BGP Border Gateway Routing Protocol (1)

BGP protocol (a very awesome protocol)

If the previous foundation is not laid well, you will be confused about the agreement in this agreement.

What is BGP protocol

IGP (rip ospf eigrp isis )internal

EGP external

BGP, formerly EGP, Exterior Gateway Routing Protocol,

What exactly can it do?

Mainly responsible for communication between different ASs,

What kind of environment needs to run BGP

Small and medium-sized enterprises will definitely not be able to use it, but large enterprises will need BGP when their scale reaches a certain level.

And there are multiple remote branches in the environment,

What are the requirements for configuring BGP?

The hardware needs to be supported, because the BGP protocol will include entries of the entire Internet, and the hardware performance must be good.

The software also needs support. Some IOS do not support BGP, so there is no way to use it.

The maximum number of routing entries that the IGP routing protocol can carry is 10,000.

The number of routes that the BGP routing protocol can carry starts at 100,000 + 70W.

So here is a friendly reminder. If you consider introducing BGP entries into IGP, please think twice before doing so, and be sure to implement policy restrictions, otherwise your IGP protocol and equipment will be overwhelmed.

BGP Features

Runs on the TCP protocol and uses TCP179 port to establish a connection.

In fact, if you look at it simply, it is just a big rip. Both of them are distance vector routing protocols, but BGP changed its name to be better distinguished, and it is called path vector routing protocol.

BGP relationship

(That is, different relationships, it can be understood that there are two relationships like OSPF neighbors and adjacencies)

IBGP, the neighbor relationship established using the same AS number supports a maximum of 255 hops AD =200

EBGP uses different AS numbers to establish neighbor relationships. By default, it supports a maximum of 1 hop (of course it can be modified manually) AD=20

BGP path

Path vector routing protocol, (distance vector), so what does it use to mark the path?

BGP’s AS-PATH is used to mark the BGP path. If it passes through an AS, it is regarded as one hop. The fewer the number of hops, the better.

This point will be discussed in detail later.

Let’s look at a picture first

As shown in the figure, when there is an update in the direction of R1 and it is sent to R4, there are two ways to go at first.

R1-R2-R3-R4

R1-R5-R6-R4

But what BGP looks at is not the routing device it passes through, but the AS it passes through, which is represented by AS-PATH (this will be explained in more detail later)

If two routers are in the same AS, it is also regarded as one hop. The shorter the better.

Every time it passes through an AS, it will be marked in the BGP path attribute for flashback marking.

So, the above is 100— 200 and then to 400

The following is 100—500—600 and then to 400

After such a comparison, the link above must be set as the optimal one. How about it, it’s not difficult…

BGP packet types

There are five types in total

Open is used to request BGP neighbors

Keepalive //Keepalive package, used to establish and maintain neighbor relationships

Update ///BGP update package is not updated periodically. Only increments and triggers

Notification ///Error alarm package, when a problem occurs, the neighbor will be notified.

Router-refresh //Route refresh, when manually refreshed, this package can be captured through weirshark

BGP is built on TCP, TCP#179 port

BGP state machine

Idle idle state

Connect requests tcp connection status

Active failed when requesting tcp establishment. Repeated attempts are made at this stage.

Opensent tcp was established successfully,

Openconfirm sends keepalive package and waits for reply

Established The neighbor is established and update packets can be sent.

Here is a BGP establishment process using wireshark to capture packets.

Packet capture picture

After opening it, you can clearly see the establishment process of a BGP neighbor from scratch.

The captured packets are from IBGP peer, so I agree with you.

So what information is included in an OPEN package?

Describe a hold time. This is the holdtime of the keepalive package.

Keepalive packets have a periodicity, once every 60 seconds. If no keepalive is received from the other party within 180 seconds, the peer is considered down.

In addition, the two ends of this hold time can be different. If the two ends are different, take the smaller value, and then divide it by 3 to get the same period of keepalive (must be an integer)

Normally we don’t set up this thing, we just figure it out ourselves.

I drew a picture,

You can see its status more clearly, from idle to established step by step.

Starting from IDLE, request a TCP connection, enter connect, and start connecting to TCP. If successful, it will enter the open sent state. If unsuccessful, it will go to the ACTIVE state. (At this time, it will be tried repeatedly. If it is unsuccessful, it will fall back to the IDLE state)

The opensent state starts sending Open messages. After negotiation on both sides, it enters the open confilm state. Finally, it successfully enters the established state. After the establishment is completed, it starts sending update messages.

Three tables of BGP

1 Neighbor table stores BGP neighbors. You can intuitively see what BGP neighbor types are.

2 BGP table is equivalent to the EIGRP topology table, which stores all routing information.

3 Routing table Only the optimal entries of the BGP protocol will be placed in the routing table

1 Neighbor table, show ip bgp summary

2 bgp table, show ip bgp

If you want to view specific entries, you can add the prefix after show ip bgp, such as show ip bgp 192.168.1.0

3 routing table show ip route bgp

In BGP, neighbors are called peers (ibgp peer, ebgp peer)

Basic configuration of IBGP

First of all, let’s be clear. Whether you are IBGP or EBGP, you must understand that the prerequisite for establishing a TCP connection is the interoperability of the underlying layer, so that the next step of BGP can be realized. If the underlying layer is not connected, you can’t even think about other things behind it. Got it

In addition, BGP can establish neighbors across devices, so underlying interoperability is even more necessary.

In order to save trouble, we ran an EIGRP on R1 and R2 (like other RIP, OSPF, static can be used)

The configuration idea is as follows

1. Create a BGP process (a device is only allowed to have one BGP process [unique AS number])

2. Specify BGProuter-id

3. Specify the neighbor and the AS where the neighbor is located

4. Specify the update source (if you want to use the loopback interface)

The configuration is as follows

I won’t say more about the IGP protocol. R1R2 each sets loopback1,

R1(config)#router bgp 100 //Define and enter the BGP process
R1(config-router)#bgp rou 1.1.1.1 //Define bgp RID
R1(config-router)#nei 2.2.2.2 remote 100 //Specify neighbor and specify AS
R1(config-router)#nei 2.2.2.2 up lo 1 //Specify the update source as loopback1

R2(config)#router bgp 100
R2(config-router)#bgprou 2.2.2.2
R2(config-router)#nei 1.1.1.1 remote 100
R2(config-router)#nei 1.1.1.1 up lo 1

R2 does the same configuration and points to R1 as ibgp peer

It should be noted that in the BGP protocol, establishing neighbors and announcing network segments are two different things.

Establishing a neighbor does not mean updating entries. All entries must be updated manually.

View neighbor table

R2#show ip bgp sum
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 3, main routing table version 3
1 network entries using 117 bytes of memory
1 path entries using 52 bytes of memory
2/1 BGP path/bestpath attribute entries using 248 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 417 total bytes of memory
BGP activity 1/0 prefixes, 1/0 paths, scan interval 60 secs
 

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 100 27 26 3 0 0 00:23:13 1
R2#

Comparing local as with the neighbor’s AS, it is possible to determine whether the relationship with the neighbor is ibgp or ebgp

Neighbor, displayed as the identity of the neighbor. If RID is set, then the RID is displayed here.

State/rfxrcd, as long as it is data, it shows that the neighbor has been established successfully. The specific data indicates the specific number of received entries.

If it is not a number but in English, it means the status is incorrect.

View BGP table

R2#show ip bgp //You must be able to read this table
BGP table version is 3, local router ID is 2.2.2.2 //The local bgpRID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale //The specific meaning of the logos you will see below these two lines of table

Origin codes: i - IGP, e - EGP, ? - incomplete
   Network Next Hop Metric LocPrf Weight Path
r>i1.1.1.0/24 1.1.1.1 0 100 0 i

r means that the entry into the routing table failed. Why? Can you think of it? Because the AD of eigrp=90 and ibgp=200
 What is put into the route is the eigrp entry
>The curly brackets indicate the optimal entry of best BGP
Small i indicates that the relationship is ibgp relationship
The small i at the back means IGP, which will be introduced in detail later.
Next hop means the next hop, which means the same as via in IGP.
What this means is: if you want to go to 1.1.1.0/24, the next hop is 1.1.1.1
The final PATH is displayed as empty. This is because the split horizon principle of IBGP restricts AS-path transmission in IBGP neighbor relationships. 

View details of an item

 R2#show ip bgp 1.1.1.0
BGP routing table entry for 1.1.1.0/24, version 3
Paths: (1 available, best #1, table Default-IP-Routing-Table, RIB-failure(17))
  Not advertised to any peer
  Local
1.1.1.1 (metric 409600) from 1.1.1.1 (1.1.1.1)
    Metric value of next hop igp from 1.1.1.1 (rid)
      Origin IGP, metric 0, localpref 100, valid, internal, best //These are path attributes,

The last best is the best among the BGP entries. The best is displayed here and is displayed in the BGP table as ">"

Basic configuration of EBGP

As mentioned before, the so-called EBGP is to establish neighbor relationships through different AS numbers.

Configuration ideas

1. Create a BGP process (a device is only allowed to have one BGP process)

2. Define BGProuter-id

3. Specify the neighbor and the AS where the neighbor is located. This time it is a different AS number.

4. Specify the update source (if you want to use the loopback interface)

5. If you use the loopback interface as the update source, you must also enable ebgp multi-hop, because ebgp only supports one hop by default.

The configuration is as follows:

R1(config)#router bgp 100
R1(config-router)#bgprou 1.1.1.1
R1(config-router)#nei 2.2.2.2 remote 200 ///Specify neighbor, different AS
R1(config-router)#nei 2.2.2.2 up lo 1 //The update source is LO 1
R1(config-router)#nei 2.2.2.2 ebgp-multihop //Enable EBGP multihop, because EBGP supports 1 hop by default

 If no number is added after Ebgp-multihop, the default is 255 hops. 

R2 same configuration:

R2(config)#router bgp 200<br>R2(config-router)#bgprou 2.2.2.2
R2(config-router)#nei 1.1.1.1 remote 100
R2(config-router)#nei 1.1.1.1 up lo 1
R2(config-router)#nei 1.1.1.1 ebgp-multihop

However, usually, when establishing EBGP neighbor relationships, physical interfaces are used to establish them. There is no need to write additional routes, which also facilitates later maintenance.

View ebgp related information

R2# show ip bgp sum
BGP router identifier 2.2.2.2, local AS number 200
BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
1.1.1.1 4 100 2 2 0 0 0 never 1

Local as=200
PeerAS= 100
From this, it can be judged that this is an EBGP relationship, and other information remains unchanged

View the BGP table of EBGP

R2(config)#do show ip bgp
BGP table version is 4, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete
   Network Next Hop Metric LocPrf Weight Path<br>1*> 1.1.1.0/24 1.1.1.1 0 0 100 i

* valid means valid and will be put into the routing table. Why the previous IBGP will not be put into it has been explained.
 You can imagine why EBGP is put here, because EBGP's AD=20 is better than EIGRP's 90, SO, it can be put in the routing table. This is why there is >.
Did you find anything missing here?
Yes, that's right, for the BGP table of ebgp, there is no identifier at the front of this prefix, and this part is displayed as empty.
Further back, at the very end, path.

The role of AS-PATH

Here we introduce the function of path in detail, which has two functions:

1 is used to mark the AS that the route passes through. In RIP, passing through a routing device is regarded as one hop, while in BGP, passing through an AS is regarded as one hop. And the marking method is reverse marking,

2 is used for the anti-loop function of EBGP. When a neighbor receives an update entry and finds that it contains its own AS, it will directly discard the packet. Just so arrogant

We will introduce the types of as-path in more detail later.

If it is a pure IBGP relationship, the PATH condition will not exist in the entire IBGP network, because only the data will be marked when it comes out of IBGP.

BGP synchronization

Where do black holes come from?

As shown in the picture

Router-A publishes an update to B (at this time, the relationship between AB is EBGP neighbor relationship)

AS65102 runs IGP and BGP at the same time, and only B and E have established IBGP neighbor relationships. Can the routing entries be passed to F?

Since CISCO turns off synchronization by default, the route can be passed through.

Let’s take a look at how to update it first

RA passes it to RB, and RB passes it to its IBGP neighbor E (at this time, as RD and RC, he will not see what the uodate information contains, but forward it directly), and then E passes it to F. Updates on RA can be viewed on F

But can I come back? In other words, can my RA ping the RF?

Let’s see how the way back is.

F-E, who’s E’s next hop?

How is it packaged?

Source address F, destination address, the entry on RA is the destination address

So the question is, does my RC/RD have a route to the target address on RA?

At this time, a routing black hole appeared. The problem on F was that there was a route and communication was impossible.

Sync definition

BGP routers should not use routes obtained through IBGP or advertise them to external neighbors unless the route is local or obtained through the IGP protocol.

The purpose of this synchronization rule is to prevent routing black holes.

Awkward

If BGP synchronization is turned on at this time, my entries will not be transmitted.

If BGP synchronization is turned off, a routing black hole will appear.

what to do?

Solution

1Repost

Redistribute BGP to IGP on the IBGP router in the transit AS

As shown in the picture below, I am on B and E and redistribute BGP to OSPF. In this way, there are entries coming and going.

However, it is best not to use this method. If BGP redistributes routes to IGP, you must be cautious.

2 Fully interconnected IBGP neighbor relationship

Previously, only B and E were running BGP. Now I will run BGP on both CDBE and achieve full BGP interconnection.

It’s also possible, but this operation looks better.

First, I have a lot of configurations. One device needs to establish an IBGP relationship with three other devices.

Second, my troubleshooting is very troublesome, there are potential problems, and the relationships are all between two.

3 The perfect solution

1) Route reflector

2)BGP Federation

3) MPLS (this will be discussed separately later, it is also a big technical point, multi-protocol label forwarding)

IBGP Split Horizon Principle

A problem that only occurs between IBGP.

When a router receives a BGP route from an IBGP peer, it will no longer be able to pass it on to any of my IBGP neighbors.

This is different from AS-Path. As mentioned before, the definition of AS-path is that only when the route passes through an AS will it be marked with an AS-PATH, so no changes will be made within an AS. , the mark will be added only when going out. EBGP can directly enter through AS-PATH to prevent loops, but IBGP cannot, so there is the mandatory principle of split horizon of IBGP.

How to break this principle?

1)BGP route reflector

2)BGP Federation

BGPCommon command supplements

Clear ip bgp *

Hard clear, disconnect all BGP neighbor connections and then re-establish them. This is the best, best, best not to use it.

Clear ip bgp * soft

Generally we use this method, which does not disconnect the connection, but triggers router-refesh to trigger routing updates (this is also a forced move, the convergence speed of BGP is too slow)

Clear ip bgp X.X.X.X

Disconnect a neighbor

Show ip bgp X.X.X.0

View details for specific items

Show ip bgp neighbor x.x.x.x routes

View only items sent by a certain neighbor

Show ip bgp nei x.x.x.x advertised-routes

View the entries I sent to a neighbor

The above is the neighbor relationship of BGP for the first time. The following notes will be from the shallower to the deeper. The steps should be taken step by step. Don’t take too big steps, which will easily lead to confusion…

————————————————– ———-

CCIE Growth Path — Meili