Skip to main content

Posts

BGP Soft Reconfiguration vs. Route Refresh: Key Differences and Best Practices

In BGP (Border Gateway Protocol), managing route updates and reapplying new policies can sometimes be challenging, especially if you want to avoid resetting the BGP session. Two methods allow you to update routing policies without tearing down the session: BGP Soft Reconfiguration and BGP Route Refresh . While both methods serve the same purpose, they work differently and have distinct impacts on your router's resources. This post explains the key differences between Soft Reconfiguration and Route Refresh , when to use each, and why Route Refresh is preferred in most modern networks. 1. What is BGP Soft Reconfiguration? BGP Soft Reconfiguration is an older method of applying new policies (like route maps, filters, or prefix lists) without resetting the BGP session. It works by storing a local copy of all the routes received from a BGP neighbor before applying inbound policies. This local route copy allows the router to reprocess the routes when a policy change occurs. How So

AS Path Prepending: Controlling Inbound Traffic in BGP

AS Path Prepending is a BGP feature used to make a specific path appear less preferred by artificially lengthening the AS path. This is done by adding your AS number multiple times to the AS path. It is a common method to influence inbound traffic from external networks. Longer AS Path = Less preferred route . Example Scenario : You have two ISPs: ISP1 (through CE1) and ISP2 (through CE2). You want inbound traffic from the internet to prefer ISP1 over ISP2. Network Topology : CE1 (connected to ISP1): 10.0.1.1/30 CE2 (connected to ISP2): 10.0.2.1/30 iBGP Router (Internal) connected to both CE1 (10.0.1.2/30) and CE2 (10.0.2.2/30). Configuration on CE2 (AS Path Prepending to Make ISP2 Less Preferred) : Create a route map to prepend your AS path multiple times for CE2: route-map PREPEND_AS permit 10 set as-path prepend 65001 65001 65001 Apply this route map to the neighbor in the BGP configuration for CE2: router bgp 65001 neighbor 10.0.2.1 remote-as 65002 neighbor 10.0.2.1 ro

BGP MED: Managing Inbound Traffic with Multi-Exit Discriminator

The Multi-Exit Discriminator (MED) is used in BGP to control inbound traffic into your AS. It tells a neighboring AS which entry point into your network it should prefer when there are multiple links between your AS and the neighboring AS. The lower the MED value , the more preferred the path. MED is only honored between the same neighboring AS . Example Scenario : You are connected to ISP1 via two routers, CE1 and CE2 , and want to control which router ISP1 uses to send traffic into your AS. Network Topology : CE1 (connected to ISP1): 10.0.1.1/30 CE2 (connected to ISP1): 10.0.2.1/30 iBGP Router (Internal) connected to both CE1 (10.0.1.2/30) and CE2 (10.0.2.2/30). Configuration on CE1 (Lower MED, More Preferred) : Create a route map to set the MED to 50 for CE1: route-map SET_MED permit 10 set metric 50 Apply this route map to the neighbor in the BGP configuration for CE1: router bgp 65001 neighbor 10.0.1.1 remote-as 65000 neighbor 10.0.1.1 route-map SET_MED out Configuratio

BGP Local Preference Controlling Outbound Traffic in BGP

In BGP, Local Preference is used to control the outbound traffic path. It helps you decide which egress point (exit point) should be used when you have multiple connections to external networks, such as ISPs. Local Preference is an attribute that is local to your AS and is shared with all iBGP peers but not with eBGP neighbors. Higher Local Preference = More preferred outbound path. Example Scenario : You have two external links: ISP1 (via CE1) and ISP2 (via CE2). You want traffic to prefer ISP1 for all outbound traffic. Network Topology : CE1 (connected to ISP1): 10.0.1.1/30 CE2 (connected to ISP2): 10.0.2.1/30 iBGP Router (Internal) connected to both CE1 (10.0.1.2/30) and CE2 (10.0.2.2/30). Configuration on CE1 (Higher Local Preference) : Create a route map to set the local preference to 200 for routes learned from CE1: route-map SET_LOCAL_PREF permit 10 set local-preference 200 In the BGP configuration for CE1, apply this route map to the neighbor: router bgp 65001 ne

Authoritative DNS Servers Delegation and Internal DNS Explained

DNS (Domain Name System) plays a critical role in how users and systems find resources on the internet or within internal networks. Whether it's managing an internal domain in an enterprise or delegating parts of a domain for traffic distribution, DNS setups vary widely depending on needs. In this blog post, we’ll break down the different types of DNS setups, including authoritative DNS servers, DNS delegation, and how internal DNS functions within organizations. 1. Authoritative DNS Server An Authoritative DNS server is the final source of truth for a specific domain. When someone queries a domain (e.g., example.com ), the authoritative DNS server for that domain holds the DNS records (A records, CNAME, MX, etc.) and responds with the corresponding IP address. Key Points: Who can host it? Authoritative DNS servers are often hosted by domain registrars (e.g., GoDaddy, Namecheap) or cloud DNS providers (e.g., AWS Route 53, Cloudflare). However, organizations can also host their

Understanding SRV vs NS Records in DNS

DNS (Domain Name System) is a crucial part of how the internet works, converting domain names into IP addresses and directing traffic. Within DNS, different types of records serve specific functions. Two key types are SRV (Service Records) and NS (Name Server Records) . SRV (Service) Records SRV records are used to define the location of specific services. These records are crucial when multiple servers can provide the same service (e.g., VoIP, messaging) and a specific server needs to be selected. They contain the following components: Service & Protocol : Defines the service (e.g., _sip , _xmpp ) and protocol ( _tcp , _udp ). Priority & Weight : Direct traffic to the most preferred server. Port & Target : Specify the server's port and hostname. Example: _sip._tcp.example.com SRV 10 60 5060 sipserver.example.com NS (Name Server) Records NS records delegate the authority for a domain to specific name servers. These name servers are responsible for answering DNS queries

Different Types of IP Addresses in F5 BIG-IP

In F5 BIG-IP systems, various types of IP addresses are used, each serving a distinct role in managing traffic, routing, and device configuration. Understanding the difference between these IP types is crucial for network engineers and system administrators. Let's break down the different types of IP addresses in F5 and how they are used. 1. Self IP A Self IP is an IP address assigned to the F5 device that represents a VLAN or subnet. It enables the BIG-IP system to communicate with other devices within the same network segment. Unlike a Virtual Server IP (VIP), users or clients do not interact directly with Self IPs. Use Cases : Communication between F5 and backend servers, routers, or other F5 devices. Routing traffic within a VLAN or across multiple VLANs. SNAT (Source NAT) and clustering of F5 devices. Example : If your network uses the subnet 192.168.10.0/24 , a Self IP like 192.168.10.10 would allow the F5 to route traffic and interact with other devices in that subnet. 2.