{"id":356,"date":"2020-04-06T08:15:45","date_gmt":"2020-04-06T06:15:45","guid":{"rendered":"http:\/\/tech.sosthe.sk\/?p=356"},"modified":"2020-04-06T22:44:47","modified_gmt":"2020-04-06T20:44:47","slug":"4-7-smerovaci-protokol-medzi-autonomnymi-systemami-bgp","status":"publish","type":"post","link":"http:\/\/tech.sosthe.sk\/index.php\/2020\/04\/06\/4-7-smerovaci-protokol-medzi-autonomnymi-systemami-bgp\/","title":{"rendered":"4.14. Smerovac\u00ed protokol medzi auton\u00f3mnymi syst\u00e9mami: BGP"},"content":{"rendered":"<p><strong>BGP: Border gateway protocol, verzia 4<\/strong>,\u00a0<a href=\"http:\/\/www.ietf.org\/rfc\/rfc4271.txt\">RFC 4271<\/a>,\u00a0<a href=\"http:\/\/www.ietf.org\/rfc\/rfc1772.txt\">RFC 1772<\/a>,\u00a0<a href=\"http:\/\/www.ietf.org\/rfc\/rfc1773.txt\">RFC 1773<\/a><\/p>\n<p>BGP je medzi-AS smerovac\u00ed protokol, ktor\u00fd je v s\u00fa\u010dasnosti de facto \u0161tandardom v dne\u0161nom internete. BGP poskytuje ka\u017ed\u00e9mu AS:<\/p>\n<ul>\n<li>z\u00edskanie inform\u00e1ci\u00ed o dostupnosti siet\u00ed od susedn\u00fdch AS,<\/li>\n<li>prenos t\u00fdchto inform\u00e1ci\u00ed ku v\u0161etk\u00fdm routrom vn\u00fatri AS,<\/li>\n<li>zistenie \u201edobr\u00fdch\u201c ciest k sie\u0165am na z\u00e1klade inform\u00e1ci\u00ed o dostupnosti siete a politiky riadenia AS,<\/li>\n<li>zasielanie inform\u00e1ci\u00ed o dostupnosti svojich siet\u00ed zvy\u0161ku internetu \u2013 t\u00e1to vlastnos\u0165 je k\u013e\u00fa\u010dov\u00e1, inak by vznikali izolovan\u00e9 skupiny siet\u00ed, ktor\u00e9 by o sebe navz\u00e1jom nevedeli.<\/li>\n<\/ul>\n<p>BGP je ve\u013emi zlo\u017eit\u00fd protokol. Ke\u010f\u017ee v\u0161ak ide o d\u00f4le\u017eit\u00fd protokol, ktor\u00fd sp\u00e1ja cel\u00fd internet, pozrieme sa aspo\u0148 na k\u013e\u00fa\u010dov\u00e9 s\u00fa\u010dasti protokolu a ich funkciu.<\/p>\n<p>BGP spr\u00e1vy s\u00fa pren\u00e1\u0161an\u00e9 cez TCP spojenia na porte 179. Tieto spojenia obvykle zodpovedaj\u00fa fyzick\u00fdm spojeniam, \u0161peci\u00e1lne to plat\u00ed pre spojenia br\u00e1n medzi r\u00f4znymi AS. Cez tieto spojenia sa susedn\u00e9 AS informuj\u00fa o dostupnosti siet\u00ed. Ke\u010f niektor\u00fd AS informuje o dostupnosti siete, vyjadruje t\u00fdm aj pr\u00eds\u013eub, \u017ee ak dostane datagramy ur\u010den\u00e9 pre t\u00fato sie\u0165, tak ich aj k tejto sieti nasmeruje. Ak sa napr\u00edklad AS1 nau\u010d\u00ed, \u017ee sie\u0165\u00a0<strong>X<\/strong>\u00a0je dostupn\u00e1 cez AS2, tak m\u00f4\u017ee v\u0161etky datagramy pre sie\u0165\u00a0<strong>X<\/strong>\u00a0posiela\u0165 cez AS2. Ak sa br\u00e1na v AS1 dozvie inform\u00e1ciu o dostupnosti siete\u00a0<strong>X<\/strong>, tak cez BGP spojenia vn\u00fatri AS1 m\u00f4\u017ee t\u00fato inform\u00e1ciu odovzda\u0165 v\u0161etk\u00fdm routrom vn\u00fatri AS1. Ke\u010f sa routre v AS1 dozvedia t\u00fato spr\u00e1vu, prisp\u00f4sobia si svoje smerovacie tabu\u013eky aj za pomoci inform\u00e1ci\u00ed od smerovacieho protokolu vn\u00fatri-AS. Jednotliv\u00e9 AS si medzi sebou vymie\u0148aj\u00fa v BGP spr\u00e1vach cel\u00e9 zoznamy dostupn\u00fdch siet\u00ed.<\/p>\n<p>AS1 sa tie\u017e m\u00f4\u017ee rozhodn\u00fa\u0165, \u017ee povie AS3, \u017ee sie\u0165\u00a0<strong>X<\/strong>\u00a0je dostupn\u00e1 cez AS1. Toto rozhodnutie je \u010dasto rie\u0161en\u00e9 v politike smerovania, ktor\u00e1 je \u010dasto riaden\u00e1 vz\u0165ahmi provider-z\u00e1kazn\u00edk alebo dohodami medzi jednotliv\u00fdmi providermi medzi sebou. Napr\u00edklad ak AS1 je z\u00e1kazn\u00edkom AS2 a AS3, tak nem\u00e1 z\u00e1ujem na tom, aby pre nich smeroval cudziu komunik\u00e1ciu cez seba.<\/p>\n<p>Ka\u017ed\u00fd AS m\u00e1 svoje jedine\u010dn\u00e9 \u010d\u00edslo zvan\u00e9 ASN: autonomous system number (<a href=\"http:\/\/www.ietf.org\/rfc\/rfc1930.txt\">RFC 1930<\/a>), ktor\u00e9 je pride\u013eovan\u00e9 organiz\u00e1ciou\u00a0<a href=\"http:\/\/www.iana.org\/assignments\/as-numbers\/\">IANA<\/a>\u00a0(niektor\u00e9 AS ani nemusia ma\u0165 svoje \u010d\u00edslo, ak neposkytuj\u00fa smerovanie cudz\u00edch siet\u00ed in\u00fdm AS).<\/p>\n<p>V BGP spr\u00e1vach okrem zoznamov dostupn\u00fdch siet\u00ed s\u00fa aj \u010fal\u0161ie atrib\u00faty. Dva z najd\u00f4le\u017eitej\u0161\u00edch s\u00fa AS-PATH a NEXT-HOP. AS-PATH obsahuje postupnos\u0165 \u010d\u00edsiel ASN, cez ktor\u00e9 bud\u00fa smerovan\u00e9 datagramy pre dan\u00fa sie\u0165. Ke\u010f stanica preposiela inform\u00e1ciu o dostupnosti pre in\u00e9 AS, prid\u00e1 svoje ASN na koniec AS-PATH. T\u00e1to inform\u00e1cia sa pou\u017e\u00edva na zabr\u00e1nenie cyklick\u00fdm smerovaniam, ale aj na v\u00fdber vhodnej\u0161ej cesty v pr\u00edpade viacer\u00fdch mo\u017enost\u00ed smerovania k danej sieti.<\/p>\n<p>NEXT-HOP je atrib\u00fat, ktor\u00fd obsahuje IP adresu rozhrania br\u00e1ny, cez ktor\u00e9 je potrebn\u00e9 smerova\u0165 datagramy pre cie\u013eov\u00fa sie\u0165\u00a0<strong>X<\/strong>. Napr\u00edklad, v pr\u00edpade, \u017ee BGP spr\u00e1va prich\u00e1dza z br\u00e1ny 2a z AS2 do br\u00e1ny 1b v AS1. NEXT-HOP obsahuje IP adresu rozhrania br\u00e1ny 2a, na ktor\u00e9 je napojen\u00e1 br\u00e1na 1b. Br\u00e1na 1b, na z\u00e1klade importnej politiky, m\u00f4\u017ee informova\u0165 o dostupnosti siete\u00a0<strong>X<\/strong>\u00a0v\u0161etky routre vo vn\u00fatri AS1 cez vn\u00fatorn\u00e9 BGP spr\u00e1vy. V tom pr\u00edpade bude NEXT-HOP obsahova\u0165 niektor\u00fa IP adresu rozhrania br\u00e1ny 1b vo vn\u00fatri AS1. T\u00fato adresu pou\u017eij\u00fa vn\u00fatorn\u00e9 routre v AS1 na ur\u010denie rozhrania, cez ktor\u00e9 maj\u00fa posiela\u0165 datagramy pre sie\u0165\u00a0<strong>X<\/strong>\u00a0cez 1b.<\/p>\n<p>Ak sa AS nau\u010d\u00ed viac smerov k rovnakej sieti, m\u00f4\u017ee sa rozhodn\u00fa\u0165 pre vyl\u00fa\u010denie jedn\u00e9ho zo smerov. M\u00f4\u017ee na to pou\u017ei\u0165 politiku smerovania, ktor\u00e1 je ovplyv\u0148ovan\u00e1 administr\u00e1torsk\u00fdmi, ale \u010dasto aj mana\u017e\u00e9rskymi rozhodnutiami (napr\u00edklad, ak AS je napojen\u00fd na viacer\u00fdch providerov, a nie v\u0161etci po\u017eaduj\u00fa rovnak\u00fa cenu za prenesen\u00e9 d\u00e1ta, alebo m\u00f4\u017ee \u00eds\u0165 o vyhranenie niektor\u00fdch spojen\u00ed iba pre (mana\u017e\u00e9rsky) prioritn\u00e9 slu\u017eby). Ak politika smerovania neur\u010d\u00ed, ktor\u00fd zo smerov m\u00e1 by\u0165 vyl\u00fa\u010den\u00fd, m\u00f4\u017ee by\u0165 niektor\u00fd smer vyl\u00fa\u010den\u00fd na z\u00e1klade d\u013a\u017eky AS-PATH. Ak si chceme zachova\u0165 obe spojenia, m\u00f4\u017eeme necha\u0165 v\u00fdber cesty na smerovac\u00ed protokol vn\u00fatri-AS (hot potato routing). Ak st\u00e1le ostan\u00fa dve alternat\u00edvne cesty s rovnakou cenou, daj\u00fa sa pou\u017ei\u0165 aj \u010fal\u0161ie BGP identifik\u00e1tory na v\u00fdber optim\u00e1lnej cesty. Krit\u00e9ri\u00e1 na v\u00fdber ciest m\u00f4\u017eu by\u0165 aj ve\u013emi komplikovan\u00e9, ale tomu sa u\u017e venova\u0165 nebudeme.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>BGP: Border gateway protocol, verzia 4,\u00a0RFC 4271,\u00a0RFC 1772,\u00a0RFC 1773 BGP je medzi-AS smerovac\u00ed protokol, ktor\u00fd je v s\u00fa\u010dasnosti de facto \u0161tandardom v dne\u0161nom internete. BGP&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"_links":{"self":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/posts\/356"}],"collection":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/comments?post=356"}],"version-history":[{"count":2,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/posts\/356\/revisions"}],"predecessor-version":[{"id":538,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/posts\/356\/revisions\/538"}],"wp:attachment":[{"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/media?parent=356"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/categories?post=356"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/tech.sosthe.sk\/index.php\/wp-json\/wp\/v2\/tags?post=356"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}