SlideShare une entreprise Scribd logo

Implementing Internet and MPLS BGP

Télécharger en tant que PPTX, PDF
Private
Private

For enterprise network engineers, implementing BGP can be an intimidating task. This presentation was given to address common architectures for internet and MPLS BGP usage, along with best practices.

Technologie
1  sur  62
Implementing & Troubleshooting BGP Tanner 5/23/2008 5/30/2008
Agenda PART 1 BGP Fundamentals BGP and the Internet PART 2 BGP and the WAN Troubleshooting 2
PART 1 BGP Fundamentals BGP and the Internet 3
BGP Fundamentals Operations 4
Where is BGP used? Internet Same, Unique, or Mixed ASN MPLS WAN Public or Private ASN 5
ASAutonomous Systems Textbook answer: An AS is a connected group of one or more IP prefixes run by one or more network operators which has a SINGLE and CLEARLY DEFINED routing policy. 6
ASN’sAutonomous System Numbers 16-bit ASN’s (RFC1930) Range: 0-65535 Public: 1-64511 Private: 64512-65534 32-bit ASN’s (RFC4893) 4-octets 0.0 to 65535.65535 Only 46 32-bit ASN’s currently allocated 7
EIGRP and BGP Comparison 8
Path Selection Attributes Highest Weight Highest Local Preference Internally Originated Shortest AS-Path Manipulating these attributes changes BGP path selection 9
Terminology attribute [noun] Pronunciation: -trə-byüt 3: a word ascribing a quality; especially attribute [transitive verb] Pronunciation: -tri-byüt, -byət 1: to explain by indicating a cause <attributed his success to his coach> 10
BGP AttributesRFC1771 attributes its success to its attributes 11
BGP AttributesMost Used Influence INBOUNDTraffic The transit path to you is determined by how you announce your routes AS Path Prepend (shorter is more preferred) route-map RM-ISP-OUT set as-path prepend123 123 123 Influence OUTBOUNDtraffic Local Preference (higher is more preferred) route-map RM-ISP-IN set local-preference 50 12
BGP Process Operations 13
Section ReviewFundamentals What is an autonomous system? What are BGP attributes that affect inbound traffic? What are BGP attributes that affect outbound traffic? Name 4 common BGP path selection criteria What maintenance task happens every 60 seconds in BGP? 14
BGP & the Internet 15 23nd Ave / I-40 Junction
Global IP Assignments IANA Regional Registrars ISP’s End Users 16
Address Space DepletionBGP Movie (6 min) 17
Global Routing tableHow large is it? .:: Limit Prefixes on Cisco routers router bgp 12345 neighbor 1.1.1.1 maximum-prefix 300000 90 18
RIR whois ARIN IP Lookup ,[object Object],19
Typical ISP Routing Options Single-homed, Single ISP Private AS or Static (No BGP) Multi-homed, Single ISP Private AS Multi-homed, Dual ISP Public AS 20
Prefix OriginationInbound Traffic Common Elements ISP’s won’t accept anything longer than /24 Provider Aggregate address block (PA) /24 or shorter from ISP Justification paperwork, but usually easy Announcing another ISP’s prefix Provider Independent address block (PI) Applied for from RIR (e.g., ARIN) More Paperwork (and solid justification)! 21
What Kind of Routes?Outbound Traffic 1Based on 2 upstream eBGP peers 2 Varies depending on quantity of ISP customers announcing prefixes 3Varies depending on size of upstream carrier 4 Inbound bogon filtering is still possible, however outbound will not function due to default route 22
Memory RequirementsFull BGP Routes Based on 255K routes + soft reconfig BGP Summary shows 57MB Used BGP-Router# shipbgp sum ... BGP using 57060899 total bytes of memory ,[object Object],BGP-Router# sh proc mem | i PID|BGP PID TTY Allocated Freed Holding GetbufsRetbufs Process 215 0 152845892 1430904 145443600 16 16 BGP Router 234 0 239016 0 6984 5164371 5164371 BGP I/O 235 0 0 82472 9972 0 0 BGP Scanner 23
BGP Policy Components Prefix-lists to filter prefixes ip prefix-list PL-ANNOUNCE seq 10 permit 1.0.0.0/8 Filter-lists to filter ASNs ip as-path access-list 1 ^1234 Route-maps to apply policy route-map RM-ISP-OUT permit 10 set as-path prepend 1234 Distribute-lists to sit and watch (don’t use) Source: NANOG 23, Phillip Smith 24
Configuration ExampleISP eBGP Peer with Partial Routes router bgp 1234 no auto-summary no synchronization no bgp fast-external-fallover bgp log-neighbor-changes neighbor 192.0.2.233 remote-as 209 neighbor 192.0.2.233 description eBGP with Qwest AS209. Password: 1234abcd neighbor 192.0.2.233 password 1234abcd neighbor 192.0.2.233 version 4 neighbor 192.0.2.233 soft-reconfiguration inbound neighbor 192.0.2.233 maximum-prefix 300000 90 warning-only neighbor 192.0.2.233 prefix-list PL-BOGONS in neighbor 192.0.2.233 prefix-list PL-ANNOUNCE out neighbor 192.0.2.233 route-map RM-QWEST-OUT out neighbor 192.0.2.233 route-map RM-QWEST-IN in neighbor 192.0.2.233 filter-list 1 out neighbor 192.0.2.233 filter-list 10 in network 205.93.251.0 mask 255.255.254.0 network 205.93.251.0 ip route 205.93.251.0 255.255.254.0 Null0 name BGP-STABILITY ip route 205.93.251.0 255.255.255.0 205.93.251.4 ip route 205.93.251.125 255.255.255.255 205.93.251.121 name IBGP-PEER ip route 205.93.251.125 255.255.255.255 205.93.251.2 250 name IBGP-PEER-BACKUP ip as-path access-list 1 permit ^$ ip as-path access-list 10 permit _(209|7018)$ ip prefix-list PL-ANNOUNCE seq 10 permit 205.93.251.0/23 le 24 ip prefix-list PL-ANNOUNCE seq 99 deny 0.0.0.0/0 le 32 route-map RM-QWEST-OUT permit 10 set as-path prepend 1234 1234 route-map RM-QWEST-IN permit 10 set local-pref 50 25
Regular ExpressionsBGP AS Filtering Defining our AS ip as-path access-list 1 permit ^$ Originating in AS 3549 ip as-path access-list 1 permit ^3549$ Originating in AS 3549 or Upstream AS ip as-path access-list 1 permit ^3549$ ip as-path access-list 1 permit ^3549 1239$ ip as-path access-list 1 permit ^3549_(1239)?$ Deny all nets originating from AS 1239 and permit all other routes ip as-path access-list 1 deny _1239$ ip as-path access-list 1 permit .* 26
BGP Routing Table Analysis Daily BGP Stats Available BGP routing table entries examined: 255572 Prefixes after maximum aggregation: 127106 Deaggregation factor: 2.01 Unique aggregates announced to Internet: 123962 Total ASes present in the Internet Routing Table: 28151 Prefixes per ASN: 9.08 Average AS path length visible in the Internet Routing Table: 3.6 Max AS path length visible: 25 Max AS path prepend of ASN (39375) 13 Prefixes from unregistered ASNs in the Routing Table: 25414 Unregistered ASNs in the Routing Table: 1885 Prefixes being announced from unallocated address space: 786 Number of addresses announced to Internet: 1,851,293,088 WojciechMisiaszek TelekomunikacjaPodlasie Sp. ul. Dobra 14A 15-034 Bialystok Poland 27
Bogon FilteringManual Method 28 Outbound traffic (via inbound route filter) ip prefix-list BOGONS descBogon networks we won't accept ip prefix-list BOGONS seq 2 deny 0.0.0.0/0 ip prefix-list BOGONS seq 5 deny 0.0.0.0/8 le 32 ip prefix-list BOGONS seq 20 deny 5.0.0.0/8 le 32 ip prefix-list BOGONS seq 390 deny 127.0.0.0/8 le 32 ip prefix-list BOGONS seq 400 deny 172.16.0.0/12 le 32 ip prefix-list BOGONS seq 520 deny 224.0.0.0/3 le 32 ip prefix-list BOGONS seq 700 permit 0.0.0.0/0 le 27 Inbound traffic ip access-list extended ACL-OUTSIDE-IN remark --- Basic Spoof Filtering deny ip 0.0.0.0 0.255.255.255 any deny ip 10.0.0.0 0.255.255.255 any deny ippublic-ip-blocksubnet-mask any
Bogon FilteringAutomatic Method Do not try this at home! Make sure you are aware of potential complications 29 router bgp <your asn> neighbor x.x.x.x remote-as 65333 neighbor x.x.x.xebgp-multihop 255 neighbor x.x.x.x description CymruBogon Route Server Project neighbor x.x.x.x prefix-list PL-CYMRU-OUT out neighbor x.x.x.x route-map RM-CYMRUBOGONS-IN in neighbor x.x.x.x password 31337PW neighbor x.x.x.x maximum-prefix 100 threshold 90 Configure a community list to accept the bogon prefixes into the route-map. ipbgp-community new-format ip community-list 10 permit 65333:888 Configure the route-map. Remember to apply it to the proper peering sessions. route-map RM-CYMRUBOGONS-IN permit 10 description Filter bogons learned from cymru.com bogon route-servers match community 10 set ip next-hop 192.0.2.1 Set a bogon next-hop on all routers that receive the bogons. ip route 192.0.2.1 255.255.255.255 null0 ip prefix-list PL-CYMRU-OUT seq 5 deny 0.0.0.0/0 le 32
BGP Communities WELL KNOWN TE Custom Communities no-advertise no-export ISP must support it TE via AS path prepends, local prefs, trig. blackhole 30
BGP CommunitiesConfiguration Example ipbgp-community new-format ipprefix-list PL-ANNOUNCE seq 10 permit 205.93.251.0/24 ipprefix-list PL-ANNOUNCE seq 10 deny 0.0.0.0/0 le 32 route-map RM-ISP-OUT permit 10 match ip address prefix-list PL-ANNOUNCE set community 65011:209 route-map RM-ISP-OUT permit 20 router bgp 64512 neighbor 1.1.1.1 send-community neighbor 1.1.1.1 route-map RM-ISP-OUT out 31
Section ReviewBGP & the Internet What kind of route options are typically received from an ISP? Who is the global controller of IP space on the internet? Describe bogon filtering What do the ^ and $ symbols mean in regular expressions? 32
PART 2 BGP and the MPLS WAN Troubleshooting BGP 33
BGP & MPLS Theory Design Configuration Best Practices 34
MPLS Basics Topology Full Mesh Single peer to WAN cloud L1 Transport T1 DS3 L2 Transport PPP / MLP ATM / IMA Frame Relay Ethernet Routing Protocols BGP EIGRP RIP Public/Private AS’s 35
MPLS Terminology CE Router Customer Edge PE Router Provider Edge P/LSR Router Provider Backbone/Label Switching Router VRF Virtual Routing and Forwarding Everything else is standard BGP! 36
Typical MPLS Topology Options Single-homed, Single ISP Easiest routing policies Multi-homed, Single ISP Most common Multi-homed, Dual Provider Lots of TE 37
BGP TableHow do you read this thing??? 38 > is the path installed in the routing table rmeans there is already a route with a better AD 32768means prefix originated on this router ? means prefix was originated via redistribution Next Hopis the neighbor IP of eBGP peer(s) WAN-Router# shipbgp BGP table version is 7345, local router ID is 172.16.254.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * i12.86.42.44/30 172.16.254.4 0 100 0 7018 ? *> 12.122.14.185 0 7018 ? r>i172.16.254.4/32 172.16.254.4 0 100 0 ? *> 172.16.254.16/29 0.0.0.0 0 32768 ? *> 172.16.254.24/29 0.0.0.0 0 32768 ? * i172.30.32.0/20 172.16.254.4 0 100 0 7018 7018 i *> 12.122.14.185 0 7018 7018 i *> 172.30.64.0/20 12.122.14.185 0 7018 7018 ? imeans prefix was originated via network statement AS set is the list of AS’s prefix has passed through CIDR Mask try to summarize where possible * means route is OK to inject in routing table imeans prefix learned from iBGP peer
Default Route Origination 39 *Policies include: Conditional advertisement, AS prepending, and communities
Best Path Selection Review BGP Table (BRIB) Routing Table (RIB) BGP Multipath Multi-VRF w/Sub-interfaces 40 Weight Local Pref Local Originate AS Path Origin Type Lowest MED eBGP over iBGP IGP Metric to NH Received First Lowest RID Originator ID Neighbor IP WAN-router# shipbgpnei 172.16.16.249 advertised-routes Originating default network 0.0.0.0    Network          Next Hop      Metric LocPrf Weight Path *> 10.0.0.0/24      10.20.40.5         0         32768 ? *> 10.20.20.0/24    0.0.0.0            0         32768 ? ... Only send the very best! WAN-router> shipbgp    Network          Next Hop       Metric LocPrf Weight Path *> 0.0.0.0          172.14.16.250                     0 65000 i * 0.0.0.0          10.217.13.102                     0 65001 i WAN-router> shipbgp    Network       Next Hop        Metric LocPrf Weight Path *> 0.0.0.0       172.11.132.193                     0 1803 65000 i
Route Redistribution “Seek first to summarize…” Do you need to redistribute? Yes = Redistribution No = Summarization Maybe = Both? BGP to EIGRP router eigrp 111 redistribute bgp 222 metric 1500 1000 255 1 1500 EIGRP to BGP router bgp 222 redistribute eigrp 111 41
Miscellaneous Features Peer Groups Object-groups for BGP! (Kind of…) router bgp 64512 ! Setup peer-group policies neighbor PARTIAL-ROUTES peer-group neighbor PARTIAL-ROUTES version 4 neighbor PARTIAL-ROUTES filter-list 5 out neighbor FULL-ROUTES peer-group neighbor FULL-ROUTES version 4 ! Apply it to a neighbor neighbor 192.0.2.228 peer-group FULL-ROUTES ip as-path access-list 5 permit ^(209|36270|6298_)[0-9]*_[0-9]*$ Route Reflectors 42
Best Practices Avoid redistributing everything under the sun connected, static, every routing protocol, etc. Look for ways to reduce routing tables Summarize Advertise only what is necessary Use a network statement for default origination network 0.0.0.0 mask 0.0.0.0 43
Case StudyRequirements WAN to Internet Use DC as primary Use Campus as secondary Use Internet VPN as tertiary WAN to Hubs Use each hub MPLS DS3 Use other hub DS3 as secondary Use Internet VPN as tertiary Hub to Hub Use LAN link as primary Don’t use MPLS DS3’s as secondary 44 Smokey the Router says… “Routing works both ways!”
Case StudyPossible Solution 45 ,[object Object]
Use DC as primary
Use Campus as secondary
Use Internet VPN as tertiary
WAN to Hubs
Use each hub MPLS DS3
Use other hub DS3 as secondary
Use Internet VPN as tertiary
Hub to Hub
Use LAN link as primary
Don’t use MPLS DS3’s as secondaryDefault Networks: 1 via eBGP to MPLS 1 via iBGP to VPN Advertised Networks: Shortest AS path (DC) Advertised Networks: network 0.0.0.0 network 10.112.0.0 Received Networks: 0.0.0.0/0 ge 29 le 32 Advertised Networks: network 0.0.0.0 Received Networks: 0.0.0.0/0 ge 29 le 32 Summarized Networks: summary-addr 10.x.0.0/20 summary-addr <WAN nets> Advertised Networks: network 0.0.0.0 Received Networks: 0.0.0.0/0 ge 29 le 32 Summarized Networks: summary-addr 10.112.0.0/16 Default Route Static route redistributed into EIGRP Campus to WAN: EIGRP Metric better via Router 1  WAN DC to Campus: Only 1 route via Interlink
Configuration Example (Hub)MPLS eBGP Peer with Default Advertisement 46 router bgp 100 network 0.0.0.0 network 10.112.0.0 mask 255.255.0.0 neighbor 192.0.2.105 remote-as 65000 neighbor 192.0.2.105 description eBGP with MPLS SP. Password: 1234abcd neighbor 192.0.2.105 password 1234abcd neighbor 192.0.2.105 version 4 neighbor 192.0.2.105 send-community neighbor 192.0.2.105 soft-reconfiguration inbound neighbor 192.0.2.105 route-map RM-MPLS-IN in neighbor 192.0.2.105 route-map RM-MPLS-OUT out no auto-summary ip prefix-list PL-DEFAULT seq 10 permit 0.0.0.0/0 route-map RM-MPLS-IN deny 10 description Block learning default route from DC Router. Use IGP instead. match ip address prefix-list PL-DEFAULT route-map RM-MPLS-IN permit 20 route-map RM-MPLS-OUT permit 10 description Set BGP policies for outbound route advertisements to MPLS Provider set community 112 route-map RM-MPLS-OUT permit 20 description Prepend Default Route for Backup Link match ip address prefix-list PL-DEFAULT set as-path prepend 100 100 route-map RM-MPLS-OUT permit 30
Configuration Example (Hub)MPLS EIGRP Redistribution router eigrp 1 redistribute bgp 100 metric 1500 1000 255 1 1500 route-map PL-WAN-SERIALS network 10.112.2.0 0.0.0.255 no auto-summary ip prefix-list PL-WAN-SERIALS seq 10 permit 0.0.0.0/0 ge 29 route-map RM-WAN-SERIALS permit 10 description Only redistribute WAN serials (/29 to /32 prefixes) into EIGRP process match ip address prefix-list PL-WAN-SERIALS Advertise learned BGP networks with prefixes /29 or longer 47
Section ReviewBGP & MPLS What are the 3 default route origination methods? What does the > symbol mean in the BGP table? What are 3 clues that tell you a route "originated here" in the BGP table? 48
BGP Troubleshooting Interpreting and Troubleshooting BGP Operations 49
Peer Establishment Peer Reachability MD5 Password Mismatch Wrong neighbor IP Wrong update-source Wrong peer AS TTL / ebgp-multihop Stuck in OpenSent/OpenConfirm Asymmetric routing & TTL problem ACL’s between peers Blocking TCP/179 50
Flapping Peer *May 20 04:02:39.240 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down Peer closed the session *May 20 04:02:54.468 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 04:20:44.999 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down BGP Notification sent *May 20 04:20:44.999 MST: %BGP-3-NOTIFICATION: sent to neighbor 192.0.2.133 4/0 (hold time expired) 0 bytes *May 20 04:21:04.243 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 04:52:18.132 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down BGP Notification sent *May 20 04:52:18.132 MST: %BGP-3-NOTIFICATION: sent to neighbor 192.0.2.133 4/0 (hold time expired) 0 bytes *May 20 04:55:16.469 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 04:56:17.169 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down Peer closed the session *May 20 04:56:36.533 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 05:09:28.555 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down Peer closed the session *May 20 05:09:35.087 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 05:47:57.350 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down BGP Notification sent Remote router rebooting (BGP crash?) MTU Incorrect L2 Problem Interface output drops (QoS, CoPP, etc.) 51
Received RoutesPre/Post Filter Show received routes before policy is applied shipbgpnei 1.1.1.1 received-routes Requires soft-reconfiguration inbound (more mem) Show received routes after policy is applied shipbgpnei 1.1.1.1 routes Show AS Paths to via all neighbors BGP-router> shipbgp paths Address Hash Refcount Metric Path 0xC4125EDC 1 8 0 7018 209 701 23520 3816 ? 0x68397C58 1 18 0 4323 6389 6198 27266 25747 i 0x74151970 1 2 0 4323 1299 13249 44600 i 0x70FF72D4 1 2 0 4323 3257 1241 20506 i 52

Recommandé

11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 2611 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26legasu zemene
 
BGP
BGPBGP
BGPAnıl Alibeyoğlu
 
Bgp Basic Labs
Bgp Basic LabsBgp Basic Labs
Bgp Basic Labscisconetworker
 
Bgp For Presentation
Bgp For PresentationBgp For Presentation
Bgp For PresentationAlp isik
 
Inter as vpn option c
Inter as vpn option c Inter as vpn option c
Inter as vpn option c Goerge Micheal Gerges
 
BGP
BGP BGP
BGP Reza Farahani
 
214270 configure-aci-multi-site-deployment
214270 configure-aci-multi-site-deployment214270 configure-aci-multi-site-deployment
214270 configure-aci-multi-site-deploymentcoolboyasif
 
Inter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentInter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentBangladesh Network Operators Group
 

Recommandé

11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 2611 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26
11 zxr10 b-en-bgp-mpls-vpn configuration-2-ppt-201105 26legasu zemene
 
BGP
BGPBGP
BGPAnıl Alibeyoğlu
 
Bgp Basic Labs
Bgp Basic LabsBgp Basic Labs
Bgp Basic Labscisconetworker
 
Bgp For Presentation
Bgp For PresentationBgp For Presentation
Bgp For PresentationAlp isik
 
Inter as vpn option c
Inter as vpn option c Inter as vpn option c
Inter as vpn option c Goerge Micheal Gerges
 
BGP
BGP BGP
BGP Reza Farahani
 
214270 configure-aci-multi-site-deployment
214270 configure-aci-multi-site-deployment214270 configure-aci-multi-site-deployment
214270 configure-aci-multi-site-deploymentcoolboyasif
 
Inter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentInter-AS MPLS VPN Deployment
Inter-AS MPLS VPN DeploymentBangladesh Network Operators Group
 
MPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf TrafficMPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf Trafficalco
 
BGP Overview
BGP OverviewBGP Overview
BGP OverviewMatt Bynum
 
MPLS L3 VPN Deployment
MPLS L3 VPN DeploymentMPLS L3 VPN Deployment
MPLS L3 VPN DeploymentAPNIC
 
Mpls Services
Mpls ServicesMpls Services
Mpls ServicesKristof De Brouwer
 
Troubleshooting BGP
Troubleshooting BGPTroubleshooting BGP
Troubleshooting BGPDuane Bodle
 
Bgp tutorial for ISP
Bgp tutorial for ISPBgp tutorial for ISP
Bgp tutorial for ISPWahyu Nasution
 
BGP Monitoring Protocol
BGP Monitoring ProtocolBGP Monitoring Protocol
BGP Monitoring ProtocolBertrand Duvivier
 
Part1
Part1Part1
Part1cisconetworker
 
BGP Traffic Engineering / Routing Optimisation
BGP Traffic Engineering / Routing OptimisationBGP Traffic Engineering / Routing Optimisation
BGP Traffic Engineering / Routing OptimisationAndy Davidson
 
An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)Jasim Alam
 
Bgp
BgpBgp
BgpFebrian ‎
 
Unknown Unicast Traffic and Ping Pollers
Unknown Unicast Traffic and Ping PollersUnknown Unicast Traffic and Ping Pollers
Unknown Unicast Traffic and Ping PollersAPNIC
 
Troubleshooting BGP
Troubleshooting BGPTroubleshooting BGP
Troubleshooting BGPAPNIC
 
Bgp (1)
Bgp (1)Bgp (1)
Bgp (1)Vamsidhar Naidu
 
Mpls L3_vpn
Mpls L3_vpnMpls L3_vpn
Mpls L3_vpnReza Farahani
 
MPLS + BGP Presentation
MPLS + BGP PresentationMPLS + BGP Presentation
MPLS + BGP PresentationGino McCarty
 
Per VRF tunnel Seclection IOS-XR
Per VRF tunnel Seclection IOS-XRPer VRF tunnel Seclection IOS-XR
Per VRF tunnel Seclection IOS-XRGoerge Micheal Gerges
 
CCIE Lab - IGP Routing
CCIE Lab - IGP Routing CCIE Lab - IGP Routing
CCIE Lab - IGP Routing Kristof De Brouwer
 
Study Notes BGP Exam
Study Notes BGP ExamStudy Notes BGP Exam
Study Notes BGP ExamDuane Bodle
 
Nokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration GuideNokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration GuideAbel Saduwa
 
BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesFebrian ‎
 
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceCisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceBertrand Duvivier
 

Contenu connexe

Tendances

MPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf TrafficMPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf Trafficalco
 
MPLS L3 VPN Deployment
MPLS L3 VPN DeploymentMPLS L3 VPN Deployment
MPLS L3 VPN DeploymentAPNIC
 
Troubleshooting BGP
Troubleshooting BGPTroubleshooting BGP
Troubleshooting BGPDuane Bodle
 
BGP Traffic Engineering / Routing Optimisation
BGP Traffic Engineering / Routing OptimisationBGP Traffic Engineering / Routing Optimisation
BGP Traffic Engineering / Routing OptimisationAndy Davidson
 
An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)Jasim Alam
 
Unknown Unicast Traffic and Ping Pollers
Unknown Unicast Traffic and Ping PollersUnknown Unicast Traffic and Ping Pollers
Unknown Unicast Traffic and Ping PollersAPNIC
 
Troubleshooting BGP
Troubleshooting BGPTroubleshooting BGP
Troubleshooting BGPAPNIC
 
MPLS + BGP Presentation
MPLS + BGP PresentationMPLS + BGP Presentation
MPLS + BGP PresentationGino McCarty
 
Study Notes BGP Exam
Study Notes BGP ExamStudy Notes BGP Exam
Study Notes BGP ExamDuane Bodle
 
Nokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration GuideNokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration GuideAbel Saduwa
 

Tendances (20)

MPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf TrafficMPLS VPN Per Vrf Traffic
MPLS VPN Per Vrf Traffic
 
BGP Overview
BGP OverviewBGP Overview
BGP Overview
 
MPLS L3 VPN Deployment
MPLS L3 VPN DeploymentMPLS L3 VPN Deployment
MPLS L3 VPN Deployment
 
Mpls Services
Mpls ServicesMpls Services
Mpls Services
 
Troubleshooting BGP
Troubleshooting BGPTroubleshooting BGP
Troubleshooting BGP
 
Bgp tutorial for ISP
Bgp tutorial for ISPBgp tutorial for ISP
Bgp tutorial for ISP
 
BGP Monitoring Protocol
BGP Monitoring ProtocolBGP Monitoring Protocol
BGP Monitoring Protocol
 
Part1
Part1Part1
Part1
 
BGP Traffic Engineering / Routing Optimisation
BGP Traffic Engineering / Routing OptimisationBGP Traffic Engineering / Routing Optimisation
BGP Traffic Engineering / Routing Optimisation
 
An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)An Overview of Border Gateway Protocol (BGP)
An Overview of Border Gateway Protocol (BGP)
 
Bgp
BgpBgp
Bgp
 
Unknown Unicast Traffic and Ping Pollers
Unknown Unicast Traffic and Ping PollersUnknown Unicast Traffic and Ping Pollers
Unknown Unicast Traffic and Ping Pollers
 
Troubleshooting BGP
Troubleshooting BGPTroubleshooting BGP
Troubleshooting BGP
 
Bgp (1)
Bgp (1)Bgp (1)
Bgp (1)
 
Mpls L3_vpn
Mpls L3_vpnMpls L3_vpn
Mpls L3_vpn
 
MPLS + BGP Presentation
MPLS + BGP PresentationMPLS + BGP Presentation
MPLS + BGP Presentation
 
Per VRF tunnel Seclection IOS-XR
Per VRF tunnel Seclection IOS-XRPer VRF tunnel Seclection IOS-XR
Per VRF tunnel Seclection IOS-XR
 
CCIE Lab - IGP Routing
CCIE Lab - IGP Routing CCIE Lab - IGP Routing
CCIE Lab - IGP Routing
 
Study Notes BGP Exam
Study Notes BGP ExamStudy Notes BGP Exam
Study Notes BGP Exam
 
Nokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration GuideNokia L3 VPN Configuration Guide
Nokia L3 VPN Configuration Guide
 

En vedette

BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesFebrian ‎
 
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceCisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceBertrand Duvivier
 
Using BGP To Manage Dual Internet Connections
Using BGP To Manage Dual Internet ConnectionsUsing BGP To Manage Dual Internet Connections
Using BGP To Manage Dual Internet ConnectionsRowell Dionicio
 
Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010Febrian ‎
 
Border Gateway Protocol
Border Gateway ProtocolBorder Gateway Protocol
Border Gateway ProtocolKashif Latif
 
Philippe Langlois - SCTPscan Finding entry points to SS7 Networks & Telecommu...
Philippe Langlois - SCTPscan Finding entry points to SS7 Networks & Telecommu...Philippe Langlois - SCTPscan Finding entry points to SS7 Networks & Telecommu...
Philippe Langlois - SCTPscan Finding entry points to SS7 Networks & Telecommu...P1Security
 
4G LTE Mobile Broadband Overview
4G LTE Mobile Broadband Overview4G LTE Mobile Broadband Overview
4G LTE Mobile Broadband OverviewSigit Priyanggoro
 
Segment Routing & Application Engeering Routing
Segment Routing & Application Engeering RoutingSegment Routing & Application Engeering Routing
Segment Routing & Application Engeering RoutingBertrand Duvivier
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private NetworkPeter R. Egli
 
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDN
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDNTech Tutorial by Vikram Dham: Let's build MPLS router using SDN
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDNnvirters
 
(Slides) P2P video broadcast based on per-peer transcoding and its evaluatio...
(Slides) P2P video broadcast based on per-peer transcoding and its evaluatio...(Slides) P2P video broadcast based on per-peer transcoding and its evaluatio...
(Slides) P2P video broadcast based on per-peer transcoding and its evaluatio...Naoki Shibata
 
智能广域网及开源项目更新
智能广域网及开源项目更新智能广域网及开源项目更新
智能广域网及开源项目更新Bertrand Duvivier
 
junos-firewall-filter
junos-firewall-filterjunos-firewall-filter
junos-firewall-filterkj teoh
 

En vedette (20)

BGP Advance Technique by Steven & James
BGP Advance Technique by Steven & JamesBGP Advance Technique by Steven & James
BGP Advance Technique by Steven & James
 
Cisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advanceCisco Live Milan 2015 - BGP advance
Cisco Live Milan 2015 - BGP advance
 
Using BGP To Manage Dual Internet Connections
Using BGP To Manage Dual Internet ConnectionsUsing BGP To Manage Dual Internet Connections
Using BGP To Manage Dual Internet Connections
 
Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010Deploying IP/MPLS VPN - Cisco Networkers 2010
Deploying IP/MPLS VPN - Cisco Networkers 2010
 
Border Gateway Protocol
Border Gateway ProtocolBorder Gateway Protocol
Border Gateway Protocol
 
BGP protocol presentation
BGP protocol presentationBGP protocol presentation
BGP protocol presentation
 
Mpls vpn toi
Mpls vpn toiMpls vpn toi
Mpls vpn toi
 
Voice over MPLS
Voice over MPLSVoice over MPLS
Voice over MPLS
 
Philippe Langlois - SCTPscan Finding entry points to SS7 Networks & Telecommu...
Philippe Langlois - SCTPscan Finding entry points to SS7 Networks & Telecommu...Philippe Langlois - SCTPscan Finding entry points to SS7 Networks & Telecommu...
Philippe Langlois - SCTPscan Finding entry points to SS7 Networks & Telecommu...
 
4G LTE Mobile Broadband Overview
4G LTE Mobile Broadband Overview4G LTE Mobile Broadband Overview
4G LTE Mobile Broadband Overview
 
MPLS Presentation
MPLS PresentationMPLS Presentation
MPLS Presentation
 
Segment Routing & Application Engeering Routing
Segment Routing & Application Engeering RoutingSegment Routing & Application Engeering Routing
Segment Routing & Application Engeering Routing
 
VPN - Virtual Private Network
VPN - Virtual Private NetworkVPN - Virtual Private Network
VPN - Virtual Private Network
 
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDN
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDNTech Tutorial by Vikram Dham: Let's build MPLS router using SDN
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDN
 
(Slides) P2P video broadcast based on per-peer transcoding and its evaluatio...
(Slides) P2P video broadcast based on per-peer transcoding and its evaluatio...(Slides) P2P video broadcast based on per-peer transcoding and its evaluatio...
(Slides) P2P video broadcast based on per-peer transcoding and its evaluatio...
 
ECI UTC Webinar MPLS-TP Value for Utilities-dec 2015
ECI UTC Webinar MPLS-TP Value for Utilities-dec 2015ECI UTC Webinar MPLS-TP Value for Utilities-dec 2015
ECI UTC Webinar MPLS-TP Value for Utilities-dec 2015
 
mpls-04
mpls-04mpls-04
mpls-04
 
mpls-05
mpls-05mpls-05
mpls-05
 
智能广域网及开源项目更新
智能广域网及开源项目更新智能广域网及开源项目更新
智能广域网及开源项目更新
 
junos-firewall-filter
junos-firewall-filterjunos-firewall-filter
junos-firewall-filter
 

Similaire à Implementing Internet and MPLS BGP

Cloud Traffic Engineer – Google Espresso Project by Shaowen Ma
Cloud Traffic Engineer – Google Espresso Project by Shaowen MaCloud Traffic Engineer – Google Espresso Project by Shaowen Ma
Cloud Traffic Engineer – Google Espresso Project by Shaowen MaMyNOG
 
Interautonomous System PLS VPN Advanced Concepts
Interautonomous System PLS VPN Advanced ConceptsInterautonomous System PLS VPN Advanced Concepts
Interautonomous System PLS VPN Advanced ConceptsBrozaa
 
Ccnp enterprise workbook v1.0 bgp zero to hero
Ccnp enterprise workbook v1.0 bgp zero to heroCcnp enterprise workbook v1.0 bgp zero to hero
Ccnp enterprise workbook v1.0 bgp zero to heroSagarR24
 
ISP Border Definition
ISP Border DefinitionISP Border Definition
ISP Border DefinitionQrator Labs
 
T4 Handout3
T4 Handout3T4 Handout3
T4 Handout3gobed
 
SGNOG2 - Using communities for multihoming ISP workshop
SGNOG2 - Using communities for multihoming ISP workshopSGNOG2 - Using communities for multihoming ISP workshop
SGNOG2 - Using communities for multihoming ISP workshopAPNIC
 
BGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerBGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerAPNIC
 
BGP Techniques for Network Operators
BGP Techniques for Network OperatorsBGP Techniques for Network Operators
BGP Techniques for Network OperatorsAPNIC
 
Dynamische Routingprotokolle Aufzucht und Pflege - BGP
Dynamische Routingprotokolle Aufzucht und Pflege - BGPDynamische Routingprotokolle Aufzucht und Pflege - BGP
Dynamische Routingprotokolle Aufzucht und Pflege - BGPMaximilan Wilhelm
 

Similaire à Implementing Internet and MPLS BGP (20)

Bgp
BgpBgp
Bgp
 
Bgp
BgpBgp
Bgp
 
Bgp
BgpBgp
Bgp
 
Bgp
BgpBgp
Bgp
 
07.bgp
07.bgp07.bgp
07.bgp
 
bgp.ppt
bgp.pptbgp.ppt
bgp.ppt
 
Cloud Traffic Engineer – Google Espresso Project by Shaowen Ma
Cloud Traffic Engineer – Google Espresso Project by Shaowen MaCloud Traffic Engineer – Google Espresso Project by Shaowen Ma
Cloud Traffic Engineer – Google Espresso Project by Shaowen Ma
 
Interautonomous System PLS VPN Advanced Concepts
Interautonomous System PLS VPN Advanced ConceptsInterautonomous System PLS VPN Advanced Concepts
Interautonomous System PLS VPN Advanced Concepts
 
Ccnp enterprise workbook v1.0 bgp zero to hero
Ccnp enterprise workbook v1.0 bgp zero to heroCcnp enterprise workbook v1.0 bgp zero to hero
Ccnp enterprise workbook v1.0 bgp zero to hero
 
Bgp
BgpBgp
Bgp
 
ISP Border Definition
ISP Border DefinitionISP Border Definition
ISP Border Definition
 
Bigbgp
BigbgpBigbgp
Bigbgp
 
Cumulus Linux 2.5.3
Cumulus Linux 2.5.3Cumulus Linux 2.5.3
Cumulus Linux 2.5.3
 
T4 Handout3
T4 Handout3T4 Handout3
T4 Handout3
 
Class 7
Class 7Class 7
Class 7
 
SGNOG2 - Using communities for multihoming ISP workshop
SGNOG2 - Using communities for multihoming ISP workshopSGNOG2 - Using communities for multihoming ISP workshop
SGNOG2 - Using communities for multihoming ISP workshop
 
Bgp fine tuning
Bgp fine tuningBgp fine tuning
Bgp fine tuning
 
BGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN ControllerBGP Traffic Engineering with SDN Controller
BGP Traffic Engineering with SDN Controller
 
BGP Techniques for Network Operators
BGP Techniques for Network OperatorsBGP Techniques for Network Operators
BGP Techniques for Network Operators
 
Dynamische Routingprotokolle Aufzucht und Pflege - BGP
Dynamische Routingprotokolle Aufzucht und Pflege - BGPDynamische Routingprotokolle Aufzucht und Pflege - BGP
Dynamische Routingprotokolle Aufzucht und Pflege - BGP
 

Dernier

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 

Dernier (20)

Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 

Implementing Internet and MPLS BGP

  • 1. Implementing & Troubleshooting BGP Tanner 5/23/2008 5/30/2008
  • 2. Agenda PART 1 BGP Fundamentals BGP and the Internet PART 2 BGP and the WAN Troubleshooting 2
  • 3. PART 1 BGP Fundamentals BGP and the Internet 3
  • 5. Where is BGP used? Internet Same, Unique, or Mixed ASN MPLS WAN Public or Private ASN 5
  • 6. ASAutonomous Systems Textbook answer: An AS is a connected group of one or more IP prefixes run by one or more network operators which has a SINGLE and CLEARLY DEFINED routing policy. 6
  • 7. ASN’sAutonomous System Numbers 16-bit ASN’s (RFC1930) Range: 0-65535 Public: 1-64511 Private: 64512-65534 32-bit ASN’s (RFC4893) 4-octets 0.0 to 65535.65535 Only 46 32-bit ASN’s currently allocated 7
  • 8. EIGRP and BGP Comparison 8
  • 9. Path Selection Attributes Highest Weight Highest Local Preference Internally Originated Shortest AS-Path Manipulating these attributes changes BGP path selection 9
  • 10. Terminology attribute [noun] Pronunciation: -trə-byüt 3: a word ascribing a quality; especially attribute [transitive verb] Pronunciation: -tri-byüt, -byət 1: to explain by indicating a cause <attributed his success to his coach> 10
  • 11. BGP AttributesRFC1771 attributes its success to its attributes 11
  • 12. BGP AttributesMost Used Influence INBOUNDTraffic The transit path to you is determined by how you announce your routes AS Path Prepend (shorter is more preferred) route-map RM-ISP-OUT set as-path prepend123 123 123 Influence OUTBOUNDtraffic Local Preference (higher is more preferred) route-map RM-ISP-IN set local-preference 50 12
  • 14. Section ReviewFundamentals What is an autonomous system? What are BGP attributes that affect inbound traffic? What are BGP attributes that affect outbound traffic? Name 4 common BGP path selection criteria What maintenance task happens every 60 seconds in BGP? 14
  • 15. BGP & the Internet 15 23nd Ave / I-40 Junction
  • 16. Global IP Assignments IANA Regional Registrars ISP’s End Users 16
  • 17. Address Space DepletionBGP Movie (6 min) 17
  • 18. Global Routing tableHow large is it? .:: Limit Prefixes on Cisco routers router bgp 12345 neighbor 1.1.1.1 maximum-prefix 300000 90 18
  • 19.
  • 20. Typical ISP Routing Options Single-homed, Single ISP Private AS or Static (No BGP) Multi-homed, Single ISP Private AS Multi-homed, Dual ISP Public AS 20
  • 21. Prefix OriginationInbound Traffic Common Elements ISP’s won’t accept anything longer than /24 Provider Aggregate address block (PA) /24 or shorter from ISP Justification paperwork, but usually easy Announcing another ISP’s prefix Provider Independent address block (PI) Applied for from RIR (e.g., ARIN) More Paperwork (and solid justification)! 21
  • 22. What Kind of Routes?Outbound Traffic 1Based on 2 upstream eBGP peers 2 Varies depending on quantity of ISP customers announcing prefixes 3Varies depending on size of upstream carrier 4 Inbound bogon filtering is still possible, however outbound will not function due to default route 22
  • 23.
  • 24. BGP Policy Components Prefix-lists to filter prefixes ip prefix-list PL-ANNOUNCE seq 10 permit 1.0.0.0/8 Filter-lists to filter ASNs ip as-path access-list 1 ^1234 Route-maps to apply policy route-map RM-ISP-OUT permit 10 set as-path prepend 1234 Distribute-lists to sit and watch (don’t use) Source: NANOG 23, Phillip Smith 24
  • 25. Configuration ExampleISP eBGP Peer with Partial Routes router bgp 1234 no auto-summary no synchronization no bgp fast-external-fallover bgp log-neighbor-changes neighbor 192.0.2.233 remote-as 209 neighbor 192.0.2.233 description eBGP with Qwest AS209. Password: 1234abcd neighbor 192.0.2.233 password 1234abcd neighbor 192.0.2.233 version 4 neighbor 192.0.2.233 soft-reconfiguration inbound neighbor 192.0.2.233 maximum-prefix 300000 90 warning-only neighbor 192.0.2.233 prefix-list PL-BOGONS in neighbor 192.0.2.233 prefix-list PL-ANNOUNCE out neighbor 192.0.2.233 route-map RM-QWEST-OUT out neighbor 192.0.2.233 route-map RM-QWEST-IN in neighbor 192.0.2.233 filter-list 1 out neighbor 192.0.2.233 filter-list 10 in network 205.93.251.0 mask 255.255.254.0 network 205.93.251.0 ip route 205.93.251.0 255.255.254.0 Null0 name BGP-STABILITY ip route 205.93.251.0 255.255.255.0 205.93.251.4 ip route 205.93.251.125 255.255.255.255 205.93.251.121 name IBGP-PEER ip route 205.93.251.125 255.255.255.255 205.93.251.2 250 name IBGP-PEER-BACKUP ip as-path access-list 1 permit ^$ ip as-path access-list 10 permit _(209|7018)$ ip prefix-list PL-ANNOUNCE seq 10 permit 205.93.251.0/23 le 24 ip prefix-list PL-ANNOUNCE seq 99 deny 0.0.0.0/0 le 32 route-map RM-QWEST-OUT permit 10 set as-path prepend 1234 1234 route-map RM-QWEST-IN permit 10 set local-pref 50 25
  • 26. Regular ExpressionsBGP AS Filtering Defining our AS ip as-path access-list 1 permit ^$ Originating in AS 3549 ip as-path access-list 1 permit ^3549$ Originating in AS 3549 or Upstream AS ip as-path access-list 1 permit ^3549$ ip as-path access-list 1 permit ^3549 1239$ ip as-path access-list 1 permit ^3549_(1239)?$ Deny all nets originating from AS 1239 and permit all other routes ip as-path access-list 1 deny _1239$ ip as-path access-list 1 permit .* 26
  • 27. BGP Routing Table Analysis Daily BGP Stats Available BGP routing table entries examined: 255572 Prefixes after maximum aggregation: 127106 Deaggregation factor: 2.01 Unique aggregates announced to Internet: 123962 Total ASes present in the Internet Routing Table: 28151 Prefixes per ASN: 9.08 Average AS path length visible in the Internet Routing Table: 3.6 Max AS path length visible: 25 Max AS path prepend of ASN (39375) 13 Prefixes from unregistered ASNs in the Routing Table: 25414 Unregistered ASNs in the Routing Table: 1885 Prefixes being announced from unallocated address space: 786 Number of addresses announced to Internet: 1,851,293,088 WojciechMisiaszek TelekomunikacjaPodlasie Sp. ul. Dobra 14A 15-034 Bialystok Poland 27
  • 28. Bogon FilteringManual Method 28 Outbound traffic (via inbound route filter) ip prefix-list BOGONS descBogon networks we won't accept ip prefix-list BOGONS seq 2 deny 0.0.0.0/0 ip prefix-list BOGONS seq 5 deny 0.0.0.0/8 le 32 ip prefix-list BOGONS seq 20 deny 5.0.0.0/8 le 32 ip prefix-list BOGONS seq 390 deny 127.0.0.0/8 le 32 ip prefix-list BOGONS seq 400 deny 172.16.0.0/12 le 32 ip prefix-list BOGONS seq 520 deny 224.0.0.0/3 le 32 ip prefix-list BOGONS seq 700 permit 0.0.0.0/0 le 27 Inbound traffic ip access-list extended ACL-OUTSIDE-IN remark --- Basic Spoof Filtering deny ip 0.0.0.0 0.255.255.255 any deny ip 10.0.0.0 0.255.255.255 any deny ippublic-ip-blocksubnet-mask any
  • 29. Bogon FilteringAutomatic Method Do not try this at home! Make sure you are aware of potential complications 29 router bgp <your asn> neighbor x.x.x.x remote-as 65333 neighbor x.x.x.xebgp-multihop 255 neighbor x.x.x.x description CymruBogon Route Server Project neighbor x.x.x.x prefix-list PL-CYMRU-OUT out neighbor x.x.x.x route-map RM-CYMRUBOGONS-IN in neighbor x.x.x.x password 31337PW neighbor x.x.x.x maximum-prefix 100 threshold 90 Configure a community list to accept the bogon prefixes into the route-map. ipbgp-community new-format ip community-list 10 permit 65333:888 Configure the route-map. Remember to apply it to the proper peering sessions. route-map RM-CYMRUBOGONS-IN permit 10 description Filter bogons learned from cymru.com bogon route-servers match community 10 set ip next-hop 192.0.2.1 Set a bogon next-hop on all routers that receive the bogons. ip route 192.0.2.1 255.255.255.255 null0 ip prefix-list PL-CYMRU-OUT seq 5 deny 0.0.0.0/0 le 32
  • 30. BGP Communities WELL KNOWN TE Custom Communities no-advertise no-export ISP must support it TE via AS path prepends, local prefs, trig. blackhole 30
  • 31. BGP CommunitiesConfiguration Example ipbgp-community new-format ipprefix-list PL-ANNOUNCE seq 10 permit 205.93.251.0/24 ipprefix-list PL-ANNOUNCE seq 10 deny 0.0.0.0/0 le 32 route-map RM-ISP-OUT permit 10 match ip address prefix-list PL-ANNOUNCE set community 65011:209 route-map RM-ISP-OUT permit 20 router bgp 64512 neighbor 1.1.1.1 send-community neighbor 1.1.1.1 route-map RM-ISP-OUT out 31
  • 32. Section ReviewBGP & the Internet What kind of route options are typically received from an ISP? Who is the global controller of IP space on the internet? Describe bogon filtering What do the ^ and $ symbols mean in regular expressions? 32
  • 33. PART 2 BGP and the MPLS WAN Troubleshooting BGP 33
  • 34. BGP & MPLS Theory Design Configuration Best Practices 34
  • 35. MPLS Basics Topology Full Mesh Single peer to WAN cloud L1 Transport T1 DS3 L2 Transport PPP / MLP ATM / IMA Frame Relay Ethernet Routing Protocols BGP EIGRP RIP Public/Private AS’s 35
  • 36. MPLS Terminology CE Router Customer Edge PE Router Provider Edge P/LSR Router Provider Backbone/Label Switching Router VRF Virtual Routing and Forwarding Everything else is standard BGP! 36
  • 37. Typical MPLS Topology Options Single-homed, Single ISP Easiest routing policies Multi-homed, Single ISP Most common Multi-homed, Dual Provider Lots of TE 37
  • 38. BGP TableHow do you read this thing??? 38 > is the path installed in the routing table rmeans there is already a route with a better AD 32768means prefix originated on this router ? means prefix was originated via redistribution Next Hopis the neighbor IP of eBGP peer(s) WAN-Router# shipbgp BGP table version is 7345, local router ID is 172.16.254.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path * i12.86.42.44/30 172.16.254.4 0 100 0 7018 ? *> 12.122.14.185 0 7018 ? r>i172.16.254.4/32 172.16.254.4 0 100 0 ? *> 172.16.254.16/29 0.0.0.0 0 32768 ? *> 172.16.254.24/29 0.0.0.0 0 32768 ? * i172.30.32.0/20 172.16.254.4 0 100 0 7018 7018 i *> 12.122.14.185 0 7018 7018 i *> 172.30.64.0/20 12.122.14.185 0 7018 7018 ? imeans prefix was originated via network statement AS set is the list of AS’s prefix has passed through CIDR Mask try to summarize where possible * means route is OK to inject in routing table imeans prefix learned from iBGP peer
  • 39. Default Route Origination 39 *Policies include: Conditional advertisement, AS prepending, and communities
  • 40. Best Path Selection Review BGP Table (BRIB) Routing Table (RIB) BGP Multipath Multi-VRF w/Sub-interfaces 40 Weight Local Pref Local Originate AS Path Origin Type Lowest MED eBGP over iBGP IGP Metric to NH Received First Lowest RID Originator ID Neighbor IP WAN-router# shipbgpnei 172.16.16.249 advertised-routes Originating default network 0.0.0.0    Network          Next Hop      Metric LocPrf Weight Path *> 10.0.0.0/24      10.20.40.5         0         32768 ? *> 10.20.20.0/24    0.0.0.0            0         32768 ? ... Only send the very best! WAN-router> shipbgp    Network          Next Hop       Metric LocPrf Weight Path *> 0.0.0.0          172.14.16.250                     0 65000 i * 0.0.0.0          10.217.13.102                     0 65001 i WAN-router> shipbgp    Network       Next Hop        Metric LocPrf Weight Path *> 0.0.0.0       172.11.132.193                     0 1803 65000 i
  • 41. Route Redistribution “Seek first to summarize…” Do you need to redistribute? Yes = Redistribution No = Summarization Maybe = Both? BGP to EIGRP router eigrp 111 redistribute bgp 222 metric 1500 1000 255 1 1500 EIGRP to BGP router bgp 222 redistribute eigrp 111 41
  • 42. Miscellaneous Features Peer Groups Object-groups for BGP! (Kind of…) router bgp 64512 ! Setup peer-group policies neighbor PARTIAL-ROUTES peer-group neighbor PARTIAL-ROUTES version 4 neighbor PARTIAL-ROUTES filter-list 5 out neighbor FULL-ROUTES peer-group neighbor FULL-ROUTES version 4 ! Apply it to a neighbor neighbor 192.0.2.228 peer-group FULL-ROUTES ip as-path access-list 5 permit ^(209|36270|6298_)[0-9]*_[0-9]*$ Route Reflectors 42
  • 43. Best Practices Avoid redistributing everything under the sun connected, static, every routing protocol, etc. Look for ways to reduce routing tables Summarize Advertise only what is necessary Use a network statement for default origination network 0.0.0.0 mask 0.0.0.0 43
  • 44. Case StudyRequirements WAN to Internet Use DC as primary Use Campus as secondary Use Internet VPN as tertiary WAN to Hubs Use each hub MPLS DS3 Use other hub DS3 as secondary Use Internet VPN as tertiary Hub to Hub Use LAN link as primary Don’t use MPLS DS3’s as secondary 44 Smokey the Router says… “Routing works both ways!”
  • 45.
  • 46. Use DC as primary
  • 47. Use Campus as secondary
  • 48. Use Internet VPN as tertiary
  • 50. Use each hub MPLS DS3
  • 51. Use other hub DS3 as secondary
  • 52. Use Internet VPN as tertiary
  • 54. Use LAN link as primary
  • 55. Don’t use MPLS DS3’s as secondaryDefault Networks: 1 via eBGP to MPLS 1 via iBGP to VPN Advertised Networks: Shortest AS path (DC) Advertised Networks: network 0.0.0.0 network 10.112.0.0 Received Networks: 0.0.0.0/0 ge 29 le 32 Advertised Networks: network 0.0.0.0 Received Networks: 0.0.0.0/0 ge 29 le 32 Summarized Networks: summary-addr 10.x.0.0/20 summary-addr <WAN nets> Advertised Networks: network 0.0.0.0 Received Networks: 0.0.0.0/0 ge 29 le 32 Summarized Networks: summary-addr 10.112.0.0/16 Default Route Static route redistributed into EIGRP Campus to WAN: EIGRP Metric better via Router 1  WAN DC to Campus: Only 1 route via Interlink
  • 56. Configuration Example (Hub)MPLS eBGP Peer with Default Advertisement 46 router bgp 100 network 0.0.0.0 network 10.112.0.0 mask 255.255.0.0 neighbor 192.0.2.105 remote-as 65000 neighbor 192.0.2.105 description eBGP with MPLS SP. Password: 1234abcd neighbor 192.0.2.105 password 1234abcd neighbor 192.0.2.105 version 4 neighbor 192.0.2.105 send-community neighbor 192.0.2.105 soft-reconfiguration inbound neighbor 192.0.2.105 route-map RM-MPLS-IN in neighbor 192.0.2.105 route-map RM-MPLS-OUT out no auto-summary ip prefix-list PL-DEFAULT seq 10 permit 0.0.0.0/0 route-map RM-MPLS-IN deny 10 description Block learning default route from DC Router. Use IGP instead. match ip address prefix-list PL-DEFAULT route-map RM-MPLS-IN permit 20 route-map RM-MPLS-OUT permit 10 description Set BGP policies for outbound route advertisements to MPLS Provider set community 112 route-map RM-MPLS-OUT permit 20 description Prepend Default Route for Backup Link match ip address prefix-list PL-DEFAULT set as-path prepend 100 100 route-map RM-MPLS-OUT permit 30
  • 57. Configuration Example (Hub)MPLS EIGRP Redistribution router eigrp 1 redistribute bgp 100 metric 1500 1000 255 1 1500 route-map PL-WAN-SERIALS network 10.112.2.0 0.0.0.255 no auto-summary ip prefix-list PL-WAN-SERIALS seq 10 permit 0.0.0.0/0 ge 29 route-map RM-WAN-SERIALS permit 10 description Only redistribute WAN serials (/29 to /32 prefixes) into EIGRP process match ip address prefix-list PL-WAN-SERIALS Advertise learned BGP networks with prefixes /29 or longer 47
  • 58. Section ReviewBGP & MPLS What are the 3 default route origination methods? What does the > symbol mean in the BGP table? What are 3 clues that tell you a route "originated here" in the BGP table? 48
  • 59. BGP Troubleshooting Interpreting and Troubleshooting BGP Operations 49
  • 60. Peer Establishment Peer Reachability MD5 Password Mismatch Wrong neighbor IP Wrong update-source Wrong peer AS TTL / ebgp-multihop Stuck in OpenSent/OpenConfirm Asymmetric routing & TTL problem ACL’s between peers Blocking TCP/179 50
  • 61. Flapping Peer *May 20 04:02:39.240 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down Peer closed the session *May 20 04:02:54.468 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 04:20:44.999 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down BGP Notification sent *May 20 04:20:44.999 MST: %BGP-3-NOTIFICATION: sent to neighbor 192.0.2.133 4/0 (hold time expired) 0 bytes *May 20 04:21:04.243 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 04:52:18.132 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down BGP Notification sent *May 20 04:52:18.132 MST: %BGP-3-NOTIFICATION: sent to neighbor 192.0.2.133 4/0 (hold time expired) 0 bytes *May 20 04:55:16.469 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 04:56:17.169 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down Peer closed the session *May 20 04:56:36.533 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 05:09:28.555 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down Peer closed the session *May 20 05:09:35.087 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 05:47:57.350 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down BGP Notification sent Remote router rebooting (BGP crash?) MTU Incorrect L2 Problem Interface output drops (QoS, CoPP, etc.) 51
  • 62. Received RoutesPre/Post Filter Show received routes before policy is applied shipbgpnei 1.1.1.1 received-routes Requires soft-reconfiguration inbound (more mem) Show received routes after policy is applied shipbgpnei 1.1.1.1 routes Show AS Paths to via all neighbors BGP-router> shipbgp paths Address Hash Refcount Metric Path 0xC4125EDC 1 8 0 7018 209 701 23520 3816 ? 0x68397C58 1 18 0 4323 6389 6198 27266 25747 i 0x74151970 1 2 0 4323 1299 13249 44600 i 0x70FF72D4 1 2 0 4323 3257 1241 20506 i 52
  • 63. Missing Routes Next hop IP address must be accessible iBGP next-hop-self Route with better AD already exists in RIB Filters Prefix AS-Path Route-maps 53
  • 64.
  • 65.
  • 66. Looking GlassPublic BGP Route Servers - CLI Verify how the global internet routing table views your prefix announcement route-views.oregon-ix.net> shipbgp205.93.251.0 | i64512 3333 3356 1239 4323 64512 2905 701 209 7018 64512 4513 13789 22212 4323 64512 7018 4323 64512 ... 56
  • 67. Looking GlassPublic BGP Route Servers – Web/CLI 57
  • 68. High CPU BGP-Router# sh proc cpu | i CPU|PID|BGP CPU utilization for five seconds: 93%/2%; one minute: 32%; five minutes: 22% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 319 2319628 11589466 200 0.15% 0.05% 0.04% 0 BGP Router 320 568684 2305861 246 0.00% 0.01% 0.00% 0 BGP I/O 321 246815548 1497615 164807 76.47% 9.23% 6.50% 0 BGP Scanner 58
  • 69. High Memory L3-Switch# sh proc mem | i PID|BGP PID TTY Allocated Freed Holding GetbufsRetbufs Process 319 0 541682808 353471992 177441136 0 0 BGP Router 320 0 1377432 2361312 7048 0 0 BGP I/O 321 0 136 323920 10216 0 0 BGP Scanner L3-Switch# shipbgp sum Neighbor V AS MsgRcvdMsgSentTblVerInQOutQ Up/Down State/PfxRcd 32.124.75.251 4 209 1741759 68344 9564122 0 0 6w5d 251577 52.111.238.129 4 5555 2798645 68231 9564122 0 0 1w2d 254104 192.0.1.148 4 22222 68448 2134480 9564122 0 0 3w3d 35 192.0.2.228 4 33333 67386 2381477 9564122 0 0 5d01h 118 192.0.3.254 4 11111 2140027 2272911 9564130 0 0 6w5d 254360 750K routes (if no soft-reconfig) 1.5M routes (if soft-reconfig) 542MB of memory for BGP 59
  • 70. LatencyPerception v. Reality What could cause this horrible latency??? Reply from 209.85.171.100: bytes=32 time=5ms TTL=247 Reply from 209.85.171.100: bytes=32 time=5ms TTL=247 Reply from 209.85.171.100: bytes=32 time=6ms TTL=247 Reply from 209.85.171.100: bytes=32 time=99ms TTL=247 Reply from 209.85.171.100: bytes=32 time=225ms TTL=247 Reply from 209.85.171.100: bytes=32 time=248ms TTL=247 Reply from 209.85.171.100: bytes=32 time=66ms TTL=247 Reply from 209.85.171.100: bytes=32 time=8ms TTL=247 Reply from 209.85.171.100: bytes=32 time=5ms TTL=247 Reply from 209.85.171.100: bytes=32 time=5ms TTL=247 60 BGP scanner process takes higher priority than ICMP processing. Move on, nothing to see here.
  • 71. Section ReviewTroubleshooting What are 3 reasons that could cause peer establishment problems? What are the advantages and disadvantages of soft reconfiguration? What is required in ordered to announce a prefix? What kind of information can you get from the looking glass route servers? 61
  • 72. BGP Resources North American Network Operators Group (NANOG) http://www.nanog.org www.traceroute.org 62

Notes de l'éditeur

  1. http://tools.ietf.org/html/rfc1930http://www.iana.org/assignments/as-numbers
  2. http://tools.ietf.org/html/rfc1930http://tools.ietf.org/html/rfc4893http://www.iana.org/assignments/as-numbers
  3. BGP Scannerhttp://www.cisco.com/warp/public/459/highcpu-bgp.html
  4. BGP Path Selection BGP could possibly receive multiple advertisements for the same route from multiple sources. BGP selects only one path as the best path. When the path is selected, BGP puts the selected path in the IP routing table and propagates the path to its neighbors. BGP uses the following criteria, in the order presented, to select a path for a destination: •If the path specifies a next hop that is inaccessible, drop the update. •Prefer the path with the largest weight. •If the weights are the same, prefer the path with the largest local preference. •If the local preferences are the same, prefer the path that was originated by BGP running on this router. •If no route was originated, prefer the route that has the shortest AS_path. •If all paths have the same AS_path length, prefer the path with the lowest origin type (where IGP is lower than EGP, and EGP is lower than incomplete). •If the origin codes are the same, prefer the path with the lowest MED attribute. •If the paths have the same MED, prefer the external path over the internal path. •If the paths are still the same, prefer the path through the closest IGP neighbor. •Prefer the path with the lowest IP address, as specified by the BGP router ID.
  5. http://www.cisco.com/en/US/docs/internetworking/technology/handbook/bgp.html#wp1020565
  6. http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00801c4f48.shtmlBGP-Router# sh proc cpu | i CPU|PID|BGPCPU utilization for five seconds: 10%/4%; one minute: 6%; five minutes: 5% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 215 3212220 28919634 111 0.00% 0.05% 0.07% 0 BGP Router 234 937744 13995769 67 0.00% 0.01% 0.00% 0 BGP I/O 235 38969228 512967 75969 6.14% 0.77% 0.63% 0 BGP Scanner
  7. http://www.iana.org/assignments/ipv4-address-spacehttp://en.wikipedia.org/wiki/Regional_Internet_RegistryThe Internet Assigned Numbers Authority (IANA) delegates Internet resources to the RIRs, and in turn, the RIRs follow their regional policies for further sub-delegation of resources to their customers, which include Internet service providers and end-user organizations.
  8. http://www.arin.net/announcements/20070521.htmlhttp://www.networkworld.com/news/2007/060707-arin-registry-backs-ipv6.htmlhttp://en.wikipedia.org/wiki/IPv4_address_exhaustionhttp://www.oecd.org/dataoecd/7/1/40605942.pdf
  9. Memory Requirementshttp://bgp.potaroo.net/http://bgp.potaroo.net/bgprpts/rva-index.htmlhttp://www.cidr-report.org/as2.0/#General_Statushttp://www.caida.org/research/topology/as_core_network/http://thyme.apnic.net/http://thyme.apnic.net/current/data-summaryneighbor maximum-prefixWhen the number of received prefixes exceeds the maximum number configured, the router terminates the peering (by default). However, if the warning-only keyword is configured, the router instead only sends a log message, but continues peering with the sender. If the peer is terminated, the peer stays down until the clear ipbgpcommand is issued.
  10. http://www.iana.org/assignments/ipv4-address-spacehttp://www.iana.org/numbershttp://www.afrinic.net/statistics/resource_search.htmhttp://www.arin.net/reference/ip_blocks.html
  11. http://www.nanog.org/mtg-0710/smith.html
  12. Full, No DefaultMost organizations don’t need full routesPartial, with DefaultGood balance between load sharing and memory control. ISP or CE controlledDefault OnlyLowest memory requirements, but least amount of available BGP policy options
  13. http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094a92.shtmlhttp://www.911networks.com/index.php/Cisco/BGPRegexOriginated in AS 31915 + allow prependingip as-path access-list 1 permit ^(31915_)+$Use “show ipbgpregex” to test
  14. http://thyme.apnic.net/current/data-summary
  15. http://www.team-cymru.org/Services/Bogons/routeserver.htmlhttp://www.team-cymru.org/Services/ip-to-asn.html#whoishttp://www.ietf.org/rfc/rfc2827.txtThe bogon prefixes are announced unaggregated; as of 28 SEP 2005 this includes 71 prefixes. The ASN used by all of the bogon route-servers is 65333. A private ASN is used to ensure that leakage is easily detected and prevented. Each prefix is tagged with a community, 65333:888, to more readily enable filtering. Peering sessions include the use of a password. The bogon route-servers accept no prefixes from their peers.
  16. BGP community policies can be found in the whois database for the ISP ASNhttp://www.onesc.net/communities/Sprint - https://www.sprint.net/index.php?p=policy_bgp
  17. http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a00801475b2.shtml
  18. http://www.cisco.com/en/US/docs/ios/12_0t/12_0t5/feature/guide/VPN.htmlEach VPN is associated with one or more VPN routing/forwarding instances (VRFs). A VRF defines the VPN membership of a customer site attached to a PE router. A VRF consists of an IP routing table, a derived Cisco Express Forwarding (CEF) table, a set of interfaces that use the forwarding table, and a set of rules and routing protocol parameters that control the information that is included into the routing table.Based on routing information stored in the VRF IP routing table and VRF CEF table, packets are forwarded to their destination using MPLS. A PE router binds a label to each customer prefix learned from a CE router and includes the label in the network reachability information for the prefix that it advertises to other PE routers. When a PE router forwards a packet received from a CE router across the provider network it labels the packet with the label learned from the destination PE router. When the destination PE router receives the labeled packet it pops the label and uses it to direct the packet to the correct CE router. Label forwarding across the provider backbone, is based on either dynamic label switching or traffic engineered paths. A customer data packet carries two levels of labels when traversing the backbone: 1 Top label directs the packet to the correct PE router 2 Second label indicates how that PE router should forward the packet to the CE router
  19. Verizon AT&T AS7018Sprint AS1803
  20. neighbor 1.1.1.1 default-originate This command does not require the presence of 0.0.0.0 in the local router. When used with a route map, the default route 0.0.0.0 is injected if the route map contains a match ip address clause and there is a route that matches the IP access list exactly. The route map can contain other match clauses also. You can use standard or extended access lists with the neighbor default-originate command.
  21. http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtmlBGP Multipath BGP Multipath allows installation into the IP routing table of multiple BGP paths to the same destination. These paths are installed in the table together with the best path for load sharing. BGP Multipath does not affect bestpath selection. For example, a router still designates one of the paths as the best path, according to the algorithm, and advertises this best path to its neighbors.
  22. bgp fast-external-falloverTo immediately reset the BGP sessions of any directly adjacent external peers if the link used to reach them goes down, use thebgp fast-external-fallover command. The behavior of this command is enabled by default.
  23. http://www.cisco.com/en/US/tech/tk365/tk80/tsd_technology_support_sub-protocol_home.htmlhttp://www.nanog.org/mtg-0802/smith1.htmlhttp://www.nanog.org/mtg-0802/presentations/PSmith_BGP.pdf
  24. http://www.cisconet.com/route-server/world_map.htmlTelnet to route-views.oregon-ix.net
  25. http://www.cisconet.com/route-server/world_map.htmlhttp://stat.qwest.net/looking_glass.htmlTelnet to route-views.oregon-ix.net
  26. http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00801c4f48.shtmlReduce amount of receivedBGP prefixes
  27. http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a00801c4f48.shtmlWhile BGP scanner runs, low priority processes need to wait a longer time to access the CPU. One low priority process controls Internet Control Message Protocol (ICMP) packets such as pings. Packets destined to or originated from the router may experience higher than expected latency since the ICMP process must wait behind BGP scanner. The cycle is that BGP scanner runs for some time and suspends itself, and then ICMP runs. In contrast, pings sent through a router should be switched via Cisco Express Forwarding (CEF) and should not experience any additional latency. When troubleshooting periodic spikes in latency, compare forwarding times for packets forwarded through a router against packets processed directly by the CPU on the router.