Chapter 6: BGP: BGP Terminology, Concepts and Operation
Chapter 6: BGP: BGP Terminology, Concepts and Operation
One way to categorize routing protocols is by whether they are interior or exterior:
Interior gateway protocol (IGP): A routing protocol that exchanges routing information within
an AS.
Exterior gateway protocol (EGP): A routing protocol that exchanges routing information
between different AS routers.
Autonomous systems might use more than one IGRP, with potentially several sets of metric. The
important characteristic of an AS from the view of BGP is that the AS appears to other AS to have a
single coherent interior routing plan.
The Internet Assigned Numbers Authority (IANA) is the umbrella organization responsible for assigning
AS numbers.
AS numbers can be private or publicly assigned, if you need to use BGP, you must have a public assigned
AS number. Other than that, you can allow the use of a private AS number.
The main goal of BGP is to provide an inter-domain routing system that guarantees the loop-free
exchange of routing information between autonomous systems.
There is a distinction between an ordinary autonomous system and one that has been configured with
BGP to implement a transit policy. The latter is called an ISP or a service provider.
BGP-4 has many enhancements over earlier protocols. It is used extensively on the internet today to
connect ISPs and to interconnect enterprises to ISPs.
Not using CIDR at the internet level would cause the IP routing table to have more then 2 million entries.
Using CIDR, and therefore, BGP4, prevents the internet routing table from becoming too large for
interconnecting millions of users.
BGP is also a distance vector protocol, with many enchantments; it is also called a path vector protocol.
Internal routing protocols look at the path cost to get somewhere and choose the best path from one point
in a corporate network to another based on certain metrics.
BGP does not look at the speed for the best path. Rather BGP is a policy-based routing protocol that
allows an autonomous system to control traffic flow using multiple BGP attributes.
BGP allows an organization to fully use all of its bandwidth by manipulating these path attributes.
Requirements that must be determined for connecting an enterprise an ISP include following:
Public IP address space: In the rare case that only one-way connectivity, from the clients to the
internet, is required, private IP addresses with NAT are used, allowing clients on a private
network to communicate.
Enterprise-to-ISP connection link type and bandwidth: The type and bandwidth available
depends on the ISP and may include leased line.
Routing protocol: Either static or dynamic routing.
Connection redundancy: The type of redundancy required for the enterprise network to ISP
connectivity must be evaluated.
Public IP addresses are used to translate client private addresses for those clients that need to access
resources on the internet. Public IP address space should not be used from the ISP public address space
but must instead be acquired from a regional Internet authority.
Connecting an enterprise network to one or more ISPs requires routing information to be exchanged
between them.
How that routing information is exchanged depends on the requirements, such as the answer to the
following questions:
Does the routing need to respond to the changes in the network topology?
Will the enterprise network be connected to multiple ISPs?
Is traffic load balancing over multiple links required?
Which routing options does the ISP offer?
How much routing information needs to be exchanged with the ISP?
AToM enables sending layer 2 frames across an MPLS backbone. It unifies Layer 2 and Layer 3 offerings
over a common MPLS infrastructure. In AToM, virtual circuits represent layer 2 links, and MPLS labels
identify VCs.
These layer 2 VPN services appeal to ISPs enterprise customers who may already run their own networks
and desire only point-to-point connectivity between sites.
Layer 3 MPLS VPN the ISP uses a common IP-based core network enhanced with MPLS technology to
provide secure and manageable connectivity for different customers to their geographically disperse sites.
Traffic from different customers of the ISP shares the same physical infrastructure, but is tagged with
MPLS labels so that the traffic cannot intermix.
When a customer uses MPLS VPN functionality, routing between the customer and ISP is required, to
provide connectivity between the customer locations.
The customer routers are configured for the IGP as if there is a corporate network between them. The ISP
and the customer must agree on the IGP parameters; however, these are often governed by the ISP.
With an MPLS VPN deployment, the service provider can also offer Internet connectivity through the
same MPLS core network, either through a special Internet VPN or through a global routing table.
Configuring static routes between a customer’s edge router and an ISP is the simplest way to implement
packet forwarding with an ISP.
Static routes are typically used for Internet connectivity when a customer is connected through a single
connection to an ISP.
Static routes have drawbacks, especially in terms of flexibility and adaptability. The static routes could be
combined with Cisco SLA, which could declare a static route down if a certain condition is not met.
BGP dynamically exchanges routing information and thus reacts to topology changes including those
changes beyond a customer-to-ISP link failure.
Connection Redundancy
Redundancy can be confusing to a point when implementing, especially when configuring a multi-homed
network.
There are various connection types when connecting to ISPs, such as:
Enterprises that want to connect to the Internet do so through one or more ISPs. If your organizations has
only one connection to one ISP, you probably do not need to use BGP.
When BGP is running between routers in different autonomous systems, it is called External BGP. When
BGP is running between routers in the same autonomous systems, it is called IBGP.
If one connection to an ISP in a multi-homed environment, you can use the backup ISP.
When using BGP in a multi-homed environment, make sure not to advertise routes learned from one ISP
into another ISP. This will create route feedback between ISPs.
BGP multihomed Options
The benefits of BGP are apparent when an AS has multiple EBGP connections to either a single ISP or to
multiple ISPs. An organization can be connected to either a single ISP or to multiple ISPs.
If an organization has determined that it will perform multi-homing with BGP, three common ways to do
this are as follows:
The first multi-homing options is to receive only a default route from each ISP. This configuration
requires the least resources within the autonomous system because a default route is used to reach any
external destinations.
If a router within the autonomous system learns about multiple default routes using the local IGP, it
installs the best default route into the routing table. From the perspective of this router, it takes the default
route with the least-cost IGP metric. The edge router will use the BGP default route to reach all external
networks, the route propagated by the ISP.
A customer chooses to receive default routes from all providers must understand the following
limitations:
Path manipulation cannot be performed because only a single route is being received from each
ISP.
Diverting some of the traffic from one exit point to another is challenging because all destinations
are using the same default route for path selection.
Multihoming with default routes and partial table from all providers
In the second design option for multihoming, all ISPs pass default routes plus select specific routes to the
autonomous system.
An enterprise that is running EBGP with an ISP and that wants a partial routing table generally receives
the networks that the ISP and its other customers own.
The ISPs reassign their address blocks to their customers. If the ISP passes this information to a customer
that wants only a partial BGP routing table, the customer could pass this information to internal routers
using IBGP and might redistribute routes into its IGP.
The internal routers of the customer could then receive these routes via redistribution.
Acquiring a partial BGP table from each provider would be beneficial for specific routes because path
selection will be more predicable than when using a default route.
In the third multihoming option, all ISPs pass all routes to the autonomous system, and IBGP is run on at
least all the routers in the transit path in this autonomous system.
This configuration requires a lot of resources within the autonomous system because it must process al
the external routes. The autonomous system sends all of its routes to the ISPs, which process the routes
and pass to other autonomous systems.
This would allow all routes to destinations to be known, and would be ale to make the most precise
routing decisions.
Internal routing protocols announce a list of networks and the metrics to get to each network. In contrast,
BGP routers exchange network reach ability information, called path vectors, made up of path attributes.
The path vector information includes a list of the full path of BGP AS numbers necessary to reach a
destination network. Other attributes include the IP address to get to the next AS (next-hop attribute) and
how the networks at the end of the path were introduced into BGP (the origin code attribute).
This autonomous system path information is used to construct a graph of loop-free autonomous systems
to identify routing policies so that restrictions on routing behavior can be enforced based on the AS path.
BGP does not accept a routing update that already includes its autonomous system number in the path list,
because that update has already passed through its autonomous system, accepting it again will result in a
routing loop. (Sort of like split horizon)
BGP allows routing-policy decisions to be applied to the path of BGP autonomous system numbers so
that routing behavior can be enforced at the autonomous system level and to determine how data will flow
through the AS.
BGP specifies that a BGP router can advertise to its peers (neighbors) in neighboring AS only those
routes that it uses.
In other words, you cannot influence how a neighboring AS will route traffic, but can influence how your
traffic gets to a neighboring AS.
BGP is highly applicable as an inter-AS routing protocol for the current internet.
BGP use in an AS is most appropriate when the effects of BGP are well understood and at least one of the
following conditions exists:
The autonomous system allows packets to transit through it to reach other autonomous systems
The AS has multiple connections to other AS’s.
Routing policy and route selection for traffic entering and leaving the AS must be manipulated.
(makes QoS possible)
If an enterprise wants its traffic to be differentiated from its ISP’s traffic on the Internet, the enterprise
must connect to its ISP using BGP.
BGP was designed to allow ISPs to communicate and exchange packets. These ISPs have multiple
connections to one another and have agreements to exchange updates.
If BGP is not properly controlled and filtered, it has the potential to allow an outside AS to affect the
traffic flow to your AS. You want to be able to receive traffic destined for your AS through each ISP, but
you do not want to waste valuable resources and bandwidth within your AS to route traffic for your ISPs.
Reasons include:
BGP Characteristics
BGP uses the TCP transport protocol, which provides connection-oriented reliable delivery. In this way,
BGP assumes that its communication is reliable and, therefore, BGP does not have to implement any
retransmission or error-recovery mechanisms like EIGRP does.
Two routers speaking BGP establish a TCP connection and exchange messages to open and confirm the
connection parameters. These routers are called neighbors or peers.
After the TCP connection is made, the routers exchange their full BGP routing tables, and then they only
send incremental updates after that. Triggered updates are used. BGP sends keep alive messages, similar
to hello messages.
TCP uses dynamic windows, which allows for up to 65,576 byes to be outstanding before it stop and
waits for an acknowledgment. This is not like EIGRP or OSPF which needs acknowledges before it can
sends its next packet.
BGP Neighbor relationships
A BGP router forms a neighbor relationship with a limited number of other routers. This is where routers
learn paths through the Internet to reach any advertised network.
Any routers that runs BGP is called a BGP speaker. A BGP speaker has a limited number of BGP
neighbors with which it peers and forms a TCP-based relationship.
An EBGP neighbor is a router running in a different AS. For two routers to exchange BGP routing
updates, the TCP reliable transport layer on each side must pass the TCP three-way handshake before the
BGP session can be established. Therefore, the IP address used in the neighbor command must be
reachable without using an IGP. Generally, this means that the neighbor is directly connected.
For each such connection between different autonomous system, there is an EBGP session required
between EBGP neighboring routers.
Different AS number
Define neighbors
Reachability
Same AS number
Define neighbors
Reachability
A loopback address is usually used in the neighbor command to establish IBGP sessions. (Cannot do this
with EBGP, because you can’t control outside AS IP addressing unless you control that AS)
You must set up IBGP sessions between all routers in the transit path, so that they learn all the paths
distributed within BGP.
All routers in a transit AS must have complete knowledge of external routes. Theoretically, one way to
achieve this goal is to redistribute BGP routes into an IGP at the edge routers; however, that solution has
some problems.
Another method that you can use is to run IBGP on all routes within the AS.
IBGP in a nontransit AS
A nontransit AS, such as an organization that is multihoming with two ISPs, does not pass routes between
the ISPs. To avoid routing loops within an autonomous system, BGP specifies that routes learned through
IBGP are never propagated to other IBGP peers.
When all IBGP neighbors are fully meshed and a change is received from an external AS, the receiving
BGP router in the local AS is responsible for informing all other IBGP neighbors of the change.
TCP sessions cannot be multicast or broadcast because TCP has to ensure the delivery of packets to each
recipient. Because TCP cannot use broadcasting, BGP cannot use it either. Each neighbor will need to
have its own command so BGP can unicast a TCP session between peers.
To be fully meshed, each router must be peered to every other router in an AS. The path-selection result
from a fully meshed AS will be uniform across the AS.
BGP Synchronization
The BGP synchronization rules state that a BGP router should not use, or advertise to an external
neighbor, a route learned by IBGP, unless that route is local or is learned from the IGP. This means that
EBGP neighbors won’t learn routes sent through the AS the neighbor is a part of.
BP synchronization is disabled by default in Cisco IOS software release 12.2 and later. It was on by
default in previous releases.
If synchronization is enabled, a router learning a route via IBGP waits until the IGP has propagated the
route within the AS and then advertises it to external peers.
Having synchronization disabled allows routers to carry fewer routes in IGP and allows BGP to converge
more quickly because it can advertise the routes as soon as it learns them. Synchronization should be
enabled if there are routers in the BGP transit path in the same systems that are not running BGP.
BGP Tables
A router running BGP keeps its own table for storing BGP information received from and sent to other
routers.
It is important to remember that this BGP table is separate from the IP routing table in the router. (Sort of
like an EIGRP topology table)
For BGP to establish an adjacency, you must configure it explicitly for each neighbor. BGP forms a TCP
relationship with each of the configured neighbors and keeps track of the state of these relationships by
periodically sending a BGP/TCP keep alive message.
After establishing an adjacency, the neighbors exchange their best BGp routes.
All routes that have been learned from each neighbor are placed in the BGP forwarding database. The
best routes for each network are selected from the BGP forwarding database using the BGP route-
selection process and then offered to the IP routing table, where AD will then factor in. IBGP routes have
an administrative distance of 200.
To be inserted into the IP routing table, the next-hop must be reachable via the current routing ability of
the router.
Open
o First message sent by each side after the TCP connection has been established.
o Includes the following information
Version
My AS
Hold Time
BGP router identifier (Router ID)
Optional paramters
Keepalive
o Sent to ensure that the connection stays up.
o Sent in response to an acceptable open message
Update
o Has information on one path only; multiple paths require multiple messages.
o Includes the following information
Withdrawn routes
Path Attributes
Network Layer reachability information: A list of networks that can be reached
by this path.
Notification
o Sent when BGP detects an error condition. The BGP router closes the BGP connection
immediately after sending the notification message.
BGP Attributes
BGP uses path attributes to determine the best path to the networks. The following are some terms
defining attributes implemented.
There is also a weight attribute that can be configured, although this is not propagated and has only local
significance.
After BGP receives updates about different destination from different autonomous systems, it decides
which path to choose to reach each specific destination.
Only useable if there are multiple paths to the same destination, those are kept in the BGP table.
BGP only chooses only a single best path to reach a specific destination. So there is no chance of load
balancing. The best path is submitted to the routing table manager process and is evaluated against any
other protocols that offer a path to that same destination.
BGP route selection is a process with steps comparing different attributes for a path;
Configuring BGP
A network administrator must define the network requirements including the internal connectivity and the
external connectivity to the ISP.
Peer Groups
On a Cisco IOS router, neighbors with the same updates policies can be grouped into peer groups to
simplify configuration and, more importantly, to make updating more efficient and improve performance.
When a BGP router has many peers, this approach is highly recommended.
Members of the peer group inherit all the peer group’s configuration options. The route can also be
configured to override these options for some members of the peer group if these options do not affect
outbound updates.
Updates are generated only once per peer group rather than repetitiously for each neighboring router.