mirror of
https://gitlab.com/netravnen/NetworkLabNotes.git
synced 2024-11-29 19:37:53 +00:00
Merge branch '1-bgp-section'
This commit is contained in:
commit
66f0fbe645
|
@ -36,6 +36,7 @@
|
||||||
\newacronym{dwdm}{DWDM}{}
|
\newacronym{dwdm}{DWDM}{}
|
||||||
\newacronym{eap}{EAP}{Extensible Authentication Protocol}
|
\newacronym{eap}{EAP}{Extensible Authentication Protocol}
|
||||||
\newacronym{eapol}{EAPoL}{Extensible Authentication Protocol over Local Area Network}
|
\newacronym{eapol}{EAPoL}{Extensible Authentication Protocol over Local Area Network}
|
||||||
|
\newacronym{ebgp}{eBGP}{Externel Border Gateway Protocol}
|
||||||
\newacronym{ecn}{ECN}{Explicit Congestion Notification}
|
\newacronym{ecn}{ECN}{Explicit Congestion Notification}
|
||||||
\newacronym{eff}{EFF}{Electronic Frontier Foundation}
|
\newacronym{eff}{EFF}{Electronic Frontier Foundation}
|
||||||
\newacronym{eigrp}{EIGRP}{Enhanced Interior Gateway Routing Protocol}
|
\newacronym{eigrp}{EIGRP}{Enhanced Interior Gateway Routing Protocol}
|
||||||
|
@ -62,11 +63,13 @@
|
||||||
\newacronym{https}{HTTPS}{Hyper Text Transfer Protocol Secure}
|
\newacronym{https}{HTTPS}{Hyper Text Transfer Protocol Secure}
|
||||||
\newacronym{iab}{IAB}{Internet Architecture Board}
|
\newacronym{iab}{IAB}{Internet Architecture Board}
|
||||||
\newacronym{iana}{IANA}{Internet Assigned Numbers Authority}
|
\newacronym{iana}{IANA}{Internet Assigned Numbers Authority}
|
||||||
|
\newacronym{ibgp}{iBGP}{Internal Border Gateway Protocol}
|
||||||
\newacronym{icann}{ICANN}{Internet Corporation for Assigned Names and Numbers}
|
\newacronym{icann}{ICANN}{Internet Corporation for Assigned Names and Numbers}
|
||||||
\newacronym{icmp}{ICMP}{Internet Control Message Protocoll}
|
\newacronym{icmp}{ICMP}{Internet Control Message Protocoll}
|
||||||
\newacronym{icmp6}{ICMPv6}{Internet Control Message Protocol version 6}
|
\newacronym{icmp6}{ICMPv6}{Internet Control Message Protocol version 6}
|
||||||
\newacronym{ieee}{IEEE}{Institute of Electrical and Electronics Engineers}
|
\newacronym{ieee}{IEEE}{Institute of Electrical and Electronics Engineers}
|
||||||
\newacronym{ietf}{IETF}{Internet Engineering Task Force}
|
\newacronym{ietf}{IETF}{Internet Engineering Task Force}
|
||||||
|
\newacronym{igp}{IGP}{Interior Gateway Protocol}
|
||||||
\newacronym{igrp}{IGRP}{Interior Gateway Routing Protocol}
|
\newacronym{igrp}{IGRP}{Interior Gateway Routing Protocol}
|
||||||
\newacronym{imap}{IMAP}{Internet Message Access Protocol}
|
\newacronym{imap}{IMAP}{Internet Message Access Protocol}
|
||||||
\newacronym{ios}{IOS}{Internetwork Operating System}
|
\newacronym{ios}{IOS}{Internetwork Operating System}
|
||||||
|
@ -131,6 +134,7 @@
|
||||||
\newacronym{ros}{ROS}{MikroTik RouterOS}
|
\newacronym{ros}{ROS}{MikroTik RouterOS}
|
||||||
\newacronym{rpr}{RPR}{Route Processor Redundancy}
|
\newacronym{rpr}{RPR}{Route Processor Redundancy}
|
||||||
\newacronym{rpr+}{RPR+}{Route Processor Redundancy Plus}
|
\newacronym{rpr+}{RPR+}{Route Processor Redundancy Plus}
|
||||||
|
\newacronym{rr}{RR}{Route Reflector}
|
||||||
\newacronym{rspan}{RSPAN}{Remote Switch Port Analyser}
|
\newacronym{rspan}{RSPAN}{Remote Switch Port Analyser}
|
||||||
\newacronym{rstp}{RSTP}{Rapid Spanning Tree Protocol}
|
\newacronym{rstp}{RSTP}{Rapid Spanning Tree Protocol}
|
||||||
\newacronym{rpvst}{RPVST}{Per Vlan Rapid Spanning Tree}
|
\newacronym{rpvst}{RPVST}{Per Vlan Rapid Spanning Tree}
|
||||||
|
@ -160,6 +164,7 @@
|
||||||
\newacronym{tlv}{TLV}{Type, Length, Value}
|
\newacronym{tlv}{TLV}{Type, Length, Value}
|
||||||
\newacronym{toc}{ToC}{Table of Contents}
|
\newacronym{toc}{ToC}{Table of Contents}
|
||||||
\newacronym{tosdr}{ToS;DR}{Terms of Service; Didn't Read}
|
\newacronym{tosdr}{ToS;DR}{Terms of Service; Didn't Read}
|
||||||
|
\newacronym{ttl}{TTL}{Time-to-live}
|
||||||
\newacronym{udld}{UDLD}{Unidirectional Link Detection}
|
\newacronym{udld}{UDLD}{Unidirectional Link Detection}
|
||||||
\newacronym{udp}{UDP}{User Datagram Protocol}
|
\newacronym{udp}{UDP}{User Datagram Protocol}
|
||||||
\newacronym{ula}{ULA}{Unique Local Address}
|
\newacronym{ula}{ULA}{Unique Local Address}
|
||||||
|
|
|
@ -7,6 +7,9 @@
|
||||||
\section{EIGRP}
|
\section{EIGRP}
|
||||||
\section{RIP}
|
\section{RIP}
|
||||||
\section{Static}
|
\section{Static}
|
||||||
|
|
||||||
|
\newpage
|
||||||
|
|
||||||
\section{BGP}
|
\section{BGP}
|
||||||
|
|
||||||
\wikicommons{BGP_FSM}
|
\wikicommons{BGP_FSM}
|
||||||
|
@ -14,38 +17,93 @@
|
||||||
The protocol of the internet used since 1994.\cite{wiki:Border_Gateway_Protocol}
|
The protocol of the internet used since 1994.\cite{wiki:Border_Gateway_Protocol}
|
||||||
Currently based upon \rfc{4271} with updates following in \rfc{6286} \rfc{6608}, \rfc{6793}, \rfc{7606}, \rfc{7607}, \rfc{7705}.
|
Currently based upon \rfc{4271} with updates following in \rfc{6286} \rfc{6608}, \rfc{6793}, \rfc{7606}, \rfc{7607}, \rfc{7705}.
|
||||||
|
|
||||||
|
\subsection{Properties}
|
||||||
|
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item \itemhead{Properties}
|
\item Uses tcp/179 as \gls{dst} port
|
||||||
\begin{itemize}
|
\item Sends keep-alive message every 1 minute
|
||||||
\item Uses tcp/179 as \gls{dst} port
|
\item Keep-alive message is 19 byte long
|
||||||
\item Sends keep-alive message every 1 minute
|
\end{itemize}
|
||||||
\item Keep-alive message is 19 byte
|
|
||||||
\end{itemize}
|
Be ware if sessions are terminated immediately upon trying to establish connection. Try debugging following points.
|
||||||
\item \itemhead{Route exchange}
|
|
||||||
\begin{itemize}
|
\begin{itemize}
|
||||||
\item \itemhead{Route-maps mechanism}
|
\item tcp/179 is not open,
|
||||||
\begin{itemize}
|
\item random port 1023> is not open,
|
||||||
\item Routes can be aggregated between \Glspl{as}.
|
\item incorrect peer-ip,
|
||||||
\item Properties can be changed on the fly by mathing
|
\item incorrect peer-as.
|
||||||
\begin{enumerate}[label={\alph*)}]
|
\end{itemize}
|
||||||
\item \Gls{bgp} communities,
|
|
||||||
\item \Gls{ip} prefix,
|
\subsection{Route exchange}
|
||||||
\item \Gls{bgp} as-path,
|
|
||||||
\end{enumerate}
|
Exchanging routes between routers is a reliant and tolerant manner is \glspl{bgp} 1-advantage over \gls{ospf}/\gls{isis}/\gls{rip}/\gls{eigrp}.
|
||||||
\end{itemize}
|
|
||||||
\item
|
The sheer tuning and control mechanisms \gls{bgp} can offer is simply astounding. Route-maps is the key and access-lists just one option.
|
||||||
\end{itemize}
|
|
||||||
\item \itemhead{States}
|
\subsubsection[Route-maps]{Route-maps mechanism}
|
||||||
\begin{enumerate}
|
|
||||||
\item Idle: \Gls{bgp} while initializing refuses all incoming connections. Will initiate \Gls{tcp} connection to peer.
|
Route-maps is used to target a select set of routes and either modify/add/remove attributes attached to the select route-set.
|
||||||
\item Connect: Waits for \Gls{tcp} connection. If \Gls{tcp} is established goes to state OpenSent. If \Gls{tcp} is \textit{un}successful ConnectRetry timer is started and then goes to Active state.
|
|
||||||
\item Active: When ConnectRetry counter reaches 0 goes to state Connect.
|
\begin{itemize}
|
||||||
\item OpenSent: Sends \gls{msg} to remote node. Waits for reply \gls{msg} before going to OpenConfirm.
|
\item Routes can be aggregated between \glspl{as}.
|
||||||
\item OpenConfirm: Nodes exchange keepalive \glspl{msg} and goes to Established state if successful.
|
\item Properties can be changed on the fly by matching
|
||||||
\item Established: Nodes can now exchange KeepAlive, Updates, and Notification \glspl{msg}.
|
\begin{enumerate}[label={\alph*)}]
|
||||||
|
\item \Gls{bgp} communities,
|
||||||
|
\item \Gls{ip} prefix,
|
||||||
|
\item \Gls{bgp} as-path,
|
||||||
\end{enumerate}
|
\end{enumerate}
|
||||||
\end{itemize}
|
\end{itemize}
|
||||||
|
|
||||||
|
An simple example of using route-maps is
|
||||||
|
|
||||||
|
\begin{cisco}
|
||||||
|
ip prefix-list 1 permit 172.16.0.0/16
|
||||||
|
ip prefix-list 2 permit 192.168.1.0/24
|
||||||
|
!
|
||||||
|
route-map RED permit 10
|
||||||
|
match ip address prefix-list 1
|
||||||
|
set ip next hop 10.1.1.1
|
||||||
|
continue 20 ! Continues to apply rules normally only
|
||||||
|
! applied to prefix-list 2. To apply to
|
||||||
|
! prefix-list 1, too.
|
||||||
|
! Any attributes set in '20' will
|
||||||
|
! override any set during '10'.
|
||||||
|
route-map RED permit 20
|
||||||
|
match ip address prefix-list 2
|
||||||
|
set ip next hop 10.2.2.2 ! Last rule overrides previous rules from
|
||||||
|
! previous '10' rule-set.
|
||||||
|
\end{cisco}
|
||||||
|
|
||||||
|
When rules from a rule-set is chained together as shown above. The last rule will override all previous set values regarding the attribute being applied. In this case \texttt{next-hop} from 'permit 10' is overridden in 'permit 20'.
|
||||||
|
|
||||||
|
\subsection[States]{BGP States}
|
||||||
|
|
||||||
|
The states is the way \gls{bgp} handles peer/neighbor connection establishing. The \underline{playbook} so to speak.
|
||||||
|
|
||||||
|
\begin{enumerate}
|
||||||
|
\item Idle: \gls{bgp} while initializing refuses all incoming connections. Will initiate \gls{tcp} connection to peer.
|
||||||
|
\item Connect: Waits for \gls{tcp} connection. If \gls{tcp} is established goes to state OpenSent. If \gls{tcp} is \textit{un}successful ConnectRetry timer is started and then goes to Active state.
|
||||||
|
\item Active: When ConnectRetry counter reaches 0 goes to state Connect.
|
||||||
|
\item OpenSent: Sends \gls{msg} to remote node. Waits for reply \gls{msg} before going to OpenConfirm.
|
||||||
|
\item OpenConfirm: Nodes exchange keepalive \glspl{msg} and goes to Established state if successful.
|
||||||
|
\item Established: Nodes can now exchange KeepAlive, Updates, and Notification \glspl{msg}.
|
||||||
|
\end{enumerate}
|
||||||
|
|
||||||
|
\subsection[iBGP]{Internal Border Gateway Protocol}
|
||||||
|
|
||||||
|
\gls{ibgp} is running \gls{bgp} within the same \gls{as} between routers. Much like running a general \gls{igrp} in the network.
|
||||||
|
|
||||||
|
Tradition one has to be fearful of creating \textit{routing loops} in the network. \glspl{bgp} mechanism for this is using either \begin{mylist} \item Full Mesh, or \item \glspl{rr} \end{mylist}.
|
||||||
|
|
||||||
|
Problems by running \textit{Full Mesh} is the formula of \[ iBGPsessions = n*(n-1)/2 \] \note{where $ n $ is the number \gls{ibgp} speakers} which results in scaling problems as \gls{ibgp} speakers are added to the \gls{as}.
|
||||||
|
|
||||||
|
\textit{\glspl{rr}} solves this problem by peering with all \gls{ibgp} speakers in the \gls{as}. All \gls{ibgp} speakers are then clients of the \glspl{rr}. This in turn helps maintainability by also advertising routes learnt from \gls{ibgp} clients to clients. Classic filtering/mathing route-maps/prefix-filters can be used to \textit{not} advertise all routes select group of clients from the \glspl{rr}.
|
||||||
|
|
||||||
|
\subsection[eBGP]{External Border Gateway Protocol}
|
||||||
|
|
||||||
|
\gls{ebgp} connections is inherently different from \gls{ibgp} connections. Some assumptions are made such as
|
||||||
|
\begin{enumerate}
|
||||||
|
\item a \gls{ttl} of 1 is the default\footnote{Multi-hop \gls{ebgp} can thou be configured and therefore increase the max-\gls{ttl} value},
|
||||||
|
\item distance is set to 20 compared to 200 for \gls{ibgp} routes,
|
||||||
|
\item Next hop does \textit{not} change for \gls{ebgp} routes advertised to \gls{ibgp} neighbours \textit{by-default}\footnote{Often times it is necessary to tell a router to set itself as the next-hop before advertising to \gls{ibgp} neighbours}.
|
||||||
|
\end{enumerate}
|
|
@ -132,6 +132,11 @@ License: \texttt{\href{https://creativecommons.org/licenses/by-sa/3.0/}{CC BY-SA
|
||||||
\newcommand{\rfc}[1]{RFC #1\footnote{\href{https://tools.ietf.org/html/rfc#1}{tools.ietf.org/html/rfc#1}}}
|
\newcommand{\rfc}[1]{RFC #1\footnote{\href{https://tools.ietf.org/html/rfc#1}{tools.ietf.org/html/rfc#1}}}
|
||||||
|
|
||||||
|
|
||||||
|
% Usage: \note{<text>} or \nb{<text>}
|
||||||
|
\newcommand{\note}[1]{{\color{Mahogany!20!black}{\small(#1)}}}
|
||||||
|
\newcommand{\nb}[1]{\note{#1}}
|
||||||
|
|
||||||
|
|
||||||
% Usage:
|
% Usage:
|
||||||
% https://tex.stackexchange.com/a/75349
|
% https://tex.stackexchange.com/a/75349
|
||||||
\newcommand{\plaintextinput}[1]{\lstinputlisting[language={},style=plaintxt]{code/#1.txt}}
|
\newcommand{\plaintextinput}[1]{\lstinputlisting[language={},style=plaintxt]{code/#1.txt}}
|
||||||
|
|
|
@ -2,16 +2,16 @@
|
||||||
author = "Hector Camba Lainez",
|
author = "Hector Camba Lainez",
|
||||||
title = "Cap4 implementing vtp",
|
title = "Cap4 implementing vtp",
|
||||||
year = "2010",
|
year = "2010",
|
||||||
url = {https://www.slideshare.net/lucky0679/cap4-implementing-vtp},
|
url = {\url{https://www.slideshare.net/lucky0679/cap4-implementing-vtp}},
|
||||||
note = "[Online; accessed 22-May-2017]"
|
note = "[Online; accessed 22-May-2017]"
|
||||||
}
|
}
|
||||||
|
|
||||||
@misc{ web:SP_Tiers,
|
@misc{ web:SP_Tiers,
|
||||||
author = "Orhan Ergun",
|
author = "Orhan Ergun",
|
||||||
title = "{Tier 1,Tier 2 and Tier 3 Service Providers - Tier and BGP Peering} --- Orhanergun.net",
|
title = "{Tier 1,Tier 2 and Tier 3 Service Providers - Tier and BGP Peering} --- Orhanergun.net",
|
||||||
year = "2017",
|
year = "2017",
|
||||||
howpublished = {\url{https://orhanergun.net/2017/01/tier-1-tier-2-tier-3-service-providers/}},
|
howpublished = {\url{https://orhanergun.net/2017/01/tier-1-tier-2-tier-3-service-providers/}},
|
||||||
note = "[Online; accessed 17-June-2017]"
|
note = "[Online; accessed 17-June-2017]"
|
||||||
}
|
}
|
||||||
|
|
||||||
@misc{IPv6Pack77:online,
|
@misc{IPv6Pack77:online,
|
||||||
|
@ -31,3 +31,12 @@
|
||||||
year = {2010},
|
year = {2010},
|
||||||
note = {(Accessed on 07/23/2017)}
|
note = {(Accessed on 07/23/2017)}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@misc{ Differen15:online,
|
||||||
|
author = {\url{http://www.differencebetween.com/author/root/}{Andrew}},
|
||||||
|
title = "Difference Between EBGP and IBGP",
|
||||||
|
howpublished = {\url{http://www.differencebetween.com/difference-between-ebgp-and-vs-ibgp/}},
|
||||||
|
month = "September",
|
||||||
|
year = "2011",
|
||||||
|
note = "[Online; accessed on 24-June-2017]"
|
||||||
|
}
|
|
@ -191,7 +191,7 @@
|
||||||
\geometry{a4paper,margin=1.5cm}
|
\geometry{a4paper,margin=1.5cm}
|
||||||
\setlength{\columnsep}{1.5cm} %space between columns
|
\setlength{\columnsep}{1.5cm} %space between columns
|
||||||
\setlength{\headheight}{15pt}
|
\setlength{\headheight}{15pt}
|
||||||
\setlength{\footnotesep}{0.5cm} %space between footnotes:
|
\setlength{\footnotesep}{1mm} %space between footnotes:
|
||||||
\setlength{\skip\footins}{2cm} %space between the text body and the footnotes
|
\setlength{\skip\footins}{2cm} %space between the text body and the footnotes
|
||||||
\setlist[itemize,1]{leftmargin=\dimexpr 26pt-.2cm}
|
\setlist[itemize,1]{leftmargin=\dimexpr 26pt-.2cm}
|
||||||
\setlist[itemize,2]{leftmargin=\dimexpr 26pt-.3cm}
|
\setlist[itemize,2]{leftmargin=\dimexpr 26pt-.3cm}
|
||||||
|
@ -273,3 +273,8 @@
|
||||||
\renewcommand{\footnote}[1]{%
|
\renewcommand{\footnote}[1]{%
|
||||||
\renewcommand\footnotesize\scriptsize % here there is scriptsize in footnotes (example)
|
\renewcommand\footnotesize\scriptsize % here there is scriptsize in footnotes (example)
|
||||||
\origfootnote{#1}}
|
\origfootnote{#1}}
|
||||||
|
|
||||||
|
|
||||||
|
% https://tex.stackexchange.com/a/146312
|
||||||
|
\newlist{mylist}{enumerate*}{1}
|
||||||
|
\setlist[mylist]{label={\alph*)},font={\color{red!25!black}\bfseries}}
|
||||||
|
|
Loading…
Reference in a new issue