DD2491, p2 2009
Inter-domain routing and BGPBGP in JunOS
Olof Hagsand KTH/CSC
DD2491 p2 2009
DD2491, p2 2009
JunOS Routing modelNeighbours
Protocols
Neighbours
Protocols
RIB
FIB
ExportImport
Note: Export policies may be applied only to active routes!
Protocol Default import action Default export action
direct and static accept all N/A
RIP accept all RIP routes reject all
BGP accept all BGP routes export all active BGP routes
IS-IS accept all IS-IS routes reject all (IS-IS uses LSAs)
OSPF accept all OSPF routes reject all (OSPF uses LSAs)
MPLS accept all MPLS routes export all active MPLS routes
DD2491, p2 2009
BGP Routing Process Model
• Pool of routes received from peers
• Import policy for filtering and attribute manipulation
• Decision process to select best routes
• Pool of routes used by router
• Export policy for filtering and attribute manipulation
• Pool of routes that the router advertises
Peer
importpolicy
decisionprocess
RIBRIB exportpolicy
Peer
Peer Peer
DD2491, p2 2009
BGP Routing Information Bases (BGP RIBs)CISCO version
Adj-RIB-In
Adj-RIB-In
Adj-RIB-In
Adj-RIB-In
BGPdecisionprocess
Loc-RIB
Adj-RIB-Out
Adj-RIB-Out
Adj-RIB-Out
Adj-RIB-Out
Input Policy Engine Output Policy Engine
© 2001 Cisco Press
DD2491, p2 2009
BGP RIBsBGP routing table consists of three parts• Adj-RIB-In
– One per peer BGP speaker
– Stores routing information learned from peer
– Filtered/manipulated input policy engine
• Loc-RIB– Selected best routes by decision process to each available
destination
• Adj-RIB-Out– One per peer BGP speaker
– Stores routing information selected for advertisement to peer
– Output policy applied to Loc-RIB before going into Adj-RIB-Out
– This is redistributed if REFRESH capability is used
DD2491, p2 2009
Import/Export Policy• Import policy
– Affects routes received from peer BGP speakers
– Filtering based on IP prefixes, AS_PATH and other BGP attributes
– Manipulates path attributes to influence its own decision process
• Export policy
– Affects routes in Loc-RIB (candidates for advertisement)
• In JunoS: only active BGP routes
– Differentiates between internal and external peers
DD2491, p2 2009
BGP example policies
AS1
importpolicy
decisionprocess
RIBRIB exportpolicy
AS3
AS2 AS4
10.0.0.0/240/0
10.0.0.0/2410.2.0.0/240/0
•Deny 0/0 from AS1•Give 10.0.0.0/24 from AS1 better pref
•Use 10.0.0.0/24 from AS1•Use 0/0 and 10.2.0.0/24 from AS2
•Do not propagate 0/0•Do not announce 10.2.0.0/24 to AS3•Give 10.0.0.0/24 metric 10 toward AS4
10.0.0.0/24
10.0.0.0/2410.2.0.0/24
0/0 AS2 BGP10.0.0.0/24 AS1 BGP10.2.0.0/24 AS2 BGP
DD2491, p2 2009
Configuring BGP in JunOS
• Many configurations can be made on global, group and peer level.
• More specific is preferred (peer before group before global)
protocol bgp { mtu-discovery Global properties group external-peers { type external; Group properties peer-as 42; neighbor 192.168.200.13;
neighbor 192.168.200.14;neighbor 192.168.200.14{
peer-as 93; Peer properties}
}}
See: http://www.juniper.net/techpubs/software/junos/junos92/
DD2491, p2 2009
BGP commands in JunOS (1) advertise-inactive Advertise inactive routes advertise-peer-as Advertise routes received from the same autonomous system authentication-algorithm Authentication algorithm name authentication-key MD5 authentication key authentication-key-chain Key chain name cluster Cluster identifier damping Enable route flap damping description Text description disable Disable BGP+ export Export policy> family Protocol family for NLRIs in updates> graceful-restart BGP graceful restart options> group Define a peer group hold-time Hold time used when negotiating with a peer+ import Import policy include-mp-next-hop Include NEXT-HOP attribute in multiprotocol updates ipsec-sa IPSec SA name keep How to retain routes in the routing table
DD2491, p2 2009
BGP commands in JunOS (2)
local-address Address of local end of BGP session> local-as Local autonomous system number local-preference Value of LOCAL_PREF path attribute log-updown Log a message for peer state transitions> metric-out Route metric sent in MED mtu-discovery Enable TCP path MTU discovery> multihop Configure an EBGP multihop session no-advertise-peer-as Don't advertise routes received from the same
autonomous system no-aggregator-id Set router ID in aggregator path attribute to 0 out-delay How long before exporting routes from routing table passive Do not send open messages to a peer> path-selection Configure path selection strategy peer-as Peer autonomous system number (1..65535) preference Preference value remove-private Remove well-known private AS numbers tcp-mss Maximum TCP segment size (1..4096)> traceoptions Trace options for BGP
DD2491, p2 2009
Routing policy: syntax and flow
• Changing the default routing policy
• Syntax:
policy-options {
policy-statement name { term term-name { from {
match; } then {
action; } }
}} term1 term2
defaultpolicy
term3
term1 term2 term3
Policy 1
Policy 2
term
accept
reject
nextroute
DD2491, p2 2009
Applying policies
• Export policy evaluation order: p4->p2->p0
• If verdict (accept, reject) policy chain is terminated
• Side-effects may still apply
protocol bgp { export p0; Global properties import p1; group external-peers { type external; Group properties export p2;
import p3;neighbor 192.168.200.14{
export p4; Peer propertiesimport p5;
} }}
DD2491, p2 2009
Policy-options statements
• as-path name reg-exp
– Create a named AS-PATH regular expression
– Example: as-path asp0 “65000{4}”
• as-path-group { [as-path] }
• community name members [ ids ]
– Example: community c0 members 701:555
• damping name [options]
• policy-statement
• prefix-list name { ip-addresses }
– Create a named list of prefixes
– Example: prefix-list p0 {10.0.0.1; 192.168.1.0/24;}
# set policy-options ?
DD2491, p2 2009
Policy-statement matches
– as-path– community– family– local-preference– metric– neighbor– next-hop– origin– preference– prefix-list– protocol– route-filter– ...
# set policy-options policy-statement <name> term <name> from ?
DD2491, p2 2009
Policy-statement actions
• accept
• reject
• next policy
• next term
• trace
Side-effects with accept:– as-path-prepend– community– color– external– load-balance per-packet– local-preference– metric– next-hop– origin– preference
# set policy-options policy-statement <name> term <name> then ?
DD2491, p2 2009
Lab overview
RTX3
RTX2
RTX1
RTX4
Tier1
AS6500X AS6500X+1
10.X.8.0/2410.X.9.0/2410.X.10.0/2410.X.11.0/24
AS65500
0/0/0
0/0/0
1/0/1
1/0/1
1/0/1
1/0/1 1/0/0
1/0/0
1/0/0
1/0/0
192.71.23.32/27
.1
.1.1 .2 .2
.2
AS6500X-1
0/0/0
Top Related