CCIE R&S Advanced Technologies Class v4.5 - BGP Local Preference, BGP Local Preference and Communities, BGP AS-Path Prepending,

Transcript

1	Introduction	0h 43m
2	Using the Cisco Documentation	0h 52m
3	Ethernet Overview, Layer 2 Switchports, Trunking, ISL, 802.1q, DTP	0h 47m
4	VTP, VTP Authentication, VTP Pruning	1h 02m
5	VTP Prune Eligible List, VTP Transparent, VTP Troubleshooting, Trunk Allowed List, Extended VLANs	0h 48m
6	VLAN and VTP Review	0h 19m
7	SVIs, Native Routed Interfaces, Router-on-a-Stick	0h 46m
8	Layer 2 EtherChannel, EtherChannel Load Balancing, Layer 3 EtherChannel	0h 57m
9	802.1q Tunneling, Layer 2 Protocol Tunneling, EtherChannel over 802.1q Tunneling	1h 03m
10	STP Root Bridge Election, STP Root Port Election, STP Designated Port Election, STP Priority, STP Cost, STP Port-Priority	1h 46m
11	STP Review	0h 12m
12	STP Timers, STP PortFast	0h 34m
13	STP UplinkFast	0h 11m
14	STP BackboneFast	0h 12m
15	STP BPDU Filter	0h 13m
16	STP BPDU Guard	0h 11m
17	STP Root Guard	0h 11m
18	STP Loop Guard, Unidirectional Link Detection (UDLD)	0h 11m
19	Multiple Spanning-Tree Protocol (MST)	0h 40m
20	Rapid Spanning-Tree Protocol (RSTP), Rapid-PVST	0h 18m
21	MST with Multiple Regions	0h 33m
22	Flex Links	0h 16m
23	Frame Relay	0h 39m
24	Frame Relay Configuration Part 1	0h 34m
25	Frame Relay Configuration Part 2	0h 41m
26	Frame Relay Switching	0h 27m
27	Back-to-Back Frame Relay	0h 08m
28	Frame-Relay End-to-End Keepalives	0h 18m
29	PPP, PPP PAP Authentication, PPP CHAP Authentication	0h 59m
30	PPPoFR, PPPoE	0h 40m
31	Transparent Bridging, IRB	0h 32m
32	Fallback Bridging	0h 14m
33	IP Routing Overview, Switching Paths, Static Routing	0h 42m
34	Static Routing Examples	0h 25m
35	IP Default-Gateway, IP Default-Network	0h 14m
36	On-Demand Routing (ODR)	0h 07m
37	Floating Static Routes	0h 10m
38	Backup Interface	0h 29m
39	Enhanced Object Tracking, IP SLA, Reliable Static Routing	0h 21m
40	Policy Routing	0h 43m
41	GRE Tunneling, GRE Recursive Routing Errors	0h 27m
42	Reliable Backup Interface with GRE	0h 25m
43	RIP Overview, RIP Versions, RIP Auto-Summary	0h 48m
44	RIP Split-Horizon, RIP Timers	0h 22m
45	RIP Broadcast Updates, IP Directed Broadcast, IP Broadcast-Address, Smurf Attacks, Fraggle Attacks	0h 16m
46	RIP Unicast Updates	0h 03m
47	RIP Offset-List	0h 18m
48	RIP Authentication	0h 11m
49	RIP Summarization	0h 10m
50	Prefix-Lists, RIP Distribute-List Filtering, RIP Administrative Distance Filtering	0h 48m
51	RIP Default Routing, RIP Conditional Default Routing	0h 18m
52	RIP Triggered, RIP Validate Update Source,	0h 12m
53	EIGRP Overview	0h 29m
54	EIGRP Auto-Summary	0h 07m
55	EIGRP Split-Horizon	0h 11m
56	EIGRP Update Types, EIGRP Neighbor, EIGRP Passive-Interface	0h 24m
57	EIGRP Hello-Interval, EIGRP Hold-Time	0h 05m
58	EIGRP Authentication	0h 11m
59	EIGRP Time Based Authentication	0h 25m
60	EIGRP Path Selection, EIGRP Metric Weights, EIGRP Traffic Engineering	0h 47m
61	EIGRP Unequal Cost Load Balancing, EIGRP Variance	0h 19m
62	EIGRP QUERY, EIGRP Summarization, EIGRP Leak-Map	0h 28m
63	EIGRP Stub Router Advertisement	0h 22m
64	EIGRP Default Routing	0h 13m
65	EIGRP Route Filtering	0h 11m
66	EIGRP Router-ID	0h 07m
67	Miscellaneous EIGRP Features	0h 02m
68	OSPF Overview	0h 27m
69	Establishing OSPF Adjacencies, Understanding the OSPF Database	0h 43m
70	OSPF Network Type Broadcast, OSPF DR/BDR Election, OSPF over NBMA, OSPF Network Type Non-Broadcast and Point-to-Multipoint	0h 56m
71	OSPF Network Type Point-to-Point, OSPF Network Type Mismatch	0h 13m
72	OSPF Network Type Point-to-Multipoint Non-Broadcast, OSPF Per Neighbor Cost	0h 17m
73	OSPF Network Type Loopback	0h 02m
74	OSPF Path Selection	0h 27m
75	OSPF Convergence Timers	0h 09m
76	OSPF Authentication	0h 12m
77	OSPF Summarization	0h 32m
78	OSPF Stub Areas, OSPF Totally Stubby Areas, OSPF NSSAs, OSPF Totally NSSAs	0h 40m
79	Controlling OSPF NSSA Redistribution	0h 02m
80	OSPF Type 7 to 5 Translator Election, OSPF LSA Type 3 Filter, OSPF Forwarding Address Suppression	0h 24m
81	Route Redistribution Overview	0h 36m
82	Route Redistribution Configuration & Verification, Connected Redistribution	0h 22m
83	OSPF External Path Selection, TCL PING Scripting	0h 33m
84	Routing Loops Overview, EIGRP Route Loop Prevention	0h 55m
85	Metric Based Routing Loops, Route Tagging	0h 46m
86	Administrative Distance Based Routing Loops, Debug IP Routing, IP Route Profile	0h 58m
87	BGP Overview, BGP Peering Types	0h 51m
88	Establishing BGP Peerings, EBGP Multihop, BGP Neighbor Disable Connected Check, BGP TTL Security	0h 49m
89	BGP 4-Byte ASNs	0h 20m
90	BGP Local AS, BGP Peer Groups	0h 30m
91	BGP Next-Hop Self, BGP Next-Hop Processing	0h 30m
92	BGP Route Reflectors	0h 37m
93	Large Scale BGP Route Reflectors with Clusters	0h 34m
94	BGP Confederation	0h 37m
95	BGP NLRI Advertisements, BGP Network Statement, BGP Redistribution	0h 43m
96	BGP Aggregation, BGP Aggregation & Summary-Only, BGP Aggregation & Unsuppress-Map	0h 46m
97	BGP Origin, BGP Aggregation & AS-Set, BGP Aggregation & Advertise-Map	0h 22m
98	BGP Conditional Route Injection	0h 21m
99	BGP Bestpath Selection, BGP Multipath, BGP Weight	0h 53m
100	BGP Local Preference, BGP Local Preference and Communities, BGP AS-Path Prepending,	0h 30m
101	BGP MED, BGP MED Missing As Worst, BGP Deterministic MED	0h 17m
102	BGP Communites, BGP Regular Expressions	0h 43m
103	BGP Filtering, BGP Convergence Timers, BGP Default Routing, Miscellaneous BGP Features	0h 24m
104	MPLS Overview, MPLS Label Distribution Protocol (LDP)	1h 05m
105	MPLS Tunnels, MPLS Penultimate Hop Popping (PHP)	0h 40m
106	MPLS Layer 3 VPNs Overview, VRF Lite	0h 36m
107	MPLS Layer 3 VPNs and VPNv4 BGP	1h 08m
108	MPLS Layer 3 VPN Verification & Troubleshooting	0h 49m
109	MPLS Layer 3 VPN OSPF PE-CE Routing Overview	0h 06m
110	MPLS Layer 3 VPN OSPF PE-CE Routing Path Selection & Sham-Links	2h 01m
111	MPLS Layer 3 VPN OSPF PE-CE Routing Loop Prevention & Down-Bit, OSPF Capability VRF-Lite	0h 40m
112	IPv6 Overview, IPv6 ICMPv6 ND, IPv6 over NBMA	0h 44m
113	IPv6 Routing Overview, IPv6 Static Routing	0h 28m
114	IPv6 RIPng	0h 20m
115	IPv6 EIGRPv6	0h 09m
116	IPv6 OSPFv3	0h 31m
117	MP-BGP for IPv6	0h 26m
118	IPv6 Tunneling	1h 13m
119	Multicast Overview, IGMP	0h 34m
120	PIM Overview	0h 18m
121	PIM Dense Mode	1h 03m
122	PIM Sparse Mode	0h 30m
123	PIM Sparse Mode Configuration	0h 36m
124	PIM Sparse Mode RPF & RP Troubleshooting	0h 27m
125	Auto-RP, Multicast over GRE Tunnels	0h 53m
126	Bootstrap Router (BSR), Bidirectional PIM, Source Specific Multicast (SSM)	0h 40m
127	MSDP, Anycast RP	0h 27m
128	IPv6 Multicast Routing	0h 24m
129	QoS Overview, IntServ QoS, DiffServ QoS, IP Precedence, DSCP, MQC, HQF	0h 41m
130	MQC Classification	0h 44m
131	FIFO, FQ, WFQ, CBWFQ, HQF	0h 50m
132	LLQ	0h 23m
133	WRED	0h 31m
134	Traffic Shaping, Traffic Policing	0h 40m
135	Frame Relay Traffic Shaping (FRTS)	0h 33m
136	RSVP	0h 07m
137	Catalyst 3560 QoS	1h 00m
138	IOS Security Overview, Access Lists (ACLs)	0h 58m
139	Time Based ACLs, Dynamic ACLs	0h 33m
140	Reflexive ACLs	0h 21m
141	TCP Intercept, Content Based Access Control (CBAC)	0h 34m
142	Zone Based Policy Firewall (ZBPF)	1h 09m
143	AAA, Local Authentication, Local Authorization, Role Based CLI Access	0h 43m
144	Port Security, Static CAM Entries, Storm Control, 802.1X Authentication, PACLs, RACLs, VLAN Access Maps (VACLs)	0h 48m
145	DHCP Snooping, Dynamic ARP Inspection (DAI), IP Source Guard	0h 12m
146	Protected Ports, Private VLANs	0h 25m
147	IP Services Overview, HSRP	1h 10m
148	VRRP, GLBP	0h 28m
149	NAT	0h 42m
150	DHCP, DNS	0h 30m
151	NetFlow	0h 09m
152	WCCP, Miscellaneous IP Services	0h 06m
153	System Management Overview, NTP, NTP Authentication	0h 24m
154	SNMP, RMON	0h 38m
155	Syslog, Telnet, SSH, Banners	0h 21m
156	EEM Scripting, Miscellaneous System Management	0h 26m
Total Duration		81h 42m

Slides - Diagrams

Slides - Introduction

Slides - Ethernet Switching

Slides - Advanced Ethernet Switching

Slides - Frame Relay

Slides - PPP

Slides - Transport Bridging

Slides - Redistribution

Slides - IOS Security

Slides - Layer 2 Security

Slides - IP Services

Slides - System Management

0:00:13	So, as we saw in our previous example,
0:00:15	we can use the weight in order to imfluence the outbound path selection.
0:00:20	But the problem is since it's locally significant,
0:00:22	sometimes it's hard to figure out in the design
0:00:25	exactly where do I need to set this attribute in order to make the change.
0:00:30	Now, the preferred way to do this,
0:00:33	to affect our outbound traffic flow, would be to use the local preference.
0:00:36	And the reason why is that it is significant to our entire local autonomous system.
0:00:43	this means thatas router 6 were to receive routes from BB1.
0:00:46	If it were to set the local preference higher,
0:00:50	then it's going to affect all of the other iBGP neighbors in the topology
0:00:54	Likewise, on router 4, if we were to set the route via BB3 to be lower,
0:00:59	and if I were to advertise that route to other peers,
0:01:02	then they would see the local preference of the lower value.
0:01:06	Only once the prefix is advetised between EBGP peers would the local preference value be stripped.
0:01:15	So, let's now say on router 4,
0:01:19	we're not gonna use the weight value.
0:01:21	Instead we're gonna use the local prefernce.
0:01:26	There's essentially two ways that I could accomplish this,
0:01:30	I could go to router 4,
0:01:32	and as the route is coming in from BB3, I could set the local prefernce to be lower.
0:01:38	Or on router 6, as the route comes in from BB1, I could set the local preference to be higher.
0:01:45	Where the default value is gonna be 100.
0:01:51	In either case, this is gonna be done under a route map.
0:01:54	We could match no criteria, which means it would affect all prefixes.
0:02:00	Or we could match any other criteria we want with an access list, with a prefix list,
0:02:04	AS path acces list, communities. Basically, any attribute of the BGP prefix,
0:02:09	we could categorize the route based on that in order to make an attribute change.
0:02:16	So, on router 6, let's configure a route-map,
0:02:19	that is from BB1.
0:02:23	And we'll simply set the local preference to anything higher than 100.
0:02:27	Let's say 101.
0:02:29	Now, under the BGP process, when I received updates in from this neighbor,
0:02:36	I'll apply the route-map from BB1 in.
0:02:42	I Show IP BGP.
0:02:44	We see right now, the local prefernce value is null,
0:02:49	for the EBGP learned routes.
0:02:52	Because local preference is not exchaged between EBGP neighbors,
0:02:55	which means that this is being set to the default.
0:03:01	If I look at the...
0:03:03	Or if I say Clear IP BGP Star(*) In, that's gonna cause a route refresh,
0:03:08	from that particular neighbor.
0:03:10	If we looked at the change, we see now the local preference is set to 101.
0:03:17	Once this change is being made, we should see that any alternate route that was via router 4,
0:03:24	is then gonna be withdrawn.
0:03:28	So, again, likewise, if we look at router 1 and look at the Show IP BGP result,
0:03:32	router 1 sees only one path out of the network.
0:03:39	Because when router 4 receives the path via router 6,
0:03:44	this is a local preference of 101 versus the 100 that's coming from BB3.
0:03:51	Since the higher value is preferred, it means the route with the local preference 100,
0:03:55	this is not elected the best path.
0:03:58	Which then in turn means, it cannot be installed in the routing table.
0:04:01	And it cannot be advertised to any other peer.
0:04:09	Now, since local preference is also higher in the decision process,
0:04:13	then either the AS path origin or med,
0:04:16	we can also use this attribute in order to override the normal path selection that's based on
0:04:22	the number of autonomous systems that we are routing through.
0:04:26	So, if we were to look at this from other ASs,
0:04:30	let's say from AS 300's perspective.
0:04:34	We know that there are essentially three different physical paths,
0:04:38	that will, actually, four different physical paths.
0:04:41	that we could route out of the network in order to reach AS 54.
0:04:45	We could route traffic to router 1, to router 6, to router 5 or to router 2.
0:04:55	When we are receiving the updates about AS 54,
0:04:59	the advertisements that are gonna have the shorter AS path are the ones that are coming directly from AS 100.
0:05:06	So, this means that we would have a length of 1, that's coming from either router 1 and 6.
0:05:12	A legnth of 2 that's coming from router 5.
0:05:17	And a length of 3 if we were to learn the prefixes from router 2.
0:05:23	Now, whether we're actually gonna learn those inbound,
0:05:25	it depends on what AS 300 is choosing as the best path and what it is advertising out.
0:05:33	So, if I were to go to router 2, and look at the Show IP BGP for 112.0.0.0,
0:05:42	router 2 says, "My best path is through router 3."
0:05:48	Which would then imply what about AS 300's view of this particular prefix.
0:06:00	If router 2 is saying, "I'm gonna use router 3 in order to get to this destination."
0:06:06	It means that the path router 2 is learning from router 5 is not gonna be advertised to 3.
0:06:16	So, now, let's say in AS 300, we wanna change the path selection
0:06:20	so the traffic is routed out this direction.
0:06:27	The traffic is gonna go from 300 to 200 to 400 to 100 and then out.
0:06:35	So, what we need to take into account first is what is the order
0:06:40	in which the updates are gonna be advertised.
0:06:44	So, let's say we're gonna do a local preference to accomplish this.
0:06:47	Because from AS 300's perspective, the easiest way to affect an outbound policy,
0:06:52	an outbound traffic policy, is to use local preferences to prefixes are coming in.
0:06:57	So, essentially, I want the higher value
0:07:02	to be on the link to router 2.
0:07:05	I want the lower values...
0:07:10	The lower values to be on the links between switch 1 and router 6.
0:07:16	Router 3 and router 1 and router 3 and router 5.
0:07:21	The problem we could run into in these type of designs is that sometmes
0:07:26	the path selection can be based on the order that the BGP process is loading.
0:07:31	And this is what is then termed that BGP wedgy.
0:07:35	That once we apply the policy, even though the local preference could be potentially higher via router 2,
0:07:44	it would mean that we can't actually use that path because router 2 is not advertising it back to us.
0:07:52	Now, one way that we could solve this type of probelm
0:07:55	would be to use BGP communiities in order to signal the remote AS to change its local preference.
0:08:03	And there's a specific RFC that defines this.
0:08:07	And this is a very common policy to use for the global table. The global internet BGP table.
0:08:13	In order to affect how traffic is returning to your AS.
0:08:18	So, if you search for BGP Community Policy RFC,
0:08:26	it is the application of the BGP community attribute in multi-home routing.
0:08:32	Now, essentially, what this RFC says,
0:08:35	that the service providers should implement a policy that says,
0:08:41	"If someone's signals you with your AS number,
0:08:47	followed by 70, 80 or 90,
0:08:52	as you received those prefixes in,
0:08:55	you should change your local preference to either 70, 80 or 90 respectively.
0:09:03	Where the community number is gonna be based on the autonomous system number
0:09:07	that is assignedfor that particular AS.
0:09:09	So, let's assume, in this case that we're trying to affect this for router 2.
0:09:13	Router 2 which is AS 200.
0:09:15	This means that on the outbound advertisement,
0:09:19	from router 3 to 2, if we were to signal 200:70,
0:09:27	this sets for router 2 inbounds to set the local preference to 70.
0:09:33	Which means it would then be the less preferred exit point.
0:09:39	Because router 2 on the other exit point is receiving the local preference of 100.
0:09:44	This in turn would then cause the route advertised by router 3 to no longer the best path.
0:09:51	The route via router 5 to be advertised on,
0:09:55	which then potentially we could use this for the traffic routing.
0:10:02	So, it's kind of an interesting implementation because we're using an outbound community
0:10:08	in order to get someone else to change their local preference inbound.
0:10:12	And this is a much simpler policy to implement as opposed to doing AS path prepending.
0:10:19	Now, the reason why you can use this instead of prepending,
0:10:23	it's actually better than prepending.
0:10:24	Because the community attributes on the internet are generally transitive
0:10:30	and will not be stripped as the providers are sending their updates.
0:10:37	Now, for your particular peers that are you're actually connecting to,
0:10:40	inside the BGP peering agreement,
0:10:43	those specified what their policy is that they're setting up for these communities.
0:10:46	But in general, if you search for a particular provider,
0:10:49	let's say...
0:10:52	AT&T BGP Community...
0:10:55	Community Policy.
0:11:01	A lot of times, you can see different sites that have published the policies for the different providers.
0:11:06	This one says that this is the policy that AT&T is using.
0:11:10	Okay, obviously, it might not be the most updated one, so if you're actually peering with AT&T,
0:11:14	you wanna get it directly from them.
0:11:17	If we look down into the community numbers they are using,
0:11:23	it says that if someone signals them with 7018:100,
0:11:29	they're gonna set the local preference to 100.
0:11:30	Now, 7018 is their autonomous system number.
0:11:33	If you signal them with 7018:90,
0:11:36	they're gonna use 90, 7018:80, 7018:70, etc.
0:11:42	Now, what's interesting about this policy
0:11:45	is that since the community values are generally transitive
0:11:49	where the service providers are not stripping them between advertisements.
0:11:53	It means that I could actually affect AT&T's routing towards me
0:11:58	even if I'm not directly peering with them.
0:12:02	So, let's say theoretically, I'm AS 1 at the top of the network.
0:12:07	And I'm peering with Level 3.
0:12:11	I'm peering with British Telecom.
0:12:14	And I know, somewhere in the backend, both of them are peering with AT&T.
0:12:22	Now, based on the geography of my network, maybe I'm peering with Level 3 in New York.
0:12:28	And I'm peering with British Telecom in London.
0:12:34	Now, the problem I'm gonna run into,
0:12:36	is that if I want to affect how AT&T sends me their traffic,
0:12:40	from my perspective as AS 1,
0:12:44	generally, what is the policy that I would have to implement?
0:12:52	So, I'm trying to affect my return traffic.
0:12:56	Let's say that I want AT&T to route through Level 3 in order to reach me.
0:13:02	If this is inbound...
0:13:05	traffic,
0:13:09	it means that I would have to apply an outbound policy.
0:13:14	Normally, this policy would be implemented through AS path prepending.
0:13:19	So, I would wanna do the prepending in what direction?
0:13:22	What direction and towards who?
0:13:28	I'm going to prepend out. Okay, technically, you can prepend in but there's really no reason to do that.
0:13:31	Okay, it's kind of a bad etiquette to prepend someone else's AS in.
0:13:38	So, I'm gonna prepend outbound on AS 1.
0:13:41	To what peer? To Level 3 or to BT?
0:13:46	If I want the traffic to be received in from Level 3,
0:13:50	it means I would have to do the prepending out this direction.
0:13:54	So, add AS 1 a bunch of times.
0:13:58	Now, in doing that, what I could potentially do is then force BT to route that direction as well.
0:14:06	But maybe that's not what I want.
0:14:07	Maybe I want BT to route their traffic directly to me. But then AT&T to go this way.
0:14:14	So, what I could do is since I know already in general what the providers policy is supposed to be.
0:14:22	Okay, 99% of the time, you can assume that if you signal the community ASN followed by 90, 80 or 70,
0:14:32	these are gonna be the local preference values that that AS is gonna set in.
0:14:37	So, this means on AS 1 is I send my route out to BT, I could set 7018:70, where AT&T is 7018.
0:14:50	It means when they receive the update in from BT, there change in the local preference to 70.
0:14:56	Where the other exit point via Level 3, this is gonna get the default value of 100.
0:15:04	So, what I've effectively done is changed someone else's path selection that's multiple hops away in the internet.
0:15:12	Based on the fact that the community attribute is actually transitive between the routers.
0:15:19	Now, you can actually see this in the route service if you're to look at pretty much any of the prefixes.
0:15:26	You'll see that a lot of the times, they'll contain community attributes
0:15:31	that are not related to that local autonomous system.
0:15:35	So here, if we look at the Show IP BGP
0:15:39	and let's pick any prefix, let's pick this first one.
0:15:43	Show IP BGP 1.5.0.0/16.
0:15:48	Now, notice that this prefix is originated by 4725.
0:15:53	Inside of the updates,
0:15:57	someone signaled 2516:1040.
0:16:04	Somebody else signaled 852:180.
0:16:08	Now, whether this happened in this particular case, whether this happened from 4725 or 6939, or 852 itself,
0:16:16	it doesn't raelly matter from our perspective.
0:16:18	Now, we don't know what 852:180 means but it's gonna mean something to AS 852.
0:16:26	So, the key is that these values generally will be transitive.
0:16:32	Assuming that your provider is not resetting the value.
0:16:35	Okay, we'll look at this in a couple of minutes when we look at how to implement the communities.
0:16:40	When you set the community attribute, if I say Set Community 1234:10,
0:16:46	it means that I'm gonna replace the entire community string with that new value.
0:16:53	In general, when you set the community, you would wanna say additive at the end.
0:16:57	So, you're not destroying the previous values.
0:17:03	So, it's kind of an interesting implementation that you can affect ASs that are multiple hops away
0:17:09	that you're not even directly peering with in order to get a change of your inbound traffic flows.
0:17:18	So, you'll see there are some examples of this in...
0:17:21	I believe it's covered somewhere in the volume 2 workbook at least.
0:17:24	The key is that in order to implement this,
0:17:26	the provide in their edge, basically has a giant route-map
0:17:30	that says, "Match all these particular communities and then set the local preference accordingly."
0:17:35	So, in our particular topology, in order to implement this,
0:17:38	what we would first need to do is to go to router 2,
0:17:43	and say,"As I receive updates in from this peering,
0:17:48	check for the community 200:70."
0:17:53	If that value is there, then I'm gonna set the local preference to 70.
0:18:00	Then likewise on thet peering that comes in from router 5,
0:18:04	I would have essentially the same thing applied in
0:18:06	that says, "If it comes in and then has the value of 200:70, 200:80, then set the local preference accordingly."
0:18:24	So, where the local preference is usually used to affect your outbound traffic,
0:18:31	you can use it in the opposite direction in order to affect someone else's outbound traffic.
0:18:39	But the key point to remember is that the local preference itself is not transitive.
0:18:44	By using the transitive community attribute, it's kind of like the reverse hack on the process
0:18:50	that we're causing them to set their local preference inbound.
0:18:54	And the reason why you would want to do this,
0:18:56	is that local preference is higher in the decision process than either AS path or med.
0:19:03	Now, if I wanted to have router 2 route that direction.
0:19:10	So, I want the traffic to go from 3 to 2 and then to 5,
0:19:15	most likely I could implement this just on AS 300.
0:19:19	But it's gonna be fairly difficult in order to actually get this process to work.
0:19:23	So, let's try this out here on the command line.
0:19:26	At the end result of this, I want router 3 to be able to route its traffic that direction.
0:19:33	This means that when 3 advertises the route to 2,
0:19:38	I need to first make sure that 2 does not choose this as the best path.
0:19:45	So, from router 3's perspective, how can I force router 2 not to use 3 as the exit?
0:19:57	One way I could do that is with AS path prepending.
0:20:01	So on router 3, as I send the update out to router 2,
0:20:03	I'm gonna set my AS number a bunch of times.
0:20:11	So, on router 3, first, let's configure a route map
0:20:15	that is out to router 2.
0:20:18	We'll say, Set AS Path Prepend 300.300.300.300.
0:20:23	So, we'll prepend four times.
0:20:26	I would then assume that my advertisement to them
0:20:30	of their normal AS path plus an additional four
0:20:34	is gonna be longer than any other alternate path that they have.
0:20:39	But the problem is I can't really guarantee that by doing the AS path prepending.
0:20:43	I'd have to go to their BGP table and actually look at the result to see if it worked.
0:20:51	So now, under the BGP process, let's say, as I advertise prefixes out to router 2,
0:20:57	use the route map to router 2 out.
0:21:05	On router 2, if we say Clear IP BGP In,
0:21:10	this is gonna ask router 3 for a route refresh,
0:21:13	and apply the new policy.
0:21:17	I could see now that the path is via router 3, this is now the longer AS path.
0:21:25	So, I have an AS path link to 5
0:21:28	versus 1, 2, 3, 4, 5, 6, 7, 8, 9.
0:21:34	Since router 2 is now using this as the best route,
0:21:38	it would then imply that I can now advertise this route to router 3.
0:21:46	Now, to actually test this, I'm not sure if I did this before,
0:21:49	let's say, Show IP BGP Regular Expression caret dollar (^$) sign.
0:21:52	I need to advertise something on router 2.
0:21:55	So, let's advertise its own local loopback.
0:22:01	Then, to validate this, we're going to trace 112.0.0.1
0:22:06	with a source of loopback zero.
0:22:09	So now, I'm going to router 5.
0:22:13	From router 3, I'm gonna do the same thing. So, let's go under the BGP process.
0:22:23	And actually, let's not do it on router 3, let's do it from...
0:22:26	switch 3. So we can see the multiple hops that we're transiting.
0:22:29	When we're finally done with this, I want switch 3 to send the traffic to switch 1,
0:22:34	to router 3, to router 2,
0:22:37	2 to 5.
0:22:39	5 is then gonna either choose 1 or 4.
0:22:41	I don't necessarily care in this case. As long as we go out to AS 100.
0:22:45	And then, to router 6, and then finally out to the final destination.
0:22:51	But the key is that I'm re-routing around the long way.
0:22:54	I'm not going directly from 300 to 100.
0:23:00	So, on switch 3,
0:23:03	I'll advertise my own local loopback.
0:23:12	Then, ping 112.0.0.1
0:23:15	when I'm sourcing from the loopback zero.
0:23:17	So, we could see, I have a route to them.
0:23:19	Everyone in the transit path has a route to them.
0:23:23	They have a route back,
0:23:24	and everyone in the reverse transit path has a route back to me.
0:23:29	Now, if the pings didn't go through, then, it means either there's a problem on the way there, or on the way back.
0:23:35	But since the request went out and the response came back in,
0:23:38	it means routing is working bi-directionally.
0:23:42	If I now were to do a trace to 112.0.0.1.
0:23:48	Source from 150.28.9.9,
0:23:51	which is my loopback.
0:23:55	I'm going from myself to switch 1 to router 6.
0:24:00	Which is not what I want.
0:24:02	So now, I need to modify the path further
0:24:05	to make sure that switch 1 does not choose this
0:24:10	as the exit point.
0:24:13	Now, there's a couple different ways that I could do this.
0:24:17	Since I'm now trying to affect my outbound traffic flow,
0:24:21	it means I'm going to apply an inbound policy.
0:24:25	In general, the inbound policy is gonna be applied by either weight or local preference.
0:24:30	Again, the problem with weight though is that it's only locally significant.
0:24:34	So, it's probably more efficient to use local preference,
0:24:36	because I can set that just on one exit point,
0:24:40	and it's going to affect everyone.
0:24:44	So, in this particular design,
0:24:47	what's the one exit point that I could change the local preference on
0:24:52	in order to get this result in traffic flow.
0:24:59	Now, since I already did the prepending out on 3,
0:25:04	it should now mean that router 3 is learning a path via router 2.
0:25:09	So, if I Show IP BGP 112.0.0.0,
0:25:13	I do see that I have a potential path via router 2.
0:25:17	But since the AS path link is longer, that's not the one that I'm actually using.
0:25:21	I'm using the shorter AS path
0:25:22	with the link of 4
0:25:25	versus the one that has the...
0:25:28	link of 6.
0:25:31	But the local preference for all of these is still the same.
0:25:34	This means that if I were to change this first route to have a higher local preference,
0:25:40	it should then affect my entire AS.
0:25:44	So, on router 3, now I need to separate route map.
0:25:46	One that is gonna be from router 2
0:25:50	that says, "Set the local preference to anything greater than 100."
0:25:54	So, let's say 200.
0:25:57	Then, under the BGP process,
0:26:00	we'll say, "As the updates come in from router 2,
0:26:07	apply the route map from R2 in."
0:26:13	Now, if I Clear IP BGP Inbound,
0:26:16	that's gonna ask router 2 for a route refresh and apply the new policy.
0:26:19	If I look at the Show IP BGP for that prefix,
0:26:24	we can see now, it changed what the best path was.
0:26:29	Additionally, it affected what are the other possible routes that I was learning.
0:26:35	Notice that before, I have four different paths to this destination.
0:26:39	One of them was internal,
0:26:43	three of them were external.
0:26:46	Once I made the local preference change, the other internal path was going away.
0:26:55	Now, if I lost that last internal path,
0:26:58	what can I now infer about the rest of my autonomous system.
0:27:12	Since I know they that if they are routing through me,
0:27:15	they cannot advertise me alternate paths.
0:27:19	Since they no longer advertising me alternate paths,
0:27:22	I can pretty safely assume that they are routing through me now.
0:27:28	So, at any given time, depending on who's perspective you're looking at the BGP table from,
0:27:35	they will see different views of the global topology.
0:27:41	The device that is used as the exit point
0:27:44	is generally going to see last possible paths
0:27:48	than the devices that have alternate exit points that they are not using.
0:27:54	So, router 3 is the preferred exit point now,
0:27:56	which means, it is not gonna learn about any other
0:27:59	possible exit points.
0:28:02	If we look at the end result of this and go to switch 3,
0:28:05	and do the traceroute
0:28:09	to 112.0.0.1 from my own local loopback,
0:28:16	now, I'm getting the traffic flow that I wanted.
0:28:23	So, the key point for any of these best path selections
0:28:27	is you first need to think about
0:28:30	what are the potential different views that the routers have at the topology.
0:28:35	And based on that, what are the possible paths that it can advertise to the other neighbors.
0:28:42	So, when I started to make the path change to go this direction,
0:28:47	what I needed to do first was to look at router 2
0:28:50	to make sure it was even advertising to router 3 to begin with.
0:28:57	Since by default, based on whatever value,
0:29:00	it could have been something as simple as the lower address of the neighbor,
0:29:04	router 2 is actually using this path in order to get to the destination.
0:29:10	This would then imply that router 2 would not advertise an alternate path to router 3.
0:29:18	So, that was the first step to solve.
0:29:19	To get router 2 to advertise the alternate path to router 3.
0:29:23	That's what the prepending was accomplishing here.
0:29:26	Once router 2 withdrew this advertisement,
0:29:30	or excuse me, the other way around.
0:29:32	Once it said that the advertisement coming from router 3 is no longer the best path,
0:29:38	it means that we can advertise the alternate path.
0:29:41	Once router 3 learned that path,
0:29:43	then, we can change the local preference to be the preferred exit point
0:29:47	versus the default of 100
0:29:50	that is via the other interfaces.

Now Viewing

CCIE R&S Advanced Technologies Class v4.5
Title:	CCIE R&S Advanced Technologies Class v4.5
Duration:	81h 42m
The CCIE Routing & Switching Advanced Technologies Class is the first step in understanding CCIE level technologies and is a companion to the Advanced Technologies Lab Workbook. Each technology you need to know for the CCIE Routing & Switching lab will be described in detail using an instructor led hands on demonstration. The class consists of over 80 hours of in depth explanations and examples.
Get instant access to our entire library!
	Sign Up
Download this Course
$299.00	Add to Cart

BGP Local Preference, BGP Local Preference an...

Create Bookmark