iBGP on internal networks

nethackernethacker Senior MemberMember Posts: 184 ■■■□□□□□□□
I was studying for my route and also came across this in a production environment at my former place of work. why do we run BGP on our internal network when we already have an IGP like OSPF or EIGRP running? i know eBGP is needed when connecting to ISP or a different AS but i still need a concrete and convincing reason as to why iBGP is suitable.does it complement the existing IGP or what?
Experts in the house, please share your experience.
JNCIE | CCIE | GCED

Comments

  • DPGDPG Member Posts: 780 ■■■■■□□□□□
    iBGP works much better than any IGP when you need to share a full routing table between routers in your organization such as when you are multi-homed with multiple edge routers.

  • nethackernethacker Senior Member Member Posts: 184 ■■■□□□□□□□
    DPG wrote: »
    iBGP works much better than any IGP when you need to share a full routing table between routers in your organization such as when you are multi-homed with multiple edge routers.
    @ the bolded part, EIGRP can of course achieve that too. Are you saying IGPs don't share full routing table between routers within the same AS?
    JNCIE | CCIE | GCED
  • shodownshodown Member Posts: 2,271
    you can use BGP in your internal network to control the way traffic flow and other times its used as a Bandaid to hide other problems.


    I'll speak on the traffic flow for now. Lets say you have a few POP's(running IBGP) in your WAN and sites have more than 1 connection to them and you also run Statefull firewall where traffic has to come in the way it goes out.

    For outgoing traffic you can have a default route coming in from 2 different directions and you have redunant routers at the stie which each site having a differnet connections to your POP

    Well with iBGP you can choose which path the traffic takes just by setting local preferance to control which outbound path the traffic takes

    Now when the traffic comes back in you can Use AS path Prepending to make the incoming traffic choose a prefered path on the way back in.


    Hopefully this wasn't to wordy or techical. The point being tis that you wouldn't be able to use OSPF or EIGRP without some Crazy add on's when you can just type of few lines of BGP and be done.


    As for BGP being used as a bandaid I dont' want to start a WAR at 1am. But more often than not things get out of control and BGP can save the day to get the routes to a device without figuring out why your IGP routes can get there.
    Currently Reading

    CUCM SRND 9x/10, UCCX SRND 10x, QOS SRND, SIP Trunking Guide, anything contact center related
  • DPGDPG Member Posts: 780 ■■■■■□□□□□
    nethacker wrote: »
    @ the bolded part, EIGRP can of course achieve that too. Are you saying IGPs don't share full routing table between routers within the same AS?

    Let me rephrase that: when you need to share a full INTERNET routing table between routers.

  • NetwurkNetwurk Member Posts: 1,155 ■■■■■□□□□□
    Traditionally you wouldn't use BGP in your internal network, but most folks use what works and very often a so-called bandaid becomes a permanent fix due to the old "if it ain't broke don't fix it" point of view. With an all-Cisco network, EIGRP should let you avoid using BGP as a bandaid. But I can see where it might help in a multi-vendor environment.
  • SteveO86SteveO86 Member Posts: 1,423
    I've seen a few networks that run BGP natively... So far the only answer I've gotten from (All the same answer).. They prefer the control BGP gives them over the routes.

    Of course when **** starts getting screwy the fun begin..
    My Networking blog
    Latest blog post: Let's review EIGRP Named Mode
    Currently Studying: CCNP: Wireless - IUWMS
  • NetwurkNetwurk Member Posts: 1,155 ■■■■■□□□□□
    Hey, maybe running BGP internally gives you job security. The guy they're thinking about hiring to replace you might have a hard time figuring out your network.

    :)

    Other than labbing, I'm thinking that iBGP is most commonly used for ISP peers to communicate with each other. From what I understand, you call it iBGP if both neighbors are in the same AS, eBGP if they're not.
  • jovan88jovan88 Member Posts: 393
    a simple answer is because you wouldnt want to redistribute external BGP routes into something like EIGRP.
  • vinbuckvinbuck Member Posts: 785
    iBGP is used quite a bit in MPLS networks. Especially if you are running VRFs. I believe at one time it was required to run BGP with MPLS but I think that isn't necessarily the case anymore. iBGP is frequently used on provider networks that carry Voice, Video and Data traffic. Usually iBGP is run in conjunction with an IGP like OPSF or EIGRP to advertise loopback addresses for the iBGP peers. In the Enterprise world, you have to be a pretty big player to justify running BGP anywhere other than the edge. I am definitely not an expert on iBGP but I do work with it daily in a service provider environment and it is very useful if you provide transit on the Internet and aren't just an endpoint.
    Cisco was my first networking love, but my "other" router is a Mikrotik...
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    nethacker wrote: »
    I was studying for my route and also came across this in a production environment at my former place of work. why do we run BGP on our internal network when we already have an IGP like OSPF or EIGRP running? i know eBGP is needed when connecting to ISP or a different AS but i still need a concrete and convincing reason as to why iBGP is suitable.does it complement the existing IGP or what?
    Experts in the house, please share your experience.

    BGP in general handles the routing announcement updates for all of the routes external to your network, whereas the IGP handles all the routes internal to your network. That seems obvious, but for some reason, it usually isn't. The IGP's aren't meant to handle external routing duties, they each have their own unique challenges (imagine the convergence issues if OSPF or EIGRP were used as the global routing protocol, and you begin to see why something other than the IGP is needed to handle external traffic control).

    So the IGP handles the traffic flow within your AS, but once you have traffic that needs to leave your AS, the IGP's job is to drop that traffic off at the nearest border router (or maybe some other border router, depending on your internal routing policy), and then it's done with it, BGP takes over.

    If you have multiple exit points, then those routers need to keep their information straight so they know how to deliver the traffic destined externally, hence the need for iBGP. iBGP keeps all of your internal routers that need a full internet routing table informed of their options. Only the routers that need to participate in the external traffic flow need external routes. As a general rule, you do *not* want to redistribute external BGP into your IGP. The global routing table has lots of instabilities, with routes coming in and getting withdrawn all the time. That translates to a whole lot of IGP reconvergences, which can seriously screw with your internal traffic flow.

    Since iBGP isn't concerned with internal routing, it relies on the routing table (populated by IGP or static routes, it doesn't care) in order for it's internal communication to talk to it's iBGP peers. It doesn't really complement the IGP at all, that's why iBGP routes have the worst AD of any routing protocol, they are *not* intended to handle actual internal traffic flow. Think of it more as an application that depends on the IGP in order to help your EGP.
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    iBGP is used quite a bit in MPLS networks. Especially if you are running VRFs. I believe at one time it was required to run BGP with MPLS but I think that isn't necessarily the case anymore.

    Well, sorta. For MPLS VPN's, yes, the provider is likely to be running BGP internally between PE devices, because common installations leverage BGP's multiprotocol extensibility to transfer the vpnv4 routes between themselves. The cool thing about MPLS is that it allows you to keep your core BGP free, you only need it on the PE routers.
    iBGP is frequently used on provider networks that carry Voice, Video and Data traffic. Usually iBGP is run in conjunction with an IGP like OPSF or EIGRP to advertise loopback addresses for the iBGP peers. In the Enterprise world, you have to be a pretty big player to justify running BGP anywhere other than the edge. I am definitely not an expert on iBGP but I do work with it daily in a service provider environment and it is very useful if you provide transit on the Internet and aren't just an endpoint.

    Yeah, a service provider network is a different animal than an Enterprise network - it's entire goal is to move data between end users, so it has many ingress points and many egress points, making BGP pretty much the only protocol suitable for the environment. As you mentioned, it still relies on the IGP to build it's internal routing view so that it can communicate with it's internal peers, theres just going to be a whole lot more of them due to the nature of the business.
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    shodown wrote: »
    As for BGP being used as a bandaid I dont' want to start a WAR at 1am. But more often than not things get out of control and BGP can save the day to get the routes to a device without figuring out why your IGP routes can get there.

    Depending on whether or not you've deployed a route reflector, that's usually going to be an eBGP connection, not an iBGP one, but yeah, that kind of thing is a corner case and nowhere near the justification for running iBGP natively.

    It's actually quite a valid scenario to run BGP between internal sites, however. The IGP's don't really allow for modularity, whereas BGP was designed for it.
Sign In or Register to comment.