BGP Messages
BGP exchanges 4 different messages. These message are exchanged by BGP Peers to establish a connection, exchange network prefixes, maintain the status BGP connection and notify each other in case any error occurs. The 4 BGP Messages are listed below.
- Open
- Update
- Keepalive
- Notification
Important Note: Every BGP Message is divided into a header and a body. The message header is of 19 bytes has three fields explained below. The body is variable in length.
BGP Message Header
Marker: It is a 16 byte field that appears at the start of each BGP message is used for synchronization and authentication. It has a fixed value of FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF. This value actually indicates the start of BGP message.
Length: is a 2 byte field and indicates the total length of the BGP message in bytes, including the fields of the BGP message header. The minimum value of this field is 19 bytes for a Keepalive message and its value can got upto 4,096. Don't get confused when I say the Length field is 2 bytes and its value can go from 19 to 4096. So the length bits are set as per the length of the BGP message. For example, in below wireshark snapshot of BGP Open message, length is 58 bytes, which can be represented in binary as 00000000 00111010 in 2 bytes.
Type: The Type field is a 1 byte field that indicates the message type out of 4 BGP messages.
Let us now discuss these messages in detail.
Open Message
As the two BGP peers establish a successful TCP connection ( completing the TCP 3-Way Handshake Process), the first message that is exchanged by both BGP peers is Open Message. Open message contains several fields that will be discussed later in this article. If the Open message is acceptable by the neighbor, a Keepalive message confirming the Open message is sent back the peer that received the Open message. The BGP Open message contain following fields.
Version - This is a 8-bit field indicates the message’s BGP version number. The highest common version that both routers support is used. Most BGP implementations today use the current version is version 4.
My AS : This is a 16-bit field that indicates the sender peer's AS number. The peer router verifies this information; if it is not the AS number expected, the BGP session is terminated.
Hold time : This is again a 16-bit field that indicates the maximum number of seconds that can elapse between the successive Keepalive or Update messages from the sender. Upon receipt of an Open message, the router calculates the value of the hold timer to use by using the smaller of its configured hold time and the hold time received in the Open message.BGP router identifier
BGP Identifier: This is a 32-bit field that indicates the sender’s BGP identifier. It is an IP address assigned to that router and is determined at startup. The BGP router ID is chosen the same way the OSPF router ID is chosen; it is the highest active IP address on the router, unless a loopback interface with an IP address exists, in which case is the highest such loopback IP address. Alternatively, the router ID can also be configured manually overriding the automatic selection.
Optional parameters : Contains Optional Parameters length and Optional Parameters the BGP supports. A length field indicates the total length of the optional parameters field in octets. The Optional parameters are Type, Length, and Value (TLV)-encoded. Few examples of an optional parameters are Route Refresh, BGP Multi-Protocol Support, Session authentication and 4-Byte AS Support.
Update Message
An update message is used to advertise active or feasible prefixes to the other BGP peers. It is also used to withdraw the previously advertised routes that are presently gone unreachable. The fields of the Update message are listed below:
Withdrawn routes : The prefixes that have gone unreachable and now are withdrawn from the list of active routes (routing table).
Unfeasible routes length : This field specifies the length of the Withdrawn Routes field in bytes. When it is set to 0, there are no routes withdrawn and the Withdrawn Routes field will also not seen as shown in the wireshark capture below.
Path attributes: Each prefix is associated with some BGP Path Attributes, for example Origin, AS_Path, Next_Hop, Local Preference, MED, Community etc. Some of the BGP Attributes are Well-Known and some are Optional. Each path attribute contains the attribute type, attribute length, and attribute value (TLV). The attribute type consists of the attribute flags, followed by the attribute type code.
Network Layer Reachability Information (NLRI): NLRI field contains a list of prefixes that are up.
Keepalive Message
BGP uses its own inbuilt mechanism of Keepalive messages to check and ensure if the neighbors are alive or not. It does not depend upon TCP protocol for that. After the BGP State is Established, Keepalive messages are exchanged every 60 seconds be default. The default BGP Hold down timer is 180 seconds. Both Keepalive and Hold down timers can be altered. If the Hold Time is set for zero, no Keepalive messages are exchanged between the BGP peers.
Notification Message
A Notification message is sent by a BGP Peer when an error is detected with the BGP session, for example, hold timer expiring, neighbor capabilities change, or when a BGP session reset is requested. The receipt of Notification message causes the BGP peer to end the connection. The Notification message consists of an Error Code and the corresponding Error Subcode.
0 Comments
Please do not enter any spam link in the comment box.