I'm 28 and I've always half wondered about BGP but gotten lost in terminology. It's amazing how simple it is when you boil it down to essentials and practical usage. Thank you so much.
I appreciate the way you teach and explain. You don't explain too much to confuse, but are very concise and to the point. The examples re-enforced the topics. Thank you, Darrell. Looking forward to more of your videos.
For two days, I ve suffered as a beginner in networking on where to start with BGP and then fumbled on to your video, stuck to it and learning valuable information from it
I’m afraid not. I was never that strong on VPN. It would be a disservice to try to teach something I’m not good at (or have limited production experience with). That’s the same reason I never did IS-IS or MPLS videos. Let the folks with real world experience with those protocols teach them.
@@DarrellRoot Thanks darell for being straight on this. I meant, could you please help me with one such content by someone else's on VPN, I have a week of time to straighten my knowlegde on networking with regards to VPN, layer 4, OS in networking and then troubleshooting tools like telnet, curl, ping etc., I would like to know where can i go firstly on learning the VPN concepts. Your help is much appreciated, else, if you would suggest a personal hunt, I am up for it as well darrell.
Thank you all for watching my BGP theory video. Over 55k views! For those of you who use security access-lists, my latest project is "Network Mom ACL Analyzer", available in the MacOS 10.14+ App Store for only $10. It analyzes IPv4 and IPV6 Cisco IOS, IOS-XE, IOS-XR, NXOS, and ASA access-lists. It even supports Arista EOS. It finds errors (including the dreaded wildcard/netmask error) and finds lines which match a specific socket. It even finds "duplicate" ACL lines (earlier lines which are a strict superset of a later line). It also has a handy "generate random ACL" utility for each of the 9 ACL variants it supports. If you support medium to large access-lists in production, you need a tool to tell you whether that new socket your app team is requesting is already permitted. You need a tool to flag netmask errors before they cause a security incident. The duplicate ACL detection will help you clean up your ACLs (or find lines so permissive they require remediation). I posted a demo video: Network Mom ACL Analyzer Demo
Nice information package about BGP. Summary of BGP: BGP enables communicatuon between AS despite their different IGPs. It has advanced filtering system. AS-pathlist is used to avoid loops. Uses TCP port 179. Only 4 message types and 6 protocol states. NLRI is simply about ip address and the prefix. eBGP is router communication between different AS. iBGP is router communication in the same AS (full mesh topology required). BGP attributes can be mandatory (origin, AS-path, next-hop), optional, or discretionary (local preference, atomic aggregate). Mandatory and discretionary must be known by every BGP router, optional may not be known. Mandatory are mandatory while others are not. Some BGP route decision examples. Some BGP route advertisement examples (happens always exactly once to each BGP router). For iBGPs, they all must be connected together in mesh for correct routing advertisement. Wrong BGP configuration can lead to blackholes. BGP expertise is rare because its configuration can have risky consequences.
Thank you all for the positive comments. I've uploaded the slide decks for all my Cisco Hands On Training videos to the website for my latest project: networkmom.net/CiscoHandsOnTraining/ Incidentally, the new project is "Network Mom Availability", an easy-to-use network monitoring and availability/latency reporting tool for the Macintosh. Check it out!
Great video. I knew about some basics and idea of BGP, but not much in detail, like exact protocol messages and the rules for selcting paths. That made is so much nicer. If somebody wants to learn and play, lets say using Quaga or BIRD, and they are not ISP, how could they start, even just connecting to some peer or two and receving paths (and not advertising anything, so maybe can use private ASN internally, like 65000, so even if you screw up, any advertistments will be rejected by any peer or other routers).
Darrell, at 18:10 you describe the scenario where one eBGP session is lost due to the physical link going down. In this situation how do the routers inside AS65003 become aware of the fact that they should use the alternative route provided by the peer from AS65002. I was under the impression that once the BGP path selection is performed over two redundant paths, the routers will install the preferred BGP route in their routing table and keep using it. How do they manage to switch to the redundant path when the link goes down? Is this something that BGP handles for the routers automatically? Thanks in advance.
With iBGP when you mention full mesh. Do the routers need a physical full mesh connection or just a logical full mesh using the BGP peers? Thank you for making this it's excellent.
teetech iBGP is a logical full mesh. In most cases those iBGP peers are configured loopback to loopback, and many routers in a typical iBGP autonomous system are not physically connected.
Hi, In route decision process of example # 2, they choose the route with lowest next hop IP address, I think this one is wrong because normally IGP metric to the next hop is measured and if everything is OK then the IP address of the router ID is measured like the way you measured next hop IP address. Please correct me if I am wrong
You might be correct. "Prefer shortest path to eBGP next hop" is earlier in the route decision making list than the "prefer lowest BGP router ID". So if the IGP metric to next hop 10.1.4.4 is lower than the IGP metric to next hop 10.1.3.3, then the route to 10.1.4.4 will be preferred.
I have one question regarding BGP route advertisement rules. what if there is no iBGP connection between the two routers having eBGP connection in your diagram? how will they forward the 10.35.3.0/24 route then, as according to rule no iBGP can forward route info to iBGP routers.
Lets call the 3 routers in AS 65003 "left", "right" and "bottom". If "left" and "right" do not have an iBGP connection, then "left" does not receive the BGP route for 10.35.3.0/24 and does not have it in its route table. If the "left" router then receives a packet destined for 10.35.3.7, it will try to figure out where to forward it based on its route table. It will look for the most specific route which includes 10.35.3.7. That will not be 10.35.3.0/24 (because our BGP is configured incorrectly), but there might be a more general route or a default route. If no route applies, and there is not a default route, then the packet will be dropped.
Yes. Last week's Facebook outage was not the first and will not the last major BGP-related outage. More recently, networks are improving their configuration consistency with automation, but a configuration error magnified with automation can consistently break things.
![ง้อ (ALRIGHT) - FOURTH Prod. by URBOYTJ [ OFFICIAL MV ]](http://i.ytimg.com/vi/Qs8ZeV6Dqj8/mqdefault.jpg)
I'm 28 and I've always half wondered about BGP but gotten lost in terminology. It's amazing how simple it is when you boil it down to essentials and practical usage. Thank you so much.
I watched this twice and certainly what network project managers need. Thank you Darrell for sharing your knowledge and expertise unselfishly.
I appreciate the way you teach and explain. You don't explain too much to confuse, but are very concise and to the point. The examples re-enforced the topics. Thank you, Darrell. Looking forward to more of your videos.
For two days, I ve suffered as a beginner in networking on where to start with BGP and then fumbled on to your video, stuck to it and learning valuable information from it
Thank you! I’m glad it was useful!
@@DarrellRoot Thanks to you darell, could you please help me with one such content on VPN Technologies.
I’m afraid not. I was never that strong on VPN. It would be a disservice to try to teach something I’m not good at (or have limited production experience with). That’s the same reason I never did IS-IS or MPLS videos. Let the folks with real world experience with those protocols teach them.
@@DarrellRoot Thanks darell for being straight on this. I meant, could you please help me with one such content by someone else's on VPN, I have a week of time to straighten my knowlegde on networking with regards to VPN, layer 4, OS in networking and then troubleshooting tools like telnet, curl, ping etc., I would like to know where can i go firstly on learning the VPN concepts. Your help is much appreciated, else, if you would suggest a personal hunt, I am up for it as well darrell.
Wanted to brush up on the net, and here you are - thank you - made a great overview!
You are welcome. Glad it was useful!
Thank you all for watching my BGP theory video. Over 55k views!
For those of you who use security access-lists, my latest project is "Network Mom ACL Analyzer", available in the MacOS 10.14+ App Store for only $10. It analyzes IPv4 and IPV6 Cisco IOS, IOS-XE, IOS-XR, NXOS, and ASA access-lists. It even supports Arista EOS. It finds errors (including the dreaded wildcard/netmask error) and finds lines which match a specific socket. It even finds "duplicate" ACL lines (earlier lines which are a strict superset of a later line). It also has a handy "generate random ACL" utility for each of the 9 ACL variants it supports.
If you support medium to large access-lists in production, you need a tool to tell you whether that new socket your app team is requesting is already permitted. You need a tool to flag netmask errors before they cause a security incident. The duplicate ACL detection will help you clean up your ACLs (or find lines so permissive they require remediation).
I posted a demo video: Network Mom ACL Analyzer Demo
This is my first comment on youtube. This was a great explantion. Thank you sir.
Nice information package about BGP. Summary of BGP: BGP enables communicatuon between AS despite their different IGPs. It has advanced filtering system. AS-pathlist is used to avoid loops. Uses TCP port 179. Only 4 message types and 6 protocol states. NLRI is simply about ip address and the prefix. eBGP is router communication between different AS. iBGP is router communication in the same AS (full mesh topology required). BGP attributes can be mandatory (origin, AS-path, next-hop), optional, or discretionary (local preference, atomic aggregate). Mandatory and discretionary must be known by every BGP router, optional may not be known. Mandatory are mandatory while others are not. Some BGP route decision examples. Some BGP route advertisement examples (happens always exactly once to each BGP router). For iBGPs, they all must be connected together in mesh for correct routing advertisement. Wrong BGP configuration can lead to blackholes. BGP expertise is rare because its configuration can have risky consequences.
I took a full course in my masters program on BGP and learned more from this video than in my course 😅. Thank you!
You are welcome and I'm glad it was useful. I'd love a link to the school / class catalog description that has a whole class on BGP.
Darrell, thank you so much for the clearest and the most understandable explanation I could find on YT. If only other teachers could learn from you!
You are welcome! I'm glad the video was useful.
Nice presentation
You did an amazing job. Thank you!
This is pure gold! Thanks for your content, Darrell
You are welcome! Glad it is useful. 😊
Excellent!!!
BGP just got simpler thanks to this video! Thank you!
Very Informative. Thank you so much.
still amazing content 6 yrs later :)
Really enjoyed the delivery of this and I struggle with the American accent.
Thank you!
You are welcome!
You have a gift and knowledge of explaining things. Great video, thank you a lot! Will check your other videos.
nice job explaining this. best video I've found so far on youtube
Thank you all for the positive comments. I've uploaded the slide decks for all my Cisco Hands On Training videos to the website for my latest project: networkmom.net/CiscoHandsOnTraining/ Incidentally, the new project is "Network Mom Availability", an easy-to-use network monitoring and availability/latency reporting tool for the Macintosh. Check it out!
Great video, learned a lot!!
I was trying to refresh myself on BGP. This is a great presentation. Nicely done!
Yes, Darrell, thank you for making BGP a simple protocol. :)
This video is BGP gold, thank you!
Thank you for making BGP from Scary protocol to Fairy protocol. Please share the link of your website to download the PDF.
Stay safe!
Thank you. Great video! 🙌
Oh finally one good short video after days of reading.
thanks for the refresher
I’ll admit I’ve watched this video as a refresher too. 😊
Outstanding video Darrell! Thank you for creating and posting...
Great video. I knew about some basics and idea of BGP, but not much in detail, like exact protocol messages and the rules for selcting paths. That made is so much nicer.
If somebody wants to learn and play, lets say using Quaga or BIRD, and they are not ISP, how could they start, even just connecting to some peer or two and receving paths (and not advertising anything, so maybe can use private ASN internally, like 65000, so even if you screw up, any advertistments will be rejected by any peer or other routers).
Very good presentation! Thanks a lot!
Very very helpful, thanks👍🏻👍🏻👍🏻
Woow you are great to explain technical concepts
Thanks very much for this videos.
Thank you so much.
at 37:58 I believe you mean to say, so as a result no loop in IBGP.
This was a damn good video. I'm working on my CCNP. Thanks!
Very simply explained. Thanks
Best Video, well explained!!!
Great intro vid! Thanks for making this. Looking forward to the config demo next.
who is here to learn BGP after recent facebook/whatsap/instgram service down incident?
Great explanation of the protocol!
Yes~ BGP is a simple protocol! :)
Great Introduction Darell. Good stuff.
Very nice Video. BGP basics explained in a very simple manner.
Very helpful video and clearly explained. Thank you!
Great presentation, Tks.
gr8 explanation ..Keep it up
This was Great! Thanks a Lot for explaining BGP!
Darrell, at 18:10 you describe the scenario where one eBGP session is lost due to the physical link going down. In this situation how do the routers inside AS65003 become aware of the fact that they should use the alternative route provided by the peer from AS65002. I was under the impression that once the BGP path selection is performed over two redundant paths, the routers will install the preferred BGP route in their routing table and keep using it. How do they manage to switch to the redundant path when the link goes down? Is this something that BGP handles for the routers automatically?
Thanks in advance.
awesome content!
Great video. Had some interesting insights into BGP, thanks!
Best explanation of BGP!
Great explanation. Thanks
Super Darrell. Thank you.
With iBGP when you mention full mesh. Do the routers need a physical full mesh connection or just a logical full mesh using the BGP peers?
Thank you for making this it's excellent.
teetech iBGP is a logical full mesh. In most cases those iBGP peers are configured loopback to loopback, and many routers in a typical iBGP autonomous system are not physically connected.
@@DarrellRoot Thank you! Now it makes more sense to me.
The best
Thank you, well explained. Gracias
BGP route decisions example 2, which decision is used? prefer better origin?
Subbed. Thank you!
Hi, In route decision process of example # 2, they choose the route with lowest next hop IP address, I think this one is wrong because normally IGP metric to the next hop is measured and if everything is OK then the IP address of the router ID is measured like the way you measured next hop IP address. Please correct me if I am wrong
You might be correct. "Prefer shortest path to eBGP next hop" is earlier in the route decision making list than the "prefer lowest BGP router ID". So if the IGP metric to next hop 10.1.4.4 is lower than the IGP metric to next hop 10.1.3.3, then the route to 10.1.4.4 will be preferred.
thank you.
I have one question regarding BGP route advertisement rules. what if there is no iBGP connection between the two routers having eBGP connection in your diagram? how will they forward the 10.35.3.0/24 route then, as according to rule no iBGP can forward route info to iBGP routers.
Lets call the 3 routers in AS 65003 "left", "right" and "bottom". If "left" and "right" do not have an iBGP connection, then "left" does not receive the BGP route for 10.35.3.0/24 and does not have it in its route table. If the "left" router then receives a packet destined for 10.35.3.7, it will try to figure out where to forward it based on its route table. It will look for the most specific route which includes 10.35.3.7. That will not be 10.35.3.0/24 (because our BGP is configured incorrectly), but there might be a more general route or a default route. If no route applies, and there is not a default route, then the packet will be dropped.
SuperExplanation!!!!! WGA!!!
10:25 “and the consequences of messing up with cab be global” hahahahahahaha
Yes. Last week's Facebook outage was not the first and will not the last major BGP-related outage. More recently, networks are improving their configuration consistency with automation, but a configuration error magnified with automation can consistently break things.
thanks a lot
Where can we get the PPT of this presentation?
thank you
Nice job bro, what is your website address need to download the pdf
Hi Darrell,
Is it possible to send me the presentation? I ll send you an invitation on LinkedIn
Ty and kind regards
Andrea
Slide decks are online at networkmom.net/CiscoHandsOnTraining/