BGP Concept
There are two types of protocols:
 Interior Gateway Protocol (IGP)
 Exterior Gateway Protocol (EGP)
An IGP is a routing protocol that operates within the same Autonomous System (AS) such as
OSFP and EIGRP. Usually routers running IGP are under the same administration or company.
An EGP is a routing protocol that operates between different AS. BGP is the only EGP used
nowadays
Border Gateway Protocol (BGP)
BGPv4 is a standardized protocol and is considered as a Path Vector protocol. It is used to route
traffic between different AS and it maintains a separate routing table based on the shortest AS
Path to a destination.
BGP is the routing protocol used on the internet or between different ISPs and it is identified
using a 16-bits number, known as Autonomous System Number (ASN) which can be a value
from 1-65535. BGP ASN 64512-65535 for private use.
One of the differences that BGP has compared to other IGPs is that BGP does not require
neighbors to be attached to the same subnets. Instead, BGP routers use a TCP connection (Port
179) between routers to pass BGP messaged, allowing neighboring routers to be on the same
subnet or to be separated by several routers.
Some of the features of BGP are:
•
It forms a neighbor relationship before sending routing information (same as OSFP and
EIGRP)
•
Neighbor IP addresses are explicitly configured and may not be on common subnet.
•
Advertise prefix/length, called Network Layer Reachability Information (NLRI).
•
Advertises a variety of Path Attributes (PA) that BGP uses instead of a metric to choose
the best path.
•
Focus on fast scalability and might not always choose the most efficient route.
PATH VECTOR PROTOCOL
Path Vector protocol does not rely on bandwidth of the link (like OSPF) or hopcount (like RIP)
or a group of parameters (like EIGRP). It relies on the number of autonomous system it has to
go through before reaching its destination.
In other words, it chooses the path with the least number of autonomous system (shortest AS
path) to reach a destination, provided that the path is loop free. The path can be changed easily
based on our requirements.
BGP uses the AS path to perform two key functions:
•
Choose the best route for a prefix based on the fewest ASNs it has to go through
•
Prevent routing loops
Let’s take an example:
If AS1 needs to communicate with AS3, BGP will go through AS1>AS2>AS. So BGP will go
through AS2 as it only has to go through only 1 AS which is AS.
One reason to use BGP is that it can handle very big routing tables, which IGP cannot handle.
Currently the global Internet routing table contains over 500,000 routes and BGP handles such
large routing table.
BGP Message Types
For BGP to function, BGP routers (known as speakers) must form a neighbor relationship
(known as peers).
There are two types of BGP neighbor relationships:
•
iBGP peers – BGP neighbors within the same AS
•
eBGP peers – BGP neighbors in different AS
Let’s take an example:
In the example above, Router B, Router C and Router D are in AS 200 and in order for them to
communicate, an iBGP neighbor relationship would be form.
For Router A which is in AS 100 to communicate with Router E which is in AS 300, an eBGP
peering would be formed.
Once all the BGP peers have full neighbor relationship, they will send their full routing table to
each other. When fully converged, only updates are then exchanged.
By default, BGP assumes that eBGP peers are a maximum of one hop away from each other. But
this can be changed using a command.
iBGP does not have any hop restriction. By default, all iBGP peers must be directly connected
with each other within the same AS number.
The administrative distance for routes learned by eBGP is 20 and iBGP is 200.
Administrative distance is the feature that routers use in order to select the best path when there
are two or more different routes to the same destination from two different routing protocols.
BGP PEER MESSAGES
BGP will form its peer relationship using a series of messages:
•
OPEN
•
KEEPALIVE
•
UPDATE
•
NOTIFICATION
OPEN MESSAGE
First an OPEN message is sent between peers to initiate the session. The OPEN message
contains several parameters:
•
BGP version – must be the same between BGP peers
•
Local AS Number
•
BGP Router ID
KEEPALIVE MESSAGE
Keepalive messages are sent by default every 60 seconds periodically to ensure that the remote
peer is still alive. If a router does not receive keepalive message for a hold-time period of 180
seconds ( by default) the router declares that peer dead.
UPDATE MESSAGE
Update messages are used to exchange routes between peers.
NOTIFICATION MESSAGE
Notification messages are sent there is an error condition. If that message is sent, the BGP peer
session is torn down and reset.
Finite State Machine (FSM)
When BGP session is forming between peers, it will go through several state known as BGP
Finite-Sate Machine (FSM).
The states are:
•
IDLE
This is the first state of BGP where it will try to initiate a TCP connection to the BGP peer and
also listens for a new peer router.
•
CONNECT
In this state, BGP initiates the TCP connection. If the 3-way TCP handshake completes, the
established BGP session BGP process resets the ConnectRetry timer and sends the open
message to the neighbor, and then changes to the OPENSENT state.
If the connectivity timer is over before this stage is completed, a new TCP connection is
attempted, the connectretry timer is reset and the state is moved to Active. If any other input is
received, the state is changed to Idle.
During this state, the neighbor with the highest IP address manages the connection. The router
initiating the request uses a dynamic source port, but the destination port is always 179.
ACTIVE
In this state, BGP starts a new 3-way TCP handshake. If a connection is established, an Open
message is sent, the Hold Timer is set to 4 minutes and the state moves to OPENSENT. If this
attempt for the TCP connection fails, the state moves back to the connect state and resets the
connnectretry timer.
OPENSENT
In this state, an OPEN message has been sent from the originating router and is waiting an
OPEN message form the other router. When the source router receives the OPEN message form
the other router, both OPEN messages are check for errors. The following items are compared:
•
BGP versions must match.
•
The source IP address of the Open message must match the IP address that is
configured for the neighbor.
•
The AS number in the Open message must match what is configured for the
neighbor.
•
BGP identifiers (RID) must be unique. If RID does not exists, this condition is not
met.
•
Security parameters like password, TTL, etc…., are also compared.
If the OPEN messagedo not have any errors, the connection state is then moved to the
OPENCONFIRM.
If an error is found, a NOTIFICATION message is sent and the state is moved back to IDLE.
OPENCONFIRM
In this state, BGP waits for a keepalive message. Upon receipt of a neighbor's keepalive
message, the state is moved to established. If the hold timer expires, the state is moved to Idle.
ESTABLISHED
In this state, BGP session is established. BGP neighbors exchange routes using Update
messages.
As Update and Keepalive messages are received, the Hold Timer is reset. If the Hold Timer
expires, an error is detected and BGP moves the neighbor back to the Idle state.
BGP General Concept
•
TYPES OF CONNECTION TO THE ISP
I.
Single – homed (1 link per ISP, 1 ISP)
II.
Dual – homed (2+ links per ISP, 1 ISP)
III.
Single – multihomed ( 1 link per ISP, 2+ ISPs)
IV.
Dual – multihomed (2+ links per ISP, 2+ ISPs)
Single – homed
It uses a single link between the enterprise and the ISP. Only one possible next hop router exist
for any or all routes for destinations in the internet. An example is shown below:
Dual – homed
It has two (or more) links to the Internet, but with all links connecting to a single ISP.
Comparing the dual – homed to single – homed, the second link gives the enterprise a choice.
The routers could choose between one of the two links to send data.
PARTIAL AND FULL BGP UPDATES
Exchanging BGP information for large number of routes consumes bandwidth. It also consumes
memory in the routers and requires some processing to choose the best routes.
To help reduce the memory requirements of receiving full BGP updates (BGP updates that
include all routes), some ISPs give you 3 basic options for what routes the ISP advertises:
•
Default route only – The ISP advertises a default route with BGP, but no other routes.
•
Full updates – The ISP sends you the entire BGP table.
•
Partial updates – The ISP sends you routes for prefixes that might be better reached
through that ISP, but not all routes, plus a default route (to use as needed instead of the
purposefully omitted routes).
BGP partial updates give you the benefits of choosing the best route for some destination, while
limiting the bandwidth and memory consumption. With partial updates, the ISP advertises routes
for prefixes that are truly better reached through a particular link.
Single – multihomed
A single- multihomed topology means a single link per ISP, but multiple (at least two) ISPs. An
example is shown below:
Dual – multihomed
Two or more ISPs are used, with two or more connections to each. Some examples are shown
below:
At least two ISPs exist with at least two connections per ISP, much redundancy exists. That
redundancy can be used for backup, but most often, BGP used it to make some decision about
the best path to reach various destinations.
Configuring BGP Neighbors
The first step in configuring BGP is to enable the BGP process, and specify the router’s
Autonomous System (AS):
RouterB(config)# router bgp 100
RouterB is now a member of AS 100. Next, neighbor relationships must be established. To
configure a neighbor relationship with a router in the same AS (iBGP Peer):
RouterB(config)# router bgp 100
RouterB(config-router)# neighbor 10.1.1.1 remote-as 100
To configure a neighbor relationship with a router in a separate AS (eBGP Peer):
RouterB(config)# router bgp 100
RouterB(config-router)# neighbor 172.16.1.2 remote-as 900
Notice that the syntax is the same, and that the remote-as argument is always used, regardless if
the peering is iBGP or eBGP.
For stability purposes, the source interface used to generate updates to a particular
neighbor can be specified:
RouterB(config)# router bgp 100
RouterB(config-router)# neighbor 172.16.1.2 update-source lo0
RouterC must then point to RouterB’s loopback (assume the address is 1.1.1.1/24) in its
neighbor statement:
RouterC(config)# router bgp 900
RouterC(config-router)# neighbor 1.1.1.1 remote-as 100
RouterC must have a route to RouterB’s loopback in its routing table.
Configuring BGP Neighbors (continued)
Remember though: by default, BGP assumes that external peers are exactly one hop away.
Using the loopback as a source interface puts RouterB two hops away from RouterC. Thus, the
ebgp-multihop feature must be enabled:
RouterC(config)# router bgp 900
RouterC(config-router)# neighbor 1.1.1.1 ebgp-multihop 2
The 2 indicates the number of hops to the eBGP peer. If left blank, the default is 255.
To authenticate updates between two BGP peers:
RouterB(config)# router bgp 100
RouterB(config-router)# neighbor 172.16.1.2 password CISCO
Configuring BGP Timers
To globally adjust the Keepalive and Hold-time timers for all neighbors:
RouterB(config)# router bgp 100
RouterB(config-router)# timers bgp 30 90
The above command sets the Keepalive timer to 30 seconds, and the Hold- time timer to 90
seconds. If the configured Hold-time timers between two peers are different, the peer session
will still be established, and the smallest timer value will be used.
To adjust the timers for a specific neighbor (which overrides the global timer configuration):
RouterB(config)# router bgp 100
RouterB(config-router)# neighbor 172.16.1.2 timers 30 90
Viewing BGP Neighbors
To view the status of all BGP neighbors:
RouterB# show ip bgp neighbors
BGP neighbor is 172.16.1.2, remote AS 900, external link
Index 1, Offset 0, Mask 0x2
Inbound soft reconfiguration allowed
BGP version 4, remote router ID 172.16.1.2
BGP state = Established, table version = 27, up for 00:03:45 Last
read 00:00:19, hold time is 180, keepalive interval is 60 seconds
Minimum time between advertisement runs is 30 seconds
Received 25 messages, 0 notifications, 0 in queue
Sent 20 messages, 0 notifications, 0 in queue
Inbound path policy configured
Route map for incoming advertisements is testing
Connections established 2; dropped 1
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Local host: 172.16.1.1, Local port: 12342
Foreign host: 172.16.1.2, Foreign port: 179
Enqueued packets for retransmit: 0, input: 0, saved: 0
Event Timers (current time is 0x530C294):
Timer
Starts
Wakeups
Retrans
15
0
TimeWait
0
0
AckHold
15
13
SendWnd
0
0
KeepAlive
0
0
GiveUp
0
0
PmtuAger
0
0
<snip>
To view the status of a specific BGP neighbor:
RouterB# show ip bgp neighbors 172.16.1.2
Next
0x0
0x0
0x0
0x0
0x0
0x0
0x0
The BGP Routing Table
Recall that BGP maintains its own separate routing table. This table
contains a list of routes that can be advertised to BGP peers.
To view the BGP routing table on RouterB:
RouterB# show ip bgp
BGP table version is 426532, local router ID is 2.2.2.2
Status codes: s suppressed, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete
Network
*> 10.5.0.0
Next Hop
0.0.0.0
Metric LocPrf Weight Path
0
0
32768
i
The route has been injected into BGP using the network command. The Next
Hop of 0.0.0.0 indicates that the route was locally originated into BGP. The
Path is empty, as the route originated in the Autonomous Systems.
Notice the Status Codes of “*>”. The * indicates that this route is valid (i.e. in
the routing table). The > indicates that this is the best route to the destination.
BGP will never advertise a route to an eBGP peer unless it is both valid and the
best route to that destination. BGP routes that are both valid and best will also
added the IP routing table as well.
To view the BGP routing table on RouterC:
RouterC# show ip bgp
Network
*> 10.5.0.0
Next Hop
172.16.1.1
Metric LocPrf Weight Path
0
100
0
100 i
Notice that AS 100 has been added to the path, and that the Next Hop is now
RouterB.