Wednesday 2 January 2019

BGP Series 7: Injecting Routes into BGP- network, redistribution, route summarization

Injecting Routes into BGP:

  • 3 Primary ways to inject routes into BGP:

    • Using the BGP ‘network’ command
    • Using redistribution
    • By using route summarization

  • There is a key thing to remember wrt bgp. Bgp is primarily designed to take routes from IGP routing table, convert them to bgp routes and send them away to its neighbors. In IGP, if I want to advertise a route that was learnt via another IGP, we need to use redistribution. BGP has other alternatives as well apart from redistribution

  • network command:

    • ‘Network’ command for bgp is different from other IGPs

    • In IGP, if we use ‘network ’, it does 4 different things for a single ‘network’ command:

      • img

    • The behaviour of ‘network’ command in BGP is completely different

      • Nothing to do with any of the above 4 points in BGP
      • The ‘network’ command is NOT used to enable bgp on interfaces
      • What it actually does is it goes into its routing table and looks for non-bgp routes that match the network command, regardless of whether that route was static, OSPF or ISIS
      • If there was any route matching it, I have permission to put that route into my bgp table and possibly advertise it to my neighbors.

    • Now, in bgp, the command to use ‘network’ to add routes to bgp is ‘network []’

      • We see that providing subnet mask is optional

      • But, the behaviour is very different on whether we are giving the subnet mask or not in network command in bgp

      • If the ‘mask’ is not provided, then, the route is assumed as classsful network mask

        • What that means is it considers the provided prefix as either class A (first octet 1-126), B (128-191), C (192-223) or D (224-239). Only if a route matches it in routing table, it will send it via bgp
        • For example, say, we have a connected route 13.13.13.13/32 in our routing table as connected route and we use ‘network 13.0.0.0’, then, bgp takes it as classful addressing and it knows that 13.0.0.0 falls under class-A range which means it looks for 13.0.0.0/8 route, but, he doesn’t have it in his routing table
        • So, if we do a ‘show ip bgp’, we will not see that route in our bgp table
        • Now, say we change the interface IP to 13.13.13.13/8, then, in our routing table it will show up as 13.0.0.0/8 which will be exact match for the network command. So, we can see that route in our bgp table
        • Now, lets say, we have an interface ip as 15.15.0.13/16 and network command as ‘network 15.15.0.0’, then, though the network command includes the 15.15.0.0/16 subnet, bgp will not take that route since bgp knows that 15.X falls under class-A range. Because, since we gave network 15.15.0.0 instead of 15.0.0.0, it couldn’t decide on the subnet mask.

      • In order to get bgp to include any classless network, we need to specify the subnetmask as well with the ‘network’ command. In this case, we should use ‘network 15.15.0.0 255.255.0.0’

    • In network command, by default auto-summary is disabled.

    • auto-summary:

      • It is configured with ‘auto-summary’ under ‘router bgp’
      • If we have a network command with prefix and subnetmask, then, irrespective of whether auto-summary is disabled/enabled, it works exactly the same
      • If network statement is without mask (.ie. classful addressing), it is where things get tricky
      • img
      • So, without auto-summary, if any exact match for that classful route existed we add it to bgp.
      • But, WITH auto-summary configured, we also need to have a subset of that classful network and only then we will add that route to bgp→ so additional condition needs to be satisfied
      • So, let’s take an example of ‘network 128.1.0.0’ and advertise ‘128.1.0.5/16’ via OSPF to this router, and if we enable auto-summary, then, though a route in routing table matches the classful address, it will not be added to bgp since there is no subset route of 128.1.0.0/16. Now, if we add a loopback having ip address 128.1.25.0/24, then, this route will be added to bgp since 128.1.0.0/16 has a subset network.

  • Redistribution:

    • Say I got the subnet 30.30.0.0/16 from my ISP. I have subnetted it into thousands of subnets and the original subnet is not even part of my routing table since I have subnetted it
    • How do we advertise all these subnets into BGP without summarizing? Two ways: we can type all the thousand subnets via ‘network’ command (OR) redistribute the IGP into BGP
    • But, this brings us to the question...Why should the bgp neighbor know all my subnets, why can’t I just send the original 30.30.0.0/16 subnet→ which is correct thought.
    • But, the problem is if we use ‘network 30.30.0.0/16’ and bgp checks in our routing table, it will not find a route and thus not advertise it
    • In order to overcome it and add the summarized routed to bgp, we can do it by adding a NULL static route
    • We can do it by adding the static route on our eBgp border router: ‘ip route 30.30.0.0/16 null0’ and then if we do a ‘network 30.30.0.0/16’ , bgp will take the summarized route and advertise it via bgp
    • It makes life simple since one network statement sends all of our routes as a single update
    • img
    • We could have also done ‘redistribute static’ in ‘router bgp’ after adding the null static route→ but, there is a big difference in how bgp treats routes originating via network command and routes that are redistributed into bgp
    • For same route, route originating via network command is given preference

  • Route Summarization/ Aggregation:

    • To configure bgp summarization/aggregation, use ‘aggregate-address / [summary-only]’

    • The prefix/subnetmask above is the summary route that will be advertised

    • The ‘summary-only’ optional keyword is used when subordinate routes do not need to be advertised with the summary route

    • Example:

      • Let us consider a router R1 which is getting 128.0.18.16/29 via RIP (IGP protocol) and has two loopbacks 128.0.11.11/24 and 128.0.15.15/24
      • Now, if we check in routing table, it will be shown as 128.0.0.0/16 has 3 subnets→ above 3
      • Now, under router bgp, if we do a ‘aggregate address 128.0.0.0/16’ to advertise them as a /16 prefix, then, does it take these routes from routing table and advertise it via BGP like the network command did? NO, it does not
      • In order for bgp to advertise the summarized routes, we still need to use the network command (or) redistribute those routes into bgp. So, aggregate-address cannot work alone to inject routes into bgp...It needs to be used along with network or redistribution. It will just summarize those routes instead of sending separate routes

    • Summary-Only: Also, we can see additional options after ‘aggregate address 128.0.0.0/16 ?’ like summary-only, ...

      • Normally, if we don’t include ‘summary-only’ keyword and just used the aggregate-address command, what happens is it will send the summarized routes, but will also send the specific routes
      • If we only want to send the summarized routes and not the specific routes, we need to include the summary-only keyword

    • Now, after we include ‘redistribute RIP’ and ‘redistribute connected’ in ‘router bgp’, if we check ‘show ip bgp’, we can see the summarized route of 128.0.0.0/16 as well as individual subnets

    • If we include ‘summary-only’ in ‘aggregate-address’, then, if we check ‘show ip bgp’, we can still see the specific routes along with the summarized route, but they will be marked as ‘s’ which means they are ‘suppressed’ and will not be sent out to neighbors. Only the summarised route is marked as ‘valid’

    • img

    • If we check on our bgp neighbor, we can only see the summarized route

Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)