BGP

RFC4893 - ASN field 4bytes(32 bit) 4,294,967,295 RFC4271 - Border Gateway Protocol 4 (BGP-4) RFC2858 - Multi-Protocol BGP (MP-BGP) using extensions - AFI(address-family identifier) Every address-family maintains a separate database and configuration for each protocol (address-family(AFI) + subaddress family(SAFI)) in BGP. Network Layer Reachability Information(NLRI)

Links

BGP alerter docker

http://lg.mtu.ru/cgi-bin/lgform_img.cgi http://lg.retn.net https://www.msk-ix.ru/lookingglass/?query=bgp&rtr=msk-rs1-ipv6.ripn.net&addr=94.232.31.0%2F24&ne_arg=&community= https://www.msk-ix.ru/lookingglass/?query=bgp&rtr=msk-rs1.ripn.net&addr=194.117.72.0%2F24&ne_arg=&community= https://stat.ripe.net/bgplay?pk_vid=8bf06fa73359e69f1573061950a4062d https://www.bgp4.as/looking-glasses http://lg.gldn.net http://noc.runnet.ru/public/lg-list.html http://subnets.ru/wrapper.php?p=1 http://lg.cnt.ru http://www.bgplookingglass.com http://www.dataix.ru https://traceroute.net.ru//

BGP RIPE

http://subnets.ru/blog/?p=24 http://routeworld.ru/set-i-internet/theory/189-protokol-bgp-marshrutizaciya-po-vzroslomu.html https://habr.com/ru/post/184350/ https://www.noction.com/knowledge-base/bgp-route-aggregation

ASN(Autonomous System Number)

ASN 4,200,000,000 - 4,294,967,294 - private ASN 64512 - 65535 - private

Path Attributes

Path Attribute:

  • Well-known mandatory

  • Well-known discretionary

  • Optional transitive

  • Optional nontransitive

  • AS_PATH well-known mandatory

  • ORIGIN well-known mandatory

  • NEXT_HOP well-known mandatory

  • MULTI_EXIT_DISC optional non transitive

  • LOCAL_PREF well-known discretionary

  • COMMUNITY - optional transitive

  • ATOMIC_AGGREGATE - well-known discretionary

  • AGGREGATOR - optional transitive

  • ORIGINATOR_ID - optional non transitive

  • CLUSTER_ID

  • CLUSTER_LIST optional non transitive

  • MP_REACH_NLRI

  • MP_UNREACH_NLRI

image-20210526123016342

In BGP, the Network Layer Reachability Information (NLRI) is the routing update that consists of the network prefix, prefix length, and any BGP PAs for that specific route.

BGP Sessions

  • Internal BGP(iBGP)

  • External BGP (eBGP)

Inter-Router Communication

BGP uses TCP port 179 to communicate with other routers

Address family

Every address-family maintains a separate database and configuration for each proto- col (address-family + subaddress family) in BGP. This allows for a routing policy in one address-family to be different from a routing policy in a different address family even though the router uses the same BGP session to the other router. BGP includes an AFI and a SAFI with every route advertisement to differentiate between the AFI and SAFI databases

BGP Messages (BGP Packet Types)

  • OPEN Sets up and establishes BGP adjacency

  • UPDATE Advertises, updates, or withdraws routes

  • NOTIFICATION Indicates an error condition to a BGP neighbor

  • KEEPALIVE Ensures that BGP neighbors are still alive (default 60 sec)

  • ROUTE-REFRESH

Common header for BGP

Marker - 16 octet

Length - 2 octet

Type - 1 octet

Open messages

The OPEN message contains:

  • the BGP version number - 1 octet

  • ASN of the originating router - 2 octet

  • Hold Time (default 180s, minimum 3 sec) - 2 octet

  • BGP Identifier (32 bits) router-id - 4 octet

  • and other optional parameters that establish the session capabilities. Begin Opt Param Length - 1 octet

A variable-length field containing a list of optional param- eters. Each parameter is specified by a 1-octet type field, a 1-octet length field, and a variable-length field containing the parameter value.

RouterID:

  • IOS: IOS nodes use the highest IP address of the any up loopback interfaces. If there is not an up loopback interface, then the highest IP address of any active up interfaces becomes the RID when the BGP process initializes.

  • IOS XR: IOS XR nodes use the IP address of the lowest up loopback interface. If there is not any up loopback interfaces, then a value of zero (0.0.0.0) is used and prevents any BGP adjacencies from forming.

  • NX-OS: NX-OS nodes use the IP address of the lowest up loopback interface. If there is not any up loopback interfaces, then the IP address of the lowest active up interface becomes the RID when the BGP process initializes.

Keepalive messages

keepalive interval - 60s, default Hold Time of 180 seconds. Keepalive messages are exchanged on a period one-third the hold time but not less than 1 second. If the negotiated hold time is 0, Keepalives are not sent. The Keepalive message consists of only the 19-octet BGP message header, with no addi- tional data.

Update messages

UPDATE message contains:

  • NLRI prefix

  • associated BGP PAs

  • Withdrawn routes

  • Withdrawn Routes Length: A 2-octet field indicating the total length of the fol- lowing Withdrawn Routes field, in octets. A value of zero indicates that no routes are being withdrawn and that no Withdrawn Routes field is included in the message.

  • Withdrawn Routes: A variable-length field containing a list of routes to be with- drawn from service. Each route in the list is described with a (Length, Prefix) tuple in which the Length is the length of the prefix and the Prefix is the IP address prefix of the withdrawn route. If the Length part of the tuple is zero, the Prefix matches all routes.

  • Total Path Attribute Length: A 2-octet field indicating the total length of the fol- lowing Path Attribute field, in octets. A value of zero indicates that attributes and NLRI are not included in this message.

  • Path Attributes: A variable-length field listing the attributes associated with the NLRI in the following field. Each path attribute is a variable-length triple of (Attribute Type, Attribute Length, Attribute Value). The Attribute Type part of the triple is a 2octet field consisting of four flag bits, four unused bits, and an Attribute Type code (see Figure 2-21). Table 2-4 shows the most common Attribute Type codes and the possible Attribute Values for each Attribute Type.

  • Network Layer Reachability Information: A variable-length field containing a list of (Length, Prefix) tuples. The Length indicates the length in bits of the following prefix, and the Prefix is the IP address prefix of the NLRI. A Length value of zero indicates a prefix that matches all IP addresses.

Notification

The BGP Notification message contains the following fields:

  • Error Code: A 1-octet field indicating the type of error.

  • Error Subcode: A 1-octet field providing more-specific information about the error.

    Table 2-5 shows the possible error codes and associated error subcodes.

  • Data: A variable-length field used to diagnose the reason for the error. The contents of the Data field depend on the error code and subcode.

Headers

BGP Neighbor States

  • idle ConnectRetryTimer = 60 sec

  • Connect if tcp/ip established then ConnectRetryTimer reset. High IP manages the connection (show tcp brief)

  • Active BGP starts a new 3-way TCP handshake. If a connection is established, an Open message is sent, the Hold Timer is set to 4 minutes, and the state moves to OpenSent

  • OpenSent received open messages

  • OpenConfirm BGP waits for a Keepalive or Notification message

  • Established BGP neighbors exchange routes via Update messages

idle

If an error causes BGP to go back to the Idle state for a second time, the ConnectRetryTimer is set to 60 seconds and must decrement to zero before the connection is initiated again

connect

In this state, BGP initiates the TCP connection. If the 3-way TCP handshake completes, the established BGP Session BGP process resets the ConnectRetryTimer and sends the Open message to the neighbor, and then changes to the OpenSent State. During this stage, the neighbor with the higher IP address manages the connection. The router initiating the request uses a dynamic source port, but the destination port is always 179.

Note Service providers consistently assign their customers the higher or lower IP address for their networks. This helps the service provider create proper instructions for access control lists (ACL) or firewall rules, or for troubleshooting them.

active

In this state, BGP starts a new 3-way TCP handshake. If a connection is established, an Open message is sent, the Hold Timer is set to 4 minutes, and the state moves to OpenSent. If this attempt for TCP connection fails, the state moves back to the Connect state and resets the ConnectRetryTimer.

OpenSent

The following items are being compared in OPEN message:

  • BGP Versions must match.

  • The source IP address of the OPEN message must match the IP address that is configured for the neighbor.

  • The AS number in the OPEN message must match what is configured for the neighbor.

  • BGP Identifiers (RID) must be unique. If a RID does not exist, this condition is not met.

  • Security Parameters (Password, TTL, and the like).

If the Open messages do not have any errors, the Hold Time is negotiated (using the lower value), and a KEEPALIVE message is sent (assuming the value is not set to zero). The connection state is then moved to OpenConfirm. If an error is found in the OPEN message, a Notification message is sent, and the state is moved back to Idle.

OpenConfirm

In this state, BGP waits for a Keepalive or Notification message. Upon receipt of a neighbor’s Keepalive, the state is moved to Established. If the hold timer expires, a stop event occurs, or a Notification message is received, and the state is moved to Idle.

Established

In this state, the BGP session is established. BGP neighbors exchange routes via Update messages. As Update and Keepalive messages are received, the Hold Timer is reset. If the Hold Timer expires, an error is detected and BGP moves the neighbor back to the Idle state.

Prefix advertizement

The BGP tables are as follows:

  • Adj-RIB-in: Contains the NLRIs in original form before inbound route policies are processed. The table is purged after all route policies are processed to save memory.

  • Loc-RIB: Contains all the NLRIs that originated locally or were received from other BGP peers. After NLRIs pass the validity and next-hop reachability check, the BGP best path algorithm selects the best NLRI for a specific prefix. The Loc-RIB table is the table used for presenting routes to the ip routing table.

  • Adj-RIB-out: Contains the NLRIs after outbound route policies have processed.

After configuring a BGP network statement, the BGP process searches the global RIB for an exact network prefix match. The network prefix can be a connected network, secondary connected network, or any route from a routing protocol. After verifying that the network statement matches a prefix in the global RIB, the prefix installs into the BGP Loc-RIB table. As the BGP prefix installs into the Loc-RIB, the following BGP PA are set depending on the RIB prefix type:

  • Connected Network: The next-hop BGP attribute is set to 0.0.0.0, the origin attribute is set to i (IGP), and the BGP weight is set to 32,768.

  • Static Route or Routing Protocol: The next-hop BGP attribute is set to the next-hop IP address in the RIB, the origin attribute is set to i (IGP), the BGP weight is set to 32,768; and the MED is set to the IGP metric.

The NLRI composes the network prefix and prefix-length, and the BGP attributes such as AS-Path, Origin, and the like are stored in the path attributes.

BGP best path algorithm:

  1. Weight

  2. Local Preference

  3. Local originated (network statement, redistribution, aggregation)

  4. AIGP

  5. Shortest-AS Path

  6. Origin Type

  7. Lowest MED

  8. EBGP over IBGP

  9. Lowest IGP Next-Hop

  10. If both paths are external (EBGP), prefer the first (oldest)

  11. Prefer the route that comes from the BGP peer with the lower RID

  12. Prefer the route with the minimum cluster list length

  13. Prefer the path that comes from the lowest neighbor address

EBGP multipath requires that the weight, local preference, AS-Path length, AS-Path content, Origin, and MED match for a second route to install into the RIB.

BGP recalculates the best path for a prefix upon four possible events:

  • BGP next-hop reachability change

  • Failure of an interface connected to an EBGP peer

  • Redistribution change

  • Reception of new paths for a route

A basic rule for traffic engineering with BGP is that modifications in outbound routing policies influence inbound traffic, and modifications to inbound routing policies influence outbound traffic.

BGP выбор для Huawei

(Default IPv4 Address-Family Disabled) router bgp 65100 no bgp default ipv4-unicast neighbor 10.1.12.1 remote-as 65100 ! address-family ipv4 neighbor 10.1.12.1 activate exit-address-family

IOS XR router bgp 65100 bgp router-id 192.168.1.1 address-family ipv4 unicast ! neighbor 10.1.12.2 remote-as 65100 address-family ipv4 unicast

neighbor ip-address update-source interface-type interface-number update-source interface-type interface-number

Verification bgp

show bgp ipv4 unicast summary show bgp afi safi neighbors ip-address show bgp ipv4 unicast update-group

hard reset with the command clear ip bgp ip-address [soft] and the command clear bgp ip-address [graceful] is used on IOS XR nodes

clear bgp address-family address-family modifier ip-address soft [in | out].

PreviousRoutingNextVXLAN

Last updated