CCIE Ep.15 0p3nSent.bgp-4_Do0r179
H i there! here again. Rafael in this side talking about CCIE EI exam topics. For today, Welcome to the inter-domain routing with Border gateway protocol [the famous BGP].
Make sure you’re sitting comfortably, and have a cup of Tea, Coffee or Water close!
First of all, let’s get what does BGP is. Take a look at definition by RFC4271.
The Border Gateway Protocol (BGP) is an inter-Autonomous System
routing protocol.
The primary function of a BGP speaking system is to exchange network
reachability information with other BGP systems. This network
reachability information includes information on the list of
Autonomous Systems (ASes) that reachability information traverses.
This information is sufficient for constructing a graph of AS
connectivity for this reachability, from which routing loops may be
pruned and, at the AS level, some policy decisions may be enforced.
BGP-4 provides a set of mechanisms for supporting Classless Inter-
Domain Routing (CIDR) [RFC1518, RFC1519]. These mechanisms include
support for advertising a set of destinations as an IP prefix and
eliminating the concept of network "class" within BGP. BGP-4 also
introduces mechanisms that allow aggregation of routes, including
aggregation of AS paths.
Routing information exchanged via BGP supports only the destination-
based forwarding paradigm, which assumes that a router forwards a
packet based solely on the destination address carried in the IP
header of the packet. This, in turn, reflects the set of policy
decisions that can (and cannot) be enforced using BGP. BGP can
support only those policies conforming to the destination-based
forwarding paradigm.
Look formal documentation by yourself:
Basics and commonly used terms
BGP is a path vector (Route decision based on AS), which uses TCP 179 as transport protocol. Rather IGP, uses unicast packet to set up neighborship (peering) and no must be directly connected.
BGP was born to support high scalability and be multi-protocol (shorty lastly). What means it support many address families: IPv4/IPv6 unicast, IPv4/IPv6 Multicast, VPNv4/VPNv6, L2VPN VPLS/VPWS, L2VPM EVPN.
Autonomous System (AS)
In general, is a set of routes under a single network Administration such as an organization. Within each AS routes as exchange with IGPs or route statically configured.
IGP
Internal Gateway Protocol. Routing protocols used to exchange route within a single Autonomous system.
by default IP TTL 255 and not change next-hop attribute
EGP
External gateway Protocol. Some decades ago EGP as the BGP precessor [RFC904]. Now EGP just classify Route application that exchanges NRLI among ASs.
by default TTL is 1 and not change next-hop attribute. Possible solution, change TTL value with “ebgp multihop” command or use “disable connect-check” command. Route-map can be used to set ip next hop self.
NRLI
Network Layer Reachability Information. Basacilly Network Prefix and Length (exemplo 198.18.0.0/15).
RIB
Routing information Base. This is Routing table.
EBGP
External BGP ( BGP session between external peers).
IBGP
Internal BGP ( BGP session between internal peers (same ASN)).
BGP TABLES
Adj-RIB-In [storage]
The Adj-RIB-IN has unprocessed routing information receiver from BGP Peers. In other hands, routes learned from UPDATE message.
Adj-rib-in is not set by default. Must be configured using command
neighbor x.x.x.x soft-reconfiguration inbound
Show ip bgp neighbor x.x.x.x received-routes
Loc-RIB [storage]
The loc-Rib have route that have been selected by local router BGP route decision. The next hop for each route must be reachable via Routing table. show ip bgp
“The next hop for each route must be reachable via Routing table” means that way BGP uses to check route feasibility condition. Got it? It’s one of the most import BGP concepts.
Adj-RIB-Out [storage]
The Adj-RIB-Out has the route information selected to advertisement to specific peers (Update messages). Keep in mind, only routes that local router uses itself [> Best] and outbound filtering.
Show ip bgp neighbor advertised-routes
Not all BGP implementation will or must support all maintain three separate copies of the routing information.
Although the conceptual model distinguishes between Adj-RIBs-In,
Loc-RIB, and Adj-RIBs-Out, this neither implies nor requires that an
implementation must maintain three separate copies of the routing
information. The choice of implementation (for example, 3 copies of
the information vs 1 copy with pointers) is not constrained by the
protocol.
BGP Messages
Before two routers become peers, both router must establish TCP Connection. This means, BGp uses all benefits of confiability provided by TCP including sequence, scaling windows, error handling, fragmentation, acknowlegdment and more.
1 — Open
2 — UPDATE
3 — NOTIFICATION
4 — KEEPALIVE
OPEN message
After a TCP connection is up, the open message is the first message change between peers.
Version:
Current version is BGP 4
Autonomous System:
inform Autonomous system number
Hold time:
Proposal of hold time in seconds. The smallest hold time configured between two peers is used. By default hold time is 180sec and 60sec for keeplive.
BGP Identifier:
Same idea of router identifier [RID] on IGPs.
Optional Parameters Length:
With field is zero, no Optional Parameters are present.
Optional parameters:
Field contains list of optional parameters.
UPDATE message
used to exchange NRLI (routes) and remove NRLI (withdraw) between BGP peers. Also, path attribute associated to each NRLI. Well known mandatory include ORIGIN, AS_PATH, NEXT_HOP and LOCAL_PREF (others path attribute could be send within update message).
keeplive message
Keeplive is used to validates bgp peers are reachable.
Notification message
Notification message is sent when an error occur. The BGP session is closed immediately after it is sent.
Errors cloud be detected during all stages of Finite state machine.
SESSION ESTABLISHMENT STATE
IDLE
Refuse all incoming BGP connection for the peers. No resources are allocated.
CONNECT
Waiting for TCP connection to be establish.
ACTIVE
If something went wrong during TCP connection, in active state, another TCP connection are trying.
OPEN SENT
Waints for OPEN messagem from its peer.
OPEN CONFIRM
Waints for keeplinve or notification messages
ESTABLISHED
BGP peer are converged and UPDATE, NOTIFICATION and KEEPLIVE MESSAGENS could be exchange between peers.1
PATH ATTRIBUTE USAGE
Path attributes as used during bgp route decision. BGP attribute always are exchange between peers in Update messages (Except in Update message that contains only withdraw routes).
Path attributes are break into tow categories, well-kown or Optional:
- Well-kown mandatory
All BGP implementation must recognize all well-known attributes. - Well-Kown Discretionary
May be present or not in update message. - Optional transitive
It is not required that all BGP implementation support all optional attribute. Option transitive path attributes travel among ASs ( propagated to other routers). - Optional non-transitive
in other hand, Option non-transitive path attributes don’t travel among ASs (Not propagated to other routers.
ORIGIN — Defines the origin of the the path information:
IGP (i): NRLI learned via Interior routing protocol (network command).
EGP (e): NRLI learned via legacy EGP protocol.
INCOMPLETE (?): NRLI learned by some others ways (redistribution).
AS_PATH — Composed of a sequence of AS PATH segments.
AS_SET: unordered set of ASes a route in the update message has traversed.
AS_SEQUENCE: Ordered set of ASes a route in the update message has traversed.
NEXT_HOP — Defines ip address of the router that should be used as next hop to the destination NRLI:
- When sending to internal peer,if the route is not locally originated, this attribute is not modify (by default).
- When sending to external peer, router used IP of adjacent router (received in next_hop attribute).
Recursive route lookup may occur to select best route in route table to reach IP of next-hop.
LOCAL_PREF — BGP speaker uses it to inform other internal peers of preference of external received route by locally configured policy. The highest preference must be preferred. Not exchange between eBGP. Internal routers prefer routes with high LP value (Inside AS, external routes have LP equal 100 by default).
ATOMIC_AGGRAGATE — Used for aggregate several routes in the advertised. Normally includes an AS_SET (unordered set of AS that NRLI was generated).
AGGREGATOR — Same means of ATOMIC_AGGREGATOR, but contain its own AS number.
COMMUNITY — Route tagging and filtering
MULT_EXIST_DESC [MED] — Informs external bgp peers the preferred path into an AS. Used to tell another AS to prefer one of the links for specific destinations.
PATH/ROUTE SELECTION
BGP walktrough attributes to choose best path received from multiple paths, but it’s may vary between vendor and platforms. For example, Weight it isn’t attribute because not include with update message but is used on Cisco implementation for local meaning in the router.
Great cisco’s article that’s describe “how the best path algorithm works” Checkout:
ROUTE REFLESH
Route refresh is a way to request dynamic NRLI re-advertised from BGP peer adj-RIB-out.
HARD RESET
Flap TCP connection is need and a new TCP session set up.
clear ip bgp neighbor
neighbor shutdown / no neighbor shutdown
SOFT RESET
Flap TCP connection is not need and can be apply for inbound or outbound direction. But, additional memory is required by Soft-reconfiguration inbound (adj-RIB-IN).
clear ip bgp * soft out
clear ip bgp * soft in
ROUTE REFRESH CAPABILITY FOR BGP-4[RFC2918]
Same way of soft reset but capability must be support for both bgp peers. No additional memory is need.
clear ip bgp * soft
show ip bgp neighgor | begin capabilities
BGP FILTER
Be carefully to understanding tools like distribute list, route-map and prefix list.
Actually, knowing hot to apply policies in PBR and internal route protocols You wont have problem to apply in BGP. That can be applied in inbout or ouboun direction and for specific neighbor or for peergroup.
iBGP vs. eBGP
Fist of all, if Your native language is portuguese like me, pay attention. For english speaker, ibgp sounds like ‘AI bgp’ and eBGP sounds like ‘I bgp’ for us.
IBGP — internal BGP
- BGP peers has the same AS;
- Split horizon, Route learned from one ibgp peer is not shared with other ibgp peer;
- Router might prefers external routes over internal routes;
- Doesn’t use multicast or neighbor discovery (uniscat);
- Normally use loopback interface as the source (update-source loopback <loopback id>)
- In route table, there is not interface associated to destionation route. Router use recursive routing loopback to identify outboud interface;
- Doesn’t change NEXT_HOP attribute fo NRLI learned from EBGP session to IBGP session. This can be change using route-map or next-hop-self to change attribule value.
EBGP — external BGP
- Router must be within the same Subnet. In other words, direct connection (l2+ip) or use EBGP multihop. For Ebgp multihop, underlay still necessary (IGP protocol or static route);
- Doesn’t use multicast or neighbor discovery (uniscat);
- In route table, there is not interface associated to destionation route. Router use recursive routing loopback to identify outboud interface.
- NRLI learning from IBGP and EBGP peers are shared with others EBGP sessions. NEXT_HOP attribute is changed to it’s interface’s IP used with its peer.
