Category: BGP
BGP as a Better IGP? When and Where?
A while ago I helped a large enterprise redesign their data center fabric. They did a wonderful job optimizing their infrastructure, so all they really needed were two switches in each location.
Some vendors couldn’t fathom that. One of them proposed to build a “future-proof” (and twice as expensive) leaf-and-spine fabric with two leaves and two spines. On top of that they proposed to use EBGP as the only routing protocol because draft-lapukhov-bgp-routing-large-dc – a clear case of missing the customer needs.
To BFD or Not to BFD?
Omer asked a pretty common question about BFD on one of my blog posts (slightly reworded):
Would you still use BFD even if you have a direct router-to-router physical link without L2 transport in the middle to detect if there is some kind of software failure on the other side?
Sander Steffann quickly replied:
Another DMVPN Routing Question
One of my readers sent me an interesting DMVPN routing question. He has a design with a single DMVPN tunnel with two hubs (a primary and a backup hub), running BGP between hubs and spokes and IBGP session between hubs over a dedicated inter-hub link (he doesn’t want the hub-to-hub traffic to go over DMVPN).
Here's (approximately) what he's trying to do:
Routing Protocols: Perfect Example of RFC 1925 Rule 5
In case you’re not familiar with RFC 1925, Rule 5 states:
It is always possible to agglutinate multiple separate problems into a single complex interdependent solution. In most cases, this is a bad idea.
Most routing protocols are a perfect demonstration of this rule.
Improving BGP Convergence without Tweaking BGP Timers
One of the perks of my online courses is the lifetime access to course Slack team, and you’d amazed by the variety of questions asked there. Not so long ago I got one on BGP timers:
The BGP timers I’m using in my network are 5 and 15 seconds, and I am not sure if it's a good practice to reduce them even more.
You should always ask yourself this set of questions before tweaking a nerd knob:
Synchronizing BGP and OSPF (or OSPF and LDP)
Rich sent me a question about temporary traffic blackholing in networks where every router is running IGP (OSPF or IS-IS) and iBGP.
He started with a very simple network diagram:
RFC 8212: Bringing Sane Defaults to EBGP
It’s amazing how long it can take to get some sanity into networking technologies. RFC 8212 specifies that a BGP router should not announce prefixes over EBGP until its routing policy has been explicitly configured. It took us only 22 years to get there…
For more technical details, read this email by Job Snijders.
Video: Simplify BGP Configurations
Running BGP instead of an IGP in your leaf-and-spine fabric sounds interesting (mainly if your fabric is large enough). Configuring a zillion BGP knobs on every box doesn’t.
However, BGP doesn’t have to be complex. In the Simplify BGP Configurations video (part of leaf-and-spine fabric designs webinar) Dinesh Dutt explains how you can make BGP configurations simple and easy-to-understand.
How I Started Hating Automatic Context Switching in Cisco IOS
Here’s a trick question:
- Imagine you have a network running IPv4 and VPNv4 services;
- You want to use neighbor next-hop-self on IPv4 sessions, but not on VPNv4 sessions;
To implement this request you use the following configuration commands (plenty of other commands removed because they don’t impact the results):
router bgp 64500
address-family ipv4
maximum-paths ibgp 32
maximum-paths 32
neighbor 192.168.0.4 next-hop-self
neighbor 192.168.0.1 next-hop-self
address-family vpnv4
maximum-paths ibgp 32
maximum-paths 32
no neighbor 192.168.0.4 next-hop-self
no neighbor 192.168.0.1 next-hop-self
Try to figure out what the end-result will be without connecting to a router or reading the rest of this blog post.
Ok, here’s what totally threw me off (and wasted an hour of my life): next-hop-self is removed from neighbors in the IPv4 address family. Here’s why:
- There is no maximum-paths ibgp command in VPNv4 address family;
- The moment you enter maximum-paths ibgp command the configuration parser exits the address-family vpnv4 context and enters router bgp context;
- Because the ipv4 address family is the default context within router bgp (for legacy reasons) all the subsequent commands are executed within the address-family ipv4 context removing next-hop self from neighbors in IPv4 address family.
No wonder David Barroso named his library NAPALM (you’ll find the full story in this or this podcast).
Generating OSPF, BGP and MPLS/VPN Configurations from Network Data Model
Over a month ago I decided to create a lab network to figure out how to solve an interesting Inter-AS MPLS/VPN routing challenge. Instead of configuring half a dozen routers I decided to develop a fully-automated deployment because it will make my life easier.
I finally got to a point where OSPF, LDP, BGP (IPv4 and VPNv4) and MPLS/VPN configurations are created, deployed and verified automatically.
Optimal Inter-AS Routing Challenge
I encountered an ancient problem during one of my ExpertExpress engagements:
- Customer network is split into two autonomous systems (core and access);
- Links within access network are way slower than links within core network;
- Customer would like to have optimal core-to-access traffic flow.
Challenge: what’s the simplest possible configuration to get it done?
Why Would I Use BGP and not OSPF between Servers and the Network?
While we were preparing for the Cumulus Networks’ Routing on Hosts webinar Dinesh Dutt sent me a message along these lines:
You categorically reject the use of OSPF, but we have a couple of customers using it quite happily. I’m sure you have good reasons, and the reasons you list [in the presentation] are ones I agree with. OTOH, why not use totally stubby areas with hosts in such an area?
How about:
Running BGP between Virtual Machine and ToR Switch
One of my readers left this question on the blog post resurfacing the idea of running BGP between servers and ToR switches:
When using BGP on a VM for mobility, what is the best way to establish a peer relationship with a new TOR switch after a live migration? The VM won't inherently know the peer address or the ASN.
As always, the correct answer is it depends.
Using BGP in Leaf-and-Spine Fabrics
In the Leaf-and-Spine Fabric Designs webinar series we started with the simplest possible design: non-redundant server connectivity with bridging within a ToR switch and routing across the fabric.
After I explained the basics (including routing protocol selection, route summarization, link aggregation and addressing guidelines), Dinesh Dutt described how network architects use BGP when building leaf-and-spine fabrics.
Is BGP Really that Complex?
Anyone following the popular networking blogs and podcasts is probably familiar with the claim that BGP is way too complex to be used in whatever environment. On the other hand, more and more smart people use it when building their data center or WAN infrastructure. There’s something wrong with this picture.