Saturday, September 19, 2015

Facts to remember about BGP - Part 3

BGP Bestpath Selection - Weight
  • Weight is Cisco-specific and is not transported along with BGP prefixes/updates
  • Configured using the command neighbor <IP_Address> weight 1-65535
  • Higher-weight values are preferred and the default weight is zero for learned prefixes.
  • Locally originated prefixes receive the value 32768 
  • Usually used when the local router has multiple uplinks and you want to prefer one uplink over another
  • Weight affects the way in which traffic leaves the local router
To change specific prefix preference without affecting any other subnets learned from the same peer
route-map SET_WEIGHT
 match ip address ACCCESS_LIST
 set weight 100
!
router bgp 100
 neighbor 204.12.1.254 route-map SET_WEIGHT in
Traffic from AS 300 going to prefixes originated in AS 254 exits toward R6.
R7:
ip as-path access-list 2 permit _254$
!
route-map FROM_R6 permit 10
 match as-path 2
 set weight 1000
!
route-map FROM_R6 permit 100
!
router bgp 300
 neighbor 155.1.67.6 route-map FROM_R6 in


BGP Bestpath Selection - Local Preference
  • LP is transported along with BGP prefixes/updates but doesn't leave AS boundaries
  • BGP prefer paths with high Local Preference values
  • LP is typically modified at the border of the AS, at the point of the external connection.
  • By default all iBGP-learned prefixes have the Local Preference value of 100 assigned to them
  • LP affects the way in which traffic leaves the local AS
Use local-preference on R6 so that traffic from AS 100 going to AS 254 transits through AS 300
R6:
ip as-path access-list 1 permit _254$
!
route-map FROM_R7 permit 10
 match as-path 1
 set local-preference 200
!
route-map FROM_R7 permit 100
!
router bgp 100
 neighbor 155.1.67.7 route-map FROM_R7 in


BGP Bestpath Selection - AS-Path Prepending
  • It is the common way to influence the incoming traffic paths to the local AS 
  • Applies only to eBGP sessions, the local AS number is prepended in front of the AS_PATH attribute the number of times specified.
  • AS_PATH comparison could be disabled by issuing the command "bgp bestpath as-path ignore" (it is a hidden command)
In this example AS 600 routers know that they can reach 170.10.0.0 via two different routes: path (100, 300), and path (400, 200, 300), they will choose the first one cause it has a shorter length path. We can make Routers in AS600 think the first path will be longer if RTC prepends 3 times 300 (AS number) in the AS_PATH attribute when the prefix 170.10.0.0 is advertised



The syntax to perform AS_PATH prepending is as follows:
route-map PREPEND
 match ...
 set as-path prepend 100 100 100
!
router bgp 100
 neighbor 54.1.1.254 route-map PREPEND out


BGP Bestpath Selection - Origin Code
  • It is set by the prefix originator
  • IGP meaning that the route was originated using the network or aggregate-address commands. It appears as i in BGP table output.
  • EGP meaning that the prefix was received from an EGP peer (legacy). You probably won’t see this Origin value in any modern router, but it can be manually configured
  • Incomplete meaning that the source could not be determined. This value is assigned to the prefixes redistributed into BGP.
In this example RTA reaches 170.10.0.0 via 300 i. The "300 i" means that the next AS path is 300 and the origin of the route is IGP. RTA also reaches 190.10.50.0 via i. This "i" means that the entry is in the same AS and the origin is IGP. RTE reaches 150.10.0.0 via 100 i. The "100 i" means that the next AS is 100 and the origin is IGP. RTE also reaches 190.10.0.0 via 100 ?. The "100 ?" means that the next AS is 100 and that the origin is incomplete and comes from a static route or redistribution.

We can also do a manual setting of this attribute:
R5:
no ip as-path access-list 1
ip as-path access-list 1 permit _254$
!
route-map TO_R4 permit 10
 match as-path 1
 set origin igp
!
route-map TO_R4 permit 100
!
router bgp 200
 neighbor 155.1.45.4 route-map TO_R4 out


BGP Bestpath Selection - MED (Multi Exit Discriminator)
  • By default MED is only compared when it is received from the same AS
  • "bgp always-compare-med" command ensures the comparison of the MED for paths from neighbors in different ASs. The recomendation is disable it to avoid loops
  • MED default value is 0 unless the metric attributte is set or "bgp bestpath med missing-as-worst" which makes the path without a MED value the least desirable path 
  • Metric is used to make decisions inside the AS. When the same update passes on to a third AS, that metric returns to 0

In this example RTA election to reach prefix 180.10.0.0 will not depend on AS-PATH lenght cause we use the comamand "bgp bestpath as-path ignore" on RTA but it will compare MED values from different AS cause we use the command "bgp always compare-med" on RTA which finally chooses prefix advertised from RTB (less metric).  RTA set the metric to 0 before advertising this prefix to a new AS



RTA#                                                                RTB#

   router bgp 100                                                     router bgp 400

   neighbor 2.2.2.1 remote-as 300                               neighbor 4.4.4.4 remote-as 100               

   neighbor 3.3.3.3 remote-as 300                               neighbor 4.4.4.4 route-map setmetricout out

   neighbor 4.4.4.3 remote-as 400

   bgp bestpath as-path ignore                                route-map setmetricout permit 10

   bgp always compare-med                                       set metric 50







BGP Bestpath Selection - Router-IDs

In this scenario, the default BGP Router IDs for R4 and R6 are based on their Loopback0 IP address value. This makes R1 prefer R4 over R6 as its best path for Loopback1 prefix, because all other criteria are the same. To change this, we configure R6 with an artificially lower Router ID value. Remember that changing a router’s BGP router ID will hard-reset all active BGP sessions.



R4:                                                                   R6:

interface Loopback1                                               interface Loopback1

ip address 1.2.3.4 255.255.255.255                        ip address 1.2.3.4 255.255.255.255

!                                                                              !

router bgp 100                                                        router bgp 100

 network 1.2.3.4 mask 255.255.255.255                  bgp router-id 6.6.6.6

                                                                                  









BGP Bestpath Selection - DMZ Link Bandwidth (unequal-cost load balancing)

Cisco IOS allows for such implementation, using the following algorithm:


    

  • When the DMZ Link bandwidth feature is enabled in the border BGP routers for the specific peers, the interface bandwidth value is copied into a new extended community attribute associated with the prefixes received from those eBGP peers. Thus, every prefix received on the eBGP peering link will carry the link's bandwidth as a special extended community attribute, if the link is enabled for the DMZ Link bandwidth feature. Remember that you need two commands in the border peers: bgp dmzlink-bw and neighbor <IP> dmzlink-bw.
    • 

  • All BGP speakers in the AS should be configured to exchange extended communities across the iBGP peering links. This allows all internal BGP speakers to learn the bandwidth of the external link used to reach the prefixes. Use the command neighbor <IP> send-community extended to accomplish this.
    • 

  • Provided that an internal BGP speaker has both bgp maximum-path ibgp and bgp dmzlink-bw commands enabled and receives multiple paths to reach the same prefix, it performs load-balancing if the paths meet the BGP load-balancing conditions.
    • 

  • If all paths received carry the DMZ Link bandwidth extended community, the BGP process will perform unequal cost load-balancing proportional to the extended community attribute values.
    • 










R1(config)#router bgp 126

R1(config-router)#neighbor 6.6.6.6 remote-as 126

R1(config-router)#neighbor 2.2.2.2 remote-as 126

R1(config-router)#neighbor 6.6.6.6 update-source lo0

R1(config-router)#neighbor 2.2.2.2 update-source lo0



R1(config-router)#address-family ipv4

R1(config-router-af)#bgp dmzlink-bw

R1(config-router-af)#neighbor 6.6.6.6 activate

R1(config-router-af)#neighbor 2.2.2.2 activate

R1(config-router-af)#neighbor 6.6.6.6 send-community both

R1(config-router-af)#neighbor 2.2.2.2 send-community both

R1(config-router-af)#maximum-paths ibgp 2

R1(config-router-af)#end











R6(config)#router bgp 126

R6(config-router)#neighbor 1.1.1.1 remote-as 126

R6(config-router)#neighbor 1.1.1.1 update-source lo0

R6(config-router)#neighbor 10.56.0.5 remote-as 345

R6(config-router)#address-family ipv4

R6(config-router-af)#bgp dmzlink-bw

R6(config-router-af)#neighbor 1.1.1.1 activate

R6(config-router-af)#neighbor 1.1.1.1 next-hop-self

R6(config-router-af)#neighbor 1.1.1.1 send-community both

R6(config-router-af)#neighbor 10.56.0.5 activate

R6(config-router-af)#neighbor 10.56.0.5 dmzlink-bw

R6(config-router-af)#int fa 0/0

R6(config-if)#bandwidth 6000









BGP Bestpath Selection - Maximum AS Limit




    

  • Enabled by using the BGP process command bgp maxas-limit <N>
    • 

  • Sets the maximum number of AS elements allowed in the AS_PATH attribute
    • 




Configure the routers in AS 200 to accept only the prefixes originated from directly connected AS's


R2, R3, R5, R8:
router bgp 200
 bgp maxas-limit 1












Posted by



at






















Labels:


















No comments:















Post a Comment


















        

      









Subscribe to:
Post Comments (Atom)