Border Gateway Protocol (BGP4)

Border Gateway Protocol (BGP) Routing/Forwarding basics Building blocks Exercises BGP protocol basics BGP path attributes Best path computation

Border Gateway Protocol (BGP)... Typical BGP topologies Routing Policy Exercises Redundancy/Load sharing Best current practices

Routing/Forwarding Basics

IP route lookup:Longest match routing All 10/8 except 10.1/16 Packet: Destination IP address: 10.1.1.1 R1 R4 R2 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 30/8 -> R6 ….. R2’s IP routing table 10.1/16

IP route lookup: Longest match routing All 10/8 except 10.1/16 Packet: Destination IP address: 10.1.1.1 R1 R4 R2 10.1/16 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table 10.1.1.1 & FF.0.0.0 is equal to 10.0.0.0 & FF.0.0.0 Match!

IP route lookup: Longest match routing All 10/8 except 10.1/16 Packet: Destination IP address: 10.1.1.1 R1 R4 R2 10.1/16 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table 10.1.1.1 & FF.FF.0.0 is equal to 10.1.0.0 & FF.FF.0.0 Match as well!

IP route lookup: Longest match routing All 10/8 except 10.1/16 Packet: Destination IP address: 10.1.1.1 R1 R4 R2 10.1/16 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table 10.1.1.1 & FF.0.0.0 is equal to 20.0.0.0 & FF.0.0.0 Does not match!

IP route lookup: Longest match routing All 10/8 except 10.1/16 Packet: Destination IP address: 10.1.1.1 R1 R4 R2 10.1/16 10/8 -> R3 10.1/16 -> R4 20/8 -> R5 ….. R2’s IP routing table Longest match, 16 bit netmask

IP route lookup: Longest match routing default is 0.0.0.0/0 can handle it using the normal longest match algorithm matches everything. Always the shortest match.

Forwarding Uses the routing table built by routing protocols Performs the lookup to find next-hop and outgoing interface Switches the packet with new encapsulation as per the outgoing interface

Building Blocks Autonomous System (AS) Types of Routes IGP/EGP DMZ Policy Egress Ingress

Autonomous System (AS) Collection of networks with same policy Single routing protocol Usually under single administrative control IGP to provide internal connectivity

Autonomous System(AS)... Identified by ‘AS number’ Public & Private AS numbers Examples: Service provider Multi-homed customers Anyone needing policy discrimination

Routing flow and packet flow egress announce accept AS2 AS 1 Routing flow announce accept For networks in AS1 and AS2 to communicate: AS1 must announce routes to AS2 AS2 must accept routes from AS1 AS2 must announce routes to AS1 AS1 must accept routes from AS2 ingress packet flow

Egress Traffic Packets exiting the network Based on Route availability (what others send you) Route acceptance (what you accept from others) Policy and tuning (what you do with routes from others) Peering and transit agreements

Ingress Traffic Packets entering your network Ingress traffic depends on: What information you send and to who Based on your addressing and ASes Based on others’ policy (what they accept from you and what they do with it)

Types of Routes Static Routes Connected Routes Interior Routes configured manually Connected Routes created automatically when an interface is ‘up’ Interior Routes Routes within an AS Exterior Routes Routes exterior to AS

What Is an IGP? Interior Gateway Protocol Within an Autonomous System Carries information about internal prefixes Examples—OSPF, ISIS, EIGRP…

What Is an EGP? Exterior Gateway Protocol Used to convey routing information between ASes De-coupled from the IGP Current EGP is BGP4

Why Do We Need an EGP? Scaling to large network Hierarchy Limit scope of failure Define administrative boundary Policy Control reachability to prefixes

Interior vs. Exterior Routing Protocols Automatic discovery Generally trust your IGP routers Routes go to all IGP routers Exterior Specifically configured peers Connecting with outside networks Set administrative boundaries

Hierarchy of Routing Protocols Local NAP FDDI Other ISP’s BGP4 BGP4/Static BGP4 / OSPF Customers BGP4

Demilitarized Zone (DMZ) C DMZ Network AS 100 AS 101 B D E AS 102 Shared network between ASes

Addressing - ISP Need to reserve address space for its network. Need to allocate address blocks to its customers. Need to take “growth” into consideration Upstream link address is allocated by upstream provider

BGP Basics Terminology Protocol Basics Messages General Operation Peering relationships (EBGP/IBGP) Originating routes

Terminology Neighbor NLRI/Prefix Router-ID Route/Path Configured BGP peer NLRI/Prefix NLRI - network layer reachability information Reachability information for a IP address & mask Router-ID Highest IP address configured on the router Route/Path NLRI advertised by a neighbor

Protocol Basics Routing protocol used between ASes Runs over TCP Peering A C AS 100 AS 101 B D E Routing protocol used between ASes if you aren’t connected to multiple ASes, you don’t need BGP :) Runs over TCP Path vector protocol Incremental update AS 102

BGP Basics ... Each AS originates a set of NLRI NLRI is exchanged between BGP peers Can have multiple paths for a given prefix Picks the best path and installs in the IP forwarding table Policies applied (through attributes) influences BGP path selection

BGP Peers AS 100 AS 101 AS 102 BGP speakers are called peers 220.220.8.0/24 220.220.16.0/24 B D E BGP speakers are called peers AS 102 Peers in different AS’s are called External Peers 220.220.32.0/24 eBGP TCP/IP Peer Connection Note: eBGP Peers normally should be directly connected.

BGP Peers AS 100 AS 101 AS 102 BGP speakers are called peers 220.220.8.0/24 220.220.16.0/24 B D E BGP speakers are called peers AS 102 Peers in the same AS are called Internal Peers 220.220.32.0/24 iBGP TCP/IP Peer Connection Note: iBGP Peers don’t have to be directly connected.

BGP Peers A C AS 100 AS 101 220.220.8.0/24 220.220.16.0/24 B D E BGP Peers exchange Update messages containing Network Layer Reachability Information (NLRI) AS 102 220.220.32.0/24 BGP Update Messages

Configuring BGP Peers AS 101 AS 100 A B C D eBGP TCP Connection A B 222.222.10.0/30 C D interface Serial 0 ip address 222.222.10.2 255.255.255.252 router bgp 100 network 220.220.8.0 mask 255.255.255.0 neighbor 222.222.10.1 remote-as 101 .2 220.220.8.0/24 .1 .2 interface Serial 0 ip address 222.222.10.1 255.255.255.252 router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 222.222.10.2 remote-as 100 .1 .2 220.220.16.0/24 .1 BGP Peering sessions are established using the BGP “neighbor” configuration command External (eBGP) is configured when AS numbers are different

Configuring BGP Peers AS 101 AS 100 A B C D iBGP TCP Connection A B 222.222.10.0/30 C D interface Serial 1 ip address 222.220.16.1 255.255.255.252 router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 220.220.16.2 remote-as 101 interface Serial 1 ip address 220.220.16.2 255.255.255.252 router bgp 101 network 220.220.16.0 mask 255.255.255.0 neighbor 220.220.16.1 remote-as 101 .2 220.220.8.0/24 .1 .2 .1 .2 220.220.16.0/24 .1 BGP Peering sessions are established using the BGP “neighbor” configuration command External (eBGP) is configured when AS numbers are different Internal (iBGP) is configured when AS numbers are same

Configuring BGP Peers AS 100 iBGP TCP/IP Peer Connection C Each iBGP speaker must peer with every other iBGP speaker in the AS

Configuring BGP Peers AS 100 215.10.7.2 215.10.7.1 B A 215.10.7.3 iBGP TCP/IP Peer Connection C Loopback interface are normally used as peer connection end-points

Configuring BGP Peers AS 100 B A A C iBGP TCP/IP Peer Connection 215.10.7.2 215.10.7.1 B A A interface loopback 0 ip address 215.10.7.1 255.255.255.255 router bgp 100 network 220.220.1.0 neighbor 215.10.7.2 remote-as 100 neighbor 215.10.7.2 update-source loopback0 neighbor 215.10.7.3 remote-as 100 neighbor 215.10.7.3 update-source loopback0 215.10.7.3 iBGP TCP/IP Peer Connection C

Configuring BGP Peers AS 100 B A A C iBGP TCP/IP Peer Connection 215.10.7.2 215.10.7.1 B A interface loopback 0 ip address 215.10.7.2 255.255.255.255 router bgp 100 network 220.220.5.0 neighbor 215.10.7.1 remote-as 100 neighbor 215.10.7.1 update-source loopback0 neighbor 215.10.7.3 remote-as 100 neighbor 215.10.7.3 update-source loopback0 A 215.10.7.3 iBGP TCP/IP Peer Connection C

Configuring BGP Peers AS 100 B A A C iBGP TCP/IP Peer Connection 215.10.7.2 215.10.7.1 B A A 215.10.7.3 iBGP TCP/IP Peer Connection C interface loopback 0 ip address 215.10.7.3 255.255.255.255 router bgp 100 network 220.220.1.0 neighbor 215.10.7.1 remote-as 100 neighbor 215.10.7.1 update-source loopback0 neighbor 215.10.7.2 remote-as 100 neighbor 215.10.7.2 update-source loopback0

BGP Updates — NLRI Network Layer Reachability Information Used to advertise feasible routes Composed of: Network Prefix Mask Length

BGP Updates — Attributes Used to convey information associated with NLRI AS path Next hop Local preference Multi-Exit Discriminator (MED) Community Origin Aggregator

AS-Path Attribute Sequence of ASes a route has traversed Loop detection Apply policy AS 200 AS 100 170.10.0.0/16 180.10.0.0/16 Network Path 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200 AS 300 AS 400 150.10.0.0/16 Network Path 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200 150.10.0.0/16 300 400 AS 500

Next Hop Attribute Next hop to reach a network AS 300 AS 200 140.10.0.0/16 C 192.10.1.0/30 D 150.10.0.0/16 .1 .2 E B .2 Network Next-Hop Path 160.10.0.0/16 192.20.2.1 100 192.20.2.0/30 .1 Next hop to reach a network Usually a local network is the next hop in eBGP session A AS 100 160.10.0.0/16 BGP Update Messages

Next Hop Attribute Next hop to reach a network AS 300 AS 200 140.10.0.0/16 C 192.10.1.0/30 D 150.10.0.0/16 .1 .2 E Network Next-Hop Path 150.10.0.0/16 192.10.1.1 200 160.10.0.0/16 192.10.1.1 200 100 B .2 Next hop to reach a network Usually a local network is the next hop in eBGP session 192.20.2.0/30 .1 A AS 100 160.10.0.0/16 Next Hop updated between eBGP Peers BGP Update Messages

Next Hop Attribute Next hop not changed between iBGP peers AS 300 140.10.0.0/16 C 192.10.1.0/30 D 150.10.0.0/16 .1 .2 E Network Next-Hop Path 150.10.0.0/16 192.10.1.1 200 160.10.0.0/16 192.10.1.1 200 100 B .2 192.20.2.0/30 Next hop not changed between iBGP peers .1 A AS 100 160.10.0.0/16 BGP Update Messages

Next Hop Attribute (more) IGP should carry route to next hops Recursive route look-up Unlinks BGP from actual physical topology Allows IGP to make intelligent forwarding decision

BGP Updates — Withdrawn Routes Used to “withdraw” network reachability Each Withdrawn Route is composed of: Network Prefix Mask Length

BGP Updates — Withdrawn Routes AS 321 AS 123 .1 192.168.10.0/24 .2 BGP Update Message Withdraw Routes 192.192.25.0/24 x Connectivity lost 192.192.25.0/24 Network Next-Hop Path 150.10.0.0/16 192.168.10.2 321 200 192.192.25.0/24 192.168.10.2 321

BGP Routing Information Base BGP RIB Network Next-Hop Path *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i router bgp 100 network 160.10.0.0 255.255.0.0 no auto-summary D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 BGP ‘network’ commands are normally used to populate the BGP RIB with routes from the Route Table Route Table

BGP Routing Information Base BGP RIB Network Next-Hop Path *> 160.10.0.0/16 0.0.0.0 i * i 192.20.2.2 i s> 160.10.1.0/24 192.20.2.2 i s> 160.10.3.0/24 192.20.2.2 i router bgp 100 network 160.10.0.0 255.255.0.0 aggregate-address 160.10.0.0 255.255.0.0 summary-only no auto-summary D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 BGP ‘aggregate-address’ commands may be used to install summary routes in the BGP RIB Route Table

BGP Routing Information Base BGP RIB Network Next-Hop Path *> 160.10.0.0/16 0.0.0.0 i * i 192.20.2.2 i s> 160.10.1.0/24 192.20.2.2 i s> 160.10.3.0/24 192.20.2.2 i *> 192.1.1.0/24 192.20.2.2 ? router bgp 100 network 160.10.0.0 255.255.0.0 redistribute static route-map foo no auto-summary access-list 1 permit 192.1.0.0 0.0.255.255 route-map foo permit 10 match ip address 1 D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 BGP ‘redistribute’ commands can also be used to populate the BGP RIB with routes from the Route Table Route Table

BGP Routing Information Base IN Process OUT Process BGP RIB Network Next-Hop Path *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i Update Update * 173.21.0.0/16 192.20.2.1 100 > Network Next-Hop Path 173.21.0.0/16 192.20.2.1 100 BGP “in” process receives path information from peers results of BGP path selection placed in the BGP table “best path” flagged (denoted by “>”)

BGP Routing Information Base IN Process OUT Process BGP RIB Network Next-Hop Path *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i Update Update * > 173.21.0.0/16 192.20.2.1 100 Network Next-Hop Path 160.10.1.0/24 192.20.2.2 200 160.10.3.0/24 192.20.2.2 200 173.21.0.0/16 192.20.2.2 200 100 Next-Hop changed 192.20.2.1 BGP “out” process builds update using info from RIB may modify update based on config Sends update to peers

BGP Routing Information Base BGP RIB Network Next-Hop Path *>i160.10.1.0/24 192.20.2.2 i *>i160.10.3.0/24 192.20.2.2 i *> 173.21.0.0/16 192.20.2.1 100 D 10.1.2.0/24 D 160.10.1.0/24 D 160.10.3.0/24 R 153.22.0.0/16 S 192.1.1.0/24 Best paths installed in routing table if: prefix and prefix length are unique lowest “protocol distance” B 173.21.0.0/16 Route Table

The ‘Bible’ & other resources Route-views.oregon-ix.net Internet Routing Architectures Bassam Halabi pg. 168 BGP Decision Process Summary

Types of BGP Messages OPEN UPDATE KEEPALIVE NOTIFICATION To negotiate and establish peering UPDATE To exchange routing information KEEPALIVE To maintain peering session NOTIFICATION To report errors (results in session reset)

Internal BGP Peering (IBGP) AS 100 A E B D BGP peer within the same AS Not required to be directly connected Maintain full IBGP mesh or use Route Reflection

External BGP Peering (EBGP) AS 100 AS 101 C B Between BGP speakers in different AS Directly connected or peering address is reachable

An Example… 35.0.0.0/8 AS3561 A AS200 F B AS21 C D AS101 AS675 E Learns about 35.0.0.0/8 from F & D

Basic BGP commands Configuration commands Show commands router bgp <AS-number> neighbor <ip address> remote-as <as-number> Show commands show ip bgp summary show ip bgp neighbors

Originating routes... Using network command or redistribution network <ipaddress> redistribute <protocol name> Requires the route to be present in the routing table

Originating routes/Inserting prefixes into BGP network command network 198.10.4.0 mask 255.255.254.0 ip route 198.10.0.0 255.255.254.0 serial 0 matching route must exist in the routing table before network is announced! Origin: IGP

Update message Withdrawn routes Path Attributes Advertised routes

Stable IBGP peering Unlinks IBGP peering from physical topology. Carry loopback address in IGP router ospf <ID> passive-interface loopback0 Unlink peering from physical topology router bgp <AS1> neighbor <x.x.x.x> remote-as <AS1> neighbor <x.x.x.x> update-source loopback0

BGP4 continued...

BGP Path Attributes: Why ? Encoded as Type, Length & Value (TLV) Transitive/Non-Transitive attributes Some are mandatory Used in path selection To apply policy for steering traffic

BGP Path Attributes... Origin AS-path Next-hop Multi-Exit Discriminator (MED) Local preference BGP Community Others...

AS-PATH Updated by the sending router with its AS number Contains the list of AS numbers the update traverses. Used to detect routing loops Each time the router receives an update, if it finds its AS number, it discards the update

AS-Path Sequence of ASes a route has traversed Loop detection AS 200 170.10.0.0/16 180.10.0.0/16 180.10.0.0/16 dropped AS 300 AS 400 150.10.0.0/16 180.10.0.0/16 300 200 100 170.10.0.0/16 300 200 150.10.0.0/16 300 400 AS 500

Cisco Systems Confidential Next-Hop 150.10.1.1 150.10.1.2 AS 200 AS 300 150.10.0.0/16 A B 150.10.0.0/16 150.10.1.1 160.10.0.0/16 150.10.1.1 AS 100 Next hop router to reach a network Advertising router/Third party in EBGP Unmodified in IBGP 160.10.0.0/16 Cisco Systems Confidential 0799_04F7_c2 20

Third Party Next Hop More efficient, but bad idea! AS 200 AS 201 C A B 192.68.1.0/24 150.1.1.3 C 150.1.1.1 peering 150.1.1.2 150.1.1.3 A B 192.68.1.0/24 AS 201 More efficient, but bad idea!

Next Hop... IGP should carry route to next hops Recursive route look-up Unlinks BGP from actual physical topology Allows IGP to make intelligent forwarding decision

Local Preference Not for EBGP, mandatory for IBGP Default value is 100 on Ciscos Local to an AS Used to prefer one exit over another Path with highest local preference wins

Local Preference AS 100 AS 200 AS 300 AS 400 160.10.0.0/16 D E A B C 500 800 E A B AS 400 160.10.0.0/16 500 > 160.10.0.0/16 800 C

Multi-Exit Discriminator Non-transitive Represented as a numeric value (0-0xffffffff) Used to convey the relative preference of entry points Comparable if paths are from the same AS Path with lower MED wins IGP metric can be conveyed as MED

Multi-Exit Discriminator (MED) AS 200 C preferred 192.68.1.0/24 2000 192.68.1.0/24 1000 A B 192.68.1.0/24 AS 201

Origin Conveys the origin of the prefix Three values: IGP - Generated using “network” statement ex: network 35.0.0.0 EGP - Redistributed from EGP Incomplete - Redistribute IGP ex: redistribute ospf IGP < EGP < INCOMPLETE

Communities Transitive, Non-mandatory Represented as a numeric value (0-0xffffffff) Used to group destinations Each destination could be member of multiple communities Flexibility to scope a set of prefixes within or across AS for applying policy

Community... Service Provider AS 200 Customer AS 201 C D A B 192.68.1.0/24 Customer AS 201

Synchronization C D OSPF C not running BGP (non-pervasive BGP) 1880 C A D OSPF 690 35/8 209 C not running BGP (non-pervasive BGP) A won’t advertise 35/8 to D until the IGP is in sync Turn synchronization off! Run pervasive BGP router bgp 1880 no sync B

BGP Route Selection (bestpath) Only one path as the bestpath ! Route has to be synchronized Prefix in forwarding table Next-hop has to be accessible Next-hop in forwarding table Largest weight Local to the router Largest local preference Spread within AS Locally sourced Via redistribute or network statement

BGP Route Selection ... Shortest AS-path length Lowest origin number of ASes in the AS-path attribute Lowest origin IGP < EGP < INCOMPLETE Lowest MED between paths from same AS External over internal closest exit from a router Closest next-hop Lower IGP metric, closer exit from as AS Lowest router-id Lowest IP address of neighbor

BGP Route Selection... AS 100 AS 200 AS 300 AS 400 D A B Increase AS path attribute length by at least 1 A B AS 400’s Policy to reach AS100 AS 200 preferred path AS 300 backup AS 400

Stub AS Typically no need for BGP Point default towards the ISP ISP advertises the stub network to Internet Policy confined within ISP policy

Stub AS AS 101 B Provider A AS 100 Customer

Multi-homed AS Only border routers speak BGP IBGP only between border routers Exterior routes must be redistributed in a controlled fashion into IGP or use defaults

Multi-homed AS AS 100 AS 200 AS 300 D C B A provider provider customer

Service Provider Network IBGP used to carry exterior routes IGP keeps track of topology Full IBGP mesh is required

Common Service Provider Network AS 100 AS 200 A H B C AS 300 provider D F E G AS 400

Routing Policy Why? How ? To steer traffic through preferred paths Inbound/Outbound prefix filtering To enforce Customer-ISP agreements How ? AS based route filtering - filter list Prefix based route filtering - distribute list BGP attribute modification - route maps

Distribute list - using IP access lists access-list 1 deny 10.0.0.0 access-list 1 permit any access-list 2 permit 20.0.0.0 … more access-lists as prefixes are added ... router bgp 100 neighbor 171.69.233.33 remote-as 33 neighbor 171.69.233.33 distribute-list 1 in neighbor 171.69.233.33 distribute-list 2 out

Filter list rules Regular Expressions RE is a pattern to match against an input string Used to match against AS-path attribute ex: ^3561.*100.*1$ Flexible enough to generate complex filter list rules

Filter list - using as-path access list ip as-path access-list 1 permit 3561 ip as-path access-list 2 deny 35 ip as-path access-list 2 permit .* router bgp 100 neighbor 171.69.233.33 remote-as 33 neighbor 171.69.233.33 filter-list 1 in neighbor 171.69.233.33 filter-list 2 out

Route Maps router bgp 300 neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 route-map SETCOMMUNITY out ! route-map SETCOMMUNITY permit 10 match ip address 1 match community 1 set community 300:100 access-list 1 permit 35.0.0.0 ip community-list 1 permit 100:200

Route-map match & set clauses Match Clauses Set Clauses AS-path Community IP address AS-path prepend Community Local-Preference MED Origin Weight Others...

Route-map Configuration Example neighbor <y.y.y.y> route-map AS200_IN in ! route-map AS200_IN permit 10 match community 1 set local-preference 200 ip community-list 1 permit 100:200 ISP2 H eth C21 C22 ISP3 neighbor <x.x.x.x> route-map AS100_IN in ! route-map AS100_IN permit 10 set community 100:200 Inbound route-map to set community H eth C32 C31

Load Sharing & Redundancy using BGP

Load-sharing - single path Router A: interface loopback 0 ip address 20.200.0.1 255.255.255.255 ! router bgp 100 neighbor 10.200.0.2 remote-as 200 neighbor 10.200.0.2 update-source loopback0 neighbor 10.200.0.2 ebgp-multi-hop 2 ip route 10.200.0.2 255.255.255.255 <DMZ-link1, link2> Loopback 0 10.200.0.2 A AS100 AS200 Loopback 0 20.200.0.1

Load Sharing - Multiple paths from the same AS Router A: router bgp 100 neighbor 10.200.0.1 remote-as 200 neighbor 10.300.0.1 remote-as 200 maximum-paths 2 A 100 200 Note:A still only advertises one “best” path to ibgp peers

Redundancy - Multi-homing Reliable connection to Internet 3 common cases of multi-homing: - default from all providers - customer + default routes from all - full routes from all

Default from all providers Low memory/CPU solution Provider sends BGP default provider is selected based on IGP metric Inbound traffic decided by providers’ policy Can influence using outbound policy, example: AS-path prepend

Default from all providers AS 200 Provider AS 300 D E A B AS 400 C

Customer + default from all providers Medium memory and CPU solution Granular routing for customer routes and default for the rest Inbound traffic decided by providers’ policy Can influence using outbound policy

Customer routes from all providers AS 100 160.10.0.0/16 Provider AS 200 Provider AS 300 D E A B C chooses shortest AS path AS 400 C

Full routes from all providers More memory/CPU Full granular routing Usually transit ASes take full routes Usually pervasive BGP

Full routes from all providers AS 100 AS 500 AS 200 AS 300 D E A B C chooses shortest AS path AS 400 C

Best Practices IGP in Backbone IGP connects your backbone together, not your client’s routes IGP must converge quickly IGP should carry netmask information - OSPF, IS-IS, EIGRP

Best Practices... Connecting to a customer Static routes You control directly No route flaps Shared routing protocol or leaking You must filter your customers info Route flaps BGP for multi-homed customers

Best Practices... Connecting to other ISPs Use BGP4 Advertise only what you serve Take back as little as you can Take the shortest exit

Best Practices... The Internet Exchange Long distance connectivity is expensive Connect to several providers at a single point

Q & A