cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7318
Views
10
Helpful
20
Replies

why eBGP AD is 20 less than any dynamic routing protocols?

ashok_boin
Level 5
Level 5

Hi all,

Shall I know why eBGP AD is 20 which is less than any dynamic routing protocols?

As far as I know, one reason is suboptimal paths and not sure about any thing related with routing loops.

Regards...

-Ashok.


With best regards...
Ashok
20 Replies 20

cadet alain
VIP Alumni
VIP Alumni

Hi,

when you are learning a route from an eBGP peer then that route was injected in another AS not from your AS so if it had an AD > IGPs you would prefer the route from IGP which is in your AS and so could blackhole the traffic.

Alain.

Don't forget to rate helpful posts.

Hi Alain,

Thanks for your reply.

I understand about suboptimal routing but not able to get any example for blackholing of traffic.

Could you pls help with an example?

Regards...

-Ashok.


With best regards...
Ashok

the simplest exampls it's if you got 2 router in your AS , and each of these routers has eBGP session with external AS and OSPF to each other.  If both of them get e.g. the prefix 1.1.1.0/24 from eBGP and somehow redistribute it into OSPF, then in normal case with eBGP AD 20, each router always finds the shortest way to external AS and sent the packet. But if you set eBGP AD to let say 254, then each of your internal router will see that 1.1.1.0/24 is reachable via OSPF and sent packets to other internal router - you get a loop.

Hi Konstantin,

I guess this example will not lead into loops as the routers prefer their own OSPF routes after having redistribution.

Regards...

-Ashok.


With best regards...
Ashok

you're right. It seems that it's not so easy to create a rooting loop if you need it ., but  I'll thik about it, I believe I've seen in some books a couple of examples.

Hello Ashok, Alain, Marwan and others,

there are historical reasons for these choices of AD = 20 for eBGP sessions BGP started to be used only for eBGP sessions, iBGP sessions arrived later.

In a scenario like that the border router RB could inject routes in the IGP and another border router RA should not use the IGP routes until it has the BGP routes arriving on its own eBGP session(s). The same happens for RB that will not use IGP external routes injected by RA.

Nowdays none (I hope so)  redistributes from BGP into IGP ( too many routes for the IGP!!!) and we use IGP for infrastructure only not for services ( in SP scenario, things are different in enterprise contexts)

To be noted other vendors made different choices and juniper uses a route preference = AD = 170 for both iBGP and eBGP sessions.  I hope this will not create confusion.

AD is a Cisco concept that has been adopted by other vendors too.

Hope to help

Giuseppe

The main purpose of BGP is a routing between AS's and router "should" get only external subnets over eBGP. If there is a eBGP learned path, the router should use it to reach the external subnets, because if it use an IGP learned routing information it can indeed follow to a blackhole or in most cases in sub-optimal routing.

Just to add to the nice posts above

Routing design has logic and ebgp is an inter domain routing where you have different routing domain need to communicate

Igp is used within the routed domain and ebgp between those domain and route comes from external domain has to have lower AD than the igp advertised network to avoid either routing loop or blackholing of the traffic

Hope this help

johnny-t87
Level 1
Level 1

Ashok and Alain,

I will try to answer your question about black holes. I am new to BGP, I started studying it this week, so my answer might not be sufficient. When it comes to black holes, BGP can create one if you are running iBGP and are not using full mesh connectivity. When a BGP router hears about a route, it is that router's job to tell all of its neighbors about the route it learned. For example, If a chain of routers set up A>B>C>D hears a route from an external AS on router A, router A must tell B,C, and D about the route itself. If router A tells router B about the route, router B will NOT pass the route to router C or D. Router A heard the route, so it must have neighborship with B,C and D for those routers to learn the route. If these routers do not learn about the route and no routers in the AS are connected to the network, the route could end up getting blackholed (External AS sends info to router A, and the path stops there). Comments and criticisms welcomed.. I am learning this too!

Hello Johnny,

you are referring to the iBGP split horizon rule that is a different concept and applies to iBGP neighbors/sessions.

Ashok was asking about AD = 20 for routes learned on eBGP sessions.

the reason for this was the potential for black holing in a network where BGP was spoken only by few border routers.

so the rule to avoid to advertise to RC what is learned by RA on RB if all are iBGP sessions this would lead to a requirement of full mesh of iBGP sessions.

Nowdays, in SP networks:

most of routers speak BGP

MPLS has solved the black holing problem for inner core routers that do not examine the contents of MPLS frames.

the solutions to iBGP full mesh of sessions are route reflector servers or confederations ( mini AS)

Hope to help

Giuseppe

Dear friends,

Ashok was asking about AD = 20 for routes learned on eBGP sessions.

My personal take on this is that if you learn about a network from another AS, you can learn it either via BGP (which is the only inter-AS routing protocol nowadays), or via an internal routing protocol. However, internal routing protocols would never be run between different ASes, so learning an external route via an IGP protocol would necessitate redistributing it from BGP into IGP in the first place.

So we have here two sources of the same external routing information: either eBGP, or IGP that must have gotten the route from BGP anyway. Note that the IGP "version" of the route can be significantly skewed - BGP attributes are gone, metric may have been influenced arbitrarily... If nothing else, we are choosing between two paths to an outside external network, one leaving our AS immediately (eBGP), the other traversing it (IGP). What are we going to trust more? In this case, trusting eBGP information more is in my view quite natural and logical, and hence the AD of eBGP routes is lower than any IGP AD.

My two cents...

Best regards,

Peter

Hi Peter,

I find your explanation is very nice , exactly the BGP has many "special" attributes to administratively manage to flow of traffic which usual doesn't have IGP's (like OSPF which  has only cost), and if a router should choose the the next-hop for external subnets, it's logicaly to use the information from the routing protocol which was "made" for it - eBGP, and in order to solve potential conflicts with IGP (as you described), for eBGP was chosed the almost small AD (strange that summary in EIGRP has smaller AD - 5).

Hi Peter,

Thanks for your reply.

Coming back to my question: Is there any possibility of routing loops if eBGP AD is greater than any IGP protocol? That might have also a deciding factor which led to decide eBGP AD lower than any IGP protocols but not getting any practical example.

Regards...

-Ashok.


With best regards...
Ashok

Adding another twist :-)

http://www.juniper.net/techpubs/software/junos/junos94/swconfig-routing/default-route-preference-values.html

Juniper routers use AD [preference, in Junos parlance] of 170 for BGP...highest of all IGPs. Advantage? I think, believe yourself [local routes] more than any foreign fed routes.

Thanks.

Review Cisco Networking for a $25 gift card