logging in or signing up IEG3090 Tuto4 Peppar Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 149 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: October 07, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... By: lasday2008 (28 month(s) ago) thankssssssss Saving..... Post Reply Close Saving..... Edit Comment Close Premium member Presentation Transcript IEG 3090 Tutorial 3 Border Gateway Protocol: IEG 3090 Tutorial 3 Border Gateway Protocol Gary Chan SHB 724Overview: Overview Introduction to BGP BGP Attributes in Update Message Routing Filtering EBGP vs IBGP More in IBGPIntroduction to BGP: Introduction to BGP Policy-based Inter-domain routing Protocol All the networks on the same AS would share the same set of routing policy Goal of BGP: Goal of BGP Find loop-free paths that Support routing policy established as part of peering relationship Support traffic engineering to minimize (monetary) cost Optimizing performance is only another goal (not the only goal as in Intra-domain routing)Slide5: Distribution of routing information Distance vector based protocol BGP router advertises its best route to each neighbor. Advertisements are only sent when their routes change.Slide6: Contrast with other routing protocols RIP's distribution is based on UDP datagrams, so periodically you need to exchange information (a form of "soft state"). BGP's distribution is based on a TCP connection - no need to refresh. OSPF uses its own transport to do in-sequence and intelligent flooding (which neither UDP or TCP supports).Four Types of messages: Four Types of messages Update – Exchange route information Network prefix Announcements or withdrawals Route-associated BGP attributes. Open - establish the BGP sessions. Notification Indicate an error during the BGP session. The TCP connection will be closed immediately afterwards. Keepalive – To confirm the connection is still activeSlide8: Summary of Operation Neighboring BGP speakers exchange messages to open and confirm the connection parameters (TCP port 179) Then exchange the entire BGP routing table Incremental updates are sent as the routing tables change (note: routes do not timeout, but can be withdrawn) Keep-alive messages are sent periodically to ensure the liveliness of the connection Notification messages are sent in response to errors, and to close the connectionHow routes are advertised?: How routes are advertised? R1 R2 R3 R4 AS1 AS3 AS2 R2 receives new routes from R1 R2 adds the new route to its routing table if there is no route to that prefix or the new route is more preferable. R2 propagates the new route to ALL IBGP peers Similar to R2, R3 also determines whether to add the route R3 sends any updates to R4 Remark: Only routes learned via EBGP will be redistributed to IGP Routes learned via IBGP will only be sent to EBGP peers (This is why IBGP peers must be FULLY-MESHED)Slide10: BGP Route Processing Best Route Selection Apply Import Policies Best Route Table Apply Export Policies Install forwarding Entries for best Routes. Receive BGP Updates Best Routes Transmit BGP Updates Apply Policy = filter routes & tweak attributes Based on Attribute Values IP Forwarding Table Apply Policy = filter routes & tweak attributes Open ended programming. Constrained only by vendor configuration languageSlide11: Filter Routes & Tweak Attributes For inbound traffic Filter outbound routes to avoid traffic. Tweak attributes on outbound routes to influence your neighbor’s best route selection. For outbound traffic Filter inbound routes to check correctness and special services Tweak attributes on inbound routes to influence best route selection outbound routes inbound routes inbound traffic outbound traffic In general, an AS has more control over outbound traffic BGP Attributes: BGP Attributes Each prefix advertised together with its associated attributes BGP router may change the attributes before re-advertising the prefix to other peers If there are more than 1 route to the same prefix, the attributes are used find out which route is used. BGP Attributes: BGP Attributes Attributes commonly used for comparing different routes LOCAL_PREF Normally used on multiple routes learnt from different AS AS-PATH Stores the sequence of AS that the route has gone through Used to prevent routing loop Multi-Exit-Discriminator (MED) Normally used on multiple links between a single pair of AS Other important attributes COMMUNITY An id used to tell neighbor AS how to set local pref BGP Attributes: BGP Attributes Attributes commonly used for comparing different routes LOCAL_PREF Used on multiple routes learnt from different AS AS-PATH Stores the sequence of AS that the route has gone through Used to prevent routing loop Multi-Exit-Discriminator (MED) Used on multiple links between a single pair of AS BGP Attributes: BGP Attributes Other important attributes COMMUNITY An id used to tell neighbor AS how to set local pref NEXT-HOP the IP address of the router that advertised the route. ORIGIN how the route was learned (IGP, EGP, Incomplete) How BGP attributes affect ISP Policies: How BGP attributes affect ISP Policies Loop Prevention Use AS_PATH Use LOCAL_PREF to differentiate different relationships “Hot Potato” routing V.S. “Cold Potato” routing “Cold Potato” routing based on MED attribute Multi-homing: backup routes, and load balancing Use AS_PATH pre-pending method. Use COMMUNITIES to alter provider’s local preference.Slide17: Route Selection Summary Highest Local Preference Shortest ASPATH Lowest MED Lowest IGP cost to BGP egress Lowest router ID traffic engineering (2) Enforce relationships (1) Throw up hands and break ties Longest prefix matching! Forwarding ruleLocal-Pref: Local-Pref AS 1 AS 2 AS 4 AS 3 13.13.0.0/16 local pref = 80 local pref = 100 local pref = 90 Higher Local preference values are more preferredSlide19: Implementing Backup Links with Local Preference (Outbound Traffic) Forces outbound traffic to take primary link, unless link is down. AS 1 primary link backup link Set Local Pref = 100 for all routes from AS 1 AS 65000 Set Local Pref = 50 for all routes from AS 1 Slide20: Implementing Multihomed Backups with LOCAL_PREF(Outbound Traffic) Forces outbound traffic to take primary link, unless link is down. AS 1 primary link backup link Set Local Pref = 100 for all routes from AS 1 AS 2 Set Local Pref = 50 for all routes from AS 3 AS 3 provider providerAS-PATH: AS-PATH AS1 AS2 AS3 AS4 AS5 15.10.0.0/16 15.10.0.0/16 AS-PATH 5 15.10.0.0/16 AS-PATH 2 5 15.10.0.0/16 AS-PATH 5 15.10.0.0/16 AS-PATH 4 5 15.10.0.0/16 AS-PATH 3 4 5 AS3 AS1 AS2 15.10.0.0/16 15.10.0.0/16 AS-PATH 1 15.10.0.0/16 AS-PATH 2 1 15.10.0.0/16 AS-PATH 3 2 1 This route is discarded since it own ASN is in the AS-PATHSlide22: Shedding Inbound Traffic with AS_PATH Pre-pending Pre-pending will (usually) force inbound traffic from AS 1 to take primary link AS 1 192.0.2.0/24 ASPATH = 2 2 2 customer AS 2 provider 192.0.2.0/24 backup primary 192.0.2.0/24 ASPATH = 2 Slide23: Pre-pending May Not Shut Off All Traffic AS 1 192.0.2.0/24 ASPATH = 2 2 2 2 2 2 2 2 2 2 2 2 2 2 customer AS 2 provider 192.0.2.0/24 192.0.2.0/24 ASPATH = 2 AS 3 provider AS 3 will send traffic on “backup” link because it prefers customer routes and local preference is considered before ASPATH length! Pre-pending in this way is often used as a form of load balancing backup primary Slide24: COMMUNITY Attribute AS 1 customer AS 2 provider 192.0.2.0/24 192.0.2.0/24 ASPATH = 2 AS 3 provider backup primary 192.0.2.0/24 ASPATH = 2 COMMUNITY = 3:70 Customer import policy at AS 3: If 3:90 in COMMUNITY then set local preference to 90 If 3:80 in COMMUNITY then set local preference to 80 If 3:70 in COMMUNITY then set local preference to 70 AS 3: normal customer local pref is 100, peer local pref is 90Slide25: Hot Potato Routing: Go for the Closest Egress Point 192.44.78.0/24 15 56 IGP distances egress 1 egress 2 This Router has two BGP routes to 192.44.78.0/24. Hot potato: get traffic off of your network as Soon as possible. Go for egress 1! Note: Local_Pref, AS_PATH are the same -> IGP costSlide26: Getting Burned by the Hot Potato 15 56 17 2865 High bandwidth Provider backbone Many customers want their provider to carry the bits! tiny http request huge http reply SFF NYC San DiegoSlide27: Hot Potato Routing: Go for the Closest Egress Point 192.44.78.0/24 15 56 IGP distances egress 1 egress 2 This Router has two BGP routes to 192.44.78.0/24. Hot potato: get traffic off of your network as Soon as possible. Go for egress 1! Note: Local_Pref, AS_PATH are the same -> IGP costMulti-Exit Discriminator: Multi-Exit Discriminator 15 56 17 2865 192.44.78.0/24 192.44.78.0/24 MED = 15 192.44.78.0/24 MED = 56 Prefer lower MED values Note: 1.Unlike Local-Pref, MED is usually set before sending an Update through EBGP 2.Some AS would ignore MED advertised from other AS, why ??Route Filtering: Route Filtering AS_PATH is not the primary basis for BGP routing. Primary factor is the peering agreements between ISPs. Peering agreements define which neighbor(s) will provide transit for what traffic (from what source, and to what destination)Slide30: Nontransit vs. Transit ASes ISP 1 ISP 2 Nontransit AS might be a corporate or campus network. Could be a “content provider” NET A Traffic NEVER flows from ISP 1 through NET A to ISP 2 (At least not intentionally!)Slide31: Selective Transit NET B NET C NET A provides transit between NET B and NET C and between NET D and NET C NET A NET D NET A DOES NOT provide transit Between NET D and NET B Most transit networks transit in a selective manner…Slide32: Customers and Providers Customer pays provider for access to the Internet provider customerSlide33: Customer-Provider Hierarchy IP traffic provider customer Slide34: The Peering Relationship Peers provide transit between their respective customers Peers do not provide transit between peers Peers (often) do not exchange $$$ traffic allowed traffic NOT allowed C1 C2 C3 A3 A2 A1Slide35: Peering Provides Shortcuts Peering also allows connectivity between the customers of “Tier 1” providers.Slide36: Import Routes From peer From peer From provider From provider From customer From customer Slide37: Export Routes To peer To peer To customer To customer To provider From provider provider route customer route peer route ISP route Slide38: 192.0.2.0/24 192.0.2.0/24 Accidental or malicious announcement of your prefix can blackhole your destinations in large part of the Internet Need Filter Here! legitimate not legitimate BlackholesSlide39: Address with special meaning 0.0.0.0/0: default 10.0.0.0/8: private 172.16.0.0/12: private 192.168.0.0/16: private 128.0.0.0/16: IANA reserved 192.0.2.0/24: test networks 224.0.0.0/3: classes D and E ….. Slide40: Import Routes (Revisited) From peer From peer From provider From provider From customer From customer provider route customer route peer route ISP route xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx Customer address filters cccccc cccccc cccccc potential blackhole specials EBGP and IBGP: EBGP and IBGP Two BGP routers from different AS – EBGP Peers. Two BGP routers from the same AS – IBGP Peers. Both EBGP and IBGP follow the same BGP protocolEBGP and IBGP: EBGP and IBGP Essential difference between EBGP and IBGP: AS Path information in EBGP. IBGP “session” is fully meshed. EBGP peers must be directly connected. IBGP peers can be hops away within the AS (given that IGP has built up the connectivity) More in IBGP: More in IBGP Loop-back address BGP extensions to make iBGP scalableSlide44: Loopback address What is the IP address of a router? Interface address okay for eBGP - if link down, then no BGP session Not okay for iBGP - there are other IGP paths connecting iBGP routers R1 R2 138.39.1.1/30 138.39.1.2/30 R1 R2 138.39.1.1/30 138.39.1.2/30 R3 Slide45: Loopback address Configure loopback addresses for routers (loopback interfaces) IGP must know about these addresses and how to route to them. iBGP sessions can be set up even if link down. R1 R2 138.39.1.1/30 138.39.1.2/30 R3 138.39.128.5/30 138.39.128.1/30IBGP – Scalability: IBGP – Scalability One of the requirements of IBGP is to maintain a fully meshed graph. Why ? Prefixes learned from an EBGP neighbor can be advertised to an i-BGP neighbor, vice versa. However, prefixes learned from an IBGP neighbor cannot be advertised to another IBGP neighbor. Results: IBGP is not scalable. Solutions: Route reflector Confederation IBGP Reflector: IBGP Reflector Introduce hierarchy to iBGP Route reflector Configured to have a number of clients Maintains full mesh with other route reflectors configured to re-advertise routes to its clients Route reflector client behaves as regular iBGP Only maintain a session with its route reflector Cluster Each route reflector and its clients form a cluster Has a cluster ID (set to route reflector’s router ID) Slide48: Originator ID Identifies the router that introduced the route to this AS Never reflect a route to its originator Cluster List Shows the set of clusters the route advertisement has gone through Used to prevent loop Similar to ASPATH IBGP Reflector – attributesSlide49: Divide a big AS into smaller sub-AS’s (Divide and Conquer) Each router configured with ASN, and list of sub-AS numbers E.g. AS1, (AS10, AS11, AS12) Routers within the same sub-AS Form a full mesh Speak iBGP Routers from different sub-ASs Speak eBGP Allow advertising local_pref Next_hop unchanged Include sub-AS in ASPATH with special tags, removed when exit AS Sub-AS hidden from external routers (i.e from other ASs) AS1 AS10 AS11 AS12 IBGP Confederation You do not have the permission to view this presentation. In order to view it, please contact the author of the presentation.
IEG3090 Tuto4 Peppar Download Post to : URL : Related Presentations : Share Add to Flag Embed Email Send to Blogs and Networks Add to Channel Uploaded from authorPOINTLite Insert YouTube videos in PowerPont slides with aS Desktop Copy embed code: (To copy code, click on the text box) Embed: URL: Thumbnail: WordPress Embed Customize Embed The presentation is successfully added In Your Favorites. Views: 149 Category: Entertainment License: All Rights Reserved Like it (0) Dislike it (0) Added: October 07, 2007 This Presentation is Public Favorites: 0 Presentation Description No description available. Comments Posting comment... By: lasday2008 (28 month(s) ago) thankssssssss Saving..... Post Reply Close Saving..... Edit Comment Close Premium member Presentation Transcript IEG 3090 Tutorial 3 Border Gateway Protocol: IEG 3090 Tutorial 3 Border Gateway Protocol Gary Chan SHB 724Overview: Overview Introduction to BGP BGP Attributes in Update Message Routing Filtering EBGP vs IBGP More in IBGPIntroduction to BGP: Introduction to BGP Policy-based Inter-domain routing Protocol All the networks on the same AS would share the same set of routing policy Goal of BGP: Goal of BGP Find loop-free paths that Support routing policy established as part of peering relationship Support traffic engineering to minimize (monetary) cost Optimizing performance is only another goal (not the only goal as in Intra-domain routing)Slide5: Distribution of routing information Distance vector based protocol BGP router advertises its best route to each neighbor. Advertisements are only sent when their routes change.Slide6: Contrast with other routing protocols RIP's distribution is based on UDP datagrams, so periodically you need to exchange information (a form of "soft state"). BGP's distribution is based on a TCP connection - no need to refresh. OSPF uses its own transport to do in-sequence and intelligent flooding (which neither UDP or TCP supports).Four Types of messages: Four Types of messages Update – Exchange route information Network prefix Announcements or withdrawals Route-associated BGP attributes. Open - establish the BGP sessions. Notification Indicate an error during the BGP session. The TCP connection will be closed immediately afterwards. Keepalive – To confirm the connection is still activeSlide8: Summary of Operation Neighboring BGP speakers exchange messages to open and confirm the connection parameters (TCP port 179) Then exchange the entire BGP routing table Incremental updates are sent as the routing tables change (note: routes do not timeout, but can be withdrawn) Keep-alive messages are sent periodically to ensure the liveliness of the connection Notification messages are sent in response to errors, and to close the connectionHow routes are advertised?: How routes are advertised? R1 R2 R3 R4 AS1 AS3 AS2 R2 receives new routes from R1 R2 adds the new route to its routing table if there is no route to that prefix or the new route is more preferable. R2 propagates the new route to ALL IBGP peers Similar to R2, R3 also determines whether to add the route R3 sends any updates to R4 Remark: Only routes learned via EBGP will be redistributed to IGP Routes learned via IBGP will only be sent to EBGP peers (This is why IBGP peers must be FULLY-MESHED)Slide10: BGP Route Processing Best Route Selection Apply Import Policies Best Route Table Apply Export Policies Install forwarding Entries for best Routes. Receive BGP Updates Best Routes Transmit BGP Updates Apply Policy = filter routes & tweak attributes Based on Attribute Values IP Forwarding Table Apply Policy = filter routes & tweak attributes Open ended programming. Constrained only by vendor configuration languageSlide11: Filter Routes & Tweak Attributes For inbound traffic Filter outbound routes to avoid traffic. Tweak attributes on outbound routes to influence your neighbor’s best route selection. For outbound traffic Filter inbound routes to check correctness and special services Tweak attributes on inbound routes to influence best route selection outbound routes inbound routes inbound traffic outbound traffic In general, an AS has more control over outbound traffic BGP Attributes: BGP Attributes Each prefix advertised together with its associated attributes BGP router may change the attributes before re-advertising the prefix to other peers If there are more than 1 route to the same prefix, the attributes are used find out which route is used. BGP Attributes: BGP Attributes Attributes commonly used for comparing different routes LOCAL_PREF Normally used on multiple routes learnt from different AS AS-PATH Stores the sequence of AS that the route has gone through Used to prevent routing loop Multi-Exit-Discriminator (MED) Normally used on multiple links between a single pair of AS Other important attributes COMMUNITY An id used to tell neighbor AS how to set local pref BGP Attributes: BGP Attributes Attributes commonly used for comparing different routes LOCAL_PREF Used on multiple routes learnt from different AS AS-PATH Stores the sequence of AS that the route has gone through Used to prevent routing loop Multi-Exit-Discriminator (MED) Used on multiple links between a single pair of AS BGP Attributes: BGP Attributes Other important attributes COMMUNITY An id used to tell neighbor AS how to set local pref NEXT-HOP the IP address of the router that advertised the route. ORIGIN how the route was learned (IGP, EGP, Incomplete) How BGP attributes affect ISP Policies: How BGP attributes affect ISP Policies Loop Prevention Use AS_PATH Use LOCAL_PREF to differentiate different relationships “Hot Potato” routing V.S. “Cold Potato” routing “Cold Potato” routing based on MED attribute Multi-homing: backup routes, and load balancing Use AS_PATH pre-pending method. Use COMMUNITIES to alter provider’s local preference.Slide17: Route Selection Summary Highest Local Preference Shortest ASPATH Lowest MED Lowest IGP cost to BGP egress Lowest router ID traffic engineering (2) Enforce relationships (1) Throw up hands and break ties Longest prefix matching! Forwarding ruleLocal-Pref: Local-Pref AS 1 AS 2 AS 4 AS 3 13.13.0.0/16 local pref = 80 local pref = 100 local pref = 90 Higher Local preference values are more preferredSlide19: Implementing Backup Links with Local Preference (Outbound Traffic) Forces outbound traffic to take primary link, unless link is down. AS 1 primary link backup link Set Local Pref = 100 for all routes from AS 1 AS 65000 Set Local Pref = 50 for all routes from AS 1 Slide20: Implementing Multihomed Backups with LOCAL_PREF(Outbound Traffic) Forces outbound traffic to take primary link, unless link is down. AS 1 primary link backup link Set Local Pref = 100 for all routes from AS 1 AS 2 Set Local Pref = 50 for all routes from AS 3 AS 3 provider providerAS-PATH: AS-PATH AS1 AS2 AS3 AS4 AS5 15.10.0.0/16 15.10.0.0/16 AS-PATH 5 15.10.0.0/16 AS-PATH 2 5 15.10.0.0/16 AS-PATH 5 15.10.0.0/16 AS-PATH 4 5 15.10.0.0/16 AS-PATH 3 4 5 AS3 AS1 AS2 15.10.0.0/16 15.10.0.0/16 AS-PATH 1 15.10.0.0/16 AS-PATH 2 1 15.10.0.0/16 AS-PATH 3 2 1 This route is discarded since it own ASN is in the AS-PATHSlide22: Shedding Inbound Traffic with AS_PATH Pre-pending Pre-pending will (usually) force inbound traffic from AS 1 to take primary link AS 1 192.0.2.0/24 ASPATH = 2 2 2 customer AS 2 provider 192.0.2.0/24 backup primary 192.0.2.0/24 ASPATH = 2 Slide23: Pre-pending May Not Shut Off All Traffic AS 1 192.0.2.0/24 ASPATH = 2 2 2 2 2 2 2 2 2 2 2 2 2 2 customer AS 2 provider 192.0.2.0/24 192.0.2.0/24 ASPATH = 2 AS 3 provider AS 3 will send traffic on “backup” link because it prefers customer routes and local preference is considered before ASPATH length! Pre-pending in this way is often used as a form of load balancing backup primary Slide24: COMMUNITY Attribute AS 1 customer AS 2 provider 192.0.2.0/24 192.0.2.0/24 ASPATH = 2 AS 3 provider backup primary 192.0.2.0/24 ASPATH = 2 COMMUNITY = 3:70 Customer import policy at AS 3: If 3:90 in COMMUNITY then set local preference to 90 If 3:80 in COMMUNITY then set local preference to 80 If 3:70 in COMMUNITY then set local preference to 70 AS 3: normal customer local pref is 100, peer local pref is 90Slide25: Hot Potato Routing: Go for the Closest Egress Point 192.44.78.0/24 15 56 IGP distances egress 1 egress 2 This Router has two BGP routes to 192.44.78.0/24. Hot potato: get traffic off of your network as Soon as possible. Go for egress 1! Note: Local_Pref, AS_PATH are the same -> IGP costSlide26: Getting Burned by the Hot Potato 15 56 17 2865 High bandwidth Provider backbone Many customers want their provider to carry the bits! tiny http request huge http reply SFF NYC San DiegoSlide27: Hot Potato Routing: Go for the Closest Egress Point 192.44.78.0/24 15 56 IGP distances egress 1 egress 2 This Router has two BGP routes to 192.44.78.0/24. Hot potato: get traffic off of your network as Soon as possible. Go for egress 1! Note: Local_Pref, AS_PATH are the same -> IGP costMulti-Exit Discriminator: Multi-Exit Discriminator 15 56 17 2865 192.44.78.0/24 192.44.78.0/24 MED = 15 192.44.78.0/24 MED = 56 Prefer lower MED values Note: 1.Unlike Local-Pref, MED is usually set before sending an Update through EBGP 2.Some AS would ignore MED advertised from other AS, why ??Route Filtering: Route Filtering AS_PATH is not the primary basis for BGP routing. Primary factor is the peering agreements between ISPs. Peering agreements define which neighbor(s) will provide transit for what traffic (from what source, and to what destination)Slide30: Nontransit vs. Transit ASes ISP 1 ISP 2 Nontransit AS might be a corporate or campus network. Could be a “content provider” NET A Traffic NEVER flows from ISP 1 through NET A to ISP 2 (At least not intentionally!)Slide31: Selective Transit NET B NET C NET A provides transit between NET B and NET C and between NET D and NET C NET A NET D NET A DOES NOT provide transit Between NET D and NET B Most transit networks transit in a selective manner…Slide32: Customers and Providers Customer pays provider for access to the Internet provider customerSlide33: Customer-Provider Hierarchy IP traffic provider customer Slide34: The Peering Relationship Peers provide transit between their respective customers Peers do not provide transit between peers Peers (often) do not exchange $$$ traffic allowed traffic NOT allowed C1 C2 C3 A3 A2 A1Slide35: Peering Provides Shortcuts Peering also allows connectivity between the customers of “Tier 1” providers.Slide36: Import Routes From peer From peer From provider From provider From customer From customer Slide37: Export Routes To peer To peer To customer To customer To provider From provider provider route customer route peer route ISP route Slide38: 192.0.2.0/24 192.0.2.0/24 Accidental or malicious announcement of your prefix can blackhole your destinations in large part of the Internet Need Filter Here! legitimate not legitimate BlackholesSlide39: Address with special meaning 0.0.0.0/0: default 10.0.0.0/8: private 172.16.0.0/12: private 192.168.0.0/16: private 128.0.0.0/16: IANA reserved 192.0.2.0/24: test networks 224.0.0.0/3: classes D and E ….. Slide40: Import Routes (Revisited) From peer From peer From provider From provider From customer From customer provider route customer route peer route ISP route xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx xxxxxx Customer address filters cccccc cccccc cccccc potential blackhole specials EBGP and IBGP: EBGP and IBGP Two BGP routers from different AS – EBGP Peers. Two BGP routers from the same AS – IBGP Peers. Both EBGP and IBGP follow the same BGP protocolEBGP and IBGP: EBGP and IBGP Essential difference between EBGP and IBGP: AS Path information in EBGP. IBGP “session” is fully meshed. EBGP peers must be directly connected. IBGP peers can be hops away within the AS (given that IGP has built up the connectivity) More in IBGP: More in IBGP Loop-back address BGP extensions to make iBGP scalableSlide44: Loopback address What is the IP address of a router? Interface address okay for eBGP - if link down, then no BGP session Not okay for iBGP - there are other IGP paths connecting iBGP routers R1 R2 138.39.1.1/30 138.39.1.2/30 R1 R2 138.39.1.1/30 138.39.1.2/30 R3 Slide45: Loopback address Configure loopback addresses for routers (loopback interfaces) IGP must know about these addresses and how to route to them. iBGP sessions can be set up even if link down. R1 R2 138.39.1.1/30 138.39.1.2/30 R3 138.39.128.5/30 138.39.128.1/30IBGP – Scalability: IBGP – Scalability One of the requirements of IBGP is to maintain a fully meshed graph. Why ? Prefixes learned from an EBGP neighbor can be advertised to an i-BGP neighbor, vice versa. However, prefixes learned from an IBGP neighbor cannot be advertised to another IBGP neighbor. Results: IBGP is not scalable. Solutions: Route reflector Confederation IBGP Reflector: IBGP Reflector Introduce hierarchy to iBGP Route reflector Configured to have a number of clients Maintains full mesh with other route reflectors configured to re-advertise routes to its clients Route reflector client behaves as regular iBGP Only maintain a session with its route reflector Cluster Each route reflector and its clients form a cluster Has a cluster ID (set to route reflector’s router ID) Slide48: Originator ID Identifies the router that introduced the route to this AS Never reflect a route to its originator Cluster List Shows the set of clusters the route advertisement has gone through Used to prevent loop Similar to ASPATH IBGP Reflector – attributesSlide49: Divide a big AS into smaller sub-AS’s (Divide and Conquer) Each router configured with ASN, and list of sub-AS numbers E.g. AS1, (AS10, AS11, AS12) Routers within the same sub-AS Form a full mesh Speak iBGP Routers from different sub-ASs Speak eBGP Allow advertising local_pref Next_hop unchanged Include sub-AS in ASPATH with special tags, removed when exit AS Sub-AS hidden from external routers (i.e from other ASs) AS1 AS10 AS11 AS12 IBGP Confederation