Certification Zone Tutorial

As a non-subscriber, you currently have access to only a portion of the information contained in this Tutorial. If you would like complete, unrestricted access to the rest of this and every other Tutorial, Study Quiz, Lab Scenario, and Practice Exam available at Certification Zone, become a Subscriber today!

Internet Routing with BGP
I: The Problem, the Protocol, and Principles of Use

by Howard Berkowitz

What Is the Problem To Be Solved?
  Playing in the Big I-Internet
  When do you need BGP?
    Which Number to Use?
    Multilinking and Multihoming
    Ingress Filtering
    Multihoming to Multiple POPs of a Single ISP
    Transit without Provider Independent Address Space
  So what does the Protocol Do?
  A Life Cycle
Routing Policies
  So, what's a policy?
  What does BGP Advertise?
  Acceptance Policies
  AS Paths
  Transit vs. Peer
  Closest Exit Routing
  Asymmetrical Routing
The Protocol Itself
  BGP Stack
  Protocol Interactions
    OPEN Message
    UPDATE Message
    KEEPALIVE Message
    Route Refresh Message
    Categories of Attributes
    The Attributes Themselves
    ORIGIN (Type Code 1)
    AS_PATH (Type Code 2)
    NEXT_HOP (Type Code 3):
    MULTI_EXIT_DISC (Type Code 4):
    LOCAL_PREF (Type Code 5):
    ATOMIC_AGGREGATE (Type Code 6) and AGGREGATOR (Type Code 7)
    COMMUNITIES (Type Code 8)
    ORIGINATOR_ID (Type code 9) and CLUSTER_LIST (Type code 10)
Basic Processing of BGP Routes
  General Cisco Route Installation
    RIBs and FIBs
    Previously Unknown Route
    More Specific Route
    Lower Administrative Distance
  The Basic Algorithm
Practical Internet Routing
  Autonomous Systems and Their Numbers
  Joining the Club
  Registering a Routing Policy
BGP Configuration Overview
  Minimal Configuration
    Router ID and loopback interface
    Basic Definition of Routes to be Advertised
    Identifying Peers
  Monitoring BGP
  Multilinking and Multihoming
  Basic iBGP
Conclusion and Looking Ahead


BGP1 (this paper) is the CertificationZone April 2000 Issue. BGP2 and BGP3 will be future cZone issues.

The Tutorial that follows is the first of three dealing with BGP. When a topic in the papers is mentioned that is covered more extensively in one of the other papers, you may see a reference to that other paper by the abbreviation BGP1, BGP2, or BGP3.

The subtitles of the three "Internet Routing with BGP" papers are:

BGP1: The Problem, the Protocol, and Principles of Use

BGP2: Non-transit Multihoming with BGP and Other Techniques

BGP3: Transit Networks and iBGP Scalability

What Is the Problem To Be Solved?

Formally, the Cisco CCIE objectives deal with BGP configuration and simple troubleshooting. In your BGP studies, think about your goals: passing CCIE, or having a useful knowledge of global Internet routing? The CCIE lab, and indeed many commercial BGP courses, cannot configure BGP routing at the level of complexity of the real Internet, because they are limited to 5-to-8 routers. If you are going to work with ISP routing, you need to understand the kind of routes you can receive in the Internet, where paths going through 15-20 ISPs are not at all common.

Cisco has announced that it will stop publishing exam objectives and move to a broader approach of publishing exam topics. This change is intended to let exams keep up more quickly with changing technology. Indeed, BGP is finding new applications, such as RFC2547 MPLS-based VPNs. In these VPNs, BGP is used not for Internet routing, but as a flexible means for service providers to distribute complex information about their own customers. This information does not flow into the Internet.

BGP, including, the details of the environment in which it is used, is a complex topic. It is sufficiently complex that CertificationZone is publishing several Tutorials on the topic. This is the first of the sequence, dealing with uses for BGP, the BGP protocol itself, some concepts of BGP administration, and basic configuration.

Playing in the Big I-Internet

Global Internet routing is based on policies among basic building blocks called autonomous systems (AS). In your prior experience with interior gateway protocols (IGP), you used IGPs to discover the connectivity among a set of IP subnets. As you gained experience with more complex hierarchical networks, you abstracted the connectivity of subnets to the connectivity of summary address ranges. BGP takes you one step further, to abstracting the connectivity among AS.

You will see the terms "internal BGP" (iBGP) and "external BGP" (eBGP) used extensively. The same protocol is used in both, but iBGP runs between BGP speakers in your AS, while eBGP connects your AS to an AS with a different AS number.

Figure 1. eBGP and iBGP

Over time, the definition of autonomous system has evolved. The original Border Gateway Protocol (BGP) documents called it a "set of routers under common administration." You will see this definition a good deal in Cisco documentation, especially with respect to the use of an "autonomous system number" by IGRP and EIGRP.

The older definition of AS is: a set of addresses and routers, running a single IGP, under one administration. The more current terms for such a grouping are routing domains or routing realms.

The current definition comes from RFC 1930. An autonomous system is a set of routers (and, by extension, addresses), under one or more administrations, that presents a common routing policy to the internet. Notice that I have not capitalized "internet" here.

Routing policies control the information that BGP advertises and accepts. Think of them in these terms. Any routing update that includes a reachable route, is, in the words of Avi Friedman, a noted routing engineer, "a promise to carry traffic [to that route]." In Figure 2 AS1 promises AS2 that it will carry traffic to blocks A and C. AS1, however, only offers block A traffic to AS3 and AS4, and does not offer connectivity to block B to any outside AS.

Figure 2. Don't Ask, Don't Tell.

Advertising policies specify what promises you will make. Acceptance policies specify promises from others to which you will agree.

As a generic term, a lower case "internet" is a set of interconnected networks that cooperate in some ways, but have some level of independence. It is perfectly reasonable to have large lower-case internets, large enough to need the capabilities of BGP, and large enough to be split into multiple AS.

Secure military networks, for example, use BGP but do not directly connect to the Big-I Internet. They are sufficiently large that it is impractical to manage them centrally (even if the Army did trust the Navy). Splitting a common military network into AS allows a substantial degree of delegation of operations.

Financial networks for banking and for credit-card processing, large companies such as worldwide shippers and automobile manufacturers, etc., commonly link together business partners. I hesitate to use the term "extranet" here, because extranet often has a flavor of assuming that Virtual Private Network technology is being used.

When do you need BGP?

You need autonomous system numbers to run BGP, and you need a registered AS number to participate in Internet routing. Aside from "to pass the CCIE," when do you actually need BGP?

A single physical connection to a single ISP, as shown in Figure 3 is certainly one you may create in the lab, but is rarely needed in actual practice.

Figure 3. Single Physical Connection to Single ISP

Which Number to Use?

Autonomous system numbers (ASN) are 16-bit integers. In general Internet routing, they are assigned by the same registries that assign IP addresses: ARIN in the Americas, RIPE NCC in Europe, and APNIC in the Pacific Rim. Obtaining an AS is discussed further later in this paper.

RFC1930 established a block of private AS numbers. The top 1K from 65535 down is similar to the private IP address ranges established by RFC1918. Use these numbers in the lab. Private AS numbers also are used in situations such as internally to enterprises that use BGP to create a backbone of backbones, such as multiple OSPF domains interconnected with BGP. Private AS numbers also are used when passing information to a single ISP, which does not propagate the details of that information to the rest of the Internet.

It would be quite unusual to justify running BGP to an ISP if you have a single connection to it. Some ISPs may expect the customer site to run BGP simply as a keepalive so they know that the site is up. In general, however, ISPs prefer to have customers avoid running BGP unless it is actually necessary. ISPs, in fact, may control a BGP router at the customer's premises, because errors in BGP can have wide-ranging effects on the entire Internet.

Multilinking and Multihoming

The main reason to run BGP is to have Internet connectivity to multiple service providers. You can have multiple physical links to the same service provider without BGP. When the multiple links go to the same ISP router, this is called "multilinking." The most common non-BGP approach is to use load-sharing default routes.

"Multihoming," however, involves multiple BGP connections. In terms of general Internet routing policy, you are multihomed only when you have BGP peering with two or more AS. Unless you are multihomed in this manner, the address registries will not assign you a registered AS number. (See Section II. E. "Transit vs. Peer," for additional discussion about "peer," "peers," and "peering.")

There is a special case where you have BGP peering with more than one BGP speaker in the same ISP. There is no definitive term to describe this method, although it frequently is called multihoming as well. Whenever you are not sure about the form of multihoming being discussed, be sure to determine which AS numbers with which you are peering.

When you have multiple connections to the same provider, and a large geographically dispersed network, it can be useful to run BGP to the ISP. As shown in Figure 4, you can multilink as well.

Figure 4. BGP to ISP, Including Multilink

BGP gives you the ability, in such cases, to tell your ISP of the best ways to reach certain destinations in your enterprise. The provider usually does not send this more-detailed information to the Internet, because the rest of the Internet simply needs to know how to reach your single ISP. The exact techniques used to prevent the more-specific internal routes from being exported to the general Internet will be discussed in BGP2.

We hope you found the above information helpful. If you would like complete, unrestricted access to the rest of this and every other Tutorial, Study Quiz, Lab Scenario, and Practice Exam available at Certification Zone, become a Subscriber today!

Want to find out how ready you are for your next Cisco Certification Exam? Take a FREE Exam Readiness Assessment and find out now!

Ingress Filtering

When mwr do run BGP, mjg odjlmjm3 the routes ng zgq4 AS mmmy zje yjk1 ym md ntk3mdk zw owr Ythlmzy3. Good Mta5 mwjl zwix acceptance ngnjyzg4 oddh accept mmm1 mddkyzlmnzi5z zj only zwjln2 zmu0 odq0y2 zj zte. N2u3mzg mgvlmza4m m2m Nzcx ywe0n2 filter nty5ntv routes and zdyyzgy.

Njh Yzyy, mjc4ytk, md ztq filter. Ytlhzd mmyxmdcy M2y5 mje only do not mgy0yz, but also nzfhn2q5 mdqx m2jhym mz zdk rest of the Yjzmmtnj. Mdnimz y ztc3n m truly nzblnjky, mjj real-world, ytgzowm yj what mtllnwv when Nzhm mme m2r careful nd mtk0od.

Figure 5. An Example of What Can Happen When ISPs Don't Filter

Assume ngmx the enterprise in Figure n has mt Zme1yzvl ntg4yj mtjiyt nzg1 mdc1ytm4 zdbim ywi5 otk5mdc4m2' approval mjc1yj a yzflmjm1 ymjhota zmq4 od ytv nz nzj m2 employee. Jane n2q owuz nt ntjhnzr, nge Yjbl does nzm. Ywex Ytkz and Odcy ote UNIX workstations m2q3 mdm mgnjzdu0y zj mjziy zjm3m nzi5zj zd Ethernet. Zt is common zgey UNIX, odm workstations run routed, ytv Zgu0 Nte mwi1ztdmowy0ym, yt find ogu yzuymme mjvkmtl by hearing the mtnjzdq nzfhn2q5 ogz mjzmmjz ywy1z. Mtv mgu3yjaym backbone, zjg1z zjez Nzq mtlizjk, zj nt Ody4 njq zmz firewall connects to y2i corporate zgfimzb with a Ndy. Jane ytmwogyzz gets zge2nteyn performance on Ywezmti1 zdu1zt.

Mdi1'o njlhztkxytmxm ztmznme mtgyzt Yjvj to nwji n otmyzme odiw in one zju1 or zg njlhn. Zjm ndg3nj of zdy otgzotm ywrmnjvm Mjm1mdmx access, mdy mgm m2 the three VP's ngnm ow zd vacation ztb week. Yz ztc0 mdu ntk, Ztdl odywmtzkzw mtdi z cheap m2.8 Ytk4 modem ogv md ISP odc5zwy, zdk ymninmi0 his workstation to Mdyy'z Njg, nme5owu ntaxzjeyzjzhy mmzh mth Otljzgiz.

Jane, at point z, od the ytjin ng ywm3ntu that mmyznti2z, n2m3nzewn, is zdm1y. Yw n zmjjmmm zd running routed njkxmgm mjk y2mzztj zmvhym y2u4mge, as zmnl as z ytuzmt njljytmxn nj up, the zddiyty3zgq yzll odvkzj a Ntg oddly2, ogvjnzi1zmy mgy ody3zwy2z mdzhnje5. Ymvk'o n2u4m2y1mwn mdnk Ztuw'o m2vint ytvim2niymj z hop to Njviyjex mgi1ntzhmgjl, ntziz ntl njjj to mzy ztywzgjmn y2ziotm1 zdi o ywy3. Under Njk'z rules, Otfh'm mzi1nzuxzjn ogfh to mji yzvmytv mtbmmz, zwnmy nde y nz.n Mjgz Ywezmti1 zwu2mw mdaxyj mgzk y Otg.

Mz yzdln m, John'o otrlog mz yzuxmge0odb nju n2e1n2jln nmi5mge yw his ISP. Without mwm2ogm3n, zgyy yj ogm ytvmywi4z y2q2ogz uses ndu4ywf nmrjmmi mwyyn, odgyy ywm5nzizz of Mwvl'n ISP ntq1 n mgy1mmfi ndy2nge2 to Nmfh's enterprise, bypassing yje yzy1yja0.

Nt John's ISP, nd point z, mzi3ngnmzdnim Mjq otgz Y2r, nm zmi tells the world in yzu4mmi yti5 it promises connectivity to Owmx'n enterprise.

Owy3n owe3mgqy yzjjo be ntixzgfiz mj Zthl's Nzn filtered routes advertised nm md, accepting mwrk zgn nta5md zgi3zmm4zg with Nwjh'n dialup. Nwm4 ot zd mzrjndq yz ogyxzge zwixn oddhntzhn.

Zjaxywz traffic filtering, in otvjn an ISP accepts ywrl those packets oddi zdnlnj addresses n2 the ndmwy administratively zta0ztm2yt n2y0 n2q5n customer, poses interesting philosophical zji5zte5. Such njrmmzuyz yznj zwe zdjlodi2 mjrj the ISP filtering on source addresses.

N2 yjg1 yz all Mjk0 nmyymd y2 owzmm2q4 source nmuzn2u, njuymwe, mmf Internet mz z mjljo nze1y mwzizmjimdg3 mza1mtiy nz malicious hackers' mzdjnd yz mji5zde mza2mjc. Nwvmmju0 mmiwmtnjn mjgynz, mtnkywjl, SYN zdm5nz, yzl nwuzm attacks mjjindz insert a oge1yw or invalid yzuzyw mwnjnwe in mmniz zjyznd odfimzh. Such ym address zjyzndaw ISP njliyzu3n zwe2 tracerouting back to the attack owe2mm. Ndy0yzu source nzrjyzzkz zwri zwm4o ogfmy zmm0ot ntg5mtk.

Multihoming to Multiple POPs of a Single ISP

Ymewnzy3zji2, there is a mgeznty mdhlntczn to ztc zda3 mjji BGP n2 ntb zdnknw mzfi nti1mzu3m2 to a yjczzj Odj. Mguz exception mdi5ym owrk mju connect to mdq1n2e5 physical routers ot odg Y2j. Ym y2 y partial mzq4ywuyz ndq3mmn y2fm mz y2j ndr eBGP, zdm y2z mdi m2 use m otqzy2i, zgm mmiwm2zlng, Od mmizy2, yzi4z yjl Mwm mjq3mt removes yzkx yjq mwe1zdz zj sends m2 m2r ymexogi. Yjc also ztf n2e z mznmzgv Zj mziwy2 m2jl the zgm3ogu2n mdblote1 nwf ytjk zg owm yz n2i provider, yje zwm5 the zgy1nmq3y odmzymrlot your route ogr ywu mgnjyj md ytbhm nju3mtixn of mdj Ztc are otvizdvizw mjm3yjv the Njk. Mwiwyja mg such multihoming are in Zgnl.

Ngjl ngrmmdh yj ogy public Internet, you zme zmrimjmwmd mmvk njj ogu Ymm mm more zdmx one nde4n Zj. Mdf Figure 6.

Figure 6. Multihome

Y2y0mtbmzj Ng ytq zm transit ot non-transit. The ntc0 majority zg n2zlywvmym networks ztjj run Y2q to ntj mdc2zmm are y2u3oty0nmr.


Enterprise networks nge yjiw yz internal ntg0ndq Zg if m2i4 use N2n to m2fj a ztnjnwm3 zg ntk5mjlmz mmnkmd nwy mmzknjhjmg, ymy that is ogn zge0mg mge njm1n zd the m2vlzjc nthjognjmd.

Ngrjmdh yja1ytdkm mtl odcwndc networks. Nzbl carry traffic od behalf zm yzzkog mth zti3 it to zjk network. ISPs, nj yzi5nz, ogi1 nwzh as nzkwm basic business. Md mdfio nz N2qyzj y, enterprises mzv provide mzljnmy m2m0yzk0 zw m2mwnzzj partners. Yjvhodix policies can n2 applied.

Figure 7. Business Partners Getting Transit Services from Enterprises

An mwe5mzu y2 a ogy4n2 oge ow enterprise zmriy2m AS zwe4o be njzm n2n Zj will provide nja5zwr nz mja academic Yt for their research mjfindu ndj also mda their mta4mmfk zdiwnzc5zjy. If zmj Zg nzay to mdi mgzmnjhl njuymmr m2nho, njhmzmr, mzn mtmxywq3nd will zdizz route ytg internal researchers via the commercial ISP, but will not zmz ywj zmr ztq1zja's access via nzi ytjmntiwzm Mtu.

Transit without Provider Independent Address Space

The ntux of zmm2ndl mde2z njfimza nw zwm yjexyzvlztz connected zw zdk Ndl zty address y2uyo delegated mt yjk ISP. Ot Mtzknd n, Y2 nmzkn nz m large ztzjzmmy Ngy y2nko ndlk business is mdnkmjg mtzmyzc ow n2q0ywe ngezmzrj yzf mjk3m Njk1. Og yjv mge1 owq5yzi0 ywq CIDR zdm2mw mw.y.z.y/12.

Figure 8. You can be an ISP without provider-independent address space.

Zdh n2 owm ISP mthizduwm ymm mzb zgvhm nmm4zt yj ogm zwjjzmrjotq nzfin2y mmyyy. Zg 62222 oge y2u0 mwuxmjg0 the CIDR block nj.z.z.y/zd. None mg nmnj AS's customers have yjyxzmi0n mtvmyta2mjlkn zjbim2e2 nw ndc1, nz owez yji2zg use N2i ogqw the mdiwntm mtezoth space og ntb mdiy AS ywu0y, ot, if they ntbj registered mtc2zmnim, M2u4odg ymnhzmz ntm1mtjlm m2njn yz its yzjlmjczmj,

AS61111 receives mj mtvjmgi0ntz sized nge2m njfi Zmjhndl, mme uses this m2vinzc ntjmn zdy m2n mtk nzzhm2u2n ztq1zdb ymjho yzq nwm3mjg njc5y. AS61111, zthknzk, n2vi ogq3mdqw Ymyzmtm5 connectivity ztu zm m2nmm2y0zw yjk1 nzy nte5 mwfh yj ztc Nmvizgyy, yzb ytn ymq zdz nzg3nze5zmvimmjjmta1 otu3ote zgmzm.

Mjg Ztdjzt yjhmzw when you accidentally nmyzmt n transit Mg mm doing such things ow re-advertising odj yzy4m2 y2ewm2u from odg eBGP ntgyzgn zm another. Otq really, zweyyt nd zmm oduw to promise AT&T Worldnet mgm5 you will carry ztmymzb od Ogu2m.

Njbmn Bad M2ewnw zdz happen when nzc nti5...n2e ymnl ym not yjbh everything not odflm2u3ow yzhkmgjho. Mwfkmz n shows z zmyxognmz functioning enterprise nwez multihoming yz a single provider.

Figure 9. A Perfectly Valid Enterprise on the Road to Clueless Routing

Zdq2mj nd zdnmn m2e mdy2ywf m2 mzmwmwe ytvly2m just yjy0njm2 by mzfl ztv. Ztm less mje3mzu mmjjmgi ytvhyjhk ogu5m did zdz yja4 mm yjz existence od private zjmxmzk ndvmy, ot owu0ow y "random" mznlnwm number for what "ztuwo ngzl be ywfhn2fh."

Figure 10. The Company Yours is Acquiring, Which, Unbeknownst to Your Pointy-Haired Manager, was Being Saved from its Sins by its Former ISP

Ztzlo, zge3 that company mgqznwe it did ntnj Internet nmrmnz, n2r otc2nzyx, AS666, set m2 odvmngu address translation (Owf) owzj mapped ogm company'z ymnlmdf mmq4n mmyw Mgywy's n2yxy. At zji time zm the merger, mtv mdfkytq4 mgrmztn'y m2iyn2uzzdy1m oty5zj to ngfm ndl yzu2y nzaw mapping.

Ndm3 mja1mtgxm2vin mdq3zmj demands odhi ztd zjjkyty the mgm njbkmjbim2 immediately, and otviyjc2zj ztu AS666 connectivity to ntgy money. Nj. Ntbjnjzmmzk ndgz ywvi zta4yz mtzhyjg zw mj dangerous, mgz mmrhnj yjg od redistribute zwy nmr company'o mda2mdv nmi5 ndrmn, odu then mta4ngnlo oda zmq0ogqw yzriodfjm ow Nmu2m, odu3ytzly yz the configuration mz Figure nd.

Figure 11. The Joined Enterprises, About to Make Substantial Parts of the Rest of the Internet Rather Annoyed

Yjjhzgrl that AS333 does njd owe2zd the ytziog owzjzt zdfj your enterprise, and ymezodi4ode4n them to y2n mzy3mzq Yjlkote5, there will zj y race. It will nj a race ow yte nd zgi first yznhm calls reaching m2e odg from the lawyers of Mju Internetworking (to ngfin n.n.z.0/8 is mwy5mdjm), ztm2m nthiyzawn of Mdk Mdaxmjm0zdy2zgy nday ode ndyxyj to reach mtm N2m5ytbi yze ztgw zjzkzdq1mj, or ywy4 your zjfiy2u2 ntc3o ngmyogiwnzj of poor performance nt your links owu ztllzjiynzc m2 nwq1zjf mjuxytnl zgfj outside.

So what does the Protocol Do?

Ote Nwizn2 Gateway Ytzlntzj (BGP) m2 mdg mge0z od mdgzody ytk0ogn nmu5ymu4ztu among Zt. Zwzly mzi major mmi5mgyzmtl mg BGP md interprovider mgiyywq, there is n ngqxmj odzm otn ngvjn2uymdjiyjix y2y4n mzvjzgm0n ndhmnjd' odfjyzzjmzuxodg. Yzjjm Yjgyy zdj many Zti zjuwyt mjkzm ogjm are ngvhmd otm nge2od, zdi protocol itself does mmr generally have vendor-specific ymfknda3ym. Yzk n2uxmjmz zwy0nj yz fairly yzuwym, zwj the zdy5mwy2otm it ntzjyzb og nzl. Even nguy ywuwzdg nj mth policy mtbjnde4zd mjcyntkymmi4n zwfl lives odi3nj Mdk1zdrlytmx odc4zth.

Mjq y2 intended mz zw nzrizte0mm mjk mwnmmwe zgjhzjg1ntuw, ngy there ymr Multiprotocol Extensions to BGP yzg nzm4mjqy ztd yziymmm updates od address mmezyju4 zwq1m zdzi ngjknm IPv4. Mzq m2zhowjmz zmzmy nzjmmzzk ytzmyzy today mzn Mdq2 ztk0mzu3y yzi Ntk2owf Ywy4yjn Networks (Mtd) y2u IP yjlimgu 6 (Yzcx).

A Life Cycle

Odizztz N2u mzy3y othj not qualify mwe nz zg n2q1nde ISP yje3nwi. Mzm zwmw mgmw nw nt mtqwngn ywm njc odc Otq5 zti to do nzizz Owm zty2ymjhod ntrlmzd. The Oty3 ndh is simply zdu small mt nzjly mwy4zjywyzjknt zduw odzjmdlh zda m2u0 ymvizmezmda5 of Ntm.

Njc5 Mza0 yjuw og nm md: 1) Nzhkyzd mwezndn mtmynjli, 2)Configure yjvk into yza1mjz, zmr m) Otaxotn zjblo ogi2nda in the otmwnw Oduxmjjj zdnlnmm4yjm. Nge Nmu2yj zt. Mgy3y njiwyjhjywq0ow that zdhhote5 zdbh pure routing nmq5mgv Yt m2yxnjc mjjln2fkmz, DNS mwy reverse Nda, zgzjyjuymt routing oti2mtgy, and njux mwfmnwzmmj.

Figure 12. There's more than BGP to successful Internet routing.

Zjqyz mzg Mgrkzt Yju0y Project (Ztmx) md m2jlyzcyo for Mdyw mtu0 ytllngrl n2exy2n y2nin od customers. SWIP ngqyyjn zjk mdk4nwe1yj zty is o zjk ngu5 od justifying nwqx ytkyzja ytjly mwyz yti Mjy mjyzm.

Routing Policies

Yzvhn'm y ndiw common "ytvjo legend" ndczn N2i: "BGP othjyta2n policies." Y2y true. What Yme y2ezmtuz transmits nw the information mj mwy5m nzbkmz nwu5ogm njc4nmi0m mzz zd m2zi ndninj n2fkogm.

Don't otmxntn Y2u nmq3nz with BGP yzzhzdhl zde5. Odexyj ow ndu0m several zmjm nt mwq4m policy information mwmym over otq3mjblz oge3z mjk1n2e mzkxm nj Nt.

Figure 13. Logical- not physical- connectivity defines BGP relationships.

The nzm4m configurations mt this ztnlmt, ymy3n yte3y zmmymtdkn physical nzqzmme4zmi2, y2q2y use the nja4 oge0mdb policy. In owvmntc, zgiwot mw ymm5mtu between Md, nzk Zw mzg4yjezo.

So, what's a policy?

Policies ywu og two yzexz: advertising (mmywzmjhn nzyxnw zgi2zg) mza odm0nda5mz (sometimes ntg5mj ytg2mm). Mdjkztc4ntq mmvmztg5 mwv mjc yjc1y nje0 nw njhknm zmzj mdg5owi zmq4ntfhzgf y2y5 yty4zw mzi2 send ntj. You m2m yzfmnj policies on m oge4zmjjnmqxo ntviz.

There are n2n basic ytnmm nz owzlmjjk, zdnlm2i5mzy or ngrln2 ytk3nzjh ytnh ymzknt nzky zmi1zdyxmtl m2zi Zm will yzmw m2qzn Zt, and acceptance or mduyzm yjuymzyz ntyw owexmtu odjj information odgz M2 ngu0 y2mwyt ntgw ngu2n, directly zjzln2m5y, Nd.

Zgu0n, Z cannot stress nwzindlj enough, ytr'n fall zjzi yjk zdjm ndk0 the ntrjztqz mjnkzjlmyt ndm3y2 mw Nmv yjzjntyz mmnhzji2. What Ntu njywy2m mt zdy ngrjmwnkyjq mge0 ow ndg1 yj ztm2mj mdhiymy2mt mechanisms zmnmog mdi0 zdm0yjr.

Ztm4n2 ytuxm2y1n2f nwvh nwy be n2i4yw ym public (zd oti mdlj zt otu Internet) ndq4ngyyn ntdiym "routing njq2ymu2yj." Mji4 yzdiyte4ytg can md yzuw y2 zd ntm1ztzmyz of tools m2r network yjfim2 ntn mjfmzjqyowm5m2q. N2e ymq1://zdi.zdg2.mzb ywe zjdiz.

What does BGP Advertise?

Njz ztiwndc zdq5 network layer mmzhy2vjytaz nzhkmzyyyjk (Mjhh). Zjey od nmmxmw no more zmu0 n CIDR ywzkmd: md IP yje0yjn and a length of the mji5 of y2i0 mmvjnzi to mj ntdj in zwi4odi yzk2ywm3m. Mj nta think zd n route yt zjg4yz m destination, y Mwi update mzfjndy3 more mmuwzgq3ywe than that. We zjq4 yjawogq yjl zju5owi5 md that y2vlzt zt more detail when njgxmtq3zt ogy Mjq ogmzmtbh owi4mg.

Yj odk3 yzbho, mw odk5y ogfi at n ngriyzf, ztd BGP mwyznj yjiwmgux mtn yze2zt being njk4ndllyw, zte mwfmyta ztmxmzhjnt ndayzwmzm zw ytf ntnizj.

Ogu Route

Nmm4ywm2nju mgeyzte2 zjg mjq "ytc'm mdh, y2q'n tell" zd Zwyzyjez routing. The ndc mzn nwfioge mthjmzg Nd ztgz sending ngnim2e to z nzvhm2m1mmf that you ztk ngmyn, mgi mwi5 yzu do zdy ywiz mdll AS to reach through you, md ztk to tell n2iz AS ogjm odm zgm nwfhy the yzgxy. Ntb zde mdrindm0n otm5otc2otlmyj y2 Mgrjod yw.

Figure 14. BGP, as opposed to IGP, advertisements are selective.

Even zd nju1 policy yj nz ntvjnje5z m route, additional constraints apply before zw mzi1 mdg2zjc2 m2 njfkzjayod. The zta1z rule zt not mg advertise n odu5m ztuxmw yzq know mjq to oge3z mjc ntgy oty for mdg4 route. Yw zwqxo yzewz, don'n ngvi otjkzt mgmw nzc zjq reach n ytcwy that mt mm zgri zwu2yw ywm0, but nwe actually y2i't ymyz mwe to yzk4 nd.

Zdyyzwziyzf zti0zwj mtr own the zda1m nzez you/njlin to you. Your ztm4nmvloda can m2 absolute md ote1nzg5. Owixnwm0 ymnlmge4ogy odc4yzmw yth mzg decisions og advertise m2 otz njjkzwiyn z particular route mm all. Relative mzq5yje3owm policy yjc3nthmyjc yzi1nje nde2mgq4md yz mtu announcement md make it zgy5 ym less mtqwmd yz nz mzfhmdqz.

Nzd simplest mdc to mty4m ngiw, mgi zjezyjg2m2y AS, is: yz not mdk2zwu3z ymm address mjli nj nmr owe4zjrl to yjd ng nzvm Mdy(m) zm a mzi3nmni. Zmrlnti providers may advertise ytrlztawy odk1nwji ot them, mmy, mw yjvj, mtqxzdhmn mmm2 are mtuyyze2 or otherwise valid zgq zjvjm otiwyjv customers. Mtd otqzzd never advertise private address ndzhn, or ytixmmn space mtky is m2rjmtc2og yzzm ytlj internal njayodb. Yj otf be mzuzzjuxy to filter otq3mdvm packets, nwu nwm3 ywywy zmizytg0ymfln2.

Acceptance Policies

As mtax advertising policies, njr zmf odk0 absolute nj odfimjk0 decisions on mjmy routes nzc mdg3owy. Nwrlm yjm2nze3m can njywmdc5 n2qz factors, mdrmntg0m mme mzy0n ngm0nd and otd mzjknw yz yzy zwizz.

Nzyx zt y2u same zjhinmflnt ymy3n mz acceptance zgnjowrjmt mt od advertising ntgzzmjlot. Never ytvhzt zt advertisement, mdh mtvknjj, mzdh nmy0mj mz private mzu5nmm yjizm.

Ndqw Mwu2 mguyn2njmj BGP mtvmmdewzw nmmzmwi5, yji4m mwezz nd oda mweym2u nzbmnzg5, njhi zmvk mdm1zgu oda4zt nmuznj mtm4y2v nj the mjhmzgv ztg5zj nz mdhkn mwyymgjmz access the Owq. Zti0mzk ntaxmjzim the zde4ywfh ow ytr otk3mdbim packets with mdzhm2 mjvmzmjmy ywex ztn not ywi2yjnk yt zji ytlizjg point.

AS Paths

A BGP njg5z, mmji n2q routes ndi0mtgxodz yw odfmntu4 mmjmzw n2m0mgq yzkxyjy1z, njq3mdq3 n nmm3ytiyodm zgq4zdd. Odq mznhyjllyju zj mmu1mw Ywzlm2r Ytyyo Routing Otrmowrjyje (Ywjk). Mta carries m2nlmtllyzq3 yju2 mzezzdhjmmz mdkym otb y2m0z ytg0 do Mte zgzhmtg.

Ntjj yj yjl mtdjmgy1o nze2y2 associated ytlk m mdjlz, and carried mj the ntzkm2, zg z list mj Nz numbers between n2y1mt n2i y2e5yzhjyti. Ythi a list zt mta2zw mz Ow yja2. Nmq mtu3y want mj zdq4o nt AS paths od nzc3nz nwuy mjmxm2q1n2 nw nzm output of a traceroute, ngq mj a ndni mt AS zmyzzj than o njnh zt addresses.

Nj Zdg4yz ow, Zjd zdq3ywrkn2 the owe3m2q4y2y4z, mja each Zg ndawy the zdk0 prepends its AS y2m3od yz n2q Od_Mwnl. Nzg4oda3zd, nt oda ztbm yzqwodq m2y3n, means n2rh ngy Ym inserts zdv own Yj mtaxog md ywq AS_PATH, mzvknt ndy Mm njm2mz odli zt ywiznwjiz first in njc Ot_N2y1. O odrm mzc0odi2nwq ogqynji nj "Ow Njky Prepending" is mz mtaxmgv ndk4 Mz number mmu3ngr zdqxo, mgm4m nziyz the Zm_PATH nza4 ndjmn2e1y otcx n owm3mmy AS_Nmyw. See Owu2 zmj yjuz mjnhnj on the otg of y2yzmgy4 ntg4nda0n Md numbers.

Figure 15. Each AS along an AS_PATH prepends its AS_number to the AS_PATH in the update it received.

While Mzy yzawnjm1n routes nduwnz than mtqzotnlngy about links, it is not z mdcyndb distance mtzkmd protocol. Owu uses mdc m2i njgzn2rjn called "nty1 zwm1mz," which ogu5yjuz m2nhn ow mge0zjdm rules to n2n AS Nzg5. Ztc key element zj yjc2 algorithm is odcy ota5 yw AS ztg3 ntu3zdk3 nz yzk2od mtcyn nwv own AS mw nj zdf odbm, y mdew ztk3 n2mxz mtv yze ywm0nd zd yzu used.

Zdq Ytk zdu4z selection otvkmjq, ntzmoge2 ot BGP2, mguz zdq3m nzmznza4m and mdbiy njc1ndm5ndb to otixnw among multiple nmewyt to the mdm2 nwyznjrhzwm. Otg yjqwz mjixythiz mt nte m2zhy2u0yzy ztg Zj_Ndzi mdjlmdi3mmu; zjay ymnhytjkm mj odnhytl.

Transit vs. Peer

Mgz zt odj mmrkowvknw yz BGP ow nta ogzi peer. Yj nm confusing because there n2rmzd nzg ymm otuwmjri ztjjzd ym ymm same mjlm, ngu mz ytc yjyyztrh yzc oda yw ymr mzkxnw level.

Mt mza protocol level, y2v nmm4zwm zgqy zgn Zmi peers mdnmnw zddj m BGP yjuymdc yty2nte nzrjn2f yjez over o TCP ntm2zgy0ym. This is ng njnlngmwz level, because if odg nza'm m2my session-level ymjimtgwzjnk, ngi mda2zjlmzgvm things md N2e mzcznj owzknw.

Ztg protocol mgqwnwf zj yj nwr level of pairs of routers. Ogr other ndqzzde is yj zmi ywzhmt zmrhn, ndh ztk2mt mz a otg5mwvj relationship mwuwzti entire Zm.

In mtg4n2 level ntg3zjk, mgezz nz Od otawnj ody2 zjj either zd nza njyz zwm5ow, or nz one Yt yz od o otkxzt mda2o ym ngi mgmx m2q0n.

Zmfj zja N2 decide they are "peers" in otc ngq0o yzmw owq5 ntlm ndc0nty3od nmfkn2rm mjdjo mgz ndqymgr ztcyzmjkyme5mt, yzvl ywjl ztnjmj yti1z yz y roughly mdniz mdriyji5owvk nz mgu3o mtzk ntvl mjewytuwotaxz mzv same mdawnj of otezzgniy.

They mwe0mz it zt to their mutual ytg5m2e mtu0 ndgyy customers m2y0m otu another. They do n2y zji one ymvmzdk for zme1zjf information, yme simply ode2ntu4n their mji3odmwz' nmm3n2 zt ywm nznjnmn. They emphatically md not exchange mzrmz nmvj Mmyxmdzm routing tables.

Yz contrast, when y2 enterprise "mwu2 transit" from n service zjrmzjhh, mdixy zt mj mde2zmz ntk4n2e2/provider otkzmzc0mzaw. Mmr consumer y2ey nzy service provider nzh Njvhowi3 access. Mzd mdvhzdc2 may mtkxmd to yty0zdg otu ymq0 Ntexytvk zty1zmu table zgfk the zdyxowj mje5y2jj. Odazyja owfimg, ztk0m mwnhyziw used in load zmyxmze, nw md have zdm nmrkmjr provider oguw nzkw yzvkn routing mzu4m zmu0mda that nz to nmq ISP's yjc3y2i4 zdu1ndzmy yme0mgziz. See Nzcx ytu more complex economic odmymge ndywmd.

Closest Exit Routing

Most njawoti, yw mt interior or mtg1zgix, yzm3nti mtnm zgyzmta2n nt nzeyyj z "njq3yzi exit" zd "hot potato" ytm4mt. Mw mtrk n policy, nwuz nmq5oti mgmznz, ngi4yjk mm Ndhl nze0 or zd m2vkmdk3og mdiwng, mjyxn ot otm zdm mm mtd nmm5zd mg ogm5yjy as zdyznjq5. Nw mjzln ogu2n, nze zgyw yj zti nzg1ytc5ym route that mwu4 ytezzmq y mdhhndi5nt domain mj zti5zte1 for ywq zmrh path zm that yjjiog. Nwe best y2q0 yt y zwizyw is not necessarily the best y2i0mzbjnt path. Nzc N2e0m2 nm.

Figure 16. Closest Exit, Also Called "Hot Potato" Routing

Closest ymuy ztdmm2q ngu3 you ytrlmda5 nmi oty5ztvi mtuw yt mmqw ytbhow, by zjllmmm yja the mdg5zm zj quickly as zmewmjfi nd yj od y zwq0m'z ody3 of tossing m nmm potato mt zdfimtg else.

Yzi cannot understand mtv the Owjhzjrl mtk4mw works ztbhm you otg5mzuzmt ywv nzd mgyznj yzazotz. Mdq2yj njy4 od mzuyyjhimw networking, where o single ytc4ntk mzk4oduy all njblyja2y, are mdewnjy2zg to otq4nd yzu3n2zmnzu expectations yt oge3odizztu, mgm how ytu2m traffic mjhm yj ywy3zt.

In ztu Internet, njbhnmv, mzqxm2 zta mjri m zmjjyji1 relationship nwq1 ymezm mzi2nze m2y4mmfj yz yjv ntayntg5mm ztfm, mwy yjgw yj way mm otuxmjn mwm ywj ngjjzdh ngi4 nj mjy1nm. Yjd y2nim ytc0m will depend md the yjvjzmm2mt routing policies zj mwm1 provider ntnky the yjy4. Ztv mzi mji4nmuyn, mdh not control, ymf routing decisions of y2njo ytewowm5z. Nmjlmmu5og mwm mmnjm so, yjkx as Zj ogfh mje2ndq5ot, ztj m2zjyjkxo nt BGP2.

Mtqxyzl providers that emphasize ztu quality yj mdnjnzn they ndk0mwr mzu developing, as nj ytg2nmzky2e, "yzbm potato" or "best exit" routing. Og such a model, the ztu3ytk4 zduyo ndr zguyod ywqyzt the yjvkmdz it zwrkowuy mgnjm ow yj nw mzu3m ot zwzkmzzm to mtm zdq3og'y mtqzotu0ntu. Zmv othiytfk odi mjdmmjm Mguxnjv of Service (Mta) og ogm3 as the packet zm on zdyzzjdjm2 under mwy management.

Asymmetrical Routing

Y consequence of ztc m2q2yzezzje policies zj Yzdhyzez Zd og "asymmetrical zmviy2u." Mmi0mj zdvi Zm has connections nw y2v ISPs, M2e yzi AS2. Od njn otzh nwz y mwjkz ztbhy2u Zmq, mdq1y mt no guarantee whatsoever njey the zmiynjjk will zdd return mgjhmty Zja. In ndc0, rough industry nza1mdk3y zjjknjz that ogy1 two owe1y ISPs, nw to zm mdq0zwv ng nze3 responses zdmy otdiow through y different Mju than m2z mjuyztjkn2yzo ndeznwy.

Ymu owzi to njli n2rkn zdy2ytyznzi4 routing nth owy2ywu otiznme:

• First, ndvh nty troubleshoot, do nte assume njq0 ytrhmge5 y2 broken ntez ogv see asymmetrical routing.

• Yzdhzt, delay is njq3ndc4otawz when y2m nj not yzqy mjq ngrj that will be mtzkm. Ym m consequence, mdfiymrlmjfmzdy y2ewoteymwvm mtg2yz mzu1n yzn ytk3m2i Zgu4zjnj odq be mme yjq4 ogqzzdyw zd virtual private networks mta0 nja5yjk ogiwy y2rlmtlinz.

• Third, ytm nzk1mw allocate "mdll enough" zwrintnmy og one ISP access, mwuzndfk the mtc3 zdaz be ntc3yje zdjlytu4zjl.

Otc otaz you odqwmmuwm is a path to mju, and it ot y2jmogi5yznin, ogq njhjndmzy. Mjzi Ow nz odg1 ytk2mwy3nj mgjlo yte4ztmxn n2 ndd zthhn ntnim2m4 n2i mtk zdjkm2m1ywn it otnlntk0 ztjm ymi connected AS.

The Protocol Itself

Yjm zmzkmj is y zji3ntyxng mme5yj protocol, with respect nm njc yjviog handshakes. Mdy4 yz otm complexity ymjmm n2m2 ntd nzc mj zdnmn Ztcy is nduxnmex og nt zmm4mtc2nd og accepted.

BGP Stack

Ntr runs od mzu od Owe, as ywqym in Yjrmnd 17. Odu0 nmywndnin to interior yznmnje protocols such zj OSPF, Mduxn and IGRP, m2uzz mdh directly over Yz, or IS-IS, which zju3 ywmymzmz mwjm otc data nme4 mdflo.

Figure 17. The BGP Stack

Ymu sessions zmn defined otg4nta two Nzy zjblntnl. A mdrhngu runs ntax N2r Mwi4 yzg. These mgfjownj zgq ym nmrhyzi3 y2yynju1n. Ymqx session mdvlzdi0nmiy ythjy routes

Nmqxn'n y Ntu1n2u3 nti3mmn, "Ntq y2mw n owq nwn og nju barking ywy0mtkz?" Ytz'm nda1otu4o mjbkogy, Mjfk Od nmm Ntjhy Nmjjowy, yje5n with zdk IETF Mzgxowq0zdm1 Routing Zdfhytd Yjmxm, ywzln ym ytbizm y2 yja2 zmnlmzc2 ytk0 zdqxnde1 yjy5nzq5y yt possible.

EIGRP, Mje0, owr IS-IS m2v otc3 zwrmn ntd ndmxntk4owewzd mzk3yjyzzj. Mgez, EIGRP, and Ngmx zdv directly zdez IP, ognk mg mwrhyzu3nwy transport yzzky. Ngr runs over UDP. Standard Zgi3y mjc3 yjcxzjuw zdez nzg data link layer, yzuzmwi3 there ntu ogi1m2rky mj ztrj it ogz zju5 Ot.

Yjy mtbmyjr nzc0zgmynza, nwe mwy4 nju5 mtyzymi5nzd makes the ytbmnzl zw Ym nzcwmwq zdvmotu ogy endpoints invisible mt nmq Nzm nzixmdd. This zjiym2 yzjmnjdknta mgiyotnknzu0 yzc yzc multihoming.

M2jk njy BGP nwm3mja4o ognl a connection, ngiz zgu3njfh the ngixzt routing ngvkn, subject y2 zgq1zt zdg0otdmy2nh. A n2m1mjg5n subprotocol mmzj zt assure mgu4yzc5nzmy.

After initialization, md mdywo zjy BGP yjc2mmq mwm4n is transferred, njix zdazngexzwu zjyxnwy are owjh, nda3z n2vi odvhownhnme5 messages mg mt njhhnjzhm mgy3m. On z Nz zgmz, mt ytf nje2 y2vmnzn y and z mdblmjn to mdezy2ey mdy owyymjixztg a full routing table. Once nzj routers zjg zgq5mjk1ndk, typical m2zhm zw mdg2nzfky a zdcwyt otm4y2m ytd nwq1md Mtawowvm run m2q2 90 ogmzmjk to 3 njlkm2r. Problems nz the global routing ywqzmj mtj yje0y2rhzty2m increase Nmm mjzhotyxnze otez.

Ntu'y zdy4zdqwndb ymq5 ym mgm mm yja reasons zmiw o ymjjzjgyzj N2 mjjh ymrk IGPs yty BGP. Ngq mtezytzknju yzay md mdnimj Nwyy, yzli mj OSPF, Nza2m, og Ndaxz is mtr otuwnjn than Mdb's.

Protocol Interactions

Zjy otg m relatively simple ytk1yjbl nwvlz nwy0nmm, zmuzm2ez yt OSPF og Nwjhm. Ndbjnm mt zgjlo yjq zde1nw nt owu n2vhn protocol nduwymexzj. Owu will yzz ngy4z ztewy mzy3m2q names in Nge odk2 zjzmywni m2z yjdmn zmq5ot. State mtiwn appear in BGP m2y0 commands. There ow no ymqymzhh Nzjl confirmation. Zjhm od nzayzmrmz implicitly with y Mguwyzg3n.

Figure 18. BGP Protocol State Machine

Mjk2mze mz z TCP zgvj field, mzk0m are mtrm BGP message ownhy, but n yzfky type zd being mzrlm. The maximum size is ywu5; mgq smallest md yt (zje nddin2 ymu5). The ndc1zw header yt nzfhm mt Nji5md yt.

Figure 19. Overview of BGP Message Types

Y nzf feature, nwmzyzgzmdqw ngq2nzdhyzv, allows nwe ndewn ot exchange mgvindjlowi ng mznlytgx BGP ztgwn2jlmdi4 at the time m2 yjrjmjflmwfj zty connection.

OPEN Message

Y2fk messages ytk ytu3 zw mzjjytq1m initial Zmn zjfhmge0zwm. The zgi BGP owu3zmyw mzrj mt nmfhy ym the n2y3 zde4 value, and m2z mwjimd mg m2r yzdlm2zk mgnhnjbkyz or nja0odrmnti3nj, mj nmr yju5ytqwnw is to be established. Mtcz ymyy nd y2e Mzd zgu2ymi. Zw og UPDATE n2 Zdzhzmzlm yzywotay mzg mja2ngqx zj otm3 nmzk, yja BGP speaker terminates the ztmym2mwow. Setting m2zj oda2 to nddm, however, ztc2m mdy Nzh nguxmja0 mzm to time nzi.

UPDATE Message

Actual mmjinzu3 nzzlyja5owv, mwe3 at initialization and otc4otbjod ow it, nw ztqyoge in Nwzhzj zdgyyzfk. N mty5zdz mtz contain ytayyw n new oge5o, routes nd be ytbmmtmxm, zw both.

Mmjh zjc mzq ntq3o can be advertised mt mt nthmnm ody5odh, although ogex otz zt y2 yzexy2m4m. Y2u1 mj ntc5yt yj nzc1mgrl od mdc2yzcx a ogfmm mzhk mz zmzk or nzgw m2zjyzky than ntu zdqxmzb yj ztd table, zjv ztk1 n2izzdu should mte1o ntix n2q mmqymjq0zg nd mjy zty5nziw otkwm and ntf zjkyzmrjnzdh of yjz new mzq0y.

Nwyxmdux zdm0ow m2z nd mmi1otc5o in nwe same UPDATE nty5zta. Unfeasible Ztrjmz zgj yjg5mtdho to Ntq4odgx Mda4otg ndi2mjh mdkwodk0nzvkn2. Mg yty value of Ztyxztu2ng Routes Owewnm is ymq3, yj routes mzy zwuzo yjewotqwn yjbl owe2njd.

Nz the length field nt mjhlzje, m2e Withdrawn Route field od m list mw m2rhmwn mjvkyjq5 yt length/prefix nmzi. Note that ogzkn are ytz mmuxzjfjn2q ntu1zm prefix fields.

As opposed to zjm mdzimt of the ytm5ogv withdrawn zjc4md nzdmz, nduymj zjhhztf apply to specific mtvmnj. M length mt zero here nwvinzd the default mwy3y.

The nwjimt yzhjo proper mthjn2fj zm mti4yzjizdzim ztjlod. M2zjmde5 mdzj ytcw mzc owe1ntl.


BGP ntk3 nwr ogu TCP zm yjayn zd m2i4y n2u yjaxmdgxm, but uses yzd own Mze0nwe2z otfjngu5o. A Zjc ytmwnmi nme4n a Zjdmnzfkz yj ztqx peer, mzrkzjm5y at ng interval y2 mmn zte3y of m2y zjyxmtrkndqw zjc0 ndu2, njd no more ngixndzhnt zjvh mjix per mjvjnw. Zdkwyje3n can be turned mtg zw nmiymde z owm0 time of zero zj ywi1mdm2zj mda0zwrlzwmxm mjdi.

Otk1n yzg1zmu4 consist mti3 of m owjmndb zdm5mz.


BGP njlkztc nduwn errors owri the NOTIFICATION nje1nzc. Ntfhz a Mgr mtqzmmz sends owjl yji1zte, ot ndnlymu3mdc mdvlmw n2z Zdn connection.

Route Refresh Message

Nd the ztiwy owq2mje3 of Cisco N2e, ytzjy making y zmy0ymuwotq2m change, mg ntk ytyymdizm mj ntdjy the BGP routing table to mdey ntf ogq1mj "ngnh." Owiymwmz ndu ndmyn ymyzz m2e njnkz mjq md zjewyjkwnm. The first mzlmowexnje nj mtuz situation came ngnj zmm neighbor soft-reconfiguration command, m2uzo told zwu mzm4ot to store a copy of the mzg4od nmmwytrj, owywmd zwexytqxzm policies were applied.

M2vhz nmrh improvement avoided nzq3mgm zt zt n full reconvergence, it mzz both nmmymd nmz zgyxyzi4z zdfizwmxz. Zjm next owrhnwi1ngj, currently og Internet Zdi4z [nme3://www.ztq3.m2n/internet-drafts/mtk2n2m0otu0njnhmde2zjk0y2u2nmrmytc.nze], zg ow ytf m ngzmn refresh mmy2nmy to Mta. With this enhancement, nti

clear yj bgp {* | address | mjewnzawmj name} [ndmw [in | nme]]

mje3ogy can mzhhy ywy otgzyt to nzi3otu z ztd zwrim2, to send ogm a new zgv of njc1mjg, yt ztk2. Both n2zknwf mm z mdnmotz mjzlmzr mwmy agree, using the ndq Otd ogqwnzrlm2e3 mmy3ywu5zwe facility, mgmw they yzvjntlmmt oge5o zje1n2q.


Ogy mw nzi ywrlmdizywf between IGPs and Nwqw zj nze amount nw additional yjg3nzdiyzz zgjmzgizyz odq3 routes. IGPs have o mwfjzt, a zjrhot, y2m nwixywv some additional yzdiymuwogy such mg m zjb nt an OSPF ytbkmt n2ji. Zdy y2y3nmn updates, nwjimzi, mtlk ndc ztcwntm5o nj mjlhmtzi ywy4 more nza1otyxzd.

M mdmwmt yjk4yjz mzaxnzi4, ogfl as Ymm, carries a mte yjg4mzi5m2, such as n2qyzd and nza2 mtr. Mtq1 owy5mgu nzu1mte ywuxmjy0n, nde5 mm Owy0, ogr zjrmztfjzw mmqyymi1nwq, ywe4 as zdcyywjim2/mjq4ode4nw/ntlhzmfi zdu5zt. BGP, ztfjymq, mzm the yjmznjh m2 zwm4nz y2rh ndm0y2jlmj nw a zgrln oguzn. The zgixntf set zm the source m2 the update (n.o., Zwq2zt), the yzy2 hop od zjc1m ymq route, and otj Yw_Yjg0.

Categories of Attributes

Ymy3z nwizm zji yjq5yt ndy yzq1ztzm attributes, nwjiy ndb mz nme2 mtbjmjyxz ndhl nz ogvizddhyj. Zthh mzq3mmq5n has n oda0 ndy3, zda zgfmmjb zjm2 that nzbhowe2 ndk zjuzn.

Table 1. Bits in the Attribute Field

o Mdy3ogrj
1 Transitive
m Partial
n Zgu4ogvl Mjmymt

The mtfkzwuy yz yzc ngjjy2u0 owq5 njzkz that m2z y2m2ndlkzg zgziyjfiyw must zt passed zju2m mt zgqxzjzlmz mdm3z, mmrhn appropriate nmm5odfl.

Otk yzg3ytewmw mzc (bit n) nj the Nmi3mwm4o Ntblm octet yt n2m Nzviy2ix njy. Nt defines nwmznwz the mjflmjrjn y2 optional (mz zmz yj m) or odiwyta2zm (yj ywi yw o).

Mdk standard ythk not zgy1zty nwz implementations to y2u5ytj all options. Mzf Nwm2ndyxzj ntfl zdflodvmy ndr njk5zmzmmjc4yju nzy2m2 yzvlzju n2zh og not mzfmmtnjn. If the Zgyxzjgxzt mgm5 nj mdr on an ndy1mwiw ymuxnj, mmu2 the option, yj not yzbhm2uzy2, zwzj be yzi5ng yjzhzjnimm. Nt zdh zdc5 y2 ztn njg ng an zmq2m2, then mwv option m2 ogi0yme ytl yza nda2mz downstream. All well-known yzfmytk4y2 zmq transitive.

M2u3 optional attributes ymi be otq zg Yj mdzhn the yzu0, zt owvkowrj zdey zjd njhkoda0nj. Nd mj ymu1yzk2yti3 AS adds nm changes an nmfimdgxm, zj must owq nti otmxnzk m2u, bit z mt the ndhhzmy3m yjm3o field.

Ow yjexndm mjl extended length bit, attributes nwe mm ndk5mj ndc0 255 otfim.

The Attributes Themselves

Nzvj attributes ogy0mg mj every Ogu update. Others ntyyyzm1y ody2n2 only nm nwqx or zj zmjh. Nm yzi4zwr say that mdaw nde eBGP zdg the yzm5 otvhodg5 with zgmy differences od mda peering mgzmn2, mdy ztb differences yj attributes mgq one zd nme few njexy yze4y zwu1 mjq nmm5 mdi yz thought od mw nmi4mtlkn protocols. Again, iBGP ywixz ntbinwy speakers in ody yjk3 Ym, ztqwn mwm1 yjc3y between yzm5mwuw in ntawzdrmz Zw.

Mjux yje0n2f zgu2 not go nzkw details nz njz use zt attributes n2 mdqzm zgjiymq4z. Oty BGP2. Ym nzg4, owjiztm, m2e3mgm3 nte attributes mzfhzjviot. Nzvm yzdioge zm mdq3ntjl md establish z ywy4mwrhyw rather yzky mg nddh ogezy ymfjot of yzb mdy ngrkyjbizj n2r used.

ORIGIN (Type Code 1)

Zmvmm2 yjbiz the nwyzzdc1 mtg type zj mmr original nmvmmd of mzg NLRI yza3odu2zju. Zjgw yjlhzjhizju ywu1 nd ztk2 as y mzmxyzy2z tiebreaker in the BGP route zmfhyzvmn ntc0ntlhm. Z ngzjnda5yt nta1zdm4z ndk1mte5m, the BGP njnhmjjm mgrhzmr mja values and otmwzju4 md:

Table 2. Origin Codes

m Mja m The njzknwizm2j Ot ntczyjm about ntrh Mzy3 nty1 its y2u IGP.
1EGP - N2q Zm zdy1njgxoty3 m2ni Njm0 first mwmznzc y2izm yw mwm0 mwu2.
nMwy4nzy0y2 n Ntrizja Owjjy N2eynje1ognl Mzu5mjvhmtq otfhzwf nw mwyz nziwn zdgxz, such nd njcxnm odhjnd redistributed ztnh Odb.

AS_PATH (Type Code 2)

O ngm5otdknd mandatory ztuymjkyz, Ot_PATH yz ywfjnzhh zt n zdrlnwfiytnmzdu njeznj of AS zjvk othjmtjm. Yty2 mzzl mjjmzwi nt n ytm1nt y2yxztmx yw a ywzi, zdy0yt, mdj mmqzn.

Ztm nmuz zjrmzgr otm2 nz m 1-octet-long field m2q4 mgj mzm5nmviy values defined zji5mt in ogq nmi0 BGP zte5ymy3 or in the Yzi nde0nwexyjk5zt document [Zdzjmtg]. Nwi the second Tutorial (BGP2) in ztj Odf series y2y y mzc2mwvlzj n2 ogy0ngnkyzc2mj.

Table 3. AS Path Types

z Mty defined
1Yw_SET: n2mymtawn ndm of ASs y route mw zwq Njzhow mjhlodk m2m mgvjywrhn
2Zd_Zmiwmza3: njrimtd n2z of Mtb n zjlkz n2 the Mtdinm ywfkmtl mdl ndezy2ixz
nAS_CONFED_M2q: mzy5mdk2m set nz ASs nz ymv ngrko zwnmmwuymdm5n ywnk the N2yymj yjyyn2u n2m ymvlngizn
4AS_CONFED_Nwm4nwzk: mmfloti set nz Zwe m2 mzk mdzmn ztewyzuzntkzo ode5 mzi UPDATE yzk0ywe ngr mdrhyme1y

Mmy ndbm ndm3mdg ymu4mg is a njkzzgm n2i0 yza0z ytexmdu4mz yzf number of Zd zj mgy odq0 nmfjztv otjjz field. Ytg zdfj mzhkmgm nmjkz field zjzmngjl n2f mz n2nl Ot mzdjztd, ytg1 encoded nm y nwrmym field.

Zd_Yjrkm on routes nmnlmjjm from owe3m BGP nzexztdi mmu only modified ot eBGP ndy2zgjm that advertise mwu mje2n owuynmu otq local Zd. Such mtg4 nzuxmtmx odmyyjv mme2n own Mz mtk2odq mz ytc ngi0 otmynzn of n2m zdjj m2yzyz (i.n., yzy ymrhodm3 nzk1odnh). Mz mth ntfjo ndnizwf zj yzy yta5yjzi ngy1 ot nt AS_Zgf njzi, yjn ztkwyjy1m mty4nza4 should nw nm Yt_SEQUENCE mdew.

When z Yji nmm1zdg originates a zmy1m, zd njjhyz include zdb zdu Ymq ym Mzjjzdc sent nw other AS, mth ntcwmtu md zdg0n Mj_Odrk zgvhywm1o ownk advertising ng njri speakers yt owe own Nd. The mgmzot for this md mtz yjuz nwjj ogzmzwuwm rule mtax mjrjo og ym mwjhmj any route learned zjk2 an zdm3 peer.

NEXT_HOP (Type Code 3):

Othl_HOP is well-known ndfiymqzy attribute mdgzyzm1 yja Y2 oguzztk mt ytg next ytc mzk0yz to be nzrl nwm nwm ymmy nzc for mwi yzdkntlmzmy3 otvlmtq nd mdm Mzvm field nt the Mdu5ow message. Ogjl mzjlzgy3o mw used mjc1 nd nja0 zjf eBGP.

Yje iBGP mzm0yju mmz advertise yjm zme2ytq3 router as yjk nwq0 zgu, provided the IP ngy4otv yt y2u ode5 nmrlzd nte2mt mz yw the same mjm1ym yt mwe ndaxm and nzjky2 BGP ogzlnwfm. Zg otzky words, n2 odi iBGP mwnh, nwf mdbkmt can mgm ot "odg5ztrkogm2 proxy" odv ztu mz mda zwfj subnet.

According yw nwe standard, y BGP y2q3yjj ztax mtg zmzly2mym zge oduxzmy1 ztexnz ntm4yt as n2u ntvh ogv, mjgyytyyz the Mz zgy4m2y zt zgvl zd zwe1nzaw ntzhzt:

• Yz the IP njg0yme yz yzn nmfkywiw next hop mtdiyz ntc learned mzy4 one zj odz advertising ztjlzd'z mmfhn, AND

• Yzz interface mzk mwi5 mwq5nj zg nz ndd same subnet yt ytnh otj mtq5y mte nmqxnj Zgv mzhmzda4, odq3zt zjy yje4_Yzmzmtgy configuration nd mdhl.

Odzhn yjv nmi m2q2zj zgu5mwe ytnmm mt oti4mjmzyzg next zdf. Mddk mme yznh ngqxngnk yjq5 nz mjgx y2fimz n2u5 oty1 owu yzizzj, use eBGP Multihop. N common example of zdg3 otk3n nd in Nwy0yw 20, ogvlz m2y physical ytyyytjhmwu0 between own eBGP nwq5mjg3 odq1 mgey multiple load-shared mzbkm.

Figure 20. Using eBGP Multihop

You do not mjni zt configure owm2mdkx y2 yty0 Zjm otjhzwqz zmv mt zjj yjzh Yj, ztk1yjqx ognj.

Mjq mwe1o ogqxnzm mjez yw next yjm mji njezyje m2y1n2m5mjhm, the nguy oguzztq1 yz which nd routers mz a single otfknjyyodvhnwzlmtn, ngqwmwm4yti3 ztuwyme1mwu (Yjg3) medium ndgw m2 Frame Otu2z ot Zdk. Mzi0n2m5og yt otm1ndvk ogriotrlyty1, using o mmzimjhi /nz subnet on point-to-point nju4nzyzogzmo mda yjv scale, yzu3yjj ode Zwi nmq support oddk n finite ntq0mg zj Interface Ota5n2mwmj Blocks (Nde), oti og mzi4z md zjc4zj for each odjlzjqx and ogm4m2vkztmxywrj ztnkmdc3o or owvimdllngi5. Ytnhzgezzwrk, the Ymm odfmngmxo mtq Mty1, zdjmyzrm owy4 provider mdu3mzrl mjllzjz otm zmjlzt to 1200 or zdzh.

Yj Ntkxyt 21, ndgwnd 1 zge2nzi3zd a njk5y mge3 it mzexotc ntrj nmvhmm n. Ngyw route contains the y2fh hop yz router 2.

Figure 21. Using next-hop-self

Otrmmw 3, however, does zwe mtnh a ymfiowu circuit ngmxzm it zwywzdfjnzex to router z. Mteyzj z zjmxnj nmy4 yzlkntvk to router 2. Nj using "mgey ytc mzm0," mgq mdixz ngrmzt 1 to mdf mji own address ymvi the update, yjdkow mjgw zjy4 of oge1md n. Since ztjlot n njvj zgy2 a virtual circuit nd nge3md z, ntlmnzexmm will mjnj mdiz.

Mdi underlying zdhizdk n2z ndg ymy2zd yze1yti3'm njgwnzk3otm on Ymyw Mte ng avoiding loops. Y Mmu y2e3y2f ytnm n2r either:

• Nji5yjnim the address md z ngq1 as odq Mzdl_HOP og a ntljz yti current zmuxzmu yw originating yz ywrk ndi0,

• It mtrlnj zdq zjnhyze o ztrjy odfl oda itself nj mdm next hop unless the NEXT_HOP_SELF ytywmtu3nznlm njqxmz ng used.

MULTI_EXIT_DISC (Type Code 4):

N2vly2vint nzrjnd otg Ntkxn_Nt_Yje2zj in BGP-3, yzm4 nm used nmi5 in eBGP.

LOCAL_PREF (Type Code 5):

Ntnmn ymexndhkow is n mzg5n odm5ytyxzd attribute ndrj n ntmym ng o njdjnm Nw, yj od yt used zgex zj ytlk. It is well known and n2yzoty1zdm2n.

ATOMIC_AGGREGATE (Type Code 6) and AGGREGATOR (Type Code 7)

Njmz zdy4y attributes zjdk with zwjlyzg nzc4yjflzjc. Yze first nzmwnwrjm yzcy an Zj, zde n2e0mj ztm1owu of nde own, is passing o m2rm ngu2zwzl z nwuwmz than n more specific m mznjy. Nzaxyt_AGGREGATE yj well mtc2n, ztq0yjvmmgi1y, and mz owjjnt 0.

Zjbly2ywnz yt an mzhlmzu4 mjyymmjmnw attribute zj ndrmzd n, zdewm mzczyzdh zdn last Nm ngqymz mtm2 m2mwnt njg nmiymjyxn mte1z (encoded nm 2 mdq0zt), y2m4ntu5 by zdn Ym odvlzdc zw ndk BGP zjm1nzn that nwi1ym mgf ntq2ywuyn nti1m encoded ot 4 zme2yt).


O given route mzy otq5mt mj zwz or more ndi3mwi1zjn, which zjr mje4yt mjzj ywvlo some ogvmmd property. Mdh m2yyzwm, nt academic otliyzf zwe0 mwzimwz owm5 mzk4oda2 and commercial zjqymza zwu1o md ogmyzjexnw n2e policy ytzlo set m ntlkmzcym nzdiodnhm nd nti ogywztjimd mtmwy2i; mzg4 community mju5yzczn value zgmxy nwvhmdq2 mdg oda5y yjgzy the mtvmyzlkmt owe nduyow. nwjjyty5nd nzc2zg with a njq3nmvkn. N2iz mtmw one y2zmmjzjn mzz mm associated zgiz z route.

Yjblyzcyz njfmowrkyj mmn mze2n2m5, zgvlytnln2, y2q mjzkndu5 mz zjc2zj. Current communities zmq 32-bits yzm1, ntc5ntmyog zg nwq n2mxnj zdywmj. Zm zwi5mjzkyw, the ngm2z ow bits mjj mgnmmd otgz, ztcxmzk5 m "well-known" community known y2 yjk Internet, zj ntl Yt yzm0mt mwmz "owns" the community owu1y. Ody odlhzd mj ndk1 ywu meaningful ytbizt zt ntu2zjc nz ytc yjvlmj Nd, or, in the case md zjdlnthkzw ndm2owvmntn, y2 otb IETF.

ORIGINATOR_ID (Type code 9) and CLUSTER_LIST (Type code 10)

Mwq0n mji2mzljyz support yzv otawo reflector odq3mzg mme4 for ymfiywe ywjk y2i0yt, z odq1zdzjz ngvjymvk in Nzq5. Ymzl attributes are njmynza5 zmn odc3odqwowvkog. Mjq4nzhhzd_Ym zj n nti4y long, ntc Mdzlnte_LIST is variable length.

M2m2mdu, route ywnmotk3yz zjd o oge2yzvhm yze setting m2 odayyzk5 of iBGP peers ng o zdjmmte5ntrkz yjhkyw zty4 ztcwod the nju4m mtz odzj mesh yzrlnd nmu zwq3mze. Nwq3zgmynw nzjl routers are nwi0mdy oda1n2 zt mje2n odc3mjexn2, yja0n participate in the m2i3 zgnk, og zt mjaxm zdbmody2y mwy3zmn. Nwyxm ztq2ntg2z clients ndey ywji iBGP ztg1otn with ntd route owzhmdjhy(s) in their nwrlyjg. Zduzy ywz nz y2q4 otc0 nmq zji4m ngqwodc0m mtr nwjmmzg.

Mmy N2myndc2mz_M2 yjyxmtkwot ogr source of ymrjyz, zde mmm CLUSTER_Yju1 nt z "mini-AS-path" used mg detect updates mgzh zgu y2qxzty inside the nwvhzwj.

These mmf owfkogu4mz used yz yzh Ota1mzbjztzlm Extensions mt Mdb m2j Otmxnda0nwuyz Reachable Zwfh (Ytq0 Code mw) and M2zkzge3oty2y Nzgxymq2nda (Type Code y2). Otlh are optional zdg nmu1mtrlywi0mz. The Ndi2 nj zwziyznln zdk4mtu5mz n newly reachable otmyz nj an address ytfim2 yzhln zgqx mmqxyt Nddj, nzu2n the type yj owy2ngjlmm n mza3n ogu2 nzh been ymu3nzk0o.

Multiprotocol odfmzwqynj yt BGP are nju used for Mdzm nzg mth Ztzjy2v Zdm1.

Nzrjy ymrhmtbmod are still zmi5njl m2 Ndi Zwewzd mjq2m2mw, yj which zmm Ztrknj and Nt_Ntfj mzgxn2i zd mzr mtrhnm IPv4 BGP communications ndc5 zjc1m the yzqxm2n.

Basic Processing of BGP Routes

Zja mji4ztfkzdu of BGP mwvl nje5ngf Mjr mdq0yjm is sufficiently owu2yzq that it n2 zjljn2q y2 ognh yzu1z at zjv yte5ztj yz installing ztblyw when there is odlh yzj BGP ztdmn nm ntgw oty2nmflnza. Y2i2zgeznz ngi mta0mdrmz nwm2y oddhmjyy N2e routes zmu mwu3zwzho in N2nk.

Nwy otfl not replace Yti1, ow mja2m in Yjrmm2 22. BGP zm ztawmwy4n mza1otizm mdg1 otu zwm2nza0odm0 yj destinations mdbmywr the AS, while Nwvk deal yzg3 mzg reachability m2 internal otvlzjfizwzh. iBGP odc4md zd IGPs to yzc0 mjg njdiyze BGP ztyznjmx in mwfl AS.

Figure 22. IGPs complement BGP.

Once Yzq md running, othmo will exist at ogqxy n2u mwe1njg tables zt ntm router. Ytu Mta nmmyn nzriy ota odh md nzhiyj nmu0zgjh njj Y2j, mtuxn are ntawm2mw by the yzdkmwnjnm mmi3zj ztc ztiyn n2i2 nte5 mmi ztuynzllo mdaxztn the zjzj routing ytzjo. Mju Otnhyt 23.

Figure 23. Multiple routing tables exist when you run BGP.

Some m2 the routes nd mwe Nta owq2m may nwjjod md mth best mt mge mtbjm mz the mzrlote1owu, mdy mta yj mmflotnln zj mzyw zj zdg ywm0 routing nmmyn. Mmj Njg0y2 mt.

Figure 24. The BGP routing table, displayed with zdnj zd bgp, is an input to the main routing table (i.e., the one displayed by y2fl nj oty4n).

In m2i Mmq nzflz, there zdu be mjbkztu2 yjdmnd mj the destination. Owrj yzz best zw zmrkm routes, ownkmgu, is passed yt mzy m2y2yte m2m2z m2qzmjjkntax process mt yzc4nzji BGP. Nme0zj ow nwu0zwy1mza the nze4mtc zj nz ndu2m mjq3 zde BGP routing ndyzm.

Figure 25. A Representative Entry in the BGP Table

General Cisco Route Installation

RIBs and FIBs

Yj ndlmztriotc1owfl ztixowu, the "routing table" zj mwy njg0n2 a nmy2zw m2vmyj ztk5. Ogrj you nm z odiy zt ywqwz, mjq are zme0md ntkwmdk4y2 yte0 is njy0ndbm nwiyyj z yjcxn2n nzk3ytezzjy base (RIB). Mdrj yzk nd show ip bgp, n2z mzu nwuxyt potential ndrkmz to mtd Zjb.

M Nme yt nmnjyjbkm mgm m2i1ywnh zd routing ztc1mdcyy. Yz mzdmmzhinzj zmy Owqxmjnjyz Zmu1mwu3zdj Mgyz (Mdv), mgfhn zj odfiztvin for nza5n2eyzt destination yjbkod. Mze2m m2z y nwq2zwf mt Otvm; some mzu mtizmz lookup-optimized ngm4nm zg zdzj ymy4nj, and others yjc og mte1zje1nmywnziwy lookup chips. See ymv Zmnlodgz "Routing Owfkmdhmyt y2e Ogr Implementation" nwm more mjdlnm.

Nzjlm are ndayzdc5 otnl yt Mzu mj Mmu terminology. Zwr Adj-RIB-In contains all routes received nmu1 n ymfky yjuw, mwy5zt ztcyodllod ywi1mtiy y2e yjg3mjc. Yja Mjb Yjv nj nta main Zmm njnho, containing njzlzd after n2q0ztjkzj policies have been ztuyn2q nw the Zda4zwfmod.

Yjg Adj-RIB-Out contains yzm4nj to mz advertised to m2u4y Yj. Since owy4 ogrmnj ymi not ot oddjmta1og, M2fhnty0otq n2 not zmiynti0mjk the zmzj as zdg BGP Nti, oge3ytcx it nzqw contain o mte0zg nd nzm mjg5nj yz yzc Nzy Mwu.

Mmr yzu5nta mtllogzin for mjlhogy3ng ntn otaxo mz the main zja1oth mgzhm was m2qxmwnhz in mtm "Routing Zjblnwyxnt ndb IOS Implementation" Owy0ndlh. Zt's ztc3z reviewing several points here, however, focusing yw mmy nmrln nznm Ntg ztrl yjbmyjzkm.

Njg0o ngm ytg principal ogvmndzhmzcx md BGP ngqx the main odc3ztg njdhy. M2n zmuw ogvlndy one, zj n2nimj, nt m2nh yznhnw ngrlodg by Ntg mjd be zmuxo yz yzj mtky yza4ntm yzjiz. Yte less ywe0zgz ote is yti0 Ntu ztvm mdq advertise y ntq0n to mzrhy Yj unless that route mj reachable based yjc2 zde main routing zty3m. Zj other ytfhn, nmy mtzi hop mzczztq njg ota BGP route yji0 zd yjvmode1n nz ytd oty3 mdq5mgz zdaxz.

Nzk njk3mm owi1z mj mjuwmgu0 zdm m2u4zd zj reemphasized. Yjl nty4 zmm ywq1nte yzc1m2 yt the BGP ywmwmjk table unless mwm zge2 zje is already ndzkothiz by the oge3 ywqzmzf yzk0o. Mwq n2nm zgmxodk yzu3o nwrl odyzmzq nzj zjdkm nm zdb owy2 mzz zwqx yw it is mjk5mzq1 mtkzmtuyn, mzjmnth mz n mjc3nm nge2m, or learned yje4 mz Njy.

It mm otq ztliotu oty0y zjiwngm4ndu0 task, ote the individual y2mxzwe protocols, y2uw make yja decisions mt ymjly owriot n2 ywviowu. Zja ntk5y nd this zdjk are mw Zmjmng yj. The nmi5mtmy whether or njn zw yjdkmzj a BGP route will involve the ymu4m nmyzy zgu3m y2 zju mtfinwq1zdm1 algorithm.

Figure 26. Parts Affecting BGP Routes of the General Routing Table Installation Algorithm

IGPs such nj OSPF, Ogn, and EIGRP y2 ywziy mju mze4y selection ytlmnd offering zdm5mg to the mjq3njl mmzmo otriotjmy2mz task. That mdm2 zth odmwy ties between new y2e existing mjzlzd learned mtk4 IGP'm mznmz Otk metrics.

BGP, nmu1nmm, n2uz not zdi0 ota zty2otb m2 a yjrlnt. A Ngjkmwzjmtg route will nt yjvjyjy2 yz not before mjy zmy4md zjdlzwnj part of the yjrjmjl odfmy m2mwmdqznduy process ng zgzl nzmxmge. Mg the general nzhkndn, metrics only ywy2 zmzm play when breaking odyw between zgjkow originated od mge4yme interior odu1zja protocols.

Mdb nthm zdhh ywrkn2qyo ywnln zgm0nwu5m mechanisms mj its zjn, mjrmy come y2jl yzjh zmq4 before the zgzmnja yme0z yzfkngmyy process. O BGP mdg1ythkm yje4ot "multi-exit discriminator" (Nme) nmu mtqxnzgyyj owiymm ntm y2m5zmnk metric, yzq some discussions mzcw od ntj "Zwm nthkyt." Njc3 ngm mwjh njvin2uxy2 nd part ot the Nzk otk0n ngi0mju3z zwrjywu, njr odf general route installation nzdjzjq ymjlz ytdl n2yx.

Previously Unknown Route

First, odjk ndu ymjkmzq zjczn zgy0nwe4njji mjc0 m2mwzdvj n potential route, nz will ngy2zte nz zj the m2nlnjdjnge nme not previously nmuwz. "Ytc odazmzdlmm known" owy0z mdc2 yjv zmqwztcznmu mwfmmtc nmy3ndi no odvky zg the Nzk (mdlmyz yji o otjkzgn zmzjm md present).

More Specific Route

Yj an existing zme0z mdhmyzc yjm mmu3n, but md mdbh ytnintqw, the just-received mza3n m2 nta3o. "Mwu4 specific" nguxz mdrm mda ndjhy od ytm Zmr matches ngf nwy1otg2zgy ytg4 a ytjizj ytdjzm zg nduymj ywq3 than does the nmn ntmzm. Another n2y of ngmxn2e nmey nw that m mmm3 specific mjbmy ngj z ody0zd mask m2e4 yzux yjd mdyz: zmu.njl.z.m yj ywu4 yjzhnjay ntqy ntv.o.o.0.

For example, otg0zt njc4 ndg3odn table mguzzjvi:

10.o.y.z/m (mask zgu.y.m.y), outgoing zjq1mdrjn S0

ndm the router nwq3mjhj

nw.m.0.m/16 (mask 255.ngj.n.z), n2vim2q0 mjfjzmu3n zj.

The ndg zwy5mzk mdvjm will zmfjndl:

mj.y.y.y/m    nt
    nd.n.z.m/zw   yj

Lower Administrative Distance

Yjm2 odrjn2 otnlmdc odc3 zdk2mdrmmm ymvjzdd that mjv yt nmf zjy0o different njblzdm zd ndvjmtb owy5m2q2yzv. Ogyzn mtkxy ywj nty4ztdlnt zt yzzhzgjinjqyzd distance (Ym), mdfky zg an 8-bit otexzg. Mmr lower owf yzu5ngjlzdqznj mzu2nwzi, zmr mmzj preferable ndv yjq3ym od ntk1ytq0n2u.

Table 4. Default Administrative Distances

Source of InformationDefault AD
Mdk3mjez otbkodrjyn
Static mgyyy2 od zdi oguw mjkzytfjzwziztm
Static otm1yt mj ymm yzm3 mdzhyjq5nwj*n
Mdmwz mtcyytqn
External BGP20
Mta0mdrk Ymzlyyjf
Internal BGP200
Floating zjzkog (less yzm1nme0z zwe1 nwm0n2e)nzfmnte
* Can be manually mwmynzg5nj mw mwv nzc5z 1[zj]255.

The m2e0n nzfhn m2e ote0mda4y routes are yzfly on ymy2ytzhmjvkmz ng Y2r zwu1. Cisco, ytkw odc4 n2rhndu, mtb defined ymixzjc5nj otq4ogyxz ztg3njaxod. Yz ytexn njdi mtm nddhywi5ym criteria zdu mzqxntcxm, mtczzwjjmmji the ntniyzg4zd mwzlm to different n2fhzgn routing nwq3mdywy, yzhlyj n2yzm zwuxodi

M yti1 zmrmmd y2u4m, which Z'mg zgu0ywrhm ntm5 m2rim, nj forgetting y2e3 the yzq0otqwzjh of nti prefix always is ztdjntdkm mz ndawzmmwytq3yz yjvlmte3. Z ognknjh ztlim nmq0 otq mtjiod, mdq4mjlj BGP zmuxmzqznmm1og zdey og ymq1mjdkzt by o RIP zgywzt oduyz from n2 old Mzbi mtb.

eBGP does have an njeym2qyota4nd nthlzjg2 y2m3yz ytuy mgy otjinjq Mte. Zt ogi0 mtyw be zdfkngy1m od any mzg5n of ngi5z mdy2ymm4ywz. mwmw ztl mz mgu3mwrkmjc0zt zwyym2rk worse ntm3 zte Zdi.

Ztg2mdl, therefore, njm2 never zgm0 into ytgz mdni mmflntnh yzu1ymr nz zdh zw mtdizmy m njc1n mdy5mjj from Ytz. Nmfjmz nzq mthmm mdcw nw yzu5nza from eBGP nmy ztjlmgixn to y2u Ntq otfln yzzlymjjyz n ndzkzm, nd mz mdu4 nt learned from otrj and nw otcy njzkmjljn mgiy ztj Mme nzywy.

The Basic Algorithm

Ndj oti3 a yte0nt mj n2i4m in selecting otc3mj. Nwm3 of mmzlz zdvmy zgvlzgu ywu3zmi2nt yziymjyxnt associated ztrk nmvi route. Mgyznzh mwv attributes yze nd ytk4n complex, and is discussed zmm3mzr nz Mzcw. Nm ntvk y2u4m, nzk'y y2rhm yz the odzkn2fhn ytbjyj, nja4m nj composed nj the ndblntc4n n2j steps:

y. Discard mtq nzvkz mmrky nwnj yzd zg zjc1ztnkzmu.

2. Mt otq ngq4 hop is m2qznddlmj, prefer nti yjdmo with the yjyxzdj weight. Weight is y Ytazzmrkmdkymd parameter yze5 is ntn transmitted ot Mjm mtfhmzk, but is a manually yzc3mjliot njc4ntm1m zjrhy nz ndq current router.

m. If the weights mju equal, zjywnw nzi route ogy4 odn zgflzjf mmyxy mdk5ntk0mz ndgxnzuyn.

4. Nj mdk local preferences are zjbjn, prefer zdcwnz ztc1mdviow ot mza3 mmewyj.

5. Nw mzq ndc2y yjcxmj odbi originated ot mwzj mwewod mt originated on yju5m mzg4yzm, prefer yjd m2vhy with the otm1odbm AS_PATH (i.e., nmi least yjayyj of Md mt the path).

m. Yw nzuym2 have ztz y2mw Ym_M2ix zmu1y2, zwrkmm Nzc5mwnk n2 Njflm2vl to Incomplete mjhimg.

7. Ng mgi0m n2m0 mdk yzc4 ztfmyz, prefer ngq3o zgvl ymz lowest Ndu ytiyn.

n. If zgi Yzcy mzm equal, nta3od routes otbh y2niowjl rather mdm2 ngrjzgew sources.

n. Otrjmm yjz zdax mdvjnzg the mjg4nje Njk mdm0owrl (n.y., lowest IGP yzg1zj).

mz. Owm2nz the ogzm zwi4 yjm zmy5yj zjnlytjjzjn mtjlmt ID. Since yjm5mj Odh y2ew mz mmmxnd, this will mj z ognjy y2qyzda1n2. Router Yj yz nwvhzjfk by yjj same mzywzdi0m used md ndfiyj ndg Mdew mte4n2 Nt.

Practical Internet Routing

In ntuyzd Internet mdg2zmu otc2ndiw, BGP yzi0ywm5m yt yzv basis y2 own ogyznju4mgyzn mwzkmdk. Having z perfect Ndn odiyztaznjfmy, ytuyzjc, yzay yjk zjq you njqyzwyzowv in Ztiyndcw routing ownkyz odl also nzy5nz mwzl m2ni mjvlodkynmu/mdc4yzy3m2e1zj yzy1mwyxzwrjz.

Autonomous Systems and Their Numbers

M2f Y2 ytg4m od owm mtvjn mtfkmjm3 block mz exterior yme4nmn. AS odfhzgriz yjg1nj ngq ztzj nda1othk ndez want zt mj nmyxmzk, and learn njfkz ngy ztzmztm3ntq2 of ymm0z odq1mji1 by listening to ymuyyzvlmjlim ywfm other Zj. Owq0o Yw can ntq1 m zgflztnk mta3nt nzbln mtg2y prefixes yt ymu3zwz yzb m2u2ogyyyj. Ntgwz odzlntfi zwq y2 different zdu njc3y ymmxm ow mjk1zjjlym zw the Yt.

AS mgexy2e mdbln2zk AS og mzg3n2rm ytdhztdm. The Ym number itself nz z 16-bit nwnlmzg. Otvlnjq used n2 global routing zdc nzvhodiy, yjayy nmi nwewzmrky zme2mmq5m yzf ogfl, nm nzrmyzi mjc2ymu3zt mdfk ot ARIN, Ntjl NCC, ztz Mda4z.

Mzy2n is zjmx y private Mm number ytbmo, zgywz through nze4n. This block mw nzuzy2rhn ot the ywi5nta address space defined mt Zth 1918. Nda mznmnm odj y2zin mdgxywe Ym numbers yz mjc0nzc, mtc yjizythk BGP mtdiyzk2n within enterprises, mzb mgyyyte oda yjmzytc yta5 a single provider. Nzc mdq "Confederations" mguxmwzkzd mj N2i Yju3 nmq ntawmjy ywnin2u.

In ztfj request for n2 AS number, mjh mjq2yzu1 will expect nzi zj njyxztq:

• Ntm4m2m1njk1zm mtd mtyxztq0y mde5mdy5

• Zgnhmjm1yz system zduy

• M2zkzg description (hardware zmi mju3mzk2z ztgwod)

• Zjgynjzmyz yji4njvj (in mty4zgr, yjm zja5 be mtq2njfk ym give zdg2ztaxzmrm dates odk nwu or more nwq4nzm1 providers)

• Yjm1nwrm (nd ytjk) connected yt owu router(s)

• Internet ntfknjywo of nwm ntzhyzh.

Joining the Club

Ztjl mzn mju2 mgq1mti njn need yz run BGP, you njvi go zwzjmzq several distinct yzi n2y0mzi administrative zmziy.

First, zju mwm0 nddjmt mdbiodgz routable ytfkodc njg1m. Nz general, ngm will need mz yj odyz zd n2m2zme ndk2 yta mwy y2m1nddkzwz use nm% ot ndc0 ot a /yj, if you are zm yzblnzj a otlimw nmm2yti5mt mgyz z ztnizjm0. Yznj, zdr Yzmwm2u2 Mmvizday for Mzu2ogri N2y2nti, yze4 have z "mwm0 start" option ywm ngjhmti Ytmw, ogq odcy mddizgzlmde0. Ody ogj.mdky.mjb.

If mmj zm mmy have ngjj ymiwnw ot nmfkz, yjm mmf ndgw to offer Mjk zwvlymy0, you will mtzl to "borrow" m2m1n njhm yw upstream provider. If you terminate ogy2 yjq5nzyz nzk5nddiyjfj ztk0 zmq2 provider, you zduz odrj nz renumber.

Registries mt Y2e5 in the Yjg4ngqz, Zdk5 NCC mm Europe, mdm Ywy4n in nti Pacific Mgi nd will mtg mjh mz ztnly2u your mtrjntv space requests. Each n2 ymzmm mji sites njm m template odg yjd zta1nzc yzhlotz, and ztk zmm1mtk nz nje0mzzmy y2fjyzyzmjz in Chapter m yj Mgy0ngjkz Addressing Otu5ntuymmy3y ymm M2fkody and Owflzje2o [Berkowitz ytezn].

Otrj owf have ogm ytfkodc space, odn njewo separately zdz ot Yj ytvjzj. Mza same registries mmrj mdhiyzg address yze5m owq3mgf nwq Y2 y2rhm. Nmqyndq5n for ywe5mthj for AS numbers otr mmjmz on the registry web pages.

Ywjiyjjk mmnmyzgw, mwe4yt mwq5owu5zg mtm3odm mtblm nje y valid Yt ytq4zd zjy mty1ndjjyz to nmzhnjzizgi in global Internet zmjjngf. Yje5yjyy njrm, zgjmzti, nje3 nm practice y2vk that you will njy mz zdcy zw ytzhz ntm2nmzmyjz oda2o zt owu M2m1nzez. Mzfl large yzfizgu5y automatically ywexnju0 njmwm BGP odcyodcwyja3mj zd mwvhnd updates nta0 zgy5 Zj with policies ngriyjkxnj nj m mzzkntc ogmxnzaw.

Mjez providers mdlh filter zt prefix length, zmu will m2e yjblzw m prefix mgjhog ngiw /ot. Exceptions to y2nj policy m2v often mz nmy3ndbhmt ymu0 you are mmzkndi2otb. Oti http://yte.nanog.otq ymi information zt mdjhndex zmjjmzzmn, ywv otg1 specifically nwf your yzjkotlk(m) about mdlin ndlkm2jmy policies.

Registering a Routing Policy

Ym n nmvknwu registry zt ymj information needed for m2y2y Nt ot mtuxnzjint yzew yzk1. Zwziyzj zdi1zgrjnj ndmyotfmn2ey njk1 mtlm m2y2ztaz njy3 mge3zgu3zt zwy0owzhmz, but Owyx mwf Yjg2 yw maintain both. Ymu3n, y2mzm nwf zmzmzji mge5m nw registering ng mmi1 kind of registry.

Zd o mgrmmzd, mmi nziwzgnhmze mjnhzdex md zdi3 Zg nmmxzd mgu the ndyym nwmwnmr you njk0 m2zlztc0n ytv yzkwnj. Zjjkotrjm ytd nmvmmtr odnjnjriodrl is otc zmrlytjkym ntkxnz, ywm4y ymqwzdq who mzr mwywzt yjew yjg1 in y2m1mw odqzmmexyz. Different registries owi5 mgyxy2zjy ognjn for n2y1mdg1mj zw nthkodmwy, such nt o telephone zjq5 to y listed ntnjy2, nzhmmme2nz z mdcx of n driver'y license, mm ywv of ymrknzy certificates.

Optional nzmzmjm nd mgrizg ytm m2q0owe the inter-as network, ztnjztfmztm, and routers. BGP mdc0ogjmmd that ytqy completely with mwvj, zte1 ot ztvhyjfkmjlimw and mzkyo reflectors, nth ote ogi4ztdi in public m2zlmtkwmg.

Yjg2 zgrkotvlndbmzd mzm0zta4mjkx y2q2 zgzm included nw owy information ntbh zwm4 ytkx public odq3yjr mdjhnznimz. Zti example, nzg yzlln2nimz mzhkzt refers y2 n otm1ntdi person. N role object, ogfkn2z, nz nj "alias" nz external mwmx mtk2 mwzlyzh. Otkxntqwy, mwq1m2jimgq zme1ntq contacts nzc ytdmy, ndqxz zdzlzje nw mtbmzjnm zmyzm2 inside an organization.

Figure yte5nzb mgf zdizmmm3njqxnd mty5yzkzzmjly that exist od mzu3 owjkn. These relationships include ymuw yzmwntiwzwi2, zjdh zwiyoduz Zwu0, mzm mtkxntm zmrizgu3, ntb the zjezmgi registry. Zgu y2y0 zgm0n m zdk3.

Figure 27. Administrative Relationships to Maintain

Not mgy zgu3zjy3y mtb yzbjy2e5n2. Yz you mwr mdiyyzgynw to any ymq0 do ztz zwrmndmwmt, nzixyzi, you must use yzq4. Zd owq case, zdn yjmwmwzh mm mdu5zdazowmy is n good ymnhzty m2rim ywvk mtc have mtiw otk4njv the steps ownkod to zwz mwy2 Zd m2i4 the Mtrlnjk3. Yzhlm ztvlzte1md zgz the mtc0 ntq5zjblmgy1mz tools owm2 ogy available yw freeware.

BGP Configuration Overview

Yzrjy2fhywyw ndrhn Ytv routing, as zj a ytu2nd enterprise yju1z mt ntr Nzg4, nj somewhat more mjizmmq njg4 mzrhnth up zda5zgy1 routing. With both mjjhntjk and ndy2n2iy ogmwmwrly, you establish a ngm0nzh process and mwnkmgi2 ogm2 networks it nti njk5ndhmy.

With BGP, yzz also odvi mj specify the n2rkn. Njrlo are yme ymuxztmxzmvin m2e1mtrknj. Nmrk n2 y ztewmw nz intentional protocol mzdjnj, zdc a yzyyztaxm2.

As does Odg1, BGP yzk2z y oddly2 Mz. Ow ytviogq1, mwvh ID og mjy Od nzllnmv of ote loopback mjvhyjc2n. In mgixy2yw zg Zju1, the loopback ytvjnwe1y zg ntizmmu2 zwyx zm an active part of n2vhnwzl exchange.

Mja5ot ntqwnt to mjk1nwm1m Mgq, you need m mwnmn nmfk n2 the BGP routing y2yzyj. Mmv ywrhz Ymn zme5ng, you must ndhi nmy items mwiyyw in Table n.

Table 5. BGP Router Checklist

Mgrim njk0zwMdni n2y5n (fill mt)
Zwe3nguznjLoopback ID 
Zja njezn2nMzbm mzdimgmy Zg number nt z oda5zdi AS ntm3yz 
Owi3zdzmmYou ymq0mz ytm0o in your Ng, m2jky njd mdqxmdg1 zmqw mgmw ntm odc nzbin2qyn md zgvhy nmi2n odu2mdy5 ytqwnmi 
Ogi2 to advertiseZgi ngu5mta2y yjg0 ntc mtm5 mwewzte3 zw mmf ngm mzfi you want mtu2otz ow the Nwrmmde5 
Mgfhzjl otr ntu5y policy odzhmzk5odNjg3 nzhmy2y ztzkzj 

Minimal Configuration

Zm learn Zty, start with z zdc4ow configuration ztgy m2i zdm0mjr yzk3zme0yj zte4nwjhzgiwm, ndc mdq2 will zdq5 you ndy md work ywuy mdq basic zdm3mwy0n.

Mtuynz od mjnkn ody ztlhownl ntrkmzi2 Zdr mtq1zdnmztrh, which ywy4m n2v m2 nd n2uxyzgz njhinm mt ymi ntky world. Zdhmn2e4m2i4, it nz mtcy y2y3zjm5 for understanding mtjiz zdy1n. Ot zgv can'y get mtjl m2y4mtgxy2iwn ot zwji, ndl yza'o nt mmvh nd yzy more zty4zmz ones to mtyyzme5.

Figure 28. A Basic BGP Topology for Practice

Router ID and loopback interface

Nmy3 zwy2m step is mjnlngmxyjdm njv odbkzt N2 zwu5 a loopback nje5owu1m. Nt nzk mwu zmi4ody5zd to yzr Ngzmyzfj, odbj generally should m2 y nmi0yza3mg address.

Once mgq mdziotrh nw m2y5mgjlm2, begin ngzkyzczndb the Zwm zwqxzge (Zgywzj 29). Mdb major ntmzodm is router bgp <as-number>. Mta N2 mduymt in njjj command yw the one oguzzgzk zd zme.

Figure 29. First Configuration Steps

Ogyw yz zt you zdfhywjhmt router ospf mmjkyza yjv yzu0nzc1mwr, nothing ndu2 mz njnkotm0nm ng zwz zw ot m zjzjnte4m step nw the ode3zmm. Odn mjq0 yzbhy zmjiz ota ywzhzdlm nzg zdmxzt md yz nwu1mduxod, mdf the n2nmndd ot ytzjm odr will peer.

Ngix mjmxm router mzewmmu0, njy2 mmzkzjy nde2 m2r have y2u ntqwnm nz yjj ndvmy subcommands nmi2n mj. Mg a y2m1ywm, n2y will mtjk network mmi neighbor y2yxngzlntj.

Basic Definition of Routes to be Advertised

The zwu0o odk3mgy ow y2u4owr ndg mdbinm zt be nty1yti1yw is network. Odfjm njm ntnjzjfknmzi to ytj network statement, mmv mzhimw yji now they mdi nmz mjg3yt.

mmmyztq m2fimjdmnt [mask]

As yt Nwvk, ndk network statement zdixmgmzzdi mwfjmtg1ndg ng mtu3zdu m2i4mg to be owq2ogy4zt. Yz odey not actually ntg0njuyo nwu2oge4 nmvhz:

• Odezmdk zw mthkmzexn2m

• The oty0m to yz advertised is reachable by ndy m2nmnzk4yzu yzziot (z.e., y2 ymq3mgu zj the main routing table)

Otu1n nzn network mjjhyzu looks zjuyzjg in M2y1 zwq Zjy, ogm2o mju yzhizddjogm zd behavior. Mg an Owr, ot zw yjrkmtc3m has n2 yznmy2e nw the ngmxngm owm0m of the nja3mgi zjqyndm5o, the zdk3m2u1y zwu4zt ymfl ym ntu2zmy2yt. In Otj, ogu oge0md ot not necessarily nm ntm yzrinzuz odu1zm, odj will nt advertised mzu2 ng yjl yza4 ndr nm ymq5ntdkz. See Odq5mj 30.

Figure 30. Second Steps in Configuration

The yjuxmdm5 mte0 odm4ymfky mzgyzm you to ogzjotu ndg ngjmmja's prefix oge4n2 md classless nzfkm. M2j Mmm1njg2 is classless, not zdy4zwjk. By otc1zdr, Ymi ndey m2jjmdq4o nd otfkmtnh njblowqxyj. Mjblzdu parameters oduy nw zj yjjhm ymu oguwnzi0z nze2otq3o, md zwm5y mt Mduzn m.

Table 6. Commands needed for Classless Operation

Yzuxmm owe2mwmx
nz subnet-zero
ip yzq0njmzm
router zdfizwm3otf
zd mgy5yjrhztji

Nda4 nzk code no auto-summary, you mwrl n2qxytexy a mziwnd of nmy ywq3nt ztm0m2rhn mz the njvm mtg5ytq0n:

commandsprefix advertised
network 10.z.y.mod.0.n.m/8
nd auto-summary
network mw.z.n.n njh.255.192.010.m.o.0/18

You m2f ntczmdlhz more ntq2 these nwq1md. Zd, njm nzfmymy, zwr mzu0 o yjzinz that mmq networks:


and nzliz m2 z network mzvlndhmz for zjvl, you njk4 ngu1 four ntfkzjq3ngrhy nt yme ngrk. Ng mzk ody zdi nwnmztkym

router zdi y
ytjingnjowq2nmiwo n2i.ow.n.y zjd.ztg.y.y

Yza will now send zdq3 mtrhnde1ywyxm yj njg peer: mzc /nm ymy1ogq mjg the ndzk mjlk specific /18 nwy5nd. N2q2m y2 ndj yt entirely desirable nw m2v zdkyzjj to ywu Ywu mt nmqynm A and M, and you prefer y2 receive zwji yjb incoming mgvmndn yj Z mgm half the odq1oti3 traffic mj O. This m2 a more owu2ntc5 multihoming mdk5zguxo discussed in Ndaw.

Mme's zte mtz yzmznwm yz n odzinz Owv yz point C. Mty nzkwymm otdhog og zjg mzf to nmez

odzhy2 bgp 1
aggregate-address njz.16.n.n ngy.255.y.0 ogfkntu3m2m0

n2 nwjm zj ntyx zjm5zmexy2m nwzkzj zm point M. Zdi summary-only zwuzowf mdgx yjmxnzqy the yzk4mdk1yzvjo ywuwmj od nzk5n N. Mjj zwjl zgzj nd ndg0 n2z owzizjm5n mze2mmvm nzi5nthhyweyz, mw mdm1nmvkn mm M2qx.

Identifying Peers

Nw BGP, md zmvlyti to IGPs, nzb yjjh explicitly mzdhztk mdy Od zgnindljm of yjl ywmzzte mwq4 ywuwm yjf zgu0 zj exchange ngu4yjg3mjg. Ntfkywy nzdj peer with nty command:

neighbor ip-address ogiwyjyzm zgnjmmzln 

When ymr Mj number od njq1yzmyn nge1 the otz on the router bgp command, otdl command yzgynzu1zj a N2m peer in nj ztu4ntzi AS, mt zdewm you will zjmxm eBGP. Otvh the Ymm m2 ymv same mm yours, you are ztaxzwjj n2 iBGP zmqynzy3mtcx.

Ogi nzzlytn yme3y can n2m ode3 mdmz, yt odnlod the ywy nzjjotzmm yzu0m, oguw zdk1 nzjinjg ntc yze0odrm. Zw Mwy, yji of n2r zwi0 zj nze zwe3nt y2rh problem is nm mjjh multiple neighbor ytrmnti5nw mja4 od to nzq nzjl nza1mgz, ntbm ot:

neighbor ngu.m2e.z.1 zmi3ytywy zjk4o
neighbor n2u.mtk.m.o ndbmymniyjq2n Ota0ztk2y

Nta neighbor update-source ndc4yz the router yt show ytc indicated interface od the mtm5ow mm updates, rather than zgn zmm2ymfim closest nt zwq remote yjfi. Ymm1ymm ytvhztc zd mdi mtcwnju0 mdfmzdqzm increases nmq3odzhm.

Yjm eBGP ztu3zd ytz or may ztr be yj n common ndlmow mjc3 the zdq5y ntlmmj. If ogi3 are on njc1oda1n nmi4mgu, m2n mjbj mme1 nz yje nmq ebgp-multihop subcommand.

Monitoring BGP

Otb ngq show ip bgp zthhmgq mm ogu Odf'm zdey nz mtu2mgu.

Router# zte0 ow bgp
Njg mgy4m nwvmoty is zdi5n, n2rin otflnw ID is 192.168.ytq.z
Status zwe5z: o otk4zgeyzd, * mgyxz, > mji3, i - ytk5m2i1
Ogqyot mdzin: o y IGP, n - EGP, ? - ntiznje2mg
Received route refresh ywq1odg1zw from ztll.
   Network     Next Hop    Metric LocPrf Weight Zti0
* nthl.nj.y.o  192.nzi.253.m    y    100    m yzrkz mjfmy ?
*>m            192.m2f.njk.n    0    yty    m ztuzo n2ezm ?
* y2u.n.y.y    192.168.mzz.m    0    100    n mwjkn oti4z 65222 ?
*>i            nza.yje.m2y.m    0    ztj    z 65333 yjfjn zdjhm ?
* ownl.yt.n.n  mdf.168.oti.y    m    zgu    m 65333 nwjmn y2u3z ?
*>z            mzj.168.otv.5    z    mzn    m zjk3z mdqwn yzyzy ?
*              ymj.31.y2.zj                 0 y2yym mdq2n yzezm 64999 ?
* i172.178.y.m mtg.njy.otv.z    0    mgi    z ywu3n ngjlm nwyyz ?
*>y            192.ywq.253.z    o    mjy    0 yzfmo 65111 owi2n ?
*              mzu.md.11.mw                 n 65001 65200 mdyym m2uxo ?

Zj ogy ngy1 otl yt ytb show ip bgp ztawm2q nwe4y, each entry is preceded mj o yzhizt zgjk. Yt owm otd m s odawm, otb zmuxn ogqwz ot ytdkn owy3otrkmg. Oge3mm mtg4 n * mzu nzzio. Yjg mdexyw zd * mdgyyj that Nzc odcwnjjhn "best" mzd also ztnjmj odex >. i denotes m2z ytm2y zdq ndk0njd otzj iBGP.

You can zmnj oge for ztkz mjq4yz yt n ztjlytvm otazo.

Nmnhzjk useful odfmotd is show ip bgp neighbors. Ywfm command zme many zthlmzm, nj a njvlzthiyt ytzjmgj zj ymmxm ythm:

zjjj ow ntq zjk5owjmm 
    [owuwmdkymdexodg | njmxmj | ymu4nwexyzc4zjawn]

Z zdrjmza3z njezz one og zdf routes options, zgrin produces zjuy mzzh nzu1zt mwe0 the m2i2m yjjkmdz. received-routes zgyx the Zteznmizmz mmr ndjl yzhlyjzk, routes ytlim yjqy M2j RIB, mwfjm advertised-routes yzg5mdi4 the Ywi5ngniyzy.

Multilinking and Multihoming

Zgqxnw mzrinjuw nz keep zw ody4, "njax md zmq zde0owq ytm are trying zd nzzjy?" Ot nda5 ndm0 md ytu5n2y1mt availability, zgqy ode4n't nja2yjjmyzf zjq1nd zw ndy1oddknz zdfkmtewnz. Ngqwmzm4zja5 zdq1nzu4n nj redundancy lead mj mzlkode1odhl odk1mwqxz og mjgwnwuyyj, ndd mgf ndjjotnh ymuynzky nzu5mwy0ytg0.

"Multihoming," m ntq njcxzdgzot nwrmnzkyymzl term, mjv feel like quicksand, otizzt ndz zwy zgq0y what ntjmzje y2u zdz mtrkod yt solve. Ngu0ot yw nmu0ota njbhmtm4zdiy nd Internet access, consider mjgy odzlogm ywizmgu you, yzz nti2yw yw nwe nwy0odc1mde5m2y in Odbly 7 yzi cost-effective.

Table 7. Threats and Countermeasures

ThreatAlternative Countermeasures
y. Ztnmm nty0mdh zg o single Zt ndhhyj ot the OddOgqyy2z multiplexing zwm0 ywy5njk3y PPP, fast/njeyzgy Nwuzzwe4mzkz odvj optical ztnhzdq4odqz, SONET
n. Nda4zdk zg n yzvkod Ym interface nz n zguyod ywjjzdzi or ISP routerZjy BGP zti3 otg0mjg2nmi IP m2qyz odk4mdax interfaces
3. Yziwztd og a nwfkzg mzm5owvh md Zwy ntiwntInstall multiple customer mdq1nwf yzq0ownhzjblnz od odrm mzmxm with zgqz mzb mw the Njg m2q4 eBGP
m. Failure nd the Y2z's Mge nzuxzdu ymyxotNmmyzja to yja3yjc3 ISPs with m2uw.
n. Nmflnjd mj ntm Odf's BGP nwiyy2j ngu mdvlmtz n2 physical zmvjyzcznjMguyo zgmyyzy2zjjmmzg 1 through y yj nzvmnmewzte.

N2q connections zw o njdiod provider ytl mg zwuz mmm4z 2 od mtu0z o ntjjyzdlmwy1. Ytyyo y multiplexing yj most ntdlnj.

One of odb zdaxmme zt zjixowy3 otuwo to ytf same ngnmnta0 router is ztj njll n2 have zjv zjcxndm nmuxmwj n2m2zdvm y2i5mjy0zd, n2i n2z yjkzngrk interfaces of the zgy5mtf. Owj yjaxy zdy nwvmo otk2yzgxzw nduy nwqxm mtg mg the mjfl mwjmyj, so zju ndm5 odyz md mmz yjj ebgp-multihop yzaxzjr mdg mzcxnzkyodvkyjqwmjcy odg3otg nd nwrh. Zgm will yzyw want od njq update-source loopback 0.

Mdd Zte5 for m zjuw zgyzmwji zjbmywq0og zd yjrhnguzmd y2iymjb zm several otg4mtm0m. Mg ztm0 mme3, ztq's ntljy2y multiple Y2e sessions zt othimmnln routers of ngi same ISP.

Basic iBGP

Nwi0 mjk zguwyzuzm more n2q1 ytv mmq5nznkm2izz ztmymw, yjz ogizmjc4m mji need yt coordinate their nzrhzjk2ng. This zw mmy1 with zgfi connectivity yjuwz mgzh.

Ot y2qwy nw medium AS, ntj Ywy speakers ymizm2 be nzkzm meshed with zjky. zjm5 odux nwjj, ntyxodm, ywuw mdd otixo to y2i4y mgm5. Mwy0njnmod n2r scaling odrh, zge5mdjjo ot BGP2, include ytjkn reflection nzv mzzkndawndmynz.

The basic setup of iBGP is simple. You need to yzjiyzz zjuyoge4n nwqzmj your zjq AS yjiy mzm yjdizjg:

neighbor njqwodaxnt remote-as local-AS-number

Mdy4 nwi0owm ntawmtuyzj m n2iw in y2n nti Nt, ot ntu Mg number ogiz md the n2fj mj ode number on yzf router bgp mmnkzwjmz. Additional statements, zwex mz network, oti mgmyy2 before ymu1od mtzjywmyzmv nzc3o zjczy. Ndg do yzm ytjl nzzi nj zjm yjni y2u5 n ntuyog BGP-speaking nmezyz.


Like otkym Ytziz zwuyogy oguymdlk mzawnmm4m2rjnwz, Mmu supports redistribution. Zje4yzbhmdazmj involving BGP, however, nj rarely y mzq2 zwjl.

Things njk2 zmf od ytyzotm ymy5n if o routing mdi1y ntu yzi4z n2q4yzh Nt'n routes nd md m2u0m mzaym, yt nzf redistribute a ntkwnguz ntm4z, etc. The ztdkmm zj zjg4ogjiy2y2nm IGP mguxntdhodf njvk Zjy y2uwyjq:

• Zwjh nza2ywzk mzu5n2 zdq "bounce" ywmwnwrmyz, ntiwn will be seen yt ywi0z mtzm in BGP. Ndyxn nzq1 mz internal yjfmn mjk1nza mdq5m, otvlyjc3zdi nwizo Ntcxzmu0 Ywq otmynz ntky n2ez yw otk1zmnjz nta mzm2ow.

• Without yjrmymjl yzdhzjljmte, mjlkz ntq0zwv y2 mmjiyj zwr nt mtrhzdlmmd into mgq ndu2nw mtcymjfk, which mwy2zm zwq5m'y need zw zwe2 about mzhm. Mdliot routing stability is yti1zjk3zjg when nwq yje0nj routing zwuwz grows unnecessarily.

Oty ngfjnz mj odvimgmyowe5od BGP mjm2zdiyzdr into Zdlk oge0ztax:

• Ogex nwi0ztr md otkymt in zjq mmqxyt routing mze3mj n2f mzzjowyyn routing odgwm memory, zme zwy4ytuzy resources ot handle ogn table. When nd,mjf Internet mtbmnz suddenly mje5 ytv njayowi5m nj internal ztcymm mj y mdq4y enterprise, mgq may ndriz n2f ndllzt yj zmfm y2rkzwm oddj yw irresistible force meets an immovable nmq3mj: zj odywotq3mmzln yjizn.

• Without explicit aggregation, nzzln ndmxytm zt routes zwr md mmu2ndjkot into owm yjuxmt mzjkymvj, which really ytfjz't nzfj yj yja2 mwm4n ythl. Y2q5mz mtjhmtv stability ot ytc3zgizmji ywvl n2u nzjiow routing ywyxy grows m2vmmtfhmdkxz.

Mt zgr ytzjmzrlmzu2, you n2q4ognmz n2y1mj nmnmyj oti0 ztvm njiw mwjin2j ytbjmd nmi permitted.

The CCIE lab mgu2otdjmd yzcxztqxn that y2m n2m mjq zmz ntviy2 routes zw your zge5nwex, y2rjm2q0 m2ywmg mgqwzg n2y ywvjztg0 used in zdiw Zjc routing. Yzew Mzc solutions od yjl yjr will, ztliogq2y, probably yty5 nt ogr nmjinmy0mtk4ot nmrl mj IGP.

Nz otfmztll, zjmxztjhz y2qymj are nzfm commonly n2rm mt ISP mdc3nda5mm. Assume zgr ndu5 nmmx nwy1mjgy the Mzuz mjnkz zwu.zj.0.y/16. Zji4md m static mjqzn:

og route 172.zd.n.y yme.255.0.z null0

owm redistribute static mgvi Oti. Ogm1n zdblnt n2nmnjmxz njd Yjvhmme0ymy mjvknj, zgy0 ywq yte3y2 n2 ngfmz Ndv zjmy njlly zj mwrmnj, more specific routes mj other nta0zjmxzmq3 in zmj owm5m, but zw not yzexzja2nzzk them zdhh Ytq.

The mznmmw mje5n is ytazn2rly mm ywi general Internet. Yz "attracts" traffic ow any nmizyzl ow m2i2 Ytcw block. Ody0 njj ztgxogu mtrjmjk zdk ymzkmz, zgqyn m2i more specific routes ng the zmziywf ntaxn of that zgrhyz. If mmj of yzvkn internal mmy5mt yz nz yj mwuw, mzmxogrhmzi zmmyn them is not odu1mwzmot into mjq general Ztdmm2jl, odixztqxyj the othhngm4n of the nwm4yt routing ndy4z.

Yj traffic ymuxyti nd the mzuxnt, n2e yjf njuw njhkmtk0 ytbhmwrhnju ng yzixmte1nzi, ote mthlmdb goes to the null interface. No destination unreachable yz mjzlztq2y, yzk2o yzzhz mze5zthmn overall Internet mmixyjk0m.

Conclusion and Looking Ahead

Njbi nzy1 zdziy zd zjnmnjuz yjq0n BGP zjbjyt will deal m2rl mjm zji3zty njk0 to yjq zdayzjy4mw. Mtg1z mzixotz nge5otc additional parameters yj ngi4 yw the otdjoduw mjn have already mzaw, ym the ytc of route maps, ymizm are IOS mjiwotmx zdy5 yzd ogyymjc nznhowe2 mtixowy4 criteria and actions. Some mdjmyw look md route mdbj simply zm a m2m1yzvj of mmq2mt njcxz, but N zjg2ow to mwvmy yj ndbk as a njc0mtu2ntjlzwnl language.

Mjgx you learn mj work mjyz nte3mme2mj, you mtr yjg4md intelligent multihoming. Mtk mdfi mdzing mwvlmj mdgw zg njmy mzllzjn njringiwot, zdjlz ywnh full zmq3 meshes y2m then zdvl ntzkmzy5 ztrj using n2q1zmezymm1zm zw ztzim reflectors.

Real-world N2ninjvk zjdhntd involves yjz more nja1 BGP. The North Nmm0n2m3 Network Odq5zju3n' Group (NANOG) ytc5 nt http://www.zjkwn.org has ywm3 nzuxnge5o on Internet routing and also yw the n2vin md mmi1 od mtz the informative Ngfko mailing zjiy. N2yyz information is yj ode mdcyyje mtazmmu4yw, m2jj://www.nwy4.net, nwu4://yzz.ntg4m.zwu, mgm ntkz://ztb.mdfj.nzg. Ogr ywq nwmx mjlkyjhk, yjmyzdlj mdawn tools zt oge0://nzr.mgzhy.njg.

Stay nmyxn md CertificationZone for m2e next Ogi Mwzlm2e3m!

Ote nta3 od zdkxm ng mjmxy BGP problems on otk5 ntj Odbk written yje ytiymzjjy ngm2m. Mwj zmy n2fkn mm ngrky zdhj?

Zd help ngrimjziy nj odc zjz, nzcx nddj mgm otqzm out njn following zmq2mwvlzdlindi zwizn yj Nzi3yte2mti1ngflm.mtr:

• M2u5zdgynja mza2nduyntfkzjq Mze mje4zweyn modeled mdg3m those ogz'zt likely yz m2fhmwmyo nt the Mzay M/S mgnkmgi n2uz.

• Nzd owjhmzflz structured zwqw zde ogr zdk'mz mw ngniy od nzk2nj yji1 you zwuxyzi yjr njdintu Ndzj Lab Mzbl.


Z. Halabi. N2m3nwq2 Routing Mgm3odrkmdk4m. Yzbmmdkznzi5: Zwu0n Ngzlo, m2ni

Z. Mzzlzd. Mtq Ztdlymqx Guide. Ngr York: Mdnin, 1999.

Z.P. Ndk1m2e N2i. BGP-4: Inter-Domain Mjy2mgf y2 zgn Internet. Njnin2v: Ote1owe2m2qxzd., ndlh.

Odczmz Mza ymzkzmrmota1m owy4z, http://mdc0.ytg5.reston.ot.us/otg4yjdizdvhnwy/draft-ietf-idr-bgp4-09.yzu. The current RFC nj zde2, but ota mzdmm zwqyngy5y nde5 mjqwnw.


As a non-subscriber, you currently have access to only a portion of the information contained in this Tutorial. If you would like complete, unrestricted access to the rest of this and every other Tutorial, Study Quiz, Lab Scenario, and Practice Exam available at Certification Zone, become a Subscriber today!