bgp.tex

xorp源码hg

%
% $XORP: xorp/docs/user_manual/bgp.tex,v 1.22 2007/03/02 19:56:05 atanu Exp $
%

\chapter{BGP}
\label{bgp}
\section{BGP Terminology and Concepts}

BGP is the Border Gateway Protocol, which is the principal inter-domain
routing protocol in the Internet.  BGP version 4 is specified in RFC
4271,  XORP BGP is compliant with the new RFC.  Earlier
versions of BGP are now considered historic.  XORP implements what is
known as BGP4+.  This is the core BGP-4 protocol, plus the
multiprotocol extensions needed to route IPv6 traffic and to provide
separate topology information for multicast routing protocols to that
used for unicast routing.

A complete description of BGP is outside the scope of this manual, but
we will mention a few of the main concepts.  

\subsection{Key BGP Concepts}

The main concept used in BGP is that of the Autonomous System, or AS
for short.  An AS corresponds to a routing domain that is under one
administrative authority, and which implements its own routing
policies.  BGP is used in two different ways:
\begin{itemize}
\item EBGP is used to exchange routing information between routers
that are in different ASes.
\item IBGP is used to exchange routing information between routers
that are in the same AS.  Typically these routes were originally
learned from EBGP.
\end{itemize}
Each BGP route carries with it an AS Path, which essentially records
the autonomous systems through which the route has passed between the
AS where the route was originally advertised and the current AS.  When
a BGP router passes a route to a router in a neighboring AS, it
prepends its own AS number to the AS path.  The AS path is used to
prevent routes from looping, and also can be used in policy filters to
decide whether or not to accept a route.

When a route reaches a router over an EBGP connection, the router
first decides if this is the best path to the destination, based on a
complex decision process and local policy configuration.  If the route
is the best path, the route is passed on to all the other BGP routers
in the same domain using IBGP connections, as well as on to all the
EBGP peers (as allowed by policy).

When a router receives a route from an IBGP peer, if the router decides
this route is the best route to the destination, then it will pass the
route on to its EBGP peers, but it will not normally pass the route
onto another IBGP peer.  This prevents routing information looping
within the AS, but it means that by default every BGP router in a
domain must be peered with every other BGP router in the domain.

Of course such a full mesh of configured BGP peerings does not scale
well to large domains, so two techniques can be used to improve
scaling:
\begin{itemize}
\item Confederations.
\item Route Reflectors.
\end{itemize}

BGP peerings are conducted over TCP connections which must be manually
configured.  A connection is an IBGP peering if both routers are
configured to be in the same AS; otherwise it is an EBGP peering.

Routers typically have multiple IP addresses, with at least one for
each interface, and often an additional routable IP address associated
with the loopback interface\footnote{Note: 127.0.0.1 is {\it not} routable.}.
When configuring an IBGP connection, it is good practice to set up the
peering to be between the IP addresses on the loopback interfaces.
This makes the connection independent of the state of any particular
interface.  However, most EBGP peerings will be configured using the
IP address of the router that is directly connected to the EBGP peer
router.  Thus if the interface to that peer goes down, the peering
session will also go down, causing the routing to correctly fail over
to an alternative path.

\section{Standards}

XORP BGP complies with the following standards:
\begin{description}
\item{\bf RFC 4271}: BGP-4 Specification (obsoletes RFC 1771).
\item{\bf RFC 3392}: Capabilities Advertisement with BGP-4.
\item{\bf draft-ietf-idr-rfc2858bis-03.txt}: Multiprotocol
     Extensions for BGP-4.
\item{\bf RFC 2545}: Use of BGP-4 Multiprotocol Extensions for IPv6
     Inter-Domain Routing.
\item{\bf RFC 3392}: Capabilities Advertisement with BGP-4.
\item{\bf RFC 1997}: BGP Communities Attribute.
\item{\bf RFC 2796}: BGP Route Reflection - An Alternative to Full Mesh
     IBGP.
\item{\bf RFC 3065}: Autonomous System Confederations for BGP.
\item{\bf RFC 2439}: BGP Route Flap Damping.
\item{\bf RFC 1657}: Definitions of Managed Objects for the Fourth Version
     of the Border Gateway Protocol (BGP-4) using SMIv2.
\end{description}

\newpage
\section{Configuring BGP}

\subsection{Configuration Syntax}

The configuration syntax for XORP BGP is given below.

\vspace{0.1in}
\noindent\framebox[\textwidth][l]{\scriptsize
\begin{minipage}{6in}
\begin{alltt}
\begin{tabbing}
xx\=xx\=xx\=xx\=xx\=\kill
protocols \{\\
\>bgp \{\\
\>\>targetname: {\it text}\\
\>\>bgp-id: {\it IPv4}\\
\>\>local-as: {\it int(1..65535)}\\
\\
\>\>peer {\it text} \{\\
\>\>\>local-ip: {\it IPv4}\\
\>\>\>as: {\it int(1..65535)}\\
\>\>\>next-hop: {\it IPv4}\\
\>\>\>local-port: {\it int(1..65535)}\\
\>\>\>peer-port: {\it int(1..65535)}\\
\>\>\>holdtime: {\it uint}\\
\>\>\>prefix-limit \{\\
\>\>\>\>maximum: {\it uint}\\
\>\>\>\>disable:  {\it bool}\\
\>\>\>\}\\
\>\>\>disable: {\it bool}\\
\>\>\>ipv4-unicast: {\it bool}\\
\>\>\>ipv4-multicast: {\it bool}\\
\>\>\>ipv6-unicast: {\it bool}\\
\>\>\>ipv6-multicast: {\it bool}\\
\>\>\}\\
\}
\end{tabbing}
\end{alltt}
\end{minipage}
}
\vspace{0.1in}

\noindent
The configuration parameters are used as follows:
\begin{description}
\item{\tt protocols}: this delimits the configuration for all routing
  protocols in the XORP router configuration.  It is mandatory that
  BGP configuration is under the {\stt protocols} node in the
  configuration.
\item{\tt bgp}: this delimits the BGP configuration part of the XORP
  router configuration.
\item{\tt targetname}: this is the name for this instance of BGP.  It
  defaults to ``{\stt bgp}'', and it is not recommended that this
  default is overridden under normal usage scenarios.
\item{\tt bgp-id}: this is the BGP identifier for the BGP instance on
  this router.  It is typically set to one of the router's IP
  addresses, and it is normally required that this is globally unique.
  The required format of the BGP ID is a dotted-decimal IPv4 address,
  as mandated by the BGP specification.  This is required even if the
  router only supports IPv6 forwarding.
\item{\tt local-as}: this is the autonomous system number for the AS
  in which this router resides.  Any peers of this router must be
  configured to know this AS number - if there is a mismatch, a
  peering will not be established.  It is a 16-bit integer.
\item{\tt route-reflector}: this allows BGP to be configured as a
Route Reflector. A peer can be configured as a client in the peer
configuration.
\begin{description}
\item{\tt cluster-id}: All Route Reflectors in the same cluster should
have the same 4-byte cluster id. The required format is dotted-decimal
IPv4 address.
\item{\tt disable}: This takes the value {\stt true} or {\stt
false}. The default state is {\stt false}, it allows Route Reflection
to be disabled without removing the configuration.
\end{description}
\item{\tt confederation}: this allows BGP to be configured as a
confederation member. A peer can be configured as a
confederation-member in the peer configuration.
\begin{description}
\item{\tt identifier}: The autonomous system number that the
confederation is known by, by non confederation members.
\item{\tt disable}: This takes the value {\stt true} or {\stt
false}. The default state is {\stt false}, it allows confederations
to be disabled without removing the configuration.
\end{description}
\item{\tt peer}: this delimits the configuration of a BGP peering
  association with another router.  Most BGP routers will have
  multiple peerings configured.  The {\stt peer} directive takes a
  parameter which is the peer identifier for the peer router. This
  peer identifier should normally be the IPv4 unicast address of the
  router we are peering with.  The syntax allows it to be the domain
  names of the peer router for convenience, but this is {\it not}
  recommended in production settings.  

  For IBGP peerings the peer identifier will normally be an IP address
  bound to the router's loopback address, so it is not associated with
  a specific interface, meaning that the peering will not go down if a
  single internal interface fails.  

  For EBGP peerings, the peer identifier will normally be the IP
  address of the peer router on the interface over which we wish to
  exchange traffic, so that if the interface goes down, the peering
  will drop.

  For each configured {\stt peer}, the following
  configuration options can be specified:
\begin{description}
\item{\tt local-ip}: This is the IP address of this router that we
  will use for BGP connections to this peer.  It is mandatory to
  specify, and must be the same as the IP address configured on the
  peer router for this peering.
\item{\tt as}: this gives the AS number of this peer.  This must match
  the AS number that the peer itself advertises to us, or the BGP
  peering will not be established.  It is a 16-bit integer, and is
  mandatory to specify.
\item{\tt next-hop}: this is the IPv4 address that will be sent as the
  nexthop router address in routes that we send to this peer.
  Typically this is only specified for EBGP peerings.
\item{\tt next-hop6}: this is the IPv6 address that will be sent as the
  nexthop router address in routes that we send to this peer.
  Typically this is only specified for EBGP peerings.
\item{\tt local-port}: by default, BGP establishes its BGP connections
  over a TCP connection between port 179 on the local router and port
  179 on the remote router.  The local port for this peering can be
  changed by modifying this attribute.  This must be the same as the
  corresponding {\stt remote-port} on the remote peer router or a
  connection will not be established.
\item{\tt peer-port}: The port for this peering on the remote router
  can be changed by modifying this attribute. See also: {\stt
  local-port}.
\item{\tt holdtime}: This is the holdtime BGP should use when
  negotiating the connection with this peer.  If no message is
  received from a BGP peer during the negotiated holdtime, the
  peering will be shut down.
\item{\tt prefix-limit}: A peering can be configured to be torn down
if the {\stt maximum} number of prefixes is exceeded.
\item{\tt delay-open-time}: This is a time in seconds to wait before
sending an OPEN message, one the TCP session is established. This
option is to allow the peer to send the first OPEN message. The
default setting is zero.
\item{\tt client}: This takes the value {\stt true} or {\stt false},
it only has meaning if BGP is configured as a Route Reflector. If set
to {\stt true} the peer is a Route Reflector client.
\item{\tt confederation-member}: This takes the value {\stt true} or
{\stt false}, it only has meaning if BGP is configured as a
confederation member. If set to {\stt true} the peer is a
confederation member.
\item{\tt disable}: This takes the value {\stt true} or {\stt false},
  and indicates whether the peering is currently disabled.  This allows
  a peering to be taken down temporarily without removing the
  configuration~\footnote{Note that prior to XORP Release-1.1, the {\tt
  enable} flag was used instead of {\tt disable}.}.
\item{\tt ipv4-unicast}: This takes the value {\stt true} or {\stt false},
  and specifies whether BGP should
  negotiate multiprotocol support with this peer to allow IPv4 unicast
  routes to be exchanged. It is enabled by default.
\item{\tt ipv4-multicast}: This takes the value {\stt true} or {\stt false},
  and specifies whether BGP should
  negotiate multiprotocol support with this peer to allow separate
  routes to be used for IPv4 unicast and IPv4 multicast.  Normally
  this would only be enabled if PIM-SM multicast routing is running on
  the router.
\item{\tt ipv6-unicast}: This takes the value {\stt true} or {\stt false},
  and specifies whether BGP should
  negotiate multiprotocol support with this peer to allow IPv6 unicast
  routes to be exchanged.
\item{\tt ipv6-multicast}: This takes the value {\stt true} or {\stt false},
  and specifies whether BGP should
  negotiate multiprotocol support with this peer to allow IPv6
  multicast routes to be exchanged separately from IPv6 unicast
  routes.  It is possible to enable IPv6 multicast support without
  enabling IPv6 unicast support.
\end{description}
\end{description}

\subsection{Example Configurations}
\vspace{0.1in}
\noindent\framebox[\textwidth][l]{\scriptsize
\begin{minipage}{6in}
\begin{alltt}
\begin{tabbing}