border gateway protocol (bgp) - wordpress.com · border gateway protocol (bgp) 4-octet as numbers...
TRANSCRIPT
Border Gateway protocol (BGP)
4-Octet AS Numbers4-Octet AS Numbers
Mounir Mohamed
CCIE No.19573 (R&S, SP)
NOOR Data Networks, SAE
V1.0 March-2010
nda
� Introduction
� 2-byte and 4-byte ASN range and naming
� ASN Representation format
� What is new in BGP
Open Message
AS-Path Attribute
Aggregator Attribute
Extended Community Attribute
Agenda
Extended Community Attribute
� Transition to 4-byte ASN
� Transition Consideration
� IOS / JUNOS 4-byte aware Releases
� References
2
� BGP is the internet routing protocol.
� The AS number space is a finite amount of address space. It is defined as a 16 bit integer and hence limited to 65535 unique AS numbers.
� Not all can be used!! Out of the AS number space there are 1023 numbers are reserved for local or private use, and 3 are reserved for special use. The remaining range which is 64510 numbers are available for publicly use on the internet.
Introduction
� The internet growth is awesome, day by day people recognizes how internet is important in their daily personal and business life and even for their culture, so the internet has a good bit of newbie everyday which depleted some internet resources such as IPv4 address space and the BGP AS numbers (IPv4 exhaustion dilemma is more severe than the BGP ASN dilemma).
� On 03-Mar-2010 “56318” AS numbers are already allocated (according to http://www.potaroo.net/tools/asns )
3
� 2007 IETF standardized the BGP support for 4-octet AS number space in RFC4893, following the
IETF standards, IANA has extended the AS number field to 32 bits which increasing the pool
size from 65535 to 4294967295.
� The 4-byte AS number space is just an extension so it covers the old range and provides more.
� 1/1/2007 – 31/12/2008LIR can ask for an ASN16 or ASN32
RIR will give an ASN16 by default, ASN32 on request
� 1/1/2009 – 31/12/2009LIR can ask for an ASN16 or ASN32
Introduction…
LIR can ask for an ASN16 or ASN32
RIR will give an ASN32 by default, ASN16 on request
� After 1/1/2010RIR will always give an ASN32
� IANA allocates ASNs to RIRs in blocks of 1024 ASNs , Until 31 December 2010, allocations of 16-
bit and 32-bit only ASN blocks will be made separately and independent of each other.
� This means until 31 December 2010, RIRs can receive two separate ASN blocks, one for 16-bit
ASNs and one for 32-bit only ASNs from the IANA under this policy. After this date, IANA and
the RIRs will cease to make any distinction between 16-bit and 32-bit only ASNs, and will
operate ASN allocations from an undifferentiated 32-bit ASN allocation pool.
4
� The 32-bit ASN range is 0- 4294967295 which is covering the 16-bit
numbers, so currently assigned 16-bit AS numbers are converted into 32-bit
ASN by setting the two high-order octets of the 32-bit field to zero
(2018=0.2018) And Such a 4-octet (16-bit after convergence) AS numbers
are said to be mappable to a 2-octet AS number.
� AS numbers in range 0-65535 are called 16-bit ASNs
� AS numbers in range 0- 4294967295 are called 32-bit ASNs
2-byte and 4-byte range and naming
� AS numbers in range 0- 4294967295 are called 32-bit ASNs
� AS numbers in range 65536 – 4294967295 are called 32-bit-only ASNs
� AS number 23456: AS_TRANS The AS_Trans used to hide the 4-byte ASN in the AS_Path and Aggregator attributes when a 4-byte aware
BGP speakers (New Speaker) sends updates to unaware BGP speakers (Old speakers), also this AS number is
used by the OLD BGP speakers when configuring a BGP session with NEW BGP speakers.
5
� RFC 5396 standardized two formats with three concepts (Each vendor uses
its preferred format but they are often support all)
� AS-Plain: representing all ASN numbers using decimal integer notation , easy
and simple, using this format all ASNs displayed as they are in simple notation
format (1=1, 65535= 65535, 75535=75535, 11000000 = 11000000 )
� AS-Dot+: representing all AS numbers using notation of two integer values high-
ASN Representation format
� AS-Dot+: representing all AS numbers using notation of two integer values high-
order 16bit and low-order 16bit separated by dot”.”, this might seems more
readable than the AS-Plain format but decimal to binary conversation is needed,
the high-order bit of all mappable AS numbers started with 0.xxxx, ex ASN
65535 = 0.65535 but ASN 65539 = 1.3 likewise ASN 131080 = 2.8
� AS-Dot: representing all AS numbers equal or less than 65535 in AS-Plain 65526
= 65526 whereas any ASN equal or greater than 65536 represented in AS-Do+
format 65550 = 1.14.
6
� All BGP parts those are relevant to the ASN need some extension, such
extension should comprises (1)How peers will confirm their support of the
4-byte, (2)How if one of them doesn’t support it, (3)How the update
message will carry the 4byte-ASN?
� BGP carries the ASN in the "My Autonomous System" field of the OPEN
message, in the AS_PATH attribute, AGGREGATOR attribute, and
Communities attribute of the update message.
What is new in BGP?
Communities attribute of the update message.
� Some modifications need to be done on those fields to accommodate the 4-
byte AS number with a solid backward compatibility to be used during
transition.
7
� Open MessageAfter a TCP session is established the first message sent by each side is an open message if the open message is accepted a keepalive message confirming the open message is sent back, the keepalive message doesn’t carry BGP information (Message header only) but Open Message does.
� My AS field carry the ASN but it’s 16bitonly how could it carry 4byte ASN?
� Open message can’t be changed to allow backward compatibility with
Open Messages
allow backward compatibility with 2-byte peers.
� A new 4-byte Capability advertisement had added to decently negotiates the 4byte support and carry the 4byte ASN, the peer who supports the 4byte AS sends this capability ADV in its open message along with it’s 4byte ASN if one of the peers doesn’t accept it, they will ignore the Capability and proceed with ordinary open message.
8
A new Capability is the Key
� The path attribute field is variable, so AS_Path and Aggregator attributes are capable to convey
the 4-byte ASN.
� But OLD BGP speakers won’t understand the 4-byte ASNs in the AS_Path attribute , so we
need to preserve the AS-Path numbers information when either peering or passing across BGP
speakers that aren’t able to understand 4-byte AS information.
� A new attributes had generated to
preserve the AS_Path information
with OLD BGP speakers (4-byte unaware)
AS-Path Attribute
New attributes
with OLD BGP speakers (4-byte unaware)(Only if a 4byte ASN in the AS_Path attribute)
� Does this mean that the AS_path attribute will convey the 2-byte ASNs and the AS4_Path will
convey the 4-byte ASNs? NO if that true the internet will be having routing loops.
Solution IANA had reserved ASN 23456 to preserve the 4-byte ASN information in the AS_Path
which alerts 4byte capable router to instructs and augments both the AS4_Path and AS_Path
attributes to construct the whole AS path.
8
R1 R2 R3 R4
AS_path: 100000
Prefix 217.139.0.0/16
ASN 100000 ASN 200000 ASN 300 ASN 400000
AS_path: 23456 23456
AS4_Path: 100000 200000
Prefix 217.139.0.0/16
AS_path: 300 23456 23456
AS4_path: 100000 200000
Prefix 217.139.0.0/16
R5
ASN 500000
AS_path: 300 200000 100000
Prefix 217.139.0.0/16
� The aggregator attribute is optional transitive attribute that consistis some
information about the bgp hop formed the aggregation, The BGP speaker
who performs route aggregation may add the aggregator attribute which
shall contain its own IP address and AS number.
� When a New BGP speaker performs aggregation it will add its own IP
address and 4-byte ASN in the aggregator attribute, if the ASN is mappable
one an ordinary aggregator attribute will be send to both New and OLD
Aggregator Attribute
one an ordinary aggregator attribute will be send to both New and OLD
speakers, but if the ASN of the speaker is 4-byte so when the new speaker
forming an update for OLD BGP speaker the aggregator attribute will be
send with ASN 234556 (AS_Trans) along with a new attribute called
AS4_aggregator that carries the actual 4-byte AS number and IP address.
10
R1 R2 R3 R4
AS_path: 100000
Prefix 217.139.0.0/16
Aggregator 100000
ASN 100000 ASN 200000 ASN 300 ASN 400000
AS_path: 23456 23456
AS4_Path: 100000 200000
Prefix 217.139.0.0/16
Aggregator 23456
AS4_Aggregator 100000
AS_path: 300 23456 23456
AS4_path: 100000 200000
Prefix 217.139.0.0/16
Aggregator 23456
AS4_Aggregator 100000
R5
ASN 500000
AS_path: 300 200000 100000
Prefix 217.139.0.0/16
Aggregator 100000
Aggregation
� A new 2 4-byte BGP extended communities had been generated, one for
40-byte RT and another one for 4-byte SOO
� An AS domain that uses a 2-octet AS number could use either 2-octet or 4-
octet AS specific extended communities. This is undesirable, as both
communities would be treated as different, even if they had the same Sub-
Type and Local Administrator values.
Extended Community Attribute
� It is recommended to avoid inconsistencies between 2-octet and 4-octet
specific extended communities, the AS domain that use 2-octet AS numbers
should use 2-octet AS specific extended communities rather than 4-octet AS
specific extended communities
11
� New BGP speakers whom are 4-byte aware automatically translating 2-byte ASN to 4-byte ASN by setting the high-order bits to 0 so any 2-byte ASN will be shown as 0.X
� AS_Trans used to tunnel the 4-byte domain across 2-byte domain
� Tomorrow you may have a customer with 4-byte ASN, so Plan for software upgrade of your networking gears today (if needed).
Transition to 4-byte ASN
� Mixing up between Old and New BGP speakers in a single domain is not recommended because this consumes more control-plan resources due to the complex message reformatting process, so it’s highly recommended to get all the BGP speakers within a single domain aware of 4-byte.
� Start by your Route-Reflectors.
12
� AS Path filters need a maintenance.
� Community structure need reformation (if needed)
� 4-byte ASN = More attributes = more bits (specially when prepending) =
more resources consumptions (bandwidth, CPU and memory) specially for
Service provider
� More BGP open message capability mean more time for negotiation which
means a little bit slower convergence (Specially for Service Providers)
AS_Trans might make some route selection problems.
Transition consideration
� AS_Trans might make some route selection problems.
� Aggregation of prefixes originated by 4-byte ASN by old BGP speaker is
prohibited because this might create routing loops under certain conditions.
� Watchdog, scripts, Log and dump analyzers need to be revised.
13
� Cisco IOS
15.1XB
15.0M
12.4T
12.2XNE
12.2SXI
12.2SRE
12.0SY
IOS and JUNOS 4-byte aware Releases
12.0SY
12.0S
� Juniper JUNOS
9.1 onward.
14
� RFC 4171 – A Border Gateway Protocol version 4
http://www.rfc-editor.org/rfc/rfc4271.txt
� RFC4893 - BGP Support for Four-octet AS Number Space
http://www.rfc-editor.org/rfc/rfc4893.txt
� RFC5396 - Textual Representation of Autonomous System (AS) Numbers
http://www.rfc-editor.org/rfc/rfc5396.txt
� RFC5668 - 4-Octet AS Specific BGP Extended Community
http://www.rfc-editor.org/rfc/rfc5668.txt
References
http://www.rfc-editor.org/rfc/rfc5668.txt
� RFC4360 - BGP Extended Communities Attribute
http://www.rfc-editor.org/rfc/rfc4360.txt
� ASN reports
http://www.potaroo.net/tools/asns/
� Juniper Networks
http://kb.juniper.net/KB13327
� Cisco
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6599/data_sheet_C78-
521821.html15
Thank You.
End
Thank You.
16
Mounir Mohamed
CCIE No.19573 (R&S, SP)
NOOR Data Networks, SAE