lab course routerlab
play

Lab Course RouterLab BGP - Border Gateway Protocol (RFC 4271) - PowerPoint PPT Presentation

Sep 28, 2022 •465 likes •859 views

Lab Course RouterLab BGP - Border Gateway Protocol (RFC 4271) Some of the slides come from: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf 1 Miscellaneous Anything that needs discussion? BGP 2 Miscellaneous Anything

  1. Lab Course “RouterLab” BGP - Border Gateway Protocol (RFC 4271) Some of the slides come from: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf 1

  2. Miscellaneous • Anything that needs discussion? BGP 2

  3. Miscellaneous • Anything that needs discussion? SUBMIT YOUR CONFIG FILES, TRACES, COMMAND DUMP!!! BGP 2

  4. Internet Routing • There is no single.... - Routing Protocol - Routing Configuration - Routing State, - Routing Management • ....... for the entire Internet! • Routing System is a collection of many components hopefully operating in a consistent manner BGP 3

  5. Internet Routing • Distance Vector • Link State - I tell you all my “best” - I announce to everyone routes for all about my links and the destinations that I addresses I originate on know and you tell me each link and listen to yours. everyone ʼ s announcement. - Build simplified - Build full topology topology from local perspective - E.g. OSPF - E.g. RIP BGP 4

  6. Internet Routing • The Routing Architecture uses a 2-level hierarchy, based on the concept of a routing domain ( Autonomous System - AS) • An AS is an interconnected network with a single exposed topology, a coherent routing policy, and a consistent metric framework • Within an AS: Interior Gateway Protocols - IGP • Among ASes: Exterior Gateway Protocols - EGP BGP 5

  7. IGPs and EGPs • IGPs - Distance Vector: RIP, IGRP, EIGRP - Link State: OSPF, IS-IS • EGPs - Distance Vector: (EGP, BGPv3) BGPv4 BGP 6

  8. RIP/OSPF RIP/OSPF RIP/OSPF What the Internet looks like! AS1 AS666 IS-IS/OSPF RIP/OSPF AS3 OSPF AS2 OSPF AS7 IS-IS EGP RIP AS69 IGP BGP 7

  9. Why BGP? ! Simple protocol to implement and operate ! Very simple distance metric ! Occludes local policies from external inspection ! Limited inter-SP coordination required ! Mature deployment Source: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf BGP 8

  10. Why BGP? ! Simple protocol to implement and So simple that to have full knowledge you should read 15 RFCs (~400 Pages!) operate ■ RFC 4271, A Border Gateway Protocol 4 (BGP-4) ■ ! Very simple distance metric RFC 4456, BGP Route Reflection - An Alternative to Full Mesh Internal BGP (IBGP) ■ RFC 4278, Standards Maturity Variance ! Occludes local policies from external Regarding the TCP MD5 Signature Option (RFC 2385) and the BGP-4 Specification inspection ■ RFC 4277, Experience with the BGP-4 Protocol ! Limited inter-SP coordination required ■ RFC 4276, BGP-4 Implementation Report ■ RFC 4275, BGP-4 MIB Implementation Survey ■ ! Mature deployment RFC 4274, BGP-4 Protocol Analysis ■ RFC 4273, Definitions of Managed Objects for BGP-4 ■ RFC 4272, BGP Security Vulnerabilities Analysis ■ RFC 3392, Capabilities Advertisement with BGP-4 ■ RFC 5065, Autonomous System Confederations for BGP ■ RFC 2918, Route Refresh Capability for BGP-4 ■ RFC 1772, Application of the Border Gateway Protocol in the Internet Protocol (BGP-4) using SMIv2 ■ RFC 4893, BGP Support for Four-octet AS Number Space Source: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf BGP 8

  11. Why BGP? ! Simple protocol to implement and operate AS-Path, which is a variation of the ! Very simple distance metric Distance-Vector Algorithm. ! Occludes local policies from external Guess what: it still doesn’t scale!!! inspection ! Limited inter-SP coordination required ! Mature deployment Source: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf BGP 8

  12. Why BGP? ! Simple protocol to implement and operate ! Very simple distance metric ! Occludes local policies from external Consequence of the Distance-Vector Algorithm. inspection ! Limited inter-SP coordination required ! Mature deployment Source: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf BGP 8

  13. Why BGP? ! Simple protocol to implement and operate ! Very simple distance metric ! Occludes local policies from external inspection ! Limited inter-SP coordination required BGP sessions are statically set up and manually managed, is this “limited inter- SP” coordination? ! Mature deployment Well.... they can do dirty things in the route selection process without the need to talk to each other! (You will do it in the worksheet) Source: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf BGP 8

  14. Why BGP? ! Simple protocol to implement and operate ! Very simple distance metric ! Occludes local policies from external inspection ! Limited inter-SP coordination required On this they are right! It is the “De ! Mature deployment Facto” Standard. Source: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf BGP 8

  15. BGP Basics • BGP obtains route to prefixes from neighboring ASes • BGP Propagate “best” routes to other neighbors - “best” depends on policies that depend on neighbors business relationship (customer-provider model, peering) • Each BGP routing object is a Prefix and a set of attributes: - <AS Path vector, Origin, Next Hop, Local Pref, …> ‣ AS Path Vector is a vector of AS identifiers that form a viable path - Used for loop prevention and best-path selection BGP 9

  16. RIP/OSPF RIP/OSPF RIP/OSPF Prefix Announcements AS1 AS666 AS3 AS2 AS7 10.0.0.0/8 AS69 BGP 10

  17. RIP/OSPF RIP/OSPF RIP/OSPF Prefix Announcements AS1 AS666 AS3 AS2 10.0.0.0/8 AS7 AS7 10.0.0.0/8 10.0.0.0/8 AS69 AS7 BGP 10

  18. RIP/OSPF RIP/OSPF RIP/OSPF Prefix Announcements 10.0.0.0/8 AS2 AS7 AS1 AS666 10.0.0.0/8 AS2 AS7 10.0.0.0/8 AS3 AS7 AS3 AS2 10.0.0.0/8 AS7 AS7 10.0.0.0/8 10.0.0.0/8 AS69 AS7 BGP 10

  19. RIP/OSPF RIP/OSPF RIP/OSPF Prefix Announcements 10.0.0.0/8 10.0.0.0/8 AS1 AS2 AS7 AS2 AS7 AS1 AS666 10.0.0.0/8 AS2 AS7 10.0.0.0/8 AS3 AS7 AS3 AS2 10.0.0.0/8 AS7 AS7 10.0.0.0/8 10.0.0.0/8 AS69 AS7 BGP 10

  20. RIP/OSPF RIP/OSPF RIP/OSPF Prefix Announcements 10.0.0.0/8 10.0.0.0/8 AS1 AS2 AS7 AS2 AS7 AS1 AS666 Prefix AS Path * 10.0.0.0/8 AS3 AS7 10.0.0.0/8 AS1 AS2 AS7 10.0.0.0/8 AS2 AS7 10.0.0.0/8 AS3 AS7 AS3 AS2 10.0.0.0/8 AS7 AS7 10.0.0.0/8 10.0.0.0/8 AS69 AS7 BGP 10

  21. BGP = DV Protocol • Maintains a collection of local best paths for all advertised prefixes • Passes changes to all neighbors containing: - One single best-path for each prefix - Only incremental updates never a full dump (unless opening the session or other specific events) • Changes reflect only events in the local database: - New reachability information to a prefix (update) - Reachability information lost for a prefix (withdraw) BGP 11

  22. BGP Messages • Peers exchange messages over TCP sessions - Port:179 - Can span several physical links • OPEN - Open TCP Connection - Authenticate peers • UPDATE - Advertises new paths - Withdraw old paths - Carry all the attributes of the path BGP 12

  23. BGP Messages • KEEPALIVE - Keeps connection alive in the absence of updates - Otherwise connection is reset due to inactivity • NOTIFICATION - Reports errors in previous messages - Used to close a session • ROUTE_REFRESH - Request for full routing information without breaking TCP connection - There are BGP sessions that have lasted years! BGP 13

  24. BGP Messages over TCP • BGP is not a byte stream protocol like TCP • The byte stream is divided into messages using BGP-defined markers • Each message is a standalone protocol element • Maximum message size: 4096 bytes BGP 14

  25. Path Attributes (I) • Origin - How this route was injected into BGP in the first place • Next_hop - Exit border router • Multi-Exit-Discriminator - Preference between 2 or more sessions among the same AS pair • Local-Pref - Local preference setting BGP 15

  26. Path Attributes (II) • Atomic Aggregate - The path is the result of aggregation • Aggregator - ID of proxy aggregator • Community - Locally defined information field • Destination-Pref - Preference setting for remote AS BGP 16

  27. RIP/OSPF RIP/OSPF RIP/OSPF Local_Pref AS1 AS666 Prefix AS Path * 10.0.0.0/8 AS3 AS7 10.0.0.0/8 AS1 AS2 AS7 AS3 AS2 AS7 10.0.0.0/8 AS69 BGP 17

  28. RIP/OSPF RIP/OSPF RIP/OSPF Local_Pref AS1 AS666 Prefix AS Path LP Prefix AS Path 10.0.0.0/8 AS3 AS7 10 * 10.0.0.0/8 AS3 AS7 * 10.0.0.0/8 AS1 AS2 AS7 20 10.0.0.0/8 AS1 AS2 AS7 AS3 AS2 AS7 10.0.0.0/8 AS69 BGP 17

  29. RIP/OSPF RIP/OSPF RIP/OSPF Peering & C-P Relationship AS1 $$ AS666 = $$ $$ Prefix AS Path LP 10.0.0.0/8 AS3 AS7 10 * 10.0.0.0/8 AS1 AS2 AS7 20 AS3 AS2 $$ $$ AS7 10.0.0.0/8 AS69 $$ Customer- Provider = Peering BGP 18

  30. RIP/OSPF RIP/OSPF RIP/OSPF MED Example 10.0.0.0/8 MED 10 11.0.0.0/8 MED 20 10.0.0.0/8 AS2 AS1 AS666 11.0.0.0/8 10.0.0.0/8 MED 20 11.0.0.0/8 MED 10 AS2 Text AS3 AS2 AS7 AS69 BGP 19

  31. eBGP and iBGP • eBGP is used across AS boundaries • To synchronize all eBGP speakers of an AS iBGP is used • iBGP sessions are manually configured • iBGP needs a full mesh (or at least a flooding hierarchy - Route Reflectors) • iBGP does not detect loops • iBGP does not prepend AS number BGP 20

  32. iBGP eBGP iBGP BGP 21

  33. iBGP eBGP iBGP BGP 21

  34. iBGP + RR Route-Reflector eBGP iBGP BGP 22

  35. Anything Missing? BGP 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Lab Course RouterLab Virtual LAN (VLAN) RouterLab Policies RouterLab = Experimental

Lab Course RouterLab Virtual LAN (VLAN) RouterLab Policies RouterLab = Experimental

Lab Course RouterLab Virtual LAN (VLAN) RouterLab Policies RouterLab = Experimental Platform Please do not ... reserve more time than you need! work on devices without reservations! interfere with other users!

232 views • 11 slides
Lab Course RouterLab Organization Tutorial Time Thursday, 16:00 st Except for

Lab Course RouterLab Organization Tutorial Time Thursday, 16:00 st Except for

Lab Course RouterLab Organization Tutorial Time Thursday, 16:00 st Except for May 21 st (Christi Himmelfahrt) Room A 052 (Architekturgebude) Goal Give hints on how to solve problems of new

511 views • 14 slides
Lab Course RouterLab RIP - Routing Information Protocol (RFC 2453) Some of the slides

Lab Course RouterLab RIP - Routing Information Protocol (RFC 2453) Some of the slides

Lab Course RouterLab RIP - Routing Information Protocol (RFC 2453) Some of the slides come from: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf 1 Monday, May 4, 2009 Miscellaneous Feedback Any other thing that needs

730 views • 23 slides
Lab Course RouterLab VLAN, Routing Information Protocol Miscellaneous Your feedback on

Lab Course RouterLab VLAN, Routing Information Protocol Miscellaneous Your feedback on

Lab Course RouterLab VLAN, Routing Information Protocol Miscellaneous Your feedback on work sheet 1? Don't reserve more time than you need! Check that inferfaces are no shutdown Lab -k if devices not accessible

527 views • 18 slides
Lab Course RouterLab OSPF - Open Shortest Path First (RFC 2328) Some of the slides come

Lab Course RouterLab OSPF - Open Shortest Path First (RFC 2328) Some of the slides come

Lab Course RouterLab OSPF - Open Shortest Path First (RFC 2328) Some of the slides come from: http://www.ietf.org/proceedings/07dec/slides/IDRTut-0.pdf 1 Miscellaneous Anything that needs discussion? OSPF 2 Internet Routing

690 views • 20 slides
Labcourse Routerlab Internet Protocol Version 6 (IPv6) IPv4 Shortcomings IPv4

Labcourse Routerlab Internet Protocol Version 6 (IPv6) IPv4 Shortcomings IPv4

Labcourse Routerlab Internet Protocol Version 6 (IPv6) IPv4 Shortcomings IPv4 addresses have 32 bits only not enough for 1 IP address per person dynamic IPs, NAT, Manual configuration time consuming (in larger

655 views • 16 slides
Lab Course RouterLab Virtual LAN (VLAN) Apoorv Shukla Philipp S. Tiesel Thorben Krueger

Lab Course RouterLab Virtual LAN (VLAN) Apoorv Shukla Philipp S. Tiesel Thorben Krueger

Lab Course RouterLab Virtual LAN (VLAN) Apoorv Shukla Philipp S. Tiesel Thorben Krueger Feedback from Worksheet-1 Any Questions or Problems (e.g. time slots)? First worksheet due tonight Sign up for module before the second

840 views • 19 slides
Lab Course RouterLab Open Shortest Path First (OSPF) Miscellaneous Don't set enable

Lab Course RouterLab Open Shortest Path First (OSPF) Miscellaneous Don't set enable

Lab Course RouterLab Open Shortest Path First (OSPF) Miscellaneous Don't set enable passwords on Cisco router ... OSPF (Open Shortest Path First) Open: specification publicly available RFC 1247, RFC 2328 Working

383 views • 24 slides
RouterLab LabCourse SoSe 2016 Worksheet 3: Access Networks with DHCP and IPv6 Stateless Address

RouterLab LabCourse SoSe 2016 Worksheet 3: Access Networks with DHCP and IPv6 Stateless Address

RouterLab LabCourse SoSe 2016 Worksheet 3: Access Networks with DHCP and IPv6 Stateless Address Auto Configuration Prof. Anja Feldmann, Philipp S. Tiesel, Thorben Krger, Apoorv Shukla IPv6 Scoped Address Architecture IPv6 addresses have

679 views • 19 slides
Lab Course RouterLab Border Gateway Protocol (BGP) Internet: Network of Networks AS

Lab Course RouterLab Border Gateway Protocol (BGP) Internet: Network of Networks AS

Lab Course RouterLab Border Gateway Protocol (BGP) Internet: Network of Networks AS 2 AS 1 AS 5 AS 3 AS 4 Internet: Structure and Routing Structure : &gt; 20,000 autonomous systems (ASs) Examples for ASs? Routing

374 views • 20 slides
Routerlab: Tunneling Thorben Kr uger original slides by Philipp S. Tiesel and Franziska

Routerlab: Tunneling Thorben Kr uger original slides by Philipp S. Tiesel and Franziska

Overview L2/L3/L4 VPN Other tunneling technologies Routerlab: Tunneling Thorben Kr uger original slides by Philipp S. Tiesel and Franziska Lichtblau June 1, 2016 1 / 27 Overview L2/L3/L4 VPN Other tunneling technologies Overview 1

663 views • 27 slides
CS7038 - Malware Analysis - Wk07.2 Malware Research Online Coleman Kane kaneca@mail.uc.edu

CS7038 - Malware Analysis - Wk07.2 Malware Research Online Coleman Kane kaneca@mail.uc.edu

CS7038 - Malware Analysis - Wk07.2 Malware Research Online Coleman Kane kaneca@mail.uc.edu February 22, 2018 Exploring the Online Ecosystem One nice aspect of malware analysis is that, since much of it originates online and

119 views • 10 slides
FutureGrid Tutorial @ CloudCom 2010 Indianapolis, Thursday Dec 2, 2010, 4:30-5:00pm

FutureGrid Tutorial @ CloudCom 2010 Indianapolis, Thursday Dec 2, 2010, 4:30-5:00pm

FutureGrid Tutorial @ CloudCom 2010 Indianapolis, Thursday Dec 2, 2010, 4:30-5:00pm laszewski@gmail.com Gregor von Laszewski, Greg Pike, Archit Kulshrestha, Andrew Younge, Fugang Wang, and the rest of the FG Team Community Grids Lab

953 views • 70 slides
Software Routers ECE/CS598HPN Radhika Mittal Dataplane programmability is useful New ISP

Software Routers ECE/CS598HPN Radhika Mittal Dataplane programmability is useful New ISP

Software Routers ECE/CS598HPN Radhika Mittal Dataplane programmability is useful New ISP services intrusion detection, application acceleration Flexible network monitoring measure link latency, track down traffic New protocols

929 views • 60 slides
:a-~ 1 0 ~ ~ \.)l :r v~ , :i; , : !. ~ - ~ ~ :~ &quot; ' ' ' ~ Pl ' ~ &quot;

:a-~ 1 0 ~ ~ \.)l :r v~ , :i; , : !. ~ - ~ ~ :~ &quot; ' ' ' ~ Pl ' ~ &quot;

. :a-~ 1 0 ~ ~ \.)l :r v~ , :i; , : !. ~ - ~ ~ :~ &quot; ' ' ' ~ Pl ' ~ &quot; lt l ) ' t:t. &quot;:t I{ ~ U.S . D rough l M onitor Septe mber 27, 201 1 Mnd l Y. $#.. 1t,. Z.ON J Southern Pl ai ns (IW ..-d \bid 1

407 views • 18 slides
net : Using net2o reinventing the internet Bernd Paysan EuroForth 2016, Konstanz/Reichenau

net : Using net2o reinventing the internet Bernd Paysan EuroForth 2016, Konstanz/Reichenau

Motivation Layer 7: Applications Get it Try it net : Using net2o reinventing the internet Bernd Paysan EuroForth 2016, Konstanz/Reichenau Motivation Layer 7: Applications Get it Try it Outline Motivation Layer 7: Applications Basic

749 views • 52 slides
OpenFlow / SDN: A New Approach to Networking Guru Parulkar

OpenFlow / SDN: A New Approach to Networking Guru Parulkar

OpenFlow / SDN: A New Approach to Networking Guru Parulkar (parulkar@stanford.edu) Johan van Reijendam (jvanreij@stanford.edu) Joe LiHle (jliHle@ee.stanford.edu)

601 views • 39 slides
Probability and Statistics for Computer Science Who discovered this? n 1 + 1 e = lim

Probability and Statistics for Computer Science Who discovered this? n 1 + 1 e = lim

Probability and Statistics for Computer Science Who discovered this? n 1 + 1 e = lim n n Credit: wikipedia Hongye Liu, Teaching Assistant Prof, CS361, UIUC, 09.24.2020 the number ? what is an pkqn = In - k &quot; ( Pt q ) k

913 views • 57 slides
Course CME 310 Solar Power for Africa Overview on Rwandan

Course CME 310 Solar Power for Africa Overview on Rwandan

Course CME 310 Solar Power for Africa Overview on Rwandan history. The role of NGOs and foreign aids in the development of Rwanda aEer

1.04k views • 56 slides
Detention Operations Policy &amp; the Global War on Terrorism Office of Detainee Affairs

Detention Operations Policy &amp; the Global War on Terrorism Office of Detainee Affairs

Detention Operations Policy &amp; the Global War on Terrorism Office of Detainee Affairs Presentation for the University of California - Berkeley November 30, 2005 Bryan C. Del Monte Deputy Director for Policy Development &amp; International

499 views • 25 slides
electurefy Jenny Farman | Daniel Hok Juan Posadas | Nikhita Obeegadoo Overview Mobile app

electurefy Jenny Farman | Daniel Hok Juan Posadas | Nikhita Obeegadoo Overview Mobile app

electurefy Jenny Farman | Daniel Hok Juan Posadas | Nikhita Obeegadoo Overview Mobile app for students &amp; instructors Lecture effective tool Empower students and instructors Team Mission Statement Bridge communication

324 views • 21 slides
1

1

477 views • 36 slides
What is Identity Theft? &quot;Someone obtaining your personal identifying information without

What is Identity Theft? &quot;Someone obtaining your personal identifying information without

Identity Fraud: Protecting Your Identity Between Work and Play Ryan Sothan, Outreach Coordinator Nebraska Department of Justice, Office of the Attorney General Consumer Protection and Anti-Trust Division What is Identity Theft?

314 views • 18 slides
Speaker Attribution in Cabinet Protocols Josef Ruppenhofer, Caroline Sporleder, &amp; Fabian

Speaker Attribution in Cabinet Protocols Josef Ruppenhofer, Caroline Sporleder, &amp; Fabian

Speaker Attribution in Cabinet Protocols Josef Ruppenhofer, Caroline Sporleder, &amp; Fabian Shirokov May 19, 2010 Ruppenhofer, Sporleder &amp; Shirokov () Speaker Attribution in Cabinet Protocols May 19, 2010 1 / 29 Part I Introduction

500 views • 38 slides

More recommend