How to use the BGP community attribute. Introduction. Overview. Presenter. Review of routing policy

Similar documents
Bell Aliant. Business Internet Border Gateway Protocol Policy and Features Guidelines

BGP Attributes and Path Selection

APNIC elearning: BGP Attributes

Using the Border Gateway Protocol for Interdomain Routing

APNIC elearning: BGP Basics. Contact: erou03_v1.0

Understanding Route Aggregation in BGP

Module 12 Multihoming to the Same ISP

Advanced BGP Policy. Advanced Topics

Multihomed BGP Configurations

Exterior Gateway Protocols (BGP)

Tutorial: Options for Blackhole and Discard Routing. Joseph M. Soricelli Wayne Gustavus NANOG 32, Reston, Virginia

Chapter 49 Border Gateway Protocol version 4 (BGP-4)

Simple Multihoming. ISP/IXP Workshops

Transitioning to BGP. ISP Workshops. Last updated 24 April 2013

BGP4 Case Studies/Tutorial

BGP Multihoming Techniques

Simple Multihoming. ISP Workshops. Last updated 30 th March 2015

Fireware How To Dynamic Routing

Configuring BGP. Cisco s BGP Implementation

Multihoming and Multi-path Routing. CS 7260 Nick Feamster January

BGP Terminology, Concepts, and Operation. Chapter , Cisco Systems, Inc. All rights reserved. Cisco Public

Internet inter-as routing: BGP

How To Set Up Bgg On A Network With A Network On A Pb Or Pb On A Pc Or Ipa On A Bg On Pc Or Pv On A Ipa (Netb) On A Router On A 2

Inter-domain Routing Basics. Border Gateway Protocol. Inter-domain Routing Basics. Inter-domain Routing Basics. Exterior routing protocols created to:

Network Level Multihoming and BGP Challenges

JUNOS Secure BGP Template

Community tools to fight against DDoS

BGP Multihoming Techniques. Philip Smith APRICOT 2013 Singapore 19 th February 1 st March 2013

How More Specifics increase your transit bill (and ways to avoid it)

- Border Gateway Protocol -

Routing Protocol - BGP

BGP1 Multihoming and Traffic Engineering

BGP Basics. BGP Uses TCP 179 ibgp - BGP Peers in the same AS ebgp - BGP Peers in different AS's Private BGP ASN. BGP Router Processes

Configuring Route Maps and Policy-Based Routing

Analyzing Capabilities of Commercial and Open-Source Routers to Implement Atomic BGP

Examination. IP routning på Internet och andra sammansatta nät, DD2491 IP routing in the Internet and other complex networks, DD2491

DD2491 p Load balancing BGP. Johan Nicklasson KTHNOC/NADA

Gateway of last resort is to network

--BGP 4 White Paper Ver BGP-4 in Vanguard Routers

Border Gateway Protocol Best Practices

Internet inter-as routing: BGP

How To Understand Bg

BGP Operations and Security. Training Course

Dove siamo? Architecture of Dynamic Routing

Today s Agenda. Note: it takes years to really master BGP Many slides stolen from Prof. Zhi-Li Zhang at Minnesota and from Avi Freedman s slides

Lecture 18: Border Gateway Protocol"

BGP Link Bandwidth. Finding Feature Information. Contents

Configuring BGP. The Cisco BGP Implementation

Cisco To Juniper. Thomas Mangin Exa Networks LINX 51

BGP Multihoming Techniques. Philip Smith APRICOT st February 2 nd March 2012 New Delhi

DD2491 p Inter-domain routing and BGP part I Olof Hagsand KTH/CSC

BGP Multihoming Techniques

Chapter 6: Implementing a Border Gateway Protocol Solution for ISP Connectivity

BGP overview BGP operations BGP messages BGP decision algorithm BGP states

CS 457 Lecture 19 Global Internet - BGP. Fall 2011

Configuring MPLS Hub-and-Spoke Layer 3 VPNs

Notice the router names, as these are often used in MPLS terminology. The Customer Edge router a router that directly connects to a customer network.

The Case for Source Address Routing in Multihoming Sites

Module 7. Routing and Congestion Control. Version 2 CSE IIT, Kharagpur

Border Gateway Protocol BGP4 (2)

Introduction to Routing

Application Note: Securing BGP on Juniper Routers

Network Configuration Example

E : Internet Routing

BSCI Module 6 BGP. Configuring Basic BGP. BSCI Module 6

no aggregate-address address mask [as-set] [summary-only] [suppress-map map-name] [advertise-map map-name] [attribute-map map-name]

AWS Direct Connect. User Guide API Version

netkit lab bgp: prefix-filtering Università degli Studi Roma Tre Dipartimento di Informatica e Automazione Computer Networks Research Group

Border Gateway Protocol (BGP)

Juniper Exam JN0-343 Juniper Networks Certified Internet Specialist (JNCIS-ENT) Version: 10.1 [ Total Questions: 498 ]

BGP Router Startup Message Flow

BGP Multihoming Techniques

MPLS VPN Implementation

Understanding Virtual Router and Virtual Systems

MPLS. Cisco MPLS. Cisco Router Challenge 227. MPLS Introduction. The most up-to-date version of this test is at:

A PKI For IDR Public Key Infrastructure and Number Resource Certification

ASA/PIX: Load balancing between two ISP - options

Exam Name: BGP + MPLS Exam Exam Type Cisco Case Studies: 3 Exam Code: Total Questions: 401

BGP Multihoming Techniques

BGP Link Bandwidth. Finding Feature Information. Prerequisites for BGP Link Bandwidth

MPLS VPN Route Target Rewrite

Measuring IPv6 Deployment. Geoff Huston APNIC December 2009

BGP (Border Gateway Protocol)

MPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre

BGP-4 Case Studies. Nenad Krajnovic.

BGP Multihoming. Why Multihome? Why Multihome? Why Multihome? Why Multihome? Why Multihome? Redundancy. Reliability

CS551 External v.s. Internal BGP

Interdomain Routing. Project Report

The benefits of BGP for every service provider

LAB II: Securing The Data Path and Routing Infrastructure

ETHEL THE AARDVARK GOES BGP ROUTING

BGP Best Practices for ISPs Prefix List, AS PATH filters, Bogon Filters, Anycast, Mailing Lists, INOC DBA

Introduction to BGP. Cisco ISP Workshops. 2003, Cisco Systems, Inc. All rights reserved.

BGP Best Path Selection Algorithm

> Border Gateway Protocol (BGP-4) Technical Configuration Guide. Ethernet Routing Switch. Engineering

MPLS-based Layer 3 VPNs

Cisco Exam CCIE Service Provider Written Exam Version: 7.0 [ Total Questions: 107 ]

- Route Filtering and Route-Maps -

BGP Multihoming Techniques

Transcription:

How to use the BGP community attribute TWNIC OPM 3 Routing SIG 24 November, 2004 Taipei Introduction Presenter Miwa Fujii miwa@apnic.net Overview Review of routing policy Routing preference current common practices Impact to routing system load Allocations vs advertisements Review of community attribute no_export usage Conclusion 1

Review of routing policy Routing preferences can be expressed via routing policy: How can you direct incoming traffic to your site in a way that does not overload any single link? How can you put VoIP traffic in a high quality, low delay link and put other traffic on cheaper links? Minimise your costs by maximising your use of links with the lowest unit cost? Set up primary and backup links with dynamic failover? Routing preferences common practices Advertise specifics as well as aggregates Use selective advertising of specifics to create preferred primary paths Use AS prepending to make relative AS path lengths a primary path selector These common practices do impact routing system load Routing system load More specifics and AS path prepending: are coarse-grained tools impose a load on the global inter-domain routing system How big is this imposed overhead? 2

What is going on? Global routing table size is steadily growing How fast is it growing? What is the major cause of the growth? What can we do to suppress the growth? Suppressing growth of the global routing table is in everyone s best interest! Global routing table growth Reference: http://bgp.potaroo.net/ last updated 22/10/04 Allocations vs advertisements RIRs made 4506 IPv4 allocations (Jan 2003 Feb 2004) 3641 allocations announced 865 allocations not yet announced 10904 routing advertisements used to span the 3641 allocations 2938 advertisements precisely match the RIR allocation 7966 advertisements are more specific advertisements of 1206 RIR allocations Reference: Allocation vs advertisements presented by Geoff Huston at APNIC 17 http://www.apnic.net/meetings/17/docs/sigs/routing/routing-pres-huston-allocvsannouncement.pdf 3

Allocations vs advertisements 4506 allocations made by RIRs Not announced 865 Announced 3641 10904 routing Announcements Advertisements that matched the RIR allocations: 2938 More specific advertisements of 1206 RIR allocations : 7966 Analysis of statistics Advertising more specific /24 address prefixes within an allocated address block This is the predominant form of advertising a split allocation block in fragments Many of these more specific advertisements appear to be local One fifth of allocations are fragmented in this fashion On average there are 6.6 additional advertisements of fragments of the address block Limits to routing The routing system does not have infinite capacity Too many routing entries will cause widespread routing failure How many is too many? We don t know precisely We will know when we see widespread routing failure, but by then it will be too late! 4

What can we do? Look after the routing system Use aggregate routing announcements wherever possible Use explicit signalling to transmit policy preferences community attributes Limit the propagation of more specific routes to the local domain where they will have their effect community attributes Effective use of the BGP community attribute will reduce unnecessary announcements of fragmented prefixes Review of community attribute A BGP route object (a unit of routing information carried by BGP) is composed of: IP prefix value and prefix size An AS-path attribute Nexthop IP address Community attribute (optional) Note: A BGP route object is different to an IRR route object Review of community attribute Community attribute: is an optional component of a BGP route object is a way for a route advertiser to signal to a route receiver some additional information about the BGP route object may be bilateral or transitive are intended to: alter the way the receiver makes decisions about forwarding alters the further propagation of the BGP route object improve the capability of BGP speaker to describe the policy intention regarding distribution of routing information 5

BGP community attribute Optional transitive variable length attribute of a BGP route object 32 bit value Format = asn:n asn = 1 65,535 n = 1-65,535 Standards-defined values http://www.iana.org/assignments/bgp-well-known-communities Commonly agreed values Agreed value by a community Amongst ISPs For example: http://info.us.bb.verio.net/routing.html RFC 1997 RFC 1997 Specifies the BGP community attribute Community a means to specify a property of a BGP route object that affects the interpretation or manipulation of the BGP route object Communities are attached to a unit of BGP routing information by a BGP speaker Communities are received by the BGP listener: Communities may be left attached Stripped off such routing information Translated to another community Example of using communities A transit AS may allow its customers to selectively determine how a route is readvertised by the transit provider: A customer can associate community values with each route object to limit the extent to which the route is readvertised by the transit provider The customer controls the transit service Community 0 100 101 102 103 Action ReAdvertise to all regions ReAdvertise in Asia ReAdvertise in North America ReAdvertise in Western Europe Readvertise in Eastern Europe 6

Some well-known communities NO_EXPORT All routes received carrying a community attribute containing this value MUST NOT be advertised to EBGP peers NO_ADVERTISE All routes received carrying a community attribute containing this value MUST NOT be advertised to any BGP peers (internal and external) How does no_export work? AS1 AS2 192.200.1.0/24 Community = no_export A B C AS1 advertises 192.200.1.0/24 to AS2 with community attribute no_export AS2 will propagate the route within AS2 but will not send this route to AS3 or any other external AS D AS3 Reference: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm What do you need to do? ISP Think what routing policies are relevant to you Publishes multiple values of usersettable communities Filters incoming route announcements to match them Modifies route parameters accordingly Customer Marks their announcements with wanted communities 7

Common use of communities Customer control of readvertisement Regional-based transit Peering control Customer control of preferences Primary / Backup preference for routes Supplier information to customer Where the route object was learned Relationship to supplier (peer, customer, upstream) Desired preference (primary / backup) Further reading Cisco Internet Protocol Journal http://www.cisco.com/warp/public/759/ipj _6-2/ipj_6-2_bgp_communities.html Using BGP Community Values to Control Routing Policy in Upstream Provider Network http://www.cisco.com/en/us/tech/tk365/t k80/technologies_configuration_example 09186a00801475b2.shtml Conclusion Review your routes announcements Are you announcing fragmented, more specific prefixes unnecessarily? If so, consider use of no_export Refer your router vendor s manual to learn how to use the community attribute Your efforts will help to slow down the growth of the global routing table And you will have better control of your external relationships with your IP suppliers and customers it will benefit your business positively 8

Questions? Extra information Example 1: community attribute no_export usage Customer of AS1 ISP AS 2 AS 1 Customer of AS2 AS 4 AS2 only announces aggregated routes to AS1 (no need to announce AS4 s two /24s to EBGP peers) How can AS2 express such policy in RPSL? 2 of /24 assignments out of AS2 s address block community NO_EXPORT 9

Example of community attribute usage in IRR aut-num: AS2 import: from AS1 accept ANY import: from AS4 accept AS4 export: to AS1 action community {NOT_EXPORT}; announce ANY AND NOT {0.0.0.0/0} AND NOT fltr-bogons export: to AS4 announce ANY AND NOT {0.0.0.0/0} AND NOT fltr-bogons How does no_export work? AS1 192.200.1.0/24 192.200.1.0/24 Community = no_export 3.3.3.3 192.200.1.0/24 Community = no_export A B 3.3.3.1 C AS1 advertises 192.200.1.0/24 to AS2 with community attribute no_export AS2 will propagate the route within AS2 but will not send this route to AS3 or any other external AS 2.2.2.2 D AS2 AS3 Reference: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/bgp.htm Example of Cisco command to use no_export route-map communitymap match ip address 1 set community no-export Even if we set the community attribute, this attribute will not be sent to neighbors by default. In order to send the attribute to our neighbor we have to use the following: neighbor {ip-address peer-group-name} send-community Example: Router A router bgp 1 neighbor 3.3.3.1 remote-as 2 neighbor 3.3.3.1 send-community neighbor 3.3.3.1 route-map communitymap out Reference: http://www.cisco.com/en/us/tech/tk365/tk80/technologies_tech_note09186a00800c95bb.shtml 10

Cisco command for no_export RouterA# router bgp 1 network 192.200.1.0 neighbor 3.3.3.1 remote-as 2 neighbor 3.3.3.1 send-community neighbor 3.3.3.1 route-map SET_NO_EXPORT out! access-list 1 permit 192.200.1.0 0.255.255.255 route-map SET_NO_EXPORT permit 10 match ip address 1 set community no_export Reference: http://www.cisco.com/warp/public/459/aggregation.pdf Juniper command for no_export Bgp { local-as 1; passive; } policy-options { group test { type external; import bgp-in; peer-as 2; neighbor 3.3.3.1; } policy-statement bgp-in { term 10 { from { protocol bgp; community example; } then accept; } term 20 { then reject; } community example members [ no-export] ; 11

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information