This entire series on routing was created when I was preparing for the Cisco 642-901 BSCI test, as my notes. I then made a simple edit and published the text. If you think something essential is missing, something is not described correctly or is not entirely clear, I will welcome your information in the comments.
BGP Properties
- the current BGP version 4 is defined in RFC 4271
- used for inter-AS routing (between IGPs like OSPF)
- periodic keepalives (60s) are sent to verify connectivity
- any two routers that have established a TCP BGP connection (i.e. reliable) are called neighbors or peers
- each router with BGP is called a BGP speaker
- updates are sent using
TCP port 179(the only one using TCP, RIP is UDP 520, OSPF does not use Layer 3 at all), so there must be a TCP connection between routers for them to be neighbors - the updates carry Network Layer Reachability Information (NLRI) - destination prefix, length, path, next hop
- the routing table can contain more than 100,000 records, which is why the internet is a decentralized system
- supports CIDR/VLSM and route aggregation
- does not use traditional metrics, but decides based on path, policies, and rules
- EBGP - External BGP - between routers from different AS
- IBGP - Internal BGP - within the same AS
- stable iBGP - does not depend on the interface state (uses loopback - never goes down) - creates a peer relationship between the routers' loopbacks, does not depend on the physical topology, they don't have to be directly connected, but must be in full-mesh
- routers on the AS borders are called border or edge
- static routes can be used to establish adjacency in EBGP
- routes learned from IBGP are not sent to other IBGP neighbors -> for all routes to be learned, they must be connected in a full-mesh, but the mesh doesn't have to be physical, it can be logical (they must all communicate directly via IP)
- EBGP multi-hop is not allowed by default, so the EBGP peer must be directly connected for the adjacency to be established with the local router
- Route Reflector - this router propagates routes learned from IBGP (but also from EBGP like any other IBGP router) to other IBGP, reduces the number of required BGP neighbors in the AS (no need for full mesh) - they have adjacency only with the reflector and not with each other
- Confederation - the second method to avoid full-mesh, the AS is divided into smaller, more manageable subgroups
- Peer group - neighbors with the same update policy (inherit it, but can also override it) can be grouped together to simplify configuration and make computations more efficient, the group name is local
- Synchronization - if enabled, a prefix learned from IBGP is valid only if there is a non-BGP (IGP) route for this prefix, in other words, the router does not use and does not advertise a route learned from IBGP unless it is local or comes from IGP, it can be disabled if all routers in the AS use full-mesh IBGP
Router States in BGP - From a Communication Perspective
- Idle - rejects connections, prepares to transmit, transitions to Connect, set manually or falls into it after an error
- Connect - establishes a connection with the neighbor, sends a BGP OPEN, transitions to OpenSent
- Active - a connection from the neighbor came in (BGP OPEN), transitions to OpenSent
- OpenSent - waits for OPEN from the neighbor, analyzes it to determine if it belongs to the same AS and if it is valid, sends a KEEPALIVE upon receipt
- OpenConfirm - waits for KEEPALIVE from the neighbor
- Established - a bidirectional connection has been established, starts sending UPDATE and KEEPALIVE
Tables in BGP
- attributes - values of individual attributes (see next section)
- topology - connects routes and attributes
BGP Attributes
- Weight - a mandatory attribute that is local (not sent to neighbors), higher weight means higher path preference, Cisco proprietary, resolves different paths to the same destination
- AS_Path - (well-known mandatory) series of AS numbers through which the route to the destination passes, each router adds its own AS to the beginning and sends it to the EBGP neighbor, used to prevent loops (if it's already in the list, it rejects the path), shorter path is better
- next hop - (mandatory) in IGP (RIP.) and also in EBGP, it is the IP address of the router that announced the route, in IBGP, if the route comes from the same AS, it is the same, if it comes from another AS (delivered from EBGP), it is the address of the EBGP router that announced the route
- origin - (mandatory) - IGP < EGP < Incomplete
- local preference - (discretionary) - for selecting the exit path from the AS, default 100
- atomic aggregate - (discretionary)
- aggregator - (optional transitive)
- communities - (optional transitive) - we tag routes - default no, each network is a member of one or more, a community is a group of destinations with the same property
- Multiple Exit Discriminator (MED) - (optional non-transitive) - informs external neighbors of the preferred path into the AS, which has multiple entry paths, lower = better, set using route-map and set metric
Order of Attribute Evaluation (Best Path Algorithm)
- greater Weight
- greater Local_pref
- originate - we prefer local paths, aggregated and redistributed
- shorter AS_path
- lower MED
- prefer EBGP over IBGP
- lowest IGP metric for next hop // usually ends here
- check if we need to use multiple paths
- older path
- from lower Router ID
- min cluster list length (for reflector)
- smaller neighbor address
Cisco IOS Commands for Configuring BGP
ROUTER(config)#router bgp 300 // activates BGP, 300 is the AS number ROUTER(config-router)#neighbor 170.10.20.1 remote-as 1005 //defines the neighbors with whom the connection will be established, in the given AS ROUTER(config-router)#neighbor 170.10.20.1 next-hop-self // sets the given address as the next hop ROUTER(config-router)#neighbor 170.10.20.1 send-community // sends community attributes to the neighbor ROUTER(config-router)#neighbor 170.10.20.1 update-source loopback 1 // sets the loopback interface as the source interface, for IBGP we may want the connection to keep running regardless of the interface, so we use the loopback address (it never goes down) ROUTER(config-router)#neighbor 170.10.20.1 route-reflector-client // sets this router as a reflector and designates its client ROUTER(config-router)#no synchronization // disables synchronization ROUTER(config-router)#bgp always-compare-med // forces the router to compare path metrics from other ASes ROUTER#clear ip bgp * // clears BGP tables and sessions, * means all, otherwise an IP is specified
Including a Prefix in the Routing Process
ROUTER(config-router)#redistribute static // inserts prefixes of static routes, includes them in BGP ROUTER(config-router)#network 164.67.36.0 mask 255.255.255.0 // which locally learned networks (must exist in the routing table) to advertise
Address Summarization in BGP
ROUTER(config-router)#aggregate-address 200.52.0.0 255.255.0.0 summary-only // inserts the summary route into the routing table, if summary-only is not used, the sub-networks from which the summarization was created will also be advertised ROUTER(config)#ip route 198.10.0.0 255.255.0.0 null0 // only for summarization, be careful, if there were no more specific routes, this would be used ROUTER(config-router)#redistribute static // second option for aggregation ROUTER(config-router)#network 198.10.0.0 mask 255.255.255.0 // third option for aggregation (also combined with ip route) ROUTER(config-router)#no auto-summary // the last option would be auto-summarization on classful, but this needs to be turned off almost always
Route Filtering Using Prefix Lists
ROUTER(config)#ip prefix-list test deny 0.0.0.0/0 // blocks the default route 0.0.0.0 ROUTER(config)#ip prefix-list abc permit 192.0.0.0/8 ge 8 le 24 // accepts all prefixes > /8 and </24 ROUTER(config-router)#neighbor 170.10.20.1 prefix-list test in // applies filtering to the neighbor (incoming or outgoing packets)
Show Commands - Checking Configuration
ROUTER#show ip bgp // displays routes, the best is marked with > ROUTER#show ip bgp summary // summary of all connections (list of BGP neighbors) ROUTER#show ip bgp path // all paths in the DB ROUTER#show bgp neighbor // neighbors with info about the reflector ROUTER#show ip prefix-list // displays the prefix list
Predevsim diky za clanky, v cestine jich je opravdu malo.
Jen drobnost: ve vyberu cesty podle me chybi bod 5. origin.
Prefer the path with the lowest origin type.
Note: IGP is lower than Exterior Gateway Protocol (EGP), and EGP is lower than INCOMPLETE.
www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtml
U pořadí vyhodnocování patří mezi body 4 (kratší AS path) a 5 (MED) ještě jeden bod a to Prefer lowest origin code (IGP < EGP), jak psal Hobit už dříve. EGP se už nepoužívá, takže se patrně už nikde neobjevuje.
Indicates the origin of the entry. The origin code is placed at the end of each line in the table. It can be one of the following values:
i—Entry originated from an Interior Gateway Protocol (IGP) and was advertised with a network router configuration command.
e—Entry originated from an Exterior Gateway Protocol (EGP)
?—Origin of the path is not clear. Usually, this is a router that is redistributed into BGP from an IGP.
K bodu 9 - starší cesta vyhrává jen doplním, že stáří cest je vidět v příkazu show ip bgp. Cesty jsou seřazeny od nejmladších po nejstarší.
ROUTER(config-router)#neighbor 170.10.20.1 next-hop-self // nastaví danou adresu jako next hop
Výše uvedený komentář není správně (nebo mu nerozumím). O co jde: směrovač ASBR přijme od EBGP souseda údaj o síti včetně next hopu k ní (to je ten soused). Pokud směrovač ale ASBR provozuje rovněž IBGP, předá IBGP sousedovi údaj o oné externí síti včetně původního hopu, tj adresy EBGP souseda, ke které ale IBGP sosed nemusí znát cestu (je to spoj mezi dvěma AS)! Parametr "next-hop-self" řekne, že odesílající IBGP směrovač vloží jako next hop svoji adresu.