{"id":785,"date":"2021-08-20T03:11:24","date_gmt":"2021-08-20T03:11:24","guid":{"rendered":"http:\/\/feralpacket.org\/?p=785"},"modified":"2021-08-20T03:11:24","modified_gmt":"2021-08-20T03:11:24","slug":"bgp-notes","status":"publish","type":"post","link":"https:\/\/feralpacket.org\/?p=785","title":{"rendered":"BGP Notes"},"content":{"rendered":"

BGP – Border Gateway Protocol<\/b>:<\/p>\n

– Exterior Gateway Protocol
\n     -> Designed for expandability
\n– IGPs created for fast convergience
\n– BGP main feature
\n     -> Scalability
\n– BGP version 4 (1993)
\n     -> Supports aggregation (supernetting)
\n     -> Has been updated with many “capabilities” over the years
\n– TCP port 179
\n     -> To form neighborship
\n– 4 message types
\n     -> Open
\n     -> Update
\n     -> Notification
\n     -> Keepalive
\n– BGP metric is Path Attribute
\n– Uses Autonomous System Number to identify an organization \/ administrative boundary<\/p>\n

<\/p>\n

– Path Vector Protocol
\n      – or –
\n– Distance Vector Protocol
\n– BGP compares the AS sequence and decides the best path
\n     -> Ordered list of organizations crossed
\n– Support MD5 authentication
\n– Supports aggregation (summarization) and default routing
\n– Summarization is the single biggest topic within BGP
\n– Supports advanced filtering with the help of Regular Expressions
\n– Two types of neighborship
\n     -> Internal
\n     -> External<\/p>\n

Neighborship Formation<\/b><\/p>\n

<\/b><\/p>\n

<\/p>\n

As soon as BGP gets activated, it sends an OPEN message
\n– Open message
\n     -> Version number
\n     -> ASB
\n     -> Holddown time
\n          -> Default is 180 seconds
\n          -> Lower is better if there is a conflict between neighbor configurations
\n     -> Router-id
\n     -> Options
\n          -> MD5 hash
\n          -> Capabilities list
\n          -> Any specific feature<\/p>\n

Finite State Machine (FSM)<\/b>
\n1. IDLE
\n     -> No TCP synchronize message sent or received
\n2. CONNECT
\n     -> TCP sync message sent
\n3. ACTIVE
\n     -> TCP is actively trying to synchronize<\/p>\n

Steps 1 – 3 are TCP based<\/p>\n

4. OPENSENT
\n     -> BGP OPEN message is sent
\n5. OPENCONFIRM
\n     -> BGP OPEN message is received and the local side agrees to the parameters
\n6. ESTABLISHED
\n     -> BGP neighborship is up<\/p>\n

Step 4 – 6 are BGP based<\/p>\n

sh tcp brief<\/span><\/span>
\n     -> look for port 179
\nsh ip bgp summary<\/span><\/span>
\n     -> shows neighbor state
\n     -> ESTABLISHED is not shown, a numerical value is shown instead<\/p>\n

R1(config)# router bgp 100<\/span><\/span>
\nneighbor 12.0.0.2 remotes-as 200<\/span><\/span>
\n     -> TCP Destination – 12.0.0.2
\n     -> TCP Source – 12.0.0.1<\/p>\n

R2(config)# router bgp 200<\/span><\/span>
\nneighbor 12.0.0.1 remotes-as 100<\/span><\/span>
\n     -> TCP Destination – 12.0.0.1
\n     -> TCP Source – 12.0.0.2<\/p>\n

Neighbor IP address is the TCP Destination
\n– Local exit interface IP address is the TCP Source
\n– Source must match the other end’s neighbor configuration<\/p>\n

<\/p>\n

Assume the loopbacks of R1 and R2 are reachable from each other<\/p>\n

R1(config)# router bgp 100<\/span><\/span>
\nneighbor 2.2.2.2 remote-as 200<\/span><\/span>
\nneighbor 2.2.2.2 update-source lo0<\/span><\/span>
\n     -> TCP Destination – 2.2.2.2
\n     -> TCP Source – 1.1.1.1<\/p>\n

R2(config)# router bgp 200<\/span><\/span>
\nneighbor 1.1.1.1 remote-as 100<\/span><\/span>
\nneighbor 1.1.1.1 update-source lo0<\/span><\/span>
\n     -> TCP Destination – 1.1.1.1
\n     -> TCP Source – 2.2.2.2<\/p>\n

<\/p>\n

<\/p>\n

Multihop eBGP Neighborship<\/b><\/p>\n

<\/b><\/p>\n

<\/p>\n

R1(config)# router bgp 100<\/span><\/span>
\nneighbor 23.0.0.3 remote-as 200<\/span><\/span>
\nneighbor 23.0.0.3 ebgp-multihop 2<\/span><\/span><\/p>\n

R3(config)# router bgp 200<\/span><\/span>
\nneighbor 12.0.0.1 remote-as 100<\/span><\/span>
\nneighbor 12.0.0.1 ebgp-multihop 2<\/span><\/span><\/p>\n

eBGP checks to see if the neighbor is on a directly connected network
\n– If not, an OPEN message is never sent<\/p>\n

eBGP Neighbor over Loopback<\/b><\/p>\n

<\/b><\/p>\n

<\/p>\n

Assume there is a router between R1 and R2<\/p>\n

R1(config)# router bgp 100<\/span><\/span>
\nneighbor 2.2.2.2 remote-as 200<\/span><\/span>
\nneighbor 2.2.2.2 update-source lo0<\/span><\/span>
\nneighbor 2.2.2.2 ebgp-multihop<\/span><\/span>
\nneighbor 2.2.2.2 disable-connect-check<\/span><\/span><\/p>\n

R2(config)# router bgp 200<\/span><\/span>
\nneighbor 1.1.1.1 remote-as 100<\/span><\/span>
\nneighbor 1.1.1.1 update-source lo0<\/span><\/span>
\nneighbor 1.1.1.1 ebgp-multihop<\/span><\/span>
\nneighbor 1.1.1.1 disable-connect-check<\/span><\/span><\/p>\n

BGP Authentication<\/b><\/p>\n

router bgp 100<\/span><\/span>
\nneighbor <IP address> password <password><\/span><\/span><\/p>\n

Changing Next-hop Processing<\/b><\/p>\n

<\/b><\/p>\n

<\/p>\n

Next-hop should be changed to “self” on edge routers towards iBGP neighbors<\/p>\n

router bgp 100<\/span>
\nneighbor 12.0.0.1 remote-as 100<\/span>
\nneighbor 12.0.0.1 next-hop-self<\/span><\/p>\n

To set it back to default
\nneighbor <IP address> next-hop-unchanged<\/span><\/p>\n

Database Exchange<\/b>
\n– UPDATE packets are used
\n     -> Network Layer Reachability Information (NLRI)
\n          -> network \/ subnet mask
\n     -> PATH-Attribute
\n     -> WITHDRAWN Routes
\n– When updates are received, the information is kept in the BGP table<\/p>\n

sh ip bgp<\/span><\/p>\n

To advertise or introduce networks into BGP
\n– “network” command
\n– redistribution<\/p>\n

The network command checks the routing table for the existence of the network
\n– If the network exists (by any means), it will be advertised by BGP
\n– If the network does not exist, BGP ignores the network command<\/p>\n

PATH ATTRIBUTES<\/b>
\n– These are BGP parameters associated with every network received in the UPDATE packet
\n– Helps BGP to decide the best route
\n– Two types<\/p>\n

     -> Well Known
\n          -> Mandatory
\n               – Every UPDATE packet must have the attribute
\n               – next-hop, origin, as-path
\n          -> Discretionary
\n               – Every BGP device recognizes the attribute, but it may or may not be present in the UPDATE packet
\n               – local-preference<\/p>\n

     -> Optional
\n          -> Transitive
\n               – May not be recognized by the receiving router, but will be sent further
\n               – community
\n          -> Non-transitive
\n               – May not be recognized by the receiving router and will be dropped if not
\n               – MED (multi-exit descriminator)<\/p>\n

PATH ATTRIBUTES Preference \/ Priority \/ Whatever<\/b><\/p>\n

1. Next-hop reachability
\n2. Weight<\/p>\n

     -> Cisco proprietary attribute
\n          -> Higher is better
\n          -> Default is 0 for received routes, -32768 for locally generated routes
\n     -> This is only locally significant
\n3. Locally generated routes are preferred over remote routes
\n4. Local preference
\n     -> Open attribute (not Cisco proprietary)
\n     -> Higher is better
\n     -> Default is 100 for every route
\n     -> Significant only in the local AS
\n     -> 0 – 4294967295 (2^32)
\n5. AS_PATH
\n     -> AS sequence
\n     -> lower number of organizations traversed, the better the route is
\n6. Origin
\n     -> Internal
\n          ->Originated by “network” command
\n          -> IGP
\n     -> External
\n          -> EGP
\n               -> “The” Exterior Gateway Protocol
\n               -> Old
\n               -> Should never see
\n               -> Run to the proctor
\n          -> Incomplete
\n          -> IGP > EGP > Incomplete
\n7. Multi-exit Discriminator (MED)
\n     -> Also known as “metric” in Cisco
\n     -> 32 bit variable
\n     -> 0 – 4294967295
\n     -> Default is 0 for received routes
\n     -> Equal to the metric of IGP for redistributed routes
\n     -> Lower is better<\/p>\n

<\/p>\n

8. Neighbor Type
\n     -> eBGP > iBGP<\/p>\n

9. IGP cost to reach next hop in case both are iBGP neighbors<\/p>\n

<\/p>\n

10. Oldest eBGP neighbor is preferred if there are multiple<\/p>\n

11. If IGP cost is also the same, the lower router-id neighbor is preferred<\/p>\n

Manipulating PATH ATTRIBUTE for best path selection<\/b>
\n– Outgoing update manipulation
\n     -> Suggests a preferred route to a neighbor
\n     -> Neighbor can ignore
\n     -> AS-PATH, ORIGIN, MED
\n– Incoming update manipulation
\n     -> Changing local route \/ AS decision on the best route
\n     -> Weight, LOCAL_PREFERENCE, AS-PATH, ORIGIN<\/p>\n

Weight
\n     -> Locally significant
\n     -> Only affects local router’s decision<\/p>\n

<\/p>\n

Scenario -> Change the “weight” attribute so it always elects R2 as next-hop to reach 50.0.0.0.<\/p>\n

R1(config)# access-list 1 permite 50.0.0.0<\/span><\/p>\n

 route-map WEIGHT<\/span><\/p>\n

  match ip add 1<\/span><\/p>\n

  set weight 200<\/span><\/p>\n

 route-map WEIGHT permit 10<\/span><\/p>\n

     -> The router-map permit statement is needed, otherwise all other routes are denied (dropped)<\/p>\n

 router bgp 100<\/span><\/p>\n

 neighbor 12.0.0.2 remote-as 200<\/span><\/p>\n

 neighbor 12.0.0.2 route-map WEIGHT in<\/span><\/p>\n

Soft BGP reset (TCP connection not reset)<\/p>\n

 clear ip bgp * soft [ in | out ]<\/span><\/p>\n

Otherwise:<\/p>\n

clear ip bgp 12.0.0.2 [ in | out ]<\/span><\/p>\n

clear ip bgp *<\/span><\/p>\n

sh ip bgp<\/span><\/p>\n

      -> shows BGP table<\/p>\n

                      next-hop    weight<\/p>\n

*> 50.0.0.0     12.0.0.2     200<\/p>\n

*                    12.0.0.3<\/p>\n

* -> valid<\/p>\n

> -> best<\/p>\n

i – iBGP<\/p>\n

path<\/p>\n

300,200,100,i<\/p>\n

sh ip bgp 50.0.0.0<\/span><\/p>\n

     -> shows more detail<\/p>\n

<\/p>\n

Scenario -> To reach R6 lo0 network, all routers of AS 100 must choose R1 as exit point.<\/p>\n

R1(config)# access-list 1 permit 6.6.6.6<\/span><\/p>\n

 router-map LP<\/span><\/p>\n

  match ip add 1<\/span><\/p>\n

  set local-preference 50<\/span><\/p>\n

 route-map LP permit 20<\/span><\/p>\n

router bgp 100<\/span><\/p>\n

 neighbor 14.0.0.4 remote-as 200<\/span><\/p>\n

 neighbor 14.0.0.4 route-map LP in<\/span><\/p>\n

Scenario – > Configure AS 200 in a way that AS 100 always uses R2 as the exit point to reach 6.6.6.6. (Using AS-PATH)<\/p>\n

Before:<\/p>\n

6.6.6.6     200 i<\/p>\n

R4(config)# access-list 1 permit 6.6.6.6<\/span><\/p>\n

 route-map ASPATH<\/span><\/p>\n

  match ip add 1<\/span><\/p>\n

  set as-path prepend 200 200<\/span><\/p>\n

 route-map ASPATH permit 20<\/span><\/p>\n

router bgp 200<\/span><\/p>\n

 neighbor 14.0.0.1 remotes-as 100<\/span><\/p>\n

 neighbor 14.0.0.1 route-map ASPATH out<\/span><\/p>\n

After:<\/p>\n

               AS-PATH<\/p>\n

6.6.6.6     200 200 200 i<\/p>\n

In “route-map ASPATH<\/span>“, “set origin incomplete<\/span>” also works.<\/p>\n

Scenario – > Configure AS 200 in a way that AS 100 always uses R2 as the exit point to reach 6.6.6.6. (Using MED)<\/p>\n

R4(config)# access-list 1 permit 6.6.6.6<\/span><\/p>\n

 route-map MED<\/span><\/p>\n

  match ip add 1<\/span><\/p>\n

 route-map MED permit 20<\/span><\/p>\n

 router bgp 200<\/span><\/p>\n

  neighbor 14.0.0.1 remote-as 100<\/span><\/p>\n

  neighbor 14.0.0.1 route-map MED out<\/span><\/p>\n

Missing (0) MED<\/b><\/p>\n

 – The default MED (0) is best<\/p>\n

 – The behavior can be changed so that missing MED (0) will be considered worst<\/p>\n

 – If MED is then configured between 2 or more routers, lower is better<\/p>\n

router bgp 100<\/span><\/p>\n

 bgp bestpath med missing-as-worst<\/span><\/p>\n

MED Comparison<\/p>\n

 – MED is compared only if the incoming updates are from the same AS<\/p>\n

     -> This can be disable<\/p>\n

router bgp 100<\/span><\/p>\n

 bgp always-compare-med<\/span><\/p>\n

<\/span><\/p>\n

In the lab, you should never have to change the router-id to influence elections or the selection of routes.<\/p>\n","protected":false},"excerpt":{"rendered":"

BGP – Border Gateway Protocol:<\/p>\n","protected":false},"author":1,"featured_media":773,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[39,31,10,57],"class_list":["post-785","post","type-post","status-publish","format-standard","hentry","category-ccie","tag-bgp","tag-published","tag-service-provider","tag-share"],"_links":{"self":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts\/785","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=785"}],"version-history":[{"count":1,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts\/785\/revisions"}],"predecessor-version":[{"id":983,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/posts\/785\/revisions\/983"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=\/wp\/v2\/media\/773"}],"wp:attachment":[{"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=785"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=785"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/feralpacket.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=785"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}