BGP
========
routing protocol of internet
One and only the external gateway protocol ie BGP . This is kind of EGP protocol.
The most common places where BGP used is ISP, basically incase of dual ISP to access the internet.
mainly focussed on the connection from ISP to the organization.
Using BGP , public ip can be advertise to multiple ISP's for redundancy purpose.
main purpose of BGP is multi-homing
BGP runs on top of TCP(port 179) unlike other protocols which has own L4 protocols
TCP is used for reliablility.
Updates are incremental and triggered
metric is the biggest you have ever seen
Slowest routing protocol on the planet to converge because of the design.
Most tunable routing protocols through attributes one by one breaking ties.
STYLES of BGP implementations
==============================
From the perspective of customer.
By running BGP , you can advertise your address blocks to both ISPs .If one links fails , it will use other.
For out going , to ISP use default route.
Other type of Implementation is partial updates:
===============
using optimize connection.
next is using full updates
=============================
router will keep full routing table for all the connected ISPs each. This is most flexible but resource
consumpting.
BGP algorithms
==============
BGP is technically distance vector protocol,but most call it a "path vector" protocol
Without tuning, BGP behaves just like RIP
Here AS (autonoums system) works as hops.
BGP Packet and types
===================
Open : starts the session
Keepalive : check whether neighbor is alive
Update : network reachablity exchanges
Notification : something bad has happend ; close session
Tables:
======
Neighbor table: the connected BGP friends
BGP table: a list of all BGP routes
routing table: a list of the best routes
Implementation and tuning
=================================
IBGP vs EBGP
More of parent protocol to both
everything here based on AS . Its kind of foundation.
there are public and private AS
IBGP :
When you establish BGP relationship within the same AS no
EBGP :
When you establish BGP relationship between different AS no. Especially in case of connection to ISP
here neighbors can be things that are not directly connected ..isn't it weird.
BGP is kind of application. It can work on any kind of existing routing protocols.
BGP neighbor configuration
==============================
are always manually configured means need to configure statically.
ISP router
conf t
router bgp 6500 (bgp is up and running) and now we can form of neighbor
neighbor 10.1.45.1 remote-as 5500
show ip bgp summary
R4 (organizational router)
router bgp 5500
neighbor 10.1.45.2 remote-as 6500
show ip bgp summary
IBGP:
BGP neighbors need not to be directly connected
here R1 and R4 are not dir conn
R4
router bgp 5500
in this case neighbor is done with loopback ip address
then advertise those into ospf
int lo 4
ip address 4.4.4.4 255.255.255.255 (host route)
router ospf 1
network 4.4.4.4. 0.0.0.0 area 0
advertising into ospf
R1
int lo 1
ip address 1.1.1.1 255.255.255.255
network 1.1.1.1 0.0.0.0 area 0
R4
router bgp 5500
neighbor 1.1.1.1 update-source loopback 4
neighbor 1.1.1.1 remote-as 5500
do same thing in R1
show ip bgp sum
In bgp, the network command is to see what BGP network to advertise other used is neighbor
What if we have redundancy links with ISP?
use loopback and do load balancing.
R5: ISP router
int lo 5
ip add 5.5.5.5 255.255.255.255
ip route 4.4.4.4 255.255.255.255 10.1.45.1
EBGP neighbor relation must be by default directly connected
but when u are connecting through loopback it doesn't see that way. it takes it as one hop away. So we use ebgp multi-point
R4
neighbor 5.5.5.5 ebgp-multihop 2
basically, we will give the max to 5 hops to avoid loops.
Advertising networks into BGP
BGP has auto-summary
BGP synchronization
Two ways to get networks into BGP
- network command
- redistribution
ISP router
conf t
router bgp 6500
network 50.0.0.0
tells wat network to advertise but don't tell about what interface relationship to form with, neighbor reln is static
show ip bgp
*> == means valid and best route
R4 internal route
show ip bgp
*> ==it receives the routes
or
R5
to advertise particular class c rather than class a network
router bgp 6500
no network 50.0.0.0
network 50.1.1.0 mask 255.255.255.0
show ip bgp
2nd method is redistribution
============================
redistributing private ip address to BGP is not a good way
R5
access-list 50 deny 200.1.5.0
access-list 50 deny 200.1.6.0
access-list 50 permit any
router bgp 6500
redistribute connected route-map FILTER ( pass all connected interface through that route-map)
show route-map
show access-list
show ip bgp
BGP does auto-summarization with redistribute
Earlier version before 12.2(8)T are having auto-summary turned on
router bgp 6500
no auto-summary
BGP synchronization
===================
R1
without caret you won't be in the routing table
-Do not use or advertise a route learned via IBGP until the same route has been learned from the internal routing
protocol (like ospf)
bgp synchronization is off by default in later IOS after 12.2(8)T
route bgp 5500
no synchronization (turns off sync)
BGP next-hop processing
========================
- For EBGP peers:
change next hop address on advertised
neighbor 1.1.1.1 next-hop-itself
Tuning Attributes
=======================
What are BGP attributes ?
Attributes are ways that you can "TAG" incoming or outgoing BGP routes
Some attributes are well-known (everyone supports) while others are optional
Some attributes are mandatory (must be in the update) while others are discretionary
Some attributes are transitive (travel from router to router) while others are non-transitive
Well known Attributes:
======================
autonomous system path (AS-PATH-MANDATORY)
next hop address (mandatory)
origin (mandatory)
local preference (discretionary)
atomic aggregate(discretionary)
Optional Attributes:
====================
- aggregator
- multi-exit discriminator (MED/METRIC)
How BGP finds the best path
=============================
1. Ignore routes with an inaccessible next hop address
2. Prefer the path with the highest weight. === Cisco propriety
3. Prefer the path with the highest LOCAL_PREF
4. Prefer the path that was locally originated via a network command
5. Prefer the path with the shortest AS_PATH
6. Prefer the path with the lowest origin type.
7. Prefer the path with the lowest multi-exit discriminator(MED)
8. Prefer eBGP over IBGP paths
9. Prefer the path with the lowest IGP metric to the BGP next hop.
10.Determine if multiple paths require installation in the routing table for BGP multipath.
11. When both paths are external, prefer the path that was received first (the oldest one)
12.Prefer the route that comes from the BGP router with the lowest router ID
13.If the originator or RID is the same for multiple paths, prefer the path with the minimum cluster list length.
14. Prefer the path that comes from the lowest neighbor address.
R
show ip bgp sum
show ip bgp
show ip route
in bgp hops are AS
Tuning BGP attributres
=======================
R1
show ip bgp
router bgp 5500
no sync == turn off synch
clear ip bgp *
show ip bgp sum
don't change your next hop address for IBGP network
Solution:
router bgo 5500
neighbor 10.1.12.1 next-hop-self
clear ip bgp *
How to use BGP attributes to make more intelligent routes
With the weight, higher is better
two ways to set weight.
router bgp 5500
neighbor 101.1.13.2(neighbor) weight 500
show ip bgp
clear ip bgp *
show ip bgp
router bgp 5500
no neighbor 10.1.13.2 weight 500
if u want to temporarily disable neighbor
neighbor 10.1.13.2 shutdown
clear ip bgp *
shorter AS path is preferred.
The origin is where is route came from
i - came from somewhere entering network command
? - if somewhere redistribute routes into bgp
prefer the path with lowest origin type
i
e - actual exterior gateway protocol. u should never see a route with origin e. because EGP is nowhere in the picture.
Local preference :
industry marking way to tell which route is better
Weight is local to the router and stays on the router . Local preference can be set on router and is advertise to other
routers in AS
Local means when u advertise it will not leave the AS. So you can influence routers within AS.
R3
router bgp 5500
bgp default local-preference 700 (higher is better)
another way is
router bgp 5500
ip access-list standarad ROUTES_for_R3
permit 150.1.50.0 0.0.0.255
permit 150.2.50.0 0.0.0.255
ip access-lit standad ROUTES_for_R2
permit 200.0.0.0 0.255.255.255
route-map LOCAL_PREF permit 10 address RoUTES_for_R3
set local-preference 1000 (default local pref is 100)
route-map LOCAL_PREF permit 20
match ip address ROUTE_FOR_R2
set local-preference 10
show route-map
show ip bgp sum
router bgp 5500
neighbor 10.1.36.2 route-map LOCAL_PRF in
do clear ip bgp *
metric ie MED
only attribute to try and influence other AS
In case of metric lower is better
roueter bgp 5500
default-metric 200 (default is 0)
Configuring Path control
==========================
What is policy Routing?
The programming language of routing tables
Series of if then statement, applied to interface
R
ip access-list extended CLIENT1
permit ip host 192.168.1.20 any
route-map POLICY 10 (seq no)
route-map is programming language for router
match ip address CLIENT1
set ip next-hop 201.1.1.2
do show route map
ip access-list extended CLIENT2
permit tcp host 192.168.1.21 any eq 23
------------------------------------ 443
route-map POLCIY 20
macth ip address CLIENT2
set ip next-hop 200.1.1.2
do show route-map
route-map POLICY permit 30 (permit is assumed)
set ip next-hop 201.1.1.2
if there is no match under the policy, it match everything
show ip int br
now apply it on interface
ip policy route-map POLICY
PRTG is the tracking program
ip sla monitor schedule 1 start-time now life forever
track 1 rtr 1 reachability
Q. What is the order of preference of attributes when some or all are
applied to one neighbor in BGP?
A. The order of preference varies depending on whether the attributes are applied for inbound
updates or outbound updates.
For inbound updates the order of preference is:
1. route−map
2. filter−list
3. prefix−list, distribute−list
For outbound updates the order of preference is:
1. prefix−list, distribute−list
2. filter−list
3. route−map
Note: The attributes prefix−list and distribute−list are mutually exclusive, and only one
command (neighbor prefix−list or neighbor distribute−list) can be applied to each inbound
or outbound direction for a particular neighbor.
Q. What does a next hop of 0.0.0.0 mean in the show ip bgp command
output?
A. A network in the BGP table with a next hop address of 0.0.0.0 means that the network is
locally originated via redistribution of Interior Gateway Protocol (IGP) into BGP, or via a
network or aggregate command in the BGP configuration.
Q. How can I verify if a BGP router is announcing its BGP networks and
propagating them to the global BGP mesh?
A. To check if the IP blocks are announced to the directly connected ISP, use the following
commands. The show ip bgp neighbors [address] advertise−routes command shows which
messages are being sent. The show ip bgp neighbors [address] routes command shows
which messages are being received.
Note: The show ip bgp neighbors [address] advertise−routes command does not take into
account
command output will be changed to reflect the outbound policies.
To verify how the IP blocks are getting propagated to the global BGP mesh via the directly
connected ISP, log onto a route server on the Internet and look for the BGP entries of the
prefix in the route server.
Q. Do eBGP sessions between confederations modify the next hop?
A. No, eBGP sessions between confederation sub−ASes does not modify the next hop
attribute. All iBGP rules still apply to have the whole AS behave as a single entity. The
metric and local preference values also remain unaltered among confederation eBGP peers.
Q. In eBGP sessions, which IP address is sent as the next hop?
A. In eBGP peering, the next hop is the IP address of the neighbor that announced the route.
However, when the route is advertised on a multi−access media (such as Ethernet or Frame
Relay), the next hop is usually the IP address of the router interface connected to that media,
which originated the route
Q. Does the route reflector change the next hop attribute of a reflected
prefix?
A. By default, the next hop attribute is not changed when a prefix is reflected by route
reflector. However, using the neighbor next−hop−self command, you can change the
attribute of the next hop for prefixes reflected from an eBGP peer to any route reflector client.
No comments:
Post a Comment