4/14/03
CISH-6960H11 Internet Routing
CISH-6960H11 Internet Routing ß Lecture 4, March 20, 2003 ß Agenda ¸ Exterior Routing Protocols
¸ EGP, BGP ß Roger Brown <
[email protected] > ß www.rh.edu/~rhb/ipr ß (860) 548-2462
1
What Is An Autonomous System (AS) ? n
n n n
n
A Loose definition: n “A set of routers under the same administration” A minimal AS: One router directly connecting one local network to the Internet. A maximum AS: There is no theoretical limit in size. Strict definition: n All routers, LANs, and subnets within a single AS must remain connected. n Internal connectivity; internal exchange of routing information to maintain connectivity. Each AS is identified by a 16-bit “AS Number” 2
© R.H. Brown 2003
1
4/14/03
CISH-6960H11 Internet Routing
Autonomous Systems
Core Autonomous System
AS 0xA001
AS 0xA050
AS 0xA099
AS 0xA050
3
Why Autonomous Systems? n
n
A “single network” model did not scale well. n Not a good technical solution • Size of routing tables growing; Hard to manage routing software; upgrades at “flag hour” n Not a good political solution • No “gratuitous changes” - network routing became rigid and inflexible Arpanet became the core AS; all other ASs would become “Stub ASs” n Lower routing overhead n Ease network management 4
© R.H. Brown 2003
2
4/14/03
CISH-6960H11 Internet Routing
Exterior Router Protocols n n
n
n
Static Routing EGP - Exterior Gateway Protocol n first interdomain protocol, RFC 827 n Developed from 1982 to 1984 and was used until the end of the 1980’s BGP - Border Gateway Protocol n BGP is a replacement for EGP, June 1989 as RFC1105, RFC-1163 (1990) , and RFC-1267 (1991) n Current version is BGP-4 as RFC 1771-March.95 with support for Class-less Interdomain Routing (CIDR) IDRP - Interdomain Routing Protocol n modified for ISO addresses n support for IPv6 5
EGP - Exterior Gateway Protocol n n
n
First Interdomain Routing Protocol EGP exchanges messages to implement three functional procedures n Neighbor Acquisition • Do you want to be my neighbor? n Neighbor Reachability • Are You There? Can you hear me now? n Routing Information EGP is similar to a DVA (Distance Vector Algorithm), yet instead of “cost” to a destination EGP merely reports reachability, Yey or nay. 6
© R.H. Brown 2003
3
4/14/03
CISH-6960H11 Internet Routing
EGP - Neighbor Acquisition 1
Version =1
1
Type = 3
1
Code
1
Info
2
Checksum
2
AS Number
2 Seq Number
Request (Code = 0, Info = 0) Reply (Code = 1, Info = 0) Code 0 =Request Code 1 =Reply Code 2 =Refuse Code 3 =Cease Code 4 =Cease Ack Info = additional clarification
EGP Message Header 7
EGP - Neighbor Reachability n
n
Check that the link to the neighbor is still operational. n Send “hellos” at regular intervals (30 seconds is typical) n Neighbor sends “I heard you” to each “hello” Avoid oscillation use dual threshold n A reachable neighbor is declared unreachable if it receives fewer than “i” I-H-U in the last “n” Hellos n An unreachable neighbor is declared reachable if it receives “j” I-H-U in the last “m” Hellos n m ≥ n and j/m > i/n n RFC-911 suggests n = m= 4 and i =1 and j = 3 8
© R.H. Brown 2003
4
4/14/03
CISH-6960H11 Internet Routing
EGP - Neighbor Reachability 1
Version =1
1
Type = 5
1
Code
1
Status
2
Checksum
2
AS Number
2 Seq Number 1
Min Poll T
1
Reserved
2
Last Poll ID
Hello (Code = 0, Status = 0)
I Heard You (Code = 1, Status = 0) Code 0 =Hello Code 1 =I.Heard.You Status 0 =Nil Status 1 =”Reachable” Status 2 =”Unreachable, neighbor info” Status 3 =”Unreachable, network info” Status 4 =”Unreachable, interface info”
EGP Message Header 9
EGP - Network Routing Information 10
EGP Msg Header
1
# Interior G
1
# Exterior G
4
IP Source Network List of Networks Reachable from Router 1
• • •
• • • List of Networks Reachable from Router (#IG+#EG)
Router 1 IP Address, # Distances Distance D11, # Net IDs @ D11 Net ID 1 Net ID 2 Distance D12, # Net IDs @ D12 Net ID 3 Net ID 4 Router 2 IP Address, # Distances Distance D21, # Net IDs @ D21 Net ID 5 Net ID 6 Distance D22, # Net IDs @ D22 Net ID 7 Net ID 8 • • 10
© R.H. Brown 2003
5
4/14/03
CISH-6960H11 Internet Routing
Example
Source Network EGP
11
EGP - Advertising Destinations n
Advertising a network as reachable: n There is an internal path within the autonomous system towards the destination (no point in advertising an non-existent route) n And the management of the the AS agrees to relay packets on this path (exterior users can use this route)
12
© R.H. Brown 2003
6
4/14/03
CISH-6960H11 Internet Routing
The Backdoor Connection
Router A Router B
AS X Router E
Backdoor Connection
TRANSIT NETWORK
Router C
AS Y
Router F Router D
13
Computing EGP distances n n n
Internal Routing - AS management is free to select RIP, OSPF,, etc. and neighbors may or may not use the same metrics. EGP protocol uses an 8-bit metric, a value between 0 and 255. The value of 255 is used to indicate unreachable. The EGP metric is used to indicate preferred routing
Router A
Preferred Link
AS X
Router E
TRANSIT NETWORK
Router B
Backup Link
Router F
14
© R.H. Brown 2003
7
4/14/03
CISH-6960H11 Internet Routing
EGP Distances for Backdoor Connections
Router A Router B
AS X Router E
TRANSIT NETWORK
Router C
AS Y
Router F Router D
15
Routing Tables n n
n
n
An EGP router learns about exterior networks Inserts “routes” to “some” external destinations in local AS routing tables IF n Neighbor acquisition procedure succeeds n Neighbor is reachable n Neighbor has announced the destination n Local router has found no better route toward the destination If OSPF is used on the interior, then we use “external state records” qualified by the “E” bit. OSPF can use the EGP metrics offered “as is.” If RIP is used on the interior, then we must try to find a “number of hops” equivalent. A number between 1 - 14; often equal to the AS diameter. 16
© R.H. Brown 2003
8
4/14/03
CISH-6960H11 Internet Routing
EGP Quirks n
n n
n n
# of Interior Routers and # of Exterior Routers where does the routing info for interior separated from exterior EGP does not interpret any distance metrics - any distance other than 255 is okay. EGP preferred topology = a tree structure. Yet the Internet is clearly mesh connected with several core AS backbones. Hard to handle a misbehaving EGP router injecting false information. If we have 2 minute updates, it will take 8 hours to climb to infinity or break a routing loop. 17
Class-less Inter-Domain Routing CIDR n
n
Exponential Growth n Class B exhaustion - half gone by 1992 and without CIDR, all gone by 1994 n Routing Table Explosion • IP packet fragmentation • Hardware accelerated routers with fixed memory on board. CIDR n A different interpretation of an IPv4 address n IP address a.b.c.d is now known as a.b.c.d /x n /x prefix defines the network mask 18
© R.H. Brown 2003
9
4/14/03
CISH-6960H11 Internet Routing
Classless IP Addresses Prefix
Netmask
Net bits
Host bits
Hosts
Equals
/26
255.255.255.192
26
6
62
1/4 Class C
/25
255.255.255.128
25
7
126
1/2 Class C
/24
255.255.255.0
24
8
254
1 Class C
/23
255.255.254.0
23
9
510
2 Class C
/22
255.255.252.0
22
10
1022
4 Class C
/21
255.255.248.0
21
11
2046
8 Class C
/20
255.255.240.0
20
12
4094
16 Class C
/19
255.255.224.0
19
13
8190
32 Class C
/18
255.255.192.0
18
14
16382
1/4 Class B
/17
255.255.128.0
17
15
32766
1/2 Class B 19
Border Gateway Protocol (BGP) n
n
n
Developed for TCP/IP based internets. BGP uses TCP on port 179 for communications with neighbors. Standardized exterior routing protocol, RFC 1771 (1995), allows routers in different autonomous systems to cooperate in the exchange of routing information. Protocol exchanges messages to implement three function procedures n Neighbor Acquisition n Neighbor Reachability n Network Reachability
20
© R.H. Brown 2003
10
4/14/03
CISH-6960H11 Internet Routing
Neighbor Acquisition (BGP) n n
n
Neighbor = Router on the same subnetwork Neighbor Acquisition = neighboring Routers in different autonomous systems AS agree to exchange routing information on a regular basis. Open Message followed by Keepalive response
Autonomous System 1 (AS-1)
AS-2 21
The Path Vector Concept n n
n
EGP = the big metric distance vector algorithm with problems for mesh networks and loop avoidance. IDPR (Inter-domain Policy Routing) is an exterior routing protocol based on link state technology. n Many link state updates, 700 AS in 1994 n Needed some help with source routing options An important innovation for BGP n Introduce the concept of a “Path Vector” n The concept enables loop prevention for complex topologies.
22
© R.H. Brown 2003
11
4/14/03
CISH-6960H11 Internet Routing
Announce Path Vectors n
n
n
Routing Updates will carry the full list of transit networks or AS numbers traversed from source to destination. Loop-protection algorithm is simple. n Check that your own AS number is not in the path update. Discard if it is. n If you advertise a route, add your AS to the path. Drawback is the size increase of the updates. n RFC-1774 offers estimates of routing table sizes n Number of routes=100,000, Mean AS-AS distance = 20 and Number of ASs = 3000 will need approx 520,000 bytes
23
Path Vectors and Route Aggregation n
n
n
Given Network Provider T and Clients X and Y n Path1: through “AS=T” reaches 197.8.0/23 n Path2: through “AS=T, X” reaches 197.8.2/24 n Path3: through “AS=T, Y” reaches 197.8.3/24 Can we aggregate? n Path1: through “AS=T, X, Y” reaches 197.8.0/22 n Implies three hops to Y (but is not true) Introduce Sequences and Sets n Path1: Sequence (T), Set ( X, Y) reaches 197.8.0/22 n The # ASs in sequence estimates length n Don’t use if your AS is in the Sequence or Set. 24
© R.H. Brown 2003
12
4/14/03
CISH-6960H11 Internet Routing
Path Attributes n
n n n n
BGP-4 handles paths between autonomous systems described by a set of attributes n List of traversed AS n List of reachable networks n Other attributes help select best path. Optional O=1 Transitive T=1 or local T=0 Partial P =1 or complete P=0 Encoded length is 1 octet E=0 or 2 octet E=1 Octet 1 = Flags O T
P
E
Octet 2 = Type
Reserved
Attr. Type Code 25
Path Attributes Attribute
Type
Flags
Value
ORIGIN
1
Well known
IGP(0), EGP(1) or other (2)
AS_PATH
2
Well known
ASs in the Path
NEXT_HOP
3
Well known
Address of next router
Multi_Exit_ Disc
4
Opt, local
32 bit metric
Local_Pref
5
Well known
32 bit metric
Atomic_ Aggregator
6
Well known
0
Aggregator
7
Opt. Transitive
AS number and Router ID
26
© R.H. Brown 2003
13
4/14/03
CISH-6960H11 Internet Routing
BGP Uses TCP n
n
Reliable Transport Protocol n Delegate all error control to TCP n TCP sensitivity to network congestion n Request TCP to mark IP packets as “internetwork control” BGP uses incremental updates.
BGP-4 TCP/UDP IP Link
27
Border Gateway Protocol (BGP-4) RFC 1771 BGP-4 Message Open
Definition Open a Neighbor Relationship with another Router
Update
(1) Transmit information about a single route, or (2) List multiple routes to be withdrawn
Keepalive
(1) Acknowledge an Open Message, or (2) Periodically confirm neighbor relationship
Notification Notify error condition detected 28
© R.H. Brown 2003
14
4/14/03
CISH-6960H11 Internet Routing
BGP Message Formats Marker
Open Message
Length Type Version
Keepalive
MyAutoSystem HoldTime BGP-ID
Marker
Opt. Parameter Length
Length
Optional Parameters
Type 29
BGP Message Fields n n n n n n n n
Marker - 16 bytes Reserved for Authentication Length - Length of message in octets Type - Message type (Open, Keepalive, Update, Notification) Version - BGP Protocol Version (v4) My AS - AS Identification of sender HoldTime - Proposed Hold Time value BGP ID - IP address of BGP Sender OPL - Optional Parameter field length
30
© R.H. Brown 2003
15
4/14/03
CISH-6960H11 Internet Routing
BGP Update Message n n
Describes the route (path) from this BGP router (speaker) to destination BGP Common Includes path attributes Header n Origin Withdrawn n AS Path Routes Length n Next Hop Withdrawn Routes n Multi_Exit_Disc Path Attributes n Local_Pref Length n Atomic_Aggregate Path Attributes n Aggregator Network Layer Reachibility Information 31
BGP Update Message Marker ( 16 bytes ) Length ( 2 bytes )
Type=2
Unfeasible Length = 7
/16
129
5
/22
199
10
64
Path Attributes Length =
Flags
Next_Hop
Attribute Length=4
101
10
20
Flags
AS_path
Attribute Length=4
AS1
AS1
AS2
AS2
/24
152
12
44
/24
152
12
54
251
32
© R.H. Brown 2003
16
4/14/03
CISH-6960H11 Internet Routing
BGP Routing Information Exchange n
n
R1 updates R5 about AS1 n AS_Path = AS1 n Next_Hop = IP adr of R1 n NLRI= a list of Subnetworks in AS1 R5 updates R9 about AS1 n AS_Path= {AS2, AS1} n Next_Hop= IP adr of R5 n NLRI= list of subnetworks in AS1
R1
R5
R9
33
BGP Notification Message n
Detected Error messages n Message Header n Open Message n Update Message n Hold Timer Expired n Finite State Machine n Cease
Marker Length Type Error Code Error Subcode
Data
34
© R.H. Brown 2003
17
4/14/03
CISH-6960H11 Internet Routing
Securing BGP Over a TCP Connection n n n
Marker = Trivial Authentication TCP over Secure IP or IPsec TCP MD5 Signature Option as detailed in RFC-2385
IP Header ( 20 Bytes) TCP “Fixed” Header (20 Bytes) TCP Options, Includes MD5 Checksum TCP Payload (BGP packet)
35
BGP Policy Based Architecture n
n
Policies are not directly encoded within the protocol n Based on Path Attributes and configured constraints. Possible Criteria for path preference n AS count n Policy considerations n Presence/absence of a certain AS or ASs in the path description n Path origin - learned from BGP or not n Internal or external path
36
© R.H. Brown 2003
18
4/14/03
CISH-6960H11 Internet Routing
BGP Routing Capabilities
Input Decision Policy Process Engine
BGP Table
Routes Used by Router
Output Policy Engine
| Routing Table 37
IDRP - Inter Domain Routing Protocol n n n n n
Initially started to convert BGP to ISO Address format rather than IP. Path Attributes include cost to destination, four possible metrics Formed “Confederations” = a group of routing domains. Unique Identifiers for Routing Domains and Confederations Nested, Disjoint and overlapping Confederations possible
38
© R.H. Brown 2003
19