10F NET3008 - Ch6 BGP1 120

BGP
bitDegree.ca
CCNP ROUTE – Chapter 6

Border Gateway
y Protocol
David Bray
brayd@algonquincollege.com
with contributions obtained from Rick Graziani & Cisco
Terms
bitDegree.ca
• IGP (Interior Gateway Protocol) - RIP, IGRP, EIGRP, OSPF, IS-IS =

Routing protocol used to exchange routing information within an
autonomous system.
y
• EGP (Exterior Gateway Protocol) - BGP = Routing protocol used to
exchange routing information between autonomous systems.
• Autonomous System = (From RFC 1771) “A set of routers under a
single technical administration, using an IGP and common metrics to
route packets within the AS, and using an EGP to route packets to
other AS’s.”
• BGP is a ppath vector or an advanced distance vector routing
gpprotocol.
10F NET3008 © 2010, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved. 2
Copyright © 2010, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
10F NET3008 – David Bray
BGP
IGPs vs. EGPs

bitDegree.ca
• An AS is a collection of networks under a single technical

administration.
• IGPs operate within an AS.
• BGP (an EGP) is used between autonomous systems.
• Exchange of loop-free routing information is guaranteed.
10F NET3008 © 2010, David Bray, Algonquin College, Rick Graziani, Cisco Systems, Inc. All rights reserved.
When to use BGP – Cisco CCO

bitDegree.ca
Use BGP when the effects of BGP are well understood and one of the
followingg conditions exist:
• Your AS allows packets to transit through it to reach another AS
(transit AS).
• Your AS has multiple connections to other AS’s.
• The flow of traffic entering or exiting your AS must be manipulated.
This is policy based routing and based on attributes.
BGP
When not to use BGP – Cisco CCO

bitDegree.ca
Do not use BGP if you have one or more of the following conditions:
• A single connection to the Internet or another AS
• No concern for routing policy or routing selection
• A lack of memory or processing power on your routers to handle
constant BGP updates
• A limited understanding of route filtering and BGP path selection
process
• Low bandwidth between AS’s
Who needs BGP?

bitDegree.ca
• Not as many internetworks as you may think.

• “You should implement BGP only when a sound engineering reason
compels you to do so, such as when the IGPs do not provide the tools
necessary to implement the required routing policies or when the size
of the routing table cannot be controlled with summarization.”
• “The majority of the cases calling for BGP involve Internet connectivity
– either between a subscriber and an ISP or (more likely) between
ISPs.”
• “Yet even when interconnecting autonomous systems, BGP might be
unnecessary.”
J ff Dolye,
Jeff D l Routing
R ti TCP/IP V Vol.
l II
BGP
Overview of autonomous systems

bitDegree.ca
• An AS is a group of routers that share similar routing

policies and operate within a single administrative domain.
• An AS can be a collection of routers running a single IGP,
or it can be a collection of routers running different
protocols all belonging to one organization.
• In either case, the outside world views the entire
Autonomous System as a single entity.
Overview of autonomous systems

bitDegree.ca
• Each AS is identified by a 16-bit number.

– 1 to 64495 (except for 23456): IANA- or RIR-assigned
– 64496 to 64511: reserved for documentation or sample code
– 64512 to 65534: reserved for private use (similar to private IPs)
– 0, 23456, 65535: reserved (not assignable)
• Because of the finite number of available AS numbers, an
organization must present justification of its need before it
will be assigned a public AS number.
• IANA is enforcinggap policy
y wherein organizations
g that
connect to a single provider and share the provider's
routing policies use an AS number from the private pool.
• Links: IANA ASN allocations 16-bit ASN Usage
• RFC4893 - BGP support for 32-bit ASNs (see white paper)
– ASN of 23456 (AS_TRANS), is used for 16- to 32-bit transitions
BGP
1. Single-homed AS – Default Route

bitDegree.ca
Static Route
• If an AS has only one exit point to outside networks, it is considered a

single-homed
i l h d system.
t
• Single-homed autonomous systems are often referred to as stub
networks or stubs.
• Stubs can rely on a default route to handle all traffic destined for non-
local networks.
• BGP is not normally needed in this situation.
2. Single-homed AS – IGP
bitDegree.ca
• Both the provider and the customer use a common IGP to share
information regarding the customer's networks.
– CE sends detailed routes to PE
– PE sends default route to CE
• This provides all the benefits associated with dynamic routing.
• BGP is not normally needed in this situation.
BGP
3. Single-homed AS – EGP (private AS)

bitDegree.ca
• Use an EGP – The third method by which the ISP can learn and
advertise the customer's routes is to use an EGP such as BGP.
• In a single-homed
g autonomous system
y the customer's routing
gppolicies
are an extension of the policies of the provider.
– For this reason the Internet number registries are unlikely to assign
a public AS number.
– Instead, the provider can give the customer an AS number from the
private pool of AS numbers, 64,512 to 65,534.
– The provider will filter private AS numbers when advertising routes
into the Internet core.
4. Dual Homed
bitDegree.ca
Option 3
Dual-homed
Dual homed AS
• Up to two links per ISP router, single ISP
• Same options as single-homed
• Additional advantages:
– Primary and backup link functionality
– Load Balancing
BGP
5. Single Multi-homed
bitDegree.ca
Multi-homed or Single Multi-homed

• One link per ISP, two or more ISPs
• Typically, running BGP is recommended
• Route Exchange Options:
– ISP1 and ISP2: Full Internet routes
• Can be upwards of 350,000 routes!
• About 70MB RAM needed for 100K BGP routes
– ISP1: Full Internet routes; ISP2: Partial updates (selected)
– ISP1: Default route; ISP2: Partial updates (selected)
6. Dual Multi-homed
bitDegree.ca
Dual Multi-homed
• Two or more links per ISP, with two or more ISPs
• Similar options as Single Multi-homed
• Same benefits as single multi-homed but with enhanced resiliency.
BGP
Multi-homed Autonomous Systems

bitDegree.ca
ISP
Summarized network address

0.0.0.0/0 OSPF 0.0.0.0/0
Cost = 10 Cost = 10
Type = E1 Type = E1
• Compared
p to a Single-homed
g AS,, this provides
p for redundancy.
y
• One option may be to use one link as the primary link and the other as
a backup link. (type 2 routes, with primary seeded at a lower cost)
• A better design would be to use both paths, with each one providing
backup for the other in the event of a failure (both are type 1 routes).
• In many cases this will be sufficient for good internetwork performance.
Multihomed Non-transit AS
bitDegree.ca
• An AS is multihomed if it has more than one exit point to outside

networks.
• A non
non--transit AS only carries traffic originating from
from, or destined for
for,
itself.
• A non-transit AS advertises only its own routes to both its providers – it
would not advertise routes learned from one provider, into the other.
• In our example, this ensures that ISP1 will not use AS 24 to reach
destinations that belong to ISP2, nor vice versa (ISP2 would not use AS
24 to reach destinations that belong to ISP1).
BGP
Multihomed Non-transit AS
bitDegree.ca
Note: Any enterprise

multihomed to two (or more)
ISPs, must register for
provider-independent
address space.
http://bgp.potaroo.net
• Multihomed non-transit autonomous systems do not necessarily need
to run BGP with their providers.
• But, it is usually recommended and even required by some ISPs.
– because BGP allows increased control of route propagation and
filtering (BGP route selection is rooted in enterprise policies)
• accepting full BGP routes could mean upwards of 350,000 routes!!
– there were about 140,000 in Jan 2003
– consider "partial BGP routes" (i.e. only accept routes to provider's
other subscribers, and use default routing for all else)
Two Logical Links

bitDegree.ca
• Incoming route advertisements influence your outgoing traffic, and

outgoing advertisements influence your incoming traffic.
• Consider external traffic as being on separate logical links:
– Ingress Traffic: results from routes advertised by your AS to your ISP
– Egress Traffic: results from …
• routes accepted into your AS from your ISP, or
• the default routes you advertise from your various boundary
routers, and the metrics associated therewith
• If the provider advertises routes into your AS via BGP, your internal
routers have more accurate information about external destinations
destinations.
• If your internal routes are advertised to the provider via BGP, you have
influence over which routes are advertised, and at which exit point.
– BGP also provides tools to influence (to some degree) the choices
the provider makes when sending traffic into your AS.
BGP
Multi-homed Transit AS
bitDegree.ca
• A multi-homed transit system has more than one connection to the

outside world and can be used for transit traffic by other autonomous
systems.
– From the point of view of the multi-homed AS, transit traffic is any
traffic originating from outside sources, bound for outside
destinations
Multi-homed Transit AS
bitDegree.ca
Edge Router
• When BGP is running between routers within the same AS, it is

referred to as Internal BGP (IBGP)
(IBGP).
• When BGP runs between routers in two different AS’s, it is called
External BGP (EBGP).
• If the role of a BGP router is to route IBGP traffic, it is called a transit
router.
• Routers that sit on the boundary of an AS and that use EBGP to
exchange information with the ISP are called border or edge routers.
BGP
BGP Hazards – Doyle, Routing TCP/IP

bitDegree.ca
• Creating a BGP “peering” relationship involves an interesting

combination of trust and mistrust.
• You must trust the network administrator on that end to know what they
are doing.
• At the same time, if you are smart, you will take every practical
measure to protect yourself in the event that a mistake is made on the
other end.
• “Paranoia is your friend.”
BGP Hazards – Doyle, Routing TCP/IP

bitDegree.ca
• Your ISP will show little patience with you if you make mistakes in
your BGP configuration.
• Suppose, for example, that through some misconfiguration you
advertise 207.46.0.0/16 to your ISP.
• On the receiving side, suppose the ISP does not filter out this
incorrect route, allowing it to be advertised to the rest of the Internet.
• This particular CIDR block belongs to Microsoft, and you have just
claimed to have a route to that destination.
• A significant portion of the Internet community could decide that the
best path to Microsoft is through your domain.
• You will receive a flood of unwanted packets across your Internet
connection and, more importantly, you will have black-holed traffic
that should have gone to Microsoft.
• They will be neither amused nor understanding.
BGP
BGP Hazards – Inadvertent Transit Domain

bitDegree.ca
• We inadvertently advertise routes learned from ISP2 to ISP1.

• ISP1 customers will see our network as the best path to ISP2
customers.
• We have become a transit domain for packets from ISP1 to ISP2.
BGP Basics
bitDegree.ca
• BGP is a ppath vector routingg pprotocol.

• Defined in RFC 4271
• BGP is a distance vector routing protocol, in that it relies on
downstream neighbours to pass along routes from their routing table.
• BGP uses a list of AS numbers through which a packet must pass to
reach a destination.
BGP
BGP Basics
bitDegree.ca
• The function of BGP is to:

– Exchange routing information between AS's
– Guarantee the selection of a loop free path
• BGP4 is the current version of BGP, supporting CIDR and route
aggregation.
• Common IGPs such as RIP, OSPF, and EIGRP use technical metrics.
– BGP does not use technical metrics.
• BGP makes routing decisions based on network policies, or rules (later).
• BGP does not show the details of topologies within each AS.
• BGP sees only a tree of autonomous systems.
• Cisco routers maintain a separate table to hold BGP routes.
– show ip bgp (later)
BGP Basics
bitDegree.ca
• BGP updates are carried using TCP on port 179.

– In contrast:
• RIP updates use UDP port 520
• OSPF, IGRP, do not use a Layer 4 protocol
• (EIGRP?)
• Because BGP rides on TCP:
– IP connectivity must exist between BGP peers
– TCP connections must also be negotiated between them before
peering is established
– BGP inherits TCP's reliable, connection-oriented properties
BGP
Loop Free Path

bitDegree.ca
100, 500
• Each BGP route carries a list of ASNs (called the "AS Path"),
constructed during route advertisement between external BGP
neighbours.
– The AS Path is considered an attribute of the BGP route.
• As network reachability is advertised from a BGP speaker to its EBGP
peer, its local AS number is added to the "AS Path“.
• Any BGP route represents reachability to the given destination via an
ordered traversal through each of the AS's listed in its AS Path
attribute.
• To guarantee a loop free path, any route received from an EBGP peer
will be discarded, if its AS Path contains the local ASN.
172.16.0.0/16
Loop Free Path 172.16.0.0/16
(4, 2, 1)
(6, 5, 3, 1) AS7 bitDegree.ca
AS4
Consider the routes from AS7

AS6
to destination 172.16/16 by
examining the BGP route AS2
advertisements from AS1.
AS5 AS3 AS1

172.16.0.0/16
• The list of AS numbers associated with a BGP route is called the

AS_PATH and is one of several path attributes associated with each
route (path attributes will be discussed in more detail later)
route.
• The shortest inter-AS path is imputed to be the one containing the least
number of ASN values.
• All things being equal, BGP prefers routes with shorter AS paths.
– In this example, AS7 would choose the shortest path (4, 2, 1).
• We will see later what happens with equal length AS paths.
BGP
172.16.0.0/16
Loop Free Path (7,4,2,1)
AS8
bitDegree.ca
172.16.0.0/16
(8,7,4,2,1)
AS9 172.16.0.0/16
(4, 2, 1)
X AS7
172.16.0.0/16
(9,8,7,4,2,1)
AS4
AS6
AS2
AS5 AS3 AS1

172.16.0.0/16
Routing Loop Avoidance

• Route loops can be easily detected when a router receives
an update containing its local AS number in the AS_PATH.
• When this occurs, the router will not accept the update,
thereby avoiding a potential routing loop.
1 2 100, 500
bitDegree.ca
3 200, 100, 500

4 300, 200, 100, 500
5 400, 300, 200, 100, 500 400, 300, 200, 100, 500
6
Sees its own ASN
BGP
BGP Operation
bitDegree.ca
• When two routers establish a TCP-enabled BGP connection between

each other, they are called neighbours or peers.
• Each router running BGP is called a BGP speaker.
• Peer routers exchange multiple messages to open and confirm the
connection parameters, such as the version of BGP to be used.
• If there are any disagreements between the peers, notification errors
are sent and the connection fails.
Initial Exchange
bitDegree.ca
• When BGP neighbours first establish a connection, they exchange all

candidate BGP routes
routes.
• After this initial exchange, incremental updates are sent as network
information changes.
• Incremental updates are more efficient than complete table updates.
• This is especially true with BGP routers, which may contain the
complete Internet routing table.
BGP
Withdrawn Routes
bitDegree.ca
• The information for network reachability can change, such as when a

route becomes unreachable or a better path becomes available.
• BGP informs its neighbours of this by withdrawing the invalid routes
and injecting any new routing information.
• Withdrawn routes are part of the update message
message. BGP routers keep a
table version number that tracks the version of the BGP routing table
received from each peer.
• After an update, BGP increments the table version number.
– Part of output for “sh ip bgp” command
• A rapidly incrementing table version is usually an indication of
instabilities in the network, or a misconfiguration.
BGP Keepalives
bitDegree.ca
• Peers exchange keepalive messages to ensure the connection is

maintained.
• The Cisco default keepalive interval is 60 seconds (no standard time
is specified in the RFC).
• Hold Time: If three keepalive intervals (180 seconds) pass without a
message, the peer declares its neighbour to be down.
• These can be modified with the command.
… config-router)# timers bgp keepalive-secs holdtime-secs
BGP
BGP Databases
bitDegree.ca
• Neighbor table
– List of BGP neighbors
– show ip bgp neighbors
– show ip bgp summary
• BGP table (forwarding database)
– List of all networks learned from each neighbour
– Can contain multiple paths to destination networks
– Contains BGP attributes for each path
– show ip bgp
• IP routing table
– List of best paths to destination networks
– show ip route
BGP Message Types

bitDegree.ca
• Before establishing a BGP peer connection the two

neighbours must perform the standard TCP three-way
handshake and open a TCP connection to port 179.
• After the TCP session is established, BGP peers exchange
several messages to open and confirm connection
parameters and to send BGP routing information.
• All BGP messages are unicasted over the TCP connection.
• There are four BGP message types:
– Type
yp 1: OPEN
– Type 2: KEEPALIVE
– Type 3: UPDATE
– Type 4: NOTIFICATION
BGP
BGP Message Header

bitDegree.ca
Each BGP Message contains the following header:

• Marker: The marker field is used to either authenticate incoming BGP
messages or to detect loss of synchronization between two BGP peers.
• Length: The length field indicates the total BGP message length,
including the header.
Type 1:
BGP Open Message
bitDegree.ca
• After the TCP session is established,

both neighbours send Open messages
to establish BGP peering.
• Each neighbour uses this message to identify itself and to specify its
BGP operational parameters including:
– BGP version number: (defaults to version 4)
– AS number: AS number of the originating router; used to
determine if BGP session is EBGP or IBGP.
– Hold
H ld Time:
Ti th number
the b off secondsd before
b f declaring
d l i a BGP peer tto
be dead. (Cisco default is 180 secs)
– BGP identifier: IP address that identifies the neighbour, using the
same method as OSPF router ID.
(or …-router)# bgp router-id value)
– Optional parameters: e.g. authentication, multiprotocol support
BGP
Type 2: BGP Keepalive Message

bitDegree.ca
• This message type consists only of the BGP header and is sent
periodically between peers to maintain connections and verify the IP
paths between peers.
• If a router accepts the parameters specified in its neighbour’s Open
message, one of which is hold time, it responds with a Keepalive.
• If there is a mismatch in hold time values between peers, the lowest of
the two will be adopted.
• If the agreed-upon holdtime is zero, no other Keepalives are sent.
• Otherwise, Keepalives are sent thereafter at an interval of one-third
the agreed-upon holdtime (subject to a 1 sec minimum).
Type 3: BGP Update Message

bitDegree.ca
• UPDATE messages contain all the information BGP uses to construct a

loop-free picture of the internetwork.
• An Update message advertises feasible routes, withdrawn routes, or
both.
• The three basic components
p of an UPDATE message
g are:
– Network
Network--Layer Reachability Information (NLRI)
– Path Attributes
– Withdrawn Routes
BGP
Type 3: BGP Update Message

bitDegree.ca
Network-Layer Reachability Information (NLRI)

Network-
• This is one or more (Length, Prefix) tuples that advertise IP
address prefixes and their lengths.
• 192.168.160.0/19
– Prefix = 192.168.160.0
– Prefix Length = 19
Path Attributes
• This is described in more detail later; provides the information
that allows BGP to choose a shortest path, detect routing loops,
and determine routing policy.
Withd
Withdrawn Routes
R t
• These are (Length, Prefix) tuples describing destinations that
have become unreachable and are being removed from service.
• An update message that has no NLRI or path attribute
information is used to advertise only routes to be withdrawn from
service.
Type 4: BGP Notification Message

bitDegree.ca
• A Notification message is sent whenever an error is detected and

always causes the BGP connection to close
close.
– e.g. mismatched BGP version in an Open Message
• The Notification message is composed of the Error Code (8 bits),
Error Subcode (8 bits), and a Data field (of variable length).
BGP
BGP FSM
bitDegree.ca
• BGP neighbour establishment proceeds through

various states, or stages, which can be described in
terms of a finite-state machine (FSM).
BGP FSM
bitDegree.ca
BGP s Finite
BGP's
State Machine
includes 6 states:
1. Idle
2. Connect
3. Active
4. OpenSent
5. Open Confirm
6. Established
BGP
BGP Input Events (IE)

bitDegree.ca
• the FSM transitions from state to state based on Input Events:

1. BGP Start
2. BGP Stop
3. BGP Transport connection open
4. BGP Transport connection closed
5. BGP Transport connection open failed
6. BGP Transport fatal error
7. ConnectRetry timer expired
8. Hold timer expired
9 Keepalive
9. K li titimer expired
i d
10. Received Open message
11. Received Keepalive message
12. Received Update message
13. Received Notification message
Idle State
bitDegree.ca
Stuck in Idle: The router in this

state cannot find the address of
g
the neighbour in the routing
g table.
Check for an IGP problem. Is the
neighbour announcing the route?
• BGP always begins in the Idle state, in which it refuses all incoming
connections.
• A BGP Start event ((IE=1),), normallyy initiated by
y an administrator or a
network event:
– Initializes all BGP resources
– Starts the ConnectRetry timer (initially, 60 secs)
– Initiates a TCP connection to the neighbour
– Changes its state to Connect
BGP
Connect State
bitDegree.ca
• In this state, the BGP process has initiated a TCP connection and is
waiting for it to be completed.
• If the connection is successful (IE=3), the BGP process:
– Clears the ConnectRetry timer
– Completes initialization
– Sends an Open message to the neighbour
– Transitions to the OpenSent state
Connect State
bitDegree.ca
• If the connection is unsuccessful (IE=5), the BGP process:

– Continues to listen for a connection to be initiated by the
neighbour
– Resets the ConnectRetry timer
– Transitions to the Active state
BGP
Connect State
bitDegree.ca
• If the ConnectRetry timer expires (IE=7):

– a TCP connection to the neighbour is initiated anew
– the Connect state is maintained
• If any other
th eventt occurs (other
( th than
th IE=1):
IE 1)
– Transitions back to the Idle state
Active State
bitDegree.ca
• In this state, the BGP process is aware of the neighbour, but has not
yet succeeded in establishing a TCP connection.
• The Hold Timer is set to 240 seconds.
• If the neighbour accepts our TCP connection (IE=3) and has the
expected IP address, the connection is successfully established:
– the ConnectRetry timer is cleared
– initialization completes
– an Open message is sent to the neighbour
– a transition is made to the OpenSent state
BGP
Active State
bitDegree.ca
• If the neighbour attempts to establish a TCP connection

(IE=3), but with an unexpected IP address:
– the connection is refused
– the ConnectRetry timer is reset
– Active state is maintained
Active State
bitDegree.ca
• If the ConnectRetry timer expires (IE=7), the BGP process:

– Transitions back to the Connect state
– Resets the ConnectRetry timer
• In general, a neighbour state flapping between "Connect" and
"Active" is an indication that there are problems with the TCP
connection.
– It could be because of many TCP retransmissions, or the inability
of a neighbour to reliably reach the IP address of its peer.
• Any other event (other than IE=1):
BGP
BGP Active State Troubleshooting

bitDegree.ca
• Active: The router has sent out an open packet and is waiting for a
response. The state may cycle between active and idle. The
neighbour may not know how to get back to this router because of
the following reasons:
– Neighbour does not have a route to the source IP address of the
BGP open packet generated by this router
– Neighbour peering with the wrong address
– Neighbour does not have a neighbor statement for this router
– AS number misconfiguration
Example of AS number misconfiguration:

• At the
th router
t with
ith the
th wrong remote-as
t number:
b
%BGP-3-NOTIFICATION: sent to neighbor 172.31.1.3 2/2 (peer in wrong
AS) 2 bytes FDE6
FFFF FFFF FFFF FFFF FFFF FFFF FFFF FFFF 002D 0104 FDE6 00B4 AC1F
0203 1002 0601 0400 0100 0102 0280 0002 0202 00
• At the remote router:
%BGP-3-NOTIFICATION: received from neighbor 172.31.1.1 2/2 (peer in
wrong AS) 2 bytes FDE6
OpenSent State
bitDegree.ca
errors
No errors
• In this state an Open message has been sent and BGP is waiting to
hear an Open message from its neighbour.
• When an Open message is received (IE=10), all its fields are checked.
– If errors exist,
exist a Notification message is sent and the state
transitions to Idle.
– If no errors exist, a Keepalive message is sent, Hold time is
determined (& Hold and Keepalive timers set as needed), the peer is
determined to be internal or external, and state is changed to
OpenConfirm.
BGP
OpenSent State
bitDegree.ca
• If a TCP disconnect is received from the neighbour (IE=4),

then:
– the TCP connection is closed
– the ConnectRetry timer is reset
– a transition is made back to Active state
• Any other event (other than IE=1):
OpenConfirm State
bitDegree.ca
error
N errors
No
• In this state, the BGP process waits for a Keepalive or Notification

message.
• If a Keepalive message is received (IE=11), the state transitions to
Established.
• If a Notification
N tifi ti message is i received
i d (IE
(IE=13),
13) or a TCP di
disconnectt iis
received (IE=4), the state transitions to Idle.
• If any error is detected, the Hold timer expires (IE=8), or a Stop event
occurs (IE=2):
– a Notification message is sent to the neighbour
– the TCP connection is closed and a transition made to Idle state
BGP
Established State
bitDegree.ca
• In this state, the BGP connection is fully established and the peers
can exchange Update, Keepalive and Notification messages.
• If the Keepalive timer expires (IE=9), it is reset and a Keepalive
message is sent.
• If an Update or Keepalive message is received (IE=11 (IE 11 or 12), the
Hold timer is restarted (as needed) and Established state is
maintained.
• If a Notification is received (IE=13), the state transitions to Idle.
• If an Update with an error or any other event occurs (other than IE=1):
– a Notification message is sent
– the TCP connection is closed and a transition made to Idle state
Path Attributes
bitDegree.ca
• Much of the work you will do configuring BGP focuses on path

attributes.
• Each route has its own set of defined attributes, which can include path
information, route preference,
information preference next-hop
next hop, and aggregation information
information.
• Administrators use these values to enforce routing policy.
• Based on attribute values, you can configure BGP to filter routing
information, prefer certain paths, or otherwise customize its behaviour.
• Every UPDATE message has a variable-length sequence of path
attributes in the form <attribute type, attribute length, attribute value>.
BGP
Path Attributes
bitDegree.ca
• Since you will use path attributes extensively when configuring routing
policy, you should note that not all vendor implementations of BGP
recognize the same attributes.
• In fact,, path
p attributes come in four different types:
yp
– Well-known mandatory
– Well-known discretionary
– Optional transitive
– Optional non-transitive
Path Attributes
bitDegree.ca
Well-known mandatory
• An attribute that has to exist in the BGP UPDATE packet.
• It must be recognized by all BGP implementations.
• If a well-known
well known mandatory attribute is missing from an Update
Update, a
notification error will be generated; this ensures that all BGP
implementations agree on a standard set of attributes.
Example: AS_PATH attribute.
BGP
Path Attributes
bitDegree.ca
Well-known discretionary
• An attribute that must be recognized
g by
y all BGP implementations
p
• But may or may not be sent in the BGP UPDATE message.
Example: LOCAL_PREF
Path Attributes
bitDegree.ca
Optional transitive
• An attribute that may or may not be, recognized by all BGP
implementations (thus, optional).
• Because the attribute is transitive, the receiving BGP process
should always accept and propagate it, even if the attribute isn’t
recognized.
Example: COMMUNITY
BGP
Path Attributes
bitDegree.ca
Optional non-transitive
• An attribute that may or may not be, recognized by all BGP
implementations.
p
• But because it is non-transitive, if the receiving BGP router does
NOT recognize the attribute, ignore it and do NOT propagate it to
other BGP peers.
Example: ORIGINATOR_ID
External BGP
bitDegree.ca
• When BGP is running between neighbours that belong

to different autonomous systems, it is called EBGP.
• EBGP neighbours, by default, need to be directly
connected. Packets exchanged default to TTL=1.
BGP
Internal BGP
bitDegree.ca
• BGP between neighbours within the same AS (and who need not
be directly connected), is called IBGP.
– IBGP exists to provide a pathway through the AS for BGP
route exchange; this permits the sharing of routes learned
from one EBGP peer with another EBGP peer.
BGP
Configuration
bitDegree.ca
• To begin configuring a BGP process, issue the following familiar

command:
Router(config)#router bgp AS-number
• BGP configuration
fi ti commands
d appear on th
the surface
f tto mirror
i th
the
syntax of familiar IGP commands.
• Although the syntax is similar, the function of these commands is
significantly different.
• Note: Cisco IOS permits only one BGP process to run at a time, thus, a
router cannot belong to more than one AS.
BGP
BGP network
Configuration
bitDegree.ca
Router(config-router)#network network-number [mask network-mask]

• In BGP, the network command tells the BGP process which
locally learned networks to advertise.
– This is unlike IGPs, where the network command implicitly identifies
g updates
the interfaces on which to send and receive routing p ((as well
as which directly connected networks to advertise).
– When configuring BGP, the network command does not affect the
interfaces on which BGP peering occurs. This is a subtle, but
significant, difference between BGP and IGPs.
• The networks to be advertised can derive from any routing process,
including connected or static.
BGP network
Configuration
bitDegree.ca
network command continued…

Router(config-router)#network network-number [mask network-mask]
• These networks must exist in the router’s local routing table
(show ip route), or they will not be announced into BGP and sent
out in updates. (more later)
• You can use the mask keyword with the network command to specify
individual subnets.
• Be mindful that BGP route propagation is often filtered by a routing
policy at the enterprise edge.
BGP
Route Advertisement
bitDegree.ca
• Suppose the following route appears in RTB’s table:

0 192.168.1.0/24 [110/74] via 10.2.2.1, 00:31:34, Serial2
• RTB learned this route via an IGP; in this case, OSPF.

• This AS uses OSPF internally to exchange route information.
• Can RTB advertise this network to an external AS via BGP?
• Certainly, redistributing OSPF into BGP will do the trick, but
the BGP network command will also work and is preferred.
Route Advertisement
bitDegree.ca
RTB(config)#router bgp 200

RTB(config-router)#network 172.16.1.0 mask 255.255.255.252
RTB(config-router)#network 10.1.1.0 mask 255.255.255.252
RTB(config-router)#network 192.168.1.0
• The first two network commands include the mask keyword, so that only a
particular subnet is advertised in each case.
• The third network command results in the OSPF route being advertised by BGP
without redistribution.
• Remember that the BGP network command works differently than the IGP
network command!
BGP
BGP neighbour
Configuration
bitDegree.ca
Router(config-router)#
neighbor {ip-address | peer-group-name} remote-as AS-number
• In order for a BGP router to establish a neighbour relationship with

another BGP router, you must use this command to identify a peer
router with which the local router will establish a session.
• The AS-number argument implictly determines whether the neighbour
router is an EBGP or an IBGP neighbour.
Example: BGP neighbor Command

bitDegree.ca
connection to
EBGP neighbour
BGP
Other BGP neighbor Commands

bitDegree.ca
neighbor {ip-address | peer-group-name} update-source
interface-type interface-number
• This configures BGP to use the IP address of the specified
interface as the source IP for all BGP updates to that neighbour.
neighbor {ip-address | peer-group-name} ebgp-multihop [hops]
• This allows for EBGP peering when neighbours are not directly
connected. hops is the hop count to the peer’s IP address; if
omitted, value is set to 255.
• Below, is an alternative (IOS 12.0+, based on RFC 3682) … note
that hops is the maximum allowable hops to a valid peer. Packet
is originated with TTL=255, and an incoming packet’s TTL must
be >= (256 – hops). How does this enhance security?
neighbor {ip-address | peer-group-name} ttl-security hops
hops
IBGP Scenario
bitDegree.ca
C
EBGP EBGP
S0 S0
S2
IBGP S2
A B S1 E F
S1
D
AS 100 AS 200 AS 300
• To configure B & E to be IBGP peers in AS 200, one obvious way is to

configure neighbor statements on each router referring to the other's
serial interface.
• But, if we did so and the chosen serial interface failed, we would lose our
BGP session, even though TCP/IP connectivity is still possible (due to
the alternate serial path).
• What can we do to take full advantage of this fault tolerant topology?
(Hint: What type of interface never goes down?)
BGP
IBGP Scenario – Solution

bitDegree.ca
C
EBGP EBGP
S0 S0
S2
IBGP S2
A B S1 E F
S1
Loop1: 192.168.255.1/32 Loop2: 192.168.255.2/32
D
AS 100 AS 200 AS 300
• Introduce loopback interfaces on both B & E.
• Peer to each other's loopback interface IP addresses.
– These loopback addresses must be dynamically routed by the IGP
so that reachability is maintained over both serial paths.
• Force router B's BGP session to use its loopback as the source IP for
any BGP messages to E (and likewise for router E).
– By default, the source IP for any BGP message will be that of the
outbound interface, not the loopback. Since we are only peering on
the loopback IP, the message would otherwise be rejected.
IBGP Scenario – Sample Configuration

bitDegree.ca
C
EBGP EBGP
S0 S0
S2
IBGP S2
A B S1 E F
S1
Loop1: 192.168.255.1/32 Loop2: 192.168.255.2/32
D
AS 100 AS 200 AS 300
Router B
router bgp 200
neighbor 192.168.255.2 remote-as 200
neighbor 192.168.255.2 update-source loop1
Router E
Reminder: Must advertise
both loopback IPs in the IGP. router bgp 200
neighbor 192.168.255.1 remote-as 200
neighbor 192.168.255.1 update-source loop2
BGP
EBGP Multihop
bitDegree.ca
EBGP Multihop
EBGP Multihop
I do not speak BGP. But RTW

and RTU can use EBGP
multihop to speak BGP.
• EBGP neighbours must be directly connected in order to establish an

EBGP session.
session (EBGP packets default to TTL=1)
• However, EBGP multihop is a Cisco IOS option that allows RTW and
RTU to be logically connected in an EBGP session, despite the fact that
RTV does not support BGP.
• The EBGP multihop option is configured on each peer with the following
command:
Router(config-router)#neighbor IP-address ebgp-multihop [hops]
EBGP Multihop
bitDegree.ca
EBGP Multihop
EBGP Multihop
I do not speak BGP. But RTW and
RTU can use EBGP multihop to
speak BGP.
BGP
EBGP Multihop
bitDegree.ca
RTW(config)#router bgp 200

RTW(config-router)#neighbor 3.3.3.3 remote-as 300
RTW(config-router)#neighbor 3.3.3.3 ebgp-multihop 2
AS200 2.2.2.2
Note: This configuration

assumes mutual reachability
to each peer's IP. If not,
AS300 static routes may be
required.
3.3.3.3
RTU(config)#router bgp 300

RTU(config-router)#neighbor 2.2.2.2 remote-as 200
RTU(config-router)#neighbor 2.2.2.2 ebgp-multihop 2
EBGP Multihop Example 2 - A

bitDegree.ca
• Router A in AS 65102 has 2 paths to router B in AS 65101.

• A & B can become EBGP peers using a single neighbor
statement on each side (as shown).
BGP
EBGP Multihop Example 2 - B

bitDegree.ca
• When configured this way, however, if the chosen link fails,

the BGP session will drop and packets will not pass
between the two AS’s, even though a backup path clearly
exists.
EBGP Multihop Example 2 - C

bitDegree.ca
• One solution might be to use 2 neighbor statements on

each side, to establish redundant BGP neighbour
relationships.
• But, this doubles all BGP traffic between routers A & B!!
BGP
EBGP Multihop Example 2 - D

bitDegree.ca
• A superior solution is to establish EBGP peering using loopbacks,

similar to what we did previously over IBGP.
• Can you explain the need for the additional neighbor commands and
the static routes?
Using a Peer Group

bitDegree.ca
• Peer groups are useful for creating a common (outbound)

update policy shared by multiple BGP neighbours.
• Updates are generated once per peer group.
• Members can have
ha e individual
indi id al inbound
inbo nd policies.
policies
neighbor peer-group-name peer-group
neighbor peer-group-name options-and-parameters
• The first line names and creates the peer group.

• The next line appears as many times as needed, to set the
common BGP update options (e (e.g.
g remote-as
remote as, update-source
update source,
route-map, etc).
neighbor ip-address peer-group peer-group-name
• Will identify a neighbour as a particular peer group member.

BGP
Example: Using a Peer Group

bitDegree.ca
BGP Neighbour Authentication

bitDegree.ca
neighbor {ip-address | peer-group-name} password string
• Configure a “key”
key (password string)
• The router generates an MD5 digest (or hash), of the
key + the message.
– When introducing or changing a password, the
common string must be set on all peers before the
hold time expires (default 180 secs), to avoid
resettingg the BGP session.
• Only the message digest is sent; the key is not.
• Router generates and checks the MD5 digest of every
segment sent on the TCP connection. Router
authenticates the source of each routing update packet
that it receives.
BGP
Example: BGP Neighbour Authentication

bitDegree.ca
65000
BGP
Configuration
bitDegree.ca
• Finally, whenever you are configuring BGP, you might notice that
changes you make to an existing configuration may not appear
immediately.
• To force BGP to clear its table and reset BGP sessions, use the clear
ip bgp command.
command The easiest way a to enter this command is as follo
follows:
s
RTB#clear ip bgp *
Use this command with CAUTION, better yet, not at all, in a production
network. Why?
Better to clear a session with a specific neighbour, if it will suffice:
RTB#clear ip bgp 10.1.1.2
BGP
BGP neighbor shutdown Command

bitDegree.ca
neighbor {ip-address | peer-group-name} shutdown
• Administratively brings down a BGP neighbour

• Used for maintenance and policy changes to prevent
route flapping
no neighbor {ip-address | peer-group-name} shutdown
• Re-enables a BGP neighbour that has been

administratively shut down
Example
bitDegree.ca
BGP
Example
bitDegree.ca
Example
bitDegree.ca
BGP
Example
bitDegree.ca
Example
bitDegree.ca
BGP
Verifying BGP Configuration

bitDegree.ca
• If the router has not installed the BGP routes you expect, you can use the
show ip bgp command to verify that BGP has learned these routes.
• More later…
RTA#show ip bgp
BGP table version is 3, local router ID is 10.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path

* i1.0.0.0 192.168.1.6 0 100 0 200 400 e
*>i10.1.1.1/32 10.1.1.1 0 100 0 i
*>i172.16.1.0/24 10.1.1.1 0 100 0 i
* i192.168.1.32/27 192.168.1.6 0 100 0 200 i
Verifying BGP Configuration

bitDegree.ca
• If an expected BGP route does not appear in the BGP table, you can use
the show ip bgp neighbors command to verify that your router has
established a BGP connection with its neighbours.
RTA#show ip bgp neighbors

BGP neighbor is 172.24.1.18, remote AS 200, external link
BGP version 4, remote router ID 172.16.1.1
BGP state = Established, up for 00:03:25
Last read 00:00:25, hold time is 180, keepalive interval is 60 seconds
Neighbor capabilities:
Route refresh: advertised and received
Address family IPv4 Unicast: advertised and received
Received 7 messages
messages, 0 notifications
notifications, 0 in queue
Sent 8 messages, 0 notifications, 0 in queue
Route refresh request: received 0, sent 0
Minimum time between advertisement runs is 30 seconds
<output omitted>
BGP
Summary View of BGP Peers

bitDegree.ca
RouterA# show ip bgp summary

BGP router identifier 10.1.1.1, local AS number 65001
BGP table version is 124, main routing table version 124
9 network entries using 1053 bytes of memory
22 path entries using 1144 bytes of memory
12/5 BGP path/bestpath attribute entries using 1488 bytes of memory
6 BGP AS-PATH entries using 144 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 3829 total bytes of memory
BGP activity 58/49 prefixes, 72/50 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.0.2 4 65001 11 11 124 0 0 00:02:28 8

172.31.1.3 4 64998 21 18 124 0 0 00:01:13 6
172.31.11.4 4 64999 11 10 124 0 0 00:01:11 6
BGP Peering
bitDegree.ca
AS500
AS100 AS200 AS300
• Routes learned via IBGP peers are not propagated to other IBGP peers.
– BGP Split Horizon Rule
• If they did, BGP routing inside the AS would present a dangerous
potential
t ti l for
f routing
ti loops.
l (because
(b no change
h to
t AS_PATH
AS PATH occurs
from one IBGP peer to the next)
• For IBGP routers to learn about all BGP routes inside the AS, they must
connect to every other IBGP router in a logical full mesh.
– You can create a logical full mesh even if the routers aren’t directly
connected, as long as the IBGP peers can connect to each other
using TCP/IP.
BGP
BGP Peering
bitDegree.ca
AS500
AS100 AS200 AS300

• Without the dotted connection, routing in this scenario is not complete.
• EBGP routes learned by way of San Jose (from AS100) will not be
given to Los Angeles, and EBGP routes learned by way of Los Angeles
(f
(from AS300) will
ill nott be
b given
i to
t San
S Jose.
J
– since the San Francisco router will not advertise IBGP routes
between San Jose and Los Angeles.
• What is needed is an additional IBGP connection between San Jose
and Los Angeles.
• This connection is shown as a dotted line.
AS Synchronization
bitDegree.ca
• When an IBGP router receives an update about a destination from an

IBGP peer, it tries to verify reachability to that destination via an IGP,
such as RIP or OSPF.
• If the IBGP router can’t find the destination network in its IGP routing
table, it will not advertise the destination to other BGP peers.
BGP
AS Synchronization
bitDegree.ca
• If the route is not reachable through the IGP running within the AS,
non-BGP routers (such as RTD and RTB) will not be able to route
traffic passing through the AS towards this destination.
• Rationale: It is pointless to advertise destinations to external peers if
traffic sent through this AS is going to be dropped by some non-BGP
internal router along the way.
AS Synchronization
bitDegree.ca
• If the IBGP router (RTC) does have an IGP route to this destination, the
route is considered synchronized, and the router will announce it to
other EBGP peers (ISP2).
• Otherwise, the router will treat the route as not being synchronized with
the IGP and will not advertise it.
BGP
AS Synchronization
bitDegree.ca
• The BGP synchronization rule

states that a BGP router (RTC)
should not advertise to external
neighbours (ISP2), destinations
learned from IBGP neighbours
(192.213.1.0/24 from RTA), unless
those destinations are also known
via an IGP.
• Consider traffic from ISP2, bound
for 192.213.1.0/24, entering RTC:
– This traffic will be routed to RTB, on its way to RTA.
– However, such packets entering RTB will have a destination IP in
the 192.213.1.0/24 network, so if RTB does not have a route for that
destination, these packets will be dropped at RTB.
• If a BGP router does have a route to the destination network via an IGP,
it is assumed that the route is being propagated inside the AS (to both
RTB & RTD in our example), and internal reachability is guaranteed.
AS Synchronization
bitDegree.ca
• The consequence of injecting BGP routes inside an AS is costly.

• Redistributing routes from BGP into the IGP will result in major
overhead on the internal routers, which are often NOT equipped to
handle that many routes.
• Besides, carrying all external routes inside an AS is not always
necessary.
BGP
AS Synchronization
bitDegree.ca
• The Cisco IOS offers an optional command called no synchronization.

• This command enables BGP to override the synchronization
requirement, allowing the router to advertise routes learned via IBGP
irrespective of the existence of an IGP route.
AS Synchronization
bitDegree.ca
• In practice,
practice two situations exist where synchronization can be safely
turned off on border routers (default on IOS 12.2(8)T and later):
1. When all transit routers inside the AS are running fully
meshed IBGP. Internal reachability is guaranteed because a
route that is learned via EBGP on any of the border routers will
automatically be passed on via IBGP to all other transit routers.
2. When the AS is not a transit AS.
BGP
show ip bgp
bitDegree.ca
To display entries in the BGP routing table, use the show ip bgp
command.
show ip bgp [network-prefix [network-mask [longer-prefixes]]]
• The longer-prefixes option will result in the display of both routes

matching the specified prefix/mask, plus any more specific routes (i.e.
those with a longer prefix, but matching the given prefix/mask).
– show ip bgp 192.168.0.0 255.255.0.0 longer-prefixes
will show routes to network 192.168.0.0 as well as 192.168.1.0,,
192.168.2.0, …
• Following are some examples.
show ip bgp
bitDegree.ca
RouterC#show ip bgp

*> 11.0.0.0 0.0.0.0 0 32768 i
*> 12.0.0.0 200.200.200.65 0 300 200 i
*> 193.10.2.0 200.200.200.65 0 0 300 i
BGP
show ip bgp
bitDegree.ca
RouterC#show ip bgp

*> 11.0.0.0 0.0.0.0 0 32768 i
*> 12.0.0.0 200.200.200.65 0 300 200 i
*> 193.10.2.0 200.200.200.65 0 0 300 i
• BGP table version - Internal version number of the table. This number
is incremented whenever the table changes.
• local router ID – uniquely identifies this router
router.
• Status codes - Status of the table entry. The status is displayed at the
beginning of each line in the table. It can be one of the following values:
s —The table entry is suppressed in favour of a summary route.
* —The table entry is valid (next hop is reachable).
> —The table entry is the best entry to use for that network.
i —The table entry was learned via an internal BGP (iBGP) session
show ip bgp
RouterC#show ip bgp bitDegree.ca
Network Next Hopp Metric LocPrf Weight

g Path
*> 11.0.0.0 0.0.0.0 0 32768 i
*> 12.0.0.0 200.200.200.65 0 300 200 i
*> 193.10.2.0 200.200.200.65 0 0 300 i
• Origin codes - Origin of the entry. The origin code is placed at the end of each
line in the table. It can be one of the following values:
– i — Entry originated from Interior Gateway Protocol (IGP) and was
advertised with a network router configuration command.
– e — Entry originated from Exterior Gateway Protocol (EGP).
– ? — Origin of the path is not clear. Usually, this is a route that was
explicitly redistributed into BGP from an IGP.
• Network - IP address of a network entity.
• Next Hop - IP address of the next system that is used when forwarding a
packet to the destination network. An entry of 0.0.0.0 indicates that the router
has some non-BGP routes to this network.
BGP
show ip bgp
RouterC#show ip bgp
bitDegree.ca

*> 11.0.0.0 0.0.0.0 0 32768 i
*> 12.0.0.0 200.200.200.65 0 300 200 i
*> 193.10.2.0 200.200.200.65 0 0 300 i
• Metric - If shown, the value of the inter-AS metric.

• LocPrf - Local preference value as set with the set local-preference
route-map configuration command. The default value is 100.
• Weight - Weight of the route as set via autonomous system filters.
• Path – AS_Path to the destination network. Each integer in this field
represents an autonomous system along the path to the destination
network.
Another Example: show ip bgp

bitDegree.ca
RouterA# show ip bgp

Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal r RIB
internal, RIB-failure,
failure S Stale
*> 10.1.0.0/24 0.0.0.0 0 32768 i
* i 10.1.0.2 0 100 0 i
*> 10.1.1.0/24 0.0.0.0 0 32768 i
*>i10.1.2.0/24 10.1.0.2 0 100 0 i
*> 10.97.97.0/24 172.31.1.3 0 64998 64997 i
* 172.31.11.4 0 64999 64997 i
* i 172.31.11.4 0 100 0 64999 64997 i
*> 10.254.0.0/24 172.31.1.3 0 0 64998 i
* 172.31.11.4 0 64999 64998 i
* i 172.31.1.3 0 100 0 64998 i
r> 172.31.1.0/24 172.31.1.3 0 0 64998 i
r 172.31.11.4 0 64999 64998 i
r i 172.31.1.3 0 100 0 64998 i
*> 172.31.2.0/24 172.31.1.3 0 0 64998 i
<output omitted>
Displays networks from lowest to highest.

BGP
Other Status Codes: show ip bgp

bitDegree.ca
• d – route is being dampened (penalized) for going up and

down too often. Although the route might be up right now, it
i nott advertised
is d ti d until til th
the penalty
lt hhas expired
i d
• h – history, indicates that the route is unavailable and is
probably down; historic information about the route exists,
but a best route does not exist
• r – for routing information base (RIB) failure, indicates that
the route was not installed in the RIB. The reason that the
route is not installed can be displayed using command:
show ip bgp rib-failure
• S – route is stale; only used in a NSF-aware router (NSF is
non-stop forwarding)
Triggering BGP Updates

bitDegree.ca
• When policies such as access lists or attributes are

altered, the change takes effect immediately, but
depending on the nature of the modification, it can
take
k some timei b
before
f ensuing
i BGP updates
d are
propagated and appropriate changes to BGP routes or
tables become evident.
• To immediately see the effect of any BGP-related
configuration changes, you can trigger an update.
• Here are the ways to trigger an update:
– Hard reset
– Soft reset
– Route refresh
BGP
Hard Reset of BGP Sessions

bitDegree.ca
Router#
clear ip bgp *
•RResetst allll BGP connections

ti with
ith this
thi router.
t
• Entire BGP forwarding table is discarded.
• BGP session makes the transition from established to
idle; everything must be relearned.
Router#
clear ip bgp [neighbor-address]
• Resets only a single neighbour.

• BGP session makes the transition from established to
idle; everything from this neighbor must be relearned.
• Less severe than clear ip bgp *.
Soft Reset Outbound

bitDegree.ca
Router#
clear ip bgp {* | neighbor-address} [soft out]
• Routes learned from this neighbour are not lost.

• This router resends all BGP information to the
neighbour without resetting the connection.
• The connection remains established.
• This option is highly recommended when you are
changing outbound policy.
• The soft out option does not help if you are
changing inbound policy.
BGP
Inbound Soft Reset

bitDegree.ca
neighbor [ip-address] soft-reconfiguration inbound
• This router stores all updates from this neighbor in case

the inbound policy is changed.
• The command is memory-intensive.
Router#
clear ip bgp {* | neighbor-address} soft in
• Uses the stored information to generate new inbound

updates.
Route Refresh:
Dynamic Inbound Soft Reset
bitDegree.ca
Router#
clear ip bgp {* | neighbor-address} [soft in | in]
• Routes advertised to this neighbour are not withdrawn.

• Does not store update information locally.
• The connection remains established.
• Introduced in IOS 12.0(2)S and 12.0(6)T
BGP
debug ip bgp updates Command

bitDegree.ca
RouterA#debug ip bgp updates

Mobile router debugging is on for address family: IPv4 Unicast
RouterA#clear ip bgp 10.1.0.2
output o
<output omitted>
tted
*Feb 24 11:06:41.309: %BGP-5-ADJCHANGE: neighbor 10.1.0.2 Up
*Feb 24 11:06:41.309: BGP(0): 10.1.0.2 send UPDATE (format)
10.1.1.0/24, next 10.1.0.1, metric 0, path Local
*Feb 24 11:06:41.309: BGP(0): 10.1.0.2 send UPDATE (prepend, chgflags:
0x0) 10.1.0.0/24, next 10.1.0.1, metric 0, path Local
*Feb 24 11:06:41.309: BGP(0): 10.1.0.2 NEXT_HOP part 1 net
10.97.97.0/24, next 172.31.11.4
10.97.97.0/24, next 172.31.11.4, metric 0, path 64999 64997
_
*Feb 24 11:06:41.309: BGP(0): 10.1.0.2 NEXT_HOP part 1 net
172.31.22.0/24, next 172.31.11.4
172.31.22.0/24, next 172.31.11.4, metric 0, path 64999
<output omitted>
*Feb 24 11:06:41.349: BGP(0): 10.1.0.2 rcvd UPDATE w/ attr: nexthop
10.1.0.2, origin i, localpref 100, metric 0
*Feb 24 11:06:41.349: BGP(0): 10.1.0.2 rcvd 10.1.2.0/24
*Feb 24 11:06:41.349: BGP(0): 10.1.0.2 rcvd 10.1.0.0/24
BGP Routing Process

bitDegree.ca
• The Cisco implementation of BGP keeps track of all BGP updates in a

BGP table separate from the IP routing table.
• In case multiple routes to the same destination exist, BGP does not
flood its peers with all those routes. Instead, BGP picks only the best
route and sends it to the peers.
• In addition to passing along routes from peers
peers, a BGP router may
originate routing updates to advertise networks that belong to its own
AS.
• Valid local routes originating within the AS and the best routes learned
from BGP peers are then installed into the IP routing table.
• The IP routing table is used for the final routing decision.

10F NET3008 - Ch6 BGP1 120

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

10F NET3008 - Ch6 BGP1 120

Hochgeladen von

Copyright:

Verfügbare Formate

BGP

CCNP ROUTE – Chapter 6

• IGP (Interior Gateway Protocol) - RIP, IGRP, EIGRP, OSPF, IS-IS =

IGPs vs. EGPs

• An AS is a collection of networks under a single technical

When to use BGP – Cisco CCO

When not to use BGP – Cisco CCO

Who needs BGP?

• Not as many internetworks as you may think.

Overview of autonomous systems

• An AS is a group of routers that share similar routing

Overview of autonomous systems

• Each AS is identified by a 16-bit number.

1. Single-homed AS – Default Route

• If an AS has only one exit point to outside networks, it is considered a

3. Single-homed AS – EGP (private AS)

Multi-homed or Single Multi-homed

Multi-homed Autonomous Systems

Summarized network address

• An AS is multihomed if it has more than one exit point to outside

Note: Any enterprise

Two Logical Links

• Incoming route advertisements influence your outgoing traffic, and

• A multi-homed transit system has more than one connection to the

• When BGP is running between routers within the same AS, it is

BGP Hazards – Doyle, Routing TCP/IP

• Creating a BGP “peering” relationship involves an interesting

BGP Hazards – Doyle, Routing TCP/IP

BGP Hazards – Inadvertent Transit Domain

• We inadvertently advertise routes learned from ISP2 to ISP1.

• BGP is a ppath vector routingg pprotocol.

• The function of BGP is to:

• BGP updates are carried using TCP on port 179.

Loop Free Path

(6, 5, 3, 1) AS7 bitDegree.ca

Consider the routes from AS7

AS5 AS3 AS1

• The list of AS numbers associated with a BGP route is called the

AS5 AS3 AS1

Routing Loop Avoidance

3 200, 100, 500

• When two routers establish a TCP-enabled BGP connection between

• When BGP neighbours first establish a connection, they exchange all

• The information for network reachability can change, such as when a

• Peers exchange keepalive messages to ensure the connection is

BGP Message Types

• Before establishing a BGP peer connection the two

BGP Message Header

Each BGP Message contains the following header:

• After the TCP session is established,

Type 2: BGP Keepalive Message

Type 3: BGP Update Message

• UPDATE messages contain all the information BGP uses to construct a

Type 3: BGP Update Message

Network-Layer Reachability Information (NLRI)

Type 4: BGP Notification Message

• A Notification message is sent whenever an error is detected and

• BGP neighbour establishment proceeds through

BGP Input Events (IE)

• the FSM transitions from state to state based on Input Events:

Stuck in Idle: The router in this

• If the connection is unsuccessful (IE=5), the BGP process: