Professional Documents
Culture Documents
AJER-12.a Student Guide Volume 2
AJER-12.a Student Guide Volume 2
»¿´·¿à±¬®¿·²ò½±³ò¶±
Advanced Junos Enterprise Routing
12.a
Student Guide
Volume 2
»¿´·¿à±¬®¿·²ò½±³ò¶±
This document is produced by Juniper Networks, Inc.
This document or any part thereof may not be reproduced or transmitted in any form under penalty of law, without the prior written permission of Juniper Networks
Education Services.
Juniper Networks, the Juniper Networks logo, Junos, NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other
countries. All other trademarks, service marks, registered trademarks, or registered service marks are the property of their respective owners.
Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
YEAR 2000 NOTICE
Juniper Networks hardware and software products do not suffer from Year 2000 problems and hence are Year 2000 compliant. The Junos operating system has
no known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.
SOFTWARE LICENSE
The terms and conditions for using Juniper Networks software are described in the software license provided with the software, or to the extent applicable, in an
agreement executed between you and Juniper Networks, or Juniper Networks agent. By using Juniper Networks software, you indicate that you understand and
agree to be bound by its license terms and conditions. Generally speaking, the software license restricts the manner in which you are permitted to use the Juniper
Networks software, may contain prohibitions against certain uses, and may state conditions under which the license is automatically terminated. You should
consult the software license for further details.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Contents
»¿´
»¿
¿´·¿à
¿à±
౬®
¬®¿·
¿·²²ò½±
²ò½±³
±³ò
³ ò ¶±
Acronym List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ACR-1
This three-day course is designed to provide students with the tools required for implementing, monitoring, and
troubleshooting Layer 3 components in an enterprise network. Detailed coverage of OSPF, BGP, class of service (CoS), and
multicast is strongly emphasized.
Through demonstrations and hands-on labs, students will gain experience configuring and monitoring the Junos operating
system and monitoring device and protocol operations. This course is based on Junos OS Release 12.1X46-D20.5.
Objectives
After successfully completing this course, you should be able to:
Describe the various OSPF link-state advertisement (LSA) types.
Explain the flooding of LSAs in an OSPF network.
Describe the shortest-path-first (SPF) algorithm.
Describe OSPF area types and operations.
Configure various OSPF area types.
Summarize and restrict routes.
Identify scenarios that require routing policy or specific configuration options.
Use routing policy and specific configuration options to implement solutions for various scenarios.
Describe basic BGP operation and common BGP attributes.
Explain the route selection process for BGP.
Describe how to alter the route selection process.
Configure some advanced options for BGP peers.
Describe various BGP attributes in detail and explain the operation of those attributes.
Manipulate BGP attributes using routing policy.
Describe common routing policies used in the enterprise environment.
Explain how attribute modifications affect routing decisions.
Implement a routing policy for inbound and outbound traffic using BGP.
Identify environments that may require a modified CoS implementation.
Describe the various CoS components and their respective functions.
Explain the CoS processing along with CoS defaults on SRX Series Services Gateways.
Describe situations when some CoS features are used in the enterprise.
Implement some CoS features in an enterprise environment.
Describe IP multicast traffic flow.
Identify the components of IP multicast.
Explain how IP multicast addressing works.
Describe the need for reverse path forwarding (RPF) in multicast.
Explain the role of Internet Group Management Protocol (IGMP) and describe the available IGMP versions.
Configure and monitor IGMP.
Identify common multicast routing protocols.
Describe rendezvous point (RP) discovery options.
Configure and monitor Physical Interface Module (PIM) sparse modes.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Configure and monitor RP discovery mechanisms.
»¿´·¿à±¬®¿·²ò½±³ò¶±
vi Course Overview www.juniper.net
Course Agenda
Day 1
Chapter 1: Course Introduction
Chapter 2: OSPF
Lab 1: Configuring and Monitoring OSPF
Chapter 3: OSPF Areas
Lab 2: Configuring and Monitoring OSPF Areas and Route Summarization
Chapter 4: OSPF Case Studies and Solutions
Lab 3: Configuring and Monitoring Routing Policy and Advanced OSPF Options
Day 2
Chapter 5: BGP
Lab 4: Implementing BGP
Chapter 6: BGP Attributes and Policy
Lab 5: BGP Attributes
Chapter 7: Enterprise Routing Policies
Lab 6: Implementing Enterprise Routing Policies
Day 3
Chapter 8: Introduction to Multicast
Chapter 9: Multicast Routing Protocols and SSM
Lab 7: Implementing PIM-SM
Lab 8: Implementing SSM
Chapter 10: Class of Service
Lab 9: Implementing CoS Features in the Enterprise
Appendix A: BGP Route Reflection
Lab 10: BGP Route Reflection (Optional)
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Course Agenda vii
Document Conventions
CLI Input Text that you must enter. lab@San_Jose> show route
GUI Input Select File > Save, and type
config.ini in the Filename field.
CLI Undefined Text where the variables value is Type set policy policy-name.
the users discretion or text where
ping 10.0.x.y
the variables value as shown in
GUI Undefined the lab guide might differ from the Select File > Save, and type
value the user must input filename in the Filename field.
according to the lab topology.
»¿´·¿à±¬®¿·²ò½±³ò¶±
viii Document Conventions www.juniper.net
Additional Information
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Additional Information ix
»¿´·¿à±¬®¿·²ò½±³ò¶±
x Additional Information www.juniper.net
Advanced Junos Enterprise Routing
Chapter 5: BGP
»¿´·¿à±¬®¿·²ò½±³ò¶±
Advanced Junos Enterprise Routing
We Will Discuss:
Basic Border Gateway Protocol (BGP) operation;
Common BGP attributes;
The route selection process;
How to alter the route selection process; and
Configuring some advanced options for BGP peers.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 52 BGP www.juniper.net
Advanced Junos Enterprise Routing
Review of BGP
The slide lists the topics we will discuss. We discuss the highlighted topic first.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 53
Advanced Junos Enterprise Routing
BGP Review
BGP is a routing protocol between autonomous systems (ASs). It is sometimes referred to as a path-vector routing protocol
because it uses an AS path as a vector to prevent inter-domain routing loops. The term path vector, in relation to BGP, means
that BGP routing information includes a series of AS numbers, indicating the path that a route takes through the network.
Although BGP is primarily used for inter-AS routing, BGP is also used in large networks for MPLS-based virtual private
networks (VPNs) and is used to separate large OSPF domains. BGP is much more scalable and offers a greater amount of
control through policy than an interior gateway protocol (IGP).
BGP exchanges routing information among ASs. An AS is a set of routers that operate under the same administration. BGP
routing information includes the complete route to each destination. BGP uses the routing information to maintain an
information base of network layer reachability information (NLRI), which it exchanges with other BGP systems.
BGP is a classless routing protocol that supports prefix routing, regardless of the class definitions of IP version 4 (IPv4)
addresses. BGP routers exchange routing information between peers. The peers must be connected directly for inter-AS BGP
routing (unless certain configuration changes are done). The peers depend on established TCP connections, which we
address later in this chapter.
BGP version 4 (BGP4) is essentially the only exterior gateway protocol (EGP) currently used in the Internet. It is defined in
RFC 4271, which made the former standard of more than 10 years, RFC 1771, obsolete.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 54 BGP www.juniper.net
Advanced Junos Enterprise Routing
BGP Usage
Networks with a single upstream connection receive little benefit from running a dynamic routing protocol with their Internet
service provider (ISP). These customers typically use a static default route to send all external traffic toward the Internet.
Their provider also typically uses a static route to direct traffic destined for the customers addresses to the customer.
Normally, a single-homed network uses addresses assigned by the provider from the providers aggregate. Because these
addresses are assigned to the provider and can only be used by the customer while they are a customer of the provider, they
are known as nonportable addresses. Using these addresses allows the provider to announce a single aggregate route for
many customer networks, reducing global routing table growth. Currently, the Internet routing table contains hundreds of
thousands of routes, which highlights the need for a scalable and robust protocol such as BGP.
BGP is normally used when a network has multiple upstream connections, either to a single ISP or to multiple ISPs. BGPs
policy controls provide the ability to optimize inbound and outbound traffic flows based on a networks technical and
business constraints. Although BGP can detect and route around failures in redundant environments, BGP sessions within
the same AS do not typically react as quickly as an IGP, and they often rely on the IGP used in the AS to remain operational
when failures occur.
Networks that are multihomed to a single ISP likely use nonportable addresses assigned by the provider. Networks that are
multihomed to multiple ISPs likely use portable addresses assigned directly by the regional address registry.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 55
Advanced Junos Enterprise Routing
BGP Peers
BGP supports two different types of exchanges of routing information. Exchanges between ASs are known as external BGP
(or EBGP) sessions and handle inter-AS routing. Exchanges within an AS are known as internal BGP (or IBGP) sessions, and
handle intra-AS routing.
An EBGP peer connection is between a device in one AS and another device in a different AS. The connection between the
two ASs consists of a physical connection and a BGP connection. The physical connection is a shared Data Link Layer
subnetwork between the two ASs. On this shared subnetwork, each AS has at least one border gateway belonging to that AS.
The BGP connection exists between BGP speakers in each of the ASs. This session can communicate destinations that can
be reached through the advertising AS. The EBGP connection typically is established between immediately connected
devices located in two different ASs because the time-to-live (TTL) value of the EBGP packets is equal to 1, by default.
An IBGP connection is typically established between loopback interfaces of the routers not immediately connected (of
course, everything depends on the topology of the AS). BGP uses the loopback interfaces for stability reasonsthese
interfaces are always alive, unless the router itself dies. Because the IBGP connection typically exists between remotely
connected routers, there is a requirement for an IGP within the AS. BGPs TCP session is established using regular routing
tables.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 56 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 57
Advanced Junos Enterprise Routing
BGP Peering Sessions (contd.)
This list is a continuation of the various BGP neighbor states from the preceding page:
OpenSent state: In the OpenSent state, BGP waits for an OPEN message from its peer. When an OPEN message
is received, it is checked and verified to ensure that no errors exist. If an error is detected, the system
transitions back to the Idle state. If no errors are detected, BGP sends a Keepalive message.
OpenConfirm state: In the OpenConfirm state, BGP waits for a KEEPALIVE or NOTIFICATION message. If no
KEEPALIVE message is received before the negotiated hold timer expires, the local system sends a
NOTIFICATION message stating that the hold timer has expired and changes its state to Idle. Likewise, if the
local system receives a NOTIFICATION message, it changes its state to Idle. If the local system receives a
KEEPALIVE message, it changes its state to Established.
Established state: In the Established state, BGP can exchange UPDATE, NOTIFICATION, and KEEPALIVE
messages with its peer. When the local system receives an UPDATE or KEEPALIVE message, and when the
negotiated hold timer value is nonzero, it restarts its hold timer. If the negotiated hold timer reaches zero, the
local system sends out a KEEPALIVE message and restarts the hold timer.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 58 BGP www.juniper.net
Advanced Junos Enterprise Routing
BGP Attributes
The primary purpose of BGP is not to find the shortest path to a given destination; rather, its purpose is to find the best path.
Each AS determines the best path to a prefix by taking into account its own outbound routing preferences, the inbound
routing preferences of the routes originator (as updated by ASs along the path between the source and destination ASs),
and some information that is collected about the path itself. All this information is contained in path attributes that describe
the path to a prefix. The path attributes contain the information that BGP uses to implement the routing policies of source,
destination, and transit ASs.
The slide lists some common BGP attributes. We cover the listed attributes in greater detail on subsequent pages.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 510 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 511
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 512 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 513
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 514 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 515
Advanced Junos Enterprise Routing
Loopback Peering
You maintain only one IBGP session between each internal peer. The IGP is used to maintain reachability between the
loopback addresses regardless of the physical topology, allowing the IBGP sessions to stay up even when the physical
topology changes.
The physical topology is relevant in one respect: each router along the path between BGP speakers must have enough
information to make consistent routing decisions about packet forwarding. In many cases, this requirement means that all
routers along all possible physical paths between BGP speakers must run BGP; however, in some networks, this requirement
is not necessary.
Interface Peering
Recall that EBGP sessions are simply BGP sessions between two routers in different ASs. When two EBGP peers have a
single path between them, EBGP sessions are usually established over the shared subnet between two peers, using the IP
addresses assigned to the interfaces on that subnet as the session endpoints. By establishing the EBGP session using the IP
address assigned to the interfaces on the shared subnet, you gain many advantages. One of these advantages is that you
prevent either AS from needing to maintain any routing information about the other AS (besides what it received through
BGP). You also ensure that all traffic flows over this particular shared subnet.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 516 BGP www.juniper.net
Advanced Junos Enterprise Routing
Configuring BGP
The slide illustrates the sample configuration.
In this configuration example, we see some parameters defined under the
[edit routing-options] and [edit protocols bgp] hierarchies. Under the
[edit routing-options] hierarchy, we defined the systems router ID (RID) and the local AS number. Optionally, you
can configure the systems local AS number under the global BGP hierarchy for a specific BGP group, or, for a specific BGP
neighbor, use the local-as configuration option. When the AS number is configured at multiple hierarchy levels, the AS
number specified at the most specific hierarchy level is used. The ability to specify different AS numbers at different
hierarchy levels can be quite useful, especially when merging networks with different AS numbers.
Because we are using loopback-based peering for the internal BGP group, we must reference loopback addresses in the
related BGP configuration. In this case, the neighbor address is the remote peers loopback address. The
local-address is the local devices loopback address. If the local address is not specified, the system uses the interface
address of the egress interface used to reach the referenced peer address. Because the peer is expecting to form an IBGP
peering session using the 192.168.100.1 address, you must specify that address as the local-address in the
configuration.
Continued on the next page.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 517
Advanced Junos Enterprise Routing
Configuring BGP (contd.)
As mentioned on the slide, the session type determines whether the peering session is IBGP or EBGP. You specify an
external session type for EBGP and an internal session type for IBGP. If you omit the session type, you must specify
the peer-as number, which can be a remote AS number or the local AS number. If the specified AS number does not match
the AS number defined on the router, BGP assumes the session type is external. If the specified AS number does match the
AS number defined on the router, BGP assumes the session type is internal. The software notifies you if you did not include
the required details, as shown in the following sample output:
[edit protocols bgp]
user@router# show
group x100 {
neighbor 10.1.1.1;
}
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 518 BGP www.juniper.net
Advanced Junos Enterprise Routing
BGP Authentication
All BGP protocol exchanges can be authenticated to guarantee that only trusted routing devices participate in the ASs
routing. By default, authentication is disabled. You can configure MD5 authentication. The MD5 algorithm creates an
encoded checksum that is included in the transmitted packet. The receiving routing device uses an authentication key
(password) to verify the packets MD5 checksum.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 519
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 520 BGP www.juniper.net
Advanced Junos Enterprise Routing
BGP Operations
The slide highlights the topic we discuss next.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 521
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 522 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 523
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 524 BGP www.juniper.net
Advanced Junos Enterprise Routing
Hidden Routes
One might expect all routes received from a BGP peer would be installed in the RIB-LOCAL table and be visible using the
show route protocol bgp command. This is not always true. There are several reason why:
The route might be a martian route;
An import policy might exist that prevents the route from being installed;
The routes protocol next-hop might be unresolvable.
Unresolvable Next-Hop
The number one reason for hidden BGP routes is an unresolvable next-hop. The BGP Update message contains a protocol
next-hop IP address. If the router cannot resolve this address using its routing table, the route cannot be used and is not
installed in the routing table.
The number of hidden routes is always shown in the output of the show route command. To view the reason why routes
are hidden, issue the show route hidden extensive command.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 525
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 526 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 527
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 529
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 530 BGP www.juniper.net
Advanced Junos Enterprise Routing
Configure multipath on R1
The configuration of the R1 router now contains the multipath command within the peer group for AS 2. After committing
the configuration, we examine the contents of the local routing table. We still see the four routes advertised from AS 2, and
each listing of the prefix still contains two versions of the route. As before, the routes from the R2 router are marked as active
while the routes from the R3 router are marked as inactive.
The effect of the multipath command on the routes from AS 2 is that the next hop for the routes from R3 (10.222.29.2)
are now added to the version of the route from R2. The next-hop information for the inactive route version does not change in
this environment.
Because each active route now has two next hops in the routing table, the default Junos load-balancing process can be
used. Each route has a single next hop selected, and this single next hop is placed into the forwarding table. All traffic for
each route uses just that single next hop. The overall benefit of this system is the total amount of traffic sent from AS 1 to AS
2 can now be load-balanced over the two inter-AS links. In our small example, three routes are now using the 10.222.29.2
next hop, whereas just the 172.16.20.4/30 route remains with the 10.222.28.2 next hop. As more routes are announced
between the AS networks, the selection of the next hops becomes more evenly distributed.
Although not shown on the slide, you can also see the effects of using multipath in the output of the show bgp summary
command. The route information from both R2 and R3 now appears as
4/4/4/0. The routes from R2 are active while the next-hop values from R3 are also being used to forward user traffic.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 531
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 532 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 533
Advanced Junos Enterprise Routing
Case Study: Accepting Remote Next Hops over a Single-Hop EBGP Session
In this example, AS 1 is advertising two routes toward AS 2, 2.2.2.0/24 and its own aggregate of 192.168.0.0/20. When you
enable a single-hop EBGP peer to accept a remote next hop, you must also configure an import routing policy on the EBGP
peer that specifies the remote next-hop address. The R3 router has a BGP import policy in place to set the next-hop of the
2.2.2.0/24 route to 192.168.3.21. By using the accept-remote-nexthop option, along with the import policy, you allow
R3 to accept the route and still enjoy the benefits of a multipath setup.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 534 BGP www.juniper.net
Advanced Junos Enterprise Routing
Case Study: Accepting Routes with IPv6 Next Hops over an IPv4 EBGP Peer
In this example, we show how you can use the accept-remote-nexthop option, along with a BGP import policy, to
accept routes from an IPv4 peer that have IPv6 next-hops. Normally, in this situation, the IPv6 routes would be discarded
entirely.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 535
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 536 BGP www.juniper.net
Advanced Junos Enterprise Routing
Load Balancing
You can alter the default behavior of the Junos OS to install a single next hop per route in the forwarding table with a routing
policy. The policy should contain the action of then load-balance per-packet and be applied as an export policy to
the forwarding table within the [edit routing-options] configuration hierarchy.
After committing the configuration, we see the same 172.16.20.4/30 route in the routing table of the local router. The same
protocol information is displayed and again, a single next hop has been selected. This selection mechanism is not affected
by our load-balancing policy, so we cannot verify if it is working by examining the routing table. Instead, a look at the
forwarding table shows the outcome of our policy. Both the 10.10.1.2 and the 10.10.2.2 next hops are listed as valid
outbound interfaces for the 172.16.20.4/30 route. Traffic destined for this route is now forwarded across both available next
hops using a microflow hashing algorithm. The default inputs to the microflow hash are the incoming router interface, the
source IP address, and the destination IP address. You can modify the inputs to the hashing algorithm at the [edit
forwarding-options hash-key family inet] configuration hierarchy. Specifying the layer-4 command at
this configuration hierarchy incorporates Layer 4 source and destination port information into the hash key.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 537
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 538 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 539
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 540 BGP www.juniper.net
Advanced Junos Enterprise Routing
Summary of BGP Active Route Selection (contd.)
The following list is a continuation of the steps in the BGP path selection process from the preceding page:
4. If any of the remaining routes are advertised from the same neighboring AS, the router checks the multiple exit
discriminator (MED) attributes for the lowest value. The absence of a MED value is interpreted as a MED of 0.
5. If multiple routes remain, the router prefers any routes learned through an EBGP peer over routes learned
through an IBGP peer. If all remaining routes were learned through EBGP, the router skips to Step 9.
6. If the remaining routes were learned through IBGP, use the path with the lowest IGP cost to the IBGP peer. For
each IBGP peer, install a physical next hop(s) based on the following three rules:
a. BGP examines both the inet.0 and the inet.3 routing tables for the BGP next-hop value. The physical
next hop(s) of the instance with the lowest Junos OS preference is used. Often, this means that BGP uses
the inet.3 version of the next hop, through an MPLS label-switched path.
b. Should the preference values in the inet.0 and the inet.3 routing tables tie, the physical next hop(s)
of the instance in inet.3 is used.
c. When a preference tie exists and the instances are in the same routing table, the number of equal-cost
paths of each instance are examined. The physical next hop(s) of the instance with more paths is
installed. This tie might occur when the traffic-engineering bgp-igp option is used for MPLS.
7. BGP then uses the route advertised from the peer with the lowest router ID (usually the loopback IP address).
When comparing external routes from two distinct neighboring ASs, if the routes are equal up to the router ID
comparison step, the currently active route is preferred. This preference helps prevent issues with MED-related
route oscillation. The external-router-id command overrides this behavior and prefers the external route
with the lowest router ID, regardless of which route is currently active.
8. The router then examines the cluster-list attribute for the shortest length. The cluster list is similar in function to
an AS path.
9. The router prefers routes from the router with the lowest peer ID.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 541
Advanced Junos Enterprise Routing
passive Option
By default, a local router initiates a BGP open message to the remote router to establish the session. The passive
command stops this default action, and no open message is sent. The IP address and AS of the remote peer are still
configured, but the remote router must initiate the BGP session.
allow Option
The related option of allow also stops the sending of a BGP open message to the remote router. In addition, the allow
command also relaxes the requirement of explicitly configuring the remote routers IP address by allowing you to define a
subnet range for connections. BGP processes any open message received from an IP address within the configured range
and initiates a session with that remote router.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 542 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 543
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 544 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 545
Advanced Junos Enterprise Routing
Use End-of-RIB Markers
After the restarting router returns to service and the session is established again, the peers exchange their active routes with
each other. When the last route is sent, an end-of-RIB marker is advertised to inform the peer that the process is complete.
This marker is simply an update message with no withdrawn or advertised routes. The receipt of the end-of-RIB marker
allows each router to run the path selection algorithm and select new active routes, if necessary.
Configuration Options
The graceful restart capability within the Junos OS is controlled under the [edit routing-options] configuration
hierarchy. The following configuration enables the restart functionality:
routing-options {
graceful-restart;
}
The graceful-restart syntax is also a configuration hierarchy within BGP, which contains three options specific to the
operation within the protocol. Those options include the following:
disable: This option stops the local router from participating in any graceful restart function.
restart-time: This negotiable timer sets the amount of time that can elapse for the peering session to
reestablish. The default value for this timer is 120 seconds, and its range is between 1 and 600 seconds.
stale-routes-time: This timer specifies the amount of time that routes from the restarting peer can be
used before they are withdrawn. The default value for this timer is 300 seconds, and its range is between 1 and
600 seconds.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 546 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 547
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 548 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 549
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 550 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 551
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 552 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 553
Advanced Junos Enterprise Routing
Always Compare MED Values
The always-compare-med configuration statement allows you to override the default BGP behavior for MED evaluation.
When configured, BGP compares all routes to each other to determine the route with the smallest MED value, not just routes
from the same AS. BGP then selects the route with the lowest MED value as the active BGP path, regardless of the
neighboring AS the route came from.
Be careful when comparing MEDs from different AS networks. Some inherent danger exists when using the
always-compare-med configuration option to compare MEDs from more than one AS because every autonomous system
in the Internet can set its own good and bad values for MEDs. One AS might consider a MED of 50 as the best, whereas
another AS might consider a MED of 5 to be good. To complicate matters further, some AS networks might not set the MED
value at all (they are optional), which essentially sets the MED value to 0.
To see the effect of using the always-compare-med command, we again examine the following three route
announcements. Each of the announcements was received on the local router in quick succession (within 1 second) in the
following order:
#1 AS Path:65001 MED:200 From EBGP peer
#2 AS Path:65002 MED:150 From IBGP peer IGP cost:5
#3 AS Path:65001 MED:100 From IBGP peer IGP cost:10
The MED values of all three paths are compared against each other. Path 3 has a lower MED value then the other two paths,
so the local router installs Path 3 as the active path.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 554 BGP www.juniper.net
Advanced Junos Enterprise Routing
We Discussed:
Basic BGP operation;
Common BGP attributes;
The route selection process for BGP;
How to alter the route selection process; and
Configuring some advanced options for BGP peers.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 555
Advanced Junos Enterprise Routing
Review Questions
1.
2.
3.
4.
5.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 556 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Chapter 557
Advanced Junos Enterprise Routing
Answers to Review Questions
1.
Using loopback addresses for peering sessions between IBGP neighbors maintains reachability even when the physical topology
changes as long as a viable path exists.
2.
EBGP-learned routes are advertised to both EBGP and IBGP peers. IBGP-learned routes are advertised to EBGP peers. However,
IBGP-learned routes are not advertised to other IBGP peers to prevent routing loops.
3.
With the Junos OS, all new BGP routes have an origin code of I=Internal.
4.
When you configure multipath on a BGP router, the route selection algorithm ignores both the router ID and the peer ID selection
criteria.
5.
The five valid ways to solve the BGP next-hop issue are: Next-hop self; IGP passive interfaces; Export direct routes into IGP; Static
routes; and IGP adjacency formed on inter-AS links to EBGP peers.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 558 BGP www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Advanced Junos Enterprise Routing
We Will Discuss:
Routing policy with BGP;
Default BGP route movement through router;
BGP attributes and common BGP attributes in detail; and
Manipulation of BGP attributes.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 62 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 63
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 65
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 67
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 68 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 69
Advanced Junos Enterprise Routing
BGP Attributes
The slide highlights the topic we discuss next.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 610 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
BGP Attributes
A BGP prefix and its set of attributes is defined as network layer reachability information (NLRI). BGP attributes are a group of
parameters that characterize a BGP NLRI. Thus a BGP prefix is defined by both its IP address and its set of BGP attributes.
Attributes set BGP apart from other protocols. They give a network operator the flexibility to design a robust network and the
tools to engineer a scalable routing policy.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 611
Advanced Junos Enterprise Routing
Well-Known Discretionary
An attribute set as well-known discretionary must be understood by every BGP speaker, but it does not have to be in every
update. If an update message contains an attribute in this category and is not understood, the connection is reset and an
unrecognized well-known attribute message is sent.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 612 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
Optional Nontransitive
An attribute set as optional nontransitive does not have to be understood by every BGP speaker, and it must not be passed
to any peer. If an unrecognized attribute such as MP_REACH_NLRI is received it can safely be ignored, but it MUST NOT be
sent to all neighbors.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 613
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 615
Advanced Junos Enterprise Routing
Originating Router
The router that first inserts the prefix into BGP adds the origin attribute. Origin is supposed to measure the credibility of the
source of the route, but it is mostly used by the Junos OS as a way to influence traffic flow.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 617
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 618 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
The AS-path attribute must be understood by all BGP speakers and must be included in every BGP update.
AS Path Contents
The AS-path attribute contains the AS number of each system advertising the route, prepended to the beginning of the
attribute. This behavior can be modified with routing policy.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 619
Advanced Junos Enterprise Routing
Regex Support
The Junos OS supports regex operators, which allows for flexibility when using matching conditions with routing policy.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 620 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 621
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 622 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 623
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 624 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 625
Advanced Junos Enterprise Routing
Regex Matching
We use a regular expression match for an as-path named REGEX-TEST. AS 1 needs to match an AS beginning with 3
and ending with 15, with anything in between.
Using the regex operators available, the matching criteria becomes ^3 .* 15$ .
Using a policy named MATCH-AS, term 1 matches an as-path named REGEX-TEST and raises the local preference of
the route, making it more desirable. (The local-preference attribute will be covered in subsequent slides.)
By using local preference, we force the router to choose the route before it takes AS path into consideration.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 626 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 627
Advanced Junos Enterprise Routing
Mandatory Attribute
The next-hop attribute must be understood by all BGP speakers and must be included in every BGP update.
Default Behavior
The BGP next hop is only changed by default when it is sent across EBGP sessions. In this case, the BGP next hop is set to
the IP address of the neighbor that sent the route. For IBGP sessions, if the route is originated from an EBGP peer, the BGP
next hop remains unchanged.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 628 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 629
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 630 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
Optional Nontransitive
Multiple exit discriminator (MED) is an optional nontransitive attribute; thus it does not need to be understood by any BGP
speaker. In the case that it is not understood, it is not sent to any peers.
Stays in the AS
MED is never passed across an AS. If a BGP router receives a route from an EBGP peer with a particular MED value, it does
not pass this MED value to any EBGP neighbors, but it does pass this MED value to all IBGP neighbors.
Comparison Rules
By default, a Juniper BGP router only compares MED values on routes coming from the same AS. This behavior can be
changed by configuring path-selection always-compare-med or path-selection
cisco-non-deterministic BGP commands.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 631
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 632 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 633
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 634 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
Well-Known Discretionary
Local preference is a well-known discretionary attribute. Local preference must be understood by all BGP routers, but is not
required to be present on every BGP update.
Restricted to the AS
Local preference is only used within an AS. The value is reset to the default value on an EBGP session, and maintains its
value in an IBGP session unless it is manipulated by policy.
First Tiebreaker
Local preference is the first tiebreaker for route selection, so the router looks at local preference before any other attributes
when choosing a route. This fact, and the fact that local preference is sent to all IBGP peers, makes it a suitable tool in
choosing an exit point.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 635
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 636 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 637
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 638 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 639
Advanced Junos Enterprise Routing
Well-Known Communities
RFC 1997 defines three community values that are regarded to be well known and should be understood by all BGP
speakers. This makes it easier to implement routing policy in multivendor networks.
The No-Export well-known community allows routes to be advertised to neighboring ASs, but those ASs are prohibited from
sending it further upstream.
The No-Advertise well-known community allows routes to be advertised to immediate neighbors, but those neighbors are
prohibited from sending the routes to any peers.
The No-Export-Subconfed well-known community is used in networks that use BGP confederations. It allows routes to be
advertised to sub-confederation ASs but those routers are prohibited it from sending it further.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 641
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 642 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 643
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 644 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 645
Advanced Junos Enterprise Routing
We Discussed:
Routing policy with BGP;
Default BGP route movement through router;
BGP attributes and common BGP attributes in detail; and
Manipulation of BGP attributes.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 646 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
Review Questions
1.
2.
3.
4.
5.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 647
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 648 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
Answers to Review Questions
1.
Import policy is enforced between the RIB-IN and RIB-LOCAL tables.
2.
Export policy is only enforced on active routes.
3.
The three BGP attributes that must be in every update are origin, AS-path, and next-hop.
4.
The ^ symbol denotes the beginning of an AS path.
5.
The next-hop attribute is only modified when it is advertised across an EBGP session.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Attributes and Policy Chapter 649
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 650 BGP Attributes and Policy www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Advanced Junos Enterprise Routing
We Will Discuss:
BGP in the enterprise network for internal connectivity;
Common Internet service provider (ISP) policies that determine policy design; and
Three common routing policies used for external connectivity in the enterprise environment.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 72 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 73
Advanced Junos Enterprise Routing
BGP Strengths
Routing Policy Control: BGP cannot simply be viewed as just a routing protocol, but as a policy definition device. One of the
BGP designers intentions is to give flexibility in designing routing policy. This approach is in contrast to interior gateway
protocols (IGPs), where the intent is to provide reachability and fast reconvergence.
Diverse Administrative Control: BGP allows the configuration of autonomous systems (ASs) to scope network boundaries.
The ability to define network boundaries with ASs allows a more flexible division of administrative duties to network
personnel.
Handling Large Prefix Counts: The nature of BGP as a distance vector protocol allows it to scale well in environments with
large routing tables including the internet routing table. In comparison, most of the IGPs requirements of fast convergence
and link state characteristics limit the amount of routes that can be handled.
BGP Weaknesses
Increased Convergence Time: The strengths that BGP has do come with a price. Fast convergence is not one of the things
BGP is known for. BGP timers can be tuned or network change notifications can be deferred to a protocol like Bidirectional
Forwarding Detection protocol (BFD), but convergence is more efficient with an IGP.
Increased Complexity: An important factor to point out is that BGP is not intended to replace an IGP completely. It is rather to
act in complimentary fashion with an IGP. With this added layer, an enterprise will need more knowledgeable network
personnel.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 74 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 75
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 76 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 77
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 78 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 79
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 710 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 711
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 712 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 713
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 714 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 715
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 716 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 717
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 720 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 721
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 722 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 723
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 724 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 725
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 726 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 727
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 728 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 729
Advanced Junos Enterprise Routing
Local Preference
Many practices are fairly common among ISPs. Understanding these practices can affect the way we implement routing
policies. Among these practices is the use of local preference to prefer certain routes over others. Usually, ISPs assign
default local preferences such that customer routes are preferred over routes received from peers (or upstream ISPs). ISPs
also usually accept certain communities from customers that cause them to set a different local preference. In general,
several options are available between the default customer and peer values, and often, at least one option is available that
is less than the default peer value. We can use these communities to further influence inbound traffic flow.
Prefix Length
Most ISPs do not accept routes that are more specific (longer) than a /24 from either customers or peers. Some ISPs accept
longer routes from customers, but they do not announce them to other customers or peers.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 730 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
Path Selection
In this model, the router first tries to determine the best path for traffic to reach its destination. The router first looks at the
AS Path length, which should give some indication of the total distance to the destination. If that length is tied between
routers from the same next-hop AS, it compares MEDs to determine which path the next AS wants it to use. (Hopefully, the
next AS is setting its MEDs to accurately reflect internal metrics.)
If the router determines that two or more BGP-received routes are still tied in these values, the router must break the tie
between these equally well-preferred routes. Once the router reaches this point in the decision algorithm, it simply tries to
choose the closest exit. It does this by preferring EBGP-received paths over IBGP-received paths. If no EBGP-received paths
exist, the router next tries to break the tie by choosing the IBGP path with the closest exit, as determined by IGP metrics.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 731
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 732 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 733
Advanced Junos Enterprise Routing
Path Selection
If two paths to a destination have equal AS Path lengths and MED values (if the next AS is the same), the router simply tries
to choose the closest exit from the AS. Once it gets to this point, one of the differences between having multiple border
routers and a single border router becomes clear.
In the case of multiple border routers, each border router prefers one of the EBGP-received announcements over any of the
IBGP-received announcements. Thus, traffic bound for Drills, Inc. that reaches R1 is sent through ISP B, and traffic bound for
Drills, Inc. that reaches R2 is sent through ISP C. This scenario should result in load sharing, depending on the IGP
configuration.
In the case of a single border router, the router prefers the oldest EBGP-received announcement, which results in the router
preferring the most stable path to a destination. However, in periods of great stability (or immediately following a period of
high instability, such as a router reboot), it also generally results in the router preferring a single connection for most routes
with an equal AS path. This behavior results in somewhat imbalanced load sharing; however, this behavior should result in
better performance over time (because it favors stable paths).
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 734 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
Primary/Secondary Variations
A true primary/secondary routing policy has a single preferred ISP, over which all traffic flows while the connection to that
ISP is up. Only when that connection is down does traffic flow over the secondary connection.
Variations on the primary/secondary routing policy do exist that allow certain traffic to flow over the secondary link, even
when the primary link is up. For example, you might want to allow traffic to or from customers of the secondary ISP to use
that connection even when the connection to the primary ISP is functioning normally.
Assured Redundancy
The main benefit to a primary/secondary routing policy is to provide reliability through redundancy. To be assured of true
redundancy, you must always have enough bandwidth available to the secondary provider to fully accept the load of the
connection(s) to the primary provider. The easiest way to guarantee this availability is to use connections of the same
bandwidth to both the primary and secondary providers and to use a strict primary/secondary routing policy. This method
ensures that you always have enough bandwidth in place on the secondary link to fully accept the load on the primary link.
Implementing a strict primary/secondary model can also allow you to reduce the costs of the secondary connection. It is
usually possible to negotiate a lower monthly fixed fee for a secondary circuit in return for accepting a usage-based bill.
Provided that there are not extended outages to the primary circuit, this fixed fee will likely result in a lower cost for the
secondary circuit than if you purchased two circuits and used them both.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 735
Advanced Junos Enterprise Routing
Local Preference
The best way to enforce a primary/secondary outbound routing policy is by modifying the local-preference path attribute. The
router always selects the route with the highest local preference (regardless of AS path) as its preferred route to a
destination. Therefore, setting a higher local preference on the routes using the primary path and a lower local preference on
the routes using the secondary path should cause the router to always prefer the routes using the primary path. However,
this setting does not necessarily mean that all traffic will flow through the primary path.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 736 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 737
Advanced Junos Enterprise Routing
Loose Primary/Secondary
In a loose primary/secondary routing policy, you make one ISP your primary ISP and another your secondary ISP, but you
want to allow traffic to select prefixes to use your secondary ISP even in normal operations.
To implement a loose primary/secondary outbound routing policy, you accept a default route from both providers, but you
also accept announcements for some specific prefixes from your secondary ISP. Because you do not receive
announcements for those specific prefixes from your primary ISP, your routers use the announcements you receive for these
prefixes from your secondary ISP.
In the example on the slide, AS 65501 is receiving the specific routes for some of ISP Bs customers. AS 65501 is preferring
to send traffic to these prefixes through ISP B.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 738 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 739
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 740 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 741
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 742 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 743
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 744 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 745
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 746 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 747
Advanced Junos Enterprise Routing
We Discussed:
The reasons to use BGP for internal connectivity;
ISP policies that affect external connectivity; and
Three common routing policies for external connectivity in the enterprise.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 748 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
Review Questions
1.
2.
3.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Enterprise Routing Policies Chapter 749
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 750 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
Answers to Review Questions
1.
The benefits of BGP include routing policy control, diverse administrative control, and handling of large prefix counts.
2.
The longest subnet ISPs will usually accept is a /24 subnet mask.
3.
The course discusses topology driven, primary/secondary, and load-shared per-prefix routing policies. (Recall that some of these names are not
industry-standard terms, but are merely attempts to accurately describe a class of routing policies.) In general, a topology-driven policy
strategy provides the best performance, but usually at an increased cost and with the possibility of insufficient bandwidth in the event
of a failure. In general, a primary/secondary policy strategy provides the best performance in a failure mode (because it should, if
implemented correctly, provide equal bandwidth both in normal and failure operation), but it does so at a greatly increased cost and
sometimes sacrifices performance by ignoring the network topology. In general, a load-shared per-prefix policy strategy provides the
least expensive network, but it does so by sacrificing performance in the event of a failure and sometimes sacrificing performance in
normal operationby ignoring the network topology.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 752 Enterprise Routing Policies www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Advanced Junos Enterprise Routing
We Will Discuss:
Basic multicast terminology;
Multicast address space;
Multicast reverse path forwarding (RPF); and
Basic Internet Group Membership Protocol (IGMP) functionality.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 82 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
Overview of Multicast
The slide lists the topics we will discuss. We discuss the highlighted topic first.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 83
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 84 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
Benefits of Multicast
As shown in the previous slide, the use of multicast to deliver content to remote hosts greatly reduces the load on both the
server that is generating the content as well as the network bandwidth usage.
Usage of Multicast
Interest in multicast as a content delivery mechanism has increased over the last few years. Because the functionality of
multicast is very similar to broadcasts from a radio or television station, it makes sense that many radio and television
companies are showing interest in using multicast-enabled IP networks to deliver their content. Multicast is now widely
deployed in enterprise networks for such applications as company meetings by video and distance learning.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 85
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 86 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 87
Advanced Junos Enterprise Routing
(S,G) State
The forwarding path built from receiver up to source is stored and maintained in the routers as an (S, G) forwarding state (S
comma G). S indicates source address and G indicates group address. Dense Mode protocols always maintain (S,G) state.
Sparse Mode protocols only maintain (S,G) state after the receiver router learns about the source.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 88 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
(*,G) State
When the source is not known, a source tree can not be built yet. If a receiver requests to receive traffic for a particular group
but does not specify a specific source, the routers will need to build a tree towards an unknown source. PIM Sparse Modes
(PIM-SM) solution to this problem is to have a meeting point for sources and receivers in the network. This meeting point is
called a rendezvous point (RP). The tree built from the receiver to the RP in the network is called a shared tree (because it is
shared by all sources). The forwarding path built from the receiver router to the RP is kept as (*,G) forwarding state (*
comma G). The * indicates any source and the G indicates the group address.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 89
Advanced Junos Enterprise Routing
Multicast Addressing
The slide highlights the topic we discuss next.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 810 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
Multicast Addresses
Multicast group addresses are defined to be the IP addresses whose four high-order bits are 1110, giving an address range
from 224.0.0.0 through 239.255.255.255, or simply, 224.0.0.0/4. These addresses also are referred to as Class D
addresses.
Registered Groups
The Internet Assigned Numbers Authority (IANA) maintains a list of registered IP multicast groups. The base address
224.0.0.0 is reserved and cannot be assigned to any group. The block of multicast addresses from 224.0.0.1 through
224.0.0.255 is reserved for local wire use. Groups in this range are assigned for various uses, including routing protocols
and local discovery mechanisms.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 811
Advanced Junos Enterprise Routing
Reserved Ranges
The following list comprises the reserved multicast address ranges:
Scoped Range: The range 239.0.0.0/8 through 239.255.255.255/8 is reserved for administratively scoped
addresses. Because packets addressed to administratively scoped multicast addresses do not cross
configured administrative boundaries, and because administratively scoped multicast addresses are locally
assigned, these addresses do not need to be unique across administrative boundaries. These addresses are
available for private internal use.
GLOP addressing: The range of 233.0.0.0/8 is a statically assigned range of multicast addresses based on a
networks autonomous system (AS) number. For each AS, 255 unique multicast addresses are available for the
global use of that AS.
Source-specific multicast (SSM) addressing: The range of 232.0.0.0/8 is dedicated for use with SSM. SSM is
covered in-depth in the next chapter.
Session Description Protocol (SDP)/Session Announcement Protocol (SAP) addressing: The range of
224.2.0.0/16 is used to send and receive multimedia session announcements. Session Directory tool (SDR) is
a common application that uses SDP/SAP. These protocols do not scale well and are not recommended for
deployment on the Internet because of a potential denial of service (DoS) attack vector that they open.
Address Mapping
IANA has been allocated a reserved portion of the IEEE-802 Media Access Control (MAC) layer multicast address space. All of
the addresses in IANAs reserved block begin with 01-00-5E (hexidecimal). A simple procedure was developed to map Class
D addresses to this reserved address block to allow IP multicasting to take advantage of hardware-level multicasting
supported by network interface cards. The use of a MAC-layer broadcast would cause all machines on the subnet to expend
cycles for every multicast packet, even though these machines might not want to receive multicast. For example, the
mapping between a Class D IP address and an Ethernet multicast address is obtained by placing the low-order 23 bits of the
Class D address into the low-order 23 bits of IANAs reserved address block.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 814 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
RPF
The slide highlights the topic we discuss next.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 815
Advanced Junos Enterprise Routing
RPF
But how is this away direction defined? With RPF, multicast-enabled routers use unicast routes to determine the best path
back to the source. RPF uses the existing unicast routing table to determine the upstream and downstream neighbors for a
particular address. A router only forwards multicast packets received on the upstream interface. These packets, in turn, are
only forwarded out interfaces considered downstream from the source.
This RPF check helps guarantee that the distribution tree is loop free. If the RPF check is successful, the packet is
forwarded. Otherwise, it is dropped. RPF checks can be done using inet.0 and normal unicast routing protocols, or RPF
can use MBGP to put unicast routes in inet.2.
Distribution Trees
Multicast-capable routers create distribution trees, which control the path that IP multicast traffic takes through the network
when delivering traffic to all receivers. The two basic types of multicast distribution trees are source trees and shared trees.
The simplest form of a multicast distribution tree is a source tree, with its root at the source and branches forming a
spanning tree through the network to the receivers. Because this tree uses the shortest path through the network, it also is
referred to as a shortest-path tree (SPT). Unlike source trees that have their root at the source, shared trees use a single,
»¿´·¿à±¬®¿·²ò½±³ò¶±
common root placed at some chosen point in the network. This root of a shared tree is called a rendezvous point (RP).
RPF
The incoming interface of an IP multicast packet is checked, and a decision is made to either forward or drop the packet.
When a packet comes in, the router examines the source address to determine whether the packet arrived on an interface
that is on the reverse path back to the source. If it is, the packet is forwarded; if not, the packet is discarded.
The RPF check ensures that multicast traffic always flows away from its source, which prevents loops and wasted bandwidth.
When using Protocol Independent Multicast (PIM), RPF checks are performed against the main routing table (inet.0), by
default. Distance Vector Multicast Routing Protocol (DVMRP), on the other hand, requires the presence of interface routes in
the inet.2 table for this purpose. Normally, inet.2 is only used in conjunction with PIM when you want unique unicast
and multicast topologies; when RPF checks are performed against the main routing instance, you effectively have the same
topology for both unicast and multicast.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 817
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 818 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 819
Advanced Junos Enterprise Routing
Dense-Mode Protocols
Common dense-mode protocols include DVMRP, which builds a unique multicast routing table and has a finite hop count of
32. DVMRP was the first multicast routing protocol.
As mentioned, PIM dense mode (PIM-DM) uses a flood-and-prune behavior to build a source tree from the source of the
multicast.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 820 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
PIM-DM Operation
PIM-DM uses SPTs to deliver multicast traffic and assumes that there is at least one receiver of the multicast traffic on every
subnet in the network. Traffic is initially flooded to all points in the network. Each router running PIM-DM creates an (S,G)
state entry for each
source/group pairing. The slide shows an example of what an (S,G) state entry looks like. Routers without locally attached
receivers must prune themselves periodically from the SPT to avoid the reception of unwanted multicast traffic.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 821
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 822 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 823
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 824 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 825
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 826 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
IGMP
The slide highlights the topic we discuss next.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 827
Advanced Junos Enterprise Routing
IGMP
IGMP manages multicast groups participation between hosts and routers. IP hosts use IGMP to report their multicast group
memberships to their neighboring multicast routers. Multicast routers use IGMP to determine whether any hosts on their
attached networks are interested in receiving multicast traffic, and if so, in which multicast groups the hosts are
participating. IGMP is an integral part of IP and must be enabled on all routers and hosts that want to receive IP multicast.
IGMP can also help a Layer 2 switch determine which port it should use for forwarding multicast packets. Normally a Layer 2
switch forwards multicast packets in the same manner as a broadcast packet by sending a copy of received multicast
packets out of all interfaces except for the one on which the packet arrived. By enabling IGMP snooping (supported on Junos
OS Layer 2 switches), a switch is able to listen in on the IGMP report messages between hosts and attached routers. From
what the switch learns from these messages, it can make a better decision on where to send the multicast packets.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 828 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
Junos OS Support
On Junos OS routers, IGMP is enabled automatically on all multiaccess interfaces configured with a multicast routing
protocol such as DVMRP or PIM. You might need to configure the IGMP protocol explicitly if you want to disable IGMP support
on a given interface, or if you need to modify various IGMP parameters. The default version of IGMP is version 2; however,
the Junos OS also supports versions 1 and 3.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 829
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 830 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
IGMP Version 1
RFC 1112 defines IGMPv1. IGMPv1 routers periodically transmit host membership query messages to determine which
groups have members on their directly attached networks. Query messages are addressed to the all-hosts group address
(224.0.0.1) and have IP TTL=1. When a host receives a query message, it responds with a host membership report for each
group to which it belongs. Multicast routers periodically transmit queries to update their knowledge of the group members
present on each interface. Because queries are normally sent every 60 seconds, multicast traffic can be delivered to a
subnet with no interested hosts for several minutes after the last host has left that group.
IGMP Version 2
RFC 2236 specifies IGMPv2. RFC 2236 defines a procedure for the election of a querier for each LAN. The router with the
lowest IP address on the LAN becomes the querier. In IGMPv1, the multicast routing protocol determined the querier
election. IGMPv2 also defines a group-specific query message and a leave-group message, which improves on IGMPv1s
leave latency.
Continued on the next page.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 831
Advanced Junos Enterprise Routing
IGMP Version 3
RFC 3376 defines IGMPv3 and introduces support for group-source report messages. With these messages, a host can elect
to receive traffic from specific sources of a multicast group. This capability accommodates SSM. A host identifies the IP
addresses of the specific sources from which it wants to receive traffic by generating an inclusion group-source report
message. The host generates an exclusion group-source report message to explicitly identify the sources from which it no
longer wants to receive traffic.
With IGMPv1 and v2, if a host wants to receive traffic from a given group, that host must be prepared to receive traffic from
all active sources sending packets to that group. SSM maximizes efficiency by allowing a host to receive group traffic from a
selected set of sources. The support for leave-group messages that was introduced in IGMPv2 is enhanced to support
group-source leave messages in IGMPv3.
Although IGMPv3 adds support for the SSM service model, it still offers backwards compatibility with the any-source
multicast (ASM) service model as well.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 832 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 833
Advanced Junos Enterprise Routing
Query-Response Model
The primary function of IGMP is to inform multicast routers as to which multicast groups have active listeners on a given
segment. In the example on the slide, two hosts are reporting that they want to receive traffic for the group 224.10.1.1, and
one host reports a desire to receive traffic for group 224.20.1.1.
In this example, Router A is functioning as the querier router. The querier router is responsible for periodically sending query
messages to the all-hosts multicast group 224.0.0.1 and is the multicast router with the lowest IP address on a particular
subnet.
The example begins with the querier router sending a general query to the all-hosts multicast address. A general query does
not contain a particular group address, and as such, it applies to all possible groups. Note that IGMPv1 supports only
general queries, while IGMPv2 supports both general and group-specific query messages. Group-specific queries are
generated as a result of receiving a leave-group message from an IGMPv2 host.
Each host now starts a randomized delay timer that determines how long that host delays the transmission of the resulting
membership report for those groups in which that host is a member. In this example, Host 2 generates its report for the
224.10.1.1 group before Host 1 (step 2). When Host 1 sees this report, it suppresses its group report for the 224.10.1.1
group, which serves to reduce the amount of traffic on the network. The use of a randomized response timer helps to ensure
that duplicate reports are not generated. Host 3 also receives the query and responds with a membership report for group
224.20.1.1.
The end result is that the querier router (Router A) is now aware that there are active receivers for groups 224.10.1.1 and
224.20.1.1. The non-querier router (Router B) knows the same information because it has eavesdropped on the various
query and report messages that have transpired. This allows the non-querier to rapidly take over the querier function when
needed. »¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 834 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 835
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 836 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 837
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 838 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
IGMP Interface Specific Properties (contd.)
The following is a continuation of the list of IGMP settings from the preceding page:
ssm-map: When an interface is set for IGMPv3 and an IGMPv1 or v2 report arrives (no source specified), this
feature allow you to statically map a source to the group received in the report.
ssm-map-policy: Name of the SSM map policy created to match the group addresses you want translated
to IGMPv3.
static: With this setting, regardless of what is received from an attached host, the router automatically acts
as if it had received a report for the configured source and group combination. This is a great feature for testing
the multicast routing protocol without the need for a host running IGMP.
version: Sets the IGMP version number to be used.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 839
Advanced Junos Enterprise Routing
Sample Configuration
To configure IGMP, you include statements at the [edit protocols igmp] hierarchy level of the configuration.
IGMP is enabled automatically on all non-point-to-point interfaces configured to run DVMRP or PIM in all Junos OS releases.
You can manually list the interfaces that should run IGMP or use the all keyword. In all cases, you should ensure that IGMP
does not run on the routers out-of-band interface (fxp0) by specifically listing the fxp0 interface as disabled, especially
when using the interface all approach. Interfaces enabled for IGMP run version 2, by default. You can manually select
version 1 or 3 as needed.
IGMP version 3 supports SSM. The syntax on the slide shows how you can configure a static IGMP report under a particular
interface for a given group address. This configuration causes the router to act as if it had received an IGMP report on the
interface (no IGMP reports are actually sent or received as a result of this configuration). By including a source address, you
cause the router to send an (S,G) PIM Join message while omitting the source address causes the router to send a PIM (*,G)
Join message. Static reports are useful when testing multicast in the absence of a multicast receiver.
The IGMP querier router periodically sends general host-query messages. These messages solicit group membership
information and are sent to the all-hosts multicast group address, 224.0.0.1. By default, the router sends host-query
messages every 125 seconds. You might want to change this interval to tune the number of IGMP messages sent on the
subnet.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 840 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 842 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 843
Advanced Junos Enterprise Routing
We Discussed:
Basic multicast terminology;
Multicast address space;
Multicast RPF; and
IGMP functionality.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 844 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
Review Questions
1.
2.
3.
4.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Introduction to Multicast Chapter 845
Advanced Junos Enterprise Routing
Answers to Review Questions
1.
Two benefits of using multicast are that it reduces both the load on the source server and the bandwidth usage in a network.
2.
The designated router (DR) is the router closest to the source that is responsible for forwarding multicast traffic.
3.
The primary purpose of a multicast routing protocol is to build an SPT between sources and receivers.
4.
IGMPv3 can be used by a host to request multicast traffic from a particular source.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 846 Introduction to Multicast www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Advanced Junos Enterprise Routing
We Will Discuss:
Basic multicast routing protocol terminology;
Protocol Independent Multicast (PIM) sparse mode operation and configuration when using the any-source
multicast (ASM) model; and
PIM sparse mode (PIM-SM) operation and configuration when using the source-specific multicast (SSM) model.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 92 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 93
Advanced Junos Enterprise Routing
ASM
The ASM delivery model was designed into the original specifications of multicast in RFC 1112. This model supports traffic
from one source to many receivers. Internet Protocol Television (IPTV) video is one example that uses this model. ASM also
supports traffic between all members of a multicast group. Examples of this many-to-many model are videoconferencing and
whiteboard applications. ASM gets its name from a mechanism that allows receivers to join a group without specifying from
which source they want to receive traffic. As a result, the receivers accept multicast packets for a particular group from any
source.
SSM
In the SSM model, the receiver specifies the sources from which it would like to receive traffic. The receiver can also specify
from which sources it does not want to receive traffic. So for SSM to work, the source information must be learned from the
receiver. SSM makes deployment of multicast less complex and also makes addressing easier.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 94 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
Dense Mode
When using a dense mode multicast routing protocol, traffic gets forwarded to all parts of the network (flooding). This
flooding process allows every router in the network to learn of any active sources in the network and store that information in
a state called (S,G) or S comma G. The parts of the network that are not interested in receiving the traffic (no receivers)
send Prune messages to their neighbor routers asking them to stop forwarding traffic to them. In the case where a receiver
joins a group after the branch of the forwarding tree has been pruned, the routers along the shortest-path tree (SPT) send a
graft message asking for the traffic to be forwarded again. In a dense mode network, multicast traffic is always forwarded
along the SPT between source and receiver. Dense mode multicast routing protocols include Multicast Open Shortest Path
First (MOSPF), Distance Vector Multicast Routing Protocol (DVMRP), and PIM dense mode (PIM-DM). The Junos operating
system supports DVMRP and PIM-DM, but not MOSPF.
Sparse Mode
When using PIM-SM, multicast traffic only gets forwarded into parts of the network where interested receivers exist. Only
routers along the SPT need to maintain (S,G) state. Each router along the forwarding path sends Join messages to indicate
its willingness to receive traffic. In the case where the receiver is no longer interested, the router sends Prune messages to
the upstream neighbor asking the neighbor to stop forwarding the traffic. In PIM-SM, there are two possible forwarding trees
that can be used to deliver traffic to an interested receiver: an SPT or a rendezvous-point tree (RPT). We describe each of
these forwarding trees in subsequent slides.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 95
Advanced Junos Enterprise Routing
SPT
An SPT is a multicast forwarding tree that is rooted at the first-hop router closest to the source. When a dense mode protocol
is used in the network, (S,G) state is maintained for every known source and group combination on every router, including
those routers not on the SPT. When PIM-SM is used in the network, (S,G) state is maintained for every known source and
group combination only on the routers on the SPT, as well as the rendezvous point (RP) (discussed in subsequent pages).
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 96 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
RP Tree
An RPT can be found only in a PIM-SM network. The RP is a centralized router that is responsible for knowing all
combinations of active sources and groups in the network. The RPT is a multicast forwarding tree that is rooted at the RP in
the network and leafs out to the interested receivers. Because all last-hop routers fall on the RPT for a specific multicast
group, this tree is sometimes referred to as the shared tree. This tree is generally used temporarily for forwarding until the
routers closest to interested receivers learn the source of multicast traffic (learned from the source address of the multicast
packets). Once these routers learn the source of the multicast traffic, they build an SPT directly to the source designated
router (DR).
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 97
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 98 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
PIM Independence
PIM is indeed as it claimsprotocol independent. Whichever unicast protocol is being used, PIM uses this protocol for its
reverse-path forwarding check. PIM does not care if this protocol is OSPF, Intermediate System-to-Intermediate System
(IS-IS), RIP, or even BGP!
PIM-SM Trees
The purpose of an RP and a shared tree is to allow receivers to learn of active senders for a given multicast group. Once an
active sender is detected, that is, data from sender x is received over a shared tree, PIM sparse-mode routers attempt to
optimize the topology by establishing a source-based tree. The resulting SPT removes unnecessary hops, and possibly the
RP itself from that particular multicast flow. Subsequent slides provide details of this behavior.
Design Considerations
The placement and selection of a sparse-mode RP can be a critical factor in the networks performance and fault tolerance.
Subsequent pages discuss ways of achieving RP redundancy. PIM-SM for IP version 4 (IPv4) requires a pd interface on the
RP, and a pe interface on every router that is directly attached to a multicast source. On some Juniper Networks hardware,
the pd and pe virtual interfaces require the presence of a specialized services PIC. Consult JTAC or technical documentation
to determine whether your hardware model requires specialized hardware.
Continued on the next page.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 99
Advanced Junos Enterprise Routing
Sparse-Dense Mode
The PIM protocol allows the designation of groups to be either sparse or dense. This designation allows some groups to
operate in dense mode using SPT, while other groups operate in sparse mode with a shared tree. One example of when to
use sparse-dense mode is when using auto-RP.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 910 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 911
Advanced Junos Enterprise Routing
Adding a Receiver
Adding a receiver to a PIM-SM network (ASM model) requires that an RPT is built from RP to receiver. The slide shows a new
receiver notifying R5 of its interest in receiving traffic destined to 224.7.7.7 by sending an Internet Group Management
Protocol version 2 (IGMPv2) report. Not knowing the source of the 224.7.7.7 group, R5 sends a (*,G) Join message in the
direction of the RP. R4, after receiving the Join message from R5, also sends its own (*.G) Join message to the RP. This
results in the building of the RPT.
Because the RP is aware of all active sources in the network (because of the reception of register messages), the RP sends
an (S,G) Join message toward the source in an attempt to build an SPT from source to RP. R2, after receiving the Join
message from the RP, also sends its own (S,G) Join message to the sources DR which completes the building of the SPT.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 912 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 913
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 914 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 915
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 916 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 917
Advanced Junos Enterprise Routing
Three RP Methods
The Junos OS provides three separate methods for determining which router in the domain is the RP. These methods include
static configuration, dynamic announcements using auto-RP, and dynamic announcements using a bootstrap router (BSR).
Precedence Order
In the event that a local router encounters multiple methods of learning the address of the RP, the Junos OS has a default
precedence mechanism for making the selection. The RP announced by the BSR is preferred over the RP announced using
auto-RP, which is preferred over any local static RP configurations.
Local RP Configuration
Regardless of the method used in the network for determining the RP address, a candidate rendezvous point (candidate RP)
itself must be configured to perform that role. In the example on the slide, the local portion of the [edit protocols
pim rp] hierarchy accommodates this configuration need. You define the address to be used as the RP address and any
applicable group addresses the candidate RP should operate upon. If no group addresses are defined, the candidate RP is
used for all possible group addresses (224.0.0.0/4).
Static RP
A static RP configuration is very similar to static routes in that no automatic failover exists should the statically defined RP
become unreachable. Although this configuration is simple and convenient, you might want to use this method in
combination with any-cast RP and Multicast Source Discovery Protocol (MSDP) to provide a fault-tolerant mechanism. Static
RP assignment has the benefit of operating in either a PIM version 1 or version 2 network.
In the example on the slide, the static portion of the [edit protocols pim rp] hierarchy is used to configure a
static RP address. You define the address of the RP, as well as the group addresses for which to use the RP. If no group
addresses are defined, the RP is used for all possible group addresses (224.0.0.0/4).
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 919
Advanced Junos Enterprise Routing
Verifying a Static RP
The show pim rps command with the extensive switch displays a wealth of information about how an RP was learned,
which groups it handles, and the number of groups actively using the RP.
In the example on the slide, the RP at 192.168.121.1 was learned from a static configuration. It can support all groups in the
224.0.0.0/4 range, which is all possible groups.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 920 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
Dynamic RP Assignment
If you want a dynamic way of assigning RPs in a multicast network, auto-RP is one option. Auto-RP has both positive and
negative aspects to its operation. From a positive perspective, it operates in both a version 1 and a version 2 PIM network.
Negatively, it is a nonstandard (non-RFC-based) function and requires the use of dense-mode PIM to advertise control traffic.
Failover Capabilities
One advantage that auto-RP maintains over static RP assignment is the ability to maintain a backup RP in the network. This
backup allows you to configure multiple routers as RP candidates. Should the elected RP stop operating, one of the other
preconfigured routers can take over the RP functions. The auto-RP mapping agent controls this capability.
Mapping Agents
As multiple candidate RP routers announce their capabilities to support multicast groups, there must be a single router in
the networkthe mapping agentto perform the group-to-RP mapping. This functionality is required because only a single
RP for each multicast group can exist. The mapping agent sends out Discovery messages to the network informing all routers
»¿´·¿à±¬®¿·²ò½±³ò¶±
which RP to use for specific multicast groups.
Auto-RP Message
Each local router configured as an RP uses this auto-RP message to advertise its capability into the network. The mapping
agent in the network collects these announcements and selects the RP for each group address. This information is then
transmitted into the network using this same message format. The message fields include the following:
Version and type (1 byte): This octet is split into two 4-bit fields. The first 4 bits represent the current version of
auto-RP being used and are set to a constant value of 1. The second 4 bits are used to represent the actual
type of auto-RP message encoded. The possible values are the following:
1: RP announcement message; and
2: RP mapping message.
RP count (1 byte): This field displays the number of distinct RP addresses present in the message. For each
address present, the RP address field, as well as its associated fields, is repeated.
Hold time (2 bytes): This field displays the amount of time, in seconds, for which the RP message is valid.
Reserved (4 bytes): This field is not used and is set to a constant value of 0x00000000.
RP address (4 bytes): This field displays the first RP address included in the message. The remaining fields in
the message are repeated for each unique RP address.
Continued on the next page.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 923
Advanced Junos Enterprise Routing
Electing an RP
The slide shows how the mapping agent learns of all of the candidate RPs, performs the RP election, and then informs all of
the routers in the network of the elected RP.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 924 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
Configuring Auto-RP
To enable auto-RP successfully in a PIM network, you must complete a few steps. First, each router in the network must
enable the sparse-dense mode on all interfaces within the [edit protocols pim] hierarchy. This step allows the
router to operate in sparse mode for most groups and dense mode for others. The default action is to operate in sparse
mode unless specifically informed of a dense-mode group, which is accomplished with the dense-groups command. Both
the 224.0.1.39 and 224.0.1.40 groups must be listed, and you must apply this configuration on all routers in the network.
Once you complete the preceding steps, the actual configuration of auto-RP can take place. Each router must have the
auto-rp command configured with one of three switches: discovery, announce, or mapping. The discovery option
allows a router to receive and process the Discovery messages from the mapping agent. This function is the most basic and
limited a router can support. The announce option adds to the same abilities as the discovery option, but also allows a
router to send Announce messages into the network stating that it is a candidate RP. Finally, the mapping option adds to
the abilities of the announce option, but also allows a router to perform the group-to-RP mapping function as well as to
send Discovery messages into the network.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 925
Advanced Junos Enterprise Routing
Verifying an Auto-RP RP
In the example on the slide, the RP at 192.168.50.61 is learned from auto-RP. It can support all groups in the 224.0.0.0/4
range, which is all possible groups. In addition, the presence of tunnel services in an RP router creates a decapsulation
interface to allow the RP to receive multicast traffic from the source. This interface is ppd0.32769 in the example.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 926 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 927
Advanced Junos Enterprise Routing
Multiple Candidate Routers
One advantage that the bootstrap mechanism brings to PIM is the ability to have multiple routers configured with a priority.
Although only a single BSR can be operational at one time, other routers are available to take over in the event of a failure. In
addition, you can also configure a candidate BSR to be a candidate RP. This configuration allows for easier troubleshooting
and keeps the overhead of PIM control messages centralized on a few routers.
At a minimum, you must configure only a single candidate BSR and a single candidate RP to operate a multicast network
successfully, although it is possible for both functions to be configured on a single router.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 928 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
Candidate RP Advertisements
After the election of the BSR, each configured RP in the network unicasts a candidate RP advertisement (C-RP-adv) into the
domain. This announcement informs the BSR which multicast groups the RP can support, the hold time for the RP, and a
priority value. This information allows for a dynamic failover in the event of a failure.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 929
Advanced Junos Enterprise Routing
BSR Advertises to the Domain
The function of the BSR is completed once the RP-set is advertised into the PIM domain. At this point, it is up to the
individual routers to choose which RP should be used for which multicast group. A process defined in the RFC allows all
routers to make the same selection based on the available RP-set. This process allows different groups to be supported by
different RP routers. The steps for selecting the RP are the following:
1. Locate all RPs associated with the most specific advertised group range for the specific group in the PIM Join
message.
2. From the resulting RPs, select all devices with the best priority (the highest numerical value).
3. From the resulting RPs, compute a hash value using the group address, the RP address, and the advertised
hash mask length advertised in the bootstrap message. Select the RP with the highest hash value.
4. From the resulting RPs, select the RP with the highest IP address.
BSR Message
Each BSR message is encoded in a PIM protocol packet as type code 4. It contains as few as one multicast group address
range or multiple ranges. Each advertised address prefix includes a list of RPs capable of servicing that group. The fields of
the bootstrap message include the following:
Fragment tag (2 bytes): It is possible that an individual bootstrap message might be too large for transmission
in the network without fragmentation. This field includes a randomly generated number designed to ensure that
all fragmented packets are associated with the same bootstrap message. Each fragment receives the same
value in this field.
Hash mask length (1 byte): This field displays the length, in bits, that each router should use when calculating
the BSR hash algorithm. For IPv4 messages, a value of 30 is recommended.
BSR priority (1 byte): This field displays the priority value of the current network BSR.
BSR address (6 bytes): The address of the domains BSR is placed in this field using the encoded unicast
address format.
Continued on the next page.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 931
Advanced Junos Enterprise Routing
BSR Message (contd.)
The remaining fields of the BSR message are the following:
Group address (8 bytes): This field, as well as its associated fields, can be repeated multiple times in a single
bootstrap message. It contains the multicast group address using the encoded group address format.
RP count (1 byte): This field displays the number of RPs included in the RP-set for the associated group address.
Fragment RP count (1 byte): When a bootstrap message is fragmented, this field is used to display the number
of RPs in the RP-set included in this fragment for the group address.
Reserved (2 bytes): This field is not used and is set to a constant value of 0x0000.
RP address (6 bytes): This field is repeated based on the value in the RP count field for the associated group
address. The address of the RP is displayed using the encoded unicast address format. The RP hold time, RP
priority, and reserved fields following the RP address are associated with this single address value.
RP hold time (2 bytes): This field displays the amount of time for which the associated RP, in the preceding field,
is valid. This field is displayed in units of seconds.
RP priority (1 byte): This field displays the priority of the associated RP. It is used in the hash algorithm for
deciding which RP should be used for a particular group address.
Reserved (1 byte): This field is not used and is set to a constant value of 0x00. It is associated with the RP
address in the preceding field.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 932 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 933
Advanced Junos Enterprise Routing
Configuring a BSR
As stated on a previous slide, the router in the PIM domain with the highest configured priority becomes the BSR for the
network. Set this priority using the bootstrap-priority command within the [edit protocols pim rp]
configuration hierarchy. The possible values supported are 0 through 255. A value of 0 means that the local router is
ineligible to become the BSR for the network. This value is the default setting within the Junos OS.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 935
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 936 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 937
Advanced Junos Enterprise Routing
PIM Interfaces
The show pim interfaces command lists the configured and operational interfaces for PIM. Each interface contains
the following information:
Name: The name of the interface;
Stat: The current status (Up or Down) of the interface;
Mode: Whether the interface is in sparse only, dense only, or sparse-dense mode;
IP: Which version of IP is supported on the interface (IPv4 is the default);
V: Which version each interface is using (version 2 is the default);
State: The current state of the interfaceoptions include P2P for all nonbroadcast-capable interfaces, DR if
the interface is responsible for forwarding traffic, or NotDR if the interface is not responsible for forwarding
traffic;
Count: The number of PIM neighbors seen on the interface; and
DR Address: The address on the network link of the current DR.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 938 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
PIM Neighbors
The show pim neighbors command displays information about neighboring routers running PIM.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 939
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 940 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 941
Advanced Junos Enterprise Routing
RPF Table
To determine which table the router is currently using for RPF checks, use the show multicast rpf command. The slide
shows that the router is using inet.0 for RPF checks.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 942 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 944 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 945
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 947
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 948 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
Always an SPT
The slide shows the resulting SPT between the source and a particular receiver for a particular channel (S,G) that yields
optimal forwarding.
Notice that R5 must maintain only (S,G) state for the SPT. It no longer needs to maintain (*,G) state for an RPT. Because any
additional receivers also specify a specific source, there is no need to maintain an RPT.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 949
Advanced Junos Enterprise Routing
SSM Configuration
Notice that the PIM-SM configuration on the slide is minimal, with no RP configuration necessary. To support the SSM range
of addresses, you must configure IGMPv3 on the receiver-facing interface of the receivers DR.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 950 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
We Discussed:
Basic multicast routing protocol terminology;
PIM-SM operation and configuration when using the ASM model; and
PIM-SM operation and configuration when using the SSM model.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 952 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
Review Questions
1.
2.
3.
4.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 953
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 954 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
Answers to Review Questions
1.
At the moment the receivers DR receives the first native multicast packet from the RPT, it learns the source address and joins the SPT.
2.
The RPT must remain active and available in case another source begins sending traffic to the same multicast group address, or if
another receiver wants to join the existing (S,G).
3.
The only dynamic method of learning an RP for PIM version 1 is auto-RP.
4.
The router closest to the receiver never initiates a (*,G) Join message for 232/8. Backbone routers never propagates a (*,G) Join
message for 232/8. RPs do not accept PIM Register messages or (*,G) Join messages for 232/8. A source DR does not send PIM
Register messages to RP for 232/8.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Multicast Routing Protocols and SSM Chapter 955
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 956 Multicast Routing Protocols and SSM www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Advanced Junos Enterprise Routing
We Will Discuss:
Environments that might require a modified class of service (CoS) implementation;
Various CoS components and their respective functions;
CoS processing along with CoS defaults on SRX Series devices;
Situations in which various CoS features are used in the enterprise; and
The use of the Real-Time Performance Monitoring tool.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 102 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 103
Advanced Junos Enterprise Routing
What Is CoS?
The Junos operating system refers to all facets of quality of service (QoS) as CoS. CoS provides the ability to treat some
packets differently as they transit a network. CoS is an end-to-end mechanism; enabling CoS on one router or one node does
not provide the entire solution. CoS must be implemented in hops from the source to the destination. Any hop along the
transit path of a packet could introduce latency.
The convergence of voice and data networks is critical to characteristics like delay and jitter. On a data network, if a packet
arrives late, or if it arrives out of order, typically not much harm is done. However, in voice communication, packet
transmission is much more sensitive. Imagine participating in a phone conversation where syllables arrive out of order or are
delayed. The communication becomes garbled. This situation makes CoS absolutely necessary for real-time applications like
voice or video. The issue becomes compounded when transferring real-time applications and data across the same network.
Typically, data packets are large and utilize large amounts of bandwidth. CoS is necessary to prevent the data packets from
monopolizing network bandwidth.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 104 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
CoS Components
The slide illustrates the primary components of CoS. When a packet arrives on the ingress interface of a network device
performing CoS, the device examines certain IP header fields. CoS is able to use the IP header fields to differentiate various
types of traffic into traffic classes. This process is known as classification. Multiple ways exist to classify traffic. Classification
can be performed based on the first 6 bits of DiffServ code point (DSCP) values in the IP type of service (ToS) header, the
first 3 bits of IP precedence values in the IP ToS header, and other IP header fields such as the source IP address,
destination IP address, or port numbers.
Classified packets are assigned to a forwarding class. Forwarding classes are assigned to output queues. In general, the
device assigns packets to forwarding classes or output queues based on the classification of the packet. The slide depicts
different classes of traffic being assigned to different queues. A physical interface contains multiple queues.
Classified traffic is subject to policing. If the total traffic received is greater than what the interface can handle or is greater
than the bandwidth of the interface, then some packets must be dropped. This bandwidth might not be the complete
bandwidth of the interface. For example, assume traffic arrives at a 1 Gigabit Ethernet interface, but somewhere upstream
exists a device interface that can handle only 10 Mbps. If the typical traffic load is more than 10 Mbps of traffic, some of that
traffic will be dropped at the upstream device. Rather than dropping random voice and data packets, ensuring transmission
of the most important 10 Mbps of traffic is better. A policer can provide this type of granular control.
Continued on the next page.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 105
Advanced Junos Enterprise Routing
CoS Components (contd.)
Policing, in its simplest form, drops packets. If traffic exceeds the policer limit, the device drops the offending packet.
However, policing can also be configured to assign an offending packet into a specific forwarding class.
Once packets have been classified and examined by a policer, they are assigned to outbound queues. This process is known
as queuing. Each queue is assigned a priority. For example, queue A might have a higher priority than queue B, which might
have a higher priority than queue C, and so forth. Each queue is also assigned a transmit rate. The transmit rate defines how
many packets the queue transmits within a given scheduling interval. The transmit rate is typically defined as a specific
bandwidth or a percentage of the interfaces bandwidth. Queues are allocated a percentage of the physical interfaces
memory to hold packets as needed. This allocation is known as a buffer.
The next stage in the output processing of CoS is the act of rewriting the bit markings. A device can manipulate the various
bits in the ToS header. Rewrite rules facilitate the separation of trust points in the network and allow networks to have a
consistent classification on downstream nodes.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 106 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 107
Advanced Junos Enterprise Routing
Verify Markings
The engineers in the enterprise know that the VoIP clients are marking the traffic with the expedited forwarding (EF) DSCP
value. In this slide, a firewall filter is created to match EF-marked traffic with an action to count. The filter is applied as input
filter on the interface facing Site A. The counter increments, which confirms that the packets are coming in properly marked.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 108 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
Default Classifier
When looking at the extensive interface output with the command show interfaces ge-0/0/1 extensive | find
“Queue counters”, the engineers observe that all traffic is classified into the best-effort queue regardless of
markings. The engineers also observed that the SRX Series device is dropping packets in this queue.
When viewing the default classifier with the command show class-of-service classifier type
inet-precedence name ipprec-compatibility, the engineers observed that the EF class is classified into the
best-effort queue.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 109
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1010 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1011
Advanced Junos Enterprise Routing
Bandwidth Reservation
The expedited-forwarding forwarding class is configured with a higher priority than the other queues and is reserved
the remainder of the bandwidth, which is 12% based on this configuration.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1012 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
Priority Queue
After committing the CoS configuration, the drops in the expedited-forwarding queue disappear and users stop
complaining of poor voice quality. The queue counters are running counts; to get a fresh snapshot, clear the statistics with
the clear interfaces statistics command. This action clears the statistics for all interfaces; you can optionally
specify a particular interface you want to be cleared.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1013
Advanced Junos Enterprise Routing
Priority Scheduler
In this slide, an ingress policer is created for EF class traffic. The policer reclassifies any traffic in excess of 2 Mbps into the
best-effort queue. This is done to keep the EF-class traffic from starving the lower-priority queues.
In SRX Series devices, the configured transmit-rate is only honored for queues in the same priority level. On an SRX Series
device, a high-priority queue can starve other priorities unless it is rate-limited. The same is true for medium-high and
medium, medium low, and so on down the priority chain. We discuss this behavior in subsequent slides.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1014 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1015
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1016 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
Egress CoS Processing
The following list describes a packets egress flow through the router:
1. Egress policing: After the route lookup, a packet begins its journey toward the selected egress interface. The
first egress CoS processing state is output policing, which is again based on either a firewall or an
interface-level policer. Once again, excess traffic can be discarded or marked with a loss priority for later discard
in the event of congestion.
2. Queuing and scheduling: The queuing stage involves placing packet notifications into the corresponding
forwarding class queue, where they are serviced by a scheduler that factors priority and configured weight to
determine when a packet should be dequeued from a given queue.
3. (W)RED/Congestion control: The next CoS processing stage involves a weighted random early detection (WRED)
drop decision, based on protocol, loss priority, and average queue fill level. RED tends to operate at the head of
the queue, and a RED decision is made against each packet selected for transmission by the scheduler stage.
4. Rewrite marker: The final stage is the rewrite marker stage and it allows you to alter one packet field, or in some
cases multiple packet fields, as the packet is transmitted to downstream nodes. Normally, you rewrite packet
fields to accommodate downstream BA-based classification. Rewrite markers are indexed by protocol family
and by forwarding classfor example, writing a 001 pattern into the precedence field of all family inet packets
that are classified as best effort (BE).
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1017
Advanced Junos Enterprise Routing
Default Values
BA classification can be populated by default values. The operational command show class-of-service
classifier displays all the default values and configured values.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1018 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1019
Advanced Junos Enterprise Routing
Multifield Classifier
A multifield classifier is implemented through a firewall filter. You use this filter to perform multifield classification by
associating a set of match criteria to a then forwarding-class action. To activate multifield classification, the filter is
applied as an input filter on an ingress interface. Because BA classification is always performed first, you can always apply a
multifield classifier in combination with any BA classifier. In case of conflict, the forwarding class associated with the BA
match is overwritten by the multifield classifier's choice of forwarding class.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1020 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
Rewrite Marker
One of the most important design goals for Enterprise CoS is to enable classification and marking close to the edge of the
network. Doing so simplifies the classification logic and configuration on the rest of the routers in the network.
Default Markings
As with behavior aggregates, a rewrite configuration can be populated with the default values. These values can be viewed
with the show class-of-service rewrite-rules operational command.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1021
Advanced Junos Enterprise Routing
Scheduler Configuration
In this slide, a scheduler named test is configured. The scheduler has a high priority, a transmit-rate of 50% of the
total interface speed, and a buffer-size of 30% of the total interface buffer. A drop profile named high-drop is
referenced for any packets that are marked with a loss-priority (PLP) of low. The scheduler is then mapped to the
forwarding-class expedited-forwarding and applied to the ge-0/0/0 physical interface.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1024 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
exact Option
You can, optionally, enforce the exact transmission rate or percentage you configure with the transmit-rate rate or
transmit-rate percent statement. Under sustained congestion, a rate-controlled queue that goes into negative credit
fills up and eventually drops packets. Note that, in the configuration, you cannot combine the remainder and exact
options.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1025
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1026 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
drop-profiles Configuration
On a previous slide, the scheduler referenced a drop profile named high-drop for any traffic with a loss-priority of
low. Under the [edit class-of-service] hierarchy, a drop profile named high-drop is configured with a
fill-level of 40% with a drop-probability of 0%, a fill-level of 50% with a drop-probability of 10%,
and a fill-level of 70% with a drop-probability of 20%.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1027
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1028 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
Default Classification
The Junos OS creates a complete set of BA classifier and rewrite marker tables for each supported protocol family and type,
but most of these tables are not used in a default CoS configuration. For example, there is both a default IP precedence (two,
actually) and a default DSCP classifier and rewrite table. You can view default and custom tables with the show
class-of-service classifier or the show class-of-service rewrite-rule command.
The default values in the various BA classifier and rewrite tables are chosen to represent the most common/standardized
usage. In many cases, you will be able to simply apply the default tables. Because you cannot alter the default tables, it is
suggested that you always create custom tables, even if they end up containing the same values as the default table. This
does not involve much work, given that you can copy the contents of the default tables into a custom table and, in the future,
you will be able to alter the custom tables as requirements change.
In a default configuration, input BA classification is performed by the ipprec-compatibility table and IP rewrite is in
effect. As a result, the ToS marking of packets at egress match those at ingress.
Policing
The slide highlights the topic we discuss next.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1030 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
Token Based
To rate-limit traffic entering an interface, you can deploy a policer. Implemented policers are token based and use the IP
packet to limit based on bandwidth and bursts. Bandwidth is measured as the average number of bits over a one-second
interval.
Burst Size
The burst size will set the initial and maximum sizes of a bucket in bytes (tokens) that would be accessed each time data
needs to be sent. As a packet is sent, the bucket bytes (tokens) are removed from the bucket. If there are not enough tokens
to send the packet, the packet is policed. The bucket is then replenished at the bandwidth rate.
Policer Actions
Once the policer limits have been configured, you must choose the action taken if a packet exceeds the policer limit. Two
types of policing are available: soft policing and hard policing. Hard policing specifies that the packet will be dropped if it
exceeds the policer's traffic profile. Soft policing simply marks the packet or reclassifies the packet, which could change the
probability of the packet being dropped at the egress interface during times of congestion. Soft policing is implemented by
either setting the packet loss priority (PLP) setting on the packet or by placing the packet into a different forwarding class.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1031
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1032 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1033
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1034 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1035
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1037
Advanced Junos Enterprise Routing
Virtual Channels
The slide highlights the topic we discuss next.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1038 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
Virtual Channels
Virtual channels are used to ensure that a central site with a high bandwidth connection does not overrun remote sites that
access the network at slower rates.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1039
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1040 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1041
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1043
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1044 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1045
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1046 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1047
Advanced Junos Enterprise Routing
Timestamps
Timestamping is needed to account for any latency in packet communications. Timestamps are applied on the client, the
server, or both the client and server. All nodes in the network must be synchronized to a common, accurate clock source
(preferably a Stratum 3 level) using Network Time Protocol (NTP). The probe types that support timestamping functionality
include:
icmp-ping;
icmp-ping-timestamp;
udp-ping; and
udp-ping-timestamp.
The timestamping activity consists of the source (client) node applying a timestamp to the RPM packets with the time at
which they leave the node. The destination (server) node applies a second timestamp when it receives the probe and a third
timestamp when the probe leaves the destination back to the source. The source receives the response and applies a fourth
timestamp. Different metrics are calculated based on these timestamps collected from a series of probes.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1048 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1049
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1050 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
We Discussed:
Environments that might require a modified CoS implementation;
The various CoS components and their respective functions;
The CoS processing along with CoS defaults on SRX Series devices;
Situations in which some CoS features are used in the enterprise; and
The use of the Real-Time Performance Monitoring tool.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1051
Advanced Junos Enterprise Routing
Review Questions
1.
2.
3.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1052 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net Class of Service Chapter 1053
Advanced Junos Enterprise Routing
Answers to Review Questions
1.
Behavior aggregate classification is performed first. Because a multifield classifier is processed after a behavior aggregate classifier, the
multifield classifier can overwrite conflicting values.
2.
The loss priority status is an internal flag that is set based on classification or policing actions.
3.
A policer can drop a packet or set the forwarding class and loss priority bit.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Chapter 1054 Class of Service www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Advanced Junos Enterprise Routing
We Will Discuss:
The operation of BGP route reflection; and
How to configure a route reflector.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A2 BGP Route Reflection www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Route Reflection Appendix A3
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A4 BGP Route Reflection www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
added to all routes that the RR touches, meaning that both clients
attribute contains a sequence of all
clients and non-clients receive the cluster list attribute. This
all cluster IDs that represent all RRs that have handled the route update.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A6 BGP Route Reflection www.juniper.net
Advanced Junos Enterprise Routing
Cluster List
The cluster-list attribute is analogous to the AS-path attribute and is used to prevent loops. If an RR receives a route with its
own cluster ID in the cluster list, it drops the route. In addition, each router in the network can use this attribute in the BGP
path-selection algorithm prior to using the peer IP address attribute. BGP chooses the route with the shortest cluster list
length. This process follows the same theory as the AS-path attribute.
The cluster ID is very similar to an AS number and should be unique within an individual AS. The cluster ID is added to the
cluster-list attribute when a route is sent to clients and non-clients.
Originator ID
The originator-ID attribute provides the router ID of the first router to advertise the route in the AS. It also is used for loop
prevention in the rare case where the cluster list does not prevent a loop.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Route Reflection Appendix A7
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A8 BGP Route Reflection www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A10 BGP Route Reflection www.juniper.net
Advanced Junos Enterprise Routing
Route Propagation
The next series of slides shows the flow of routing information in a route-reflection network using a basic topology.
We begin with a client in the left-most cluster advertising the 10.10.10.0/24 route to the clusters RR (RR1).
The slide details how the 10.10.10.0/24 route is re-advertised to all other clients in the cluster as well as to all non-client
IBGP peers of the RR. This process applies to all other routes the RR receives from a client in its cluster.
This slide shows how the other RRs in the network (RR2 and RR3) re-advertise all routes received from IBGP peers (the other
reflectors in this example) to all of their cluster clients.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Route Reflection Appendix A13
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Route Reflection Appendix A15
Advanced Junos Enterprise Routing
Forwarding Paths Should Be Unaffected (contd.)
The solution to this problem is a selective next-hop-self policy on the RR that modifies the BGP next hop for only
EBGP-learned routes. This type of policy normally makes use of the from neighbor or from interface match
conditions, as shown here. In this example, the RR has an EBGP peering session with the 172.16.0.1 address:
[edit policy-options]
user@router# show policy-statement selective-nhs
term only-EBGP-routes {
from {
protocol bgp;
neighbor 172.16.0.1;
}
then {
next-hop self;
}
}
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A16 BGP Route Reflection www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Route Reflection Appendix A17
Advanced Junos Enterprise Routing
Case Study: RFC 3345 OscillationPart 1 (contd.)
The following are sample outputs from the R1 router on the preceding page:
user@R1> show route 200/24
inet.0: 14 destinations, 15 routes (14 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
200.0.0.0/24 *[BGP/170] 00:00:01, MED 1, localpref 100, from 192.168.10.4
AS path: 6 100 I
> to 20.0.0.2 via ge-1/0/5.0
[BGP/170] 00:00:01, MED 10, localpref 100, from 192.168.10.3
AS path: 10 100 I
> to 10.0.0.2 via ge-1/0/4.0
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A18 BGP Route Reflection www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A20 BGP Route Reflection www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Route Reflection Appendix A21
Advanced Junos Enterprise Routing
Case Study: RFC 3345 OscillationPart 4 (contd.)
In the following sample output, you can view the output from R1 that demonstrates the route churn described in this case
study. Take note of the route timestamps; the output encompasses only seven seconds:
user@R1> show route 200/24
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A22 BGP Route Reflection www.juniper.net
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
> to 10.0.0.2 via ge-1/0/4.0
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A24 BGP Route Reflection www.juniper.net
Advanced Junos Enterprise Routing
Case Study: RFC 3345 OscillationPart 6 (contd.)
The following output is sample output from the R1 router after configuring the add-path option on both the R1 and R2
routers. Note that all three paths are now present and the oscillation issue has stopped.
user@R1> show route 200/24
inet.0: 14 destinations, 16 routes (14 active, 1 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
200.0.0.0/24 *[BGP/170] 00:14:56, MED 10, localpref 100, from 192.168.10.3
AS path: 10 100 I
> to 10.0.0.2 via ge-1/0/4.0
[BGP/170] 00:14:42, MED 0, localpref 100, from 192.168.10.2
AS path: 6 100 I
> to 30.0.0.2 via ge-1/1/2.0
[BGP/170] 00:14:52, MED 1, localpref 100, from 192.168.10.4
AS path: 6 100 I
> to 20.0.0.2 via ge-1/0/5.0
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Route Reflection Appendix A25
Advanced Junos Enterprise Routing
We Discussed:
The operation of BGP route reflection; and
How to configure an RR.
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A26 BGP Route Reflection www.juniper.net
Advanced Junos Enterprise Routing
Review Questions
1.
2.
3.
4.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Route Reflection Appendix A27
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A28 BGP Route Reflection www.juniper.net
Advanced Junos Enterprise Routing
Answers to Review Questions
1.
The Cluster List attribute and Originator ID attribute support route reflection.
2.
The cluster statement is configured only on the route reflector.
3.
The no-client-reflect command can be used to stop excess advertisements.
4.
An RR re-advertises routes received from clients and non-clients, adding the cluster-ID attribute and the cluster-list attribute.
»¿´·¿à±¬®¿·²ò½±³ò¶±
www.juniper.net BGP Route Reflection Appendix A29
Advanced Junos Enterprise Routing
»¿´·¿à±¬®¿·²ò½±³ò¶±
Appendix A30 BGP Route Reflection www.juniper.net
Acronym List
ABR. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . area border router
AF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . assured forwarding
AS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . autonomous system
ASBR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . autonomous system boundary router
ASM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . any-source multicast
BE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . best effort
BGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Border Gateway Protocol
BGP4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Border Gateway Protocol version 4
CBF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .class-of-service-based forwarding
CBF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . connection-based forwarding
CIR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . committed information rate
CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .command-line interface
CoS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .class of service
C-RP-adv. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .candidate RP advertisement
CS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . class selector
DR. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .designated router
DSCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . DiffServ code point
DVMRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Distance Vector Multicast Routing Protocol
EGP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . exterior gateway protocol
GUI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .graphical user interface
HDLC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .High-Level Data Link Control
IANA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Internet Assigned Numbers Authority
IBGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . internal BGP
IGMP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Internet Group Management Protocol
IGP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . interior gateway protocol
IPsec. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .IP Security
IPv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .IP version 4
ISP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Internet service provider
JNCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Juniper Networks Certification Program
LSA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . link-state advertisement
LSDB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . link-state database
MAC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .media access control
MDRR . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . modified deficit round-robin
MOSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .Multicast Open Shortest Path First
NC. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . network control
NLRI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . network layer reachability information
NSSA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . not-so-stubby area
OSPF. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Open Shortest Path First
PID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .process ID
PIM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Protocol Independent Multicast
PPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Point-to-Point Protocol
QoS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . quality of service
RID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . router ID
RP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . rendezvous point
rpd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . routing protocol daemon
RPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . reverse path forwarding
RPM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . reverse-path multicasting
RR. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .route reflector
SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Simple Network Management Protocol
SPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .shortest-path-first
SPT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . shortest path tree
SSM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .source-specific multicast
ToS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . type of service
TTL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . time-to-live