RBGP - Juniper

BGP
WHAT IS BGP?
Each AS is under
separate
administrative control
Interdomain
Autonomous Routing Autonomous
Network A Network B
BGP 4:
Is an interdomain routing protocol
Supports CIDR and route attributes that
accommodate complex routing policy
Is a path-vector protocol that uses incremental
updates and reliable TCP transport
Views the Internet as a collection of autonomous
systems
Normally requires explicitly defined peers for
added security and control
2 Is an IETF standard defined in RFC 4271
Copyright 2009 Juniper Networks, Inc. www.juniper.net
(supersedes RFC 1771)

2008 Juniper Networks, Inc. All rights reserved.
JUNOS BGP SUPPORT
JUNOS supports the following BGP features:
Route refresh
Multiprotocol extensions
Authentication
Communities
Route damping
Graceful restart
Route reflection
Confederations
3 Copyright 2009 Juniper Networks, Inc. www.juniper.net

BGP FUNDAMENTALS
Each BGP update contains one path advertisement and
attributes
Many prefixes can share the same path
Routes consist of a destination prefix along with an AS path
and other BGP-specific attributes
BGP compares the AS path and other attributes to choose the
best path

WHEN SHOULD I USE BGP?
EBG ISP-X
BGP gives P AS 2
dual-homed OSPF IBG
customer control (IGP) P
of inbound and
outbound traffic EBG
Customer
P
1 AS 1 EBG
P
Stati
Single-homed
c IBG
customer uses Custom
default route P
er 2
to the Internet
ISP-Y
AS 3
Single-homed customers normally use a static

default route
Multihomed customers benefit from BGP route selection
intelligence and policy controls

BGP ROUTING INFORMATION BASES
Three main routing information bases (RIB) used by the
protocol
Adjacency-RIB-In contains all the routes received from all peers
Adjacency-RIB-Local contains the best path to each received
destination
Adjacency-RIB-Out contains the routes to advertise to each
peer
You view all of these using the show route/ show route
protocol bgp command
JUNOS maintains all routes in the routing table
Internal data structures keep things straight

BGP ACTIVE ROUTE SELECTION SUMMARY
Selection summary:
1. Can the BGP next hop be resolved?
2. Prefer the highest local-preference value
3. Prefer the shortest AS-path length
4. Prefer the lowest origin value
5. Prefer the lowest MED value
6. Prefer routes learned using EBGP over routes learned using IBGP
7. Prefer routes with the lowest IGP metric
8. Prefer paths with the shortest cluster length
9. For EBGP-received routes, prefer the current active route;
otherwise, prefer routes from the peer with the lowest RID
10. Prefer routes from the peer with the lowest peer ID

LOOPBACK PEERING
IBGP sessions are usually established between loopback
addresses
Maintains IBGP session regardless of physical topology
Uses IGP to maintain reachability
One session per-peer, regardless of physical topology
IBG
P
P
IBG
P
IBG
X
ISP A
IBGP session stays
(AS 65001) up over working
links

BGP CONFIGURATIONS
The configuration of BGP is where many differences appear

between JUNOS and IOS
Assigning the local Autonomous System number
JUNOS places the AS within routing-options
Allows multiple process to use the same value (VPN)
IOS encodes the AS within the router command
JUNOS
routing-options {
autonomous-system 65000;
}
IOS
router bgp 65000

BGP CONFIGURATIONS
Peer groups
JUNOS makes almost exclusive use of them
Optional within IOS (but widely used)
AS number of the peer
Can be defined for the whole group or just a peer
JUNOS IOS
bgp { router bgp 65000
group EXTERNAL-PEERS { neighbor 10.81.254.1 remote-as 65001
peer-as 65001; neighbor 10.81.254.2 remote-as 65002
neighbor 10.81.254.1;
neighbor 10.81.254.2
{
peer-as 65002;
}
}
10 } Copyright 2009 Juniper Networks, Inc. www.juniper.net

BGP CONFIGURATIONS
Synchronization
JUNOS uses no synch by default
Automatic summarization off by default
JUNOS IOS
bgp { router bgp 65000
group EXTERNAL-PEERS { no synchronization
neighbor 10.81.254.1; neighbor 10.81.254.2 remote-as 65002
neighbor 10.81.254.2 no auto-summary
{
peer-as 65002;
}
}
}

BGP CONFIGURATIONS
type command informs the router figure how to work with the
peer
external or internal defined
JUNOS IOS
bgp {
group EXTERNAL-PEERS { router bgp 65000
type external; no synchronization
peer-as 65001;
neighbor 10.81.254.2 neighbor 10.81.254.2 remote-as 65002
{ neighbor 10.81.254.3 remote-as 65000
peer-as 65002; no auto-summary
}
}
group INTERNAL-PEERS {
type internal;
neighbor 10.81.254.3;
}
}

BGP CONFIGURATIONS
local-address command changes the source address of the

BGP packets
Similar to update-source
JUNOS IOS
bgp {
group EXTERNAL-PEERS { router bgp 65000
type external; no synchronization
neighbor 10.81.254.2 {
} neighbor 10.81.254.3 update-source loop0
} no auto-summary
group INTERNAL-PEERS {
type internal;
local-address 10.81.254.10;
neighbor 10.81.254.3;
}
}

SHOW BGP SUMMARY
Similar looking high-level view of all peers
JUNOS adds some additional route information
Active/Received/Damped routes per peer
user@host> show bgp summary
Groups: 1 Peers: 2 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0 12 12 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State
10.81.254.1 65001 423 430 0 0 3:33:00 4/4/0
10.81.254.2 65002 428 430 0 0 3:32:56 4/4/0
IOS-RTR-1#sh ip bgp summary

BGP router identifier 10.81.254.10, local AS number 65000
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

10.81.254.1 4 65001 5 22 1 0 0 00:01:09 4
10.81.254.2 4 65002 9 22 1 0 0 00:03:02 4

SHOW BGP NEIGHBOR
Detailed information regarding each BGP peer
user@host> show bgp neighbor

Peer: 10.81.254.1+179 AS 65001 Local: 10.81.254.10+1028 AS 65000
Type: External State: Established Flags: <>
Last State: OpenConfirm Last Event: RecvKeepAlive
Last Error: None
Options: <Preference HoldTime PeerAS Refresh>
Holdtime: 90 Preference: 170
Number of flaps: 0
Peer ID: 10.81.254.1 Local ID: 10.81.254.10 Active
Holdtime: 90
Keepalive Interval: 30
Local Interface: so-0/0/1.0
NLRI advertised by peer: inet-unicast
NLRI for this session: inet-unicast
Peer supports Refresh capability (2)
Table inet.0 Bit: 10000
Send state: in sync
Active prefixes: 4
Received prefixes: 4
Suppressed due to damping: 0
Last traffic (seconds): Received 13 Sent 13 Checked 13
Input messages: Total 438 Updates 4 Refreshes 0
Octets 8473
Output messages: Total 440 Updates 4 Refreshes 0
Octets 8526
Output Queue[0]: 0

VIEWING ADVERTISED BGP ROUTES
All routes in JUNOS are in the routing table

Use show route advertising-protocol bgp <peer> to
see all routes sent to that peer
Similar to show ip bgp neigh <peer> advertise in IOS
Shows the effect of all export policies
Except for the default AS Path prepend action
Different than IOS, which doesnt display changed attributes
user@host> show route advertising-protocol bgp 10.81.254.1

inet.0: 21 destinations, 22 routes (21 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.20.3.0/24
Self 0 100 I
10.20.4.0/24
Self 0 100 I

VIEWING RECEIVED BGP ROUTES
Again, routes in JUNOS are in the routing table
Use show route receive-protocol bgp <peer> to see all routes
received from that peer
Similar to show ip bgp neigh <peer> received-routes in IOS
IOS requires soft-in configuration
JUNOS defaults to soft-in and soft-out operation
Shows the routes prior to import policies
Except for rejected routes via a route-filter
user@host> show route receive-protocol bgp 10.81.254.1

10.20.1.0/24
10.81.40.15 0 100 I
10.20.2.0/24
10.81.40.15 0 100 I

VIEWING LOCAL BGP ROUTES
Use show route protocol bgp
Some BGP attributes are present in this output
Local Preference, AS Path, Origin, MED
Use detail or extensive to see more data
Similar to show ip bgp in IOS
JUNOS doesnt have the concepts of:
Table versions
The routing table is the routing table one entity
60-second BGP scan time
All BGP routes get processed immediately

LOCAL BGP ROUTE COMPARISON
user@host> show route protocol bgp

10.20.1.0/24 *[BGP/170] 00:23:21, MED 0, localpref 100
AS path: 65001 I
> to 10.81.40.15 via so-0/0/0.0
10.20.2.0/24 *[BGP/170] 00:23:21, MED 0, localpref 100
AS path: 65001 I
> to 10.81.40.15 via so-0/0/0.0
IOS-RTR-1#sh ip bgp
BGP table version is 2003, local router ID is 10.81.254.10
Status codes: s suppressed, d damped, h history, * valid, > best, i -
internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path

>i10.20.3.0/24 10.81.254.20 100 0 i
>i10.20.4.0/24 10.81.254.20 100 0 i

VIEWING DETAILED ROUTE INFORMATION
user@host> show route 10.20.3/24 detail

10.20.3.0/24 (1 entry, 1 announced)
*BGP Preference: 170/-101
Source: 10.81.254.20
Nexthop: via ge-0/1/0.0, selected
Protocol Nexthop: 10.81.254.20 Indirect nexthop:
8458088 44
State: <Active Int Ext>
Local AS: 65000 Peer AS: 65000
Age: 2:39:44 Metric: 0 Metric2: 1
Task: BGP_20.10.81.254.20+1127
Announcement bits (3): 0-KRT 3-BGP.0.0.0.0+179 4-
Resolve inet.0
AS path: I
Localpref: 100
Router ID: 10.81.254.20

IBGP ROUTE PROPAGATION
BGP speakers do not propagate IBGP-received routes to other
IBGP peers
Requires a full mesh of BGP speakers, which provides loop
prevention
This router does B GP

R2 E h
not get the IB ea c 0/ 2
announcement I ca G P n r 28.
17 a
for 2.3 n rea I c 31. 1
1.1 ch 2. 0
172.31.128.0/20 28 17
P
.0/
IBG
0 2
R3
R1
ISP A
(AS 65001)

IBGP NEXT-HOP PROPAGATION
By default, the BGP next-hop attribute is unchanged as a route
propagates through an AS
Put external interfaces in IGP, or
Use next-hop self in a policy to cause the router to use its own
IP address as the next hop
17 I can /30
.1
2
NH .31.1 reach 5.0
:1 7.2
R2 72 28.0/ 2.1 h
.17 2 17 ac /20
.25 0 r e .0
IB .1 .2 c a n 128 2 5. 1
GP I . .
2 .31 2.17
17 : 1 7
P
R1 and R2 must
NH
IBG
have routes to P
the next hop IBG reach /20R3
n .0
I ca .128 25.1
1 .
2 .3 17
17 172.
:
NH
ISP A
R1
(AS 65001)

CHANGING THE NEXT HOP
Example (on R3):
protocols {
bgp { policy-options {
group IBGP-peers { policy-statement PEPE {
export PEPE; then {
peer-as 65001; next-hop self;
}
local-address 192.168.100.3; }
neighbor 192.168.100.1 { }
description R1;
}
neighbor 192.168.100.2 {
description R2; 17 I can /30
.1
2. re
NH 31.12 ach 5.0
}
:R 7.2
R2 3 l 8.0/2 2.1 h
}
o0 0 17 e ac /20
[...] .0 r .0
I BG .2 c a n 128 2 5. 1
} I . .
}
P 2 .31 2.17
17 : 1 7
P
NH
IBG
P
IBG reach /20R3
n .0
I ca .128 .0
1 lo0
2 .3
17 : R3
NH
ISP A
R1
(AS 65001)

WHICH ROUTERS SHOULD RUN BGP?
Any router which requires an EBGP session
Any router topologically between BGP speakers that needs BGP
information to make forwarding decisions
Need enough information to make consistent forwarding decisions
without creating forwarding loops
Do not always need to run BGP
EB BGP ISP
GP R4 E
ISP B C
R1 R3
R2
Enterprise
Network

INTERFACE PEERING
EBGP sessions are usually established between two directly
connected addresses
protocols {
bgp {
group ISPs {
export to-ISP;
neighbor 172.28.200.201 {
description ISP-C;
peer-as 65003;
}
}
[...]
}
}
.202 .201
EBGP
172.28.200.200/30
Nails, Inc. ISP C

(AS 65501) EBGP session (AS 65003)
between .202 and .
25
201Inc. www.juniper.net
Copyright 2009 Juniper Networks,

MULTIPLE CONNECTIONS BETWEEN EBGP PEERS
Two options:
One EBGP session per physical connection + multipath
One loopback-loopback session + static routes
Remember, no per-flow load balancing by default
172.28.200.204/30
172.28.200.200/30
Nails, Inc. ISP C

(AS 65501) (AS 65003)

EBGP EXPORT POLICY
Unlike IBGP sessions, you usually want to apply an export policy
Advertise aggregates
Block provider routes
Block internal details
Implement inbound routing policy
Export policy should define what you want to send, not what you
do not want to send

EBGP IMPORT POLICY
Unlike IBGP sessions, you usually want to apply an import policy
Implement outbound routing policy
Generally, you do not want to filter routes from your ISP, but you
do want to filter routes from non-ISPs
Exceptions:
Default-only from ISP
Partial routes from ISP
Limited resources
Transition

BGP-IGP INTERACTION OVERVIEW
Problem: You have a few routers with great routing information
How do the other routers know about these routes?
EBG R1 R2
P GP
EB ISP
ISP B
C
R3
R4 R6
R5
Enterprise
Network

BGP-IGP INTERACTIONGENERAL PRINCIPLES
Do not export all BGP routes into the IGP
Can export specific routes, if necessary
If multiple paths, use generated routes

Only generate routes when local session is up
Use least-specific routes possible (for example, default route)
Export only generated routes to IGP
Purpose is to draw traffic to BGP-speaking core that has full routes

BGP-IGP OSPF EXAMPLE: OVERVIEW
Overview of example:
Traffic flow: R1-R2
No requirement to support R1-R3-R2
R1 and R2 receive full routes from their ISPs
EBG R1 R2
P Area 0 GP
ISP B EB ISP C
(AS 65002) (AS
Area 1 Ar 65003)
ea
2
ea
3
Ar
R3
R4 R6
R5
Enterprise
Network

BGP-IGP OSPF EXAMPLE: SOLUTION
IBGP between R1 and R2
Both R1 and R2 generate default routes and export them into
OSPF
EBG R1 R2
P GP
ISP B IBGP EB ISP C
(AS 65002) (AS
0.0.0.0/0 0.0.0.0/0
External Type External Type
65003)
1 1
Metric: 0 Metric: 0
R3
R4 R6
R5
Enterprise
Network

BGP-IGP OSPF EXAMPLE: CONFIGURATION
R1 sample configuration excerpts:
policy-options {
routing-options { policy-statement ISPB-routes {
generate { term match-ISPB-routes {
route 0.0.0.0/0 { from {
policy [ ISPB-routes reject-all ]; protocol bgp;
neighbor 172.17.55.45;
} }
then accept;
} }
[...] }
} policy-statement default-to-ospf {
protocols { term match-default {
bgp { from {
group isp { protocol aggregate;
[...] route-filter 0.0.0.0/0 exact;
neighbor 172.17.55.45 { }
description ISP-B; then {
metric 0;
peer-as 65002; external {
} type 1;
} }
[...] accept;
} }
ospf { }
export default-to-ospf; }
[...] policy-statement reject-all {
then reject;
} }
} }

BGP-IGP RIP EXAMPLE: OVERVIEW
Overview of example:
R1 and R2 receive full routes from their ISPs
R1 and R2 traffic flow
EBG R1 R2
P GP
ISP B EB ISP C
(AS 65002) (AS
65003)
R3
R4 R6
R5
Enterprise
Network

BGP-IGP RIP EXAMPLE: SOLUTION
IBGP between R1, R2, and R3
Both R1 and R2 generate default routes and export them into
RIP
EBG R1 R2
P GP
ISP B IBGP EB ISP C
(AS 65002) (AS
0.0.0.0/ 0.0.0.0/ 65003)
0 IBGP 0
Metric: 0 Metric:
0
R3
R4 R6
R5
Enterprise
Network

BGP-IGP RIP EXAMPLE: CONFIGURATION
R1 sample configuration excerpts:
routing-options { policy-options {
generate { policy-statement ISPB-routes {
route 0.0.0.0/0 { term match-ISPB-routes {
policy [ ISPB-routes reject-all ]; from {
protocol bgp;
} neighbor 172.17.55.45;
} }
[...] then accept;
} }
protocols { }
bgp { policy-statement default-to-rip {
group isp { term match-default {
[...] from {
neighbor 172.17.55.45 { protocol aggregate;
description ISP-B; route-filter 0.0.0.0/0 exact;
peer-as 65002; }
} then {
} metric 0;
[...] accept;
} }
rip { }
group peer-routers { }
export [ default-to-rip rip-routes ]; policy-statement reject-all {
[...] then reject;
} }
} }
}


RBGP - Juniper

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

RBGP - Juniper

Uploaded by

Copyright:

Available Formats

BGP

(supersedes RFC 1771)

3 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

4 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

Single-homed customers normally use a static

2008 Juniper Networks, Inc. All rights reserved.

6 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

7 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

2008 Juniper Networks, Inc. All rights reserved.

The configuration of BGP is where many differences appear

9 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

2008 Juniper Networks, Inc. All rights reserved.

11 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

12 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

local-address command changes the source address of the

13 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

IOS-RTR-1#sh ip bgp summary

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

14 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

user@host> show bgp neighbor

15 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

All routes in JUNOS are in the routing table

user@host> show route advertising-protocol bgp 10.81.254.1

16 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

user@host> show route receive-protocol bgp 10.81.254.1

17 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

18 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

user@host> show route protocol bgp

Network Next Hop Metric LocPrf Weight Path

2008 Juniper Networks, Inc. All rights reserved.

user@host> show route 10.20.3/24 detail

20 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

This router does B GP

2008 Juniper Networks, Inc. All rights reserved.

2008 Juniper Networks, Inc. All rights reserved.

2008 Juniper Networks, Inc. All rights reserved.

2008 Juniper Networks, Inc. All rights reserved.

Nails, Inc. ISP C

2008 Juniper Networks, Inc. All rights reserved.

Remember, no per-flow load balancing by default

Nails, Inc. ISP C

26 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

27 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

28 Copyright 2009 Juniper Networks, Inc. www.juniper.net

2008 Juniper Networks, Inc. All rights reserved.

2008 Juniper Networks, Inc. All rights reserved.

If multiple paths, use generated routes