The main benefits of BGP-4 are classless inter-domain routing and aggregate routes. Often classified as a path-vector protocol and sometimes as a distance-vector touting protocol, BGP exchanges routing and reachability information among autonomous systems over the Internet. BGP is the routing protocol used on the Internet. It was designed to replace the old Exterior Gateway Protocol EGP which had been around since , and was very limited. In doing so, BGP enabled more networks to take part in the Internet backbone to effectively decentralize it and make the Internet more robust, and less dependent on a single ISP or backbone network.

Author:Zulurisar Tygoran
Country:Saint Kitts and Nevis
Language:English (Spanish)
Published (Last):1 June 2005
PDF File Size:1.54 Mb
ePub File Size:11.77 Mb
Price:Free* [*Free Regsitration Required]

Border Gateway Protocol BGP is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems AS on the Internet. BGP may be used for routing within an autonomous system. The Border Gateway Protocol has been in use on the Internet since RFC corrected errors, clarified ambiguities and updated the specification with common industry practices. Ideally, even if impractical, all possible links would connect to one another, like spokes in a bicycle tire.

BGP, "the most scalable of all routing protocols," [5] provides a workaround and ways to measure how effectively it is configured. BGP neighbors, called peers, are established by manual configuration among routers to create a TCP session on port A BGP speaker sends byte keep-alive messages every 60 seconds [6] to maintain the connection.

Routers on the boundary of one AS exchanging information with another AS are called border or edge routers or simply eBGP peers and are typically connected directly, while i-BGP peers can be interconnected through other intermediate routers.

Other deployment topologies are also possible, such as running eBGP peering inside a VPN tunnel, allowing two remote sites to exchange routing information in a secure and isolated manner. The main difference between iBGP and eBGP peering is in the way routes that were received from one peer are propagated to other peers.

For instance, new routes learned from an eBGP peer are typically redistributed to all iBGP peers as well as all other eBGP peers if transit mode is enabled on the router. These route-propagation rules effectively require that all iBGP peers inside an AS are interconnected in a full mesh. How routes are propagated can be controlled in detail via the route-maps mechanism. This mechanism consists of a set of rules.

Each rule describes, for routes matching some given criteria, what action should be taken. The action could be to drop the route, or it could be to modify some attributes of the route before inserting it in the routing table.

During the peering handshake, when OPEN messages are exchanged, BGP speakers can negotiate [8] optional capabilities of the session, including multiprotocol extensions and various recovery modes. Increasingly, BGP is used as a generalized signaling protocol to carry information about routes that may not be part of the global Internet, such as VPNs.

For each peer-to-peer session, a BGP implementation maintains a state variable that tracks which of these six states the session is in. The BGP defines the messages that each peer should exchange in order to change the session from one state to another. The first state is the "Idle" state. The second state is "Connect". In the "Connect" state, the router waits for the TCP connection to complete and transitions to the "OpenSent" state if successful.

If unsuccessful, it starts the ConnectRetry timer and transitions to the "Active" state upon expiration. In the "Active" state, the router resets the ConnectRetry timer to zero and returns to the "Connect" state.

In the "OpenSent" state, the router sends an Open message and waits for one in return in order to transition to the "OpenConfirm" state. Keepalive messages are exchanged and, upon successful receipt, the router is placed into the "Established" state. In the simplest arrangement, all routers within a single AS and participating in BGP routing must be configured in a full mesh: each router must be configured as peer to every other router.

This causes scaling problems, since the number of required connections grows quadratically with the number of routers involved. Their structure is not visible to other BGP routers, although they usually can be interrogated with management commands on the local router. The additional information tells the BGP process such things as whether individual entries belong in the Adj-RIBs for specific neighbors, whether the peer-neighbor route selection process made received policies eligible for the Loc-RIB, and whether Loc-RIB entries are eligible to be submitted to the local router's routing table management process.

By eligible to be submitted , BGP will submit the routes that it considers best to the main routing table process. Depending on the implementation of that process, the BGP route is not necessarily selected. For example, a directly connected prefix, learned from the router's own hardware, is usually most preferred.

As long as that directly connected route's interface is active, the BGP route to the destination will not be put into the routing table. Once the interface goes down, and there are no more preferred routes, the Loc-RIB route would be installed in the main routing table.

Until recently, it was a common mistake to say BGP carries policies. BGP actually carried the information with which rules inside BGP-speaking routers could make policy decisions. Some of the information carried that is explicitly intended to be used in policy decisions are communities and multi-exit discriminators MED. The first decision point for evaluating NLRI is that its next-hop attribute must be reachable or resolvable. Another way of saying the next-hop must be reachable is that there must be an active route, already in the main routing table of the router, to the prefix in which the next-hop address is reachable.

Next, for each neighbor, the BGP process applies various standard and implementation-dependent criteria to decide which routes conceptually should go into the Adj-RIB-In.

The neighbor could send several possible routes to a destination, but the first level of preference is at the neighbor level. If so, it replaces them. If a given route is withdrawn by a neighbor, and there is no other route to that destination, the route is removed from the Loc-RIB, and no longer sent, by BGP, to the main routing table manager. If the router does not have a route to that destination from any non-BGP source, the withdrawn route will be removed from the main routing table.

After verifying that the next hop is reachable, if the route comes from an internal i. In the latter case the route selection process moves to the next tie breaker. Such manipulation is outside the scope of the standard but is commonly used. The current standard however specifies that missing MEDs are to be treated as the lowest possible value. Since the current rule may cause different behavior than the vendor interpretations, BGP implementations that used the nonstandard default value have a configuration feature that allows the old or standard rule to be selected.

Once candidate routes are received from neighbors, the Loc-RIB software applies additional tie-breakers to routes to the same destination. If there is more than one route still tied at this point, several BGP implementations offer a configurable option to load-share among the routes, accepting all or all up to some number. BGP communities are attribute tags that can be applied to incoming or outgoing prefixes to achieve some common goal RFC While it is common to say that BGP allows an administrator to set policies on how prefixes are handled by ISPs, this is generally not possible, strictly speaking.

Instead, an ISP generally publishes a list of well-known or proprietary communities with a description for each one, which essentially becomes an agreement of how prefixes are to be treated. Examples of common communities include local preference adjustments, geographic or peer type restrictions, DoS avoidance black holing , and AS prepending options. The customer simply adjusts their configuration to include the correct community or communities for each route, and the ISP is responsible for controlling who the prefix is advertised to.

The end user has no technical ability to enforce correct actions being taken by the ISP, though problems in this area are generally rare and accidental. The community attribute is transitive, but communities applied by the customer very rarely become propagated outside the next-hop AS.

Not all ISPs give out their communities to the public, while some other do. The BGP Extended Community Attribute was added in , in order to extend the range of such attributes and to provide a community attribute structuring by means of a type field. The extended format consists of one or two octets for the type field followed by seven or six octets for the respective community attribute content. However, a bit in the type field within the attribute decides whether the encoded extended community is of a transitive or non-transitive nature.

The IANA registry therefore provides different number ranges for the attribute types. Due to the extended attribute range, its usage can be manifold. With the introduction of 32 bits AS numbers, some issues were immediately obvious with the community attribute that only defines a 16 bits ASN field, which prevents the matching between this field and the real ASN value. MEDs, defined in the main BGP standard, were originally intended to show to another neighbor AS the advertising AS's preference as to which of several links are preferred for inbound traffic.

Another application of MEDs is to advertise the value, typically based on delay, of multiple AS that have presence at an IXP , that they impose to send traffic to some destination. This full-mesh configuration requires that each router maintain a session to every other router. In large networks, this number of sessions may degrade performance of routers, due to either a lack of memory, or high CPU process requirements. Route reflectors [14] reduce the number of connections required in an AS.

A single router or two for redundancy can be made a route reflector: other routers in the AS need only be configured as peers to them. A route reflector offers an alternative to the logical full-mesh requirement of internal border gateway protocol IBGP. The purpose of the RR is concentration. Multiple BGP routers can peer with a central point, the RR — acting as a route reflector server — rather than peer with every other router in a full mesh.

All the other IBGP routers become route reflector clients. In a fully meshed IBGP network of 10 routers, 90 individual CLI statements spread throughout all routers in the topology are needed just to define the remote-AS of each peer: this quickly becomes a headache to administer.

A RR topology could cut these 90 statements down to 18, offering a viable solution for the larger networks administered by ISPs. A route reflector is a single point of failure , therefore at least a second route reflector may be configured in order to provide redundancy. As it is an additional peer for the other 10 routers, it comes with the additional statement count to double that minus 2 of the single Route Reflector setup. RR and its clients form a "Cluster". Route reflectors and confederations both reduce the number of iBGP peers to each router and thus reduce processing overhead.

Route reflectors are a pure performance-enhancing technique, while confederations also can be used to implement more fine-grained policy. Confederations are sets of autonomous systems. In common practice, [15] only one of the confederation AS numbers is seen by the Internet as a whole.

Confederations are used in very large networks where a large AS can be configured to encompass smaller more manageable internal ASs. The confederated AS is composed of multiple ASs. In this way, the confederation preserves next hop, metric, and local preference information.

To the outside world, the confederation appears to be a single AS. Confederations can be used in conjunction with route reflectors. Both confederations and route reflectors can be subject to persistent oscillation unless specific design rules, affecting both BGP and the interior routing protocol, are followed. Nevertheless, these are common tools for experienced BGP network architects.

These tools may be combined, for example, as a hierarchy of route reflectors. The routing tables managed by a BGP implementation are adjusted continually to reflect actual changes in the network, such as links breaking and being restored or routers going down and coming back up.

In the network as a whole it is normal for these changes to happen almost continuously, but for any particular router or link, changes are supposed to be relatively infrequent. If a router is misconfigured or mismanaged then it may get into a rapid cycle between down and up states.

This pattern of repeated withdrawal and re-announcement known as route flapping can cause excessive activity in all the other routers that know about the broken link, as the same route is continually injected and withdrawn from the routing tables.


NorthStar Planner Border Gateway Protocol Overview

An autonomous system AS is a collection of connected Internet Protocol IP routing prefixes under the control of one or more network operators on behalf of a single administrative entity or domain that presents a common, clearly defined routing policy to the internet. Originally the definition required control by a single entity, typically an Internet service provider ISP or a very large organization with independent connections to multiple networks, that adhered to a single and clearly defined routing policy, as originally defined in RFC Even though there may be multiple autonomous systems supported by the ISP, the internet only sees the routing policy of the ISP. Until , AS numbers were defined as bit integers, which allowed for a maximum of 65, assignments. These numbers are written preferably as simple integers in a notation sometimes referred to as "asplain" ranging from 0 to 4,,, hexadecimal 0xFFFF FFFF , or in the form called "asdot" which looks like x. Numbers of the form 0. The accepted textual representation of autonomous system numbers is defined in RFC as "asplain".


Securing the Border Gateway Protocol: A Status Update

On the current internet, various routing protocols are being used. Each of the routing protocols has its own unique features. IGP stands for Interior Gateway Protocol, which is mainly used to control networks within organizations. AS is a range of network managed by a specific management organization with a uniform policy. An AS is assigned a unique bit identifier called AS number. However, numbers in the range of to are assumed to be private use and there is a possibility that they can be allocated in duplicate.

Related Articles