Transcript Border Gateway Protocol (BGP4)
Unicast Routing Protocols
1
Outline
Routing basic RIP OSPF BGP 2
Routing Basic
IP Routing Autonomous System (AS) IGP/EGP Distance-vector(DV)/Link-state(LS) How routing protocol works?
3
IP Routing
Route entry Destination/netmask Nexthop Longest-match Default-route Equal Cost Multipath Protocol(ECMP) Static routing/Dynamic routing 4
Autonomous System (AS)
AS 100
Collection of networks with same policy Usually under single administrative control IGP to provide internal connectivity Identified by a short number Public & Private AS numbers
public: 1 - 64511 private: 64512 – 65535
5
What Is an IGP?
Interior Gateway Protocol Within an Autonomous System Carries information about internal prefixes Examples — RIP, OSPF, ISIS … 6
What Is an EGP?
Exterior Gateway Protocol Used to convey routing information between ASes Independent from the IGP Current EGP is BGP4 7
Why Do We Need an EGP?
Scaling to large network Hierarchy Limit scope of failure Define administrative boundary Policy Control reachability to prefixes 8
Hierarchy of Routing Protocols
Other ISP’s BGP4 BGP4 / IGP BGP4 Customers BGP4/Static Customers
9
Distance-vector (Bellman-Ford)
Routers only know their local state link metric and neighbor estimates Examples – RIP, BGP (path-vector) 10
Link-state
Routers have knowledge of the global state topology database global optimization (Shortest Path First - Dijkstra) Examples – OSPF, ISIS 11
How Routing Protocol works?
Neighbor Discovery Route Exchange between neighbors learning/flooding/invalidation/refresh Best route choice and routing table management Responsibility Fast convergence and loop-free Scalability Robustness Some control of routing choices 12
Routing Information Protocol (RIP)
RIP basic General operation RIP v2 VS RIP v1 Conclusion 13
RIPv2 basic
Distance-vector protocol Metric – hops Metric is increased when routes are updated to neighbors Network span limited to 15 (16 means unreachable) Encapsulated as UDP packets, port 520 14
RIPV2 General operation
On startup, send request on all interfaces.
When a request is received, a response is sent.
- Response contains entire routing table.
A response is also gratuitously sent every 30s.
– Response contains entire routing table.
A response is also sent when update detected.
- Response only contains changed routes.
Route metric is set to 16 when network becomes inaccessible or not refreshed during 6 update periods(180s) Invalid routes are flushed after another 4 update periods(120s) 15
Count of infinity
What happens when a link dies?
A A: 0 B: 1, B C: 2, B A: 0 B: 1, B C: 2, B A: 0 B: 1, B C: 4, B A: 0 B: 1, B C: 15, B B A: 1, A B: 0 C: 1, C A: 1, A B: 0 C: 3, A A: 1, A B: 0 C: 3, A A: 1, A B: 0 C: 16, A C A: 2, B B: 1, B C: 0 A: 2, B B: 1, B C: 0 A: 2, B B: 1, B C: 0 A: 2, B B: 1, B C: 0
16
Split horizon
To speed up
convergence
Simple -
do not claim reachability for a destination network to the neighbor from which the route was learned.
Poison reverse -
includes such routes in updates, but sets their metrics to infinity 17
Split horizon - simple
A A: 0 B: 1, B C: 2, B A: 0 B: 1, B C: 16, B B A: 1, A B: 0 C: 1, C A: 1, A B: 0 C: 16 C A: 2, B B: 1, B C: 0 A: 2, B B: 1, B C: 0
18
Split horizon – poison reverse
A A: 0 B: 1, B C: 2, B A: 0 B: 1, B C: 16, B C: 16 B A: 1, A B: 0 C: 1, C A: 1, A B: 0 C: 16 C A: 2, B B: 1, B C: 0 A: 2, B B: 1, B C: 0
19
RIPv2 vs RIPv1
224.0.0.9 - broadcast Variable Length Subnet Mask(VLSM) - Classless Inter-Domain Routing (CIDR, no prefix/subnet information, derived from address class) Authentication - none 20
Conclusion
Simplicity Slow convergence Not suited for large and complex networks 21
Open Shortest Path First (OSPF)
OSPF Basic OSPF Neighbors OSPF Area SPF and LSA database OSPF Messages Conclusion 22
OSPF Basic
Encapsulated as RAW IP packets, protocol ID 89 Uses metrics — path cost(1 – 65,535) 23
OSPF Basic - general operation
Use Hello Protocol to establish neighbors All routers exchange Link State Advertisement (LSA) to build and maintain a consistent database Each router runs SPF on LSA database independently and gets optimal routes Periodic flooding of LSAs every 30 minutes LSA age 0 when created Incremented as time elapsed.
Max age 3600 indicates invalid Remove a LSA by incrementing age to 3600, reflooding and flushing.
24
OSPF Network type
Broadcast Point-to-Point/Point-to-Multipoint NBMA(Non-Broadcast Multiple Access) 25
Neighbor discovery
Hello packets Periodically Multicasting 224.0.0.5, including RouterId, AreaId, Netmask, hello interval, Priority, DR, BDR, Neighbor list Neighbor state machine Works differently on different network 26
DR/BDR/Others
For broadcast and NBMA networks Optimize the flooding procedure Designated Router(DR) Adjacent to all routers Describe all routers on the network Send updates to all routers on the network Backup Designated Router(BDR) Adjacent to all routers Act as new DR when previous DR fails Others Only adjacent to DR/BDR, only send updates to DR/BDR 27
OSPF Area
Why divide the network into different areas?
Limit the scope of updates and computational overhead independent SPF computing in each area inject aggregated information on routes into other areas
32 bit number
Backbone area – area 0 or 0.0.0.0
All areas must connect to backbone area. Backbone area must be continuous Virtual link when the above fails Area Border Routers(ABR) 28
Virtual Link
Area 1 ABR Area 3 Virtual link ABR Area 0 ABR Area 2
29
A 1 C
Shortest Path First
3 10 B 4 D 7 30
Candidat e Root cost SPF tree Description A, B, 3 A, C, 1 A, D, 10 A, B, 3
A, D, 10
C, D, 7
C, D, 7
B, D, 4 3 1 10 3 10 8 8 7 A, A, 0 A, A, 0 A, A, 0 A, C, 1 A, A, 0 A, C, 1 A, B, 3 A, A, 0 A, C, 1 A, B, 3 B, D, 4 Root tree Add adjacent links to A into Candidate and calculate cost to A.
Choose the lowest cost link (A, C, 1), add it into SPF tree and remote it from Candidate. Add adjacent links to C into Candidate and calculate cost to A. Because the new lowest cost to D is 8, is remoted.
Choose the lowest cost link(A, B, 3), Add it into SPF tree and remote it from Candidate.
Add adjacent links to B into Candidate and calculate cost to A. because the new lowest cost to D is 7,
Choose the lowest cost link(B, D, 4), Add it into SPF tree and remote it from Candidate. Because the Candidate is empty, the process is over.
31
OSPF SPF process
SPF calculation is performed independently for each area Router LSA Each router creates a router LSA for each area Describe links to an area DR/BDR(broadcast) Neighboring router(point-to-point) Prefix/mask(stub network) metric Network LSA Only DR creates a network LSA for a network Describe all routers on the network 32
Inter-area routes
Network Summary LSA Created by ABR Advertise optimal routes in one area into another area Prefix/mask Metric Flood only in one area 33
Inter-AS routes
Autonomous System Border Router(ASBR) Autonomous System External LSA Created by ASBR Describe routes redistributed from other AS Prefix/mask Metric Flood across area in an AS(except stub area) ASBR summary LSA Created by ABR Describe ASBR routers in one area ASBR router id metric 34
Stub area
AS External LSA are forbidden in stub area Why stub area?
When many networks are connected only via one router All external networks aggregated into default route Reduce routing table sizes 35
OSPF Messages
Hello Used to establish neighbor relationship Database description Used to describe brief information of LSA Link-state request Used to request LSAs Link-state update Used to update LSAs Link-state acknowledgment Used to assure LSA flooding reliable by including brief description of received LSA 36
Conclusion
2-level hierarchical model Faster convergence Relatively low, steady state bandwidth requirements
37
Border Gateway Protocol (BGP)
BGP Basic BGP Peers BGP Updates – NLRI and Path Attributes Synchronization with IGP Route Reflector and AS Confederation Routing policy BGP Messages Conclusion 38
BGP Basic
Based on TCP connection, port 179 BGP peer is configured manually BGP Peers exchange Update messages containing Network Layer Reachability Information (NLRI) Path attributes are with NLRI to avoid loop and facilitate policy control No routes refresh 39
BGP Peers - eBGP
eBGP A AS 100 220.220.8.0/24 B C AS 101 220.220.16.0/24 D eBGP eBGP Peers in different AS’s are called External Peers E AS 102 220.220.32.0/24 eBGP TCP/IP Peer Connection Note: eBGP Peers normally should be directly connected.
40
BGP Peers - iBGP
AS 100 220.220.8.0/24 A iBGP B C iBGP AS 101 220.220.16.0/24 D Peers in the same AS are called Internal Peers E AS 102 220.220.32.0/24 iBGP TCP/IP Peer Connection Note: iBGP Peers don’t have to be directly connected. Loopback this case, recursive route look-up is needed.
Full mesh
AS 100 B A C D
Each iBGP speaker must peer with every other iBGP speaker in the AS (full mesh) IBgp speaker never floods routes received from another iBGP peer to any other iBGP peer.
42
BGP Updates — NLRI
Network Layer Reachability Information Used to advertise feasible routes Composed of: Network Prefix Mask Length 43
BGP Updates — Path Attributes
Used to convey information associated with NLRI Origin mandatory AS path mandatory Next hop mandatory Local preference Multi-Exit Discriminator (MED) Community Origin Aggregator Rich policy control 44
Origin
Conveys the origin of the prefix Three values: IGP - Generated using “ network ” ex: network 35.0.0.0 EGP - Redistributed from EGP Incomplete - Redistribute IGP ex: redistribute ospf IGP < EGP < INCOMPLETE statement 45
AS-Path Attribute
Sequence of ASes a route has traversed Loop detection Apply policy
AS 300 AS 500 AS 200 170.10.0.0/16 AS 400 150.10.0.0/16 Network Path 180.10.0.0/16 170.10.0.0/16 150.10.0.0/16 300 200 100 300 200 300 400 AS 100 180.10.0.0/16 Network Path 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200
46
AS-Path
Loop detection
AS 200 170.10.0.0/16
Sequence of ASes a route has traversed Loop detection
AS 300 AS 500 AS 400 150.10.0.0/16 180.10.0.0/16 170.10.0.0/16 150.10.0.0/16 300 200 100 300 200 300 400 AS 100 180.10.0.0/16
180.10.0.0/16 dropped 47
Next Hop Attribute
AS 200 150.10.0.0/16 C .1
192.10.1.0/30 .2
D 192.20.2.0/30 A .1
B .2
AS 300 140.10.0.0/16 E Network Next-Hop Path 150.10.0.0/16 192.10.1.1 200 160.10.0.0/16 192.10.1.1
200 100 Network Next-Hop Path 150.10.0.0/16 192.10.1.1 200 160.10.0.0/16 192.10.1.1
200 100 Network Next-Hop Path 160.10.0.0/16 192.20.2.1 100 AS 100 160.10.0.0/16 BGP Update Messages
Next hop to reach a network Usually a local network is the next hop in eBGP session Next Hop updated between eBGP Peers
Local Preference
AS 100 160.10.0.0/16 AS 200 D Multi-homed AS
• Only for iBGP • Local to an AS • Path with highest
local preference wins 500 A AS 400 B C 160.10.0.0/16 500 > 160.10.0.0/16 800 800 E AS 300
49
Multi-Exit Discriminator (MED)
AS 200 192.68.1.0/24 2000 C
preferred
192.68.1.0/24 1000 A B
• Used to convey the relative
preference of entry points
• Comparable if paths are from
the same AS
• Path with lower MED wins • IGP metric can be conveyed as
MED 192.68.1.0/24 AS 201
50
Communities
Service Provider AS 200 Community 201:110 201:120 Local Preference 110 120 C D
Community:201:110 Community:201:120
A B
•Used to group destinations •Each destination could be
member of multiple communities
•Flexibility to scope a set of
prefixes within or across AS for applying policy 192.68.1.0/24 Customer AS 201
51
BGP Updates — Withdrawn Routes
Used to “ withdraw ” network reachability Each Withdrawn Route is composed of: Network Prefix Mask Length 52
Synchronization with IGP
1880
C
A
D OSPF
690
35/8
209 B
C not running BGP (non-pervasive BGP) A won’t advertise 35/8 to D until the IGP is in sync Turn synchronization off!
Run pervasive BGP
53
Alternative to Full Mesh – Router-reflection
AS 100 RR Client Client Non-client
Route Reflector (RR) Client peers Non-client peers Non-client
Non-client peers are full-mesh connected RR reflects routes from non-client peers to all client peers RR reflects routes from client peers to all non-client peers and other client peers
54
Alternative to Full Mesh – Confederation
Member AS 65531 Member-AS 65532 AS Confederation 100
•Divided into member AS, marked by private AS number •Full-mesh in member AS •Peers between member AS are most similar with eBGP, except that
inserted AS path is confederation AS path
•When routes get out of AS confederation, remove confederation AS
path
55
Routing Policy
Why?
To steer traffic through preferred paths Inbound/Outbound prefix filtering To enforce Customer-ISP agreements How ?
AS based route filtering - filter list Prefix based route filtering - distribute list BGP attribute modification - route maps 56
BGP Messages
OPEN To negotiate and establish peering UPDATE To exchange routing information(NLRI, Path attributes, Withdrawn routes) KEEPALIVE To maintain peering session NOTIFICATION To report errors (results in session reset) 57
Conclusion
The single extant protocol for interdomain routing Fundamentally simple algorithms but can provide complex and flexible policy control More future applications, such as BGP/MPLS VPN networks 58