Contents

Foreword

Introduction

Part I BGP Fundamentals

Chapter 1 BGP Fundamentals

Border Gateway Protocol

Autonomous System Numbers

Path Attributes

Loop Prevention

Address Families

BGP Sessions

Inter-Router Communication

BGP Messages

OPEN

Hold Time

BGP Identifier

KEEPALIVE

UPDATE

NOTIFICATION Message

BGP Neighbor States

Idle

Connect

Active

OpenSent

OpenConfirm

Established

Basic BGP Configuration

IOS

IOS XR

NX-OS

Verification of BGP Sessions

Prefix Advertisement

BGP Best-Path Calculation

Route Filtering and Manipulation

IBGP

IBGP Full Mesh Requirement

Peering via Loopback Addresses

EBGP

EBGP and IBGP Topologies

Next-Hop Manipulation

IBGP Scalability

Route Reflectors

Loop Prevention in Route Reflectors

Out-of-Band Route Reflectors

Confederations

BGP Communities

Route Summarization

Aggregate-Address

Flexible Route Suppression

Selective Prefix Suppression

Leaking Suppressed Routes

Atomic Aggregate

Route Aggregation with AS_SET

Route Aggregation with Selective Advertisement of AS-SET

Default Route Advertisement

Default Route Advertisement per Neighbor

Remove Private AS

Allow AS

LocalAS

Summary

References

Part II Common BGP Troubleshooting

Chapter 2 Generic Troubleshooting Methodologies

Identifying the Problem

Understanding Variables

Reproducing the Problem

Setting Up the Lab

Configuring Lab Devices

Triggering Events

Sniffer-Packet Capture

SPAN on Cisco IOS

SPAN on Cisco IOS XR

SPAN on Cisco NX-OS

Remote SPAN

Platform-Specific Packet Capture Tools

Netdr Capture

Embedded Packet Capture

Ethanalyzer

Logging

Event Monitoring/Tracing

Summary

Reference

Chapter 3 Troubleshooting Peering Issues

BGP Peering Down Issues

Verifying Configuration

Verifying Reachability

Find the Location and Direction of Packet Loss

Verify Whether Packets Are Being Transmitted

Use Access Control Lists to Verify Whether Packets Are Received

Check ACLs and Firewalls in Path

Verify TCP Sessions

Simulate a BGP Session

Demystifying BGP Notifications

Decode BGP Messages

Troubleshoot Blocked Process in IOS XR

Verify BGP and BPM Process State

Verify Blocked Processes

Restarting a Process

BGP Traces in IOS XR

BGP Traces in NX-OS

Debugs for BGP

Troubleshooting IPv6 Peers

Case Study—Single Session Versus Multisession

Multisession Capability

Single-Session Capability

BGP Peer Flapping Issues

Bad BGP Update

Hold Timer Expired

Interface Issues

Physical Connectivity

Physical Interface

Input Hold Queue

TCP Receive Queue

MTU Mismatch Issues

High CPU Causing Control-Plane Flaps

Control Plane Policing

CoPP on NX-OS

Local Packet Transport Services

Dynamic BGP Peering

Dynamic BGP Peer Configuration

Dynamic BGP Challenges

Misconfigured MD5 Password

Resource Issues in a Scaled Environment

TCP Starvation

Summary

References

Chapter 4 Troubleshooting Route Advertisement and BGP Policies

Troubleshooting BGP Route Advertisement

Local Route Advertisement Issues

Route Aggregation Issues

Route Redistribution Issues

BGP Tables

Receiving and Viewing Routes

Troubleshooting Missing BGP Routes

Next-Hop Check Failures

Bad Network Design

Validity Check Failure

AS-Path

Originator-ID/Cluster-ID

BGP Communities

BGP Communities: No-Advertise

BGP Communities: No-Export

BGP Communities: Local-AS (No Export SubConfed)

Mandatory EBGP Route Policy for IOS XR

Filtering of Prefixes by Route Policy

Conditional Matching

Access Control Lists (ACL)

Prefix Matching

Regular Expressions (Regex)

UnderScore _

Caret ^

Dollar Sign $

Brackets [ ]

Hyphen -

Caret in Brackets [^]

Parentheses ( ) and Pipe |

Period .

Plus Sign +

Question Mark ?

Asterisk *

Looking Glass and Route Servers

Conditionally Matching BGP Communities

Troubleshooting BGP Router Policies

IOS and NX-OS Prefix-Lists

IOS and NX-OS AS-Path ACLs

Route-Map Processing

IOS and NX-OS Route-Maps

IOS XR Route-Policy Language

Incomplete Configuration of Routing Policies

Conditional BGP Debugs

Summary

Further Reading

References in This Chapter

Chapter 5 Troubleshooting BGP Convergence

Understanding BGP Route Convergence

BGP Update Groups

BGP Update Generation

Troubleshooting Convergence Issues

Faster Detection of Failures

Jumbo MTU for Faster Convergence

Slow Convergence due to Periodic BGP Scan

Slow Convergence due to Default Route in RIB

BGP Next-Hop Tracking

Selective Next-Hop Tracking

Slow Convergence due to Advertisement Interval

Computing and Installing New Path

Troubleshooting BGP Convergence on IOS XR

Verifying Convergence During Initial Bring Up

Verifying BGP Reconvergence in Steady State Network

Troubleshooting BGP Convergence on NX-OS

BGP Slow Peer

BGP Slow Peer Symptoms

High CPU due to BGP Router Process

Traffic Black Hole and Missing Prefixes in BGP table

BGP Slow Peer Detection

Verifying OutQ value

Verifying SndWnd

Verifying Cache Size and Pending Replication Messages

Workaround

Changing Outbound Policy

Advertisement Interval

BGP Slow Peer Feature

Static Slow Peer

Dynamic Slow Peer Detection

Slow Peer Protection

Slow Peer Show Commands

Troubleshooting BGP Route Flapping

Summary

Reference

Part III BGP Scalability Issues

Chapter 6 Troubleshooting Platform Issues Due to BGP

Troubleshooting High CPU Utilization due to BGP

Troubleshooting High CPU due to BGP on Cisco IOS

High CPU due to BGP Scanner Process

High CPU due to BGP Router Process

High CPU Utilization due to BGP I/O Process

Troubleshooting High CPU due to BGP on IOS XR

Troubleshooting High CPU due to BGP on NX-OS

Capturing CPU History

Troubleshooting Sporadic High CPU Condition

Troubleshooting Memory Issues due to BGP

TCAM Memory

Troubleshooting Memory Issues on Cisco IOS Software

Troubleshooting Memory Issues on IOS XR

Troubleshooting Memory Issues on NX-OS

Restarting Process

Summary

References

Chapter 7 Scaling BGP

The Impact of Growing Internet Routing Tables

Scaling Internet Table on Various Cisco Platforms

Scaling BGP Functions

Tuning BGP Memory

Prefixes

Managing the Internet Routing Table

Paths

Attributes

Tuning BGP CPU

IOS Peer-Groups

IOS XR BGP Templates

NX-OS BGP Peer Templates

BGP Peer Templates on Cisco IOS

Soft Reconfiguration Inbound Versus Route Refresh

Dynamic Refresh Update Group

Enhanced Route Refresh Capability

Outbound Route Filtering (ORF)

Prefix-Based ORF

Extended Community–Based ORF

BGP ORF Format

BGP ORF Configuration Example

Maximum Prefixes

BGP Max AS

BGP Maximum Neighbors

Scaling BGP with Route Reflectors

BGP Route Reflector Clusters

Hierarchical Route Reflectors

Partitioned Route Reflectors

BGP Selective Route Download

Virtual Route Reflectors

BGP Diverse Path

Shadow Route Reflectors

Shadow Sessions

Route Servers

Summary

References

Chapter 8 Troubleshooting BGP Edge Architectures

BGP Multihoming and Multipath

Resiliency in Service Providers

EBGP and IBGP Multipath Configuration

EIBGP Multipath

R1

R2

R3

R4

R5

AS-Path Relax

Understanding BGP Path Selection

Routing Path Selection Longest Match

BGP Best-Path Overview

Weight

Local Preference

Locally Originated via Network or Aggregate Advertisement

Accumulated Interior Gateway Protocol (AIGP)

Shortest AS-Path

Origin Type

Multi-Exit Discriminator (MED)

EBGP over IBGP

Lowest IGP Metric

Prefer the Oldest EBGP Path

Router ID

Minimum Cluster List Length

Lowest Neighbor Address

Troubleshooting BGP Best Path

Visualizing the Topology

Phase I—Initial BGP Edge Route Processing

Phase II—BGP Edge Evaluation of Multiple Paths

Phase III—Final BGP Processing State

Path Selection for the Routing Table

Common Issues with BGP Multihoming

Transit Routing

Problems with Race Conditions

Peering on Cross-Link

Expected Behavior

Unexpected Behavior

Secondary Verification Methods of a Routing Loop

Design Enhancements

Full Mesh with IBGP

Problems with Redistributing BGP into an IGP

Summary

References

Part IV Securing BGP

Chapter 9 Securing BGP

The Need for Securing BGP

Securing BGP Sessions

Explicitly Configured Peers

IPv6 BGP Peering Using Link-Local Address

BGP Session Authentication

BGP Pass Through

EBGP-Multihop

BGP TTL Security

Filtering

Protecting BGP Traffic Using IPsec

Securing Interdomain Routing

BGP Prefix Hijacking

S-BGP

IPsec

Public Key Infrastructure

Attestations

soBGP

Entity Certificate

Authorization Certificate

Policy Certificate

BGP SECURITY Message

BGP Origin AS Validation

Route Origination Authorization (ROA)

RPKI Prefix Validation Process

Configuring and Verifying RPKI

RPKI Best-Path Calculation

BGP Remote Triggered Black-Hole Filtering

BGP Flowspec

Configuring BGP Flowspec

Summary

References

Part V Multiprotocol BGP

Chapter 10 MPLS Layer 3 VPN (L3VPN)

MPLS VPNs

MPLS Layer 3 VPN (L3VPN) Overview

Virtual Routing and Forwarding

Route Distinguisher

Route Target

Multi-Protocol BGP (MP-BGP)

Network Advertisement Between PE and CE Routers

MPLS Layer 3 VPN Configuration

VRF Creation and Association

IOS VRF Creation

IOS XR VRF Creation

NX-OS VRF Creation

Verification of VRF Settings and Connectivity

Viewing VRF Settings and Interface IP Addresses

Viewing the VRF Routing Table

VRF Connectivity Testing Tools

MPLS Forwarding

BGP Configuration for VPNv4 and PE-CE Prefixes

IOS BGP Configuration for MPLS L3VPN

IOS XR BGP Configuration for MPLS L3VPN

NX-OS BGP Configuration for MPLS L3VPN

Verification of BGP Sessions and Routes

Troubleshooting MPLS L3VPN

Default Route Advertisement Between PE-CE Routers

Problems with AS-PATH

Suboptimal Routing with VPNv4 Route Reflectors

Troubleshooting Problems with Route Targets

MPLS L3VPN Services

RT Constraints

MPLS VPN Label Exchange

MPLS Forwarding

Summary

References

Chapter 11 BGP for MPLS L2VPN Services

L2VPN Services

Terminologies

Virtual Private Wire Service

Interworking

Configuration and Verification

VPWS BGP Signaling

Configuration

Virtual Private LAN Service

Configuration

Verification

VPLS Autodiscovery Using BGP

VPLS BGP Signaling

Troubleshooting

Summary

References

Chapter 12 IPv6 BGP for Service Providers

IPv6 BGP Features and Concepts

IPv6 BGP Next-Hop

IPv6 Reachability over IPv4 Transport

IPv4 Routes over IPv6 Next-Hop

IPv6 BGP Policy Accounting

IPv6 Provider Edge Routers (6PE) over MPLS

6PE Configuration

6PE Verification and Troubleshooting

IPv6 VPN Provider Edge (6VPE)

IPv6-Aware VRF

6VPE Next-Hop

Route Target

6VPE Control Plane

6VPE Data Plane

6VPE Configuration

6VPE Control-Plane Verification

6VPE Data Plane Verification

Summary

References

Chapter 13 VxLAN BGP EVPN

Understanding VxLAN

VxLAN Packet Structure

VxLAN Gateway Types

VxLAN Overlay

VxLAN Flood-and-Learn Mechanism

Configuration and Verification

Ingress Replication

Overview of VxLAN BGP EVPN

Distributed Anycast Gateway

ARP Suppression

Integrated Route/Bridge (IRB) Modes

Asymmetric IRB

Symmetric IRB

Multi-Protocol BGP

Configuring and Verifying VxLAN BGP EVPN

Summary

References

Part VI High Availability

Chapter 14 BGP High Availability

BGP Graceful-Restart

BGP Nonstop Routing

Bidirectional Forwarding Detection

Asynchronous Mode

Asynchronous Mode with Echo Function

Configuration and Verification

Troubleshooting BFD Issues

BFD Session Not Coming Up

BFD Session Flapping

BGP Fast-External-Fallover

BGP Add-Path

BGP best-external

BGP FRR and Prefix-Independent Convergence

BGP PIC Core

BGP PIC Edge

Scenario 1—IP PE-CE Link/Node Protection on CE Side

Scenario 2—IP MPLS PE-CE Link/Node Protection for Primary/Backup

BGP Recursion Host

Summary

References

Part VII BGP: Looking Forward

Chapter 15 Enhancements in BGP

Link-State Distribution Using BGP

BGP-LS NLRI

BGP-LS Path Attributes

BGP-LS Configuration

IGP Distribution

BGP Link-State Session Initiation

BGP for Tunnel Setup

Provider Backbone Bridging: Ethernet VPN (PBB-EVPN)

EVPN NLRI and Routes

EVPN Extended Community

EVPN Configuration and Verification

Summary

References

Index

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset