Route servers are routers running BGP that you are allowed to telnet/SSH into and issue certain BGP show commands to view the BGP routing table from the perspective of that particular router.
Route servers can be a useful tool when troubleshooting BGP. It allows you to see a fully functioning BGP router with hundreds of thousands of route entries. This allows you to view your own prefixes from the perspective of the other parts of the Internet - so you can basically see what you are advertising to the world.
Here are a few useful links
http://www.routeviews.org - University of Oregon started this project to help service providers troubleshoot their BGP networks, but it has spawned off projects like the BGPlay Java Application found here: http://bgplay.routeviews.org
http://routeserver.org - this page will provide a map of public route servers and allows you to click on a route server to open a telnet connection to the particular server.
http://www.bgp4.as/looking-glasses - at the bottom of the page is a list of route servers and how to connect to them.
Be mindful of the outputs, though, as some route servers are configured with BGP in such a way that it may skew the actual view of the BGP entries.
Monday, March 30, 2015
Tuesday, March 24, 2015
BGPv4 Overview
This is a quick overview of the BGP-4 (Border Gateway Protocol version 4) routing protocol. BGP is the glue of the Internet - it is what allows all the ISPs to exchange routing information between each other. The protocol is, by design, quite slow to converge, but is also very versatile due to the use of various path attributes.
BGP is an application that allows for exchanging large amounts of routing information between manually configured peers. It works on top of existing network infrastructure and is therefore rarely used on its own.
I don't work much with BGP in my current position, but when I do it is usually in a setup, where a site needs to have redundant connections inbound from the Internet with multiple Internet Service Providers. If you have your own Autonomous System Number (ASN), this is pretty much the only proper way to ensure that the Internet can reach your IP subnets at all times. However, BGP can be used even if you don't own your own set of IP addresses. An ISP is probably more than willing to lend out some of its addresses for a fee and that can in turn be exchanged using BGP from your enterprise to the ISP - this may, however, make multihoming across multiple ISP's somewhat problematic.
BGP is huge and has so many features that this post will only just cover the very basics of the protocol. Bare in mind that with all these features and complexity, BGP also brings along the most flexibility and scalability, when compared to any other routing protocol.
Now on to the hard facts of BGP-4.
BGP is an application that allows for exchanging large amounts of routing information between manually configured peers. It works on top of existing network infrastructure and is therefore rarely used on its own.
I don't work much with BGP in my current position, but when I do it is usually in a setup, where a site needs to have redundant connections inbound from the Internet with multiple Internet Service Providers. If you have your own Autonomous System Number (ASN), this is pretty much the only proper way to ensure that the Internet can reach your IP subnets at all times. However, BGP can be used even if you don't own your own set of IP addresses. An ISP is probably more than willing to lend out some of its addresses for a fee and that can in turn be exchanged using BGP from your enterprise to the ISP - this may, however, make multihoming across multiple ISP's somewhat problematic.
BGP is huge and has so many features that this post will only just cover the very basics of the protocol. Bare in mind that with all these features and complexity, BGP also brings along the most flexibility and scalability, when compared to any other routing protocol.
Now on to the hard facts of BGP-4.
- Open standard based on RFC 4271 (this is the base RFC for BGP-4, but there are other RFCs that add functionality to the protocol, which are not part of this RFC)
- Classless
- Path Vector Routing Protocol
- Uses TCP port 179
- Exchanges incremental triggered updates
- Uses a keep-alive mechanism between peers
- Uses prefix attributes for routing decisions
- Mainly used to exchange routing information between autonomous systems (AS)
- BGP Peerings are manually configured (no automatic peering mechanism)
- A BGP peering is either internal (iBGP) or external (eBGP)
- iBGP peers are peers with the same AS numbers
- eBGP peers are peers with differing AS numbers
- Supports authentication of peers using TCP Option 19 (MD5 hash)
- Administrative distances
- Internal: 200
- External: 20
- Loop prevention mechanisms
- eBGP: if an update is received containing its own AS number - that is a loop and is therefore dropped.
- iBGP: routes received from an iBGP peer is not forwarded to any iBGP peer - only to eBGP peers. This is a form of split-horizon natively implemented in the iBGP process.
There are four different types of BGP messages: open, update, notification and keep-alive.
Open message is used to initiate communication with a new peer and negotiate stuff like hold-timers and other optional capabilities.
Update message is used to both advertise and withdraw network prefixes.
Notification message is used to tear down an active peer and inform of the reason for the closure.
Keep-alive message is used to maintain the peering and are sent within the agreed holdtime to ensure the peers do not expire.
BGP Best Path Selection
BGP best path is the sequence in which BGP looks for tie-breakers, when comparing multiple paths to the same prefix. Most tie-breakers are found within the first 4 entries, which I will list below.
- Weight - Highest weight breaks the tie
- Local Preference - Highest local_pref breaks the tie
- Originate - local preferred
- AS Path - shortest AS path preferred
Cisco has a very detailed document on the matter here: http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13753-25.html
It is worth mention, that there is considered to be step 0, that has BGP evaluate the reachability of the next-hop address - making it disregard any NLRI entry with an unreachable next-hop router.
It is worth mention, that there is considered to be step 0, that has BGP evaluate the reachability of the next-hop address - making it disregard any NLRI entry with an unreachable next-hop router.
BGP four-octet AS number space
Originally, the AS number was a 2-byte field allowing for AS ranges of 1-64511 for public ASNs and 64512-65535 for private ASNs. With the RFC 4893, the issue of ASN shortage was resolved by making this a 4-byte field and Cisco added support for this beginning with IOS 12.4(24)T.
Cisco supports two types of four-octet notation: normal and dot notation. This has no bearing on the AS number sent to neighbors - this is only the format presented in the config output. Use the command bgp asnotation dot under the router bgp process to turn on the dot notation.
The normal notation goes from 1 to 4294967295 and the dot notation goes from 1.0 to 65535.65535. The dot notation is (for some) easier to read and remember - but bear in mind that this is only layout - it has no bearing on the actual AS number used and advertised by the BGP process.
Cisco supports two types of four-octet notation: normal and dot notation. This has no bearing on the AS number sent to neighbors - this is only the format presented in the config output. Use the command bgp asnotation dot under the router bgp process to turn on the dot notation.
The normal notation goes from 1 to 4294967295 and the dot notation goes from 1.0 to 65535.65535. The dot notation is (for some) easier to read and remember - but bear in mind that this is only layout - it has no bearing on the actual AS number used and advertised by the BGP process.
For a more in-depth information on all things BGP, Cisco's documentation site is gold: http://www.cisco.com/c/en/us/tech/ip/border-gateway-protocol-bgp/index.html
Saturday, March 14, 2015
An explanation of my absence
I have been somewhat absent in posting to the blog these past months. The reason is that my workload has increased significantly as well as my personal time has been constrained by the birth of my son in early february.
I may have underestimated the amount of time needed to care for such a tiny person and so I spend the little time I have studying, which leaves very little time to tend to this blog.
I do have quite a few posts lined up and they will be published as soon as I get some more time on my hands.
I may have underestimated the amount of time needed to care for such a tiny person and so I spend the little time I have studying, which leaves very little time to tend to this blog.
I do have quite a few posts lined up and they will be published as soon as I get some more time on my hands.
Subscribe to:
Posts (Atom)