# BGP and RIP and OSPF and Routing Protocols # Fri Sep 8 12:18:39 EDT 2017 A routing protocol does three things: 1. Discovery (identify other routers on the network) 2. Route management (track possible destinations) 3. Path finding (dynamically decide how/where to send traffic) RIP and OSPF are Interior Gateway Protocols (IGP). BGP is and Exterior Gateway Protocol (EGP), the routing protocol of the public internet. ## RIP ## RIP is an old distance vector routing protocol that uses hop count as a metric to find the best route. It routes messages up to fifteen hops (a limit to prevent routing loops). RIP routers send messages to query routing tables from neighboring routers. Neighbors respond by sending their full routing tables. The original routers merges all the replies into its own routing table. These exchanges occur periodically (usually every thirty seconds) to propagate changes across the network. Every RIP packet includes a command, a version number, a Routing Domain, and up to twenty-five routes. The routing domain specifies which routers should pay attention; more than one routing domain can operate on the same network. Each of the twenty-five routes include the starting address of the network, the netmask, the next-hop IP, and a Metric indicating how many hops away the network is. ("Routing by rumor"; RIP includes networks it had only heard about, and when it re-sends that route it increments the metric.) Configuring RIP is usually as simple as setting which networks to advertise. RIP has three versions: RIP v1 (obsolete), RIP v2, and RIPng (which adds IPv6 support). RIP uses UDP port 520 (and 521 for RIPng). On OpenBSD, see RIPD(8), RIPD.CONF(5), and RIPCTL(8). On linux, check out the "quagga" packages and quagga's ripd. ## OSPF ## Open Shortest Path First improves on RIP by removing the fifteen hop limit. OSPF is a link-state routing protocol that uses a routing hierarchy to improve performance and management on larger networks. OSPF is more complex than RIP, but significantly more capable. OSPF routers can exchange individual route data (Link State Advertisements) rather than entire routing tables. Routing information propagates through a routing domain by a process called _flooding_. OSPF routers discover one another automatically via OSPF hello packets. OSPF routers communicate via two multicast groups: 224.0.0.5 (all Shortest Path First routers) and 224.0.0.6 (all Designated Routers). OSPF runs directly on top of IP and uses neither TCP nor UDP. Terms: - Autonomous System (AS): the routing domain (may be subdivided into Areas) - Router ID: a unique 32-bit number for each router. By default, this is based on the highest IP address assigned to the router. (If necessary, assign an address to a loopback interface to act as the router ID.) - Neighbor routers: two routers sharing a common link - Adjacency: a two-way relationship between neighbor routers (not necessarily a given) - LSA: link state advertisements describe routes and spread by "flooding". - Hello: messages routers use to find neighbors - Area: a hierarchy of routers that exchange LSA's (By defining the scope/boundry outside which a rounter need not concern itself, an Area designation keeps a lid on the size of the link-state database.) - Backbone Area: also called "area zero" (0.0.0.0) is special; all other areas must touch area zero. - Stub area: an area where we don't allow advertisements of external routes. Instead, stub areas reach the outside by a default summary route (0.0.0.0). How OSPF operates: 1. When the router starts, it sends hello packets to discover its neighbors - The hello packet includes link-state info and a list of known neighbors. - Replying with such a hello serves as an ACK. 2. Elect a "Designated Router" if necessary - If the link between two routers is point-to-point, that's enough to consider the link up. - If the link between two routers is broadcast, an election must decide if the link is up. - The router with the largest IP address wins the election, unless we tip the scales by setting a Priority ID for our best router. - The DR (and/or Backup DR) acts as centralization point for database synchronization. - (Having a central database make bringing up new routers more efficient, since they won't need to sync with every other router. The DR keeps OSPF scalable.) OSPFv2 exchanges can be authenticated. OSPFv3 uses IPsec. OSPF supports various auth schemes, and different schemes can be configures for different areas. On OpenBSD, see OSPFD(8), OSPFD.CONF(5), and OSPFCTL(8). (There are IPv6 version too, like `ospf6ctl`.) On linux, check out the "quagga" packages and quagga's ospfd. #### OSPF Cost #### When a router has more than one possible route to the same destination network, it uses a route **metric** to choose between them. RIP uses hop count as the metric. OSPF calls its metric "cost". OSPF assigns cost per interface. The cost of an interface is inversely proportional to its bandwidth (i.e. — a fast link has a low cost). OSPF calculates the cost as 100000000 (bits per second, i.e., 100 Mbps) divided by the actual bandwidth of the link in bps. For example, a 6Mbps link has a cost of 16.666 (100000000/6000000). In most OSPF implementations, it also possible to manually configure a link cost. #### OSPF and VPN's #### OSPF can't flood routes across IPsec (no routable interface, and IPsec doesn't pass multicast traffic). Use a GRE tunnel, or a VTI. It's also possible to in some scenarios to configure OSPF in non-broadcast mode. ## BGP ## BGP (Border Gateway Protocol) is the routing protocol of the internet. (It bears minimal resemblance to RIP, OSPF and EIGRP, which are all interior gateway protocols.) Someone on the internet describes BGP: > AS, standing for Autonomous System, is like an ISP's name. BGP spreads routing information by rumor. For example, I start the rumor that I can route to IP addresses in 1.2.3.0/24, and tell my peer ISPs. They tell their peers I told them... etc. To prevent rumors from going in circles, you keep a record of every ISP in the path of spreading the rumor, and call it the AS path. (Otherwise you could never retract the rumor, as it would go in circles. BGP speakers do not accept rumors that they themselves are in the path of. (Except in cases of dirty hacks, but then only a finite number of times.)) Imagine the following scenario. We have a company with a router, a web server, and a mail server. We want the redundancy of two different ISP's. How do we keep our web and mail server available on either of the connections? Use our own IP address (rather than ones from the ISP's) and BGP. Of course, this is less useful to non-huge companies than it was before IPv4 address exhaustion. It is possible to get IPv6 blocks from ARIN if (as of 2017) you meet one of the following requirements: - Be (or plan to be) IPv6 multi-homed using an assigned valid global Autonomous System Number (ASN) - Have a network that makes active use of a minimum of 2000 IPv6 addresses or 200 /64 subnets (or will within a year), or - Justify why IPv6 addresses from an ISP or other LIR are unsuitable Getting an ASN involves paying ARIN an initial fee ($550) and an annual recurring fee ($100). Note that it is often unnecessary to own an IPv4 block to do multihoming (which is good, since they're scarce). Many ISP's willing to lease a /24 or larger to customers, are also willing to let customers announce that block on a second link from another ISP. ## Links ## - https://networklessons.com/bgp/introduction-to-bgp/ - https://www.arin.net/resources/first_ipv6_request.html - https://www.arin.net/fees/fee_schedule.html#asns - https://www.arin.net/resources/request.html - https://www.lowendtalk.com/discussion/44205/is-it-possible-to-access-bgp-anywhere-for-free-ipv6-block-anyone - https://www.lifewire.com/top-network-routing-protocols-explained-817965 - http://www.techrepublic.com/article/select-the-right-routing-protocol-for-your-network/ - https://debian-handbook.info/browse/stable/sect.dynamic-routing.html - https://tools.ietf.org/html/rfc2453 - https://en.wikipedia.org/wiki/Routing_Information_Protocol - https://tools.ietf.org/html/rfc2328 - http://www.nongnu.org/quagga/docs/docs-info.html (This is good info.) - https://en.wikipedia.org/wiki/Open_Shortest_Path_First - https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/13703-8.html - http://www.enterprisenetworkingplanet.com/netsp/article.php/3609151/Networking-101-Understanding-RIP-Routing.htm - http://www.enterprisenetworkingplanet.com/netsp/article.php/3610496/Networking-101-Understanding-OSPF-Routing.htm - https://www.juniper.net/documentation/en_US/junos/topics/concept/ospf-routing-overview.html - https://www.cisco.com/c/en/us/support/docs/ip/open-shortest-path-first-ospf/9237-9.html - https://news.ycombinator.com/item?id=15570082