Dynamically Routing with BGP4

Reviews
Shared by: Neo Hunter
Categories
Tags
Stats
views:
148
rating:
not rated
reviews:
0
posted:
4/26/2008
language:
English
pages:
0
Dynamical routing with the Border Gateway Protocol v4 Lukas Beeler November 1, 2003 1 CONTENTS 2 Contents 1 Introduction 1.1 Who wants to read this document? 1.2 Why did i write this document? . . 1.3 What is dynamical routing? . . . . 1.4 Why BGP4? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 4 4 4 4 5 5 5 5 5 6 6 7 7 7 8 9 9 10 11 11 11 11 11 11 12 12 13 13 14 14 15 15 16 2 Protocol 2.1 Short review of RFC 1771 . . . . . . . . . 2.1.1 How is a BGP Network structured? 2.1.2 How is a route advertised? . . . . . 2.1.3 What exactly is an AS? . . . . . . . 2.1.4 What exactly can BGP4 do? . . . . 2.2 What happens if a router starts up? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Current practice 3.1 How does the Internet work? . . . . . . . . . . 3.1.1 Examples please! . . . . . . . . . . . . 3.2 How can i configure Zebra to do BGP4 as EGP? 3.3 Why does the Internet use BGP4? . . . . . . . 3.4 Where is BGP in use as an IGP? . . . . . . . . 3.5 An IGP example . . . . . . . . . . . . . . . . Practical example 4.1 The problem . . . . . . . . . 4.1.1 Link Structure . . . 4.1.2 Networks and ASNs 4.2 Problem analysis . . . . . . 4.3 The solution . . . . . . . . . 4.3.1 Router A/10.0.0.1 . . 4.3.2 Router B/10.0.1.1 . . 4.3.3 Router C/10.0.2.1 . . 4.3.4 Router D/10.0.3.1 . . 4.3.5 Router E/10.0.4.1 . . 4.3.6 Router F/10.0.5.1 . . 4.4 Review . . . . . . . . . . . Conclusions References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 6 CONTENTS 7 How did i work? 7.1 22.10.02 . . 7.2 5.11.02 . . 7.3 12.11.02 . . 7.4 19.11.02 . . 7.5 24.11.02 . . 3 16 16 16 16 17 17 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 INTRODUCTION 4 1 1.1 Introduction Who wants to read this document? Everybody that wants to learn about BGP41 , and knows a bit of IP networking and IP routing. This document will not completely cover all topics discussed in RFC 1771. 1.2 Why did i write this document? Well, i always searched for a more hands-on approach to BGP4 than the documentation from Cisco or the RFCs. The RFCs are pretty theoretical and dense, and the Cisco Manuals are good, if you already know a bit about BGP4, and use a Cisco router. Well, i don’t use a Cisco. But still i wanted to have dynamical routing for my VPN (which solely consists of colleagues). So, i used GNU/Zebra (which speaks BGP4), the BGP4 RFC, a package of Cisco Documentation and a lot of time. I got it working after wasting many hours with trying. Then, the opportunity to write some random technical document in school time was given to me, so i decided to write my own, hands-on approach to BGP4. 1.3 What is dynamical routing? Dynamical routing enables IP to be more redundant to link failures. For dynamical routing, a routing protocol must be used, to send informations about routes between the routers. A router learns which routes his neighbors2 have, and then sends IP datagrams according to the information learned. 1.4 Why BGP4? BGP4 can be used as EGP3 and as IGP4 . BGP4 is easy to use, a small setup can be installed pretty fast, and it uses conventional technologies for communications between routers (TCP over IP). BGP4 is still very extensible. 1 2 Border Gateway Protocol v4 A neighbor is a directly connected router 3 Exterior Gateway Protocol 4 Interior Gateway Protocol 2 PROTOCOL 5 2 2.1 Protocol Short review of RFC 1771 BGP4 is explained in detail in RFC 1771. Most of these Informations are for implementors of BGP4 only, but there are also many details that are interesting for someone who just wants to use BGP4. 2.1.1 How is a BGP Network structured? The primary function of a BGP4 enabled system is to provide reachability information to other BGP4 enabled systems. BGP4 is designed for routing between different AS’s5 , but it can also be used as IGP. BGP4 supports CIDR6 and route aggregation7 . When BGP4 is used as EGP, each router must have its own ASN8 . 2.1.2 How is a route advertised? A BGP4 enabled system advertises routes that it has learned, and routes that have been configured. Such a route is advertised to all it neighbors, setting its own ASN as the origin of the route. All neighbors that receive this route, will prefix the AS Path with its own ASN, and advertise it to all neighbors again. Through the Number of ASNs in the Path, a router can learn how many hops there are to its target, and base its routing decision on the number of hops, if there are are redundant routes. 2.1.3 What exactly is an AS? In common, an AS is a set of multiple routers that are under the same administration. All of these routers have the same ASN, and must have the exactly same view of the routing table. This can be achieved by using an IGP, or by maintaining BGP connections to each other (BGP as IGP). 5 6 Autonomous System Classless Inter Domain Routing 7 Merge multiple routes into one 8 Autonomous System Number, assigned by IANA 2 PROTOCOL What exactly can BGP4 do? 6 2.1.4 The most common things would be to send UPDATE and WITHDRAW messages. The UPDATE message notifies other hosts of a changed or new route. They will have to update their routing table to the new information. The other one is the WITHDRAW message. It is sent if a router notices that a link is down. This may be detected because the Cable is plugged out, or because our peer providing that route no longer replies to keep-alives. 2.2 What happens if a router starts up? When the router starts, it does not have any routing information, except the routes to its neighbors. The router then sends an OPEN message to all of it neighbors. They reply with a KEEP-ALIVE message, and the BGP4 link is established. One of it neighbors then starts sending the entire routing table to our new router (Be aware, routing table size of the Internet in 2002 is 180 MiB). After it has received the routing table, it can start operating. It sends UPDATE messages to its neighbors, informing them about his own networks. The BGP4 Table is only updated by UPDATE and WITHDRAW messages, it is never retransmitted in a whole (This is only done at the establishment of a new BGP4 session). 3 CURRENT PRACTICE 7 3 3.1 Current practice How does the Internet work? The Internet consists of what is known as the BGP4 Cloud. There are many, completely unorganized links between different AS. All of those AS connected to the Internet speak BGP4, and exchange routing information. Because there are multiple links between two AS (their hop count may vary), a complete failure is seldom. BGP4 allows to calculate the best route between two AS, and enables routing in a large and unorganized network to be efficient. Failure of one AS should never affect the functionality of others. 3.1.1 Examples please! Well, lets imagine you are the customer of an ISP9 A, which has ASN 5. You, as as a customer, know nothing about BGP4, and you don’t have to bother, because it will just work. Your ISP has links to ISP B (ASN 10), C (ASN 15), D (ASN 20) and F (ASN 30). Thus, it maintains BGP4 connectivity with the routers of its neighbors. It learns from ASN 10 that he has a route to ASN 25. ISP E has ASN 25. Thus, if ISP A wants to send traffic to ISP E, it has to send it to ISP B. Lets have a little analysis of this; ISP A has a route to ISP E, with a next hop of ISP B, and an AS Path like this: 10 25 i. This means that this route originated by an IGP, sent from ASN 25 to ASN 10, from which you received this route. Think this further: ISP C may also have a link to ISP E, and you will get a route from ISP C too, but this time with a different AS Path: 15 25 i. Now, you have two routes to the same destination, so in case ISP B fails, you wont loose connectivity to ISP E. 9 Internet Service Provider 3 CURRENT PRACTICE 8 3.2 How can i configure Zebra to do BGP4 as EGP? Zebra is a free routing software, that speaks BGP4, OSPF, RIP and their IPv6 Variants. It is not yet as stable and mature as Cisco IOS, but it offers a great advantage: if you want to test something, you don’t have to buy many Cisco routers, which are generally expensive. As this, all my experiments on this topic were done using Zebra. Zebra has nearly the same Interface as a Cisco router, so it is possible to set up routing in interactive mode. Well, i used interactive mode only for smaller config changes, and started the initial config in one file. ! configuration starts here ! hostname of my router hostname mana ! initial bgp config, the ’50’ specifies my AS number router bgp 50 ! ! ! announce this network network 10.10.2.0/24 our router id (ip address) bgp router-id 10.10.21 announce all kernel and connected routes redistribute kernel redistribute connected start defining neighbors first comes link1 neighbor 10.10.3.1 remote-as 40 only announce RFC 1918 networks neighbor 10.10.3.1 distribute-list local_nets in Link statements for other neighbors follows [ Left away, redundant ] ! ! ! ! ! ! this isn’t the internet, we trust our peers access-list all permit any ! this filter permits only RFC 1918 addresses access-list local_nets deny 10.10.2.0/24 access-list local_nets permit 192.168.0.0/16 access-list local_nets permit 172.16.0.0/12 access-list local_nets permit 10.0.0.0/8 access-list local_nets deny any ! zebra should log to stdout, multilog works that way log stdout ! verbose log output debug bgp events 3 CURRENT PRACTICE 9 3.3 Why does the Internet use BGP4? BGP4 is relatively simple. Its RFC has around 50 Pages which is small. BGP4 is reliable. It reacts gracefully when a link is down. BGP4 is fast. BGP4 is simple, and thus fast, because it doesn’t require much cpu. 3.4 Where is BGP in use as an IGP? An ISP may use BGP as a IGP. BGP as IGP is different from other IGPs like OSPF. A core router speaks BGP as EGP to the outside world, announcing the ASN of the Provider. All smaller routers of this Provider speak BGP as IGP. This means that they just use the ASN that this AS has assigned. Thus, all routers of this Provider have the same ASNs configured. When two routers that speak BGP4 connect, and notice that they have the same ASN, they switch to IGP mode. They will announce the route to their peers, but the AS Path wont get modified until the announcement reaches the core router, which speaks EGP. The core router will normally announce the route to its EGP peers, with its own AS number set. 3 CURRENT PRACTICE 10 3.5 An IGP example Lets imagine that you are an ISP in Switzerland, and have ASN 100. You have a core router, located in the TIX, and some smaller routers at all your POPs10 . You have some Dial up-Customers that have /30 allocated, and they may dial-in to any of your POPs. So, dynamical routing is needed in order to propagate those changes fast. This is actually done easily. You just need to give all your routers the same ASN, 100 in this case, and set their router-id correctly (which is the ip address). Now, the core router, which speaks with routers that have other ASN, and also some of the same ASN, will adjust to behave like a core router. The existence of an IGP network will not be seen by all external routers. BGP4 as an IGP is a ’it just works’ solution, which solely consists of configuring the routers correctly. heres an example: The core router (only relevant sections): router bgp 100 ! the routes we earn through IGP are a subset of this network 10.0.0.0/8 bgp router id 10.0.0.1 ! an igp neighbor neighbor 10.1.0.1 remote-as 100 ! one igp neighbor more neighbor 10.2.0.1 remote-as 100 ! an egp neighbor neighbor 192.168.1.1 remote-as 200 An IGP only router (only relevant sections): router bgp 100 ! routes we may have, and may redistribute network 10.0.0.0/8 bgp router id 10.1.0.1 ! the core router neighbor 10.0.0.1 remote-as 100 ! the other IGP neighbor neighbor 10.2.0.1 remote-as 100 As you can see, it is quite easy, to configure this. The most stuff is automatically done by BGP4 itself. 10 Point of Presence 4 PRACTICAL EXAMPLE 11 4 4.1 Practical example The problem You work for a company, that is housed in 6 locations, throughout the whole country. Because your company depends on the availability of the network, and does not want to depend on any ISP, you decided to create your own reliable intranet. Thus, you have the following structure: 4.1.1 Link Structure Location A, NOC: Links to Locations B, D, F Location B: Links to Locations A, D and E Location C: Links to Locations E and F Location D: Links to Locations A, B and F Location E: Links to Locations B and C Location F: Links to Locations A, C, D 4.1.2 Networks and ASNs (All our routers have the x.y.z.1 address) Location A: 10.0.0.0/24 ASN 100 Location B: 10.0.1.0/24 ASN 200 Location C: 10.0.2.0/24 ASN 300 Location D: 10.0.3.0/24 ASN 400 Location E: 10.0.4.0/24 ASN 500 Location F: 10.0.5.0/24 ASN 600 4.2 Problem analysis As Location A is the NOC, it has some very well equipped links to three other locations, which are near to the NOC, however, there are also three locations which are a bit far away from the NOC, and thus only connected to other Locations, and not the NOC. The requirement is, that everybody can still reach the NOC, even if two of the three uplinks of the NOC are down. Thus, other Locations must learn where to send their packets, that they can finally reach the NOC. In this case, you don’t have any better choice than use dynamic routing. As we are discussing BGP4 in this paper, we will use BGP4 to achieve this goal. 4.3 The solution As this is an intranet, there is no need for large scale security measures at each of the ends. Of course we will use IPsec over the WAN links, but that does not concern our routers, because they don’t do anymore than just carry datagrams from here to there. Configuration examples follows for each of the routers. 4 PRACTICAL EXAMPLE Router A/10.0.0.1 12 4.3.1 hostname a router bgp 100 network 10.0.0.0/24 bgp router-id 10.0.0.1 redistribute kernel redistribute connected this is router b neighbor 10.0.1.1 remote-as 200 this is router d neighbor 10.0.3.1 remote-as 400 this is router f neighbor 10.0.5.1 remote-as 600 ! ! ! log stdout debug bgp events 4.3.2 Router B/10.0.1.1 hostname b router bgp 200 network 10.0.1.0/24 bgp router-id 10.0.1.1 redistribute kernel redistribute connected this is router a neighbor 10.0.0.1 remote-as 100 this is router d neighbor 10.0.3.1 remote-as 400 this is router e neighbor 10.0.4.1 remote-as 500 ! ! ! log stdout debug bgp events 4 PRACTICAL EXAMPLE Router C/10.0.2.1 13 4.3.3 hostname c router bgp 300 network 10.0.2.0/24 bgp router-id 10.0.2.1 redistribute kernel redistribute connected this is router e neighbor 10.0.4.1 remote-as 500 this is router f neighbor 10.0.5.1 remote-as 600 ! ! log stdout debug bgp events 4.3.4 Router D/10.0.3.1 hostname d router bgp 400 network 10.0.3.0/24 bgp router-id 10.0.3.1 redistribute kernel redistribute connected this is router a neighbor 10.0.0.1 remote-as 100 this is router b neighbor 10.0.3.1 remote-as 400 this is router f neighbor 10.0.5.1 remote-as 600 ! ! ! log stdout debug bgp events 4 PRACTICAL EXAMPLE Router E/10.0.4.1 14 4.3.5 hostname e router bgp 500 network 10.0.4.0/24 bgp router-id 10.0.4.1 redistribute kernel redistribute connected this is router b neighbor 10.0.1.1 remote-as 200 this is router c neighbor 10.0.2.1 remote-as 300 ! ! log stdout debug bgp events 4.3.6 Router F/10.0.5.1 hostname f router bgp 600 network 10.0.5.0/24 bgp router-id 10.0.5.1 redistribute kernel redistribute connected this is router a neighbor 10.0.0.1 remote-as 200 this is router c neighbor 10.0.2.1 remote-as 400 this is router d neighbor 10.0.3.1 remote-as 600 ! ! ! log stdout debug bgp events 5 CONCLUSIONS 15 4.4 Review We have done large scale dynamical routing for a quite big intranet. Was it difficult? I would say no. Dynamical routing is quite simple, when you just have trusted peers. But thats the way it is in the internet, so you will have to learn a lot more about BGP4, if you plan to do internetworking with BGP4. Using it between trusted endpoints is reasonably fast, offers much different methods to fiddle with things, and enables you to do dynamical routing without much hassle. 5 Conclusions Well, Ive now used quite some time working with BGP4, and I am quite impressed. You can actually use BGP4, without knowing how it exactly works. But then, you will stumble about problems, that require deeper knowledge. Initial setup for the VPN was done in around 4 hours, but the fine tuning needed some weeks. Why? Actually, the learning curve is quite fast, if you have just started, but till you know the details of the ’inner sanctum’ of BGP4, you are going to spend quite some time reading Cisco documentation and RFCs, and trying out what you figured out. I had much fun writing this document, although it was sometimes pretty difficult, to write something in a way that it is easily understandable. Well, i had fun and learned much, this work was quite a success for me. I really hope that everybody who read this may have a good approach starting with BGP4. 6 REFERENCES 16 6 References 1. RFC 1771 2. Cisco Documentation: ’Using the BGP for Internet Routing’ 3. http://www.zebra.org, dynamical routing software for PCs 7 How did i work? This Section is not specific to BGP4, it just covers what i did, when i did it, and how i did it. 7.1 22.10.02 A Well, i started a standard LTEXdocument, wrote all the headers down, some specifics for pdfTEX, and then started thinking about exactly what i should write. I started writing all those \section{} tags, to have at least something i can start with. Then, i started to write the \subsection{} tags. Now, i had the general structure of the document. I just started writing the introduction section, which went really smooth, much less problems happened then i expected. (This is actually a good thing). Then, i read the start of RFC 1771, to start writing the protocol section. This went fine too, i finished it right away. Well, school went to finish, i could go home, so i stopped working. 7.2 5.11.02 School again!. Time to work on this document. But i was not in a really good mood that day, i slept far to less, and the school in the morning was boring, so i wasn’t really awake. I extended the protocol section a bit, and started writing the current practice section. It went pretty well, at least if you regard how awake i was back then. I had some problems writing this section in a style that is understandable by a beginner, but also correct and informational. It didn’t work out as well as i wanted it, i had to leave out some details. 7.3 12.11.02 This time, i had the opportunity to work at home. Well, i had time to work on the document, but i actually didn’t. I preferred to do some extensive playing with BGP4. The good side is, i have learned some new details about BGP4, the bad side is, i didn’t actually write anything to the document (well, some small parts, but that does not mean that i advanced). 7 HOW DID I WORK? 17 7.4 19.11.02 Well, school again. This time we had only one and a half lesson, so there wasn’t really much time to do something. I wrote the Zebra example config, corrected some other mistakes, and was actually more busy listening to music than doing something productive. 7.5 24.11.02 Well, now we have today. Its currently 13:29, i woke up 20 minutes ago, and I am quite sleepy, but i have to finish this stuff right now, because i KNOW i wont do it this evening. Well, it should be clear whats my target today: finish this stuff right away! Well, I am now pretty over the 10 pages, i had to write. But actually, i think i could compress what i have now back to 10 pages, by just changing formatting, i A don’t think that i wrote too much. LTEXsource is only 20KiB, so there shouldn’t be a problem. OK, it is now 19:38, i reread the whole document multiple times, ran aspell over it, and I am finally confident, that every things OK. I am happy that I am finally done with this.

Related docs
CISCO BGP4
Views: 74  |  Downloads: 16
Introduction to IP Routing
Views: 104  |  Downloads: 32
Troubleshooting-IP-Routing
Views: 3  |  Downloads: 3
TCP/IP and IPX routing Tutorial
Views: 127  |  Downloads: 38
An analysis of the different components of the AntHocNet routing
Views: 31  |  Downloads: 10
Dynamically Parameterized Architectures for Power Aware Video .._2_
Views: 1  |  Downloads: 0
Multiple Depot Vehicle Routing
Views: 11  |  Downloads: 0
Dynamically Updating Service Calendar
Views: 0  |  Downloads: 0
Dynamically Detecting Likely Program Invariants
Views: 0  |  Downloads: 0
Using an SEM to Statically and Dynamically Investigate the
Views: 14  |  Downloads: 0
Performance study of an optimized dynamic source routing (ODSR
Views: 36  |  Downloads: 6
Integrated Routing and Grooming in GMPLS Based Optical Networks
Views: 5  |  Downloads: 3
Dynamic Source Routing in Ad hoc Wireless Networks
Views: 20  |  Downloads: 2
A Performance Analysis of MANET Multicast Routing Algorithms with
Views: 125  |  Downloads: 12
premium docs
Job Analysis Work Sheet$10
Personal Goals Work Sheet$10
Mortgage Calculator$12.99
Graduate School Entrance Guide$4.95
Settlement Charges Guide$16.95
Green Business Guide The$15.99
Guide to Using Wireframes$9.95
Other docs by Neo Hunter
Beat Hackers
Views: 320  |  Downloads: 47
10 Cyber Security Tips for Businesses
Views: 339  |  Downloads: 46
WhitePaper Virtual LAN Communications
Views: 507  |  Downloads: 71
Understanding VLANs
Views: 2060  |  Downloads: 115
Personal VPN Comparison WhitePaper
Views: 488  |  Downloads: 21
Personal pcAnywhere Comparison WhitePaper
Views: 379  |  Downloads: 3
Name Resolution DNS Performance
Views: 480  |  Downloads: 16
Manage Traffic with Iproute
Views: 1593  |  Downloads: 26
Wireless LAN Security - 2
Views: 241  |  Downloads: 48
SMS From Linux
Views: 575  |  Downloads: 23
Linux Security IpTables
Views: 261  |  Downloads: 33
Linux File System
Views: 261  |  Downloads: 27
Building A Linux IPV6 DNS Server
Views: 253  |  Downloads: 50
The Layered Approach to Security on Linux
Views: 294  |  Downloads: 15
Implementation of ITIL
Views: 546  |  Downloads: 125