Basic things about BGP:
- BGP is an open standard Protocol. Currently we are using Version 4.
- BGP is a path vector routing protocol. BGP uses a list of AS number through which a packet must pass to reach destination and this list describe the path a packet must take that’s why BGP is called Path Vector RP.
- BGP is classless routing protocol.
- BGP uses TCP as its transport protocol (port 179).
- BGP Maintain three Tables:-
- Neighbor Table: – List of BGP neighbor.
- BGP table: – list of all BGP routes.
- Routing table:-list of Best routes.
Autonomous System: – An AS is a group of routers that share similar routing policies and operate within a single administrative domain. IGPs operates within an AS to exchange routing table. BGP is used to exchange routing table between AS.
There are two types of BGP Peers (Neighbor):
1. iBGP Peer: Peer in same AS is known as internal peer. iBGP peers don’t have to be directly connect as TTL is 255.
2. EBGP Peer: Peer in different AS is known External Peer. By Default need to be directly connected as TTL is 1 for EBGP Peer and we can change this behaviour using ebp-multihop commnad
Router bgp 11
Neighbour 126.96.36.199 remote-AS 22
r4#show ip bgp neighbors 188.8.131.52
Local host: 184.108.40.206, Local port: 12916
Foreign host: 220.127.116.11, Foreign port: 179
Router bgp 11
Neighbour 18.104.22.168 remote-AS 11
1. Using this command we specify a Neighbor and Neighbor AS Number.
2. Neighbor statement tells process to:
a) Listen for remote address via TCP 179.
b) Initiate a session to remote address via TCP 179.
c) Who ever have higher router-id becomes TCP client means destination port is 179.When two devices peer via BGP they both attempt to establish a TCP session targeted at remote Port 179. after that one of the session is dropped and remaining is used.If OPENs are exchanged at the exact same time then two TCP sessions will be established but the TCP session from the router with the highest router-ID will be kept and the other turn down. TCP server must agree on where client’s session is coming from, if TCP server doesn’t expect session it will refuse the session. By default source is from outgoing interface in the routing table and this can be modified using “update-source” command Neighbor exchange keepalive message to verify TCP connection if three keepalive interval pass the peer declares it neighbor down.*** if keepalive mismatch with neighbor then automatically negotiated with smaller value. Default Keepalive-60sec and hold-down time 180 secNetwork Statement in IGP and BGP:• In the IGPs the network statement only identifies the interfaces to participate and the decision about what to advertise is separate from the network statement.• In BGP the network statement does identify what network prefixes should be advertised.The Network command vs Neighbor :Neighbor command tells BGP where to advertise and Network command tells BGP what to advertise.
BGP Neighbor State:
Idle State: This is the first state where BGP waits for a “start event”. The start event occurs when we configure a BGP neighbor or when we reset an established BGP peering.
After the start event, BGP will initializes all BGP resources , resets a ConnectRetry timer and initiates a TCP connection to the remote BGP neighbor. It will also start listening for a connection in case the remote BGP neighbor tries to establish a connection. When successful, BGP moves to the Connect state. When it fails, it will remain in the Idle state.
Connect State: – BGP waits for a TCP connection with the remote peer. If successful, an OPEN message is sent. If unsuccessful, the session is placed in an Active state
If the connection is successful:
- Clears the ConnectRetry timer
- Completes initialization
If the connection is unsuccessful:
- Continues to listen for a connection to be initiated by the neighbor
- Resets the ConnectRetry timer.
- Transitions to the Active state.
Active –In this state, a TCP connection is initiated to establish a BGP peer relationship. If successful, BGP sends its OPEN message to the peer and moves to OpenSent state and clears the ConnectRetry timer. Failure can result in going to the Active or Idle states.
Open State: BGP has established the TCP connection and sent an OPEN Message, and is awaiting a reply OPEN Message.
If there is an error in the Open message then sends a Notification message to the peer and the state transitions to Idle.
Reason for Notification message at this state :
- BGP version mismatch
- MD5 password mismatch
- Peer router expects a different AS than the local AS.
If there are no errors, a Keepalive message is sent and the Keepalive timer is set, the peer is determined to be internal or external, and state is changed to OpenConfirm.
OpenConfirm state: BGP waits in this state for Keepalive from the peer. If successful, the state moves to Established; otherwise, the state moves back to Idle based on the errors.
Established State: This is the state in which BGP can exchange information between the peers. The information can be updates, Keepalive, or notification. If an Update or Keepalive message is received, the Hold timer is restarted or If a Notification message is received, the state transitions to Idle.
BGP neighborship is not coming up then please check below things:
- Configured Peer address is pingable or not.
- TCP port 179 is open or not and check random TCP port over 1023 is opened or not.
- Check TTL if your peer is EBGP.
- Peer address is configured correctly on the peer or not.
- AS Number is configured correctly on the peer or not.
- Check Neighbor source is correct or not (update source)
BGP Message Type:
Once a TCP connection is established, the first message sent by BGP router is an OPEN message. If the OPEN message is acceptable, a KEEPALIVE message confirming the OPEN is sent back. these messages are used to establish neighborships and exchange basic parameters for negotiation.
OPEN message contains the following information:
1. Version: Specifies the BGP version (2,3 or 4), default 4.The highest common version that both routers negotiated and support will be used.
2. AS Number: Specify the AS number of the originator. A BGP peer uses this information to determine whether the BGP session is EBGP or IBGP and will terminate the BGP session if it is not the expected AS number.
3. Hold Time : The hold-time value is advertised in open packets and indicates to the peer the length of time that it should consider the sender valid. The default Cisco hold time is 180 sec. If the neighbors hold time differ, the smaller of the two times become the accepted hold time.
4. BGP Identifier: Provides the BGP identifier of the sender (an IP address). IOS determines identifier in exactly the same way as OSPF router ID.
5. Optional Parameters Length – indicates the length or absence (with a zero value) of the optional parameters filed
6. Optional Parameters – contains a list of optional parameters as authentication, multiprotocol support etc.
If the parameters in the open message are accepted then the router responds with a keepalive message.
Keepalive messages ensure that the connections to BGP peers are alive. Cisco default keepalive interval is 60 seconds and the hold time interval is 180 seconds (3 x keepalive). Keepalives are sent every 60 seconds and after not receiving any keepalive message from BGP peer for 180 seconds, the connection to that peer is declared as dead and the bgp neighbor is reported as down.
Update – Used to exchange routing information.
Notification: The notification message is sent when an error condition is detected. Notifications are used to close an active session and to inform any connected routers of why the session is being closed.
Loop Prevention Rule:
- Loop prevention in BGP is done by verifying the AS number in the AS Path. If router receive an BGP update with own AS in the AS Path, router will simply ignore the update. The receiving Router assumes that the update was originated from its own AS and has reached the same place from where it originated initially.
- Routes learned via IBGP will not be sent to another IBGP peer.
Do not use or advertise a route learned by IBGP to an external neighbor until a matching route has been learned from an IGP.
Ensures consistency of information throughout the AS or Legacy black-hole prevention rule.
Disables BGP synchronization so that a router will advertise routes in BGP without learning them in an IGP (No sync under BGP).
Enables BGP synchronization so that a router will not advertise routes in BGP until it learns them in an IGP (Synchronization under BGP).
Why turn it off?
- If the AS is a non-transit AS
- When all the routers in the AS are fully meshed iBGP
Advantages of turning it off?
- Carry fewer routes in IGP.
- BGP converges faster (doesn’t have to spend time checking IGP Table).
Route Selection Decision Process
Consider only (synchronized) routes with no AS loops and a valid next hop, and then:
- Prefer highest weight (local to router).
- Prefer highest local preference (global within AS).
- Prefer route originated by the local router (next hop = 0.0.0.0).
- Prefer shortest AS path.
- Prefer lowest origin code (IGP < EGP < incomplete).
- Prefer lowest MED (exchanged between autonomous systems).
- Prefer EBGP path over IBGP path.
- Prefer the path through the closest IGP neighbor.
- Prefer oldest route for EBGP paths.
- Prefer the path with the lowest neighbor BGP router ID.
- Shortest Cluster-id (If RR is available)
- Prefer the path with the lowest neighbor IP address.
In BGP, the next hop does not mean the next router; it means the IP address to reach a preﬁx from the BGP point of view.
- If router receive routes(bgp update) from EBGP Peer then Next-hop-address is the IP address of EBGP Peer.
- If router receive bgp update from IBGP peer then there is two cases.
A. if received bgp update is from same AS then Next-hop-address is IP address of originating router.
B. If received bgp update is from different AS then Next-hop-address is EBGP Peer address from which route was learned. We can change this using “Next-hop-self or route-map”
- Weight is a cisco proprietary attribute that is local to the router.
- This attribute is not advertise to any BGP neighbor
- Used to manipulate route-selection for outbound traffic.
- Higher is preferable [default 0(routes learn via peers); 32768 (for locally generated routes)].
Let’s understand this in our Topology:
we have two path to reach network 22.214.171.124 through ISP_Airtel or ISP_Reliance. as of now route provided by ISP_Airtel is best route.As of now traffic for network 126.96.36.199 is going through the AS_2001 which is our Airtel Link. please see below in screen shot.
Now some reason we want traffic from eva-wr01 has to pass through ISP_Reliance then we can use weight using below general method:
1. Neighbor ISP_Reliance weight XXX (XXX is Numberic value and higher is prefered)
2. Neighbor ISP_Reliance route-map XYZ in
Using Neighbor ISP_Reliance weight command it will prefer Reliance ISP for all received routes but here we want for specific route so second method is more appropriate. In below output we can see how we are manipulating outgoing traffic using weight for specific route. Remember Weight is local to router and Cisco Proprietary attribute.
- Well known discretionary Attribute
- Sent to IBGP peer only means for local to AS.
- Higher is preferable(default=100)
- Used to manipulate route-selection for outbound traffic.
Below are the method to set Local Preference:
1. Set local preference using “bgp default local-preference (Value)” command under bgp router mode.
2. Using route-map means create route-map and specify the local preference value and apply using below command:
A. neighbor X.X.X.X route-map (Name) in
B. neighbor X.X.X.X route-map (Name) out —> this can be used to change Local-preference advertised to IBGP peer.
Remember Local-preference value is stripped out while advertising to EBGP Peer.
Let’s assume we want to forward traffic from eva-wr02 to 188.8.131.52 from all routers in AS_1001 including eva-wr01/02/03.
we did below config at eva-wr02 router:
1. access-list 11 per 184.108.40.206 0.0.0.255
2. route-map LOCAL_PREFERENCE permit 10
match ip address 1
Set local-preference 200
route-map LOCAL_PREFERENCE per 20
3. router bgp 1001
neighbor 220.127.116.11 route-map LOCAL_PREFERENCE in
After Local Preference Result:
MED (multi exit Discriminator) attribute: –
- Non-transitive optional attribute
- Used to manipulate route-selection for Inbound traffic.
- Lower is better (default=0)
- Well known Mandatory
- IGP:- advertise by Network command ; EGP=learn by EGP (no ever seen in life)
Incomplete (?)=redistribute from IGP or static
|I is preferable than E and E is preferable than ?|
Let’s discuss few other important commands in below:
bgp bestpath as-path ignore :
2. bgp deterministic-med Vs bgp always-compare-med Command:
It’s really a great and helpful piece of information. I’m glad that you just shared this useful information with us. Please keep us informed like this. Thank you for sharing.
Very helpful theory with practical thank you so much!
Great article Balram. Really like your presentation style. Easy to digest and learn.
Thanks for such a wonderful article. The content is so in depth & written in simple English makes it easy to understand. Please keep up the good work.
What’s up to every body, it’s my first visit of this blog; this web site carries amazing and genuinely good material in favor of visitors.
I got this web site from my buddy who informed me concerning this site and now this time I am browsing this website and reading very informative articles at this
What’s up i am kavin, its my first occasion to commenting anywhere, when i read this paragraph i thought i could also make comment due
to this brilliant piece of writing.
Feel free to visit my blog: xe888 apk
I have read so many posts concerning the blogger lovers however this paragraph is actually a nice post,
keep it up.
I do not know whether it’s just me or if perhaps everyone else
encountering problems with your blog. It appears as though some of the text
in your posts are running off the screen. Can someone else please provide feedback and let me know if this is happening to
them as well? This might be a problem with my internet browser because I’ve had this
happen before. Thank you
Great stuff Balram Sir