BGP

1. BGP Protocol

  • RFC 4271
  • classless
  • path vector – uses attributes to identify the best path (very slow)
  • supports VLSM and Summarization
  • it’s an application(layer 7) that uses TCP port 179
  • uses AS numbers as boundaries
    • Public AS (1-64511) –  Only public autonomous system numbers should be sent to eBGP neighbors on the Internet
    • Private AS (64512-65535)
//use this command to  to remove private AS numbers from the AS-Path attribute; is available only for eBGP neighbors.
neighbor {ip-address | peer-group-name} remove-private-as [all
[replace-as]]

2. BGP Messages

After the TCP connection is established the following messages are exchanged:

1) Open – an open message is sent to initiate the BGP connection, if the message is accepted the next message wil be a Keepalive. The Open message contains:

  • Version – the highest BGP version (8bits) that both routers support will be used.
  • AS – 16-bit field that indicates the sender’s autonomous system number.
  • Hold Time – 180 seconds by default
  • BGP router identifier (router ID) – it is chosen the same way an OSPF Router ID is chosen.
  • Optional parameters – ex. authentication, Route Refresh

2) Keepalive – 60 seconds by default

3) Update – has information on one path only; multiple paths require multiple messages. An update might contain:

  • Withdrawn routes – A list of IP address prefixes for routes that are being withdrawn from service, if any.
  • Path attributes – The AS-path, origin, local preference, and so forth, as discussed in the “BGP Attributes” section. Each path attribute includes the attribute type, attribute length, and attribute value (TLV).
  • Network layer reachability information (NLRI) – A list of networks (IP address prefixes and their prefix lengths) that can be reached by this path.

4) Notification – A BGP router sends a notification message when it detects an error condition and the BGP session is shut down.

3. BGP Attributes

Update messages can contain NLRI, which is a list of one or more networks (IP address prefixes and their prefix lengths), and path attributes. BGP uses the path attributes to determine the best path to the networks advertised by NLRI.

1) Well-known attributes – all BGP implementations must recognize and propagate these attributes to BGP neighbors.

1.1) Well-known mandatory – A well-known mandatory attribute must appear in all BGP update messages.

  • AS-path – list of autonomous system numbers that a route has traversed to reach a destination.
  • Next-hop – indicates the next hop IP address that is to be used to reach a destination.
  • Origin Code – defines the origin of the path information. Origin Code value can be IGP(i), EGP(E), Incomplete(?) when using redistribution.

1.2) Well-known discretionary – does not have to be present in all BGP update messages.

  • Local preference – indicates to routers in the autonomous system which path is preferred to exit the autonomous system; only for IBGP neighbors, not for EBGP; the higher local preference is preferred (100 by default).
  • Atomic aggregate – Informs the neighbor autonomous system that the originating router has aggregated the routes.

2) Optional Attributes – BGP routers that implement an optional attribute might propagate it to other BGP neighbors, depending on its meaning.

2.1) Optional transitive – BGP routers that do not implement an optional transitive attribute should pass it to other BGP routers untouched and mark the attribute as partial.

  • Aggregator – . Specifies the BGP router ID and autonomous system number of the router that performed the route aggregation.
  • Community – Allows routers to tag routes.

2.2) Optional nontransitive – BGP routers that do not implement an optional nontransitive attribute must delete the attribute.

  • MED – also called metric, is exchanged between autonomous systems and indicates to external neighbors the preferred path into an autonomous system. A lower value is preferred.

3) Weight – is configured locally on a router and is not propagated to any other BGP routers. Higher is preferred.

4. BGP Adjacency

  • It is done manually.
  • It uses TCP port 179.
  • The smallest router ID becomes the client.
  • Routers don’t have to be directly connected.
  • There are two neighbor types: external BGP (EBGP), internal BGP (IBGP).

5. BGP Tables

  • Neighbor table – information about the connected BGP peers
show ip bgp neighbors
  • BGP table – a list of all BGP routes, can be big.
#show ip bgp
#show ip bgp summary
  • Routing table – a list of the BEST routes.
#show ip route bgp

6. BGP implementation styles

  1. Default route only – Instead of receiving the entire Internet routing table from the neighbors, we receive a 0.0.0.0  (default route) from them or we manually configure a default route on our company router.
  2. Partial updates – either the ISP sends only specific updates, or we filter the updates so that we receive and store in the BGP table only the routes we want.
  3. Full updates – you will receive the entire Internet routing table(routes from BGP table) from your ISP. If you have multiple ISPs each will send you its routes from the BGP table. The best paths will be stored in RIB and all the paths will be stored in the BGP table(all the routes can be 100+MB).

7. EBGP Rules

  1. Messages sent between 2 BGP routers have TTL=1, so they must be directly connected.
  2. The local AS number is inserted into the AS-PATH when sending updates.
  3. When receiving updates the AS-PATH is verified to not contain the local AS.(loop prevention)
  4. The next hop attribute is automatically set to the Source IP of the router sending the update.

8. IBGP Rules

  1. Messages have TTL=255 so they don’t have to be directly connected.
  2. IP Address prefixes learned from one IBGP are not sent to another IBGP (loop prevention).  Thus, each iBGP router needs to send routes to all the other iBGP neighbors in the same autonomous system (so that they all have a complete picture of the routes sent to the autonomous system). Because they cannot use broadcast or multicast, an iBGP neighbor relationship must be configured between each pair of routers (Full Mesh). Besides Full Mesh you can also use Route ReflectorsConfederations or Redistribution of BGP into IGP(not recommended because of the potential BGP table size) against routing loops.
  3. The next hop attribute does not automatically change.(only manually)

9.  BGP Neighbor States

  • Idle: The router is searching the routing table to see whether a route exists to reach
    the neighbor.
  • Connect: The router found a route to the neighbor and has completed the three-way TCP handshake.
  • Open sent: An open message was sent, with the parameters for the BGP session.
  • Open confirm: The router received agreement on the parameters for establishing a
    session. Alternatively, the router goes into the active state if there is no response to the open message.
  • Established: Peering is established and routing begins.
//troubleshoot bgp session establishment
debug ip bgp ipv4 unicast

10. BGP Path Selection

The Path Selection process will install the best route to a specific network in the RIB Table, the other routes are kept in the BGP Table. Before the Path Selection process is executed the following conditions must be met:

  • The next-hop from the NLRI must exist in the RIB
  • The AS-PATH must not contain the local AS
  • The first AS from the AS-PATH must be the neighbors AS

Once these conditions are met the Path Selection process can be executed. The following process summarizes how BGP chooses the best route on a Cisco router:

1) Weight –  prefer the route with the highest local weight.

2) Local Preference –  prefer the route with the highest local preference.

3) Locally Originated –  prefer the route that was originated by the local router via network, aggregate, redistribute. (A locally originated route has a next hop of 0.0.0.0 in the BGP table.)

4) AS-PATH –  prefer the route with the shortest AS-path.

5) Origin Code –  prefer the lowest-origin code (IGP < EGP < incomplete).

6) MED –  prefer the path with the lowest MED. This comparison only occurs if the first (the neighboring) AS is the same in the two paths.

7) Neighbor Type –  prefer external paths (eBGP) over internal paths (iBGP).

8) IGP metric to Next-Hop – prefer the path with the lowest IGP metric to the BGP next hop.

9) Oldest route – prefer the path that was received first (the oldest one).

10) Lowest router ID –  prefer the route with the lowest neighbor BGP router ID value.

11) Shortest Cluster List – prefer the path with the shortest cluster list length. The length is 0 for no list.

12) Lowest neighbor IP address –  prefer the route with the lowest neighbor IP address.

BGP Multipath allows installation into the RIB of multiple BGP paths to the same destination. These paths are installed in the table together with the best path for load sharing. The default value, when multipath is disabled, is 1.

//activate BGP multipath
eBGP Multipath
#maximum-paths n
iBGP Multipath
#maximum-paths ibgp n

11. Advertising Networks into BGP

a) Network Command

  • the network network-number [mask network-mask] router configuration command to inject routes that are present in the IPv4 routing table into the BGP table so that they can be advertised in BGP.
  • the command should match the information in RIB
  • routes can be learned from any routing protocol
  • will generate Origin: IGP(i)

b) Redistribute Command

  • will automatically redistribute routes learned from other routing protocols into BGP
  • will copy the metric from the IGP into MED
  • by default it does not redistribute OSPF External routes
  • will generate Origin: Incomplete(?)

12. Summarization

a) Auto-Summary

In Cisco IOS Release 12.2(8)T, the default behavior of the auto-summary
command was changed to disabled.

For example, if an ISP assigns a network of 209.165.200.224/27 to an autonomous system, and that autonomous system then uses the redistribute connected command to introduce this network into BGP, BGP announces that the autonomous system
owns 209.165.200.0/24 if the auto-summary command is on.

b) Network command

When using the network network-number [mask network-mask] command remember that the prefix must exactly match [both address and mask] an entry in the RIB table for the network to be advertised.

c) Aggregate-address command

The aggregate-address command aggregates only networks that are already in the
BGP table.

13. BGP Examples

Update-Source command

When using loopback interfaces to establish BGP connections you need to modify the source address of the routing updates.

R(config)# router bgp 6000
R(config-router)# neighbor 1.1.1.1 remote-as 6000
R(config-router)# neighbor 1.1.1.1 update-source loopback 10

Ebgp-Multihop command

In case you want to establish an EBGP connection between loopback interfaces, by default it will fail because the routers must be directly connected (TTL=1), so we need to change the TTL with the following command:

R(config)# router bgp 6000
R(config-router)# neighbor 1.1.1.1 ebgp-multihop 5
//the TTL will be set to 5

Default route

In case you have BGP prefixes in the BGP table (on router R3) with a Next-Hop address that cannot be reached you can try one of the following methods:

Capture

//create a static default route on R3
R3(config)# ip route 0.0.0.0 0.0.0.0 200.0.0.1

//generate a default route from R2 to R3
R2(config-router)# neighbor 200.0.0.2 default-originate

//modificarea next-hop cu comanda next-hop-self
R2(config-router)# neighbor 200.0.0.2 next-hop-self

//folosirea unui route-map pentru schimbarea next-hop
R3(config)# route-map CHANGE_NH permit 10
R3(config-route-map)# set ip next-hop 200.0.0.1
R3(config)# router bgp 200
R3(config-router)# neighbor 200.0.0.1 route-map CHANGE_NH in

Network command

The network command helps advertise networks into BGP and is also used for summarization. It does not help form adjacencies like in other IGP routing protocols. The adjacency is formed with the neighbor command.

//use the network command to advertise routers into BGP
R3(config)# router bgp 200
R3(config-router)# network 10.0.1.0 mask 255.255.255.0
R3(config-router)# network 10.0.2.0 mask 255.255.255.0

//use the network command to summarize
R3(config)# router bgp 200
R3(config-router)# network 10.0.0.0 mask 255.255.252.0

Redistribute command

The redistribute command helps advertise IGP, static, connected routes into BGP.

//this redistributes the connected routes that match the REDISTRIBUTE route-map
R3(config-router)# redistribute connected route-map REDISTRIBUTE

Change Weight

We can use the Weight attribute to prioritize one next hop in favor of another. Weight is configured locally and the higher value is preferred.

//configure the weight value to prioritize one neighbor
R(config)# router bgp 4444
R(config-router)# neighbor 1.1.1.1 weight 1000

//configure a route-map
R(config)# route-map CHANGE_WEIGHT permit 10
R(config-route-map)# set weight 1000
R(config)# router bgp 4444
R(config-router)# neighbor 1.1.1.1 route-map CHANGE_WEIGHT in

Change Local preference

The Local Preference attribute is sent to IBGP neighbors, so modifying this attribute will affect the route priority on all IBGP neighbors. A higher value is preferred.

//the local preference can be set only through a route-map
R(config)# route-map CHANGE_LOCAL permit 10
R(config-route-map)# set local-preference 300
R(config)# router bgp 4444
R(config-router)# neighbor 1.1.1.1 route-map CHANGE_LOCAL in

AS-Path Prepend

AS Prepend is configured on the Outbound and will influence the inbound traffic.

//the local preference can be set only through a route-map
R(config)# route-map AS_PREP permit 10
R(config-route-map)# set as-path prepend 4444 4444
R(config)# router bgp 4444
R(config-router)# neighbor 1.1.1.1 route-map AS_PREP out

Aggregate-address command

You can summarize using the aggregate-address command. By default the router will send both the aggregate route and the more specific routes.

//configure summarization with aggregate-address
R(config-route-map)# aggregate-address 10.0.0.0 255.255.252.0
//send only the aggregate route and not the specific routes
R(config-route-map)# aggregate-address 10.0.0.0 255.255.252.0 summaru-only

MP-BGP config

MP-BGP allows us to exchange both IPv4 and IPv6 routes over an IPv4 session:

R(config)# router bgp 65001 
R(config-router)# neighbor 10.0.0.1 remote-as 65002
R(config-router)# address-family ipv4
R(config-router-af)#network 172.10.10.0 mask 255.255.255.0 
R(config-router)# address-family ipv6
R(config-router-af)#neighbor 10.0.0.1 activate 
R(config-router-af)#network 2101::/64
R(config-router-af)#network 2102::/64

The IPv6 BGP table shows that the next-hop address is an IPv6 address derived from the IPv4 next-hop address (image below). This next-hop address is not reachable so we need to change it.

Capture

R(config)# route-map CHANGE_NH permit 10
R(config-route-map)# set ipv6 next-hop 1000::1
R(config)# router bgp 65001
R(config-router)# address-family ipv6
R(config-router)# neighbor 10.0.0.1 route-map CHANGE_NH out

IPv6 and IPv4 routes over an IPv6 session:

R(config)#router bgp 65001
R(config-router)#bgp router-id 1.1.1.1
R(config-router)#neighbor 1000::1 remote-as 65002 
R(config-router)#address-family ipv4
R(config-router-af)#neighbor 1000::1 activate 
R(config-router-af)#network 172.10.10.0 mask 255.255.255.0
R(config-router)#address-family ipv6
R(config-router-af)#neighbor 1000::1 activate 
R(config-router-af)#network 2101::1::/64
R(config-router-af)#network 2102::1::/64

This time the IPv4 next-hop is set wrong so we need to create a route-map to change it.

asd

The IPv4 session is automatically activated when we try to transport IPv6 routes, so if we want to disable it we can use the following command:

no bgp default ipv4-unicast
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s