Date post: | 13-Jan-2015 |
Category: |
Education |
Upload: | febrian-setiadi |
View: | 4,563 times |
Download: | 3 times |
Introduction to Border Gateway Protocol (BGP 4)
Version 1.2
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 2
Summary
BGP Concept
BGP Operation
Route Control
Configuration
Trouble-shooting
Juniper vs. Cisco
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 3
Summary
BGP Concept
BGP Operation
Route Control
Configuration
Trouble-shooting
Juniper vs. Cisco
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 4
Concepts
The BGP protocol was developed by the IDR Working Group of IETF. A first version of BGP was published in June 1989 as RFC 1105 (BGP-1). A second version was published in June 1990 as RFC 1163 (BGP-2). A third version was published in October 1991 as RFC 1267 (BGP-3).
A fourth version was published in July 1994 as RFC 1654 (BGP-4). The Current version of BGP-4 is documented in RFC 1771 (March 1995).
BGP-4 supports the path vector concept to avoid the potential routing loop introduced by
complicated (I.e., full-meshed) Internet topology
IP prefix and length advertisements
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 5
JUNOS software supports BGP Version 4 and several extensions to the protocol RFC 1771, A Border Gateway Protocol 4 (BGP-4) RFC 1772, Application of the Border Gateway Protocol in the
Internet RFC 1965, Autonomous System Confederations for BGP RFC 1966, BGP Route Reflection: An Alternative to Full-Mesh IBGP RFC 1997, BGP Communities Attribute RFC 2270, Using a Dedicated AS for Sites Homed to a Single
Provider RFC 2283, Multiprotocol Extensions for BGP-4 RFC 2385, Protection of BGP Sessions via the TCP MD5 Signature
Option RFC 2439, BGP Route Flap Damping Capabilities Negotiation with BGP4, IETF draft draft-ietf-idr-cap-
neg-01 BGP Extended Communities Attribute, IETF draft-ramachandra-bgp-
ext-communities-04.txt
BGP Protocol Overview
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 6
Concepts the concept of classless interdomain routing to allow better use of
existing IP address space and to minimize the rapid growth of routing table size (CIDR, RFC 1519)
policy-based routing using a set of pre-defined path attributes BGP-4 supports route aggregation and AS aggregation (I.e., AS
Set and Confederation) fast convergence by requiring the router to inform its neighbors
when the previously announced routes become unreachable large routing table size authentication using BGP identifier and AS number. In addition, it
supports encrypted signature in every BGP message.
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 7
Concepts BGP routers only use those routes whose next-hop can be reached BGP routers advertise only those routes that they use BGP runs over a reliable transport protocol.
TCP port 179 takes care of segmenting, sequencing, retransmission and
acknowledgments supports a "graceful" close, i.e., that all outstanding data will be
delivered before the connection is close. - 4096 max frame size - hold time (90 sec def – smallest used between peers) - open->updates->keepalives (steady state)-> notification
(close) | | ----------------
BGP MIB consists of the BGP Peer Table, The BGP Path Attribute Table and a Global Table.
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 8
Concepts
Autonomous System (AS)
The classic definition of an Autonomous System is a set of routers under a single technical administration, using a single IGP and common metrics to route packets within the AS, and using an EGP to route packets to other ASs.
Currently, it has become common for a single AS to use several IGPs and sometimes several sets of metrics within an AS.
The use of the term Autonomous System here stresses the fact that, even when multiple IGPs and metrics are used, the administration of an AS appears to other ASs to have a single coherent interior routing plan and presents a consistent picture of what destinations are reachable through it.
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 9
ConceptsAutonomous System Type
• Stub AS– Single Exit Point– Local Traffic
• Multi-Homed AS– Multiple Exit Points– Local Traffic
•Transit AS– Local and Transit Traffic
Provider "A"
AS 50
Provider "B"
AS 60
Customer #1AS 100
Customer #2AS 110
Customer #nAS 120
EBGP
IBGP
Stub AsStub As
Multi-HomedMulti-Homed
Stub AsStub As
Transit ASTransit AS
Transit ASTransit AS
TCP Connections
BGP Peers
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 10
BGP AS
What is an AS? - 16 bit integer (1-65535) - 64512-65535 private.
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 11
Concepts
CIDR = Classless Inter Domain Routing
Address Assignment and Aggregation Strategy A mechanism to aggregate IP addresses into blocks of
multiple of the old style classes of addresses Reduces routing information through this aggregation Conserves Resources
router resources (CPU, memory) bandwidth (less routes -> less routing packets)
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 12
Concepts
SupernetOrganizations are allocated Blocks of IP addresses
These blocks are allocated in powers of 2
The Blocks of Address Space can be Aggregated into one routing announcement (Supernetting)
Block of 256 “Class C” Networks (or a class B sized block) IP addresses 192.24.0.0 thru 192.24.255.255 Can be described by one Supernetted Route
192.24.0.0 Mask 255.255.0.0
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 13
Concepts
Exterior Routes
Routes learned from other autonomous systems
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 14
Concepts
Between BGP Speakers in different AS
Should be directly connected Configuration
Router A
bgp {
group EXTERNAL {
neighbor 1.1.1.2;
type external;
peer-as 200 ;
}
{
Router B
bgp {
group EXTERNAL {
neighbor 1.1.1.1;
type external;
peer-as 100 ;
}
{
External Neighbor
AS 100
AS 200
1.1.1.0
.1
.2
A
B
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 15
Concepts
Neighbor in same AS May be several hop away Configuration
Router A
bgp {
group INTERNAL {
type internal;
neighbor 1.1.1.1;
}
}
Router B
bgp {
group INTERNAL {
neighbor 2.2.2.2;
type internal;
}
{
Internal Neighbor
AS 100
A
B
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 16
Concepts
Internal vs. External BGP
Local Preference MED
Cluster list
Next-hop address AS Path
IBGP Update
Preserved
Preserved
Prepend the Cluster ID
by RR
Preserved
Unchanged
EBGP Update
Removed
Removed the MED from previous AS
Unchanged
Changed to the local address
Prepend the local AS
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 17
BGP Attribute
Well-known mandatory – Always present in a BGP update. All BGP implementations recognize these attributes. An example is the BGP next hop attribute. (Origin, AsPath)
Well-known discretionary - Might be present in a BGP update. All BGP implementations recognize these attributes. An example is the local preference attribute.
Optional transitive - Must be passed to other BGP peers even if the local peer does not understand or process the attribute. An example is the community attribute.
Optional non-transitive - Must not be passed to other BGP peers. An example is the MED attribute
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 18
Concepts
AS path Attributes Standard attribute types
1, ORIGIN (well-known mandatory) 2, AS_PATH (well-known mandatory) 3, NEXT_HOP (well-known mandatory) 4, MULTI_EXIT_DISC (optional non-transitive) 5, LOCAL_PREF (well-known discretionary) 6, ATOMIC_AGGREGATE (well-known discretionary) 7, AGGREGATOR (optional transitive)
Additional attribute types have been created via supplemental specifications to extend the protocol
8, Community (optional transitive) 9, Originator Id (optional non-transitive) 10, Cluster list (optional non-transitive) 11, Destination Path Attribute (optional transitive)
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 19
Concepts
Path traversed one or more members of a set
{100 200} (as-set)
A list of AS’s that a route has traversed
300 100 (sequence)
AS-Path
100143.89.14.0/24
206.161.46.0/24200
206.161.47.0/24
300210.168.35.0/24
143.89.14.0/24 300 100210.168.35.0/24 300206.161.46.0/23 300 {100 200}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 20
Concepts
set by EBGP speaker or policy
Next hop to reach a network Router A will advertise 100.100.100.1 next hop for network 150.10.0.0
Next-hop
100.100.100.0
AS 109150.10.0.0/16
B
A
.2
.1
AS 173
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 21
Concepts
Router B would advertise 100.100.100.3 as an “next-hop” to reach the network behind router C to AS 109 ( router A )
Next-hop Issue
.1
100.100.100.0/24
AS 109
AS 173
.2 .3
EBGP
Router A
Router B Router C
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 22
Concepts
Problem will occur if the network in-between is actually an NBMA network !
Next-hop Issue
.1
100.100.100.0/24
AS 109
AS 173
.2 .3
EBGP
Router A
Router B Router C
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 23
Concepts
Use “next-hop self” to solve
Next-hop Issue
.1
100.100.100.0/24
AS 109
AS 173
.2 .3
EBGP
Router A
Router B Router C
Router B:protocol bgp {
group BGP-to-router-A {
export chg-nexthop;
}
}
policy-options policy-statement chg-nexthop {
from protocol bgp;
then next-hop self;
}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 24
Concepts
Preference send to all routers in local AS Path with highest preference value are most desirable
Local Preference
AS 173
AS 180
AS 666AS 200
Where to 200 ??
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 25
Concepts
Local Preference
bgp { group EXTERNAL { type external;
peer-as 666 local-preference 100; neighbor 1.1.1.1; }}
AS 173
AS 180
AS 666AS 200
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 26
Concepts
Multi-Exit Discriminator (MED)
32-bit, non-negative
Affects all routes from same AS path
Advertised to external neighbors
Lower MED value is more preferable
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 27
Concepts
Applies on a AS path basis
Multi-Exit Discriminator (MED)
AS 666
AS 173
AS 200
AS 2000
AS 1800
AS 1988
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 28
Concepts
Multi-Exit Discriminator (MED)Router A:
bgp {
group EXTERNAL {
type external;
neighbor 1.1.1.1 {
export MED;
peer-as 666;
}
}
}
policy-statement MED {
from as-path via-200;
then {
metric 200;
accept;
}
}
as-path via-200 ".* 200";
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 29
Concepts
Multi-Exit Discriminator (MED)
AS 666
AS 173
AS 200
AS 2000
AS 1800
AS 1988
A
set MED = 200
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 30
Concepts
Origin describes how a route was injected into BGP at the originating AS
IGPDefault export type on policy statement for BGP
EGPFrom protocol EGP, can be specified in the export policy
IncompleteUnknown source of information, can be specified in the export policy
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 31
Concepts
Atomic Aggregate
Used to inform BGP speaker about less specific route.
More specific route exists and is included in it
BGP speaker receiving this attribute shall not remove the attribute when propagating it
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 32
Concepts
Aggregator (6-bytes)
Last AS number that formed the aggregate route (2 bytes)
IP address of the BGP speaker that formed the aggregate route (4-bytes)
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 33
Concepts
Route Reflector and Confederation
Scaling would be an issue when there are too many BGP peer within the AS
BGP speaker would not pass the BGP routes learn from an IBGP peer to another IBGP peers
Number of connection required = n(n-1)/2
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 34
Concepts
Route Reflector – RFC 1966 Acting as a “mirror” to reflect the BGP routes learned
from the IBGP peers to the clients Update from non-client to all clients Update from client to all non-clients and the other clients
except the one originated the route Provide the normal BGP speaker function to all other
non-clients Pending cluster-list and originator ID
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 35
Concepts
Route Reflector
AS100
AS300
AS200
EBGP EBGP
IBGP
client client
RR
non-client
IBGP
IBGP
AS100
AS300
AS200
EBGP EBGP
IBGP
IBGP
IBGP
IBGP
IBGP
IBGP
IBGP
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 36
Concepts
Route Reflector Loop Prevention
Originator ID
If the attribute “originator ID” has not been created in the attribute of the route, the RR will create this attribute
The content of “originator ID” is the router ID of the IBGP peer that pass this route to the RR
The RR would not reflect the route back to the The RR would not reflect the route back to the originatororiginator
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 37
Concepts
Route Reflector Loop Prevention
Cluster list
When the RR reflect the route to other peers, it will prepend it’s cluster ID within the cluster list
If the RR receive a route with it’s cluster ID within the If the RR receive a route with it’s cluster ID within the cluster list, the route would be discardedcluster list, the route would be discarded
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 38
Concepts
Confederation – RFC 1965
Scale down an AS into several Sub-ASs Each BGP peers between sub-AS would act as EBGP peer
except some of the attributes remain unchanged Local-preference passed through such a connect MED, next-hop unchanged between member AS’s of the
confederation.
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 39
Concepts
Confederation
AS100
AS200
EBGP
IBGP
IBGP
IBGP
IBGP
IBGP
IBGP
IBGP
IBGP
IBGP
IBGP
AS100
AS200
EBGP
EBGP
IBGP
IBGP
IBGP
IBGP
AS65500
AS65501
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 40
Summary
BGP Concept
BGP Operation
Route Control
Configuration
Trouble-shooting
Juniper vs. Cisco
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 41
BGP Protocol Messages
Four types of messages Open Update Keepalive Notification
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 42
BGP HeaderBGP Header
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | + + | | + + | Marker | + + | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | Type | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
•Marker: synchronization and authentication
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 43
BGP Open messageBGP Open message
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+ | Version | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | My Autonomous System | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Hold Time | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | BGP Identifier | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Opt Parm Len | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Optional Parameters | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 44
OPEN Message (Cont.)
Authentication Information (type 1)
Optional Parameters
0 1 2 3 4 5 6 7 8 +-+-+-+-+-+-+-+-+ | Auth. Code | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | Authentication Data | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 45
NOTIFICATION Message
0 1 2 30 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Error code | Error subcode | Data |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +| |+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
1 = HRD Error2 = OPEN Error3= UPDATE Error4 = Hold Time Expired5 = FSM Error6 = Cease(for fatal errors besides the ones already listed)
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 46
UPDATE Message
+-----------------------------------------------------+ | Unfeasible Routes Length (2 octets) | +-----------------------------------------------------+ | Withdrawn Routes (variable) | +-----------------------------------------------------+ | Total Path Attribute Length (2 octets) | +-----------------------------------------------------+ | Path Attributes (variable) | +-----------------------------------------------------+ | Network Layer Reachability Information (variable) | +-----------------------------------------------------+
+---------------------------+| Length (1 octet) |+---------------------------+| Prefix (variable) |+---------------------------+
0 10 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| Attr. Flags |Attr. Type Code|+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 47
BGP Operation
BGP TCP TCP BGP
Idle
Initializing
Open Sent
Open Confirm
Established
Syn SentListen
Syn Received
Idle
InitializingOpen Sent
Open Confirm
Established
EstablishedEstablished
Connect Connect
Open Open
KeepAlive KeepAlive
syn
Syn +Ack
Ack
BGP Peers
Update Update
BGP-4 Message Exchange
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 48
BGP Operation
Idle
Connect
Open Sent
Open Confirm
Established
Active
1
3
11
7
16
14
10
9
64
2
125
8
15
13
BGP-4 FSM
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 49
BGP OperationCurrent State
New State
Event
Idle Idle 1). Error Connect 2). Start
Connect Idle 3). Any other event
Connect 4). ConnectRetry Timer ExpiredOpen Sent 5). Transport Protocol Connect Succeeds
Active 6). Transport Protocol Connect Fails
Open Sent Idle 7). Stop, Open Error, Connection Collision, Hold Timer Expires, or any other event
Open Confirm 8). No Errors
Active 9). Disconnect Notification
Open sent--- Wait for open from peer Open sent--- Wait for open from peer
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 50
BGP Operation
Established 15). Keepalive
Open Confirm Idle 14). Hold Timer Expired, Notification, Disconnect, Stop, or any other event
Established Idle 16). Notification, UPDATE Message error Disconnect Notification, Hold Timer Expired, Stop, or any other event
Active Open SentConnectActive
Idle
10). Transport Connect Protocol Succeeds11). ConnectRetry Timer Expired12). Remote Peer Trying, IP Address Not Expected
13). Any Other Event
Current New Event State State
Open Confirm (waiting notification or keepalive – handshake)Open Confirm (waiting notification or keepalive – handshake)
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 51
Summary
BGP Concept
BGP Operation
Route Control
Configuration
Trouble-shooting
Juniper vs. Cisco
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 52
Route Control
Route Selection
Route with lowest preference value Route with highest local preference Route with the shortest AS path length Route with the lowest origin code ( IGP < EGP < incomplete ) Route with the lowest MED (cisco-nondeterministic / always-compare-med ) Routes are local generated Routes from EBGP peer Routes with the closest next-hop (determined by IGP metric) Routes from the peer with lowest router-id Routes from the neighbor with lowest IP address
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 53
Route Control
Policy Control
Import / Export PolicyCommunitiesAS pathRoute filtering
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 54
Route Control
Import / Export Policy
Per group / neighbor import / export policy
Used for advertise routes originated from the local AS
Used for change / add / delete BGP attributes
Global specific > Group specific > Neighbor specific
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 55
Route Control
Import / Export Policy
Applying policies:bgp { import global-import-policy-here; export global-export-policy-here; group testing-policy { import group-import-policy-here; export group-export-policy-here; neighbor 1.1.1.1 { import neighbor-import-policy-here; export neighbor-export-policy-here; } }}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 56
Route Control
Import / Export Policy
Check the routes received from a peer before applying an import policy:
show route receive-protocol bgp 1.1.1.1
Check the routes sent to a peer after applying an export policy:
show route advertising-protocol bgp 1.1.1.1
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 57
Route Control
Community
Well-known communityno-advertise Do not advertise to neighbors
no-export Do not advertise outside your confederation/AS
no-export-subconfed Do not advertise outside your subconfederation
Define Communitycommunity community-name members [ 100:10 100:30 ];
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 58
Route Control
AS Path
AS Path Regular Expressions{m,n} at least m and most n repetitions of term.
{m} Exact m repetitions of term
{m,} m or more repetitions of term
* Zero or more repetitions of term
+ One or more repetitions of term
? Zero or one repetitions of term
| One of the two terms on either side of the pipe
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 59
Route Control
Route filtering
Filtering based on IP prefix / AS path / Community string / Neighbor / Origin …..
Import / Export policy
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 60
Route Control
Route filtering
Matching criteria+ as-path Name of AS path regular expression (BGP
only)
+ community BGP community
local-preference Local preference associated with a route
+ neighbor Neighboring router
Origin BGP origin attribute
> prefix-list List of prefix-lists of routes to match
> route-filter List of routes to match
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 61
Route Control
Route filtering
Matching AS Pathpolicy-statement filtering {
from as-path testing-as-path;
then accept;
}
as-path testing-as-path ".* 200";
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 62
Route Control
Route filtering
Matching Community stringpolicy-statement filtering {
from community testing-community;
then accept;
}
community testing-community members 100:200;
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 63
Route Control
Route filtering
Matching route entrypolicy-statement filtering {
from route-filter 100.100.0.0/16 orlonger;
then accept;
}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 64
Route Control
Route filtering
Matching within a group of route entriesprefix-list route-list { 100.100.0.0/16; 100.110.0.0/16; 100.120.0.0/16;}policy-statement filtering { from prefix-list route-list;
then accept;}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 65
Summary
BGP Concept
BGP Operation
Route Control
Configuration
Trouble-shooting
Juniper vs. Cisco
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 66
Configuration
BGP minimum configuration[routing-options]
autonomous-system <your own AS>;
[protocol bgp]
group BGP-setup {
type [external | internal];
peer-as <peer’s AS>;
neighbor <peer IP address>;
}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 67
Configuration
Example[protocol bgp]
group BGP-setup {
type external;
peer-as 100;
neighbor 100.1.1.2;
}
[routing-options]
autonomous-system 200;
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 68
Configuration
Set the local-preference[protocol bgp]group BGP-setup { type external; local-preference 100; peer-as 100; neighbor 100.1.1.2;}
Set the MED[protocol bgp]group BGP-setup { type external; metric-out 200; local-preference 100; peer-as 100; neighbor 100.1.1.2;}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 69
Configuration
Change the origin[protocol policy-options]
policy-statement change-origin {
from protocol aggregate;
then {
origin incomplete;
accept;
}
}
[protocol bgp]
group BGP-setup {
type external;
export change-origin;
peer-as 100;
neighbor 100.1.1.2;
}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 70
Configuration
AS-prepend[policy-options]
policy-statement as-prepend {
from protocol aggregate;
then {
as-path-prepend “300 300 300";
accept;
}
}
[protocol bgp]
group BGP-setup {
type external;
export as-prepend;
peer-as 100;
neighbor 100.1.1.2;
}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 71
Configuration
Attach community[protocol bgp]
group BGP-setup {
type external;
export att-community;
peer-as 100;
neighbor 100.1.1.2;
}
[policy-options]
policy-statement att-community {
then {
community set send-community;
}
}
community send-community members [ 100:10 200:10 ];
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 72
Configuration
Route Reflector[protocol bgp]
group RR-client {
type internal;
cluster 100.1.1.1;
neighbor 100.1.1.2;
neighbor 100.1.1.3;
}
group non-client {
type internal;
neighbor 10.1.1.2;
}
group EBGP {
type external;
peer-as 100;
neighbor 192.168.1.2;
}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 73
Configuration
Confederation[routing-options]
autonomous-system 65000;
confederation 200 members [ 65000 65001 ];
[protocol bgp]
group confe {
type external;
peer-as 65001;
neighbor 100.1.1.2;
}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 74
Configuration
Advertise summary network[routing-options]
aggregate {
route 202.168.0.0/17 discard;
}
[policy-options]
policy-statement adv-summary {
from protocol aggregate;
then accept;
}
[protocol bgp]
group BGP-setup {
type external;
export adv-summary;
peer-as 100;
neighbor 100.1.1.2;
}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 75
Configuration
Advertise the routing entries in other protocol [policy-options]
policy-statement adv-ospf {
from protocol ospf;
then accept;
}
[protocol bgp]
group BGP-setup {
type external;
export adv-ospf;
peer-as 100;
neighbor 100.1.1.2;
}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 76
Summary
BGP concepts
BGP Operation
Route Control
Configuration
Trouble-shooting
Juniper vs. Cisco
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 77
Trouble-shooting
Checking the BGP neighbor status
root@router> show bgp summary
Groups: 1 Peers: 1 Down Peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0 0 0 0 0 0 0
inet.2 0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Damped...
100.1.1.2 65001 275 279 0 0 02:17:30 0/0/0 0/0/0
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 78
Trouble-shooting
Neighbor can’t establish
Groups: 1 Peers: 1 Down Peers: 1
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0 0 0 0 0 0 0
inet.2 0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Damped...
100.1.1.2 65001 0 4 0 0 00:00:57 Active
Enable traceoption[protocol bgp]
traceoptions {
file bgp-trace;
flag packets detail;
flag open detail;
}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 79
Trouble-shooting
Monitoringroot@router> monitor start bgp-trace
*** bgp-trace ***
Nov 10 14:53:50
Nov 10 14:53:50 BGP RECV 100.1.1.2+1113 -> 100.1.1.1+179
Nov 10 14:53:50 BGP RECV message type 1 (Open) length 45
Nov 10 14:53:50 BGP RECV version 4 as 65001 holdtime 90 id 192.168.1.2 parmlen 16
Nov 10 14:53:50 MP capability AFI=1, SAFI=1
Nov 10 14:53:50 Refresh capability, code=128
Nov 10 14:53:50 Refresh capability, code=2
Nov 10 14:53:50 bgp_pp_recv: dropping 100.1.1.2 (External AS 65001), connection collision prefers 100.1.1.2+1113 (proto)
Nov 10 14:53:50 bgp_send: sending 45 bytes to 100.1.1.2 (External AS 65001)
Nov 10 14:53:50
Nov 10 14:53:50 BGP SEND 100.1.1.1+179 -> 100.1.1.2+1113
Nov 10 14:53:50 BGP SEND message type 1 (Open) length 45
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 80
Trouble-shooting
MonitoringNov 10 14:53:50 BGP SEND version 4 as 65000 holdtime 90 id 192.168.1.1 parmlen 16
Nov 10 14:53:50 MP capability AFI=1, SAFI=1
Nov 10 14:53:50 Refresh capability, code=128
Nov 10 14:53:50 Refresh capability, code=2
Nov 10 14:53:50 bgp_send: sending 19 bytes to 100.1.1.2 (External AS 65001)
Nov 10 14:53:50
Nov 10 14:53:50 BGP SEND 100.1.1.1+179 -> 100.1.1.2+1113
Nov 10 14:53:50 BGP SEND message type 4 (KeepAlive) length 19
Nov 10 14:53:50
Nov 10 14:53:50 BGP RECV 100.1.1.2+1113 -> 100.1.1.1+179
Nov 10 14:53:50 BGP RECV message type 3 (Notification) length 21
Nov 10 14:53:50 BGP RECV Notification code 2 (Open Message Error) subcode 2 (bad peer AS number)
root@router> monitor stop bgp-trace
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 81
Trouble-shooting
ConfigurationNear end[routing-options]
autonomous-system 65000;
confederation 200 members [ 65000 65001 65002 ];
[protocol bgp]
group bgp-demo {
type external;
peer-as 65001;
neighbor 100.1.1.2;
}
Far End[routing-options]
autonomous-system 65001;
confederation 200 members [ 65000 65001 65002 ];
[protocol bgp]
admin@Jessie# show protocols bgp
group testing {
type external;
peer-as 65002;
neighbor 100.1.1.1;
}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 82
Trouble-shooting Logged result:
root@router> file show /var/log/? Possible completions: <[Enter]> Execute this command <filename> Filename to display/var/log/bgp-trace Size: 2459, Last changed: Nov 7 18:41:08
Stop logging:root@router# delete protocols bgp traceoptions root@router# commit
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 83
Trouble-shooting
Other problem Local-address definition (cisco’s update-source)
[protocol bgp]
group <group> {
local-address <local IP address>;
}
Peer AS mis-configured
Peer address unreachable
Mulithop issue for EBGP[protocol bgp]
group <group> {
multihop;
}
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 84
Trouble-shooting
Problem Report“show bgp summary”“show bgp neighbor”“show bgp group”“show version”“show configuration”
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 85
Summary
BGP concepts
BGP Operation
Route Control
Configuration
Trouble-shooting
Juniper vs. Cisco
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 86
Presentation and command difference between Juniper and Cisco
Juniper:fxp1 { unit 0 { family inet { address 172.27.4.172/24; }
}}lo0 { unit 0 { family inet { address 192.168.1.3/32; }
}}routing-options {
autonomous-system 100;}group Cisco { type external; multihop; local-address 192.168.1.3; peer-as 200; neighbor 192.168.1.254;}
Cisco:interface Loopback0 ip address 192.168.1.254 255.255.255.255!interface Ethernet0 ip address 172.27.4.173 255.255.255.0!router bgp 200 neighbor 192.168.1.3 remote-as 100 neighbor 192.168.1.3 ebgp-multihop 255 neighbor 192.168.1.3 update-source Loopback0!
Juniper Cisco
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 87
Presentation and command difference between Juniper and Cisco
root@Juniper> show bgp summary
Groups: 1 Peers: 1 Down Peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0 0 0 0 0 0 0
inet.2 0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Damped...
192.168.1.254 200 12 14 0 0 00:05:46 0/0/0 0/0/0
Cisco#show ip bgp summary BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd192.168.1.3 4 100 14 14 1 0 0 00:05:39 0
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 88
Presentation and command difference between Juniper and Cisco
root@Juniper> show bgp neighbor
Peer: 192.168.1.254+179 AS 200 Local: 192.168.1.3+3844 AS 100
Type: External State: Established Flags: <>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Options: <Multihop Preference LocalAddress HoldTime PeerAS Refresh>
Local Address: 192.168.1.3 Holdtime: 90 Preference: 170
Number of flaps: 0
Peer ID: 192.168.1.254 Local ID: 192.168.1.3 Active Holdtime: 90
Keepalive Interval: 30
NLRI advertised by peer:
NLRI for this session: inet-unicast
Peer does not support Refresh capability
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 89
Presentation and command difference between Juniper and Cisco
Table inet.0 Bit: 10000
Active Prefixes: 0
Received Prefixes: 0
Suppressed due to damping: 0
Table inet.2 Bit: 20000
Active Prefixes: 0
Received Prefixes: 0
Suppressed due to damping: 0
Last traffic (seconds): Received 3 Sent 3 Checked 3
Input messages: Total 16 Updates 0 Refreshes 0 Octets 304
Output messages: Total 18 Updates 0 Refreshes 0 Octets 368
Output Queue[0]: 0
Output Queue[1]: 0
Route Queue Timer: unset Route Queue: empty
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 90
Presentation and command difference between Juniper and Cisco
Cisco#show ip bgp neighbors
BGP neighbor is 192.168.1.3, remote AS 100, external link
Index 1, Offset 0, Mask 0x2
BGP version 4, remote router ID 192.168.1.3
BGP state = Established, table version = 1, up for 00:08:45
Last read 00:00:15, hold time is 90, keepalive interval is 30 seconds
Minimum time between advertisement runs is 30 seconds
Received 20 messages, 0 notifications, 0 in queue
Sent 20 messages, 0 notifications, 0 in queue
Connections established 1; dropped 0
Last reset never
No. of prefix received 0
External BGP neighbor may be up to 255 hops away.
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Local host: 192.168.1.254, Local port: 179
Foreign host: 192.168.1.3, Foreign port: 3844
Enqueued packets for retransmit: 0, input: 0 mis-ordered: 0 (0 bytes)
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 91
Presentation and command difference between Juniper and Cisco
Event Timers (current time is 0x2590F0):Timer Starts Wakeups NextRetrans 21 0 0x0TimeWait 0 0 0x0AckHold 20 17 0x0SendWnd 0 0 0x0KeepAlive 0 0 0x0GiveUp 0 0 0x0PmtuAger 0 0 0x0DeadWait 0 0 0x0
iss: 401687383 snduna: 401687774 sndnxt: 401687774 sndwnd: 16384irs: 486200570 rcvnxt: 486200977 rcvwnd: 15978 delrcvwnd: 406
SRTT: 342 ms, RTTO: 1337 ms, RTV: 326 ms, KRTT: 0 msminRTT: 4 ms, maxRTT: 300 ms, ACK hold: 200 msFlags: passive open, nagle, gen tcbs
Datagrams (max data segment is 556 bytes):Rcvd: 25 (out of order: 0), with data: 20, total data bytes: 406Sent: 38 (retransmit: 0), with data: 20, total data bytes: 390
Updated 8/22/00 Juniper Networks, Inc. Copyright © 2000 - Proprietary & Confidential 92
Presentation and command difference between Juniper and Cisco
Juniper
no synchronization ( Default behavior )
set policy-options damping cisco
set routing-options confederation members
set protocols bgp group Cisco cluster
show bgp neighbor
show bgp summary
show route aspath-regex "200"
Cisco
no synchronization
bgp damping
bgp confederation
bgp cluster-id
show ip bgp neighbor
show ip bgp summary
show ip bgp regexp ^200$
http://www.juniper.net
Thank you!