How to configure BGP MED Attribute

Thank you Laz. But one more doubt. If we issue the bgp always-compare med command on the router receiving all 3 paths. According to Cisco documentation it states, that by default BGP will only look at the MED if the originating AS is the same. That bahaviour can be changed by using the bgp always-compare med command. This would cause the router to look at the MED(since the AS_PATH is a tie) value eventhough the orginating AS is not the same. In this case regarless of what we put in place of the ? ,it would still choose Path3. For instance, if we have two ASes with subnet 192.168.1.0/30 on their directed connected link, and both ASes want to advertise that network down to their BGP peers. The downstram router which received that route(assuming that the WEIGH to AS_PATH length is a tie). In this case the network is being originated from two differenc ASes, in which the router wont look at the MED since the originating AS is not the same. We can force the downtream route to look the the MED by ussuing the bgp always-compare med. In this case refering back to the image, the placeholder of the ? can be whichever.

Hello John

We must make sure we understand what the phrase “originating AS is the same”. In the table you shared, the AS_PATH indicates that the three paths are learned from different ASes. Path 1 is learned from AS 50, path 2 from AS 20 and path three from AS 10. Note these are the first ASes in each of the AS paths, which means they are the directly connected ASes. AS Path when read from left to right shows the ASes you pass through to get to the destination.

To clarify this, take a look at the following diagram:

R5 advertises the 1.1.1.1/32 network, and AS1 sees three paths:

  • 2 4 via R2
  • 3 4 via R3
  • 3 4 via R4

If those paths are equal, and we reach the MED attribute, then by default it won’t be used to compare the MED between the paths via R3 and R4, because both are advertised to R1 from the same AS, namely AS3. It is the leftmost AS in the AS_PATH that matters for the comparison of MED.

So going back to your scenario, since all three paths are learned from different ASes, the bgp always-compare-med command will make no difference in the behavior. That means that for Path 3, you can put anything you like in the place of the ?, and the MED will choose Path 3. This is true whether bgp always-compare-med is used or not.

I hope this has been helpful!

Laz

Hello, everyone!

Could someone please enlighten me here?
The OCG mentions the following:

An organization may expect its different SPs to advertise a MED value for every prefix. If a MED is missing, the path without a MED is preferred over a path that contains a MED. An organization can modify the default behaviour so that prefixes without a MED are always selected as last

What exactly does this even mean?
An organization may expect the service providers to advertise a MED?

They’ve described this as “Missing MED Behaviour” but I don’t seem to understand the purpose of it at all.

Kind regards,
David

Hello David

Hmm, that’s a bit strange. The phrase “If a MED is missing…” is a bit misleading in my opinion. If no MED is sent, then the default value of 0 is used. For this reason, the rest of the sentence is true: “…the path without a MED is preferred over a path that contains a MED.” If we can say this another way, the path without a MED actually has a MED of 0, and since the lower MED is preferred, that path will be preferred over another one that has a non-zero MED.

I would have phrased the whole thing like so:

“An organization may expect its different SPs to advertise a MED value for every prefix. MED has a default value of 0, so if the MED of a particular prefix is not modified, the path with a MED of 0 will be preferred over a path with a non-zero value, simply because the lower MED is preferred. However, an organization can modify the default behaviour so that prefixes with a MED of 0 are always selected as last.”

The last phrase simply reinforces the fact that MED is considered an optional attribute, so BGP routers are not obligated to honor it, so you can configure your router to ignore MED values completely.

I hope this has been helpful!

Laz

1 Like

Hello Laz

That makes much more sense, thank you. However, one thing that isn’t clear is the “An organization may expect its different SPs to advertise a MED value for every prefix”.

Why and how exactly does this work? As far as I am concerned, MED doesn’t pass between autonomous systems, it’s only sent to the neighboring ones, so how can an organization expect a MED value included in the route advertisements sent by the SPs?

If one of the SP’s customers was to configure MED, only the SP would see that but that attribute would not be passed onto other autonomous systems, would it?

Thank you for your help

David

Hello David

MED is an attribute that can be added to any prefix when being advertised via an eBGP peering. You are correct that MED is non-transitive so it is not conveyed to other ASes. However, your ISP can send you prefixes to which it adds a particular MED using route-maps. So the MED is not necessarily set by the owner of the prefix, but by the AS of your ISP that is directly connected to you.

That is absolutely correct. This does not deter an ISP or an enterprise network for that matter from manipulating the MED for whatever prefix it shares with its directly connected AS neighbors. Does that make sense?

I hope this has been helpful!

Laz

Hello Rene and Laz.

Ever since I covered BGP, I never understood the following OCG explanation related to some further MED configuration?:

Missing MED Behaviour

An organization may expect its different SPs to advertise a MED value for every prefix. If a MED is missing, the path without a MED is preferred over a path that contains a MED. An organization can modify the default behaviour so that prefixes without a MED are always selected as last.

Always Compare MED

The default MED comparison mechanism requires the AS_PATH values to be identical because the policies used to set the MED could vary from AS to AS. This means that the MED can influence traffic only when multiple links are from the same SP. Typically, organizations use different SPs for redundancy. In these situations, the default BGP rules for MED comparison need to be relaxed to compare MEDs between different service providers.

Honestly, I understand very little from this explanation. Why should an organization expect the SPs to advertise a MED value for every prefix? Why would we want to select prefixes without a MED as the last? How does all this work? :smile: I understand that there’s commands like missing-med-as-worst but I never understood how these commands work and when or why would I even want to use them.

That’s all. thank you.

David

Hello David

I agree, the writing is a little bit vague. Let me try to more clearly explain what I believe they are saying.

First of all, everything hinges on the fact that MED, by default, is used as a mechanism to influence incoming traffic into an AS from multiple entry points. By default, the comparison is always done between two or more entry points into the same AS.

This is not a hard and fast rule, but a common practice that you should be prepared for. In this case, MED values are used by the ISPs to influence the inbound traffic (from the ISPs point of view) . By having a MED value for each prefix, ISPs can more effectively manage how traffic is distributed across multiple entry points into their network. This may be a method of attempting to load balance incoming traffic across those multiple entry points. But note, that this makes sense only if that same ISP has two entry points into its AS. See below.

MED is an optional attribute, which means it may or may not be included in the BGP update. When there is no MED, a MED of 0 is assumed, and because lower MED values are preferred, a MED value of 0 will always be preferred over any other value (assuming the MED attribute is the tie-breaker in the path selection). You can indeed modify this behavior by using the missing-med-as-worst keyword. Why would you do this? Well, I’ll tell you shortly.

Now here, what is being said in simpler terms is that by default, MED is only compared between routes that come from the same AS (requires the AS_PATH values to be identical). That’s its purpose. However, because most enterprises will use two or more different ISPs for their multiple connections to the Internet, this by default means that they are coming from two different ASes. Thus, MED will never be compared. If you want to use MED as part of your path selection mechanism, even if that MED comes from different ASes, then you must “relax BGP rules” and compare MED from different ASes.

Here’s a scenario where all of this comes together:

Imagine you have two ISPs, each with a single link to your enterprise network. ISP A chose to use the default behavior of MED and didn’t set a MED for some routes, while ISP B choose to relax BGP rules and added a MED value. By default, routes from ISP A (without MED) would be preferred if MED becomes the tie breaker. However, this may not align with your traffic engineering goals. Using missing-med-as-worst, you can ensure that routes from ISP B, where MED is defined and indicating a specific preference, are chosen first.

This is simply one more mechanism we can use to route BGP traffic, and it can be used based on what you need. In almost all such cases, you would negotiate with your ISPs concerning what kind of BGP attributes they share with your network, and all of this is typically agreed upon beforehand. It’s rare that you’ll see an ISP or an enterprise modify such parameters without having some sort of agreement on paper that states how BGP networks will interface with each other.

I hope this has been helpful!

Laz


If MED is used to tell your neighbour which route the should use to reach your AS. Could you increase the MED value on R1 that is sent to R2, this would be higher than the MED value R3 would send to R2 which would influence the path taken to reach 1.1.1.0/24 from R2?

Hello Harry

Yes, MED is indeed used by an AS to let other ASes know through which router they should route traffic to get to a network inside that AS. You can indeed increase the MED value on R1 and make it a higher MED value than that advertised by R3. That would influence R2’s decision to route traffic destined to the 1.1.1.0/24 network through R1 and not through R3.

I hope this has been helpful!

Laz