- CCNP Route - BGP part 1: Internet Connectivity
- CCNP Route - BGP part 2: BGP Intro
- CCNP Route - BGP part 3: eBGP
- CCNP Route - BGP part 4: iBGP
- CCNP Route - BGP part 5: BGP path control
- CCNP Route - BGP part 6: Case Studies, Labs, FAQs
http://sclabs.blogspot.com/2010/03/module-12-bgp-basics.html
- Without a network statement, BGP passes along advertisements it receives from other routers, but it does not originate any network advertisements itself.
- In BGP, the network listed in the network statement does not have to be directly connected, because it does not identify interfaces on the router as it does in other protocols.
BGP regexp - http://blog.ine.com/2008/01/06/understanding-bgp-regular-expressions/
There are 2 popular ways to prevent a Multi-Homed AS from becoming transit AS:
- use a distribute-list to filter all network not originating from inside the AS,
- use the no-export community on all networks not originating from inside the AS.
Border Gateway Protocol (BGP) advertises, learns, and chooses the best paths inside the global Internet.
When two ISPs connect, they typically use BGP to exchange routing information.
Collectively, the ISPs of the world exchange the Internet’s routing table using BGP.
Enterprises sometimes use BGP to exchange routing information with one or more ISPs, allowing the Enterprise routers to learn Internet routes.
BGP uses this algorithm to choose the best BGP path (route) using rules that extend far beyond just choosing the route with the lowest metric.
This more complex best path algorithm gives BGP the power to let engineers configure many different settings that influence BGP best path selection, allowing great flexibility in how routers choose the best BGP routes.
BGP Basics
BGP, specifically BGP Version 4 (BGPv4), is the one routing protocol in popular use today that was designed as an Exterior Gateway Protocol (EGP) instead of as an Interior Gateway Protocol (IGP).
BGP facts:
- does need to advertise IPv4 prefixes (Advertises prefix/length, called Network Layer Reachability Information - NLRI), just like IGPs.
- use Path vector logic (similar to distance vector).
- emphasis on scalability; may not always choose the most efficient route.
- needs to advertise some information so that routers can choose one of many routes for a given prefix as the currently best route.
- does establish a neighbor relationship (explicitly configured) before exchanging topology information with a neighboring router.
- does not require neighbors to be attached to the same subnet (use a TCP connection (port 179) between the routers)
- uses a more complex process, using a variety of information, called BGP path attributes, which are exchanged in BGP routing updates much like IGP metric information (instead of choosing the best route just by using an integer metric).
BGP ASNs and the AS_SEQ Path Attribute
BGP uses BGP path attributes (PA) for several purposes.
PAs define information about a path, or route, through a network:
- some PAs can be useful in choosing the best BGP route, using the best path algorithm;
- other PAs can be used for other purposes besides choosing the best path.
By default, if no BGP PAs have been explicitly set, BGP routers use the BGP AS_PATH (autonomous system path) PA when choosing the best route among many competing routes (the most obvious component of AS_Path, the AS_Seq (AS Sequence)).
The integer BGP ASN uniquely identifies one organization that considers itself autonomous from other organizations. Each company whose Enterprise network connects
to the Internet can be considered to be an autonomous system and can be assigned a BGP ASN. (IANA/ICANN also assigns globally unique ASNs.) Additionally, each ISP has an ASN, or possibly several, depending on the size of the ISP.
When a router uses BGP to advertise a route, the prefix/length is associated with a set of PAs, including the AS_Path. The AS_Path PA associated with a prefix/length lists the
ASNs that would be part of an end-to-end route for that prefix as learned using BGP.
BGP uses the AS_Path to perform two key functions:
■ Choose the best route for a prefix based on the shortest AS_Path (fewest number of ASNs listed).
■ Prevent routing loops.
Sample
Two alternative routes learned collectively by the routers in ASN 1:
■ 192.31.7.32/29, AS_Path (12,2)
■ 192.31.7.32/29, AS_Path (12,2,3)
Routers in ASN 1 use the first of the two paths, sending packets to ASN 2 next, and not using the path through ASN 3.
BGP routers also prevent routing loops using the ASNs listed in the AS_Path.
When a BGP router receives an update, and a route advertisement lists an AS_Path with its own ASN, the router ignores that route. The reason is that because the route has already been advertised through the local ASN, to believe the route and then advertise it further might cause routing loops.
Internal and External BGP
BGP defines two classes of neighbors (peers):
- internal BGP (iBGP) - BGP neighbor is in the same ASN (iBGP),
- external BGP (eBGP) - BGP neighbor is in different ASN (eBGP).
A BGP router behaves differently in several ways depending on whether the peer (neighbor) is an iBGP or eBGP peer.
The differences include different rules about what must be true before the two routers can become neighbors, different rules about which routes the BGP best path algorithm chooses as best, and even some different rules about how the routers update the BGP AS_Path PA.
When advertising to an eBGP peer, a BGP router updates the AS_Path PA, but it does not do so when advertising to an iBGP peer.
Public and Private ASNs
For the Internet to work well using BGP, IANA administers the assignment of ASNs much like it does with IP address prefixes. One key reason why ASNs must be assigned as
unique values is that if ASNs are duplicated, the BGP loop prevention process can actually prevent parts of the Internet from learning about a route.
To prevent such issues, IANA controls the ASN numbering space. Using the same general process as for IPv4 addresses, ASNs can be assigned to different organizations. The 16-bit BGP ASN implies a decimal range of 0 through 65,535.
ASN Assignment Categories from IANA 16-Bit (0..65535 = 65536 = 2^16)
ASN 16-bit format
0 Reserved, first number
1-64495 Assignable by IANA for public use
112 Used by the AS112 project to sink misdirected DNS queries; see [RFC7534] [RFC7534]
23456 AS_TRANS (RFC6793) 32-bit ASN transition
64496-64511 Documentation and sample code
64512-65534 For private use (last 1024= 2^10)
65535 Reserved, last number 16bit ASN
ASN 32bit format
65536-65551 ASN 32bit format: For documentation and sample code
4200000000-4294967294 For private use; reserved by [RFC6996] [RFC6996]
4294967295 Reserved by [RFC7300] [RFC7300]
AS112 - anycast announce 192.175.48.0/24 and 2620:4f:8000::/48 and its origin AS is 112.
https://tools.ietf.org/html/rfc7534
Autonomous System (AS) Numbers
Special-Purpose Autonomous System (AS) Numbers
Also, there is RFC4893 BGP Support for Four-octet AS Number Space - describes extensions to BGP to carry theAutonomous System number as a four-octet entity.
AS3102 will be AS0.3102
The number of unique autonomous networks in the routing system of the Internet exceeded 5000 in 1999, 30,000 in late 2008, 35,000 in mid-2010, and 42,000 in late 2012.Like the public IPv4 address space has suffered with the potential for complete depletion of available addresses, the public BGP ASN space has similar issues.
- the ASN assignment process requires that each AS justify whether it truly needs a publicly unique ASN or whether it can just as easily use a private ASN.
- additionally, RFC-5398 reserves a small range of ASNs for use in documentation so that the documents can avoid the use of ASNs assigned to specific organizations.
An AS can use a private AS in cases where the AS connects to only one other ASN (Private ASNs can be used in some cases of connecting to multiple ASNs as well.)
The reason is that with only one connection point to another ASN, loops cannot occur at that point in the BGP topology, so the need for unique ASNs in that part of the network no longer exists. (The loops cannot occur due to the logic behind the BGP best path algorithm, coupled with that BGP only advertises the best path for a given prefix.)
Outbound Routing Toward the Internet
The single biggest reason to consider using BGP between an Enterprise and an ISP is to influence the choice of best path (best route).
Enterprises typically have two major classes of options for outbound routing toward the Internet: default routing and BGP.
Comparing BGP and Default Routing for Enterprises
The branch office default routing design results in less processing on the routers, less memory consumption, and no IGP overhead on the link between the branch and WAN distribution routers.
Although the Enterprise could choose to use BGP in this case, such a decision is not automatic. First, the alternative of using static routes, as shown in the figure, does not require a lot of work. The Enterprise network engineer just needs to configure a default route and advertise it throughout the Enterprise.
You might want to use BGP:
- when you have at least two Internet connections,
- when you want to choose one outbound path over another path for particular destinations in the Internet.
BGP four separate cases:
■ Single homed (1 link per ISP, 1 ISP)
■ Dual homed (2+ links per ISP, 1 ISP)
■ Single multihomed (1 link per ISP, 2+ ISPs)
■ Dual multihomed (2+ links per ISP, 2+ ISPs)
Single Homed
Uses a single ISP, with a single link between the Enterprise and the ISP (only one possible next-hop router exists for all routes for destinations in the Internet).
As a result, no matter what you do with BGP, all learned routes would list the same outgoing interface for every route, which minimizes the benefits of using BGP.
Single-homed designs often use one of two options for routing to and from the Internet:
■ Use static routes (default in the Enterprise, and a static for the Enterprise’s public address range at the ISP).
■ Use BGP, but only to announce a default (ISP to Enterprise) and a route for the Enterprise’s public prefix (Enterprise to ISP).
Configuration steps:
1. The ISP router uses BGP to advertise a default route to the Enterprise.
2. Internet-facing router flood a default route to IGP of Enterprise.
3. configure BGP on the Enterprise router and advertise the Enterprise’s public prefix toward the ISP.
Problems:
- if the Enterprise used private network 10.0.0.0/8 internally, packets destined for addresses in network 10.0.0.0/8 that have not yet been deployed will match the default route and be routed to the Internet.
- To avoid wasting this bandwidth by sending packets unnecessarily, a static route for 10.0.0.0/8, destination null0, could be added to the Internet-facing router but not advertised into the rest of the Enterprise. (This type of route is sometimes called a discard route.) This route would prevent the Internet-facing router from forwarding packets destined for network 10.0.0.0/8 into the Internet.
Dual Homed
The dual-homed design has two (or more) links (use a pair of routers, two pairs, or a combination) to the Internet, but with all links connecting to a single ISP.
Comparing the dual-homed case to the single-homed design, the second link gives the Enterprise a choice.
The common cases when using defaults works well, ignoring BGP, are:
■ To prefer one Internet connection over another for all destinations, but when the better ISP connection fails, all traffic re-routes over the secondary connection.
■ To treat both Internet connections as equal, sending packets for some destinations out each path. However, when one fails, all traffic re-routes over the one still-working path.
Dual-homed connection use cases |
Default Routing (case 3)Choosing One Path over Another Using BGP
! Configuration on router E1 – note that the configuration uses
! a hostname instead of I1-1’s IP address
ip route 0.0.0.0 0.0.0.0 I1-1
router eigrp 1
redistribute static metric 100000 1 255 1 1500
! Configuration on router E2 - note that the configuration uses
! a hostname instead of I2-1’s IP address
ip route 0.0.0.0 0.0.0.0 I2-1
router eigrp 1
redistribute static metric 10000 100000 255 1 1500
- to make BGP specify a prefix as being best reached through a particular link (some IP prefix must have BGP PA settings that appear better through one link than another).
- with a need to run BGP between multiple routers (using an iBGP connection inside the same AS). If not use BGP and rely in default routes, loops can occur
Partial and Full BGP Updates
BGP table in the Internet core is at approximately 500,000 routes (year 2014)
Exchanging BGP information for such a large number of routes consumes bandwidth. It also consumes memory in the routers and requires some processing to choose the best routes. Some samples at Cisco.com show BGP using approximately 70 MB of RAM for the BGP table on a router with 100,000 BGP-learned routes.
To help reduce the memory requirements of receiving full BGP updates, ISPs give you three basic options for what routes the ISP advertises:
■ Default route only:The ISP advertises a default route with BGP, but no other routes.
■ Full updates:The ISP sends you the entire BGP table.
■ Partial updates:The ISP sends you routes for prefixes that might be better reached through that ISP, but not all routes, plus a default route (to use instead of the purposefully omitted routes as needed).
Single Multihomed
A single-multihomed topology means a single link per ISP, but multiple (at least 2) ISPs.
Defaults can still be used in the Enterprise to draw traffic to the preferred Internet connection (if one is preferred) or to balance traffic across both.
It also could be used BGP, learn either full or partial updates, and then favor one connection over another for some of the routes.
Dual Multihomed
Two or more ISPs are used, with two or more connections to each. A number of different routers can be used (much redundancy exists)
That redundancy can be used for backup, but most often, BGP is used to make some decisions about the best path to reach various destinations.