Border Gateway Protocol

(BGP4)
Border Gateway Protocol (BGP)
• Routing/Forwarding basics
• Building blocks
• Exercises
• BGP protocol basics
• Exercises
• BGP path attributes
• Best path computation
• Exercises
Border Gateway Protocol (BGP)...

• Typical BGP topologies

• Routing Policy
• Exercises
• Redundancy/Load sharing
• Best current practices
Routing/Forwarding
Basics
IP route lookup:Longest match
routing
R3
All 10/8 except
Packet: Destination 10.1/16
IP address: 10.1.1.1

R1 R2 R4

10/8 -> R3
10.1/16
10.1/16 -> R4
20/8 -> R5
30/8 -> R6
…..
R2’s IP routing table
IP route lookup: Longest match
routing

R3
All 10/8 except
Packet: Destination 10.1/16
IP address: 10.1.1.1

R1 R2 R4
10.1/16
10/8 -> R3 10.1.1.1 & FF.0.0.0
10.1/16 -> R4 is equal to Match!
20/8 -> R5 10.0.0.0 & FF.0.0.0

…..
R2’s IP routing table
IP route lookup: Longest match
routing

R3
All 10/8 except
Packet: Destination 10.1/16
IP address: 10.1.1.1

R1 R2 R4
10.1/16
10/8 -> R3
10.1/16 -> R4 10.1.1.1 & FF.FF.0.0
20/8 -> R5 is equal to Match as well!
10.1.0.0 & FF.FF.0.0
…..
R2’s IP routing table
IP route lookup: Longest match
routing

R3
All 10/8 except
Packet: Destination 10.1/16
IP address: 10.1.1.1

R1 R2 R4
10.1/16
10/8 -> R3
10.1/16 -> R4
20/8 -> R5 10.1.1.1 & FF.0.0.0
….. is equal to
Does not match!
20.0.0.0 & FF.0.0.0
R2’s IP routing table
IP route lookup: Longest match
routing

R3
All 10/8 except
Packet: Destination 10.1/16
IP address: 10.1.1.1

R1 R2 R4
10.1/16
10/8 -> R3
10.1/16 -> R4 Longest match, 16 bit netmask
20/8 -> R5

…..
R2’s IP routing table
 IP route lookup: Longest match
routing
• default is 0.0.0.0/0
• can handle it using the normal longest
match algorithm
• matches everything. Always the shortest
match.
 Forwarding
• Uses the routing table built by routing
protocols
• Performs the lookup to find next-hop and
outgoing interface
• Switches the packet with new encapsulation
as per the outgoing interface
 Building Blocks
• Autonomous System (AS)
• Types of Routes
• IGP/EGP
• DMZ
• Policy
• Egress
• Ingress
Autonomous System (AS)

AS 100

• Collection of networks with same policy

• Single routing protocol
• Usually under single administrative control
• IGP to provide internal connectivity
Autonomous System(AS)...

• Identified by ‘AS number’

• Public & Private AS numbers
• Examples:
– Service provider
– Multi-homed customers
– Anyone needing policy discrimination
 Routing flow and packet flow
packet flow
egress

accept announc
AS 1 announce
Routing flow e
accept
AS2
ingress
packet
flow
For networks in AS1 and AS2 to communicate:
AS1 must announce routes to AS2
AS2 must accept routes from AS1
AS2 must announce routes to AS1
AS1 must accept routes from AS2
 Egress Traffic

• Packets exiting the network

• Based on
– Route availability (what others send you)
– Route acceptance (what you accept from others)
– Policy and tuning (what you do with routes from
others)
– Peering and transit agreements
 Ingress Traffic
• Packets entering your network
• Ingress traffic depends on:
– What information you send and to who
– Based on your addressing and ASes
– Based on others’ policy (what they accept from
you and what they do with it)
 Types of Routes
• Static Routes
– configured manually
• Connected Routes
– created automatically when an interface is ‘up’
• Interior Routes
– Routes within an AS
• Exterior Routes
– Routes exterior to AS
 What Is an IGP?

• Interior Gateway Protocol

• Within an Autonomous System
• Carries information about internal prefixes
• Examples—OSPF, ISIS, EIGRP…
 What Is an EGP?

• Exterior Gateway Protocol

• Used to convey routing information between
ASes
• De-coupled from the IGP
• Current EGP is BGP4
Why Do We Need an EGP?

• Scaling to large network

– Hierarchy
– Limit scope of failure
• Define administrative boundary
• Policy
– Control reachability to prefixes
 Interior vs. Exterior
Routing Protocols

• Interior • Exterior
– Automatic Specifically configured
discovery peers
– Generally trust Connecting with outside
your IGP routers networks
– Routes go to all
IGP routers Set administrative
boundaries
Hierarchy of Routing Protocols
Other ISP’s

BGP4

BGP4 / OSPF

BGP4 BGP4/Static
Local NAP
FDDI
Customers
 Demilitarized Zone (DMZ)

A C
DMZ
AS 100 Network AS 101
B D

AS 102

• Shared network between ASes

 Addressing - ISP

• Need to reserve address space for its

network.
• Need to allocate address blocks to its
customers.
• Need to take “growth” into consideration
• Upstream link address is allocated by
upstream provider
 BGP Basics

• Terminology
• Protocol Basics
• Messages
• General Operation
• Peering relationships (EBGP/IBGP)
• Originating routes
 Terminology

• Neighbor
– Configured BGP peer
• NLRI/Prefix
– NLRI - network layer reachability information
– Reachability information for a IP address & mask
• Router-ID
– Highest IP address configured on the router
• Route/Path
– NLRI advertised by a neighbor
 Protocol Basics
Peering

A C

AS 100 AS 101
B D

E
• Routing protocol used between ASes
–if you aren’t connected to multiple AS 102
ASes, you don’t need BGP :)
• Runs over TCP
• Path vector protocol
• Incremental update
 BGP Basics ...
• Each AS originates a set of NLRI
• NLRI is exchanged between BGP peers
• Can have multiple paths for a given prefix
• Picks the best path and installs in the IP
forwarding table
• Policies applied (through attributes)
influences BGP path selection
 BGP Peers

A C

AS 100 AS 101
220.220.8.0/24 220.220.16.0/24
B D

BGP speakers E
are called peers
AS 102
Peers in different AS’s
220.220.32.0/24
are called External Peers
eBGP TCP/IP
Peer Connection
Note: eBGP Peers normally should be directly connected.
 BGP Peers

A C

AS 100 AS 101
220.220.8.0/24 220.220.16.0/24
B D

BGP speakers are E

called peers
AS 102
Peers in the same AS
220.220.32.0/24
are called Internal Peers
iBGP TCP/IP
Peer Connection
Note: iBGP Peers don’t have to be directly connected.
 BGP Peers

A C

AS 100 AS 101
220.220.8.0/24 220.220.16.0/24
B D

BGP Peers exchange E

Update messages
containing Network AS 102
Layer Reachability 220.220.32.0/24

Information (NLRI)
BGP Update
Messages
 Configuring BGP Peers
AS 100 eBGP TCP Connection AS 101
222.222.10.0/30
A .2 220.220.8.0/24 .1 B .2 .1 C .2 220.220.16.0/24 .1 D

interface Serial 0 interface Serial 0

ip address 222.222.10.2 255.255.255.252 ip address 222.222.10.1 255.255.255.252

router bgp 100 router bgp 101

network 220.220.8.0 mask 255.255.255.0 network 220.220.16.0 mask 255.255.255.0
neighbor 222.222.10.1 remote-as 101 neighbor 222.222.10.2 remote-as 100

• BGP Peering sessions are established using the BGP

“neighbor” configuration command
– External (eBGP) is configured when AS numbers are different
 Configuring BGP Peers
AS 100 AS 101
iBGP TCP Connection
222.222.10.0/30
A .2 220.220.8.0/24 .1 B .2 .1 C .2 220.220.16.0/24 .1 D

interface Serial 1 interface Serial 1

ip address 220.220.16.2 255.255.255.252 ip address 222.220.16.1 255.255.255.252

router bgp 101 router bgp 101

network 220.220.16.0 mask 255.255.255.0 network 220.220.16.0 mask 255.255.255.0
neighbor 220.220.16.1 remote-as 101 neighbor 220.220.16.2 remote-as 101

• BGP Peering sessions are established using the BGP

“neighbor” configuration command
– External (eBGP) is configured when AS numbers are different
– Internal (iBGP) is configured when AS numbers are same
 Configuring BGP Peers
AS 100

B
A

iBGP TCP/IP
Peer Connection
C

• Each iBGP speaker must peer with every other

iBGP speaker in the AS
 Configuring BGP Peers
AS 100 215.10.7.2
215.10.7.1

B
A

215.10.7.3

iBGP TCP/IP
Peer Connection
C

• Loopback interface are normally used as

peer connection end-points
 Configuring BGP Peers
AS 100 215.10.7.2
215.10.7.1

B
A

215.10.7.3

iBGP TCP/IP
interface loopback 0
ip address
Peer 215.10.7.1 255.255.255.255
Connection
C
router bgp 100
network 220.220.1.0
neighbor 215.10.7.2 remote-as 100
neighbor 215.10.7.2 update-source loopback0
neighbor 215.10.7.3 remote-as 100
neighbor 215.10.7.3 update-source loopback0
 Configuring BGP Peers
AS 100 215.10.7.2
215.10.7.1

B
A

215.10.7.3

iBGP TCP/IP interface loopback 0

Peer Connection ip address 215.10.7.2 255.255.255.255
C
router bgp 100
network 220.220.5.0
neighbor 215.10.7.1 remote-as 100
neighbor 215.10.7.1 update-source loopback0
neighbor 215.10.7.3 remote-as 100
neighbor 215.10.7.3 update-source loopback0
 Configuring BGP Peers
AS 100 215.10.7.2
215.10.7.1

B
A

215.10.7.3

iBGP TCP/IP
Peer Connection
C
interface loopback 0
ip address 215.10.7.3 255.255.255.255

router bgp 100

network 220.220.1.0
neighbor 215.10.7.1 remote-as 100
neighbor 215.10.7.1 update-source loopback0
neighbor 215.10.7.2 remote-as 100
neighbor 215.10.7.2 update-source loopback0
 BGP Updates — NLRI
• Network Layer Reachability Information
• Used to advertise feasible routes
• Composed of:
– Network Prefix
– Mask Length
 BGP Updates — Attributes
• Used to convey information associated with NLRI
– AS path
– Next hop
– Local preference
– Multi-Exit Discriminator (MED)
– Community
– Origin
– Aggregator
 AS-Path Attribute

• Sequence of ASes a route AS 200 AS 100

170.10.0.0/16 180.10.0.0/16
has traversed
• Loop detection Network Path
180.10.0.0/16 300 200 100
170.10.0.0/16 300 200
• Apply policy AS 300
AS 400
150.10.0.0/16

Network Path
AS 500 180.10.0.0/16 300 200 100
170.10.0.0/16 300 200
150.10.0.0/16 300 400
 Next Hop Attribute
AS 300
AS 200 192.10.1.0/30 140.10.0.0/16
150.10.0.0/16 C .1 .2 D
E
B
.2
30

Network Next-Hop Path

.0/

160.10.0.0/16 192.20.2.1 100

.2
.20
192

.1
• Next hop to reach a network
A
• Usually a local network is the next
AS 100 hop in eBGP session
160.10.0.0/16

BGP Update
Messages
 Next Hop Attribute
AS 300
AS 200 192.10.1.0/30 140.10.0.0/16
150.10.0.0/16 C .1 .2 D
E
B
.2 Network Next-Hop Path
30

hop150.10.0.0/16 192.10.1.1 200

.0/

• Next to reach a network

.2

160.10.0.0/16 192.10.1.1 200 100

.20

• Usually a local network is the next

192

.1
hop in eBGP session
A

AS 100
160.10.0.0/16
• Next Hop updated between
eBGP Peers
BGP Update
Messages
 Next Hop Attribute
AS 300
AS 200 192.10.1.0/30 140.10.0.0/16
150.10.0.0/16 C .1 .2 D
E
B
.2
30

Network Next-Hop Path

.0/

150.10.0.0/16 192.10.1.1 200

.2

• Next hop not changed

.20

160.10.0.0/16 192.10.1.1 200 100

between iBGP peers
192

.1

AS 100
160.10.0.0/16

BGP Update
Messages
 Next Hop Attribute (more)
• IGP should carry route to next hops
• Recursive route look-up
• Unlinks BGP from actual physical topology
• Allows IGP to make intelligent forwarding
decision
 BGP Updates —
Withdrawn Routes
• Used to “withdraw” network reachability
• Each Withdrawn Route is composed of:
– Network Prefix
– Mask Length
 BGP Updates —
Withdrawn Routes
AS 321
AS 123
.1 192.168.10.0/24 .2
BGP Update
Message

Withdraw Routes
192.192.25.0/24

x
Connectivity lost 192.192.25.0/24

Network Next-Hop Path

150.10.0.0/16 192.168.10.2 321 200
192.192.25.0/24 192.168.10.2 321
BGP Routing Information Base
BGP RIB
Network Next-Hop Path
*>i160.10.1.0/24 192.20.2.2 i
*>i160.10.3.0/24 192.20.2.2 i

router bgp 100

network 160.10.0.0 255.255.0.0
no auto-summary
D 10.1.2.0/24
D 160.10.1.0/24
D 160.10.3.0/24
R 153.22.0.0/16
S 192.1.1.0/24
BGP ‘network’ commands are normally
used to populate the BGP RIB with
Route Table routes from the Route Table
BGP Routing Information Base
BGP RIB
Network Next-Hop Path
*> 160.10.0.0/16 0.0.0.0 i
* i 192.20.2.2 i
s> 160.10.1.0/24 192.20.2.2 i
s> 160.10.3.0/24 192.20.2.2 i

router bgp 100

network 160.10.0.0 255.255.0.0
aggregate-address 160.10.0.0 255.255.0.0 summary-only
no auto-summary

D 10.1.2.0/24
D 160.10.1.0/24
D 160.10.3.0/24
R 153.22.0.0/16
S 192.1.1.0/24
BGP ‘aggregate-address’ commands
may be used to install summary routes
Route Table in the BGP RIB
BGP Routing Information Base
BGP RIB
Network Next-Hop Path
*> 160.10.0.0/16 0.0.0.0 i
* i 192.20.2.2 i
s> 160.10.1.0/24 192.20.2.2 i
s> 160.10.3.0/24 192.20.2.2 i
*> 192.1.1.0/24 192.20.2.2 ?

router bgp 100

network 160.10.0.0 255.255.0.0
redistribute static route-map foo
no auto-summary

D 10.1.2.0/24 access-list 1 permit 192.1.0.0 0.0.255.255

D 160.10.1.0/24
D 160.10.3.0/24 route-map foo permit 10
R 153.22.0.0/16 match ip address 1
S 192.1.1.0/24
BGP ‘redistribute’ commands can also
be used to populate the BGP RIB with
Route Table routes from the Route Table
BGP Routing Information Base
IN Process OUT Process
BGP RIB
Network Next-Hop Path
*>i160.10.1.0/24 192.20.2.2 i
*>i160.10.3.0/24 192.20.2.2 i
Update Update *> 173.21.0.0/16 192.20.2.1 100

Network Next-Hop Path

173.21.0.0/16 192.20.2.1 100

• BGP “in” process

• receives path information from peers
• results of BGP path selection placed in the BGP table
• “best path” flagged (denoted by “>”)
BGP Routing Information Base
IN Process OUT Process
BGP RIB
Network Next-Hop Path
*>i160.10.1.0/24 192.20.2.2 i
*>i160.10.3.0/24 192.20.2.2 i
* > 173.21.0.0/16 192.20.2.1 100 Update Update

Network Next-Hop Path

160.10.1.0/24 192.20.2.2 200
160.10.3.0/24 192.20.2.2 200
173.21.0.0/16 192.20.2.1
192.20.2.2 200 100

• BGP “out” process

• builds update using info from RIB
Next-Hop changed
• may modify update based on config
• Sends update to peers
BGP Routing Information Base
BGP RIB
Network Next-Hop Path
*>i160.10.1.0/24 192.20.2.2 i
*>i160.10.3.0/24 192.20.2.2 i
*> 173.21.0.0/16 192.20.2.1 100

D 10.1.2.0/24
D 160.10.1.0/24 • Best paths installed in routing table if:
D 160.10.3.0/24
R 153.22.0.0/16 • prefix and prefix length are unique
S 192.1.1.0/24 • lowest “protocol distance”
B 173.21.0.0/16

Route Table
 The ‘Bible’ & other resources
• Route-views.oregon-ix.net

• Internet Routing Architectures

– Bassam Halabi
– pg. 168 BGP Decision Process Summary
 Types of BGP Messages

• OPEN
– To negotiate and establish peering
• UPDATE
– To exchange routing information
• KEEPALIVE
– To maintain peering session
• NOTIFICATION
– To report errors (results in session reset)
 Internal BGP Peering (IBGP)
AS 100
D
A
B

• BGP peer within the same AS

• Not required to be directly connected
• Maintain full IBGP mesh or use Route Reflection
 External BGP Peering (EBGP)

AS 100 AS 101
C

• Between BGP speakers in different AS

• Directly connected or peering address is reachable
 35.0.0.0/8
An Example…
A AS3561

AS200
F

B AS21
C

D
AS101 AS675
E

Learns about 35.0.0.0/8 from F & D

 Basic BGP commands

Configuration commands
router bgp <AS-number>
neighbor <ip address> remote-as <as-number>
Show commands
show ip bgp summary
show ip bgp neighbors
 Originating routes...
• Using network command or redistribution
network <ipaddress>
redistribute <protocol name>
• Requires the route to be present in the
routing table
 Originating routes/Inserting
prefixes into BGP
• network command
• network 198.10.4.0 mask 255.255.254.0
• ip route 198.10.0.0 255.255.254.0 serial 0
• matching route must exist in the routing
table before network is announced!
• Origin: IGP
Update message

• Withdrawn routes
• Path Attributes
• Advertised routes
 Stable IBGP peering

• Unlinks IBGP peering from physical topology.

• Carry loopback address in IGP
router ospf <ID>
passive-interface loopback0
• Unlink peering from physical topology
router bgp <AS1>
neighbor <x.x.x.x> remote-as <AS1>
neighbor <x.x.x.x> update-source loopback0
BGP4 continued...
 BGP Path Attributes: Why ?
• Encoded as Type, Length & Value (TLV)
• Transitive/Non-Transitive attributes
• Some are mandatory
• Used in path selection
• To apply policy for steering traffic
BGP Path Attributes...

• Origin
• AS-path
• Next-hop
• Multi-Exit Discriminator (MED)
• Local preference
• BGP Community
• Others...
 AS-PATH
• Updated by the sending router with its AS
number
• Contains the list of AS numbers the update
traverses.
• Used to detect routing loops
– Each time the router receives an update, if it
finds its AS number, it discards the update
 AS-Path

AS 200 AS 100
170.10.0.0/16 180.10.0.0/16
• Sequence of ASes a route has
traversed 180.10.0.0/16
dropped
• Loop detection AS 300
AS 400
150.10.0.0/16

180.10.0.0/16 300 200 100

AS 500 170.10.0.0/16 300 200
150.10.0.0/16 300 400
 Next-Hop
150.10.1.1 150.10.1.2

AS 200
150.10.0.0/16 AS 300
A B

150.10.0.0/16 150.10.1.1
160.10.0.0/16 150.10.1.1

AS 100
160.10.0.0/16
• Next hop router to reach a network
• Advertising router/Third party in EBGP
• Unmodified in IBGP

0799_04F7_c2 Cisco Systems Confidential 20

Third Party Next Hop

AS 200
192.68.1.0/24 150.1.1.3

C
150.1.1.1
peering

150.1.1.2 150.1.1.3

A B

192.68.1.0/24

AS 201

• More efficient, but

bad idea!
 Next Hop...

• IGP should carry route to next hops

• Recursive route look-up
• Unlinks BGP from actual physical topology
• Allows IGP to make intelligent forwarding
decision
 Local Preference

• Not for EBGP, mandatory for IBGP

• Default value is 100 on Ciscos
• Local to an AS
• Used to prefer one exit over another
• Path with highest local preference wins
 Local Preference

AS 100
160.10.0.0/16

AS 200 AS 300

D 500 800 E

A B

160.10.0.0/16 500
AS 400
> 160.10.0.0/16 800
C
 Multi-Exit Discriminator

• Non-transitive
• Represented as a numeric value (0-0xffffffff)
• Used to convey the relative preference of entry points
• Comparable if paths are from the same AS
• Path with lower MED wins
• IGP metric can be conveyed as MED
Multi-Exit Discriminator (MED)

AS 200

C
preferred
192.68.1.0/24 2000 192.68.1.0/24 1000

A B

192.68.1.0/24

AS 201
 Origin

• Conveys the origin of the prefix

• Three values:
– IGP - Generated using “network” statement
• ex: network 35.0.0.0
– EGP - Redistributed from EGP
– Incomplete - Redistribute IGP
• ex: redistribute ospf
• IGP < EGP < INCOMPLETE
 Communities

• Transitive, Non-mandatory
• Represented as a numeric value (0-0xffffffff)
• Used to group destinations
• Each destination could be member of multiple
communities
• Flexibility to scope a set of prefixes within or
across AS for applying policy
 Community...

Community Local Preference

201:110 110
Service Provider AS 200 201:120 120

C D

Community:201:110 Community:201:120

A B
192.68.1.0/24
Customer AS 201
 Synchronization
1880

C
A
D OSPF
690 35/8
• C not running BGP (non-pervasive BGP) 209
• A won’t advertise 35/8 to D until the IGPBis in sync
• Turn synchronization off!
– Run pervasive BGP

router bgp 1880

no sync
 BGP Route Selection (bestpath)
Only one path as the bestpath !
• Route has to be synchronized
Prefix in forwarding table

• Next-hop has to be accessible

Next-hop in forwarding table

• Largest weight
Local to the router

• Largest local preference

Spread within AS

• Locally sourced
Via redistribute or network statement
 BGP Route Selection ...
• Shortest AS-path length
number of ASes in the AS-path attribute
• Lowest origin
IGP < EGP < INCOMPLETE
• Lowest MED
between paths from same AS
• External over internal
closest exit from a router
• Closest next-hop
Lower IGP metric, closer exit from as AS
• Lowest router-id
• Lowest IP address of neighbor
 BGP Route Selection...
AS 100

AS 200 AS 300
D
Increase AS path attribute
length by at least 1
A B
AS 400
AS 400’s Policy to reach AS100
AS 200 preferred path
AS 300 backup
 Stub AS
• Typically no need for BGP
• Point default towards the ISP
• ISP advertises the stub network to
Internet
• Policy confined within ISP policy
 Stub AS

B
AS 101
Provider
A

AS 100
Customer
 Multi-homed AS
• Only border routers speak BGP
• IBGP only between border routers
• Exterior routes must be redistributed in
a controlled fashion into IGP or use
defaults
 Multi-homed AS

AS 100 AS 300
provider
A D provider

B C

AS 200
customer
 Service Provider Network

• IBGP used to carry exterior routes

• IGP keeps track of topology
• Full IBGP mesh is required
 Common Service Provider
Network

AS 100 A H AS 200

B C

AS 300
provider
D F

AS 400
 Routing Policy

• Why?
– To steer traffic through preferred paths
– Inbound/Outbound prefix filtering
– To enforce Customer-ISP agreements
• How ?
– AS based route filtering - filter list
– Prefix based route filtering - distribute list
– BGP attribute modification - route maps
Distribute list - using IP access lists

access-list 1 deny 10.0.0.0

access-list 1 permit any
access-list 2 permit 20.0.0.0
… more access-lists as prefixes are added ...

router bgp 100

neighbor 171.69.233.33 remote-as 33
neighbor 171.69.233.33 distribute-list 1 in
neighbor 171.69.233.33 distribute-list 2 out
 Filter list rules
Regular Expressions
• RE is a pattern to match against an input
string
• Used to match against AS-path attribute
• ex: ^3561.*100.*1$
• Flexible enough to generate complex filter
list rules
Filter list - using as-path access list

ip as-path access-list 1 permit 3561

ip as-path access-list 2 deny 35
ip as-path access-list 2 permit .*

router bgp 100

neighbor 171.69.233.33 remote-as 33
neighbor 171.69.233.33 filter-list 1 in
neighbor 171.69.233.33 filter-list 2 out
 Route Maps

router bgp 300

neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 route-map SETCOMMUNITY out
!
route-map SETCOMMUNITY permit 10
match ip address 1
match community 1
set community 300:100
!
access-list 1 permit 35.0.0.0
ip community-list 1 permit 100:200
 Route-map match & set clauses

Match Clauses
• AS-path Set Clauses
• Community
• AS-path prepend
• IP address
• Community
• Local-Preference
• MED
• Origin
• Weight
• Others...
 Route-map Configuration Example

neighbor <y.y.y.y> route-map AS200_IN in

ISP2 !
route-map AS200_IN permit 10
match community 1
set local-preference 200
!
ethH eth H ip community-list 1 permit 100:200
H H
C21 C22

ISP3
Inbound route-map
to set community
neighbor <x.x.x.x> route-map AS100_IN in
!
route-map AS100_IN permit 10
set community 100:200

ethH ethH
H H
C31 C32
Load Sharing & Redundancy
using BGP
 Load-sharing - single path
Router A:
interface loopback 0
ip address 20.200.0.1 255.255.255.255
!
router bgp 100
neighbor 10.200.0.2 remote-as 200
neighbor 10.200.0.2 update-source loopback0
neighbor 10.200.0.2 ebgp-multi-hop 2
!
ip route 10.200.0.2 255.255.255.255 <DMZ-link1, link2>
Loopback 0
A 10.200.0.2
AS100 AS200
Loopback 0
20.200.0.1
Load Sharing - Multiple paths
from the same AS
Router A:
router bgp 100
neighbor 10.200.0.1 remote-as 200
neighbor 10.300.0.1 remote-as 200
maximum-paths 2

A
100 200

Note:A still only advertises one “best” path to ibgp peers

 Redundancy - Multi-homing

• Reliable connection to Internet

• 3 common cases of multi-homing:
- default from all providers
- customer + default routes from all
- full routes from all
 Default from all providers
• Low memory/CPU solution
• Provider sends BGP default
– provider is selected based on IGP metric
• Inbound traffic decided by providers’ policy
– Can influence using outbound policy, example: AS-path
prepend
Default from all providers

Provider Provider
AS 200 AS 300
D E

A B
AS 400

C
 Customer + default from all
providers
• Medium memory and CPU solution
• Granular routing for customer routes and
default for the rest
• Inbound traffic decided by providers’ policy
– Can influence using outbound policy
 Customer routes from all
providers
Customer
AS 100
160.10.0.0/16

Provider Provider
AS 200 AS 300
D E

A B
C chooses shortest AS
path
AS 400

C
 Full routes from all providers
• More memory/CPU
• Full granular routing
• Usually transit ASes take full routes
• Usually pervasive BGP
 Full routes from all providers

AS 100 AS 500

AS 200 AS 300

D E

A B
C chooses shortest AS
path
AS 400

C
 Best Practices
IGP in Backbone
• IGP connects your backbone together, not
your client’s routes
• IGP must converge quickly
• IGP should carry netmask information -
OSPF, IS-IS, EIGRP
 Best Practices...
Connecting to a customer
• Static routes
– You control directly
– No route flaps
• Shared routing protocol or leaking
– You must filter your customers info
– Route flaps
• BGP for multi-homed customers
 Best Practices...
Connecting to other ISPs

• Use BGP4
• Advertise only what you serve
• Take back as little as you can
• Take the shortest exit
 Best Practices...
The Internet Exchange

• Long distance connectivity is expensive

• Connect to several providers at a single
point
Q&A