Lecture12-Internetworking

8/18/2019 Lecture12-Internetworking

1/14

1

Border Gateway Protocol

Inter-domain Routing Basics

► Exterior routing protocols created to:

control the expansion of routing tables

provide a structured view of the Internet by

segregating routing domains into separate

administrations called “Autonomous systems”

(AS)

each AS can have an independent routingpolicy


► Autonomous system (AS):

set of routers have a single routing policy running

under a single administration

could be a collection of IGPs working together toprovide interior routing

► Outside world AS looks like a single entity –

identified by a AS#

► Routing information between ASs exchanged by

the Border Gateway Protocol (BGP)



2/14

2


Stub AS:

► An AS is considered “stub” when it reaches

networks outside it domain via a single exit point

► Stub AS is single-homed with respect to its

provider

► Stub AS uses from the “private pool” 65412-

65535► Stub AS need not learn any AS-level routes –

just use a default route to provider AS


Multihomed Nontransit AS

► AS is multihomed if it has more than one exitpoint to outside

► AS can be multihomed to a single or multipleproviders

► Nontransit AS does not allow transit traffic to gothrough it

►

Transit traffic has source and destination outsidethe AS

► A nontransit AS would only advertise its ownroutes and not routes it learned from others


► Other ASs can force traffic through a nontransit

multihomed AS – AS must filter traffic to prevent

this


Multihomed Transit AS

► Allows transit traffic to pass through

►

BGP can be used as a “pipe” to exchangeBGP updates within an AS – Internal BGP(IBGP)

►BGP connections between ASs calledExternal BGP (EBGP)

►Routers running EBGP called borderrouters and IBGP called transit routers


3/14

3

Inter-domain Routing Basics Inter-domain Routing Basics

► BGP is a path vector protocol used to carry

routing information between ASs

► Path refers to a sequence of AS#s – indicating

the path traversed

► Two BGP routers forming a transport level

connection to exchange information is called

peers


► Initially, all candidate routes are exchanged

► Incremental updates (deltas) are sent as

network information changes

► BGP message header is given below


►Marker field (16-bytes) used to

authenticate the incoming BGP message

►

BGP message length can be in [19-4096]bytes

►BGP message types:

OPEN:

UPDATE

NOTIFICATION

KEEPALIVE


4/144


►OPEN message:

opens a connection between BGP peers –

should be completed for successful BGP

operation

exchanges the following information – AS# (2

byte field), hold time (maximum amount of

time in seconds that can elapse betweensuccessive KEEPALIVE or UPDATE

message), BGP identifier, optional

parameters, optional parameter length


►NOTIFICATION message:

when an error is detected after a BGP

connection is established, a BGP peer sends

a NOTIFICATION message before closing the

peer connection

administrators need to examine the

NOTIFICATION message to determine thecause of the error


►KEEPALIVE message:

these messages are exchanged between

peers to determine reachability

keepalive messages are sent at a rate that

ensures that the hold time will not expire


►UPDATE message:

update messages use the following:

• network layer reachability information (NLRI)

• path attributes

• unreachable routes

NLRI is given using IP prefixes to be

compatible with CIDR


5/145


NLRI – network layer reachability information


►BGP path attributes are used to keep track

of route specific information:

degree of preference

next hop value of a route

aggregation information

Building Peer Sessions

► When neighbor sessions are established during

OPEN

peer routers use AS#s to determine whether they are

in the same AS or not IBGP or EBGP is used based on this information


► Normally external BGP routers are restricted to

be connected by the same network segment


6/146


►Synchronization within an AS

BGP must be synchronized with IGP such that

it waits until the IGP has propagated routing

information across AS before advertising

transit routes to other ASs

if advertised before, the AS may receive traffic

that cannot be routed!when a router receives updates from an IBGP

peer it should verify the reachability using IGP

before advertising to other EBGP peers


► Injecting BGP routes into AS is costly:

distributing routes from BGP into IGP results

in major overhead on internal routers

carrying all external routes into an AS is

unnecessary

internal non-BGP routers can use default exit

BGP (border or transit) routers to leave AS –this may be suboptimal

Sources of Routing Updates

► Injecting information statically into BGP: proves to be most effective in ensuring route stability

IGP routes (or aggregates) that need to be advertisedare manually defined as static routes

static routes have the disadvantage that the routesmay not accurately reflect the current state

not much of a problem for “single point” updates

for “multiple point” updates, black holes can becreated – destination actually reachable but routesare incorrect


► Injecting information dynamically into

BGP:

can be divided into purely dynamic – where all

IGP routes are redistributed into BGP

semidynamic – where only certain IGP routes

are injected into BGP

semidynamic allows the administrators to

choose which routes should be advertised

distributing the whole of IGP routes into BGP

can cause information leakage


7/147


►Dynamic approach can lead to unstable

routes

route dampening is used to reduce the

fluctuations

BGP Routing Process

►Routing process involves the following:

pool of routes that the router receives from its

peer

input policy engine that filter routes or

manipulate their attributes

decision process that decides which routes

the router itself will useoutput policy engine the can filter routes or

manipulate their attributes

pool of routes that are advertised to other

peers

BGP Routing Process BGP Routing Process

► Input policy engine:

filtering is done on different parameters such

as IP prefixes, AS_path information, and

attribute information

input policy engine also manipulates the path

attributes to influence its own decision – filter

certain network numbers, give certain route a

better local preference, etc


8/148

BGP Routing Process

NEXT_HOP Attribute:

►For EBGP next hop is the IP address of

the neighbor announcing the route

►For IBGP sessions, for routes originated

inside the AS, the next hop is the IP

address of the neighbor that announced

the route

►Routes injected in AS via EBGP, next hop

is carried unaltered

BGP Routing Process BGP Routing Process

► AS_path attribute is a mandatory attribute

sequence of AS#s a route has traversed to reach a

destination

AS originating the route adds its own AS numberwhen sending the route to its external BGP peers

Each AS that transmits the sequence prepends its

own AS# to the sequence – originating AS will be at

the “end” of the sequence

► BGP uses AS_path as part of the routing

updates


9/149

BGP Routing Process

► If route is advertised to the AS that originated it (loop),

the AS_path attribute will contain the AS#, the AS will

reject the route

BGP Routing Process

► Private ASs:

to conserve AS numbers, InterNIC, generally does

not assign a legal AS# to customers whose policies

are extensions of providers

BGP Routing Process

►Route aggregation involves summarizing

ranges of routes into one or more CIDR

blocks

drawback is the loss of granularity that existed

in the specific routes that form the aggregate

if AS_path information that existed in multiple

routes are lost, routing loops can be created

BGP Routing Process


10/1410

BGP Routing Process

► AS_path can be manipulated to affect

interdomain routing behavior – BGP

prefers shorter path over larger ones

include dummy AS#s to increase path lengths

and influence the traffic

BGP Routing Process

BGP Routing Process Path Vectors

►Route aggregation:

BGP-4 supports “supernetting” to fully exploit

CIDR

Instead of representing addresses as 32-bit

numbers 9.0.0.0, 128.96.0.0, or 192.4.18.0

a prefix notation is used: 9/8 (8-bit prefix),

128.96/16 (16-bit prefix), or 192.4.18/24 (24-

bit prefix)

to reduce the size of the routing tables -- route

aggregation is performed


11/1411

Path Vectors

► AS T manages two class C networks197.8.0/24 and 197.8.1/24 -- this can be

represented by a 23-bit prefix 197.8.0/23

if there are two more ASs X and Y that use Tas transit AS and they are allocated197.8.3/24 and 197.8.4/24 respectively

►Without route aggregation, AS T

announces 3 routes to its neighbor ZPath 1: through T, reaches 197.8.0/23Path 2: through T, X, reaches 197.8.2/24

Path 3: through T, Y, reaches 197.8.3/24

Path Vectors

►With route aggregationPath 1: reaches 197.8.0/22

►What is the path?we cannot just list T, loop detection need the

complete path

listing a complete path like T, X, Y ismisleading -- implies a three hop path

► AS path attribute into two components:ordered list -- AS sequence

unordered set -- AS set

Path: (Sequence (T), Set (X, Y))

Path Vectors

► If Z wants to forward this path to one of itsneighbors, it will place its own AS # in thefront

Path: (Sequence (Z, T), Set (X, Y))►Sequence and set components are used

for loop detection

►Rule for path aggregation:sequence components should be the

intersection of all sequences

set of components contain all the ASsmentioned in any of the paths to aggregateyet are not present in the aggregatedsequence

Path Vectors

► “Path vectors” is an important concept of

the BGP

► It provides for loop-free routing in complex

topologies


12/1412

Path Vectors

► Can we use link state ideas?

by distributing to all external routers a complete map

of the Internet (aggregated of course)

let the routers compute the shortest paths

Inter Domain Policy Routing (IDPR) is based on this

idea

a problem with this approach is updating the

distributed maps OSPF recommends 200 routers for an OSPF area

and there are definitely more than 200 ASs

Path Vectors

► In distance vector protocol, all information aboutthe route to a destination is concentrated in the“metric” value -- insufficient for fast loopresolution

► BGP approach: routing update carries a full list of ASs traversed

between source and dest -- a loop occurs if an AS islisted twice in this list

loop prevention: external router checks whether it isalready listed on a path -- if so refuses to use it

listing the complete path (list of AS numbers) causesthe size of routing messages and memory needed forrunning the protocol to increase

Internal and External Peers

► An external (border) router that learned

about a path towards a network should

update the local AS routing table


► The AS path announced by D to C should

include X and Z

► The information available to D through IGP is

that routes are available to X’s networks this may not be enough to propagate useful BGP

update message to C

► BGP establishes an “internal” BGP connection

will all the external routers in a AS -- connecting

the external routers in a fully connected graph

independent of the IGP


13/14

13


►Maintaining a fully connected graph is a

very heavy requirement if the number of

external (border) routers is large

►Route reflectors are used to alleviate this

problem – share the routes within the

domain – need not have a full mesh.


►BGP runs over the TCP -- delegating error

control to TCP makes BGP design simpler

►Drawbacks of using TCP:

susceptible to congestion related problems

this in turn could make the congestion even

worse when BGP is carrying routing

information needed to cure congestion

could use “high” priority for such datagrams to

reduce this types of problems


►Because BGP uses TCP -- reliable

protocol, it can exchange data

incrementally

BGP header:

►BGP protocol includes a “delimitation”

function that separates the byte stream

into a set of independent messages


► The 16-byte marker is designed for security

purposes

could be a cryptographic sum of the message and

can only be checked after complete reception► Routers supporting BGP wait for BGP

connections on port 179

a routing wanting to establish a connection first

creates a TCP connection

once connection established, OPEN message is sent


14/14

14


OPEN message is used to negotiate

association’s parameters

► AS is set to the AS of the sending router

►BGP identifier is one of the IP interface

addresses of the BGP router


► Hold time -- amount of time (in seconds) used by

the “keep alive” procedure

► Initialization could fail:

if the version is not supported by the peer

if the authentication fails

connection collision occurs when both BGP peers

attempt to set up a connection simultaneously

► Hold time defines the time that may elapse

between two consecutive KEEPALIVE or

UPDATE messages


►BGP Updates:

►Once connection is established, BGP

stations start exchanging “updates”

►Updates can

advertise “unfeasible” routes -- routes that are

withdrawn since the last update

Lecture12-Internetworking

Documents

Transcript of Lecture12-Internetworking