www.itbase.

tv
BGP for Dummies
 www.itbase.tv
Contents

• General definitions
• BGP working principle
• BGP Attributes
 www.itbase.tv
1.1 Autonomous System - AS
• A collection of networks that is managed, supervised by an entity or a single organization, or network carrier/ISP
• Each AS is unique and defined by a number (ASN)
• ASN uses 16-bit integer, ranges from 1 – 65535, can be reserved for public or private use
• There is also 32-bit ASN for future.

GENERAL DEFINITION
ABCD
1234 16684
 www.itbase.tv
1.2 Border Gateway Protocol - BGP
• BGP is a common routing protocol to connect ASNs together, and can also be used within an ASN
• BGP uses Transmission Control Protocol (TCP) as its transport protocol, commonly TCP port 179
• We call external BGP – eBGP when connecting 2 different ASNs (or 2 different network carriers)
• We call internal BGP – iBGP when connecting small networks within the same ASN (or same carrier network)
• Routers running BGP also can be called BGP speakers, that exchange routing information between

ABCD
Vz
1234
16684
 www.itbase.tv
1.3 BGP Neighbor (or Peer)
• The neighbor (peer) means the router/device we are trying to establish BGP connection to.
• Need to manually configure point-to-point connection between two routers, not automatically formed.

ISP configure
BGP here

ABCD
Vz
1234
16684
Neighbor
Vz need to
configure BGP
as well
 www.itbase.tv
1.4 eBGP & iBGP Peering
• New routes learned from an eBGP peer are re-advertised to all iBGP and eBGP peers.

Learn new route

ABCD
Vz
1234
Learn new route 16684
 www.itbase.tv
1.4 eBGP & iBGP Peering
• New routes learned from an eBGP peer are re-advertised to all iBGP and eBGP peers.
• New routes learned from an iBGP peer are re-advertised to all eBGP peers only.
• Usually, iBGP peers inside an AS are interconnected in a full mesh with iBGP sessions.

Learn new route

ABCD
Vz
Learn new route1234
Learn new route 16684
 www.itbase.tv
1.5 eBGP & iBGP Configuration

AS: ASN1
R1 R2
iBGP
LAN1/subnet1 LAN2/subnet2

R1 Configuration# R2 Configuration#
router bgp [ASN1] router bgp [ASN1]
neighbor [LAN2] remote-as [ASN1] neighbor [LAN1] remote-as [ASN1]

AS: ASN1 AS: ASN2

eBGP R1 R2
LAN1/subnet1 LAN2/subnet2

R1 Configuration# R2 Configuration#
router bgp [ASN1] router bgp [ASN2]
neighbor [LAN2] remote-as [ASN2] neighbor [LAN1] remote-as [ASN1]
 State Process
2.1 BGP Exchange – 6 States - Quick

www.itbase.tv
2.1 BGP Exchange – 6 States - Quick
• Refuse all incoming BGP connections
Idle • Initialize/attempt a TCP handshake to peer(s)
• If error, restart process
• Awaiting TCP handshake completion:
1.IDLE
Connect + Success: move to OpenSent
+ Failure: move to Active

BGP WORKING PRINCIPLE

Attempt another handshake:
2.CONNECT 3.ACTIVE Active + Success: move to OpenSent
+ Failure: return to Idle
• Wait for an Open message from peer
4.OPENSENT
• Open message received  check its validity:
OpenSent + If no error, send keepalive message  OpenConfirm state
+ If error, notify peer about the error  Idle state
5.OPENCONFIRM
• In case TCP disconnected, move to Active
• Awaiting keepalive msg from the neighbor:
6.ESTABLISHED OpenConfirm + Msg received: BGP connection is formed  Established
+ Msg not received/has error: return to Idle
• The BGP neighbor adjacency is completed
• BGP routers will send update packets to exchange routing
Established
information
• If error, notify peer  Idle state
 Highest

www.itbase.tv
2.2 Best Path Selection
• To deal with multiple routes leading to a
same destination, BGP needs multiple
considerations (attributes) to determine
the best path among all.

• Each route has its own attribute

information.

Cisco BGP Attributes

• BGP will compare routes’ information
altogether, going from highest to lowest
attribute to select the best path.

• The best path in BGP is not necessarily the

shortest, fastest path

• Full CISCO document on attributes

Select BGP Best Path Algorithm - Cisco

Lowest
 www.itbase.tv
3.1 Weight
• Weight is a router brand-specific parameter, its use is confined to the router it is configured on.
• Therefore, weight is not exactly a standard BGP attribute
• Cisco routers have Cisco-specific weights, whose usage for Cisco routers only. The same for Huawei with PreVals, and
for other brands.
• The route/path has the highest weight is preferred.

AS 1
Scenario: After learning route “172.16.0.0“ from R1, 172.16.0.0
both R2 and R3 advertise to R4. R4 has configuration below:
R4#
router bgp 4

BGP ATTRIBUTES
neighbor 10.1.1.1 remote-as 2 R1
neighbor 10.1.1.1 weight 200

!--- The route to 172.16.0.0 from R2 has a 200 weight. AS 2 AS 3

neighbor 10.2.2.2 remote-as 3 R2 10.1.1.1 R3

10.2.2.2
neighbor 10.2.2.2 weight 100
W=200 W=100
!--- The route to 172.16.0.0 from R3 has a 100 weight. AS 4

Result: As path to 172.16.0.0 via R2 has higher weight R4

R4 will use R2 as next-hop to go
 www.itbase.tv
3.2 BGP Attribute Overview
BGP Attributes

Universally supported by all BGP speakers May not be recognized by all BGP speakers
Transitive nature by default

Well-known Optional

Must be included in every May or not be presented in Info can be passed to other peers, Must not be passed
route advertisement route advertisement from one ASN to another beyond next-hop router

Mandatory Discretionary Transitive Non-Transitive

Origin AS-path Next-hop Local Preference Aggregator Community MED

i – Internal Atomic
Originator
Aggregate
(ex: from RIP, OSPF, EIGRP?) No-Export

e – External Cluster-ID
(from another eBGP?) No-Advertise

? – Incomplete
(unknown, private source) Internet

Local-AS
 www.itbase.tv
3.2.1 BGP Attribute – AS Path

• AS Path is a collection of ASs that a path has goes through, used to detect and avoid loops.
• The shortest AS Path is more preferred.
• Example below has R1 chosen R4 as the next-hop to destination “192.0.2.0/24”, because AS path via R4 is shortest

AS 200 AS 300
3.3.3.0/30
R2 R3
.2

AS 100 .1 AS 400 AS 500

R1 .1 R4 R5
4.4.4.0/30 .2 .5 4.4.4.4/30 .6 192.0.2.0/24

R1# show ip bgp

Network Next Hop Metric LocPrf Weight Path
192.0.2.0/24 2.2.2.2 0 200 300 500 i
4.4.4.2 0 400 500 i
 www.itbase.tv
3.2.1 BGP Attribute – AS Path
• We can manipulate AS path using AS prepend method – to intentionally duplicate ASN info making the path longer.
• Thus, we can redirect R1 to choose R2 as below, by changing R4 config: R4#
router bgp 400
…
neighbor 1.1.1.1 route-map cisco out
access-list 10 permit 192.0.2.0 255.255.255.0
AS 200 route-map cisco permit 10
AS 300 match ip address 10
3.3.3.0/30
R2 set as-path prepend 400 400 400
R3 …
.2

AS 100 .1 AS 400 AS 500

R1 .1 R4 R5
4.4.4.0/30 .2 .5 4.4.4.4/30 .6 192.0.2.0/24

R1# show ip bgp

Network Next Hop Metric LocPrf Weight Path
192.0.2.0/24 2.2.2.2 0 200 300 500 i
4.4.4.2 0 400 400 400 500 i
 www.itbase.tv
3.2.1 BGP Attribute – AS Path
• We can manipulate AS path using AS prepend method – to intentionally duplicate ASN info making the path longer.
• Thus, we can redirect R1 to choose R2 as below, by changing R4 config: R4#
router bgp 400
…
neighbor 1.1.1.1 route-map cisco out
access-list 10 permit 192.0.2.0 255.255.255.0
AS 200 route-map cisco permit 10
AS 300 match ip address 10
3.3.3.0/30
R2 set as-path prepend 400 400 400
R3 …
.2

AS 100 .1 AS 400 AS 500

R1 .1 R4 R5
4.4.4.0/30 .2 .5 4.4.4.4/30 .6 192.0.2.0/24

• AS prepend is declared in the route-map as follow

route-map [routemap_name] permit [number]

set as-path prepend [custom_AS_values]

 www.itbase.tv
3.2.2 BGP Attribute – Local Preference

• Local Preference (LP) is exchanged between BGP speakers within same AS only.
• LP helps choose the best among outbound BGP paths (paths to exit from one AS to go to another AS)
• Path with highest LP is chosen.
R2#
router bgp 100
neighbor 2.2.2.2 remote-as 500
.1 neighbor 1.1.1.1 remote-as 100
AS 100 .2 bgp default local-preference 800
R2
AS 500 R3#
.1 .2 router bgp 100
neighbor 3.3.3.2 remote-as 500
R1 .2 R5 neighbor 1.1.1.5 remote-as 100
.5 bgp default local-preference 500

.6 R3 .1

• LP can be set on router as follow:

router bgp [AS_number]
bgp default local-preference [local_pref_value]
 www.itbase.tv
3.2.2 BGP Attribute – Local Preference

• Local Preference (LP) can also be set for route-maps

route-map [routemap_name] permit [number] R2#
set local-preference [local_pref_value] router bgp 100
neighbor 2.2.2.2 remote-as 500
neighbor 2.2.2.2 route-map R5_to_R2 in
neighbor 1.1.1.1 remote-as 100
.1 route-map R5_to_R2 permit 10
AS 100 .2 match ip address 192.0.2.0 255.255.255.0
R2 set local-preference 800
AS 500
.1 .2 R3#
router bgp 100
R1 .2 R5 192.0.2.0/24 neighbor 3.3.3.2 remote-as 500
.5 neighbor 3.3.3.2 route-map R5_to_R3 in
neighbor 1.1.1.5 remote-as 100
.6 R3 .1
route-map R5_to_R3 permit 10
match ip address 192.0.2.0 255.255.255.0
set local-preference 500
 www.itbase.tv
3.2.3 BGP Attribute – Metric
• Metric can also be called Multi-Exit-Discriminator (MED, for BGP v4), or INTER_AS (BGP v3).
• Metric is a hint to indicate the best inbound paths (paths that enter one AS from another AS), therefore it is mostly
exchanged between any two different AS peers.
• Path with lowest MED is chosen.
R2#
router bgp 100
neighbor 2.2.2.2 remote-as 500
neighbor 2.2.2.2 route-map R5_to_R2 in
.1
AS 100 .2 neighbor 1.1.1.1 remote-as 100
R2 route-map R5_to_R2 permit 10
AS 500 set metric 150
.1 .2
.5 R3#
R1 .2 R5 router bgp 100
neighbor 3.3.3.2 remote-as 500
neighbor 3.3.3.2 route-map R5_to_R3 in
.6 R3 .1 neighbor 1.1.1.5 remote-as 100
route-map R5_to_R3 permit 10
set metric 50
• To use MED, need to set it route-maps
route-map [routemap_name] permit [number]
set metric [MED_value]
 www.itbase.tv
3.2.3 BGP Attribute – Metric R2#
• By default, a router compares metrics that come from BGP neighbors router bgp 100
in the same AS neighbor 2.2.2.2 remote-as 500
neighbor 2.2.2.2 route-map R5_to_R2 in
=> Meaning R5 cannot compare R4 MED with R3 and R2 MED values. neighbor 1.1.1.1 remote-as 100
route-map R5_to_R2 permit 10
set metric 150

R3#
.1 router bgp 100
AS 100 .2
R2 neighbor 3.3.3.2 remote-as 500
neighbor 3.3.3.2 route-map R5_to_R3 in
AS 500
.2 neighbor 1.1.1.5 remote-as 100
.1
.5 route-map R5_to_R3 permit 10
R1 .2 .2R5 set metric 50
.9
.6 R3 .1 R4#
router bgp 300
neighbor 4.4.4.2 remote-as 500
neighbor 4.4.4.2 route-map R5_to_R4 in
AS 300 neighbor 1.1.1.9 remote-as 100

.10 R4 .1 route-map R5_to_R4 permit 10

set metric 10
 www.itbase.tv
3.2.3 BGP Attribute – Metric

Explanation: AS_PATH > MED

1. R5 check for AS_PATH first -> prefer paths to R2 & R3 instead of R4 because of having shorter AS_PATH
2. As R2 & R3 has the same AS_Path length -> R5 check the next weaker attribute which is MED
3. R3 has lower MED value -> R5 select R3 as the best path

.1
AS 100 .2 R5 go to R1 AS Path
R2
Via R2 500
AS 500
.1 .2 Via R3 500
.5 Via R4 300 500
R1 .2 .2R5
.9
.6 R3 .1

AS 300
.10 R4 .1
 www.itbase.tv
3.2.3 BGP Attribute – Metric

• We can force router to ignore comparing AS_PATH, and to compare Metric using “bgp bestpath as-path ignore”
• Then R5 can compare all MED values equally R5#
router bgp 500
neighbor 2.2.2.1 remote-as 100
neighbor 3.3.3.1 remote-as 100
neighbor 4.4.4.1 remote-as 300
.1 bgp bestpath as-path ignore
AS 100 .2
R2
AS 500
.1 .2
.5
R1 .2 .2R5
.9
.6 R3 .1

AS 300
.10 R4 .1
 www.itbase.tv
3.2.4 BGP Attribute –

• We can force router to ignore comparing AS_PATH, and to compare Metric using “bgp bestpath as-path ignore”
• Then R5 can compare all MED values equally R5#
router bgp 500
neighbor 2.2.2.1 remote-as 100
neighbor 3.3.3.1 remote-as 100
neighbor 4.4.4.1 remote-as 300
.1 bgp bestpath as-path ignore
AS 100 .2
R2
AS 500
.1 .2
.5
R1 .2 .2R5
.9
.6 R3 .1

AS 300
.10 R4 .1
 www.itbase.tv
interface GigabitEthernet0/0 interface GigabitEthernet0/0
ip address 192.168.1.2 255.255.255.0 ip address 192.168.1.1 255.255.255.0
no shutdown no shutdown

router bgp 65002 router bgp 65001

neighbor 192.168.1.1 remote-as 65001 neighbor 192.168.1.2 remote-as 65002
neighbor 192.168.1.3 remote-as 65003 neighbor 192.168.1.3 remote-as 65003
network 20.0.0.0 mask 255.255.255.0 network 10.0.0.0 mask 255.255.255.0

R2 R1 #show ip bgp summary

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
192.168.1.2 4 65002 100 90 1 0 0 00:10:23 1
192.168.2.2 4 65003 100 90 1 0 0 00:10:23 1

#show ip bgp
Network Next Hop Metric LocPrf Weight Path
* 20.0.0.0/24 192.168.1.2 0 200 0 65002 i
R3 * 30.0.0.0/24 192.168.1.3 0 100 0 65003 i

interface GigabitEthernet0/0
ip address 192.168.1.3 255.255.255.0
no shutdown

router bgp 65003

neighbor 192.168.1.1 remote-as 65001
neighbor 192.168.1.2 remote-as 65002
network 30.0.0.0 mask 255.255.255.0
 www.itbase.tv
route-map SET_MED permit 10 route-map SET_LOCAL_PREF permit 10
set metric 100 set local-preference 200

router bgp 65002 router bgp 65001

neighbor 192.168.3.2 route-map SET_MED out neighbor 192.168.1.2 route-map SET_LOCAL_PREF in

R2 R1
#show ip route
Gateway of last resort is not set

#show ip route 10.0.0.0/24 is directly connected, GigabitEthernet0/0

Gateway of last resort is not set 20.0.0.0/24 [200/0] via 192.168.1.2, 00:10:23, GigabitEthernet0/0
30.0.0.0/24 [100/0] via 192.168.2.2, 00:10:23, GigabitEthernet0/1
20.0.0.0/24 is directly connected, GigabitEthernet0/0 192.168.1.0/24 is directly connected, GigabitEthernet0/0
10.0.0.0/24 [100/0] via 192.168.1.1, 00:10:23, GigabitEthernet0/0
30.0.0.0/24 [100/100] via 192.168.3.2, 00:10:23, GigabitEthernet0/1
192.168.1.0/24 is directly connected, GigabitEthernet0/0 R3

#show ip route
Gateway of last resort is not set

30.0.0.0/24 is directly connected, GigabitEthernet0/0

10.0.0.0/24 [100/0] via 192.168.2.1, 00:10:23, GigabitEthernet0/0
20.0.0.0/24 [100/100] via 192.168.3.1, 00:10:23, GigabitEthernet0/1
192.168.2.0/24 is directly connected, GigabitEthernet0/0
 APPENDIX

APPENDIX www.itbase.tv
 www.itbase.tv
Autonomous System (AS) Usage

Number Bits Description

Reserved for RPKI unallocated space
0 16
invalidation
1–23455 16 Public ASNs
23456 16 Reserved for AS Pool Transition
23457–64495 16 Public ASNs
Reserved for use in documentation and
64496–64511 16
sample code
64512–65534 16 Reserved for private use
65535 16 Reserved
 www.itbase.tv
Network Topology Types

Network Topology Types

Full Partial
 www.itbase.tv
A TCP Handshake

A TCP Handshake
CLIENT SERVER

CLOSED CLOSED
Passive Open:
Active Open: Wait for Client
Send SYN request LISTENING
SYN
Receive SYN
Send SYN+ACK
SYN-SENT
Wait for ACK
To SYN
SYN+ACK SYN-RECEIVED

Wait for ACK

Receive SYN+ACK To SYN
Send ACK
ACK
ESTABLISHED
Receive ACK
ESTABLISHED
2.1 BGP Exchange – 6 States - Slow

www.itbase.tv
2.1 BGP Exchange – 6 States - Slow
IDLE STATE

1.1 Refuse all incoming BGP connections

1.IDLE 1.2 Initiate a TCP connection to BGP peer(s):

+ Listen a TCP connection from the peer
+ Change to Connect state
+ If any error below encountered, restart process
2.CONNECT 3.ACTIVE
• TCP port 179 is not open.
• A random TCP port over 1023 is not open.
• Peer address configured incorrectly on either router.
4.OPENSENT • AS number configured incorrectly on either router.

5.OPENCONFIRM

6.ESTABLISHED
2.1 BGP Exchange – 6 States - Slow

www.itbase.tv
2.1 BGP Exchange – 6 States - Slow
CONNECT STATE

2. Listen to TCP connection from peer:

1.IDLE If listen successful:

+ BGP does not spend much time in this state if the TCP session has been
successfully established
+ Send Open message to peer
2.CONNECT 3.ACTIVE
+ Change state to OpenSent.

If listen timeout or any error below encountered, move to Active state

4.OPENSENT • TCP port 179 is not open.
• A random TCP port over 1023 is not open.
• Peer address configured incorrectly on either router.
• AS number configured incorrectly on either router.
5.OPENCONFIRM

6.ESTABLISHED
2.1 BGP Exchange – 6 States - Slow

www.itbase.tv
2.1 BGP Exchange – 6 States - Slow
ACTIVE STATE

3. Re-attempt to make TCP connection with peer:

1.IDLE If successful:
+ Send Open message to peer
+ Change state to OpenSent.
2.CONNECT 3.ACTIVE
If listen timeout or any error below encountered, move to Idle state
• TCP port 179 is not open.
• A random TCP port over 1023 is not open.
4.OPENSENT • Peer address configured incorrectly on either router.
• AS number configured incorrectly on either router
Repeated failures may result in a router cycling between the Idle and Active
states
5.OPENCONFIRM

6.ESTABLISHED
2.1 BGP Exchange – 6 States - Slow

www.itbase.tv
2.1 BGP Exchange – 6 States - Slow
OPENSENT STATE

4. Await for Open message from peer:

1.IDLE If message is received and validated successfully:

+ Send keepalive message to peer with a set timer
+ Change state to OpenConfirm.
2.CONNECT 3.ACTIVE
If message is received but error during validation
+ Notify peer about the error (ex: BGP version mismatch, the peering router
expects a different ASN, etc.)
4.OPENSENT + Move to Idle state

If timeout (TCP disconnection), move back to Active state

5.OPENCONFIRM

6.ESTABLISHED
2.1 BGP Exchange – 6 States - Slow

www.itbase.tv
2.1 BGP Exchange – 6 States - Slow
OPENCONFIRM STATE

5. Await keepalive message from peer:

1.IDLE If message is received:

+ Change state to Established.
+ Prepare to send Update messages
2.CONNECT 3.ACTIVE
If timeout or has error during validation
+ Notify peer about the error
+ Move to Idle state
4.OPENSENT

5.OPENCONFIRM

6.ESTABLISHED
2.1 BGP Exchange – 6 States - Slow

www.itbase.tv
2.1 BGP Exchange – 6 States - Slow ESTABLISHED
6.1
+6.2
Notify
Move
Update
If error
to
peer
Idle
within
messages
about
STATE
state
Update
thewith
error
messages
peer, to exchange information about each route being advertised or received BGP working continuously

ESTABLISHED STATE

6.1 Update messages with peer, to exchange information about each route
being advertised or received  BGP working continuously
1.IDLE
6.2 If error within Update messages
+ Notify peer about the error
+ Move to Idle state
2.CONNECT 3.ACTIVE

4.OPENSENT

5.OPENCONFIRM

6.ESTABLISHED