SlideShare une entreprise Scribd logo

BGP Protocol Makes the Internet Work

Télécharger en tant que DOCX, PDF
IT Tech
IT Tech

Bgp protocol makes the internet work

Technologie
1  sur  9
BGP Essentials: The Protocol that Makes the Internet Work Service providers working with IP networks are very clear that the Border Gateway Protocol (BGP) is the most complex and difficult to configure Internet protocol. Its emphasis on security and scalability makes it essential, however. This guide offers you a detailed look at how and why BGP-enabled routers in core networks exchange information securely with several hundred thousand IP prefixes, as well as simple and advanced approaches for troubleshooting connectivity problems. Introduction to Border Gateway Protocol (BGP) If you have to explain to someone new to the service provider environment what Border Gateway Protocol (BGP) is, the best definition would be that it's the routing protocol that makes the Internet work. As the address allocation in the Internet is nowhere nearly as hierarchical as the telephone dialing plan, most of the routers in the service provider core networks have to exchange information about several hundred thousand IP prefixes. BGP is still able to accomplish that task, which is a good proof that it's a highly scalable routing protocol. The Border Gateway Protocol routing information is usually exchanged between competing business entities -- Internet Service Providers (ISPs) -- in an open, hostile environment (public Internet). BGP is thus very security-focused (for example, all adjacent routers have to be configured manually), and decent BGP implementations provide a rich set of route filters to allow the ISPs to defend their networks and control what they advertise to their competitors. In BGP terminology, an independent routing domain (which almost always means an ISP) is called an autonomous system. BGP is always used as the routing protocol of choice between ISPs (external BGP) but also as the core routing protocol within large ISP networks (internal BGP). All other routing protocols are concerned solely with finding the optimal path toward all known destinations. BGP cannot take this simplistic approach because the peering agreements between ISPs almost always result in complex routing policies. To help network operators implement these policies, BGP carries a large number of attributes with each IP prefix, for example: AS path -- the complete path documenting which autonomous systems a packet would have to travel through to reach the destination. Local preference -- the "internal cost" of a destination, used to ensure AS-wide consistency. Multi-exit discriminator -- this attribute gives adjacent ISPs the ability to prefer one peering point over another. Communities -- a set of generic tags that can be used to signal various administrative policies between BGP routers.
As the focus of BGP design and implementation was always on security and scalability, it's harder to configure than other routing protocols, more complex (more so when you start configuring various routing policies), and one of the slowest converging routing protocols. The slow BGP convergence dictates a two-protocol design of an ISP network: An internal routing protocol (most often, OSPF or IS-IS) is used to achieve fast convergence for internal routes (including IP addresses of BGP routers). BGP is used to exchange Internet routes. A failure within the core network would thus be quickly bypassed thanks to fast convergence of OSPF or IS-IS, whereas BGP on top of an internal routing protocol would meet the scalability, security and policy requirements. Even more, if you migrate all your customer routes into BGP, the customer problems (for example, link flaps between your router and customer's router) will not affect the stability of your core network. Because of inherent BGP complexity, customers and small ISPs would deploy BGP only where needed, for example on peering points and a minimal subset of core routers (the ones between the peering points), as shown in the following diagram. The BGP-speaking routers would also have to generate a default route into the internal routing protocol to attract the traffic for Internet destinations not known to other routers in your network. As your ISP business grows, however, your customers will start requiring BGP connectivity (any customer who wants to achieve truly redundant Internet access has to have its own AS and exchange BGP information with its ISPs), and you'll be forced
to deploy BGP on more and more core and edge routers (see the following picture). It's therefore best that you include BGP on all core and major edge routers as part of your initial network design. Even though you might not deploy it everywhere with the initial network deployment, having a good blueprint will definitely help you when you have to scale the BGP-speaking part of your network. BGP requires a full mesh of internal BGP sessions (sessions between routers in the same autonomous system). You could use BGP route reflectors or BGP confederations to make your network scalable. There is also another excellent reason why you'd want to deploy BGP throughout your network: Novel network service, for example MPLS-based virtual private networks (VPNs), large-scale quality-of-service deployments, or large-scale differentiated Web caching implementations rely on BGP to transport the information they need. BGP troubleshooting: Simple Approach Border Gateway Protocol (BGP) is without doubt the most complex IP routing protocol currently deployed in the Internet. Its complexity is primarily due to its focus on security and routing policies – BGP is used to exchange cooperative information (Internet routes) between otherwise competing entities (service providers) and has to be able to implement whatever has been agreed upon in the inter-provider peering agreements. (These agreements often have little to do with technically optimum solutions.) However, a structured approach to BGP troubleshooting, as illustrated in this and the next section can quickly lead you from initial problem diagnosis to the solution. Here we focus on a simple scenario with a single BGP-speaking router in your network (see
the following diagram). Similar designs are commonly used by multi-homed customers and small Internet service providers (ISPs) that do not offer BGP connectivity to their customers. Is it a BGP problem? Before jumping into BGP troubleshooting, you have to identify the source of the connectivity problem you're debugging (usually you suspect that BGP might be involved if one of your customers reports limited or no Internet connectivity beyond your network). Perform a traceroute from a workstation on the problematic LAN; if the trace reaches the first BGP-speaking router (or, even better, gets beyond the edge of your network) router, you're probably dealing with a BGP issue. Otherwise, check whether the BGP-speaking router advertises a default route into your network (without a default route, other routers in your network cannot reach the Internet destinations). If you don't have access to a LAN-attached workstation, you can perform the traceroute from the customer premises router, but you have to ensure that the source IP address used in the trace route packets is the router's LAN address. Troubleshooting BGP adjacencies BGP has to establish TCP session between adjacent BGP routers before they can exchange routes. The first check is thus the status of the BGP sessions between the routers. The BGP neighbors are configured manually, and the two most probable configuration errors are: Neighbor IP address mismatch: The destination IP address configured on one BGP neighbor has to match the source IP address (or the IP address of the directly connected interface) configured on the other. AS number mismatch: The neighbor AS number configured on one side of the BGP session has to match the actual BGP AS number used by the neighbor. You could also have a problem with packet filters deployed on the BGP-speaking router. These filters have to allow packets to and from TCP port 179. Troubleshooting Route Propagation If your users want to receive traffic from the Internet, the IP prefix assigned to your network must be visible throughout the Internet. To get there, three steps are needed: Your BGP router must insert your IP prefix into its BGP table.
The IP prefix must be advertised to its BGP neighbors. The IP prefix must be propagated throughout the Internet. Is The Route inserted into BGP? Most routing protocols automatically insert directly connected IP subnets into their routing tables (or databases). Owing to security requirements, BGP is an exception; it will originate an IP prefix only if it's manually configured to do so (for example, Cisco routers use the network statement to configure advertised IP prefixes). Another option is route redistribution, which is highly discouraged in the Internet environment. Furthermore, to avoid attracting unroutable traffic, BGP will announce a configured IP prefix only if there's a matching route in the IP routing table. You could generate the matching IP route through route summarization, but it's usually best to configure a static route pointing to a null interface (or its equivalent). To check whether your IP prefix is in your BGP routing table, use a BGP show command (for example, show ip bgp prefix mask on a Cisco router). Is the Route Advertised to Your Neighbors? By default, all IP prefixes residing in the BGP table are announced to all BGP neighbors. Owing to security and routing policy requirements, the default behavior is usually modified with a set of output and input filters. If you have applied output filters toward your BGP neighbors, you have to check whether these filters allow your IP prefix to be propagated to the external BGP neighbors. The command to display routes advertised to a BGP neighbor on a Cisco router is show ip bgp neighbor ip-address advertised. Is the route visible throughout the Internet? Even if you've successfully announced your IP prefix to your BGP neighbors, it might still not be propagated throughout the Internet. It's hard to figure out exactly what's propagated beyond the boundaries of your network; the tools that can help you are called BGP looking glasses. Using these tools, you can inspect BGP tables at various points throughout the Internet and check whether your IP prefix has made it to those destinations. There are a few factors that could cause your IP prefix to be blocked somewhere in the Internet. The most common one is BGP route flap dampening: If an IP prefix flaps (disappears and reappears) too often in a short period of time -- for example, you clear your BGP sessions or change your BGP configuration -- the prefix gets blocked for an extended period of time (by default, up to an hour). If your IP prefix is dampened, there's nothing you can do except wait it out. You could also have an invalid (or missing) entry in IP routing registries, or there may be inbound filters at one of the upstream ISPs. In all these cases, it's best if your upstream ISP can help
you resolve the problem (which is, at this point, beyond the scope of technical BGP troubleshooting). BGP Troubleshooting: Advanced Approach In the previous section of this e-guide we addressed some basic BGP troubleshooting skills: How to identify whether a routing problem is a BGP problem, How to troubleshoot BGP sessions, How to troubleshoot IP route origination and propagation. Now let's we focus on a more advanced scenario: transit Internet service provider (ISP) networks (see the next diagram). NOTE: Before reading this section, make sure you've read section and two to become familiar with basic Border Gateway Protocol technology as well as simple BGP troubleshooting. To establish end-to-end connectivity across a service provider network, the ISP has to receive customers' IP prefixes via BGP and announce them to other ISPs. The same process has to happen in reverse direction (or at least the default route has to be announced to the customer). The network-wide BGP troubleshooting is thus composed of three steps: Have we received the prefix? Is the prefix propagated across our network? Is the prefix sent to external BGP neighbors at the other edge of the network? Have We Received the Prefix? Troubleshooting inbound BGP problems is the toughest part of BGP troubleshooting you'll encounter. There are two potential reasons that an IP prefix is not in your BGP table as you would expect it to be: The neighbor is not sending the prefix. Your inbound filters are blocking the prefix.
The only tool that can help you identify the problem is the debugging facility on your edge router (as you normally don't have access to the other BGP neighbor). When doing BGP debugging, be aware that a BGP neighbor can send you several hundred thousand routes, so you have to ensure that the debugging output produced by the troubleshooting session does not overwhelm the router. Furthermore, the BGP prefixes are sent only when they change, not on a periodic basis (like RIP updates or OSPF LSA floods). Your debugging tool will thus not show you an IP prefix until it has actually changed (or you've cleared the BGP session with your neighbor). Some BGP routers have the ability to store a separate copy of all routes sent by a neighbor into a parallel BGP table. (To enable this functionality on Cisco IOS, you have to configuresoft-reconfiguration in for a BGP neighbor.) With the parallel per-neighbor table, you can exactly pinpoint what the neighbor has sent you (the content of the parallel table) and what routes have passed your input filters (the contents of the main BGP table), but of course the parallel per-neighbor table consumes a large amount of memory. Is the Prefix Propagated Across Our Network? Even when an edge router receives an IP prefix via BGP, it may not be propagated to the other end of your network. To start with, internal BGP (BGP within a single autonomous system) requires a full mesh of BGP sessions among all BGP routers. As every router between every pair of edge routers has to run BGP (otherwise the traffic could be dropped inside your network), the number of BGP sessions could become excessively large. (The next diagram illustrates the BGP sessions needed in a small four-router network.) There are two tools (BGP route reflectors and BGP confederations) that can help you keep the number of BGP sessions to a sensible level, with BGP route reflectors being the most commonly used. The BGP route reflector rules are quite simple: Whatever is received from a route-reflector client or an external BGP peer will
be sent to every other BGP peer. Whatever is received from a router that is not a route-reflector client will be sent only to clients and external BGP peers? With these rules in hand, you have to step through the graph of BGP sessions in your network, checking every BGP router on the way and ensuring that the route reflector rules are not violated (and that, using the rules, the BGP prefixes get from every edge router to all other routers). There is another common reason an IP prefix is not propagated across your network: The external subnets on the edge of your network are not advertised to your core routers. The IP address of the next-hop router is not changed when an IP prefix is sent to an internal BGP neighbor. The IP next-hop of an external route is thus always the IP address of a routerone hop beyond the edge of your autonomous system. The IP subnets connecting your edge routers to their external neighbors thus have to be inserted into your internal routing protocol (for example, OSPF or IS-IS), otherwise some internal BGP router will decide that the BGP next-hop is not reachable and ignore the IP prefix. (It will appear in the BGP table but will not be used or propagated to other BGP peers.) Is the Prefix Sent to External Neighbors? As the last step in troubleshooting BGP route propagation, you have to check whether the IP prefixes transported across your network are announced to your external BGP peers. The techniques for troubleshooting outbound BGP route propagation are explained in the Border Gateway Protocol (BGP) troubleshooting: Simple approach article. Is the Traffic Traversing the Network? Even if your BGP route propagation works flawlessly, the IP packets may not be able to traverse your network. (Remember, we're talking about pure IP networks here; things change a bit if you add MPLS to the mix.) The most common cause of a "black hole" in your network is a router in the transit path that does not run BGP and consequently has no idea how to route the received IP packet toward the destination network. IP routing works hop by hop. Even though the ingress edge router knows exactly which egress edge router to use and how to get there, it cannot pass that information to the intermediate routers. All of them must therefore run BGP as well. To identify a black hole in your network, perform a traceroute from your customer's network to a destination in the Internet. The last router responding to the traceroute is one hop before the black hole.
Even though all core routers in your network have to run BGP, the internal BGP sessions don't have to follow the physical structure of the network. For example, you could have a few central routers acting as BGP route reflectors for all BGP routers in your network. ---http://searchtelecom.techtarget.com/feature/BGP-essentials-The-protocol-that-m akes-the-Internet-work#simple What is BGP? (Border Gateway Protocol) BGP is a protocol for exchanging routing information between gatewayhosts (each with its ownrouter) in a network ofautonomous systems. BGP is often the protocol used between gateway hosts on the Internet. The routing table contains a list of known routers, the addresses they can reach, and a cost metricassociated with the path to each router so that the best available route is chosen. Hosts using BGP communicate using the Transmission Control Protocol (TCP) and send updated router table information only when one host has detected a change. Only the affected part of the routing table is sent. BGP-4, the latest version, lets administrators’ configure cost metrics based on policy statements. (BGP-4 is sometimes called BGP4, without the hyphen.) BGP communicates with autonomous (local) networks using Internal BGP (IBGP) since it doesn't work well with IGP. The routers inside the autonomous network thus maintain two routing tables: one for the interior gateway protocol and one for IBGP. BGP-4 makes it easy to use Classless Inter-Domain Routing (CIDR), which is a way to have more addresses within the network than with the current IP addressassignment scheme. BGP is a more recent protocol than the Exterior Gateway Protocol (EGP). Also see the Interior Gateway Protocol (IGP) and the Open Shortest Path First (OSPF) interior gateway protocol. More Related Cisco and Network Tutorials: BGP Protocol is Essential in Your IP Network BGP Routing Protocol Tips You Need to Know

Recommandé

SGNOG2 - Using communities for multihoming ISP workshop
SGNOG2 - Using communities for multihoming ISP workshopSGNOG2 - Using communities for multihoming ISP workshop
SGNOG2 - Using communities for multihoming ISP workshop
APNIC
 
CCNP Route 642 902 BGP
CCNP Route 642 902 BGPCCNP Route 642 902 BGP
CCNP Route 642 902 BGP
IT Tech
 
B G P Part2
B G P Part2B G P Part2
B G P Part2
cisconetworker
 
Bgp (1)
Bgp (1)Bgp (1)
Bgp (1)
Vamsidhar Naidu
 
An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)
Jasim Alam
 
Study Notes BGP Exam
Study Notes BGP ExamStudy Notes BGP Exam
Study Notes BGP Exam
Duane Bodle
 
Bgp training
Bgp trainingBgp training
Bgp training
Aun Haider
 
BGP
BGPBGP
BGP
Anıl Alibeyoğlu
 

Recommandé

SGNOG2 - Using communities for multihoming ISP workshop
SGNOG2 - Using communities for multihoming ISP workshopSGNOG2 - Using communities for multihoming ISP workshop
SGNOG2 - Using communities for multihoming ISP workshop
APNIC
 
CCNP Route 642 902 BGP
CCNP Route 642 902 BGPCCNP Route 642 902 BGP
CCNP Route 642 902 BGP
IT Tech
 
B G P Part2
B G P Part2B G P Part2
B G P Part2
cisconetworker
 
Bgp (1)
Bgp (1)Bgp (1)
Bgp (1)
Vamsidhar Naidu
 
An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)
Jasim Alam
 
Study Notes BGP Exam
Study Notes BGP ExamStudy Notes BGP Exam
Study Notes BGP Exam
Duane Bodle
 
Bgp training
Bgp trainingBgp training
Bgp training
Aun Haider
 
BGP
BGPBGP
BGP
Anıl Alibeyoğlu
 
Bigbgp
BigbgpBigbgp
Bigbgp
tushar sharda
 
Cube2012 scaling service provider backbone using bgp confederations for next ...
Cube2012 scaling service provider backbone using bgp confederations for next ...Cube2012 scaling service provider backbone using bgp confederations for next ...
Cube2012 scaling service provider backbone using bgp confederations for next ...
Ashish Tanwer
 
Border gateway protocol
Border gateway protocolBorder gateway protocol
Border gateway protocol
azlerabby
 
BGP Overview
BGP OverviewBGP Overview
BGP Overview
Matt Bynum
 
BGP
BGPBGP
BGP
Yogeshwar Kulkarni
 
Module 05 mobility management (1)
Module 05 mobility management (1)Module 05 mobility management (1)
Module 05 mobility management (1)
JIGNESH PATEL
 
Технологии построения крупных сетей
Технологии построения крупных сетейТехнологии построения крупных сетей
Технологии построения крупных сетей
SkillFactory
 
Implementing Internet and MPLS BGP
Implementing Internet and MPLS BGPImplementing Internet and MPLS BGP
Implementing Internet and MPLS BGP
Private
 
Border gateway protocol
Border gateway protocolBorder gateway protocol
Border gateway protocol
sahilnarvekar
 
The Private Mobile Network Gsm Solution
The Private Mobile Network Gsm SolutionThe Private Mobile Network Gsm Solution
The Private Mobile Network Gsm Solution
Right ToSpectrum
 
Cisco BGP Exam 642-661 Review Notes
Cisco BGP Exam 642-661 Review NotesCisco BGP Exam 642-661 Review Notes
Cisco BGP Exam 642-661 Review Notes
Duane Bodle
 
ENCAPSULATION AND TUNNELING
ENCAPSULATION AND TUNNELINGENCAPSULATION AND TUNNELING
ENCAPSULATION AND TUNNELING
Mohammad Adil
 
Troubleshooting BGP
Troubleshooting BGPTroubleshooting BGP
Troubleshooting BGP
Duane Bodle
 
Lec7
Lec7Lec7
Lec7
Sanjeeva Perera
 
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 2611 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
legasu zemene
 
Mobileip 161105154557
Mobileip 161105154557Mobileip 161105154557
Mobileip 161105154557
balaji raja rajan Venkatachalam
 
Mobile IP
Mobile IPMobile IP
Mobile IP
nayakslideshare
 
Mobile IP
Mobile IPMobile IP
Mobile IP
Nijo Job
 
Mobile network layer
Mobile network layerMobile network layer
Mobile network layer
Vikram Nandini
 
Nagios
NagiosNagios
Nagios
charlielefebvre14
 
Cisco switch selector layer2 or layer3
Cisco switch selector layer2 or layer3Cisco switch selector layer2 or layer3
Cisco switch selector layer2 or layer3
IT Tech
 
Ordering guide for cisco isr g2
Ordering guide for cisco isr g2Ordering guide for cisco isr g2
Ordering guide for cisco isr g2
IT Tech
 

Contenu connexe

Tendances

Cube2012 scaling service provider backbone using bgp confederations for next ...
Cube2012 scaling service provider backbone using bgp confederations for next ...Cube2012 scaling service provider backbone using bgp confederations for next ...
Cube2012 scaling service provider backbone using bgp confederations for next ...
Ashish Tanwer
 
ENCAPSULATION AND TUNNELING
ENCAPSULATION AND TUNNELINGENCAPSULATION AND TUNNELING
ENCAPSULATION AND TUNNELING
Mohammad Adil
 
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 2611 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
legasu zemene
 

Tendances (19)

Bigbgp
BigbgpBigbgp
Bigbgp
 
Cube2012 scaling service provider backbone using bgp confederations for next ...
Cube2012 scaling service provider backbone using bgp confederations for next ...Cube2012 scaling service provider backbone using bgp confederations for next ...
Cube2012 scaling service provider backbone using bgp confederations for next ...
 
Border gateway protocol
Border gateway protocolBorder gateway protocol
Border gateway protocol
 
BGP Overview
BGP OverviewBGP Overview
BGP Overview
 
BGP
BGPBGP
BGP
 
Module 05 mobility management (1)
Module 05 mobility management (1)Module 05 mobility management (1)
Module 05 mobility management (1)
 
Технологии построения крупных сетей
Технологии построения крупных сетейТехнологии построения крупных сетей
Технологии построения крупных сетей
 
Implementing Internet and MPLS BGP
Implementing Internet and MPLS BGPImplementing Internet and MPLS BGP
Implementing Internet and MPLS BGP
 
Border gateway protocol
Border gateway protocolBorder gateway protocol
Border gateway protocol
 
The Private Mobile Network Gsm Solution
The Private Mobile Network Gsm SolutionThe Private Mobile Network Gsm Solution
The Private Mobile Network Gsm Solution
 
Cisco BGP Exam 642-661 Review Notes
Cisco BGP Exam 642-661 Review NotesCisco BGP Exam 642-661 Review Notes
Cisco BGP Exam 642-661 Review Notes
 
ENCAPSULATION AND TUNNELING
ENCAPSULATION AND TUNNELINGENCAPSULATION AND TUNNELING
ENCAPSULATION AND TUNNELING
 
Troubleshooting BGP
Troubleshooting BGPTroubleshooting BGP
Troubleshooting BGP
 
Lec7
Lec7Lec7
Lec7
 
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 2611 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
 
Mobileip 161105154557
Mobileip 161105154557Mobileip 161105154557
Mobileip 161105154557
 
Mobile IP
Mobile IPMobile IP
Mobile IP
 
Mobile IP
Mobile IPMobile IP
Mobile IP
 
Mobile network layer
Mobile network layerMobile network layer
Mobile network layer
 

En vedette

5. mrtg in nagios1 0
5. mrtg in nagios1 05. mrtg in nagios1 0
5. mrtg in nagios1 0
aqpjuan
 
Plugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlowPlugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlow
NetFlow Analyzer
 

En vedette (18)

Nagios
NagiosNagios
Nagios
 
Cisco switch selector layer2 or layer3
Cisco switch selector layer2 or layer3Cisco switch selector layer2 or layer3
Cisco switch selector layer2 or layer3
 
Ordering guide for cisco isr g2
Ordering guide for cisco isr g2Ordering guide for cisco isr g2
Ordering guide for cisco isr g2
 
The feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 modelsThe feature licenses available for main cisco asa 5500 models
The feature licenses available for main cisco asa 5500 models
 
How to configure flexible netflow export on cisco routers
How to configure flexible netflow export on cisco routersHow to configure flexible netflow export on cisco routers
How to configure flexible netflow export on cisco routers
 
Network protocols
Network protocolsNetwork protocols
Network protocols
 
5. mrtg in nagios1 0
5. mrtg in nagios1 05. mrtg in nagios1 0
5. mrtg in nagios1 0
 
How to configure Nagios in Fedora ?
How to configure Nagios in Fedora ?How to configure Nagios in Fedora ?
How to configure Nagios in Fedora ?
 
Computer repair -_a_complete_illustrated_guide_to_pc_hardware
Computer repair -_a_complete_illustrated_guide_to_pc_hardwareComputer repair -_a_complete_illustrated_guide_to_pc_hardware
Computer repair -_a_complete_illustrated_guide_to_pc_hardware
 
GTU PHP Project Training Guidelines
GTU PHP Project Training GuidelinesGTU PHP Project Training Guidelines
GTU PHP Project Training Guidelines
 
Nagios nrpe
Nagios nrpeNagios nrpe
Nagios nrpe
 
Plugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlowPlugging Network Security Holes Using NetFlow
Plugging Network Security Holes Using NetFlow
 
Licensing on Cisco 2960, 3560X and 3750X...
Licensing on Cisco 2960, 3560X and 3750X...Licensing on Cisco 2960, 3560X and 3750X...
Licensing on Cisco 2960, 3560X and 3750X...
 
How to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco RoutersHow to Configure NetFlow v5 & v9 on Cisco Routers
How to Configure NetFlow v5 & v9 on Cisco Routers
 
Central management of network and call services
Central management of network and call servicesCentral management of network and call services
Central management of network and call services
 
Line cards that are available for cisco catalyst 4500 series switches
Line cards that are available for cisco catalyst 4500 series switchesLine cards that are available for cisco catalyst 4500 series switches
Line cards that are available for cisco catalyst 4500 series switches
 
Packet Tracer: SNMP, Netflow, Sys-log
Packet Tracer: SNMP, Netflow, Sys-logPacket Tracer: SNMP, Netflow, Sys-log
Packet Tracer: SNMP, Netflow, Sys-log
 
Netflow slides
Netflow slidesNetflow slides
Netflow slides
 

Similaire à BGP Protocol Makes the Internet Work

Border Gateway Protocol
Border Gateway ProtocolBorder Gateway Protocol
Border Gateway Protocol
Kashif Latif
 
routing Protocols and Virtual private network
routing Protocols and Virtual private networkrouting Protocols and Virtual private network
routing Protocols and Virtual private network
hayenas
 
T4 Handout3
T4 Handout3T4 Handout3
T4 Handout3
gobed
 
Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...
Ashish Tanwer
 
BIGP- A New Single Protocol that can work as an IGP (Interior Gateway Protoco...
BIGP- A New Single Protocol that can work as an IGP (Interior Gateway Protoco...BIGP- A New Single Protocol that can work as an IGP (Interior Gateway Protoco...
BIGP- A New Single Protocol that can work as an IGP (Interior Gateway Protoco...
IJORCS
 

Similaire à BGP Protocol Makes the Internet Work (20)

Part1
Part1Part1
Part1
 
CCNP ROUTE V7 CH7
CCNP ROUTE V7 CH7CCNP ROUTE V7 CH7
CCNP ROUTE V7 CH7
 
BGP (border gateway routing protocol)
BGP (border gateway routing protocol)BGP (border gateway routing protocol)
BGP (border gateway routing protocol)
 
ION Bangladesh - Secure BGP and Operational Report of Bangladesh
ION Bangladesh - Secure BGP and Operational Report of BangladeshION Bangladesh - Secure BGP and Operational Report of Bangladesh
ION Bangladesh - Secure BGP and Operational Report of Bangladesh
 
Cisco ccnp 642-902 practice tests for quick preparation
Cisco ccnp 642-902 practice tests for quick preparationCisco ccnp 642-902 practice tests for quick preparation
Cisco ccnp 642-902 practice tests for quick preparation
 
Border Gateway Protocol
Border Gateway ProtocolBorder Gateway Protocol
Border Gateway Protocol
 
routing Protocols and Virtual private network
routing Protocols and Virtual private networkrouting Protocols and Virtual private network
routing Protocols and Virtual private network
 
T4 Handout3
T4 Handout3T4 Handout3
T4 Handout3
 
Secure BGP and Operational Report of Bangladesh
Secure BGP and Operational Report of BangladeshSecure BGP and Operational Report of Bangladesh
Secure BGP and Operational Report of Bangladesh
 
Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...Cube2012 high capacity service provider design using gpmls for ip next genera...
Cube2012 high capacity service provider design using gpmls for ip next genera...
 
Bigbgp (1)
Bigbgp (1)Bigbgp (1)
Bigbgp (1)
 
BGP
BGP BGP
BGP
 
Routing Protocols
Routing ProtocolsRouting Protocols
Routing Protocols
 
CCCNP ROUTE v6_ch06
CCCNP ROUTE v6_ch06CCCNP ROUTE v6_ch06
CCCNP ROUTE v6_ch06
 
BORDER GATEWAY PROTOCOL
BORDER GATEWAY PROTOCOLBORDER GATEWAY PROTOCOL
BORDER GATEWAY PROTOCOL
 
BGP-EDS Presentation
BGP-EDS Presentation BGP-EDS Presentation
BGP-EDS Presentation
 
Bgp Toc
Bgp TocBgp Toc
Bgp Toc
 
BIGP- A New Single Protocol that can work as an IGP (Interior Gateway Protoco...
BIGP- A New Single Protocol that can work as an IGP (Interior Gateway Protoco...BIGP- A New Single Protocol that can work as an IGP (Interior Gateway Protoco...
BIGP- A New Single Protocol that can work as an IGP (Interior Gateway Protoco...
 
Who are the INTERNET SERVICE PROVIDERS?
Who are the INTERNET SERVICE PROVIDERS?Who are the INTERNET SERVICE PROVIDERS?
Who are the INTERNET SERVICE PROVIDERS?
 
Using BGP To Manage Dual Internet Connections
Using BGP To Manage Dual Internet ConnectionsUsing BGP To Manage Dual Internet Connections
Using BGP To Manage Dual Internet Connections
 

Plus de IT Tech

Plus de IT Tech (20)

Cisco ip phone key expansion module setup
Cisco ip phone key expansion module setupCisco ip phone key expansion module setup
Cisco ip phone key expansion module setup
 
Cisco catalyst 9200 series platform spec, licenses, transition guide
Cisco catalyst 9200 series platform spec, licenses, transition guideCisco catalyst 9200 series platform spec, licenses, transition guide
Cisco catalyst 9200 series platform spec, licenses, transition guide
 
Cisco isr 900 series highlights, platform specs, licenses, transition guide
Cisco isr 900 series highlights, platform specs, licenses, transition guideCisco isr 900 series highlights, platform specs, licenses, transition guide
Cisco isr 900 series highlights, platform specs, licenses, transition guide
 
Hpe pro liant gen9 to gen10 server transition guide
Hpe pro liant gen9 to gen10 server transition guideHpe pro liant gen9 to gen10 server transition guide
Hpe pro liant gen9 to gen10 server transition guide
 
The new cisco isr 4461 faq
The new cisco isr 4461 faqThe new cisco isr 4461 faq
The new cisco isr 4461 faq
 
New nexus 400 gigabit ethernet (400 g) switches
New nexus 400 gigabit ethernet (400 g) switchesNew nexus 400 gigabit ethernet (400 g) switches
New nexus 400 gigabit ethernet (400 g) switches
 
Tested cisco isr 1100 delivers the richest set of wi-fi features
Tested cisco isr 1100 delivers the richest set of wi-fi featuresTested cisco isr 1100 delivers the richest set of wi-fi features
Tested cisco isr 1100 delivers the richest set of wi-fi features
 
Aruba campus and branch switching solution
Aruba campus and branch switching solutionAruba campus and branch switching solution
Aruba campus and branch switching solution
 
Cisco transceiver module for compatible catalyst switches
Cisco transceiver module for compatible catalyst switchesCisco transceiver module for compatible catalyst switches
Cisco transceiver module for compatible catalyst switches
 
Cisco ios on cisco catalyst switches
Cisco ios on cisco catalyst switchesCisco ios on cisco catalyst switches
Cisco ios on cisco catalyst switches
 
Cisco's wireless solutions deployment modes
Cisco's wireless solutions deployment modesCisco's wireless solutions deployment modes
Cisco's wireless solutions deployment modes
 
Competitive switching comparison cisco vs. hpe aruba vs. huawei vs. dell
Competitive switching comparison cisco vs. hpe aruba vs. huawei vs. dellCompetitive switching comparison cisco vs. hpe aruba vs. huawei vs. dell
Competitive switching comparison cisco vs. hpe aruba vs. huawei vs. dell
 
Four reasons to consider the all in-one isr 1000
Four reasons to consider the all in-one isr 1000Four reasons to consider the all in-one isr 1000
Four reasons to consider the all in-one isr 1000
 
The difference between yellow and white labeled ports on a nexus 2300 series fex
The difference between yellow and white labeled ports on a nexus 2300 series fexThe difference between yellow and white labeled ports on a nexus 2300 series fex
The difference between yellow and white labeled ports on a nexus 2300 series fex
 
Cisco transceiver modules for compatible cisco switches series
Cisco transceiver modules for compatible cisco switches seriesCisco transceiver modules for compatible cisco switches series
Cisco transceiver modules for compatible cisco switches series
 
Guide to the new cisco firepower 2100 series
Guide to the new cisco firepower 2100 seriesGuide to the new cisco firepower 2100 series
Guide to the new cisco firepower 2100 series
 
892 f sfp configuration example
892 f sfp configuration example892 f sfp configuration example
892 f sfp configuration example
 
Cisco nexus 7000 and nexus 7700
Cisco nexus 7000 and nexus 7700Cisco nexus 7000 and nexus 7700
Cisco nexus 7000 and nexus 7700
 
Cisco firepower ngips series migration options
Cisco firepower ngips series migration optionsCisco firepower ngips series migration options
Cisco firepower ngips series migration options
 
Eol transceiver to replacement model
Eol transceiver to replacement modelEol transceiver to replacement model
Eol transceiver to replacement model
 

Dernier

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Dernier (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 

BGP Protocol Makes the Internet Work

  • 1. BGP Essentials: The Protocol that Makes the Internet Work Service providers working with IP networks are very clear that the Border Gateway Protocol (BGP) is the most complex and difficult to configure Internet protocol. Its emphasis on security and scalability makes it essential, however. This guide offers you a detailed look at how and why BGP-enabled routers in core networks exchange information securely with several hundred thousand IP prefixes, as well as simple and advanced approaches for troubleshooting connectivity problems. Introduction to Border Gateway Protocol (BGP) If you have to explain to someone new to the service provider environment what Border Gateway Protocol (BGP) is, the best definition would be that it's the routing protocol that makes the Internet work. As the address allocation in the Internet is nowhere nearly as hierarchical as the telephone dialing plan, most of the routers in the service provider core networks have to exchange information about several hundred thousand IP prefixes. BGP is still able to accomplish that task, which is a good proof that it's a highly scalable routing protocol. The Border Gateway Protocol routing information is usually exchanged between competing business entities -- Internet Service Providers (ISPs) -- in an open, hostile environment (public Internet). BGP is thus very security-focused (for example, all adjacent routers have to be configured manually), and decent BGP implementations provide a rich set of route filters to allow the ISPs to defend their networks and control what they advertise to their competitors. In BGP terminology, an independent routing domain (which almost always means an ISP) is called an autonomous system. BGP is always used as the routing protocol of choice between ISPs (external BGP) but also as the core routing protocol within large ISP networks (internal BGP). All other routing protocols are concerned solely with finding the optimal path toward all known destinations. BGP cannot take this simplistic approach because the peering agreements between ISPs almost always result in complex routing policies. To help network operators implement these policies, BGP carries a large number of attributes with each IP prefix, for example: AS path -- the complete path documenting which autonomous systems a packet would have to travel through to reach the destination. Local preference -- the "internal cost" of a destination, used to ensure AS-wide consistency. Multi-exit discriminator -- this attribute gives adjacent ISPs the ability to prefer one peering point over another. Communities -- a set of generic tags that can be used to signal various administrative policies between BGP routers.
  • 2. As the focus of BGP design and implementation was always on security and scalability, it's harder to configure than other routing protocols, more complex (more so when you start configuring various routing policies), and one of the slowest converging routing protocols. The slow BGP convergence dictates a two-protocol design of an ISP network: An internal routing protocol (most often, OSPF or IS-IS) is used to achieve fast convergence for internal routes (including IP addresses of BGP routers). BGP is used to exchange Internet routes. A failure within the core network would thus be quickly bypassed thanks to fast convergence of OSPF or IS-IS, whereas BGP on top of an internal routing protocol would meet the scalability, security and policy requirements. Even more, if you migrate all your customer routes into BGP, the customer problems (for example, link flaps between your router and customer's router) will not affect the stability of your core network. Because of inherent BGP complexity, customers and small ISPs would deploy BGP only where needed, for example on peering points and a minimal subset of core routers (the ones between the peering points), as shown in the following diagram. The BGP-speaking routers would also have to generate a default route into the internal routing protocol to attract the traffic for Internet destinations not known to other routers in your network. As your ISP business grows, however, your customers will start requiring BGP connectivity (any customer who wants to achieve truly redundant Internet access has to have its own AS and exchange BGP information with its ISPs), and you'll be forced
  • 3. to deploy BGP on more and more core and edge routers (see the following picture). It's therefore best that you include BGP on all core and major edge routers as part of your initial network design. Even though you might not deploy it everywhere with the initial network deployment, having a good blueprint will definitely help you when you have to scale the BGP-speaking part of your network. BGP requires a full mesh of internal BGP sessions (sessions between routers in the same autonomous system). You could use BGP route reflectors or BGP confederations to make your network scalable. There is also another excellent reason why you'd want to deploy BGP throughout your network: Novel network service, for example MPLS-based virtual private networks (VPNs), large-scale quality-of-service deployments, or large-scale differentiated Web caching implementations rely on BGP to transport the information they need. BGP troubleshooting: Simple Approach Border Gateway Protocol (BGP) is without doubt the most complex IP routing protocol currently deployed in the Internet. Its complexity is primarily due to its focus on security and routing policies – BGP is used to exchange cooperative information (Internet routes) between otherwise competing entities (service providers) and has to be able to implement whatever has been agreed upon in the inter-provider peering agreements. (These agreements often have little to do with technically optimum solutions.) However, a structured approach to BGP troubleshooting, as illustrated in this and the next section can quickly lead you from initial problem diagnosis to the solution. Here we focus on a simple scenario with a single BGP-speaking router in your network (see
  • 4. the following diagram). Similar designs are commonly used by multi-homed customers and small Internet service providers (ISPs) that do not offer BGP connectivity to their customers. Is it a BGP problem? Before jumping into BGP troubleshooting, you have to identify the source of the connectivity problem you're debugging (usually you suspect that BGP might be involved if one of your customers reports limited or no Internet connectivity beyond your network). Perform a traceroute from a workstation on the problematic LAN; if the trace reaches the first BGP-speaking router (or, even better, gets beyond the edge of your network) router, you're probably dealing with a BGP issue. Otherwise, check whether the BGP-speaking router advertises a default route into your network (without a default route, other routers in your network cannot reach the Internet destinations). If you don't have access to a LAN-attached workstation, you can perform the traceroute from the customer premises router, but you have to ensure that the source IP address used in the trace route packets is the router's LAN address. Troubleshooting BGP adjacencies BGP has to establish TCP session between adjacent BGP routers before they can exchange routes. The first check is thus the status of the BGP sessions between the routers. The BGP neighbors are configured manually, and the two most probable configuration errors are: Neighbor IP address mismatch: The destination IP address configured on one BGP neighbor has to match the source IP address (or the IP address of the directly connected interface) configured on the other. AS number mismatch: The neighbor AS number configured on one side of the BGP session has to match the actual BGP AS number used by the neighbor. You could also have a problem with packet filters deployed on the BGP-speaking router. These filters have to allow packets to and from TCP port 179. Troubleshooting Route Propagation If your users want to receive traffic from the Internet, the IP prefix assigned to your network must be visible throughout the Internet. To get there, three steps are needed: Your BGP router must insert your IP prefix into its BGP table.
  • 5. The IP prefix must be advertised to its BGP neighbors. The IP prefix must be propagated throughout the Internet. Is The Route inserted into BGP? Most routing protocols automatically insert directly connected IP subnets into their routing tables (or databases). Owing to security requirements, BGP is an exception; it will originate an IP prefix only if it's manually configured to do so (for example, Cisco routers use the network statement to configure advertised IP prefixes). Another option is route redistribution, which is highly discouraged in the Internet environment. Furthermore, to avoid attracting unroutable traffic, BGP will announce a configured IP prefix only if there's a matching route in the IP routing table. You could generate the matching IP route through route summarization, but it's usually best to configure a static route pointing to a null interface (or its equivalent). To check whether your IP prefix is in your BGP routing table, use a BGP show command (for example, show ip bgp prefix mask on a Cisco router). Is the Route Advertised to Your Neighbors? By default, all IP prefixes residing in the BGP table are announced to all BGP neighbors. Owing to security and routing policy requirements, the default behavior is usually modified with a set of output and input filters. If you have applied output filters toward your BGP neighbors, you have to check whether these filters allow your IP prefix to be propagated to the external BGP neighbors. The command to display routes advertised to a BGP neighbor on a Cisco router is show ip bgp neighbor ip-address advertised. Is the route visible throughout the Internet? Even if you've successfully announced your IP prefix to your BGP neighbors, it might still not be propagated throughout the Internet. It's hard to figure out exactly what's propagated beyond the boundaries of your network; the tools that can help you are called BGP looking glasses. Using these tools, you can inspect BGP tables at various points throughout the Internet and check whether your IP prefix has made it to those destinations. There are a few factors that could cause your IP prefix to be blocked somewhere in the Internet. The most common one is BGP route flap dampening: If an IP prefix flaps (disappears and reappears) too often in a short period of time -- for example, you clear your BGP sessions or change your BGP configuration -- the prefix gets blocked for an extended period of time (by default, up to an hour). If your IP prefix is dampened, there's nothing you can do except wait it out. You could also have an invalid (or missing) entry in IP routing registries, or there may be inbound filters at one of the upstream ISPs. In all these cases, it's best if your upstream ISP can help
  • 6. you resolve the problem (which is, at this point, beyond the scope of technical BGP troubleshooting). BGP Troubleshooting: Advanced Approach In the previous section of this e-guide we addressed some basic BGP troubleshooting skills: How to identify whether a routing problem is a BGP problem, How to troubleshoot BGP sessions, How to troubleshoot IP route origination and propagation. Now let's we focus on a more advanced scenario: transit Internet service provider (ISP) networks (see the next diagram). NOTE: Before reading this section, make sure you've read section and two to become familiar with basic Border Gateway Protocol technology as well as simple BGP troubleshooting. To establish end-to-end connectivity across a service provider network, the ISP has to receive customers' IP prefixes via BGP and announce them to other ISPs. The same process has to happen in reverse direction (or at least the default route has to be announced to the customer). The network-wide BGP troubleshooting is thus composed of three steps: Have we received the prefix? Is the prefix propagated across our network? Is the prefix sent to external BGP neighbors at the other edge of the network? Have We Received the Prefix? Troubleshooting inbound BGP problems is the toughest part of BGP troubleshooting you'll encounter. There are two potential reasons that an IP prefix is not in your BGP table as you would expect it to be: The neighbor is not sending the prefix. Your inbound filters are blocking the prefix.
  • 7. The only tool that can help you identify the problem is the debugging facility on your edge router (as you normally don't have access to the other BGP neighbor). When doing BGP debugging, be aware that a BGP neighbor can send you several hundred thousand routes, so you have to ensure that the debugging output produced by the troubleshooting session does not overwhelm the router. Furthermore, the BGP prefixes are sent only when they change, not on a periodic basis (like RIP updates or OSPF LSA floods). Your debugging tool will thus not show you an IP prefix until it has actually changed (or you've cleared the BGP session with your neighbor). Some BGP routers have the ability to store a separate copy of all routes sent by a neighbor into a parallel BGP table. (To enable this functionality on Cisco IOS, you have to configuresoft-reconfiguration in for a BGP neighbor.) With the parallel per-neighbor table, you can exactly pinpoint what the neighbor has sent you (the content of the parallel table) and what routes have passed your input filters (the contents of the main BGP table), but of course the parallel per-neighbor table consumes a large amount of memory. Is the Prefix Propagated Across Our Network? Even when an edge router receives an IP prefix via BGP, it may not be propagated to the other end of your network. To start with, internal BGP (BGP within a single autonomous system) requires a full mesh of BGP sessions among all BGP routers. As every router between every pair of edge routers has to run BGP (otherwise the traffic could be dropped inside your network), the number of BGP sessions could become excessively large. (The next diagram illustrates the BGP sessions needed in a small four-router network.) There are two tools (BGP route reflectors and BGP confederations) that can help you keep the number of BGP sessions to a sensible level, with BGP route reflectors being the most commonly used. The BGP route reflector rules are quite simple: Whatever is received from a route-reflector client or an external BGP peer will
  • 8. be sent to every other BGP peer. Whatever is received from a router that is not a route-reflector client will be sent only to clients and external BGP peers? With these rules in hand, you have to step through the graph of BGP sessions in your network, checking every BGP router on the way and ensuring that the route reflector rules are not violated (and that, using the rules, the BGP prefixes get from every edge router to all other routers). There is another common reason an IP prefix is not propagated across your network: The external subnets on the edge of your network are not advertised to your core routers. The IP address of the next-hop router is not changed when an IP prefix is sent to an internal BGP neighbor. The IP next-hop of an external route is thus always the IP address of a routerone hop beyond the edge of your autonomous system. The IP subnets connecting your edge routers to their external neighbors thus have to be inserted into your internal routing protocol (for example, OSPF or IS-IS), otherwise some internal BGP router will decide that the BGP next-hop is not reachable and ignore the IP prefix. (It will appear in the BGP table but will not be used or propagated to other BGP peers.) Is the Prefix Sent to External Neighbors? As the last step in troubleshooting BGP route propagation, you have to check whether the IP prefixes transported across your network are announced to your external BGP peers. The techniques for troubleshooting outbound BGP route propagation are explained in the Border Gateway Protocol (BGP) troubleshooting: Simple approach article. Is the Traffic Traversing the Network? Even if your BGP route propagation works flawlessly, the IP packets may not be able to traverse your network. (Remember, we're talking about pure IP networks here; things change a bit if you add MPLS to the mix.) The most common cause of a "black hole" in your network is a router in the transit path that does not run BGP and consequently has no idea how to route the received IP packet toward the destination network. IP routing works hop by hop. Even though the ingress edge router knows exactly which egress edge router to use and how to get there, it cannot pass that information to the intermediate routers. All of them must therefore run BGP as well. To identify a black hole in your network, perform a traceroute from your customer's network to a destination in the Internet. The last router responding to the traceroute is one hop before the black hole.
  • 9. Even though all core routers in your network have to run BGP, the internal BGP sessions don't have to follow the physical structure of the network. For example, you could have a few central routers acting as BGP route reflectors for all BGP routers in your network. ---http://searchtelecom.techtarget.com/feature/BGP-essentials-The-protocol-that-m akes-the-Internet-work#simple What is BGP? (Border Gateway Protocol) BGP is a protocol for exchanging routing information between gatewayhosts (each with its ownrouter) in a network ofautonomous systems. BGP is often the protocol used between gateway hosts on the Internet. The routing table contains a list of known routers, the addresses they can reach, and a cost metricassociated with the path to each router so that the best available route is chosen. Hosts using BGP communicate using the Transmission Control Protocol (TCP) and send updated router table information only when one host has detected a change. Only the affected part of the routing table is sent. BGP-4, the latest version, lets administrators’ configure cost metrics based on policy statements. (BGP-4 is sometimes called BGP4, without the hyphen.) BGP communicates with autonomous (local) networks using Internal BGP (IBGP) since it doesn't work well with IGP. The routers inside the autonomous network thus maintain two routing tables: one for the interior gateway protocol and one for IBGP. BGP-4 makes it easy to use Classless Inter-Domain Routing (CIDR), which is a way to have more addresses within the network than with the current IP addressassignment scheme. BGP is a more recent protocol than the Exterior Gateway Protocol (EGP). Also see the Interior Gateway Protocol (IGP) and the Open Shortest Path First (OSPF) interior gateway protocol. More Related Cisco and Network Tutorials: BGP Protocol is Essential in Your IP Network BGP Routing Protocol Tips You Need to Know