Understanding BGP and getting to China

Dr_AtomicDr_Atomic Member Posts: 184
I admit that I'm fascinated with how a user at a computer in Podunk, Iowa can type in a URL in China and within an instant get connected to that webpage from half a world away. I know that the connection travels through high-level core routers in the U.S. before moving on out, and summarization is involved, but I'd love to hear more of the details if someone is more savvy with how that process unfolds.

Thanks.

Comments

  • ColbyGColbyG Member Posts: 1,264
    What do you want to know exactly? Do a traceroute from your PC to a server in another country, you'll see all the hops/networks/ISPs your traffic goes through.
  • Dr_AtomicDr_Atomic Member Posts: 184
    ColbyNA wrote: »
    What do you want to know exactly? Do a traceroute from your PC to a server in another country, you'll see all the hops/networks/ISPs your traffic goes through.

    I know *what* happens. I just want to find out the specifics of *how* it happens.

    For example, there are probably two dozen or so routers between the local one and the far end one in my scenario. How exactly does BGP locate that far-end router? Are there in fact *a few* routers in the U.S. that do nothing more than route a few thousand class A IPs from here all over the world (as one IT guy told me once)? I'm not a BGP-person, so I'm not up on this process.
  • ColbyGColbyG Member Posts: 1,264
    So you want us to explain it all to you? That's a tall order, lol. Check out this book:

    Amazon.com: Internet Routing Architectures (2nd Edition) (9781578702336): Sam Halabi: Books

    It will explain everything you need. Also look at this link:

    Border Gateway Protocol - Wikipedia, the free encyclopedia

    BGP is a path vector protocol, it's similar to RIP, but it uses AS hops instead of router hops. BGP "locates" the last hop through updates it receives from its peers. BGP looks at its table and goes through best path selection, where it compares paths using predetermined criteria. BGP is far too complex to summarize in a single forum post. Do some research.
  • CCIEWANNABECCIEWANNABE Banned Posts: 465
    i think you need to ask al gore, he should know... he da man!
  • Dr_AtomicDr_Atomic Member Posts: 184
    ColbyNA wrote: »
    So you want us to explain it all to you? That's a tall order, lol.

    No, but a good teacher can give a summary of a complex idea without having to give the entire lesson. My IT friend managed to give me the gist of it in about a minute to my satisfaction - but that was long ago, and I've forgotten the details.

    But don't worry about it. If you can't explain it without saying, "Go read the book," that's ok - I'll get the explanation elsewhere.
  • ColbyGColbyG Member Posts: 1,264
    Dr_Atomic wrote: »
    No, but a good teacher can give a summary of a complex idea without having to give the entire lesson. My IT friend managed to give me the gist of it in about a minute to my satisfaction - but that was long ago, and I've forgotten the details.

    But don't worry about it. If you can't explain it without saying, "Go read the book," that's ok - I'll get the explanation elsewhere.

    I guess I'm a shitty teacher.icon_lol.gif

    To be honest, I find it hard to believe that anyone could explain how the internet/BGP works in a short period of time. I can see it being possible with a very simplistic explanation, like "When you go to a website a request is send from your PC through several routers across the internet to the webserver you're accessing, these routers know how to get there because of BGP". But trying to technically explain how BGP works isn't short, it's a very complex protocol.
  • trackittrackit Member Posts: 224
    i think tou asked it in the wrong forum, here those CCIE guys know so much they just cant explain it to you in one forum post :) If you ask it from some beginners, then they will explain the whole Internet to you in one sentence ;)
  • ColbyGColbyG Member Posts: 1,264
    This is pretty good:

    HowStuffWorks "How Internet Infrastructure Works"

    Doesn't really go into BGP, but it's a decent explanation of how the internet works.
  • Dr_AtomicDr_Atomic Member Posts: 184
    trackit wrote: »
    i think tou asked it in the wrong forum, here those CCIE guys know so much they just cant explain it to you in one forum post :) If you ask it from some beginners, then they will explain the whole Internet to you in one sentence ;)

    LOL!

    I needed that. icon_thumright.gif
  • ccie15672ccie15672 Member Posts: 92 ■■■□□□□□□□
    It doesn't really find the remote router.

    There is some collection of routers, interconnected with L2 links (ethernet, serial, etc).

    Routing adjacencies are formed with the routers on the other side of those links.

    On the router in "China" there is some network that a server is sitting on. This router is configured to advertise to its directly connected neighbors that this network is reachable through it.

    These routers, in turn advertise to their neighbors.. and so on until every router with an internet routing table on the internet has that route. Keep in mind, that when the Podunk router receives this route, he knows nothing of the router in China that advertised it. He just knows that to get that China network the packet must be sent to some adjacent router.

    This happens in reverse too. The Podunk network that the Podunk user is sitting on also propogates throughout the internet (and thus over to China) in a similar fashion.

    Each router in the path takes their routing table and creates an optimized lookup-cache if you will (some form of binary tree, CEF in Cisco, a Radix tree in JUNOS...) and pushes that down onto a high performance forwarding-plane in the router. What this means is that when a packet from Podunk is going to China, a very, very fast binary lookup happens that tells the router (and each router in the path as the packet enters them) exactly which interface to forward that packet out of.

    So, pretty much, these routers form a kind-of "predetermined" switching path between Podunk and China. If a failure occurs in the network, then the affected nodes rebuild their optimized lookup-cache with whatever alternate path BGP finds.

    Is this the kind of explanation you were looking for?
    Derick Winkworth
    CCIE #15672 (R&S, SP), JNCIE-M #721
    Chasing: CCIE Sec, CCSA (Checkpoint)
  • chrisonechrisone Senior Member Member Posts: 2,251 ■■■■■■■■■□
    Like Colby said its hard to explain it. The links he provided will give you and understanding.

    I guess just think of all the ISPs having a link (yes they have many links,) but for now lets just say each ISP have links to each other ISP globaly. Like phone numbers each country has an identification number or a mailing address, each country has them right? well the ISPs all comunicate with each other and most of then use a protocol called BGP. Many out there use ISIS but thats old and most ISPs use BGP. So when your internet traffic goes to ATT or whomever, it has routes to maybe another ISP , which has another route going to another ISP , and this chain link goes all the way back and forth to china. These links you can call them Autonomous Systems, which is like an area or domain for each ISP.


    AS(USA)---AS---AS----AS----AS---AS(China)

    LOL i know its crude and basic but there is so much to it, sorry maybe a Cisco Certified Internet Professional can chime in.
    Certs: CISSP, OSCP, CRTP, eCTHPv2, eCPPT, eCIR, LFCS, CEH, SPLK-1002, SC-200, AZ-900, VHL:Advanced+, Retired Cisco CCNP/SP/DP
    2022 Goals:
    Certs: EnCE (Phase 1 - Passed, Phase 2 - awaiting results), eCPTXv2 (in progress), SC-300 (in progress), AZ-500, SC-100
    Course: BC Security - Empire Operations 1 (completed), Zero Point Security - CRTO (course completed)
  • CCIEWANNABECCIEWANNABE Banned Posts: 465
    lets just put it this way, even in a trace, you don't see all the hops, not even close. what people have failed to mention here is that most service providers run mpls in their backbone (for obvious reasons, mpls switches packets based on a tag to represent an ip prefix like (192.168.1.0/24, which is alot faster for throughput for the traffic b/c an ip lookup in the fib does not need to occur (think, an ip lookup on an internet backbone with hundreds of thousands of routes could be very difficult and take up a lot of cpu resources), just a lookup in the lfib label forwarding information base), in which they disable you to trace through, well not disable, but for obvious reasons they don't want you to see their backbone devices and IP's, so what you are seeing is their edge to edge devices only, not their true backbone devices.
  • kalebkspkalebksp Member Posts: 1,033 ■■■■■□□□□□
    lets just put it this way, even in a trace, you don't see all the hops, not even close. what people have failed to mention here is that most service providers run mpls in their backbone (for obvious reasons, mpls switches packets based on a tag to represent an ip prefix like (192.168.1.0/24, which is alot faster for throughput for the traffic b/c an ip lookup in the fib does not need to occur (think, an ip lookup on an internet backbone with hundreds of thousands of routes could be very difficult), just a lookup in the lfib label forwarding information base), in which they disable you to trace through, well not disable, but for obvious reasons they don't want you to see their backbone devices and IP's, so what you are seeing is their edge to edge devices only, not their true backbone devices.

    The point of MPLS is not speed, regular IP lookups and MPLS lookups take the same amount of time because they're both done in CEF. MPLS is used in ISPs because of the ability to have a BGP free core, MPLS VPNs and traffic engineering, among others.

    The reason you don't see hops in an MPLS network is that they don't copy the TTL field from the IP header into the label. If the ISP configured them to do so then you would see the hops, but most don't because it shows internal information not useful or needed externally.
  • ColbyGColbyG Member Posts: 1,264
    kalebksp wrote: »
    The point of MPLS is not speed, regular IP lookups and MPLS lookups take the same amount of time because they're both done in CEF. MPLS is used in ISPs because of the ability to have a BGP free core, MPLS VPNs and traffic engineering, among others.

    What he said.
  • CCIEWANNABECCIEWANNABE Banned Posts: 465
    kalebksp wrote: »
    The point of MPLS is not speed, regular IP lookups and MPLS lookups take the same amount of time because they're both done in CEF. MPLS is used in ISPs because of the ability to have a BGP free core, MPLS VPNs and traffic engineering, among others.

    The reason you don't see hops in an MPLS network is that they don't copy the TTL field from the IP header into the label. If the ISP configured them to do so then you would see the hops, but most don't because it shows internal information not useful or needed externally.

    As you mentioned, it will free up your core routers from having to run BGP, which in turn will save your core routers a lot of cpu resources, thus making them faster than when they were under the load of running BGP.
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    pfft, getting to china shouldn't be an issue anyway, everyone knows you just null route them!

    (for the sense of humor impaired, I'm joking. But oh how I wish I could null route them... along with the damned russians)
  • Dr_AtomicDr_Atomic Member Posts: 184
    chrisone wrote: »
    Like Colby said its hard to explain it. The links he provided will give you and understanding.

    I guess just think of all the ISPs having a link (yes they have many links,) but for now lets just say each ISP have links to each other ISP globaly. Like phone numbers each country has an identification number or a mailing address, each country has them right? well the ISPs all comunicate with each other and most of then use a protocol called BGP. Many out there use ISIS but thats old and most ISPs use BGP. So when your internet traffic goes to ATT or whomever, it has routes to maybe another ISP , which has another route going to another ISP , and this chain link goes all the way back and forth to china. These links you can call them Autonomous Systems, which is like an area or domain for each ISP.


    AS(USA)---AS---AS----AS----AS---AS(China)

    LOL i know its crude and basic but there is so much to it, sorry maybe a Cisco Certified Internet Professional can chime in.

    Actually, the link you provided earlier had a page explaining the very thing I was looking for. It got into DNS servers and how they track, say, .com domains and such. Interesting.
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    The basic thing to keep in mind is this -

    Routing within your domain is usually done with efficiency in mind.

    Routing between domains tends to involve politics and money. Ie, I may have a better path to my destination through level3, but they charge 10 times as much for transit as Nlayer, so you know what, I'll take a couple extra ms of latency and send it through Nlayer!

    It's the policy stuff that makes BGP such a beast.
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    Dr_Atomic wrote: »
    I know *what* happens. I just want to find out the specifics of *how* it happens.

    For example, there are probably two dozen or so routers between the local one and the far end one in my scenario. How exactly does BGP locate that far-end router? Are there in fact *a few* routers in the U.S. that do nothing more than route a few thousand class A IPs from here all over the world (as one IT guy told me once)? I'm not a BGP-person, so I'm not up on this process.

    The way it basically works is this -

    There are like 9 or 10 big providers, they like to call themselves Tier 1. Between those 10 providers, they're all either connected directly to each other, or they have access to each other through another member. Then they each have their own customers. Through their peering agreements, their customers can reach all of their customers.

    So let's say I'm with Cogent (god forbid). And I'm trying to get to someone in China. Level 3 has either peering agreements in China, or customers in China. If I'm peering with Level3, I send my traffic directly to Level3, who then sends it down to their customer in China. If I'm not peering with Level3, I may send it to say... Sprint (some of you will get that joke!), who will then relay it to Level3 through their link, and Level3 will then relay it to their customer, and I get to see asian ****.

    Now lets say our asian pornographers are connected to Level3 and Time Warner. Now there are two paths to them. I can either go through the process I described above to get there through Level3, or if for some reason I don't like Level3, I can direct my traffic to eventually end up in Time Warner's network, who will then relay it down, and I again have asian ****.

    Basically, the entire internet works on gentlemans agreementsm and some shady backdoor agreements. This is why things like Cogent and Sprint being pissed at each other and cutting their links has such a dramatic effect. If they stop accepting traffic from each other, and don't make alternate arrangements to be able to talk to each other through another intermediary, then customers who belong to only Cogent can no longer talk to customers who are only Sprint, and vice versa.

    Now, I'm breaking it down to a very basic level, but hopefully you can follow the flow.

    Moral of the story? Multihome your #$#$ing network.
  • CChNCChN Member Posts: 81 ■■□□□□□□□□
    trackit wrote: »
    If you ask it from some beginners, then they will explain the whole Internet to you in one sentence ;)

    I'll take it one step further and explain it to you in one word: dingleberry.
    RFCs: the other, other, white meat.
  • TheShadowTheShadow Member Posts: 1,057 ■■■■■■□□□□
    CChN wrote: »
    I'll take it one step further and explain it to you in one word: dingleberry.

    I thought that chrome thing was called the bean.
    Who knows what evil lurks in the heart of technology?... The Shadow DO
Sign In or Register to comment.