implementing internet and mpls bgp
DESCRIPTION
For enterprise network engineers, implementing BGP can be an intimidating task. This presentation was given to address common architectures for internet and MPLS BGP usage, along with best practices.TRANSCRIPT
BGP
Implementing & Troubleshooting
Tanner 5/23/20085/30/2008
2
Agenda
PART 1
BGP Fundamentals
BGP and the Internet
PART 2
BGP and the WAN
Troubleshooting
3
PART 1BGP FundamentalsBGP and the Internet
4
BGP FundamentalsOperations
5
Where is BGP used?
INTERNET
Same, Unique, or Mixed ASN
MPLS WAN
Public or Private ASN
6
ASAutonomous Systems
Textbook answer: An AS is a connected group of one or
more IP prefixes run by one or more network operators which has a SINGLE and CLEARLY DEFINED routing policy.
7
ASN’sAutonomous System Numbers
16-bit ASN’s (RFC1930)
Range: 0-65535▪ Public: 1-64511▪ Private: 64512-65534
32-bit ASN’s (RFC4893)
4-octets 0.0 to 65535.65535 Only 46 32-bit ASN’s currently allocated
8
EIGRP and BGP Comparison
EIGRP BGPRP Type Hybrid Path Vector
Peering Mechanism Multicast/Unicast Unicast Only
IP Protocol/IP/Port 88/224.0.0.10 TCP/179
Hello Interval 5 sec 60 sec
Path Selection BW + Delay (K-Values) BGP Attributes
Route Admin Distance 90 Int / 170 Ext 200 Int / 20 Ext
Network Statement Adds interfaces to RP Announces network
Loop Prevention Feasible Distance AS Path
Alternate Path Selection Feasible Successor BGP table
Load Balancing Mechanism EC/UC using Variance Load sharing/TE
9
Path Selection
Attributes Highest Weight Highest Local Preference Internally Originated Shortest AS-Path
Manipulating these attributes changes BGP path selection
10
Terminology
attribute [noun]Pronunciation: \a-trə-byüt\ 3: a word ascribing a quality; especially
attribute [transitive verb]Pronunciation: \ə-tri-byüt, -byət\ 1: to explain by indicating a cause <attributed
his success to his coach>
11
BGP AttributesRFC1771 attributes its success to its attributes
Attribute Direction Comment
Weight OutboundLocally significant to router. Proprietary. Don’t use.Weight of 32768 auto-assigned to originated nets
Local Pref Outbound Shared between iBGP peers. Higher is better.
MED/Metric Inbound Allows injection of IGP metric info into BGP
Origin n/ai = Prefix learned via BGP network statementE = Not Used? = Learned via redistribution
AS-Path Inbound Ordered list of AS’s route has traversed. Shorter is better.
Next hop n/a IP address of the advertising router
Community Inbound
12
BGP AttributesMost Used
Influence INBOUND Traffic The transit path to you is
determined by how you announce your routes
AS Path Prepend (shorter is more preferred)
route-map RM-ISP-OUT set as-path prepend 123 123 123
Influence OUTBOUND traffic Local Preference (higher is more
preferred)route-map RM-ISP-IN set local-preference 50
13
BGP Process OperationsProcess Name Description Interval
BGP Open BGP peer establishment.
At initialization, when establishing a TCP connection with a BGP peer.
BGP I/OQueuing and processing of BGP packets, such as UPDATES and KEEPALIVES.
As BGP control packets are received.
BGP Scanner
Walks BGP table and confirms reachability of next hops. Checks conditional-advertisement to determine whether or not BGP should advertise condition prefixes.
Once a minute.
BGP Router
Calculates the best BGP path. Sends and receives routes, establishes peers, and interacts with routing information base (RIB).
Once per second and when adding, removing, or soft-reconfiguring a BGP peer.
14
Section ReviewFundamentals
What is an autonomous system? What are BGP attributes that affect
inbound traffic? What are BGP attributes that affect
outbound traffic? Name 4 common BGP path selection
criteria What maintenance task happens
every 60 seconds in BGP?
15
BGP & the Internet
23nd Ave / I-40 Junction
16
Global IP Assignments
IANA Regional
Registrars ISP’s End Users
17
Address Space DepletionBGP Movie (6 min)
18
Global Routing tableHow large is it?
.:: Limit Prefixes on Cisco routers
router bgp 12345 neighbor 1.1.1.1 maximum-prefix 300000 90
DatePrefixe
sMar 20, 2004 135,465Mar 18, 2005 157,975Apr 14, 2006 186,530Apr 21, 2007 218,298May 2, 2008 259,047May 13, 2008 266,035
19
RIR whois
ARIN IP Lookup
AfriNIC Country Lookup
20
Typical ISP Routing Options Single-homed, Single
ISP Private AS or Static (No
BGP)
Multi-homed, Single ISP Private AS
Multi-homed, Dual ISP Public AS
21
Prefix OriginationInbound Traffic
Common Elements ISP’s won’t accept anything longer than /24
Provider Aggregate address block (PA) /24 or shorter from ISP Justification paperwork, but usually easy Announcing another ISP’s prefix
Provider Independent address block (PI) Applied for from RIR (e.g., ARIN) More Paperwork (and solid justification)!
22
What Kind of Routes?Outbound Traffic
Route Type PrefixesRequired Memory
Advantage Disadvantage
Full Routes1 265,000 155MB Best load sharingBogon filtering
High mem usageHigher CPU usage
Customer Only2 75,000 44MB Low mem usageSome load share No bogon filtering4
Customer2+Upstream3 150,000 88MB Balanced No bogon filtering4
Default Only 1 32KB Low mem usage Minimal TE
1 Based on 2 upstream eBGP peers2 Varies depending on quantity of ISP customers announcing prefixes3 Varies depending on size of upstream carrier4 Inbound bogon filtering is still possible, however outbound will not function due to default route
23
Memory RequirementsFull BGP Routes
Based on 255K routes + soft reconfig BGP Summary shows 57MB Used
BGP-Router# sh proc mem | i PID|BGP PID TTY Allocated Freed Holding Getbufs Retbufs Process 215 0 152845892 1430904 145443600 16 16 BGP Router 234 0 239016 0 6984 5164371 5164371 BGP I/O 235 0 0 82472 9972 0 0 BGP Scanner
BGP-Router# sh ip bgp sum...BGP using 57060899 total bytes of memory
Adding up processes shows 153MB Used
24
BGP Policy Components
Prefix-lists to filter prefixes ip prefix-list PL-ANNOUNCE seq 10 permit 1.0.0.0/8
Filter-lists to filter ASNsip as-path access-list 1 ^1234
Route-maps to apply policyroute-map RM-ISP-OUT permit 10 set as-path prepend 1234
Distribute-lists to sit and watch (don’t use)Source: NANOG 23, Phillip Smith
25
Configuration ExampleISP eBGP Peer with Partial Routes
router bgp 1234 no auto-summary no synchronization no bgp fast-external-fallover bgp log-neighbor-changes neighbor 192.0.2.233 remote-as 209 neighbor 192.0.2.233 description eBGP with Qwest AS209. Password: 1234abcd neighbor 192.0.2.233 password 1234abcd neighbor 192.0.2.233 version 4 neighbor 192.0.2.233 soft-reconfiguration inbound neighbor 192.0.2.233 maximum-prefix 300000 90 warning-only neighbor 192.0.2.233 prefix-list PL-BOGONS in neighbor 192.0.2.233 prefix-list PL-ANNOUNCE out neighbor 192.0.2.233 route-map RM-QWEST-OUT out neighbor 192.0.2.233 route-map RM-QWEST-IN in neighbor 192.0.2.233 filter-list 1 out neighbor 192.0.2.233 filter-list 10 in network 205.93.251.0 mask 255.255.254.0 network 205.93.251.0
ip route 205.93.251.0 255.255.254.0 Null0 name BGP-STABILITYip route 205.93.251.0 255.255.255.0 205.93.251.4ip route 205.93.251.125 255.255.255.255 205.93.251.121 name IBGP-PEERip route 205.93.251.125 255.255.255.255 205.93.251.2 250 name IBGP-PEER-BACKUP
ip as-path access-list 1 permit ^$ip as-path access-list 10 permit _(209|7018)$
ip prefix-list PL-ANNOUNCE seq 10 permit 205.93.251.0/23 le 24ip prefix-list PL-ANNOUNCE seq 99 deny 0.0.0.0/0 le 32
route-map RM-QWEST-OUT permit 10 set as-path prepend 1234 1234route-map RM-QWEST-IN permit 10 set local-pref 50
26
Regular ExpressionsBGP AS Filtering
Defining our ASip as-path access-list 1 permit ^$
Originating in AS 3549ip as-path access-list 1 permit ^3549$
Originating in AS 3549 or Upstream AS
ip as-path access-list 1 permit ^3549$ip as-path access-list 1 permit ^3549 1239$ip as-path access-list 1 permit ^3549_(1239)?$
Deny all nets originating from AS 1239 and permit all other routes
ip as-path access-list 1 deny _1239$ ip as-path access-list 1 permit .*
27
BGP Routing Table Analysis
Daily BGP Stats Available
BGP routing table entries examined: 255572 Prefixes after maximum aggregation: 127106 Deaggregation factor: 2.01 Unique aggregates announced to Internet: 123962Total ASes present in the Internet Routing Table: 28151 Prefixes per ASN: 9.08Average AS path length visible in the Internet Routing Table: 3.6 Max AS path length visible: 25 Max AS path prepend of ASN (39375) 13Prefixes from unregistered ASNs in the Routing Table: 25414 Unregistered ASNs in the Routing Table: 1885Prefixes being announced from unallocated address space: 786Number of addresses announced to Internet: 1,851,293,088
Wojciech Misiaszek Telekomunikacja Podlasie Sp.ul. Dobra 14A 15-034 Bialystok Poland
28
Bogon FilteringManual Method
Outbound traffic (via inbound route filter)
ip prefix-list BOGONS desc Bogon networks we won't acceptip prefix-list BOGONS seq 2 deny 0.0.0.0/0ip prefix-list BOGONS seq 5 deny 0.0.0.0/8 le 32ip prefix-list BOGONS seq 20 deny 5.0.0.0/8 le 32ip prefix-list BOGONS seq 390 deny 127.0.0.0/8 le 32ip prefix-list BOGONS seq 400 deny 172.16.0.0/12 le 32ip prefix-list BOGONS seq 520 deny 224.0.0.0/3 le 32ip prefix-list BOGONS seq 700 permit 0.0.0.0/0 le 27
Inbound trafficip access-list extended ACL-OUTSIDE-IN remark --- Basic Spoof Filtering deny ip 0.0.0.0 0.255.255.255 any deny ip 10.0.0.0 0.255.255.255 any deny ip public-ip-block subnet-mask any
29
Bogon FilteringAutomatic Method
Do not try this at home! Make sure you are aware
of potential complicationsrouter bgp <your asn> neighbor x.x.x.x remote-as 65333 neighbor x.x.x.x ebgp-multihop 255 neighbor x.x.x.x description Cymru Bogon Route Server Project neighbor x.x.x.x prefix-list PL-CYMRU-OUT out neighbor x.x.x.x route-map RM-CYMRUBOGONS-IN in neighbor x.x.x.x password 31337PW neighbor x.x.x.x maximum-prefix 100 threshold 90
Configure a community list to accept the bogon prefixes into the route-map.ip bgp-community new-formatip community-list 10 permit 65333:888
Configure the route-map. Remember to apply it to the proper peering sessions.route-map RM-CYMRUBOGONS-IN permit 10 description Filter bogons learned from cymru.com bogon route-servers match community 10 set ip next-hop 192.0.2.1
Set a bogon next-hop on all routers that receive the bogons.ip route 192.0.2.1 255.255.255.255 null0
ip prefix-list PL-CYMRU-OUT seq 5 deny 0.0.0.0/0 le 32
30
BGP Communities
WELL KNOWN
no-advertise no-export
TE CUSTOM COMMUNITIES
ISP must support it TE via AS path
prepends, local prefs, trig. blackhole
31
BGP CommunitiesConfiguration Example
6453 209 7018 64512 4 Teleglobe, Qwest, ISP, You6453 3549 7018 64512 4 Teleglobe, GBLX, ISP, You
ip bgp-community new-formatip prefix-list PL-ANNOUNCE seq 10 permit 205.93.251.0/24ip prefix-list PL-ANNOUNCE seq 10 deny 0.0.0.0/0 le 32
route-map RM-ISP-OUT permit 10 match ip address prefix-list PL-ANNOUNCE set community 65011:209route-map RM-ISP-OUT permit 20
router bgp 64512 neighbor 1.1.1.1 send-community neighbor 1.1.1.1 route-map RM-ISP-OUT out
6453 209 7018 7018 64512 5 Teleglobe, Qwest, ISP, You6453 3549 7018 64512 4 Teleglobe, GBLX, ISP, You
32
Section ReviewBGP & the Internet
What kind of route options are typically received from an ISP?
Who is the global controller of IP space on the internet?
Describe bogon filtering What do the ^ and $ symbols mean
in regular expressions?
33
PART 2BGP and the MPLS WANTroubleshooting BGP
34
BGP & MPLS
TheoryDesignConfigurationBest Practices
35
MPLS Basics
Topology Full Mesh Single peer to WAN cloud
L1 Transport T1 DS3
L2 Transport PPP / MLP ATM / IMA Frame Relay Ethernet
Routing Protocols BGP EIGRP RIP
Public/Private AS’s
36
MPLS Terminology
CE Router Customer Edge
PE Router Provider Edge
P/LSR Router Provider Backbone/Label
Switching Router VRF
Virtual Routing and Forwarding
Everything else is standard BGP!
37
Typical MPLS Topology Options
Single-homed, Single ISP Easiest routing policies
Multi-homed, Single ISP Most common
Multi-homed, Dual Provider Lots of TE
38
BGP TableHow do you read this thing???
WAN-Router# sh ip bgpBGP table version is 7345, local router ID is 172.16.254.3Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S StaleOrigin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path* i12.86.42.44/30 172.16.254.4 0 100 0 7018 ?*> 12.122.14.185 0 7018 ?r>i172.16.254.4/32 172.16.254.4 0 100 0 ?*> 172.16.254.16/29 0.0.0.0 0 32768 ?*> 172.16.254.24/29 0.0.0.0 0 32768 ?* i172.30.32.0/20 172.16.254.4 0 100 0 7018 7018 i*> 12.122.14.185 0 7018 7018 i*> 172.30.64.0/20 12.122.14.185 0 7018 7018 ?
> is the path installed in the routing table
r means there is already a route with a better AD
32768 means prefix originated on this router
? means prefix was originated via redistribution
Next Hop is the neighbor IP of eBGP peer(s)
i means prefix was originated via network statement
AS set is the list of AS’s prefix has passed through
CIDR Mask try to summarize where possible
* means route is OK to inject in routing table
i means prefix learned from iBGP peer
39
Default Route Origination
Origination TypeAllow
Policies*?Syntax
Default Originate Partialrouter bgp 65000
neighbor 1.1.1.1 default-originate route-map RM-DEFAULT-EXIST
Static Redistribution w/Route Map Filter No router bgp 65000
redistribute static route-map RM-STATIC
Network Statement Yes router bgp 65000network 0.0.0.0 route-map RM-DEFAULT-OUT
*Policies include: Conditional advertisement, AS prepending, and communities
40
Best Path Selection
Review BGP Table (BRIB) Routing Table (RIB)
BGP Multipath
Multi-VRF w/Sub-interfaces
WAN-router> sh ip bgp Network Next Hop Metric LocPrf Weight Path*> 0.0.0.0 172.11.132.193 0 1803 65000 i
WAN-router> sh ip bgp Network Next Hop Metric LocPrf Weight Path*> 0.0.0.0 172.14.16.250 0 65000 i* 0.0.0.0 10.217.13.102 0 65001 i
WAN-router# sh ip bgp nei 172.16.16.249 advertised-routesOriginating default network 0.0.0.0 Network Next Hop Metric LocPrf Weight Path*> 10.0.0.0/24 10.20.40.5 0 32768 ?*> 10.20.20.0/24 0.0.0.0 0 32768 ?...
WeightLocal PrefLocal OriginateAS PathOrigin TypeLowest MED
eBGP over iBGPIGP Metric to NHReceived FirstLowest RIDOriginator IDNeighbor IP
Only send the very best!
41
Route Redistribution
Do you need to redistribute? Yes = Redistribution No = Summarization Maybe = Both?
BGP to EIGRProuter eigrp 111
redistribute bgp 222 metric 1500 1000 255 1 1500
EIGRP to BGProuter bgp 222
redistribute eigrp 111
“Seek first to summarize…”
42
Miscellaneous Features
Peer Groups Object-groups for BGP! (Kind of…)
router bgp 64512! Setup peer-group policies neighbor PARTIAL-ROUTES peer-group neighbor PARTIAL-ROUTES version 4 neighbor PARTIAL-ROUTES filter-list 5 out neighbor FULL-ROUTES peer-group neighbor FULL-ROUTES version 4
! Apply it to a neighbor neighbor 192.0.2.228 peer-group FULL-ROUTES
ip as-path access-list 5 permit ^(209|36270|6298_)[0-9]*_[0-9]*$
Route Reflectors
43
Best Practices
Avoid redistributing everything under the sun connected, static, every routing protocol,
etc. Look for ways to reduce routing tables
Summarize Advertise only what is necessary
Use a network statement for default origination network 0.0.0.0 mask 0.0.0.0
44
Case StudyRequirements
WAN to Internet Use DC as primary Use Campus as secondary Use Internet VPN as tertiary
WAN to Hubs Use each hub MPLS DS3 Use other hub DS3 as
secondary Use Internet VPN as tertiary
Hub to Hub Use LAN link as primary Don’t use MPLS DS3’s as
secondary
Smokey the Router says…
“Routing works both ways!”
45
Case StudyPossible Solution
WAN to Internet Use DC as primary Use Campus as secondary Use Internet VPN as tertiary
WAN to Hubs Use each hub MPLS DS3 Use other hub DS3 as
secondary Use Internet VPN as tertiary
Hub to Hub Use LAN link as primary Don’t use MPLS DS3’s as
secondary
Advertised Networks:network 0.0.0.0network 10.112.0.0
Received Networks:0.0.0.0/0 ge 29 le 32 Advertised
Networks:network 0.0.0.0
Received Networks:0.0.0.0/0 ge 29 le 32
Summarized Networks:summary-addr 10.x.0.0/20summary-addr <WAN nets>
Default RouteStatic route redistributed into EIGRP
Summarized Networks:summary-addr 10.112.0.0/16
Advertised Networks:network 0.0.0.0
Received Networks:0.0.0.0/0 ge 29 le 32
Advertised Networks:Shortest AS path (DC)
Default Networks:1 via eBGP to MPLS1 via iBGP to VPN
DC to Campus:Only 1 route via Interlink
Campus to WAN:EIGRP Metric better via Router 1 WAN
46
Configuration Example (Hub)MPLS eBGP Peer with Default Advertisement
router bgp 100 network 0.0.0.0 network 10.112.0.0 mask 255.255.0.0 neighbor 192.0.2.105 remote-as 65000 neighbor 192.0.2.105 description eBGP with MPLS SP. Password: 1234abcd neighbor 192.0.2.105 password 1234abcd neighbor 192.0.2.105 version 4 neighbor 192.0.2.105 send-community neighbor 192.0.2.105 soft-reconfiguration inbound neighbor 192.0.2.105 route-map RM-MPLS-IN in neighbor 192.0.2.105 route-map RM-MPLS-OUT out no auto-summary
ip prefix-list PL-DEFAULT seq 10 permit 0.0.0.0/0
route-map RM-MPLS-IN deny 10 description Block learning default route from DC Router. Use IGP instead. match ip address prefix-list PL-DEFAULTroute-map RM-MPLS-IN permit 20
route-map RM-MPLS-OUT permit 10 description Set BGP policies for outbound route advertisements to MPLS Provider set community 112route-map RM-MPLS-OUT permit 20 description Prepend Default Route for Backup Link match ip address prefix-list PL-DEFAULT set as-path prepend 100 100route-map RM-MPLS-OUT permit 30
47
Configuration Example (Hub)MPLS EIGRP Redistribution
Advertise learned BGP networks with prefixes /29 or longer
router eigrp 1 redistribute bgp 100 metric 1500 1000 255 1 1500 route-map PL-WAN-SERIALS network 10.112.2.0 0.0.0.255 no auto-summary
ip prefix-list PL-WAN-SERIALS seq 10 permit 0.0.0.0/0 ge 29
route-map RM-WAN-SERIALS permit 10 description Only redistribute WAN serials (/29 to /32 prefixes) into EIGRP process match ip address prefix-list PL-WAN-SERIALS
48
Section ReviewBGP & MPLS
What are the 3 default route origination methods?
What does the > symbol mean in the BGP table?
What are 3 clues that tell you a route "originated here" in the BGP table?
49
BGP TroubleshootingInterpreting and Troubleshooting BGP Operations
50
Peer Establishment
Peer Reachability MD5 Password Mismatch Wrong neighbor IP Wrong update-source Wrong peer AS TTL / ebgp-multihop Stuck in OpenSent/OpenConfirm
Asymmetric routing & TTL problem ACL’s between peers
Blocking TCP/179
51
Flapping Peer
Remote router rebooting (BGP crash?) MTU Incorrect L2 Problem Interface output drops (QoS, CoPP, etc.)
*May 20 04:02:39.240 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down Peer closed the session*May 20 04:02:54.468 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 04:20:44.999 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down BGP Notification sent*May 20 04:20:44.999 MST: %BGP-3-NOTIFICATION: sent to neighbor 192.0.2.133 4/0 (hold time expired) 0 bytes *May 20 04:21:04.243 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 04:52:18.132 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down BGP Notification sent*May 20 04:52:18.132 MST: %BGP-3-NOTIFICATION: sent to neighbor 192.0.2.133 4/0 (hold time expired) 0 bytes *May 20 04:55:16.469 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 04:56:17.169 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down Peer closed the session*May 20 04:56:36.533 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 05:09:28.555 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down Peer closed the session*May 20 05:09:35.087 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Up *May 20 05:47:57.350 MST: %BGP-5-ADJCHANGE: neighbor 192.0.2.133 Down BGP Notification sent
52
Received RoutesPre/Post Filter
Show received routes before policy is applied
sh ip bgp nei 1.1.1.1 received-routes
Requires soft-reconfiguration inbound (more mem)
Show received routes after policy is applied
sh ip bgp nei 1.1.1.1 routes
Show AS Paths to via all neighborsBGP-router> sh ip bgp paths Address Hash Refcount Metric Path0xC4125EDC 1 8 0 7018 209 701 23520 3816 ?0x68397C58 1 18 0 4323 6389 6198 27266 25747 i0x74151970 1 2 0 4323 1299 13249 44600 i0x70FF72D4 1 2 0 4323 3257 1241 20506 i
53
Missing Routes
Next hop IP address must be accessible iBGP next-hop-self
Route with better AD already exists in RIB
Filters Prefix AS-Path Route-maps
54
AnnouncementsVerify advertised routes
Show advertised routes to peer sh ip bgp nei 192.0.2.233 advertised-routes
BGP-Router> sh ip bgp nei 192.0.2.233 advertised-routes BGP table version is 20753141, local router ID is 205.93.251.126Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S StaleOrigin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path*> 205.93.251.0 205.93.251.4 0 32768 i*> 205.93.251.0/23 0.0.0.0 0 32768 i
Total number of prefixes 2
What if nothing shows up?• Route must exist in the RIB
55
BGP TableAnalyzing and Interpreting
Note to self: 10 prepends is excessive Average AS path length is 3.6
Router# sh ip bgpBGP table version is 24849, local router ID is 205.215.216.193Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S StaleOrigin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path*>i0.0.0.0 205.93.251.125 0 100 0 7018 i*> 3.0.0.0 192.0.2.233 0 4323 1239 701 703 80 i*> 4.0.0.0/9 192.0.2.233 0 4323 3549 3356 i* i 205.93.251.125 0 100 0 7018 209 3356 i*> 4.0.0.0 192.0.2.233 0 4323 3549 3356 i* i 205.93.251.125 0 100 0 7018 209 3356 i*> 4.23.112.0/24 192.0.2.233 0 4323 174 21889 i*>i12.2.60.0/22 205.93.251.125 0 100 0 7018 209 7018 32719 i* 192.0.2.233 0 4323 6539 19092 26794 26794 26794 26794 26794 26794 26794 26794 26794 26794 26794 32719 i
56
Looking GlassPublic BGP Route Servers - CLI
Verify how the global internet routing table views your prefix announcement
route-views.oregon-ix.net> sh ip bgp 205.93.251.0 | i 64512 3333 3356 1239 4323 64512 2905 701 209 7018 64512 4513 13789 22212 4323 64512 7018 4323 64512 ...
1st 2nd 3rd 4th 5th Len ISP Path3333 3356 1239 4323 64512 5 RIPE, Level 3, Sprint, TWT, You3356 1239 4323 64512 4 Level 3, Sprint, TWT, You701 209 7018 64512 4 MCI, Qwest, ISP, You
6453 209 7018 64512 4 Teleglobe, Qwest, ISP, You6453 3549 7018 64512 4 Teleglobe, GBLX, ISP, You293 4323 64512 3 Energy Sciences Net, TWT, You
7018 4323 64512 3 AT&T, TWT, You3549 7018 64512 3 GBLX, ISP, You
57
Looking GlassPublic BGP Route Servers – Web/CLI
58
High CPUProcess Name DescriptionBGP Open Performs BGP peer establishment.
BGP I/O Processing of BGP packets, such as UPDATES and KEEPALIVES.
BGP Scanner Walks the BGP table and confirms reachability of the next hops.
BGP RouterCalculates the best BGP path . Sends and receives routes and interacts with the routing information base (RIB).
BGP-Router# sh proc cpu | i CPU|PID|BGPCPU utilization for five seconds: 93%/2%; one minute: 32%; five minutes: 22% PID Runtime(ms) Invoked uSecs 5Sec 1Min 5Min TTY Process 319 2319628 11589466 200 0.15% 0.05% 0.04% 0 BGP Router 320 568684 2305861 246 0.00% 0.01% 0.00% 0 BGP I/O 321 246815548 1497615 164807 76.47% 9.23% 6.50% 0 BGP Scanner
59
High Memory
750K routes (if no soft-reconfig) 1.5M routes (if soft-reconfig)
542MB of memory for BGP
L3-Switch# sh proc mem | i PID|BGP PID TTY Allocated Freed Holding Getbufs Retbufs Process 319 0 541682808 353471992 177441136 0 0 BGP Router 320 0 1377432 2361312 7048 0 0 BGP I/O 321 0 136 323920 10216 0 0 BGP Scanner
L3-Switch# sh ip bgp sumNeighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd32.124.75.251 4 209 1741759 68344 9564122 0 0 6w5d 25157752.111.238.129 4 5555 2798645 68231 9564122 0 0 1w2d 254104192.0.1.148 4 22222 68448 2134480 9564122 0 0 3w3d 35192.0.2.228 4 33333 67386 2381477 9564122 0 0 5d01h 118192.0.3.254 4 11111 2140027 2272911 9564130 0 0 6w5d 254360
60
LatencyPerception v. Reality
What could cause this horrible latency???Reply from 209.85.171.100: bytes=32 time=5ms TTL=247
Reply from 209.85.171.100: bytes=32 time=5ms TTL=247Reply from 209.85.171.100: bytes=32 time=6ms TTL=247Reply from 209.85.171.100: bytes=32 time=99ms TTL=247Reply from 209.85.171.100: bytes=32 time=225ms TTL=247Reply from 209.85.171.100: bytes=32 time=248ms TTL=247Reply from 209.85.171.100: bytes=32 time=66ms TTL=247Reply from 209.85.171.100: bytes=32 time=8ms TTL=247Reply from 209.85.171.100: bytes=32 time=5ms TTL=247Reply from 209.85.171.100: bytes=32 time=5ms TTL=247
BGP scanner process takes higher priority than ICMP processing. Move on, nothing to see here.
61
Section ReviewTroubleshooting
What are 3 reasons that could cause peer establishment problems?
What are the advantages and disadvantages of soft reconfiguration?
What is required in ordered to announce a prefix?
What kind of information can you get from the looking glass route servers?
62
BGP Resources
North American Network Operators Group (NANOG)http://www.nanog.org
www.traceroute.org