Nowoczesne Sieci IP Next Generation IP Networks

Transkrypt

Nowoczesne Sieci IP
Next Generation IP Networks
P i o t r P a c y n a, K T A G H
Aleje Mickiewicza 30, 30-059 Kraków
[email protected]
Nowoczesne Sieci IP
tel. (012) 617 40 40
(C) P i o t r P a c y n a, K T A G H, 2001 - 2005
Unauthorised copying or use is prohibited
1
Traffic engineering
with BGP
Inbound/outbound
traffic control
Piotr Pacyna
Katarzyna Kosek
Szymon Szott
Nowoczesne Sieci IP
Kraków, April 2006.
2
BGP protocol
BGP advertises network prefixes, detailed path to reach these prefixes and attributes
of the path.
A path is a list of ASs that need to be traversed to reach the network(s).
BGP decision process selects a single path – the best path.
This path is installed in routing table.
Path attributes convey additional information that can be considered by BGP decision
process when selecting the best path.
A path selected by BGP decision process can be advertised to other domains
(depending on policy).
Every AS is autonomous – it has the right to advertise a path to a known remote
network(s), but it should be ready to accept and forward traffic to that network(s).
Nowoczesne Sieci IP
3
General goal of BGP
•
Select the best path* towards destination across several transit
domains
* the best path has a different meaning for diferent ISPs but it often
means the cheapest path (cheapest for the service provider)
•
•
When selecting ‘the best path’ BGP takes into account various
information it has about the path,
The internal topology of transit domains is usually unknown
Nowoczesne Sieci IP
4
BGP Update Message
withdrawn
Origin
attributes
AS Path
prefixes
NextHop
MED
Loc. Pref.
aggregation
info.
Origin
•
•
AS Path
withdrawn multiproto.
multiproto. pref.
pref.
NextHop
Prefixes = list of pairs length - prefix , eg. 10.10.1.0 / 24
atributes = ”AS PATH attributes”
( list of ASs on the path to remote network, and other attributes)
Nowoczesne Sieci IP
5
Objective of this exercise
The objective of this laboratory exercise is to show exchange of
reachability information between ISPs in multi-provider scenario,
and that the ISPs can manipulate the advertisements to satisfy their
own goals related to traffic engineering.
In the exercise we show that an ISP can influence routing decisions
of his own BGP routers regarding selection of routes leading to
networks in remote domains.
We also show that the ISP can try to influence decisions that other ISPs
make to reach local networks.
Nowoczesne Sieci IP
6
Outline of the solution
The general idea is to insert auxiliary information into BGP Update
messages.
This information will be propagated with BGP UPDATE and evaluated
by BGP speakers in BGP decision process.
As a result appropriate routes will be installed in routing tables of
BGP speakers. Inter-domain traffic will be routed accordingly.
In the exercise we first change the routes for outbound traffic.
We also try to influence the path over which traffic arrives into our
local domain (inbound traffic).
The exercise is split into two parts.
Nowoczesne Sieci IP
7
Example of attribute manipulation:
AS PATH pre-pending
AS 65100
net 10.10.1.0 / 24
AS 65200
A
iBGP
eBGP
iBGP
B
AS 65400
eBGP
F
C
D
net-pref: 10.10.1.0/24
AS path: empty
next-hop: A
net-pref: 10.10.1.0/24
AS path: 65100
next-hop: B
net-pref: 10.10.1.0/24
AS path: 65100
next-hop: B
net-pref: 10.10.1.0/24
AS path: 65100, 65200
next-hop: D
Nowoczesne Sieci IP
8
Part I Outbound traffic
In Part I we influence selection of routes for traffic originated in our
domain (outbound traffic).
method:
Local selection of routes can be impacted by modifying attributes of
BGP UPDATE messages received from neighbouring ASs which
advertise reachability of remote network(s).
AS PATH with modified path attributes is announced into our AS.
As a result local routers select the path that the local ISP prefers
over other path(s).
Nowoczesne Sieci IP
9
Use of Local Preference attribute
for controlling outbound traffic with RPSL
Import: from AS2 RX at R1 set localpref=300;
from AS2 RX at R2 set localpref=100;
accept AS2
AS 1
Export: to AS2 RX at R1 announce ANY
to AS2 RX at R2 announce ANY
R2
R1
Import: from AS1 R1 at RX set localpref=100;
from AS1 R2 at RX set localpref=200;
accept ANY
155
2
RX
AS 2
Export: to AS1 R1 at RX announce AS2
to AS1 R2 at RX announce AS2
Nowoczesne Sieci IP
10
Example for Local Preference
Example:
In the following figure LocPref is set in AS2
on prefix 10.10.1.0 / 24 received from AS1
and AS3.
AS3
It indicates that BGP speakers in AS2
”should prefer” path via AS3 to network
10.10.1.0 / 24.
AS1
Net 10.10.1.0 ¨24
LocPref 200
Nowoczesne Sieci IP
LocPref 70
AS2
11
Part I. Local preference
PC
e0=.1
Pre-configured
network topology:
net. Z.
10.10.5.0/24
e2=.3
R23
e1=.3
e0=.3
=70
e1=.2
net. G
10. 10.2.0/24
Need to configure:
-R21 and R22
AS 3
Nowoczesne Sieci IP
e0=.2
10.10.3.0/24
e0=.1
net. C.
192.168.3.0/30
R12
R11
e1=.1
R31
e1=.1
LocPref
=200
R21
e0=.2
R22
ne t. B
19 2.16 8.2.0 /3
0
- zebra is ‘up and running’
- interfaces are up
- networks are configured
AS 2LocPref
10 n
. 1 e t.
0. D
4.
0/
24
e0=.2
e0=.1
net. A.
192.168.1.0/30
10.10.1.0/24
AS 1
Notice:
e0 = eth0
e1 = eth1
etc.
12
Check configuration of R31
(1)
Step 1. Check Zebra routing daemon (general config.)
view file: /etc/zebra/zebra.conf
hostname zebra
pasword zebra
interface eth0
bandwidth 100000
log file /var/log/zebra/zebra.log
Nowoczesne Sieci IP
13
(2)
Step 2. Check if routing daemon is properly configured
in Zebra on R31
view file: /etc/zebra/daemons
zebra=yes
bgpd=yes
ospfd=no
ospf6d=no
ripd=no
ripngd=no
Nowoczesne Sieci IP
14
(3)
Step 3. Verify if the BGP daemon is properly
configured.
view file: /etc/zebra/bgpd.conf
hostname bgpd
password zebra
enable password zebra
[...]
debug bgp
debug bgp events
debug bgp filters
debug bgp fsm
debug bgp keepalives
debug bgp updates
Nowoczesne Sieci IP
15
Reachability over BGP
Run traceroute 10.10.3.1 on PC
to check reachability of that network.
Check if the route goes via AS2 over a shorter AS path.
Nowoczesne Sieci IP
16
Route map – command syntax
Nowoczesne Sieci IP
17
Route map
– generic example
Use the following example to configure R21 and R22:
router bgp 100
network nn.nn.nn.nn/mm
neighbor aa.bb.cc.dd remote-as nnnn
neighbor aa.bb.cc.dd route-map myRouteMap in
!
route-map myRouteMap permit 10
set local-preference xx
!
Nowoczesne Sieci IP
18
Changing the router configuration
In order to configure R21 and R22 do one of the following:
1. Edit the bgpd.conf file, add what is needed and restart
zebra
or
2. Telnet to bgpd, configure what is needed and issue the
clear ip bgp * command
Nowoczesne Sieci IP
19
Configuration of R21
Expected configuration on router R21
hostname bgpd
password zebra
!
route-map as1-in permit 10
set local-preference 200
router bgp 2
!
neighbor 192.168.3.1 remote-as 1
neighbor 192.168.3.1 description Router12
neighbor 192.168.3.1 route-map as1-in in
neighbor 10.10.4.3 next-hop-self
!
log file /var/log/zebra/bgpd.log
Nowoczesne Sieci IP
20
hostname bgpd
password zebra
!
route-map as3-in permit 10
set local-preference 70
router bgp 2
network 192.168.2.0/30
neighbor 192.168.2.1 route-map as3-in in
!
log file /var/log/zebra/bgpd.log
Nowoczesne Sieci IP
21
Testing routes from PC to R31
Execute traceroute again from PC to 10.10.3.1/24
............
............
............
Note that traffic is routed over AS1
(because of higher local-pref on R21)
Nowoczesne Sieci IP
22
Part II Inbound traffic
In Part II we will try to change the paths via which traffic
arrives into our ISP domain (inbound traffic).
method: it can be done by modifying attributes of AS Path
messages advertised by our BGP speakers to
neighbouring Autonomous Systems.
By doing this we will try to influence decisions of
neighbouring BGP routers when selecting (and advertising)
best routes to networks located in our AS.
Nowoczesne Sieci IP
23
Lab. Part II: Insertion of Multiple Exit
Discriminator (MED)
AS 2
MED=100 MED=50
MED value is set
on prefixes related to the network
advertised by AS3 in order to ”tell” AS2
routers that AS3 ’would like’ to receive
traffic directed to this network over the
high bandwidth link.
AS 3
net.
Nowoczesne Sieci IP
24
Lab. Part II: Insertion of Multiple Exit
Discriminator (MED)
AS 2
MED value is set
on prefix ‘net.’
advertised by AS3
in order to ”tell everybody”
MED=50
that AS3 ’would like’ to
receive traffic for
AS 1 network ‘net.’
over high bandwidth links
MED=100 MED=50
AS 3
MED=50
net.
Note that MED value related to the same
prefix but received in AS2 from different
Autonomous Systems
will not be compared !
Nowoczesne Sieci IP
25
Addressing Plan for the exercise
Pre-configured
network topology:
- zebra is ‘up and running’
- interfaces are up
- networks are configured
Need to configure:
-R31 and R32
Nowoczesne Sieci IP
Notice:
e0 = eth0
e1 = eth1
etc.
26
before setting MED
Execute traceroute from PC to 10.10.3.1/24
............
............
............
Note that traffic is routed over link R22-R31
Nowoczesne Sieci IP
27
Route map
– generic example
Use the following example to configure R31 and R32:
router bgp 100
network nn.nn.nn.nn/mm
neighbor aa.bb.cc.dd remote-as nnnn
neighbor aa.bb.cc.dd route-map myRouteMap out
!
route-map myRouteMap permit 10
set metric xx
!
Nowoczesne Sieci IP
28
Changing the router configuration
In order to configure R31 and R32 do one of the following:
1. Edit the bgpd.conf file, add what is needed and restart
zebra
or
2. Telnet to bgpd, configure what is needed and (on R22
and R24) issue the clear ip bgp * command
Nowoczesne Sieci IP
29
hostname bgpd
password zebra
!
route-map metricOut permit 10
set metric 100
!
router bgp 3
!
network 10.10.3.0/24
!
neighbor 192.168.2.2 route-map metricOut out
!
Nowoczesne Sieci IP
30
hostname bgpd
password zebra
!
route-map metricOut permit 10
set metric 70
!
router bgp 3
!
network 10.10.3.0/24
!
neighbor 192.168.4.1 route-map metricOut out
Nowoczesne Sieci IP
31
after setting MED
Execute traceroute again from PC to 10.10.3.1/24
............
............
............
Note that traffic is routed over link R24-R32
(because of lower value of MED on that link)
Nowoczesne Sieci IP
32
BGP Decision Process with MED
AS 2
AS 2
LocPref=70
LocPref
=200
MED=50
MED=100 MED=50
AS 3
AS 1
AS 1
MED=50
Prefix
AS 3
Review question:
a) What path will a router in AS2 select to reach AS3 ?
b) Which is the preferred path in multi-provider scenarios ?
hint: MED values from different service providers are not compared
Nowoczesne Sieci IP
33
BGP Decision Process
1.
2.
3.
4.
Prefer the highest value of LOCAL_PREF
Prefer paths locally computed on the router
Prefer paths with shortest AS_PATH length
Prefer paths of lowest origin code
( IGP < EGP < incomplete )
5. Prefer the lowest value of MULTI_EXIT_DISC
6. Prefer the lowest value of metric to NEX_HOP
rtr
Nowoczesne Sieci IP
34
General conclusion: Level of control over the route
selection process is different for incoming traffic
and for outgoing traffic.
An ISP can precisely influence local selection of routes
leading to remote destinations (for outbound traffic)
An ISP has limited ability to control choices that other
ISPs make to direct traffic to local networks (inbound
traffic)
Nowoczesne Sieci IP
35

Nowoczesne Sieci IP Next Generation IP Networks

Transkrypt

Podobne dokumenty

Basics orthopadie und traumatologie pdf

Szczegółowy program wykładu Sieci Komputerowe II

BGP protocol characteristics (2)

Largo Ebke - PERFECTLINE

Program wykladu

Edwin Bendyk (1965), a journalist and writer. In late 80 he was

PDF

ospfd# show ip ospf interface