Interdomain Traffic Engineering with BGP By Behzad Akbari Spring 2011 These slides are based on the slides of Tim. G. Griffin (AT&T) and Shivkumar (RPI) 1 Real World: Multiple Links Between Domains Multiple links Middle of path 4 3 5 2 7 1 6 Web server Client 2 BGP Decision Process Highest local preference Lowest AS path length Lowest MED (with same next hop AS) I-BGP < E-BGP Lowest IGP cost to next hop Lowest router ID of BGP speaker 3 BGP Route Selection Process Prefer largest LOCAL-PREF If same LOCAL-PREF prefer the shortest AS-PATH. If AS-PATHs are the same prefer the lowest MED. If MED is same, prefer min-cost NEXT-HOP If routes learned from EBGP or IBGP, prefer paths learnt from EBGP Final tie-break: Prefer the route with I-BGP ID (IP address) 4 Route Selection Summary Highest Local Preference Enforce relationships Shortest ASPATH Lowest MED i-BGP < e-BGP traffic engineering Lowest IGP cost to BGP egress Lowest router ID 5 Hot-Potato Routing multiple egress points dest New York San Francisco ISP network 10 9 Dallas Hot-potato routing = route to closest egress point when there from is more than to peers -All traffic customer one -Allroute traffictotodestination customer prefixes with multiple connections 6 Hot-Potato Routing Change dest New York San Francisco - failure - planned maintenance 11 - traffic engineering ISP network 9 11 Consequences: Transient forwarding instability Traffic shift Interdomain routing changes 10 Dallas Routes to thousands of destinations switch egress points!!! 7 Tuning BGP to control the outgoing traffic Principle To control its outgoing traffic, a domain must tune the BGP decision process on its own routers How to tune the BGP decision process ? Filter some routes learned from some peers local-pref usual method of enforcing economical relationships MED usually, MED value is set when sending a route but some routers allow to insert a MED in a received route allows to prefer routes over others with same AS Path length IGP cost to nexthop setting of IGP cost for intradomain traffic engineering several routes in forwarding table instead of one 8 Load-Balancing Knobs in BGP LOCAL-PREF: outbound traffic, local preference (box-level knob) MED: Inbound-traffic, typically from the same ISP (link-level knob) AS1 Local Preference AS2 MED 9 Local Preference Attribute Local to AS It is never advertised to an eBGP peer. AS 3847 Used to influence BGP path selection F G E C 208.1.1.0/24 Default 100 Highest local-pref preferred For example, you can express the policy “prefer private connect” by making the “local_pref” be 150 and leaving all other peers at 100. D 80 208.1.1.0/24 100 Preferred by all AS3847 routers A B 208.1.1.0/24 AS 6201 10 Controlling incoming traffic by outbound BGP routes Outbound BGP routes make traffic come in It’s a lot harder to control inbound traffic as other ASs’ policies complicate your life! If you are a stub AS with a single connection Not much you need to do except to filter out routes not in your AS If you are a multi-homed stub AS, Want to control through which link/provider that traffic to certain destinations in your AS may take, to load balance or for back-up If you are an ISP, you want to minimize transit cost, carry transit traffic from customers only ! use “hot-potato” routing to hand off traffic to peers/providers as soon as possible to load balance, or to ensure reliability with back-up routes 11 Why Inbound Traffic is Hard to Manage Other ASes decide how to send to you Destination-based routing Other ASes decide which path to take Based on their own policies 2 4 1 p 3 AS 2 doesn’t know how AS 1 will send traffic toward p 12 Tuning BGP to control the incoming traffic Principle To control its incoming traffic, a domain must tune the BGP advertisements sent by its own routers How to tune the BGP advertisements ? Do not announce some routes to from some peers MED advertise some prefixes only to some peers insert MED=IGP cost, usually requires bilateral agreement AS-Path artificially increase the length of AS-Path 13 AS Prepending Artificial increasing AS path length Prepend your own AS in the path E.g., turn “3 4 5” into “3 3 3 4 5” Hope to make the path less attractive 1 “3 4 5” 3 “3 3 3 4 5” 14 ASPATH Padding: Shed inbound traffic AS 1 provider 192.0.2.0/24 ASPATH = 2 2 2 192.0.2.0/24 ASPATH = 2 primary backup customer AS 2 192.0.2.0/24 Padding will (usually) force inbound traffic from AS 1 to take primary link 15 Padding May Not Shut Off All Traffic AS 1 AS 3 provider provider 192.0.2.0/24 ASPATH = 2 192.0.2.0/24 ASPATH = 2 2 2 2 2 2 2 2 2 2 2 2 2 2 primary backup customer AS 2 192.0.2.0/24 AS 3 will send traffic on “backup” link because it prefers customer routes and local preference is considered before ASPATH length! Padding in this way is often used as a form of load balancing 16 Multiple Exit Discriminator (MED) Tell your neighbor what you want MED attribute to indicate receiver preference Decision process picks route with smallest MED Can use MED for “cold potato” routing But, have to get your neighbor to accept MEDs 1 “3 4 5” with MED=1 3 “3 4 5” with MED=2 17 Hot Potato Routing: Closest Egress Point 192.44.78.0/24 egress 2 egress 1 15 56 IGP distances This Router has two BGP routes to 192.44.78.0/24. Hot potato: get traffic off of your network as Soon as possible. Go for egress 1! 18 Getting Burned by the Hot Potato 2865 High bandwidth Provider backbone 17 SFF Low bandwidth customer backbone Heavy Content Web Farm NYC 15 56 San Diego tiny http request huge http reply 19 Cold Potato Routing with MEDs (Multi-Exit Discriminator Attribute) Prefer lower MED values 2865 17 Heavy Content Web Farm 192.44.78.0/24 MED = 56 192.44.78.0/24 MED = 15 15 56 192.44.78.0/24 This means that MEDs must be considered BEFORE IGP distance! Note1 : some providers will not listen to MEDs Note2 : MEDs need not be tied to IGP distance 20 MEDs Can Export Internal Instability 2865 17 FLAP FLAP 192.44.78.0/24 MED = 56 OR 10 192.44.78.0/24 MED = 15 10 15 Heavy Content Web Farm FLAP FLAP 56 FLAP FLAP 192.44.78.0/24 21