border gateway protocol (bgp) - vsb.czwh.cs.vsb.cz/sps/images/6/6f/bgp.pdfborder gateway protocol...
TRANSCRIPT
© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks 1
Border Gateway Border Gateway Protocol (BGP)Protocol (BGP)
Petr GrygPetr Grygáárekrek
2© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Role of Autonomous Systems on the Role of Autonomous Systems on the InternetInternet
3© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Autonomous systemsAutonomous systems
• Not possible to maintain complete Internet topology Not possible to maintain complete Internet topology information on all routersinformation on all routers• big database, change processing overhead, instabilitybig database, change processing overhead, instability
• Internet divided into Autonomous systemsInternet divided into Autonomous systems• ISPs, big companies, …ISPs, big companies, …
• Autonomous systemAutonomous system = contiguous set of routers with = contiguous set of routers with common routing policy and under common common routing policy and under common administrationadministration• Routing policy: IGP used, implemented route optimizations, Routing policy: IGP used, implemented route optimizations,
……• Autonomous systems numbered with world-wide unique Autonomous systems numbered with world-wide unique
numbers (16 bit)numbers (16 bit)• 32-bit extension used nowadays32-bit extension used nowadays
4© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Hierarchical routingHierarchical routing• Intra-AS routing uses Interior Gateway Protocols (IGP)Intra-AS routing uses Interior Gateway Protocols (IGP)
• knows only topology of it’s own ASknows only topology of it’s own AS• outside of the AS is reached using default routeoutside of the AS is reached using default route
• sometimes IGP has summary information about networks behind individual sometimes IGP has summary information about networks behind individual external linksexternal links
• Limited by number of routes the protocol is capable to process efficientlyLimited by number of routes the protocol is capable to process efficiently
• OPSF, RIP, IGRP, …OPSF, RIP, IGRP, …• Inter-AS routing uses Exterior Gateway ProtocolsInter-AS routing uses Exterior Gateway Protocols
• Operates on graph of AS interconnectionOperates on graph of AS interconnection• Does not know internal topology of other ASes, works only with Does not know internal topology of other ASes, works only with
information about networks contained in individual ASesinformation about networks contained in individual ASes• knows local border router to reach the destinationknows local border router to reach the destination
• Currently, only BGP (Border Gateway Protocol) is used as exterior Currently, only BGP (Border Gateway Protocol) is used as exterior gateway protocolgateway protocol
5© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Inter-AS routingInter-AS routing• The purpose of EGP is to provide information to deliver The purpose of EGP is to provide information to deliver
packet to the boundary router of the destination ASpacket to the boundary router of the destination AS• Boundary routers run both EGP and IGPBoundary routers run both EGP and IGP• Boundary router delivers the packet to the final destination using Boundary router delivers the packet to the final destination using
IGPIGP• Every AS propagates networks contained within it into EGPEvery AS propagates networks contained within it into EGP
• also networks from other ASes reachable through the ASalso networks from other ASes reachable through the AS• it is useful to limit number of routes propagated using it is useful to limit number of routes propagated using
summarizationsummarization (internal networks should have common prefix) (internal networks should have common prefix)
Note: For transit AS, packet has to be passed among border Note: For transit AS, packet has to be passed among border routers through AS internal routersrouters through AS internal routers
6© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
AS typesAS types
• Single-homedSingle-homed• Multi-homedMulti-homed
• More links to the same ISP or different ISPsMore links to the same ISP or different ISPs
• TransitTransit• Carries traffic not originated from or destined to AS’ internal Carries traffic not originated from or destined to AS’ internal
networksnetworks• multi-homedmulti-homed
• Non-transitNon-transit• single-homed or multi-homed AS which doesn’t allow transitsingle-homed or multi-homed AS which doesn’t allow transit
7© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Single-homed ASSingle-homed AS
8© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Single-homed AS:Single-homed AS:How to propagate internal networks into BGP ?How to propagate internal networks into BGP ?
• ISP router has static routes to customer’s networksISP router has static routes to customer’s networks• and redistributes them into BGPand redistributes them into BGP
• IGP between ISP router and customer routerIGP between ISP router and customer router• ISP redistributes IGP into BGPISP redistributes IGP into BGP
• BGP between ISP router and customer routerBGP between ISP router and customer router• If customer has it’s own AS numberIf customer has it’s own AS number
• or uses private AS numberor uses private AS number
9© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Propagation via IGPPropagation via IGP
10© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Propagation via BGPPropagation via BGP
11© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Private AS-esPrivate AS-es
• 64512 – 6553564512 – 65535• Used and known only in context of single Used and known only in context of single
provider’s ASprovider’s AS• Can be used only for AS connected to single Can be used only for AS connected to single
provider (by one or more links)provider (by one or more links)
• Outside of provider AS, private AS-es presents Outside of provider AS, private AS-es presents themselves as part of that’s provider ASthemselves as part of that’s provider AS
• Widely used between components of private Widely used between components of private enterprise networksenterprise networks• datacenters etc.datacenters etc.
12© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Private AS-esPrivate AS-es
13© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Who has it’s own AS ?Who has it’s own AS ?
• Normally, customer’s networks are part of Normally, customer’s networks are part of provider ASprovider AS• Sometimes private AS-es usedSometimes private AS-es used
• Customer has to have it’s own AS number if he Customer has to have it’s own AS number if he indents to connect to multiple providersindents to connect to multiple providers
• Customer commonly needs it’s own AS number Customer commonly needs it’s own AS number if it requires provider-independent addressesif it requires provider-independent addresses
• Provider-independent vs. Provider-aggregable Provider-independent vs. Provider-aggregable public addressespublic addresses
14© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Nontransit Multi-homed ASNontransit Multi-homed AS
• Packet filters could be used on ingress links to protect Packet filters could be used on ingress links to protect against injection of unwanted trafficagainst injection of unwanted traffic• ISP1 could use static route to route to ISP2 networks ISP1 could use static route to route to ISP2 networks
15© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Transit multi-homed ASTransit multi-homed ASAS1
20.0.1.0/2420.0.2.0/24
AS2
30.0.10.0/2430.0.20.0/24
AS3 (Transit AS)
100.80.0.0/16100.81.0.0/16
IBGP
EBGP EBGP
20.0.1.0/2420.0.2.0/24
30.0.10.0/2430.0.20.0/24
30.0.10.0/2430.0.20.0/24
100.80.0.0/16100.81.0.0/16
20.0.1.0/2420.0.2.0/24100.80.0.0/16100.81.0.0/16
16© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Routing symmetry, load balancingRouting symmetry, load balancing
• SymmetrySymmetry - the link used for outgoing traffic for - the link used for outgoing traffic for some network is also used for returning trafficsome network is also used for returning traffic
• Load balancingLoad balancing – some destinations reached by – some destinations reached by one link, others by anotherone link, others by another
Often not possible to reach bothOften not possible to reach both
17© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Border Gateway ProtocolBorder Gateway Protocol
18© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Border Gateway ProtocolBorder Gateway Protocol• Exchanges information between AS Exchanges information between AS border routersborder routers
• What networks are in each ASWhat networks are in each AS• List of AS-es to transit when reaching particular networkList of AS-es to transit when reaching particular network
• Today, BGP v.4 is usedToday, BGP v.4 is used• Sometimes BGPv4+: multiprotocol extensionSometimes BGPv4+: multiprotocol extension
• supports additional (non-IPv4) address families, multicasting, VPNs, supports additional (non-IPv4) address families, multicasting, VPNs, ……
• Supports classless addressingSupports classless addressing• Propagates subnet masks together with every prefixPropagates subnet masks together with every prefix• Allows for address range aggregationAllows for address range aggregation
19© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
BGP operation on graph of AS-esBGP operation on graph of AS-es
20© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Path selection, routing policiesPath selection, routing policies• BGP operates on AS interconnection graphBGP operates on AS interconnection graph• PathPath = sequence of AS numbers packet has to transit to get to = sequence of AS numbers packet has to transit to get to
particular networkparticular network• BGP does not have simple concept of metric to select best BGP does not have simple concept of metric to select best
pathpath• Path has to be chosen with regard to business policy of individual AS Path has to be chosen with regard to business policy of individual AS
operatorsoperators• BGP configuration has to reflect appointed routing policyBGP configuration has to reflect appointed routing policy
• Details of routing policy have to be configured manuallyDetails of routing policy have to be configured manually• Peer routers, prefix filtering and routing preferences, …Peer routers, prefix filtering and routing preferences, …• Configuration more complicated than configuration of IGP’sConfiguration more complicated than configuration of IGP’s
• requires more manual workrequires more manual work
21© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Examples of routing policiesExamples of routing policies
• Which destination we allow to transit packets to Which destination we allow to transit packets to through our AS ?through our AS ?
• From which source address we allow to transit From which source address we allow to transit traffic through our AS ?traffic through our AS ?
• Which external link will we use to reach Which external link will we use to reach particular external network ?particular external network ?
• Which ingress link we prefer other ASes to use Which ingress link we prefer other ASes to use for traffic destined for particular network inside for traffic destined for particular network inside our AS (or behind our AS) ?our AS (or behind our AS) ?
22© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Suboptimal routing on the InternetSuboptimal routing on the Internet
• Internet routing is not optimal from point of view of Internet routing is not optimal from point of view of any metricany metric• There is no common metric, various IGPs use different There is no common metric, various IGPs use different
metricsmetrics
• Optimality not reachable neither desiredOptimality not reachable neither desired• Hierarchical routing is suboptimal by it’s natureHierarchical routing is suboptimal by it’s nature
• but limits the number of routes in routing tablebut limits the number of routes in routing table
• We need to respect routing policies anywayWe need to respect routing policies anyway
23© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
24© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
BGP PrinciplesBGP Principles• Path-vector routing algorithmPath-vector routing algorithm
• from point of view of topology knowledge, BGP stands between from point of view of topology knowledge, BGP stands between distance-vector and link-state protocolsdistance-vector and link-state protocols
• Path vector =Path vector = sequence of AS numbers the packet has to sequence of AS numbers the packet has to transit before getting to destination networktransit before getting to destination network
• Every route is propagated together with it’s path vectorEvery route is propagated together with it’s path vector• Path vector collects numbers of AS-es through which the route was Path vector collects numbers of AS-es through which the route was
passed passed • If an AS receives route with path vector containing it’s own AS If an AS receives route with path vector containing it’s own AS
number, route is discarded (loop avoidance)number, route is discarded (loop avoidance)• Path vector serves as a metricPath vector serves as a metric
• route with shorter path vector is preferredroute with shorter path vector is preferred
25© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Passing of BGP routesPassing of BGP routes(loop avoidance)(loop avoidance)
26© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Spreading of routing informationSpreading of routing information• Routing information exchanged between AS boundary Routing information exchanged between AS boundary
routersrouters• Peer routers are configured manually with whom they Peer routers are configured manually with whom they have have
toto exchange routing information exchange routing information • Reliable exchange (TCP, port 179)Reliable exchange (TCP, port 179)
• When BGP session is established among peers, When BGP session is established among peers, complete routing information is exchangedcomplete routing information is exchanged
• After initial exchange, only changes are sentAfter initial exchange, only changes are sent
27© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Peer reachability testingPeer reachability testing
• BGP router periodically checks reachability of BGP router periodically checks reachability of every peerevery peer• Keepalive message sent once per minuteKeepalive message sent once per minute
• If some peer fails, the router has to remove all If some peer fails, the router has to remove all routes through that peer and inform other peersroutes through that peer and inform other peers
28© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
BGP messagesBGP messagesExchanged between peer routersExchanged between peer routers
(TCP/179, support for authentication)(TCP/179, support for authentication)
• OPEN – session establishmentOPEN – session establishment• Negotiation of protocol version, hold time for keepalives, AS Negotiation of protocol version, hold time for keepalives, AS
numbers, address families supported, …numbers, address families supported, …• UPDATEUPDATE
• Advertised prefixes (+ route attributes), withdrawn routesAdvertised prefixes (+ route attributes), withdrawn routes• KEEPALIVE – peer reachability testingKEEPALIVE – peer reachability testing• NOTIFICATION – operation error, close sessionNOTIFICATION – operation error, close session• ROUTE REFRESH – asks neighbor to resend its ROUTE REFRESH – asks neighbor to resend its
routesroutes• Used only if negotiated during BGP session setupUsed only if negotiated during BGP session setup
29© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
BGP databaseBGP database• BGP database contains all routes learned from peersBGP database contains all routes learned from peers
• Hundreds of thousands in the Internet backboneHundreds of thousands in the Internet backbone
• For every destination, one route is chosen based on For every destination, one route is chosen based on routing policy criteriarouting policy criteria• only very limited support for load balancingonly very limited support for load balancing
• Chosen routes are placed into routing tableChosen routes are placed into routing table• Only routes used by router itself (i.e. those chosen into Only routes used by router itself (i.e. those chosen into
routing table) are propagated to other peersrouting table) are propagated to other peers• this may cause somehow unexpected lack of routing this may cause somehow unexpected lack of routing
symmetry in some topologiessymmetry in some topologies
30© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
External and Internal BGPExternal and Internal BGP
31© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
External and Internal BGPExternal and Internal BGP• If there is more than one boundary router in some AS, BGP If there is more than one boundary router in some AS, BGP
information has to be passed between theminformation has to be passed between them• Special case, route exchange between routers in the same ASSpecial case, route exchange between routers in the same AS
• Boundary routers can possibly be separated by complex Boundary routers can possibly be separated by complex structure of routers (running IGP)structure of routers (running IGP)
• Solution: there exists two types of BGP sessionSolution: there exists two types of BGP session• External BGP (EBGP) External BGP (EBGP)
• Used between ASes as discussed beforeUsed between ASes as discussed before• No L3 hops normally assumed between peersNo L3 hops normally assumed between peers
• Internal BGP (IBGP)Internal BGP (IBGP)• Peers do not have to be physically connectedPeers do not have to be physically connected
32© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
EBGP and IBGPEBGP and IBGP
33© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Passing of routes in IBGP sessionsPassing of routes in IBGP sessions
• Need to avoid loops when passing routes through Need to avoid loops when passing routes through IBGPIBGP
• Test for presence of receiving peer’s AS number in Test for presence of receiving peer’s AS number in route’s path vector doesn’t workroute’s path vector doesn’t work
• Special rules defined for passing of routes in IBGP Special rules defined for passing of routes in IBGP sessionsession
• InformaInformation fromtion from IBGP IBGP is passed tois passed to EBGP peer EBGP peerss, , but but not to other not to other IBGP peerIBGP peerss. .
• InformaInformation fromtion from EBGP EBGP is passed to otheris passed to other EBGP peer EBGP peerss and alland all IBGP peer IBGP peerss
34© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Full mesh of IBGP sessionsFull mesh of IBGP sessions
35© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Definition of BGP Routing PolicyDefinition of BGP Routing Policy
36© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
BGP AttributesBGP Attributes
• Mechanism of implementation of routing Mechanism of implementation of routing policiespolicies
• Every route passed between peers can be Every route passed between peers can be assigned one or more assigned one or more attributesattributes
• Routes are processed and chosen for routing Routes are processed and chosen for routing table based on values of attributes they carrytable based on values of attributes they carry
37© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Attribute TypesAttribute Types• Well-knownWell-known
- understood by every BGP implementation- understood by every BGP implementation• Mandatory – must be appended to each routeMandatory – must be appended to each route• Discretionary – may be appended to routeDiscretionary – may be appended to route
• OptionalOptional - not every BGP implementation must understand it- not every BGP implementation must understand it• TransitiveTransitive
– if implementation doesn’t understand the attribute, it – if implementation doesn’t understand the attribute, it passes it next unchangedpasses it next unchanged
• NontransitiveNontransitive – if implementation doesn’t understand the attribute, it – if implementation doesn’t understand the attribute, it doesn’t pass it nextdoesn’t pass it next
38© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Most commonly used AttributesMost commonly used Attributes
39© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
How to influence routing policy How to influence routing policy using attributes ?using attributes ?
• Manipulation with attributes received from individual peersManipulation with attributes received from individual peers• Performed at Input Policy EnginePerformed at Input Policy Engine• Includes filtering of routes received from individual peers based on Includes filtering of routes received from individual peers based on
attributes’ valuesattributes’ values• Manipulation with attributes of routes propagated to Manipulation with attributes of routes propagated to
individual peersindividual peers• Performed at Output Policy EnginePerformed at Output Policy Engine• Includes filtering of routes propagated to individual peersIncludes filtering of routes propagated to individual peers
• Route used (and propagated next) by BGP router is Route used (and propagated next) by BGP router is determined by candidate route’s attribute valuesdetermined by candidate route’s attribute values
40© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Processing of BGP routesProcessing of BGP routes
41© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Function of policy enginesFunction of policy engines
• Test for attribute valuesTest for attribute values• Test for prefixes (including prefix length)Test for prefixes (including prefix length)• Setting of attribute value when predefined Setting of attribute value when predefined
criteria are metcriteria are met• Filtering of route when predefined criteria are Filtering of route when predefined criteria are
metmet
42© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Definition of Routing PoliciesDefinition of Routing Policies
• Separately for each peerSeparately for each peer• Separately for incoming (received) and outgoing Separately for incoming (received) and outgoing
(propagated) routes(propagated) routes
43© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
BGP Table (BGP database)BGP Table (BGP database)• Contains routes passed through (and possibly Contains routes passed through (and possibly
manipulated by) input policy enginemanipulated by) input policy engine• Routes from every peerRoutes from every peer
• For every destination (prefix), one best route is For every destination (prefix), one best route is chosenchosen• Selection is based on attribute valuesSelection is based on attribute values
• Uses standardized algorithm (will be discussed next)Uses standardized algorithm (will be discussed next)• Best route placed into routing tableBest route placed into routing table• Best route passed next to Output Policy EngineBest route passed next to Output Policy Engine
44© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Well-known Mandatory AttributesWell-known Mandatory Attributes
45© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
AS-PATHAS-PATH
• Necessary for path-vector algorithm functionNecessary for path-vector algorithm function• AS which gets the route prepends it’s number to AS which gets the route prepends it’s number to
the beginningthe beginning• AS doesn’t accept route if AS-PATH already AS doesn’t accept route if AS-PATH already
contains it’s own AS numbercontains it’s own AS number• Route with shorter AS-PATH is preferredRoute with shorter AS-PATH is preferred
46© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
AS-PATH manipulationAS-PATH manipulation
• AS-PATH mostly treated as ASCII string AS-PATH mostly treated as ASCII string • (AS numbers separated by spaces)(AS numbers separated by spaces)
• Regular expression may be used to test presence Regular expression may be used to test presence of some pattern (AS sequence)of some pattern (AS sequence)• Originating AS, AS in path, …Originating AS, AS in path, …
• Inserting AS number multiple times makes AS-Inserting AS number multiple times makes AS-PATH longer and route less preferredPATH longer and route less preferred• Router can insert only it’s own AS number (possibly Router can insert only it’s own AS number (possibly
multiple times)multiple times)
47© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
NEXT-HOPNEXT-HOP
• Next hop of BGP route is the boundary router Next hop of BGP route is the boundary router which propagated that route into ASwhich propagated that route into AS• Difference from IGP – not neighbor on the same Difference from IGP – not neighbor on the same
linklink• Router has to know route to next-hop address Router has to know route to next-hop address
from IGP (or IBGP)from IGP (or IBGP)• Otherwise, BGP route is not acceptedOtherwise, BGP route is not accepted
• Results to Results to recursive routing table lookuprecursive routing table lookup when when routing packetsrouting packets
48© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
NEXT-HOPNEXT-HOP
• Line between ASes propagated into IGPLine between ASes propagated into IGP
49© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
NEXT-HOP on broadcast networkNEXT-HOP on broadcast network
50© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
ORIGINORIGIN
• Informs where BGP learnt the route fromInforms where BGP learnt the route from• IGP – redistributed from IGPIGP – redistributed from IGP• EGP – unused (from outdated protocol EGP)EGP – unused (from outdated protocol EGP)• INCOMPLETE – unknown originINCOMPLETE – unknown origin
51© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
BGP and IGP synchronizationBGP and IGP synchronizationproblemproblem
52© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Route synchronizationRoute synchronization• Route is synchronized, if router can see it both Route is synchronized, if router can see it both
from BGP and IGPfrom BGP and IGP• Only synchronized routes are accepted by Only synchronized routes are accepted by
default by BGP (and thus propagated further, default by BGP (and thus propagated further, including out of the AS)including out of the AS)• Otherwise, traffic would have to be discarded by Otherwise, traffic would have to be discarded by
internal routersinternal routers• When IBGP is ran on every router, the When IBGP is ran on every router, the
synchronization test has to be switched offsynchronization test has to be switched off
53© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Transit system routing Transit system routing implementation choicesimplementation choices
• BGP on every router (IBGP)BGP on every router (IBGP)• At least on every transit routerAt least on every transit router• Common solution of ISPsCommon solution of ISPs
• Redistribution of BGP routes into IGPRedistribution of BGP routes into IGP• But IGPs are not capable to handle so many routesBut IGPs are not capable to handle so many routes
• MPLS with tags distributed via (MP-)BGPMPLS with tags distributed via (MP-)BGP• BGP-free coreBGP-free core
54© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Route aggregation in BGPRoute aggregation in BGP
55© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Aggregation Attributes Aggregation Attributes • Router can aggregate more routes into one with Router can aggregate more routes into one with
shorter prefixshorter prefix• Only when aggregator “owns” whole address rangeOnly when aggregator “owns” whole address range
• ATOMIC-AGGREGATE=TrueATOMIC-AGGREGATE=True• AGGREGATOR: ID of aggregating routerAGGREGATOR: ID of aggregating router• AS-SET= AS-PATH_1+AS-PATH_2AS-SET= AS-PATH_1+AS-PATH_2• AS-PATH: set as if route originated from AS of AS-PATH: set as if route originated from AS of
aggregating routeraggregating router
56© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Aggregation ExampleAggregation Example
57© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
How to influence route selection How to influence route selection using attributesusing attributes
58© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
LOCAL_PREFERENCELOCAL_PREFERENCE
• Well-known discretionaryWell-known discretionary• Allows routers of one AS to unify exit link they Allows routers of one AS to unify exit link they
will use to reach some particular external will use to reach some particular external networknetwork• Route with higher LOCAL_PREFERENCE is Route with higher LOCAL_PREFERENCE is
preferredpreferred
• Never passed behind AS boundaryNever passed behind AS boundary
59© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
LOCAL_PREFERENCE ExampleLOCAL_PREFERENCE Example
60© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
WEIGHTWEIGHT• Proprietary (Cisco, …)Proprietary (Cisco, …)• Used to increase/decrease preference of some Used to increase/decrease preference of some
route by current routerroute by current router• Set in Input Policy Engine, evaluated in route Set in Input Policy Engine, evaluated in route
selection process, never propagated furtherselection process, never propagated further• Higher Weight is preferredHigher Weight is preferred
• Only local significance, does not passed outside Only local significance, does not passed outside of the current routerof the current router• In fact, not a standard-defined attributeIn fact, not a standard-defined attribute
61© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
WEIGHT exampleWEIGHT example
62© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Multi-Exit DiscriminatorMulti-Exit Discriminator (MED) (MED)• Influences other AS’es decision which link to Influences other AS’es decision which link to
use when routing packets into networks inside use when routing packets into networks inside “our” AS“our” AS
• Lower MED is preferred Lower MED is preferred • treatedtreated similary similary like like IGP IGP metricmetric• MED value can be set manually or derived from MED value can be set manually or derived from
IGP metricIGP metric• Normally, only MEDs from the same AS may Normally, only MEDs from the same AS may
be comparedbe compared
63© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
MED exampleMED example
64© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
Route Selection AlgorithmRoute Selection Algorithm
1.1. Higher WEIGHTHigher WEIGHT2.2. Higher LOCAL_PREFERENCEHigher LOCAL_PREFERENCE3.3. Route generated by router itselfRoute generated by router itself4.4. Shorter AS_PATHShorter AS_PATH5.5. More preferred ORIGIN More preferred ORIGIN
• (IGP best, INCOMPLETE worst)(IGP best, INCOMPLETE worst)6.6. Lower MEDLower MED7.7. EBGP preferred over IBGPEBGP preferred over IBGP8.8. Better IGP metric to NEXT-HOPBetter IGP metric to NEXT-HOP9.9. Lower peer Router_ID (tiebreaker)Lower peer Router_ID (tiebreaker)
65© 2005 Petr Grygarek, VSB-TU Ostrava, Routed and Switched Networks
BGP and IPv6BGP and IPv6
• Utilizes multiprotocol support in BGPv4+ Utilizes multiprotocol support in BGPv4+ • New address family identifier (AFI)New address family identifier (AFI)
• IPv6 unicast/multicast/VPNv6IPv6 unicast/multicast/VPNv6
• NLRI for IPv6NLRI for IPv6• Extension of attributes that carry IPv4 addressesExtension of attributes that carry IPv4 addresses
• NEXT-HOPNEXT-HOP• AGGREGATORAGGREGATOR