This document has been extracted from bgp4policy.doc.
A copy of the document, that has been converted to PDF can be found at bgp4policy.pdf.
BGP Technology Brief - Customer Setup Information
Multi-homing with BGP (Border Gateway Protocol) is the practice of connecting to multiple service providers and having simultaneous external BGP peering sessions with each provider. A Multi-homed customer typically owns an Autonomous System Number and exchanges routing table information with two or more upstream Internet Service Providers (ISPs).
How will AT&T assist a BGP Multi-homing customer?
1. AT&T Provisioning will assist the customer in bringing up the BGP peering session between AT&T and the customer. AT&T's Networking Professional Services Group is available to assist with complex network consulting beyond the scope of standard implementation tasks. To obtain this type of consulting support, please contact your AT&T Sales Representative.
2. AT&T offers a managed router solution with BGP4 (BGP Version 4) for multiple connections to AT&T only.
3. The customer must assume responsibility for any iBGP (internal BGP) configuration or customer controlled backup scenarios.
4. The customer must assume responsibility for any other provider configurations that exist.
What do you need to run BGP with AT&T?
1. AT&T runs only BGP4. Earlier versions of BGP are not supported.
2. AT&T filters BGP sessions based on network address space. This is called Source Address Assurance and is a security practice designed to help protect the network from address "spoofing".
3. Customer Route announcements must be at least /24 in size and either belong to the customer or be under the authority of the customer.
4. Customers must have their own Autonomous System Number (ASN) for any multi-vendor solution. If the customer wishes to run BGP4 with AT&T as the ONLY provider, a private ASN will be used.
5. Customers must apply for their own ASN through the American Registry for Internet Numbers (ARIN). Information provided below will be needed for the ASN request form. Autonomous System Numbers can be applied for at http://www.arin.net.
6. A customer must have, or be in the process of gaining, connectivity to two different ISPs or be ready to prove that they have a vastly different routing policy than their single ISP in order to qualify for an ASN.
Autonomous System Number Request Template Information:
AT&T's Autonomous System Number: 7018
AT&T Technical Contact for Autonomous System Number Request form:
Contact Name: MIS Tier2 Bridgeton, MO
Email Address: MIS_bgp@ems.att.com
ASN Registration Guidelines - http://www.arin.net
Autonomous System Numbers are globally unique numbers that are used to identify an Autonomous System (AS), and which enable an AS to exchange exterior routing information between neighboring ASes. An AS is a connected group of IP networks that adhere to a single and clearly defined routing policy.
There are a limited number of available ASNs, therefore, it is important to determine which sites require unique ASNs and which do not. Sites that do not require a unique ASN should use one or more of the ASNs reserved for private use. Those numbers are: 64512 through 65535.
In order to be assigned an ASN, each requesting organization must provide ARIN with verification that it has:
1. A unique routing policy (its policy differs from its border gateway peers)
2. A multi-homed site
An ASN Request Template is available for requesting the assignment of an ASN. Please visit http://www.arin.net for additional ASN registration guidelines. AT&T does not provide registered Autonomous System Numbers or obtain AS Numbers for customers.
AT&T Route Advertisement to Customer
AT&T will advertise one of the following sets of routes, at the option of the customer, over each connection.
On Candidate Default Networks:
- Default Route (0.0.0.0)
- Candidate Default Networks (12/8 and 220.127.116.11/24) (see explanation below)
- AT&T Routes (including Candidate Networks) - To receive these, the customer's router will require a minimum 16 MB Memory
- Full Internet Routes - To receive these, the customer's router will require a minimum of 64MB Memory
Additionally, a route will be originated by the AT&T IP Backbone to its customers to indicate that the AT&T IP Backbone is reachable. This is useful for customers requiring a dynamic indication of reach-ability but find the 18.104.22.168/8 announcement is too coarse. The route originated is 22.214.171.124/32 and carries a BGP community of 7018:1000.
Policy for AT&T Route Announcements
AT&T will announce the following routes to the Internet:
|Address Space||Announcement Policy|
|AT&T's Class A: 12/8|
- Announce 12/8 and
- Announce nothing longer than 12.x.x.x/24 routes. The 12.x.x.x/24 and shorter specific routes will be announced only if the customer requests AT&T to announce the more specific route.
|AT&T's CIDR Class C address blocks|
- Announce nothing longer than the CIDR block prefix
- Announce nothing longer than /24 routes. The /24 and shorter specific routes will be announced only if the customer requests AT& to announce the route.
|Customer-provided prefixes that are valid (i.e., registered)|
- Announce aggregate prefix(es) when appropriate
- Announce customer-owned individual network prefixes only when the individual customer prefixes cannot be combined
- Announce nothing longer than /24 routes. Announce the /24 and shorter specific routes only at customer request
|RFC1918 Address Space|
- AT&T will not announce RFC1918 address space
- AT&T will not announce loopback addresses
Dynamic Customer Control: RFC1998
If multiple connections exist to dual ISPs where BGP4 is the routing protocol, the primary/backup link specification will be under the control of the customer. Thus, load splitting is also under control of the customer. Customers may affect routing control by using a variety of methods. AT&T will honor all customer MED (Multi-Exit Discriminator) settings. Customer may also use AS Path Padding to prefer or de-prefer a particular path. The customer may choose to signal AT&T by appending the community attribute to a route to specify the local preference of the route (see RFC 1998). The following table lists the signaled community values and the corresponding local preference values attached to the route by AT&T.
|Community Received||AT&T IP Backbone Function|
|None, 7018:100||Local Preference of 100 (Default) Assigned - Used for Primary Routes|
|7018:90||Local Preference of 90 Assigned - Used for Customer Backup Routes (INTRA - AT&T)|
|7018:80||Local Preference of 80 Assigned - Used for Routes Equal to Peer Routes|
|7018:70||Local Preference of 70 Assigned - Used for Customer Provided Backup (INTER-AT&T + OTHER ISP)|
|7018:20 (Default)||Assign community 7018:2000 to routes. Community 7018:2000 routes are announced to peers and customers. This community needs to be present on more specific routes from within AT&T-owned address blocks. This community need not appear on routes for customer-owned addresses and for addresses owned by a customer's other provider, as these routes will normally be advertised to peers and customers. No harm is done if community 7018:20 appears on such routes.|
|7018:25||Assign community 7018:2500 to routes. Community 7018:2500 routes are announced only to other customers, not to peers. This is appropriate when customers do not want AT&T to provide global Internet transit service for this route.|
|7018:21||Assign community of 7018:2010 to routes. Community 7018:2010 routes are to be used within the AT&T IP Backbone, but not advertised to peers or customers. Typically the customer will simultaneously announce a shorter prefix covering this route, with the shorter prefix being announced to peers and/or customers. Prefix lengths on such routes will frequently be longer than /24.|
Using community signaling the customer can transmit separate networks with varying preferences to achieve the routing policy and traffic flow desired. If the customer does not want to transmit communities and wants to specify primary/backup status for routes on specific links, the customer can use a static route configuration.
Key BGP Attributes:
1. MED or Multi-Exit Discriminator is a value set by the customer on outbound route announcements to AT&T. This value is used to determine the best possible path when there are multiple paths from one AS to another. MED is a relative value for comparison between two connection points. The AT&T IP Backbone will listen to customer MED settings. The AT&T IP Backbone does not send a MED to the customer. The AT&T IP Backbone does not send a MED to peers or other customers. A MED is absorbed and acted upon only within the AT&T IP Backbone.
2. AS PATH PADDING or PREPENDING is the process of stamping multiple instances of one's own AS to a route announcement to de-prefer that path for inbound traffic. Customers can use PATH PADDING to influence the routing behavior of external sources trying to reach the customer. PATH PADDING may not affect the directly connected network. In other words, traffic that originates on the AT&T IP Backbone will use the direct connection to reach the customer regardless of the prepending that has been done to that route announcement. This is because a directly connected customer has a higher local-preference (BGP attribute) than a peer route and local-preference is taken into account BEFORE AS PATH.
3. LOCAL PREFERENCE is a very powerful attribute in BGP route selection. Local preference settings cannot be sent from one AS to another. AT&T allows the customer to send community strings according to RFC1998 (see Dynamic Customer Control) which trigger the setting of local preference for routes to the customer in the AT&T IP Backbone. Customer's should take care when using Local Preference, as it can force traffic into taking a very indirect, and possibly high latency route to reach a directly connected customer. For example, a local Preference of 70 will cause AT&T to use a peer connection to reach a directly connected customer if a route to that customer through the peer exists.
4. COMMUNITY ATTRIBUTE is a transitive tag that is sent from one Autonomous System to another. The community attribute is used by AT&T to allow customers to signal local preference settings for particular route advertisements. AT&T also accepts several well-known community attributes such as "no-export" and "no-advertise".