How do router listen to BGP on TCP port 179

snadkarni · ‎08-21-2019

Hello,

I am studying BGP and learnt that it uses TCP port 179 to form TCP connections with peer routers. My question is, since routers are layer 3 devices, how can they listen on TCP port 179 and form TCP connection?

Any clarification on this will be highly appreciated.

Thank you.

Giuseppe Larosa · ‎08-22-2019

Hello snadkarni,

routers are layer 3 devices but the router main cpu implements a full TCP/IP stack for example we can telnet or SSH to them.

Telnet uses TCP 23.

SSH uses TCP 22.

Similarly most routing protocols use some form of L4 encapsulation

RIP uses UDP port 520

EIGRP is protocol 88 over IP

OSPF is protocol 89 over IP.

so listening to TCP port 179 is not an issue for routers as control plane messages are processed by main cpu TCP/IP stack.

Usually, BGP sessions can be formed only with manually configured BGP peers.

The BGP peer must use the expected source address, the expected destination address and must declare to belong to the BGP AS number configured on the local router.

So the router will open the TCP 179 port only on the local address used for the BGP session.

The local address can be different for different BGP sessions: a loopback address for iBGP sessions and the border interface(s) for eBGP sessions.

Hope to help

Giuseppe

Richard Burts · ‎08-22-2019

As I think about it this question becomes more interesting and it reveals a lack of consistency in how we describe network functions. When we describe a switch as a layer 2 device we do interpret it to mean that the switch deals with layer 2 information only and not with information from higher levels. But when we describe a router as a layer 3 device we assume that the router will also be able to use information from higher levels. Those of us who have more experience in networking know this to be the case. But this question helps me recognize that many participants in the community who are not experienced may not recognize the lack of consistency in our description of device layers. @Giuseppe Larosa provides a good discussion and some examples of routers using TCP and UDP information. This makes more sense when we recognize that the router is not limited to only layer 3 information.

HTH

Rick

HTH

Rick

Giuseppe Larosa · ‎08-22-2019

Hello Rick,

yes I have had similar thoughts while writing my post.

We and the networking books should say a router operates at OSI layer3 when routing and forwarding user traffic, but it is not limited to OSI layer3, and it implements a TCP/IP stack for different aspects like management, handling routing protocol messages and so on.

Best Regards

Giuseppe

Joseph W. Doherty · ‎08-22-2019

Routers are often more than just L3 processing devices. For example, what's a router that you telnet to, or use SNMP, or use FTP/tftp, or obtain syslog from, or . . . It's also often a host device.

One of the "things" a router host often does it run a routing protocol, such as BGP. An application on the router supports BGP (just as it does other network applications - some previously noted). So, the BGP application can use its own host TCP stack, much as FTP might.

As also noted by Giuseppe, the network applications, used by the router host, aren't limited by TCP, they can use other aspects of IP router host. Further, Cisco routers sometimes support even non-IP network features.

As Rick notes, since routers principally are L3 processing devices, it's easy to overlook they are, as I noted above, also network hosts. I.e. they are not limited to only doing routing.

BTW, another question often asked is what OSI level is a routing protocol, such as BGP. If you read the OSI documentation, maintaining routing information is outside or external to routing itself. I.e. it's not L3, although it's used to maintain L3. I consider routing protocols L7.

Richard Burts · ‎08-22-2019

I like the points that @Giuseppe Larosa and @Joseph W. Doherty make, especially the point that the primary function of a router is to forward packets and for that it uses layer 3 information. But the router also can run processes or applications that use higher layer information to perform other functions. And when we think of it in this way even the layer 2 switch can listen for telnet, or SSH, or SNMP, etc and in that sense the layer 2 switch is also listening for and processing higher layer protocol information.

So we should clearly understand that when we describe a device as layer 2 or as layer 3 that we are describing how it accomplishes its primary purpose but not describing limitations on what traffic it might recognize or process.

HTH

Rick

HTH

Rick

Joseph W. Doherty · ‎08-22-2019

"So we should clearly understand that when we describe a device as layer 2 or as layer 3 that we are describing how it accomplishes its primary purpose but not describing limitations on what traffic it might recognize or process."

Exactly! (I too had thought to mention L2 switches, but I didn't. Glad to see Rick did. One reason I didn't, besides my often muddying the waters [laugh] is purely "dumb" L2 switches, pretty much don't do anything else, i.e. they don't support other features, but if they do, as Rick says, they are still called a L2 switch, as that's their primary function. Router's, though, generally don't come in "dumb" variants. However, something to consider, you can take a PC, and have it perform as a router, although generally that's not considered a PC's primary design function. Additionally, a PC working as a router can still do other "PC" like things.)