic through preferred paths – Inbound/Outbound prefix filtering – To enforce Customer-ISP agreements • How ? – AS based route filtering - filter list – Prefix based route filtering - distribute list – BGP attribute modification - route maps
  • 91. Distribute list - using IP access lists access-list 1 deny 10.0.0.0 access-list 1 permit any access-list 2 permit 20.0.0.0 … more access-lists as prefixes are added ... router bgp 100 neighbor 171.69.233.33 remote-as 33 neighbor 171.69.233.33 distribute-list 1 in neighbor 171.69.233.33 distribute-list 2 out
  • 92. Filter list rules Regular Expressions • RE is a pattern to match against an input string • Used to match against AS-path attribute • ex: ^3561.*100.*1$ • Flexible enough to generate complex filter list rules
  • 93. Filter list - using as-path access list ip as-path access-list 1 permit 3561 ip as-path access-list 2 deny 35 ip as-path access-list 2 permit .* router bgp 100 neighbor 171.69.233.33 remote-as 33 neighbor 171.69.233.33 filter-list 1 in neighbor 171.69.233.33 filter-list 2 out
  • 94. Route Maps router bgp 300 neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 route-map SETCOMMUNITY out ! route-map SETCOMMUNITY permit 10 match ip address 1 match community 1 set community 300:100 ! access-list 1 permit 35.0.0.0 ip community-list 1 permit 100:200
  • 95. Route-map match & set clauses Match Clauses Set Clauses• AS-path • Community • IP address • AS-path prepend • Community • Local-Preference • MED • Origin • Weight • Others...
  • 96. H H eth H H eth H H eth H H eth C31 C22C21 C32 ISP3 ISP2 Inbound route-map to set community Route-map Configuration Example neighbor <x.x.x.x> route-map AS100_IN in ! route-map AS100_IN permit 10 set community 100:200 neighbor <y.y.y.y> route-map AS200_IN in ! route-map AS200_IN permit 10 match community 1 set local-preference 200 ! ip community-list 1 permit 100:200
  • 97. Load Sharing & Redundancy using BGP
  • 98. Load-sharing - single path AS100 AS200 Router A: interface loopback 0 ip address 20.200.0.1 255.255.255.255 ! router bgp 100 neighbor 10.200.0.2 remote-as 200 neighbor 10.200.0.2 update-source loopback0 neighbor 10.200.0.2 ebgp-multi-hop 2 ! ip route 10.200.0.2 255.255.255.255 <DMZ-link1, link2> A Loopback 0 10.200.0.2 Loopback 0 20.200.0.1
  • 99. 100 200 A Note:A still only advertises one “best” path to ibgp peers Router A: router bgp 100 neighbor 10.200.0.1 remote-as 200 neighbor 10.300.0.1 remote-as 200 maximum-paths 2 Load Sharing - Multiple paths from the same AS
  • 100. Redundancy - Multi-homing •Reliable connection to Internet •3 common cases of multi-homing: - default from all providers - customer + default routes from all - full routes from all
  • 101. Default from all providers • Low memory/CPU solution • Provider sends BGP default – provider is selected based on IGP metric • Inbound traffic decided by providers’ policy – Can influence using outbound policy, example: AS-path prepend
  • 102. Default from all providers AS 400 Provider AS 200 Provider AS 300 EE BB CC AA DD
  • 103. Customer + default from all providers • Medium memory and CPU solution • Granular routing for customer routes and default for the rest • Inbound traffic decided by providers’ policy – Can influence using outbound policy
  • 104. Customer routes from all providers AS 400 Provider AS 200 Customer AS 100 160.10.0.0/16 Provider AS 300 EE BB CC AA DD C chooses shortest AS path
  • 105. Full routes from all providers • More memory/CPU • Full granular routing • Usually transit ASes take full routes • Usually pervasive BGP
  • 106. Full routes from all providers AS 400 AS 200 AS 100 AS 300 EE BB CC AA DD C chooses shortest AS path AS 500
  • 107. Best Practices IGP in Backbone • IGP connects your backbone together, not your client’s routes • IGP must converge quickly • IGP should carry netmask information - OSPF, IS-IS, EIGRP
  • 108. Best Practices... Connecting to a customer • Static routes – You control directly – No route flaps • Shared routing protocol or leaking – You must filter your customers info – Route flaps • BGP for multi-homed customers
  • 109. Best Practices... Connecting to other ISPs • Use BGP4 • Advertise only what you serve • Take back as little as you can • Take the shortest exit
  • 110. Best Practices... The Internet Exchange • Long distance connectivity is expensive • Connect to several providers at a single point
  • 111. Q & A

Editor's Notes

  1. &amp;lt;number&amp;gt;
  2. &amp;lt;number&amp;gt;
  3. &amp;lt;number&amp;gt;
  4. &amp;lt;number&amp;gt;
  5. &amp;lt;number&amp;gt;
  6. &amp;lt;number&amp;gt;
  7. &amp;lt;number&amp;gt;
  8. &amp;lt;number&amp;gt;
  9. &amp;lt;number&amp;gt;
  10. &amp;lt;number&amp;gt;
  11. &amp;lt;number&amp;gt;
  12. &amp;lt;number&amp;gt;
  13. &amp;lt;number&amp;gt;
  14. &amp;lt;number&amp;gt;
  15. &amp;lt;number&amp;gt;
  16. &amp;lt;number&amp;gt;
  17. &amp;lt;number&amp;gt;
  18. &amp;lt;number&amp;gt;
  19. &amp;lt;number&amp;gt;
  20. &amp;lt;number&amp;gt;
  21. &amp;lt;number&amp;gt;
  22. &amp;lt;number&amp;gt;
  23. &amp;lt;number&amp;gt;
  24. &amp;lt;number&amp;gt;
  25. &amp;lt;number&amp;gt;
  26. &amp;lt;number&amp;gt;
  27. &amp;lt;number&amp;gt;
  28. &amp;lt;number&amp;gt;