Lecture12-Internetworking
Transcript of Lecture12-Internetworking
-
8/18/2019 Lecture12-Internetworking
1/14
1
Border Gateway Protocol
Inter-domain Routing Basics
► Exterior routing protocols created to:
control the expansion of routing tables
provide a structured view of the Internet by
segregating routing domains into separate
administrations called “Autonomous systems”
(AS)
each AS can have an independent routingpolicy
Inter-domain Routing Basics
► Autonomous system (AS):
set of routers have a single routing policy running
under a single administration
could be a collection of IGPs working together toprovide interior routing
► Outside world AS looks like a single entity –
identified by a AS#
► Routing information between ASs exchanged by
the Border Gateway Protocol (BGP)
Inter-domain Routing Basics
-
8/18/2019 Lecture12-Internetworking
2/14
2
Inter-domain Routing Basics
Stub AS:
► An AS is considered “stub” when it reaches
networks outside it domain via a single exit point
► Stub AS is single-homed with respect to its
provider
► Stub AS uses from the “private pool” 65412-
65535► Stub AS need not learn any AS-level routes –
just use a default route to provider AS
Inter-domain Routing Basics
Multihomed Nontransit AS
► AS is multihomed if it has more than one exitpoint to outside
► AS can be multihomed to a single or multipleproviders
► Nontransit AS does not allow transit traffic to gothrough it
►
Transit traffic has source and destination outsidethe AS
► A nontransit AS would only advertise its ownroutes and not routes it learned from others
Inter-domain Routing Basics
► Other ASs can force traffic through a nontransit
multihomed AS – AS must filter traffic to prevent
this
Inter-domain Routing Basics
Multihomed Transit AS
► Allows transit traffic to pass through
►
BGP can be used as a “pipe” to exchangeBGP updates within an AS – Internal BGP(IBGP)
►BGP connections between ASs calledExternal BGP (EBGP)
►Routers running EBGP called borderrouters and IBGP called transit routers
-
8/18/2019 Lecture12-Internetworking
3/14
3
Inter-domain Routing Basics Inter-domain Routing Basics
► BGP is a path vector protocol used to carry
routing information between ASs
► Path refers to a sequence of AS#s – indicating
the path traversed
► Two BGP routers forming a transport level
connection to exchange information is called
peers
Inter-domain Routing Basics
► Initially, all candidate routes are exchanged
► Incremental updates (deltas) are sent as
network information changes
► BGP message header is given below
Inter-domain Routing Basics
►Marker field (16-bytes) used to
authenticate the incoming BGP message
►
BGP message length can be in [19-4096]bytes
►BGP message types:
OPEN:
UPDATE
NOTIFICATION
KEEPALIVE
-
8/18/2019 Lecture12-Internetworking
4/144
Inter-domain Routing Basics
►OPEN message:
opens a connection between BGP peers –
should be completed for successful BGP
operation
exchanges the following information – AS# (2
byte field), hold time (maximum amount of
time in seconds that can elapse betweensuccessive KEEPALIVE or UPDATE
message), BGP identifier, optional
parameters, optional parameter length
Inter-domain Routing Basics
►NOTIFICATION message:
when an error is detected after a BGP
connection is established, a BGP peer sends
a NOTIFICATION message before closing the
peer connection
administrators need to examine the
NOTIFICATION message to determine thecause of the error
Inter-domain Routing Basics
►KEEPALIVE message:
these messages are exchanged between
peers to determine reachability
keepalive messages are sent at a rate that
ensures that the hold time will not expire
Inter-domain Routing Basics
►UPDATE message:
update messages use the following:
• network layer reachability information (NLRI)
• path attributes
• unreachable routes
NLRI is given using IP prefixes to be
compatible with CIDR
-
8/18/2019 Lecture12-Internetworking
5/145
Inter-domain Routing Basics
NLRI – network layer reachability information
Inter-domain Routing Basics
►BGP path attributes are used to keep track
of route specific information:
degree of preference
next hop value of a route
aggregation information
Building Peer Sessions
► When neighbor sessions are established during
OPEN
peer routers use AS#s to determine whether they are
in the same AS or not IBGP or EBGP is used based on this information
Building Peer Sessions
► Normally external BGP routers are restricted to
be connected by the same network segment
-
8/18/2019 Lecture12-Internetworking
6/146
Building Peer Sessions
►Synchronization within an AS
BGP must be synchronized with IGP such that
it waits until the IGP has propagated routing
information across AS before advertising
transit routes to other ASs
if advertised before, the AS may receive traffic
that cannot be routed!when a router receives updates from an IBGP
peer it should verify the reachability using IGP
before advertising to other EBGP peers
Building Peer Sessions
► Injecting BGP routes into AS is costly:
distributing routes from BGP into IGP results
in major overhead on internal routers
carrying all external routes into an AS is
unnecessary
internal non-BGP routers can use default exit
BGP (border or transit) routers to leave AS –this may be suboptimal
Sources of Routing Updates
► Injecting information statically into BGP: proves to be most effective in ensuring route stability
IGP routes (or aggregates) that need to be advertisedare manually defined as static routes
static routes have the disadvantage that the routesmay not accurately reflect the current state
not much of a problem for “single point” updates
for “multiple point” updates, black holes can becreated – destination actually reachable but routesare incorrect
Sources of Routing Updates
► Injecting information dynamically into
BGP:
can be divided into purely dynamic – where all
IGP routes are redistributed into BGP
semidynamic – where only certain IGP routes
are injected into BGP
semidynamic allows the administrators to
choose which routes should be advertised
distributing the whole of IGP routes into BGP
can cause information leakage
-
8/18/2019 Lecture12-Internetworking
7/147
Sources of Routing Updates
►Dynamic approach can lead to unstable
routes
route dampening is used to reduce the
fluctuations
BGP Routing Process
►Routing process involves the following:
pool of routes that the router receives from its
peer
input policy engine that filter routes or
manipulate their attributes
decision process that decides which routes
the router itself will useoutput policy engine the can filter routes or
manipulate their attributes
pool of routes that are advertised to other
peers
BGP Routing Process BGP Routing Process
► Input policy engine:
filtering is done on different parameters such
as IP prefixes, AS_path information, and
attribute information
input policy engine also manipulates the path
attributes to influence its own decision – filter
certain network numbers, give certain route a
better local preference, etc
-
8/18/2019 Lecture12-Internetworking
8/148
BGP Routing Process
NEXT_HOP Attribute:
►For EBGP next hop is the IP address of
the neighbor announcing the route
►For IBGP sessions, for routes originated
inside the AS, the next hop is the IP
address of the neighbor that announced
the route
►Routes injected in AS via EBGP, next hop
is carried unaltered
BGP Routing Process BGP Routing Process
► AS_path attribute is a mandatory attribute
sequence of AS#s a route has traversed to reach a
destination
AS originating the route adds its own AS numberwhen sending the route to its external BGP peers
Each AS that transmits the sequence prepends its
own AS# to the sequence – originating AS will be at
the “end” of the sequence
► BGP uses AS_path as part of the routing
updates
-
8/18/2019 Lecture12-Internetworking
9/149
BGP Routing Process
► If route is advertised to the AS that originated it (loop),
the AS_path attribute will contain the AS#, the AS will
reject the route
BGP Routing Process
► Private ASs:
to conserve AS numbers, InterNIC, generally does
not assign a legal AS# to customers whose policies
are extensions of providers
BGP Routing Process
►Route aggregation involves summarizing
ranges of routes into one or more CIDR
blocks
drawback is the loss of granularity that existed
in the specific routes that form the aggregate
if AS_path information that existed in multiple
routes are lost, routing loops can be created
BGP Routing Process
-
8/18/2019 Lecture12-Internetworking
10/1410
BGP Routing Process
► AS_path can be manipulated to affect
interdomain routing behavior – BGP
prefers shorter path over larger ones
include dummy AS#s to increase path lengths
and influence the traffic
BGP Routing Process
BGP Routing Process Path Vectors
►Route aggregation:
BGP-4 supports “supernetting” to fully exploit
CIDR
Instead of representing addresses as 32-bit
numbers 9.0.0.0, 128.96.0.0, or 192.4.18.0
a prefix notation is used: 9/8 (8-bit prefix),
128.96/16 (16-bit prefix), or 192.4.18/24 (24-
bit prefix)
to reduce the size of the routing tables -- route
aggregation is performed
-
8/18/2019 Lecture12-Internetworking
11/1411
Path Vectors
► AS T manages two class C networks197.8.0/24 and 197.8.1/24 -- this can be
represented by a 23-bit prefix 197.8.0/23
if there are two more ASs X and Y that use Tas transit AS and they are allocated197.8.3/24 and 197.8.4/24 respectively
►Without route aggregation, AS T
announces 3 routes to its neighbor ZPath 1: through T, reaches 197.8.0/23Path 2: through T, X, reaches 197.8.2/24
Path 3: through T, Y, reaches 197.8.3/24
Path Vectors
►With route aggregationPath 1: reaches 197.8.0/22
►What is the path?we cannot just list T, loop detection need the
complete path
listing a complete path like T, X, Y ismisleading -- implies a three hop path
► AS path attribute into two components:ordered list -- AS sequence
unordered set -- AS set
Path: (Sequence (T), Set (X, Y))
Path Vectors
► If Z wants to forward this path to one of itsneighbors, it will place its own AS # in thefront
Path: (Sequence (Z, T), Set (X, Y))►Sequence and set components are used
for loop detection
►Rule for path aggregation:sequence components should be the
intersection of all sequences
set of components contain all the ASsmentioned in any of the paths to aggregateyet are not present in the aggregatedsequence
Path Vectors
► “Path vectors” is an important concept of
the BGP
► It provides for loop-free routing in complex
topologies
-
8/18/2019 Lecture12-Internetworking
12/1412
Path Vectors
► Can we use link state ideas?
by distributing to all external routers a complete map
of the Internet (aggregated of course)
let the routers compute the shortest paths
Inter Domain Policy Routing (IDPR) is based on this
idea
a problem with this approach is updating the
distributed maps OSPF recommends 200 routers for an OSPF area
and there are definitely more than 200 ASs
Path Vectors
► In distance vector protocol, all information aboutthe route to a destination is concentrated in the“metric” value -- insufficient for fast loopresolution
► BGP approach: routing update carries a full list of ASs traversed
between source and dest -- a loop occurs if an AS islisted twice in this list
loop prevention: external router checks whether it isalready listed on a path -- if so refuses to use it
listing the complete path (list of AS numbers) causesthe size of routing messages and memory needed forrunning the protocol to increase
Internal and External Peers
► An external (border) router that learned
about a path towards a network should
update the local AS routing table
Internal and External Peers
► The AS path announced by D to C should
include X and Z
► The information available to D through IGP is
that routes are available to X’s networks this may not be enough to propagate useful BGP
update message to C
► BGP establishes an “internal” BGP connection
will all the external routers in a AS -- connecting
the external routers in a fully connected graph
independent of the IGP
-
8/18/2019 Lecture12-Internetworking
13/14
13
Internal and External Peers
►Maintaining a fully connected graph is a
very heavy requirement if the number of
external (border) routers is large
►Route reflectors are used to alleviate this
problem – share the routes within the
domain – need not have a full mesh.
Border Gateway Protocol
►BGP runs over the TCP -- delegating error
control to TCP makes BGP design simpler
►Drawbacks of using TCP:
susceptible to congestion related problems
this in turn could make the congestion even
worse when BGP is carrying routing
information needed to cure congestion
could use “high” priority for such datagrams to
reduce this types of problems
Border Gateway Protocol
►Because BGP uses TCP -- reliable
protocol, it can exchange data
incrementally
BGP header:
►BGP protocol includes a “delimitation”
function that separates the byte stream
into a set of independent messages
Border Gateway Protocol
► The 16-byte marker is designed for security
purposes
could be a cryptographic sum of the message and
can only be checked after complete reception► Routers supporting BGP wait for BGP
connections on port 179
a routing wanting to establish a connection first
creates a TCP connection
once connection established, OPEN message is sent
-
8/18/2019 Lecture12-Internetworking
14/14
14
Border Gateway Protocol
OPEN message is used to negotiate
association’s parameters
► AS is set to the AS of the sending router
►BGP identifier is one of the IP interface
addresses of the BGP router
Border Gateway Protocol
► Hold time -- amount of time (in seconds) used by
the “keep alive” procedure
► Initialization could fail:
if the version is not supported by the peer
if the authentication fails
connection collision occurs when both BGP peers
attempt to set up a connection simultaneously
► Hold time defines the time that may elapse
between two consecutive KEEPALIVE or
UPDATE messages
Border Gateway Protocol
►BGP Updates:
►Once connection is established, BGP
stations start exchanging “updates”
►Updates can
advertise “unfeasible” routes -- routes that are
withdrawn since the last update