of 42
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
1/42
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
2/42
Network Learning CentreProprietary & Confidential
11
MEN Part 2
50467565
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
3/42
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
4/42
Network Learning CentreProprietary & Confidential
33
Agenda
Day3
Module 3
o L3 VPN
Day4
Module 4
o L2 VPN
Module 5
o VPLS
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
5/42
Network Learning CentreProprietary & Confidential
44
Agenda
Day5
o Labs
o Feedback
o Test
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
6/42
Network Learning CentreProprietary & Confidential
55
Module 1
BGP
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
7/42
Network Learning CentreProprietary & Confidential
66
Page6
Overview Of BGP
BGP is an exterior routing protocol, used to transmit routing
information between ASs
It is a kind of distance-vector routing protocol and avoids the
occurrence of loop in design. It provides additional attribute
information for the route
Transfer protocol: TCP; port No.: 179
It supports Classless Inter-Domain Routing (CIDR)
Route updating: transmit incremental routes only
Abundant route filtering and routing policies
Border Gateway Protocol (BGP) is a dynamic routing protocol. Its basic
function is to automatically exchange the loopless routing information
between Autonomous Systems (AS). By exchanging the path-reachable
information with AS sequence attribute, it can construct the topology map
of the autonomous area, thus removing the route loop and implementing
the routing strategy configured by the user. Compared with protocols likeOSPF and RIP, which run inside the autonomous area, BGP is a kind of
Exterior Gateway Protocol (EGP) while OSPF and RIP are Interior
Gateway Protocol (IGP). BGP is usually used between ISPs.
BGP has been put into use since 1989. Its three earliest versions are RFC1105
(BGP-1), RFC1163 (BGP-2) and RFC1267 (BGP-3) respectively. The
current version is RFC1771 (BGP- 4). With the fast development of the
Internet, the volume of the routing table expands quickly as well, and the
amount of routing information exchanged between ASs is also ever
increasing, which affects the network performance. BGP supports
Classless Inter-Domain Routing (CIDR), which can effectively reduce the
ever-expanding routing table. BGP-4 is fast turning into the actual
standard of the Internet border routing protocol. Its features are described
as follows:
BGP is a kind of exterior routing protocol, different from interior routing
protocol like OSPF and RIP. It focuses on the control of route advertising
and the selection of optimal routes, instead of route discovery and
calculation.
By taking the AS path information, it can thoroughly solve the problem of
route cycle.
To control the advertising and selection of routes, it provides additional
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
8/42
Network Learning CentreProprietary & Confidential
77
Page7
Autonomous System
What is an Autonomous System(AS)?
Which routing protocol running inside the AS
Which routing protocol running between ASs
Is allocated by the manager . The Autonomous System (AS) refers to aset of routers, which are managed by the same technical managementorganization and adopt the unified routing strategy. Each AS has aunique AS number, which means organization authorized by theInternet.
IGP routing protocol such as static route, OSPF , IS-IS etc
BGP only
The Autonomous System (AS) refers to a set of routers, which are managed
by the same technical management organization and adopt the unified routing
strategy. Each AS has a unique AS number, which is allocated by the
management organization authorized by the Internet.
The basic concept of introducing the AS is to differentiate different ASs by
different numbers. Thus, when the network administrator does not want hisown communication data to pass some AS, this numbering method becomes
very useful. Maybe the administrator's network can access this AS absolutely.
However, if this AS is managed by his component or lacks enough security
mechanism, he needs to avoid this AS. By adopting the routing protocol and
AS number, the routers can specify the path between them and the method for
routing information exchange.
The AS numbers range from 1 to 65535. Among them, the numbers from 1 to
64511 are the registered Internet number, and those from 64512 to 65535 are
the private network numbers.
Quiz
How many AS number available to the public internet network?
A: 1~64511
B: 1~65525
C: 64512~65535
D: 0~65535
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
9/42
Network Learning CentreProprietary & Confidential
88
Page8
Working Mechanism Of BGP
AS1
AS7
AS6
AS5
AS4
AS3
AS2
As the application layer protocol, the BGP system runs on a special router.
During the first startup of the system, the routing information is exchanged by
sending the whole BGP routing table. Later, for the objectives of updating the
routing table, only the update message is exchanged. During the operation,
the system checks whether the connection is normal by receiving and sending
the keep-alive message.The router, which sends the BGP message, is called the BGP speaker. It
continuously receives and generates new routing information, and advertises
it to other BGP speakers. When a BGP speaker receives new route
advertisement from other ASs, it will advertise this route to all the other BGP
speakers inside the AS if this route is better than the currently known route,
or currently there is no acceptable route. A BGP speaker calls other BGP
speakers that exchange message with it as peer. Several related peers can
construct a group.
Generally, a route is generated inside the AS. It is discovered and calculated
by some interior routing protocol and transmitted to the boundary of the AS.Then, The Autonomous System Boundary Router (ASBR) spreads it to other
ASs via the EBGP connection. During the spreading, the route may pass
several ASs, which are called the transitional AS, such as AS5. If this AS has
multiple boundary routers, Information will be exchanged among these
routers by running IBGP. In this case, the internal routers need not know
these exterior routes. They only need to maintain the IP connectivity among
the boundary routers, such as AS2, AS3 and AS4. After the route reaches the
AS boundary, ASBR can redistribute the route into the interior routing
protocol if the interior router needs to know these exterior routes. The
exterior routes have a large amount, which will usually exceed the processing
capability of the interior routers. So, filtering or aggregation shall be done
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
10/42
Network Learning CentreProprietary & Confidential
99
Page9
IBGP Neighbor & EBGP Neighbor
EBGP
RTB
RTC
IBGP
RTA
RTD
RTE
EBGP
AS100
AS200
AS300
On the router, BGP runs in the following two modes: IBGP (Internal BGP), EBGP
(External BGP)
If two peers that exchange BGP messages belong to the same AS, they are Internal
BGP (IBGP), such as RTB and RTD.
If two peers that exchange BGP messages do not belong to the same AS, they are
External BGP (EBGP), such as RTA and RTB.
Although BGP runs between ASs, it is also necessary to establish BGP connection
between different border routers of an AS. Only in this way, can routing information
be transmitted in the entire network, such as RTB and RTD. To establish the
communication between AS100 and AS300, we need to establish IBGP connection
between them.
The direct connection is not necessarily established between IBGP peers physically,
but the full logical connection between them must be ensured (it suffices if TCP
connection can be created).
In most of the cases, there is physically direct link between EBGP peers. However, if itis hard to realize, remedy can be done by configuring the command "neighbor
neighbor-address ebgp-multihop[ttl]". Here, "ttl" is the maximum hop count. Its
default value is 64 and the value range is 1-255.
Quiz
1. Which of the following statements about IBGP routers are true? (Select one.)
A. They must be fully meshed.
B. They can be in a different AS.
C. They must be directly connected.
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
11/42
Network Learning CentreProprietary & Confidential
1010
iBGP & eBGP
BGP configuration does not define peers as
iBGP or eBGP Each router examines its own ASN and
compare with defined neighbor ASN
If ASN match peer is iBGP
If ASN does not match peer is eBGP
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
12/42
Network Learning CentreProprietary & Confidential
1111
Page11
Route Advertising Principles of BGP
BGP Speaker only selects the best one for its own use BGP Speaker only advertises the routes used by itself to its neighbors
For the routes obtained from EBGP, the BGP Speaker will advertise them to
all its neighbors (including EBGP and IBGP)
For the routes obtained from IBGP, the BGP Speaker will not advertise
them to its IBGP neighbors
For the routes obtained from IBGP, whether the BGP Speaker will advertise
them to its EBGP neighbors depends on the synchronization state of IGP
and BGP
Once the connection is established, the BGP Speaker will advertise all its
BGP routes to the new neighbors
Route advertising principles of BGP:
In the case of multiple paths, the BGP Speaker only selects the best one for
its own use.
The BGP Speaker only advertises the routes used by itself to its neighbors.
For the routes obtained from EBGP, the BGP Speaker will advertise them toall its neighbors (including EBGP and IBGP).
For the routes obtained from IBGP, the BGP Speaker will not advertise them
to its IBGP neighbors.
For the routes obtained from IBGP, whether the BGP Speaker will advertise
them to its EBGP neighbors depends on the synchronization state of IGP and
BGP.
Once the connection is established, the BGP Speaker will advertise all its
BGP routes to the new neighbors.
These principles were stipulated by the BGP designers when they were
developing the BGP routing protocol. Further study of the reasons is outsidethe scope of this document.
Quiz
what would BGP router do when the TCP connection established ?
A: exchange the routing table between the BGP neighbors
B: exchange the BGP routes between the BGP neighbors
C: check the BGP version ,as numbers to form the EBGP/IBGP relationship
D: send a keep-a-live packet to the peer
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
13/42
Network Learning CentreProprietary & Confidential
1212
BGP
BGP advertises only one best path
Only incremental updates Keep alive messages after initial exchange
between BGP peers every 60s Hold time 180s
Triggered updates are batched and rate-limited (every 5seconds for internal peer, every 30 seconds for externalpeer)
Public AS number from InterNIC (www.internic.net) or RIPE(www.ripe.net)
Use private AS numbers (64512 - 65535) if BGP in a privatenetwork
Only one BGP routing process per router is allowed Reliance Public AS - 18101
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
14/42
Network Learning CentreProprietary & Confidential
1313
Page13
BGP Synchronization
EBGP EBGP
RTB
RTC
IBGP
RTA
RTD
RTE
RTF
E0:10.1.1.1/24
S0
S1
AS100
AS200
AS300
It is stated in the BGP protocol that: a BGP router does not advertise the
routing information learnt from the internal BGP peers to the external peers,
unless this information can also be obtained from IGP. If a router can learn
about this routing information via IGP, then it can be considered that the
route can be broadcast inside AS and the internal connection is ensured.
One of major duties of BGP is to transmit the network reachabilityinformation of this AS to other ASs. As shown in the figure above, RTB will
encapsulate the routing information toward 10.1.1.1/24 into the UPDATE
message, and advertise it to RTE via the TCP connection established by RTC
and RTD. If RTE does not take synchronization into account, it will directly
accept such routing information and report it to RTF, then if RTF or RTE has
the data packet to be sent to 10.1.1.1/24, this packet must pass RTD and RTC
if it wants to reach the destination. As the synchronization was not taken into
account in advance, the routing tables of RTD and RTC have no routing
information to 10.1.1.1/24 and the data packet will be discarded when it
reaches RTD. So, BGP must be synchronous with IGP (e.g., RIP, OSPF, etc.).
Synchronization means that BGP will not advertise the transitional
information to other ASs until IGP broadcasts this routing information
successfully in its AS . That is, after a router receives the update information
of a destination from the IBGP peer, it shall attempt to verify whether this
destination can be reached via the internal AS before advertising it to other
EBGP peers (i.e., verify whether this destination is within IGP, and whether
the non-BGP router can transmit this traffic to this destination). If IGP knows
this destination, it will receive such routing information and then advertise it
to EBGP peers. Otherwise, it will consider that this route is asynchronous
with IGP and thus will not advertise it.
As shown in the figure above, RTE gets the route going to the network
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
15/42
Network Learning CentreProprietary & Confidential
1414
Page14
Full Dynamic Redistribution
OSPF discovers route 18.0.0.1/8
Dynamically redistribute the route discovered by IGP (OSPF)
into the BGP routing table of RTB
18.0.0.1/8
OSPF
RTB
AS200
The BGP routing protocol runs between ASs. Its major work is to transmit
routing information between ASs, instead of discovering and calculating
routing information. The work of discovering and calculating routing
information is done by the IGP routing protocol, e.g. RIP and OSPF. The
routing information of BGP needs to be redistributed into BGP in the mode of
configuration commands.According to the redistribution mode, it can be classified into three types:
purely dynamic redistribution, semi-dynamic redistribution and static
redistribution.
Purely dynamic redistribution means that the router gets the routing
information by IGP routing protocol and then dynamically redistributes it into
BGP.
As shown in the figure above, RTB dynamically detects the routes going to
the network 18.0.0.0/8 via OSPF protocol and then dynamically redistributes
it into BGP. We call such a kind of route redistribution mode as purely
dynamic redistribution.
The route leading to the network 18.0.0.0/8 is redistributed from OSPF.
Meanwhile, other routing information of OSPF is also redistributed into BGP.
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
16/42
Network Learning CentreProprietary & Confidential
1515
Page15
Semi Dynamic Redistribution
OSPF discovers the route 18.0.0.1/8
Semi-dynamically redistribute the route discovered by IGP
(OSPF) into the BGP routing table of RTB
18.0.0.1/8
RTB
AS200
OSPF
Semi-dynamic redistribution means that the routing information is
dynamically discovered and calculated by IGP routing protocol. Part of the
specified routing information will be selectively redistributed with the
network command when it is redistributed into the BGP system.
AS shown in the figure above, router B dynamically detects the route going
to the network 18.0.0.0/8 via OSPF protocol and then redistributes it intoBGP statically. Such a kind of route redistribution mode is called semi-
dynamic redistribution.
The route to be redistributed should be be specified with the user interface of
the router. As a result, only one specified OSPF route is redistributed into
the BGP routing table.
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
17/42
Network Learning CentreProprietary & Confidential
1616
Page16
Static Redistribution
Manually configure the static route 18.0.0.1/8
Redistribute the static route manually configured into the BGP
routing table of RTB
18.0.0.1/8
AS200
RTB
Static redistribution means that the routing information obtained by the router
is the static routing information manually configured, which will be statically
redistributed into the BGP system.
As shown in the figure above, router B first establishes a static route going to
the network 18.0.0.0/8 and then redistributes it into BGP. Such kind of route
redistribution mode is called static redistribution.
As a result, a manually configured route is added into the BGP routing table.
How many methods can you use to installed the route to the bgp routing table
?(choose all apply)
A: Full Dynamic Redistribution
B: Semi Dynamic Redistribution
C: Static Redistribution
D: IGP route redistribute
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
18/42
Network Learning CentreProprietary & Confidential
1717
Page17
BGP Messages
There are four types of BGP messages: Open: greeting--"hello, let's make friends!"
Keepalive: I'm alive, don't leave me alone
Update: fresh news...
Notification: i won't play with you any more!
BGP has four types of messagesOPEN, UPDATE, NOTIFICATION and
KEEPALIVE.
Between BGP peers, an OPEN message is transmitted so as to exchange
information such as version, AS number, hold time and BGP identifier for
negotiation.
What UPDATE message carries is route update information, including route
withdrawal information, reachable information and its path attributes.
When BGP detects errors (e.g. connection interruption, negotiation error ,
message error), it will send the NOTIFICATION message to shut off the
connection with its peers.
The KEEPALIVE messages are sent periodically between BGP neighbors ,
so as to ensure the connection is kept alive . The default timer is 60 seconds.
The OPEN message is mainly used to establish the neighborhood (BGP
peers). It is the initial handshake information between BGP routers and shall
occur before all notification information. Others will respond with theKEEPALIVE message after receiving the OPEN message. Once the
handshake succeeds, these BGP neighbors can exchange messages like
UPDATE, KEEPALIVE and NOTIFICATION.
Quiz
(1) How many BGP messages available for the BGP version 4(choose all
apply)
A: OPEN
B: UPDATE
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
19/42
Network Learning CentreProprietary & Confidential
1818
Page18
Finite State Machine of BGP
Active
Open-sent
Open-confirm Established
Idle
Connect
Connect-Retrytimer expiry
TCP connection fails
Connect-Retry
timer expiry
Start
Others
TCP connection fails
Error
Error Error
KeepAlive
timer expiry
KeepAlive packetreceived
1. KeepAlivetimer expiry
2. Update received3. KeepAlive received
Correct OPENpacket received
TCP connection setup
TCP connection setupOthers
The BGP finite state machine (FSM) has six states. The procedure of
transition between shows the establishment procedure of BGP neighborhood.
The first state is "Idle". Once BGP starts, the state machine enters the
"Connect" state. In this sate, if Connect-Retry timer expires, the BGP state
machine will stay in the "Connect" state. Meanwhile, BGP will attempt to
establish the TCP connection. If the creation of TCP connection fails, theBGP state machine will enter the "Active" state. If the TCP connection is
established successfully, the BGP state machine will enter the "OpenSent"
state directly. In "Active" state, if the TCP connection cannot be established
yet, the BGP state machine will stay in the "Active" state and will not enter
the "OpenSent" state until the TCP connection is established successfully. In
the "OpenSent" state, once BGP receives a correct Open message, it will
enter the "OpenConfirm" state. In the "OpenConfirm" state, if the KeepAlive
timer expires, the BGP state machine will stay in the "OpenConfirm" state.
And it will not enter the "Established" state until BGP receives the KeepAlive
message. Till now, the BGP connection is really established.
In addition, when any of the five states ("Idle" excluded) has errors, the BGP
state machine will return to the "Idle" state.
Idle: "Idle" is the first state of BGP connection. In this state, BGP is waiting
for a start event. After such an event emerges, BGP will initialize the
resources, reset the Connect-Retry timer, and initiate a TCP connection.
Meanwhile, it will enter the "Connect" state.
Connect: in this state, BGP establishes the first TCP connection. If the
Connect-Retry timer expires, BGP will establish the TCP connection again
and continue to stay in the "Connect" state. If the TCP connection is
established successfully, it will enter the "OpenSent" state. Otherwise, it will
enter the "Active" state.
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
20/42
Network Learning CentreProprietary & Confidential
1919
Page19
Application of Messages in BGP
The Open message is sent when establishing a BGP connection via
TCP
After the connection is established, the UPDATE message is sent
to notify the peer of the routing information if a route needs to be
sent or route change occurs
After stabilization, it is necessary to send the KEEPALIVE message
periodically to keep the validity of the BGP connection
When an error is found during the running of local BGP,
NOTIFICATION message shall be sent to notify the BGP peer
BGP establishes the connection via TCP. The local monitoring port is 179.
The establishment of BGP connection needs a series of dialogs and
handshakes, which is the same as that of TCP connection. TCP uses the
handshake negotiation to advertise parameters like port. The handshake
negotiation parameters of BGP include BGP version, hold time of BGP
connection, local router ID and authorization information. They are includedin the Open message.
After BGP connection is established, the Update message shall be sent to
advertise the routing information to the peer end if there is a route to be sent.
The Update message is mainly used to advertise the routing information,
including failed (withdrawn) route. When the Update message is used to
distribute out the route, the attribute of this route needs to be specified so as
to help the peer BGP protocol select the best route. For the application of
route attribute for BGP to select the route, please refer to the application part
of he BGP protocol route attribute.
When the local BGP route changes, the Update message can also be used tocorrect the routing table of the peer BGP.
If, after exchanging the routing information for a period of time both the local
BGP and the peer BGP have no new route advertisement, the condition
becomes stable. Now the KEEPALIVE message shall be sent regularly so as
to make the BGP connection remain valid. For the local BGP, if it receives no
BGP message after the hold time is over, this BGP connection will be
regarded as invalid and disconnection of this BGP will take place.
If, during the running, the local BGP detects an error, for example, the local
BGP does not support the version of the BGP peer or receives the Update
message with illegal structure, it shall send the NOTIFICATION message to
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
21/42
Network Learning CentreProprietary & Confidential
2020
Page20
BGP Path Attributes
A Path Attribute is a characteristic of anadvertised BGP route.
Each Path Attribute falls into one of fourcategories:
Well-known mandatory
Well-known discretionary
Optional transitive
Optional nontransitive
Notes:
Well-known means it must be recognized by all BGP implementations.
Optional means BGP implementation is not required to support the attribute.
Mandatory means the attribute must be included in all BGP Update messages
Discretionary means they may or may not be sent in a specific Updatemessages
Transitive means a BGP process should accept the path in which the attributeis included even if it doesnt support this attribute and it should pass the pathon to its peers
Nontransitive means a BGP process that does not recognize the attribute canquietly ignore the Update in which the attribute is included and not advertisethe path to its other peers
The enterprises and service providers are often concerned about suchquestions: how to prevent my private network from being advertised out?
How to filter the route update that comes from some neighboring route? howto make certain that I am using this link instead of any other link?. It isthrough the use of route attribute that BGP answers these questions.
BGP route attribute is a set of parameters. It further describes the specificroute so as to enable BGP to filter and select routes. When configuring theroute strategy, we often use the route attribute. However, not all of them willbe involved.
In fact, route attributes are classified into the following categories:
Mandatory attribute: one that is necessary in the route update data message.In the BGP routing information, this kind of attribute domain has its uniquerole that cannot be substituted by any others. If it is not included, something
will be wrong with the routing information. For example, AS-Path is a
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
22/42
Network Learning CentreProprietary & Confidential
2121
Page21
Path AttributeWell-known mandatory
ORIGIN
AS-Path
Next hop
Well-known discretionary
Local-Preference
Atomic-Aggregate
Optional transitive
Aggregator
Community
Optional nontransitive
Multi-Exit-Disc (MED)
ORIGINATOR-ID
Cluster-List
Destination Pref (MCI)
Advertiser (Baynet)
Rcid-Path (Baynet)
MP_Reach_NLRI
MP_Unreach_NLRI
Extended_Communities
There are six attributes that are commonly used:
Origin: it is used to define the origin of the routing information, indicating
how a route becomes the BGP route, such as IGP, EGP, and Incomplete.
As-Path: it is the sequence of the ASs passed by a route, listing all the ASs
passed by a route before it reaches the notified network. The BGP speaker
puts its own AS preamble to the head of the received AS path, which can
avoid route loop and be used for route filtering and selection.
Next hop: it includes the IP address of the next hop border router that reaches
the network listed in the update information. The next hop of the BGP is
somewhat different from that of IGP. It can be an address of the peer that
notifies this route, such as EBGP, which is similar to the IGP. But in some
other cases, the BGP uses the next hop of the third party. For example, the
IBGP transmits without any change the next hop obtained from the EBGP
peer in the AS. In the multiple access media, the BGP takes the actual origin
of the route as the next hop, even though it is not the BGP peer.
Multi-Exit-Discriminators (MED): when some AS has multiple entries, the
MED attribute can be used to help its external neighboring router select a
better entry path. The smaller the MED value of a route, the higher its
precedence.
Local-Preference: this attribute is used to select in the AS the route reaching
some destination by preference. It reflects the preference level of the BGP
speaker for each external route. The bigger the local-preference value, the
higher the preference level of the route.
Community: this attribute marks a group of routing information that has the
same feature, which is irrelevant with the IP subnet or AS where it is located.
The accepted community values are NO-EXPORT, NO-ADVERTISE,
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
23/42
Network Learning CentreProprietary & Confidential
2222
Page22
ORIGIN Attribute
ORIGIN specifies the origin of the routing update. When BGP has multipleroutes, it uses ORIGIN as one factor in determining the preferred route.
IGP NLRI (Network layer Reachability Information) was learned from a protocol
internal to the originating AS. BGP routes are given an origin of IGP if they are
learned from an IGP routing table via the network statement.
EGP NLRI was learned from the Exterior Gateway Protocol.
Incomplete NLRI was learned by some other means. Incomplete imply that the
information for determining the origin of the route is incomplete. Routes that BGP
learns through redistribution carry the incomplete origin attribute.
Which one is preferred? IGP > EGP > Incomplete
When the BGP makes the route decision, it will take the origin attribute into
account to determine the precedence levels between multiple routes.
Specifically, the BGP will prefer the route with the minimum origin attribute
value, i.e. the IGP has the precedence over EGP, and EGP has the precedence
over INCOMPLETE. We can configure these three origin attributes
manually.Generally:
If a route is redistributed into the BGP routing table with the specifically, the
origin attribute shall be IGP
If a route is obtained via EGP, the origin attribute shall be EGP
Otherwise, the Origin attribute should be Incomplete
Quiz
(1)When import a route from ospf routing protocol into the BGP routing table
,which origin attribute value would this route to be ?
A: IGP
B: EGP
C: OSPF
D: Incomplete
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
24/42
Network Learning CentreProprietary & Confidential
2323
Page23
AS_PATH Attribute
AS-PATH uses a sequence of AS numbers to describe the inter-AS path or route to the
destination specified by the NLRI.
AS-PATH describes all AS it has passed through ,beginning with the most recent AS
and ending with the originating AS.
D(18.0.0.0/8)AS200
AS300
AS400
AS100AS500
RTA
RTB
30.0.0.1
30.0.0.2D (400 300 200)
D (500 200)
The AS-Path attribute is also a mandatory one. It is the sequence of numbers of all
the ASs passed by a route to a certain destination. The BGP uses the AS-path
attribute as a part of the route update (message update) to ensure a loopless
topology structure over the Internet. The BGP will not accept the route of this AS
number contained in the AS-path attribute, because this route has been processed
by this AS. In this way, route loop is avoided. For this reason, the BGP will add itsown AS number to the AS-path attribute when advertising a route to the EBGP
peer, so as to record the information on the AS area passed by the route.
Meanwhile, the AS-path attribute acts on route selection. In case other factors are
the same, the route with shorter AS path will be selected. As shown in the figure
above, the path for the network segment D18.0.0.0/8 in AS200 to reach AS100 by
passing AS200, AS300, and AS400 is d1 (400 300 200) and that for it to reach
AS100 by passing AS200 and AS500 is d2 (500 200). In this case, the BGP will
select the shorter path d2 by precedence.
Note: when the AS-Path field of a route records the AS-number, it will always put
the new AS-number in front. As shown in the figure above, the route first passesAS200 and records d2 (200); then it passes AS500 and records: d2 (500 200).
We can increase the path length by adding the pseudo AS number, so as to act on
route selection, We can configure RTA to add two AS element 200, 200 to the
AS-Path list carried by the route it sent to 30.0.0.2. After such a configuration, the
path d2 will change into 500 200 200 200, which is longer than the path d1. So now
the BGP will select the shorter path d1 by precedence.
Quiz
(1) When a route is passing AS100 from other AS, where the AS 100 value would
-
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
25/42
Network Learning CentreProprietary & Confidential
2424
Page24
AS_PATH Attribute
The Function of AS-PATH
AS can influence its incoming traffic by changing the AS_PATH of its
advertising route
AS_PATH can be used for loop avoidance
D(18.0.0.0/8)AS200
AS300
AS400
AS100AS500
RTA
RTB
30.0.0.1
30.0.0.2D (400 300 200)
D (500 200,200,200)
D (200 200 200)
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
26/42
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
27/42
Network Learning CentreProprietary & Confidential
2626
Page26
LOCAL_PREF Attribute
LOCAL_PREF is used to communicate a BGP routersdegree of preference for an advertised route.
LOCAL_PREF is only in updates between internal BGPpeers and it is not passed to other AS.
If an internal BGP speaker receives multiple routes tothe same destination, it compares the LOCAL_PREFattribute of the routes. The route with highestLOCAL_PREF is selected.
The LOCAL_PREF attribute affects only traffic leavingthe AS.
The local precedence attribute is an optional attribute. It represents theprecedence level assigned to a route, with which we can compare differentroutes that have the same destination. The bigger the attribute value, thehigher the precedence level of the route. This attribute is used only insidethe AS and exchanged between IBGP peers, but not notified to the EBGPpeer. In short, the local precedence attribute is used to help the router
inside the AS select the optimal egress for it to go out, i.e. select the egresswith higher local precedence level.
What shall be noted is: configuring the attribute value of local precedencelevel will only affect the traffic that leaves this AS, but not the traffic thatenters this AS. By default, the value of local precedence attribute is 100.
Quiz
(1)A BGP speaker received the same route from its two IBGP peer withdifferent preference ,which route the BGP speaker will use by default ?
A: the route with the bigger preference value
B: the route with the smaller preference value
C: the route with the bigger router-id
D: the route with the smaller router-id
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
28/42
Network Learning CentreProprietary & Confidential
2727
Page27
LOCAL_PREF Attribute
Dlocal-pref1 100 Dlocal-pref2 200 RTA will select local-pref2 that has higher local preference
AS400
AS100
AS300AS200
RTA
RTB RTC
RTD RTE
RTF
D (18.0.0.0/8)
30.0.0.1
30.0.0.2
20.0.0.1
20.0.0.2
Dlocal-pref1 100 Dlocal-pref2 200
As shown in the figure above, the RTB sets the local precedence level of the
route received via the RTD as local-pref1 100, and the RTC sets the local
precedence level of the route received via the RTE as local-pref2 200. In this
way, the RTA will prefer local-pref2 which has a higher precedence level.
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
29/42
Network Learning CentreProprietary & Confidential
2828
Page28
MULTI-EXIT-DISC (MED) Attribute
MED is carried in EBGP updates and allows an AS to inform another AS ofits preferred ingress points. It is meant only for a single AS to demonstrate a
degree of preference when it has multiple ingress points.
MED attribute affects only the incoming traffic to the AS.
If all else is equal , an AS receiving multiple routes to the same destination
compare the MED of the routes. The lowest MED value is prefered. MEDs
are not compared if two routes to the same destination are received from
two different AS.
The MED is passed between internal peers of the receiving AS but not
passed beyond the receiving AS. MED is used only to influence traffic
between two directly connected AS.
The MED attribute is optional, used to indicate the preferable path for the
external neighbor router to enter some AS that has multiple entries. When
some AS has multiple entries, the MED attribute can be used to help its
external neighbor router select a better entry path. That is, select the entry
path with smaller MED value by precedence.
A BGP speaker received the same route from its two EBGP peer with
different MED value ,which route the BGP speaker will use by default ?
A: the route with the bigger MED value
B: the route with the smaller MED value
C: use tow for backup
D: the route with the smaller router-id
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
30/42
Network Learning CentreProprietary & Confidential
2929
Page29
MULTI-EXIT-DISC (MED) Attribute
D(18.0.0.0/8)
RTA
RTB RTC
30.0.0.1
30.0.0.2
20.0.0.1
20.0.0.2
AS100
AS200
D,metric1 10
D,metric2 20
D,metric1 10 D,metric2 20
RTA will select the lower metric
IBGP
As shown in the figure above, we can set the metric value of the network D
notified by the RTB as metric 1 10 and that of the network D notified by the
RTC as metric 2 20. In this way, the RTA will select the metric 1 that has
smaller metric value by precedence.
Generally, the router only compares the MED values of respective EBGP
neighbor paths from the same AS, but not those from different ASs. Ifcomparison is required, the Quidway series routers offer the one user
interface command to change this default behavior.
Note: By default, it is not allowed to compare the MED attribute values of
paths from different AS neighbors, unless it can be confirmed that different
ASs adopt the same IGP and route selection method.
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
31/42
Network Learning CentreProprietary & Confidential
3030
Page30
Community Attribute
Community is designed to simplify policyenforcement. It identifies a destination as amember of some community of destinations thatshare one or more common properties.
The COMMUNITY attribute is a set of four octetsvalues AA:NN. AA is AS number. NN is anadministratively defined identifier.
In the range of the BGP, a community is a group of destinations that have the
same nature. It is not limited to a network or an AS and has no physical
boundary.
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
32/42
Network Learning CentreProprietary & Confidential
3131
Page31
Well-known Community
NO_EXPORT Routes received carrying this value cannot be advertised to EBGP peers and outside of
the confederation
NO_ADVERTISE
Routes received carrying this value cannot be advertised at all to either EBGP or IBGP
peers.
LOCAL_AS
Routes received carrying this value cannot be advertised to EBGP peers including
peers in other AS within a confederation.
INTERNET
All routes belong to this community by default. Received routes belonging to this
community are advertised freely
The community attribute is an optional transitional attribute. Some communitiesare accepted, i.e. they have the global meaning. These communities are:
NO_EXPORT: after a route with such a community attribute value is received, itshall not be notified to the peers outside an confederation.
NO_ADVERTISE: after a route with such a community attribute value is
received, it shall not be notified to any BGP peers.LOCAL-AS: after a route with such a community attribute value is received, itshall be notified to the peers inside the local AS, but not to any EBGP peers(including the EBGP peers inside the confederation).
INTERNET: After a route with such a community attribute value is received, itshall be notified to all other routers.
Besides these accepted community attribute values, the private communityattribute values can also be used for special objectives. These attribute values aremarked with some numbers.
One route can have multiple community attribute values, which is similar to the
case where a route can have multiple AS numbers in its AS path attribute. The BGProuter, which sees multiple community attribute values in one route, can takeaction according to one or more or all of these attribute values. The router can addor modify the community attribute values before it transmits the route to otherpeers.
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
33/42
Network Learning CentreProprietary & Confidential
3232
Page32
BGP Route Selection Procedure
In general, the procedure of local BGP route selection is: 1. If the next hop of this route is unreachable, this route is not selected.
2. Select the route with a higher local preference.
3. Select the originated route by the local router (same local precedence).
4. Select the route with shortest AS path.
5. Select the route with lowest origin code (IGP lower than EGP, EGP lower than Incomplete ).
6. Select the route with smallest MED .
7.Performing load sharing on multiple routes according to the configured number of routes (in
case load sharing is configured and there are multiple external routes to the same AS)
8. Select the route with smallest Router ID .
Generally, the procedure of local BGP route selection is:
(1)If the next hop of this route is unreachable, then drop this route.
(2)Select the route with a higher local precedence level.
(3)Select the originated route by the local router (the same local precedence level).
(4)Select the route whose AS path is shortest.
(5)Select the route whose origin type is IGP, EGP, and Incomplete in turn.
(6)Select the route whose MED is smallest.
(7)performing load sharing on multiple routes according to the configured number of routes(in case load sharing is configured and there are multiple external routes to the same AS)
(8)Select the route whose Router ID is smallest.
Select the best answer for the BGP route selection ( )
(1)Select the route with a higher local precedence level.
(2)Select the route whose AS path is shortest.
(3)Select the route whose MED is smallest
(4)If the next hop of this route is unreachable, then drop this route.
A: 4-1-2-3B: 4-1-3-2
C: 1-2-3-4
D: 1-3-2-4
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
34/42
Network Learning CentreProprietary & Confidential
3333
Page 33
Basic Configuration
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
35/42
Network Learning CentreProprietary & Confidential
3434
Page 34
IBGP Configuration
10.1.1.0/24.1 .2
RTA RTB
AS100
[RTA] bgp 100[RTA-bgp] peer 10.1.1.2 as-number 100
RTB(config)# router bgp 100RTB-(config-router)# neighbor 10.1.1.1 remote-as 100
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
36/42
Network Learning CentreProprietary & Confidential
3535
Page 35
EBGP Configuration
RTB RTC
.1 .220.1.1.0/24AS100
AS200
[RTB] bgp 100[RTB-bgp] peer 20.1.1.2 as-number 200
RTC(config)# router bgp 200RTC(config-router)# neighbor 20.1.1.1remote-as 100
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
37/42
Network Learning CentreProprietary & Confidential
3636
Page 36
IBGP Peering With Loopback Interface
10.1.1.0/24.1 .2
RTA RTB
AS100Loopback01.1.1.1/32
Loopback02.2.2.2/32
[RTA] bgp 100[RTA-bgp] peer 2.2.2.2 as-number 100[RTA-bgp] peer 2.2.2.2 connect-interface loopback 0
RTB(config)# router bgp 100RTB(config-router)# neighbor 1.1.1.1 remote-as 100RTB(config-router)# neighbor 1.1.1.1 update-source loopback0
Using a loopback address for an IBGP session is a good idea, a loopback interface
is always up and will never go down unless the power off. This way, if an IBGP
speaker has more than one path to its IBGP peers, and one of the paths goes down
,the connection will stay up, the reason the TCP stays up is because of the existence
of another route to the same destination. When using loopback interface for the
BGP session ,one additional command needs to be entered in the BGPconfiguration mode:
peer { group-name | peer-address } connect-interface interface-type interface-
number
group-name: Specifies the name of the peer group.
peer-address: Specifies the IP address of the peer, in dotted decimal format.
interface-type interface-number: Specifies the interface name, including interface
type and interface number.
Make sure that the these two loopback ip addresses are routable from one to
another .
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
38/42
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
39/42
Network Learning CentreProprietary & Confidential
3838
Page 38
Injecting Routes Into BGP
Manually injecting routes into the BGP routing table
Redistribute routes into the BGP routing table
network ip-address[ mask]
import-route protocolredistribute protocol
General speaking ,there are a couple of different ways to inject routes BGP for
advertisement:
You could redistribute the IGP into BGP ,Redistribution is the process of
injecting the routing information known by one routing protocl into another
routing protocol.
You can manually configure the routes for BGP to advertise.
Manually injecting routes into BGP is suitable for the situation of injecting a few
routes into BGP routing table ,on the other hand, if you want BGP to advertise
numerous routes contains in you IGP, the best choice would be to redistribute the
route into the IGP into BGP .so ,making the decision which form to use depends on
the number of routes you want to inject into BGP routing table.
The following give you a brief explain for the commands
network ip-address [ mask]
ip-address: Specifies the network address that BGP advertises, in dotted
decimal format.
mask: Specifies the mask of the network address.
import-routeprotocol
protocol: Specifies source routing protocols which can be imported, which
includes direct, static, rip, ospf, ospf-ase, ospf-nssa and isis at present.
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
40/42
Network Learning CentreProprietary & Confidential
3939
Page 39
Inject The Static Route Into BGP
10.1.1.0/24.1 .2
RTA RTB
AS100Loopback01.1.1.1/32
Loopback02.2.2.2/32
RTC
.2AS200
.120.1.1.0/24
RTB learn the route to 1.1.1.1/32 by the static route commandRTB Advertise this route to its BGP speaker RTC by network command
[RTB] ip route-static 1.1.1.1 255.255.255.255 10.1.1.1
[RTB] bgp 100[RTB-bgp] network 1.1.1.1 255.255.255.255
In this scenario, static route are used on each router within the AS 100. We willconfigure the EBGP session between RTB and RTC
Before we inject the route into the BGP routing table, we should make sure thisroute is available .
How does RTB learn the route to 1.1.1.1/32 ? There are two way for RTB to getthis route:
RTB learn this route by the static route ,use following command
[RTB] ip route-static 1.1.1.1 255.255.255.255 10.1.1.1
RTB can learn this route by the IGP routing protocol such as OSPF,IS-IS ,etc, this is called dynamic routing .
Once RTB learn this route, we can confirm this route by enter thedisplay iprouting-table
display ip routing-table
Routing Table: public net
Destination/Mask Protocol Pre Cost Nexthop Interface
1.1.1.1/32 STATIC 60 0 10.1.1.1 Ethernet0/0
2.2.2.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0
10.1.1.0/24 DIRECT 0 0 10.1.1.2 Ethernet0/0
10.1.1.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0
20.1.1.0/24 DIRECT 0 0 20.1.1.1 Ethernet0/1
20.1.1.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.0/8 DIRECT 0 0 127.0.0.1 InLoopBack0
127.0.0.1/32 DIRECT 0 0 127.0.0.1 InLoopBack0
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
41/42
Network Learning CentreProprietary & Confidential
4040
Page 40
Redistribute The Routes Into BGP
10.1.1.0/24.1 .2
RTA RTB
AS100Loopback01.1.1.1/32
Loopback02.2.2.2/32
RTC
.2AS200
.120.1.1.0/24
[RTB-bgp] import-route ospf
RT-B(config-router)#redistributed
In this scenario, AS 100 using the OSPF as the IGP routing protocol and all theinterface will be enable OSPF except the interface 20.1.1.1/24
Here is the OSPF configuration on RTA & RTBOSPF configuration on RTA
RTA-ospf-1]display this
#ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 10.1.1.1 0.0.0.0
#
return
[RTA-ospf-1]
OSPF configuration on RTA
[RTB-ospf-1]display this#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 10.1.1.2 0.0.0.0
#
return
[RTB-ospf-1]
Once we finished the OSPF configuration ,we can see that 1.1.1.1/32 is learnedby the OSPF in RTB
8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction
42/42
Network Learning CentreProprietary & Confidential
4141
ThankYou