Read the BGP protocol in six minutes

2022.07.05
Read the BGP protocol in six minutes

In the protocols such as RIP and OSPF, routing control is performed by the IP network address, while BGP protocol needs to perform routing control through the entire Internet, and the scope is much larger.

Earlier we talked about RIP and OSPF protocols, which are based on AS, that is, the protocols in the autonomous system. They can be considered as intra-domain routing protocols; and now we are going to talk about the protocols between ASs, which are also called inter-domain routing protocols, or It is called the external gateway protocol, and one of its most famous protocols is the BGP protocol. The most used protocol version is BGP-4, the fourth version of BGP, referred to as BGP (Border Gateway Protocol).

In the protocols such as RIP and OSPF, routing control is performed by the IP network address, while BGP protocol needs to perform routing control through the entire Internet, and the scope is much larger.

The environment of BGP is different from that of RIP and OSPF. The main reason is that the scale of the Internet is too large, which makes route selection between autonomous systems difficult. A router on the Internet can find its destination network through the routing table for any IP address. This is a very large set. If the link state protocols RIP and OSPF are used, a very large routing set must be maintained. On the one hand, the routing table retrieval efficiency is very low, and such a huge data item is inconvenient to maintain. . Another point is that the metric of each router is different. It is possible that this metric has passed through 100 routes, and the link may directly report an error when it reaches 100 routes.

Moreover, routing between autonomous systems must consider policy issues that take political, geographic, security, or economic considerations into account.

Due to the existence of the above special circumstances, BGP only selects a better route to the destination network, rather than an optimal route. BGP adopts the path vector routing protocol, which is very different from RIP and OSPF.

In the BGP protocol, there are many BGP border routers in each AS autonomous system, and this BGP border router is quite a spokesperson in the autonomous system. If BGP border routers between different ASs want to exchange routing information, they need to establish a TCP connection first, and then exchange BGP packets on this connection to establish a BGP session, which can provide reliable services through TCP. Two BGP border routers that exchange packets are called each other's neighbors (angels) or peers.

The following figure is a schematic diagram of the relationship between a BGP border router and an AS:

picture

The network reachability information exchanged by BGP is a series of routes to reach a certain network. Once each BGP border router exchanges the reachability information, it will select a better routing path to each AS.

BGP supports classless inter-domain routing selection CIDR, so the routing table of BGP should include the current destination network prefix, the next hop router, and the AS that the destination network passes through.

When BGP is just running, the adjacent station of BGP is to exchange the entire BGP routing table. In the future, only the parts with new changes can be updated when changes occur. This has great benefits for saving network bandwidth and reducing router overhead. This feature is very similar to OSPF.

BGP-4 mainly has the following types of packets:

  • The OPEN (open) message is used to establish a relationship with the neighboring BGP area border router to initiate communication.
  • UPDATE (update) message, used to advertise routing information and list multiple routes that need to be updated.
  • The KEEPALIVE (keep alive) message is used to periodically verify the connectivity of the neighbor.
  • NOTIFICATION messages are used to send detected errors.

If two adjacent stations belong to two different autonomous systems, and one of the adjacent stations intends to exchange routes with other adjacent stations, there should be a routing negotiation process at this time. The negotiation process includes whether the adjacent router can accept additional routing information. Therefore, at the beginning of the negotiation, an OPEN message should be sent first. If the neighbor station can accept this relationship, it will respond with a KEEPALIVE message. After the response is completed, the relationship between the two stations is established.

After the relationship is established, it is necessary to maintain each other. After the relationship is established with the couple, as a gentleman, you can't ignore others for three days, right? As the saying goes, feelings need to be maintained, so this routing relationship also needs to be maintained. Each of the two communicating parties needs to be sure whether the other party already exists. Therefore, the two BGP border routers need to exchange KEEPALIVE packets regularly, usually 30 s.

BGP border routers can use UPDATE packets to update routes: including withdrawing previously notified routes and adding new routes. When withdrawing a route, multiple routes can be withdrawn at one time, but only one UPDATE packet can be added for a new route.

Of course, there is no such thing as "good news spreads fast and bad news spreads slowly" in BGP (I feel that this problem of RIP is played out). Because there is not only one BGP border router, and when a router or link fails, since the BGP border router can obtain routing information from more than one neighbor, it is easy to select a new route.

The following is the packet format of BGP:

picture

The four message types described above have a general message header, the header is 19 bytes, and the general header is mainly divided into three fields.

  • The marker field is 16 bytes long and is used to identify received BGP packets. If identification is not used, the marker field should be set to all 1s.
  • The length field indicates the length of the entire BGP packet including the general header, in bytes, with a minimum value of 19 and a maximum value of 4096.
  • The value of the Type field is 1 to 4, which correspond to the order in which the above packets are introduced.

The OPEN message has a total of 6 fields, as shown in the following packet capture:

picture

picture

The first three fields are the BGP general message header, the following fields are the Version version (1 byte, the value is 4), My AS local autonomous system number (2 bytes, using the world's only 16-bit system) number), Hold Time (2 bytes, the time in seconds to hold a neighbor relationship), BGP Identifier BGP identifier (4 bytes, the IP address of the router), the following are optional lengths and optional parameters .

The KEEPALIVE message has only a BGP 19-byte general header.

picture

The UPDATE message has five fields, as shown in the following figure:

picture

picture

The Unfeasible routes length in the message indicates the length of the unfeasible route. There is a field in the message that is not listed, which is Withdrawn Routes , the list of routes to be withdrawn. Indicates the path attribute, and the last NLRI identifies the network that sent the message.

The NOTIFICATION message has three fields, as shown in the following figure:

picture

It mainly includes error code (1 byte), error subcode (1 byte), followed by error data.