02-04-2008 08:04 AM - edited 03-03-2019 08:33 PM
Hello Experts,
A client has a BGP load balancing issue. They are multihomed to different providers, and use route-maps matching as-paths to allow routes from specified ASs in, as follows (details altered to protect identities):
ISP1
neighbor 1.1.1.1 remote-as 111
neighbor 1.1.1.1 route-map allow-from-isp1 in
ISP2
neighbor 2.2.2.2 remote-as 222
neighbor 2.2.2.2 route-map allow-from-isp2 in
route-map allow-from-isp1 permit 10
match as-path 11
route-map allow-from-isp2 permit 10
match as-path 22
ip as-path access-list 11 permit _111_[0-9]*
ip as-path access-list 11 permit _112_[0-9]*
ip as-path access-list 11 permit _113_[0-9]*
ip as-path access-list 11 permit _111_[0-9]*_[0-9]*$
ip as-path access-list 11 permit _111_[0-9]*_[0-9]*_[0-9]*$
ip as-path access-list 22 permit _221_[0-9]*
ip as-path access-list 22 permit _222_[0-9]*
ip as-path access-list 22 permit _223_[0-9]*
ip as-path access-list 22 permit _222_[0-9]*_[0-9]*$
ip as-path access-list 22 permit _222_[0-9]*_[0-9]*_[0-9]*$
(in reality there are more entries in the as-path list)
ip route 0.0.0.0 0.0.0.0 FastEthernet2/0 200 (this is connected to ISP1)
I would consider this set up to be partial routing with a primary default route(??). The questions that I have are as follows:
1) A disproportionaly large amount of traffic is being sent to ISP1 (incoming is roughly equal). I think that this is because of the default route, even though the routing table has hundreds of routes in it - do you think this is likely? If not, what would be a more likely cause?
2) It's my understanding that this solution doesn't offer any redundancy - for instance, if peering with ISP2 is lost, these routes would not be permitted via access-list 11 to be advertised to the router and installed in the r-t. Is this correct?
Your help would be most appreciated.
Thanks,
J
02-04-2008 08:55 AM
I would change the default route to point to the next-hop IP address instead of the broadcast interface fa2/0 to avoid unnecessary ARP and memory utilization.
Question for you is what routes are advertised from ISP1 and ISP2. Do both ISP's advertise partial + default route?
The route-maps used for this client appears to be customizing outbound traffic to use ISP1 for certain prefixes, ISP2 for certain prefixes, and ISP1 as the primary ISP for all other prefixes.
02-05-2008 10:08 AM
Thank you for your response! I will be working on it this week and will let you know how I get on!
02-05-2008 01:17 PM
one thing to check is the announcement.
sh ip bgp neigh
Do this for both peering sessions to see what you are announcing outbound. If you you see that you are announcing the same IP block out then you are set for redundancy for inbound traffic. Traffic coming in will be determined by the routing rules in BGP.
02-06-2008 11:05 PM
Hi,
Higher o/g traffic to ISP1 is due to two reasons: 1> Default route pointing to ISP1, 2> Genuinely higher need to access destination n/ws accepted from ISP1 as compared to ISP2.
Regarding redundancy, you can config floating default route pointing to ISP2 (with higher AD), so that incase of ISP1 down, traffic can go via backup route to ISP2.
Rgds,
Dhiren Shah
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: