Insight into BGP

tastefulsaintregisΔίκτυα και Επικοινωνίες

27 Οκτ 2013 (πριν από 3 χρόνια και 7 μήνες)

60 εμφανίσεις

Cisco Confidential

1

© 2011 Cisco and/or its affiliates. All rights reserved.

Insight into BGP




Mike Smith


Anglia Ruskin University

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

2

Logical view of Internet Architecture




Internet as a collection of Autonomous Systems

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

3

Definition: Autonomous System


“a set of routers under a single technical administration, using an
Interior Gateway Protocol (IGP) and common metrics to determine
how to route packets within the autonomous system, and using an
inter
-
autonomous system routing protocol to determine how to route
packets to other autonomous systems” (RFC 4271)

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

4

Top Ten AS’s by CIDR blocks

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

5

ASN allocation by RIR

Unadvertised are not visible on the Internet

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

6
















© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

7

Growth in the number of ASs

Growth rate = 3500 new AS per year

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

8

ISP AS Infrastructure


AS’s joined through Internet Packet Exchange (IPX) Gateways

Approximately 100 gateways worldwide

UK has three main gateways

London Internet Exchange (LINX)


Peak Traffic


1092 Gbps


Average Traffic


743 Gbps


Have access to 0.5 of Internet Routing Table


190,000 CIDR blocks


388 members

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

9

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

10

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

11




IXP World Map

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

12

IXP Europe Map

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

13

IXP UK Map

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

14

Peering

In networking, peering is a voluntary interconnection of
Autonomous Systems for the purpose of exchanging traffic.

The pure definition of peering is settlement free


peers
exchange traffic on the basis that I will forward your traffic if you
will forward mine.


© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

15

Peering types

There are generally two types of peering: public and private

Public Peering

Public peering is accomplished using a shared fabric (usually a L2
switch technology). At these locations (mainly IXPs), multiple
carriers interconnect with one or more other carriers across a single
physical port.

Private Peering

Private peering is the direct connection between two networks
across a Layer 1 or Layer 2 medium that provides dedicated
network capacity and is not shared. Private peering is commonly
used between very large networks.


© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

16

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

17

Janet (AS748) Peering Partners

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

18

Cisco Confidential

18

© 2011 Cisco and/or its affiliates. All rights reserved.

BGP Concepts and Basic
Configuration

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

19

Routing Protocol Taxonomy


Routing protocols fit into two main categories: Interior Gateway
Protocols (IGPs) and Exterior Gateway Protocols (EGPs)

Interior Gateway Protocol

A routing protocol that exchanges routing information
within

an
Autonomous System


RIP, EIGRP, OSPF and ISIS

Exterior Gateway Protocol

A routing protocol that exchanges routing information
between

different Autonomous Systems
-

BGP


© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

20




Goal of BGP is to provide an inter
-
domain routing system that
guarantees the loop
-
free exchange of routing information between
autonomous systems

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

21

Key features of BGP




Policy based routing



Uses TCP for connectivity



Incremental updates



Rich metrics



Designed to scale to huge internetworks (for example, the Internet)



EBGP


used to route between ASs



IBGP


used to route BGP routing information within an AS

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

22

Protocol

IGP/EGP

Type

Hierarchical

Metric

OSPF

IGP

Link state

Yes

Cost

IS
-
IS

IGP

Link state

Yes

Metric

EIGRP

IGP

Advanced
Distance
Vector

No

Composite

(bandwidth,
delay)

BGP

EGP

Path
Vector

No

Path vectors

(attributes)

Comparison of Scalable Routing Protocols

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

23

Why use BGP?

BGP is an appropriate routing protocol to use when:



An AS allows packets to transit through to reach other ASs (for
example, it is a service provider)



An AS has multiple connections to other ASs (multi
-
homed)



Routing policy and route selection for traffic entering and leaving the
AS must be manipulated


When not to use BGP?



Limited understanding of route filtering and BGP path
-
selection
process



A single connection to the Internet or another AS



Lack of memory or processor power to handle constant updates on
BGP routers

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

24

BGP Message Types

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

25

UPDATE message


UPDATE messages contain the routing information for BGP



Unfeasible Routes Length (2 bytes)

Withdrawn Routes (variable)

Total Path Attributes Length (2 bytes)

Path Attributes (variable)

Network Layer Reachability Information (variable)

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

26

UPDATE message
-

Path Attributes



The Path Attributes field is of variable length and contains a
sequence of attributes about a path. The Path Attributes field will
be present in every UPDATE message


The information contained in the Path Attribute field is used to
track specific route information and is also used for routing
decisions and filtering



The Path Attribute field consists of: attribute type, attribute
length and attribute value


© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

27

Well known


attribute must be recognised by all implementations of BGP

Optional


attribute not recognised by an implementation of BGP


Mandatory


attribute must be present in an UPDATE message

Discretionary


attribute does not need to be present in an UPDATE message


Transitive


attribute forwarded to another BGP peer that may not be recognised by this
peer

Non
-
transitive


attribute not forwarded to another BGP peer


© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

28

Type Code

Name

Category

Description

1

ORIGIN

Well
-
known mandatory

The

AS

that

originated

the

routing

information

2

AS_PATH

Well
-
known mandatory

A

list

of

all

ASs

the

routing

information

has

transited

3

NEXT_HOP

Well
-
known mandatory

Specified

the

IP

address

of

the

next
-
hop

router

to

the

specified

destination

4

MULTI_EXIT_DISC

Optional non
-
transitive

Used

to

determine

the

best

exit/entry

point

to

the

same

AS

if

multiple

points

exist

5

LOCAL_PREF

Well
-
known discretionary

Is

used

to

set

a

preference

of

a

route

to

a

iBGP

peer

6

ATOMIC_AGGREGATE

Well
-
known discretionary

Used

to

choose

a

less

specific

(shorter

mask)

route

rather

than

a

more

specific

(longer

mask)

when

receiving

overlapping

routes

from

a

BGP

speaker

7

AGGREGATOR

Optional transitive

When

a

BGP

peer

perform

route

aggregation,

it

will

include

in

the

AGGREGATOR

attribute

its

AS

number

and

BGP

Id


8

COMMUNITY

Option transitive

Specifies

the

communities

a

route

belongs

to
.

A

community

is

a

group

of

destinations

that

have

a

common

attribute

9

ORIGINATOR_ID

Optional non
-
transitive

A

BGP

speaker

that

has

the

role

of

Route

reflector

creates

this

attribute
.

A

route

reflector

can

advertise

iBGP

learned

routes

to

other

iBGP

peers
.

This

is

not

normally

allowed

10

CLUSTER_LIST

Optional non
-
transitive

Used

by

a

route

reflector

to

specify

the

BGP

peers

that

a

part

of

its

clients
.

Commonly used BGP attributes

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

29

Local_Preference Attribute


used to prefer a exit path from the AS

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

30

path

Multi_Exit_Disc attribute

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

31

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

32

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

33

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

34

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

35

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

36

Basic BGP Configuration


BORDER


router bgp 100


neighbor 200.200.200.2 remote
-
as 200


network 192.168.1.0


ISP


router bgp 200


neighbor 200.200.200.1 remote
-
as 100


network 194.82.46.0



Specifies the AS this router belongs to

Specifies the IP address of the remote
AS and its AS number

Specifies the network to be
advertised

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

37

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

38

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

39

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

40

Cisco Confidential

40

© 2011 Cisco and/or its affiliates. All rights reserved.

BGP Concepts and
Advanced Configuration

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

41

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

42

router bgp 100

neighbor 192.168.1.6 remote
-
as 300

network 10.1.1.0 mask 255.255.255.0


router bgp 300

neighbor 192.168.1.5 remote
-
as 100

neighbor 172.24.1.18 remote
-
as 65000

network 10.2.2.0 mask 255.255.255.0

router bgp 65000

neighbor 172.24.1.17 remote
-
as 300

network 10.3.3.0 mask 255.255.255.0

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

43

Modify default BGP action using AS_PATH attribute


In this example, the provider router, ISP, is to be configured so that it
does not propagate routes that originate from AS 100 to the customer
router CustRtr

AS 100 routes
not

to be advertised to AS
65000

X

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

44



ISP

router bgp 300

neighbor 192.168.1.5 remote
-
as 100

neighbor 172.24.1.18 remote
-
as 65000

network 10.2.2.0 mask 255.255.255.0


ip as
-
path access
-
list 1 deny ^100$

ip as
-
path access
-
list 1 permit .*


router bgp 300

neighbor 172.24.1.18 filter
-
list 1 out

Using the AS_PATH attribute to prevent AS100 routes being advertised to CustRtr

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

45

Configuring Local_Preference Attribute

Preferred exit path

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

46

Basic steps

1.
Configure IP interfaces

2.
Configure EIGRP (in this case) as an IGP in AS 64512

3.
Configure IBGP between SanJose1 and SanJose2

4.
Configure BGP Local Preference attribute on SanJose1 and
SanJose2

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

47

SanJose 1

router eigrp 64512


network 172.16.0.0


no auto
-
summary

router bgp 64512


neighbor 172.16.32.1 remote
-
as 64512


neighbor 172.16.32.1 update
-
source lo0


neighbor 192.168.1.5 remote
-
as 200


network 172.16.0.0


route
-
map PRIMARY_T1_IN permit 10


set local_preference 150

router bgp 64512


neighbor 192.168.1.5 route_map PRIMARY_T1_IN in

© 2011 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential

Cisco Confidential

© 2011 Cisco and/or its affiliates. All rights reserved.

48

SanJose 2

router eigrp 64512


network 172.16.0.0


no auto
-
summary

router bgp 64512


neighbor 172.16.64.1 remote
-
as 64512


eighbor 172.16.64.1 update
-
source lo0


neighbor 192.168.1.1 remote
-
as 200


route
-
map SECONDARY_T1_IN permit 10


set local_preference 125

router bgp 64512


neighbor 192.168.1.1 route_map SECONDARY_T1_IN in

Thank you.