The bgp multi exit discriminator is a non-transitive, optional attribute designed to influence the entry point into a local autonomous system from an external neighbor. While attributes like Local Preference dictate how traffic exits a network, the MED provides a metric to external peers to signal which path is preferred for inbound traffic flows. This mechanism is critical in multi-homed environments where redundant connections to a single service provider exist. By assigning a numerical value to different exit points, a network architect can direct traffic toward high-bandwidth links or lower-latency paths; consequently, this reduces the risk of packet-loss and optimizes the overall throughput of the infrastructure.
In a standard BGP best-path selection process, the MED is evaluated after Weight, Local Preference, Locally Originated routes, and AS-Path length. Because it is non-transitive, the metric does not propagate beyond the receiving autonomous system. This containment ensures that traffic engineering remains localized between two adjacent peers. The problem MED solves is the “hot-potato” routing dilemma where a provider might otherwise dump traffic into the nearest exit point to its own network regardless of the destination internal efficiency. By utilizing the bgp multi exit discriminator, the destination network regains control over its ingress traffic distribution across multiple physical or logical interfaces.
Technical Specifications
| Requirement | Default Port/Operating Range | Protocol/Standard | Impact Level (1-10) | Recommended Resources |
| :— | :— | :— | :— | :— |
| BGP Neighbor Adjacency | TCP Port 179 | RFC 4271 (BGP-4) | 8 | 1 vCPU / 2GB RAM per 100k routes |
| Route Map Support | N/A | IEEE 802.3 / IETF BGP | 7 | High-speed Control Plane CPU |
| Deterministic MED Logic | Software Dependent | Vendor Proprietary / IETF | 6 | Minimum 4GB ECC Memory |
| Non-Transitive Prop. | Metric: 0 to 2^32-1 | BGP Optional Attribute | 5 | Low-latency Backplane |
The Configuration Protocol
Environment Prerequisites:
Successful implementation of the bgp multi exit discriminator requires a functional BGP environment using BGP-4. The operating system, whether it is Cisco IOS-XE, Juniper JunoS, or a Linux-based suite like FRRouting, must support route-map or policy-statement structures. Minimum version requirements include Cisco IOS 12.2 or higher; Juniper JunoS 10.0 or higher; or Linux Kernel 4.x for efficient throughput and payload processing. Users must possess administrative or “level 15” privileges to modify the routing process and interact with the kernel-level forwarding tables.
Section A: Implementation Logic:
The engineering theory behind MED involves influencing the decision-making process of a neighbor AS. When a router receives multiple advertisements for the same prefix from different exit points of a single neighbor AS, it compares the MED values. A lower MED value is always preferred. Unlike Local Preference, which is shared across the entire local AS via iBGP, MED is typically passed from an AS to its neighbor to affect how that neighbor talks back.
From a system architecture perspective, the deployment is idempotent; applying the same MED value repeatedly will not change the state beyond the initial convergence. However, it is vital to understand that MED comparison by default only occurs between paths from the same autonomous system. If a router receives advertisements from two different ASNs for the same prefix, it ignores the MED unless the “always-compare-med” command is enabled. This protects the network from erratic routing behavior caused by inconsistent metric scales across different providers.
Step-By-Step Execution
1. Access the Network Configuration Terminal
Navigate to the global configuration mode of the routing engine to begin the policy definition.
System Note: On Linux systems, this involves entering the vtysh shell or editing the bgpd.conf file. This action initiates a lock on the configuration database to prevent concurrency conflicts during the write cycle.
2. Define the Prefix List for Targeted Optimization
Identify the specific network blocks that require ingress traffic engineering by creating a prefix list.
ip prefix-list INGRESS_PATH seq 10 permit 192.168.10.0/24
System Note: The routing engine hashes prefix lists for rapid lookup. This ensures that even under high throughput conditions, the filtering process does not introduce significant latency to the control plane.
3. Construct the Route-Map to Set the MED Attribute
Create a route-map that matches the prefix list and assigns the desired Multi-Exit Discriminator value.
route-map SET_MED_LOW permit 10
match ip address prefix-list INGRESS_PATH
set metric 100
System Note: The set metric command directly modifies the BGP attribute field in the routing update packet. When the BGP process generates the next update, it recalculates the overhead and attaches the 32-bit MED value to the NLRI (Network Layer Reachability Information).
4. Apply the Route-Map to the BGP Neighbor
Bind the policy to an eBGP neighbor in the outbound direction to influence their inbound path selection.
router bgp 65001
neighbor 203.0.113.1 route-map SET_MED_LOW out
System Note: Applying the route-map triggers a soft reconfiguration if supported. The BGP daemon scans the Loc-RIB and generates new BGP Update messages. This activity involves the systemctl managed routing service pushing updates to the kernel’s Forwarding Information Base (FIB).
5. Verify the Attribute Propagation
Check the BGP table for the neighbor to ensure the metric is correctly advertised.
show ip bgp neighbors 203.0.113.1 advertised-routes
System Note: This command queries the Outbound Routing Information Base (Adj-RIB-Out). The administrator should verify that the metric column shows “100” for the 192.168.10.0/24 prefix. Monitoring tools like snmpwalk or logic-controllers can also be used to pull these metrics into a centralized dashboard.
Section B: Dependency Fault-Lines:
One significant bottleneck in MED logic is the “Deterministic MED” conflict. If three paths exist for the same prefix and they are received in a specific order, the result of the best-path selection can vary depending on which paths are compared first. This can lead to routing loops or non-deterministic behavior. To resolve this, always enable bgp deterministic-med.
Another dependency is the interaction with the signal-attenuation of physical links. If MED is used to prefer a link that is experiencing high packet-loss or physical layer errors, the bgp multi exit discriminator will still faithfully direct traffic into that failing pipe unless the route is withdrawn by an automated SLA monitor. Libratory conflicts often arise in software-defined networking (SDN) where the underlying encapsulation (like VXLAN) might strip BGP attributes if the Virtual Tunnel End Point (VTEP) is not configured to preserve them.
THE TROUBLESHOOTING MATRIX
Section C: Logs & Debugging:
When the expected traffic flow does not align with the configured MED, the first step is analyzing the BGP update logs. Access the logs usually located at /var/log/quagga/bgpd.log or via the command debug ip bgp updates. Search for the specific prefix and look for the “METRIC” or “MED” attribute in the hexadecimal dump of the update packet.
Error “MED comparison skipped” often occurs when the paths come from different ASNs. Verify if the global command bgp always-compare-med is present in the configuration. If the router is a Cisco device, the command show ip bgp 192.168.10.0/24 provides a detailed breakdown of why one path was chosen over another. If MED is ignored, the log will show “longer AS path” or “higher Local Pref” preceding the MED evaluation in the hierarchy. Physical fault codes on interfaces (e.g., CRC errors on a fluke-multimeter or interface flaps in dmesg) will override MED logic by forcing a link down, which removes the route from the RIB entirely.
OPTIMIZATION & HARDENING
To achieve maximum thermal-inertia and efficiency in the routing engine, avoid frequent MED changes. Rapidly flapping MED values can cause CPU spikes as the BGP process must constantly re-run the best-path algorithm for the entire table. Implementing BGP Route Dampening can mitigate the impact of unstable metrics.
For security hardening, use prefix-list filtering to ensure that you are only setting MED for owned prefixes. This prevents an intentional or accidental misconfiguration from leaking metrics for the full internet routing table, which could lead to severe latency for global traffic. Additionally, apply TCP-AO or MD5 authentication on the BGP session to prevent unauthorized parties from injecting routes with spoofed MED values that could hijack traffic patterns.
Scaling logic dictates that in a large service provider environment, MED should be standardized across the whole backbone. By using BGP Communities to map to MED values, an architect can create a more scalable policy. For instance, a community of “65001:100” could be translated at the edge to a MED of 100. This centralizes control and ensures consistency as the network grows to encompass hundreds of peering points.
THE ADMIN DESK
How does MED differ from Local Preference?
Local Preference is internal to your AS and influences outbound traffic. MED is sent to external neighbors to influence their inbound traffic. Local Preference is evaluated much earlier in the BGP best-path selection process.
Why is my neighbor ignoring the MED I set?
The neighbor may have a “route-map” that overwrites your metric upon receipt. Additionally, if the neighbor’s Best Path algorithm reaches a decision based on AS-Path length or Local Preference first, the MED value is never considered.
What happens if I don’t set a MED value?
By default, most implementations treat a missing MED as a metric of 0. However, some older standards treat a missing MED as the maximum possible value (4,294,967,295). This inconsistency makes explicit configuration essential.
Can MED be passed across multiple ASNs?
No; MED is a non-transitive attribute. When an AS receives a route with a MED value and passes that route to another neighbor, the MED is reset to 0 or stripped entirely to prevent global traffic manipulation.
Does bgp deterministic-med affect performance?
In very large tables, it slightly increases CPU utilization during convergence because it requires a more complex comparison of the path list. However, it is necessary for maintaining a stable and predictable routing table.
