iBGP Split Horizon:
• Why? AS_PATH is not changed over an iBGP session and it cannot detect loops inside an AS.
• How? Routing information received through an iBGP session is never forwarded to another iBGP neighbor.
• Result: Full mesh of iBGP sessions is required.
BGP Route Filtering:
• BGP updates can be filtered inbound and outbound
• prevent AS from becoming a transit AS
• route maps, prefix lists, and AS path filters
Example: Announce locally sourced routes only. ^$ is a regular expression that indicates an empty AS_PATH.
BGP Filtering Order:
• updates must pass all incoming filters to reach the BGP table
• outgoing routes must pass the outgoing filters before being transmitted to the neighbor
(Image from Cisco’s BGP FAQs)
iBGP Scalability Issues:
• BGP split horizon (route exchange): iBGP Left right arrow eBGP White heavy check mark, iBGP Left right arrow iBGP No entry sign
• work-around: a full mesh of iBGP sessions
• consequences: a large number of BGP sessions, multiplied BGP traffic
• solutions: route reflectors, BGP confederations
Route Reflector Rules:
• modified split horizon: iBGP Left right arrow iBGP route exchange allowed under certain conditions
• route reflector and its clients form a cluster
• iBGP peers of route reflector, which are not part of the cluster, are non-clients
BGP Authentication:
• MD5 - a message digest (a hash) is created using a shared secret and a payload
• the digest is sent to the neighbor, never the key
• neigbor computes its own hash; if it is not identical with the received value, BGP discards the packet
MP-BGP Support:
• you can run MP-BGP over IPv4 or IPv6 transport and can exchange routes for IPv4, IPv6, or both
• BGP uses TCP for peering and this has no relevance to the routes carried inside the BGP exchanges
• common address families: IPv4, IPv6, VPNv4, and VPNv6
Comments
Post a Comment