Upload
vuongphuc
View
293
Download
9
Embed Size (px)
Citation preview
Lab Course “RouterLab”
BGP - Border Gateway Protocol(RFC 4271)
1
Some of the slides come from: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf
BGP
Miscellaneous • Anything that needs discussion?
2
BGP
Miscellaneous • Anything that needs discussion?
2
SUBMIT YOUR CONFIG FILES, TRACES, COMMAND
DUMP!!!
BGP
Internet Routing• There is no single....
- Routing Protocol- Routing Configuration- Routing State,- Routing Management
• ....... for the entire Internet!• Routing System is a collection of many
components hopefully operating in a consistent manner
3
BGP
Internet Routing• Distance Vector
- I tell you all my “best” routes for all destinations that I know and you tell me yours.
- Build simplified topology from local perspective
- E.g. RIP
4
• Link State- I announce to everyone
about my links and the addresses I originate on each link and listen to everyoneʼs announcement.
- Build full topology- E.g. OSPF
BGP
Internet Routing• The Routing Architecture uses a 2-level
hierarchy, based on the concept of a routing domain (Autonomous System - AS)
• An AS is an interconnected network with a single exposed topology, a coherent routing policy, and a consistent metric framework
• Within an AS: Interior Gateway Protocols - IGP• Among ASes: Exterior Gateway Protocols - EGP
5
BGP
IGPs and EGPs• IGPs
- Distance Vector: RIP, IGRP, EIGRP- Link State: OSPF, IS-IS
• EGPs- Distance Vector: (EGP, BGPv3) BGPv4
6
BGP
What the Internet looks like!
7
AS2
AS1
AS69AS7
AS3
AS666
OSPF
IS-IS/OSPF
RIP/OSPFRIP/OSPFRIP/OSPF
OSPF
IS-ISRIP
RIP/OSPF
EGPIGP
BGP 8
Why BGP?
! Simple protocol to implement and operate
! Very simple distance metric
! Occludes local policies from external inspection
! Limited inter-SP coordination required
! Mature deployment
Source: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf
BGP 8
Why BGP?
! Simple protocol to implement and operate
! Very simple distance metric
! Occludes local policies from external inspection
! Limited inter-SP coordination required
! Mature deployment
Source: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf
So simple that to have full knowledge you should read 15 RFCs (~400 Pages!)■ RFC 4271, A Border Gateway Protocol 4
(BGP-4)■ RFC 4456, BGP Route Reflection - An
Alternative to Full Mesh Internal BGP (IBGP)■ RFC 4278, Standards Maturity Variance
Regarding the TCP MD5 Signature Option (RFC 2385) and the BGP-4 Specification
■ RFC 4277, Experience with the BGP-4 Protocol
■ RFC 4276, BGP-4 Implementation Report■ RFC 4275, BGP-4 MIB Implementation Survey■ RFC 4274, BGP-4 Protocol Analysis■ RFC 4273, Definitions of Managed Objects for
BGP-4■ RFC 4272, BGP Security Vulnerabilities
Analysis■ RFC 3392, Capabilities Advertisement with
BGP-4■ RFC 5065, Autonomous System
Confederations for BGP■ RFC 2918, Route Refresh Capability for BGP-4■ RFC 1772, Application of the Border Gateway
Protocol in the Internet Protocol (BGP-4) using SMIv2
■ RFC 4893, BGP Support for Four-octet AS Number Space
BGP 8
Why BGP?
! Simple protocol to implement and operate
! Very simple distance metric
! Occludes local policies from external inspection
! Limited inter-SP coordination required
! Mature deployment
Source: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf
AS-Path, which is a variation of the Distance-Vector Algorithm.
Guess what: it still doesn’t scale!!!
BGP 8
Why BGP?
! Simple protocol to implement and operate
! Very simple distance metric
! Occludes local policies from external inspection
! Limited inter-SP coordination required
! Mature deployment
Source: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf
Consequence of the Distance-Vector Algorithm.
BGP 8
Why BGP?
! Simple protocol to implement and operate
! Very simple distance metric
! Occludes local policies from external inspection
! Limited inter-SP coordination required
! Mature deployment
Source: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf
BGP sessions are statically set up and manually managed, is this “limited inter-SP” coordination?
Well.... they can do dirty things in the route selection process without the need to talk to each other!(You will do it in the worksheet)
BGP 8
Why BGP?
! Simple protocol to implement and operate
! Very simple distance metric
! Occludes local policies from external inspection
! Limited inter-SP coordination required
! Mature deployment
Source: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf
On this they are right! It is the “De Facto” Standard.
BGP
BGP Basics• BGP obtains route to prefixes from neighboring
ASes
• BGP Propagate “best” routes to other neighbors- “best” depends on policies that depend on neighbors
business relationship (customer-provider model, peering)
• Each BGP routing object is a Prefix and a set of attributes: - <AS Path vector, Origin, Next Hop, Local Pref, …>‣ AS Path Vector is a vector of AS identifiers that form a viable path
- Used for loop prevention and best-path selection
9
BGP
Prefix Announcements
10
AS2
AS1
AS69AS7
AS3
AS666
RIP/OSPFRIP/OSPFRIP/OSPF
10.0.0.0/8
BGP
Prefix Announcements
10
AS2
AS1
AS69AS7
AS3
AS666
RIP/OSPFRIP/OSPFRIP/OSPF
10.0.0.0/8AS7
10.0.0.0/8AS7 10.0.0.0/8
BGP
Prefix Announcements
10
AS2
AS1
AS69AS7
AS3
AS666
RIP/OSPFRIP/OSPFRIP/OSPF
10.0.0.0/8AS7
10.0.0.0/8AS7
10.0.0.0/8AS2 AS7
10.0.0.0/8AS3 AS7
10.0.0.0/8
10.0.0.0/8AS2 AS7
BGP
Prefix Announcements
10
AS2
AS1
AS69AS7
AS3
AS666
RIP/OSPFRIP/OSPFRIP/OSPF
10.0.0.0/8AS7
10.0.0.0/8AS7
10.0.0.0/8AS2 AS7
10.0.0.0/8AS3 AS7
10.0.0.0/8AS1 AS2 AS7
10.0.0.0/8
10.0.0.0/8AS2 AS7
BGP
Prefix Announcements
10
AS2
AS1
AS69AS7
AS3
AS666
RIP/OSPFRIP/OSPFRIP/OSPF
10.0.0.0/8AS7
10.0.0.0/8AS7
10.0.0.0/8AS2 AS7
10.0.0.0/8AS3 AS7
10.0.0.0/8AS1 AS2 AS7
Prefix AS Path* 10.0.0.0/8 AS3 AS7 10.0.0.0/8 AS1 AS2 AS7
10.0.0.0/8
10.0.0.0/8AS2 AS7
BGP
BGP = DV Protocol• Maintains a collection of local best paths for all
advertised prefixes• Passes changes to all neighbors containing:
- One single best-path for each prefix- Only incremental updates never a full dump (unless
opening the session or other specific events)
• Changes reflect only events in the local database:- New reachability information to a prefix (update)- Reachability information lost for a prefix (withdraw)
11
BGP
BGP Messages• Peers exchange messages over TCP sessions
- Port:179- Can span several physical links
• OPEN- Open TCP Connection- Authenticate peers
• UPDATE- Advertises new paths- Withdraw old paths- Carry all the attributes of the path
12
BGP
BGP Messages• KEEPALIVE
- Keeps connection alive in the absence of updates- Otherwise connection is reset due to inactivity
• NOTIFICATION- Reports errors in previous messages- Used to close a session
• ROUTE_REFRESH- Request for full routing information without breaking TCP
connection- There are BGP sessions that have lasted years!
13
BGP
BGP Messages over TCP• BGP is not a byte stream protocol like TCP• The byte stream is divided into messages using
BGP-defined markers• Each message is a standalone protocol element• Maximum message size: 4096 bytes
14
BGP
Path Attributes (I)• Origin
- How this route was injected into BGP in the first place
• Next_hop- Exit border router
• Multi-Exit-Discriminator- Preference between 2 or more sessions among the same
AS pair
• Local-Pref- Local preference setting
15
BGP
Path Attributes (II)• Atomic Aggregate
- The path is the result of aggregation
• Aggregator- ID of proxy aggregator
• Community- Locally defined information field
• Destination-Pref- Preference setting for remote AS
16
BGP
Local_Pref
17
AS2
AS1
AS69AS7
AS3
AS666
RIP/OSPFRIP/OSPFRIP/OSPF
Prefix AS Path* 10.0.0.0/8 AS3 AS7 10.0.0.0/8 AS1 AS2 AS7
10.0.0.0/8
BGP
Local_Pref
17
AS2
AS1
AS69AS7
AS3
AS666
RIP/OSPFRIP/OSPFRIP/OSPF
Prefix AS Path* 10.0.0.0/8 AS3 AS7 10.0.0.0/8 AS1 AS2 AS7
10.0.0.0/8
Prefix AS Path LP 10.0.0.0/8 AS3 AS7 10* 10.0.0.0/8 AS1 AS2 AS7 20
BGP
Peering & C-P Relationship
18
AS2
AS1
AS69AS7
AS3
AS666
RIP/OSPFRIP/OSPFRIP/OSPF
10.0.0.0/8
Prefix AS Path LP 10.0.0.0/8 AS3 AS7 10* 10.0.0.0/8 AS1 AS2 AS7 20
$$
$$$$
$$
$$
=
$$ =
Customer- Provider
Peering
BGP
MED Example
19
AS2
AS1
AS69AS7
AS3
AS666
RIP/OSPFRIP/OSPFRIP/OSPF
Text
10.0.0.0/8 MED 1011.0.0.0/8 MED 20AS2
10.0.0.0/8 MED 2011.0.0.0/8 MED 10AS2
10.0.0.0/8
11.0.0.0/8
BGP
eBGP and iBGP• eBGP is used across AS boundaries• To synchronize all eBGP speakers of an AS
iBGP is used• iBGP sessions are manually configured• iBGP needs a full mesh (or at least a flooding
hierarchy - Route Reflectors)• iBGP does not detect loops• iBGP does not prepend AS number
20
BGP
iBGP
21
eBGPiBGP
BGP
iBGP
21
eBGPiBGP
BGP
iBGP + RR
22
eBGPiBGP
Route-Reflector
BGP
Anything Missing?
23
BGP
(Best) Route Selection • For a set of received advertisements of the
same prefix the local “best” selection is based on:
1. Highest value Local_Pref 2. Shortest AS Path length3. Lowest MED4. Minimum IGP cost to Next_Hop Address5. eBGP-learned routes preferred to iBGP-learned routes6. Prefer paths learned from router with smaller ID (selected
in the same way as for OSPF)
24
BGP
Worksheet 5 • Use New VLANs topology• Target: Configure BGP and learn to use policies• Readings:
‣ Cisco BGP‣ Juniper BGP‣ RFC 4271
25
BGP
Any other Question?
26