BGP Essentials – The Art of Path Manipulation

BGP Essentials – The Art of Path Manipulation

Most enterprise networks use BGP to peer with their Internet Service Providers if they want to be multi-homed. Many factors come into play when determining how traffic should flow, but no matter what policies are put into place, at some point in time you’re going to need some control over how your external traffic is coming into, and leaving your network. This is where BGP route manipulation comes into play.

Path Selection

No, we’re not talking about routing decisions, I’m talking about what you need to think about when selecting where you want your traffic flowing. Traditionally there have been three things that describe the quality of a connection – bandwidth, delay, and packet loss. But which is best? There is no easy answer. Mostly it depends on your application needs. Most engineers do some simple path analysis using some sort of traceroute, examining network congestion and distance – both geographic, and network hops.

Outbound Traffic – Local Preference

Local preference can be used to influence route selection within the local autonomous system and is stripped from outgoing updates via eBGP. The default local preference for iBGP and local routes is 100, while all other are 0 by default. Given all other things being equal, the route with the highest local preference is selected. For further information see my post on the route selection . Local preference can be applied either by using the bgp default local-preference router configuration command, or within a route-map as shown below.

router bgp 65001
 no synchronization
 bgp log-neighbor-changes
 network 10.1.1.0 mask 255.255.255.0
 neighbor 10.1.2.2 remote-as 65555
 neighbor 10.1.2.2 route-map AS65555_in in
!
route-map AS65555_in permit 10
 set local-preference 120
!

Inbound Traffic – MED and AS Path Prepending

This is where things can get a little more difficult… Inbound path manipulation is mostly just a suggestion since other networks can specify local preference, and local preference is much higher in the path selection process.

MED

The first option is altering the path’s Multi-Exit Discriminator or MED. MED is an optional nontransitive attribute, that is most cases is little more than a hint to external neighbors about the preferred path into your AS. A lower MED value is preferred over a higher value. There is no real guarantee that any of your peers will accept this value from you, and will in most cases strip your value and set it to zero (the Cisco default). MED is also lower in the route selection process than AS_PATH shown below.

In the following example we reset the MED on our the specified network to 10.

router bgp 65001
 no synchronization
 bgp log-neighbor-changes
 network 10.1.1.0 mask 255.255.255.0
 neighbor 10.1.2.2 remote-as 65555
 neighbor 10.1.2.2 route-map AS65555_out out
!
route-map AS65555_out permit 10
  set metric 101
!
AS Path Prepending

Using Autonomous System Path Prepending can potentially allow you to influence the route selection process on the Internet. By prepending your AS number to the AS_PATH of your outgoing eBGP updates to your undesired upstream providers that path appears longer to the rest of the Internet, thus it is now less likely to be used as a return path to your network.

AS path prepending is configured using the set as-path prepend statement inside of a route-map. The route-map is then applied to inbound or outbound updates to the desired eBGP peer.

The AS-path prepending does not work on IBGP sessions or when the route-map is used in a network statement. In both cases, the set as-path prepend route map command is ignored without an error message.

In the following example, we are prepending our local AS number twice to the outbound BGP updates.

router bgp 65001
 no synchronization
 bgp log-neighbor-changes
 network 10.1.1.0 mask 255.255.255.0
 neighbor 10.1.2.2 remote-as 65555
 neighbor 10.1.2.2 route-map AS65555_out out
!
route-map AS65555_out permit 10
 set as-path prepend 65001 65001
!

After the changes have been received by your peer, they should be able to see the modified AS path.

Router#show ip bgp
BGP table version is 3, local router ID is 10.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop        Metric LocPrf Weight Path
*>i10.1.1.0/24      10.1.2.1             0    100      0 65001 65001 i

Conclusion

While other methods of path manipulation do exist (including two of my favorites – Conditional BGP Advertisements and BGP Communities) – I wanted to cover the basics in this article and leave the more complicated methods to their own articles. If you have any other methods that you think I should cover, please feel free to leave a comment and I’ll be happy to integrate them into this, or a future article.

Tags :
comments powered by Disqus

Related Posts

HP talks SDN at Interop NYC 2014

HP talks SDN at Interop NYC 2014

I generally try to avoid oversharing when it comes to my thoughts about presentations, but I have to mention that after sitting down with Glue Networks and their “SDN” …

Read More
BPDU – Blog Post Data Unit?

BPDU – Blog Post Data Unit?

My most recently collection of interesting bits of data found out on the blogsphere/internets. Due to my lack of time, I’ve decided to recycle what I find out on the ‘net and share …

Read More
Cisco Viptela drops the ball

Cisco Viptela drops the ball

In 2012, we saw the launch of Viptela, a pioneer in SDWAN network solutions. While they weren’t the first in SDWAN, I believe that badge goes to Talari; Viptela was the …

Read More