Flashcards in BGP Deck (195):
What is the most important difference between BGP-4 and earlier versions of BGP?
BGP-4 is classless. Earlier versions are classful.
What two problems was CIDR developed to alleviate?
CIDR was developed to alleviate the explosion of Internet routing tables and to slow the depletion of Class B network addresses.
What is the difference between classful and classless IP routers?
Classful IP routers perform routing table lookups on the major class network address first and then match the subnet. Classless IP routers ignore the class of the destination address and try to make a longest match on the address prefix.
What is the difference between classful and classless IP routing protocols?
Classful IP routing protocols advertise only a network or subnet address, without any information about the prefix length. As a result, routers receiving the advertisement must make certain assumptions about the address prefix. Classless IP routing protocols include information that allows the receiving router to parse the address prefix. As a result, VLSM and summarization are possible with classless protocols.
Given the addresses 172.17.208.0/23, 172.17.210.0/23, 172.17.212.0/23, and 172.17.214.0/23, summarize the addresses with a single aggregate, using the longest possible address mask.
What is an address prefix?
An IP address prefix is the part of an IP address that a router considers when making routing decisions. In a classful environment, the prefix is a major class network address or one of its subnets. In a classless environment, the prefix can be any number of leading bits in the 32-bit address.
Explain how summarization helps hide network instabilities.
Member addresses, or destination addresses that are summarized by an aggregate address, are not advertised past the summarization point. So if the state of one of the member addresses changes, the change is not advertised past the summarization point.
Explain how summarization can cause asymmetric traffic patterns.
Summarization hides the details of the internetwork behind the summarization point. If a summary address is advertised by more than one router, the routers beyond the summarization points select only the closest summarizing router.
Is asymmetric traffic undesirable?
The answer is subjective. Asymmetric traffic can make baselining and troubleshooting more difficult, and if the internetwork is geographically large, delay-sensitive traffic can be affected. On the other hand, the benefits of summarization might outweigh these problems.
What is a NAP?
A network access point is a LAN or switch through which service providers may interconnect. From the perspective of Internet traffic flow, NAPs are the hierarchically highest points in the Internet topology.
What is a route server?
A route server is a server with which routers may peer via some routing protocol. Each router sends its updates to the route server rather than to the other peers. The route server applies the appropriate routing policies and then sends the updates to the other peers. Route servers are useful when many routers must peer across a common data link, as in a NAP, by reducing the number of peering sessions each router must establish. This can be especially important if the routers are using a unicast protocol such as BGP, in which a separate packet must be sent to each peer. A route server is not a router, because it performs no packet forwarding.
What is a provider-independent address space, and why can it be advantageous to have one?
A provider-independent address space is assigned by the regional IP address registry rather than as part of a service provider's CIDR block. It proves useful if an AS is multihomed to different service providers. It is also useful because it is portable. That is, the owner of the address space can change ISPs without having to re-address.
Why can it be a problem to have a /21 provider-independent address space?
Some national service providers do not accept IP prefixes longer than a /19. As a result, a /21 might not be advertised to all parts of the Internet.
What is a routing policy?
A routing policy is a predefined set of rules for handling incoming and outgoing routes. Typical tools for setting routing policies are redistribution, route filters, and route maps.
What is the underlying protocol that BGP uses to reliably connect to its neighbors?
BGP uses TCP port 179.
What are the four BGP message types, and how is each one used?
The four BGP message types are Open, Keepalive, Update, and Notification. Open messages are used to initially identify a BGP speaker to its neighbor and begin a peering session. Keepalives maintain the peer connection. Updates are used to advertise routes, and Notification messages advise peers of errors.
In what state or states can BGP peers exchange Update messages?
BGP peers can exchange Update messages only when both are in the Established state.
What is NLRI?
Network Layer Reachability Information is the IP address prefix or prefixes advertised in a BGP Update.
What is a path attribute?
A path attribute is a characteristic of a BGP route.
What are the four categories of BGP path attributes?
The four categories of BGP path attributes are Well-known Mandatory, Well-known Discretionary, Optional Transitive, and Optional Nontransitive.
What is the purpose of the AS_PATH attribute?
The AS_PATH attribute describes the AS numbers that a received Update has crossed after it left the originating router. This information can be used to determine the shortest inter-AS path, and it is also used to detect routing loops.
What are the different types of AS_PATH?
AS_PATH types are AS_SEQUENCE, AS_CONFED_SEQUENCE, AS_SET, and AS_CONFED_SET. AS_SEQUENCE is an ordered set of AS numbers, and AS_SET is an unordered set of AS numbers. AS_CONFED_SEQUENCE and AS_CONFED_SET are the same as AS_SEQUENCE and AS_SET but are used only within BGP confederations.
What is the purpose of the NEXT_HOP attribute?
The NEXT_HOP attribute describes the IP address of the next-hop router that packets should be forwarded to in order to reach the destination advertised as the NLRI in a BGP Update.
What is the purpose of the LOCAL_PREF attribute?
If multiple IBGP speakers are advertising the same route within an AS, the LOCAL_PREF attribute can be used to identify the preferred route. The higher the LOCAL_PREF value, the more preferred the route.
What is the purpose of the MULTI_EXIT_DISC attribute?
When multiple links exist between two autonomous systems, EBGP speakers can use the MED to inform the neighboring AS of the preferred link for incoming traffic.
What attribute or attributes are useful if a BGP speaker originates an aggregate route?
THE ATOMIC_AGGREGATE informs downstream routers that a loss of route information has occurred due to aggregation. The AGGREGATOR attribute identifies the router that originated the aggregate.
What is a BGP administrative weight?
A BGP administrative weight is a Cisco-specific parameter that can be assigned to routes within a single router. The higher the weight, the more preferable the route. Weights are local to the router and are not advertised to peers.
Given an EBGP route and an IBGP route to the same destination, which route will a BGP router prefer?
If the weights, LOCAL_PREFs, AS_PATH lengths, ORIGIN codes, and MEDs are equal, EBGP routes are preferred over IBGP routes.
A router has two IBGP routes to the same destination. Path A has a LOCAL_PREF of 300 and three AS numbers in the AS_PATH. Path B has a LOCAL_PREF of 200 and two AS numbers in the AS_PATH. Assuming no other differences, which path will the router choose?
LOCAL_PREF has a higher priority in the BGP decision process than AS_PATH, so path A is chosen.
What is route dampening?
Route dampening is a mechanism by which BGP routes are assigned a penalty for changing state. The more often the state changes (the route flaps), the greater the accumulated penalties. If the penalties exceed a certain threshold, the route is suppressed for a time. As a result, unstable routes have less adverse effect on the BGP internetwork.
Define the penalty, suppress limit, reuse limit, and half-life as they apply to route dampening.
The penalty is a value assigned to a route by the route-dampening mechanism each time the route changes state. The suppress limit is a threshold that, if exceeded by a route's accumulated penalties, signifies that the route should not be advertised. Reuse limit is a threshold that, if a suppressed route's accumulated penalties falls below it, signifies that the route can again be advertised. The half-life is the rate at which a route's accumulated penalties are reduced. At the end of each half-life, the penalty is reduced by half.
What is IGP synchronization, and why is it important?
IGP synchronization is a rule whereby a BGP router cannot advertise a transit route to an EBGP peer unless the route is found in the IGP routing table. If a BGP router forwards a transit packet to an IBGP peer via an IGP router, and the IGP router does not know the route, the packet is dropped.
Under what circumstances can you safely disable IGP synchronization?
You can safely turn off IGP synchronization if the IBGP peers in an AS are fully meshed, or when the AS is not a transit AS.
What is a BGP peer group?
A BGP peer group is a group of BGP peers that have been identified on a single router to share common routing policies. Peer groups simplify configuration by allowing route policies to be applied to the group rather than to each individual member.
What is a BGP community?
A BGP community is a group of routes that share common routing policies. They work by setting a common COMMUNITY attribute in the routes; peers receiving those routes can recognize the COMMUNITY attribute and apply the appropriate policy.
What is a route reflector? What is a route reflection client? What is a route reflection cluster?
A route reflector is similar to a route server in that it permits IBGP routers to peer with it rather than with each other. Routes from one peer are advertised, or reflected, to the other peers. As a result, the number of peering sessions is reduced from what would be required if the IBGP peers were fully meshed. Route reflectors differ from route servers in that the route reflector is also a router. A route reflection client is an IBGP router that has peered with a route reflector. A route reflection cluster is a route reflector and its clients. A cluster can have more than one route reflector, but all the clients in the cluster must be peered with all the route reflectors in the cluster.
What is the purpose of the ORIGINATOR_ID and the CLUSTER_LIST path attributes?
The ORIGINATOR_ID and CLUSTER_LIST attributes prevent routing loops when route reflectors are being used.
What is a BGP confederation?
A BGP confederation is a large AS that has been subdivided into a group of smaller autonomous systems for easier manageability.
Can route reflectors be used within confederations?
What is the purpose of the next-hop-self function? Are there any reasonable alternatives to using this function?
next-hop-self tells a router to change the NEXT_HOP attribute of routes received from an external peer to its own IP address. This function is used when the IGP has no knowledge of the external next-hop address. An alternative method is to run the IGP passively on the external link so that it knows the subnet on which the external next-hop address resides.
Does BGP have its own transport mechanism to ensure the guarantee of BGP updates?
BGP uses TCP as its transport mechanism.
Assuming no Route-Reflection or Confederations are used, what problems might occur if IBGP neighbors are not fully meshed?
An IBGP update will not be propagated to BGP routers in the AS because the IBGP learned update is not announced to other IBGP neighbors.
What BGP technique is used to penalize flapping of BGP routes in some other AS?
The BGP process can exchange updates with its neighbors after passing which neighbor state?
Which techniques are used in solving the IBGP full mesh requirement?
Route reflection and confederation
Define path attribute
A term generally describing characteristics about BGP paths that are advertised in BGP Updates.
Define BGP table
A table inside a router that holds the path attributes and NLRI known by the BGP implementation on that router.
Define BGP update
A BGP message that includes withdrawn routes, path attributes, and NLRI.
Define established (BGP)
A BGP neighbor state in which the BGP neighbors have stabilized and can exchange routing information using BGP Update messages.
Refers to how a router views a BGP peer relationship, in which the peer is in the same AS.
A term referring to how a router views a BGP peer relationship, in which the peer is in another AS.
An exterior routing protocol designed to exchange prefix information between different autonomous systems. The information includes a rich set of characteristics called path attributes, which in turn allows for great flexibility regarding routing choices.
Define peer group
In BGP, a configuration construct in which multiple neighbors’ parameters can be configured as a group, thereby reducing the length of the configuration. Additionally, BGP performs routing policy logic against only one set of Updates for the entire peer group, improving convergence time.
Define eBGP multihop
A BGP feature that defines the IP TTL field value in packets sent between two eBGP peers. This feature is required when using IP addresses other than the interface IP address on the link between peers.
Define autonomous system
In BGP, a set of routers inside a single administrative authority, grouped together for the purpose of controlling routing policies for the routes advertised by that group to the Internet.
Define AS number
A number between 1 and 64,511 (public) and 64,512 and 65,535 (private) assigned to an AS for the purpose of identifying a specific BGP domain.
A BGP path attribute that lists ASNs through which the route has been advertised. The AS_PATH includes four types of segments: AS_SEQ, AS_SET, AS_CONFED_SEQ, and AS_CONFED_SET. Often, this term is used synonymously with AS_SEQ.
A BGP path attribute that implies how the route was originally injected into some router’s BGP table.
A BGP term referring to an IP prefix and prefix length.
A BGP path attribute that lists the next-hop IP address used to reach an NLRI.
A BGP path attribute that allows routers in one AS to set a value and advertise it into a neighboring AS, impacting the decision process in that neighboring AS. A smaller value is considered better. Also called the BGP metric.
A BGP path attribute that is communicated throughout a single AS to signify which route of multiple possible routes is the best route to be taken when leaving that AS. A larger value is considered to be better.
Define routing black hole
A problem that occurs when an AS does not run BGP on all routers, with synchronization disabled. The routers running BGP may believe they have working routes to reach a prefix, and forward packets to internal routers that do not run BGP and do not have a route to reach the prefix.
In BGP, a feature in which BGP routes cannot be considered to be a best route to reach an NLRI unless that same prefix exists in the router’s IP routing table as learned via some IGP.
A BGP feature that overcomes the requirement of a full mesh of iBGP peers inside a single AS by separating the AS into multiple sub-autonomous systems.
Define route reflector
A BGP feature by which a router learns iBGP routes, and then forwards them to other iBGP peers, reducing the required number of iBGP peers while also avoiding routing loops.
Define confederation identifier
In an IOS confederation configuration, the actual ASN as seen by eBGP peers.
The term referring to a group of iBGP routers in a confederation, with the group members being assigned a hidden ASN for the purposes of loop avoidance.
Define route reflector server
A BGP router that forwards iBGP-learned routes to other iBGP routers.
Define route reflector client
A BGP router that, unknown to it, is aided by a route reflector server to cause all iBGP routers in an AS to learn all eBGP-learned prefixes.
Define route reflector nonclient
A BGP router in an AS that uses route reflectors, but that is not aided by any RR server.
Define confederation AS
The ASN assigned to a confederation sub-AS.
Define confederation eBGP
A BGP peer connection between two routers inside the same ASN, but in different confederation sub-autonomous systems.
A local Cisco-proprietary BGP setting that is not advertised to any peers. A larger value is considered to be better.
Define soft reconfiguration
A BGP process by which a router reapplies routing policy configuration (route maps, filters, and the like) based on stored copies of sent and received BGP Updates.
Define AS_PATH access list
A Cisco IOS configuration tool, using the ip as-path access-list command, that defines a list of statements that match the AS_PATH BGP path attribute using regular expressions.
Define AS_PATH prepending
This term has two BGP-related definitions. First, it is the normal process in which a router, before sending an Update to an eBGP peer, adds its local ASN to the beginning of the AS_PATH path attribute. Second, it is the routing policy of purposefully adding one or more ASNs to the beginning of a route’s AS_PATH path attribute, typically to lengthen the AS_PATH and make the route less desirable in the BGP decision process.
Define regular expression
A list of interspersed alphanumeric literals and metacharacters that are used to apply complex matching logic to alphanumeric strings. Often used for matching AS_PATHs in Cisco routers.
A type of AS_PATH segment consisting of an ordered list of ASNs through which the route has been advertised.
A type of AS_PATH segment consisting of an unordered list of ASNs consolidated from component subnets of a summary BGP route.
Define well-known mandatory
A characterization of a BGP path attribute in which all BGP implementations must support and understand the attribute (well known), and all BGP Updates must include the attribute (mandatory).
Define well-known discretionary
A characterization of a BGP path attribute in which all BGP implementations must support and understand the attribute (well known), but BGP Updates can either include the attribute or not depending on whether a related feature has been configured (discretionary).
Define optional transitive
A characterization of a BGP path attribute in which BGP implementations are not required to support the attribute (optional), and for which if a router receives a route with such an attribute, the router should forward the attribute unchanged (transitive).
Define optional nontransitive
A characterization of a BGP path attribute in which BGP implementations are not required to support the attribute (optional), and for which if a router receives a route with such an attribute, the router should remove the attribute before advertising the route (nontransitive).
An optional transitive BGP path attribute that, for a summary route, lists the BGP RID and ASN of the router that created the summary.
A well-known discretionary BGP path attribute that flags a route as being a summary route.
Used by RRs to denote the RID of the iBGP neighbor that injected the NLRI into the AS.
An optional nontransitive BGP path attribute that lists the route reflector cluster IDs through which a route has been advertised, as part of a loop-prevention process similar to the AS_PATH attribute.
Define administrative weight
A Cisco-proprietary BGP feature. The administrative weight can be assigned to each NLRI and path locally on a router, impacting the local router’s choice of the best BGP routes. The value cannot be communicated to another router.
Define AS_PATH length
A calculation of the length of the AS_PATH PA, which includes 1 for each number in the AS_SEQ, 1 for an entire AS_SET segment, and possibly other considerations.
Define BGP decision process
A set of rules by which BGP examines the details of multiple BGP routes for the same NLRI and chooses the single best BGP route to install in the local BGP table.
Define neighbor type (BGP)
In BGP, either external BGP (eBGP), confederation eBGP, or internal BGP (iBGP). The term refers to a peer connection, and whether the peers are in different ASs (eBGP), different confederation sub-ASs (confederation eBGP), or in the same AS (iBGP).
Define private AS
A BGP ASN whose value is between 64,512 and 65,535. These values are not assigned for use on the Internet, and can be used for private purposes, typically either within confederations or by ISPs to hide the ASN used by some customers.
An optional transitive BGP path attribute used to store 32-bit decimal values. Used for flexible grouping of routes by assigning the group the same COMMUNITY value. Other routers can apply routing policies based on the COMMUNITY value. Used in a large number of BGP applications.
A reserved value for the BGP COMMUNITY path attribute that implies that the route should not be advertised outside the local confederation sub-AS.
A reserved value for the BGP COMMUNITY path attribute that implies that the route should not be advertised outside the local AS.
A reserved value for the BGP COMMUNITY path attribute that implies that the route should not be advertised to any other peer.
The RFC 1997 name for the reserved COMMUNITY path attribute known to Cisco IOS as LOCAL_AS. (See LOCAL_AS.)
What is a routing domain from BGP's perspective? How is this different from a routing domain within IS-IS?
A routing domain, from BGP's perspective, is a group of routers or networks under a single administrative control. In IS-IS, a routing domain is the area within which topology information is flooded.
What are the two primary differences between an interior gateway protocol and an external gateway protocol?
Interior gateway protocols are generally concerned with fast convergence and assume uniform policies throughout the routing domain (although this is changing with policy propagation and other additions to interior gateway protocols). Exterior gateway protocols focus on propagating policy and stability.
What types of policies would you normally see implemented through BGP?
Always take the closest exit point, always take the exit closest to the customer, take the cheapest exit point, don't traverse certain networks, and don't accept unstable or invalid routing information from a peer.
For what does BGP use the path information it carries through the network?
To detect and eliminate routing loops.
Why does BGP treat each autonomous system as a point on the connectivity graph? What does this imply about BGP's usefulness within an autonomous system?
By treating each autonomous system as a point, BGP hides the details of each autonomous system's internal connectivity. Since BGP doesn't change the AS Path within the autonomous system and ignores the internal structure of the autonomous system, it's difficult to use for interior routing.
What transport does BGP use to build a session to another BGP speaker? What local port number and remote port number does BGP use when initiating a connection?
BGP relies on TCP to reliably transmit data between BGP peers. The local port is ephemeral, some port number chosen randomly above port 1024, and the destination port is 179.
How is a collision resolved between two BGP speakers attempting to open a connection at the same time?
When the collision is detected, the BGP speaker with the higher router ID drops the passive session, and the BGP speaker with the lower router ID drops the active session.
Define prefix, NLRI, and attribute.
A prefix, or NLRI, provides network layer reachability information, or a layer-3 destination. An attribute provides information about the path, desirability, and policies attached to a given path to a destination within the internetwork.
How many sets of attributes can a single BGP update contain? How many prefixes?
A BGP update can contain a single set of attributes and a large number of prefixes or NLRIs that share that set of attributes.
What are the four primary differences between eBGP peering relationships and iBGP peering relationships?
Routes learned from an iBGP peer are not normally advertised to other iBGP peers, the attributes of routes learned from iBGP peers are not normally modified before the routes are readvertised, the AS Path of a route is not normally modified when a route is readvertised to an iBGP peer, and the next hop is not normally modified when a route is readvertised to an iBGP peer.
Why does BGP include the concept of notifications; what types of errors can a notification indicate has occurred in the BGP session?
BGP normally shuts down a session when an error is detected, including malformed packets being received. A notification can indicate that an error has occurred in the message header, an open message, an update message, the hold timer expired, an error has occurred in the neighbor finite state machine, or the peer should stop sending data (a cease).
What purpose do BGP capabilities serve? What sorts of capabilities can be negotiated?
Capabilities allow a pair of BGP speakers to advertise their optional capabilities and negotiate which optional capabilities will be used in a session. Capabilities include the ability to refresh routing information, the ability to send multiprotocol routing information, the ability to support cooperative route filtering, and the ability to gracefully restart the session.
Describe the four classes of BGP attributes.
Well-known mandatory attributes, which must be recognized by all BGP speakers and must be carried in each update that is advertised. Well-known discretionary attributes, which must be recognized by all BGP speakers but are not required in all BGP updates. Optional transitive attributes, which may not be recognized by all BGP peers but must be kept with a prefix when transmitted to a BGP speaker's neighbors. Optional nontrasitive attributes, which may not be recognized by all BGP speakers, and a BGP speaker is not required to send to its peers when readvertising a route.
What is a community? What are some well-known communities?
Communities are a way to group routes (or BGP speakers) into groups, or communities, that share common policies. Some well-known communities include NO_EXPORT, which indicates that a route should not be readvertised outside the autonomous system, and NO_ADVERTISE, which indicates that a route should not be readvertised to any peer by the router receiving the route.
What is the atomic aggregate bit used for?
To indicate that a route is an aggregate and that attribute information may have been lost or that attributes have been aggregated and some attributes may not apply to some more specific parts of the aggregated route.
What is the point at which the responsibility for a network connection transfers from the service provider to the customer?
The demarcation point, or the DEMARC, for short.
Where would you normally get a block of addresses from if you are connecting to the Internet for the first time?
The Internet service provider you are contracting for connection service with. You could also request a block of IP addresses from a regional Internet Registry (RIR), but these organizations typically only provide address blocks for very large customers, such as Internet service providers, large governmental organizations, and large corporations.
What are the primary advantages of dual homing to the Internet through the same Internet service provider?
You can more closely control the service level agreement, and you only need to deal with one set of engineers and other contacts when trying to resolve technical or contractual problems.
How many routers should you use to peer with when dual homing to a single Internet service provider?
You should use two routers to peer, rather than one, since the capital outlay of the second router is going to be easily offset by the gains in connection uptime.
What is the primary disadvantage of dual homing to the same Internet service provider rather than to two different Internet service providers?
If the Internet service provider's upstream connection fails, you will lose all connectivity to the Internet, even though you are dual homed. It's also possible that a regional disruption may cause you to lose all connectivity to the Internet.
What other type of diversity is just as important as logical diversity?
Physical diversity; making certain that all traffic to and from two logically diverse connections are not traveling through a common set of physical cables.
What types of records can you request from your Internet service providers to determine whether or not you have enough diversity of the right types?
Design layout records (DLRs).
What are the primary considerations that would cause you to run eBGP with your Internet service providers?
Traffic flow considerations and optimal routing to locations connected to the Internet.
How can you run BGP to an Internet service provider without a registered Autonomous System number?
You can use a private autonomous system number assigned by your Internet service provider, which the ISPF then strips out of the AS Path at the edge of its network.
What is the most common problem preventing traffic from flowing inbound on two links when dual homed to two different Internet service providers?
The Internet service provider you received the IP address block from is advertising an aggregate of that space, while your second Internet service provider is advertising the more specific prefix they are learning through your connection with them.
Can you control inbound traffic flow by controlling outbound traffic flow?
No; IP traffic is forwarded based on the best hop in each local router through which it passes. In fact, it's very difficult to ensure symmetric traffic flow through dual homed connections to the Internet.
What methods could you investigate to balance inbound traffic flow through two different connections to the Internet?
You can consider iBGP Multipath within the Internet service provider's network if you are dual homed to the same ISP. You can set the multiple exit discriminator on the routes you advertise, but many Internet service providers reset or ignore the MEDs on routes they receive. You can set a community that causes the Internet service provider to set the Local Preference to some value, or you can add length to the AS Path by prepending the same autonomous system number onto the AS Path several times. You can advertise two different sets of routes out the two connections, so all the traffic destined to one block of addresses is preferred because of longer prefix matching.
What options could you consider if you only wanted to use one connection to an Internet service provider and only send traffic along a backup link when the primary link fails?
What are the primary means you have to control outbound traffic flow when dual homed to the Internet?
Controlling traffic flow through the Interior Gateway Protocol metric; filtering the routes received along each link; iBGP multipath, using an eBGP multihop session across the parallel links.
What is one of the major considerations when determining how to control outbound traffic flow across several connections to the Internet?
How far back, or deep, into your network you want to run BGP.
Why is it sometimes important to force traffic to enter and exit your network symmetrically?
Most often symmetric entry and exit points are important for firewalls and other network security devices.
What options can you consider when attempting to force traffic to enter and exit your network symmetrically?
Using two different blocks of IP addresses; each IP address block is only advertised to the Internet service provider it was provided by. Network address translation is used to ensure traffic leaving a given exit will always come back into the same entry point.
How should you prevent your network from becoming a transit autonomous system if you are dual homing to the Internet?
Using AS Path filtering so that only locally originated prefixes are advertised to external peers.
What are some common reasons for splitting up a large enterprise network using BGP?
To divide the administration of the network among several different groups, to allow the network to be rebuilt one small piece at a time, to handle situations where there are a large number of routes, and very little can be done in the way of aggregation or other techniques to reduce pressure on the interior gateway protocol.
When merging two networks, should you consider using a BGP core as a permanent solution or a short-term solution?
It depends on the way the merger is being accomplished and what the desired final results are. For instance, if a larger company is taking over a smaller company and would like to leave the smaller company somewhat autonomous, a BGP core merging the two networks could be considered a permanent solution. On the other hand, if the final goal is to merge all operations, then a BGP core may be considered a temporary solution until the two networks can be merged at each point where it makes sense.
What is the primary advantage of using eBGP within the core of an enterprise network versus iBGP?
The ability to implement policies between each section of the network.
What is one of the primary advantages of using iBGP to build a BGP core within an enterprise network?
It's much easier to load share across iBGP connections than eBGP connections.
What is the primary reason a BGP core will still need to run an IGP?
To provide next hop reachability information for BGP.
What are the three primary ways of originating routes into BGP?
Redistribution, aggregation, and reorigination.
What is one important consideration to consider when using two points of mutual redistribution between two routing protocols?
Filtering or some other technique should be used to prevent routing loops from forming between the routing domains.
Why do iBGP peers only advertise routes learned from other iBGP peers to eBGP peers?
To prevent routing loops; BGP relies on the AS Path to prevent routing and forwarding loops, and the AS Path does not change within an autonomous system.
In a network with 100 iBGP peers, fully meshed, with a single peer receiving 1000 routes from an eBGP peer, how many routes would each iBGP peer receive and store?
100 peers × 1000 routes, so each peer would receive and store 100,000 routes. Each iBGP speaker would only use 1000 of these routes, however, since there are actually only 1000 reachable destinations, or prefixes.
If a route reflector receives a route from a nonclient peer, which peers would the route be reflected to?
The route would be reflected to all client peers.
If a route reflector receives a route from a client peer, which peers would the route be reflected to?
The route would be reflected to all nonclient and client peers.
What is the Cluster ID?
A 32-bit number that uniquely identifies a route reflector (or a route reflector cluster). It is generally the router ID of the route reflector.
What is the Cluster List?
The list of the route reflector clusters a route has passed through, expressed as a set of Cluster IDs.
What does the Cluster List provide?
Information about the path a route update has traversed within the autonomous system, to prevent routing and forwarding loops when using route reflectors.
Why should no other attributes be modified when a route reflector reflects a route?
To prevent routing or forwarding loops between route reflector clusters. This is especially true of the next hop attribute.
How can we resolve issues with route reflectors being a single point of failure?
By setting up redundant route reflector clusters, with matching sets of clients.
What is the primary disadvantage to consider when configuring each route reflector in a pair of redundant route reflectors with different Cluster IDs?
Each route reflected from each reflector will be considered a different route; each one will be stored and processed separately, undoing some of the savings gained by using route reflectors.
What is the primary disadvantage to consider when configuring each route reflector in a pair of redundant route reflectors with the same Cluster ID?
It's possible to lose reachability to specific destinations in certain failure modes, even though physical reachability still exists.
Why is it important to match the physical and logical topologies when using route reflectors?
To prevent routing or forwarding loops from forming within the route reflector cluster.
What does a group of autonomous systems organized as a confederation appear as to routers outside the confederation?
A single autonomous system.
What is the AS Confederation Sequence used for?
The AS Confederation Sequence is used as an AS Path within a confederation, to prevent loops between autonomous systems within a single confederation. The AS Confederation Sequence is not transmitted outside the confederation boundaries.
How should you judge the performance of BGP in your network?
You need to judge the performance of BGP in your network within the context of the network itself. You should baseline the current performance rather than assuming some absolute baseline.
What inefficiency does grouping peers by outbound policy overcome?
The cost of copying information from one place in a computer's memory to another place in a computer's memory.
What provides configuration grouping for outbound BGP policy without impacting BGP performance?
What provides BGP performance by grouping peers with similar outbound policies without impacting peer configuration?
How are BGP updates packed?
All the prefixes with a common set of attributes are packed into the same update.
Which timer paces how often a BGP speaker will attempt to reconnect to a peer?
The connect retry timer.
Which timer paces how often a BGP speaker will originate a route?
The minimum origination interval.
What is the minimum route advertisement interval supposed to suppress?
Rapid changes in the network from passing throughout the entire network, and causing the network to fail to converge.
What property of the Transport Control Protocol does the input queue size of an interface interact with to impact BGP convergence times?
TCP slow start; each time an acknowledgment is dropped due to an input queue overflow, the TCP session will revert to a very small window, slowing data transfer across the link and causing BGP top converge more slowly.
What routes would you differentiate between using Local Preference?
Service providers often differentiate between routes learned from customers and peers and those originated within their own networks using Local Preference.
What is the MED value often derived from when a route is advertised to another autonomous system?
The interior gateway protocol's cost to reach the next hop (the exit point from the local autonomous system).
What application of Communities is described in RFC 1998?
Directing the receiving autonomous system to set their Local Preference to a value that either prefers or does not prefer the received route. This can be useful in controlling inbound traffic flow when an autonomous system is connected to two different upstream service providers.
What mechanism is should be used to determine commonly accepted prefix lengths when peering to routers connected to the Internet?
Greater than /8 and less than /24.
What problems can filtering based on the address allocation tables provided by the Internet Registries cause?
If a dual-homed autonomous system loses the link through the upstream service provider that assigned its addresses, it will lose connectivity with all networks not directly attached to the other service providers' network.
Which RFC describes private address space that cannot be routed to or advertised on the Internet?
Beyond private address space, what other address spaces should be filtered at the edge of an autonomous system?
Multicast addresses (188.8.131.52/5) and unallocated address space.
How does outbound route filtering reduce the number of prefixes advertised between two peers?
By allowing one BGP speaker to tell its peer it will not accept a certain set of routes (based on the AS Path or the prefix itself) so the sender can filter them out before transmitting them.
What capability does the cost community add to BGP?
The ability to customize the BGP decision process by inserting an administratively defined cost at any point.
What capability does the redistribution community add to BGP?
The ability to control redistribution at a peering point outside your local autonomous system.
Where is the redistribution community most useful for implementing policy?
In an internetwork where the immediate surrounding connectivity is well known and the redistribution community can be used to influence traffic flow in to the local autonomous system.
What capability does the No Peer community add to BGP?
The ability to determine which of your peer's peers a given prefix will be advertised to, allowing the local autonomous system to limit the ability of remote autonomous systems to transit their traffic.
What capability does iBGP multipath load sharing add to BGP?
Normally BGP implementations only choose one path to install in the local routing table, which means the router will only forward traffic along one path. If more than one path equal cost path is available, iBGP multipath allows a number of available paths (depending on the implementation) to be installed in the local routing table and traffic to be load shared across them.
What capability does the DMZ Link Bandwidth community add to BGP?
The ability to load share over multiple unequal cost exit points, in proportion to the bandwidths of those exit points.
In what situations can BGP graceful restart be used to minimize the impact of a control plane restart on the network?
When the data and control plane are separated on the restarting router and the surrounding routers can support the signaling required for the restarting router to recover its routing information.
What new signaling methods are added to BGP to support graceful restart?
A new capability signaling the ability of the BGP speaker to support graceful restart, a graceful restart bit in BGP messages, and an end of RIB marker to indicate the completion of the routing information being transmitted by a peer.
What two important issues do we need to consider when deploying BGP graceful restart?
That the BGP speakers peered with the speaker we are deploying graceful restart on can support graceful restart signaling, and that the interior gateway protocol through which the next hops are being learned can support graceful restart as well.
Why would we want an interior gateway protocol to wait on BGP to converge before allowing its peers to route through the local router?
To prevent traffic from being dropped while BGP is converging.
What problem within the Internet does inbound route summarization solve?
The growth of the Internet routing table due to dual-homed autonomous systems requiring unaggregated address space.
With most BGP implementations, what is the source address of the TCP packets sent to a peer? How can this cause a problem for eBGP sessions built between nonconnected interfaces?
The source address of the TCP packets transmitted to a peer is normally the IP address of the interface used to reach the peer's address (the destination address of the packets). This can cause problems for a pair of eBGP peers communicating over nondirectly connected addresses because it can mean the expected source of the packets doesn't match the real source of the packets.
How many IP hops does BGP normally assume will be between two eBGP peers? How is this condition normally checked within BGP implementations?
The BGP specification states that there will only be one IP hop between two eBGP peers; BGP implementations normally check this by making certain the peer's IP address is on the same subnet as the local peering IP address and by setting the time to live on all packets sent to an eBGP peer to 1, so they cannot be forwarded beyond directly connected interfaces. Most implementations allow these two checks to be overridden, allowing eBGP peers to be formed over multihop sessions.
Which open parameters can cause a BGP session to fail?
The BGP version number, the autonomous system number, the hold time, and the route identifier.
What three common problems can cause a peering session to flap between two BGP speakers?
Traffic shaping, rate limiting, and other forms of quality of service configured between two peers that are not configured in such a way to account for BGP traffic and maximum transmission unit mismatches.
What problem is synchronization between BGP and interior gateway protocol learned routes supposed to prevent? What methods are used to prevent these problems from occurring without synchronization being enabled?
Synchronization between the interior and interior BGP protocol tables prevents routing black holes, where traffic is discarded in the center of a network by a router with less than full routing tables. Synchronization isn't normally used any longer, because interior gateway protocols are not designed to handle efficiently the number of routes carried within BGP. Instead of using synchronization, a full mesh of BGP is maintained between all the routers over which the traffic could pass when transiting the network.
BGP speakers do not normally change the next hop when readvertising a route learned from an external peer to an internal peer. How can this cause routes to be missing from a BGP speaker's tables?
If a BGP speaker receives a route with a next hop outside the autonomous system doesn't have a route to that next hop, it will consider this route as unreachable.
When is the multiple exit discriminator compared between two routes?
Only when the autonomous systems the two routes were learned from are the same.
Can the multiple exit discriminator comparison rules cause issues with route selection process?
It can cause the path chosen to forward traffic along to be chosen in a different way at different times, causing inconsistent routing through an autonomous system. This inconsistent routing can lead to route churn in some situations.
What rules can you follow in network design with regard to the interior gateway protocol metric between route reflectors to prevent persistent route churn?
You can prevent persistent oscillation with route reflectors by adjusting the interior gateway protocol metrics so the cost between the route reflectors is always higher than the cost of reaching any edge from the route reflectors.
What problems are solved by the BGP/MPLS-based approach that other peer-to-peer models don't?
In an MPLS/BGP VPN-based model, the service provider can take on some of the management of the customer's network connectivity while allowing the customer to manage their own address space and separating the customer's traffic and routes. Other VPN options either require the customer to build the entire network out, treating the VPNs as a simple layer 2 connection (like a circuit), or require the service provider to manage the customer's network address space as well.
What is the difference between a route distinguisher and a route target?
A route distinguisher distinguishes two routes with the same prefix that are within two different VPNs. A route target indicates which local routing tables a given prefix should be installed into.
Is it possible to send prefixes that belong to multiple with the same set of attributes? How?
By using different route distinguishers.
Is BGP required in the core of the MPLS networks? If not, how is reachability achieved?
No. Reachability is achieved through the use of MPLS tunnels through the core of the network, built from provider edge to provider edge.
How is partial mesh topology created in BGP/MPLS-based VPNs?
By configuring the route targets full mesh and hub and spoke topologies are combined.