1 / 111

Border Gateway Protocol (BGP4)

Border Gateway Protocol (BGP4). Border Gateway Protocol (BGP) . Routing/Forwarding basics Building blocks Exercises BGP protocol basics Exercises BGP path attributes Best path computation Exercises. Border Gateway Protocol (BGP)... . Typical BGP topologies Routing Policy Exercises

lotus
Download Presentation

Border Gateway Protocol (BGP4)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Border Gateway Protocol (BGP4)

  2. Border Gateway Protocol (BGP) • Routing/Forwarding basics • Building blocks • Exercises • BGP protocol basics • Exercises • BGP path attributes • Best path computation • Exercises

  3. Border Gateway Protocol (BGP)... • Typical BGP topologies • Routing Policy • Exercises • Redundancy/Load sharing • Best current practices

  4. Routing/ForwardingBasics

  5. IP route lookup:Longest match routing Packet: Destination IP address: 10.1.1.1 R1 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 30/8 -> R6 ….. R2’s IP routing table R3 All 10/8 except 10.1/16 R4 R2 10.1/16

  6. IP route lookup: Longest match routing Packet: Destination IP address: 10.1.1.1 R1 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table R3 All 10/8 except 10.1/16 R4 R2 10.1/16 10.1.1.1 & FF.0.0.0 is equal to 10.0.0.0 & FF.0.0.0 Match!

  7. IP route lookup: Longest match routing Packet: Destination IP address: 10.1.1.1 R1 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table R3 All 10/8 except 10.1/16 R4 R2 10.1/16 10.1.1.1 & FF.FF.0.0 is equal to 10.1.0.0 & FF.FF.0.0 Match as well!

  8. IP route lookup: Longest match routing Packet: Destination IP address: 10.1.1.1 R1 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table R3 All 10/8 except 10.1/16 R4 R2 10.1/16 10.1.1.1 & FF.0.0.0 is equal to 20.0.0.0 & FF.0.0.0 Does not match!

  9. IP route lookup: Longest match routing R1 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table R3 All 10/8 except 10.1/16 Packet: Destination IP address: 10.1.1.1 R4 R2 10.1/16 Longest match, 16 bit netmask

  10. IP route lookup: Longest match routing • default is 0.0.0.0/0 • can handle it using the normal longest match algorithm • matches everything. Always the shortest match.

  11. Forwarding • Uses the routing table built by routing protocols • Performs the lookup to find next-hop and outgoing interface • Switches the packet with new encapsulation as per the outgoing interface

  12. Building Blocks • Autonomous System (AS) • Types of Routes • IGP/EGP • DMZ • Policy • Egress • Ingress

  13. Autonomous System (AS) • Collection of networks with same policy • Single routing protocol • Usually under single administrative control • IGP to provide internal connectivity AS 100

  14. Autonomous System(AS)... • Identified by ‘AS number’ • Public & Private AS numbers • Examples: • Service provider • Multi-homed customers • Anyone needing policy discrimination

  15. Routing flow and packet flow packet flow egress announce accept AS2 AS 1 Routingflow announce accept ingress For networks in AS1 and AS2 to communicate: AS1 must announce routes to AS2 AS2 must accept routes from AS1 AS2 must announce routes to AS1 AS1 must accept routes from AS2 packet flow

  16. Egress Traffic • Packets exiting the network • Based on • Route availability (what others send you) • Route acceptance (what you accept from others) • Policy and tuning (what you do with routes from others) • Peering and transit agreements

  17. Ingress Traffic • Packets entering your network • Ingress traffic depends on: • What information you send and to who • Based on your addressing and ASes • Based on others’ policy (what they accept from you and what they do with it)

  18. Types of Routes • Static Routes • configured manually • Connected Routes • created automatically when an interface is ‘up’ • Interior Routes • Routes within an AS • Exterior Routes • Routes exterior to AS

  19. What Is an IGP? • Interior Gateway Protocol • Within an Autonomous System • Carries information about internal prefixes • Examples—OSPF, ISIS, EIGRP…

  20. What Is an EGP? • Exterior Gateway Protocol • Used to convey routing information between ASes • De-coupled from the IGP • Current EGP is BGP4

  21. Why Do We Need an EGP? • Scaling to large network • Hierarchy • Limit scope of failure • Define administrative boundary • Policy • Control reachability to prefixes

  22. Interior vs. Exterior Routing Protocols • Interior • Automatic discovery • Generally trust your IGP routers • Routes go to all IGP routers • Exterior • Specifically configured peers • Connecting with outside networks • Set administrative boundaries

  23. Hierarchy of Routing Protocols Other ISP’s BGP4 / OSPF BGP4 BGP4/Static Local NAP FDDI Customers BGP4

  24. Demilitarized Zone (DMZ) • Shared network between ASes A C DMZ Network AS 100 AS 101 B D E AS 102

  25. Addressing - ISP • Need to reserve address space for its network. • Need to allocate address blocks to its customers. • Need to take “growth” into consideration • Upstream link address is allocated by upstream provider

  26. BGP Basics • Terminology • Protocol Basics • Messages • General Operation • Peering relationships (EBGP/IBGP) • Originating routes

  27. Terminology • Neighbor • Configured BGP peer • NLRI/Prefix • NLRI - network layer reachability information • Reachability information for a IP address & mask • Router-ID • Highest IP address configured on the router • Route/Path • NLRI advertised by a neighbor

  28. Protocol Basics Peering • Routing protocol used between ASes • if you aren’t connected to multiple ASes, you don’t need BGP :) • Runs over TCP • Path vector protocol • Incremental update A C AS 100 AS 101 B D E AS 102

  29. BGP Basics ... • Each AS originates a set of NLRI • NLRI is exchanged between BGP peers • Can have multiple paths for a given prefix • Picks the best path and installs in the IP forwarding table • Policies applied (through attributes) influences BGP path selection

  30. BGP Peers A C B D E eBGP TCP/IP Peer Connection AS 101 AS 100 220.220.16.0/24 220.220.8.0/24 BGP speakers are called peers AS 102 Peers in different AS’sare called External Peers 220.220.32.0/24 Note: eBGP Peers normally should be directly connected.

  31. BGP Peers B D E iBGP TCP/IP Peer Connection A C AS 101 AS 100 220.220.16.0/24 220.220.8.0/24 BGP speakers are called peers AS 102 Peers in the same ASare called Internal Peers 220.220.32.0/24 Note: iBGP Peers don’t have to be directly connected.

  32. BGP Peers B D E BGP Update Messages A C AS 101 AS 100 220.220.16.0/24 220.220.8.0/24 BGP Peers exchange Update messages containing Network Layer Reachability Information (NLRI) AS 102 220.220.32.0/24

  33. Configuring BGP Peers eBGP TCP Connection B A C D interface Serial 0 ip address 222.222.10.2 255.255.255.252 router bgp 100 network 220.220.8.0 mask 255.255.255.0 neighbor 222.222.10.1 remote-as 101 interface Serial 0 ip address 222.222.10.1 255.255.255.252 router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 222.222.10.2 remote-as 100 AS 101 AS 100 222.222.10.0/30 220.220.8.0/24 220.220.16.0/24 .2 .1 .2 .1 .2 .1 • BGP Peering sessions are established using the BGP “neighbor” configuration command • External (eBGP) is configured when AS numbers are different

  34. Configuring BGP Peers iBGP TCP Connection B A D C interface Serial 1 ip address 222.220.16.1 255.255.255.252 router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 220.220.16.2 remote-as 101 interface Serial 1 ip address 220.220.16.2 255.255.255.252 router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 220.220.16.1 remote-as 101 AS 101 AS 100 222.222.10.0/30 220.220.8.0/24 220.220.16.0/24 .2 .1 .2 .1 .2 .1 • BGP Peering sessions are established using the BGP “neighbor” configuration command • External (eBGP) is configured when AS numbers are different • Internal (iBGP) is configured when AS numbers are same

  35. Configuring BGP Peers B A C iBGP TCP/IP Peer Connection AS 100 • Each iBGP speaker must peer with every other iBGP speaker in the AS

  36. Configuring BGP Peers 215.10.7.2 215.10.7.1 B A 215.10.7.3 C iBGP TCP/IP Peer Connection AS 100 • Loopback interface are normally used aspeer connection end-points

  37. Configuring BGP Peers 215.10.7.2 215.10.7.1 B A 215.10.7.3 interface loopback 0 ip address 215.10.7.1 255.255.255.255 router bgp 100 network 220.220.1.0 neighbor 215.10.7.2 remote-as 100 neighbor 215.10.7.2 update-source loopback0 neighbor 215.10.7.3 remote-as 100 neighbor 215.10.7.3 update-source loopback0 C iBGP TCP/IP Peer Connection AS 100 A

  38. Configuring BGP Peers 215.10.7.2 215.10.7.1 B A 215.10.7.3 interface loopback 0 ip address 215.10.7.2 255.255.255.255 router bgp 100 network 220.220.5.0 neighbor 215.10.7.1 remote-as 100 neighbor 215.10.7.1 update-source loopback0 neighbor 215.10.7.3 remote-as 100 neighbor 215.10.7.3 update-source loopback0 C iBGP TCP/IP Peer Connection AS 100 A

  39. Configuring BGP Peers 215.10.7.2 215.10.7.1 B A 215.10.7.3 C interface loopback 0 ip address 215.10.7.3 255.255.255.255 router bgp 100 network 220.220.1.0 neighbor 215.10.7.1 remote-as 100 neighbor 215.10.7.1 update-source loopback0 neighbor 215.10.7.2 remote-as 100 neighbor 215.10.7.2 update-source loopback0 iBGP TCP/IP Peer Connection AS 100 A

  40. BGP Updates — NLRI • Network Layer Reachability Information • Used to advertise feasible routes • Composed of: • Network Prefix • Mask Length

  41. BGP Updates — Attributes • Used to convey information associated with NLRI • AS path • Next hop • Local preference • Multi-Exit Discriminator (MED) • Community • Origin • Aggregator

  42. Sequence of ASes a route has traversed Loop detection Apply policy AS-Path Attribute AS 200 AS 100 170.10.0.0/16 180.10.0.0/16 Network Path 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200 AS 300 AS 400 150.10.0.0/16 Network Path 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200 150.10.0.0/16 300 400 AS 500

  43. Next Hop Attribute A C B D E Network Next-Hop Path 160.10.0.0/16 192.20.2.1 100 BGP Update Messages AS 300 AS 200 140.10.0.0/16 192.10.1.0/30 150.10.0.0/16 .1 .2 .2 192.20.2.0/30 .1 • Next hop to reach a network • Usually a local network is the next hop in eBGP session AS 100 160.10.0.0/16

  44. Next hop to reach a network Usually a local network is the next hop in eBGP session Next Hop Attribute A C B D E Network Next-Hop Path 150.10.0.0/16 192.10.1.1 200 160.10.0.0/16 192.10.1.1 200 100 BGP Update Messages AS 300 AS 200 140.10.0.0/16 192.10.1.0/30 150.10.0.0/16 .1 .2 .2 192.20.2.0/30 .1 AS 100 160.10.0.0/16 • Next Hop updated betweeneBGP Peers

  45. Next hop not changedbetween iBGP peers Next Hop Attribute A B C D E Network Next-Hop Path 150.10.0.0/16 192.10.1.1 200 160.10.0.0/16 192.10.1.1 200 100 BGP Update Messages AS 300 AS 200 140.10.0.0/16 192.10.1.0/30 150.10.0.0/16 .1 .2 .2 192.20.2.0/30 .1 AS 100 160.10.0.0/16

  46. Next Hop Attribute (more) • IGP should carry route to next hops • Recursive route look-up • Unlinks BGP from actual physical topology • Allows IGP to make intelligent forwarding decision

  47. BGP Updates — Withdrawn Routes • Used to “withdraw” network reachability • Each Withdrawn Route is composed of: • Network Prefix • Mask Length

  48. BGP Updates — Withdrawn Routes BGP Update Message Withdraw Routes 192.192.25.0/24 Connectivity lost Network Next-Hop Path 150.10.0.0/16 192.168.10.2 321 200 192.192.25.0/24 192.168.10.2 321 AS 321 AS 123 192.168.10.0/24 .1 .2 x 192.192.25.0/24

  49. BGP Routing Information Base router bgp 100 network 160.10.0.0 255.255.0.0 no auto-summary BGP RIB Network Next-Hop Path *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 BGP ‘network’ commands are normally used to populate the BGP RIB with routes from the Route Table Route Table

  50. BGP Routing Information Base BGP RIB Network Next-Hop Path *> 160.10.0.0/16 0.0.0.0 i * i 192.20.2.2 i s> 160.10.1.0/24 192.20.2.2 i s> 160.10.3.0/24 192.20.2.2 i router bgp 100 network 160.10.0.0 255.255.0.0 aggregate-address 160.10.0.0 255.255.0.0 summary-only no auto-summary D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 BGP ‘aggregate-address’ commands may be used to install summary routes in the BGP RIB Route Table

More Related