CCNP-Studies
Routing
4-BGP
2.5 Bgp Confederations

What is BGP Confederation and Its Role in Network Management

  • In the dynamic landscape of Border Gateway Protocol (BGP), confederations stand out as a pivotal solution, enabling:

    • The division of an Autonomous System (AS) into multiple entities.
    • Consolidation of these entities under a unified umbrella, enhancing manageability and scalability within the network.
  • In contrast to BGP route reflectors, confederations take a distinctive approach by:

    • Allowing the subdivision of an AS.
    • Facilitating the grouping of smaller ASs under a cohesive entity.
    • Establishing a full mesh network within each smaller AS of the confederation to ensure comprehensive connectivity.
  • Despite engaging in External BGP (EBGP) with ASs within the confederation, the routing information exchange mirrors the behavior of Internal BGP (IBGP), implying:

    • Preservation of essential details such as next hop, metric, and local preference information.
  • Externally, the confederation, comprising multiple ASs, presents itself as a cohesive and singular AS, simplifying:

    • The external view.
    • The internal structure, fostering more efficient and organized BGP routing.
  • To address scalability concerns in iBGP connectivity, two methods are commonly employed:

    • Route Reflection: Involves designating internal routers as route reflectors, forming clusters of route reflectors and clients within the internal BGP design.

    • Confederation: Transforms groups of clients and route reflectors into distinct autonomous systems within the internal BGP design. This avoids the full-mesh iBGP requirement and establishes internal and external peers within the autonomous system, similar to a standard BGP AS configuration.

    • After designating individual autonomous systems within the internal BGP design, they are configured to form a Confederation by explicitly configuring all Autonomous System Numbers (ASNs) that make up the confederation as confederation peers on each router.

    • The next step is to represent the Confederation to peers that are not members. This is where the confederation identifier comes into play. The Confederation Identifier, essentially a BGP ASN, represents the entire Confederation to non-Confederated peers. This identifier must match on all routers within the same confederation and is typically the public ASN assigned to the organization. The confederation identifier is also the ASN used in peerings with non-member peers.

  • With a confederated design, it is common to use private ASNs for individual member ASes (sub-ASes) and the assigned public ASN as the confederation identifier. The router assigns a role to all of its BGP peers:

    • confed-eBGP: A peer in a different AS that is a member of the confederation (in the confederation peers list).
    • confed-iBGP: A peer that is in the same AS as the local router.
    • eBGP: A peer that is in a different AS that is not a member of the confederation (not in the confederation peers list).
  • When the router advertises a path to a confed-eBGP peer, it places its own local ASN in the AS_PATH attribute. When the router advertises a path to a confed-iBGP peer, it doesn’t add the local ASN to the AS_PATH (just as if it were a normal iBGP peer). When the router advertises a path to an eBGP peer, it strips out all confederated ASNs and only prepends the confederation identifier to the AS_PATH attribute.

  • removing the confederated ASNs and advertising the confederation identifier to eBGP peers represents the entire Confederation as a single AS to the external peer even though it is actually a collection of sub-ASes. Advertising the local ASN (also known as the sub-ASN) to the AS_PATH attribute of paths advertised to confed-eBGP peers retains loop prevention within the Confederation. If a router receives a path with its own sub-ASN in the AS_PATH attribute, then it discards the path.

Key terms RFC 5065 (opens in a new tab):

  • AS Confederation:

    • A group of autonomous systems presented and advertised collectively as a single AS number to BGP speakers outside the local BGP confederation.
  • AS Confederation Identifier:

    • An externally visible autonomous system number that serves as an identifier for the entire BGP confederation.
  • Member Autonomous System (Member-AS):

    • An autonomous system contained within a specific AS confederation. Note that "Member Autonomous System" and "Member-AS" are interchangeable terms in this document.
  • Member-AS Number:

    • An autonomous system number identifier visible only within a BGP confederation, used to represent a Member-AS within that confederation.

Extension of AS_CONFED Segment Types:

  • In the context of BGP, the AS_CONFED Segment Type Extension involves specifying types of AS path segments within the AS_PATH attribute. Currently, AS_PATH is a mandatory attribute consisting of segments represented by a triple <path segment type, path segment length, path segment value>.

  • The path segment type is a 1-octet field with two defined values:

    • Value 1: AS_SET - an unordered set of autonomous systems that a route in the UPDATE message has traversed.
    • Value 2: AS_SEQUENCE - an ordered set of autonomous systems that a route in the UPDATE message has traversed.