BGP mulihoming

tomek0001 · ‎06-25-2008

Hello,

Trying to setup eBGP with two providers. I would like to use one for primary internet access and the other one to primarily only reach networks part of the second peer. For example only access Comcast users using Comcast peering.

Normal

So peer A internet in and out

peer B only their network

Failure

if peer A fails use peer b for both b's network and internet and vise versa with peer B.

Here is my question. If peer B and A are also peering with let's say peer G (exp google), how can we make peer G use peer A instead of peer B? G will have the same number of AS to reach the us. Is there a way to influence the routing decisions through bgp of not only my peers but their peers also?

thank you,

hope that made sense :)

hennigan · ‎06-25-2008

For the traffic you send, there are any of several BGP knobs that you can use locally to influence your outbound traffic. A route-map setting local-pref lower for routes not ending in the second peer's AS for example. Or you could ask peer B to just send you customer routes and a default, de-preference the default.

For traffic you receive, it gets a bit trickier. If you prepend to peer B, then they may prefer to go "around the horn" and deliver direct traffic to you via peer A.

The best way to control this is with communities. Many transit providers offer the ability for you to send a BGP community with your advertisements that will influence how they advertise your announcement to their peers, either with prepends or via local-pref or both. Contact peer B and see if this is an option. A list of common communities is here:

http://www.onesc.net/communities/

Keep in mind in your configuration that when you tweak bgp *IN* on a neighbor, you are influencing how traffic will flow *OUT* to that neighbor and vice-versa. This can be hard to grasp when you're getting started with BGP. Manipulating what you accept IN from a neighbor determines how your router sees that view of the Internet in terms of what it sends OUT. What you send OUT to a neighbor determines how that neighbor and its peers view you in terms of what is sent IN to you.

tomek0001 · ‎06-26-2008

Thank you for the response. I was going to have our peer just set the local-preference but using communities might make a lot more sense.

Thank you for a great response.

tomek0001 · ‎06-26-2008

I have one more question regarding this configuration. We use peer B to provide us internet access at remote offices with VPN tunnels to data centers.

In a normal condition:

we would like to use peer B to only access the vpn tunnel. Use peer A for internet access to & from the data center.

In a failure condition (peer A fails)

We would like to provide the data center internet access using peer B.

In a failure condition (peer B fails)

We would like to have the vpn tunnels use peer A to route traffic to and from remote offices.

The problem is if I prepend the route advertised to peer B 3 times, there could be a situation where another AS (let's say AS Q) is 4 hops away from us using B while it is 6 hops away from us using peer A. If the peer B is configured with a local-preference to go directly to us, anything entering peer B would traverse it and access us using them and we would like to keep that traffic only for vpn tunnels in a normal situation.

How do I make traffic that is originating from peer B only access use directly while anything else go to peer A?

Thank you in advance for your help.