Thursday, January 18, 2018

BGP: Path Selection Criteria - Path Vector Protocol

ılılılı RouteXP ılılılı ılılılı
BGP: Path Selection Criteria - Path Vector Protocol

BGP is basically important for routing specialist and the service provider audience.
Audience : CCNA, CCNP and CCIE ( Routing & Switching )
CCNA, CCNP and CCIE ( Service Provider )

Today we will talk about the BGP path selection and we will come up with all these parameters in details in another post where we will discuss the functionality of the features like Next Hop, AS Path, Local Preference, Weight ( Cisco Propriety ), MED ( Multi Exit Discriminator ) in detail as we will dedicatedly have the posts on all the BGP path selections parameters.

Lets Start with the BGP Path selection criteria. First of all i will let you know that BGP is a Path vector protocol and is as application protocol which uses TCP port number 179 on local side to communicate. So don't be confuse that it is a layer 3 protocol.

First of all we will discuss on the basic specifications of the BGP ( Border Gateway Protocol ) as below:

TCP 179 port local and an Application Protocol.
AD: eBGP AD: 20; iBGP AD: 200

BGP used when we need to connect to different AS numbers ( Autonomous Systems) with larger values of the routes in count.

Below is the basic topology Showing the BGP in the MPLS Scenario

Fig 1.1- BGP in MPLS Scenario

Highest WEIGHT attribute will be preferred First ( can be used in one router with two paths)
 WEIGHT is a Cisco-specific parameter. It is only used when you have Cisco Routers.

Fig 1.2- BGP Attributes

Highest LOCAL_PREF will be preferred ( two routers with two paths from different service providers)
Note: A path without LOCAL_PREF is considered to have had the value set with the bgp default local-preference  command, or to have a value of 100 by default. It can be used with any router( Cisco,juniper, Huawei and so on)

locally originated path will be preferred via a network or aggregate BGP subcommand or through redistribution from an IGP.
Local paths that are sourced by the network  or redistribute commands are preferred over local aggregates that are sourced by the aggregate-address  command.


Shortest AS_PATH will be preferred
This step is skipped if you have configured the bgp bestpath as-path ignore  command.
An AS_SET counts as 1, no matter how many ASs are in the set.
The AS_CONFED_SEQUENCE and AS_CONFED_SET are not included in the AS_PATH length.


Lowest origin type will be preferred.
 IGP is lower than Exterior Gateway Protocol (EGP), and EGP is lower than INCOMPLETE.


Lowest multi-exit discriminator (MED).
This comparison only occurs if the first (the neighboring) AS is the same in the two paths. Any confederation sub-ASs are ignored.

In other words, MEDs are compared only if the first AS in the AS_SEQUENCE is the same for multiple paths. Any preceding AS_CONFED_SEQUENCE is ignored.

If bgp always-compare-med  is enabled, MEDs are compared for all paths.
You must disable this option over the entire AS. Otherwise, routing loops can occur.
If bgp bestpath med-confed  is enabled, MEDs are compared for all paths that consist only of AS_CONFED_SEQUENCE.
These paths originated within the local confederation.
THE MED of paths that are received from a neighbor with a MED of 4,294,967,295 is changed before insertion into the BGP table. The MED changes to to 4,294,967,294.
THE MED of paths that are received from a neighbor with a MED of 4,294,967,295 are considered valid and are inserted into BGP table with effect to Codes fixed for Cisco bug ID CSCef34800.
Paths received with no MED are assigned a MED of 0, unless you have enabled bgp bestpath med missing-as-worst .
If you have enabled bgp bestpath med missing-as-worst , the paths are assigned a MED of 4,294,967,294.
If you have enabled bgp bestpath med missing-as-worst , the paths are assigned a MED of 4,294,967,295 with effect to Codes fixed for Cisco bug ID CSCef34800.
The bgp deterministic-med  command can also influence this step.
Refer to How BGP Routers Use the Multi-Exit Discriminator for Best Path Selection for a demonstration.


eBGP over iBGP paths will be preferred.
If bestpath is selected, go to Step 9 (multipath).
Note: Paths that contain AS_CONFED_SEQUENCE and AS_CONFED_SET are local to the confederation. Therefore, these paths are treated as internal paths. There is no distinction between Confederation External and Confederation Internal.


Lowest IGP metric to the BGP next hop will be preferred.
Continue, even if bestpath is already selected.

Determine if multiple paths require installation in the routing table for BGP Multipath.
Continue, if bestpath is not yet selected.


When both paths are external, then path that was received first (the oldest one) will be preferred. 

The router ID is the same for multiple paths because the routes were received from the same router.
There is no current best path.
The current best path can be lost when, for example, the neighbor that offers the path goes down.


BGP router with the lowest router ID.
The router ID is the highest IP address on the router, with preference given to loopback addresses. Also, you can use the bgp router-id  command to manually set the router ID.
Note: If a path contains route reflector (RR) attributes, the originator ID is substituted for the router ID in the path selection process.


If the originator or router ID is the same for multiple paths, path with the minimum cluster list length will be preferred 
This is only present in BGP RR environments. It allows clients to peer with RRs or clients in other clusters. In this scenario, the client must be aware of the RR-specific BGP attribute.


Path that comes from the lowest neighbor address will be preferred
This address is the IP address that is used in the BGP neighbor configuration. The address corresponds to the remote peer that is used in the TCP connection with the local router.

Thanks for be the part of this post, we will come up with the detail session and the use cases where to use which parameters and how the traffic can be controlled in the network, It can be the traffic inside to the network and going from the network to the service provider. Make sure if you are talking about these parameters BGP should be used.

Wednesday, January 17, 2018

Differences between OSPFv3 and OSPFv2

ılılılı RouteXP ılılılı ılılılı
Differences between OSPFv3 and OSPFv2

Most of the algorithms have been preserved from OSPFv2, however, some changes were needed either to support larger address space or due to changes in protocol semantics between IPv4 and IPv6.

Fig 1.1- Demo OSPF topology

Following are the differences between OSPFv3 and OSPFv2-

1. Protocol processing per-link, not per-subnet:

IPv6 uses the term "link" instead of "subnet" or "network" to define a medium used to communicate between nodes at the link layer. Multiple IP subnets can be assigned to a single link, and two nodes can communicate with each other even if they do not share a common IP subnet.

This change affects Hello packets and Network LSAs processing.

2. Removal of addressing semantics:

  • IPv6 addresses are not present in OSPF packets, except in Link-State Update (LSU) packets.
  • Router and Network LSAs do not contain network addresses, but only contains topology information.
  • OSPF Router ID, Area ID and Link-State IDs remain at 32-bits size- they cannot be assigned IPv6 addresses.
  • Neighboring routers are identified by Router IDs only.
3. Addition of Flooding scope:

There are three seperate scopes for flooding LSAs-

    Link-local scope- LSA is flooded only on local link and no further. New Link-LSA uses link-local scope.

    Area scope- LSA is flooded in a single OSPF area. Router-LSAs, Network-LSA, Inter-area Prefix-LSAs, Inter-area Router-LSAs and Intra-area Prefix-LSAs use Area scope.

    AS scope- LSA is flooded throughout the routing domain. AS-external LSAs use AS scope.

4. Explicit support for multiple instances per link:

Providers may run different OSPF domains and would like to keep it seperate even though if they have one or more links in common, can use multiple instances on the same link.

If someone wants a single link in more than one area can use multiple instances on the same link.

Multiple instances on the single link can be achieved using "Instance ID" contained in the OSPF packet header.

5. Use of Link-local addresses:

OSPFv3 requires that every interface has a link-local address from the range FE80/10. A router uses the link-local address as next-hop during packet forwarding for the neighbors attached to its links.

On virtual-links, global or site-local addresses are used for packet forwarding.

Link-local addresses are only sent in Link-LSAs, and not allowed in any other OSPF LSAs.

6. Authentication changes:

In OSPFv3, Authentication for OSPF has been removed. OSPFv3 relies on IPv6 Authentication Header (AH) and Encapsulating Security Payload (ESP) to ensure integrity and authentication/confidentiality of routing exchanges.

Accidental data corruption is handled by checksum.

7. Packet Format changes:

  • Version number is now 3.
  • No Authentication fields.
  • Options field Hello and DBD packets is now 24-bits long
  • Two option bits, "R" bit and "v6" bit, are added to Options field for processing Router-LSAs during SPF calculation.
  • "Instance ID" is included in Hello packet
8. LSA Format changes:

  • Options field is removed from LSA header, increased to 24-bit and moved to Router-LSAs, Network-LSAs, Inter-area Router-LSAs (Type-4 LSA in OSPFv2) and Link-LSAs.
  • LSA Type field is expanded to 16 bits with upper 3 bits encoding flooding and handling of unknown LSA Types.
  • Addresses in LSAs are now expressed as [prefix, prefix-length]. The default route is expressed as a prefix with length 0.
  • Router and Network LSAs have no address information.
  • Router LSAs are concatenated before SPF is run.
  • New Link-LSA is introduced. They have link-local flooding scope. They have 3 purposes- a) they provide router's link-local address to all neighbors attached to that link b) inform other routers on the link of IPv6 prefixes to associate with the link c) they allow the router to assert a collection of Option bits to associate with the Network LSAs that will be originated for the link
  • Type-3 summary LSA is now Inter-area Prefix-LSA and Type-4 summary LSA is now Inter-area Router-LSA.
  • New Intra-area Prefix-LSA is introduced. It carries all IPv6 prefix information that in IPv4 is carried in Router and Network LSAs.
9. Handling Unknown LSA Types:

Unknown LSA Types are either treated as having link-local flooding scope, or stored and flooded as if they were understood.

10. Stub Area support:

Stub area support has been retained in OSPFv3. Only Router-LSAs, Network-LSAs, Inter-area Prefix-LSAs, Intra-area Prefix-LSAs and Link-LSAs are allowed in a Stub area.

Unknown LSAs are labelled as "Store and Flood LSAs" as if type understood under following conditions-

a) the LSA has area or link-local flooding scope

b) the LSA has U-bit set to 0.

11. Identifying neighbors by Router ID:

Neighboring routers on a given link are always identified by a Router ID. This behaviour is valid for neighbors on point-to-point, virtual-links, broadcast, NBMA and point-to-multipoint links.

Router ID is reserved.

For other OSPF quick Guide, please refer below links

Sample Interview Questions for Network Engineers

ılılılı RouteXP ılılılı ılılılı

Sample Interview Questions for Network Engineers

  1. What is the subnet mask
  2. What is the administrative distance of EIGRP, eBGP, iBGP?
  3. What is your favorite routing Protocol?
  4. In EIGRP, what is a Stuck in Active route?
  5. In OSPF, what is a totaly stubby area?  What does Area Zero do?
  6. Which internal routing protocol would use if you needed to route between Cisco and non-Cisco equipment?
  7. Explain what a 3-way handshake is in TCP?
  8. What is a VLAN trunking protocol?
  9. What is the different between 802.1q and ISL?
  10. Explain what is an Ether-Channel?
  11. What do you need to do to setup a VTP domain?
  12. What is Spanning Tree used for?
  13. What is a root bridge and why do you need one?
  14. What is needed on a router interface to allow DHCP to function on a subnet?
  15. Describe what a stateful firewall is?
  16. What is HSRP?  Is this an open standard?
  17. In a PIX/ASA, what are security levels used for?
  18. What two things are needed in a PIX/ASA firewall to allow traffic to pass from a higher security level to a lower security level?
  19. In IPSec VPNs, what is diffie hellman?  What is it used for?
  20. In an IPSec tunnel, what is main mode?

Popular Posts