Introduction to BGP

Thank you for the reply Laz

1 Like

Hi Rene, thanks for this other lesson. I tried accessing the Looking Glass servers in the US but could not find how to do it. When I click on the links provided, nothing happens. How do I proceed to telnet into these servers? Are there IP addresses I can use to telnet into the servers? If yes, how can I find them? Can I use putty or Xshell to telnet into the servers?
Thank you

Hello Yannick

Hmm, that’s strange. I’m able to see the looking-glass site from both Europe, where I am, but also from a US IP address… I’m not sure why you’re not able to see it. When you click on the link you say nothing happens, but what error message is displayed? Try clicking on this link (it’s the same one as the lesson) and let us know what you see:

To help you quickly get access, here’s what you see when you scroll down all the way to “Category 2 – IPv4 and IPv6 BGP Route Servers by region (TELNET access)”


Here is a quick and dirty copy and paste of the Telnet links for those particular BGP route servers…

Region	BGP Route Server (TELNET access)	ISP / IXP website
Australia	SingTel/Optus Route Server	optus.net.au
	$ telnet route-views.optus.net.au	
Canada	Group Telecom / Bell Canada Eastern Route Server	gt.ca
	$ telnet route-server-east.gt.ca	
Canada	Group Telecom / Bell Canada Western Route Server	gt.ca
	$ telnet route-server-west.gt.ca	
Canada	Telus Eastern Route Server	telus.com
	$ telnet route-views.on.bb.telus.com	
Canada	Telus Western Route Server	telus.com
	$ telnet route-views.ab.bb.telus.com	
Canada	Videotron Route Server	videotron.net
	$ telnet route-server.videotron.net	
Switzerland	Sunrise/TDC Route Server	sunrise.ch
	$ telnet routeserver.sunrise.ch	
Germany	BelWü Route Server	belwue.de
	$ telnet route-server.belwue.de	
Germany	QSC/Broadnet Route Server	qsc.de
	$ telnet route-views.bmcag.net	
Germany	Tinet International Route Server	tinet.net
	$ telnet route-server.tinet.net	
Europe	Global Crossing European Route Server	gblx.net
	$ telnet route-server.eu.gblx.net	
Finland	EUnet Finland Route Server	eunet.fi
	$ telnet route-server.as6667.net	
France	OpenTransit/France Telecom Route Server	opentransit.net
	$ telnet route-server.opentransit.net	
Italy	Playnet Route Server	playnet.it
	$ telnet route-server.playnet.it	
Luxembourg	root S.A. Route Server	root.lu
	$ telnet rs.as5577.net	
Netherlands	SixXS IPv6 GRH Route Server	sixxs.net
	$ telnet grh.sixxs.net	
Romania	Evolva Telecom Route Server	evolva.ro
	$ telnet route-server.ipilink.net	
United Kingdom	COLT Telecom Route Server	colt.net
	$ telnet route-server.colt.net	
United States	AT&T IP Services Route Server	att.com
	$ telnet route-server.ip.att.net	
United States	AT&T/CerfNet Route Server	cerf.net
	$ telnet route-server.cerf.net	
United States	Global Crossing Route Server	gblx.net
	$ telnet route-server.gblx.net	
United States	Host.net/BroadbandONE Route Server	host.net
	$ telnet route-server.host.net	
United States	Hurricane Electric Route Server	he.net
	$ telnet route-server.he.net	
United States	Oregon Exchange Route Server	oregon-ix.net
	$ telnet route-views.oregon-ix.net	
United States	SAVVIS Route Server	savvis.net
	$ telnet route-server.savvis.net	
United States	Time Warner Telecom Route Server	twtelecom.net
	$ telnet route-server.twtelecom.net	
South Africa	IS South Africa Route Server	is.co.za
	$ telnet public-route-server.is.co.za	
South Africa	South African IX Route Server	saix.net
	$ telnet tpr-route-server.saix.net

In the meantime, please let us know what kind of error you see when the link fails so that we can attempt to resolve the issue for you and for all of our users.

I hope this has been helpful!

Laz

Hi Team,
I am trying to understand BGP and IGP by thinking of some real life scenarios.
I have not come across any configuration of IGP such as OSPF/EIGRP or BGP while configurating corporate network so it’s a bit difficult for me to get the image.
Could you give me some examples of how we use IGP and BGP in real life?

Hello Po

Here are some links to resources that will help you understand the difference between IGPs such as OSPF and EIGRP, and EGPs such as BGP.

Some posts that will also help:

I hope this has been helpful!

Laz

Perfect! Thank you Rene

1 Like

Hi Rene,

Thank you for your clear explanation. My understanding that eBGP giving us visibility on the entire Internet networks and we can send traffic to both ISP links by changing the attributes instead of ECMP 50/50 + the benefits of seeing AS paths.

In the scenario of SD-WAN, we can do load balancing based on weight, volume, bandwidth, latency…etc and share 80/20 for example + proute for specific destinations going out the link you choose. What would be the benefits of using eBGP in this scenario? Let’s assume it is dual homed design.

Please correct me if my understanding is not clear.

Kind regards,
Amine

Hello Amine

BGP is definitely able to deliver much more flexible routing capabilities compared to the ECMP that other routing protocols deliver. However, this is not due to the fact that it has visibility of the full Internet routing table. It is actually because of the fact that the BGP attributes used for routing are very granular in nature, and are highly configurable. It is these attributes that make BGP so flexible.

Here you are comparing SD-WAN to BGP. These are two distinct technologies that deliver different functionality, but can both be used to help load balance traffic across multiple paths.

SD-WAN is typically used to interconnect multiple remote sites using multiple WAN links. The load balancing here is achieved using an overlay network that is running on top of an underlay network, and it is the various components of the SD-WAN infrastructure that deliver this load balancing. But load balancing is only a very small part of what SD-WAN is designed to deliver.

BGP on the other hand can be used not only for interconnectivity of remote sites, but for internet routing in general, as well as on the edge of your network, when connected to multiple ISPs. How this can be achieved is detailed further in the following lesson:

SD-WAN and BGP are too different to compare directly. They can both load balance, however, this is done in such different scenarios that they cannot be directly compared.

I hope this has been helpful!

Laz

Hello guys,

Can someone explain me how configure BGP flowspec?

Hello Javier

Flowspec (Flow Specification) is a feature that provides a way to perform traffic filtering and rate-limiting based on specific flow characteristics, such as source and destination IP addresses, IP protocol, source and destination ports, and more. It is defined in the IETF standard RFC 5575 and extended by RFC 7674.

Flowspec allows network operators to distribute traffic filtering and rate-limiting rules across their network using BGP, which can help mitigate the impact of DDoS attacks and other unwanted traffic patterns.

When Flowspec is enabled, the router receives specially-formatted BGP Network Layer Reachability Information (NLRI) messages containing the flow characteristics and the desired actions to apply to the matching traffic. The router then uses this information to dynamically create and apply traffic filtering and rate-limiting policies.

To configure Flowspec on a Cisco IOS router, you need to enable BGP, configure a BGP session with a neighbor, and configure BGP policy templates with the desired traffic filtering and rate-limiting actions. Additionally, you may need to enable Flowspec client functionality and configure the router to accept and install Flowspec routes.

For a more detailed description of how to configure this Cisco documentation:

https://content.cisco.com/chapter.sjs?uri=/searchable/chapter/content/en/us/td/docs/routers/ncs6000/software/ncs6k-r7-0/routing/configuration/guide/b-routing-cg-ncs6000-70x/b-routing-cg-ncs6000-70x_chapter_011.html.xml

I hope this has been helpful!

Laz

Hi Rene
if we wanted to send 80% of the outgoing traffic on the primary link and 20% down the backup link? That’s not going to happen here but with BGP it’s possible.” then yeah?Can you show us in practical LAB.

Regard
Naseri

Hello Mohamad

The process of optimizing and controlling traffic flow within a network based on the BGP protocol is called BGP traffic engineering. It is possible with various techniques to achieve very granular manipulation of traffic including getting an 80/20 split of traffic across two links.

There are several ways you can approach this. The simplest is probably using AS-Path prepending.

You can configure a primary and secondary BGP peering with two neighbors, create a route-map that will prepend the local AS number multiple times, and apply the route-map to the secondary BGP peering. Now the traffic behavior will depend upon how many times you prepend your own AS. If you prepend it four times, the secondary path will appear less preferable to other ASes, and they will prefer the primary path. The result is an approximation to an 80/20 split of traffic.

Keep in mind that BGP traffic engineering depends on the routing decisions of other ASes, so it’s not possible to guarantee an exact 80/20 split. You’ll need to monitor the traffic and adjust the configuration as needed to achieve the desired distribution. Additionally, always coordinate with your neighboring ASes to make sure your traffic engineering policies are effective and aligned.

Another way is to use the dmzlink-bw feature that Rene mentioned in his post. It allows you to configure BGP to distribute traffic proportionally to the bandwidth of external links. This command is configured for multipath load balancing between directly connected external BGP (eBGP) neighbors. You can find out more information about how it can be implemented at this Cisco command reference.

https://www.cisco.com/c/en/us/td/docs/ios/iproute_bgp/command/reference/irg_book/irg_bgp1.html#wp1113968

I hope this has been helpful!

Laz

Hello!

I have a quick question about these three options.
"We can use BGP to advertise our address space to the ISPs but what are the ISPS going to advertise to our customer through BGP? There are a number of options:

1. They advertise only a default route.
2. They advertise a default route and a partial routing table.
3. They advertise the full Internet routing table.

Is this something that we would have to discuss with our ISP and inform them about what exactly we want them to advertise?

Hello David

Yes, this is something that you’ll discuss with your ISP. Typically, the ISP will have a default behavior that they configure on all their implementations, and that is typically delivering just a default route. This is the simplest and most basic configuration. However, any deviation from that will be discussed further with your ISP.

BGP is a protocol that requires communication between the entities to which particular ASes belong, whether those ASes belong to entities on the Internet or private enterprises.

I hope this has been helpful!

Laz

Hello Laz, I apprecitate your help here!

I have one more question.

Instead of using public IP addresses from the ISP we will get our own public IP addresses.The IP address space is maintained by IANA (Internet Assigned Numbers Authority – http://www.iana.org/ ). IANA is assigning IP address space to a number of large Regional Internet Registries like RIPE or ARIN. Each of these assign IP address space to ISPs or large organizations.

So instead of using a public IP from an ISP, we can just register our own block from the RIRs. However, from what I’ve heard, aren’t most of these RIRs already out of IP addresses due to the IPv4 address shortage problem? If RIRs like ARIN are out of IP addresses, how do we get our own IPv4 address block that we can advertise?

Thank you in advance for your help.

Kind regards,
David

Hello David

Indeed, RIRs are running out of IPv4 addresses. Today it is very difficult to get one let alone a block of IPv4 addresses. I know of one particular company that had asked for a /24 IPv4 block from ARIN, and it took over two years to fulfil their request. And they paid A LOT for the range. This was back in 2020. I doubt you can register such a large block today.

But the logic of the text can be applied to IPv6 addresses as well, which are freely available, so it still stands.

I hope this has been helpful!

Laz

Can i use same BGP AS number but with different network(advertise) from different independent locations and connect to a BGP network Cloud

Hello Shaji

What you are describing is called a discontiguous AS. In BGP, discontinuous ASes refer to the situation where an AS is separated into multiple non-contiguous segments. These segments are not directly connected to each other and may be separated by networks belonging to other ASes just like in your diagram. This scenario can occur due to various reasons such as mergers and acquisitions, strategic networking decisions, or geographic distribution.

Managing such setups requires certain considerations when designing the network including:

  • Routing Policies: Careful design of routing policies is essential to ensure consistent and efficient routing between the different segments of the discontiguous AS.
  • Inter-AS Connectivity: Connectivity between the different segments of a discontiguous AS is typically established through other ASes. This requires appropriate peering or transit arrangements with the ASes that lie in between.
  • BGP Configuration: The BGP configuration must account for the fact that the AS segments are not directly connected. This includes the use of BGP attributes like AS_PATH and NEXT_HOP to manage how routes are advertised and received.
  • Potential Challenges: Discontiguous ASes can present challenges in terms of routing complexity, increased dependency on intermediate ASes for connectivity, and potential for suboptimal routing paths.

Although technically speaking such a setup is feasible, it is generally avoided because of the added complexity of network management.

I hope this has been helpful!

Laz

Hi Rene,
I have a quick question for you. Please find the picture that I had drawn, before answering the questions…

Question-1:>>>>
Suppose Intel has 5 different branches. Each of the Intel branches are connected to their local ISP.
Intel-Ireland, Intel-Arizona, Intel-China, Intel-India — they all should have same AS number or different AS number?


Question-2:>>>> When Intel-Ireland will communicate with Intel-Arizona, they will use IGP protocol (like OSPF/EIGRP/IS-IS) or not?


Question-3:>>>>

In OSPF, we divide into areas to seperate LSA flooding zones.
The areas will be like:
Intel-Ireland - Backbone area (area0)
Intel-Arizona - area1
Intel-China - area2
Intel-India - area3

OR Intel-Ireland divided into different areas?


Question-4:>>>>
We use iBGP (Interior BGP) mainly inside transit AS… right? like transit ISP?
I know, but not 100% sure. please comment on it. I want to make sure whether my understanding is correct or not.


Hello Koushik

If the ISP is providing you with public ASNs, then it’s not a good idea to have the same ASN in all locations, because public ASNs should be geographically specific. There may be inefficient routing issues if you do that. However, if you’re using private ASNs then you can have the same ASN at each location if you choose to. Whether you do it or not depends on what you want to achieve. In this lesson, you can see an example of an MPLS topology where the two remote sites use the same ASN. In this case, you must use the Allow-AS-In feature of BGP. In this lesson, you have a similar topology but with different ASNs at each location.

I assume your question has to do with the internal network of the Intel organization, correct? You will typically have an IGP configured at each location, however, your routes will be shared with eBGP. In addition, the MPLS network uses an IGP as well, it can use OSPF however, IS-IS is the more common IGP used by ISPs. It may also be configured with BGP as well, although that is less common. So to answer your question, it depends on what IGP is configured and where that IGP is configured, but yes an IGP will typically be configured for this purpose.

I assume again that you are talking about the routing within the Intel organization (and not that on the MPLS network). If that is the case, and you want to use OSPF, the best practice is typically to create a different OSPF instance at each remote location and not multiple OSPF areas of the same OSPF instance. The OSPF instance in Ireland will redistribute its routes into eBGP, and so will each OSPF instance at each location. So there is no direct exchange of OSPF LSAs between locations. You can see an example of such a topology in this lesson.

iBGP is used within an AS. It is by definition BGP peerings that take place between BGP routers with the same AS, regardless of whether it is a transit AS or not.

Much of what you are asking is covered in the MPLS course which includes topologies similar to the one you describe in your post. I suggestion going over these lessons to more fully understand the details of such topologies.

I hope this has been helpful!

Laz