Přednáška 10 - BGP · Přednáška 10 - BGP Moderní Technologie Internetu Katedra...

Přednáška 10 - BGP

Moderní Technologie Internetu

Katedra počítačových systémůFakulta informačních technologií

České vysoké učení technické v Praze© 2014 Alex Moucha

Přednášející:Ing. Alex Moucha, Ph.D.

MI-MTI, 2014, Přednáška 10

Výroba těchto materiálů byla podpořena z prostředků projektu

Rozvoj a inovace předmětů v oblasti bezpečnosti a sítí č.

18104/105/1051476H000 RPMT.

Lecture 10 - BGP

Modern Internet Technologies

Department of Computer SystemsFaculty of Information Technology

Czech Technical University in Prague© 2014 Alex Moucha

Lecturer:Ing. Alex Moucha, Ph.D.

MIE-MTI, 2014, Lecture 10

The development of these materials was supported by the project

Development and Innovation of Study Materials in the Fields of

Security and Networking no. 18104/105/1051476H000 RPMT.

Statistics for Informatics MI(E)-SPI, LS 2013/14, Lecture XBlažek, Kotecký (FIT ČVUT)

Alex Moucha (FIT ČVUT) Modern Internet Technologies MI(E)-MTI, 2014, Lecture XAlex Moucha (FIT ČVUT) Modern Internet Technologies MI(E)-MTI, 2014, Lecture 10Alex Moucha (FIT ČVUT)

Mind. Blown.

• I have already blown your idea regarding the Internet. Twice.

• MPLS

• Transport Networks

• BGP is the third one

3



AS

• Autonomous system

• The ass of Jana

• The AS of IANA (Internet Assigned Numbers Authority)

• BTW: subnetworking => sub-autonomous-systems :))

4



IGP vs EGP

• Interior vs. Exterior Gateway Protocols

• IGP - what you already know

• EGP - only two protocols: EGP (dead) and BGP

• We are now at BGPv4 (1-3 no longer used)

5



BGP

• Designed to route through and around your ass, AS

• Flavours: IBGP (between neighbours in the same AS) and EBGP (AS2AS)

• Uses TCP port 179. Yes, TCP.On which layer is BGP actually working?

• Reliable connection between two neighbours

6



BGP

• Default config: finds the best path to a network using the best AS-path. Not good many times, allow me to explain…

• Default config: “RIP through my ass AS“

• Update packets:

• 5 seconds for IBGP

• 30 seconds for EBGP

• 60 seconds for hello keep-alives

• 180 seconds for hold-down

• the slowest routing protocol and it MUST be slow

• Allow me to explain why…7



BGP

• A lot of attributes are customisable (12)

• Who runs BGP?• BGP@home? No. Your SP will drop it.

• SPs inside and between them

• Large companies with redundant SPs

• Allow me to explain…

8



BGP

• BGP peers can be connected via other routing protocol (indirect neighbours).

• In BGP neighbours are manually configured other wise security problems or inefficient routing.

• Did I hear “WOW”?

9



BGP Rules

• Pay attention now

• Rule 1: Golden rule

• Rule 2: The rule of synchronisation

• Rule 3: The rule of split horizon

10



BGP Golden Rule

• Do NOT tell me how to drink my coffee !

11



BGP Golden Rule

• Do NOT tell me how to drink my coffee !

• BGP does not enable one AS to send traffic to a neighbouring AS intending that the traffic take a different route from that taken by traffic originating in the neighbour AS.


12



BGP The Rule of Synchronisation

• Although EBGP gives me a neighbour, I do NOT advertise it to remote peers unless I can prove its existence through IGPs (OSPF, RIP, etc).

13



BGP The Rule of Synchronisation

• Although EBGP gives me a neighbour, I do NOT advertise it to remote peers unless I can prove its existence through IGPs (OSPF, RIP, etc).

• Routes learned via BGP must be validated by the interior routing table before they can be advertised to other neighbours.

• We can have indirect neighbours: allow me to explain…

14



BGP The Rule of Split Horizon

• I hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, hate loops, …

15



BGP The Rule of Split Horizon

• I hate loops

• Routes learned via IBGP will never be sent to another IBGP peer. • Interpretation:

• loop prevention mechanism;

• IBGP peers should be a full mesh network.

• Disabled for route reflectors if you are sure that you have no loops in the network.


16



BGP - Attributes• Well known attributes (have to be supported on every router BGP able):

• Origin (mandatory)

• AS-path (mandatory)

• Next-hop (mandatory)

• Local preference (discretionary)

• Atomic aggregate (discretionary)

• Optional (if we implement some proprietary form of BGP or tuned version of BGP):

• Aggregator (transitive)

• Community (transitive)

• Multi-exit discriminator (non transitive)

• Explanation:

• mandatory = must be included in each and every route update

• discretionary = at the latitude of the router (network administrator)

• transitive = continue to propagate through the AS even if they are understood or not

• non transitive = will be stripped off by a router not understanding (not wanting to process) those attributes

17



BGP - AS Path

• Each AS prepends its own AS number to the AS path => AS path length

• Also used to prevent loops

• Example: 100 ; 200,100 ; 300,200,100 ; 500,300,200,100 ; 400, 500,300,200,100 ; 100,400,500,300,200,100 - ups, loop!, not accepted

18



BGP - Next Hop

• 150.20.31.5/24 advertises local net 80.0.0.0

• the route gets to 150.20.31.6/24 with next hop as 150.20.31.5

• the route is advertised to 147.23.91.2 with next hop as 147.23.91.1

• great, you got it, but…19



BGP - Next Hop on BMA

• Who is the next hop?

• Based on relationships between routers

• Next hop on the same subnet will remain the same20



• What happens on an NBMA Frame Relay system?

• Are the routers directly connected? PVC - private virtual circuit

• Mwahahaha… :) Manual config :)) on dynamic routing :))

BGP - Next Hop on NBMA

21



BGP - Origin

• Possible values: IGP (I), EGP (E), unknown (?)

• EGP? Do you remember EGP? Who uses EGP?

• route redistribution => unknown

22



BGP - Local Preference

• I receive the whole Internet Routing Table (IRT) from two SPs

• I can choose the preferred ISP via DIFFERENT routers

• Higher value of Local Preference is preferred => chosen as next hop23



BGP - Route Weight

• How about now? Can I use Local Preference?

• Weight does the same but on ONE ROUTER

• How about the low router? Coffee?

• Where is Weight in the list of Attributes? Why?24



BGP - Atomic Aggregate

• Oh, OK.25



BGP - Multi Exit Discriminator

• Sounds like racism

• It is also named “metric” =))

• I suggest you an entry point to my ass AS

• Lower is better

• Do we break the golden rule?

• Default? Ignored.

26



BGP - Other Attributes

• Aggregator - designates the IP address of the router which performed the summarisation

• Community - coloured route tag. Why? Because not all of us belong to the same community.

27



BGP - The Precedence of Attributes

• And you thought OSPF has a lot of attributes, didn’t you?

• Craaaaaazy.

28



BGP - Example 1

29



BGP - Example 2

• Confederation of ASs

• Route reflector

• Sub ASs30



BGP - Example 3

• Route maps

• Route filtering

• Route redistribution31



BGP Multihoming

• To a single SP

• To multiple SPs

32



BGP Multihoming

33



BGP Multihoming

34



BGP Multihoming

35



BGP Multihoming

36



BGP - Conclusions

• It gets to make you crazy, I totally agree

• I am sorry for ruining your understanding of networks

• I am sorry that we lied to you at PSI, Internet does not work as we told you it works

• An inconvenient truth

• The best: these details understand but you only need to know they exist for the MTI exam

37

Date post:	23-Dec-2018
Category:	Documents
Upload:	votuyen
View:	221 times
Download:	0 times

Přednáška 10 - BGP · Přednáška 10 - BGP Moderní Technologie Internetu Katedra...

Documents