Exterior Gateway Protocols: EGP, BGP-4, CIDR
Exterior Gateway Protocols:EGP, BGP-4, CIDRShivkumar KalyanaramanRensselaer Polytechnic edu/Homepages/shivkumaBased in part upon slides of Tim Griffin (AT&T), Ion Stoica (UCB), J. Kurose (U Mass), Noel Chiappa(MIT)Shivkumar KalyanaramanRensselaer Polytechnic Institute1
Overview Cores, Peers, and the limit of default routesAutonomous systems & EGPBGP4CIDR: reducing router table sizesRefs: Chap 10,14,15. Books: “Routing in Internet” by Huitema, “Interconnections” byPerlman, “BGP4” by Stewart, Sam Halabi, Danny McPherson, Internet RoutingArchitecturesReading: Geoff Huston, Commentary on Inter-domain Routing in the InternetReference: BGP-4 Standards Document: In TXTReading: Norton, Internet Service Providers and PeeringReading: Labovitz et al, Delayed Internet Routing ConvergenceReference: Paxson, End-to-End Routing Behavior in the Internet,Reading: Interdomain Routing: Additional Notes: In PDF In MS WordReference Site: Griffin, Interdomain Routing LinksShivkumar Kalyanaraman Rensselaer Polytechnic Institute2
History: Default Routes: limitsDefault routes partial information Routers/hosts w/ default routes rely on otherrouters to complete the picture. In general routing “signposts” should be: Consistent, I.e., if packet is sent off in onedirection then another direction should not bemore optimal. Complete, I.e., should be able to reach alldestinations Shivkumar KalyanaramanRensselaer Polytechnic Institute3
CoreA small set of routers that have consistent &complete information about all destinations. Outlying routers can have partial informationprovided they point default routes to the core Partial info allows site administrators to makelocal routing changes independently. CORES1.S2SmShivkumar KalyanaramanRensselaer Polytechnic Institute4
Peer BackbonesInitially NSFNET had only one connection toARPANET (router in Pittsburg) only one routebetween the two. Addition of multiple interconnections multiplepossible routes need for dynamic routing Single core replaced by a network of peerbackbones more scalable Today there are over 30 backbones! Routing protocol at cores/peers: GGP - EGP- BGP-4 Shivkumar KalyanaramanRensselaer Polytechnic Institute5
Exterior Gateway Protocol (EGP)A mechanism that allows non-core routers tolearn routes from core (external routes) routersso that they can choose optimal backbone routes A mechanism for non-core routers to inform corerouters about hidden networks (internal routes) Autonomous System (AS) has the responsibilityof advertising reachability info to other ASs. One routers may be designated per AS. Important that reachability info propagates tocore routers Shivkumar KalyanaramanRensselaer Polytechnic Institute6
Purpose of EGPyou can reachnet A via meEGPAS1traffic to AAS2R3R2R1Atable at R1:dest next hopAR2Rborder routerinternal routerKalyanaramanShare connectivity informationShivkumaracrossASesRensselaer Polytechnic Institute7
EGP Operation Neighbor Acquisition: Reliable 2-way handshakeNeighbor Reachability: Hellos: j out of m hellos OK Neighbor UP k out of n hellos NOT OK Neighbor DOWNUpdates/Queries: EGP is an incremental protocol. New info sendupdates Each router can query neighbors as well Reachability advertized; metrics ignored Requires a tree topology of ASes to avoid loops (eg:see next slide)Shivkumar KalyanaramanRensselaer Polytechnic Institute8
Why EGP Requires a Tree Structure.Shivkumar KalyanaramanRensselaer Polytechnic Institute9
EGP weaknesses EGP does not interpret the distance metrics inrouting update messages cannot be computeshorter of two routes As a result it restricts the topology to a treestructure, with the core as the root Rapid growth many networks may betemporarily unreachable Only one path to destination no loadsharing Need new protocol BGP-4Shivkumar KalyanaramanRensselaer Polytechnic Institute10
Today’s Big PictureLarge ISPLarge ISPStubSmall ISPDial-UpISPStubAccessNetworkStubLarge number of diverse networksRensselaer Polytechnic Institute11Shivkumar Kalyanaraman
Internet AS Map: caida.orgShivkumar KalyanaramanRensselaer Polytechnic Institute12
Autonomous System(AS)Internet is not a single network Collection of networks controlled by differentadministrations An autonomous system is a network under asingle administrative control An AS owns an IP prefix Every AS has a unique AS number ASes need to inter-network themselves to forma single virtual global network Need a common protocol for communication Shivkumar KalyanaramanRensselaer Polytechnic Institute13
Intra-AS and Inter-AS routingC.bA.aaCGateways:B.abdAA.caabccBb perform inter-ASrouting amongstthemselves perform intra-ASrouters with otherrouters in their ASnetwork layerinter-AS,intra-ASrouting ingateway A.clink layerphysical layerShivkumar KalyanaramanRensselaer Polytechnic Institute14
Who speaks Inter-AS routing?AS2BGPAS1R2R3R1Rborder routerinternal router Two types of routers Border router(Edge), Internal router(Core) Two border routers of different ASes will have a BGPShivkumar KalyanaramanRensselaersessionPolytechnic Institute15
Intra-AS vs Inter-AS An AS is a routing domainWithin an AS: Can run a link-state routing protocol Trust other routers Scale of network is relatively smallBetween ASes: Lack of information about other AS’s network (Linkstate not possible) Crossing trust boundaries Link-state protocol will not scale Routing protocol based on route propagationShivkumar KalyanaramanRensselaer Polytechnic Institute16
Autonomous Systems (ASes)An autonomous system is an autonomous routingdomain that has been assigned an Autonomous SystemNumber (ASN). All parts within an AS remain connected. the administration of an AS appears to other ASes tohave a single coherent interior routing plan and presents aconsistent picture of what networks are reachable through it.RFC 1930: Guidelines for creation, selection,and registration of an Autonomous SystemShivkumar KalyanaramanRensselaer Polytechnic Institute17
IP Address Allocation and Assignment:Internet ripe.orgAPNICwww.apnic.orgAllocate to National and local registries and ISPsAddresses assigned to customers by ISPsRFC 2050 - Internet Registry IP Allocation GuidelinesRFC 1918 - Address Allocation for Private InternetsRFC 1518 - An Architecture for IP Address Allocation with CIDRShivkumar KalyanaramanRensselaer Polytechnic Institute18
AS Numbers (ASNs)ASNs are 16 bit values.64512 through 65535 are “private”Currently over 11,000 in use. Genuity: 1MIT: 3Harvard: 11UC San Diego: 7377AT&T: 7018, 6341, 5074, UUNET: 701, 702, 284, 12199, Sprint: 1239, 1240, 6211, 6242, Shivkumar KalyanaramanASNs represent units of routing policyRensselaer Polytechnic Institute19
Nontransit vs. Transit ASesISP 2ISP 1Traffic NEVERflows from ISP 1through NET A to ISP 2NET AInternet Serviceproviders (ISPs)have transitnetworksNontransit ASmight be a corporateor campus network.Could be a “contentprovider”Shivkumar KalyanaramanRensselaer Polytechnic Institute20
Selective TransitNET BNET A DOES NOTprovide transitBetween NET Dand NET BNET CNET ANET A provides transitbetween NET B and NET Cand between NET Dand NET CNET DMost transit ASes allow only selective transitkey impact of commercialization Shivkumar KalyanaramanRensselaer Polytechnic Institute21
Customers and ProvidersproviderproviderIP trafficcustomercustomerCustomer pays provider for access to the InternetShivkumar KalyanaramanRensselaer Polytechnic Institute22
Customer-Provider HierarchyproviderIP trafficShivkumar KalyanaramancustomerRensselaer Polytechnic Institute23
The Peering RelationshippeerproviderpeercustomerPeers provide transit betweentheir respective customersPeers do not provide transitbetween peerstrafficallowedRensselaer Polytechnic Institutetraffic NOTallowedPeers (often) do not exchange Shivkumar Kalyanaraman24
Peering WarsPeer Don’t PeerReduces upstream transitcostsCan increase end-to-endperformanceMay be the only way toconnect your customersto some part of theInternet (“Tier 1”) You would rather havecustomersPeers are usually yourcompetitionPeering relationships mayrequire periodicrenegotiationPeering struggles are by far the mostcontentious issues in the ISP world!Peering agreements are often confidential.Shivkumar KalyanaramanRensselaer Polytechnic Institute25
Requirements for Inter-AS Routing Should scale for the size of the global Internet. Focus on reachability, not optimality Use address aggregation techniques to minimize corerouting table sizes and associated control traffic At the same time, it should allow flexibility intopological structure (eg: don’t restrict to trees etc) Allow policy-based routing between autonomous systems Policy refers to arbitrary preference among a menu ofavailable routes (based upon routes’ attributes) Fully distributed routing (as opposed to a signaledapproach) is the only possibility. Extensible to meet the demands for newer policies.Shivkumar KalyanaramanRensselaer Polytechnic Institute26
Recall: Distributed Routing TechniquesLink State VectoringTopology information isflooded within the routingdomainBest end-to-end paths arecomputed locally at eachrouter.Best end-to-end pathsdetermine next-hops.Based on minimizing somenotion of distanceWorks only if policy is sharedand uniformExamples: OSPF, IS-IS Each router knows littleabout network topologyOnly best next-hops arechosen by each router foreach destination network.Best end-to-end paths resultfrom composition of all nexthop choicesDoes not require any notionof distanceDoes not require uniformpolicies at all routersExamples: RIP, BGPShivkumar KalyanaramanRensselaer Polytechnic Institute27
BGP-4 BGP Border Gateway Protocol Is a Policy-Based routing protocol Is the de facto EGP of today’s global Internet Relatively simple protocol, but configuration is complexand the entire world can see, and be impacted by, yourmistakes. 1989 : BGP-1 [RFC 1105]–Replacement for EGP (1984, RFC 904) 1990 : BGP-2 [RFC 1163] 1991 : BGP-3 [RFC 1267] 1995 : BGP-4 [RFC 1771]–Support for Classless Interdomain Routing (CIDR)Shivkumar KalyanaramanRensselaer Polytechnic Institute28
BGP Operations (Simplified)Establish session onTCP port 179AS1BGP sessionExchange allactive routesAS2While connectionis ALIVE exchangeroute UPDATE messagesExchange incrementalupdatesRensselaer Polytechnic InstituteShivkumar Kalyanaraman29
Four Types of BGP Messages Open : Establish a peering session. Keep Alive : Handshake at regular intervals. Notification : Shuts down a peering session. Update : Announcing new routes or withdrawingpreviously announced routes.announcement prefix attributes valuesShivkumar KalyanaramanRensselaer Polytechnic Institute30
Border Gateway Protocol (BGP)Allows multiple cores and arbitrary topologies ofAS interconnection. Uses a path-vector concept which enablesloop prevention in complex topologies In AS-level, shortest path may not be preferredfor policy, security, cost reasons. Different routers have different preferences(policy) as packet goes thru network it willencounter different policies Bellman-Ford/Dijkstra don’t work! BGP allows attributes for AS and paths whichcould include policies (policy-based routing). Shivkumar KalyanaramanRensselaer Polytechnic Institute31
BGP (Cont’d) When a BGP Speaker A advertises a prefix to its B that ithas a path to IP prefix C, B can be certain that A isactively using that AS-path to reach that destinationBGP uses TCP between 2 peers (reliability) Exchange entire BGP table first (50K routes!) Later exchanges only incremental updates Application (BGP)-level keepalive messages Hold-down timer (at least 3 sec) locally configInterior and exterior peers: need to exchange reachabilityinformation among interior peers before updating intra-ASforwarding table.Shivkumar KalyanaramanRensselaer Polytechnic Institute32
Two Types of BGP Neighbor RelationshipsAS1eBGP External Neighbor (eBGP) in adifferent Autonomous Systems Internal Neighbor (iBGP) in thesame Autonomous SystemiBGP is routed (using IGP!)iBGPAS2Shivkumar KalyanaramanRensselaer Polytechnic Institute33
I-BGP and E-BGPIGP: Interior Gateway Protocol.Examples: IS-IS, OSPFI-BGPR2R3IGPAAS1E-BGPannounce BAS2R1AS3R5R4Rborder routerinternal routerBShivkumar KalyanaramanRensselaer Polytechnic Institute34
I-BGP Why is IGP (OSPF, ISIS) not used ? In large ASs full route table is very large (100K routes!) Rate of change of routes is frequent Tremendous amount of control traffic Not to mention Dijkstra computation being evoked forany change BGP policy information may be lostI-BGP :Within an AS Same protocol/state machines as EBGP But different rules about advertising prefixes Prefix learned from an I-BGP neighbor cannot beadvertised to another I-BGP neighbor to avoid looping need full IBGP mesh ! AS-PATH cannot be used internally. Why ?Shivkumar KalyanaramanRensselaer Polytechnic Institute35
IBGP vs EBGP I-BGP nodes: typically ABRs, or other nodes wheredefault routes terminateI-BGP peering sessions between every pair of routerswithin an AS: full mesh.Physical linkAIBGP sessionDCBAS1Shivkumar KalyanaramanRensselaer Polytechnic Institute36
iBGP Peers: Fully MeshedeBGP update iBGP updates iBGP is needed to avoid routingloops within an ASFull Mesh Independent of physicalconnectivity. Single link may see sameupdate multiple times! iBGP neighbors do notannounce routes received viaiBGP to other iBGP neighbors.Is iBGP an IGP? NO! Set of neighbor relationshipsto transfer BGP infoShivkumar KalyanaramanRensselaer Polytechnic Institute37
IBGP Scaling: Route ReflectionAdd hierarchy to I-BGP Route reflector: A router whose BGPimplementation supports the re-advertisement ofroutes between I-BGP neighbors Route reflector client: A router which depends onroute reflector to re-advertise its routes to entireAS and learn routes from the route reflector Shivkumar KalyanaramanRensselaer Polytechnic Institute38
Route C2AS1EREBGP10.0.0.0/24IBGPAS2Shivkumar KalyanaramanRensselaer Polytechnic Institute39
AS Confederations Divide and conquer: Divides a large AS into subASsSub-AS1110141213AS-1R1R2Shivkumar KalyanaramanRensselaer Polytechnic Institute40
CIDR Shortage of class Bs give out a set of class Cs insteadof one class B address Problem: every class C n/w needs a routing entry ! Solution: Classless Inter-domain Routing (CIDR). Also called “supernetting” Key: allocate addresses such that they can besummarized, I.e., contiguously. Share same higher order bits (I.e. prefix) Routing tables and protocols must be capable ofcarrying a subnet mask. Notation: 128.13.0/23 When an IP address matches multiple entries (eg194.0.22.1), choose the one which had the longest mask(“longest-prefix match”)Shivkumar KalyanaramanRensselaer Polytechnic Institute41
RFC 1519: Classless Inter-Domain Routing(CIDR)Pre-CIDR: Network ID ended on 8-, 16, 24- bit boundaryCIDR: Network ID can end at any bit boundaryIP Address : 12.4.0.0AddressMaskIP Mask: 255.254.0.000001100 00000100 00000000 0000000011111111 11111110 00000000 00000000Network Prefixfor hostsUsually written as 12.4.0.0/15, a.k.a “supernetting”Shivkumar KalyanaramanRensselaer Polytechnic Institute42
Understanding Prefixes and Masks (Recap)12.5.9.16 is covered by prefix 12.4.0.0/1512.5.9.1612.4.0.0/1500001100 00000101 00001001 0001000000001100 00000100 00000000 0000000011111111 11111110 00000000 0000000012.7.9.1600001100 00000111 00001001 0001000012.7.9.16 is not covered by prefix 12.4.0.0/15Shivkumar KalyanaramanRensselaer Polytechnic Institute43
Inter-domain Routing Without CIDR204.71.0.0204.71.1.0204.71.2.0 . 4.71.2.0 . .204.71.255.0GlobalInternetRoutingMeshInter-domain Routing With CIDR204.71.0.0204.71.1.0204.71.2.0 . ernetRoutingMeshShivkumar KalyanaramanRensselaer Polytechnic Institute44
Longest Prefix Match (Classless)ForwardingDestination ixOKbetterNext aceATM 5/0/9ATM 5/0/8even better12.4.0.0/15 10.1.3.77Ethernet 0/1/3best!12.5.8.0/23 attachedSerial 1/0/7Rensselaer Polytechnic InstituteIP Forwarding TableShivkumar Kalyanaraman45
What is Routing Policy Policy refers to arbitrary preference among a menu ofavailable routes (based upon routes’ attributes) Public description of the relationship between externalBGP peers Can also describe internal BGP peer relationship Eg: Who are my BGP peersWhat routes are Originated by a peer Imported from each peer Exported to each peer Preferred when multiple routes existWhat to do if no route exists? Rensselaer Polytechnic Institute46Shivkumar Kalyanaraman
Routing Policy Example AS1 originates prefix “d”AS1 exports “d” to AS2,AS2 importsAS2 exports “d” to AS3,AS3 importsAS3 exports “d” to AS5,AS5 importsShivkumar KalyanaramanRensselaer Polytechnic Institute47
Routing Policy Example (cont) AS5 also imports “d” fromAS4Which route does itprefer? Does it matter? Consider case where AS3 CommercialInternet AS4 Internet2Shivkumar KalyanaramanRensselaer Polytechnic Institute48
Import and Export Policies Inbound filtering controls outbound traffic filters route updates received from other peers filtering based on IP prefixes, AS PATH, communityOutbound Filtering controls inbound traffic forwarding a route means others may choose to reachthe prefix through you not forwarding a route means others must use anotherrouter to reach the prefixAttribute Manipulation Import: LOCAL PREF (manipulate trust) Export: AS PATH and MEDsShivkumar KalyanaramanRensselaer Polytechnic Institute49
Attributes are Used to Select BestRoutes192.0.2.0/24pick me!192.0.2.0/24pick me!192.0.2.0/24pick me!Given multipleroutes to the sameprefix, a BGP speakermust pick at mostone best route192.0.2.0/24pick me!(Note: it could rejectthem all!) Shivkumar KalyanaramanRensselaer Polytechnic Institute50
BGP Policy Knob: --------------------------------ORIGINAS PATHNEXT HOPMULTI EXIT DISCLOCAL PREFATOMIC AGGREGATEAGGREGATORCOMMUNITYORIGINATOR IDCLUSTER LISTDPAADVERTISERRCID PATH / CLUSTER IDMP REACH NLRIMP UNREACH NLRIEXTENDED ][RFC2283][Rosen]reserved for developmentFrom IANA: selaer Polytechnic Institute51We will cover asubset of theseattributesNot all attributesneed to be present inevery announcementShivkumar Kalyanaraman
BGP Route ProcessingApply Policy Receivefilter routes &BGPtweakUpdatesattributesApply ImportPoliciesBased onAttributeValuesBestRoutesBest RouteSelectionBest RouteTableApply Policy filter routes &tweakattributesTransmitBGPUpdatesApply ExportPoliciesInstall forwardingEntries for bestRoutes.IP Forwarding TableShivkumar KalyanaramanRensselaer Polytechnic Institute52
Import and Export Policies For inbound traffic Filter outbound routes Tweak attributes onoutboundoutbound routes in theinboundrouteshope of influencing your trafficneighbor’s best routeselectionFor outbound traffic Filter inbound routesinboundoutbound Tweak attributes onroutestrafficinbound routes toinfluence best routeselectionIn general, an AS has morecontrol over outbound trafficShivkumar KalyanaramanRensselaer Polytechnic Institute53
Policy Implementation BOutOutgoingStatic&HWInfo
Exterior Gateway Protocol (EGP) A mechanism that allows non-core routers to learn routes from core (external routes) routers so that they can choose optimal backbone routes A mechanism for non-core routers to inform core routers about hidden networks (internal routes) Autonomous System (AS) has the responsibility
PEARSON EDEXCEL EXAMINATIONS FEES JUNE 2020 . iPrimary & iLower Secondary Subject / Unit Name Unit Code Egypt Edexcel Pricing (Standard) (EGP) Egypt Edexcel Pricing (Low late fee) (EGP) Egypt Edexcel Pricing (High late fee) (EGP) iPrimary English JEH11 565 EGP 1130 EGP 1695 EGP iPrimary Mathematics JMA11 565 EGP 1130 EGP 1695 EGP .
A "BGP peer," also known as a "BGP neighbor," is a specific term that is us ed for BGP speakers that have established a neighbor relationship. Any two routers that have formed a TCP connection to exchange BGP routing information are called BGP peers or BGP neighbors. BGP peer must be configured with a BGP neighbor command. External BGP
- Border Gateway Protocol - Border Gateway Protocol (BGP) BGP is a standardized exterior gateway protocol (EGP), as opposed to RIP, OSPF, and EIGRP which are interior gateway protocols (IGP’s). BGP Version 4 (BGPv4) is the current standard deployment. BGP is considered a “Path Vector” routing protocol. BGP was not built to
EIGRP – enhanced interior gateway routing protocol, distance vector, Cisco proprietary Exterior gateway protocols EGP – exterior gateway protocol, replaced by BGP BGP – border gateway protocol, path vector **072 So let's talk about interior . gateway versus exterior gateway; just for a second. Interior: For me and mine; and I
IGP and EGP igp: Interior gateway protocols Used within an autonomous system. Examples: RIP, IGRP, EIGRP, OSPF egp: Exterior gateway protocols Used to define routes between autonomous systems. Examples: EGP, BGP 5 Two groups of Routing Protocols: Autonomous System A set of networks sharing the same routing policy.
EGP EGP EGP EGP: Exterior Gateway Protocol Inter-domain routing protocol: BGP v4 IGP: Interior Gateway Protocol Intra-domain routing protocols: RIP, OSPF, IS-IS Routing and Forwarding – Autonomous Systems 13
Border Gateway Protocol (BGP) Lecture 4 : BGP continued Lecture 5 : BGP dynamics Lecture 6 : BGP routing anomalies. 4. 5 GARR-B. 6 (W i n t e r '0 2 ) (W i n t e r U ' 0 2) (Summer'03) W-Superio . EGP IGP BGP RIP IS-IS OSPF 22 The standard model Physical Network DataLink Transport Application Session Presentation Physical Network .
IA- - The Exterior Gateway Protocol (EGP)l[Rosen 82, Seamonson & Rosen 84, Mills 8ft# has been specified to allow autonomous development of different gateway systems while still maintaining global distribution of internet routing information. EGP provides a means for different autonomous
