Practical and Configuration issues of BGP and Policy routing Cameron Harvey Simon Fraser University BGP Overview What is BGP? BGP is described as “The glue that holds the internet together” eBGP routers advertise reachable routes their neighbours We have already learned that they do not necessarily advertise all their routes. There is a policy set by administrators to dictate routes to advertise BGP attributes When making a BGP advertisement, there are a number of attributes which may be specified. These attributes allow administrators to affect the BGP routing policies BGP attributes (2) Value Code Reference ----- --------------------------------- --------1 ORIGIN [RFC1771] 2 AS_PATH [RFC1771] 3 NEXT_HOP [RFC1771] 4 MULTI_EXIT_DISC [RFC1771] 5 LOCAL_PREF [RFC1771] 6 ATOMIC_AGGREGATE [RFC1771] 7 AGGREGATOR [RFC1771] 8 COMMUNITY [RFC1997] 9 ORIGINATOR_ID [RFC2796] 10 CLUSTER_LIST [RFC2796] 11 DPA [Chen] 12 ADVERTISER [RFC1863] 13 RCID_PATH / CLUSTER_ID [RFC1863] 14 MP_REACH_NLRI [RFC2283] 15 MP_UNREACH_NLRI [RFC2283] 16 EXTENDED COMMUNITIES [Rosen] ... 255 reserved for development BGP Decisions Algorithm BGP Decision Algorithm 1. Highest Local Preference 2. Lowest AS Path Length 3. Lowest Origin Type (0 iBGP, 1 eBGP, 2 Incomplete) 4. Smaller MED - Multi-Exit Discriminator (iff next hops equal) 5. Lowest IGP Cost ( OSPF , RIP , etc) 6. Lowest Next Hop 7. Lowest BGP Identifier 8. Vendor-dependent Tie Break Local Preference This is used in iBGP Setting the local preference to a higher value will give this route preference. Used with multiple exit points from AS The highest Local Preference will be the default exit point, even if this route has more hops. In the case of router failure, the next highest Local Preference exit is chosen Lowest AS Path Length BGP will choose the path with the least number of AS hops An AS may inflate the length of the AS path to make the route look less attractive to other ASes. It does so by adding its own AS number to the AS path 1 or more times. This process is called AS prepending. Lowest Origin Type This attribute is not used consistently among AS’s. This attribute is frequently ignored so that it does not interfere with the MED attribute MED - Multi-Exit Discriminator MED is typically used by two AS’s with a peering agreement. The values of the MED are part of the agreement. An AS will advertise its preferred gateway router with a lower MED. MED can be used to help balance the incoming traffic load. Business Relations With ISPs, it is the business relationships that are most important in determining BGP policies Two ISPs may agree to route each others traffic. They may do so without compensation perhaps because roughly equal amounts of traffic flows between their networks. This is called a peering relationship. Business Relations (2) Local preference can be manipulated to avoid traffic congestion or to save money by routing through ISPs with whom there is a peering relationship Set Local Preference value in range: 90-99 for customers 80-89 for peers 70-79 for providers Business Relations (3) Import Policy A BGP router can filter the routes received from each of its peers Helps control router table size Helps with security Export Policy A BGP router can: Filter the routes advertised to its peers Advertise transit routes to peers with whom it has a contract with to provide such service Selectively report reachability information report a destination to some neighbors and not others Router Table Size BGP tables have been growing exponentially Tables can have more than 300,000 entries Measures have been implemented to mitigate table growth Prefix Aggregation Filtering long prefixes Security BGP was built on trust and provides no security guarantees BGP does not validate an AS’s authority to announce reachability information. BGP does not ensure the authenticity of the path attributes announced by an AS In 1997 a small company inadvertently advertised optimal connectivity to all Internet destinations This claim was not validated in any way Most Internet traffic got routed to this destination Crippled the internet for ~2 hours Security (2) An AS can advertise a prefix or a longer prefix belonging to another AS Some internet traffic for this IP will now get re-routed to this AS which can then do any of the following: Do nothing - Black-hole attack Impersonate - Obtain sensitive information Passwords Credit card numbers Forward to original destination - Interception attack Security (3) Solutions ??? Currently Protection of the BGP TCP connection Filtering of BGP announcements Minimally effective unless all AS’s filter agressively. Because this is labour intensive, most AS’s do not bother Future Research S-BGP (secure BGP) soBGP (secure origin BGP) IRV system (Interdomain Route Validation) References http://www.ima.umn.edu/talks/workshops/1-12-16.2004/rexford/hotpotato.pdf http://www.cs.princeton.edu/~jrex/papers/policies.pdf http://www.renesys.com/tech/notes/WP_BGP_rev6.pdf http://en.wikipedia.org/wiki/Border_Gateway_Protocol http://www.ftmsk.net/index.php?showtopic=1755 http://www.cs.purdue.edu/homes/ninghui/readings/TruSe_fall04/td-5ugj33.pdf http://www.nanog.org/meetings/nanog45/presentations/Monday/Roisman_bgp_metric_N45.pdf http://www.renesys.com/tech/notes/WP_BGP_rev6.pdf