How does BGP select which route?

BGP can be a complex and almost mystical protocol. For those of you who are trying to determine how BGP selects which route here is your guide. Before we get into it a couple of things to keep in mind. First, BGP is not a multipath routing protocol. This is different than what you may be used to with OSPF. BGP goes to great lengths to encure only one route is used. Secondly, there are some vendor specific rules which are applied. I will try to point those out as we go along.

1.The first test is if the next hop router is accessible.

2.If Synchronization is enabled, the router will ignore any iBGP routes which are not synced.

3.The third is Cisco specific. Cisco uses a weight attribute. The largest weight wins. Default weight is zero. Maximum weight is 65,535.

4.If the weights are the same, the highest local preference is chosen from LOCAL_PREF. It’s important to note that routers only receive this from iBGP.

5.Net up, the router checks to see if any of the possible routes were originated locally. The two main checks are either the network or aggregate commands. The network command wins if it is originated locally.

6.If two or more routes are still equal the router looks as AS_PATH. The router will prefer any iBGP routes. Outside of the AS BGP will prefer the shortest path.

7.BGP then moves on to the ORIGIN attribute. If the path lengths are the same, BGP selects IGP over EGP and EGP over INCOMPLETE routes.

8.BGP now looks at MED values. The lowest value is selected. Note, MED is only used if both routes are received from the same AS, or if always-compare-med has been enabled. Be careful with always-compare-meds as this can cause routing loops.

9.BGP will then prefer eBGP to iBGP routes. This is not the same as #5 above. Only external routes are looked at here.

10.Next IBGP costs are compared to the next hop routers. The closest one is selected.

11.Ages of routes are finally connected. This is kind of like choosing teams for dodgeball. The oldest route wins. The reason being is oldest routes are thought to be more stable.

12.And finally, if all else fails the router with the lowest router ID wins.

This is a quick low-down on how BGP “thinks” in order to determine routes. If anyone has some Cisco, Mikrotik, quagga, or other specific attributes please comment. I have reached out to Mikrotik and Ubiquiti specifically to see if this is in-line with their implementation of BGP.

Basic Mikrotik BGP filter rules

Below are some basic Filter Rules for Mikrotik BGP filtering.  These are not complex and can be very easily implemented on your BGP peers.

Before we get to the code there are a few assumptions
1.Your own IP space in this example is
2.These filters are not fancy and are geared toward upstream ISPs, not your own internal routers or clients.
3.If you copy and paste the below code make sure there is one command per line.  Some browsers will cut the line off and then it won’t paste right.  If in doubt paste it into notepad, textedit, etc. and clean it up.

/routing filter
add action=discard chain=INET-IN comment="BEGIN INET-IN" prefix= protocol=bgp
add action=discard chain=INET-IN prefix= protocol=bgp
add action=discard chain=INET-IN prefix= protocol=bgp
add action=discard chain=INET-IN prefix= protocol=bgp
add action=discard chain=INET-IN prefix= protocol=bgp
add action=discard chain=INET-IN prefix= protocol=bgp
add action=discard chain=INET-IN prefix= protocol=bgp
add action=discard chain=INET-IN prefix-length=25-32 protocol=bgp
add action=discard chain=INET-IN protocol=bgp
add action=accept chain=INET-OUT comment="BEGIN INET OUT" prefix= protocol=bgp
add action=discard chain=INET-OUT protocol=bgp

So what does this do?
-The first 6 lines filter out non routeable IP space.  There should be no reason these are being advertised to you from the public internet.

-Next we are saying if we see our own IP space being advertised to us (in this case discard that.  There should be no reason we see our own IP space on a public peer.

-The next line filters out prefixes that are a /25 and smaller.  Just about every provider out there has a minimum size of a /24 they will accept as an advertisement.  If you are getting anything smaller it’s a good practice to drop that.  If there happens to be smaller prefixes they can be sent to a default route to the provider.  This helps trim your routing table, which makes lookups and convergence time quicker.

Under the INET-OUT rules we are advertising our IP space to our upstream.

Pretty simple eh? We could get complicated and add in chains, and more rules. But, this is a start.  We will do some more advanced rules in a later post.

OSFP and areas

OSPF areas are one of the more common topics I am asked about as networks grow.   Before we dig into this, we need to understand the reasons why OSPF areas were created in the first place.  Next, we will go into how to apply areas to modern network designs.

Why did areas come into being?
Let’s rewind to a time where RAM in routers was very expensive.  Processors were expensive.  One of the biggest reasons OSPF areas came into play was ram limitations. Every route in your routing table takes up ram.  The more routes you have the more ram that is taken up in each router to hold that table.  Also, in order to calculate these routes processor power is used up.

So what do areas do for me?
OSPF areas have many advantages.  However, in most WISP and ISP networks they serve two purposes.

The first purpose is they group similar devices into logical groups.  These groups can have filtering policies applied to them.

The second purpose is more important.  Implementing areas reduces the size of the routing table.  By doing this your routers spend less time calculating routes, and less time updating the database during a topology change. By reducing the routing table you also speed up what is called convergence time.  This is the time the entire network needs to agree on the current routing topology.   If a major backbone link is flapping your routers could be spending a fair amount of their resources calculating routing tables.

An important thing to note with implementing areas is you must have a good IP network design.   This means your sites/pops/towers should have a logical design which allows for easy route summarization and consolidation.  If you are looking into areas make sure you can summarize your routes in that area easily.  The following examples illustrate why this is important.



In the above example we have created “Area1”.  Since we have a good IP network design we can summarize our routing table in and out of area1 into a few different ways.  If we want to reserve the whole for future expansion then we can.  Or if we want to break this down into or even smaller we can.  Part of this depends on growth plans.  With areas you have to keep in mind every area needs to touch the backbone (area directly.  Now, you can use Virtual Links to have one non-backbone area traverse another non-backbone area.  However, even though is a standard, is a workaround at best.  There are many disadvantages to virtual links.

Now, back to our example.  If we create an area the and routers are the “in roads” to Area1.  These are known as area border routers (ABR).The main function of ABRs is to summarize sub networks found throughout the OSPF network. It stores many copies of its link-state database in memory when one of the stored copies shows an area where the actual router is connected. The ABR holds a minimum of two copies of the routing tables.  One from the backbone area, and one from each area it is connected to.

But, I thought areas were supposed to cut down on ram and CPU usage? Well, everything has a tradeoff.  This is where the philosophy side of things come into play, and probably the reason you have read this far.

When, how, and should I implement areas?
In today’s modern world with fast ram, fast links, and fast processors OSPF areas are needed less and less.  Routers today have more ram than even 5 years ago.  This means they can hold larger routing tables and do more calculations.

If you are thinking about implementing areas the first thing to look at is your IP design.  In order to take the best advantage of areas you should have a logical, and congruent design.  What I mean by this is your towers should be able to summarized as much as possible.  If you can fit 20 towers into a single route statement that is one good place an area would make sense.  If those 20 towers are not able to be summarized then adding an area is not going to be much of a benefit to you.

Network size does not necessarily dictate the need for OSPF areas.  If you have a neatly summarized IP network the need for areas is lessened.

What about if you are trying to join two different networks?
Say you purchased a neighboring ISP and want to join the new network with your own.   If you have overlapping IP space then things might not mesh together well, even with areas.   Most times you are better off running BGP with the two separate networks.  This allows each network to have it’s own space, own routing policies, but still be able to share bandwidth and other resources.  You simply don’t announce any overlapping space to each network until things are re-numbered.

One question I get in this scenario is my router can’t handle BGP.  BGP is a fairly lightweight protocol.  The issues arise when you start pulling in full or partial internet routing tables.  This is the same concept as mentioned above with the OSPF routes.

BGP lockdown hints

As I am preparing talks for the upcoming WISPAPALOOZA 2014 in Las Vegas I am making some notes on advanced BGP.  If you are running BGP, and want to lock it down a little here are some general hints.  If you want more attend my session in Vegas or look here afterwords for the full rundown.

General Hints for BGP filter.

1.Filter all all the bogon addresses unless you have a specific need. If you have to ask you probably don’t have a need so filter it. Bogons are:,

2.Don’t accept your own IP space from upstreams.  There should be no reason someone is advertising your own IP space back to you that is not a downstream customer.  I mean dowstream as to someone you have assigned your own IP space to.

3.Limit the maximum number of prefixes your router will accept.

4.Most ISPs don’t announce anything less than a /24.  Configure your filters to not accept anything smaller than a /24 unless you have a specific need to do so.

5. Separate iBGP from eBGP.

6.Understand the defaults for the platform you are using.


MTIN announces IPv6 peering in Indianapolis, Indiana

MTIN is happy to announce free ipV6 peering in Indianapolis.  If you are a provider with a presence at 733 Henry Street Indianapolis, Indiana we will peer on the IPv6 backbone with you for free.  All you have to do is make it to us via a cross connect.  If you want to peer on IPv4, and are not already, we might be able to assume the cost of that cross-connect.

Contact MTIN for details.

BGP Looking Glass

One of the things we have been doing more of here at MTIN is BGP setups.  I am starting a series of posts on BGP troubleshooting and tidbits

Looking Glass

A looking glass can help you see how certain parts of the Internet view your advertisements.  This can be very helpful in troubleshooting.  Is someone in Europe seeing your advertisement? How about the guy next door?