Previous | Table of Contents | Next |
Injecting Information Dynamically into BGP
Dynamically injected information can be further divided into purely dynamic, where all the IGP routes are redistributed into BGP (redistribute command), and semidynamic, where only certain IGP routes are to be injected into BGP (network command). The distinction reflects both the level of user intervention and the level of control in defining the routes to be advertised.
Information is injected dynamically into BGP by enabling all the IGP routes to be redistributed into BGP. A variety of IGPs are used in autonomous systems these days, including Routing Information Protocol (RIP), Interior Gateway Routing Protocol (IGRP), Enhanced IGRP (EIGRP), Open Shortest Path First (OSPF), and Intermediate System-to-Intermediate System (ISIS) routing protocol. What dynamic redistribution offers is ease of configuration: all internal IGP routes will dynamically flow into BGP, regardless of what particular protocols are being used.
Troubleshooting:
Example: Ch. 10, pp. 315-322. Injecting Information Dynamically into BGP
A semidynamic method of injecting information into BGP is to specify a subset of IGP networks to be advertised by individually listing them for injection into BGP by using the network command. This method is less than completely dynamic because a list of all the prefixes that need to be advertised must be maintained in the routerthe router is not automatically injecting all IGP routes into BGP. If the list of prefixes is large, maintaining it would be impractical. Besides, router implementations might put an upper limit on the number of prefixes that can be listed. If the number of prefixes to be advertised is larger than that upper-bound limit, dynamically redistributing the IGP into BGP is a must.
BGP assumes that networks defined with the network command are existing networks and will try to verify that by checking in the IP routing table. If BGP does not find an exact match for these networks, they will not be advertised. The verification step is smart because advertising a network not connected to or unknown by the router is misleading to other networks because the router cannot deliver traffic to this network anyway.
Troubleshooting:
Verification requirement for sending routing updates with the network command.
Injecting routes into BGP via the network command offers a more controlled way of route advertisement. Injecting IGPs into BGP via redistribution could result in the side effect of leaking unwanted or faulty information into BGP, as you will see next.
Injection of Unwanted or Faulty Information
Redistributing the whole IGP into BGP could result in some unwanted information being leaked into BGP. Such information could be private addresses, or illegal (not registered) addresses that are supposed to be used within the AS only. Other information could be routes with a prefix length that does not comply with the provider's aggregation policies; a host route with a prefix length of 32 is an example. This could be prevented by careful filtering.
Troubleshooting:
Example: Ch. 10, pp. 323-324. Injecting Information into BGP
Faulty information can also be injected into BGP due to the mutual exchange of routes between BGP and the IGP. In the same way that an IGP can be redistributed into BGP, BGP routes can be injected into an AS via redistribution into the IGP. When redistribution occurs in both directions, it is called mutual redistribution. In mutual redistribution, information that was injected from the outside into the AS could be sent back to the Internet as having originated from the AS. Figure 5-5 illustrates the danger of mutual redistribution between protocols.
Figure 5-5 Mutual redistribution example.
In figure 5-5, AS100 is the source of NetA and is sending this information via BGP to AS200. The border router RTC injects that information into the IGP, and RTB learns about it. RTB is configured to redistribute the IGP information into BGP. NetA will end up being advertised via BGP back to the Internet as if it has originated from AS200. This is very misleading to ASs connected to the Internet because NetA now has two sources rather than one source (AS100).
Again, to remedy this situation, special filtering should be put on the border routers to specify what particular networks should be injected from the IGP into BGP. This would have stopped NetA from being redistributed back into BGP by RTB. For protocols that differentiate between internal and external routes such as OSPF, the administrator can configure the protocol to ensure that it will redistribute only internal routes into BGP. (In the Cisco implementation, external OSPF routes are automatically blocked from being redistributed into BGP; the administrator has the option of overriding this behavior.) For protocols that do not distinguish between internal and external routes such as RIP or IGRP, special route tagging should be performed to differentiate between external routes and internal routes.
Previous | Table of Contents | Next |