How Border Gateway Protocol is implemented
In the previous section, we have answered questions related to BGP’s working with the autonomous system and RIR.
In this section, we will learn to implement the Border Gateway Protocol and examine its working for a broader purpose.
The implementation of Border Gateway Protocol (BGP) is divided into two sections: protocols and peering relationships.
BGP itself is a protocol that exchanges routing information across networks on the internet. It is also a protocol used between the ISP. BGP establishes a stable connection with internetworks of Autonomous System by utilising the arbitrary topology.
The only requirement in BGP’s scenario is that at least one router of each Autonomous System should run BGP so that it further gets connected to another router of AS to run BGP. Eventually, a BGP-based network is established onto the internet.
The main purpose of BGP is to exchange information amongst other BGP systems.
BGP accomplishes the peering relationship based on the following three functions:
- Acquisition & Authentication: Both of these peers will establish a TCP connection to exchange information to guarantee agreed communication.
- Positive or Negative: Peer will focus on whether there’s a need to send positive or negative reach-ability information to the system.
- Verification: This last function will verify that all the peers have a stable, operational network connection and are functioning correctly.
How to Configure Border Gateway Protocol (BGP)
For configuration, we will utilise Vyatta as the routing platform.
Once you have established a stable connection (cross-connect) to your router, you’re good to go for BGP configuration.
In order to configure BGP, you must have the following information:
- Upstream ASN (Autonomous System Number)
- IP Address assigned by the Upstream
- ASN
- Address Space for the internet
We will also use the following configuration information to proceed further with the practical example.
- Private Address Space – for the prefix to be announced to the internet
- Private Address Space – for carriers IPs, Private ASNs and customers
To illustrate the example, we have gathered the following routing information:
- Upstream ASN: 65000
- Carriers IP: 10.1.1.1/30
- Customer IP: 10.1.1.2/30 (Assigned by the carrier)
- Customer ASN: 65001
- Prefix: 10.10.10.0/24 (to the internet)
Keep in mind that this information will differ in a real-time scenario.
Similar to Vyatta, other NOS (Network Operating Systems) consists of several steps to establish a secure BGP peering relationship.
4 Steps to Configure Border Gateway Protocol (BGP)
Step 1: BGP Prefix List Configuration
If the BGP prefix list is not brought up early, then the BGP will automatically import routes randomly being sent to your router. Therefore, configuring the BGP prefix-list should be done at first. Even if you do it later, it won’t be an issue because the carrier will ask you about this before the circuit provision. Therefore, configuring the prefix list is more important than configuration neighbour information.
Here are the configuration mode commands:
set policy prefix-list EXPORT-AS65000 rule 10 action permit
set policy prefix-list EXPORT-AS65000 rule 10 prefix 10.10.10.0/24
set policy prefix-list EXPORT-AS65000 rule 10 description “Announce my prefix to the internet”
commit
And here’s how the aforementioned commands work.
- We have created a prefix-list in the first command and called it EXPORT-AS65000.
- In the second command, we have matched with the network 10.10.10.0/24.
- In the third command, we have simply allowed the prefix to be announced
In the example, we have only used one rule prefix. You can have more than one rule prefix depending upon the requirement. Since BGP imports all routes sent to it automatically, we will be importing routes randomly from our upstream provider.
Step 2: BGP Neighbour Configuration
Once you’ve defined the prefix-list that you want to be announced to the neighbour. Now you may configure the BGP neighbour.
For that, use the following commands in a configure mode:
set protocols bgp 65001 neighbor 10.1.1.1 remote-as 65000
set protocols bgp 65001 neighbor 10.1.1.1 soft-reconfiguration inbound
set protocols bgp 65001 neighbor 10.1.1.1 prefix-list export EXPORT-AS65000
set protocols bgp 65001 neighbor update-source 10.1.1.2
commit
Here’s the functionality of the aforementioned commands:
- The first command tells the BGP about the neighbour’s IP address that is 10.1.1.1. We also set the remote-as to 65000 because that is the ASN of our carrier.
- The second command ‘refresh’ the RIB (Routing Information Base) for BGP process without resetting it. The reason being, in reset, the traffic and session get dropped during the time when the neighbour reconnects.
- The third command allows the neighbour to use the EXPORT-AS65000 prefix list.
- The fourth command sets 10.1.1.2 as the source interface for BGP updates.
The reason why we have used the soft-reconfiguration command is that it is very helpful during BGP peering session. It also makes easier to make changes such as removing an existing prefix or announcing a new prefix.
Furthermore, you will see the BGP neighbour session start once you commit the configuration. You can use the following command in order to check it:
run show ip bgp summary
Here’s how the BGP neighbour session will look like:
BGP router identifier 10.1.1.2, local AS number 65001
IPv4 Unicast - max multipaths: ebgp 1 ibgp 1
RIB entries 1, using 64 bytes of memory
Peers 1, using 2524 bytes of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.1.1.1 4 65000 22 31 0 0 0 00:17:17 0
You can see that there are no routes being imported because this is an example configured in a lab. Therefore, we have not created prefixes to be imported into our router.
Step 3: Set a Static route to blackhole/null0
In order to advertise routes in the routing table, you must set the static route to blackhole or null0. That’s one useful way to do it. We do that for the prefix that we are creating to the internet.
Therefore, use the following command to add a static route to blackhole:
set protocols static route 10.10.10.0/24 blackhole
commit
Step 4: Announcing the prefix into BGP
This is the final step where you will announce the prefix by entering the BGP network command. It will tell the BGP about the network to be advertised. Following is the command:
set protocols bgp 65001 network 10.10.10.0/24
commit
After this, advertised networks from customer router to the carrier router should appear. You can also confirm the result by entering the following command on the customer router:
show ip bgp neighbors 10.1.1.1 advertised-routes
If done correctly, you will see the following output on your screen:
BGP table version is 0, local router ID is 10.1.1.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/24 10.1.1.2 0 32768 i
Total number of prefixes 1
You can also check whether the carriers router is receiving our prefixes or not with the following command:
vyatta@Carrier:~$show ip bgp neighbors 10.1.1.2 received-routes
Remember, you won’t have access to the upstream router to verify. There are certain websites where you can check the upstream router.
Here’s the final end-result (from carriers router) will look like:
BGP table version is 0, local router ID is 10.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.10.10.0/24 10.1.1.2 0 0 65001 i
Total number of prefixes 1
Above you can see a successful BGP peering session that we established by advertising our prefix to our upstream that passed onto the internet.