Policy Based BGP Routing Protocol

D.R. Subasinghe, Student ID 0899558

Abstract--This report explains what the Border 1. Distance Vector Protocols ( RIP, IGRP)
Gateway Protocol is and what are the characteristics and 2. Link State Protocols (OSPF, IS-IS)
functionality of it. The report describes the difference of
internal and external BGP and also looks into BGP
attributes, MED and Local Preference in detail and use Fig. 2: Example of IGP running in an AS.
of route maps in BGP. Autonomous System

I. INTRODUCTION
OSPF
Routing protocols can be basically identified in two

F
OSP
categories. The first one, Interior gateway protocols are used
in networks inside an enterprise. OSPF, EIGRP, RIPv1 and

OS
OSP

PF
RIPv2 are examples for EGPs. The other category, which is
Exterior Gateway Protocols are used between the
autonomous systems, usually between customer AS and
internet service provider (ISP). Border Gateway Protocol OSPF

(BGP) and External Gateway Protocol (EGP).

BGP is an exterior gateway protocol, which was first
developed in 1989 as BGP1. The most recent version of
BGP is BGP4 was implemented in 1994 and is used as the B. Exterior Gateway Protocols (EGPs)
core routing protocol in internet. BGP4 was first ratified in These protocols are used to route data between
[4][10]
RFC 1771 and current RFC for BGP4 is RFC 4271. autonomous systems. EGPs handle routing from the local
BGP is identified as a policy based routing protocol. The network through the ISP to another network or autonomous
reason for that is BGP can route data in a customized system. EGPs are commonly used in an enterprise which has
manner. BGP can be fine-tuned with number of attribute and more than one connecting to one or more ISPs.
with these customizable attribute, network administrators Border gateway protocol and external gateway protocol
can affect the IP routing protocol decisions of find the best [1] [3]
are examples for EGPs.
path between the source and destination and routing or
forwarding data.
Fig 2: Running BGP as EGP between autonomous systems.
Even though the BGP is used between autonomous
systems, it is also used inside the enterprise network. The Autonomous System 2
BGP running inside the AS is called internal BGP or IBGP. Autonomous System 1
F

But IBGP is not replacing the IGPs running in the network

OSP

OSPF
F

[4][10]
F
OSP

such as OSPF or EIGRP.

OSP

OSPF
OS
P F
F

OS
OSP

FP

II. EXTERIOR GATEWAY PROTOCOLS VS. INTERNAL OSPF

GATEWAY PROTOCOLS OSPF

P
BG
BG
P

A. Interior Gateway Protocols (IGPs)

Interior gateway protocols are responsible for the
BGP

handling of routing inside an autonomous system. It takes Autonomous System 3

cares of the finding best paths between routers within an

F
OSP

enterprise. IGPs use unique routing policy to forward data OSPF

F

within the AS. IGPs can be divided in to two different

OSP

OS
FP

categories.
OSPF

OSPF
 III. POLICY BASED ROUTING
Table 1
Policy based routing is a technique which can be used to
affect the IP routing protocol decisions of routing or
forwarding data packets by applying policies defined by the
network administrator .
In policy based routing, the data packets are forward
Cisco Routers use routing maps to implement policy based
routing. Route maps are complex technique to control access
and routing seditions like Access Control Lists, but are more
powerful than ACLs. Route maps can alter the route of a
packet and also able to modify the packet. They are
sometimes used with complex access control lists to test any The RFC 1771 defines the support for Classless Inter-
[4]
condition in route map. Domain Routing (CIDR). The BGP4 which is used in the
date was ratified in RFC 4271.
A. How Route Maps Works? Unlike other routing protocols like EIGRP or OSPF, BGP
runs top of the transmission control protocol (TCP) using
Route maps work in manner of ‘if - then' statement in
port 179. It uses the TCP for the reliability of the
computer programming language. They use match set
transmission and many other connection setup and
statement to do a similar task of if then statement. When data
maintenance features. The other routing protocols have their
packets pass through the route map, it checks each match
own layer 4 protocols with own reliability mechanisms.
command to find that packet meets the set statement. If it [4][10]
matches, packet processes according to the configuration.
Route maps operate in first match method as in ACLs.
For an example, consider following route map. A. External BGP (EBGP)
BGP is implemented between autonomous systems, in
Route-map EXAMPLE permit 10 most of the times, between customer AS and the ISP AS.
Match ip address 1 The Figure XX shows the most common implementation of
Set local-preference 150 BGP. The neighbor relationships between two BGP routers
in two autonomous systems are called external peers.
In this example, route map checks IP address of the data
packet whether it matches with the ACL 1. If ACL 1 is Fig 3: External BGP Peers
configured to process that IP address, route map set local-
preference of the packet to 150, which change the exit path
of a BGP autonomous system. (Local-preference and BGP
[3]
autonomous systems are explained in this document later)

IV. `BORDER GATEWAY PROTOCOL P

BG

BGP is the core protocol run on internet. As the internet

grow in size and the number of autonomous systems is BGP
increased, the older External gateway Protocol (EGP) has
become problematic. This led to the development of a new
external routing protocol which can be used to address these
issues. The new protocol was first ratified in RFC 1105 and
called Border Gateway Protocol or BGP. The initial BGP B. Internal BGP (IBGP)
was continued with modifications and the current BGP When BGP implemented within an AS, it is called
version 4, also known as BGP4 was ratified in RFC 1771 in internal BGP or IBGP. The two connected BGP routers
1995. The table 1 shows the development of BGP versions which are in same AS are called internal peers.
[10]
with time.
 The best way to provide redundant connection to internet
Fig 4: Internal BGP Peers is multi-homing with two or more ISPs because if one ISP
Autonomous System [5]
fails, the organization still have internet via the other ISP.

Internal R2
Peers Running BGP
VI. BGP ATTRIBUTES

Internal
Peers BGP metric is not as simple as the metrics of OSPF, RIP
R1
or EIGRP. In OSPF, it uses cost as the metric to find the best
Running BGP path to the destination. For Rip, the metric is hop-count and
R4 for EIGRP, the metric is composite and consists of five
Running BGP
components. But in BGP, there are number of attributes
R3 which are used by BGP to choose the best path to destination
AS.
In above figure, R1, R2 and R4 running BGP and all BGP attributes are basically fall in to following
routers are within a single autonomous system. Unlike other categories.
routing protocol neighbors such as OSPF or EIGRP, BGP
peers don’t need to be directly connected. R1 and R2 are A. Well-known Attributes and Optional Attributes
directly connected and are internal peers and R1 and R4 are
also internal peers even though they are not directly Well-known attributes are supported by every device
[4][10] vendors which provide BGP functionality. Optional
connected and R3 is not running BGP.
attributes may not be supported by every device vendor.

V. BGP IN MULTIHOME ENVIRONMENT B. Mandatory Attributes and Discretionary Attributes

When an autonomous system has more than one Mandatory attributes must be presented in every BGP
connection to the internet or service provider(s), it is called update. Every BGP route has these attributes.
multihoming. BGP implementation is beneficial when an Discretionary attributes are not necessarily being in every
organization has more than one connection to the internet. update.
The figure xx and xx shows two example of multihoming.
C. Transitive Attributes and Non-Transitive Attributes
Fig 5: Multi-homing with two ISPs
Transitive attributes travel from router to router or
AS to AS. Non-transitive attributes may not travel
from AS to AS.

BGP has 11 attributes which can be used to find the best

path around the network.

0. Consider only (synchronized) routes with

no AS Loop and a valid next hop
1. Prefer the path with the highest Weight
Fig 6: Multi-homing with a single ISP
2. Prefer the path with the highest Local
Preference
3. Prefer the path that was locally originated
via network command
4. Prefer the path with the shortest AS Path
5. Prefer the path with the lowest Origin Code
6. Prefer the path with the lowest Multi-Exit
Discriminator (MED)
7. Prefer EBGP over IBGP paths
8. Prefer the path with the lowest IGP Metric
to the BGP Next Hop
 9. When both paths are external, prefer the VII. BGP LOCAL PREFERENCE ATTRIBUTE
path that was received first
10. Prefer the route that comes from the BGP Local Preference is a well-known discretionary attribute
which processed inside the autonomous system and is only
router with the Lowest Router ID
used in IBGP. The local preference attribute is distributed to
11. Prefer the path comes from the lowest the entire router in the particular AS rather than being local
Neighbour Address to the router like weight attributes. The purpose of local
preference attribute is to find the preferable path to exit from
[6]
the autonomous system. Refer the figure 8.
These set of attributes makes BGP special. Because with
these attributes, network administrators can affect the route Fig 8:
selection decisions between source AS and destination
Autonomous systems. In these attributes, nubber0 is the
condition which any route must fulfill before it process any
further. If a route passes that condition, then they will be
[6][7][10][4]
checked for each attribute.
AS 65100
Fig 7:

R1

AS 65100 R3
R2

R1

R3 To reach AS 65104, AS 65100 can choose between two

R2 paths. One is via R1 and the other path is via R2. The
default local preference value for Cisco routers is 100.
According to the list, if network administrator does not
For an example, in figure 7, if there are two routes to the change the weight and local preference attributes, the first
destination AS65104 from source AS6510. Consider both of attribute which breaks the tie is shortest AS path. In this
them pass the condition 0, and then they will be processed example, the shortest path to AS 65104 is via R2 and AS
further to determine the best route. If all attributes are in 65101. But if the network administrator wants to direct
their defaults values, they stay tie up to fourth attribute. traffic to AS 65104 via the other rote (R1  AS 65102  AS
Fourth attribute is the first tie breaker in default BGP 65103  AS 65104) for some reason such as the link
configuration in most autonomous systems. Because in bandwidth or huge traffic congestion in the ling via R2, the
internet, which a large collection of autonomous systems and network administrator can change the local preference vale
paths, it is practically impossible to have same AS path for to break the tie and direct outbound traffic via R1. Network
[6][7]
both routes. In this figure, the route via R1 has higher AS administer configure R1 and R2 as follows.
path since it has to go through AS65102 and AS65103 to
reach AS65104, while the route via R2 only has to go R1(config)#router bgp 65100
through AS65101. Since BGP chooses the route via R2 as R1(config-router)# R2(config-router)#neighbor
the best path to AS65104. <neighbor_interfae_IP> route-map <Route-map_name>
The fourth attribute is the first tie breaker of the BGP in
attribute list in default BGP attribute values. In this way, R1(config)# route-map <route-map_name> permit
routes are checked against the attributes until either one is <instance_id>
chosen as the best route or reach to the last attribute. Last R1(config-route-map)#set local-preference 200
attribute breaks the tie in any situation, because more than
one router interface in internet cannot have same IP address. R2(config)#router bgp 65100
Therefore attribute 11 breaks the tie and chose the best path. R2(config-router)# R2(config-router)#neighbor
The important fact of BGP is network administrators can <neighbor_interfae_IP> route-map <Route-map_name>
modify most of the attributes and make routing decision in
[6][7][ R2(config)# route-map <route-map_name> permit
making process customizable. .
<instance_id>
 R2(config-route-map)#set local-preference 150
As the lower MED is preferred over higher MED values,
In this example, the local preference has set to 200 via R1 the DS3 link is configured with MED value of 50 and the T1
and 150 via R2. BGP prefer the path with highest local link is configured with MED value 100. When BGP try to
preference and the traffic outbound will choose the route via find the best path and all other attributes in the list before
R1 router. MED are tie, it choose the path with MED value 50 for
traffic.

VIII. BGP MULTI-EXIT DISCRIMINATOR (MED)

IX. HOW BGP USE ROUTE MAPS FOR POLICY BASED
Multi-Exit Discriminator or MED is an optional non- ROUTING?
transitive attribute in BGP best path selection. It is also
called external exit of a route. This attribute allows a BGP BGP use route maps to achieve policy based routing in
speaker to inform the adjacent AS the best route to enter to multi-autonomous system environment such as internet. It
the local autonomous system. MED is only used between uses match and set commands to change BGP attributes in
directly connected Autonomous system and not passes to order to alter thee routing decision of a data packet. It uses
other Autonomous systems. For explain how MED works, match command to specify the attribute value which checks
consider the figure 9. whether the route matches the route map. If it matches, set
command is used to modify specific attribute or attributes of
[6][8]
Fig 9: route which matches all match statements.
AS 65100
BGP route maps can be applied in following routes.

 Inbound routes
R3  Outbound Routes
R4  Distributed Routes

R1 BGP route map command format

R2

route-map map-tag [[permit | deny] | [sequence-number]]

Where map-tag is the name of the route map and

In the example, the customer AS 65101 is connected to sequence-number is the position of that route-map instance
ISP (AS 65100) via two routes. The link between R1 and R2 in relation to other instances of the same route-map.
is T1 link while the link between R1 and R3 is T4 (DS3) Consider the following example.
link. The network administrator wants to configure the ISP
and client traffic to use the faster DS3 link. The following route-map EXAMPLEMAP permit 10
configurations are done on R2 and R3.
[6][9][7] match <condition>
set <attribute-value>
router-map EXAMPLEMAP permit 20
R2(config)#router bgp 65100
R2(config-router)#neighbor <neighbor_interfae_IP> match <condition>
set <attribute>
route-map <Route-map_name> out
R2(config-router)#exit
R2(config)#route-map <route-map_name> permit In this example, the instance 10 is applied to the routing
updates first. If the condition is not matched, then it goes to
<instance_id>
R2(config-route-map)#set metric 50 instance 20 and so on until a match found.

Following example show how to use route-maps by BGP

R3(config)#router bgp 65100
R3(config-router)#neighbor to change Local-Preference attribute of a routing update.
<neighbor_directly_connected_interfae_IP> route-map
<Route-map_name> out
R3(config-router)#exit
R3(config)#route-map <route-map_name> permit
<instance_id>
R3(config-route-map)#set metric 100
 Fig 10: command is placed before set command with access list
number.

X. CONCLUSION

As describe in this report, BGP can be considered as one

AS 65100
of the most configurable, or perhaps, the most customizable
routing protocol available in current networking
environments. Although BGP is much more slower than
R1 other internal routing protocol when it comes to converging,
it is the mechanism which handles entire internetwork,
which is functioning really fast. The reliability and
R3
functionality of internetwork is on BGP routing protocol.
R2 Therefore I conclude it is vital for a network administrator
who wants to be expert in routing to know BGP concepts
Consider the traffic from AS65100 wants to reach the and how to configure BGP.
external autonomous systems.. There are two paths to exit
traffic from AS65100, one via router R1 and the other via REFERENCES
router R2. If BGP attributes are unchanged and use defaults,
the path taken to exit traffic depends on the shortest AS Path [1] "Cisco-BGP Best Path Selection Algorithm," 2001.
attribute value to destination. For example, to reach [Online]. Available:
AS65104, the lowest AS Path is via R2. But Network http://docstore.mik.ua/cisco/pdf/routing/BGP%20Best%20P
administrator wants to use the link via R1 instead of R2 for ath%20Selection%20Criteria.pdf. [Accessed: May. 12,
all outgoing traffic and use the route via R2 for incoming 2010].
traffic only.. To do that, route maps can be used. Consider
[8] [2] "BGP Best Path Selection Algorithm," May. 13, 2006.
the following route-maps.
[Online]. Available:
R1(config)#router bgp 65100 http://www.cisco.com/en/US/tech/tk365/technologies_tech_
R1(config-router)#neighbor <neighbor_IP_ note09186a0080094431.shtml. [Accessed: May. 23, 2010].
_of_AS65102> remote as 65102
R1#neighbor <neighbor_IP_ _of_AS65102> route-map [3]"Policy Base Routing," [Online]. Available:
SETLOCALPREF in http://www.cisco.com/en/US/products/ps6599/products_whi
R1#exit te_paper09186a00800a4409.shtml. [Accessed: May. 13,
R1(config)#route-map R1SETLOCALPREF permit 10 2010].
R1(config-route-map)#set local-preference 200
[4] C.M. Kozierok, "BGP Autonomous System Types,
R2(config)#router bgp 65100 Traffic Flows and Routing Policies," Sep. 20, 2005.
R2(config-router)#neighbor <neighbor_IP_ [Online]. Available:
_of_AS65101> remote as 65102 http://www.tcpipguide.com/free/t_BGPAutonomousSystem
R2#neighbor <neighbor_IP_ _of_AS65102> route-map TypesTrafficFlowsandRoutingPoli.htm. [Accessed: May. 15,
R2SETLOCALPREF in 2010].
R2#exit
R2(config)#route-map SETLOCALPREF permit 10 [5] AAPT Limited, "Frequently Asked Questions on
R2(config-route-map)#match Multi-Homing and BGP," [Online]. Available:
R2(config-route-map)#set local-preference 150 http://info.connect.com.au/docs/routing/general/multi-
faq.shtml. [Accessed: May. 20, 2010].
These route maps set R1 router local preference for
outbound traffic to 200, which is higher than local [6]D. Bombal, "BGP Local Preference and MED," 2009.
preference value of R2 which is 150. Then all outbound [Online]. Available: http://www.configureterminal.com/free-
traffic chooses the route via R1 for the outgoing traffic. cisco-tests-ebooks-exams-ccna-ccent-ccnp-ccie-ccvp-
Route-maps with BGP can be used to accomplish much ccip/free-bgp-ebppls-tests-exams-/63-bgp-local-preference-
more complex requirements than this example. They can be med-ccie-ccnp.html. [Accessed: May. 201, 2010].
combined with Access Control Lists to filter traffic from
which IP address or addresses to effect with the set [8] H. Benjamin, CCNP Practical Studies: Routing: Cisco
command and change attribute values. To do this, match Press, 2002. [Accessed: May. 23, 2010].
 [7] "Using BGP’s Local Preference to Influence
Outbound Routing," Mar. 07, 2009. [Online]. Available:
http://evilrouters.net/2009/03/07/using-bgps-local-
preference-to-influence-outbound-routing/. [Accessed: May.
285, 2010].

[8] K. Solie and L. Lynch, "CCIE Practical Studies:

Configuring Route-Maps and Policy-Based Routing"
[Online]. Available:
http://www.ciscopress.com/articles/article.asp?p=102092.
[Accessed: May. 30, 2010].

[9] "T(n) Quick Overview," [Online]. Available:

http://ckp.made-it.com/t1234.html. [Accessed: May. 30,
2010].

[10] Y. Rekhter, T. Li and S. Hares."A Border Gateway

Protocol 4 (BGP-4)," [Online]. Available:
http://www.ietf.org/rfc/rfc4271. [Accessed: May. 30, 2010].