internet technologies and standards

Similar documents
Module 6 Implementing BGP

BGP Attributes and Path Selection

Routing Between Autonomous Systems (Example: BGP4) RFC 1771

BGP. Autonomous system (AS) BGP version 4. Definition (AS Autonomous System)

BGP. Autonomous system (AS) BGP version 4. Definition (AS Autonomous System)

Border Gateway Protocol (an introduction) Karst Koymans. Tuesday, March 8, 2016

BGP. Autonomous system (AS) BGP version 4

BGP. Autonomous system (AS) BGP version 4

BGP Configuration. BGP Overview. Introduction to BGP. Formats of BGP Messages. Header

Configuring BGP. Cisco s BGP Implementation

Internetwork Expert s CCNP Bootcamp. Border Gateway Protocol (BGP) What Is BGP?

BGP. Autonomous system (AS) BGP version 4

Internet Interconnection Structure

BGP Protocol & Configuration. Scalable Infrastructure Workshop AfNOG2008

BGP. Autonomous system (AS) BGP version 4. Definition (AS Autonomous System)

BGP. Autonomous system (AS) BGP version 4. Definition (AS Autonomous System)

Vendor: Alcatel-Lucent. Exam Code: 4A Exam Name: Alcatel-Lucent Border Gateway Protocol. Version: Demo

BGP. Border Gateway Protocol A short introduction. Karst Koymans. Informatics Institute University of Amsterdam. (version 18.3, 2018/12/03 13:53:22)

Border Gateway Protocol (an introduction) Karst Koymans. Monday, March 10, 2014

BGP. Border Gateway Protocol (an introduction) Karst Koymans. Informatics Institute University of Amsterdam. (version 17.3, 2017/12/04 13:20:08)

BGP Attributes and Policy Control

This appendix contains supplementary Border Gateway Protocol (BGP) information and covers the following topics:

Introduction. Keith Barker, CCIE #6783. YouTube - Keith6783.

CertifyMe. CertifyMe

BGP Attributes (C) Herbert Haas 2005/03/11 1

Configuring BGP community 43 Configuring a BGP route reflector 44 Configuring a BGP confederation 44 Configuring BGP GR 45 Enabling Guard route

Table of Contents. BGP Configuration 1

BGP Attributes and Policy Control

LARGE SCALE IP ROUTING LECTURE BY SEBASTIAN GRAF

BGP Attributes and Policy Control

Table of Contents 1 BGP Configuration 1-1

BGP Routing and BGP Policy. BGP Routing. Agenda. BGP Routing Information Base. L47 - BGP Routing. L47 - BGP Routing

Operation Manual BGP. Table of Contents

Internet inter-as routing: BGP

Connecting to a Service Provider Using External BGP

Internet Routing Protocols Lecture 01 & 02

BGP. BGP Overview. Formats of BGP Messages. I. Header

BGP Commands. Network Protocols Command Reference, Part 1 P1R-355

TELE 301 Network Management

Introduction to BGP. ISP Workshops. Last updated 30 October 2013

CS BGP v4. Fall 2014

Inter-Domain Routing: BGP

Internet Routing Protocols Lecture 03 Inter-domain Routing

CSCI-1680 Network Layer: Inter-domain Routing Rodrigo Fonseca

Chapter 13 Configuring BGP4

Connecting to a Service Provider Using External BGP

Ravi Chandra cisco Systems Cisco Systems Confidential

Configuration prerequisites 45 Configuring BGP community 45 Configuring a BGP route reflector 46 Configuring a BGP confederation 46 Configuring BGP

Advanced Computer Networks

University of Belgrade - School of Electrical Engineering Department of Telecommunications

BGP Tutorial. APRICOT 2004, Kuala Lumpur February Philip Smith APRICOT , Cisco Systems, Inc. All rights reserved.

PART III. Implementing Inter-Network Relationships with BGP

LACNIC XIII. Using BGP for Traffic Engineering in an ISP

BGP. Attributes 2005/03/11. (C) Herbert Haas

Border Gateway Protocol

Border Gateway Protocol - BGP

APNIC elearning: BGP Basics. 30 September :00 PM AEST Brisbane (UTC+10) Revision: 2.0

BGP-v4 Theory and Practice

BGP Tutorial. APRICOT 2003, Taipei February Philip Smith APRICOT , Cisco Systems, Inc. All rights reserved.

ÉCOLE POLYTECHNIQUE FÉDÉRALE DE LAUSANNE. External Routing BGP. Jean Yves Le Boudec 2015

Interdomain Routing Reading: Sections P&D 4.3.{3,4}

Advanced Computer Networks

EE 122: Inter-domain routing Border Gateway Protocol (BGP)

BGP Commands. Network Protocols Command Reference, Part 1 P1R-355

BGP101. Howard C. Berkowitz. (703)

Outline Computer Networking. Inter and Intra-Domain Routing. Internet s Area Hierarchy Routing hierarchy. Internet structure

BGP. BGP Overview. BGP Operation. BGP Neighbors

IP Routing Tecnologie e Protocolli per Internet II rev 1

Interdomain Routing Reading: Sections K&R EE122: Intro to Communication Networks Fall 2007 (WF 4:00-5:30 in Cory 277)

Introduction to BGP ISP/IXP Workshops

BGP can also be used for carrying routing information for IPv6 prefix over IPv6 networks.

Routing Basics ISP/IXP Workshops

Multiprotocol BGP (MBGP)

Introduction to BGP. ISP/IXP Workshops

CSCD 433/533 Network Programming Fall Lecture 14 Global Address Space Autonomous Systems, BGP Protocol Routing

Protecting an EBGP peer when memory usage reaches level 2 threshold 66 Configuring a large-scale BGP network 67 Configuring BGP community 67

BGP Route Reflector Commands

Advanced Computer Networks

Configuring BGP on Cisco Routers Volume 1

CS 640: Introduction to Computer Networks. Intra-domain routing. Inter-domain Routing: Hierarchy. Aditya Akella

Internet Routing : Fundamentals of Computer Networks Bill Nace

Internet Routing Basics

Architectures and Protocols for Integrated Networks. Intra-domain and Inter-domain Routing Protocols

Routing Protocols --- Exterior Gateway Protocol

Back to basics J. Addressing is the key! Application (HTTP, DNS, FTP) Application (HTTP, DNS, FTP) Transport. Transport (TCP/UDP) Internet (IPv4/IPv6)

Routing Basics. Routing Concepts. IPv4. IPv4 address format. A day in a life of a router. What does a router do? IPv4 Routing

BGP Attributes and Policy Control. BGP Attributes. BGP Attributes. Agenda. What Is an Attribute? AS-Path. ISP/IXP Workshops.

CSCI-1680 Network Layer: Inter-domain Routing Rodrigo Fonseca

Configuring Advanced BGP

Border Gateway Protocol (BGP-4)

Advanced Computer Networks

Lecture 18: Border Gateway Protocol

Advanced Computer Networks

Lecture 17: Border Gateway Protocol

Securing BGP. Geoff Huston November 2007

BGP Attributes and Policy Control. BGP Attributes. Agenda. What Is an Attribute? AS-Path. AS-Path loop detection. BGP Attributes

Lecture 16: Interdomain Routing. CSE 123: Computer Networks Stefan Savage

CSCI-1680 Network Layer: Inter-domain Routing Rodrigo Fonseca

Routing Concepts. IPv4 Routing Forwarding Some definitions Policy options Routing Protocols

CS 268: Computer Networking. Next Lecture: Interdomain Routing

Transcription:

Institute of Telecommunications Warsaw University of Technology internet technologies and standards Piotr Gajowniczek

BGP (Border Gateway Protocol)

structure of the Internet Tier 1 ISP Tier 1 ISP Google IXP IXP IXP Tier 2 Regional ISP Tier 2 Regional ISP access ISP access ISP access ISP access ISP access ISP access ISP access ISP access ISP at center: small # of well-connected large networks tier-1 commercial ISPs (e.g., Level 3, Sprint, AT&T, NTT), national & international coverage content provider network (e.g, Google): private network that connects its data centers to Internet, often bypassing tier-1, regional ISPs

routing in the Internet the Internet is organized as a set of independent Autonomous Systems the AS is a collection of networks under single technical administration the AS appears to the outside world as having a coherent routing plan and presents unique view on what destinations are reachable through it the AS can use many different routing protocols the routing protocols inside the AS = Interior Routing Protocols (IGP) the routing protocol between the ASs = Exterior Routing Protocol (EGP) AS count BGP table size www.cidr-report.org

BGP basics BGP is Inter-Autonomous System routing protocol (EGP) BGP is used to route traffic between different AS systems BGP is used to interconnect ISPs and connect Enterprise networks to ISPs BGP is a distance (path) vector routing protocol BGP peers exchange Path and NLRI for destination-based routing maintains a list of AS s through which this NLRI traverses to prevent loops advertises only the best routes to neighbors incremental triggered updates are used BGP uses TCP on port 179 as its transport protocol BGP assumes reliable transmission protocol uses periodic keep-alive to verify TCP connectivity supports classless routing (CIDR) and route aggregation allows policy-based routing

BGP policy-based routing BGP allows defining rules for how traffic is sent via given AS main reasons for using Routing Policy: business-related aspects protecting the local AS (and other ASs) from bogus and unexpected NLRI from customers and other peers protecting external peers or transit networks from instability inside the AS optimize local AS ingress and egress traffic

when to use BGP? when is the BGP needed? AS allows to pass packets between different ASs AS has multiple connections to other ASs AS wants to manipulate the flows of traffic leaving or entering this AS BGP is CPU and memory consuming BGP working domain is a whole Internet! relationships between Autonomous Systems (ISPs): Peering (private & public) vs Transit typical conditions/policies/aspects of peering relationship Traffic Policies (mutual benefit) Geo-policies Transit AS policy transit ( paid peering ) provider requirements: deliver exchange point/access link provide up to a full Internet table to the client advertise client prefixes

BGP speakers (peers) router running BGP is called a BGP speaker (or peer) peers are configured manually by telling each router what the IP address of its peer is BGP speakers establish TCP connection to exchange routing information if two peers belong to different ASs they are running external BGP (ebgp) they are usually directly connected if two peers belong to the same AS they are running internal BGP (ibgp) they are usually not directly connected IGP protocol must run to assure connectivity between BGP internal peers at startup BGP peers exchange full routing tables, then only changes are advertised

route propagation C A B 192.168.0.0/24 D AS 1 x ibgp x Route propagation occurs at the edges of the AS accepting network layer reachability information (NLRI) into the BGP protocol by exporting directly connected or static routes into the BGP protocol routing policies can be implemented at the injection point (router A) and/or at an AS boundary (router B) Route propagation within an AS control plane: ibgp (with Split Horizon) Data plane forwarding by IGP 192.168.0.0/24 X x Split Horizon rule AS 2 IGP optimization: do not export BGP routes into IGP and vice versa (except static or directly connected networks associated with customer networks) assure fast IGP convergence (eg. using BFD)

BGP state machine Phase State Description Next state TCP Idle Initialization, TCP initiation Connect TCP Connect Waiting for completing TCP connection OpenSent or Active if no TCP after ConnectRetry TCP Active Resetting ConnectRetry timer Connect BGP OpenSent Sending OPEN message OpenConfirm BGP OpenConfirm Exchanging KEEPALIVE messages Established BGP Established Sending/receiving KEEPALIVE, UPDATE, NOTIFICATION; operational state -

BGP - initialization

BGP update message UPDATE consists of 3 parts of variable length 1. Withdrawn prefixes 2. Path 3. NLRI Variable list of routes that are no longer valid (can contain only withdrawn routes) Attributes shared by all subsequent prefixes Contain Flags tracking the attribute type Actual prefixes advertised with attributes listed in Path One UPDATE can announce multiple NLRIs Neighbors can re-send the same NLRI with new or updated Path attributes if necessary

BGP attributes BGP metrics are called path attributes the following path attribute categories exist well-known mandatory must be recognised by all implementation and must be included in all update messages well-known discretionary - must be recognised by all implementation but needn t be included in all update messages optional transitive may not be recognised by some implementation, when not recognised must be propagated to their neighbours optional nontransitive may not be recognised by some implementation, when not recognised must be dropped

BGP attributes - examples well-known mandatory attributes AS-path Next-hop Origin well-known discretionary attributes Local preference Atomic aggregate optional transitive attributes Aggregator Community optional non-transitive attributes Multi-exit-discriminator (MED)

AS Path attribute contains the list of AS identifiers on the path toward the destination whenever a route passes through AS its identifier is pre-penned to it by the BGP router allows to detect and eliminate route loops is modified by a border router when propagating an update across an AS boundary UPDATE AS_PATH=null UPDATE AS_PATH=60100 UPDATE AS_PATH=60200 60100 AS 60100 AS 60200 AS 60250 C A B D

Origin attribute origin of the path information IGP the route is internal to the AS explicitly configured in BGP to be advertised redistributed from IGP EGP the route was learned from other AS via EGP protocol Incomplete the origin is unknown e.g. In case of static routes redistributed from IGP EGP and IGP maintains separate routing tables the routing information can be exchanged between tables while making route redistribution from IGP to BGP careful filtering should be done i.e. the routes that were previously redistributed from BGP to IGP should not be considered again some IGP protocols tag external routes

Next-hop attribute address of the next router on the path towards the destination for ebgp it is the address of the router that has sent the path information (address of the peer) router A advertises the network 172.16.0.0 to B with next hop 172.15.10.1 for ibgp the next hop advertised by the ebgp should be carried into the ibgp router B will advertise network 172.16.0.0 to C with next hop 172.15.10.1 router C has to know how to reach 172.15.10.1 172.16.0.0 via 172.15.10.1 A AS100 172.15.10.1 172.16.0.0 via 172.15.10.1 B 172.5.1.1 AS200 C

Local Preference attribute (outbound traffic) local preference is an attribute configured on the router and exchanged only inside the AS the route from router with higher local precedence value will be preferred Local pref. 200 A Path to network X via router A AS100 Local pref. 100 B Path to network X via router B C The path via router A will be installed in router C

MED attribute (inbound traffic) the MED attribute is configured on the router and exchanged between adjacent ASs the MED attribute is an indication to external peers about the preferred path into given AS MED 100 A AS100 MED 200 B Path to network X via router A Path to network X via router B AS200 C The path via router A will be installed in router C

Community attribute Community attributes allow tagging paths the routes can be tagged on incoming or outgoing interface community is a list of values tagging is used for route filtering and selection Community attributes are used to implement consistent BGP policy routing rules routers that understand community attribute must be configured to use it otherwise the attribute is dropped known communities no-export do not advertise the route to external peers no-advertised do not advertise the route to any peer internet advertise the route to the Internet no-export-subconfed used in confederation to prevent sending packets outside AS

Communities route propagation example no-export, no-export-subconfed, no-advertise Communities ASs: 60001 and 60002 are confederated within AS 60000 who gets what? 10.0.0.0/16 is received by 10.0.1.0/24 is not advertised to 10.0.2.0/24 is not advertised to 10.0.3.0/24 is not advertised to 10.0.0.0/16 internet 10.0.1.0/24 no-export-subconfed 10.0.2.0/24 no-export 10.0.3.0/24 AS 60002 A AS 60001 B C D 10.0.3.0/24 no-advertise E AS 60100 AS 60000

Communities route propagation example no-peer Community AS in the middle is a transit provider to AS 60000, AS 60100 and 60200 are in peering relationship the prefix advertised by router A is more specific than the one advertised by B, and has a no-peer community therefore router F receives the aggregate route only 10.0.1.0/24 no-peer A C AS 60100 Peering E AS 60000 AS 60200 D B 10.0.0.0/16 F 10.0.0.0/16

ATOMIC_AGGREGATE attribute ATOMIC_AGGREGATE alerts BGP peers along the path that some information have been lost due to route aggregation process and that the aggregate path might not be the best path to the destination AGGREGATOR may be included in route updates by a BGP speaker that performs route aggregation contains its own AS number and IP address (router ID)

BGP messages and databases Open Keep alive Update Notification exchange parameters; sent after the TCP connection is established; includes hold time - the maximum time between consecutive keep alive messages and router ID - highest IP interface address sent periodically to maintain BGP session contains information about one path: prefix (NLRI) and path attributes (set, update or withdraw) sent in case of error condition Open Ver AS Hold Time BGP Id O-P L Opt Par 8 8 24 32 8 n Update W-P L Withdrawn Paths P-A L Path Attributes NLRI 16 n 16 Notification Code SubC Data 8 8 48 AS Path header Marker Length Type 128 16 8 (1) Update (2) update RIBs (3) Update Adj-RIBs-In Loc-RIB Adj-RIBs-Out

route selection decision consider synchronised routes with no loops and valid next-hop address prefer routes highest local preference prefer routes originated by local router prefer shortest AS path prefer lowest origin attribute (IGP<EGP<incomplete) prefer lowest MED prefer ebgp over ibgp paths prefer paths through the closest IGP prefer oldest ebgp paths

route reflectors route reflectors allows to cope with the ibgp sessions full mesh problem the route reflector advertises routes learnt via ibgp to other local BGP peers this reduces the number of point-to-point relations between BGP speakers many route reflectors can be configured in one AS RR clients Normal peer relation RR RR RR RR clients RR clients

IP routing BGP practice

BGP configuration example AS 60100 AS 60200 L0: 10.0.100.1 L0: 10.0.200.1 192.168.0.0/30 192.168.100.0/24 192.168.200.0/24 R1(config)#router bgp 60100 R1(config-router)#neighbor 10.0.200.1 remote-as 60200 R1(config-router)#neighbor 10.0.200.1 update-source loopback 0 R1(config-router)#neighbor 10.0.200.1 ebgp-multihop 4 R1#show run section bgp R1#show ip bgp BGP table version is 2, local router ID is 10.0.100.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP,? - incomplete Network Next Hop Metric LocPrf Weight Path *> 192.168.100.0/24 0.0.0.0 0 32768 i http://www.bgp4.as/looking-glasses

BGP configuration example advertising a prefix R1(config)#router bgp 60100 R1(config-router)#network 192.168.100.0 mask 255.255.255.0 null interface R1(config)#ip route 1.0.0.0 255.0.0.0 null 0 path prepend R1(config)#route-map MAP1 permit 10 R1(config-route-map)#set as-path prepend 1 1 1 1 1 R1(config-route-map)#exit R1(config)#router bgp 60100 R1(config-router)#neighbor 10.0.200.1 route-map MAP1 out

prefixes filtering AS 60100 AS 60200 AS 60300 R1 R2 R3 10.10.100.1 10.10.200.1 10.10.300.1 no transit in AS60200 access list R2(config)#ip as-path access-list 1 permit ^$ R2(config-router)#neighbor 10.10.100.1 filter-list 1 out R2(config-router)#neighbor 10.10.300.1 filter-list 1 out no transit in AS60200 no-export community R2(config)#route-map NO-EXPORT R2(config-route-map)#set community no-export R2(config)#router bgp 60200 R2(config-router)#neighbor 10.10.100.1 route-map NO-EXPORT in R2(config-router)#neighbor 10.10.200.1 route-map NO-EXPORT in

BGP good practices ISIS and OSPF used for carrying infrastructure addresses, not Internet prefixes or customer prefixes DO NOT: distribute BGP prefixes into an IGP distribute IGP routes into BGP use IGP to carry customer prefixes BGP in Cisco IOS is permissive by default configuring BGP peering without using filters means: all best paths on the local router are passed to the neighbour all routes announced by the neighbour are received by the local router can have disastrous consequences good practice is to ensure that each ebgp neighbour has inbound and outbound filter applied source: BGP Best Current Practices, ISP Workshops

aggregation aggregation = announcing the address block received from the RIR to the other ASes connected to your network subprefixes of the aggregate may be used internally in the ISP network, announced to other ASes only to aid with multihoming example: ISP has 101.10.0.0/19 address block put into BGP as an aggregate: router bgp 60100 network 101.10.0.0 mask 255.255.224.0 ip route 101.10.0.0 255.255.224.0 null0 more specific prefixes within this address block ensure connectivity to ISP s customers; longest match lookup router bgp 60100 neighbor 102.102.10.1 remote-as 101 neighbor 102.102.10.1 prefix-list out-filter out ip prefix-list out-filter permit 101.10.0.0/19 source: BGP Best Current Practices, ISP Workshops

aggregation efforts to improve why important? convergence and stability (memory / CPU load less important) the CIDR Report initiated and operated for many years by Tony Bates now combined with Geoff Huston s routing analysis www.cidr-report.org lists the top 30 service providers who could do better at aggregating RIPE Routing WG aggregation recommendations IPv4: RIPE-399 www.ripe.net/ripe/docs/ripe-399.html IPv6: RIPE-532 www.ripe.net/ripe/docs/ripe-532.html also computes the size of the routing table assuming ISPs performed optimal aggregation website allows searches and computations of aggregation to be made on a per AS basis flexible and powerful tool to aid ISPs source: BGP Best Current Practices, ISP Workshops

Distribution of prefixes Receiving prefixes from: customer, peer, upstream (transit) provider Customer: Peer check if they are assigned/allocated to this customer if not assigned by the IPS itself, check (RIR databases) accept only prefixes your peer ISP announced for advertising send only prefixes you have announced Upstream / Transit provider router bgp 100 neighbor 102.102.10.1 remote-as 101 neighbor 102.102.10.1 prefix-list customer in neighbor 102.102.10.1 prefix-list default out! ip prefix-list customer permit 100.50.0.0/20 ip prefix-list default permit 0.0.0.0/0 best practice: receive default route or a prefix to be used as default not the whole Internet table (until necessary) traffic control via multihoming

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback