BGPPub 122924954717 Phpapp03

Implementing & Troubleshooting
BGP
Tanner
5/23/2008
5/30/2008
Agenda
PART 2
PART 1
BGP
Fundamentals
BGP and the

Internet
BGP and the

WAN
Troubleshooting
2
PART 1
BGP Fundamentals
BGP and the Internet
BGP Fundamentals
Operations
Where is BGP used?

INTERNET
MPLS WAN
Same, Unique, or Mixed

ASN
Public or Private ASN

5
AS
Autonomous Systems
Textbook
answer:
An AS is a connected group of one or
more IP prefixes run by one or more

network operators which has a SINGLE
and CLEARLY DEFINED routing policy.
ASNs
Autonomous System Numbers
16-bit
ASNs
(RFC1930)
Range:
0-65535
Public: 1-64511
Private: 64512-65534
32-bit
ASNs
(RFC4893)
4-octets
0.0 to 65535.65535
Only 46 32-bit ASNs currently allocated
7
EIGRP and BGP

Comparison
EIGRP
BGP
RP Type
Peering Mechanism
IP Protocol/IP/Port
Hello Interval
Hybrid
Multicast/Unicast
88/224.0.0.10
5 sec
BW + Delay (KValues)
Path Vector
Unicast Only
TCP/179
60 sec
90 Int / 170 Ext
200 Int / 20 Ext
Adds interfaces to
RP
Feasible Distance
Feasible
Successor
EC/UC using
Variance
Announces
network
AS Path
Path Selection
Route Admin
Distance
Network Statement
Loop Prevention
Alternate Path
Selection
Load Balancing
Mechanism
BGP Attributes
BGP table
Load sharing/TE
8
Path Selection
Attributes
Highest Weight
Highest Local Preference
Internally Originated
Shortest AS-Path
Manipulating
these attributes
changes BGP path selection
9
Terminology
attribute [noun]
Pronunciation: \a-tr-byt\
3:a word ascribing a quality; especially
attribute [transitive verb]

Pronunciation: \-tri-byt, -byt\
1:to explain by indicating a cause <attributed
his success to his coach>
10
BGP Attributes
RFC1771 attributes its success to its attributes
Attribute Direction Comment
Locally significant to router. Proprietary.
Dont use.
Weight
Outbound
Weight of 32768 auto-assigned to
originated nets
Local
Shared between iBGP peers. Higher is
Outbound
Pref
better.
MED/Metr
Allows injection of IGP metric info into
Inbound
ic
BGP
i = Prefix learned via BGP network
statement
Origin
n/a
E = Not Used
? = Learned via redistribution
Ordered list of ASs route has traversed.
AS-Path Inbound
Shorter is better.
Next hop n/a
IP address of the advertising router
Communi
Inbound
11
BGP Attributes
Most Used
Influence
INBOUND Traffic
The transit path to you is
determined by how you announce

your routes
AS Path Prepend (shorter is more
preferred)
route-map RM-ISP-OUT
set as-path prepend 123 123 123
Influence
OUTBOUND traffic
Local Preference (higher is more
preferred)
12
BGP Process Operations

Process
Name
Description
BGP Open BGP peer establishment.
BGP I/O
BGP
Scanner
BGP
Router
Queuing and processing of BGP

packets, such as UPDATES and
KEEPALIVES.
Walks BGP table and confirms
reachability of next hops. Checks
conditional-advertisement to
determine whether or not BGP
should advertise condition
prefixes.
Calculates the best BGP path.
Sends and receives routes,
establishes peers, and interacts
with routing information base
Interval
At initialization, when
establishing a TCP
connection with a BGP
peer.
As BGP control packets are
received.
Once a minute.
Once per second and

when adding, removing,
or soft-reconfiguring a13
Section Review
Fundamentals
What
is an autonomous system?
What are BGP attributes that affect
inbound traffic?
What are BGP attributes that affect
outbound traffic?
Name 4 common BGP path selection
criteria
What maintenance task happens
every 60 seconds in BGP?
14
BGP & the Internet
23nd Ave / I-40 Junction
15
Global IP Assignments
IANA
Regional
Registrars
ISPs
End Users
16
Address Space Depletion

BGP Movie (6 min)
17
Global Routing table

How large is it?
Date
Prefixe
s
Mar 20,
135,465
2004
Mar 18,
157,975
2005
Apr 14,
186,530
2006
Apr 21,
218,298
2007
May 2,
259,04
2008
7
.:: Limit Prefixes on Cisco routers
May 13,
266,035
2008
router bgp 12345
neighbor 1.1.1.1 maximum-prefix 300000 90
18
RIR whois
ARIN
AfriNIC
IP Lookup
Country
Lookup
19
Typical ISP Routing

Options
Single-homed,
Single
ISP
Private AS or Static (No
BGP)
Multi-homed,
Single ISP
Private AS
Multi-homed,
Dual ISP
Public AS
20
Prefix Origination
Inbound Traffic
Common
Elements
ISPs wont accept anything longer than /24
Provider
Aggregate address block (PA)
/24 or shorter from ISP

Justification paperwork, but usually easy
Announcing another ISPs prefix
Provider
Independent address block
(PI)
Applied for from RIR (e.g., ARIN)
More Paperwork (and solid justification)!
21
What Kind of Routes?

Outbound Traffic
Route Type
Prefix
es
Require
d
Advantage
Memory
Best load
265,0
sharing
Full Routes1
155MB
00
Bogon
filtering
Low mem
75,00
usage
Customer Only2
44MB
0
Some load
share
Customer2+Upst 150,0
88MB Balanced
ream3
00
Low mem
1
Based on 2Only
upstream eBGP peers 1 32KB
Default
usageprefixes
2
Varies depending on quantity of ISP customers announcing
Disadvantage
High mem
usage
Higher CPU
usage
No bogon
filtering4
No bogon
filtering4
Minimal TE
Varies depending on size of upstream carrier
Inbound bogon filtering is still possible, however outbound will not function due to
22
Memory Requirements
Full BGP Routes
Based on 255K routes + soft reconfig

BGP Summary shows 57MB Used
BGP-Router# sh ip bgp sum
...
BGP using 57060899 total bytes of memory
Adding
up processes shows 153MB Used
BGP-Router# sh proc mem | i PID|BGP

PID TTY Allocated
Freed
Holding
215
0 152845892
1430904 145443600
Getbufs
16
Retbufs Process
16 BGP Router
5164371 BGP I/O
234
239016
6984
5164371
235
82472
9972
0 BGP Scanner23
BGP Policy Components

Prefix-lists
to filter prefixes
ip prefix-list PL-ANNOUNCE seq 10 permit 1.0.0.0/8
Filter-lists
to filter ASNs
ip as-path access-list 1 ^1234
Route-maps
to apply policy
route-map RM-ISP-OUT permit 10

set as-path prepend 1234
Distribute-lists
(dont use)
Source: NANOG 23, Phillip Smith
to sit and watch

24
Configuration Example
ISP eBGP Peer with Partial Routes
router bgp 1234
no auto-summary
no synchronization
no bgp fast-external-fallover
bgp log-neighbor-changes
neighbor 192.0.2.233 remote-as 209
neighbor 192.0.2.233 description eBGP with Qwest AS209. Password:
neighbor 192.0.2.233 password 1234abcd
neighbor 192.0.2.233 version 4
neighbor 192.0.2.233 soft-reconfiguration inbound
neighbor 192.0.2.233 maximum-prefix 300000 90 warning-only
neighbor 192.0.2.233 prefix-list PL-BOGONS in
neighbor 192.0.2.233 prefix-list PL-ANNOUNCE out
neighbor 192.0.2.233 route-map RM-QWEST-OUT out
neighbor 192.0.2.233 route-map RM-QWEST-IN in
neighbor 192.0.2.233 filter-list 1 out
neighbor 192.0.2.233 filter-list 10 in
network 205.93.251.0 mask 255.255.254.0
network 205.93.251.0
ip
ip
ip
ip
route
route
route
route
ip
ip
as-path
as-path
1234abcd
205.93.251.0 255.255.254.0 Null0 name BGP-STABILITY

205.93.251.0 255.255.255.0 205.93.251.4
205.93.251.125 255.255.255.255 205.93.251.121 name IBGP-PEER
205.93.251.125 255.255.255.255 205.93.251.2 250 name IBGP-PEER-BACKUP
access-list
access-list
1 permit ^$
10 permit _(209|7018)$
ip prefix-list PL-ANNOUNCE seq 10 permit 205.93.251.0/23 le 24

ip prefix-list PL-ANNOUNCE seq 99 deny 0.0.0.0/0 le 32
route-map RM-QWEST-OUT permit 10
set as-path prepend 1234 1234
route-map RM-QWEST-IN permit 10
set local-pref 50
25
Regular Expressions
BGP AS Filtering
Defining
our AS
ip as-path access-list 1 permit ^$
Originating
in AS 3549
ip as-path access-list 1 permit ^3549$
Originating
in AS 3549 or Upstream AS
ip as-path access-list 1 permit ^3549$

ip as-path access-list 1 permit ^3549 1239$
ip as-path access-list 1 permit ^3549_(1239)?$
Deny
all nets originating from AS 1239

and permit all other routes
ip as-path access-list 1 deny _1239$
ip as-path access-list 1 permit .*
26
BGP Routing Table

Analysis
Daily BGP Stats Available
BGP routing table entries examined:
255572
Misiaszek
Prefixes after maximum Wojciech
aggregation:
127106
Telekomunikacja
Podlasie
Sp.
Deaggregation factor:
2.01
ul. Dobra 14A
Unique aggregates announced to Internet:
123962
15-034 Bialystok
Total ASes present in the Internet Routing Table:
28151
Poland
Prefixes per ASN:
9.08
Average AS path length visible in the Internet Routing Table:
3.6
Max AS path length visible:
25
Max AS path prepend of ASN (39375)
13
Prefixes from unregistered ASNs in the Routing Table:
25414
Unregistered ASNs in the Routing Table:
1885
Prefixes being announced from unallocated address space:
786
Number of addresses announced to Internet:
1,851,293,088
27
Bogon Filtering
Manual Method
Outbound
traffic (via inbound route
filter)
ip
ip
ip
ip
ip
ip
ip
ip
prefix-list
prefix-list
prefix-list
prefix-list
prefix-list
prefix-list
prefix-list
prefix-list
Inbound
BOGONS
BOGONS
BOGONS
BOGONS
BOGONS
BOGONS
BOGONS
BOGONS
desc Bogon networks we won't accept

seq 2
deny 0.0.0.0/0
seq 5
deny 0.0.0.0/8 le 32
seq 20 deny 5.0.0.0/8 le 32
seq 390 deny 127.0.0.0/8 le 32
seq 400 deny 172.16.0.0/12 le 32
seq 520 deny 224.0.0.0/3 le 32
seq 700 permit 0.0.0.0/0 le 27
traffic
ip access-list extended ACL-OUTSIDE-IN

remark --- Basic Spoof Filtering
deny
ip 0.0.0.0 0.255.255.255 any
deny
ip 10.0.0.0 0.255.255.255 any
deny
ip public-ip-block subnet-mask any
28
Bogon Filtering
Automatic Method
Do
not try this at home!

Make sure you are aware of
potential complications
router bgp <your asn>

neighbor x.x.x.x remote-as 65333
neighbor x.x.x.x ebgp-multihop 255
neighbor x.x.x.x description Cymru Bogon Route Server Project
neighbor x.x.x.x prefix-list PL-CYMRU-OUT out
neighbor x.x.x.x route-map RM-CYMRUBOGONS-IN in
neighbor x.x.x.x password 31337PW
neighbor x.x.x.x maximum-prefix 100 threshold 90
Configure a community list to accept the bogon prefixes into the route-map.
ip bgp-community new-format
ip community-list 10 permit 65333:888
Configure the route-map. Remember to apply it to the proper peering sessions.
route-map RM-CYMRUBOGONS-IN permit 10
description Filter bogons learned from cymru.com bogon route-servers
match community 10
set ip next-hop 192.0.2.1
Set a bogon next-hop on all routers that receive the bogons.
ip route 192.0.2.1 255.255.255.255 null0
ip prefix-list PL-CYMRU-OUT seq 5 deny 0.0.0.0/0 le 32
29
BGP Communities
WELL KNOWN
TE CUSTOM COMMUNITIES
no-advertise
no-export
ISP must support it

TE via AS path
prepends, local
prefs, trig. blackhole
30
BGP Communities
Configuration Example
6453
209
7018
64512
Teleglobe, Qwest, ISP, You
6453
3549
7018
64512
Teleglobe, GBLX, ISP, You
ip bgp-community new-format
ip prefix-list PL-ANNOUNCE seq 10 permit 205.93.251.0/24
ip prefix-list PL-ANNOUNCE seq 10 deny 0.0.0.0/0 le 32
match ip address prefix-list PL-ANNOUNCE
set community 65011:209
router bgp 64512
neighbor 1.1.1.1 send-community
neighbor 1.1.1.1 route-map RM-ISP-OUT out
6453
209
7018
6453
3549
7018
7018 64512
64512
31
Section Review
BGP & the Internet
What
kind of route options are

typically received from an ISP?
Who is the global controller of IP
space on the internet?
Describe bogon filtering
What do the ^ and $ symbols mean
in regular expressions?
32
PART 2
BGP and the MPLS WAN
Troubleshooting BGP
33
BGP & MPLS

Theory
Design
Configuration
Best Practices
34
MPLS Basics
Topology
Full Mesh
Single peer to WAN cloud
L1
Transport
T1
DS3
L2
Transport
PPP / MLP
ATM / IMA
Frame Relay
Ethernet
Routing
Protocols
BGP
EIGRP
RIP
Public/Private
ASs
35
MPLS Terminology
CE
Router
Customer Edge
PE
Router
Provider Edge
P/LSR
Router
Provider Backbone/Label
Switching Router
VRF
Virtual Routing and Forwarding
Everything
BGP!
else is standard
36
Typical MPLS Topology

Options
Single-homed,
Single
ISP
Easiest routing policies
Multi-homed,
Single
ISP
Most common
37
BGP Table
How do you read this thing???
> is the
path
installed in
the
routing
table
means
there is
already a
route with a
better AD
Next Hop
is the
neighbor IP
of eBGP
peer(s)
32768
means
prefix was
originated
via
redistribution
means
prefix
originated
on this
router
WAN-Router# sh ip bgp
BGP table version is 7345, local router ID is 172.16.254.3
Status codes: s suppressed, d damped, h history, * valid, > best,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network
Next Hop
Metric LocPrf Weight Path
* i12.86.42.44/30
172.16.254.4
0
100
0 7018
*>
12.122.14.185
0 7018
r>i172.16.254.4/32 172.16.254.4
0
100
0 ?
*> 172.16.254.16/29 0.0.0.0
0
32768 ?
*> 172.16.254.24/29 0.0.0.0
0
32768 ?
* i172.30.32.0/20
172.16.254.4
0
100
0 7018
*>
12.122.14.185
0 7018
*> 172.30.64.0/20
12.122.14.185
0 7018
means route
is OK to inject
in routing table
means prefix
learned from
iBGP peer
CIDR Mask
try to
summarize
where possible
AS set
is the
list of ASs
prefix has
passed
i - internal,
?
?
7018 i
7018 i
7018 ?
means prefix
was originated
via network
statement
38
Default Route
Origination
Origination Type
Default
Originate
Static
Redistribution
w/Route Map
Filter
Network
Statement
Allow
Syntax
Policies*?
Partial
router bgp 65000

neighbor 1.1.1.1 default-originate
route-map RM-DEFAULT-EXIST
No
router bgp 65000

redistribute static route-map RMSTATIC
Yes
router bgp 65000

network 0.0.0.0 route-map RMDEFAULT-OUT
include: Conditional advertisement, AS prepending, and communities
39
Weight
Local Pref
Local
Originate
AS Path
Origin Type
Lowest MED
Best Path Selection

Review
eBGP over
iBGP
IGP Metric to
NH
Received
First
Lowest RID
Originator ID
Neighbor IP
WAN-router# sh ip bgp nei 172.16.16.249 advertised-routes

Originating default network 0.0.0.0
Network
Next Hop
*> 10.0.0.0/24
10.20.40.5
0
32768 ?
*> 10.20.20.0/24
0.0.0.0
0
32768 ?
...
BGP Table (BRIB)

Routing Table (RIB)
BGP
Multipath
WAN-router> sh ip bgp
Network
Next Hop
*> 0.0.0.0
172.14.16.250
* 0.0.0.0
10.217.13.102
Multi-VRF

0 65000 i
0 65001 i
w/Sub-interfaces
WAN-router> sh ip bgp
Network
Next Hop
*> 0.0.0.0
172.11.132.193
Only
send
the
very
best!

0 1803 65000 i
40
Route Redistribution
Seek first to
summarize
Do
you need to redistribute?
Yes = Redistribution
No = Summarization
Maybe = Both?
BGP
to EIGRP
router eigrp 111

redistribute bgp 222 metric 1500 1000 255 1 1500
EIGRP
to BGP
router bgp 222

redistribute eigrp 111
41
Miscellaneous Features
Peer
Groups
Object-groups for BGP! (Kind of)

router bgp 64512
! Setup peer-group policies
neighbor PARTIAL-ROUTES peer-group
neighbor PARTIAL-ROUTES version 4
neighbor PARTIAL-ROUTES filter-list 5 out
neighbor FULL-ROUTES peer-group
neighbor FULL-ROUTES version 4
! Apply it to a neighbor
neighbor 192.0.2.228 peer-group FULL-ROUTES
ip as-path access-list 5 permit ^(209|36270|6298_)[0-9]*_[0-9]*$
Route
Reflectors
42
Best Practices
Avoid
redistributing everything under

the sun
connected, static, every routing protocol,
etc.
Look
for ways to reduce routing tables
Summarize
Advertise only what is necessary
Use
a network statement for default

origination
network 0.0.0.0 mask 0.0.0.0
43
Case Study
Requirements
Smokey the Router

says
Routing
works both
ways!
WAN to Internet
Use DC as primary
Use Campus as secondary
Use Internet VPN as tertiary
WAN to Hubs
Use each hub MPLS DS3
Use other hub DS3 as
secondary
Hub to Hub
Use LAN link as primary
Dont use MPLS DS3s as
secondary
44
Case Study
Possible Solution
Default
Networks:
1 via eBGP to
MPLS
1 via iBGP to
VPN
Advertised
Networks:
Shortest AS path
(DC)
Advertised
Networks:
network 0.0.0.0
network
10.112.0.0
to Internet
Use DC as primary
Use Campus as secondary
WAN to Hubs
Use each hub MPLS DS3
Use other hub DS3 as secondary
Hub
to Hub
Use LAN link as primary

Dont use MPLS DS3s as secondary
Advertised
Networks:
network 0.0.0.0
Received
Networks:
Summarized
0.0.0.0/0 ge 29
Networks:
le 32
summary-addr
10.x.0.0/20
summary-addr <WAN
Summarized
nets>
Networks:
summary-addr
10.112.0.0/16
Campus to
WAN:
EIGRP Metric
better via
Router 1
WAN
Received
Networks:
0.0.0.0/0
ge 29
Advertised
le
32
Networks:
network 0.0.0.0
DC to Campus:
Only 1 route via
Interlink
Received
Networks:
0.0.0.0/0 ge 29
le 32
Default Route
Static route
redistributed into
EIGRP
45
Configuration Example (Hub)

MPLS eBGP Peer with Default Advertisement
router bgp 100
network 0.0.0.0
network 10.112.0.0 mask 255.255.0.0
neighbor 192.0.2.105 remote-as 65000
neighbor 192.0.2.105 description eBGP with MPLS SP. Password:
neighbor 192.0.2.105 password 1234abcd
neighbor 192.0.2.105 version 4
neighbor 192.0.2.105 send-community
neighbor 192.0.2.105 soft-reconfiguration inbound
neighbor 192.0.2.105 route-map RM-MPLS-IN in
neighbor 192.0.2.105 route-map RM-MPLS-OUT out
no auto-summary
1234abcd
ip prefix-list PL-DEFAULT seq 10 permit 0.0.0.0/0

route-map RM-MPLS-IN deny 10
description Block learning default route from DC Router. Use IGP instead.
match ip address prefix-list PL-DEFAULT
route-map RM-MPLS-IN permit 20
route-map RM-MPLS-OUT permit 10
description Set BGP policies for outbound route advertisements to MPLS Provider
set community 112
description Prepend Default Route for Backup Link
match ip address prefix-list PL-DEFAULT
set as-path prepend 100 100
46
Configuration Example (Hub)

MPLS EIGRP Redistribution
router eigrp 1
redistribute bgp 100 metric 1500 1000 255 1 1500 route-map PL-WAN-SERIALS
network 10.112.2.0 0.0.0.255
no auto-summary
ip prefix-list PL-WAN-SERIALS seq 10 permit 0.0.0.0/0 ge 29
route-map RM-WAN-SERIALS permit 10
description Only redistribute WAN serials (/29 to /32 prefixes) into EIGRP process
match ip address prefix-list PL-WAN-SERIALS
Advertise
learned BGP networks with

prefixes /29 or longer
47
Section Review
BGP & MPLS
What
are the 3 default route

origination methods?
What
does the > symbol mean in the

BGP table?
What
are 3 clues that tell you a route

"originated here" in the BGP table?
48
BGP Troubleshooting
Interpreting and Troubleshooting BGP Operations
49
Peer Establishment
Peer Reachability
MD5 Password Mismatch
Wrong neighbor IP
Wrong update-source
Wrong peer AS
TTL / ebgp-multihop
Stuck in OpenSent/OpenConfirm
Asymmetric routing & TTL problem
ACLs
between peers
Blocking TCP/179
50
Flapping Peer
*May
*May
*May
*May
*May
*May
*May
*May
*May
*May
*May
*May
*May
20
20
20
20
20
20
20
20
20
20
20
20
20
04:02:39.240
04:02:54.468
04:20:44.999
04:20:44.999
04:21:04.243
04:52:18.132
04:52:18.132
04:55:16.469
04:56:17.169
04:56:36.533
05:09:28.555
05:09:35.087
05:47:57.350
MST:
MST:
MST:
MST:
MST:
MST:
MST:
MST:
MST:
MST:
MST:
MST:
MST:
%BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down Peer closed the session

%BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up
%BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down BGP Notification sent
%BGP-3-NOTIFICATION: sent to neighbor 192.0.2.133 4/0 (hold time expired) 0 bytes
%BGP-3-NOTIFICATION: sent to neighbor 192.0.2.133 4/0 (hold time expired) 0 bytes
Remote
router rebooting (BGP crash?)

MTU Incorrect
L2 Problem
Interface output drops (QoS, CoPP, etc.)
51
Received Routes
Pre/Post Filter
Show
received routes before policy is

applied
sh ip bgp nei 1.1.1.1 received-routes
Requires soft-reconfiguration inbound (more mem)
Show
received routes after policy is applied
sh ip bgp nei 1.1.1.1 routes
Show
AS Paths to via all neighbors
BGP-router> sh ip bgp paths

Address
Hash Refcount Metric
0xC4125EDC
1
8
0
0x68397C58
1
18
0
0x74151970
1
2
0
0x70FF72D4
1
2
0
Path
7018
4323
4323
4323
209 701 23520 3816 ?

6389 6198 27266 25747 i
1299 13249 44600 i
3257 1241 20506 i
52
Missing Routes
Next
hop IP address must

be accessible
iBGP next-hop-self
Route
with better AD
already exists in RIB
Filters
Prefix
AS-Path
Route-maps
53
Announcements
Verify advertised routes
Show
advertised routes to peer
sh ip bgp nei 192.0.2.233 advertised-routes

BGP-Router> sh ip bgp nei 192.0.2.233 advertised-routes
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
Network
*> 205.93.251.0
*> 205.93.251.0/23
Next Hop
205.93.251.4
0.0.0.0

0
32768 i
0
32768 i
Total number of prefixes 2
What
if nothing shows up?
Route must exist in the RIB

54
BGP Table
Analyzing and Interpreting
Router# sh ip bgp
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
Network
Next Hop
*>i0.0.0.0
205.93.251.125
0
100
0 7018 i
*> 3.0.0.0
192.0.2.233
0 4323 1239 701 703 80 i
*> 4.0.0.0/9
192.0.2.233
0 4323 3549 3356 i
* i
205.93.251.125
0
100
0 7018 209 3356 i
*> 4.0.0.0
192.0.2.233
0 4323 3549 3356 i
* i
205.93.251.125
0
100
0 7018 209 3356 i
*> 4.23.112.0/24
192.0.2.233
0 4323 174 21889 i
*>i12.2.60.0/22
205.93.251.125
0
100
0 7018 209 7018 32719 i
*
192.0.2.233
0 4323 6539 19092 26794 26794 26794
26794 26794 26794 26794 26794 26794 26794 26794 32719 i
Note
to self: 10 prepends is
excessive
Average AS path length is 3.6
55
Looking Glass
Public BGP Route Servers - CLI
Verify how the global internet routing table views your prefix
announcement
route-views.oregon-ix.net> sh ip bgp 205.93.251.0 | i 64512

3333 3356 1239 4323 64512
2905 701 209 7018 64512
4513 13789 22212 4323 64512
7018 4323 64512
...
1st
2nd
3rd
3333
3356
1239
3356
1239
4323
701
209
6453
6453
293
4th
5th
Len
ISP Path
RIPE, Level 3, Sprint, TWT, You
64512
Level 3, Sprint, TWT, You
7018
64512
MCI, Qwest, ISP, You
209
7018
64512
3549
7018
64512

Energy Sciences Net, TWT,
You
4323 64512
4323 64512
56
Looking Glass
Public BGP Route Servers Web/CLI
57
High CPU
Process Name
BGP Open
BGP I/O
BGP Scanner
BGP Router
Description
Performs BGP peer establishment.
Processing of BGP packets, such as UPDATES and
KEEPALIVES.
Walks the BGP table and confirms reachability of the
next hops.
Calculates the best BGP path . Sends and
receives routes and interacts with the routing
information base (RIB).
BGP-Router# sh proc cpu | i CPU|PID|BGP

CPU utilization for five seconds: 93%/2%; one minute: 32%; five minutes: 22%
PID Runtime(ms)
Invoked
uSecs
5Sec
1Min
5Min TTY Process
319
2319628 11589466
200 0.15% 0.05% 0.04%
0 BGP Router
320
568684
2305861
321
246815548
1497615
246
0.00%
0.01%
0.00%
0 BGP I/O
164807 76.47%
9.23%
6.50%
0 BGP Scanner
58
High Memory
L3-Switch# sh proc mem | i PID|BGP
PID TTY Allocated
Freed
Holding
319
0 541682808 353471992 177441136
320
0
1377432
2361312
7048
321
0
136
323920
10216
L3-Switch# sh ip bgp sum
Neighbor
V
AS MsgRcvd
32.124.75.251
4
209 1741759
52.111.238.129 4 5555 2798645
192.0.1.148
4 22222
68448
192.0.2.228
4 33333
67386
192.0.3.254
4 11111 2140027
MsgSent
68344
68231
2134480
2381477
2272911
Getbufs
0
0
0
TblVer
9564122
9564122
9564122
9564122
9564130
Retbufs
0
0
0
Process
BGP Router
BGP I/O
BGP Scanner
InQ OutQ Up/Down

0
0 6w5d
0
0 1w2d
0
0 3w3d
0
0 5d01h
0
0 6w5d
State/PfxRcd
251577
254104
35
118
254360
750K
routes (if no soft-reconfig)

1.5M routes (if soft-reconfig)
542MB of memory for BGP
59
Latency
Perception v. Reality
What
could cause this horrible

latency???
Reply
from 209.85.171.100: bytes=32 time=5ms TTL=247
Reply
Reply
Reply
Reply
Reply
Reply
Reply
Reply
Reply
from
from
from
from
from
from
from
from
from
209.85.171.100:
209.85.171.100:
209.85.171.100:
209.85.171.100:
209.85.171.100:
209.85.171.100:
209.85.171.100:
209.85.171.100:
209.85.171.100:
bytes=32
bytes=32
bytes=32
bytes=32
bytes=32
bytes=32
bytes=32
bytes=32
bytes=32
time=5ms TTL=247
time=6ms TTL=247
time=99ms TTL=247
time=225ms TTL=247
time=248ms TTL=247
time=66ms TTL=247
time=8ms TTL=247
time=5ms TTL=247
time=5ms TTL=247
BGP scanner process takes higher priority than ICMP

processing. Move on, nothing to see here.
60
Section Review
Troubleshooting
What
are 3 reasons that could cause

peer establishment problems?
What
are the advantages and

disadvantages of soft reconfiguration?
What
is required in ordered to announce

a prefix?
What
kind of information can you get

from the looking glass route servers?
61
BGP Resources
North
American Network Operators

Group (NANOG)
http://www.nanog.org
www.traceroute.org
62

BGPPub 122924954717 Phpapp03

Enviado por

Dados do documento

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

BGPPub 122924954717 Phpapp03

Enviado por

Direitos autorais:

Formatos disponíveis

Implementing & Troubleshooting

BGP and the

BGP and the

Where is BGP used?

Same, Unique, or Mixed

Public or Private ASN

An AS is a connected group of one or

more IP prefixes run by one or more

EIGRP and BGP

90 Int / 170 Ext

200 Int / 20 Ext

attribute [transitive verb]

The transit path to you is

determined by how you announce

Local Preference (higher is more

BGP Process Operations

BGP Open BGP peer establishment.

Queuing and processing of BGP

Once per second and

BGP & the Internet

23nd Ave / I-40 Junction

Address Space Depletion

Global Routing table

Typical ISP Routing

ISPs wont accept anything longer than /24

Aggregate address block (PA)

/24 or shorter from ISP

Independent address block

What Kind of Routes?

Varies depending on size of upstream carrier

Based on 255K routes + soft reconfig

up processes shows 153MB Used

BGP-Router# sh proc mem | i PID|BGP

BGP Policy Components

ip prefix-list PL-ANNOUNCE seq 10 permit 1.0.0.0/8

ip as-path access-list 1 ^1234

route-map RM-ISP-OUT permit 10

Source: NANOG 23, Phillip Smith

to sit and watch

205.93.251.0 255.255.254.0 Null0 name BGP-STABILITY

ip prefix-list PL-ANNOUNCE seq 10 permit 205.93.251.0/23 le 24

ip as-path access-list 1 permit ^$

ip as-path access-list 1 permit ^3549$

ip as-path access-list 1 permit ^3549$

all nets originating from AS 1239

BGP Routing Table

traffic (via inbound route

desc Bogon networks we won't accept

ip access-list extended ACL-OUTSIDE-IN

not try this at home!

router bgp <your asn>

ISP must support it

Teleglobe, Qwest, ISP, You

Teleglobe, GBLX, ISP, You

Teleglobe, Qwest, ISP, You

Teleglobe, GBLX, ISP, You

kind of route options are

BGP & MPLS

Typical MPLS Topology

router bgp 65000

router bgp 65000

router bgp 65000

include: Conditional advertisement, AS prepending, and communities