What is the Border Gateway Protocol(BGP)?

-


BGP








Border Gateway Protocol or BGP is an exterior gateway routing protocol or EGP. Exterior Gateway Routing Protocols are routing protocols used to route between autonomous systems. An autonomous system is just a way of saying a set of routers under a single administration. So, BGP is used to route between different autonomous systems, like between service providers as an example. BGP also can be used within an AS, which is referred to as iBGP and has different behavior than eBGP, which is used to route between different AS's. The image below, from vmware docs, shows what we are talking about with eBGP. The clouds represent a single autonomous system and the links between clouds are eBGP links allowing the exchange of routing information between AS's.

Autonomous system numbers are how we represent each administrative domain. These numbers were 16-bit decimal numbers ranging from 0 - 65535 until RFC 4893, BGP Support for Four-Octet AS Number Space came out extending it to 32-bit numbers to allow for more AS's. These numbers are handed out by the Internet Assigned Numbers Authority (IANA).


BGP works differently than the traditional IGP. BGP is a path vector routing protocol and uses TCP port 179 to establish a session before forming a neighbor. The term path vector means that BGP keeps track of the path(AS's) that a network prefix has traversed. BGP keeps track of this information in the AS_PATH attribute. Routers that are running a BGP process are known as BGP speakers and when two routers form a TCP session with the intent to exchange routing information they are known as neighbors or peers.



BGP uses four different message types to communicate with its peers.

  • Open
  • Keepalive
  • Update
  • Notification
The Open message type is used to request a BGP session open to a neighbor. This message is sent after the TCP session has been established and specifies several things.
Originators BGP version
  • Local AS number
  • Hold Time
  • BGP Identifier
  • Optional Parameters
The Keepalive message type is used, like its name implies, as a sort of keepalive. These messages are sent periodically after the BGP session is open. The default timer for a keepalive is 60 seconds.


The Update message type is used to actually send routing information. The routing information that is sent with BGP is known as Network Layer Reachability Information(NLRI). These messages contain prefixes that BGP wishes to advertise along with path attributes. An update message can be for either new prefixes or for routing information that BGP no longer needs to know about(withdrawn routes).


The Notification message type is used when errors are detected. This is a way of ending a BGP session(gracefully close) whenever there are errors, configuration incompatibilities, etc.


BGP uses these four message types to effectively establish and maintain sessions, exchange information, and tear down sessions. Along with these four message types BGP also has six states that neighbors or peers go through.
  • Idle
  • Connect
  • Active
  • OpenSent
  • OpenConfirmed
  • Established
An in-depth discussion of these states is for another blog post but just know that Idle is the first state and usually means that BGP is waiting for a start event. The connect state is where BGP establishes the TCP session and if successful it immediately transitions to the OpenSent state where it is waiting for an Open message from its peer. If there are no errors then BGP will start sending keepalive messages. The OpenConfirmed state is where BGP is waiting for a keepalive message from its peer. If the keepalive is received then it goes straight into established state and the peer negotiation is complete. Once in the established state BGP exchanges Update messages with its peers.

There is a lot more to say about BGP but I will save that to discuss in another post. BGP is used as the routing protocol of the internet and it is essential for us to be able to communicate over the internet. I will write about how BGP chooses the best path with path attributes in another blog. If you are more interested in BGP I recommend reading the Cisco books : TCP/IP Volume II and Internet Routing Architecture. Until next time.


Comments

Post a Comment

Popular posts from this blog

AWS Identity and Access Management(IAM)

-
Image
 IAM   With the cloud becoming more and more prevalent, how do we secure who can access cloud resources and which resources can speak to each other. This very important problem is solved with AWS Identity and Access Management(IAM) resource.  IAM enables you to control who can access your AWS environment, what actions they can perform, and which resources they can interact with. It allows you to set fine-grained permissions and policies to meet your security and compliance requirements. So what are the parts that make up Identity and Access Management(IAM) ? - User groups - Users - Roles - Policies - Identity Provider Lets go into more detail about each resource that makes up IAM. User groups are groups you can define to logically group users together that perform similar functions in job. This is kind of like having different groups for different job roles. Users are just the manually configured users created for use on the management console. This is where you define...
Read more

IPSec VPN - Fundamentals

-
A VPN, or Virtual Private Network, is a way to establish a tunnel between two endpoints, like two routers or two endpoints. VPN’s are used to provide a way of secure communication over an unsecure medium. A simple example would be secure communication between two branch offices over the unsecure internet. This is important because we need secure communication so that people can’t eavesdrop and steal important company information. Oftentimes, people misunderstand VPN's and think just because "private" is in the name that it's secure. This is not always the case, especially in the service provider world where there are different types of VPN's that do not provide any sort of encryption. IPSec VPN's do however provide encryption and other features. There are several different types of VPN’s that can be deployed. The most common ones are Site-To-Site and Remote Access, although there are many more and depending on the use case, the most common could be differe...
Read more

AWS Virtual Private Clouds(VPCs)

-
Image
   In the spirit of my last blog on cloud computing, we will discuss VPC's in this blog.  What are VPC's ? Before I answer this question I need to explain this picture and the terms used. In AWS(and other cloud providers) we have several things that make up the global cloud infrastructure. Those things are Regions, Availability Zones, and Edge Locations(not pictured). A region is a geographical area around the world that consist of multiple availability zones. An availability zone can be thought of as multiple discrete data centers that have separate power, cooling, networking, and housed in separate buildings. Edge locations are places where CloudFront caches your content to provide ultra-low latency delivery of your content. According to AWS they currently have 32 regions, 102 availability zones, and more than 550 PoP's(points of presence). These things together make it possible to create global resources in minutes that serve millions of customers.  A VPC or Virt...
Read more