BORDER GATEWAY PROTOCOL (BGP)

BGP is an inter-AS routing protocol, its primary function is to exchange network reachability information with other BGP systems.
BGP routing information carries a sequence of AS numbers identifying the Path (Path Vector). This information is used to prevent loops.
TCP is used as transport protocol, therefore assumes reliable delivery and IP connectivity.
Updates are incremental => improvement in CPU overhead and bandwidth.

Common 16 Bytes 2 bytes 1 byte

header Marker length type

BGP Messages:
To initiate connection and exchange
OPEN
capabilities.
_One AS path.
_A set of path of attributes.
UPDATE _A set of prefixes sharing the AS path
and path attributes,
_A set of withdrawn routes.
NOTIFICATION Used to signal errors.
KEEPALIVE Used to check liveness of peer.

OPEN message
Fields Info Size in Bytes
Version Current version is 4 1
My AS ASN of BGP speakers 2
Hold Time Maximum interval between KEEPALIVE and UPDATE 2
BGP ID Sanders’s BGP ID 4
Optional Parameter Length Length 1
Optional Parameter Use in BGP session Negotiation 7
Comments: All bytes in Marker will be set to 1.

UPDATE message
Fields Info Size in Bytes
WR length Length 2
Withdrawn Routes List of prefixes that are being withdrawn. Each prefix is Variable
Withdrawn Routes
composed of <length, prefix> <1,IP address>
Path Attributes PA length Length 2
Sequence of Path attributes present in every UPDATE message Variable
Path Attributes
except messages carrying only withdrawn routes. <type,length,value>
Att type Flags + Attribute type code
Att length Length
Att Value Value of attribute according to flags and code
Network Layer Reachability Information NLRI is the list of prefixes that are being advertized variable

NOTIFICATION message
Fields Info Size in Bytes
Error Code Identification of type of Notification 1
Error Subcode More specific info about error 1
Data Relevant data about the error (i.e. Bad header, illegal ASN) variable

KEEPALIVE message
19 bytes length. Sent at a specified interval (the default is 60 seconds). If a BGP peer misses three keepalives (180 seconds) all routes from
that peer are suppressed.
IBGP: Neighbor connection between two routers within the same AS.
EBGP: Neighbor connection between two routers in different AS.
TCP
CONNECTION
Physical vs Logical Connections.

EBGP neighbors must be physically connected; UPDATES from not

connected peers are dropped.
If physical connection is not possible, a logical connection can be done.
An example is multihop BGP, which occurs when running BGP between
external neighbors that have non BGP routers in between.

BGP continuity inside an AS

BGP does not advertize routes learned from an IBGP peer to another BGP
IBGP peer.
It is important to maintain full mesh (IBGP mesh) with an AS
If that is not possible, then route reflectors and confederations have
SESSION
to be used.

Synchronization within an AS

If an AS provides transit service to another AS, the BGP speaker should

not advertise a route to external peer unless all routers within an AS
learned about that route via IGP.

In the example traffic is dropped because BGP and IGP are not
synchronized, to avoid the problem of injecting the AS info into the AS
in order to synchronize and send the routes to EBGP.

The solution is to not synchronize (no synchronization) BG

Overlapping protocols backdoors

Backdoor links offer an alternative IGP path that can be used instead of the Protocol Distance
external BGP path. Directly Connected 0
Static 1
IGP routes that can be reached over the backdoor link are backdoor routes. EBGP 20
The administrative distance is used to decide the preference of each protocol, it OSPF 110
is only relative to locally configured router and it is not communicated.
RIP 120
EGP 140
IBGP 200
Unknown 255
Prefix characteristics:
Well known mandatory Must be recognized Included in every UPDATE
Well known discretionary Must be recognized May or may not in UPDATE
Optional transitive Not required Should be passed along if BGP speaker does not support it.
Optional No transitive Not required Quietly ignore and don´t pass along if unrecognized.

ORIGIN
Type Description Types Info
Well IGP (0) NLRI internal to originating AS (via network command)
Defines the origin of the BGP prefers the lowest
known EGP (1) NLRI learned via EGP (via EGP)
path information ORIGIN value.
mandatory Incomplete (2) NLRI learned by other means (via redistribute)

Routing Updates can be injected either dynamically or statically.

Dynamic Routes come and go depending on network status. Easy to configure. Mutual redistribution and unstable routes
Static Routes injected regardless of network status. Ensures stability

AS_PATH
Type Description Info
Well known mandatory Contains a sequence of AS_PATH segment. BGP prefers the shortest AS_PATH value.

Act of adding the ASN to the beginning of the list when sending routes to external BGP peers (not to internal peers).
Prepending
Serves for Loop detection.

NEXT_HOP
Type Description Forms
EBGP sessions IP address of the neighbor that announced the route
Defined IP address of the
Locally originated routes: IP address of the peer that announced the route
Well router that should be used
IBGP sessions Routes learned from external: IP address of the external peer from which the route
known as the next hop to the
was learned.
mandatory destination listed in the
NLRI. Route on multi- IP address of the interface of the router connected to the medium that originated
access medium. the route.

MED
Type Description Info
Optional nontransitive Used on external links to discriminate among multiple links to the same neighboring AS. BGP prefers the lowest MED.
MED received from external peers must not be propagated to other neighboring ASes
The MED attribute received in an AS does not leave the AS, when BGP parses the update to another AS, the MED is reset to 0 (unless explicitly
changed to other value)

LOCAL-PREF
Type Description Info
Well known Used as local policy to set degree of preference of routes when announcing to other BGP prefers the higher LOCAL-
discretionary internal peers. PREF.
It is used locally within the AS, manipulations will affect only the outbound traffic.

COMMUNITY
Type Description Forms

A group of destinations that share some

NO_EXPORT Do not advertise a route carrying this value outside AS
Optional common property. It is used to simplify
Transitive routing policies based on logical
property rather than IP prefix or ASN. NO_ADVERTIZE Do not advertise to any BGP peer.
 ATOMIC AGGREGATE AGGREGATOR
Type Description Type Description
Set to indicate information loss. It Contains the ASN and IP address of
should not be set when the aggregate the BGP speaker that aggregates the
Well known discretionary carries some extra information that Optional Transitive route (should be the same as the
indicates from where the aggregate BGP identifier). In CISCO it is the
came. RID.

Other Extensions
Name Description
Multiprotocol extension for BGP-4 Enables support routing of other network layer protocols
Route Refresh Capability To dynamically request for readvertisement of routes from peers
TCP MD5 Signature Option Provides a mechanism for TCP to carry a digest message in each TCP segment.

BGP Routing Process Filtering

Choosing the
Filtering attribute
best route
attribute manipulation
manipulation
Decission Output
Input policy Routes
Routes received policy Routes sent
engine Process used by
from peers engine to peers
router

BGP Table IP routing table

BGP Routing Information Bases (BGP RIBs)

Adj-RIB-In Loc-RIB Adj-RIB-Out
One per peer BGP speaker. One per peer BGP speaker.
Stores information learned from peer Selected best routes by decision process to each Stores selected information to be advertised
Filtered/manipulated input policy available destination Output policy applied to Loc-RIB before going to Adj-
engine. RIB-Out

Input/Output Policy engines

Input Policy Engine Output Policy Engine
Configured by Operator Configured by Operator
Affects routes received from peer BGP speakers Affects routes in Loc-RIB (candidates for advertisement)
Handles route filtering and attribute manipulation Handles route filtering and attribute manipulation
Differentiates between internal and external peers

BGP decision process Summary

1. If next hop accessible, ignore route. 4. Prefer shortest AS_PATH. 7. Prefer EBGP to IBGP.

2. Prefer route with highest weight (Cisco) 5. Prefer lowest ORIGIN type (IGP, EGP, incomplete) 8. Shortest internal path BGP next-hop

3. Prefer largest LOCAL_PREF value. 6. Prefer lowest MED value (if from same AS) 9. Prefer route from first BGP router ID
Demilitarized Zone
It defines a shared network between ASes. IGP must be able to reach the next-hop address received in the update message. Two
possibilities: 1.Advertise the DMZ subnet inside the AS (to IGP) 2. Override the next-hop address using next-hop-self

Private ASes AS_PATH manipulation

When there is a need to have a public ASN, in order to conserve AS_PATH is often manipulated to affect interdomain routing behavior.
the ASN pool, there is a ASN range (64512 to 65535) for internal Because BGP prefers a shorter AS_PATH, network administrators are
use. It happens when customers are single-homed or multi-homed often tempted to change the path information by including dummy
to 1 provider. The private ASN is not announced to the internet. AS_PATH entries to influence traffic, this is called prepending.

AS_PATH and Route Aggregation Inbound and Outbound filtering

Route aggregation involves summarizing a range of prefixes into

one or more aggregates or CIDR blocks to minimize the number of
routes in the routing tables. A drawback is the loss of granularity.
This loss of information may lead to the creation of loops.
In order to avoid loops, BGP creates another type of AS_PATH
object called AS_SET, where the ASes are listed in an ordered set.

Route Filtering and Attribute Manipulation

Essential in defining routing policies, a BGP speaker can choose

what routes to send/receive.
Filtering is essential in specifying which traffic is redistributed from
BGP to IBP and viceversa.
Process:
1) Identifying Routes: based on IP, originators AS…
2) Permitting or denying routes: depending on AS policies.
3) Manipulating Attributes Filtering: Access List (All) or (Prefix List, As-path list) (BGP)
BGP: Route Filtering, Path Filtering, BGP Community Filtering
Identifying Routes

NLRI Defines a prefix or a range of prefixes. “Match 10.1.0.0 0.0.255.255”

AS_PATH List of ASes, this list is compared to a regular expression. Done using regular expressions ( . * + - ? ^ $ _ [range] -) (check)

Redundancy is achieved by providing alternative paths for the traffic, usually by having multiple connections to one or more ASes.
Symmetry means having traffic that leaves the AS from a certainpoint and returns through the same point.
Load Balancing is the capability to divide traffic optimally over multiple links.

Redundancy Multiple paths for the traffic (primary and backup link) Symmetry

Default Routes Dynamically learned defaults Statically set defaults Problematic to achieve when having
It is a route in the IP The default route (0/0) can be Many operators choose redundancy, in practice it is not a
forwarding table that is used exchanged as a dynamic advertisement to filter dynamically problem to have asymmetric traffic.
if a routing entry for a between routers. Any system learned defaults. The
destination does not exist. advertising this route represents itself manually set default can
Represented by 0/0 or as 0/0 to other routes. Can be learned point to the next-hop, a
0.0.0.0/0.0.0.0 or “gateway via BGP (local pref can be set for the router int, a network
of last resort” default) or IGP. number.

Load Balancing

It is the capability to divide the data over multiple links. It does Applying Attributes to outbound routing announcements will affect incoming traffic
not mean equal distribution of the load. Traffic should be Outbound decision - Where do I send my traffic?
thought as two separate entities, inbound and out bound. Applying Attributes to inbound routing announcements will affect outgoing traffic
Done on a per-destination basis. Inbound decision – I want traffic for netC through A and traffic for netD through B
 Route Reflector
Why? Description Problems Advantages Propagation
Simplification, since it Route received from non-client
There is an
just copies the UPDATE peer, reflects to clients only.
Full mesh is costly, Route A Route Reflector reflects routes overhead on the
message. Route received from client or EBGP
Reflectors are between clients (not RR) and RR machine.
RR client peers with the peer, reflects to clients and non-
concentration points. other IBGP and EBGP peers. It might
RR server, which implies clients.
introduce Loops.
less IBGP sessions.

Redundancy Loop Control

Redundancy is achieved via several RR, AS_PATH Normal BGP
logical redundancy should be backed up ORIGINATOR_ID RR sets this field in the local AS
by physical to ensure connectivity. CLUSTER_LIST Sequence of Cluster_IDs specifying where UPDATE traversed.

Confederations
Why? Description Confederation vs Route Reflector
Full mesh is costly. When an AS Consists on dividing an AS into sub-ASes, each with its
Route Reflector is the recommended solution.
gets too big is hard to manage own ASN and EBGP between them.

IGP Expansion
Why? Regions separated via IBGP Regions separated via EBGP
ASN hidden to the outside.
IGP is hard to manage in large networks, Regions run IGP, IGP routes are injected into
Central backbone AS with legal ASN.
segmentation helps by running IGP in each region, and IBGP regional routers.
Path stripping to avoid leaking ASN to
the regions are connected via BGP. Internet connection is part of central IBGP.
external peers.

Ensuring route stability

Instability syndrome Route instability factors
o IGP instability o Insufficient CPU/Memory
Route disappearance
o Hardware faults o Upgrades
Route flapping (appear and disappear)
o Software Problems o Human Error
IGP instability can be caused by dynamic injection of IGP into BGP can cause unnecessary route flapping.
Static injection can alleviate this problem; route aggregation can reduce the problem.

Soft Reconfiguration Avoids restarting the TCP session.

There is high memory consumption (1 route is 250 bytes) since
unmodified routes are stored locally.
Route Refresh Dynamically requests a peer to readvertise all prefixes
learned from the peer.

Route Dampening
Instability syndrome Benefits Inside AS Benefits Outside AS
To control instability classifies routes as behaved and ill-behaved. Unstable
routes are not advertised. Flapping causes a penalty, if above threshold then IBGP routing can be Prevents unstable EBGP routes
route is suppressed (and not injected on IGP). Two limits; reuse limit and destroyed by route flapping. from being propagated.
suppress limit.
 Marker

Common
Length
HEADER

Version
KEEP Type
ALIVE
Error
My AS Code

Hold BGP Error

OPEN NOTIF
TIme MESSAGES sub-code

Sender’s Diagnostic
BGP ID Data

Code
UPDATE
Optional
Capabilitis

Value

Unfeasibl Path
NLRI
Routes Atributes

Prepending CLUSTER LIST ORIGINATOR ID

EGP Inbound Traffic Inbound Traffic

Prefer Shortest Prefer lowest
Incm
IGP
plt

ORIGIN AS_PATH NEXT_HOP MED CLUSTER

Well known Optional

Mandatory
Non-Trans

Well known Optional

Discretionary Trans

AS_4PATH

ATOMIC
LOCAL_PREF AGGREGATR AS_SET AS_TRANS
AGGREGATE

AS4_AGGR
LOCAL Outbound
Traffic
Prefer highest

COMMUNITY EXTENSIONS
Negotiated via
BGP Capabilities
Multiprotocol for when peering is
BGP-4 set up
NO_EXPORT NO_ADVERTIZE

Route Refresh
Cap
 BGP TRUE facts

1. BGP version is specified in the OPEN message.

2. According to the BGP standard, BPG supports only policies that conform to the destination-based forwarding paradigm.
3. By default, a BGP speaker will not prepend its own AS number to the AS_PATH when announcing a route to an IBGP peer.
4. The AGGREGATOR attribute contains AS number and IP address of the BGP speaker that aggregates the prefix.
5. In the path filtering process, a regular expression ^2+_3 will match AS_PATH 22 3 4.
6. If IBGP peers in an AS are connected in a full mesh, you could safely turn off synchronization without creating loops inside the AS.
7. A route reflector can be used inside a sub-AS in a confederation.
8. BGP UPDATE messages are event-driven, not periodical.
9. BGP UPDATE message can be used to withdraw a route from a peer when a route becomes unreachable.
10. A BGP KEEPALIVE message consists of no BGP data besides the BGP header.
11. The ATOMIC_AGGREGATE attribute means that there is loss of information due to aggregation.
12. BGP uses the AS_PATH attribute to prevent loops between ASes.
13. LOCAL_PREF influences outgoing traffic.
14. MED value influences incoming traffic.
15. BGP is used to exchange routing information between ASes.
16. BGP can only support those policies conforming to the destination-based forwarding paradigm.
17. BGP is classified as a path vector protocol.
18. A BGP speaker will never re-advertise a route learned from an IBGP peer to another IBGP peer.
19. When a BGP speaker learns multiple routes to the same destination with the same attributes , it will prefer EBGP path to IBGP path.
20. In the Path filtering process ^3+ will match AS_PATH 333 222.
21. With network and redistribute commands the fluctuation of IGP routes will translate into fluctuation of BGP routes.
22. The ROUTE REFRESH message is used for requesting re-advertisement of routing updates from BGP peer.
23. Multihop EBGP is a term for a BGP session formed between external peers that are not physically connected.
24. A single-homed AS can default its traffic to the provider, since there is a single way out.
25. In the route filtering process, if there is no match for a certain route, that route will be dropped.
26. An AS can have both symmetrical and asymmetrical traffic.
27. Policy routing is used to controlling routes based on source or source and destination.
28. Route flap dampening and BGP route refresh are different mechanisms used for different purposes.
29. In route flat dampening, a penalized route will be usable again once the penalty is below reuse-limit.
30. When a route reflector receives a route from a non-client peer, the route will be reflected to the route reflector's clients only.
31. In a BGP confederation, sub-ASes will maintain the BGP attributes as normally maintained by IBGP.
32. In a BGP confederation, sub-ASes do not influence the overall AS_PATH length.
33. Inside a confederation, LOCAL_PREF attributes will be passed between ASes.

1. The three basic blocks of a BGP UPDATE message are Unreachable route, path attribute and NLRI.
2. MULTI_EXIT_DISC enters in the category of optional non-transitive attribute.
3. To establish a session with a provider without having an ASN, we can agree on a private ASN with the ISP.
4. To prevent network from becoming a transit AS when dual-homing, we should only advertise our locally originated prefixes to external peers.
5. Multiprotocol extensions in BGP-4 are used to carry routing information from multiple network layer protocols.
6. Three types of BGP filtering based on the info they filter: route f, path f and BGP community f.
7. Route dampening is a mechanism for controlling route instability by penalizing or suppressing ill behaved routes.
8. Full mesh of IBGP is needed because IBGP does not advertise routes learned from a IBGP peer to another.
9. By using NO-EXPORT attribute (in community), routes are not advertised further from our neighboring AS.
10. EBGP speakers prevent loops by using the list of ASes in the AS_PATH attribute of the UPDATE m, the receiver checks if its own ASN is on list.
11. Three well known mandatory BGP attributes are NEXT_HOP, ORIGIN, AS_PATH.
12. If no route in the IP routing table for NEXT_HOP address, the prefix will be added toBGPtable but won't be considered in the decision process.
13. A ROUTE_REFRESH message is used to request a peer to re-advertise its Adj-RIB-out.
14. The expression ^234$ will match all routes originated and received directly from 234.
15. BGP peer group can be used to improve BGP performance when some BGP neighbors share same UPDATES.
16. BGP assumes that there will be just one IP hop between two EBGP peers.
17. Symmetrical traffic means that traffic leaves and returns from the same given point.
18. BGP OPEN message is used to negotiate and select the hold time.
19. BGP prevents loops inside the AS by not advertising routes learned from IBGP to other IBGP peers.
20. In the wait state BGP waits for the TCP connection to be established.
21. If a BGP speaker receives a route with unsupported BGP community it will pass it along with attribute flag bit set to 1.
22. The expression 100$ will match all routes originated from AS 100.
23. Hot-potato routing is when you try to route the traffic out of your network (AS) as quickly as possible.
24. If all routers on an AS do not support flat dampening, route aggregation or static injection can be used to minimize route instability.