IEG 3090 Tutorial 3 Border Gateway Protocol - PowerPoint PPT Presentation

1 / 49

About This Presentation

Title:

IEG 3090 Tutorial 3 Border Gateway Protocol

Description:

Policy-based Inter-domain routing Protocol ... Keep-alive messages are sent periodically to ensure the liveliness of the connection ... – PowerPoint PPT presentation

Number of Views:165

Avg rating:3.0/5.0

Slides: 50

Provided by: FEL28

Category:

more less

Transcript and Presenter's Notes

Title: IEG 3090 Tutorial 3 Border Gateway Protocol

1
IEG 3090 Tutorial 3Border Gateway Protocol

Fong Chi Hang, Bosco

2
Outline

Introduction to BGP
BGP Attributes in Update Message
Routing Filtering
eBGP vs iBGP
More in iBGP

3
Introduction to BGP

Policy-based Inter-domain routing Protocol
All the networks on the same AS would share the
same set of routing policy

4
Goal of BGP

Find loop-free paths that
Support routing policy established as part of
peering relationship
Support traffic engineering to minimize
(monetary) cost
Optimizing performance is only another goal (not
the only goal as in Intra-domain routing)

5
Distribution of routing information

Distance vector based protocol
BGP router advertises its best route to each
neighbor.
Advertisements are only sent when their routes
change.

6
Contrast with other routing protocols

RIP's distribution is based on UDP datagrams, so
periodically you need to exchange information (a
form of "soft state").
BGP's distribution is based on a TCP connection -
no need to refresh.
OSPF uses its own transport to do in-sequence and
intelligent flooding (which neither UDP or TCP
supports).

7
Four Types of messages

Update Exchange route information
Network prefix
Announcements or withdrawals
Route-associated BGP attributes.
Open - establish the BGP sessions.
Notification
Indicate an error during the BGP session.
The TCP connection will be closed immediately
afterwards.
Keepalive To confirm the connection is still
active

8
Summary of Operation

Neighboring BGP speakers exchange messages to
open and confirm the connection parameters (TCP
port 179)
Then exchange the entire BGP routing table
Incremental updates are sent as the routing
tables change (note routes do not timeout, but
can be withdrawn)
Keep-alive messages are sent periodically to
ensure the liveliness of the connection
Notification messages are sent in response to
errors, and to close the connection

9
How routes are advertised?
AS1
AS3
AS2
R2 receives newroutes from R1
R3 sends any updates to R4
R4
R1
R2
R3
Similar to R2, R3 also determines whether to add
the route
R2 propagates thenew route to ALL IBGP peers
R2 adds the new route to its routing table if
there is no route to that prefix or the new route
is more preferable.

Remark
Only routes learned via EBGP will
beredistributed to IGP
Routes learned via IBGP will only besent to EBGP
peers (This is why IBGPpeers must be
FULLY-MESHED)

10
BGP Route Processing
Open ended programming. Constrain
ed only by vendor configuration language
Apply Policy filter routes tweak attributes
Apply Policy filter routes tweak attributes
Receive BGP Updates
Best Routes
Transmit BGP Updates
Based on Attribute Values
Best Route Selection
Apply Import Policies
Best Route Table
Apply Export Policies
Install forwarding Entries for best Routes.
IP Forwarding Table
11
Filter Routes Tweak Attributes

For inbound traffic
Filter outbound routes to avoid traffic.
Tweak attributes on outbound routes to influence
your neighbors best route selection.
For outbound traffic
Filter inbound routes to check correctness and
special services
Tweak attributes on inbound routes to influence
best route selection

outbound routes
inbound traffic
inbound routes
outbound traffic
In general, an AS has more control over outbound
traffic
12
BGP Attributes

Each prefix advertised together with its
associated attributes
BGP router may change the attributes before
re-advertising the prefix to other peers
If there are more than 1 route to the same
prefix, the attributes are used find out which
route is used.

13
BGP Attributes

Attributes commonly used for comparing different
routes
LOCAL_PREF
Used on multiple routes learnt from different AS
AS-PATH
Stores the sequence of AS that the route has gone
through
Used to prevent routing loop
Multi-Exit-Discriminator (MED)
Used on multiple links between a single pair of
AS

14
BGP Attributes

Other important attributes
COMMUNITY
An id used to tell neighbor AS how to set local
pref
NEXT-HOP
the IP address of the router that advertised the
route.
ORIGIN
how the route was learned (IGP, EGP, Incomplete)

15
How BGP attributes affect ISP Policies

Loop Prevention ? Use AS_PATH
Use LOCAL_PREF to differentiate different
relationships
Hot Potato routing V.S. Cold Potato routing
Cold Potato routing based on MED attribute
Multi-homing backup routes, and load balancing
Use AS_PATH pre-pending method.
Use COMMUNITIES to alter providers local
preference.

16
Route Selection Summary
Longest prefix matching!
Forwarding rule
Highest Local Preference
Enforce relationships (1)
Shortest ASPATH
Lowest MED
traffic engineering (2)
Lowest IGP cost to BGP egress
Throw up hands and break ties
Lowest router ID
17
Local-Pref
AS 4
local pref 80
AS 3
local pref 90
local pref 100
AS 2
AS 1
Higher Local preference values are more preferred
13.13.0.0/16
18
Implementing Backup Links with Local Preference
(Outbound Traffic)
AS 1
primary link
backup link
Set Local Pref 100 for all routes from AS 1
Set Local Pref 50 for all routes from AS 1
AS 65000
Forces outbound traffic to take primary link,
unless link is down.
19
Implementing Multihomed Backups with
LOCAL_PREF(Outbound Traffic)
AS 1
AS 3
provider
provider
primary link
backup link
Set Local Pref 100 for all routes from AS 1
Set Local Pref 50 for all routes from AS 3
AS 2
Forces outbound traffic to take primary link,
unless link is down.
20
AS-PATH
This route is discardedsince it own ASN is in
the AS-PATH
15.10.0.0/16 AS-PATH 2 5
AS1
15.10.0.0/16 AS-PATH 3 2 1
AS3
AS2
15.10.0.0/16 AS-PATH 3 4 5
15.10.0.0/16 AS-PATH 5
AS1
15.10.0.0/16
AS3
15.10.0.0/16 AS-PATH 2 1
AS5
AS2
15.10.0.0/16
15.10.0.0/16 AS-PATH 1
AS4
15.10.0.0/16 AS-PATH 4 5
15.10.0.0/16 AS-PATH 5
21
Shedding Inbound Traffic with AS_PATH Pre-pending
AS 1
provider
192.0.2.0/24 ASPATH 2 2 2
192.0.2.0/24 ASPATH 2
backup
primary
Pre-pending will (usually) force inbound
traffic from AS 1 to take primary link
customer
192.0.2.0/24
AS 2
22
Pre-pending May Not Shut Off All Traffic
AS 1
AS 3
provider
provider
192.0.2.0/24 ASPATH 2 2 2 2 2 2 2 2 2 2 2 2 2 2
192.0.2.0/24 ASPATH 2
AS 3 will send traffic on backup link because
it prefers customer routes and local preference
is considered before ASPATH length! Pre-pending
in this way is often used as a form of load
balancing
backup
primary
customer
192.0.2.0/24
AS 2
23
COMMUNITY Attribute
AS 3 normal customer local pref is 100, peer
local pref is 90
AS 1
AS 3
provider
provider
192.0.2.0/24 ASPATH 2 COMMUNITY 370
192.0.2.0/24 ASPATH 2
backup
primary
Customer import policy at AS 3 If 390 in
COMMUNITY then set local preference to 90 If
380 in COMMUNITY then set local preference
to 80 If 370 in COMMUNITY then set local
preference to 70
customer
192.0.2.0/24
AS 2
24
Hot Potato Routing Go for the Closest Egress
Point
192.44.78.0/24
egress 2
egress 1
IGP distances
56
15
This Router has two BGP routes to 192.44.78.0/24.
Hot potato get traffic off of your network as
Soon as possible. Go for egress 1!
Note Local_Pref, AS_PATH are the same -gt IGP cost
25
Getting Burned by the Hot Potato
2865
High bandwidth Provider backbone
17
SFF
NYC
56
15
San Diego
Many customers want their provider to carry the
bits!
tiny http request
huge http reply
26
Hot Potato Routing Go for the Closest Egress
Point
192.44.78.0/24
egress 2
egress 1
IGP distances
56
15
This Router has two BGP routes to 192.44.78.0/24.
Hot potato get traffic off of your network as
Soon as possible. Go for egress 1!
Note Local_Pref, AS_PATH are the same -gt IGP cost
27
Multi-Exit Discriminator
Prefer lower MED values
2865
17
192.44.78.0/24 MED 56
192.44.78.0/24 MED 15
56
15
192.44.78.0/24
Note 1.Unlike Local-Pref, MED is usually set
before sending an Update through EBGP 2.Some AS
would ignore MED advertised from other AS, why ??
28
Route Filtering

AS_PATH is not the primary basis for BGP routing.
Primary factor is the peering agreements between
ISPs.
Peering agreements define which neighbor(s) will
provide transit for what traffic (from what
source, and to what destination)

29
Nontransit vs. Transit ASes
ISP 2
ISP 1
NET A
Nontransit AS might be a corporate or campus
network. Could be a content provider
Traffic NEVER flows from ISP 1 through NET A to
ISP 2 (At least not intentionally!)
30
Selective Transit
NET B
NET C
NET A provides transit between NET B and NET
C and between NET D and NET C
NET A DOES NOT provide transit Between NET D and
NET B
NET A
NET D
Most transit networks transit in a selective
manner
31
Customers and Providers
provider
customer
Customer pays provider for access to the Internet
32
Customer-Provider Hierarchy
IP traffic
provider
customer
33
The Peering Relationship
A3
A2
A1
C1
C3
C2
Peers provide transit between their respective
customers Peers do not provide transit between
peers Peers (often) do not exchange
traffic allowed
traffic NOT allowed
34
Peering Provides Shortcuts
Peering also allows connectivity between the
customers of Tier 1 providers.
35
Import Routes
From provider
From provider
From peer
From peer
From customer
From customer
36
Export Routes
provider route
customer route
peer route
ISP route
To provider
From provider
To peer
To peer
To customer
To customer
37
Blackholes
Need Filter Here!
192.0.2.0/24
Accidental or malicious announcement of your
prefix can blackhole your destinations in large
part of the Internet
not legitimate
192.0.2.0/24
legitimate
38
Address with special meaning

0.0.0.0/0 default
10.0.0.0/8 private
172.16.0.0/12 private
192.168.0.0/16 private
128.0.0.0/16 IANA reserved
192.0.2.0/24 test networks
224.0.0.0/3 classes D and E
..

39
Import Routes (Revisited)
provider route
customer route
peer route
ISP route
potential blackhole
specials
From provider
From provider
xxxxxx
xxxxxx
From peer
From peer
xxxxxx
xxxxxx
xxxxxx
xxxxxx
cccccc
cccccc
cccccc
From customer
From customer
Customer address filters
40
eBGP and iBGP

Two BGP routers from different AS EBGP Peers.
Two BGP routers from the same AS IBGP Peers.
Both EBGP and IBGP follow the same BGP protocol

41
eBGP and iBGP

Essential difference between EBGP and IBGP
AS Path information in EBGP.
IBGP session is fully meshed.
EBGP peers must be directly connected.
IBGP peers can be hops away within the AS (given
that IGP has built up the connectivity)

42
More in IBGP

Loop-back address
BGP extensions to make iBGP scalable

43
Loopback address
138.39.1.2/30

What is the IP address of a router?
Interface address
okay for eBGP - if link down, then no BGP session
Not okay for iBGP - there are other IGP paths
connecting iBGP routers

R1
R2
138.39.1.1/30
138.39.1.2/30
R1
R2
138.39.1.1/30
R3
44
Loopback address

Configure loopback addresses for routers
(loopback interfaces)
IGP must know about these addresses and how to
route to them.
iBGP sessions can be set up even if link down.

138.39.1.2/30
R1
R2
138.39.1.1/30
138.39.128.5/30
138.39.128.1/30
R3
45
IBGP Scalability

One of the requirements of IBGP is to maintain a
fully meshed graph. Why ?
Prefixes learned from an EBGP neighbor can be
advertised to an i-BGP neighbor, vice versa.
However, prefixes learned from an IBGP neighbor
cannot be advertised to another IBGP neighbor.
Results IBGP is not scalable.
Solutions
Route reflector
Confederation

46
IBGP Reflector