6 min read
On this page

Advanced Routing Protocols

BGP (Border Gateway Protocol)

BGP is the de facto inter-domain routing protocol. BGP-4 (RFC 4271) is a path-vector protocol where ASes exchange reachability information with policy-based route selection.

BGP Message Types

| Message | Purpose | |---------|---------| | OPEN | Establish session, negotiate capabilities | | UPDATE | Advertise new routes or withdraw existing ones | | KEEPALIVE | Maintain session liveness (default 60s interval) | | NOTIFICATION | Report errors, close session |

BGP Path Attributes

Attributes attached to each route announcement drive selection and policy.

| Attribute | Category | Description | |-----------|----------|-------------| | AS_PATH | Well-known mandatory | Ordered list of ASes the route traverses | | NEXT_HOP | Well-known mandatory | IP address of next-hop router | | LOCAL_PREF | Well-known discretionary | Preference within an AS (higher = preferred) | | MED | Optional non-transitive | Hint to neighboring AS for entry point selection | | COMMUNITY | Optional transitive | 32-bit tag for grouping and policy signaling | | ORIGIN | Well-known mandatory | How the route was injected (IGP, EGP, incomplete) | | ATOMIC_AGGREGATE | Well-known discretionary | Indicates route aggregation occurred |

BGP Route Selection Process

Applied in order until a single best route remains:

  1. Highest LOCAL_PREF
  2. Shortest AS_PATH length
  3. Lowest origin type (IGP < EGP < incomplete)
  4. Lowest MED (compared only among routes from same neighboring AS, by default)
  5. eBGP over iBGP
  6. Lowest IGP metric to NEXT_HOP
  7. Lowest router ID (tiebreaker)

BGP Policies

Policies implement business relationships through route filtering and attribute manipulation.

Export rules (what an AS advertises):
  - To provider: own routes + customer routes
  - To peer: own routes + customer routes
  - To customer: everything (full table)

Import rules (preference ordering):
  - Customer routes > Peer routes > Provider routes
  (Implemented via LOCAL_PREF: customer=150, peer=100, provider=50)

BGP Communities

Communities are tags that signal policy intent across AS boundaries.

| Community | Meaning | |-----------|---------| | NO_EXPORT (0xFFFFFF01) | Do not advertise outside the AS confederation | | NO_ADVERTISE (0xFFFFFF02) | Do not advertise to any peer | | NO_EXPORT_SUBCONFED | Do not advertise outside the local AS | | Custom (ASN:value) | Operator-defined (e.g., 64500:100 = "learned from peer") |

Large communities (RFC 8092) use a 4-byte ASN field: ASN:function:parameter.

Route Reflectors

Full-mesh iBGP (N*(N-1)/2 sessions) does not scale. Route reflectors (RR) reduce this.

        RR
      / | \
  Client Client Client
  • Clients peer only with the RR, not with each other.
  • RR reflects routes learned from one client to others, adding an ORIGINATOR_ID and CLUSTER_LIST to prevent loops.
  • Hierarchical RR designs possible but can cause suboptimal routing if not carefully designed.

BGP Hijacking

An AS falsely originates or more-specifically announces another AS's prefix.

| Attack Type | Method | |-------------|--------| | Prefix hijack | Announce exact prefix belonging to another AS | | Sub-prefix hijack | Announce more-specific prefix (wins longest-prefix match) | | AS-path manipulation | Prepend victim's ASN to appear legitimate |

Defenses:

  • RPKI (Resource Public Key Infrastructure): Cryptographically binds prefixes to authorized origin ASes via ROAs (Route Origin Authorizations).
  • BGPsec: Extends RPKI to validate the entire AS path (limited deployment).
  • IRR filtering: Filter based on Internet Routing Registry data.
  • Prefix monitoring: RIPE RIS, BGPStream, Cloudflare Radar detect anomalies.

OSPF (Open Shortest Path First)

OSPF (RFC 2328 for v2, RFC 5340 for v3) is a link-state IGP. Each router maintains a complete topology database and runs Dijkstra's SPF algorithm.

OSPF Areas

Areas limit flooding scope and reduce computation.

         Area 0 (Backbone)
        /       |        \
    Area 1    Area 2    Area 3
  • Area 0: Backbone; all areas must connect to it.
  • ABR (Area Border Router): Connects non-backbone area to Area 0; summarizes routes between areas.
  • ASBR: Redistributes routes from external sources into OSPF.

OSPF LSA Types

| Type | Name | Scope | Description | |------|------|-------|-------------| | 1 | Router LSA | Intra-area | Links and costs of a router | | 2 | Network LSA | Intra-area | Multi-access network info (from DR) | | 3 | Summary LSA | Inter-area | ABR summarizes routes to other areas | | 4 | ASBR Summary | Inter-area | Reachability to an ASBR | | 5 | AS-External | AS-wide | External routes redistributed by ASBR | | 7 | NSSA External | NSSA area | External routes in not-so-stubby areas |

Stub Area Variants

  • Stub area: No Type-5 LSAs; ABR injects default route.
  • Totally stubby: No Type-3 or Type-5; only default route.
  • NSSA: Allows limited external route injection via Type-7 LSAs.

IS-IS (Intermediate System to Intermediate System)

IS-IS is an ISO link-state protocol adapted for IP. Runs directly on Layer 2 (not IP), making it independent of the network layer.

| Feature | OSPF | IS-IS | |---------|------|-------| | Runs on | IP (protocol 89) | Layer 2 (ethertype 0x83) | | Hierarchy | Multi-area with backbone | Two-level (L1/L2) | | TLV extensibility | Limited | Highly extensible via TLVs | | IPv6 support | OSPFv3 (separate) | Single protocol with multi-topology | | Typical deployment | Enterprise | Large ISP backbones |

MPLS (Multiprotocol Label Switching)

MPLS forwards packets based on fixed-length labels rather than IP longest-prefix match, enabling traffic engineering and VPN services.

MPLS Header

| 20-bit Label | 3-bit TC | 1-bit S | 8-bit TTL |

Labels are stacked; the S (bottom-of-stack) bit indicates the last label.

Label Distribution

  • LDP (Label Distribution Protocol): Follows IGP shortest path; no TE capability.
  • RSVP-TE: Reserves resources along explicit paths for traffic engineering.
  • BGP: Distributes labels for VPN services (L3VPN, L2VPN).

MPLS Traffic Engineering

RSVP-TE establishes Label Switched Paths (LSPs) along constrained paths:

  1. Headend router computes path using CSPF (Constrained SPF) with TE metrics.
  2. RSVP PATH message sent along computed path.
  3. Each hop reserves resources and allocates labels.
  4. RSVP RESV message returns with label bindings.
  5. Traffic forwarded along the LSP using label swapping.

MPLS L3VPN (RFC 4364)

CE --- PE ---- P ---- P ---- PE --- CE
       |  MPLS core (label switching)  |
       VRF                            VRF
  • PE (Provider Edge): Maintains per-customer VRFs (Virtual Routing and Forwarding).
  • P (Provider): Core routers; only switch labels; no customer routes.
  • CE (Customer Edge): Customer router; peers with PE via eBGP, OSPF, or static routes.
  • MP-BGP distributes VPNv4 routes between PEs with Route Distinguishers and Route Targets.

Segment Routing

Segment Routing (SR) encodes a path as an ordered list of segments (instructions) in the packet header, eliminating per-flow state in the network.

SR-MPLS

  • Uses the MPLS data plane; segments are MPLS labels.
  • Node SID: Globally unique, identifies a node (shortest path to that node).
  • Adjacency SID: Locally significant, identifies a specific link.
  • Distributed via IGP extensions (IS-IS/OSPF SR extensions).
  • No LDP or RSVP-TE needed; simplifies control plane significantly.
Packet path: [Node-SID-Z, Adj-SID-3] → forces traffic through node Z via adjacency 3

SRv6 (Segment Routing over IPv6)

  • Encodes segments as 128-bit IPv6 addresses in a Segment Routing Header (SRH).
  • Each segment is a function (End, End.DT4, End.DX6, etc.) programmed at the segment endpoint.
  • Enables network programming: chain arbitrary network functions along a path.
IPv6 Header | SRH: [SID1, SID2, SID3] | Payload
              Segments Left = 2

SR Benefits over Traditional MPLS

| Aspect | Traditional MPLS | Segment Routing | |--------|-----------------|-----------------| | State in network | Per-LSP at every hop | No per-flow state | | Signaling protocol | LDP + RSVP-TE | IGP extensions only | | Traffic engineering | RSVP-TE tunnels | Source-routed segment lists | | Fast reroute | Facility backup LSPs | TI-LFA (topology-independent) | | Scalability | Limited by state | Highly scalable |