Border Gateway Protocol (BGP) was designed as Exterior Gateway Protocol (EGP) between autonomous systems (AS) with the focus on scalability and performance. It is meant to handle hundreds thousands of routes quickly and robustly. It advertises, learns and chooses the best paths inside a global Internet. It is typically used by ISPs. It could be used by very large enterprise networks as an Interior Gateway Protocol (IGP) or to exchange routes with ISPs. It is an essential protocol to provide a redundancy for multiple ISP connections. BGP uses different attributes, called path attributes (PA), to select the best path. By changing these attributes, it is possible to manipulate the best path. Like other IGPs, BGP needs to form relationship with its neighbors but neighbor IP address may not be on the common subnet because it uses TCP (port 179). It does advertise prefixes. It also advertises the next hop for a prefix. The prefix/length information in BGP is also known as Network Layer Reachability Information (NLRI). BGP advertises different path attributes to help other BGP routers make decision about the best path. BGP uses path vector, which is similar to distance vector. BGP focuses on scalability, IGP on fast convergence.
BGP neighbors must be configured - no broadcast/multicast auto-discovery! BGP has two types of neighbors: internal BGPs (iBGPs), which are inside the same AS and external BGPs (eBGPs), which are in different AS. The BGP behavior is different in both ways: BGP uses different rules for best path selection and for update of AS_PATH PA as well as there are different requirements for forming neighbor relationship. iBGP peers do not update AS_PATH. As with IPs, there are public AS numbers (1 - 64495), private (65512 - 65534) and reserved (0, 64496 - 65511, 65535). The same rule applies to them: private AS are not used (advertised) in the Internet.
BGP as any other routing protocols goes over three stages: it forms the neighbor relationship, exchanges topology information and runs best-path algorithms to select the best route.
eBGP neighbors are assumed to be directly connected (default TTL value is set to 1). If not, obviously they must be reachable over the IGP route and then ebgp-multihop must be enabled. Router Ids must not be the same. If not explicitly set, it is chosen either as the highest IP address of the loopback interface or if there is no up and running loopback interface, then the highest IP of the up and running non-loopback interface. MD5 authentication can and should be used. Here are the Cisco IOS commands:
config# router bgp <asn> config-router# neighbor <ip-address> remote-as <remote-asn> config-router# neighbor <ip-address> password <password> # show ip bgp summary
When there are redundant links between BGP routers, then the best way is to use the loopback interface for connection endpoints. It is possible to use two neighbor statements for each physical IP address of these redundant links but this would consume twice as much memory and bandwidth. To make the loopback IPs work, one need to make sure that they are reachable from each router, another words, that the routes for them are in the routing tables and also to instruct the BGP to use them as a source for outgoing messages and enable multihop, which would set the IP’s TTL higher than 1 (because in this case the routers would look like not directly connected):
config-router# neighbor update-source <local-loopback-IP> config-router# neighbor ebgp-multihop
iBGP routers have the same neighbor requirements except the default TTL is set to 255; therefore, no need to enable multihop, and AS number must be the same in “neighbor” and in “router bgp” commands. iBGP is used between two or more BGP routers connected to the Internet.
Besides Open and Update, there are two more messages in BGP protocol: Keep-alive and Notification. The format of the message is:
| Marker 0xFF..FF (16 bytes) | Length (2 bytes) | Type (1 byte) | BGP data |
Open Message (Type = 1):
| Version = 4 | My ASN | Hold Time | Router Id | Length | BGP capabilities |
Update message (Type = 2)
| Unfeasible Routes Length | Withdrawn routes (if any) | Total PA Length | PA (TLVs) | NLRI Length | NLRI Prefix |
Notification Message (Type = 3) - typically results in a reset of the relationship
| Error Code | Error Subcode | Data |
Keep-alive message (Type = 4) - Empty message. If the Keep-alive message is not received within the Hold interval, the relationship is terminated.
BGP keeps its received routes (plus locally injected) in the BGP table. To see it, use:
Each prefix may have multiple paths with different next-hop. By default, BGP uses AS_PATH PA to select the best route. AS_SEQ is a component of AS_PATH and is the ASN. Multiple AS_SEQ form AS_SET in the AS_PATH. AS_SET tells the router which ASN the packet will traverse on its way to the prefix. BGP selects the shortest AP_PATH. AS_PATH is also used to prevent routing loops. When a router advertises a certain prefix, it prepends its ASN to the AS_PATH. When a router receives a prefix and fins its own ASN in AS_PATH (loop detected!), it ignores the prefix.
Few ways:
“network” command is different than in IGP. It is not used to enable BGP on the interface. It looks for exact prefix/length matches in the routing table and injects the route into BGP table. Auto-summary has no effect on “network” command, if mask is not omitted. If auto-summary is configured and the mask is omitted, any subsets of this classful network in the routing table will be injected into the BGP table as well.
config-router# network <prefix> [mask <subnet-mask>]
config-router# aggregate-address <network> <subnet-mask> [summary-only]
[summary-only] is used to advertise only the summary route. Subordinate routes are not advertised in this case.
There are four possible scenarios:
Enterprises with a single Internet edge router normally use a static default route for the Internet. No real need to run BGP. It it is used though, only a default route is usually learned from ISP and advertised into IGP. The drawback is that some packets with truly non-existent destinations would flow through the enterprise to the BGP router.
If the links are on the same router, then either BGP or static routes can be used. It is possible to load balancing between the links or prefer one link over the other.
If the links are on two different routers, then BGP is more useful if one link is more preferred for a set of destinations. If one link is preferred for all destinations, then BGP or static routes have no difference.
In last two cases the BGP should definitely be preferred over the static routes.
config-router# neighbor next-hop-self
BGP filtering can be done on any router in any direction. After filtering is applied, the relationship with a neighbor has to be cleared to take effect. Hard or soft clearing is possible. Soft is less distructive and is recommended! Two ways:
config-router# neighbor <ip-address> soft-reconfiguration in # clear ip bgp <ip-address> soft in|out
The first methods consumes twice the memory because it creates a copy of all the routes received from that neighbor in a separate table but allows the following command to work:
The second method (if soft-reconfiguration is not enabled) uses Route-Refresh message for inbound soft reset.
Filtering can be done by matching prefix/length and/or different PAs that are part of Update message. Filtering is done per neighbor using “neighbor” command; thus, interface parameter is not allowed in the following methods: redistribute-list, prefix-list, filter-list, route-map. Standard ACL is used to match the prefix only. Extended ACLs match on prefix and subnet mask. The first two filtering methods are used for matching networks and subnet masks. Filter-list is used to filter on AS_PATH content and uses regular expressions. Route-map can reference ACLs, prefix-lists and as_path access-lists.
Do not advertise prefixes learned from one ISP to another!
The most common ones are weight, local preference, AS_PATH, origin, Multi Exit Discriminator (MED).
Selects the best route by checking PA in the following order:
The following PA are practical to change:
This is Cisco proprietary feature, significant to a single router and is not advertised. It can be used to influence the choice of outbound routes. It is set on inbound routes. The values are in the range 0 - 65535. 0 is the default for learned routes and 32768 for locally injected routes. These defaults cannot be changed. To change the weight use the following commands:
config-router# neighbor route-map (use "set weight" command, always for inbound) config-router# neighbor weight (for all routes learned from this peer)
This is BGP PA. It affects the outbound traffic and identifies the best exit point from AS. Therefore, it is advertised to iBGP peers and not to eBGP peers. The range is 0 - 4,294,967,295 (2^32 - 1). The default value is 100. It can be changed:
config-router# bgp default local-preference <number>
To change the local_pref, use “neighbor route-map” and “set local-preference” command in it.
Can be modified to influence inbound and outbound traffic by prepending it with router’s own ASN one or more times, using “set as-path prepend” command within the route-map for a neighbor.
It is BGP PA. Can be modified to influence the inbound traffic, especially when two or more links are used for other AS, to prefer one link over the other. It is not advertised beyond the peer’s AS. The range is from 0 to 2^32 - 1. The default value is 0. “set metric” command is used in outbound route-map to change MED.
BGP supports “maximum-paths <number>” command. The last three best path algorithm tie-breakers allows multiple paths up to the maximum-paths number in the routing table:
Additional conditions must be met to allow multiple routes: