P. 1
bgp

bgp

|Views: 70|Likes:
Published by Ali Ahmad

More info:

Published by: Ali Ahmad on Aug 16, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PPT, PDF, TXT or read online from Scribd
See more
See less

10/23/2011

pdf

text

original

Sections

  • Border Gateway Protocol (BGP4)
  • Border Gateway Protocol (BGP)
  • Border Gateway Protocol (BGP)
  • IP route lookup:Longest match routing
  • Forwarding
  • Building Blocks
  • Autonomous System (AS)
  • Autonomous System(AS)
  • Routing flow and packet flow
  • Egress Traffic
  • Ingress Traffic
  • Types of Routes
  • What Is an IGP?
  • What Is an EGP?
  • Why Do We Need an EGP?
  • Interior vs. Exterior Routing Protocols
  • Hierarchy of Routing Protocols
  • Demilitarized Zone (DMZ)
  • Addressing - ISP
  • BGP Basics
  • Terminology
  • Protocol Basics
  • BGP Basics
  • BGP Updates — NLRI
  • BGP Updates — Attributes
  • AS-Path Attribute
  • Next Hop Attribute (more)
  • The ‘Bible’ & other resources
  • Types of BGP Messages
  • Internal BGP Peering (IBGP)
  • External BGP Peering (EBGP)
  • An Example…
  • Basic BGP commands
  • Originating routes
  • Originating routes/Inserting prefixes into BGP
  • Update message
  • Stable IBGP peering
  • BGP4 continued
  • BGP Path Attributes: Why ?
  • BGP Path Attributes
  • AS-PATH
  • AS-Path
  • Next-Hop
  • Third Party Next Hop
  • Next Hop
  • Local Preference
  • Multi-Exit Discriminator (MED)
  • Origin
  • Communities
  • Synchronization
  • BGP Route Selection
  • BGP Route Selection
  • Stub AS
  • Multi-homed AS
  • Service Provider Network
  • Common Service Provider Network
  • Routing Policy
  • Filter list rules Regular Expressions
  • Route Maps
  • Load Sharing & Redundancy using BGP
  • Load-sharing - single path
  • Load Sharing - Multiple paths from the same AS
  • Redundancy - Multi-homing
  • Customer + default from all providers
  • Customer routes from all providers
  • Full routes from all providers
  • Best Practices IGP in Backbone
  • Best Practices Connecting to a customer
  • Best Practices Connecting to other ISPs
  • Best Practices The Internet Exchange
  • Q & A

Border Gateway Protocol (BGP4

)

Border Gateway Protocol (BGP)
• • • • • • • • Routing/Forwarding basics Building blocks Exercises BGP protocol basics Exercises BGP path attributes Best path computation Exercises

Border Gateway Protocol (BGP)...
• • • • • Typical BGP topologies Routing Policy Exercises Redundancy/Load sharing Best current practices

Routing/Forwarding Basics .

1/16 .IP route lookup:Longest match routing R3 Packet: Destination IP address: 10.1 All 10/8 except 10..1/16 -> R4 20/8 -> R5 30/8 -> R6 …. R2’s IP routing table R4 10.1.1/16 R1 R2 10/8 -> R3 10.1.

0 Match! .0.1/16 R1 R2 10/8 -> R3 10.0. R2’s IP routing table R4 10.IP route lookup: Longest match routing R3 Packet: Destination IP address: 10.0.1/16 -> R4 20/8 -> R5 ….0 & FF.0 is equal to 10.1.0.0.1.1.0.1/16 10..1 All 10/8 except 10.1 & FF.1.

0 Match as well! .1.0 is equal to 10.1/16 -> R4 20/8 -> R5 ….1/16 10.0.1.FF.1 All 10/8 except 10..1.IP route lookup: Longest match routing R3 Packet: Destination IP address: 10.1 & FF.0 & FF.1.1.1/16 R1 R2 10/8 -> R3 10. R2’s IP routing table R4 10.FF.0.0.

.1 & FF.1/16 R1 R2 10/8 -> R3 10.0.0.1.0.0.1.1.0.0 R2’s IP routing table .1 All 10/8 except 10.1/16 10.1/16 -> R4 20/8 -> R5 ….IP route lookup: Longest match routing R3 Packet: Destination IP address: 10.0 is equal to Does not match! 20.0 & FF.0. R4 10.1.

R2’s IP routing table R4 10.1/16 Longest match.1 All 10/8 except 10.1/16 -> R4 20/8 -> R5 …..1.1.IP route lookup: Longest match routing R3 Packet: Destination IP address: 10.1/16 R1 R2 10/8 -> R3 10. 16 bit netmask .

0.0. Always the shortest match. IP route lookup: Longest match routing .0/0 • can handle it using the normal longest match algorithm • matches everything.• default is 0.

Forwarding • Uses the routing table built by routing protocols • Performs the lookup to find next-hop and outgoing interface • Switches the packet with new encapsulation as per the outgoing interface .

Building Blocks • • • • • • • Autonomous System (AS) Types of Routes IGP/EGP DMZ Policy Egress Ingress .

Autonomous System (AS) AS 100 • • • • Collection of networks with same policy Single routing protocol Usually under single administrative control IGP to provide internal connectivity .

Autonomous System(AS). • Identified by ‘AS number’ • Public & Private AS numbers • Examples: – Service provider – Multi-homed customers – Anyone needing policy discrimination ...

Routing flow and packet flow egress packet flow announc e accept AS 1 accept announce ingress Routing flow AS2 For networks in AS1 and AS2 to communicate: AS1 must announce routes to AS2 AS2 must accept routes from AS1 AS2 must announce routes to AS1 AS1 must accept routes from AS2 packet flow .

Egress Traffic • Packets exiting the network • Based on – Route availability (what others send you) – Route acceptance (what you accept from others) – Policy and tuning (what you do with routes from others) – Peering and transit agreements .

Ingress Traffic • Packets entering your network • Ingress traffic depends on: – What information you send and to who – Based on your addressing and ASes – Based on others’ policy (what they accept from you and what they do with it) .

Types of Routes • Static Routes – configured manually • Connected Routes – created automatically when an interface is ‘up’ • Interior Routes – Routes within an AS • Exterior Routes – Routes exterior to AS .

EIGRP… .What Is an IGP? • • • • Interior Gateway Protocol Within an Autonomous System Carries information about internal prefixes Examples—OSPF. ISIS.

What Is an EGP? • Exterior Gateway Protocol • Used to convey routing information between ASes • De-coupled from the IGP • Current EGP is BGP4 .

Why Do We Need an EGP? • Scaling to large network – Hierarchy – Limit scope of failure • Define administrative boundary • Policy – Control reachability to prefixes .

Exterior Routing Protocols • Interior – Automatic discovery – Generally trust your IGP routers – Routes go to all IGP routers • Exterior Specifically configured peers Connecting with outside networks Set administrative boundaries .Interior vs.

Hierarchy of Routing Protocols Other ISP’s BGP4 BGP4 / OSPF BGP4 Local NAP FDDI BGP4/Static Customers .

Demilitarized Zone (DMZ) A AS 100 B DMZ Network C AS 101 D E AS 102 • Shared network between ASes .

ISP • Need to reserve address space for its network. • Need to take “growth” into consideration • Upstream link address is allocated by upstream provider .Addressing . • Need to allocate address blocks to its customers.

BGP Basics • • • • • • Terminology Protocol Basics Messages General Operation Peering relationships (EBGP/IBGP) Originating routes .

Terminology • Neighbor – Configured BGP peer • NLRI/Prefix – NLRI .network layer reachability information – Reachability information for a IP address & mask • Router-ID – Highest IP address configured on the router • Route/Path – NLRI advertised by a neighbor .

you don’t need BGP :) AS 102 • Runs over TCP • Path vector protocol • Incremental update .Protocol Basics Peering A C AS 100 B D AS 101 E • Routing protocol used between ASes –if you aren’t connected to multiple ASes.

.. • • • • Each AS originates a set of NLRI NLRI is exchanged between BGP peers Can have multiple paths for a given prefix Picks the best path and installs in the IP forwarding table • Policies applied (through attributes) influences BGP path selection .BGP Basics .

8.32.0/24 Note: eBGP Peers normally should be directly connected.220.BGP Peers A C AS 100 220.0/24 AS 101 220.16.0/24 B D BGP speakers are called peers Peers in different AS’s are called External Peers eBGP TCP/IP Peer Connection E AS 102 220.220.220. .

0/24 Note: iBGP Peers don’t have to be directly connected.8.BGP Peers A C AS 100 220.0/24 AS 101 220.220.16.0/24 B D BGP speakers are called peers Peers in the same AS are called Internal Peers iBGP TCP/IP Peer Connection E AS 102 220. .220.32.220.

8.220.BGP Peers A C AS 100 220.0/24 AS 101 220.16.220.220.0/24 .0/24 B D BGP Peers exchange Update messages containing Network Layer Reachability Information (NLRI) BGP Update Messages E AS 102 220.32.

255.0/30 220.1 D interface Serial 0 ip address 222.255.10.1 220.0/24 .0 mask 255.220.1 B .2 .10.255.220.222.0 neighbor 222.255.2 remote-as 100 • BGP Peering sessions are established using the BGP “neighbor” configuration command – External (eBGP) is configured when AS numbers are different .0/24 .8.2 255.8.255.2 222.10.222.2 eBGP TCP Connection AS 101 C .220.222.16.255.222.222.10.0 mask 255.220.255.1 remote-as 101 interface Serial 0 ip address 222.1 255.252 router bgp 101 network 220.255.0 neighbor 222.Configuring BGP Peers AS 100 A .16.252 router bgp 100 network 220.10.

255.0/30 AS 101 iBGP TCP Connection .16.2 255.1 255.255.10.1 C .255.220.220.0 neighbor 220.255.252 router bgp 101 network 220.16.2 remote-as 101 • BGP Peering sessions are established using the BGP “neighbor” configuration command – External (eBGP) is configured when AS numbers are different – Internal (iBGP) is configured when AS numbers are same .16.255.255.220.16.2 220.220.1 D interface Serial 1 ip address 220.Configuring BGP Peers AS 100 222.220.255.0 mask 255.8.252 router bgp 101 network 220.2 .0 neighbor 220.222.16.220.2 220.1 A .0/24 .255.16.0 mask 255.16.0/24 B .1 remote-as 101 interface Serial 1 ip address 222.220.220.

Configuring BGP Peers AS 100 A B iBGP TCP/IP Peer Connection C • Each iBGP speaker must peer with every other iBGP speaker in the AS .

Configuring BGP Peers 215.1 AS 100 215.7.10.10.3 iBGP TCP/IP Peer Connection C • Loopback interface are normally used as peer connection end-points .10.2 A B 215.7.7.

7.7.3 C remote-as 100 update-source loopback0 remote-as 100 update-source loopback0 .10.7.7.220.255 Peer Connection router bgp 100 network 220.Configuring BGP Peers 215.7.255.7.10.0 neighbor 215.2 neighbor 215.1 255.10.7.2 neighbor 215.1 AS 100 215.10.10.3 iBGP TCP/IP interface loopback 0 ip address 215.7.2 A B 215.255.3 neighbor 215.10.1.10.10.

0 neighbor 215.2 A B 215.3 neighbor 215.10.3 iBGP TCP/IP Peer Connection interface loopback 0 ip address 215.7.3 C remote-as 100 update-source loopback0 remote-as 100 update-source loopback0 .1 neighbor 215.7.5.7.1 AS 100 215.1 neighbor 215.10.2 255.220.255 router bgp 100 network 220.10.10.7.10.Configuring BGP Peers 215.7.10.10.255.7.255.7.10.7.

10.Configuring BGP Peers 215.10.10.255 router bgp 100 network 220.2 neighbor 215.1 neighbor 215.2 A B 215.1.0 neighbor 215.7.220.2 C remote-as 100 update-source loopback0 remote-as 100 update-source loopback0 .10.3 iBGP TCP/IP Peer Connection interface loopback 0 ip address 215.1 neighbor 215.255.7.10.7.10.3 255.10.7.10.1 AS 100 215.7.7.255.7.7.

BGP Updates — NLRI • Network Layer Reachability Information • Used to advertise feasible routes • Composed of: – Network Prefix – Mask Length .

BGP Updates — Attributes • Used to convey information associated with NLRI – – – – – – – AS path Next hop Local preference Multi-Exit Discriminator (MED) Community Origin Aggregator .

0.10.0/16 300 200 AS 400 150.0.0.0/16 300 200 100 170.10.AS-Path Attribute • Sequence of ASes a route has traversed • Loop detection • Apply policy AS 300 AS 200 170.0/16 170.0/16 Network 180.0.0.0.10.0/16 AS 100 180.10.0/16 Path 300 200 100 300 200 300 400 AS 500 .0/16 Network Path 180.0.10.10.10.0/16 150.10.0.

10.0.10.0/16 192.0/30 140.0.1 D E .10.Next Hop Attribute AS 200 150.1 A AS 100 160.0/16 • Next hop to reach a network • Usually a local network is the next hop in eBGP session BGP Update Messages .10.10.0/ 30 192.2 Network Next-Hop 160.2 192 .1.0.0/16 .0.0/16 B .2.2 AS 300 C .20.20 .1 Path 100 .

0/16 192.0/16 .1.10.1.1 to reach a network 160.10.10.10.Next Hop Attribute AS 200 150.0.0/16 B .1 A • Next • Usually a local network is the next hop in eBGP session AS 100 160.0/16 192.10.0/30 140.10.2 AS 300 C .1.20 .10.10.0.0.2 .0.2 Network Next-Hop hop150.0/16 192 .0.1 D E .0/ 30 192.1 Path 200 200 100 • Next Hop updated between eBGP Peers BGP Update Messages .

0/30 140.0/ 30 192.10.10.0.2 .0/16 192.10.1 Path 200 200 100 A .1.10.1.0/16 .0/16 BGP Update Messages 192 .1.0/16 between iBGP peers 192.2 AS 100 160.10.2 AS 300 C .0.0/16 B .1 Network Next-Hop 150.0.0.10.10.Next Hop Attribute AS 200 150.1 D E .20 .10.0.1 • Next hop not changed 160.

Next Hop Attribute (more) • • • • IGP should carry route to next hops Recursive route look-up Unlinks BGP from actual physical topology Allows IGP to make intelligent forwarding decision .

BGP Updates — Withdrawn Routes • Used to “withdraw” network reachability • Each Withdrawn Route is composed of: – Network Prefix – Mask Length .

0/24 Network Next-Hop Path 150.10.25.10.0/24 x Connectivity lost 192.168.2 321 200 192.10.0/16 192.192.10.0.0/24 .2 321 .168.25.0/24 192.BGP Updates — Withdrawn Routes AS 123 .1 192.168.192.192.2 AS 321 BGP Update Message Withdraw Routes 192.25.

0/16 192.1.1.1.0/24 Next-Hop 192.1.2 192.2.10.10.2.0/24 *>i160.10.22.1.0.0.10.2.BGP Routing Information Base BGP RIB Network *>i160.255.20.0 no auto-summary D D D R S 10.0 255.0/24 153.3.0/24 Route Table BGP ‘network’ commands are normally used to populate the BGP RIB with routes from the Route Table .3.0/24 160.0.2 Path i i router bgp 100 network 160.20.10.0/24 160.

0.0.0.0.255.0/24 153.0/16 * i s> 160.10.2.0.20.0 255.2.0.1.3.2 192.0 aggregate-address 160.1.10.0/24 s> 160.2.20.2 Path i i i i router bgp 100 network 160.0 summary-only no auto-summary D D D R S 10.1.10.1.255.10.0/24 160.10.1.0/24 Next-Hop 0.0/16 192.10.10.20.22.0/24 160.3.2.0 255.BGP Routing Information Base BGP RIB Network *> 160.2 192.0.0 192.0/24 Route Table BGP ‘aggregate-address’ commands may be used to install summary routes in the BGP RIB .0.

255.22.0.0/24 *> 192.0 0.10.20.1.0.0/24 Next-Hop 0.0.2 192.20.10.0/24 153.0.2.2.0/24 160.20.2.0/24 s> 160.0.10.BGP Routing Information Base BGP RIB Network *> 160.2.1.2 Path i i i i ? router bgp 100 network 160.0/16 192.10.2 192.1.2.10.0/24 160.0 redistribute static route-map foo no auto-summary D D D R S 10.0.1.0.3.0.0 255.3.0/16 * i s> 160.20.255 route-map foo permit 10 match ip address 1 Route Table BGP ‘redistribute’ commands can also be used to populate the BGP RIB with routes from the Route Table .0/24 access-list 1 permit 192.2 192.255.1.1.1.1.0 192.10.

0.2 192.20.2 192.2.10.1 Path i i 100 OUT Process Update Update Network Next-Hop 173.2.21.21.0/24 *> 173.20.2.10.3.1 Path 100 • BGP “in” process • receives path information from peers • results of BGP path selection placed in the BGP table • “best path” flagged (denoted by “>”) .0/16 Next-Hop 192.0/24 *>i160.1.0/16 192.20.BGP Routing Information Base IN Process BGP RIB Network *>i160.0.20.2.

0.21.1.10.2.2.0.20.10.0/16 Next-Hop 192.20.21.0/24 160.2.2.10.2 192.2 Path 200 200 200 100 • BGP “out” process • builds update using info from RIB • may modify update based on config • Sends update to peers Next-Hop changed .0/24 173.1 Path i i 100 OUT Process Update Update Network 160.0/24 * > 173.BGP Routing Information Base IN Process BGP RIB Network *>i160.20.2.20.10.3.2.2 192.0/16 Next-Hop 192.3.20.1 192.0/24 *>i160.1.2 192.2 192.20.2.20.

0/24 *>i160.0/16 192.10.2.0/24 173.1.10.0/24 *> 173.2.0/24 153.2 192.21.3.21.1.1 Path i i 100 D D D R S B 10.0/24 160.0/16 Next-Hop 192.1.1.0.10.20.22.0.BGP Routing Information Base BGP RIB Network *>i160.10.3.2.20.1.2.2 192.0/16 • Best paths installed in routing table if: • prefix and prefix length are unique • lowest “protocol distance” Route Table .0/24 160.0.20.

oregon-ix.net • Internet Routing Architectures – Bassam Halabi – pg.The ‘Bible’ & other resources • Route-views. 168 BGP Decision Process Summary .

Types of BGP Messages • OPEN – To negotiate and establish peering • UPDATE – To exchange routing information • KEEPALIVE – To maintain peering session • NOTIFICATION – To report errors (results in session reset) .

Internal BGP Peering (IBGP) AS 100 A B D E • BGP peer within the same AS • Not required to be directly connected • Maintain full IBGP mesh or use Route Reflection .

External BGP Peering (EBGP) A AS 100 B C AS 101 • Between BGP speakers in different AS • Directly connected or peering address is reachable .

An Example… A AS200 F B C 35.0/8 from F & D .0.0/8 AS3561 AS21 D AS101 E AS675 Learns about 35.0.0.0.

Basic BGP commands Configuration commands router bgp <AS-number> neighbor <ip address> remote-as <as-number> Show commands show ip bgp summary show ip bgp neighbors .

Originating routes.. • Using network command or redistribution network <ipaddress> redistribute <protocol name> • Requires the route to be present in the routing table ..

254.0 mask 255.0.255.254.0 ip route 198.0 255.0 serial 0 matching route must exist in the routing table before network is announced! • Origin: IGP Originating routes/Inserting prefixes into BGP .10.255.4.10.• • • • network command network 198.

Update message • Withdrawn routes • Path Attributes • Advertised routes .

x. • Carry loopback address in IGP router ospf <ID> passive-interface loopback0 • Unlink peering from physical topology router bgp <AS1> neighbor <x.x.Stable IBGP peering • Unlinks IBGP peering from physical topology.x.x.x> remote-as <AS1> neighbor <x.x> update-source loopback0 .

.BGP4 continued. ..

BGP Path Attributes: Why ? • • • • • Encoded as Type. Length & Value (TLV) Transitive/Non-Transitive attributes Some are mandatory Used in path selection To apply policy for steering traffic .

.. ...BGP Path Attributes. • • • • • • • Origin AS-path Next-hop Multi-Exit Discriminator (MED) Local preference BGP Community Others.

AS-PATH • Updated by the sending router with its AS number • Contains the list of AS numbers the update traverses. if it finds its AS number. • Used to detect routing loops – Each time the router receives an update. it discards the update .

0.10.0/16 dropped AS 500 180.0/16 300 200 100 300 200 300 400 .AS-Path AS 200 170.0/16 AS 100 180.0/16 • Sequence of ASes a route has traversed AS 300 • Loop detection AS 400 150.0/16 150.10.10.10.0.10.10.0.0.0/16 180.0.0.0.0/16 170.10.

1 160.10.Next-Hop 150.10.10.0.1 150.1.10.0.0.10.10.0.1 AS 100 160.2 AS 200 150.0/16 150.1.10.0/16 • Next hop router to reach a network • Advertising router/Third party in EBGP • Unmodified in IBGP 0799_04F7_c2 Cisco Systems Confidential 20 .1.10.1.0/16 A B AS 300 150.0/16 150.

1.1.1.1.3 150.Third Party Next Hop AS 200 192.1 peering 150.1.2 C 150.68.1.1.0/24 150.1.1.1. but bad idea! .3 A B 192.68.0/24 AS 201 • More efficient.

Next Hop... • • • • IGP should carry route to next hops Recursive route look-up Unlinks BGP from actual physical topology Allows IGP to make intelligent forwarding decision .

mandatory for IBGP • Default value is 100 on Ciscos • Local to an AS • Used to prefer one exit over another • Path with highest local preference wins .Local Preference • Not for EBGP.

0/16 AS 200 D 500 800 AS 300 E A 160.Local Preference AS 100 160.0.10.10.10.0.0/16 > 160.0/16 500 800 B AS 400 C .0.

Multi-Exit Discriminator • Non-transitive • Represented as a numeric value (0-0xffffffff) • Used to convey the relative preference of entry points • Comparable if paths are from the same AS • Path with lower MED wins • IGP metric can be conveyed as MED .

0/24 1000 A B 192.68.68.0/24 AS 201 .1.1.0/24 2000 preferred 192.68.Multi-Exit Discriminator (MED) AS 200 C 192.1.

0 – EGP .Origin • Conveys the origin of the prefix • Three values: – IGP .0.Redistributed from EGP – Incomplete .Redistribute IGP • ex: redistribute ospf • IGP < EGP < INCOMPLETE .0.Generated using “network” statement • ex: network 35.

Communities • • • • Transitive. Non-mandatory Represented as a numeric value (0-0xffffffff) Used to group destinations Each destination could be member of multiple communities • Flexibility to scope a set of prefixes within or across AS for applying policy .

68.. Service Provider AS 200 C D Community 201:110 201:120 Local Preference 110 120 Community:201:110 Community:201:120 A B 192.1.0/24 Customer AS 201 .Community..

Synchronization 1880 A C OSPF 35/8 209 D 690 • C not running BGP (non-pervasive BGP) B • A won’t advertise 35/8 to D until the IGP is in sync • Turn synchronization off! – Run pervasive BGP router bgp 1880 no sync .

BGP Route Selection (bestpath) Only one path as the bestpath ! • Route has to be synchronized Prefix in forwarding table • Next-hop has to be accessible Next-hop in forwarding table • Largest weight Local to the router • Largest local preference Spread within AS • Locally sourced Via redistribute or network statement .

• Shortest AS-path length number of ASes in the AS-path attribute • Lowest origin IGP < EGP < INCOMPLETE • Lowest MED between paths from same AS • External over internal closest exit from a router • Closest next-hop Lower IGP metric.. closer exit from as AS • Lowest router-id • Lowest IP address of neighbor .BGP Route Selection ..

.BGP Route Selection.. AS 100 AS 200 D AS 300 Increase AS path attribute length by at least 1 A B AS 400 AS 400’s Policy to reach AS100 AS 200 preferred path AS 300 backup .

Stub AS • Typically no need for BGP • Point default towards the ISP • ISP advertises the stub network to Internet • Policy confined within ISP policy .

Stub AS B A AS 101 Provider Customer AS 100 .

Multi-homed AS • Only border routers speak BGP • IBGP only between border routers • Exterior routes must be redistributed in a controlled fashion into IGP or use defaults .

Multi-homed AS AS 100 provider AS 300 A B C D provider AS 200 customer .

Service Provider Network
• IBGP used to carry exterior routes • IGP keeps track of topology • Full IBGP mesh is required

Common Service Provider Network
AS 100
A B C H

AS 200

AS 300
D

provider
E

F

G

AS 400

Routing Policy
• Why?
– To steer traffic through preferred paths – Inbound/Outbound prefix filtering – To enforce Customer-ISP agreements

• How ?
– AS based route filtering - filter list – Prefix based route filtering - distribute list – BGP attribute modification - route maps

.69. router bgp 100 neighbor 171.33 distribute-list 1 in neighbor 171.0.33 distribute-list 2 out .233.33 remote-as 33 neighbor 171..0.0.233.0 … more access-lists as prefixes are added .69.69.0.Distribute list .using IP access lists access-list 1 deny 10.233.0 access-list 1 permit any access-list 2 permit 20.

• RE is a pattern to match against an input string • Used to match against AS-path attribute • ex: ^3561.*1$ • Flexible enough to generate complex filter list rules Filter list rules Regular Expressions .*100.

233.33 filter-list 2 out .Filter list .using as-path access list ip as-path access-list 1 permit 3561 ip as-path access-list 2 deny 35 ip as-path access-list 2 permit .* router bgp 100 neighbor 171.233.33 remote-as 33 neighbor 171.233.69.69.33 filter-list 1 in neighbor 171.69.

Route Maps router bgp 300 neighbor 2.2.2.0.0.2.2 remote-as 100 neighbor 2.0 ip community-list 1 permit 100:200 .2 route-map SETCOMMUNITY out ! route-map SETCOMMUNITY permit 10 match ip address 1 match community 1 set community 300:100 ! access-list 1 permit 35.2.

Route-map match & set clauses Match • AS-path Clauses • Community • IP address Set Clauses • • • • • • • AS-path prepend Community Local-Preference MED Origin Weight Others. ...

x> route-map AS100_IN in ! route-map AS100_IN permit 10 set community 100:200 C31 H eth H C32 H eth H .x.Route-map Configuration Example neighbor <y.y> route-map AS200_IN in ! route-map AS200_IN permit 10 match community 1 set local-preference 200 ! ip community-list 1 permit 100:200 ISP2 C21 H ethH C22 H eth H ISP3 Inbound route-map to set community neighbor <x.x.y.y.

Load Sharing & Redundancy using BGP .

200.255 <DMZ-link1.Load-sharing .0.255.255.single path Router A: interface loopback 0 ip address 20.200.200.2 update-source loopback0 neighbor 10.1 Loopback 0 10.0.2 255.0.200.1 255.0.2 remote-as 200 neighbor 10.200.2 ebgp-multi-hop 2 ! ip route 10.2 AS200 .200. link2> A AS100 Loopback 0 20.0.0.200.255.255.255 ! router bgp 100 neighbor 10.0.

Load Sharing .1 remote-as 200 neighbor 10.0.1 remote-as 200 maximum-paths 2 A 100 200 Note:A still only advertises one “best” path to ibgp peers .200.Multiple paths from the same AS Router A: router bgp 100 neighbor 10.300.0.

Redundancy .full routes from all .customer + default routes from all .default from all providers .Multi-homing • Reliable connection to Internet • 3 common cases of multi-homing: .

Default from all providers • Low memory/CPU solution • Provider sends BGP default – provider is selected based on IGP metric • Inbound traffic decided by providers’ policy – Can influence using outbound policy. example: AS-path prepend .

Default from all providers Provider AS 200 D E Provider AS 300 A AS 400 C B .

Customer + default from all providers • Medium memory and CPU solution • Granular routing for customer routes and default for the rest • Inbound traffic decided by providers’ policy – Can influence using outbound policy .

Customer routes from all providers Customer AS 100 160.0.0/16 Provider AS 200 D E Provider AS 300 C chooses shortest AS path A AS 400 C B .10.

Full routes from all providers • More memory/CPU • Full granular routing • Usually transit ASes take full routes • Usually pervasive BGP .

Full routes from all providers AS 100 AS 500 AS 200 D E AS 300 C chooses shortest AS path A AS 400 C B .

Best Practices IGP in Backbone • IGP connects your backbone together. IS-IS. not your client’s routes • IGP must converge quickly • IGP should carry netmask information OSPF. EIGRP .

.Best Practices. Connecting to a customer • Static routes – You control directly – No route flaps • Shared routing protocol or leaking – You must filter your customers info – Route flaps • BGP for multi-homed customers ..

.Best Practices.. Connecting to other ISPs • • • • Use BGP4 Advertise only what you serve Take back as little as you can Take the shortest exit .

The Internet Exchange • Long distance connectivity is expensive • Connect to several providers at a single point .Best Practices...

Q&A .

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->