Repeat after me, BGP is not scary

By Joe Neville, Blog Contributor
Share Post

Just a few years ago, BGP was seen as a routing protocol for service providers, most network engineers in Enterprise would have little exposure to it. BGP was just something on the WAN routers. Fast forward to 2016 and BGP in the data centre is being discussed like it is a given, just another option alongside OSPF. That is a major change in how the networking industry perceives BGP and one that some networkers maybe a little apprehensive about. Well I say feel the love and embrace change, but do take the time to learn the basics of BGP, it will pay off dividends in the future.

Now I'm one of those people that actually has a favourite routing protocol. RIP? Too slow. OSPF? Like an M.C. Escher diagram, looks simple until you look closer at the detail and have a 'dude, what???' moment. BGP, it's a pro of a protocol, so many attributes and features. It can be daunting at first, but once you start to tame that beast it can becomes like a trusty tool; dependable, knowable and satisfyingly tweakable.

So it came as a bit of a shock to me when, a few months ago, in conversation with @netmanchris, we were discussing OSPF versus BGP for spine-and-leaf design, and he was building his initial configs around OSPF. He dropped the line on me, 'well, a lot of data centre guys see BGP as scary'. Obviously I jumped to BGP's defence but that brief exchange really made me think about just how much of a change it is to go from a data centre built on spanning-tree and maybe a bit of OSPF, to Layer 3 throughout with BGP on your top of rack switches. For those that are feeling a little uneasy about this I'm afraid things are about to get turned up to 11, there is a very real prospective of BGP even further into the DC network, at the virtual machine level, oh and let's not forget even using BGP to control containers.

I cut my networking teeth working NetOps for a service provider, BGP was the norm, so all this is music to my ears. But I think Chris had a very valid point, and the industry as a whole is not exactly cognizant of the fact that a Layer 3 DC fabric is a big deal. Any NetOps process built primarily to deal with spanning-tree and stretched L2 is going to need a major rewrite, and that's not to mention the new skills that the Operations workforce are going to require. Forget Marvel's technicoloured also-rans, anyone that can fix a spanning-tree meltdown is a true superhero in my eyes. Keeping networks up and running is a stressful job, when the screen goes all shades of red and yellow it is experience and true understanding of the infrastructure that gets things back to green within SLA. Changing the fundamental protocols of the network should not be underestimated.

So what's the good news?

There are a number of benefits to BGP that I feel make it a good fit in the DC:

  • Knowable - BGP, to me at least, is much more predictable than other networking protocols. Sure, there are whole books filled with the rules, the configuration caveats, and the 'gotchas'. But at least the information is laid out there for you to learn, you just need to put the time in.
  • Trustworthy - BGP was originally built for networking between different autonomous systems in the real world i.e. different carriers, so there is an inherent lack of trust between you and your neighbours. Think about OSPF, you just need to put it on an interface and the protocol will happily build an adjacency, flooding the network with LSAs, creating one huge domain of link-state updates. BGP needs to be told who to peer with, you are in control from the outset.
  • Controllable – again flowing from the lack of trust, BGP filters prefixes like no other protocol. OSPF just doesn't come close to the granularity of control that you have over what you send, and receive, from a peer. An OSPF Link-State Database is like reading an old telephone directory, 'here's everyone in the whole city', a BGP table is like your whatsapp contact list, only those you want to talk to are in there.

If you are reading this and you've never configured BGP, or you're a little hazy about the Path decision process, here a list of suggestions for how to go deep:

  • Get some hands-on: The vast majority of HPE Comware devices that run Layer 3 support a full suite of BGP.

If you do not have access to hardware, and who does have that luxury nowadays, fear not. HPE's Virtual Services Router, the VSR1000, can be run as an OVA appliance in virtualbox or VMware workstation, you can download and run it for free. Fire up a number of VSRs and build a BGP spine-and-leaf. It is actually pretty easy. Find out more here.

Another very interesting option is to use the open source Network Operating System, Openswitch that runs, you've guessed it, BGP. More information here.

Learn the basics:

Config guides are your friend. If you're looking at BGP on the VSR there is a full writeup in the VSR's 'IP Routing Configuration Guide'.

OSPF may seem like an easier routing protocol to get to grips with at first but BGP offers unparalleled control and scale, it is a perfect fit for todays' L3 data centre fabrics, it doesn't need to be 'scary'. Just take the time to understand the basics and do not underestimate what a major change having this L3 protocol, or any other, in the data centre is.

Well that's just my opinion. Agree? Disagree? Part of the OSPF fanclub? Want to start an East Coast/West Coast style beef and call out my boy, BGP? Feel free to hit me back with a comment.