Scrolls
6 min read
On this page

Advanced Routing Protocols

BGP (Border Gateway Protocol)

BGP is the de facto inter-domain routing protocol. BGP-4 (RFC 4271) is a path-vector protocol where ASes exchange reachability information with policy-based route selection.

BGP Message Types

Message Purpose
OPEN Establish session, negotiate capabilities
UPDATE Advertise new routes or withdraw existing ones
KEEPALIVE Maintain session liveness (default 60s interval)
NOTIFICATION Report errors, close session

BGP Path Attributes

Attributes attached to each route announcement drive selection and policy.

Attribute Category Description
AS_PATH Well-known mandatory Ordered list of ASes the route traverses
NEXT_HOP Well-known mandatory IP address of next-hop router
LOCAL_PREF Well-known discretionary Preference within an AS (higher = preferred)
MED Optional non-transitive Hint to neighboring AS for entry point selection
COMMUNITY Optional transitive 32-bit tag for grouping and policy signaling
ORIGIN Well-known mandatory How the route was injected (IGP, EGP, incomplete)
ATOMIC_AGGREGATE Well-known discretionary Indicates route aggregation occurred

BGP Route Selection Process

Applied in order until a single best route remains:

  1. Highest LOCAL_PREF
  2. Shortest AS_PATH length
  3. Lowest origin type (IGP < EGP < incomplete)
  4. Lowest MED (compared only among routes from same neighboring AS, by default)
  5. eBGP over iBGP
  6. Lowest IGP metric to NEXT_HOP
  7. Lowest router ID (tiebreaker)

BGP Policies

Policies implement business relationships through route filtering and attribute manipulation.

Export rules (what an AS advertises):
  - To provider: own routes + customer routes
  - To peer: own routes + customer routes
  - To customer: everything (full table)

Import rules (preference ordering):
  - Customer routes > Peer routes > Provider routes
  (Implemented via LOCAL_PREF: customer=150, peer=100, provider=50)

BGP Communities

Communities are tags that signal policy intent across AS boundaries.

Community Meaning
NO_EXPORT (0xFFFFFF01) Do not advertise outside the AS confederation
NO_ADVERTISE (0xFFFFFF02) Do not advertise to any peer
NO_EXPORT_SUBCONFED Do not advertise outside the local AS
Custom (ASN:value) Operator-defined (e.g., 64500:100 = "learned from peer")

Large communities (RFC 8092) use a 4-byte ASN field: ASN:function:parameter.

Route Reflectors

Full-mesh iBGP (N*(N-1)/2 sessions) does not scale. Route reflectors (RR) reduce this.

        RR
      / | \
  Client Client Client
  • Clients peer only with the RR, not with each other.
  • RR reflects routes learned from one client to others, adding an ORIGINATOR_ID and CLUSTER_LIST to prevent loops.
  • Hierarchical RR designs possible but can cause suboptimal routing if not carefully designed.

BGP Hijacking

An AS falsely originates or more-specifically announces another AS's prefix.

Attack Type Method
Prefix hijack Announce exact prefix belonging to another AS
Sub-prefix hijack Announce more-specific prefix (wins longest-prefix match)
AS-path manipulation Prepend victim's ASN to appear legitimate

Defenses:

  • RPKI (Resource Public Key Infrastructure): Cryptographically binds prefixes to authorized origin ASes via ROAs (Route Origin Authorizations).
  • BGPsec: Extends RPKI to validate the entire AS path (limited deployment).
  • IRR filtering: Filter based on Internet Routing Registry data.
  • Prefix monitoring: RIPE RIS, BGPStream, Cloudflare Radar detect anomalies.

OSPF (Open Shortest Path First)

OSPF (RFC 2328 for v2, RFC 5340 for v3) is a link-state IGP. Each router maintains a complete topology database and runs Dijkstra's SPF algorithm.

OSPF Areas

Areas limit flooding scope and reduce computation.

         Area 0 (Backbone)
        /       |        \
    Area 1    Area 2    Area 3
  • Area 0: Backbone; all areas must connect to it.
  • ABR (Area Border Router): Connects non-backbone area to Area 0; summarizes routes between areas.
  • ASBR: Redistributes routes from external sources into OSPF.

OSPF LSA Types

Type Name Scope Description
1 Router LSA Intra-area Links and costs of a router
2 Network LSA Intra-area Multi-access network info (from DR)
3 Summary LSA Inter-area ABR summarizes routes to other areas
4 ASBR Summary Inter-area Reachability to an ASBR
5 AS-External AS-wide External routes redistributed by ASBR
7 NSSA External NSSA area External routes in not-so-stubby areas

Stub Area Variants

  • Stub area: No Type-5 LSAs; ABR injects default route.
  • Totally stubby: No Type-3 or Type-5; only default route.
  • NSSA: Allows limited external route injection via Type-7 LSAs.

IS-IS (Intermediate System to Intermediate System)

IS-IS is an ISO link-state protocol adapted for IP. Runs directly on Layer 2 (not IP), making it independent of the network layer.

Feature OSPF IS-IS
Runs on IP (protocol 89) Layer 2 (ethertype 0x83)
Hierarchy Multi-area with backbone Two-level (L1/L2)
TLV extensibility Limited Highly extensible via TLVs
IPv6 support OSPFv3 (separate) Single protocol with multi-topology
Typical deployment Enterprise Large ISP backbones

MPLS (Multiprotocol Label Switching)

MPLS forwards packets based on fixed-length labels rather than IP longest-prefix match, enabling traffic engineering and VPN services.

MPLS Header

| 20-bit Label | 3-bit TC | 1-bit S | 8-bit TTL |

Labels are stacked; the S (bottom-of-stack) bit indicates the last label.

Label Distribution

  • LDP (Label Distribution Protocol): Follows IGP shortest path; no TE capability.
  • RSVP-TE: Reserves resources along explicit paths for traffic engineering.
  • BGP: Distributes labels for VPN services (L3VPN, L2VPN).

MPLS Traffic Engineering

RSVP-TE establishes Label Switched Paths (LSPs) along constrained paths:

  1. Headend router computes path using CSPF (Constrained SPF) with TE metrics.
  2. RSVP PATH message sent along computed path.
  3. Each hop reserves resources and allocates labels.
  4. RSVP RESV message returns with label bindings.
  5. Traffic forwarded along the LSP using label swapping.

MPLS L3VPN (RFC 4364)

CE --- PE ---- P ---- P ---- PE --- CE
       |  MPLS core (label switching)  |
       VRF                            VRF
  • PE (Provider Edge): Maintains per-customer VRFs (Virtual Routing and Forwarding).
  • P (Provider): Core routers; only switch labels; no customer routes.
  • CE (Customer Edge): Customer router; peers with PE via eBGP, OSPF, or static routes.
  • MP-BGP distributes VPNv4 routes between PEs with Route Distinguishers and Route Targets.

Segment Routing

Segment Routing (SR) encodes a path as an ordered list of segments (instructions) in the packet header, eliminating per-flow state in the network.

SR-MPLS

  • Uses the MPLS data plane; segments are MPLS labels.
  • Node SID: Globally unique, identifies a node (shortest path to that node).
  • Adjacency SID: Locally significant, identifies a specific link.
  • Distributed via IGP extensions (IS-IS/OSPF SR extensions).
  • No LDP or RSVP-TE needed; simplifies control plane significantly.
Packet path: [Node-SID-Z, Adj-SID-3] → forces traffic through node Z via adjacency 3

SRv6 (Segment Routing over IPv6)

  • Encodes segments as 128-bit IPv6 addresses in a Segment Routing Header (SRH).
  • Each segment is a function (End, End.DT4, End.DX6, etc.) programmed at the segment endpoint.
  • Enables network programming: chain arbitrary network functions along a path.
IPv6 Header | SRH: [SID1, SID2, SID3] | Payload
              Segments Left = 2

SR Benefits over Traditional MPLS

Aspect Traditional MPLS Segment Routing
State in network Per-LSP at every hop No per-flow state
Signaling protocol LDP + RSVP-TE IGP extensions only
Traffic engineering RSVP-TE tunnels Source-routed segment lists
Fast reroute Facility backup LSPs TI-LFA (topology-independent)
Scalability Limited by state Highly scalable