Border Gateway Protocol
Download
Report
Transcript Border Gateway Protocol
Advanced Juniper Networks Routing
Release 5.1, Revision 0
Module 6: Border Gateway Protocol
Copyright © 2001, Juniper Networks, Inc.
Objectives
Describe the configuration options for BGP peers
Explain the default “movement” of BGP routes through
a router
Describe the role of BGP attributes in the process of
choosing routes to use and advertise
Describe how BGP next hop reachability is achieved
Copyright © 2001, Juniper Networks, Inc.
BGP Operation
BGP stores routes in three main Routing Information
Base (RIB) memory tables
– RIB-IN: All received routes get placed here
– RIB-LOCAL: Routes the local router is using to forward traffic
– RIB-OUT: All advertised routes get placed here
Only active BGP routes in the local routing table may
be advertised to peers
– Single best BGP path is advertised
– advertise-inactive can be used when BGP route is not
active, but only the single best inactive BGP path is
advertised
Copyright © 2001, Juniper Networks, Inc.
Local Preference
Exchanged by IBGP peers only
Usually used to set the exit point from an AS
IBGP propagates information throughout the AS
Which router to
It makes sense
to use Router B
reach 172.17.2.0?
IBGP
A
EBGP
B
172.17.2.0/24
IBGP makes sure each each peer
knows to use Router B
through Local_Pref
This AS neither knows nor cares
about the other AS’ Local_Pref
Copyright © 2001, Juniper Networks, Inc.
AS Paths
BGP AS Path is the route to a given destination
Consists of a list of the AS numbers of all routers
(path) a packet must go through
The path can be parsed by regular expressions
AS 21777
AS 25678
AS 20222
192.168.27.0/24: 21777 20222 I
192.168.27.0/24: 23001 20222 I
AS 23001
Copyright © 2001, Juniper Networks, Inc.
192.168.27.0/24
The Origin Code
Installed by the originating router for the prefix (route)
A tag of “believability” as to the origin of the route
information (Where did you get it from?)
Origin can be internal, external, or unknown
– I: Internal (0) – Learned from an IGP
– E: External (1) – Learned from EGP
– ?: Incomplete (2) – NLRI found by some other means
“I” (0) is better than “E” (1) which is better than “?” (2)
All JUNOS software BGP routes have origin IGP by
default
Copyright © 2001, Juniper Networks, Inc.
Multiexit Discriminator (MED)
An optional, non-transitive attribute (Code Type 4), it is
never passed through one AS to another AS
MED can be used by a neighboring AS to prefer one of
several paths to the local AS
Informs neighboring AS which of the ingress paths
should be used to reach the local AS in an attempt to
influence inbound traffic
Can perform some primitive load balancing
MED values are often translated from IGP metric
Other AS networks can always preempt MED via other
BGP attributes
Copyright © 2001, Juniper Networks, Inc.
BGP Path Selection (1 of 2)
1. Can the BGP next hop (BNH) be reached?
If yes, proceed.
If no, stop processing.
2. Prefer the highest LOCAL-PREF value.
3. Prefer the shortest AS-PATH length.
4. Prefer the lowest ORIGIN value.
5. Prefer the lowest MED value.
6. Prefer paths learned via EBGP over routes via IBGP.
Copyright © 2001, Juniper Networks, Inc.
BGP Path Selection (2 of 2)
7. Prefer paths with the lowest IGP metric
8. Prefer paths where BNH has a better route preference
9.
10.
11.
12.
when examining both routing tables inet.0 and inet.3
Prefer paths where BNH has greater number of equalcost paths
Prefer paths with the shortest Cluster-List length
Prefer paths from the peer with the lowest RID
Prefer paths from the peer with the lowest peer ID
Copyright © 2001, Juniper Networks, Inc.
Path Selection: Peer-ID
Used when there are multiple BGP peering sessions
between two routers
Only one BGP session will be used to forward traffic
ID is the physical IP address on the neighboring
router’s interface
LosAngeles
10.10.1.2/24
10.10.1.1/24
(AS1)
10.10.2.2/24
10.10.2.1/24
[edit protocols bgp group ext-peers]
type external;
peer-as 2;
neighbor 10.10.1.1;
neighbor 10.10.2.1;
}
Copyright © 2001, Juniper Networks, Inc.
LasVegas
(AS2)
Path Selection: Multipath
Router-ID and Peer-ID comparisons can both be
ignored when multipath is configured within BGP
– Two peering sessions to the same router can be used
– Two peering sessions to different routers can be used
– Two peering sessions to different AS networks can be used
Multipath cannot be used with multihop
LosAngeles
10.10.1.2/24
10.10.1.1/24
(AS1)
10.10.2.2/24
10.10.2.1/24
[edit protocols bgp group ext-peers]
type external;
peer-as 2;
multipath;
neighbor 10.10.1.1;
neighbor 10.10.2.1;
}
user@host> show bgp summary
Peer
AS
InPkt
OutPkt
10.10.1.1
2
7
7
10.10.2.1
2
8
10
OutQ
0
0
LasVegas
(AS2)
Flaps Last Up/Dwn State|#Active/Rec
0
00:00:02 19/19/0
0
00:00:06 19/19/0
Copyright © 2001, Juniper Networks, Inc.
Multihop Peering
EBGP sessions may peer with non-physical addresses
lo0: 192.168.3.4
lo0: 172.16.128.1
LosAngeles
10.10.1.2/24
10.10.1.1/24
(AS1)
10.10.2.2/24
10.10.2.1/24
LasVegas
(AS2)
[edit protocols bgp group ext-peers]
type external;
Step 1
local-address 192.168.3.4;
neighbor 172.16.128.1 {
Step 2
multihop ttl 2;
}
[edit routing-options]
static {
route 172.16.128.1 next-hop [ 10.10.1.1 10.10.2.1 ];
}
Copyright © 2001, Juniper Networks, Inc.
Step 3
Multihop no-nexthop-change
EBGP peers alter the BGP next hop across AS
boundaries
– A next-hop value of self is seen in the show route
advertising-protocol bgp command
Can be changed if multihop and the keyword of no-
nexthop-change is used
– The next-hop value is the address of the IBGP who advertised
the route
user@host> show route advertising-protocol bgp 192.168.1.2
inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 1 hidden)
Prefix
Nexthop
MED
Lclpref AS path
100.100.100.0/24
Self
I
[edit protocols bgp group ext-peers]
user@host# set neighbor 192.168.1.2 multihop no-nexthop-change
user@host> show route advertising-protocol bgp 192.168.1.2
inet.0: 6 destinations, 6 routes (6 active, 0 holddown, 1 hidden)
Prefix
Nexthop
MED
Lclpref AS path
100.100.100.0/24
10.10.10.1
I
Copyright © 2001, Juniper Networks, Inc.
Peer Configuration Options (1 of 2)
passive keeps BGP from sending OPEN message
[edit protocols bgp]
group ext-peers {
type external;
peer-as 2;
neighbor 10.10.10.1 {
passive;
}
}
allow accepts OPEN messages from any peer within
the configured IP address range
[edit protocols bgp]
group ext-peers {
type external;
allow 10.10/16;
}
MD5 authentication can be enabled
[edit protocols bgp]
group ext-peers {
type external;
peer-as 2;
neighbor 10.10.10.1 {
authentication-key “$9$.mQn/9pBRSAp7VYojiAp0O1h”;
}
}
Copyright © 2001, Juniper Networks, Inc.
Peer Configuration Options (2 of 2)
prefix-limit allows a specified amount of prefixes
to be received
[edit protocols bgp]
group ext-peers {
type external;
peer-as 2;
family inet {
unicast {
prefix-limit {
maximum 25000;
teardown 80 idle-timeout 10;
}
}
}
neighbor 10.10.10.1;
}
family inet enables multi-protocol BGP extensions
[edit protocols bgp]
group ext-peers {
type external;
peer-as 2;
neighbor 10.10.10.1 {
family inet {
unicast;
multicast;
}
}
}
Copyright © 2001, Juniper Networks, Inc.
Modifying AS Path: Remove-Private
192.168.17.0/24: 1000 I
192.168.18.0/24: 1000 I
192.168.19.0/24: 1000 I
remove-private
AS 1000
192.168.17.0/24: 65001 I
192.168.18.0/24: 65002 I
AS 65001
AS 65002
192.168.17.0/24
192.168.18.0/24
Copyright © 2001, Juniper Networks, Inc.
192.168.19.0/24: 65003 I
AS 65003
192.168.19.0/24
Modifying AS Path: Local-AS (I)
172.16.10.0/24: 1 222 I
172.16.12.0/24: 1 333 I
AS 1
172.16.10.0/24: 222 I
AS 222
172.16.10.0/24
172.16.12.0/24: 333 I
AS 333
172.16.12.0/24
Copyright © 2001, Juniper Networks, Inc.
Internet
Modifying AS Path: Local-AS (II)
AS 777
172.16.10.0/24: 1 222 I
172.16.12.0/24: 1 333 I
172.16.10.0/24: 777 1 222 I
172.16.12.0/24: 777 1 333 I
local-as 1
172.16.10.0/24: 222 I
AS 222
172.16.10.0/24
Internet
172.16.12.0/24: 333 I
AS 333
172.16.12.0/24
Copyright © 2001, Juniper Networks, Inc.
Modifying AS Path: Local-AS (III)
AS 777
172.16.10.0/24: 222 I
172.16.12.0/24: 333 I
172.16.10.0/24: 777 222 I
172.16.12.0/24: 777 333 I
local-as 1 private
172.16.10.0/24: 222 I
AS 222
172.16.10.0/24
Internet
172.16.12.0/24: 333 I
AS 333
172.16.12.0/24
Copyright © 2001, Juniper Networks, Inc.
Path Selection and MEDs
By default, only MEDs from the same neighboring AS
are compared
BGP can be configured to change this behavior
always-compare-med compares MED values
regardless of whether the neighboring AS is the same
Caution is needed when comparing MEDs from more
than one AS since every network has a different
interpretation of a “good” MED
[edit protocols]
bgp {
path-selection always-compare-med;
}
Copyright © 2001, Juniper Networks, Inc.
Coordinating MED and IGP Metrics
BGP can set the MED value on route announcements
based on the IGP metric to the peer the route was
received from
Use the metric-out command with a group or neighbor
– Can be set to a specific value
– Can be set to the current IGP metric
– Can be set to the minimum IGP metric ever learned
– Can add to or subtract from the IGP metric
[edit protocols bgp]
group as-100-peers {
type external;
peer-as 100;
neighbor 192.168.2.2 metric-out 10;
neighbor 192.168.3.3 metric-out igp;
neighbor 192.168.4.4 metric-out minimum-igp;
neighbor 192.168.5.5 metric-out igp 5;
}
Copyright © 2001, Juniper Networks, Inc.
Review Questions
To what IP addresses to EBGP sessions usually peer?
Why?
To what IP addresses to IBGP sessions usually peer?
Why?
Why does BGP rely on an IGP for next hop resolution?
What is “next hop self” and when is it used in BGP?
Copyright © 2001, Juniper Networks, Inc.