men part 2- day1 -ver1_norestriction

8/14/2019 MEN Part 2- Day1 -Ver1_NoRestriction

1/42


2/42

Network Learning CentreProprietary & Confidential

11

MEN Part 2

50467565


3/42


4/42


33

Agenda

Day3

Module 3

o L3 VPN

Day4

Module 4

o L2 VPN

Module 5

o VPLS


5/42


44

Agenda

Day5

o Labs

o Feedback

o Test


6/42


55

Module 1

BGP


7/42


66

Page6

Overview Of BGP

BGP is an exterior routing protocol, used to transmit routing

information between ASs

It is a kind of distance-vector routing protocol and avoids the

occurrence of loop in design. It provides additional attribute

information for the route

Transfer protocol: TCP; port No.: 179

It supports Classless Inter-Domain Routing (CIDR)

Route updating: transmit incremental routes only

Abundant route filtering and routing policies

Border Gateway Protocol (BGP) is a dynamic routing protocol. Its basic

function is to automatically exchange the loopless routing information

between Autonomous Systems (AS). By exchanging the path-reachable

information with AS sequence attribute, it can construct the topology map

of the autonomous area, thus removing the route loop and implementing

the routing strategy configured by the user. Compared with protocols likeOSPF and RIP, which run inside the autonomous area, BGP is a kind of

Exterior Gateway Protocol (EGP) while OSPF and RIP are Interior

Gateway Protocol (IGP). BGP is usually used between ISPs.

BGP has been put into use since 1989. Its three earliest versions are RFC1105

(BGP-1), RFC1163 (BGP-2) and RFC1267 (BGP-3) respectively. The

current version is RFC1771 (BGP- 4). With the fast development of the

Internet, the volume of the routing table expands quickly as well, and the

amount of routing information exchanged between ASs is also ever

increasing, which affects the network performance. BGP supports

Classless Inter-Domain Routing (CIDR), which can effectively reduce the

ever-expanding routing table. BGP-4 is fast turning into the actual

standard of the Internet border routing protocol. Its features are described

as follows:

BGP is a kind of exterior routing protocol, different from interior routing

protocol like OSPF and RIP. It focuses on the control of route advertising

and the selection of optimal routes, instead of route discovery and

calculation.

By taking the AS path information, it can thoroughly solve the problem of

route cycle.

To control the advertising and selection of routes, it provides additional


8/42


77

Page7

Autonomous System

What is an Autonomous System(AS)?

Which routing protocol running inside the AS

Which routing protocol running between ASs

Is allocated by the manager . The Autonomous System (AS) refers to aset of routers, which are managed by the same technical managementorganization and adopt the unified routing strategy. Each AS has aunique AS number, which means organization authorized by theInternet.

IGP routing protocol such as static route, OSPF , IS-IS etc

BGP only

The Autonomous System (AS) refers to a set of routers, which are managed

by the same technical management organization and adopt the unified routing

strategy. Each AS has a unique AS number, which is allocated by the

management organization authorized by the Internet.

The basic concept of introducing the AS is to differentiate different ASs by

different numbers. Thus, when the network administrator does not want hisown communication data to pass some AS, this numbering method becomes

very useful. Maybe the administrator's network can access this AS absolutely.

However, if this AS is managed by his component or lacks enough security

mechanism, he needs to avoid this AS. By adopting the routing protocol and

AS number, the routers can specify the path between them and the method for

routing information exchange.

The AS numbers range from 1 to 65535. Among them, the numbers from 1 to

64511 are the registered Internet number, and those from 64512 to 65535 are

the private network numbers.

Quiz

How many AS number available to the public internet network?

A: 1~64511

B: 1~65525

C: 64512~65535

D: 0~65535


9/42


88

Page8

Working Mechanism Of BGP

AS1

AS7

AS6

AS5

AS4

AS3

AS2

As the application layer protocol, the BGP system runs on a special router.

During the first startup of the system, the routing information is exchanged by

sending the whole BGP routing table. Later, for the objectives of updating the

routing table, only the update message is exchanged. During the operation,

the system checks whether the connection is normal by receiving and sending

the keep-alive message.The router, which sends the BGP message, is called the BGP speaker. It

continuously receives and generates new routing information, and advertises

it to other BGP speakers. When a BGP speaker receives new route

advertisement from other ASs, it will advertise this route to all the other BGP

speakers inside the AS if this route is better than the currently known route,

or currently there is no acceptable route. A BGP speaker calls other BGP

speakers that exchange message with it as peer. Several related peers can

construct a group.

Generally, a route is generated inside the AS. It is discovered and calculated

by some interior routing protocol and transmitted to the boundary of the AS.Then, The Autonomous System Boundary Router (ASBR) spreads it to other

ASs via the EBGP connection. During the spreading, the route may pass

several ASs, which are called the transitional AS, such as AS5. If this AS has

multiple boundary routers, Information will be exchanged among these

routers by running IBGP. In this case, the internal routers need not know

these exterior routes. They only need to maintain the IP connectivity among

the boundary routers, such as AS2, AS3 and AS4. After the route reaches the

AS boundary, ASBR can redistribute the route into the interior routing

protocol if the interior router needs to know these exterior routes. The

exterior routes have a large amount, which will usually exceed the processing

capability of the interior routers. So, filtering or aggregation shall be done


10/42


99

Page9

IBGP Neighbor & EBGP Neighbor

EBGP

RTB

RTC

IBGP

RTA

RTD

RTE

EBGP

AS100

AS200

AS300

On the router, BGP runs in the following two modes: IBGP (Internal BGP), EBGP

(External BGP)

If two peers that exchange BGP messages belong to the same AS, they are Internal

BGP (IBGP), such as RTB and RTD.

If two peers that exchange BGP messages do not belong to the same AS, they are

External BGP (EBGP), such as RTA and RTB.

Although BGP runs between ASs, it is also necessary to establish BGP connection

between different border routers of an AS. Only in this way, can routing information

be transmitted in the entire network, such as RTB and RTD. To establish the

communication between AS100 and AS300, we need to establish IBGP connection

between them.

The direct connection is not necessarily established between IBGP peers physically,

but the full logical connection between them must be ensured (it suffices if TCP

connection can be created).

In most of the cases, there is physically direct link between EBGP peers. However, if itis hard to realize, remedy can be done by configuring the command "neighbor

neighbor-address ebgp-multihop[ttl]". Here, "ttl" is the maximum hop count. Its

default value is 64 and the value range is 1-255.

Quiz

1. Which of the following statements about IBGP routers are true? (Select one.)

A. They must be fully meshed.

B. They can be in a different AS.

C. They must be directly connected.


11/42


1010

iBGP & eBGP

BGP configuration does not define peers as

iBGP or eBGP Each router examines its own ASN and

compare with defined neighbor ASN

If ASN match peer is iBGP

If ASN does not match peer is eBGP


12/42


1111

Page11

Route Advertising Principles of BGP

BGP Speaker only selects the best one for its own use BGP Speaker only advertises the routes used by itself to its neighbors

For the routes obtained from EBGP, the BGP Speaker will advertise them to

all its neighbors (including EBGP and IBGP)

For the routes obtained from IBGP, the BGP Speaker will not advertise

them to its IBGP neighbors

For the routes obtained from IBGP, whether the BGP Speaker will advertise

them to its EBGP neighbors depends on the synchronization state of IGP

and BGP

Once the connection is established, the BGP Speaker will advertise all its

BGP routes to the new neighbors

Route advertising principles of BGP:

In the case of multiple paths, the BGP Speaker only selects the best one for

its own use.

The BGP Speaker only advertises the routes used by itself to its neighbors.

For the routes obtained from EBGP, the BGP Speaker will advertise them toall its neighbors (including EBGP and IBGP).

For the routes obtained from IBGP, the BGP Speaker will not advertise them

to its IBGP neighbors.

For the routes obtained from IBGP, whether the BGP Speaker will advertise

them to its EBGP neighbors depends on the synchronization state of IGP and

BGP.

Once the connection is established, the BGP Speaker will advertise all its

BGP routes to the new neighbors.

These principles were stipulated by the BGP designers when they were

developing the BGP routing protocol. Further study of the reasons is outsidethe scope of this document.

Quiz

what would BGP router do when the TCP connection established ?

A: exchange the routing table between the BGP neighbors

B: exchange the BGP routes between the BGP neighbors

C: check the BGP version ,as numbers to form the EBGP/IBGP relationship

D: send a keep-a-live packet to the peer


13/42


1212

BGP

BGP advertises only one best path

Only incremental updates Keep alive messages after initial exchange

between BGP peers every 60s Hold time 180s

Triggered updates are batched and rate-limited (every 5seconds for internal peer, every 30 seconds for externalpeer)

Public AS number from InterNIC (www.internic.net) or RIPE(www.ripe.net)

Use private AS numbers (64512 - 65535) if BGP in a privatenetwork

Only one BGP routing process per router is allowed Reliance Public AS - 18101


14/42


1313

Page13

BGP Synchronization

EBGP EBGP

RTB

RTC

IBGP

RTA

RTD

RTE

RTF

E0:10.1.1.1/24

S0

S1

AS100

AS200

AS300

It is stated in the BGP protocol that: a BGP router does not advertise the

routing information learnt from the internal BGP peers to the external peers,

unless this information can also be obtained from IGP. If a router can learn

about this routing information via IGP, then it can be considered that the

route can be broadcast inside AS and the internal connection is ensured.

One of major duties of BGP is to transmit the network reachabilityinformation of this AS to other ASs. As shown in the figure above, RTB will

encapsulate the routing information toward 10.1.1.1/24 into the UPDATE

message, and advertise it to RTE via the TCP connection established by RTC

and RTD. If RTE does not take synchronization into account, it will directly

accept such routing information and report it to RTF, then if RTF or RTE has

the data packet to be sent to 10.1.1.1/24, this packet must pass RTD and RTC

if it wants to reach the destination. As the synchronization was not taken into

account in advance, the routing tables of RTD and RTC have no routing

information to 10.1.1.1/24 and the data packet will be discarded when it

reaches RTD. So, BGP must be synchronous with IGP (e.g., RIP, OSPF, etc.).

Synchronization means that BGP will not advertise the transitional

information to other ASs until IGP broadcasts this routing information

successfully in its AS . That is, after a router receives the update information

of a destination from the IBGP peer, it shall attempt to verify whether this

destination can be reached via the internal AS before advertising it to other

EBGP peers (i.e., verify whether this destination is within IGP, and whether

the non-BGP router can transmit this traffic to this destination). If IGP knows

this destination, it will receive such routing information and then advertise it

to EBGP peers. Otherwise, it will consider that this route is asynchronous

with IGP and thus will not advertise it.

As shown in the figure above, RTE gets the route going to the network


15/42


1414

Page14

Full Dynamic Redistribution

OSPF discovers route 18.0.0.1/8

Dynamically redistribute the route discovered by IGP (OSPF)

into the BGP routing table of RTB

18.0.0.1/8

OSPF

RTB

AS200

The BGP routing protocol runs between ASs. Its major work is to transmit

routing information between ASs, instead of discovering and calculating

routing information. The work of discovering and calculating routing

information is done by the IGP routing protocol, e.g. RIP and OSPF. The

routing information of BGP needs to be redistributed into BGP in the mode of

configuration commands.According to the redistribution mode, it can be classified into three types:

purely dynamic redistribution, semi-dynamic redistribution and static

redistribution.

Purely dynamic redistribution means that the router gets the routing

information by IGP routing protocol and then dynamically redistributes it into

BGP.

As shown in the figure above, RTB dynamically detects the routes going to

the network 18.0.0.0/8 via OSPF protocol and then dynamically redistributes

it into BGP. We call such a kind of route redistribution mode as purely

dynamic redistribution.

The route leading to the network 18.0.0.0/8 is redistributed from OSPF.

Meanwhile, other routing information of OSPF is also redistributed into BGP.


16/42


1515

Page15

Semi Dynamic Redistribution

OSPF discovers the route 18.0.0.1/8

Semi-dynamically redistribute the route discovered by IGP

(OSPF) into the BGP routing table of RTB

18.0.0.1/8

RTB

AS200

OSPF

Semi-dynamic redistribution means that the routing information is

dynamically discovered and calculated by IGP routing protocol. Part of the

specified routing information will be selectively redistributed with the

network command when it is redistributed into the BGP system.

AS shown in the figure above, router B dynamically detects the route going

to the network 18.0.0.0/8 via OSPF protocol and then redistributes it intoBGP statically. Such a kind of route redistribution mode is called semi-

dynamic redistribution.

The route to be redistributed should be be specified with the user interface of

the router. As a result, only one specified OSPF route is redistributed into

the BGP routing table.


17/42


1616

Page16

Static Redistribution

Manually configure the static route 18.0.0.1/8

Redistribute the static route manually configured into the BGP

routing table of RTB

18.0.0.1/8

AS200

RTB

Static redistribution means that the routing information obtained by the router

is the static routing information manually configured, which will be statically

redistributed into the BGP system.

As shown in the figure above, router B first establishes a static route going to

the network 18.0.0.0/8 and then redistributes it into BGP. Such kind of route

redistribution mode is called static redistribution.

As a result, a manually configured route is added into the BGP routing table.

How many methods can you use to installed the route to the bgp routing table

?(choose all apply)

A: Full Dynamic Redistribution

B: Semi Dynamic Redistribution

C: Static Redistribution

D: IGP route redistribute


18/42


1717

Page17

BGP Messages

There are four types of BGP messages: Open: greeting--"hello, let's make friends!"

Keepalive: I'm alive, don't leave me alone

Update: fresh news...

Notification: i won't play with you any more!

BGP has four types of messagesOPEN, UPDATE, NOTIFICATION and

KEEPALIVE.

Between BGP peers, an OPEN message is transmitted so as to exchange

information such as version, AS number, hold time and BGP identifier for

negotiation.

What UPDATE message carries is route update information, including route

withdrawal information, reachable information and its path attributes.

When BGP detects errors (e.g. connection interruption, negotiation error ,

message error), it will send the NOTIFICATION message to shut off the

connection with its peers.

The KEEPALIVE messages are sent periodically between BGP neighbors ,

so as to ensure the connection is kept alive . The default timer is 60 seconds.

The OPEN message is mainly used to establish the neighborhood (BGP

peers). It is the initial handshake information between BGP routers and shall

occur before all notification information. Others will respond with theKEEPALIVE message after receiving the OPEN message. Once the

handshake succeeds, these BGP neighbors can exchange messages like

UPDATE, KEEPALIVE and NOTIFICATION.

Quiz

(1) How many BGP messages available for the BGP version 4(choose all

apply)

A: OPEN

B: UPDATE


19/42


1818

Page18

Finite State Machine of BGP

Active

Open-sent

Open-confirm Established

Idle

Connect

Connect-Retrytimer expiry

TCP connection fails

Connect-Retry

timer expiry

Start

Others

TCP connection fails

Error

Error Error

KeepAlive

timer expiry

KeepAlive packetreceived

1. KeepAlivetimer expiry

2. Update received3. KeepAlive received

Correct OPENpacket received

TCP connection setup

TCP connection setupOthers

The BGP finite state machine (FSM) has six states. The procedure of

transition between shows the establishment procedure of BGP neighborhood.

The first state is "Idle". Once BGP starts, the state machine enters the

"Connect" state. In this sate, if Connect-Retry timer expires, the BGP state

machine will stay in the "Connect" state. Meanwhile, BGP will attempt to

establish the TCP connection. If the creation of TCP connection fails, theBGP state machine will enter the "Active" state. If the TCP connection is

established successfully, the BGP state machine will enter the "OpenSent"

state directly. In "Active" state, if the TCP connection cannot be established

yet, the BGP state machine will stay in the "Active" state and will not enter

the "OpenSent" state until the TCP connection is established successfully. In

the "OpenSent" state, once BGP receives a correct Open message, it will

enter the "OpenConfirm" state. In the "OpenConfirm" state, if the KeepAlive

timer expires, the BGP state machine will stay in the "OpenConfirm" state.

And it will not enter the "Established" state until BGP receives the KeepAlive

message. Till now, the BGP connection is really established.

In addition, when any of the five states ("Idle" excluded) has errors, the BGP

state machine will return to the "Idle" state.

Idle: "Idle" is the first state of BGP connection. In this state, BGP is waiting

for a start event. After such an event emerges, BGP will initialize the

resources, reset the Connect-Retry timer, and initiate a TCP connection.

Meanwhile, it will enter the "Connect" state.

Connect: in this state, BGP establishes the first TCP connection. If the

Connect-Retry timer expires, BGP will establish the TCP connection again

and continue to stay in the "Connect" state. If the TCP connection is

established successfully, it will enter the "OpenSent" state. Otherwise, it will

enter the "Active" state.


20/42


1919

Page19

Application of Messages in BGP

The Open message is sent when establishing a BGP connection via

TCP

After the connection is established, the UPDATE message is sent

to notify the peer of the routing information if a route needs to be

sent or route change occurs

After stabilization, it is necessary to send the KEEPALIVE message

periodically to keep the validity of the BGP connection

When an error is found during the running of local BGP,

NOTIFICATION message shall be sent to notify the BGP peer

BGP establishes the connection via TCP. The local monitoring port is 179.

The establishment of BGP connection needs a series of dialogs and

handshakes, which is the same as that of TCP connection. TCP uses the

handshake negotiation to advertise parameters like port. The handshake

negotiation parameters of BGP include BGP version, hold time of BGP

connection, local router ID and authorization information. They are includedin the Open message.

After BGP connection is established, the Update message shall be sent to

advertise the routing information to the peer end if there is a route to be sent.

The Update message is mainly used to advertise the routing information,

including failed (withdrawn) route. When the Update message is used to

distribute out the route, the attribute of this route needs to be specified so as

to help the peer BGP protocol select the best route. For the application of

route attribute for BGP to select the route, please refer to the application part

of he BGP protocol route attribute.

When the local BGP route changes, the Update message can also be used tocorrect the routing table of the peer BGP.

If, after exchanging the routing information for a period of time both the local

BGP and the peer BGP have no new route advertisement, the condition

becomes stable. Now the KEEPALIVE message shall be sent regularly so as

to make the BGP connection remain valid. For the local BGP, if it receives no

BGP message after the hold time is over, this BGP connection will be

regarded as invalid and disconnection of this BGP will take place.

If, during the running, the local BGP detects an error, for example, the local

BGP does not support the version of the BGP peer or receives the Update

message with illegal structure, it shall send the NOTIFICATION message to


21/42


2020

Page20

BGP Path Attributes

A Path Attribute is a characteristic of anadvertised BGP route.

Each Path Attribute falls into one of fourcategories:

Well-known mandatory

Well-known discretionary

Optional transitive

Optional nontransitive

Notes:

Well-known means it must be recognized by all BGP implementations.

Optional means BGP implementation is not required to support the attribute.

Mandatory means the attribute must be included in all BGP Update messages

Discretionary means they may or may not be sent in a specific Updatemessages

Transitive means a BGP process should accept the path in which the attributeis included even if it doesnt support this attribute and it should pass the pathon to its peers

Nontransitive means a BGP process that does not recognize the attribute canquietly ignore the Update in which the attribute is included and not advertisethe path to its other peers

The enterprises and service providers are often concerned about suchquestions: how to prevent my private network from being advertised out?

How to filter the route update that comes from some neighboring route? howto make certain that I am using this link instead of any other link?. It isthrough the use of route attribute that BGP answers these questions.

BGP route attribute is a set of parameters. It further describes the specificroute so as to enable BGP to filter and select routes. When configuring theroute strategy, we often use the route attribute. However, not all of them willbe involved.

In fact, route attributes are classified into the following categories:

Mandatory attribute: one that is necessary in the route update data message.In the BGP routing information, this kind of attribute domain has its uniquerole that cannot be substituted by any others. If it is not included, something

will be wrong with the routing information. For example, AS-Path is a


22/42


2121

Page21

Path AttributeWell-known mandatory

ORIGIN

AS-Path

Next hop

Well-known discretionary

Local-Preference

Atomic-Aggregate

Optional transitive

Aggregator

Community

Optional nontransitive

Multi-Exit-Disc (MED)

ORIGINATOR-ID

Cluster-List

Destination Pref (MCI)

Advertiser (Baynet)

Rcid-Path (Baynet)

MP_Reach_NLRI

MP_Unreach_NLRI

Extended_Communities

There are six attributes that are commonly used:

Origin: it is used to define the origin of the routing information, indicating

how a route becomes the BGP route, such as IGP, EGP, and Incomplete.

As-Path: it is the sequence of the ASs passed by a route, listing all the ASs

passed by a route before it reaches the notified network. The BGP speaker

puts its own AS preamble to the head of the received AS path, which can

avoid route loop and be used for route filtering and selection.

Next hop: it includes the IP address of the next hop border router that reaches

the network listed in the update information. The next hop of the BGP is

somewhat different from that of IGP. It can be an address of the peer that

notifies this route, such as EBGP, which is similar to the IGP. But in some

other cases, the BGP uses the next hop of the third party. For example, the

IBGP transmits without any change the next hop obtained from the EBGP

peer in the AS. In the multiple access media, the BGP takes the actual origin

of the route as the next hop, even though it is not the BGP peer.

Multi-Exit-Discriminators (MED): when some AS has multiple entries, the

MED attribute can be used to help its external neighboring router select a

better entry path. The smaller the MED value of a route, the higher its

precedence.

Local-Preference: this attribute is used to select in the AS the route reaching

some destination by preference. It reflects the preference level of the BGP

speaker for each external route. The bigger the local-preference value, the

higher the preference level of the route.

Community: this attribute marks a group of routing information that has the

same feature, which is irrelevant with the IP subnet or AS where it is located.

The accepted community values are NO-EXPORT, NO-ADVERTISE,


23/42


2222

Page22

ORIGIN Attribute

ORIGIN specifies the origin of the routing update. When BGP has multipleroutes, it uses ORIGIN as one factor in determining the preferred route.

IGP NLRI (Network layer Reachability Information) was learned from a protocol

internal to the originating AS. BGP routes are given an origin of IGP if they are

learned from an IGP routing table via the network statement.

EGP NLRI was learned from the Exterior Gateway Protocol.

Incomplete NLRI was learned by some other means. Incomplete imply that the

information for determining the origin of the route is incomplete. Routes that BGP

learns through redistribution carry the incomplete origin attribute.

Which one is preferred? IGP > EGP > Incomplete

When the BGP makes the route decision, it will take the origin attribute into

account to determine the precedence levels between multiple routes.

Specifically, the BGP will prefer the route with the minimum origin attribute

value, i.e. the IGP has the precedence over EGP, and EGP has the precedence

over INCOMPLETE. We can configure these three origin attributes

manually.Generally:

If a route is redistributed into the BGP routing table with the specifically, the

origin attribute shall be IGP

If a route is obtained via EGP, the origin attribute shall be EGP

Otherwise, the Origin attribute should be Incomplete

Quiz

(1)When import a route from ospf routing protocol into the BGP routing table

,which origin attribute value would this route to be ?

A: IGP

B: EGP

C: OSPF

D: Incomplete


24/42


2323

Page23

AS_PATH Attribute

AS-PATH uses a sequence of AS numbers to describe the inter-AS path or route to the

destination specified by the NLRI.

AS-PATH describes all AS it has passed through ,beginning with the most recent AS

and ending with the originating AS.

D(18.0.0.0/8)AS200

AS300

AS400

AS100AS500

RTA

RTB

30.0.0.1

30.0.0.2D (400 300 200)

D (500 200)

The AS-Path attribute is also a mandatory one. It is the sequence of numbers of all

the ASs passed by a route to a certain destination. The BGP uses the AS-path

attribute as a part of the route update (message update) to ensure a loopless

topology structure over the Internet. The BGP will not accept the route of this AS

number contained in the AS-path attribute, because this route has been processed

by this AS. In this way, route loop is avoided. For this reason, the BGP will add itsown AS number to the AS-path attribute when advertising a route to the EBGP

peer, so as to record the information on the AS area passed by the route.

Meanwhile, the AS-path attribute acts on route selection. In case other factors are

the same, the route with shorter AS path will be selected. As shown in the figure

above, the path for the network segment D18.0.0.0/8 in AS200 to reach AS100 by

passing AS200, AS300, and AS400 is d1 (400 300 200) and that for it to reach

AS100 by passing AS200 and AS500 is d2 (500 200). In this case, the BGP will

select the shorter path d2 by precedence.

Note: when the AS-Path field of a route records the AS-number, it will always put

the new AS-number in front. As shown in the figure above, the route first passesAS200 and records d2 (200); then it passes AS500 and records: d2 (500 200).

We can increase the path length by adding the pseudo AS number, so as to act on

route selection, We can configure RTA to add two AS element 200, 200 to the

AS-Path list carried by the route it sent to 30.0.0.2. After such a configuration, the

path d2 will change into 500 200 200 200, which is longer than the path d1. So now

the BGP will select the shorter path d1 by precedence.

Quiz

(1) When a route is passing AS100 from other AS, where the AS 100 value would

-


25/42


2424

Page24

AS_PATH Attribute

The Function of AS-PATH

AS can influence its incoming traffic by changing the AS_PATH of its

advertising route

AS_PATH can be used for loop avoidance

D(18.0.0.0/8)AS200

AS300

AS400

AS100AS500

RTA

RTB

30.0.0.1

30.0.0.2D (400 300 200)

D (500 200,200,200)

D (200 200 200)


26/42


27/42


2626

Page26

LOCAL_PREF Attribute

LOCAL_PREF is used to communicate a BGP routersdegree of preference for an advertised route.

LOCAL_PREF is only in updates between internal BGPpeers and it is not passed to other AS.

If an internal BGP speaker receives multiple routes tothe same destination, it compares the LOCAL_PREFattribute of the routes. The route with highestLOCAL_PREF is selected.

The LOCAL_PREF attribute affects only traffic leavingthe AS.

The local precedence attribute is an optional attribute. It represents theprecedence level assigned to a route, with which we can compare differentroutes that have the same destination. The bigger the attribute value, thehigher the precedence level of the route. This attribute is used only insidethe AS and exchanged between IBGP peers, but not notified to the EBGPpeer. In short, the local precedence attribute is used to help the router

inside the AS select the optimal egress for it to go out, i.e. select the egresswith higher local precedence level.

What shall be noted is: configuring the attribute value of local precedencelevel will only affect the traffic that leaves this AS, but not the traffic thatenters this AS. By default, the value of local precedence attribute is 100.

Quiz

(1)A BGP speaker received the same route from its two IBGP peer withdifferent preference ,which route the BGP speaker will use by default ?

A: the route with the bigger preference value

B: the route with the smaller preference value

C: the route with the bigger router-id

D: the route with the smaller router-id


28/42


2727

Page27

LOCAL_PREF Attribute

Dlocal-pref1 100 Dlocal-pref2 200 RTA will select local-pref2 that has higher local preference

AS400

AS100

AS300AS200

RTA

RTB RTC

RTD RTE

RTF

D (18.0.0.0/8)

30.0.0.1

30.0.0.2

20.0.0.1

20.0.0.2

Dlocal-pref1 100 Dlocal-pref2 200

As shown in the figure above, the RTB sets the local precedence level of the

route received via the RTD as local-pref1 100, and the RTC sets the local

precedence level of the route received via the RTE as local-pref2 200. In this

way, the RTA will prefer local-pref2 which has a higher precedence level.


29/42


2828

Page28

MULTI-EXIT-DISC (MED) Attribute

MED is carried in EBGP updates and allows an AS to inform another AS ofits preferred ingress points. It is meant only for a single AS to demonstrate a

degree of preference when it has multiple ingress points.

MED attribute affects only the incoming traffic to the AS.

If all else is equal , an AS receiving multiple routes to the same destination

compare the MED of the routes. The lowest MED value is prefered. MEDs

are not compared if two routes to the same destination are received from

two different AS.

The MED is passed between internal peers of the receiving AS but not

passed beyond the receiving AS. MED is used only to influence traffic

between two directly connected AS.

The MED attribute is optional, used to indicate the preferable path for the

external neighbor router to enter some AS that has multiple entries. When

some AS has multiple entries, the MED attribute can be used to help its

external neighbor router select a better entry path. That is, select the entry

path with smaller MED value by precedence.

A BGP speaker received the same route from its two EBGP peer with

different MED value ,which route the BGP speaker will use by default ?

A: the route with the bigger MED value

B: the route with the smaller MED value

C: use tow for backup

D: the route with the smaller router-id


30/42


2929

Page29

MULTI-EXIT-DISC (MED) Attribute

D(18.0.0.0/8)

RTA

RTB RTC

30.0.0.1

30.0.0.2

20.0.0.1

20.0.0.2

AS100

AS200

D,metric1 10

D,metric2 20

D,metric1 10 D,metric2 20

RTA will select the lower metric

IBGP

As shown in the figure above, we can set the metric value of the network D

notified by the RTB as metric 1 10 and that of the network D notified by the

RTC as metric 2 20. In this way, the RTA will select the metric 1 that has

smaller metric value by precedence.

Generally, the router only compares the MED values of respective EBGP

neighbor paths from the same AS, but not those from different ASs. Ifcomparison is required, the Quidway series routers offer the one user

interface command to change this default behavior.

Note: By default, it is not allowed to compare the MED attribute values of

paths from different AS neighbors, unless it can be confirmed that different

ASs adopt the same IGP and route selection method.


31/42


3030

Page30

Community Attribute

Community is designed to simplify policyenforcement. It identifies a destination as amember of some community of destinations thatshare one or more common properties.

The COMMUNITY attribute is a set of four octetsvalues AA:NN. AA is AS number. NN is anadministratively defined identifier.

In the range of the BGP, a community is a group of destinations that have the

same nature. It is not limited to a network or an AS and has no physical

boundary.


32/42


3131

Page31

Well-known Community

NO_EXPORT Routes received carrying this value cannot be advertised to EBGP peers and outside of

the confederation

NO_ADVERTISE

Routes received carrying this value cannot be advertised at all to either EBGP or IBGP

peers.

LOCAL_AS

Routes received carrying this value cannot be advertised to EBGP peers including

peers in other AS within a confederation.

INTERNET

All routes belong to this community by default. Received routes belonging to this

community are advertised freely

The community attribute is an optional transitional attribute. Some communitiesare accepted, i.e. they have the global meaning. These communities are:

NO_EXPORT: after a route with such a community attribute value is received, itshall not be notified to the peers outside an confederation.

NO_ADVERTISE: after a route with such a community attribute value is

received, it shall not be notified to any BGP peers.LOCAL-AS: after a route with such a community attribute value is received, itshall be notified to the peers inside the local AS, but not to any EBGP peers(including the EBGP peers inside the confederation).

INTERNET: After a route with such a community attribute value is received, itshall be notified to all other routers.

Besides these accepted community attribute values, the private communityattribute values can also be used for special objectives. These attribute values aremarked with some numbers.

One route can have multiple community attribute values, which is similar to the

case where a route can have multiple AS numbers in its AS path attribute. The BGProuter, which sees multiple community attribute values in one route, can takeaction according to one or more or all of these attribute values. The router can addor modify the community attribute values before it transmits the route to otherpeers.


33/42


3232

Page32

BGP Route Selection Procedure

In general, the procedure of local BGP route selection is: 1. If the next hop of this route is unreachable, this route is not selected.

2. Select the route with a higher local preference.

3. Select the originated route by the local router (same local precedence).

4. Select the route with shortest AS path.

5. Select the route with lowest origin code (IGP lower than EGP, EGP lower than Incomplete ).

6. Select the route with smallest MED .

7.Performing load sharing on multiple routes according to the configured number of routes (in

case load sharing is configured and there are multiple external routes to the same AS)

8. Select the route with smallest Router ID .

Generally, the procedure of local BGP route selection is:

(1)If the next hop of this route is unreachable, then drop this route.

(2)Select the route with a higher local precedence level.

(3)Select the originated route by the local router (the same local precedence level).

(4)Select the route whose AS path is shortest.

(5)Select the route whose origin type is IGP, EGP, and Incomplete in turn.

(6)Select the route whose MED is smallest.

(7)performing load sharing on multiple routes according to the configured number of routes(in case load sharing is configured and there are multiple external routes to the same AS)

(8)Select the route whose Router ID is smallest.

Select the best answer for the BGP route selection ( )

(1)Select the route with a higher local precedence level.

(2)Select the route whose AS path is shortest.

(3)Select the route whose MED is smallest

(4)If the next hop of this route is unreachable, then drop this route.

A: 4-1-2-3B: 4-1-3-2

C: 1-2-3-4

D: 1-3-2-4


34/42


3333

Page 33

Basic Configuration


35/42


3434

Page 34

IBGP Configuration

10.1.1.0/24.1 .2

RTA RTB

AS100

[RTA] bgp 100[RTA-bgp] peer 10.1.1.2 as-number 100

RTB(config)# router bgp 100RTB-(config-router)# neighbor 10.1.1.1 remote-as 100


36/42


3535

Page 35

EBGP Configuration

RTB RTC

.1 .220.1.1.0/24AS100

AS200

[RTB] bgp 100[RTB-bgp] peer 20.1.1.2 as-number 200

RTC(config)# router bgp 200RTC(config-router)# neighbor 20.1.1.1remote-as 100


37/42


3636

Page 36

IBGP Peering With Loopback Interface

10.1.1.0/24.1 .2

RTA RTB

AS100Loopback01.1.1.1/32

Loopback02.2.2.2/32

[RTA] bgp 100[RTA-bgp] peer 2.2.2.2 as-number 100[RTA-bgp] peer 2.2.2.2 connect-interface loopback 0

RTB(config)# router bgp 100RTB(config-router)# neighbor 1.1.1.1 remote-as 100RTB(config-router)# neighbor 1.1.1.1 update-source loopback0

Using a loopback address for an IBGP session is a good idea, a loopback interface

is always up and will never go down unless the power off. This way, if an IBGP

speaker has more than one path to its IBGP peers, and one of the paths goes down

,the connection will stay up, the reason the TCP stays up is because of the existence

of another route to the same destination. When using loopback interface for the

BGP session ,one additional command needs to be entered in the BGPconfiguration mode:

peer { group-name | peer-address } connect-interface interface-type interface-

number

group-name: Specifies the name of the peer group.

peer-address: Specifies the IP address of the peer, in dotted decimal format.

interface-type interface-number: Specifies the interface name, including interface

type and interface number.

Make sure that the these two loopback ip addresses are routable from one to

another .


38/42


39/42


3838

Page 38

Injecting Routes Into BGP

Manually injecting routes into the BGP routing table

Redistribute routes into the BGP routing table

network ip-address[ mask]

import-route protocolredistribute protocol

General speaking ,there are a couple of different ways to inject routes BGP for

advertisement:

You could redistribute the IGP into BGP ,Redistribution is the process of

injecting the routing information known by one routing protocl into another

routing protocol.

You can manually configure the routes for BGP to advertise.

Manually injecting routes into BGP is suitable for the situation of injecting a few

routes into BGP routing table ,on the other hand, if you want BGP to advertise

numerous routes contains in you IGP, the best choice would be to redistribute the

route into the IGP into BGP .so ,making the decision which form to use depends on

the number of routes you want to inject into BGP routing table.

The following give you a brief explain for the commands

network ip-address [ mask]

ip-address: Specifies the network address that BGP advertises, in dotted

decimal format.

mask: Specifies the mask of the network address.

import-routeprotocol

protocol: Specifies source routing protocols which can be imported, which

includes direct, static, rip, ospf, ospf-ase, ospf-nssa and isis at present.


40/42


3939

Page 39

Inject The Static Route Into BGP

10.1.1.0/24.1 .2

RTA RTB


Loopback02.2.2.2/32

RTC

.2AS200

.120.1.1.0/24

RTB learn the route to 1.1.1.1/32 by the static route commandRTB Advertise this route to its BGP speaker RTC by network command

[RTB] ip route-static 1.1.1.1 255.255.255.255 10.1.1.1

[RTB] bgp 100[RTB-bgp] network 1.1.1.1 255.255.255.255

In this scenario, static route are used on each router within the AS 100. We willconfigure the EBGP session between RTB and RTC

Before we inject the route into the BGP routing table, we should make sure thisroute is available .

How does RTB learn the route to 1.1.1.1/32 ? There are two way for RTB to getthis route:

RTB learn this route by the static route ,use following command

[RTB] ip route-static 1.1.1.1 255.255.255.255 10.1.1.1

RTB can learn this route by the IGP routing protocol such as OSPF,IS-IS ,etc, this is called dynamic routing .

Once RTB learn this route, we can confirm this route by enter thedisplay iprouting-table

display ip routing-table

Routing Table: public net

Destination/Mask Protocol Pre Cost Nexthop Interface

1.1.1.1/32 STATIC 60 0 10.1.1.1 Ethernet0/0

2.2.2.2/32 DIRECT 0 0 127.0.0.1 InLoopBack0

10.1.1.0/24 DIRECT 0 0 10.1.1.2 Ethernet0/0


20.1.1.0/24 DIRECT 0 0 20.1.1.1 Ethernet0/1





41/42


4040

Page 40

Redistribute The Routes Into BGP

10.1.1.0/24.1 .2

RTA RTB


Loopback02.2.2.2/32

RTC

.2AS200

.120.1.1.0/24

[RTB-bgp] import-route ospf

RT-B(config-router)#redistributed

In this scenario, AS 100 using the OSPF as the IGP routing protocol and all theinterface will be enable OSPF except the interface 20.1.1.1/24

Here is the OSPF configuration on RTA & RTBOSPF configuration on RTA

RTA-ospf-1]display this

#ospf 1

area 0.0.0.0

network 1.1.1.1 0.0.0.0

network 10.1.1.1 0.0.0.0

#

return

[RTA-ospf-1]

OSPF configuration on RTA

[RTB-ospf-1]display this#

ospf 1

area 0.0.0.0

network 2.2.2.2 0.0.0.0

network 10.1.1.2 0.0.0.0

#

return

[RTB-ospf-1]

Once we finished the OSPF configuration ,we can see that 1.1.1.1/32 is learnedby the OSPF in RTB


42/42


4141

ThankYou

men part 2- day1 -ver1_norestriction

Documents