My new BGP book: 'Internet Routing with BGP' by Iljitsch van Beijnum BGPexpert My BGP book from 2002: 'BGP' by Iljitsch van Beijnum

Home · BGP Expert Test · What is BGP? · BGP Vendors · Links · Archives · Books · My New BGP Book

BGP (advertisement)

BGP Answers

Note that I'm completely oblivious as to Cisco's certification program. Don't assume these questions are like those on a certification test.

  • Question 1

    What are IGPs and EGPs and why are they different?

    Interior Gateway Protocols such as RIP, OSPF, IGRP, EIGRP and IS-IS are used within the network of a single organization or a part of an organization, Exterior Gateway Protocols such as EGP and BGP are used for routing between different organizations or "administrative domains".

  • Question 2

    What do BGP, eBGP, iBGP and AS stand for? What's the difference between eBGP and iBGP?

    Border Gateway Protocol, internal BGP, external BGP, Autonomous System. eBGP is used towards other autonomous systems, iBGP is used within an AS.

  • Question 3

    Name several path attributes and their function.

    • Next hop: contains the IP address of the router where packets for the destination prefix should go to
    • AS path: loop detection, best path selection, to apply filters/policy
    • Local preference: best path selection / to communicate preference to other routers within the AS
    • Multi exit discriminator (MED): first tie breaker for path selection, originally to select one path when several are available from the same neighbor AS but now often to select the best path between several paths with the same AS path length, regardless of whether they were learned from the same neighbor AS
    • Origin: shows where information in BGP came from (IGP, EGP or unknown), no real/official use but can be used for traffic engineering
    • Community: one or more 32-bit values with user-defined meanings
    • Atomic aggregate: indicates that a router has aggregated several routes into a larger block
    • Aggregator: indicates where an aggregate route was created

  • Question 4

    What is the global routing table? What is (roughly) its size?

    The global routing table is a list of all prefixes (and associated information) that are in use within the internet. Its size is approximately 130,000 prefixes currently.

  • Question 5

    Why is there a problem with iBGP in large networks? How can this problem be solved? Describe each solution in 1 - 3 sentences.

    There must be a full mesh of iBGP sessions, in other words: each BGP router within an AS must have iBGP sessions with all other BGP routers in the AS. By requiring that all information in iBGP is learned directly from the router that learned the information over eBGP, there can't be any loops in iBGP. The full mesh requirement can be solved using either route reflectors or confederations.

    Route reflectors distribute iBGP information from one router to another, which is normally not allowed in iBGP. Since the clients of the route reflector get all iBGP from the route reflector they don't need to have iBGP sessions with all other BGP routers. Reflectors add additional path attributes that allow them to detect and eliminate loops.

    In a confederation, the AS is split into a number of sub-ASes, so the iBGP full mesh is done within each sub-AS and a modified version of eBGP is used between sub-ASes. To the outside, the confederation behaves like a single AS.

  • Question 6

    Unlike all other routing protocols, BGP uses TCP as its transport protocol. Discuss the consequences of running BGP over UDP. (What would happen and/or what would have to be changed in BGP.)

    In order to be able to run over UDP, BGP would have to implement functionality that is normally associated with transport protocols, such as retransmissions and reordering. Since in BGP communication is always with specific neighbors that are known in advance, using TCP here allows for a simpler implementation.

  • Question 7

    What are the disadvantages of existing and proposed BGP security mechanisms?

    BGP TCP MD5 option: hard to implement on general purpose systems, hard to manage because password must match on both sides with no provisions for setting up/changing it, only protects session between two routers, information in BGP may still be wrong.

    S-BGP and soBGP: currently, there is no repository of known prefix-to-AS mappings that these protocols could secure. Experience with cryptographic authentication shows there are regularly mistakes that lead to information that is valid being rejected because of a problem with the authentication.

    S-BGP: the amount of extra memory in routers and the number of signature checks can be problematic for existing routers, and offloading isn't possible. Secret key must be stored on the router to be able to generate signatures.

  • Question 8

    Suppose AS 10 is a multihomed customer of AS 20 and AS 30. AS 10 receives most of its incoming traffic over AS 30 and wants to employ traffic engineering techniques to shift some of this traffic from AS 30 to AS 20. For this purpose, a route map is created. Assume that the following excerpt of the BGP table is a good representation of the BGP table as a whole:

    Network Next Hop Metric LocPrf Weight Path *>i12.31.126.0/24 213.24.40.91 0 100 0 20 209 13606 i * 62.93.19.27 0 0 30 209 13606 i * i12.31.127.0/24 213.24.40.91 0 100 0 20 209 7018 23087 i *> 62.93.19.27 0 0 30 7018 23087 i * i12.31.159.0/24 213.24.40.91 0 100 0 20 209 7018 20457 i *> 62.93.19.27 0 0 30 4181 20457 i

    Questions:

    1. Which BGP attributes would AS 10 possibly like to change in the route map "set" clause, in what way (higher/lower, longer/shorter), and which would be the best choice?

      The only real option for influencing incoming traffic is to make the AS path longer as local preference and MED metric aren't communicated to the source AS.

    2. 8b. Should a "match" clause be used in this route map?

      No, that's not necessary as we want to apply the change to all outgoing routing information.

    3. Should the route map be applied to:

      The BGP session with AS 20 "in"
      The BGP session with AS 20 "out"
      The BGP session with AS 30 "in"
      The BGP session with AS 30 "out"

      The path over AS 30 as seen by remote ASes must become longer, so the route map must be applied to the session with AS 30 for "out".

  • Question 9

    What is the function of the connection collision detection mechanism?

    Because both BGP routers may try to open a session to the other at the same time, it is possible that two sessions are established at the same time. The connection collision detection mechanism detects this situation and then applies a set of rules to determine which of the two sessions is terminated and which one is actually used.

  • Question 10

    What is the "longest match first" rule and what does it do? (Provide an example if necessary.)

    When two overlapping prefixes are present in the routing table, an address that falls within the overlapping range will match the longest of these prefixes (= the smallest block of addresses or the "more specific" prefix). For instance, 10.0.1.1 matches both 10.0.0.0/8 (which is 10.0.0.0 - 10.255.255.255) and 10.0.1.0/24 (which is 10.0.1.0 - 10.0.1.255). The second prefix is more specific: it has a prefix length of 24 while the first prefix has a length of 8. So when looking in the routing table to see where a packet with address 10.0.1.1 should go, the match will be 10.0.1.0/24.

    You can also take the interactive BGP expert test.