Administra0via. STP lab due Wednesday (in BE 301a!), 5/15 BGP quiz Thursday (remember required reading), 5/16

BGP Brad Smith

Administra0via How are the labs going? This week STP quiz Thursday, 5/9 Next week STP lab due Wednesday (in BE 301a!), 5/15 BGP quiz Thursday (remember required reading), 5/16 Following week Project status report due Tuesday, 5/21 BGP lab due Wednesday, 5/22 Mul0cast quiz Thursday, 5/23 Projects due Presenta0ons last week of class and final slot (I ll schedule with random assignments) Alex Lowe, John, Jeff, Dennis, Erik, David, Jeff Write- up, lab, and answer key bye last day of quarter (June 12 th ) Spring 2013 CE 151 - Advanced Networks 2

Functional Classification: IGP vs. EGP An autonomous system (AS) or routing domain is a region of the Internet that is administered by a single entity UCSC s network IBM s corporate network AT&T s ISP network Routing inside an AS Focus is on performance Popular protocols: RIP, OSPF Ethernet Called intra-domain or internal gateway (IGP) routing Routing between ASs Focus is on policy Popular protocol: BGP Called inter-domain or external gateway (EGP) routing Ethernet Router Router Router Ethernet Ethernet Router Router Autonomous System 2 Ethernet Router Ethernet Autonomous System 1 3 Spring 2013 CE 151 - Advanced Networks

Functional Classification: IGP vs. EGP An autonomous system (AS) or routing domain is a region of the Internet that is administered by a single entity UCSC s network IBM s corporate network AT&T s ISP network Routing inside an AS Focus is on performance Popular protocols: RIP, OSPF Ethernet Called intra-domain or internal gateway (IGP) routing Routing between ASs Focus is on policy Popular protocol: BGP Called inter-domain or external gateway (EGP) routing Ethernet Router Router Router Ethernet Ethernet Router Router Autonomous System 2 Ethernet Router Ethernet Autonomous System 1 4 Spring 2013 CE 151 - Advanced Networks

How ensure correct routes? Recall requirement for correctness of rou0ng protocol Loop- free Desired path characteris0cs Two strategies for ensuring correctness Use iden0cal algorithm for selec0ng paths Share minimal topology informa0on Use iden0cal path selec0on algorithm at all nodes Used for IGP/Intra- domain rou0ng Use link- state or distance vector protocol Use custom (private) algorithm for selec0ng paths Share full path informa0on Use policy- specific path selec0on algorithm at each node Used for EGP/Inter- domain rou0ng Use path- vector protocol Spring 2013 CE 151 - Advanced Networks 5

How ensure correct routes? Recall requirement for correctness of rou0ng protocol Loop- free Desired path characteris0cs Two strategies for ensuring correctness Use iden0cal algorithm for selec0ng paths Share minimal topology informa0on Use iden0cal path selec0on algorithm at all nodes Used for IGP/Intra- domain rou0ng Use link- state or distance vector protocol Use custom (private) algorithm for selec0ng paths Share full path informa0on Use policy- specific path selec0on algorithm at each node Used for EGP/Inter- domain rou0ng Use path- vector protocol Spring 2013 CE 151 - Advanced Networks 6

Rou0ng Algorithms Distance- Vector Vectors of des0na0on and distance sent to neighbors Tell your neighbors about the rest of the network Des0na0on in terms of a network prefix Distance in terms of a metric: hop count, delay, bandwidth Use Distributed Bellman- Ford path selec0on algorithm Popular protocol: Rou0ng Informa0on Protocol (RIP) Link- State Flood descrip0on of your links (link state) Tell the rest of the network about your neighbors Links described by End- point routers of subnet in internet Cost of subnet: delay, bandwidth Use Dijkstra path selec0on algorithm Popular protocol: Open Shortest Path First (OSPF) Path- Vector Routes adver0sed as full- paths Paths described by sequence of ASs Popular protocol is Border Gateway Rou0ng Protocol (BGP) Spring 2013 CE 151 - Advanced Networks 7

Rou0ng Algorithms Distance- Vector Vectors of des0na0on and distance sent to neighbors Tell your neighbors about the rest of the network Des0na0on in terms of a network prefix Distance in terms of a metric: hop count, delay, bandwidth Use Distributed Bellman- Ford path selec0on algorithm Popular protocol: Rou0ng Informa0on Protocol (RIP) Link- State Flood descrip0on of your links (link state) Tell the rest of the network about your neighbors Links described by End- point routers of subnet in internet Cost of subnet: delay, bandwidth Use Dijkstra path selec0on algorithm Popular protocol: Open Shortest Path First (OSPF) Path- Vector Routes adver0sed as full- paths Paths described by sequence of ASs Popular protocol is Border Gateway Rou0ng Protocol (BGP) Spring 2013 CE 151 - Advanced Networks 8

Policies Each AS selects paths based on it s own policies Called independent route selec0on See paper Persistent route oscilla0ons in inter- domain rou0ng domains independently choose their route preference func0ons. Policies reflect many issues Business rela0onships Traffic engineering Scalability Security Is a very different world! Spring 2013 CE 151 - Advanced Networks 9

Policies Business rela0onships - policy arising from economic or poli0cal rela0onships Customer- provider customer pays provider to forward traffic Peer- to- peer mutually beneficial traffic exchange with no payments Sellement- free peering Backup peer- to- peer but for backup Traffic engineering - managing traffic to achieve performance requirements Manage outbound traffic to balance load or control conges0on Manage inbound traffic with similar goals Scalability Limit rou0ng table size Limit rate of route changes Spring 2013 CE 151 - Advanced Networks 10

Policies Security Discard invalid routes (e.g. private prefixes, unallocated prefixes, etc.) Enforce rou0ng peering policies Protect internal services with route filtering Block denial- of- service alacks (e.g. limit number of prefixes allowed) Spring 2013 CE 151 - Advanced Networks 11

Review BGP rou0ng enforces policies Business rela0onships: e.g. customers, providers, peers. Traffic engineering Scalability/resource management Security Independent route selec0on Private algorithm (determined by policy) domains independently choose their route preference func9ons. Exchange full- paths to ensure loop freedom Path- Vector rou0ng Spring 2013 CE 151 - Advanced Networks 12

Policy- Based, Path- Vector Algorithm

Purpose is Policies Largely ignores distance. Primary purpose is to implement policies on how traffic should be handled When should I use BGP? Dual- or mul0- homed Providing par0al or full Internet rou0ng to a downstream customer Any0me the AS path informa0on is required When you need to make a decision based on policy consideraaons! Or if you re bored and want to read the Internet BGP tablej Spring 2013 CE 151 - Advanced Networks 14

Single- Homed AS A single homed AS does not need BGP!! Upstream Provider Sta0c Route AS 100 is only connected to one AS Default Route Use static routes AS100 Spring 2013 CE 151 - Advanced Networks 15

Mul0- Homed AS AS 200 is mul0- homed AS 200 needs to run BGP AS 100 AS 300 A D B C AS 200 Spring 2013 CE 151 - Advanced Networks 16

Policy mechanisms Import transforma0on I ij Applied to new route learned at AS i from AS j. Applies local policy to determine if route accepted. If so, applies transforma0ons defined by policy. Export transforma0on Applied to new routes selected at AS i for export to AS j. Applies local policy to determine if route should be exported If so, applies transforma0on defined by policy. λ i E ij Preference func0on Selects best route for a given des0na0on of those learned from neighbors Spring 2013 CE 151 - Advanced Networks 17

Updates composed of Path Alributes NLRI Network layer reachability informa0on The IP prefix this update applies to AS_PATH List of AS s a route has traversed Used to ensure loop freedom, and influence decision process LOCAL_PREF Local to an AS Used to coordinate route processing MED Mul0- exit descriminator Conveys preference of mul0ple entry points to neighboring AS s Others CLUSTER_LIST ORIGINATOR_ID AGGREGATOR ATOMIC- AGGREGATE Community aqributes Variable- length string used to control route processing in remote routers Spring 2013 CE 151 - Advanced Networks 18

λ i decision process Policy implemented in first 4 steps using update alributes LOCAL_PREF at step 1 allows operator to override other steps First 4 steps iden0fy set of equally good paths Last three steps are 0e- breakers Step 5 always prefer someone else s bandwidth:) Step 6 use as lille of our bandwidth as possible Vendors may (do) augment (but not reorder) this func0on Step Attribute 1 Highest LOCAL_PREF 2 Lowest AS_PATH length 3 Lowest ORIGIN type 4 Lowest MED 5 External over Internal path 6 Lowest IGP cost to border router 7 Lowest router ID Spring 2013 CE 151 - Advanced Networks 19

Import and Export transforma0ons Filter routes for import/export from/to neighbor ASs Modify route aeributes to influence preference func0on Tag route with community aeribute to coordinate ac0ons among a group of routers Implemented using a route- map in Cisco IOS (and similar for other vendors) Set of condi0ons for routes it applies to Ac0ons (reject or modify) Examples later Much of the following from BGP Rou0ng Policies in ISP Networks by Caesar and Rexford (see class web) Spring 2013 CE 151 - Advanced Networks 20

Path- vector protocol 8 BRAD Pseudo- code is my approxima0on Import transforma0on applied on receipt of update. Export transforma0ons applied before SendUpdate(). Preference func0on invoked to select new route. protocol PathVector run at node i event Initialize: begin 1 for each {p P i}; 2 for each n N i 3 SendUpdate(E in(r p i ),n); end procedure UpdateRoutes(i, d) begin 3 r 0 i(ri d ); 4 if (ri d = r 0 ) 5 for each n N i 7 SendUpdate(E in(r 0 ),n); end event ReceiveUpdate: r d ij begin 8 if (HasLoop(r d ij)) return; 9 R d i R d i I ij(r d ij); 10 UpdateRoutes(i, d); end event LinkUp: j begin 11 N i N i + j; 12 for each {r d i R i } 13 for each n N i 14 SendUpdate(E in(r d i ),n); end Run at node i r d i route to node d at i r d ij route to d from j at i P i prefixes in AS i N i neighbors of AS i R * i routes known at i R d i routes to d at i event LinkDown: j begin 15 N N j; 16 for each {r d ij R i } begin // update routes currently using j 17 R d i R d i r d ij; 18 UpdateRoutes(i, d); end end Figure 7. Path-Vector Protocol Spring 2013 CE 151 - Advanced Networks 21

Review Use BGP when need to make rou0ng decision not based on distance. Mul0- homed When you need to make a decision based on policy considera0ons! Policies implemented with three mechanisms Import and export transforma0ons Preference func0on (BGP decision process) Data for filters and decision process carried in path alributes NLRI, AS_PATH, LOCAL_PREF, MED, community alributes, etc. Filters modify path alributes Preference func0on is defined in terms of path alributes BGP path selec0on is composed of the following steps highest LOCAL_PREF lowest AS_PATH length lowest ORIGIN type lowest MED external over internal path lowest IGP cost to border router lowest router ID Spring 2013 CE 151 - Advanced Networks 22

BGP

Overview BGP = Border Gateway Protocol Currently in version 4 Uses TCP to send rou0ng messages Network administrators can specify rou0ng policies BGP s goal is to find any path (not an op0mal one) that meets the policies of all the ASes it transits. Spring 2013 CE 151 - Advanced Networks 24

Big Picture AS 1 AS 2 Router Router Router Router AS 3 Router Router Router AS 4 Spring 2013 CE 151 - Advanced Networks 25

Peer Establishment Both peers send an OPEN message to TCP port 179 IP addresses must be configured correctly update- source must be configured correctly If OPENs are exchanged at the exact same 0me then two TCP sessions will be established but the TCP session from the Rtr with the highest router- ID will be kept and the other torn down If RtrA s OPEN to RtrB is the OPEN that sets up the session, RtrA is said to have Ac0vely opened the session and RtrB is said to have Passively opened the session R4 Ac0vely opened this session: r4# show ip bgp neighbors 7.7.7.7! [snip]! Local host: 4.4.4.4, Local port: 12916! Foreign host: 7.7.7.7, Foreign port: 179! Spring 2013 CE 151 - Advanced Networks 26

BGP peer in different AS External BGP Usually directly connected If not directly connected, use ebgp-multihopself!! Router A! router bgp 100! neighbor 1.1.1.2 remote-as 200!! Router B! router bgp 200! neighbor 1.1.1.1 remote-as 100! A AS 100 B.1 1.1.1.0/30 2 AS 200 Spring 2013 CE 151 - Advanced Networks 27

Internal BGP BGP peer in same AS May be several hops away ibgp must have a logical full mesh! ibgp allows mul0ple routers to implement BGP in an AS; these routers collec0vely implement the desired rou0ng policy AS 109 B Spring 2013 CE 151 - Advanced Networks 28

Internal BGP 1.1.1.1 2.2.2.2 A B AS 100 Peer with loopback addresses ibgp session is not dependent on a single interface loopback interface does not go down Provides stability!! Use update-source keyword Router A! router bgp 100! neighbor 2.2.2.2 remote-as 100! neighbor 2.2.2.2 update-source loop0! Router B! router bgp 100! neighbor 1.1.1.1 remote-as 100! neighbor 1.1.1.1 update-source loop0! Spring 2013 CE 151 - Advanced Networks 29

Review Two components to BGP: ebgp and ibgp ibgp assumes full mesh among routers for an AS ibgp allows mul0ple routers to implement BGP in an AS; these routers collec0vely implement the desired rou0ng policy BGP peering done over TCP connec0ons (unique among rou0ng protocols) Provides reliability Can be mul0hop Peering typically done between loopback interfaces Loopback interface only fails if router fails Fate- Sharing principle! Spring 2013 CE 151 - Advanced Networks 30

Examples

Assigned reading BGP Rou0ng Policies in ISP Networks! Spring 2013 CE 151 - Advanced Networks 32

Policy examples business rela0onship Prefer routes learned from Customers over Earn as much $ as possible routes learned from Peers over Peering rela0onships based on balance of traffic routes learned from Providers. Spend as lille $ as possible Spring 2013 CE 151 - Advanced Networks 33

Transit Provider Assume A is a peer of B, C is a provider to B, and R3 is connected to a customer For outbound traffic, favor customers over peers over providers Modify import filter R1 B A R4 C R2 On R3 for routes from customer: LOCAL_PREF = 90! On R1 and R2 for routes from A: LOCAL_PREF = 80! On R4 for routes from C: LOCAL_PREF = 70! Traffic I send will prefer customer over peer (A) over provider (C) R3 Spring 2013 CE 151 - Advanced Networks 34

Geographical Control ISP that spans U.S. and Europe Want to minimize use of expensive trans- Atlan0c link Modify import filter For European routers Routes from European peers: LOCAL_PREF = High! For U.S. routers Routes from U.S. peers: LOCAL_PREF = High! Spring 2013 CE 151 - Advanced Networks 35

No Transit to Peer R1 B A R4 C R2 Same assump0on (A is peer and C is provider) B doesn t want to provide transit service for traffic between A and C Import filters On R1 and R2 for routes from A: add community attribute X peer! On R4 for routes from C: add community attribute X provider! Export filters On R4 for routes with X peer : reject for export to C! On R1 and R2 for routes with X provider : reject for export to A! I won t receive traffic from C for A or vice- versa R3 Spring 2013 CE 151 - Advanced Networks 36

Load Balancing R1 B A R4 C R2 R3 B wants to shis traffic from its link to A to its link to C E.g. because link to A is overloaded 2 choices Import filters in R1 and R2 Routes from A: lower LOCAL_PREF value below routes learned from C! Import filter on R4 Routes from C: higher LOCAL_PREF value above routes learned from A! Can use regular expression for prefix Spring 2013 CE 151 - Advanced Networks 37

Control Inbound Traffic R1 B A R4 C R2 R3 B wants to shis traffic load from R1 to R2 (same neighbor) Export filter on R1 All routes: increase value of MED attribute relative to R2! Spring 2013 CE 151 - Advanced Networks 38

Remote Control C agrees to allow B to control flow of traffic into B When B wants to route inbound traffic via A Export filters on routers R1 and R2: add community attribute X high! Export filters on router R4: add community attribute X low! And vice- versa when B wants to route inbound traffic via C Import filters on C R1 B A R4 C R2 Routes for prefixes in B with X high : LOCAL_PREF = 75! Routes for prefixes in B with X low : LOCAL_PREF = 60! R3 Spring 2013 CE 151 - Advanced Networks 39

Review You can do impressive things with BGP policy mechanisms! A simple example is for implemen0ng the classic business rela0onship of preferring routes learned from Customers over those learned from Peers over those learned from Providers. In the import filter for Customers, set LOCAL_PREF high (e.g. 90) In the import filter for Peers, set LOCAL_PREF high (e.g. 90) In the import filter for Providers, set LOCAL_PREF high (e.g. 70) Spring 2013 CE 151 - Advanced Networks 40