Tags Archives: border gateway protocol

LPIC3-306 COURSE NOTES: BGP Border Gateway Protocol

LAB on BGP 

 

These are my notes made during my lab practical as part of my LPIC3 Diploma course in Linux Clustering. They are in “rough format”, presented as they were written.

 

 

LPIC3 Syllabus for BGP

 

364.4 Network High Availability
Weight: 5
Description: Candidates should be able to configure redundant networking connections and manage VLANs.

Furthermore, candidates should have a basic understanding of BGP.

 

Key Knowledge Areas:
• Understand and configure bonding network interface
• Network bond modes and algorithms (active-backup, blance-tlb, balance-alb,
802.3ad, balance-rr, balance-xor, broadcast)
• Configure switch configuration for high availability, including RSTP
• Configure VLANs on regular and bonded network interfaces
• Persist bonding and VLAN configuration
Understand the principle of autonomous systems and BGP to manage external
redundant uplinks
• Awareness of traffic shaping and control capabilities of Linux
 

Partial list of the used files, terms and utilities:
• bonding.ko (including relevant module options)
• /etc/network/interfaces
• /etc/sysconfig/networking-scripts/ifcfg-*
• /etc/systemd/network/*.network
• /etc/systemd/network/*.netdev
• nmcli
• /sys/class/net/bonding_masters
• /sys/class/net/bond*/bonding/miimon
• /sys/class/net/bond*/bonding/slaves
• ifenslave
• ip

 

Border Gateway Protocol BGP

 

BGP Overview

 

The current version of BGP is BGP version 4.

 

BGP or Border Gateway Protocol provides routing information for autonomous systems on the Internet via its AS-Path method.

 

BGP is a Layer 4 protocol on top of TCP. It is much simpler than OSPF, since it relies on TCP functionality.

 

Peer routers which are configured to exchange routing information will form a TCP connection and begin exchanging network information using BGP.

There is no discovery in BGP.

 

The AS-Path method is an anti-loop mechanism and thus BGP routers do not import any routes that contain their own router ASN or AS number in the AS-Path.

 

It is essential for a BGP router to be configured correctly as misconfigured BGP routers can cause serious internet network traffic problems.

 

Unlike RIP or Routing Information Protocol, which is a distance-vector routing protocol using hop count as a routing metric, BGP does not broadcast its routing table. At boot up, your peer will hand over its entire table. After that, it will only receive updates.

 

Route updates are stored in the RIB or Routing Information Base. Whereas a routing table will only store one route per destination, the RIB may contain multiple paths to a destination. The router decides which routes will be entered into the routing table, and with that which paths will be used. If a route is withdrawn, then another route to the same destination will be identified in the RIB.

 

The RIB is only used to maintain a record of possible routes. It does not send any updates to peers. If a route withdrawal is received and it only existed in the RIB, it is deleted from the RIB.

 

Often there will be multiple routes to the same destination and BGP therefore uses path attributes to determine how to route traffic.

 

The simplest of these attributes is Shortest AS_Path, which simply means the path which traverses the least number of AS “wins.”

 

Another attribute is Multi_Exit_Disc (MED or Multi-exit discriminator). This enables a remote router to be informed of a specific exit point from your network should multiple exits exist.

 

Note: BGP uses port 179. BGP is an application-layer protocol and not a network-layer protocol, unlike what some network administrators assume.

 

 

Main Characteristics of BGP Border Gateway Protocol Summarized:

 

  • Inter-Autonomous System Configuration: The main function of BGP is to provide a link between two autonomous systems.
  • BGP supports “Next-Hop” Paradigm.
  • Provides co-oordination among multiple BGP peers or “speakers” in the AS or Autonomous System.
  • Path Information: BGP advertisements include path information, reachable destination and next destination pair.
  • Policy Support: BGP can implement system-administrator configurable policies
  • BGP runs over TCP.
  • BGP conserves network bandwidth.
  • BGP supports CIDR addressing.
  • BGP also supports Security.

 

Functionalities of BGP Border Gateway Protocol:

 

BGP peers have 3 main functions:

 

1. Initial peer acquisition and authentication. This means both peer machines establish a TCP connection and then perform a message exchange which guarantees that both sides have agreed to communicate with each other.
2. The sending of negative or positive reachability data.
3. Confirming that peers and the network connection between them are functioning correctly.

 

BGP Route Information Management Functions:

 

  • Route Storage: Information is stored about how to reach other networks.
  • Route Update: Route information is updated over time.
  • Route Selection: Route database info is used to determine the best routes to other networks.
  • Route advertisement: Each BGP peer or speaker regularly informs its peer about what it knows about other networks and how best to reach them.

 

 

Problems with Internet traffic growth:

 

1. Network routing tables are also growing. This puts means more overhead and pressure on routers.

 

2. The danger of someone who “advertises the Internet” on their router either deliberately or by mistake. If routers accept the newly advertised route, then the entire Internet’s traffic can end up being sent to that one router. This can be avoided through “route filtering” but it has to be configured on each router.

 

3. The problem of “flapping”. This refers to routes which come and go, ie which for whatever reason are not 24×7 reliable. This can cause problems for routing table updates. To avoid this problem, “dampening” is used. This prevents BGP peers from listening to all routing updates from peers which are defined as flapping.

 

This can however mean it can take longer for a new router to be accepted by its peers the first time it comes online.

 

 

 

 

An Overview of the AS or Autonomous System Number System Used by BGP

 

An autonomous system number (ASN) is a group of IP prefixes with a defined external routing policy. So that autonomous systems can talk to each other, each must have a unique identifier. ASNs can be public or private.

 

Public ASNs are necessary for systems to exchange information over the Internet.

 

A private ASN can be deployed if a system is communicating solely with a single provider using Border Gateway Protocol (BGP).

 

 

ASes connect with each other and exchange network traffic (data packets) through a process called peering. One way ASes peer with each other is by connecting at physical locations called Internet Exchange Points (IXPs). An IXP is a large local area network (LAN) with lots of routers, switches, and cable connections.

 

The Internet Assigned Numbers Authority (IANA) globally coordinates DNS Root, IP addressing, and other Internet resources, including ASNs. The IANA assigns ASNs to Regional Internet Registries or RIRs, which in turn are responsible for allocating the ASNs within their region of responsibility.

 

 

The five Regional Internet Registries or RIRs are:

 

  • African Network Information Center (AFRINIC)
  • American Registry for Internet Numbers (ARIN)
  • Asia-Pacific Network Information Centre (APNIC)
  • Latin American and Caribbean Network Information Centre (LACNIC)
  • Réseaux IP Européens Network Coordination Centre (RIPE NCC)

 

As with IP addresses, ASNs (Autonomous System Numbers) must be unique. This is because BGP uses the AS number as part of its loop prevention mechanism.

 

When you apply for an ASN you will be required to justify why you need a public AS number and you also have to meet a number of pre-conditions. See below.

 

 

You submit an ASN request through ARIN Online. Following approval, you sign a Registration Services Agreement and pay a fee for your ASN.

 

For some organizations, using a private AS number can be a solution. For example, ASNs 64512 – 65534 are reserved for private use.

 

Autonomous system numbers are directly tied to Internet exchange points. Each network that uses peering at an IXP counts as an autonomous system with an ASN.

 

 

Requirements for Applying for a Public ASM

 

RIRs are very selective about whom they grant an ASN to.

 

The pre-conditions include:

 

  • You have a network connection to more than one ISP, known as ‘multi-homed’.
  • Your exterior network router operates using BGP
  • You must provide the AS numbers (ASN) of all your ISP’s routers.
  • You may be required to provide the IP addresses of your ISP’s routers to which you establish your connections. You will most likely already possess this information provided by your ISP, but otherwise you can establish the addresses by using the traceroute tool.
  • You and your ISP must already be registered in the RIR’s database.
  • You must have blocks of IP addresses that require routing. IP addresses can also be obtained from RIR’s.
  • You must show that you need to either utilize BGP with an organizationally unique routing policy OR else be running a multi-homed network.

 

There exist four categories of autonomous systems that require an ASN:

 

  • Multihomed – connected to more than one autonomous system.
  • Stub – this is only connected to one other autonomous system.
  • Transit – this provides connections through itself. Eg network A can connect to network C directly or alternatively via network B.
  • Internet Exchange Point – this is an AS or autonomous system created by the physical infrastructure located at Internet exchange points.

 

 

Autonomous System Number Formats

 

 

Before 2007, all autonomous system numbers used 2-byte, or 16-bit, numbers. This yielded IANA 65,536 possible ASNs to distribute. This quantity had soon run out, and so 32-bit ASNs were created to solve the problem. The current system provides 4,294,967,296 ASNs.

 

However, this made the ASN numbers potentially unwieldly to handle. So two alternative ways to represent ASNs were devised.

 

The standard format used for displaying the number is known as asplain, which is a simple decimal representation (“as plain”).

 

The asdot+ method separates the number into low and high-order 16-bit values separated by a dot (“as dot plus”). Eg 65525 would be shown as 0.65525, 65537 would be displayed as 1.0, 65680 would be displayed as 1.144, and so on.

 

The asdot method is a mixture of asplain and asdot+. Any ASN in the 2-byte range is quoted in asplain format, eg 65525 is 65525; and any number outside of that range is quoted using the asdot+ format, eg 65680 would be 1.144.

 

 

The ASN Address Space

 

AS NUMBER (ASN) BITS

DESCRIPTION

RFC 
0 16 Reserved Space [RFC1930]
1 – 23455 16 Public ASNs  
23456 16 Reserved for AS Pool Transition [RFC6793]
23457 – 64534 16 Public ASNs  
64000 – 64495 16 Reserved by IANA  
64496 – 64511 16 Reserved for documentation or sample coding [RFC5398]
64512 – 65534 16 Reserved for Private Usage  
65535 16 Reserved Space  
65536 – 65551 32 Reserved for documentation or sample coding [RFC4893][RFC5398]
65552 – 131071 32 Reserved Space  
131072 – 4199999999 32 Public 32-bit ASNs  
4200000000 – 4294967294 32 Reserved for Private Usage [RFC6996]
4294967295 32 Reserved Space
Continue Reading