BLT

BGP Label based Tunneling

Gunter Van de Velde

Sr Technical Leader
NOSTG, Cisco Systems

December 2012
© 2012 Cisco and/or its affiliates. All rights reserved. 1
• It is a new “IP” network overlay technology

• Can be seen as alternative for MPLS based upon BGP as

scalable and proven control plane
• Within the Core ISP network, no more need for full routing table
• The network overlay mechanism is tunnel technology agnostic
(LISP, GRE, L2TP, IPinIP, VxLAN, etc)
• BGP based Dynamic tunnelling works Intra- and Inter-domain

• Expected convergence time: <100msec

© 2012 Cisco and/or its affiliates. All rights reserved. 2

• Address family (IPv4, IPv6, VPNv4, VPNv6, IP+Label) agnostic

• Usage of proven and highly scalable Internet technologies (BGP, PIC, LFA, etc…)

• BGP database carries tunnel end-points and identifiers as ships in the night to the traditional BGP routing BGP table

• Cost optimization by getting rid of:

Core MPLS control plane
Internet and customer prefixes from core

• Usage of BGP technology:

Fast Convergence
High scalability
High availability
VPN Support
Highly secure by utilisation of BGP security technologies (RPKI Origin Authentication, TCP-AO, etc..)
BGP Remote-Next-Hop (http://datatracker.ietf.org/doc/draft-vandevelde-idr-remote-next-hop/)

• Usage of VxLAN, GRE, LISP, IP-in-IP tunnels

Utilization of scalable and existing tunnel technology
Connect IPv6/IPv4 islands over an IPv6/IPv4 infrastructure for both Inter- and Intra-AS networks
Utilization of existing tunnel policy and RIB population mechanisms
Service differentiation: enable premium exit vs best-effort exit to Internet by Network Policy

• Backward compatible and support for gradual implementation

© 2012 Cisco and/or its affiliates. All rights reserved. 3

• BGP Remote-Next-Hop (
http://tools.ietf.org/html/draft-vandevelde-idr-remote-next-hop)
• LISP - http://tools.ietf.org/doc/draft-ietf-lisp/

• Other tunnel technologies: GRE, VxLAN, IP-in-IP, etc…

• BGP Route-Reflection (RFC4456)

• Cisco Prefix Independent Convergence

• BGP Diverse Path (RFC6774)

• BGP Add-Path (http://tools.ietf.org/html/draft-ietf-idr-add-paths)

• BGP/MPLS VPN (RFC4364)

© 2012 Cisco and/or its affiliates. All rights reserved. 4

 Customer 2a
1.1.3.0/24
xTR3
Next-Hop:
Next-Hop:
Customer 1b 2.2.2.3/32
2.2.2.4/32
1.1.2.0/24 2001:db8::3/128
2001:db8::4/128

Next-Hop: xTR2 IP Core

2.2.2.2/32
2001:db8::2/128 iBGP 2.2.2.0/24 Customer 2b
iBGP
RR 2001:db8::/64 1.1.4.0/24

xTR4
iBGP
Next-Hop: Customer 3a
2.2.2.1/32
2001:db8::1/128
iBGP 1.1.5.0/24

iBGP iBGP
iBGP Next-Hop:
xTR1 2.2.2.7/32
Customer 1a 2001:db8::7/128
xTR7
1.1.1.0/24

Next-Hop: Next-Hop: Customer 3b

2.2.2.6/32 xTR6 2.2.2.5/32
2001:db8::6/128
1.1.6.0/24
xTR5 2001:db8::5/128

Customer 1c
1.1.7.0/24

© 2012 Cisco and/or its affiliates. All rights reserved. 5

• Core
IGP: OSPF, EIGRP, ISIS
MPLS Free Core
BGP only is run only on the core edge and BGP RR
support of IGP LFA

• Edge
Location of the Tunnel in-/egress router
BGP NLRI is used as remote network identifier and the attached BGP Remote-Next-Hop
as Locator
Forwarding in-/egress policy enforcement
Multi-tunnel loadsharing

• Customer Networks
Autonomous networks
DC, finance, IT department, engineering, customers, etc…
Independent address family agnostic address space
Customer networks and services are network identifiers

© 2012 Cisco and/or its affiliates. All rights reserved. 6

• NLRI (Network Layer Reachability Information) is the customer network

• Next-hop is the traditional BGP Next-Hop used for traditional IP forwarding

• Remote-Next-Hop is the Tunnel End-Point used for dynamic tunnel based forwarding (Optional BGP
transitive attribute)

• Multiple NLRI can point to identical Remote-Next-Hop

Next-hop is used for

NLRI (EID)
traditional IP forwarding
Traditional BGP Attributes

Next-Hop

Remote-Next-Hop #1[GRE]
Remote-Next-Hop #2[vxlan]
Remote-Next-Hop #3[IPsec]

Remote customer Addresses-used for

Network or service Tunnel end-point
© 2012 Cisco and/or its affiliates. All rights reserved. 7
 BGP Table
Customer 2a
1.1.3.0/24
xTR3
Next-Hop:
Customer 1b Destination
2.2.2.3/32 Next- Remote-Next-
Next-Hop: Tunnel Type
2.2.2.4/32
1.1.2.0/24 2001:db8::3/128 Hop Hop 2001:db8::4/128

Next-Hop: xTR2
1.1.2.0/24 2.2.2.2IP Core
2.2.2.2 GRE
2.2.2.2/32
2.2.2.0/24
2001:db8::2/128 1.1.3.0/24 iBGP2.2.2.3 1.10.3.3 Customer
GRE 2b
iBGP
RR 2001:db8::/64 1.1.4.0/24
1.10.3.3/32 2.2.2.3
xTR4
iBGP
Next-Hop: 1.1.4.0/24 2.2.2.4 2.2.2.4 VxLAN
Customer 3a
2.2.2.1/32
iBGP 1.1.5.0/24
2001:db8::1/128 1.1.5.0/24 2.2.2.4
iBGP iBGP
1.1.6.0/24 iBGP 2.2.2.7 2001:db8::7Next-Hop:
IP-in-IPv6
2.2.2.7/32
Customer 1a xTR1
xTR7 2001:db8::7/128
1.1.1.0/24 1.1.6.0/24 2.2.2.5 2001:db8::7 IP-in-IPv6
Next-Hop:
2.2.2.6/32
1.1.7.0/24 2.2.2.6
Next-Hop: 2001:db8::6
Customer 3b GRE
xTR6 2.2.2.5/32
2001:db8::6/128
1.1.6.0/24
2001:db8::5/128

Customer 1c
1.1.7.0/24

© 2012 Cisco and/or its affiliates. All rights reserved. 8

 Customer 2a
1.1.3.0/24
xTR3
Next-Hop:
Next-Hop:
Customer 1b 2.2.2.3/32
2.2.2.4/32
1.1.2.0/24 2001:db8::3/128
2001:db8::4/128

Next-Hop: xTR2 IP Core

2.2.2.2/32
2001:db8::2/128 iBGP 2.2.2.0/24 Customer 2b
iBGP
RR 2001:db8::/64 1.1.4.0/24

xTR4
iBGP
Next-Hop: Customer 3a
2.2.2.1/32
2001:db8::1/128
iBGP 1.1.5.0/24

iBGP iBGP
iBGP Destination Next-Hop Next-Hop:
Remote-Next-Hop Tunnel Type
xTR1 2.2.2.7/32
Customer 1a 2001:db8::7/128
1.1.1.0/24 1.1.2.0/24 2.2.2.2 xTR7 2.2.2.2 GRE

1.1.3.0/24 2.2.2.3 1.10.3.3 GRE

Next-Hop: Next-Hop: Customer 3b
2.2.2.6/32 xTR6 1.10.3.3/32 2.2.2.3
2.2.2.5/32 1.1.6.0/24
2001:db8::6/128 2001:db8::5/128
1.1.4.0/24 2.2.2.4 2.2.2.4 VxLAN
Customer 1c
1.1.7.0/24 1.1.5.0/24 2.2.2.4

1.1.6.0/24 2.2.2.7 2001:db8::7 IP-in-IPv6

1.1.6.0/24 2.2.2.5 2001:db8::7 IP-in-IPv6

1.1.7.0/24 2.2.2.6 2001:db8::6 GRE 9

© 2012 Cisco and/or its affiliates. All rights reserved.
 Customer 2a
1.1.3.0/24
xTR3
Next-Hop:
Customer 1b
2.2.2.4/32
1.1.2.0/24 2001:db8::4/128

xTR2

Customer 2b
1.1.4.0/24

Normal IP Packet xTR4

Next-Hop: Customer 3a
2.2.2.1/32
er 1.1.5.0/24
Head
2001:db8::1/128
IP
er 3a
u stom
Packet to Custo et to C
Customer 1a xTR1 mer 3a Pack
IP Header
xTR7
1.1.1.0/24

Customer 3b
xTR6
1.1.6.0/24

Customer 1c
1.1.7.0/24
Router with Full BGP Table

© 2012 Cisco and/or its affiliates. All rights reserved. 10

 Customer 2a
1.1.3.0/24
xTR3
Next-Hop:
Next-Hop:
Customer 1b 2.2.2.3/32
2.2.2.4/32
1.1.2.0/24 2001:db8::3/128
2001:db8::4/128

Next-Hop: xTR2 IP Core

2.2.2.2/32
2001:db8::2/128 iBGP 2.2.2.0/24 Customer 2b
iBGP
RR 2001:db8::/64 1.1.4.0/24

xTR4
iBGP
Next-Hop: Customer 3a
2.2.2.1/32
2001:db8::1/128
iBGP 1.1.5.0/24

iBGP iBGP
iBGP Destination Next-Hop Next-Hop:
Remote-Next-Hop Tunnel Type
xTR1 2.2.2.7/32
Customer 1a 2001:db8::7/128
1.1.1.0/24 1.1.2.0/24 2.2.2.2 xTR7 2.2.2.2 GRE

1.1.3.0/24 2.2.2.3 1.10.3.3 GRE

Next-Hop: Next-Hop: Customer 3b
2.2.2.6/32 xTR6 1.10.3.3/32 2.2.2.3
2.2.2.5/32 1.1.6.0/24
2001:db8::6/128 2001:db8::5/128
1.1.4.0/24 2.2.2.4 2.2.2.4 VxLAN
Customer 1c
1.1.7.0/24 1.1.5.0/24 2.2.2.4

1.1.6.0/24 2.2.2.7 2001:db8::7 IP-in-IPv6

1.1.6.0/24 2.2.2.5 2001:db8::7 IP-in-IPv6

1.1.7.0/24 2.2.2.6 2001:db8::6 GRE 11

© 2012 Cisco and/or its affiliates. All rights reserved.
 Customer 2a
1.1.3.0/24
xTR3

Customer 1b
1.1.2.0/24
Tunnelled IP Packet – IPv4
xTR2
GRE Header

xTR to
Customer 2b

1
IPv4 1.1.4.0/24

xTR4
GRE
GRE

Next-Hop: Customer 3a
2.2.2.1/32
Core only needs routing information
Cus et to

2001:db8::1/128
1.1.5.0/24
t 1a

for tunnel endpoints

k
Pac

Customer 1a xTR1
xTR7
1.1.1.0/24

Customer 3b
xTR6
1.1.6.0/24

Customer 1c
1.1.7.0/24

© 2012 Cisco and/or its affiliates. All rights reserved. 12

 Customer 2a
1.1.3.0/24
xTR3
Next-Hop:
Next-Hop:
Customer 1b 2.2.2.3/32
2.2.2.4/32
1.1.2.0/24 2001:db8::3/128
2001:db8::4/128

Next-Hop: xTR2 IP Core

2.2.2.2/32
2001:db8::2/128 iBGP 2.2.2.0/24 Customer 2b
iBGP
RR 2001:db8::/64 1.1.4.0/24

xTR4
iBGP
Next-Hop: Customer 3a
2.2.2.1/32
2001:db8::1/128
iBGP 1.1.5.0/24

iBGP iBGP
iBGP Destination Next-Hop Next-Hop:
Remote-Next-Hop Tunnel Type
xTR1 2.2.2.7/32
Customer 1a 2001:db8::7/128
1.1.1.0/24 1.1.2.0/24 2.2.2.2 xTR7 2.2.2.2 GRE

1.1.3.0/24 2.2.2.3 1.10.3.3 GRE

Next-Hop: Next-Hop: Customer 3b
2.2.2.6/32 xTR6 1.10.3.3/32 2.2.2.3
2.2.2.5/32 1.1.6.0/24
2001:db8::6/128 2001:db8::5/128
1.1.4.0/24 2.2.2.4 2.2.2.4 VxLAN
Customer 1c
1.1.7.0/24 1.1.5.0/24 2.2.2.4

1.1.6.0/24 2.2.2.7 2001:db8::7 IP-in-IPv6

1.1.6.0/24 2.2.2.5 2001:db8::7 IP-in-IPv6

1.1.7.0/24 2.2.2.6 2001:db8::6 GRE 15

© 2012 Cisco and/or its affiliates. All rights reserved.
 Customer 2a
1.1.3.0/24
xTR3

Customer 1b
1.1.2.0/24
Tunnelled IP Packet – IPv4
xTR2
VxLAN Header
Customer 2b
1.1.4.0/24

to xTR4
IPv4
R4
VxLAN xT
Next-Hop: et to Customer 3a
2.2.2.1/32 Pack 2b
t 1.1.5.0/24
2001:db8::1/128 Cus

Customer 1a
1.1.1.0/24
xTR1
Core only needs routing information xTR7

for tunnel endpoints

Customer 3b
xTR6
1.1.6.0/24

Customer 1c
1.1.7.0/24

© 2012 Cisco and/or its affiliates. All rights reserved. 16

 Destination Next-Hop Remote-Next-Hop Tunnel Type
Customer 2a
1.1.3.0/241.1.2.0/24 2.2.2.2 2.2.2.2 GRE
xTR3
Next-Hop: 1.1.3.0/24 2.2.2.3 1.10.3.3 GRE
Next-Hop:
Customer 1b 2.2.2.3/32
1.10.3.3/32 2.2.2.3 2.2.2.4/32
1.1.2.0/24 2001:db8::3/128
2001:db8::4/128
1.1.4.0/24 2.2.2.4 2.2.2.4 VxLAN
Next-Hop: xTR2 IP Core
2.2.2.2/32 1.1.5.0/24 2.2.2.4
2001:db8::2/128 iBGP 2.2.2.0/24 Customer 2b
iBGP
RR 2001:db8::/64
1.1.6.0/24 2.2.2.7 2001:db8::7
1.1.4.0/24 IP-in-IPv6

1.1.6.0/24 2.2.2.5 2001:db8::7 IP-in-IPv6

xTR4
iBGP
1.1.7.0/24 2.2.2.6 2001:db8::6 GRE
Next-Hop: Customer 3a
2.2.2.1/32
2001:db8::1/128
iBGP 1.1.5.0/24

iBGP iBGP
iBGP Next-Hop:
xTR1 2.2.2.7/32
Customer 1a 2001:db8::7/128
xTR7
1.1.1.0/24

Next-Hop: Next-Hop: Customer 3b

2.2.2.6/32 xTR6 2.2.2.5/32
2001:db8::6/128
1.1.6.0/24
2001:db8::5/128

Customer 1c
1.1.7.0/24

© 2012 Cisco and/or its affiliates. All rights reserved. 17

 Customer 2a
1.1.3.0/24
xTR3

Customer 1b
1.1.2.0/24

xTR2

Customer 2b
1.1.4.0/24
Core only needs routing information
xTR4
for IPv6 tunnel endpoints and IPv4
Next-Hop: Customer 3a
2.2.2.1/32 BGP endpoints 1.1.5.0/24
2001:db8::1/128

Packet to IPv6 to
Cust 3b IPinIPv6
xTR1 xTR7
Customer 1a
xTR7
1.1.1.0/24

Customer 3b
xTR6
1.1.6.0/24
Tunnelled IP Packet –
Customer 1c
IP-in-IPv6 Header 1.1.7.0/24

© 2012 Cisco and/or its affiliates. All rights reserved. 18

 Destination Next-Hop Remote-Next-Hop Tunnel Type
Customer 2a
1.1.3.0/241.1.2.0/24 2.2.2.2 2.2.2.2 GRE
xTR3
Next-Hop: 1.1.3.0/24 2.2.2.3 1.10.3.3 GRE
Next-Hop:
Customer 1b 2.2.2.3/32
1.10.3.3/32 2.2.2.3 2.2.2.4/32
1.1.2.0/24 2001:db8::3/128
2001:db8::4/128
1.1.4.0/24 2.2.2.4 2.2.2.4 VxLAN
Next-Hop: xTR2 IP Core
2.2.2.2/32 1.1.5.0/24 2.2.2.4
2001:db8::2/128 iBGP 2.2.2.0/24 Customer 2b
iBGP
RR 2001:db8::/64
1.1.6.0/24 2.2.2.7 2001:db8::7
1.1.4.0/24 IP-in-IPv6

1.1.6.0/24 2.2.2.5 2001:db8::7 IP-in-IPv6

xTR4
iBGP
1.1.7.0/24 2.2.2.6 2001:db8::6 GRE
Next-Hop: Customer 3a
2.2.2.1/32
2001:db8::1/128
iBGP 1.1.5.0/24

iBGP iBGP
iBGP Next-Hop:
xTR1 2.2.2.7/32
Customer 1a 2001:db8::7/128
xTR7
1.1.1.0/24

Next-Hop: Next-Hop: Customer 3b

2.2.2.6/32 xTR6 2.2.2.5/32
2001:db8::6/128
1.1.6.0/24
2001:db8::5/128

Customer 1c
1.1.7.0/24

© 2012 Cisco and/or its affiliates. All rights reserved. 19

 Customer 2a
1.1.3.0/24
xTR3

Customer 1b
1.1.2.0/24

xTR2

Customer 2b
1.1.4.0/24
Core only needs routing information
xTR4
for IPv6 tunnel endpoints and IPv4
Next-Hop: Customer 3a
2.2.2.1/32 BGP endpoints 1.1.5.0/24
2001:db8::1/128

Customer 1a xTR1
xTR7
1.1.1.0/24

Customer 3b
xTR6
1.1.6.0/24
Tunnelled IP Packet – IPv4 in
Customer 1c
IPv6 Header 1.1.7.0/24

© 2012 Cisco and/or its affiliates. All rights reserved. 20

• BGP based Dynamic Tunnelling is allows a single IP based
control base
• High scalability due to proven BGP technology

• Fast Convergence due to proven BGP and IGP tuning technology

• Network core devices enjoy reduction in the size of the BGP table

• BGP based Dynamic Tunnelling allows virtualisation based upon

IP technology
• IPv4 and IPv6 agnostic

• Incremental implementation is supported

• BGP based Security is supported and scalable

© 2012 Cisco and/or its affiliates. All rights reserved. 21

© 2012 Cisco and/or its affiliates. All rights reserved. 22