(02) Foundation: What Is BGP? When Do I Use It?

Quite some time ago, years ago, I was just finishing with college, and I spoke to a guy about-- I can't even
remember the big picture context of the conversation. But I remember this. I was trying to impress him with
the amount of math that I had taken. I was chatting about something. Again, I don't remember exactly what
it was. But he said, well, how much have you done? And I said, well, I've gone through a couple of years of
advanced calculus. He goes, oh, well, that's great. He goes, what are you going to use that for? And I said,
uh, well, I'm not sure yet. But I know that a lot of the jobs are looking for that kind of thing, in a lot of
engineering positions. He goes, well, let me tell you this. He said, education for the sake of education is
worthless. And everything else from that discussion, I don't remember. But I remember that one statement.
And it's stuck with me throughout the years to where the education without the why behind it is really
worthless. And I look back, and he was right. I don't remember a thing of my two years of advanced
calculus. Matter of fact, I used to teach Novell. I used to be a Novell instructor when I first got started
teaching. I don't remember the first thing about getting on a Novell server and typing at the command line.
What do I do? If you don't use it, you're going to lose it. So just learning something for the sake of learning
it is truly useless.
So that's the first-- yeah, what a great way to start this series. So let me tell you why you're not
going to use BG-- no. I want to tell you why. I want to fill in the big picture, why you would use BGP.
Because we're about to go through an entire series focused on one routing protocol, the Border Gateway
Protocol, BGP, the biggest routing protocol in the world. And I want to make sure before we even get
started that you know why you would use this protocol, what it's for, why you wouldn't use this protocol,
and the ideal position. Like, what would you be going after if you're trying to use BGP? So you can see the
objectives. Just talking big picture about it. Why not to, why use it. And then I want to go through the facts
about BGP, kind of its resume.

1. Routing Protocol of the Internet

Well, let's start off with the core. What is BGP? As many of you know, it is the routing protocol of the
internet, exchanging thousands and thousands of routes every single second. It is the exterior gateway
protocol, meaning that there's actually these umbrellas, these categories of routing protocols. You've got
Interior Gateway Protocols, or IGPs-- that's our RIPs. That's our OSPFs-- which exchange routes inside of an
organization. And there's more. You got ISIS, EIGRP, all those kind of things. But you have this umbrella of
exterior gateway protocols, which stands alone. BGP is the only one. It's kind of the umbrella as a whole.
Now, it's not the first. Decades and decades and decades ago, long ago, there was another one, I
guess you could say, which was called EGP, if that's not confusing. It actually was called the External
Gateway Protocol, meaning that was the BGP before there was a BGP. But that's been phased out for
decades. Nobody uses that anymore.

2. Management of Trust and Un-trust.

But the unique thing about this umbrella is it gives you a management of trust and untrust.
Meaning interior gateway protocols, there's an implicit level of trust. Your routers, they look
around. They're like, hey, I want to find a neighbor. And when they find someone that's got the same
attributes as them-- hey, we're exchanging routes inside the networks. Hey, let's be neighbors. Let's form
neighbor relationships together. And so they form neighbor relationships and form routes. It's more of a
trusted relationship.

Not so with BGP. With BGP, they decide, I don't trust anybody. And even when I do form a
neighbor relationship, I put all kinds of filters on there to make sure that neighbor doesn't sabotage me.
Because with BGP, we're usually talking to things outside of our system, rather than inside. Again, not the
rule, but kind of the staple of what BGP is all about.

3. Routing through Routing Systems instead of Routers.

BGP does routing through autonomous systems instead of routers.
Now it's kind of like Cisco. A couple of years back, I went to Cisco Live, the new Cisco networkers.
And John Chambers was saying-- I'm not quoting him. So don't go write John Chambers a letter. But at his
keynote, he's like, people aren't really concerned about routers and switches and all that anymore.
Everything's going to the cloud. Everything-- and it was the big, everything's moving to the cloud, services
from anywhere, all that kind of mindset. And it was funny because I was walking through an airport just last
week. I was out flying to Oregon. And Juniper-- that's the only time we'll mention their name. Don't worry.
But Juniper had this giant banner-sized ad in the airport that said "Cloud schmoud. Your cloud is nothing
without the data center." Which I just kind of laugh because I thought, what a good big picture statement
to say, you know what? You can say cloud. You can say services from anywhere. But when it all comes down
to it, there's a router somewhere, pushing packets, making sure that cloud is up. Maybe have two or three
or four routers, but they're still routers. They're all there.
And so when you're talking about BGP, and you'll see this statement all over the place. BGP does not
really route through routers. It routes through autonomous systems. Which is kind of conceptually true, but
at the end of the day, there's a router somewhere routing the traffic. You guys get that concept, right? It's
just more of a big picture. And we'll talk more about that statement on the next slide.

4. The Slowest Routing Protocol in the World

So it is the slowest routing protocol in the world. [GASP], cover your mouth. I know. People are like,
wow. I thought BGP was amazingly fast. Actually, no. It's not amazingly fast by design. We're talking a
network the size and scope of which are just unheard of, if you're used to routing internally. You could take
the biggest internal network you've ever seen, and it doesn't even hold a candle to what BGP is routing
every single second. So BGP cannot be super-fast reacting. We're used to tuning our routing protocols. Like
I just finished updating Cisco Route, some of the new technology in there. And I was like, oh man, EIGRP, we
want 200 millisecond convergence time. We're tuning down our hello timers. We're like, [STUTTERING]
hello, just making sure that the other router stays up all the time. You're crazy about uptime because
everything is dependent on that. Your voice over IP, everything is down to the millisecond internally.
BGP, a route goes down, it's like, eh, let's see if it comes up. Matter of fact, let's give it 30 seconds
before I even tell anybody that that route is down, just because I want to make sure it really is staying down.
Because think about it. If we had a flapping interface somewhere in Afghanistan, we can't have the routers
of the internet, going, oh, it's up, it's down, it's up, it's down. You have to have something that puts bounds
on that router in Afghanistan from flapping up and down and up and down and causing all these updates
to flood the entire internet. So by design, BGP is slow. And you'll definitely get that feeling from it.

5. BGP is Primarily for Service Provider, But also enterprise

customer

It is primarily for service providers, but also for enterprise customers. This is not a topic of CCNA. By
the time you get to BGP, you are in a very large network, or you are working for a service provider, an ISP of
some sort. You are considered a transit system. People are sending their traffic through your system. Again,
more on that as we look at some of the usage scenarios. But of course, BGP, I said, it's the reason that
you're here. That's what you're here to learn. BGP can be overwhelming.

6. The Reason you are here!

So I'm not too sure why you're here. What's your goal? Are you studying for, for instance, the CCIP
or the CCIE certification exam? If so, obviously a huge, huge place. You're at the right place. But I'm also
talking to a lot of people that are working for service providers or planning to work on a service provider.
Or maybe your job is transitioning into something that is looking at more of a larger scope. BGP, I will say, I
can guarantee you, by the time you're done with this series, and its awesome. It's one of those things that
once you get it, you're like, wow. This is really one of the coolest, most flexible protocols in the world.

Now I want to go back and unpack one of the thoughts I just mentioned, which was BGP routes
between autonomous systems, not necessarily between routers. I want to talk about, what that means. And
to take it from a very practical approach, which is what I live by. So this slide, I spent a lot of time creating it,
in case you're wondering, because I really wanted to hammer it home. Like, this is a big-- here's what it
does. This is what BGP is all about. First off, I need to define-- let's get some terms out on the table.

1. What is an Autonomous System?

What is an Autonomous System? You see all these AS numbers all over the place. Well, an
autonomous system, I guess you could think of the dictionary technical definition would be, one or more
networks under the authority of an entity. And that's not an official definition. I would just say that's kind of
what you can think of it as.
Like, for instance, this could be Sprint, a big ISP, with hundreds or thousands of networks in their
organization, but they're all known. They're known to the internet as autonomous system 33,242. That could
be one AS. We could have, for instance, another AS that's not a service provider. Maybe this is Intel. And
Intel is known to the world as autonomous system 442. And that's what they're known by as the rest of the
world.
It doesn't have necessarily have to be a service provider. It could be just an entity. So an
autonomous system is just one or more networks under the authority of an entity. Now just because I'm
defining it this way, don't get the idea that you have to have hundreds or thousands of routers or routes in
your system in order to use BGP. For instance, I've got this little scenario down here. Maybe this is you. You
are autonomous system number 64232. And you are a normal customer with maybe 100 employees. Maybe
you have a router connected up here to-- I'll use an Arizona ISP-- upstream to Cox. And you decide that
you want a separate connection over to CenturyLink. Let my write this, CenturyLink. Now your system is
made up of, we'll say, three or four routers. Because these routers at the edge connect to maybe some
Layer 3 switches or something like that. Inside, you've got VLANs, all that. It's a very, very small network, but
your purpose is that you would not be tied to a specific ISP. Hang on.
Let me backtrack a little bit more. Let's talk about getting some public addresses. Normally, let's
say you're a business, and you want to run stuff that is accessible from the internet, be it a VPN. Maybe
you've got some email servers. You've got some world wide web, HTTP servers. You've got maybe a voice
over IP system, whatever stuff you have. This is inside of your company right here. And you want that
accessible from the internet. Normally, you would just link up to an internet service provider. And again, I'll
just write Cox because it's shorter. Cox is my ISP. And you would say, hey, I've got all these services. They
would say, wow, sounds like you need a /24 block of addresses, 220.5.1.0, this block over here. They'll say,
for $100 a month, we'll give you a /24 block. How's that sound to you? You go, oh, that's great. I've got
these addresses. So Cox creates a-- let me change my pen color here-- creates a static route to you saying,
OK, we have 220.5.1.0, which is accessible from this guy, you. That'll be your IP address right here. And you
will use a default route. Pretty much saying, OK, anything that I don't know about, I'm going to send to Cox.
And you use that for web surfing as well as for the return traffic for all that. Because people are going to
start coming to you. You've got somebody out here sending you an email. And that message is going to
come in through Cox. They'll hit the route and send it to your email server because your email server is
what's in the MX record, the mail services record, that says I want to send email to your business dot com,
or whatever the case may be. So that ends up at you and at your email service. So that's this kind of big
picture, normally how people do it.
But you might get stuff and reach a point where you're like, OK, this is so critical. I don't want
to be tied to just Cox. I mean, I trust Cox. I love them. I'm paying my monthly fee to them. But what
if they misconfigure something, and their connection goes down, and that means now we're down?
We can't have that. It creeps me out to be that dependent on one service provider. So you say, well,
I'm going to pay CenturyLink for a redundant connection.
But I-- and here's the key. This is where BGP steps on to the platform. And you say, I want to
make sure that my network, 220.5.1.0, is reachable both from CenturyLink and from Cox. [HUMMING

TRUMPET FLOURISH] I'm getting a little ahead. That's the number one reason why we want BGP. I want to
be reachable from multiple service providers.
Now make sure I'm not-- let me back this up, back up the train. I'm not talking about surfing the
web. I'm not talking about, wow, we surf the web a lot. It's critical that we get sports scores and Yahoo! and
everything else. I'm not talking about, I want to surf the web through multiple service providers. That's easy.
You don't need BGP. I can do a default route to both service providers saying, send everything here. Maybe
this is my preferred, or I'm load balancing, or something like that. Send everything there, and we're good.
No, no, no, that's not a BGP scenario.
What is a BGP scenario is not that I want to surf the internet through redundancy. I'm saying,
I want people to reach me-- me. Incoming to me from the internet-- redundantly. That's where BGP
comes into play.
Now let's back up a little more. With BGP, you associate what networks you want to advertise out. As
a matter of fact, hang on, let me erase some of my chicken scratch here. I bet you inside of those network,
you have more than the 220.5.1.0 network. I guarantee you. That's your public block that was given to you
by Cox or CenturyLink. But inside of there, you've got some 10 networks. You've got VLANs, where people
are hanging out, doing their day to day business, surfing the web, all that kind of stuff. You've got all kinds
of networks in this cloud, maybe even hundreds or thousands of networks. But you've chosen to advertise
220.5.1.0 to the world. There's a big difference. IGP routes within your system. It could have thousands of
routes inside of your system, allowing people to do day to day business, save spreadsheets, reach
SharePoint sites, and all of the other stuff that CBT Nuggets trains on them. Like, there's all kinds of stuff
that you could be doing inside of your company, and that's where most people spend their time. That's the
interior gateway protocol. That's RIP. That's OSPF. But out of all of that, you say, you know what? That's all
internal stuff. For the world, I want to be known as 220.5.1.0.
That, I'm going to boil it all down. That's what I want to be known as in the world. So in the world,
they're going to say, OK. Autonomous system 64,232-- which is a private autonomous system, by the
way. Again, more on that later-- I will know them as 220.5.1.0. Meaning anywhere in the world, on the
internet-- that's a big, big term here, internet. Any time I want to reach this network, I will send it to
that autonomous system. It doesn't have to be limited. I could associate more-- maybe I grew.
220.6.1.0 is now associated with me. Let me put some /24s on there. 220.7.-- I could associate a huge
amount of networks, public networks, with my system. And they don't all have to be class C either. You
can see I threw a class A out there just for fun. But I associate what I want to advertise to the rest of the
world. It's just what you want the world to see from you.

2. Example: - Explaining iBGP, BGP Convergence Time!

Now let me take this over because I know many of you are like, well, I'm not a private customer here.
I don't just want to be reachable. Maybe I'm working for a service provider. Maybe I've got Sprint. Are we
public only at that point? Is there no internal networks that's hidden from the world? Well, I would say
there's probably a lot less that's hidden from the world if you're an ISP, but there's still a lot. Remember, I
said, BGP is a very slow protocol. It's kind of trudging along. I think of BGP as like the guy who's run 100
miles on the sandy beach. And he's just like, ugh, kind of lifting his legs. It's heavy. It's sopping wet. He's
like, ugh, I've got to get there. I'm BGP. I'm big. I don't know where that came from. So anyway, we've got
routers here at the edge of Sprint, which connects them to other service providers. That's their uplink to
AT&T. That's their uplink to Cox, to Time Warner, to whatever other ISPs are out there. These are all-- this
guy, this guy, this guy are BGP routers. But if that was it-- let's say every other router in Sprint ran BGP,
ching, ching, ching, all of these systems inside-- well, let's say that this, which is a major uplink for them to
Time Warner, goes down. Fiber optic cable cut, whatever the case may be, it's doomed. Well, at that point, if

I was running BGP, there's my guy in the sand. He's like, I've got to change routes. He's kind of like, oh,
change, change. We can't go this way. We've got to use AT&T. It doesn't really make that voice. But it does
that function. It's like, I'm slow. Sprint doesn't want that. Sprint has hundreds and thousands of customers
paying them a lot of money to make sure that they always have internet access. And if Time Warner goes
down, by golly, Sprint needs to find a better way to get there. They're going to use AT&T as their uplink at
that point. And they gotta do it fast. So what they'll do is they'll say, well, BGP will actually form neighbors
between we'll say Time Warner, and then it will form neighbors up through my autonomous system to this
guy. Now there may be 100 routers between Time Warner's router right here-- and by the way, it won't just
be one router. I'm coloring them dark just so you can see them. It'll be probably a redundant three, four,
five, six different routers that are linked up to Time Warner. But again, let's say all those die. Our uplink to
Time Warner goes down. There could be hundreds of routers between this Time Warner link and this link
over here-- here's some more routers here-- going down to Cox. And with BGP, I can form a neighbor
between those guys. I can form a neighbor, even though those neighbors aren't directly connected. That's
actually using something called iBGP. We live in this iPhone, iMac-- hey, BGP was hip long ago. There was
iBGP. So BGP has this internal BGP where you can form neighbors between routers that are thousands of
miles apart, separated by 50 different routers in between them. And those routers in between them are all
running a speed of light IGP, OSPF, ISIS, EGIRP, one of those internal protocols tuned to the millisecond. So
when Time Warner goes, no, I'm down-- that's going to be my BGP voice for the rest of the series. So, no,
I'm down. IGP's like, he's down. He's down. He's down. All these guys are like lightning fast, joo joo joo joo.
Let's go this way, AT&T. And this guy's like, I'm working, going through BGP. Are you getting the idea? I
know, you're probably like, you are a complete fool. But you get the idea, right? BGP is slow. We gotta make
it fast. We gotta make sure that even though our internal protocols, like ISIS, which is one of the favorites of
internet service providers, or OSPF, if you tried to dump the entire BGP into the table, into those guys, they
would explode. They're not meant to handle a routing table the size of BGP. But what they can do is handle
a much smaller routing table that says, you know what, for this neighbor that's connecting to Cox, to reach
this neighbor reaching Time Warner, I can detect if that neighbor goes down and make a change within
Sprint. Again, the key is internal to Sprint, I can make a change down to the millisecond or second kind of
levels to say, instead of using Time Warner, I'm going to go use AT&T as my exit point. Now again, that was
all within Sprint that those changes were made. Now-- where am I going with that? OK. Yeah, that's how-we always have this blend of internal and external protocols, where BGP, this nice, long, dragging, sandy
slow guy, relies on these lower layer IGPs so that it can be somewhat fast to fail over should something go
wrong. Now let me also expand-- and I'm going to spend all my time on this slide, and that's OK. I'll
probably have to break this into multiple little Nuggets. That's OK. Because this is a really good discussion.

3. Example:- What happens when redundant link to another ISP

goes down ! How much time it will take to converge.
Let me take out all my chicken scratch right here. Because I want to talk about down here. Here's
you. You've got your connection up here through Cox. You're advertising 220.5.1.0 through Cox. And you're
advertising it through CenturyLink so that you're redundant. So if Cox goes down, CenturyLink takes over.
Now remember, when you're doing that, you're now relying on BGP to make that change. And this is one of
the big misnomers that people have with BGP. They're like, oh, man. Cox goes down, the rest of the world is
like, oh, we're using CenturyLink. We're there, we're there, woo-hoo! Not so. Because again, that
redundancy relies on BGP as your quote unquote "fast" convergence protocols. So if I'm advertising
200.5.1.0 through Cox, and Cox goes down, BGP is like, no, Cox is down. This is saying, help, I'm down. BGP,
I'm down. And this starts trickling through the internet. Let's say this network is here in Arizona, next to me.
And this network is far, far away. We'll say Australia or United Kingdom, or something like that. It's nice and
far away. This going down will probably get to here maybe in an hour, maybe half. OK, let's give it some

slack. Maybe 15 minutes to half an hour before they know, hey, it looks like you lost one of your paths on
the way there. Now, does that mean that if this goes down, I've got half an hour before the rest of the world
can come in here? Maybe. It might. But chances are it's going to start spreading through the closer
autonomous systems, and they'll start making intelligent-- maybe this guy-- I've got my little clouds just
because that's all I could fit right here. But this guy connects to 50 different clouds, right? And so when Cox
is like, no, I'm down, this guy right here goes, oh, he's down. Well, what other paths do I have? Well, let me- it looks like I've got a path down here that can get in there through CenturyLink. Let's go that route. And
so immediately, for that guy-- let's say that's Sprint-- for all of Sprint's customers-- and we'll say that's
within two to three minutes. So within two to three minutes of Cox going down, Sprint, all its customers,
and then all of the autonomous systems linked directly up to Sprint now have a new way that they're going
to go to reach you through CenturyLink. So yes, it may be half an hour before the United Kingdom knows
that your path is down. But thankfully, the United Kingdom relies on a lot of these other autonomous
systems on the way there. So as it gets closer, even though it might not know that this is down, this guy
might say, oh, well I've already chosen a better, best path. Let me go this route through CenturyLink so it
will defer and deflect the United Kingdom the right direction through the link that is online. Man, I knew
this slide would be good, but I didn't know I'd be able to put this much stuff on here.

4. BGP Default Metric (AS-Path)

One more thing I want to tell you is I want to talk about just BGP's default metric, if we want to call it
that. And that is going to be a huge discussion later on. How does BGP find the best route to you? You're
advertising this network to the rest of the world. How's everybody find the best way? It's so, so simple. It's
frightening, almost. By default, BGP will most of the time rely on something known as the AS-PATH
attribute, which is a fancy version of RIP. Meaning with RIP, it's saying, oh, well I can reach that network.
That way is five routers, five hops. That way is six routers, six hops. I'm going to choose the one with five
hops. That's a better route. I'm going to go that way. BGP is actually the same way. It's going to say,
well, I'm going to choose the best way based on the AS-PATH where hops are now autonomous
systems. So for instance, let's say this guy is Sprint. I know they moved autonomous systems here. But let's
say-- or no, it's actually the I Can't Believe It's Not Sprint. It's Spint. So Spint decides to say, well, I want to
find the best way to your network. I can go this way, and its one hop. That's autonomous system 110. And
then I can go there, and it's two hops, a 64232. That's two hops. Or I can go this way. That's one, two, and
three. Oh, OK. This way's better. Let's go this way.
The reason I want to show that to you now is that decision that Spint just made is totally
independent of bandwidth, of router speed, of router capacity, how many links it has through it.
All it's looking at is there's one big puffy cloud that way, and there's two that way. I'd rather
take one puffy cloud over two. These puffy clouds, this could be a 2,400-baud modem connection.
Budget cuts with Cox and Spint. It doesn't care. It just sees a simple connection right there to Cox,
and it says, well, that's just one. So the reason I show that to you is to show you that BGP by default
is very-- what's the best way-- silly, almost, of how it choose routes. And that means you, as an
admin, need to get involved to really manipulate which path you want BGP to go. And I'm going to
show you as we go through this. Let's say if you are this autonomous system, 64232, there's things
that you can do to try and make Spint maybe come this way rather than taking the 2,400-baud
modem route.
Now it's not guaranteed to work, but there's things that you can do to try and influence that.
Same thing if you're Spint, if you are a spint employee working at that ISP, there's definitely things
that you can do to say, well, I prefer all routes coming through this ISP rather than going through
this ISP. Because now we're influencing which direction we leave rather than me trying to influence

which direction people come into my autonomous system. So, again, a lot of thoughts that go into
this. But I just want to at this point give you the big, practical picture of this is where BGP fits. It's
very different from the internal world that we're used to.

Summary
At this point, I feel a little like more Morpheus and Neo when they're sitting in the room, and
Morpheus says, do you want to know what it is? And Neo was like, well, yes. And they're talking about the
Matrix, of course. And Morpheus says, well, unfortunately, nobody can be told what the Matrix is. You just
have to experience it for yourself. And that's kind of what I feel like with BGP is I've done my lesson. Because
Morpheus even tried. He was like, well, the Matrix is all around you, even now in this very room. I've seen
that movie so many times. It's sick. I can quote it. But anyway, it's kind of like I've done my best to lay out
what it is, BGP, in this case. But it's just something you kind of have to grow into as you start knowing more
and more, and we open all these different little aspects of what it can be used for. You're going to go, oh, I
see it. So at this point, this is a good dividing point where I can say, OK. We have now seen BGP as the
biggest routing protocol in the world. Great. One objective accomplished. What I'm going to do is pick up
in the next Nugget and talk about, when would you not use BGP? I want to talk about that. I know it's kind
of out of order. You might say, well, wouldn't you want to say when you use it? Well, sure. But I actually
want to talk about when not to use it first. And then we'll get into when to use it. And then finally, we'll hit
BGP's resume and start talking about kind of the facts. How does BGP run, how do neighbors form, and so
on. For now, I hope this has been informative for you, and I'd like to thank you for viewing.