Thursday, 8 November 2018

BGP Series 2: eBGP Setup- Requirements, Blueprint

Now that we have decided to use eBGP in our 3-stage Clos, what other things do we need before we can create a final blue

Now that we have decided to use eBGP in our 3-stage Clos, what other things do we need before we can create a final blueprint of what the network will look like? Let's walk through them one by one:

  1. BGP autonomous system number assignments: The first step is to assign a BGP ASN per switch; this is a 1:1 ratio of ASNs to switches. Now each spine is able to peer with each leaf via eBGP.
  2. IP address base prefix: Generally an IP base prefix of 192.168.0.0/16 is enough in most cases, unless you're building a very large IP Fabric.
  3. Subnet masks to be used between point-to-point interfaces: The most common options are 30-bit and 31-bit. With the assumption that each point-to-point link only requires two IP addresses (one per switch), we can conclude that a 31-bit network mask is the most efficient use of IP space.
  4. Loopback assignments: The last task is to assign a 32-bit loopback address to each switch in the network. This allows us to quickly test routing connectivity through ping, traceroute, and other tools. BGP must be configured to advertise the loopback address to all of its peers. If a switch is able to communicate to another switching only using loopback addresses, we know that BGP is configured correctly and has reachability.
  5. Stability Considerations: Each switch should be configured with an SVI interface, then the next step is to advertise these prefixes to the rest of the network. Just like with the loopback addresses, each SVI prefix must also be flooded throughout the entire network. This ensures that each server in the IP Fabric has full Layer 3 reachability to every other host. The BGP export policy must be configured to advertise the SVI prefix to each BGP neighbor. A good step to ensure the stability of the IP Fabric is to configure a set of BGP import policies. The policy should only accept loopback addresses and SVI prefixes. There's really no need to accept any other prefixes as they aren't critical for the operation of the IP Fabric. This keeps the table sizes small and allows for faster convergence and updates.
  6. Convergence (BFD Configurations): One of the least talked about requirements of an IP Fabric is high availability and convergence. By itself BGP can only support a 7 second interval (per the RFC) and would cause traffic to drop during this window. To speed up convergence during a failure, a faster mechanism is required. I really good tool is Bidirectional Forwarding Detection (BFD). It's a protocol that was specifically designed to be light-weight and detect forwarding errors in the network. Depending on the hardware and software support BFD can be configured as low as 10ms or 20ms. Data center switches typically don't have hardware support for such fast intervals and a more reasonable timer is around 100ms; this still achievements sub-second convergence during a failure.

BGP Next-Hop-Self:

If we are using eBGP b/w A and B, the eBGP border router ‘A’ will advertise the eBGP address as next hop to its iBGP peers. But, the iBGP peers do not have any route to the eBGP network. So, in this case, we need to configure the iBGP peers with ‘neighbor next-hop-self’ on the router A ...in this case the router ‘A’ will advertise its iBGP interface as next hop for the eBGP route to its iBGP peers.

SEE: http://www.getnetworking.net/bgp/bgp-next-hop-self and

https://www.cisco.com/c/en/us/td/docs/ios/12_2s/feature/guide/fs_bgpnh.html

 

No comments:

Post a Comment