ISP Workshops
ISP Workshops
RFC1771
work in progress to update
draft-ietf-idr-bgp4-17.txt
ISP Workshops
BGP
Path Vector Protocol Incremental Updates Many options for policy enforcement Classless Inter Domain Routing (CIDR) Widely used for Internet backbone
Autonomous systems
ISP Workshops
12.6.126.0/24 207.126.96.43
1021
AS Path
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
AS-Path
Sequence of ASes a route has traversed
Loop detection
AS 200
170.10.0.0/16
AS 100
180.10.0.0/16
Apply policy
AS 300 AS 400
150.10.0.0/16
AS 500
ISP Workshops
AS 200
170.10.0.0/16
AS 100
180.10.0.0/16
140.10.0.0/16 170.10.0.0/16
AS 300
140.10.0.0/16
AS 500
180.10.0.0/16 170.10.0.0/16 140.10.0.0/16
ISP Workshops
180.10.0.0/16 is not announced to AS100 as AS500 sees that it is originated from AS100, and that AS100 is the neighbouring AS loop detection in action
Collection of networks with same routing policy Single routing protocol Usually under single ownership, trust and administrative control
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
BGP Basics
Peering
A C
AS 100
B D
AS 101
AS 102
ISP Workshops
10
AS 100
B
AS 101
11
Topology independent Each iBGP speaker must peer with every other iBGP speaker in the AS
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
12
BGP peer within the same AS Not required to be directly connected iBGP speakers need to be fully meshed
they originate connected networks
ISP Workshops
13
BGP Attributes
ISP Workshops
14
What Is an Attribute?
Next Hop AS Path
...
MED
...
...
ISP Workshops
15
AS-Path
Sequence of ASes a route has traversed
Loop detection
AS 200
170.10.0.0/16
AS 100
180.10.0.0/16
Apply policy
AS 300 AS 400
150.10.0.0/16
AS 500
ISP Workshops
16
Next Hop
150.10.1.1 150.10.1.2
AS 200
150.10.0.0/16
AS 300
AS 100
160.10.0.0/16
Next hop to reach a network Usually a local network is the next hop in eBGP session
17 20
ISP Workshops
ISP Workshops
18
Local Preference
AS 100
160.10.0.0/16
AS 200
D
500 800
AS 300
E
A
160.10.0.0/16 > 160.10.0.0/16 500 800
AS 400
C
ISP Workshops
19
Local Preference
Local to an AS non-transitive
local preference set to 100 when heard from neighbouring AS
20
AS 200
C
192.68.1.0/24 2000 192.68.1.0/24 1000
B
192.68.1.0/24
AS 201
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
21
Multi-Exit Discriminator
Inter-AS non-transitive
metric reset to 0 on announcement to next AS
Comparable if paths are from same AS IGP metric can be conveyed as MED
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
22
ISP Workshops
23
Community
BGP attribute
24
Community
ISP 2
X
200.10.0.0/16 200.10.0.0/16 300:9
160.10.0.0/16 170.10.0.0/16
300:1 300:1
AS 400
ISP 1
C
AS 300
160.10.0.0/16 300:1 170.10.0.0/16 300:1
AS 100
AS 200
170.10.0.0/16
160.10.0.0/16
ISP Workshops
25
ISP Workshops
26
ip bgp-community new-format
no auto-summary
no synchronization
bgp deterministic-med
Whatever you do, use of deterministic-med MUST be consistent in your Autonomous System.
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
27
Use prefix-lists for route-filtering when possible (easier to read than ACLs)
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
28
If you carry a default in the IGP, your BGP next-hops ALWAYS resolve (generally not good) bgp bestpath compare-routerid
Restores RFC-compliant path selection; OFF by default to reduce update churn, use with discretion
If you have a large BGP network, consider techniques in the next section
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
29
ISP Workshops
30
How to implement new policy without causing flaps and route churning?
How to reduce the overhead on the routers?
ISP Workshops
31
ISP Workshops
32
Soft Reconfiguration
Problem:
Hard BGP peer clear required after every policy change because the router does not store prefixes that are denied by a filter
Hard BGP peer clearing consumes CPU and affects connectivity for all networks
Solution:
Soft-reconfiguration
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
33
Soft Reconfiguration
discarded normal soft
BGP in table received received and used BGP table BGP in process accepted
peer
peer
ISP Workshops
34
Soft Reconfiguration
New policy is activated without tearing down and restarting the peering session
Per-neighbour basis
Use more memory to keep prefixes whose attributes have been changed or have not been accepted
ISP Workshops
35
ISP Workshops
36
ASN
external
all peers in an AS
all external peers
ISP Workshops
37
No configuration is needed
No additional memory is used Requires peering routers to support route refresh capability RFC2918 clear ip bgp x.x.x.x in tells peer to resend full BGP announcement
ISP Workshops
38
ISP Workshops
39
Peer Groups
Without peer groups iBGP neighbours receive same update Large iBGP mesh slow to build Router CPU wasted on repeat calculations
40
ISP Workshops
41
42
Route flap
Going up and down of path or change in attribute
BGP WITHDRAW followed by UPDATE = 1 flap
eBGP neighbour going down/up is NOT a flap
Wastes CPU
43
Requirements
Fast convergence for normal route changes
ISP Workshops
44
Operation
Add penalty (1000) for each flap
Change in attribute gets penalty of 500
ISP Workshops
45
Operation
4000 Suppress limit 3000
Penalty
2000 Reuse limit 1000
0
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25
Time
Network Announced
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
Network Re-announced
46
Operation
Only applied to inbound announcements from eBGP peers Alternate paths still usable Controlled by:
Half-life (default 15 minutes)
reuse-limit (default 750) suppress-limit (default 2000)
ISP Workshops
47
Configuration
Fixed damping
router bgp 100 bgp dampening [<half-life> <reuse-value> <suppresspenalty> <maximum suppress time>]
route-map <name> permit 10 match ip address prefix-list FLAP-LIST set dampening [<half-life> <reuse-value> <suppresspenalty> <maximum suppress time>] ip prefix-list FLAP-LIST permit 192.0.2.0/24 le 32
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
48
Operation
Care required when setting parameters Penalty must be less than reuse-limit at the maximum suppress time Maximum suppress time and half life must allow penalty to be larger than suppress limit
ISP Workshops
49
Configuration
Examples -
bgp dampening 30 750 3000 60
reuse-limit of 750 means maximum possible penalty is 3000 no prefixes suppressed as penalty cannot exceed suppress-limit
Examples -
bgp dampening 30 2000 3000 60
reuse-limit of 2000 means maximum possible penalty is 8000 suppress limit is easily reached
ISP Workshops
50
Configuration
Examples -
bgp dampening 15 500 2500 30
reuse-limit of 500 means maximum possible penalty is 2000 no prefixes suppressed as penalty cannot exceed suppress-limit
Examples -
bgp dampening 15 750 3000 45
reuse-limit of 750 means maximum possible penalty is 6000 suppress limit is easily reached
ISP Workshops
51
Maths!
Always make sure that suppress-limit is LESS than max-penalty otherwise there will be no route damping
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
52
Variable damping
recommendations for ISPs
http://www.ripe.net/docs/ripe-229.html
Flap statistics
show ip bgp neighbor <x.x.x.x> [dampened-routes | flap-statistics]
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
53
Two solutions
Route reflector simpler to deploy and run Confederation more complex, corner case benefits
ISP Workshops
2001, Cisco Systems, Inc. All rights reserved.
54
AS 100
B C
ISP Workshops
55
Route Reflector
Clients
Reflectors
A C
AS 100
ISP Workshops
56
ISP Workshops
57
Originator_ID attribute
Carries the RID of the originator of the route in the local AS (created by the RR)
Cluster_list attribute
The local cluster-id is added when the update is sent by the RR
ISP Workshops
58
ISP Workshops
59
Easy migration
Multiple levels of route reflectors
ISP Workshops
60
ISP Workshops
61
62