LINK DOWNLOAD MIỄN PHÍ TÀI LIỆU "Tài liệu BGP pptx": http://123doc.vn/document/1045373-tai-lieu-bgp-pptx.htm
Iljitsch van Beijnum
Beijing
•
Cambridge
•
Farnham
•
Köln
•
Paris
•
Sebastopol
•
Taipei
•
Tokyo
BGP
by Iljitsch van Beijnum
Copyright © 2002 O’Reilly Media, Inc. All rights reserved.
Printed in the United States of America.
Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472.
O’Reilly Media, Inc. books may be purchased for educational, business, or sales promotional use. On-
line editions are also available for most titles (safari.oreilly.com). For more information contact our cor-
porate/institutional sales department: (800) 998-9938 or corporate@oreilly.com.
Editor:
Jim Sumser
Production Editor:
Mary Anne Weeks Mayo
Cover Designer:
Ellie Volckhausen
Interior Designer:
David Futato
Printing History:
September 2002: First Edition.
Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of
O’Reilly Media, Inc. BGP, the image of a slender-horned gazelle, and related trade dress are trademarks
of O’Reilly Media, Inc. Many of the designations used by manufacturers and sellers to distinguish their
products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media,
Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps.
While every precaution has been taken in the preparation of this book, the publisher and author assume
no responsibility for errors or omissions, or for damages resulting from the use of the information
contained herein.
This book uses RepKover
™
, a durable and flexible lay-flat binding.
ISBN: 0-596-00254-8
[M] [5/05]
v
Table of Contents
Preface
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
ix
1. The Internet, Routing, and BGP
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1
Topology of the Internet 2
TCP/IP Design Philosophy 6
Routing Protocols 9
Multihoming 13
2. IP Addressing and the BGP Protocol
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
15
IP Addresses 15
Interdomain Routing History 18
The BGP Protocol 19
Multiprotocol BGP 26
Interior Routing Protocols 32
3. Physical Design Considerations
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
36
Availability 36
Selecting ISPs 38
Bandwidth 39
Router Hardware 43
Failure Risks 49
Building a Wide Area Network 51
Network Topology Design 54
4. IP Address Space and AS Numbers
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
61
The Different Types of Address Space 62
Requesting Address Space 66
Renumbering IP Addresses 68
vi | Table of Contents
The AS Number 70
Routing Registries 71
Routing Policy Specification Language 72
5. Getting Started with BGP
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
75
Enabling BGP 75
Monitoring BGP 78
Clearing BGP Sessions 80
Filtering Routes 81
Internal BGP 83
The Internal Network 87
Minimizing the Impact of Link Failures 91
eBGP Multihop 93
6. Traffic Engineering
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
95
Knowing Which Route Is Best 96
Route Maps 99
Setting the Local Preference 100
Manipulating Inbound AS Paths 103
Inbound Communities 105
BGP Load Balancing 108
Traffic Engineering for Incoming Traffic 109
Setting the MED 109
Announcing More Specific Routes 117
Queuing, Traffic Shaping, and Policing 120
7. Security and Integrity of the Network
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
128
Passwords and Security 129
Software 131
Protecting BGP 133
Denial-of-Service Attacks 137
8. Day-to-Day Operation of the Network
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
147
The Network Operations Center 147
NOC Hardware Facilities 151
SNMP Management 152
Router Names 157
General IP Network Management 159
Table of Contents | vii
9. When Things Start to Go Down: Troubleshooting
. . . . . . . . . . . . . . . . . . . . .
162
Keeping a Clear Head 162
Managing the Troubleshooting Process 163
Dealing with Service Providers 165
Physical and Datalink Layer Problems 167
Routing and Reachability Problems 174
Black Holes 180
DNS Problems 185
10. BGP in Larger Networks
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
188
Peer Groups 188
Using Loopback Addresses for iBGP 190
iBGP Scaling 191
Dampening Route Flaps 196
OSPF as the IGP 198
Traffic Engineering in the Internal Network 207
Network Partitions 209
11. Providing Transit Services
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
213
Route Filters 213
Communities 215
Anti-DoS Measures 221
Customers with Backup Connections 224
Providing IPv6 and Multicast 225
12. Interconnecting with Other Networks
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
228
Peering 228
Internet Exchanges, NAPs, and MAEs 229
Connecting to an Internet Exchange 229
Connecting to More Exchange Points 235
Rejecting Unwanted Traffic 237
IX Subnet Problems 240
Talking to Other Network Operators 240
Exchange Point Future 241
viii | Table of Contents
A. Cisco Configuration Basics
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
243
B. Binary Logic, Netmasks, and Prefixes
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
250
C. Notes on the IPv4 Address Space
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
256
Glossary
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
259
Index
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
265
Downloa d f r o m W o w ! e B o o k < w w w.woweb o o k . c o m >
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
ix
Preface
This is a book about connecting to the Internet as reliably as possible. This means
eliminating all single points of failure, including having just one Internet service pro-
vider (ISP). By multihoming to two or more ISPs, you can remain connected when
either ISP (or your connection to them) experiences problems. However, there is a
catch: if you are a regular customer, your ISP makes sure your IP addresses are
known throughout the Net, so every router connected to the Internet knows where
to send packets addressed to your systems. If you connect to two ISPs, you’ll have to
do this yourself and enter the world of interdomain routing via the Border Gateway
Protocol (BGP). The majority of this book deals with BGP in a practical, hands-on
manner.
My involvement with BGP started in 1995, when I entered a darkened room with a
lot of modem lights blinking and was told, “This box connects to both our ISPs, but
it doesn’t do what we want it to. Maybe you can have a look. It’s called a Cisco. Here
are the manuals.” It didn’t take me long to figure out that we needed to run BGP to
make this setup work as desired, but getting information on how to do this properly
was a lot harder: very little of the available BGP information takes actual interdo-
main routing practices into account. In this book, I intend to provide an insight into
these practices, based on my experiences as a network engineer working for several
small multihomed ISPs and a large ISP with many multihomed customers, and as a
consultant in the area of routing in general and interdomain routing in particular.
Intended Audience
The audience for this book is everyone interested in running BGP to create reliable
connectivity to the Internet. It caters specifically to the needs of those who have to
determine whether BGP is the right solution for them, and if so, how to go about
preparing for and then implementing the protocol. The latter topic occupies most
of the book. A lot of the information applies to everyone who needs reliable Inter-
net-connectivity: end-user organizations, application service providers, web
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
x
|
Preface
hosters, and smaller ISPs. Later in the book, the focus shifts to topics that are
mainly of interest to ISPs: interconnecting (peering) with other networks and pro-
viding BGP transit services.
The network operations and engineering people at large ISPs should already be well
aware of all the issues discussed in this book. However, the sales engineering, provi-
sioning, and support staff should find its information useful when dealing with cus-
tomers who run or want to run BGP.
Specific prior knowledge isn’t required for reading this book, but some exposure to
basic networking theory (such as the OSI model), the IP protocol, and relevant
lower-layer protocols such as Ethernet would be useful for putting everything in the
right perspective. References to books on these topics are spread throughout the text.
The configuration examples in this book are all for Cisco routers.
*
It proved impossi-
ble to provide a useful number of configuration examples for additional router
brands without doubling the size of the book and having to change the title to A
Comparative Analysis of BGP Implementations and Their Configuration. When using
non-Cisco equipment, the book can be used alongside the sections on BGP configu-
ration and IP filtering (access lists) in the router’s manual.
What’s in This Book?
The book contains pretty much everything you need to know to run BGP for regular
IPv4 routing in all but the largest networks. But there is a lot of related information
that is not in the book: the intent of this book is to help you achieve common BGP-
related goals, such as reliability and balancing traffic over multiple connections, and
provide an introduction into the world of interdomain routing. The book is by no
means a reference on the BGP protocol or BGP configuration on a Cisco router. Con-
sult the Cisco documentation at http://www.cisco.com for additional details on
Cisco’s BGP implementation and IOS in general. For more details on the internals of
BGP and other protocols, see the relevant RFCs. Lower-layer protocols such as
Ethernet, ATM, and SONET, aren’t covered in the book.
Chapter 1, The Internet, Routing, and BGP, sets the scene with some (often misun-
derstood) history and a discussion of how ISP networks connect together to form
the worldwide Internet. It continues with an overview of TCP/IP design principles,
the consequences of those principles, and how they make routing protocols neces-
sary. There is a short overview of the IP header and an explanation of why there
must be interdomain routing protocols in addition to intradomain (interior) rout-
ing protocols.
* Configuration examples are based on Cisco IOS Version 12.0 and should run on all Cisco BGP-capable plat-
forms.
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
Preface
|
xi
Chapter 2, IP Addressing and the BGP Protocol, is about IP addressing and the inner
workings of the BGP protocol, including the multiprotocol extensions and the BGP
route selection algorithm. The chapter ends with a discussion of previous versions of
BGP and other interdomain protocols.
Chapter 3, Physical Design Considerations, discusses the physical side of the net-
work: higher availability through redundancy, router hardware, and network topol-
ogy. There are also sections on calculating bandwidth requirements and selecting
ISPs.
Chapter 4, IP Address Space and AS Numbers, discusses the various types of IP
address space, their limitations, and how to get those addresses. This chapter also
covers renumbering IP addresses and introduces the Routing Registry system.
Chapter 5, Getting Started with BGP, explains in detail how to configure external
BGP (eBGP) to a single ISP and how to determine whether your address block shows
up on routers in other networks. The chapter provides examples of how to use a sec-
ond router to connect to a second ISP and how to configure internal BGP sessions.
The chapter also describes a setup in which two BGP routers run the Cisco Hot
Standby Routing Protocol (HSRP) so the network remains usable if one router fails.
Finally, the chapter provides information on minimizing the impact of link failures
and an explanation of eBGP multihop.
Chapter 6, Traffic Engineering, explains how to take advantage of having two con-
nections to the Internet by optimizing the traffic flow for input and output traffic.
The chapter provides many examples of how to configure the mechanisms that influ-
ence route selection, such as manipulation of the AS path, the Multi Exit Discrimina-
tor, and communities. Chapters 5 and 6 include Routing Policy Specification
Language (RPSL) examples for several routing policies described in these chapters.
Chapter 7, Security and Integrity of the Network, discusses the best way to secure
access to your routers, the use of Telnet versus SSH, and software weaknesses. But
the main topics of the chapter are protecting BGP against problems caused by other
networks, intentionally or unintentionally. This includes extensive information on
using BGP to deflect (Distributed) Denial of Service attacks.
Chapter 8, Day-to-Day Operation of the Network, talks about the requirements inter-
domain routing imposes on the Network Operations Center and how to manage
day-to-day BGP operation. This includes a discussion of the Simple Network Man-
agement Protocol (SNMP) management and configuration examples for the popular
Multi Router Traffic Grapher (MRTG) software. This chapter also provides sugges-
tions for router names.
Chapter 9, When Things Start to Go Down: Troubleshooting, starts with a small sec-
tion on managing the troubleshooting process and then explains how to trouble-
shoot physical and datalink layer problems and, in detail, interdomain routing and
reachability problems.
This is the Title of the Book, eMatter Edition
Copyright © 2007 O’Reilly & Associates, Inc. All rights reserved.
xii
|
Preface
Chapter 10, BGP in Larger Networks, examines the challenges of designing a large,
stable network. It discusses BGP peer groups, use of loopback addresses for internal
BGP (iBGP), iBGP scaling using route reflectors and confederations, and preserva-
tion of CPU cycles by dampening route flaps. It also contains examples of how to use
OSPF as the interior routing protocol, the pitfalls of route redistribution, and traffic
engineering in the internal network.
Chapter 11, Providing Transit Services, explains how to provide your multihomed
customers with the tools they need to make the best use of their connection to you if
you provide transit services. This includes ways for them to deflect Denial of Service
attacks and communities for traffic engineering. The chapter also tells you how you
can connect non-BGP customers with a backup connection and discusses providing
IPv6 and multicast services.
Chapter 12, Interconnecting with Other Networks, is mainly about connecting to a
public exchange point such as an Internet Exchange, network access point (NAP), or
Metropolitan Area Exchange (MAE). It presents the business case for exchanging
traffic with other networks (peering), how to connect to an exchange point, and the
routing issues associated with connecting to several exchange points. The chapter
ends with configuration examples for securing border routers against abusive traffic
from peers.
There are three appendixes. Appendix A, Cisco Configuration Basics, tells you how to
perform configuration changes on a Cisco router and explains a basic IP configura-
tion. Appendix B, Binary Logic, Netmasks, and Prefixes, shows how netmasks and
prefixes work in their native binary representation. Appendix C, Notes on the IPv4
Address Space, is an overview of the IPv4 address space and address ranges reserved
for special purposes.
Finally, there is a Glossary that defines terminology related to BGP.
How to Read This Book
The book is structured such that it’s best read from the beginning to the end. If you
are new to Cisco routers, read Appendix A first. If you’re unfamiliar with configur-
ing BGP and properly filtering incoming and outgoing routing updates, you should
read and understand those sections in Chapter 5 before moving on. Chapter 6
explains how route maps work; they’re extensively used in examples in later chap-
ters. Apart from this you can implement individual examples as desired, but remem-
ber that the examples are just that: they show how something could be done, which
isn’t necessarily the best way to do it in your particular situation. However, the text
should provide you with enough information to be able to adapt the examples to the
particulars of your network. Chapters 10, 11, and 12 are mostly of interest if you
work in an ISP environment, but they should be informative for others as well, if not
immediately applicable.
Không có nhận xét nào:
Đăng nhận xét