BGP ( Border Gateway Protocols )

● Border Gateway Protocol (BGP) is an interdomain

routing protocol designed to provide Loop-free
routing between separate routing domains that
contain independent routing policies.

● BGP version 4 includes multiprotocol extensions to

allow BGP to carry routing information for IP
multicast routes and multiple Layer 3 protocol
address families including (IPv4),(IPv6),(VPNv4)
 Continues..
● Border Gateway Protocol routing information is usually
exchanged between competing business entities
i.e (Internet Service Providers) ISP's
● BGP is thus very security-focused (for example, all
adjacent routers have to be configured manually).
● BGP also considered as path vector which allows BGP
to use many attributes for route selection as per
requirement.
● BGP also uses feature like Confederation and route-
reflector which helps bgp to make it more scalable
 We have 2 types of BGP
● IBGP ( Interior Border Gatway Protocols)
● When the peering is in between single
autonomous system.

● EBGP ( Exterior Border Gateway Protocols )

● When the peering is in between different
autonomous system.
 Why BGP known as Path Vector Protocols
BGP has many path selection attributes :
● Next-Hop
● Highest Weight ( vendor specific )
● Weight is considered to manupulate the
outgoing traffic out to the network.
● Default value is 32768
● Highest Local-Preference
● Local Preference is also the attribute to
manupute the outgoing traffic. We cannot
manupulte the incoming traffic from this.
Highest Weight
Highest Local Prefrence
 Continued..
● Lowest AS-path list
● When packets leaves any AS, its AS number
added in the AS path list and remains there to
avoid loop in the netwrok.
● The packet will be dropped if receivng AS will
find its own AS in the AS path list.
● Lowest Origin ( i > E > ? )
● Routes learned from an (IGP) have a lower
origin code than those learned from an (EGP),
and both have lower origin codes than
incomplete routes (routes whose origin is
unknown)
Shortest AS-PATH
 Continued..
● Lowest MED
● Multi Exit Discriminator is attibute which helps to
manupulate incoming traffic. MED usually work
when traffic comes from same AS.
● Traffic with lower MED will be selected.
● EBGP over IBGP
● If router receive same prefix from an Ebgp and its
Ibgp peer.
● It will select the Ebgp prefix as per the criteria.
●
Shortest MED
 Continued..
● Lowest RR cluster list :
● Shortest length cluster list is preferred. Routes
without a cluster list are considered to have a
cluster list length of 0.
● Lowest Router-ID :
● The router ID is evaluated. The route from the peer
with the lowest router ID is preferred (usually the
loopback address).
● Lowest Peer Address :
● The peer address value is examined. The peer with
the lowest peer IP address is preferred
 New Is Better is the LAST Criteria

When all the Criteria are same even Peer Address.

At the end route will be selected have less age time

Path Selection
 How 2 routers become BGP Neighbor

BGP considered as reliable protocols because it uses

TCP three way handshake before starting the
neighborship.
● BGP uses TCP port no. 179 to initiate the session
● One the TCP session is UP
● BGP sends 19 byte keepalive in every 60 second.
● Holddown time is 3xkeepalive – 180 second.
● BGP uses FSM method to become Neighbor
 BGP states
● IDLE
● CONNECT
● ACTIVE
● OPEN SEND
● OPEN CONFIRM
● ESTABLISHED
 IDLE state :

● Refuse all incoming BGP connections

● Start the initialization once configured.
● Initiates a TCP connection.
● Listens for a TCP connection from its peer.
● Changes its state to Connect
 CONNECT state
● Waits for successful TCP negotiation with peer
● BGP does not spend much time in this state if the
TCP session has been successfully established.
● Sends Open message to peer and changes state
to OpenSent.
● If TCP session is not successful then it will move
to ACTIVE state.
 ACTIVE State
● If the router was unable to establish a successful TCP
session, then it ends up in the Active state.
● BGP FSM tries to restart another TCP session with the peer
and, if successful, then it sends an Open message to the
peer. This is known as ACTIVE-Retry-TIMER
● If it is unsuccessful again, the FSM is reset to the Idle state.
● Repeated failures may result in a router cycling between the
Idle and Active states. Some of the reasons for this include:
● TCP port 179 is not open.
● BGP configuration error.
● Network congestion.
 OPEN SENT state
● BGP FSM listens for an Open message from its
peer once send.
● Once the message has been received, the router
checks the validity of the Open message.
● It check for Version, AS number, BGP ID , MD5
authentication if configured.
● If any error occured then router will send a
Notification message to the peer indicating why the
error occurred.
 OPEN CONFIRM state
● The peer is listening for a Keepalive message
from its peer.
● If a Keepalive message is received and no
timer has expired before reception of the
Keepalive, BGP transitions to the Established
state.
● If a timer expires before a Keepalive message
is received, or if an error condition occurs, the
router transitions back to the IDLE state.
 Established states

● In this state, the peers send Update messages to

exchange information about each route being
advertised to the BGP peer.
● If there is any error in the Update message then
a Notification message is sent to the peer, and
BGP transitions back to the IDLE state.
● If a timer expires before a Keepalive message is
received, or if an error condition occurs, the router
transitions back to the IDLE state.
BGP uses FSM( Finite State Machine)

● .
 BGP common header
● .
 Continues..
● Marker :
● Use to detect the loss of synchronizaiton and use
to check the authentication if configured
● Length :
● Indicates total length of the message
● Type :
● Tells the message type receive by router
● Variable :
● Length variable from 19 ( keepalive ) - 4096 (
Including headers )
 BGP Message type
OPEN message :

● Version : Current version is BGPv4

● AS number : AS number of the Sender
● Holddown time: 180 sec , bydefault
● BGP ID : Router ID of Originator | Heighest IP
● Optional Parameter Length : Lenght of fields
● Optional parameter: List of paramenter , usually we
have lots of optional parameters from which
capablities are compared.
 UPDATE MESSAGE
UPDATE message :
● Unfeasible routes Length : Tells total length of
withdrawn routes in octet. 0 value indicates NO
routes withdrawn.
● Withdrawn routes : List of IP’s Withdrawn.
● Total Path Attributes : Indicates list of attributes
associated with NLRI’s
● Path attributes : Attributes associated with NLRI
● NLRI : IP prefix that can be reached via this path
using this associated prefix.
UPDATE message with Withdrawn routes
UPDATE message with NLRI capability and Path attributes
 KEEPALIVE MESSAGE
● It is not TCP based
● This is mechanism only to find the peer
availability.
● It is always 3xkeepalive = 180 Holddown
● Minimum could be 1 sec = 3sec holddown
● If holddown is zero then, NO keepalive would be
send.
● Minimum 19 byte ( keepalive )
● Maximum 4096 byte (headers)
KEEPALIVE message
 NOTIFICATION message
● When neighborship is UP and running and if
any changes made , miss keepalive ,
congestion problem etc makes the BGP to
notify the other Peer.
● Once any peer will receive an notification, BGP
connection is closed immediately.
● Notification contains Error Code , Sub Code
and Data.
Change RID as 3.3.3.3 on both side and reset the connection
NOTIFICATION messages from both the peers
 REFRESH message

● New message type generate as per RFC:2918

● Previously we need to configure manually this
routes refresh capabilities.
● Now after random period of time, It will refresh its
all capabilities ( prefix and NLRI’s)
● It allows dynamic exchange of routes between the
BGP peers.
ROUTE-REFRESH message
BGP TOPOLOGY and DISCUSSION