In BGP (Border Gateway Protocol), you can manipulate traffic paths for outbound traffic (traffic leaving your AS) and inbound traffic (traffic entering your AS) using different techniques. Here are two common methods for manipulating traffic paths in BGP:
Inbound Traffic Path Manipulation:
To influence the outbound traffic path, you can manipulate BGP attributes associated with the routes you advertise to your neighboring ASes. By adjusting these attributes, you can encourage the selection of specific paths by other ASes. Here are some techniques:
- AS Path Prepending: You can prepend your AS number multiple times to the AS path attribute of the routes you advertise. This increases the length of the AS path and makes the path less desirable for inbound traffic from other ASes. Neighboring ASes are more likely to choose an alternative path with a shorter AS path.
- MED (Multi-Exit Discriminator): Use the MED attribute to influence the outbound traffic path selection by other ASes. By setting different MED values for routes advertised to different ASes, you can encourage certain ASes to prefer specific paths.
- Outbound Route Filtering: Apply outbound route filtering to control which routes you advertise to specific ASes. By filtering certain routes, you can influence the paths chosen by other ASes for outbound traffic.
Outbound Traffic Path Manipulation:
To manipulate the inbound traffic path, you can influence the decisions made by neighboring ASes when selecting the best path to reach your AS. This is typically done by modifying BGP attributes that affect the inbound path selection process. Here are some techniques:
- Local Preference: Assign a higher local preference value to routes received from a specific neighboring AS. Neighboring ASes are more likely to choose the path with the higher local preference when forwarding traffic toward your AS.
- AS Path Filtering: Use AS path filtering to control the paths that neighboring ASes can take to reach your AS. By filtering certain AS paths, you can influence inbound traffic to follow specific paths.
- Route Aggregation: Aggregate routes to summarize multiple more specific routes into a single route announcement. This can influence the inbound traffic path by encouraging neighboring ASes to choose the aggregated route instead of individual routes.
It’s important to note that traffic engineering using BGP manipulation should be done carefully, considering the impact on network stability, scalability, and the agreements with neighboring ASes. Communication and coordination with upstream and downstream providers are crucial to ensure consistent and predictable traffic routing.
COMMUNITIES
In BGP (Border Gateway Protocol), communities are used as a mechanism to tag and group routes. They provide a way to mark routes with specific attributes or policies, allowing network operators to control the behavior of neighboring Autonomous Systems (ASes) and manipulate routing decisions. Communities are typically used to influence inbound traffic paths, although they can also be used for outbound traffic manipulation in some scenarios.
Here’s how communities are used in BGP and their role in traffic path manipulation:
- Tagging and Classification:
Communities are numeric or alphanumeric values attached to BGP routes. They serve as tags that can be assigned to routes to categorize them based on certain criteria or policies. For example, you can tag routes belonging to a specific customer, geographic location, or service type using communities.
- Policy Enforcement:
Communities allow network operators to define routing policies and enforce them with neighboring ASes. By attaching communities to routes, network operators can communicate specific policies to their peers and influence their routing decisions. These policies can include preferences, traffic engineering instructions, or blackholing/traffic diversion directives.
- Inbound Traffic Engineering:
The primary use of communities is to influence inbound traffic paths. By assigning communities to routes, network operators can signal their preferences to neighboring ASes. Neighboring ASes can then use these communities to make routing decisions, such as preferring certain paths over others based on the communities attached to the routes.
- Outbound Traffic Manipulation:
While communities are primarily used for inbound traffic engineering, they can also be used for outbound traffic manipulation in certain scenarios. For example, communities can be used to tag and group routes based on their characteristics or policies. This can help in controlling the selection of outbound paths by influencing the routing decisions of neighboring ASes.
It’s important to note that the interpretation and actions taken by neighboring ASes regarding communities may vary. It is typically based on bilateral agreements or configuration specific to each AS. Therefore, using communities for traffic path manipulation requires coordination and communication with neighboring ASes to ensure consistent behavior.
Overall, communities in BGP are a powerful tool for network operators to communicate routing policies, influence inbound traffic paths, and, to some extent, manipulate outbound traffic paths by influencing the routing decisions of neighboring ASes.
BGP BEST PATH SELECTION ORDER
This is the order used to select the paths.
1. WEIGHT – path with HIGHEST weight (Cisco Proprietary)
2. LOCAL_PREF – path with the HIGHEST LOCAL_PREF # (Default = 100)
3. Locally originated via NETWORK or AGGREGATE subcommands or through REDISTRIBUTION from IGP
4. AS_PATH – path with SHORTEST AS_PATH
5. Path with the LOWEST origin type
NOTE: IGP is lower than EGP and EGP is lower than INCOMPLETE
6. MED – path the the LOWEST MED
7. Prefer eBGP over iBGP paths
8. Path with the LOWEST IGP metric to the BGP next hop
That is not all of them but you’ll never get that far hopefully.
One more important note. ALWAYS filter both inbound and outbound announcements! Never assume that your peer will be doing your filtering for you.